How to Retrieve/Decrypt Password of an Application Pool in IIS 7.0 or 7.5?

If you ever forgot the password of the account used by a particular Application Pool in IIS 7.0 or 7.5, and would like to retrieve the same. You can use APPCMD to do the same.

Let’s Start

1. Let’s assume we do not know or have forgot the password of the account used by the Site_App_Pool Application pool and for some reason we cannot reset the password of the same.

2. Right click on Command Prompt and click on “Run as Administrator

Tip: You can also select CMD and press CTRL + Shift + Enter to Start Command Prompt as Administrator or with Machine Administrator rights [More on Machine Administrator in another Post]

3. Run the following %systemroot%\system32\inetsrv\APPCMD list apppool “Site_App_Pool” /text:*

or Browse to C:\Windows\System32\inetsrv and run APPCMD list apppool “Site_App_Pool” /text:*

Replace “Site_App_Pool” with the App Pool name of which you want to retrieve the password.

4. Under the [processModel] section you will get your password which is in Clear text. [The credentials shown below are setup for this example only].

Note

As mentioned above similar to IIS 6.0, where the password for the application pool was stored in Clear text, so does IIS 7.0 & IIS 7.5 stores it in clear text which you can see from the above example.

And here’s where the least-privilege part comes into play for all those who are running there SharePoint environment with Accounts which has rights more than needed, as getting the password now is more easy than it was for IIS 6.0. Finally a word of caution always perform a least-privileged installation of your SharePoint environment, meaning the Application Pool account doesn’t get more permissions than needed.