Hi,
It appears that when an AppPool is created, and the pool is set to run under a virtual account via ApplicationPoolIdentity, said virtual account does not immediately become available as an entity. After some experimentation, it looks as if it is created the first time an attached application is executed, or at OS start-up time.
This is somewhat problematic in combination with strict file permissions, especially in the context of automated deployments, as the appropriate permissions cannot be granted to the virtual account before it exists, and it cannot exist before the application has executed for the first time, which it cannot due to insufficient permissions.
Is this actually the intended behaviour of IIS? If so, are there any clean ways of forcing the virtual account to become available?
Cheers!