How to Fix Login failed for user 'IIS APPPOOL\ASP.NET v4.0' error in IIS7

by Updated June 26, 2021

After running a ASP.NET website on IIS 7.5 for the first time on a Windows 7 computer, I was faced with the following error message:

Login failed for user 'IIS APPPOOL\ASP.NET v4.0'. 
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. 

Exception Details: System.Data.SqlClient.SqlException: Login failed for user 'IIS APPPOOL\ASP.NET v4.0'.

To fix this issue, try changing the (Process Model) Identity of your website's Application Pool to use the NetworkService account (or the less secure LocalSystem account).  By default, IIS7 seems to set the Application Pools Identity to 'ApplicationPoolIdentity', instead of NetworkService or LocalSystem. 

Here's a step-by-step guide for determining your websites Application Pool, then changing its Process Model Identity in IIS7: 

  1. Open Internet Information Services (IIS) Manger.
  2. In the Connections sidebar, drill down into Default Web Site and click on your website.
  3. Now in the Actions sidebar (on right side), click on Advance Settings... In the popup box, under General you will see your Application Pool listed for your website (in my case the app pool is: ASP.NET V4.0).
  4. Click Cancel...  If you choose, you can change the Application Pool here, but for the sake of this example we just wanted to find out what the website's App Pool was.

Now that we know the Application Pool that is configured for your website, we now want to change the app pool's (Process Model) Identity to 'NetworkService', here's how:

  1. Open Internet Information Services (IIS) Manger.
  2. In the Connections sidebar, click on Application Pools.
  3. Now right-click on the Application Pool that your website is using (in this case my site is using the ASP.NET v4.0 application pool), and select Advanced Settings... from the menu.
  4. In the Advanced Settings pop-up box, locate the Process Model -> Identity section and click on the Application Pool Identity. 
  5. In the Application Pool Identity pop-up box, change the Built-in account to NetworkService (or if you want LocalSystem), then click OK, and click OK again to save your Advanced Settings changes.

After changing the Application Pool's Identity to NetworkService (or LocalSystem) you should now be able to get your ASP.NET site to run successfully on an IIS7 web server.

NOTE: It really is not considered the safest as far as security is concerned to use NetworkService or LocalSystem as the Application Pool.  It is actually much better to use a sites application pool such as: MySiteName_AppPool.  To do so, you would need to give the username MySiteName_AppPool "Read" and "Write" permissions to any folder on your Website that you will be uploading content or deleting content (such as pictures, media, etc.).  Such as C: -> inetpub -> wwwroot -> MySiteName -> "somedirectoryfolder" would need "Read" and "Write" permission for the username MySiteName_AppPool. 

To do this, go to C: -> inetpub -> wwwroot -> and right click on your sites folder "MySiteName" -> then click Properties --> then select the Security tab -> click Edit -> then click Add -> Within the "Enter the object names to select, type: "IIS APPPOOL\MySiteName_AppPool" and click OK -> then in the Permissions for box, make sure to Allow Read and Write and/or check all with Full Control then click OK.

In your SQL Server database, you would then create a Login with the UserName: IIS APPPOOL\MySiteName_AppPool and then make the User Mapping for the logins Default Schema "dbo" and make sure the Database role membership has "db_owner" checked.

 


0
49

49 Comments

anonymous by René Goycochea on 6/7/2010
Thank you so much. It really helped me :) to deploy me VWD Express 2010 project.
Doug by Doug on 6/8/2010
Hey Rene... Glad the how-to helped you out!
anonymous by db112 on 6/8/2010
Thanx a lot it works
anonymous by Ok, Thank you very much on 7/30/2010
Ok, Thank you very much
anonymous by Dennis on 8/4/2010
Thanks a lot! This solves my problem!
anonymous by Deco on 9/1/2010
Brilliant, thank you
anonymous by Cagatay on 9/5/2010
thanks man you save my day
anonymous by Martin on 9/15/2010
Thank a lot, it saves time and helps solving the problem
anonymous by Tony on 9/18/2010
Great workthrough, saved me a lot of time. Thanks!
anonymous by Adil on 9/26/2010
Thanks alot.
anonymous by Andrei on 10/17/2010
Maaaaaan...!!!! I've been looking for hours to get an answer on this and I just foundd it here... really really good and helpful as well.
anonymous by Sajid on 10/27/2010
:-((((((((

