I am setting up a new web server and trying to use the new Application Pool Identities available in Windows Server 2008 R2 (as described here: http://learn.iis.net/page.aspx/624/application-pool-identities/) to secure the folder structure.
However, it seems that PHP is still using the local IUSR account even though I have set FastCGI impersonation to true in php.ini – how can I get PHP to operate under the Application Pool Identity?
The folder in question is a shared cache directory outside c:\inetpub\wwwroot. When I give IIS_APPPOOL\DefaultAppPool modify privileges, the PHP files cannot access the folder but they can when I give privileges to SERVERNAME\IUSR (or the Users group).
PHP 5.3 is installed using Web Platform Installer in IIS.
The PHP application is using Zend_Cache if that makes a difference.
Best Answer
The answer was to change the anonymous identity in Site -> Authentication -> Anonymous Authentication -> Edit to "Application Pool Identity".