IIS Application pools are used to separate sets of IIS worker processes that share the same configuration and application boundaries. Application pools used to isolate our web application for better security, reliability, and availability and performance and keep running with out impacting each other . The worker process serves as the process boundary that separates each application pool so that when one worker process or application is having an issue or recycles, other applications or worker processes are not affected.
One Application Pool can have multiple worker process. (Ref:http://technet.microsoft.com/en-us/library/cc735247%28WS.10%29.aspx)
One Application Pool can have multiple worker process. (Ref:http://technet.microsoft.com/en-us/library/cc735247%28WS.10%29.aspx)
Main Point to Remember:
1. Isolation of Different Web Application
2. Individual worker process for different web application
3. More reliably web application
4. Better Performance
1. Isolation of Different Web Application
2. Individual worker process for different web application
3. More reliably web application
4. Better Performance
It may happen that while managing or testing multiple web applications we create many application pool(s) in the IIS. Thus, there is always the possibility that we may forget the password of an account that we have used for the some application pool. In order to retrieve the credentials we can use the utility called APPCMD.
1. Let us assume that we have forgotten the password of the account that is used by a “Demo User” application pool.
Application Pool
2. Open the command prompt by browsing Start menu -> Accessories -> Command Prompt. Right click on Command prompt and select “Run as Administrator” option from the context menu.
Tip: You can also select CMD and press CTRL + Shift + Enter to Start Command Prompt as Administrator or with Machine Administrator rights
3. Browse the following path on command prompt “%systemroot%\system32\inetsrv” and run
APPCMD list apppool “Demo User” /text:*
(The directory will most likely be C:\Windows\System32\inetsrv)
Replace “Demo User” with the App Pool name of which you want to retrieve the password.
Command
4. Under the [processModel] section you will get the username and password which is in Clear Text .
Output showing credentials
The remediation for this is very simple; use service accounts like Network Service, Network, etc. So, even if someone has access to the system and tries same steps as above to retrieve the user account password, he wont be able to do that.
1. Application pool “Dos” with Network Service account
Application Pool for Network Service
2. Running the same command as we ran in earlier in this post i.e. APPCMD list apppool “Dos” /text:*
Command
3. Checking the output
Output for Network Service
No comments:
Post a Comment