app pool permissions to virtual directory

how can i assign the AppPool identity to a virtual directory?

this is what i have to create the virtual

  Name = 'test'
  PhysicalPath = 'c:\download\test'
  Ensure = 'Present'
  IISAnonymousAuth = 'Enabled'
  IISAnonymousUser = ''



Is this for a DSC Configuration?


If this is normal PS then


$DB = ‘Application_name’

New-Item IIS:\appPools$DB’_2019’
#Set the idle time to 90(off)
Set-ItemProperty IIS:\AppPools$DB’_2019’ -Name processModel.idleTimeout -value ( [TimeSpan]::FromMinutes(90))
#disable the regular time of 1740 minutes
Set-ItemProperty IIS:\AppPools$DB’_2019’ -Name Recycling.periodicRestart.time -Value “00:00:00”
#Clear any scheduled restart times
Clear-ItemProperty IIS:\AppPools$DB’_2019’ -Name Recycling.periodicRestart.schedule
#Set scheduled restart times
Set-ItemProperty IIS:\AppPools$DB’_2019’ -Name Recycling.periodicRestart.schedule -value @{value=“07:00:00”}

New-Item “IIS:\Sites\Default Web Site$DB” -physicalPath $DBPath -type Application
Set-ItemProperty “IIS:\Sites\Default Web Site$DB” -name applicationPool -value $DB’_2019’


I do not believe you can set the app pool identity on a virtual directory. The app pool identity is inherited from the website or web application. You can set the app pool identity using the xWebAppPool DSC Resource and then assign the app pool to the website or web application.

$Credential = Get-Credential -Message 'Enter app pool identity credential'
xWebAppPool appPool1 {
    Ensure = 'Present'
    Name = 'myAppPool'
    IdentityType = 'SpecificUser'
    Credential = $Credential

The IdentityType parameter tells the app pool which account identity to run under. The acceptable values are: ApplicationPoolIdentity, LocalService, LocalSystem, NetworkService, and SpecificUser. Please refer to the GitHub documentation on xWebAdministration to learn how to apply the resources.



this is how i normally create a site under the DSC configuration, i just want to change permission on the virtual directory , that can be done under the GUI.


ShortName = ‘test’
DNSSuffix = ‘
SiteAuthors = (‘webdude’)
State = ‘Started’
Certificate = ‘sdfadsffadsfasdfdsC387F7788DF212B4F’
RuntimeVersion = ‘v4.0’
Enable32Bit = ‘Disabled’
HSTS = ‘Present’
HSTSAge = ‘128000’
Nodes = (‘server1’, ‘server2’)
IISAnonymousAuth = ‘Enabled’
IISAnonymousUser = ‘’
IISWindowsAuth = ‘Disabled’
Applications = @()
VirtualDirectories = @(
Name = ‘share’
PhysicalPath = “\\sdev”
Ensure = “Present”


Unfortunately, there is not a way of doing this using the xWebVirtualDirectory resource at the time of writing this. You should be able to use the xWebConfigProperty which uses the Get/Set-WebConfigurationProperty Cmdlet that should allow you to set the identity of the virtual directory.

    Filter = "/system.applicationHost/sites/site[@name='test']/application/virtualdirectory[@path='/share']"
    PropertyName = 'username'
    Value = 'domain\user'
    Ensure = 'Present'


thank you.

what should i be looking for to see if a module has the ability to handle a resource going forward?


DSC Resources are documented in GitHub and I believe still updated Monthly. All of the resources are located here:

GitHub - DSCResources

GitHub - xDscResources