Granting permissions to the ApplicationPoolIdentity

Windows 7 and Windows 2008 RC 2 introduced the concept of managed service accounts and by default, application pools are set to use a managed service account in order to isolate the web application pool without adding additional management of passwords and such.  The downside is that the implementation is half-baked when it comes to giving these accounts permission to other things such as accessing files or directories.

The trick is, when setting the security for the file or folder, select your computer as the location then enter IIS APPPOOL\ApplicationPoolName as the user where ApplicationPoolName is the name of the application pool you want to give permission to.  Microsoft really should make these accounts show up in the GUI, but at least this little trick works.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: