IIS App pool fails to restart after server reboot, but the Identity user seems to be working properly

Question

Hi everyone,

We've been facing an issue with our Windows servers hosting services with IIS. Every week, when we reboot the servers, a significant number of our app pools fail to start automatically. As a result, we have to manually log into each server and start the app pools.

Interestingly, all the app pools that fail to start after rebooting have the same Identity Custom Service Account. Initially, we suspected the problem might lie with the service account. However, we have an equal number of app pools with the same service account that restart successfully every time.

We've captured a sample log from the event log immediately after a server reboot, which repeats consistently for each app pool that fails to start:

Application pool MyService has been disabled. Windows Process Activation Service (WAS) encountered a failure when it started a worker process to serve the application pool.

Application pool MyService has been disabled. Windows Process Activation Service (WAS) did not create a worker process to serve the application pool because the application pool identity is invalid.

The identity of application pool MyService is invalid. The user name or password that is specified for the identity may be incorrect, or the user may not have batch logon rights. If the identity is not corrected, the application pool will be disabled when the application pool receives its first request. If batch logon rights are causing the problem, the identity in the IIS configuration store must be changed after rights have been granted before Windows Process Activation Service (WAS) can retry the logon. If the identity remains invalid after the first request for the application pool is processed, the application pool will be disabled. The data field contains the error number.

We reset the Identity pool also but it is still not working. I need the Custom Service Account because the service need access to some files from the network.

Below are some logs I am not sure to be related to the App pool failure but maybe will be helpfull for the troubleshooting:

Fault bucket , type 0 Event Name: APPCRASH Response: Not available Cab Id: 0 Problem signature: P1: w3wp.exe P2: xxxxxxx P3: xxxxxxx P4: ucrtbase.dll P5: xxxxxxx P6: xxxxxxx P7: xxxxxxx P8: xxxxxxx P9:
P10:
Attached files: These files may be available here: C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_w3wp.exe_xxxxxx Analysis symbol:
Rechecking for solution: 0 Report Id: dd83-xxxx-xxxx-xxxx-xxxx Report Status: 524384 Hashed bucket: The Azure Pipelines Agent (myAgent) service terminated with the following error:
Incorrect function. The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{ID0001} and APPID
{ID0002} to the user Sank\service SID (ID0003) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. The WinRM service failed to create the following SPNs: XXXXXX; XXXXXX.

The driver \Driver\WudfRd failed to load for the device XXXXXXX.

The luafv service failed to start due to the following error:
This driver has been blocked from loading

PLEASE SOMEBODY HELP ME

Answer 1

Hello there,

When an IIS (Internet Information Services) application pool fails to restart after a server reboot, there can be various reasons for this behavior. While the identity user might appear to be working properly, there could still be other factors causing the issue. Here are a few potential troubleshooting steps to consider:

Event Logs: Check the Windows Event Viewer logs for any relevant error messages or warnings associated with the application pool. Look for events related to IIS, the application pool, or any dependencies that might be causing the failure.

Application Pool Configuration: Review the configuration settings of the application pool to ensure they are set correctly. Pay attention to options such as the .NET framework version, managed pipeline mode, and identity settings. Verify that the identity user has the necessary permissions and that the account information is accurate.

Dependencies: Identify any dependencies your application relies on, such as databases, services, or file system access. Ensure that these dependencies are available and configured correctly after the server reboot. Check for connectivity issues or any changes that might affect their operation.

Application Pool Identity User: Although you mentioned that the identity user appears to be working properly, double-check that the user account associated with the application pool has not encountered any changes or issues. Verify that the account is active, the password is correct, and the account is not locked out.

Application Pool State: Determine the exact state of the application pool. For example, if the application pool is in a stopped state, try manually starting it and observe any error messages that may appear. This can provide further insights into the underlying problem.

I used AI provided by ChatGPT to formulate part of this response. I have verified that the information is accurate before sharing it with you.

Hope this resolves your Query !!

--If the reply is helpful, please Upvote and Accept it as an answer--

Answer 2

I am sorry but this is still not helpfull.