Assign User to IIS AppPool via Powershell
You should always validate your credentials before setting the pool identity. This can be accomplished via the PrincipalContext .NET class -- specifically look at PrincipalContext.ValidateCredentials(user, password).
Sample:
#-- Make sure the proper Assembly is loaded[System.Reflection.Assembly]::LoadWithPartialName("System.DirectoryServices.AccountManagement") | out-null#-- Code to check user credentials -- put in function but here are the guts#-- Recommend you use SecureStrings and convert where needed$ct = [System.DirectoryServices.AccountManagement.ContextType]::Domain$pc = New-Object System.DirectoryServices.AccountManagement.PrincipalContext -ArgumentList $ct,"domainname"$isValid = $pc.ValidateCredentials("myuser","mypassword")
If local account change the $ct to 'Machine' ContextType.
Start and Stop are something of a misnomer. They should really be named Enable and Disable.
The worker process for the pool won't actually "start" until it needs to service a request.
It's at that point authentication takes place. If the username and password are invalid then you'll get a 503 Service Unavailable response and three events (5021, 5057 and 5059) logged by the WAS in the System event log.
There is no up-front checking of the validity of a pool's identity when using the API's. Only the IIS management console performs these checks.