How to Retrieve/Decrypt Password of an Application Pool in IIS 7.0 or 7.5?
If you ever forgot the password of the account used by a particular Application Pool in IIS 7.0 or 7.5, and would like to retrieve the same. You can use APPCMD to do the same.
1. Let’s assume we do not know or have forgot the password of the account used by the Site_App_Pool Application pool and for some reason we cannot reset the password of the same.
2. Right click on Command Prompt and click on “Run as Administrator”
Tip: You can also select CMD and press CTRL + Shift + Enter to Start Command Prompt as Administrator or with Machine Administrator rights [More on Machine Administrator in another Post]
3. Run the following %systemroot%\system32\inetsrv\APPCMD list apppool “Site_App_Pool” /text:*
or Browse to C:\Windows\System32\inetsrv and run APPCMD list apppool “Site_App_Pool” /text:*
Replace “Site_App_Pool” with the App Pool name of which you want to retrieve the password.
4. Under the [processModel] section you will get your password which is in Clear text. [The credentials shown below are setup for this example only].
As mentioned above similar to IIS 6.0, where the password for the application pool was stored in Clear text, so does IIS 7.0 & IIS 7.5 stores it in clear text which you can see from the above example.
And here’s where the least-privilege part comes into play for all those who are running there SharePoint environment with Accounts which has rights more than needed, as getting the password now is more easy than it was for IIS 6.0. Finally a word of caution always perform a least-privileged installation of your SharePoint environment, meaning the Application Pool account doesn’t get more permissions than needed.
5 thoughts on “How to Retrieve/Decrypt Password of an Application Pool in IIS 7.0 or 7.5?”
AnonymousJune 20, 2011
I like this specific post, many thanks for sharing this with us….
Daniel MartensJuly 18, 2013
Thanks for your marvelous posting! I quite enjoyed reading it, you happen to be
a great author. I will make certain to bookmark your blog and will eventually come
back from now on. I want to encourage yourself to continue your great posts, have a nice afternoon!
JamesSeptember 5, 2013
Great delivery. Outstanding. Keep up the good spirit.
PalSeptember 19, 2014
Ted LasseterFebruary 12, 2015
Thank You for helping me out. I had an app pool account locked out on multiple servers and wanted to find out what was going on. Bammo, it worked 🙂
Leave a reply