Use PowerShell to Create AppPool does not set AppPool Identity

Question

I am attempting to use PowerShell to create an Application Pool in IIS. After searching the web, I created the following test script:

Import-Module WebAdministration

$siteName = "TestAppPool"
$userAccountName = "Domain\UserName"
$userAccountPassword = "MyPassword"

if(!(Test-Path ("IIS:\AppPools\" + $siteName)))
{
     $appPool = New-Item ("IIS:\AppPools\" + $siteName)

     #Display Default AppPool Settings
     "AppPool = " + $appPool
     "UserName = " + $appPool.processModel.userName
     "Password = " + $appPool.processModel.password
     "Runtime = " + $appPool.managedRuntimeVersion
     
     $appPool.processModel.userName = $userAccountName
     $appPool.processModel.password = $userAccountPassword
     $appPool.managedRuntimeVersion = "v4.0"
     $appPool | Set-Item

     #Display Updated AppPool Settings
     "AppPool = " +$appPool
     "UserName = " + $appPool.processModel.userName
     "Password = " + $appPool.processModel.password
     "Runtime = " + $appPool.managedRuntimeVersion
}

When I run the script, the user name and password are not updated to the values I set.

Here are the results from the two print blocks

#Display Default AppPool Settings
AppPool = Microsoft.IIs.PowerShell.Framework.ConfigurationElement
UserName = 
Password = 
Runtime = v2.0

#Display Updated AppPool Settings
AppPool = Microsoft.IIs.PowerShell.Framework.ConfigurationElement
UserName = 
Password = 
Runtime = v2.0

Looking in IIS, the Application Pool shows the .Net Framework was updated, yet the Identity is still set to ApplicationPoolIdentity. It should be Domain\UserName.

I'm an admin on the machine, and I am running PowerShell in Administrator mode. Any ideas as to what I may be missing to get this to work?

Answer 1

You will need to change the Process Model identity type to accept a user account instead of the default ApplicationPoolIdentity and this can be done as follows:

Set-ItemProperty -Path IIS:\AppPools\TestAppPool -Name processmodel.identityType -Value 3
Set-ItemProperty -Path IIS:\AppPools\TestAppPool -Name processmodel.userName -Value Domain\UserName
Set-ItemProperty -Path IIS:\AppPools\TestAppPool -Name processmodel.password -Value MyPassword

I hope this helps.

Answer 2

I came across this after needing to set the appPool to NetworkService and for anyone else needing to do this, here is the syntax for IIS 7.5 to set your appPool to NetworkService

$pool = get-item("IIS:\AppPools\YOURAPPPOOLNAME");
$pool | Set-ItemProperty -Name "ProcessModel.IdentityType" -Value 2

Note: In IIS 7.5, NetworkService was switched from value 3 to value 2.

More information about Process Model can be found here: http://www.iis.net/configreference/system.applicationhost/applicationpools/add/processmodel