Add IIS 7 AppPool Identities as SQL Server Logons

I’m running an IIS 7 Website with an AppPool of Integrated Pipeline Mode.
The AppPools does NOT run under NetworkService, etc.. identity (by purpose), but uses its own AppPool Identitiy (IIS AppPool\MyAppPool).

This is a so called service account or virtual account.
(a user account, which is not a full account…)

I’d like to give this service account (IIS AppPool\MyAppPool) permissions to connect to my SQL Server 2008 Express (running in Mixed Auth. Mode).

While SQL Server can add any normal user account, the IIS AppPool\MyAppPool virtual account cannot be added to the valid logons (SQL Server says, that the account cannot be found).

Is there any trick, anything I need to enable to make the virtual accounts work?
(the w3wp.exe process runs under this identity according to taskmgr, but I cannot use the account in NTFS security either…)

Thanks for your help!

10 Answers

Leave a Comment