HTTP Error 500.0 on StaticFile when using custom identity for AppPool

Question

I have an MVC4 web application deployed on a Windows 2012 R2 server with IIS 8.5. I configured the Application Pool to run with a custom domain account because the web application needs to call another webservice on the network with Windows authentication enabled.

When i try to reach the page from my browser, i get many "error 500" for my .css, .js files. When i try to browse directly to one of these files, i get an "HTTP Error 500.0 - Internal Server Error" page displayed instead of the content of the script or css. I tried with a simple .txt file, and i get the same error.

Detailed Error Information:

• Module : IIS Web Core
• Notification : AuthenticateRequest
• Handler : StaticFile
• Error Code : 0x80070542
• Requested URL : http://{hostname}:8082/test.txt
• Physical Path : C:\inetpub\wwwroot\aaa\test.txt
• Logon Method : Negotiate
• Logon User : {DomainName}\{MyUserLogin}

On the server i gave full NTFS permissions to "Everyone" for the entire C:\inetpub\wwwroot\aaa folder and child folders.

I made the account running the Application Pool part of the local "Administrators" group. It does not change anything, i still get the same error message.

However, if i open the web page directly from the server with localhost, everything works fine.

So i am running out of ideas here. Any suggestions ?

Thanks !

Answer 1

I found the answer to my issue (identical but with Logon Method: Anonymous instead) over here: Unauthorized access error to html pages in IIS 7.0

Essentially: "After some struggles I found out that in IIS manager->My Site->Authentication->Anonymous Authentication->Edit the identity used for anonymous authentication was set to a specific user by default (IUSR). Setting it to use the application pool identity fixed it for me"

Answer 2

this works for me as well in IIS 10. thank you!

btw, I also found the other solution from https://serverfault.com/questions/50160/500-error-when-using-custom-account-for-application-pool-in-iis-7 "Worked for me thanks! But in addition here is how to do it step by step for dummies like me: Start > Local > Security Policy > Local Policies > User rights Assignment > Impersonate a client after authentication > Add User or Group... > Select IIS_IUSRS – Wowe" I couldn't try this alternative due to no permission