Why is IIS_IUSRS used instead of IUSR for file permissions?
Here is a good documentation about groups and users used in IIS 7. IUSR is built-in account
for all anonymous authentication. IIS_IUSR is a built-in group
has access to all the necessary file and system resources so that an account, when added to this group, can seamlessly act as an application pool identity.
You need to check if Drupal has any account specifically added in the IIS_IUSR group such that giving permission to the group suffices the need.
Going through Drupal document shows that it requires the IIS build-in group permission.
On a Windows system using IIS, right-click on sites/default/settings.php and grant Modify permissions to IIS_WPG (IIS6) or IIS_IUSRS (IIS7).
Related videos on Youtube
webworm
Updated on September 17, 2022Comments
-
webworm over 1 year
I was recently setting up a Drupal install on IIS7. The setup instructions required that the IIS_IUSRS account be given, temporarily, write access to the settings.php file so it could write the database configuration to the file.
In the end I had to edit the file myself and input the database configuration details myself. What I am wondering is why the instruction specified the IIS_IUSRS account rather than the IUSR account.
Perhaps I am not properly understanding how IIS_IUSRS and IUSR differ.
-
webworm over 13 yearsThanks for the reply. So would I need to add a user to the group IIS_IUSRS for it to have any effect? You see, I did give the IIS_IUSRS group write permissions to settings.php file but Drupal still seemed unable to write to it.
-
MikeT over 13 yearsin that case I would use Process Monitor and check what permission Drupal is looking for.