Share via

Loaduser profile set to true automatically in IIS

sabrina brijlal 1 Reputation point
2021-11-12T10:59:52.557+00:00

Everytime we do a deployment, this app pool gets deployed with a new version and we have to log onto each web server to set the Loaduser profile to True and it about 30 servers to do manually, is there a way I can get this automated via a script like powershell?

Windows development Internet Information Services
Windows for business Windows Server User experience PowerShell
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Georg Matviak 181 Reputation points
    2021-11-12T14:26:16.397+00:00

    Hi there SabrinaBrijlal-7623,

    IIS never loads user profiles. I would assume this is off by default to keep the behavior consistent, and an administrator has to opt-in to it.

    This is most likely because the Windows Cryptographic Service Provider was trying to store or load a key for your certificate in the user store, and since a profile was not available, a cryptographic context was not available. Note that the Load User Profile setting only applies to user accounts. Service Accounts like NETWORK SERVICE and ApplicationPoolIdentity have special handling.

    You can also try the step as per this forum and see if they are helpful

    https://social.msdn.microsoft.com/Forums/en-US/5a458d04-83c1-4553-aeb3-b4346bc90e2b/iis-application-pools-stops-if-load-user-profile-true-rpcsserverunavailable-sharepoint?forum=iistroubleshooting

    https://social.technet.microsoft.com/Forums/en-US/dfe81502-a014-4045-a899-b5fa3d3ff6eb/want-to-check-impact-of-load-user-profile-setting-in-iis?forum=sharepointadmin

    --If the reply is helpful, please Upvote and Accept it as an answer--

    0 comments
  2. MotoX80 36,291 Reputation points
    2021-11-13T02:18:30.373+00:00

    Everytime we do a deployment,

    What tool or method are you using to do this deployment? Does it have an app pool configuration section where that could be set?

    A Powershell Invoke-Command should work, but you might need to do a "winrm quickconfig" on each server if you can't connect. 

    $computers = @('server1', 'server2', 'server3')       # use this command to test against a few machines  
# $computers = Get-Content "C:\temp\ServerList.txt"   # use this command to read a list of names from a file  
  
foreach ($computer in $computers) {                       # replace XXXX with the name of your app pool  
	Invoke-Command -ComputerName $computer -ScriptBlock {Set-ItemProperty IIS:\AppPools\XXXX  -Name processModel.loadUserProfile -value $true}  
}

    Check to see what the default setting is. It might be easier to change that.

    148920-capture.jpg

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.