Impersonation fails with IIS Express when User Account Control (UAC) is enabled
This article helps you resolve the problem where an impersonation fails with Microsoft Internet Information Services (IIS) Express when User Account Control (UAC) is enabled.
Original product version: Internet Information Services Express
Original KB number: 2701070
Consider the following scenario:
You're running a web application in IIS Express with Visual Studio. The application is configured for Anonymous authentication, and uses impersonation of a service account to access a backend SQL database. When browsing to the web application with a web browser, an error message similar to the following example is displayed:
Server Error in /my_app Application.
Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately.
Parser Error Message: An error occurred loading a configuration file: Failed to start monitoring changes to C:\mysite\web\my_app\default.aspx.
[No relevant source lines]
Source File: C:\mysite\web\my_app\default.aspx\web.config Line: 0
Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.17379
This problem occurs when the impersonation account is running as non-elevated (UAC).
For impersonation to work, the user must have the
SeImpersonatePrivilege privilege. However, with UAC enabled the
SeImpersonatePrivilege privilege is stripped from the impersonation token, so impersonation fails.
To resolve this problem, run IIS Express as an administrator if you need to use impersonation in the web application.