I followed the above steps and now I am getting bellow error

"Login failed for user 'NT AUTHORITY\NETWORK SERVICE'. "
anonymous by Maikol on 12/9/2010
Me too!!!
It just run with LocalSystem
anonymous by vijai on 12/18/2010
Thanks yyou
anonymous by Zimbabwe [trezim] on 1/17/2011
@Sajid dont be sad. i faced the same situation today. it worked only with LocalSystem. i however found a work-around
Step1 if you are using SQL server add under DB>>SECURITY>>USERS a new user with name 'sa' & under LoginName select NT AUTHORITY\NETWORK SERVICE then under default schema choose dbo. finally select all roles
Step 2 click OK & kambooo
anonymous by Thanks! on 1/18/2011
Thanks for the clear instructions here. Keep up the good work.
anonymous by Nigeria on 3/30/2011
Thanks a lot. This really worked.
anonymous by Manivannan on 5/13/2011
Thanks dude..
anonymous by Allen on 5/18/2011
Great!!! I love you :)
anonymous by getmesar on 6/5/2011
Thanks a lot man... :)
anonymous by kris on 7/6/2011
thanks, this saved my life...
anonymous by Dan. on 7/11/2011
Jesus christ you should get a f*cking medal for posting this. THANK YOU.
anonymous by Ruhollah Moeini zadeh on 7/31/2011
Thanks, solved my problem (in windows 7 !)
anonymous by rj on 8/2/2011
thank you so much!
anonymous by Speedophile SA on 8/11/2011
Thank you so much!
anonymous by Saravanan on 9/7/2011
Thank you... It really worked!....
anonymous by Ashish on 9/14/2011
THANKS A LOT DOUG..
Doug by Doug on 9/14/2011
Absolutely, it's good to hear this solution is helping people out.
anonymous by Gil on 10/20/2011
Thanks a lot man!
anonymous by Sovik on 10/31/2011
Thank you...
A lot of thanks
anonymous by Rodney H on 11/22/2011
Great help! Thank you!
anonymous by Viktor on 11/22/2011
Thanks for the post! You've helped my team as well!
anonymous by Melih on 1/8/2012
Thank you very much.
anonymous by Murali on 2/15/2012
Thank u very much...
anonymous by Ali Tabatabaei on 2/23/2012
Thank you very much. this solved my problem, too.
anonymous by Abdullah Ashi on 3/6/2012
Thaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaanx alot
anonymous by Andrew on 4/1/2012
This works, but it's a workaround. Windows 7/Server 2008 uses ApplicationPoolIdentity for a reason. Namely security and isolation. Changing it to NetworkService or LocalService isn't the right way to go. You should explicitly grant read/write access to the relevant IIS APPPOOL account for the specific database you are using with ASP.NET. db_reader and db_writer are usually the minimum required.
anonymous by LincolnV on 6/11/2012
another satisfied reader. Thank you.
Just wonder in the future if I have several websites that using 'ASP.NET v4.0' application pool, will by setting Process Identity to 'Local System' gonna cause conflicts.
anonymous by System Analyst on 7/31/2012
Wow..Great....
anonymous by For Sajid on 7/31/2012
Add NT AUTHORITY\NETWORK SERVICE as security Login
anonymous by ovargas on 9/5/2012
Thank a lot.... This issue was driving me crazy. (Windows 7 64 Bits Home Premium)
anonymous by Maho on 9/24/2012
thank you, this solution helped me a lot.
anonymous by Z.E on 10/7/2012
thanks a lot, this solution is very helpfull.
anonymous by ahmed on 11/28/2012
excellent :), thank you
anonymous by Ali Ahameh on 5/3/2013
Thank you so much. It really helped me ...
anonymous by ib on 6/30/2013
Thanks very much. After reading incomprehensible gibberish all day yesterday and getting nowhere. I finally got it working thanks to you, and so I get to spend the rest of the day with my kids. thanks again. you bring a little happiness.
anonymous by Douglas on 10/24/2013
Thanks, exactly what I need!
anonymous by David on 11/2/2013
Thank you very much. It's just what I need
anonymous by Sridhar on 11/8/2013
Thank you.

Add your comment

by Anonymous - Already have an account? Login now!
Your Name:

Comment:
Enter the text you see in the image below
What do you see?
Can't read the image? View a new one.
Your comment will appear after being approved.

Related Posts


If you do any sort of ASP.NET programming there usually comes a time when you need to get a websites Base URL. The following shows two examples, the first example shows how to get the Base Site Url using C#, which can be used for getting both the...  more »

This is one of those simple web page design things that can drive a web developer absolutely crazy.  more »

The AjaxFileUpload control that's part of the AJAX Control Toolkit, works great for easily uploading multiple files at once. However, it gets a little tricky if you want to update an UpdatePanel after all the files have finished uploading, especially if...  more »

Adding a CSS border to an ASP.NET Image control was a mystery to me for the longest time. While you could easily use an html image and add the runat="server" to it and then add CSS, I really wanted to use an asp:Image control along with a CSS border....  more »

Here's how you can add "nofollow" tags to links generated by a Sitemap file that is bound to an ASP.NET Repeater control using a SiteMapDataSource. I'm currently using this technique for the footer links of GotKnowHow.com, so if you View Source of the...  more »

So below I'm going to share with you a fairly easy to use and understand ASP.NET User Control that allows you to pick a Date (with the ajaxToolkit CalenderExtender) and also select the Time of day using a drop down list. I've named the control...  more »

You may need to have an image refreshed automatically on a web page in ASP.NET to get the latest image. One instance where you might want the fresh image is if you upload an image that has the same file name as an already existing image file on the...  more »

Here's how you can UrlEncode the plus sign (+) in a URL querystring in ASP.NET and then retrieve the plus symbol after UrlDecoding the string. In this example, I will do a postback and redirect the Server.UrlEncoded string to another page. First we will...  more »

After setting up a new Windows 7 computer with IIS 7.5 and Visual Studio 2010, I tried to start my ASP.NET 4.0 website using the Local IIS web server. However, right off the bat I was hit with the following IIS error message: HTTP Error 500.21 - Internal...  more »

Here's how to install Internet Information Services (IIS7) on a Windows 7 (or Vista) computer so that ASP.NET websites will run on the IIS7 web server. First, you will want to make sure that you are signed into an account with Administrator access on your...  more »

SQL Server Reporting Services can be a pain in the arse to set up correctly for the first time. Even after you've got things running correctly, you can sometimes run into issues, which is exactly what happened to me recently. I had setup my local...  more »