PROFILE 26 - IIS application pool using named user identity

Brian Donahue

• Date: 12-Oct-2005
• Versions affected: 2.6

Some web applications are configured to run under named user accounts in Internet Information Server version 6 by configuring the identity of an application pool to impersonate a named user on the network.

This configuration may be necessary, for example, if the web application must log on to a SQL Server using a Windows account in the same domain or a trusted domain.

When ANTS Profiler is instrumenting a web application, the configured user is ignored. By default, the web application will run under the LocalSystem (NT AUTHORITY\System account) when the code is being instrumented by ANTS Profiler. This is because the ANTS Profiler Service actually starts the web application being profiled, and this service runs under the LocalSystem security account by default.

Using this knowledge, it is possible to profile a web application while still respecting the identity configuration set in the application's configured application pool by changing the account that the ANTS Profiler Service runs as.

To do this, please follow these steps:

• In IIS Manager, check the web application's properties to determine which application pool it is using.
• Expand Application Pools in IIS manager, locate the application pool, right-click, and select Properties.
• In the application pool's identity tab, change the identity from the named account to the Network Service account, otherwise ANTS Profiler will display an error message.
• Go to Windows Administrative Tools and open the Services. Locate the ANTS Profiler Service, right-click it and access the service properties.
• Under the Log On tab, enter the user name and password that you want the web application to run under.
• Stop the ANTS Profiler Service and start it again if it had already been running.

You should now be able to profile the web application as a named user.