Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

IIS App Pool Identity vs. Windows Account

What are the pro's and con's of using the built in App Pool Identity in IIS as opposed to specifying a Windows account?

For SQL Server if you want to connect from a .Net application using Windows Authentication I presume that if I use an App Pool Identity, I must associate this with a user in SQL Server or give that App Pool Identity access to by db?

Are App Pool Identities just added as convenience so that you dont have to set up accounts for your App Pools?

like image 401
Remotec Avatar asked Jul 03 '12 11:07

Remotec


1 Answers

The built in account used is specific to the computer. If applications inside the app pool need to connect to other resources on the network (database servers, file shares, etc) then using a (windows) domain account may be a better option. When you specify a domain account you must ensure they have the correct file permissions set on the physical folders that IIS is using. In later operating systems - you can add this account to the IIS_IUSRS group to achieve the default permissions.

like image 126
tsells Avatar answered Oct 16 '22 12:10

tsells