0

I just read something that said it's much better to use integrated security here on SO, so I've switched all my connection strings over.

The error I get is "Login failed for user 'IIS APPPOOL\DefaultAppPool'."

Before I go ahead and grant this user permission, I wanted to ensure that it was the correct thing to do and I wasn't inadvertently opening the floodgates of hacker hell.

Should I grant this app pool permission to access my SQL or should I create a new app pool?

I'm writing WCF services in .NET 4.5

NibblyPig
  • 51,118
  • 72
  • 200
  • 356

1 Answers1

1

Do you have other sites or services on the server that use this app pool and could potentially provide a security risk for database access? If yes, create a new app pool. Do you have another site that might cause the app pool process to crash, or might have a memory leak (thus affecting other sites in the same app pool)? If yes, create a new app pool.

Other than slightly more memory usage, app pool isolation really doesn't have any serious downsides. Microsoft "generally" recommends it (although this article is about SharePoint setup, the app pool / database access concept is the same):

You need to establish which Application Pool in IIS is going to be used by the IIS Web Site. Application Pools in IIS access resources on behalf of the Web Site using an account identity that you specify. This Application Pool will be used by the web application to access its content database. Generally, you’ll want to create a new one to keep it separate from the existing Application Pools.

See this thread for some additional discussion of the pros and cons of separate app pools per site.

Community
  • 1
  • 1
SWalters
  • 3,615
  • 5
  • 30
  • 37
  • Great, thanks. One thing I couldn't find is, if I create a new App Pool I can assign it an account to run under. Presumably I should create a new account per app pool, but I am not 100% sure on how to do this correctly. Is it just a case of adding an account to the local machine and giving it essentially 'Guest' permission ie. no ability to do anything, and then letting SQL grant permission to it? – NibblyPig Oct 22 '13 at 14:24
  • You could go one of two ways here: IIS will [create an account](http://www.iis.net/learn/manage/configuring-security/application-pool-identities) for each new app pool. Alternatively you could use a local or domain account to host the app pool in. Either way, the account will need to be given access to the SQL database, the ability to log in as a service, and membership in the system's IIS_IUSRS group. – SWalters Oct 22 '13 at 14:33