IIS Application Host SID Mapping Configuration

Applies To: Windows Server 2008 R2

In Internet Information Services (IIS) 6.0, separate user accounts had to be created for application pools in order to isolate them. In IIS 7.0, mapped application pool SIDs (security identifiers) make this process easier. When a new Web site is created in IIS 7.0, the site receives a new application pool with the same name as the site. The Application Host Helper Service (AppHostSvc) dynamically creates a unique application pool SID based on the application pool name, and the name is mapped to the SID. Web site resources like files and directories can then be granted permissions by using the mapped application pool SID instead of separate user identities. This enables all application pools to run under the same default Network Service account, yet remain isolated.

Events

Event ID Source Message

9000

Microsoft-Windows-IIS-APPHOSTSVC

The Application Host Helper Service encountered an error while reading the data for SID mapping. Please ensure that the application pool name data is correct in the configuration file. To resolve this issue, please recommit the changes or restart this service. The data field contains the error number.

9001

Microsoft-Windows-IIS-APPHOSTSVC

The Application Host Helper Service encountered an error while adding the mapping for the application pool name '%1' to its SID. That particular SID is already mapped to another application pool name, causing a conflict. To resolve this issue, please change the name of this application pool. The data field contains the error number.

9002

Microsoft-Windows-IIS-APPHOSTSVC

The Application Host Helper Service encountered an error while mapping the application pool names to their respective SIDs. Some app pool SIDs will not be resolved properly under the 'IIS APPPOOL' namespace. To resolve this issue, please recommit the changes or restart the service. The data field contains the error number.

9003

Microsoft-Windows-IIS-APPHOSTSVC

The Application Host Helper Service encountered an error while removing the mapping for the application pool name '%1' to its SID. To resolve this issue, please recommit the changes or restart the service. The data field contains the error number.

9004

Microsoft-Windows-IIS-APPHOSTSVC

The Application Host Helper Service encountered an error while adding multiple mappings for application pool names to their SIDs. To resolve this issue, please recommit the changes and restart the service. The data field contains the error number.

9005

Microsoft-Windows-IIS-APPHOSTSVC

The Application Host Helper Service encountered an error while adding the mapping for the application pool name '%1' to its SID. To resolve this issue, please recommit the changes or restart the service. The data field contains the error number.

IIS Application Host Helper Service (AppHostSvc)

Internet Information Services (IIS) 7.5