My system is Windows Server 2008 R2 with IIS 7.5. I need to run a site which is allowed to do some administrative tasks. I have created an AD user account and added it to all the required groups. The site's application pool runs with custom identity set to this AD account. This works, however some tasks fail with 'Access is denied'. I have found that it was caused by UAC (with UAC disabled everything works ok).
So my question is - is it possible to run an application pool in elevated mode without globally disabling UAC? Possibly just disabling UAC just for this one account.
UAC is per machine, not per user, so I don't think that is possible.
What type of task were you trying to perform? Perhaps you can explicitly grant the account permissions to certain objects instead.
Are you browsing the site from localhost?
I don't think UAC is affecting the application pool but I think your web site is impersonating your credentials, which UAC does affect. Try turning off impersonation for this site or page.