Question: I created a IIS website, the application pool name is testAppPool. Then I run the following code in the website, obtain current user group permissions: WindowsIdentity winIdentity = WindowsIdentity.GetCurrent(); str += "
Current user name:\\t" + winIdentity.Name; str += "
Current user authentication type:\\t" + winIdentity.AuthenticationType; str += "
Current user SID:\\t" + winIdentity.User; str += "
Current user token:\\t" + winIdentity.Token; str += "
Token owner SID:\\t" + winIdentity.Owner; str += $"
Current user has {winIdentity.Groups.Count} group memberships."; foreach (IdentityReference group in winIdentity.Groups) { NTAccount ntAcc = (NTAccount)group.Translate(typeof(NTAccount)); str += $"
    Group :  {ntAcc.Value}    "; } I got this result like this: Current user name: IIS APPPOOL\\test Current user authentication type: Negotiate Current user SID: S-1-5-82-2084461697-3881244625-4442817516-662440669-514472240 Current user token: 2080 Token owner SID: S-1-5-82-2084461697-3881244625-4442817516-662440669-514472240 Current user has 9 group memberships. Group : Everyone Group : BUILTIN\\Users Group : NT AUTHORITY\\SERVICE Group : CONSOLE LOGON Group : NT AUTHORITY\\Authenticated Users Group : NT AUTHORITY\\This Organization Group : BUILTIN\\IIS_IUSRS Group : LOCAL Group : 【SID: S-1-5-82-0】 It contains the user group BUILTIN\\Users, and I found that IIS APPPOOL\\test can access all disks, read and modify. How can I remove the IIS APPPOOL\\test account from BUILTIN\\Users group. thanks very much.
Reply: 因此，可能存在语法错误或奇异的措辞。 根据描述，我了解您的问题与 IIS 有关。 为了能够快速有效地处理您的问题，我建议您在问答论坛中重新发布您的问题，那里将有专门的工程师为您提供专业有效的回复。 以下是 Q&A 论坛的链接： https://learn.microsoft.com/en-us/answers/questions/ 有好的一天。