User ASP.NET runs under

by

I’m a bit confused about how ASP.NET, what user it runs under? On iis 7.5 and on 6.0

A few of the user accounts that I’m not clear on are

  • Network Service
  • IUSR
  • AppPool

Any clarification on the different users would be appreciated and security considerations/etc.

Contents hide
Answers:
Method 1
Method 2

Answers:

Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.

Method 1

In summary:

  • IIS 5.1 (Windows XP) – it’s a local ASPNET account
  • IIS 6 – by default, application pools run under the Network Service account which is a member of IIS_WPG group
  • IIS 7.0 – still Network Service
  • IIS 7 SP2 / 7.5 – runs under an ephemeral thing called ApplicationPoolIdentity which maps to an account IIS APPPOOLApplicationPool (e.g. IIS APPPOOLDefaultAppPool). This account is a member of IIS_IUSRS user group
  • ASP.NET Web Development Server (Cassini) – it’s obviously your own account

And it’s a good practice to create a custom low-privileged account to run your application especially on PROD environment or when you need to access the network from the application.

Method 2

ASP.net by default runs underneath the IIS_IUSRS user group. So if you need to grant permission to allow your application to run, use that group.


All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

0 0 votes
Article Rating
Subscribe
Notify of
guest

0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x