IIS Permissions/accounts etc - advice needed

What’s the recommended practice for running UD under IIS application pools?

I need to be able to query remote systems, which obviously means using accounts with the correct credentials. I can either run the App pool with domain identity that has the requisite permissions (and modify webroot NTFS permissions, add batch log on rights etc.), or run the pool under the default identity and dip into some kind of credential store to retrieve the user credential.

How is everyone else doing it?

hi @fromtheinternet!

As of yesterday:
I solve this with @adam 's new module pssecretstore:

Run IIS with the defualt user, and load credentials dynamically from the secret store :slight_smile:

Note: this is also the demonstrated method of storing credentials in UA.

1 Like

Excellent. I’ll take a look at using this method, as it saves on a bunch of server reconfiguration (and the Change management processes that would entail…).