I did some research for IIS application pools because I encountered some issues when I deployed my OPC client web application into IIS7. I had to change the identity of the application pool to LocalSystem to make it run properly.
Basically, an application pool is just like a container to contain the managed application. It isolates the managed application so the managed application won't affect the other applications in other application pool and vice versa.
Therefore, if I change the identity of the application pool, I change the privilege of the managed application. In my OPC client case, I changed the identity to LocalSytem, so I gave the application very high power privileges. Of course, this increases the security concerns, but if one day when my client complaints :), I think I can create a custom account, define some proper privileges and assign the account to the application pool identity.
References:
http://technet.microsoft.com/en-us/library/cc753449%28v=ws.10%29.aspx
http://technet.microsoft.com/en-us/library/cc771170%28v=ws.10%29.aspx
No comments:
Post a Comment