We have created an Asp.Net Core web api that makes a cryptographic process for files using a USB hardware token that has a certificate and Pkcs11Iterop .net package, then we have published it to an IIS web server on a win server 2012 R2 of x64 platform architecture. The problem is that on using a "Custom User Account" which has an Admin role as an application pool identity, we cannot detect or read the presence of the USB token, However, if we set "Local System" built-in account as an application pool identity within the IIS, the program reads the USB token presence. Is there any permissions that we can set to the Custom Account that maps the same permissions of the Local System IIS built-in account ?
Asked
Active
Viewed 226 times
0
-
If you worry that set Local System may cause some security issue, you can use LocalService. It also can detect USB token. You can refer to this [answer](https://stackoverflow.com/a/40114688/14162739). – Bruce Zhang Sep 16 '21 at 07:35
-
Please provide enough code so others can better understand or reproduce the problem. – Community Sep 22 '21 at 06:14