3 thoughts on “Windows Containers and IIS”

  1. Hi,
    Thanks for usefull information. Minor correction for network service identityType:ApplicationPoolIdentity to identityType:NetworkService
    Best

    1. Axel – That’s an ‘it depends’ (in my opinion). Both have access to the network. Either could be used, depending on the IIS setup/usage.

      MS documentation on the two identity options has:

      Network Service: Restricted or limited service account that is used to run standard, least-privileged services. This account has fewer privileges than a Local System account. This account has access to network resources.

      ApplicationPoolIdentity: When a new application pool is created, IIS creates a virtual account that has the name of the new application pool and that runs the application pool worker process under this account. This is also a least-privileged account.

      Cheers,

Leave a Reply

Your email address will not be published.