ASP.Net error: “The identity of application pool is invalid”

Have you enabled "Log on as a service" for the account?

Start -> Control Panel -> Administrative Tools -> Local Security Policy -> Local Policies -> User Rights Assignment -> Log on as a service

(make sure your account is in this list directly or indirectly; it has also been suggested that you should set: Access this computer from the network; Deny logon locally; Log on as a batch job)

Also - ensure that the account has "Read & Execute", "List Folder Contents" and "Read" access to the file system that underpins the web site/application.

Try running the following command in the C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727 folder:

aspnet_regiis -ga <your_app_pool_user>

For more info on configuring a user account to use as an application pool identity see the following article:

How To: Create a Service Account for an ASP.NET 2.0 Application (MSDN)

Make sure there's a folder called c:\inetpub\temp\apppools. If not, create it.

Make sure the user account trying to access the app pool is a member of the IIS_USRS group in AD.

What's happening is you are likely running your application inside a pool that is running applications using a different version of the .NET framework. Make sure that all your applications inside that pool are running the same version. If those apps must run under a different version than this one, create a new pool and add your app to it.

I know this is simple, but have you checked the password is correct?

Having had this issue before and not being able to track the reason I sympathise! Some pointers that might help:

• Check the password is correct (sorry has to be said)
• Use a new app pool in which no other website is running
• Ensure that you have run aspnet_regiis -ga to set up the required permissions

If all else fails: - Stop the app and delete the app pool - Delete the user - Re-create the user - Run aspnet_regiis -ga - Set up a new app pool running under this user - Run the site under this pool That along with copying and pasting the complex password I was using worked for me!

Do you have a group policy somewehere that is pulling the account out of the iis_wpg group? We have this (or a similar) problem frequently when, for whatever reason, a worker process or a service needs to run under a custom account.

The app pool user account might be locked out.

Another way this can happen is if you have CGI scripts. By default, CGI scripts run as the Windows user accessing the web site. In order to run your CGI scripts under a specific account, account you need an extra step:

IIS 7+

Go to the CGI section in your web site's config in inetmgr.exe. Set impersonation to false.

IIS 6

Run these commands as an administrator:

cd \inetpub\adminscripts
cscript.exe Adsutil.vbs SET W3Svc/CreateProcessAsUser false

Next step: get your IT department to upgrade all of your WS2003 machines...

After following all of the other suggestions:

1. Check "Log on as a service" and "Log on as a batch job" permissions
2. Check folder permissions, c:\Windows\system32\inetsrv, etc.
3. In Metabase Explorer check permissions for IIS_WPG group

Remember to restart the IIS admin service!

Another minor thing worth mentioning might be that, if it is a new user account created by an administrator, a default policy might apply like 'change your password at first logon'. If that is the case and that logon has not yet happened, this will also effectively block the user account from running your service.

This does not apply to the OP's case since he mentions he can login interactively using the account, but I ran into this today and somebody else might too.

In my case the problem was that I was trying to use a domain account while the domain controller had an issue with my machine. I had just created a new VM with a newer version of Windows (Windows 10) and had asked the domain administrator to add it to the domain, but I kept the same hostname as on my other machine.

Also, in the Event Viewer I found error messages concerning the domain controller and such, that gave me a clue.

I had to remove the machine from the domain and add it again, and the problem was solved.

Posting a simple answer for completeness because I was getting the same error but what fixed it for me was to include the domain with the username when setting the identity. The user was a valid domain user and a user for the server and I added it to the IIS_ group manually but no dice until I tried adding the domain as a prefix, e.g. "us\svc-myAccount".

After trying all of the above and nothing worked, I noticed the event data in the event log error was 80070700. googling for this error yielded "An attempt was made to logon, but the network logon service was not started."

I found the NetLogon service wasn't started, started it and bingo - it sprung into life. hope this helps someone else one day

I had this same issue and fought with it for quite a while. After attempting many different solutions, I uninstalled and reinstalled IIS. After rebooting the server, everything was fixed.