I would say that it depends on the scenario.
typically, you need to configure a separate application pool in IIS for each web application that you deploy to the web server, at least in production. It is said that for an Active Directory server that has one account for each application pool you create, no problem.
One of the old good application security rules is to always provide the minimum set of required privileges and nothing more, therefore, if you have application A and App B, you must also have user A and user B, each of which has only rights to use them application (and, ultimately, access some databases, some network drives, etc.).
If you have only user C and grant all rights to this user, an error in application A can then connect and potentially affect application B, since user C has rights to both, if you use application A with user A, this cannot be .
source share