To W2K3 : Application Pool Identity setting in IIS 6.0
I thought I was over the hump in setting up a website in W2K3 Server IIS 6.0, as several posts in a September 2003 “To W2K3” series timeframe will attest. But that was on a W2K3 Server at HQ; today's W2K3 IIS 6.0 issue was on the first W2K3 Server of my home office network.
Configuration Objective: Create an IIS Site with its own Application Pool with that Application Pool's Identity being set to a local user. Not a problem...
I went into the Local User Policies and did what I did months ago at HQ: adding the account to the “Login as Service” and “Logon Local...” user policy groups. Restarted IIS. Restarted the app pool. Rebooted. nothin.
Then I found this most excellent TechNet article: Configuring Worker Process Identities. How I got by without having to employ the steps listed in this article months ago when I configured several sites similarly on the HQ W2K3 servers is an unknown. I'll have to investigate.
The specific steps which liberated me from the [worthless-and-why-can't-MS-give-a-clue-when-this-happens] “Service Unavailable” message were:
- Adding the user account to the IIS_WPG group of the server
- Assign to this account two user rights to start CGI processes: Adjust memory quotas for a process and Replace a process level token.
- Give the IIS_WPG group Read & Execute, List Folder Contents, and Read permissions to the Web site directories
Definitely an excellent TechNet article. Whoever wrote it, thanks!