Part A:配置应用程序池

假设应用程序池名为“myypool” 从IIS管理器转到应用程序池的“高级设置”

向下滚动到“身份”。尝试编辑该值将弹出一个对话框。选择“内置帐户”，并在其下面选择“ApplicationPoolIdentity”。 在“身份”下面几行，你应该找到“加载用户配置文件”。这个值应该设置为“True”。

第二部分:配置网站

Website Name: SiteName (just an example) Physical Path: C:\Whatever (just an example) Connect as... : Application User (pass-through authentication) (The above settings can be found in 'Basic Settings' of the site in the IIS Manager) After configuring the basic settings, look for the 'Authentication' configuration under 'IIS' in the main console of the site. Open it. You should see an option for 'Anonymous Authentication'. Make sure it is enabled. Then right click and 'Edit...' it. Select 'Application Pool Identity'.

C部分:配置文件夹

有问题的文件夹是C:\Whatever

Go to Properties - Sharing - Advanced Sharing - Permissions, and tick 'Share this folder' In the same dialog box, you will find a button 'Permissions'. Click it. A new dialog box will open. Click 'Add'. A new dialog box 'Select Users or Groups' will open. Under 'From this location' make sure the name is the same as your local host computer. Then, under 'Enter the object names', type 'IIS AppPool\MyPool' and click 'Check Names' and then 'Ok' Give full sharing permissions for 'MyPool' user. Apply it and close the folder properties Open folder properties again. This time, go to Security - Advanced - Permission, and click Add. There will be an option 'Select a Principal' at the top, or some other option to choose a user. Click it. The 'Select Users or Groups' dialog box will open again. Repeat step 4. Give all or as many permissions you need to the 'MyPool' user. Check 'Replace all child object permissions..." and Apply and close.

您现在应该能够使用浏览网站

乔恩·亚当斯的最佳回答

下面是如何为PowerShell实现这个功能

$IncommingPath = "F:\WebContent"
$Acl = Get-Acl $IncommingPath
$Ar = New-Object  system.security.accesscontrol.filesystemaccessrule("IIS AppPool\DefaultAppPool","FullControl","ContainerInherit, ObjectInherit", "None", "Allow")
$Acl.SetAccessRule($Ar)
Set-Acl $IncommingPath $Acl

在解析名称时，请记住使用服务器的本地名称，而不是域名

IIS AppPool\DefaultAppPool

(只是一个提醒，因为这让我有点困惑):

Part A:配置应用程序池

假设应用程序池名为“myypool” 从IIS管理器转到应用程序池的“高级设置”

向下滚动到“身份”。尝试编辑该值将弹出一个对话框。选择“内置帐户”，并在其下面选择“ApplicationPoolIdentity”。 在“身份”下面几行，你应该找到“加载用户配置文件”。这个值应该设置为“True”。

第二部分:配置网站

Website Name: SiteName (just an example) Physical Path: C:\Whatever (just an example) Connect as... : Application User (pass-through authentication) (The above settings can be found in 'Basic Settings' of the site in the IIS Manager) After configuring the basic settings, look for the 'Authentication' configuration under 'IIS' in the main console of the site. Open it. You should see an option for 'Anonymous Authentication'. Make sure it is enabled. Then right click and 'Edit...' it. Select 'Application Pool Identity'.

C部分:配置文件夹

有问题的文件夹是C:\Whatever

Go to Properties - Sharing - Advanced Sharing - Permissions, and tick 'Share this folder' In the same dialog box, you will find a button 'Permissions'. Click it. A new dialog box will open. Click 'Add'. A new dialog box 'Select Users or Groups' will open. Under 'From this location' make sure the name is the same as your local host computer. Then, under 'Enter the object names', type 'IIS AppPool\MyPool' and click 'Check Names' and then 'Ok' Give full sharing permissions for 'MyPool' user. Apply it and close the folder properties Open folder properties again. This time, go to Security - Advanced - Permission, and click Add. There will be an option 'Select a Principal' at the top, or some other option to choose a user. Click it. The 'Select Users or Groups' dialog box will open again. Repeat step 4. Give all or as many permissions you need to the 'MyPool' user. Check 'Replace all child object permissions..." and Apply and close.

您现在应该能够使用浏览网站

在Windows Server 2008(r2)上，您不能通过属性->安全性为文件夹分配应用程序池标识。你可以使用以下命令通过管理命令提示符来完成:

icacls "c:\yourdirectory" /t /grant "IIS AppPool\DefaultAppPool":(R)

ApplicationPoolIdentity实际上是IIS7+中使用的最佳实践。这是一个动态创建的、无特权的帐户。要为特定的应用程序池添加文件系统安全性，请参阅IIS.net的“应用程序池标识”。快速版本:

如果应用程序池命名为“DefaultAppPool”(如果命名不同，只需替换下面的文本)

Open Windows Explorer Select a file or directory. Right click the file and select "Properties" Select the "Security" tab Click the "Edit" and then "Add" button Click the "Locations" button and make sure you select the local machine. (Not the Windows domain if the server belongs to one.) Enter "IIS AppPool\DefaultAppPool" in the "Enter the object names to select:" text box. (Don't forget to change "DefaultAppPool" here to whatever you named your application pool.) Click the "Check Names" button and click "OK".