Here's how to configure a different account (local account or domain account) so it has sufficient permissions to run an IIS6 Application Pool for ASP.NET applications:
- Add the account to the local IIS_WPG security group.
- Open the Group Policy Editor for the local computer (gpedit.msc)
- Drill down to: Local Computer Policy/Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignments
- Add the new identity account to the following polices:
- Adjust memory quotas for a process
- Logon as a service
- Replace a process level token
- If your web application is going to host any web services, you need to also give your account Delete access to the C:\WINDOWS\Temp directory. Note: this is done via the Advanced dialog in the Security page of the Explorer folder properties dialog box.