Quantcast
Channel: Security
Viewing all articles
Browse latest Browse all 1881

Do I need to put AppPoolIdentify local user gruop?

$
0
0

Hi,

Today, when we work on pre-testing on production server, configuration likes this

- IIS 7.5 on windows 2008 R2

- Windows Authentication enabled

- website root folder "D:\wwwroot\website1"

In this "website1" folder, "local user group (i.e. SERVER/USER) is removed from the folder access permission)

We need to add "IIS APPPOOL\website1" with read permission on this folder, otherwise, access is denied on

permssio to read file like "web.config" under the "website1" folder

Suppose a domain user need to authenticate on access asp pages within the "website1",

do we need to assign domain permission to this "AppPoolIdenity" ?

I really do not understand the new security model.

Really thanks to your advice in advance,

Ray


Viewing all articles
Browse latest Browse all 1881

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>