Friday, February 4, 2011

How to solve "The identity of application pool '%1' is invalid, so the World Wide Web Publishing Service can not create a worker process to serve the application pool. Therefore, the application pool has been disabled." error

A user is considered invalid if it isn't a member of IIS_WPG (Internet Information Services Worker Process Group) or it hasn't been granted the right to logon as a service. To check and possibly fix the latter, follow these steps:
  1. Run Local Security Policy applet which is usually under Administrative Tools or you can Start>Run with "secpol.msc".
  2. Expand the Local Policies node and click User Rights Assignment.
  3. Open the "Log on as service" policy either by double-clicking or right-clicking and selecting Properties.
  4. Click "Add User or Group..." and enter the name of the user for the app pool's identity.
  5. Restart the machine. The security policy is only read on boot.
If this doesn't solve the problem, or for more detailed information you can check the Security Event Log for the user you specified as the identity around the time the problem occurred. There will usually be three entries under the categories: Logon/Logoff, Privilege Use, and then another Logon/Logoff. You can look at these to see what privileges that user was granted when it logged in, what came up when privileges were queried, etc. It's fairly hefty material. Source