Appendix . How To: Create a Custom Account to Run ASP.NET

This How To describes how to create a least privileged local account to run the ASP.NET worker process (aspnet_wp.exe) or for impersonated identities in virtual directories. Although the procedures in this How To create a local account, the same concepts apply to a domain account.

ASP.NET Worker Process Identity

The default account for running ASP.NET, created at installation time, is a least privileged local account and is specified in machine.config as follows:

<processModel enable="true" userName="machine" password="AutoGenerate" />

This account is identified as ASPNET under Local Users and Groups, and has a strong password secured in the Local System Authority (LSA).

When you need to access ...

Get Building Secure Microsoft® ASP.NET Applications now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Building Secure Microsoft® ASP.NET Applications by

Appendix . How To: Create a Custom Account to Run ASP.NET

ASP.NET Worker Process Identity

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly