0

I developed asp.net application to read and scan files from a scanner but when I upload it to IIS (windows 10 X64 is my test machine) I got this error:

Creating an instance of the COM component with CLSID {E1C5D730-7E97-4D8A-9E42-
BBAE87C2059F} from the IClassFactory failed due to the following error: 
80070005 Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED)).

After some researching on the internet i found this article and i checked all the steps and the only solution that works was that "In IIS if I change application pool identity from ApplicationPoolIdentity to Local System it works".

Now the question is that is it decrease my security? whats is the deference between these two types of identities?

motevalizadeh
  • 5,244
  • 14
  • 61
  • 108
  • "decrease my security" Sort of. Local system can do things that 'disposable' app pool accounts can't. Otherwise, there's not much difference. – Davesoft Jul 19 '18 at 15:47
  • 1
    Possible duplicate of [The difference between the 'Local System' account and the 'Network Service' account?](https://stackoverflow.com/questions/510170/the-difference-between-the-local-system-account-and-the-network-service-acco) – Ruud Helderman Jul 19 '18 at 15:52

1 Answers1

1

If you run as Local System, you are running code, accessible from the internet as "Local System", which is just that, your code is running as if it's the operating system (i.e., it can do everything an admin on the box can do - and a little more). In general, the advice is "don't do that" - if someone compromises your application, they get to own your box.

Talk to your plugin vendor and ask his advice on how to do this.

Flydog57
  • 6,851
  • 2
  • 17
  • 18