Need a simple CRM and Project Management system?
Check out JobNimbus - CRM for Contractors and Service Professionals.

Changing the Application Pool Identity with Windows Server 2008 and IIS 7

By default, application pools (including the default app pool) in Internet Information Services (IIS) 7 use the "Network Service" account as their security identity. For most cases, this default identity should work well for most ASP.NET applications. But in some cases, you may need to configure custom security rules or you may want to isolate your process under its own lower privileged account. In addition, there may be cases where you need to find out what account your ASP.NET process is currently running under in IIS. The following is a quick guide to finding out what identity your application pool is running under and changing it if you so desire.

Open up IIS Manager (Internet Information Services) by going to Start -> Administrative Tools -> Internet Information Services (IIS) Manager.

Open up the IIS options in the left side tree view and click on Application Pools. Then click on the application pool in the middle view that you want to check and/or configure. A contextual link will appear on the right side for this app pool instance. Click on the Advanced Settings link.

Scroll down to the Process Model group of settings. The Identity setting here shows the current account that your app pool is running under. If you want to change this value, in the Identity column, click into the space next to the field where the setting value is located and a small button with "..." will appear. Click on this button to open up the editor to choose a different account.

Choose a Build-in account or you can set the process to run under an account you create yourself. Then click OK to apply the changes.

Click OK on the main Advanced Settings dialog to close it and apply your settings.

Using C# in ASP.NET, you can check the user name of the identity that your code is currently running under by using this code snippet:

System.Security.Principal.WindowsIdentity.GetCurrent().Name.ToString();

There is more information about specific security scenarios where you might use this at this link:

http://learn.iis.net/page.aspx/624/application-pool-identities