Menu
I'm trying to create an Application Pool in IIS7 using PowerShell. I want this to run under the NetworkService account but currently this appears to try and set itself as an 'Other' user on the Application Pool rather than being recognised as a built-in account.
My PS looks like this currently:
Set-ItemProperty $iisAppPoolDir -name processModel -value @{userName="NetworkService";identitytype=3}
Now this usually should also have the password="*****"; field available to allow me to create the application pool and have the user log in. I've left this out, hoping it would be identifiable, but it's not worked.
Any help appreciated!
576
If the "AppPoolIdentity" identity type is selected (the default on Windows 7 and Windows Server 2008 R2, and later), IIS will run worker processes as the application pool identity. With every other identity type, the security identifier will only be injected into the access token of the process.
The Get-IISAppPool cmdlet gets information about application pools and their current status and other key information. If a specific application pool or a comma delimited list of application pools are requested, only those whose names are passed as an argument are returned.
Gets configuration information for an IIS Application Pool. The Get-IISAppPool cmdlet gets information about application pools and their current status and other key information. If a specific application pool or a comma delimited list of application pools are requested, only those whose names are passed as an argument are returned.
Application Pool Identity Accounts. Worker processes in IIS 6.0 and in IIS 7 run as Network Service by default. Network Service is a built-in Windows identity. It doesn't require a password and has only user privileges; that is, it is relatively low-privileged.
Network Service is its own identityType, so you would not set a username at all, and instead set the identityType to 2, like this:
Set-ItemProperty IIS:\AppPools\MyAppPool -name processModel.identityType -value 2
This will set the identity to Network Service.
The identityType values are documented on the IIS website.
101
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
