Notes to self

my brain dump of solutions to technical problems

ApplicationPoolIdentity find the user account

ASP .Net, OS jcrawfor74

The Problem

How do you find the ApplicationPoolIdentity Account?

Under IIS 7 you have the ability to set the user account that the Application Pool will run under. By Default this appears to be a setting called “ApplicationPoolIdentity”.

So if you need to provide access for this user to a local system resource how do you find the user account when you are searching in the security tab?

The Answer

When the application pool is created a new user account is created with the name of the Application Pool.
This account is created on the local machine in the format of:
IIS AppPool\AppPoolName – where AppPoolName is the name of your application pool

So for example the DefaultAppPool user can be found by searching for:
IIS AppPool\DefaultAppPool

Application Pool Identify - prior to resolve

When Resolved

Application Pool Identity Resolved

The better answer (in 2025)

The above is kind of true but I just realised a truth that I had not known for the past 10 Years!!!
I was trying to get a website to create its Log folder in the root of the site and it was failing with security permission issues.

I was reading an article on how to fix this and it said set the permission like:

IIS AppPool\YourAppPoolName

“YourAppPoolName”.. hmm so if

  • My website is callled “game”
  • My ApplicationPool is called “game” (as the default name)
  • YourAppPoolName = “game”
  • So the app pool permissions would be

IIS AppPool\Game

Which then when you click “Check Names” resolves too

WOW, that makes sense. The DefaultAppPool is only for the Default Website.. !!!

The “IIS AppPool” is a virtual user namespace and every app pool that is created effectively gets local account that can be used for setting permissiosn.

Mind blown..

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.