Had a very strange error the other day when migrating a project from using the Visual Studio IIS Express to the local IIS.
The project was a WebAPI that interfaced down to a Microsoft Dynamics CRM 2015 instance on the same box and had been working well within the Visual Studio environment. However, as soon as the project was deployed to the local IIS instance the connection to the CRM was failing with a rather obscure System.ServiceModel.FaultException. Unfortunately, there was little else in the exception details to go on and an initial Google search yielded little help aswell.
After many different tests to try and isolate the issue I finally found the reason for the failure which was the authentication was failing. Again, after a few more tests I still couldn’t get the authentication to work, but eventually came across one guys answer to a similar problem on Stack Exchange (http://stackoverflow.com/questions/5981167/error-message-the-request-for-security-token-could-not-be-satisfied-be). Scroll down to the first answer (Sixto) and he mentions that you need to change the AppPool identity! Voila! The default Identity setting is ApplicationPoolIdentity which is great if you are simply reading and running the code in ASP.NET pages, however this won’t allow access to databases etc… and you need to change the identity to a user that has been granted access to whatever resource your webpage is trying to gain access too.
Here is a page with some more details on the different web servers Visual Studio can use along with the advantages and disadvantages of each.