An update to the instructions I posted on granting permission to write to the Moodledata directory: this is a little different if the IIS website's Anonymous Authentication has been set to use the application pool identity.
Determine if a specific user is being used for the Moodle website (where "Moodle site" is the name of the website in the left hand pane of the IIS Manager manager console:
C:\inetpub>%windir%\system32\inetsrv\appcmd.exe list config "Moodle site" ^
More? /section:anonymousAuthentication
⋮
<anonymousAuthentication enabled="true" userName="IUSR" />
⋮
If userName is not empty then this is the user that should have modify permissions to the Moodledata directory, e.g.:
C:\inetpub>icacls C:\inetpub\moodledata /grant IUSR:(OI)(CI)(M)
The above is the default setting for IIS. However, if userName is empty, i.e.:
<anonymousAuthentication enabled="true" userName="" />
Then you need to grant modify permissions to the application pool identity for that website. The application pool is shown under Basic Settings... for the site in the IIS Manager console – by default the identity has the same name as the website but you may need to check the application pool settings to confirm this. E.g. for a website called Moodle site using an application pool identity also called Moodle site:
C:\inetpub>icacls C:\inetpub\moodledata /grant "Moodle site":(OI)(CI)(M)
You may find that the application pool identity isn't created until the website is first accessed. If the above command fails, try again after starting the Moodle install process.