Change a website to use a specific user in app pool (impersonate:false)

How to script moving a website username/password from web.config to an app pool is pretty easy if you have the correct syntax.

First, you need to use a tool called appcmd. that is located and must be ran from the following location:

c:\windows\system32\inetsrv

Before you make the change, this process updates the applicationHost.config file AND the web.config in the website directory so ALWAYS make a backup.

Simply copy the file called applicationHost.config from C:\Windows\System32\inetsrv\config so you have a backup.

Also copy the web.config from the website you’re changing as well.

Once your backups are done, open a CMD prompt and change directory to c:\windows\system32\inetsrv and run the following commands:

appcmd set config “SITE_NAME_HERE” /section:identity /impersonate:false

appcmd set config /section:applicationPools /[name=’SITE_NAME_HERE’].processModel.identityType:SpecificUser /[name=’SITE_NAME_HERE’].processModel.userName:DOMAIN\user_name /[name=’SITE_NAME_HERE’].processModel.password:Password_Here

it isn’t necessary to restart the app pool but it doesn’t hurt to do so.

To verify:

Test the site… Check the site logs… Check your security logs…

All done!

Leave a Reply

Your email address will not be published. Required fields are marked *