Configure IIS to use a certain user account to work

The problem I faced with with Drupal installation – I could not give right permissions to the upload folder to store files as required.
I had the solution for IIS6, but IIS7 have different user set-up, so new solution was required.
After some fiddling about, I stumbled across this solution:

  1. Create a normal Windows user for your Drupal install. Create a password too.
  2. Create an application pool for your Drupal install. Set the application pool’s identity to your windows user: in IIS7 double click the new application pool and then Advanced Settings -> Process Model -> Identity
  3. Set your website to use that application pool
  4. In web-site go to Authentication -> Anonymous Authentication -> Edit -> Set to Application pool identity:
  5. Give (or deny) the Windows user full control to the sites\default directory

So, what all this does is give the Drupal install privilege isolation. It can only write files in the sites\default directory, but not your settings.php. It can still create needed cache file, uploads, etc.