You can give permissions to that account using icacls. It's a dynamically created user identity. It's for security reasons. Here is an explanation, and also how to use icacls to set the permissions: http://www.adopenstatic.com/cs/blogs/ken/archive/2008/01/29/15759.aspx
Failed Request Tracing is easy to setup once you know the two steps to follow - did you google FREB as recommended? Cheers Ken From: [email protected] [mailto:[email protected]] On Behalf Of Greg Keogh Sent: Wednesday, 5 January 2011 6:21 PM To: 'ozDotNet' Subject: RE: 500 - Internal server error Folks, I double-checked everything you've all mentioned, except for implementing Failed Requests Tracing Rules because it's too hard. I got down to running procmon.exe with an ACCESS DENIED filter on the file system and found failures on IIS APPPOOL\Classic .NET AppPool, which surprised me as a I'm not using it, I've set NETWORK SERVICE as my account. So something out of my control is causing this. I experimentally set Classic pool to use NETWORK SERVICE as well, but it triggered this bizarre error which is also out of my control: HTTP Error 500.21 - Internal Server Error Handler "Plesk_Handler_013215644" has a bad module "ManagedPipelineHandler" in its module list In theory I could just give modify permission to ApplicationPoolidentity where it needs it, but it doesn't appear in the file system security account lists. I don't know how to assign that account to permissions. Can you? What makes this whole problem so bad is that fact that I'm working on a weird GoDaddy server in Arizona. They have pre-loaded Win2008 with huge slabs of non-standard software, defaults, folders, services and accounts. If this was a vanilla Win2008 I would probably have had it working in 20 minutes. Greg
