Can anyone provide me with some good information on this topic or point me
to some good resources?
Thanks, Tyler
"Tyler" <ty...@work.com> wrote in message
news:O32E1ClU...@tk2msftngp13.phx.gbl...
If you can see the Application Pool folder in the Win2K3 IIS6 mmc,
then it means your IIS6 are running in worker process isolation mode.
In this case, NETWORK SERVICE is the default process identity which
replaces IWAM. So you'd grant NETWORK SERVICE accont with the proper
permission other than IWAM.
If there isn't the Application Pool folder, IIS6 is running in IIS5.0
isolation mode, which still works with IWAM and dllhost. You can
grant IWAM with the permission like before.
Best regards,
WenJun Zhang
Microsoft Online Support
This posting is provided "AS IS" with no warranties, and confers no
rights.
Get Secure! - www.microsoft.com/security
I know that I need to grant the NETWORK SERVICE account on the web server
access to the share on the other server, but my question is how do I do this
when each machine has a NETWORK SERVICE account and neither NETWORK SERVICE
account is a domain account? Am I missing something obvious here?
For example, when I am modifying share permissions and browse to select the
accounts to provide access, I cannot specify the web server's NETWORK
SERVICE account. As well, on my other server, I assume I must specify that
the web server's NETWORK SERVICE can 'Access this computer from the
network' - I cannot figure out how to do that either.
Your assistance is greatly appreciated,
Thanks, Tyler
""WenJun Zhang[msft]"" <v-wz...@online.microsoft.com> wrote in message
news:D3eonupU...@cpmsftngxa10.phx.gbl...
You can create a new domain account and set it as this application
pools's identity. Then grant this domain account with appropriate
permission on the remote share. If the boxes are not in a domain
enviornment, you'd create two local accounts on each machine with the
same username and password.
To make the new account has proper permission to act as an IIS
AppPool ID, please add it to IIS_WPG group and refer to the following
article to grant it with additional group policy permissions which
NETWORK SERVICE has:
INFO: Default Permissions and User Rights for IIS 6.0
http://support.microsoft.com/?id=812614
Also, please note when you set the account in Application Pool's
properties, you must type the account's password twice. The UI will
not auto verify the password and if it's incorrect, you will get
Service Unavailable error everywhere.
Please feel free to let me know if you meet any problem.
Best regards,
Tyler
Thank you in advance.