1

We have a requirement to write a txt file to a remote server path within the same domain. In order to do this the only option that the Clients are Ok with is to use Custom accounts in the App Pool.

The application is a VB.NET 4.0 application hosted in IIS 7.5, the app pool's identity is configured to run under a Custom Generic ID (SVC_MyApp).

But as soon as we start the application the App pool stops and we get the 503 error. On digging deep we found that the Generic ID is not having enough permissions. We get an access denied error in the event logs. Are we missing anything in the configurations?

What are the minimum permissions that the Service ID (SVC_MyApp) should be granted to allow the Application to run properly with the App pool running under the custom account?

And also the meet the requirement of writing a file to the remote server folder, what are the configurations that has to be done on the remote server/folder?

Navaneeth
  • 190
  • 1
  • 1
  • 16
  • I don't think access denied error will stop application pool. Are you sure that password being used for custom identity is correct? – Pankaj Kapare Mar 14 '16 at 18:13
  • Yes the password is correct. When we added the generic ID to admin group in the server. The app works, but we are not to do that. The ID should be given as minimal permissions as possible. – Navaneeth Mar 14 '16 at 18:20
  • In that case remove generic ID from admin group and give write permissions to this id on folder where you are writing text file. – Pankaj Kapare Mar 14 '16 at 18:22
  • Okay i will do that for the file write functionality. But the main problem is application doesn't even start. As soon as i browse the URL, the app pool stops and i get the 503 error. How to fix this? – Navaneeth Mar 14 '16 at 18:24
  • Is your generic ID added to IIS_IUSRS group? – Pankaj Kapare Mar 14 '16 at 19:04
  • Yes its added to the IIS_IUSRS group too. – Navaneeth Mar 15 '16 at 05:10

0 Answers0