Re: Application pool doesn't start with domain account
From: John Bailey (JohnBailey_at_discussions.microsoft.com)
Date: Mon, 15 Aug 2005 07:41:10 -0700
I have the same issue. I set the permissions you specified for the domain
account, but am still getting the same error.
"Ken Schaefer" wrote:
> - Ensure that the username/password are supplied correctly in the Web App
> Pool properties dialogue
> - Ensure that the user account in question has the following NT rights on
> the IIS box:
> - Replace a Process Level Token (SeAssignPrimaryTokenPrivilege)
> - Adjust Memory Quotas for a process (SeIncreaseQuotaPrivilege)
> - Generate Security Audits (SeAuditPrivilege)
> - Bypass Traverse Checking (SeChangeNotifyPrivilege)
> - Access this computer from a network (SeNetworkLogonRight)
> - Logon as a Batch Job (SeBatchLogonRight)
> - Logon as a Service (SeInteractiveLogonRight)
> - Allow Logon Locally (SeInteractiveLogonRight)
> (those are the rights that Network Service has by default, so that should be
> enough for a custom account)
> IIS Blog: www.adopenstatic.com/cs/blogs/ken/
> Web: www.adopenstatic.com
> "Paul Williams [MVP]" <firstname.lastname@example.org> wrote in message
> : Cross-posting into the IIS group for additional help...
> : --
> : Paul Williams
> : Microsoft MVP - Windows Server - Directory Services
> : http://www.msresource.net | http://forums.msresource.net
> : "Davide" <email@example.com> wrote in message
> : news:firstname.lastname@example.org...
> : Hi,
> : I have a network of 3 server ( windows 2003 server ) : A, B, C
> : A is e domain controller with active directory
> : B is a server of domain where is installed IIS 6.0
> : I Would like to start an application pool over a WebSite of B with an
> : identity of domain and not as "Network Service"
> : So, I created an user on active directory ( _usrsvc ) that's member of
> : Administrator of domain, of Domain Admins, of Domain Users and of
> : IIS_WPG, but when I start up the website I receive this message in
> : event viewer :
> : "The identity of application pool 'SmartAppPool' is invalid, so the
> : World Wide Web Publishing Service can not create a worker process to
> : serve the application pool. Therefore, the application pool has been
> : disabled."
> : What permission user of domain must have to start application pool?!
> : Thank and sorry for my English ;)