Is it possible/advisable to run multiple sites app pools using the same domain account

654 views Asked by At

I've got a rather unwieldy legacy intranet app that does a lot of file manipulations across multiple network shares (file reads, moves, deletes, creates directories, etc) and I want to set up a preproduction instance. Currently the app pool is running under a domain account that has been granted access to all these scattered directories. I'm wondering if running a second instance of the site (different server) using the same domain account would be an issue.

This doesn't seem to be an easy question to formulate in a way to get a useful answer out of google. Anyone have any experience doing this? I would rather not have to create more accounts and track down all the locations that would require added permissions if I don't have to.

1

There are 1 answers

1
Jokies Ding On BEST ANSWER

The aim to set different application pool identity for different application pools is to restrict the limit for application pool. Independent application pool will isolation NTFS permission from accessing the files that the web app shouldn't reach. Just in case the server are under vulnerability attack.

Of course, if you are hosting your web apps in a isolated network environment, you could share your domain account for multiple application pools.

As Lex said, consult your network administrator would get more practical answer.