I was configuring an new Sharepoint 2010 install; after a reboot of the web front-end machine, IIS returned a 503-Service Unavailable HTTP status message. SharePoint was broken!
See previous blog post; I had created and used a new Farm Account and Service Account.
I saw elsewhere, that it may be the case that a domain group policy overrides an essential permission of the application pool accounts called “Log on as a batch job”. Without this permission, the application pool account is not able to run the application pool.
In addition, the farm administration account and all other service accounts that are running the SharePoint services were not listed in the “Log on as a service” policy. These policies were overridden the first time after the server restart with more restrictive domain policies.
The solution of the problem was simple now. It was only necessary to add all application pool accounts to the “Log on as batch job” domain policy and the service accounts (such as the farm administrator) to the “Log on as service” domain policy. After these changes, it was only necessary to force the policy upgrade on the web front-end by using the “gpudate /force” command. After a reboot of the web front-end, SharePoint was finally working as expected.
Also, Modify your application pool by going into IIS > Application Pools > Right-Click offending app pool > Advanced Settings > Set “Load User Profile” to False.