User ASP.NET runs under

asp.net iis-7 iis iis-6

I'm a bit confused about how ASP.NET, what user it runs under? On iis 7.5 and on 6.0

A few of the user accounts that I'm not clear on are

  • Network Service
  • IUSR
  • AppPool

Any clarification on the different users would be appreciated and security considerations/etc.


In summary:

  • IIS 5.1 (Windows XP) - it's a local ASPNET account
  • IIS 6 - by default, application pools run under the Network Service account which is a member of IIS_WPG group
  • IIS 7.0 - still Network Service
  • IIS 7 SP2 / 7.5 - runs under an ephemeral thing called ApplicationPoolIdentity which maps to an account IIS APPPOOL\ApplicationPool (e.g. IIS APPPOOL\DefaultAppPool). This account is a member of IIS_IUSRS user group
  • ASP.NET Web Development Server (Cassini) - it's obviously your own account

And it's a good practice to create a custom low-privileged account to run your application especially on PROD environment or when you need to access the network from the application.


ASP.net by default runs underneath the IIS_IUSRS user group. So if you need to grant permission to allow your application to run, use that group.

Related

javascript switch(true)
Java 8 Lambda expressions for solving fibonacci (non recursive way)
What's the performance cost of "include" in PHP?
Owin Self host & ASP .Net MVC
Why is accelerometer:didAccelerate: deprecated in IOS5?
Regular expression for no more than two repeated letters/digits
how to execute a python script file with an argument from inside another python script file
How to colorify git errors, warnings and fatal messages?
WCF DataContract DataMember order?
Android SoundPool: get notified when end of played
Does spring have a shutdown process to put cleanup code?
Maximum Call Stack Size Exceeded During a setTimeout Call