In IIS 7.5 there is a "Connect as" option under basic settings, for the application. What is this? Why was this feature introduced? Will it override the application pool identity or the other way around?
An application pool identity allows you to run an application pool under a unique account without having to create and manage domain or local accounts. The name of the application pool account corresponds to the name of the application pool.
Application pools in Internet Information Services (IIS) is a mechanism designed to comprise a group of web applications corresponding to one or more worker processes (w3wp.exe) sharing a common configuration.
An application pool defines a group of one or more worker processes, configured with common settings that serve requests to one or more applications that are assigned to that application pool.
The same question was asked and answered here. Check it out. Basically:
The two accounts are different things. Think of the website identity representing the user of the site. If you create a new website this account is the anonymous IIS account. If you disable "Anonymous Authentication", your users will have to authenticate against the website (in a intranet/Windows domain site this could be implicite using the network credentials.)
The application pool identity is the Windows account needed for running your assemblies. Normally it is the "Network Service" account which is a least privileged account with limited user rights and permissions. It does have network credentials. This means that you can use it to authenticate against network resources in a domain. You can also use it to access a SQL Server database with integrated security.
For example, if your ASP.NET application has to write to a folder, you have to grant the permission to the application pool account, not to the website account.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With