IIS App Pool Identity vs. Windows Account
What are the pro's and con's of using the built in App Pool Identity in IIS as opposed to specifying a Windows account?
For SQL Server if you want to connect from a .Net application using Windows Authentication I presume that if I use an App Pool Identity, I must associate this with a user in SQL Server or give that App Pool Identity access to by db?
Are App Pool Identities just added as convenience so that you dont have to set up accounts for your App Pools?
Answer
The built in account used is specific to the computer. If applications inside the app pool need to connect to other resources on the network (database servers, file shares, etc) then using a (windows) domain account may be a better option. When you specify a domain account you must ensure they have the correct file permissions set on the physical folders that IIS is using. In later operating systems - you can add this account to the IIS_IUSRS group to achieve the default permissions.