Hello All,,
I am just wondering what account usually people put their application pools
under? Low privilage or high privilage account?
If we put our application pools under low privilage accounts ,then
developers have to use impersonation to get enough permissions required to
get their code working and this results in having username/passwords in
clear text or in best case senario encrypted. On the other hand microsft
does not recommand putting app pools in high privilage accounts. I'd like to
know what is the best pratice for this?
Thanks a lot