Novell is now a part of Micro Focus

My Favorites


Please to see your favorites.

Configure Service Account eDirectory Login for IIS 7.5 application pool

This document (7011952) is provided subject to the disclaimer at the end of this document.


Novell Client 2 SP3 for Windows Server 2008 R2
Windows Server 20008 R2 IIS 7.5
Application Pool


"Service Account eDirectory Login" configuration is not working for Windows 2008 IIS 7.5 application pool.
The application pool is configured to run as a local user, but the running instance of w3wp.exe cannot access the eDirectory path.


As described in TID 7008266, create the Service Account eDirectory Login configuration for enabling an eDirectory login attempt to occur whenever Windows starts up this service. Use [HKEY_LOCAL_MACHINE\Software\Novell\Login\Service Account eDirectory Login\<>] for this configuration. Do not set the website to "Connect as".

For example, if the Windows service was configured to log on with a Windows user account named "AntiVirusUpdateUser", the registry key that needs to be created is [HKEY_LOCAL_MACHINE\Software\Novell\Login\Service Account eDirectory Login\AntiVirusUpdateUser].

In addition, modify the following registry settings used by the IIS service.  These settings are needed to remove the dependency over directory change notification and use the polling based change notification.

Under the [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\W3SVC\Parameters] subkey, create a 32-bit DWORD value:
"ConfigPollMilliSeconds" with data 0x00001388

Under the [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\InetInfo\Parameters] subkey, create two 32-bit DWORD values:
"DoDirMonitoringForUnc" with data 0x00000000
"FileAttributeCheckThreshold" with data 0x00000005

Under the [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ASP\Parameters] subkey, create two 32-bit DWORD values:
"FileMonitoringTimeoutSeconds" with data 0x00000005
"EnableChangeNotificationForUNC" with data 0x00000000

Additional Information

1. If the Application Pool has a Windows User as identity, NPLogonNotify is called with that specific user name. If DefaultPassword is not defined that user's password is used.
2. If the Application Pool has the "ApplicationPoolIdentity" identity, NPLogonNotify is called with the Site name. Normally, because this is not a Windows account the DefaultPassword registry value must be defined for authentication to succeed.
3. If the Application Pool has the "NetworkService" identity assigned, ASP.NET impersonation must be enabled and that Windows user assigned to it.


This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7011952
  • Creation Date:14-MAR-13
  • Modified Date:27-OCT-15
    • NovellClient for Open Enterprise Server (Client)

Did this document solve your problem? Provide Feedback