I have a need to find out where an account is being used by an application pool so that I can reset its password. Due to poor documentation, it's unclear if it has been used or where it is. It could potentially be in use by an application pool on any of the servers here, either for a web application or Sharepoint instance. I have looked at IIS on some of the servers I suspected but so far haven't tracked it down.
It's a domain account called IisUser that was specifically created for use with IIS. I was hoping there may be a powershell command I could run, or something similar?
If this isn't possible, to avoid breaking any existing applications, what would I need to do in order to create a suitable user for application pools to use? Specifically for querying LDAP servers. I'm running into errors like System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) or Unable to cast object of type 'System.DirectoryServices.AccountManagement.GroupPrincipal' to type 'System.DirectoryServices.AccountManagement.UserPrincipal'. with an application that's trying to talk to LDAP. It works locally but not on a webserver. I found some suggested fixes for this, like changing the apppool to NETWORKSERVICE or changing various webconfig settings but nothing worked. I know that the IisUser account will work though! I just don't know the password and can't reset it until I know where it is used.
First of all refer to this post here:
How to list all the services running with a service account in a server using Powershell
Always use the search on here before posting a question.
If for some reason the above solution is not working, do the following dirty work below:
1.On your server go to SharePoint Central Administration
2. Go to Monitoring >> Configure diagnostic logging
3. Choose what type of services you want to log. Careful not to choose all of them because you will flood the log and kill performance.
4. Download a small app called "SharePoint Log viewer" here:
https://sharepointlogviewer.codeplex.com/
It's a free and very useful app.
5. Open one of the logs in the viewer, set filter to "Any Field" and filter with the username IisUser.
If you don't find any records match, load a different log until you do.
6. If you still can't find anything in relation to the user, uncheck your previous selection in Configure diagnostic logging and make a new selection.
7. Go through the logs again. Repeat the process until you find a match.