ANTS Profiler
Latest version: 4.3
Knowledge Base
Profiling a web application needing to run as the Network Service account
Category: How do I?
Date: 17 Jun 2009
Product: ANTS Profiler
Versions: 2,3,4
Platform: ASP .NET hosted in Internet Information Server version 6,7
Some ASP .NET web applications are designed so that they must always run as the Network Service account. If this is the case, these web applications will almost certainly fail if they are being profiled in ANTS Profiler, because it runs the ASP .NET application pool as the SYSTEM account by default.
It is possible to change the web application so that it will execute as the Network Service account by changing the web.config file for that web application. This is in contrast to the instructions for running ASP .NET code as a named user, in which the startup account for the ANTS Profiler Service is simply changed to the credentials that you want to use for the application pool. The reason for this is because the Network Service account typically does not have the privileges to start an IIS application pool, and since the ANTS Profiler services do the work of starting the pool, they must have a high level of access to the operating system.
This can be worked around using ASP .NET impersonation. The result of configuring the web application to impersonate the Network Service account is that the application pool will be started by the ANTS Profiler 3 Service using the SYSTEM account, which has high-level access to the operating system, and afterwards control is handed over to the Network Service account which has minimal local computer rights but is allowed virtually unfettered access to the network.
To impersonate the Network Service account, use Windows Explorer to navigate to the application's virtual directory, locate the web.config file, and open it using notepad.exe or the text editor of your choosing. If the web.config file does not exist, it must be created. The identity impersonate tag should be inserted inside the "'system.web" node of the web.config, for example:
<?xml version="1.0"?>
<configuration>
<system.web>
<identity impersonate="true" userName="NT AUTHORITY\NetworkService" password="" />
<compilation debug="true"/>
<authentication mode="Windows"/>
</system.web>
</configuration>
Because the password is managed internally by Windows, the password should be left as an empty string.
Once the web.config is saved, all actions performed by the web application as it is being profiled using ANTS Profiler will be performed by the Network Service account.
Note that this technique cannot be used on profiling web applications hosted in the development web server, as it does not include impersonation as one of its' features.
Document ID: KB200711000196 Keywords: ANTS,Profiler,Network,Service,impersonate,security,exception
Was this article helpful?
Using ANTS Performance ProfilerANTS Profiler
- Enabling logs to track the profiling session
- Changing the interprocess communications ports in version 4
- Double hit counts occurring on one line
- System.EntryPointNotFoundException (Versions: 3,4 only)
- Version 3.0 Unhandled startup exception on Windows Vista
- Version 3 add-in grayed out on non-English Visual Studio 2005 and 2008
- Methods in (ASCX) web controls may not appear
- Failed to CoCreate Profiler error profiling a Windows service
- Multiple-core portable computers may show inflated times (version 3)
- No .NET methods were profiled on web application
- ANTS Profiler code instrumentation method
- Profiling a single assembly in version 3
- Filtering results by individual thread
- Add-in fails to load when using RunAs to start Visual Studio as another user
- Profiling unit tests using Nunit
- Can I profile Compact Framework applications?
- Profiling a SharePoint 2007 Web Part
- Profiling an assembly in the Global Assembly Cache (GAC)
- Additional hidden statistics in the results grid (version 3)
- Multiple floating ANT icons in Visual Studio (version 3)
- ANTS Profiler overhead adjustments
- Profiling IIS web applications that need to run under the SYSTEM account
- Profiling a web application hosted in IIS on a fixed TCP port
- Add-in 'Object Reference not set to an instance of an object' error
- Profiling client-side XBAP .NET applications
- ANTS Profiler prompts for location of source code which is not your own source code
- ANTS menu remains in Visual Studio after uninstall of ANTS Profiler
- Profiling a web application needing to run as the Network Service account
- Abnormal termination caused by .NET 2.0 critical finalizer threads
- Cannot start COM+ application via Remote Desktop
- Fast mode and memory profiling options unavailable
- Finding the overall time taken to execute a thread
- Running an IIS application pool as a named identity
- IIS web application always loads default website
- Profiling BizTalk applications
- Profiling Microsoft Office managed-code add-ins
- The system cannot find the file specified
- Error Stopping IISAdmin profiling IIS web application on Windows XP
- ANTS Memory Profiler total size of all objects does not match the memory footprint of an application
- Lines of source code do not align with hit count, time data in version 3
- Creating a global debugging symbols (PDB) directory
- Profiling a SharePoint site collection
- Using the add-in to profile solutions containing more than one project
- Methods may be missing on multi-core systems in version 3
- ASP .NET 1.x application recycling causing incomplete results
- Ambiguous site selection message when profiling IIS applications
- Application recycling causes incomplete results and other errors when profiling ASP .NET
- Profiling WCF services hosted in IIS
- Cannot profile IIS 6 web application on port lower than 1024
- (version 5) Support for profiling Silverlight applications
- Couldn't open metabase error when profiling ASP .NET hosted in IIS
- Failed to coCreate Profiler on ASP .NET web application
- HTTP error 404.17 profiling ASP .NET 1.1 on IIS 7
- Performance counters missing from results
- Isolating single ASP .NET pages in ANTS Profiler results
- Missing hits for lines in the source code view
- ANTS Profiler restarts IIS
- Showing the amount of time taken for a method in one particular thread
- Common ASP .NET memory issues
- Please specify a valid URL message profiling ASP .NET
- Times on individual lines do not add up to method time
- Manually installing the add-in
- Error starting services running as "Local Service"
- Explanation of "thread blocked" methods in ANTS Profiler
- Call graph percentages do not add up exactly
- Operation could destabilize the runtime error profiling ASP .NET
- IIS ceases to work after profiling web applications
- Access to the Temp directory is denied error profiling web applications
- Problems with ANTS Visual Studio integration
- Unable to coCreate Profiler error profiling any application
all products
- Some Red Gate products identified as containing a trojan by Anti-Virus software
- Activation may fail with Unknown Error -1
- Product uses web help although a CHM file is available locally
- Argument exception resulting from missing environment variable
- Check for updates may fail when used through proxies
- 'Unidentified Publisher' error when repairing or uninstalling
- Licensing activates product as standard edition
- Moving Red Gate software products to another machine
- Red Gate tools log locations
- The application UI opening slowly when there is no internet access
ANTS Profiler
- Getting help offline
- Finding memory leaks using ANTS Profiler
- Identifying root objects with ANTS Profiler
- Performance profiling with ANTS 4: tips for ANTS 3 users
- How to profile a desktop application that hosts the .NET runtime (ANTS Profiler 3)
- How to profile the performance of a single .NET assembly (ANTS Profiler 3)
- Profiling ASP.NET applications (ANTS Profiler 3)
- How to reduce the number of topics you see in the "All objects" panel (ANTS Profiler 3)
- ANTS Profiler release notes - version 4.xx
- Why can't ANTS Profiler find my source code? (ANTS Profiler 3)
all products
- Red Gate product acknowledgements
- Activating your products
- Activating your products
- Red Gate bundle history
- Check for updates
- Troubleshooting Check for Updates errors
- Current versions
- Deactivating your products
- Installing Red Gate products from the .msi file
- Requesting additional activations
- Serial numbers for bundles
- Reactivating using a different serial number
- Extending your trial
- Finding your serial numbers
- Moving a serial number from one computer to another
- No response received for manual activation
- Licensing and activation resources
- Licensing and activation resources
- Troubleshooting licensing and activation errors
- Licensing and activation FAQs
- Red Gate tools log file locations
- Download old versions of products
- Download product prerequisites & utilities
- Support & upgrades
- Upgrading your software
- Upgrading FAQs
