Exclusive piece of technology resides here!!: Did you know… The default Application Pool Identity in IIS 7.5 (Windows 7) changed from NetworkService to AppPoolIdentity?

In Windows 7, IIS application pool isolation was taken yet to a different level. The new change introduced in IIS7 (Windows Server 2008) was a new option to run your application pool as AppPoolIdentiy. However, the default for an application pool identity in IIS7 remained the same – NetworkService. In IIS7.5, AppPoolIdentiy becomes a default. Thus, scripts previously expecting permissions for their application pool identity to be set to “NT Service\NetworkService” will now have to set permissions (ACLs) for “IIS AppPool\” – the user account created for each new application pool.

Thus, to set permissions for the DefaultAppPool, the scripts will need to set ACLs for “IIS AppPool\DefaultAppPool”.

The incentive behind this change was to enforce the improved concept of process isolation through separate user accounts generated for each application pool identity.

To see other options that you can choose for your application pool identity, go to IIS Manager, Application Pools and right-click on the pool you want to configure, select Advanced Settings and Identity in the dialog that opens. You can choose one of the built-in accounts for your application pool identity: