1. Open Control Panel > Administrative Tools > Local Security Settings.
2.In the left panel, select Security Settings > Local Policies > User Rights Assignment.
3. Open Act as part of operating system.
4. In the Act as part of the operating system Properties dialog, click Add User or Group.
5. IISReset
Some documents say this is not necessary in Win2003, but it does happen when impersonating in the code.
Other right of application pool (including Network Service):
- Adjust memory quotas for a process
- Generate security audits Log on as a service
- Replace process level token
- Impersonate a client after authentication
- Allow logon locally
- Access this computer from the network
