If you are running IIS5 and all that seems like too much effort, or you have multiple web applications and do not wish to edit every single system.web and IIS virtual directory you can edit the default context for asp.net. As I have already said asp.net runs under the ASPNET user. This account already has the correct permissions but the password was set on installation of the framework and we don't know what it is. What we can do is reset the password for this user, (remembering to setup an ASPNET user on the SQL server with the same strong password) then edit machine.config to tell the .net framework to use this new password. Unfortunately you must enter the password in machine.config in plain text, but as this file lives in
c:\windows\microsoft.net\framework\versionNumber\config
the risk of exposure via a hacked FTP account, or a leaking web service is minimal.
To reconfigure the asp.Net process model to use the new password search web.config for the processmodel tag and enter or change the identity parameters to contain your new password
<processmodel
...
userName="ASPNET" password="ASPNETpassword"
...
/>
Don't forget to restart IIS.
Comments