School of hard knocks ☺ Best way I’ve found is to sit on the w3wp process with process explorer and check out the security accounts associated with the process – other stuff is on http://learn.iis.net/
Off the top of my head Localsystem has full access to everything on the system Local service is like an authed user Network service is like local service except it can access the network in the context of the computer. They are different - I think service is group for services and same for network except for network services - you shouldn't use these in standard app configs - if you can pull the SID of the account, google it in bing, you should see more detail on them. Sent from my Windows Phone 7 From: [email protected] [mailto:[email protected]] On Behalf Of Peter Maddin Sent: Tuesday, 19 July 2011 7:41 PM To: 'ozDotNet' Subject: RE: Web Service Application Pool Identity Ok Thanks Out of curiosity where did you learn that? I have found trying to decode some of this stuff quite difficult. Also if you know what is the difference between SERVICE and LOCAL SERVICE and NETWORK and NETWORK SERVICE? Are they different or are they synonyms? Regards Peter From: [email protected] [mailto:[email protected]] On Behalf Of Jorke Odolphi Sent: Tuesday, 19 July 2011 5:25 PM To: ozDotNet Subject: RE: Web Service Application Pool Identity IIS_IUSRS From: [email protected] [mailto:[email protected]] On Behalf Of Peter Maddin Sent: Tuesday, 19 July 2011 6:01 PM To: 'ozDotNet' Subject: Web Service Application Pool Identity I am trying to get a handle on the in-built accounts used for Application pools used by a web service. The default identity for DefaultAppPool is ApplicationPoolIdentity. My web service needs read and write access to folders on the server hosting IIS. What does the ApplicationPoolIdentity identity map to when one is selecting users and groups for a folder/file? One can change the Identity to • LocalSystem I guess this maps to SYSTEM • LocalService I guess this maps to SERVICE but it could also map to LOCAL SERVICE. • NetworkService I guess this maps NETWORK or NETWORK SERVICE. Currently I am using LocalSystem. Is this the best option? What is ApplicationPoolIdentity? What does one use when one is selecting users and groups that maps to ApplicationPoolIdentity? Any demystification greatly appreciated. Regards Peter Maddin Applications Development Officer PathWest Laboratory Medicine WA Phone : +618 6396 4285 Mobile: 0414 240 307 E-Mail : [email protected]; [email protected] The contents of this e-mail transmission outside of the WAGHS network are intended solely for the named recipient's), may be confidential, and may be privileged or otherwise protected from disclosure in the public interest. The use, reproduction, disclosure or distribution of the contents of this e-mail transmission by any person other than the named recipient(s) is prohibited. If you are not a named recipient please notify the sender immediately.
