No log on as batch - but sites still work
https://sharepoint.stackexchange.com/questions/12249
-
16-10-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
So I came across an interesting error today. I've got a SharePoint 2010 server setup and running a few web applications. Each of these web applications are configured with their own app pools and services accounts. They were set up months ago, and have been running fine.
Today, I'm trying to set up a couple new web applications with new app pools and services accounts for them. When I try to open sites associated with them, I get a 503 - Service Unavailable error. Tracing it down, I believe it's related to this: http://blog.markhaverty.com/2010/10/20/service-unavailable--http-erro.aspx. There is an existing GPO in place that is replacing the log on at batch permissions, setting it to only be 1 particular service account that is not any of my SharePoint service accounts.
I'll be talking with my AD guy about how we can fix this, but in the mean time, I'm curious as to why my existing sites are working right now. What I'm reading says that they should be failing with the same error.
Anyone have any thoughts why?
Solution
The server was previously moved from one OU to another, picking up the GPO policy that sets the log on as batch permissions, but wasn't restarted afterwards or since. The user accounts that were running the previous Web Applications maintained their permissions, and it was only the new user accounts that were blocked. Removed the GPO restrictions, and everything worked fine.
