My Setup: W2K8-R2 IIS7.5 x64bit servers (app pool is running in 32bit, though)
We have a (.net 4.0) web application that runs under the "ApplicationPoolIdentity". It has "Windows Authentication" enabled. The web app calls a web service on different (older - W2K3 II6) web server (same domain). The web service requires Windows Authentication as well.
On some of our web servers, this works well and I can see that the Web App calls the web service and identifies itself as the machine name for the web server it is running on (as expected). However on other web servers the application will not identify itself when it calls the web service and thus gets a 403 error (this is confirmed by looking at the IIS logs for the web service).
I've compared the web servers that work versus those that don't and I can't find any significant differences. (I compared the ApplicationHost.Config files from both sites and with the exception of a few encryption keys they are identical).
Any thoughts on what could be causing the App Pool Identity on the bad machines to forgo identifying itself? Did we set something up on one web server and miss it on the other?
If not, can someone recommend tools that could be used to track down what's going on?
Thanks for any help.
An update in case anyone runs into this... We realized that the common thread between servers that worked was that they had been rebooted recently. After rebooting the problem servers, they too started working.
At this point I can't explain what the issue was, but it appears a reboot solved it. I will update if the problem reoccurs.