If you change the identity of the application pool, and the new account is not the System account, what account is used when calling SPSecurity.RunWithElevatedPrivileges?
Add a comment |
2 Answers
SPSecurity.RunWithElevatedPrivileges reverts to the identity of the application pool (among other things). So, the code runs under the new identity you specified.
Also, if you did change the app pool's identity property (i.e. from the Central Administration Tool, so SharePoint sets correct permissions on the content DB + propagate changes to all servers in the farm) it is now the "new" System Account.
SPSecurity.RunWithElevatedPrivileges always executes the code under Application Pool Identity. So you must ensure that Application Pool Identity has proper permissions over site, otherwise you will get access denied error.
- which permissions we need to give for the Application Pool Identitykumar– kumar2016-02-16 09:19:16 +00:00Commented Feb 16, 2016 at 9:19
- Its depending upon your requirements. If you want to add, update, and delete list items and documents then App Pool Identity should have at least "Contribute" access . If you want to Add, edit, and delete lists then "Edit" access. If you are dealing with some critical tasks then you can give "Full Control".SP Developer– SP Developer2016-02-16 11:54:37 +00:00Commented Feb 16, 2016 at 11:54