Well as I’ve seen it; its quite easy to handle it in IIS7 where you can set which anonymous user to be used for anonymous access. But for IIS6; there is no option provided in IIS6 settings to change it.
A certain question raise:-
What exactly is the purpose of configuring IIS 6's application pools to run under user accounts different from "network service"? It doesn't seem to have any impact on ASP pages, as they are always executed under the user account which is actually accessing the page.
If IIS is configured to allow anonymous access to a website using an account called "AccountA" and the application pool used by the website is configured to run using an account called "AccountB", an ASP page gets executed with AccountA's credentials; I have verified this with pages that access a SQL Server database using Windows integrated authentication, by only allowing
AccountA to login to the database.
So, what's the purpose of the application pool identity? What is actually done with this account's credentials? How does it impact security on a web server which is hosting several websites?
ASP.NET content (and other types of content) are processed using the webapplication pool's identity (when impersonation is not enabled) Classic ASP files and files handled by the IIS static file handler alwayshave "impersonation" enabled, and will be accessed by either the configureAnonymous User account, or the account entered by the end user
When user enable .net scripting language from panel (even if it map by default with new site creation) HC adds Network Service user permissions on the domain.com/www folder. HC set the application pool identity " Network Service " so basically this is the user which must have permissions on the www folder to execute ASP script pages.
On the other hand website anonymous user we give it READ permissions so that website could be accessed by any user without prompting for authentication.
We are planning to change new application pool creation mechanism in IIS7 where HC will set domain Owner as a identity in the application pool and this integration will be included in future releases.