<< Gallery Extension | Windows 2008 Server Core edition and final release of Hyper-V >>

Creating custom service accounts for IIS

Posted by ploft on June 27, 2008
0 comments

Just came across this today – maybe it's only me being buried under a huge rock, but I think this small feature need a lot more credit and advertising – so this is me advertising for a parameter – yay!

For those of you who think the whole procedure of setting custom service accounts when configuring Internet Information Server is just the most fun you could ever imagine, don't read any further. If you - like me - think it's quite boring to do this a lot of times, there is a nifty little feature in the aspnet_regiis tool that comes with the .NET 2.0 Framework.

The normal and manual procedures to do this are adding the user to the worker process group, make sure permissions is correctly set on the different temp folders, IIS metabase and so on.
I my case I often forget There should now be a slight chance that you don’t forget anything now because this tool does it all for you – that’s nice!

...enough talk, and let aspnet do the configuration for you:

aspnet_regiis -ga <useraccount>

It's soooo easy - I even think even my grandma is able to use this feature.

You can read more about the features on aspnet_regiis tool on msdn here: http://msdn.microsoft.com/en-us/library/k6h9cz8h.aspx

Update 1. april 2009:
Mark S. Rasmussen add's to the above:

"We're running all x64 servers, but our IIS is running in 32 bit mode due to some non-x64 compatible 3rd party libraries. Usually this means we have to use the Framework\version\aspnet_regiis.exe bin instead of the Framework64 version - otherwise it might interfere with our 32 bit IIS settings.

Doing that resulted in the following error:
1. C:\WINDOWS\microsoft.net\Framework\v2.0.50727>aspnet_regiis -ga [domain]\[user]
2. Start granting [domain]\[user] access to the IIS metabase and other directories used by ASP.NET.
3. An error has occurred: 0x800703f0 An attempt was made to reference a token that does not exist.

The solution was quite simple, it seems you must use the x64 version on an x64 system to run the -ga command. After using the binary in the Framework64 directory, the command ran perfectly."

Thanks to Mark Rasmussen for noticing this, check out he's great blog:
http://improve.dk/blog/2008/09/02/aspnet-regiis-ga-token-reference-error

Data Protection Manager 2007 (DPM) is slow in Windows 2008Resolution to slow DPM 2007 on Windows 2008Restoring content database to a new SharePoint installation with a new SQL instanceRestoring a content database to fresh SharePoint 3.0 installation from SQL detatch/attatch approch.Windows 2008 Server Core edition and final release of Hyper-V

Search

more of me

Facebook

My work:

Messenger Status

Disclaimer

The opinions expressed herein are my own personal opinions and do not represent my employer's view in anyway.

ploft.dk

This is my personal blog about stuff that daily consume my interests

Creating custom service accounts for IIS

Related posts

Search

Categories

Tags

more of me

Messenger Status

Disclaimer