Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
i’ve always read that the user you set in the IIS website/virtual directory is the user that runs the app (anonymous user identity)
But in the application pool, i can also set a user (process model, identity)
what is the difference between the two, and which one will need access if i do a file read?
EDIT:
the bounty is for this quesyion ‘ but if i use ‘anonymous authentication’, is the user i choose in the ‘anonymous user identity’ ever used? – ‘ posted as comment
Think of the website identity as a rule that defines who can access the site. If you specify an anonymous account to use, that account must have access to the site. If anonymous access is disabled, then the user’s credentials must have access to the folder.
The app pool identity defines what the application can do. The app pool’s worker process will run using the app pool identity; that account must be granted access to any resources (SQL Server, file shares, etc) that the app will need to access.
To answer your question: yes, the anonymous account is used. Think of the scenario where you’re hosting a hundred web sites, and you don’t want one customer’s files to be able to access another’s. You would assign separate anonymous access to each customer. Each site’s anonymous account allows IIS to access only the files relevant to that particular site (provided you’ve configured that account’s access correctly).