Home > Dynamics CRM > Microsoft Dynamics CRM 4.0 – HTTP 503 Error: The Service is not available

Microsoft Dynamics CRM 4.0 – HTTP 503 Error: The Service is not available

Today we rebooted a customers CRM server to find that Microsoft Dynamics CRM 4.0 would not start and display the error of “HTTP 503 Error: The Service is not available. So I thought I would simply restart the CRM application pool and all would be ok .. right? No. It seems some more troubleshooting is required.

I dug deep around the event logs (event viewer) and found this event (id 5201) :

The identity of application pool CRMAppPool is invalid. The user name or password that is specified for the identity may be incorrect, or the user may not have batch logon rights. If the identity is not corrected, the application pool will be disabled when the application pool receives its first request.  If batch logon rights are causing the problem, the identity in the IIS configuration store must be changed after rights have been granted before Windows Process Activation Service (WAS) can retry the logon. If the identity remains invalid after the first request for the application pool is processed, the application pool will be disabled. The data field contains the error number.

So this lead me to believe a number of things could be wrong. Here is my list of possible issues:

  1. The account the CRMAppPool is running under is disabled?
  2. The account the CRMAppPool has an invalid password?
  3. IIS simply needs to be restarted? (use iisreset from the command prompt)
  4. CRM Asynchronous Processing Service needs to be restarted? (restart within Services)
  5. Local Security Policy – “Log on as a batch job” needs to have the account added to the list

In summary (if you don’t want to read on) it seems the issue was no. 5! But the next issue I had before I resolved this was that I couldn’t simple Add the user account to the list, it was greyed out!! How do I resolve this? Well follow the steps I took below to resolve this issue.

Log on as batch job

As you can see above, the Add User or Group is greyed out/disabled. This indicated that Domain Group Policy was controlling these members in the list. Therefore it was off to the Domain Controller we go.

So I opened Group Policy Management (from Administrative Tools) on the domain controller. I then viewed the Log on as a batch job as shown below. As assumed, the account was missing!


Next, I right-clicked on Default Domain Policy and selected Edit


Next I navigated to Computer Configuration>Policies>Windows Settings>Security Settings>Local Policies>User Rights Assignment and found the setting of Log on as a batch job


Next, I right-clicked on the setting and selected Properties


Now as shown above, the Add User or Group is enabled allowing me to add the user which is missing.

Once this is done, click OK to save your changes. Last step is to make sure this policy is applied on the domain or on the CRM server. To force this on the CRM Server, I simply opened a Command Prompt and typed the command of gpupdate /force

Now I simply browsed to my CRM instance within Internet Explorer and it’s all working again.


Greg Olsen
Yellow Duck Guy

Categories: Dynamics CRM
  1. Will
    October 14, 2011 at 9:53 am

    Thank you! This worked well for me.

  2. December 3, 2011 at 10:12 pm

    Thank you so much, You saved my day !

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: