On a server that is running Windows Server 2008 or Windows Server 2008 R2, you enable remote management for Internet Information Services (IIS).
The server has more than one application pool configured in IIS.
One of the application pools is configured to use custom user identity.
You use Internet Information Services Manager to connect to the server as an administrator from a remote computer.
In this scenario, when you to try to change the identity of any application pool, you receive the following error message:
There was an error while performing this operation. Details: Keyset does not exist (Exception from HRESULT: 0x80090016)
The LOCAL SERVICE account is the service account of the IIS Web Management Service (also known as WMSvc). This problem occurs because the LOCAL SERVICE account does not have Read access on the iisWasKey key that is located in the following folder:
Right-click the following file, and then click Properties:
Click the Security tab, and then click Edit. If you are asked whether you want to continue the operation, click Continue. Then, the list of group names and user names that have access to this key file appears in the Permissions dialog box.
Click Add. Then, the Select Users, Computers, Service Accounts, or Groups dialog box appears.
Type LOCAL SERVICE, and then click Check Names.
In the Group or user names list, click LOCAL SERVICE. Make sure that the Read check box is checked in the Permissions for LOCAL SERVICE list.
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
This problem will be corrected in next service pack for Windows Server 2008.