Create Orchestrator Application Pool
It is necessary for Orchestrator to communicate with an organization's Active Directory to look up information about the user who triggered an alarm. This information is only required for contacting the user, such as email, Skype Username, and so on. For this reason, the Orchestrator application requires Read access to the organization's Active Directory. To achieve this, the Orchestrator's application pool must be run as a user with this level of access, such as the domain controller. Note that this is the minimum permission required.
To create the Application Pool for the Orchestrator, do the following:
Open IIS, and select Applications Pools > Add Application Pool.
In the window that opens, ensure that the details match the following:
Once the application pool is created, right-click on it, and select Advanced Settings. In the window that opens, scroll to the setting Identity and select the ellipsis.
Select Custom Account > Set.
Next, enter the credentials of the privileged user that you want Orchestrator to be run as. Ensure that this user has Active Directory Read access.
Select Ok to progress through each dialog.