🟠 High   ⏱ 5–30 min  Last verified: 30 May 2026
Affected versions: Windows Server 2022

πŸ“– ~1 min read

Table of contents
  1. Symptom & Impact
  2. Environment & Reproduction
  3. Root Cause Analysis
  4. Quick Triage
  5. Step-by-Step Diagnosis
  6. Solution β€” Primary Fix
  7. Solution β€” Alternative Approaches
  8. Verification & Acceptance Criteria
  9. Rollback Plan
  10. Prevention & Hardening
  11. Related Errors & Cross-Refs
  12. References & Further Reading

Symptom & Impact

Web applications recycle unexpectedly and users receive intermittent 503 responses.

Environment & Reproduction

Windows Server 2022 build 20348 IIS workloads with custom modules or identity changes.

Import-Module WebAdministration
Get-ChildItem IIS:AppPools | Select Name,State
Get-WinEvent -LogName Application -MaxEvents 60 | Where-Object Id -in 5002,5011,5059

Root Cause Analysis

Common causes include bad module binaries, identity permission failures, or rapid-fail thresholds.

Quick Triage

Identify failing pool and most recent exception signature.

Get-WebAppPoolState -Name 'DefaultAppPool'
Get-EventLog -LogName Application -Newest 40 | Where-Object Source -match 'WAS|IIS'

Step-by-Step Diagnosis

Inspect pool identity rights and loaded module versions.

Get-ItemProperty IIS:AppPoolsDefaultAppPool -Name processModel
Get-WebGlobalModule
Get-WinEvent -LogName 'Microsoft-IIS-W3SVC-WP/Operational' -MaxEvents 80
Illustrative mockup for windows-server-2022 β€” terminal_or_powershell
IIS app pool crash diagnostics β€” Illustrative mockup β€” Progressive Robot

Solution β€” Primary Fix

Correct identity permissions and recycle pool after module health checks.

Still having issues? Our IT Solutions & Services team can diagnose and resolve this for you. Get in touch for a free consultation.

icacls C:inetpubwwwroot /grant 'IIS APPPOOLDefaultAppPool:(OI)(CI)RX'
Restart-WebAppPool -Name 'DefaultAppPool'
iisreset /restart
Illustrative mockup for windows-server-2022 β€” event_or_log_viewer
WAS and IIS crash events β€” Illustrative mockup β€” Progressive Robot

Solution β€” Alternative Approaches

Temporarily disable problematic module and run app in isolated pool.

Remove-WebGlobalModule -Name 'CustomModule'
New-WebAppPool -Name 'App-Isolated'
Set-ItemProperty IIS:AppPoolsApp-Isolated -Name recycling.periodicRestart.time -Value 00:00:00

Verification & Acceptance Criteria

Pool remains running under load and no new Event 5002 appears.

Get-WebAppPoolState -Name 'DefaultAppPool'
Invoke-WebRequest http://localhost/ -UseBasicParsing
Get-WinEvent -LogName Application -MaxEvents 30 | Where-Object Id -eq 5002

Rollback Plan

Restore original module set and app pool settings if behavior worsens.

appcmd restore backup PreFix-IIS
Restart-WebAppPool -Name 'DefaultAppPool'

Prevention & Hardening

Deploy modules through staged validation and track pool crash counters.

Get-Counter 'W3SVC_W3WP(*)Private Bytes'
Backup-WebConfiguration -Name DailyIISConfig

Related to CLR version mismatch and locked identity accounts.

Related tutorial: View the step-by-step tutorial for Windows Server 2022.

View all Windows Server 2022 tutorials on the Tutorials Hub β†’

Browse all common problems & solutions on the Tutorials Hub.

References & Further Reading

Microsoft Learn IIS app pool failure analysis and WAS event IDs.

Need Expert Help?

If you cannot resolve this yourself, our team offers hands-on Server Management, Managed IT Services, and flexible Support Plans. Contact us today β€” we respond within one business day.