Hi,
I'm creating an installation for a web server which will be running on Windows Server 2008 R2 and IIS 7.5.
I've configured Advanced Installer to create a new Application Pool (named "MyAppPool") and a new web site which will run under the new AppPool.
The ASP.NET application under this web site needs Modify permissions to a certain folder under the installation folder ([APPDIR]\Data).
In order to allow the ASP.NET application modify permissions to that folder, I need to give NTFS modify permissions to the SID under which the Application Pool process runs (http://stackoverflow.com/questions/5437 ... ermissions).
This SID (NOTE: this is not a user and does not appear under the local users) is named: "IIS APPPOOL\MyAppPool" (without the quotes).
I tried specifying these permissions under Files And Folders->Folder Properties->Permissions Tab but I get an error saying the username field cannot contain the '\' char.
How can I accomplish what I'm trying to do?
Thanks.
Suggested Articles
Re: NTFS permissions for ApplicationPoolIdentity
Hi,
You can try using "IIS AppPool" in the Domain combo box and MyAppPool in the Username combo. If this doesn't work, the only solution is to use ICACLS.EXE as a custom action. Basically, you're launching it with a command line which grants permissions to your user account.
Regards,
Cosmin
You can try using "IIS AppPool" in the Domain combo box and MyAppPool in the Username combo. If this doesn't work, the only solution is to use ICACLS.EXE as a custom action. Basically, you're launching it with a command line which grants permissions to your user account.
Regards,
Cosmin
Re: NTFS permissions for ApplicationPoolIdentity
Hi Cosmin and thanks for the quick response.
I tried your suggestion and put "IIS AppPool" in the Domain combo box and MyAppPool in the Username combo.
It worked (!) and provided the Application Pool Identity with the permissions requested.
One note is that on my first try, I only supplied the AppPoolIdentity permissions on the folder and ended up with no access to this folder for myself.
I had to uninstall and specify explicit permissions for Administrators and Everyone.
Thanks.
I tried your suggestion and put "IIS AppPool" in the Domain combo box and MyAppPool in the Username combo.
It worked (!) and provided the Application Pool Identity with the permissions requested.
One note is that on my first try, I only supplied the AppPoolIdentity permissions on the folder and ended up with no access to this folder for myself.
I had to uninstall and specify explicit permissions for Administrators and Everyone.
Thanks.