Unable to set NTFS permissions for ApplicationPoolIdentity on Windows 2008 SP2
Posted
by
Kev
on Server Fault
See other posts from Server Fault
or by Kev
Published on 2010-12-08T23:42:23Z
Indexed on
2011/01/06
14:56 UTC
Read the original article
Hit count: 262
On Windows 2008 R2 I am able to set NTFS permissions for an application pool's synthesised ApplicationPoolIdentity
account thus:
ICACLS d:\websites\site1\www /grant "IIS AppPool\site1":(CI)(OI)(M)
The website's application pool is named site1
and is configured to run as ApplicationPoolIdentity
. The site's authentication is also configured to authenticate as ApplicationPoolIdentity
. I've done this a thousand times on Windows 2008 Standard Edition R2 with never a hitch.
However if I try to do the same in Windows 2008 Standard Edition SP2 I get the error:
IIS AppPool\site1: No mapping between account names and security IDs was done. Successfully processed 0 files; Failed processing 1 files
I also notice that this fails if I try to set permissions for the application pool identity via the security GUI as well. I've seen this before and a reboot has cleared this issue but I'd like to know why this happens periodically. Googling around suggests other folks have hit this problem but there's never a satisfactory explanation.
Why would this be?
© Server Fault or respective owner