IIS7.5 Domain Account Application Pool Identity for SQL Server Authentication

Posted by Gareth Hill on Server Fault See other posts from Server Fault or by Gareth Hill
Published on 2010-03-24T14:47:03Z Indexed on 2010/03/24 14:53 UTC
Read the original article Hit count: 1701

Filed under:

iis7.5

|

application-pools

|

active-directory

|

windows-server-2008-r2

In Windows Server 2003/IIS6 land we typically create an app pool that runs as the identity of an AD account created with minimal privileges simply for that purpose. This same domain user would also be granted access to SQL Server so that any ASP.NET application in that app pool would be able to connect to SQL Server with Integrated Security=SSPI.

We are making a brave move to the world of Windows Server 2008 R2/IIS7.5 and are looking to replicate this model, but I am struggling with how to make the application pool in IIS7.5 run as the identity of an AD account? I know this sounds simple and hopefully it is, but my attempts so far have been fruitless.

Should the application pool identity be a 'Custom account' for a domain account?
Does the domain account need to be added to any groups?

© Server Fault or respective owner

Related posts about iis7.5

Configuring IIS7 404 page when using IIS7 urlrewrite module

as seen on Pro Webmasters - Search for 'Pro Webmasters'
I've got custom errors to work for .aspx page like: www.domain.com/whateverdfdgdfg.aspx But, when no .aspx url is requested, (like http://www.domain.com/hfdkfdh4545) it results in an error: HTTP Error 404.0 - Not Found The resource you are looking for has been removed, had its name changed… >>> More
How to create a Subdomain in IIS7?

as seen on Server Fault - Search for 'Server Fault'
In IIS7 I have a site: http://www.mydomain.com/mysite How can I get the same site to appear as: http://mysite.mydomain.com ? I already have the DNS set up and can ping it, I just do not know how to configure it in IIS7. >>> More
How can I control which IP address IIS7 uses?

as seen on Server Fault - Search for 'Server Fault'
In Win2k3 I used httpcfg to tell IIS to listen to specific IP addresses on the server. I want to run Apache with VisualSVN Server on port 80 on another IP address but IIS7 binds to all ports by default. What utility for IIS7 controls the IIS7 bindings? Update: I found the answer. There is a utility… >>> More
WCF service hosted in IIS7 with administrator rights?

as seen on Server Fault - Search for 'Server Fault'
Hello, How do I grant administrator rights to a running WCF service hosted in IIS7? The problem is, my code works fine in a test console application runned as an administrator, but the same code used from WCF service in IIS7 fails. When I run the same console test application without admin rights… >>> More
authentication problem on windows vista (cookie is getting written but httpcontext.current.user is n

as seen on Stack Overflow - Search for 'Stack Overflow'
authentication problem on windows vista (iis7) (cookie is getting written but httpcontext.current.user is null) >>> More

Related posts about application-pools

IIS 7.5, Multiple Application Pools, and URL Rewriting (403.18 -- Forbidden)

as seen on Server Fault - Search for 'Server Fault'
Is there any way to configure IIS 7.5 to perform URL rewrites to different application pools on the same site without running into a 403.18 error? We're using Helicon ISAPI Rewrite 3 on IIS 6 and it's working like a charm. The root-level "application" is running under it's own application pool,… >>> More
IIS, multiple CPU cores, application pools and worker processes - best configuration for a single si

as seen on Server Fault - Search for 'Server Fault'
Hi We use Kentico CMS and I've exchanged emails with them about a web garden deployment. We have a single site running on a server with 8 cpu cores. In line with Kentico's advice, we have not altered the application pool web garden setting from the default i.e. it is set to a maximum number of worker… >>> More
.NET Framework version in Application Pools of IIS 7 on windows 2008

as seen on Server Fault - Search for 'Server Fault'
Hello, I have web service on IIS 7 on Windows 2008. This web service must dlls of .NET Framework 3.5 (I have error about System.Linq using when I try to browse the web site) The only place I found where it is possible to change .NET Framework version is application pools management, but The only… >>> More
Unable to set password in IIS 8 for Domain User as ApplicationPool Identity

as seen on Server Fault - Search for 'Server Fault'
I'm trying to set a Domain User account as ApplicationPool Identity in IIS 8 (Windows 2012). When trying this using the IIS Management Console I always get an error: Value does not fall within the expected range. When trying to set the identity using appcmd.exe it fails on both the command setting… >>> More
Why are 32-bit application pools more efficient in IIS? [closed]

as seen on Server Fault - Search for 'Server Fault'
I've been running load tests with two different ASP.NET web applications in IIS. The tests are run with 5,10,25, and 250 user agents. Tested on a box with 8 GB RAM, Windows 7 Ultimate x64. The same box running both IIS and the load test project. I did many runs, and the data is very consistent… >>> More