Topic Last Modified: 2009-02-25

The Microsoft Exchange Server Best Practices Analyzer examines the Internet Information Services (IIS) metabase settings for the following Exchange Server virtual directories:

• Autodiscover
  
  
• EWS
  
  
• Microsoft-Server-ActiveSync
  
  
• OAB
  
  
• owa
  
  
• UnifiedMessaging
  
  

During this examination, the Best Practices Analyzer determines whether the virtual directory is configured to run in the correct application pool.

If a virtual directory is configured to use an incorrect application pool, the Best Practices Analyzer generates the following warning message, as appropriate for the particular virtual directory:

Autodiscover

The application pool '<ApplicationPoolName>' is selected for virtual directory 'Autodiscover' on server <ServerName>. It's recommended that you select application pool: 'MSExchangeAutodiscoverAppPool'. Please go into Internet Information Services (IIS) Manager and select the correct application pool.

EWS

The application pool '<ApplicationPoolName>' is selected for virtual directory 'EWS' on server <ServerName>. It's recommended that you select application pool: 'MSExchangeServicesAppPool'. Please go into Internet Information Services (IIS) Manager and select the correct application pool.

Microsoft-Server-ActiveSync virtual directory

The application pool '<ApplicationPoolName>' is selected for virtual directory 'Microsoft-Server-ActiveSync' on server <ServerName>. This will cause Direct Push failures. It's recommended that you select application pool: 'MSExchangeSyncAppPool'. Please go into Internet Information Services (IIS) Manager and select the correct application pool.

OAB

The application pool '<ApplicationPoolName>' is selected for virtual directory 'OAB' on server <ServerName>. It's recommended that you select application pool: 'DefaultAppPool'. Please go into Internet Information Services (IIS) Manager and select the correct application pool.

owa

The application pool '<ApplicationPoolName>' is selected for virtual directory 'owa' on server <ServerName>. It's recommended that you select application pool: 'MSExchangeOWAAppPool'. Please go into Internet Information Services (IIS) Manager and select the correct application pool.

UnifiedMessaging

The application pool '<ApplicationPoolName>' is selected for virtual directory 'UnifiedMessaging' on server <ServerName>. It's recommended that you select application pool: 'MSExchangeUMAppPool'. Please go into Internet Information Services (IIS) Manager and select the correct application pool.

IIS uses application pools to separate Web applications and Web sites. Each application pool is served by a worker process or by a set of worker processes. Each worker process operates as a separate instance. The worker process for one application pool is separate from worker processes for other application pools. Therefore, separating Web applications and Web sites into different application pools helps increase reliability and security. Additionally, application pools must run under the appropriate identity. This is to make sure that each Web application runs under an account that has the appropriate rights to access the server.

The following table lists the appropriate application pool and identity for each Exchange virtual directory.

Virtual directory	Application pool	Identity
Autodiscover	MSExchangeAutodiscoverAppPool	LocalSystem
EWS	MSExchangeServicesAppPool	LocalSystem
Microsoft-Server-ActiveSync	MSExchangeSyncAppPool	LocalSystem
OAB	DefaultAppPool	NetworkService
Owa	MSExchangeOWAAppPool	LocalSystem
UnifiedMessaging	MSExchangeUMAppPool	LocalSystem

To address this issue, configure each Exchange virtual directory to run in the appropriate application pool.

To configure an application pool in Windows Server 2008

1. Start the Internet Information Services (IIS) Manager MMC snap-in.

2. Expand the server name, expand Sites, expand Default Web Site, and then click the appropriate virtual directory, such as Microsoft-Server-ActiveSync.

3. In the Actions pane, click Basic Settings.

4. Click Select next to Application pool.

5. In the Application pool list, click the appropriate application pool, and then click OK two times.

6. Reset IIS. To do this, run the iisreset /noforce command at a command prompt.

To configure an application pool in Windows Server 2003

1. Start the Internet Information Services (IIS) Manager MMC snap-in.

2. Expand the server name, expand Web Sites, expand Default Web Site, right-click the appropriate virtual server, such as Microsoft-Server-ActiveSync, and then click Properties.

3. On the Virtual Directory tab, click the appropriate application pool in the Application pool list, and then click OK.

4. Reset IIS. To do this, run the iisreset /noforce command at a command prompt.

To configure an application pool identity in Windows Server 2008

1. Start the Internet Information Services (IIS) Manager MMC snap-in.

2. Expand the computer, and then click Application Pools.

3. In the Application Pools pane, examine the entries in the Identity column to determine which identity each application pool uses.

4. Click an application pool, such as MSExchangeOWAAppPool, and then click Advanced Settings in the details pane.

5. In the Process Model section, click Identity, and then click the ellipsis button (…).

6. In the Application Pool Identity dialog box, click Built-in account, click LocalSystem or NetworkService in the Built-in account list, as appropriate for the particular application pool, and then click OK.

   Note:
   Do not unintentionally click LocalService in the Built-in account list.

7. Follow steps 4 through 6 for any other Exchange-related application pools that you want to modify.

8. Click OK, and then reset IIS. To do this, run the iisreset /noforce command from a command prompt.

To configure an application pool identity in Windows Server 2003

1. Start the Internet Information Services (IIS) Manager MMC snap-in.

2. Expand the computer, and then click Application Pools.

3. Right-click an application pool, such as MSExchangeOWAAppPool, and then click Properties.

4. Click the Identity tab, and then click Predefined.

5. In the Predefined list, click Local System or Network Service, as appropriate for the particular application pool, and then click OK.

6. In the confirmation message that appears, click Yes to confirm that you want to run the application pool under the particular identity.

7. Follow steps 3 through 6 for any other Exchange-related application pools that you want to modify.

8. Reset IIS. To do this, run the iisreset /noforce command from a command prompt.

© 2009 Microsoft Corporation. All rights reserved.