Datasheet
Figure 1-7
Although NETWORK SERVICE can store and retrieve the auto-generated machine key inside of the
HKEY_USERS (HKU) area of the Registry, this technique will not work for local or domain accounts
because accessing HKU requires that a user profile be loaded. Loading a user profile includes loading
the portion of the Registry hive that is unique to a specific user. However, with IIS6 and ASP.NET, the
user profile is loaded under only the following scenarios:
❑ The worker process is running as either NETWORK SERVICE or as LOCAL SERVICE.
❑ IIS6 is running in IIS5 isolation mode, in which case the user profile for the local ASPNET
machine account will be loaded.
Other local and domain accounts will not have a user profile loaded on their behalf. As a result, ASP.NET
needs some other location for storing the auto-generated machine key. If you choose to run ASP.NET
with either a local or domain machine account, always make sure to run the following command line
from the framework installation directory:
aspnet_regiis -ga DOMAIN\USERNAME
21
Initial Phases of a Web Request
04_596985 ch01.qxp 12/14/05 7:46 PM Page 21