IIS 7.5 using impersonation even when disabled
Question
i am using IIS 7.5 with windows auth enabled for a default web site. i have set it to run as IIS AppPoool Identity and given permisson to my web folder to the IIS app pool identity. but when a users logins to my site and provides network credentials its impersonating as the user to get access to my web folder instead of using app pool identity and the user is getting 401 error. i verified this through procmon as well.
i also ran appcmd set config /commit:WEBROOT /section:identity /impersonate:false
to make sure impersonation is disabled. i have to add the computername\\users id to the web app folder with read/execute permission to get it to work. what am i missing here?
1 answers
solution1
0 2012-01-04 18:22:20
I don't know how to do this via command line, but here are the steps via the GUI.
- Open IIS Manager
- Expand your server
- Expand sites
- Browse to your application and select it
- Click "Basic Settings..." in Actions on the right
- Click Connect as...
This window allows you to change the user.
Note that there are two forms of impersonation, which is what is causing you confusion. Application pool impersonation causes the application to run in the context of the user. Connect as causes the application pool to use the user to access the resource on disk, without actually running in the context of the user otherwise.
Also note that if you are using Anonymous authentication the "Authenticated user" in the Connect as box is the anonymous user defined in Authentication.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.