Problem
The SMB Mount / File Share for the web folders directory should be accessible for the admins but not for unauthorized people
After setting the File Sharing permissions to that, the web applications shows HTTP error code 500 what means that the Microsoft IIS worker process does not have enough privileges.
Approach
To ensure, that the Microsoft IIS Server worker process has enough privileges to execute ASP.NET in the Directory and to prevent unauthorized access to the SMB Mount of the web application,the following settings should be applied
- Add the user „Network share“ with Read/Write permissions to the folders directory
- Configure the Application Pools identity to „Network Service“
Solution
- Connect to the web server via Remote Desktop Connection (RDP)
- Right-click the folder
- Select the tab sharing and click on the button „Share“
- Search for user „Network Service“ and press the add button
- Set the Permission Level „Read/Write“ to the user „Network Service“
- Hit the apply button
- Open the Microsoft IIS Server Manager
- Select „Application Pools“ from the left side bar
- Select the appropriate application / pool entry
- Select „Set Application Pool Defaults“ from the right side bar
- Search the Entry „Identity“ and press the „…“ Selector Button on the right side
- Set the Identity to „Network Service“ to allow that user to execute ASP.NET as default user