Working on setting up a site on a new server. The existing site was setup within IIS and uses it's own Application Pool. Within the application pool a seperate "SERVICE ACCOUNT" had been created to serve as the identity for this application. We have moved this application over to a new server and have decided to carry over this design of using a seperate service account.
Issue, there has been discussion as to "why are we doing this". People have asked, "why can't we simply use the built in "Application Pool Identity".
Coming from a DoD environment, we've always been told to create our own service accounts, then to tie those service accounts to the application pool for those sites.
I guess my question is what is the PURPOSE, FUNCTION, DISADVANTAGE/ADVANTAGE OF USING EACH OF THE FOLLOWING.
1. LOCAL SERVICE
2. LOCAL SYSTEM
3. NETWORK SERVICE
4. APPLICATION POOL IDENTITY
5. CUSTOM ACCOUNT
Thanks