ApplicationPoolIdentity in IIS7 401 errors

We have just started to use Windows Server 2008 R2 and IIS7.5 and I'm trying to move some existing sites across from our Windows 2003 box. I can get the sites running ok but am getting 401 errors for all the CSS / Images in the sites. Granting Everyone read access will solve this - but I'm not very happy doing this.

I've read that IIS7.5 makes use of a magical new 'account' and each Application Pool has its own account.

So far I have

• Created a new folder in wwwroot for my website (kbank)
• Copied the files in from another machine
• In IIS7 created a new website (not virtual directory), this created a new Application Pool with the same name as my website. This is an Integrated Pipeline pool
• In Process Model / Identity this is using ApplicationPoolIdentity and Load User Profile is set to True
• Granted IIS AppPool\kbank read access to the root of the folder

Can anyone tell me how best to set up my websites.

Hi Shiraz, Always worth checking these things, but no the permissions were updated on all subdirectories and a restart didn't make any difference. Simon

Hi Vivek I'm a bit lost - I've removed the everyone account and yet I'm now not getting 401 errors. I don't know whether there was a delay in the permissions being applied (though a restart should have dealt with that). Pleased that is resolved though!

Why then was the answer accepted, pray tell?

@hoffmanc resetting IIS didn't do the trick, but rebooting the server did. Quite a drastic step, not one I'm proud of, but that old IT adage of "Turn it off and on again" seems to have been the answer. Surely it shouldn't have been the case, but meh!