how to run iisexpress app pool under a different identity

is there a way to run iisexpress app pool under a different identity other than the currently logged in user?

I am getting around this problem using the "runas" command currently but I would like to know if there is something built-in to iisexpress that I can utilize.


Solution 1:

It looks like this should be possible. In your IIS Express site's applicationhost.config file, there is a <processModel/> element defined in <applicationPoolDefaults> under <applicationPools>

The <processModel> element has attributes for userName and password.

From MSDN:

Specifies that ASP.NET will run the worker process with a Windows identity that is different from the Windows identity for the default process identity. By default, this attribute is set to the Machine, and the process runs under a user account named ASPNET that is created automatically when ASP.NET is installed. The password for the ASPNET account is cryptographically generated at the time of installation. If valid credentials are presented in this attribute and the password attribute, the process is run with the given account.

This should allow you to run the site under different credentials from the logged in user.

Solution 2:

I could not get the above solution to work and I wanted to be able to debug through Visual Studio while running IIS Express under different credentials.

  1. Open the command prompt using "Run as administrator" (you need elevated privileges)
  2. Navigate to the directory of Visual Studio in the command prompt (in my case: "cd C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE" for VS2010).
  3. runas /netonly /user:[domain]\[userid] devenv.exe
  4. Open your solution from VS and complete your TFS credentials (if applicable).

You can now debug as normal under IISExpress (assuming this is how you have your project configured) under the run as credentials. This is great if you need to use integrated security for database connections or something similar but need to use different credentials.

Solution 3:

"runas" is only the solution. IIS Express maynot respect processModel settings which are defined in applicationhost.config file.

Solution 4:

Runas /netonly IISExpress.exe from command line does work and is very viable if you're as desperate for an answer as we were. Related post