locked
IIS APPPOOL/USER not found RRS feed

  • Question

  • I have IIS 7.5, with an app pool called 'WH_1OC2N-10083', using ApplicationPoolIdentity.  Normally this creates a user that SQL 2008 R2 can use called 'IIS APPPOOL\WH_1OC2N-10083'.

    We ran into some database issues and had to restore the database, and now SQL cannot find this user and the site will not work.  I execute the following (Database name is also 'WH_1OC2N-10083')

    USE [master]
    CREATE LOGIN [IIS APPPOOL\WH_1OC2N_10083]
    FROM WINDOWS WITH DEFAULT_DATABASE=[WH_1OC2N_10083]

    USE [WH_1OC2N_10083]
    CREATE USER [IIS APPPOOL\WH_1OC2N_10083] FOR LOGIN [IIS APPPOOL\WH_1OC2N_10083]
    EXEC sp_addrolemember N'db_owner', N'IIS APPPOOL\WH_1OC2N_10083'

    Gives the following errors

    Msg 15401, Level 16, State 1, Line 2

    Windows NT user or group 'IIS APPPOOL\WH_1OC2N_10083' not found. Check the name again.

    Msg 15401, Level 16, State 1, Line 6

    Windows NT user or group 'IIS APPPOOL\WH_1OC2N_10083' not found. Check the name again.

    Msg 15410, Level 11, State 1, Procedure sp_addrolemember, Line 75

    User or role 'IIS APPPOOL\WH_1OC2N_10083' does not exist in this database.

    Additional Notes

    • I have deleted entire site, create new appool, new site = nothing
    • UAC is disabled
    • 70 other sites (with different id's) are working with this model
    • Trying to add in Login via Management Studio, search for 'IIS APPPOOL\WH_1OC2N-10083', it returns 'COMPUTERNAME\WH_1OC2N-10083', then Error "Windows NT user or group 'COMPUTERNAME\WH_1OC2N-10083' not found. Check the name again. (Microsoft SQL Server, Error: 15401)"

    It seems that our restore of the database did something to the user IIS APPPOOL\WH_1OC2N-10083

    Jason

     

    Tuesday, December 27, 2011 6:19 PM

Answers

  • You cannot accuse me to know too much about IIS. But accusations in the opposite direction would be very appropriate.

    But so much is clear than you did more than just restore the database, since you attempt to create a new login. Had you only restored a database, there would be no reason to create the login. Or for that matter to create the user, unless you created the user after you took the backup you restored.

    I note in your post that there is an inconsistency in the name of the app pool. In some places of your post it is a hyphen, in other places an underscore. That may just be an typo in your post, but I mention it, because sometimes it is the silly errors we don't see that gives us new grey hairs.


    Erland Sommarskog, SQL Server MVP, esquel@sommarskog.se
    • Marked as answer by Stephanie Lv Thursday, January 5, 2012 9:58 AM
    Tuesday, December 27, 2011 8:17 PM