Error: .NET Web applications failed after changing a Windows user password

Error Message

Accessing a Web application returns the following error:

"Server Error in '/XXXXXX' Application.
Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately.

Parser Error Message: Could not create Windows user token from the credentials specified in the config file. Error from the operating system 'Logon failure: unknown user name or bad password.'

Source Error:
Line 19: during development.
Line 20: -->
Line 21: <identity configProtectionProvider="DataProtectionConfigurationProvider">
Line 22: <EncryptedData>
Line 23: <CipherData>"


The Web application can no longer validate the user account it was deployed under.

Solution or Workaround

Every Web application that makes use of a local map service connection is deployed under a user account. If no account is explicitly set during the Web application creation, it defaults to the user account of whoever first logged into Web Manager or the account of the last Web application deployment.

  1. Open IIS Manager.
  2. Expand to the Web site's directory.
    - Expand Default Web site.
    - Right-click on the virtual directory with the name of the ArcGIS Server .NET application and go to Properties.
  3. Click on the ASP.NET tab.
  4. Click Edit Configuration.
  5. Click on the Application tab.
    At the bottom is Identity settings.
    - Enter the new password in the text box.
    - Accept all changes.
    - Try the Web application.

    The password could be saved in plain text within the web.config located in the Web application directory (C:\Inetpub\wwwroot\<webapplication>). Check the file and, if necessary, use the following instructions to encrypt the password.

    Encrypt the identity using the standard aspnet_regiis tool.
    To use aspnet_regiis, open a .NET command prompt from Start > (All) Programs > Microsoft .NET Framework SDK v2.0 > SDK Command Prompt.

    Type in the command to encrypt the identity section in web.config.

    For example:
    aspnet_regiis -pe "system.web/identity" -app "/MyWebMappingApp" -prov "DataProtectionConfigurationProvider" where "/MyWebMappingApp" is the URL of the Web application on the local IIS server.

Related Information