Installing SharePoint 2016 in a closed environment. Security controls are implemented using the GPO and it is very restrictive.Testing the installation before I implement on the production. Every steps of the installation I am getting all kinds of permission issue. I will be documenting all the issue that I encounter and how I resolved it.

1. Running Product Configuration wizard, error out at step 5 with the following error:

Log Name: Application
Source: SharePoint 2016 Products Configuration Wizard
Event ID: 104
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: CONTOSOSP.contoso.com
Description:
Failed to register SharePoint services.
An exception of type System.InvalidOperationException was thrown. Additional exception information: Cannot start service AppFabricCachingService on computer ‘.’.
System.InvalidOperationException: Cannot start service AppFabricCachingService on computer ‘.’. —> System.ComponentModel.Win32Exception: A privilege that the service requires to function properly does not exist in the service account configuration.
You may use the Services Microsoft Management Console (MMC) snap-in (services.msc) and the Local Security Settings MMC snap-in (secpol.msc) to view the service configuration and the account configuration
— End of inner exception stack trace —
at System.ServiceProcess.ServiceController.Start(String[] args)
at Microsoft.SharePoint.Win32.SPAdvApi32.StartService(String strServiceName)
at Microsoft.SharePoint.Administration.SPWindowsServiceInstance.Start()
at Microsoft.SharePoint.Administration.SPWindowsServiceInstance.Provision(Boolean start)
at Microsoft.SharePoint.DistributedCaching.Utilities.SPDistributedCacheServiceInstance.Provision()
at Microsoft.SharePoint.Administration.SPServerRoleManager.<>c__DisplayClass1.<ProvisionServiceInstance>b__0()
at Microsoft.SharePoint.Administration.SPServerRoleManager.ConfigureServiceInstance(SPServiceInstance serviceInstance)
at Microsoft.SharePoint.Administration.SPServerRoleManager.ConfigureServer(Boolean throwOnFailure)
at Microsoft.SharePoint.PostSetupConfiguration.ServicesTask.InstallServices(Boolean provisionTheServicesToo)
at Microsoft.SharePoint.PostSetupConfiguration.ServicesTask.Run()
at Microsoft.SharePoint.PostSetupConfiguration.TaskThread.ExecuteTask()

Resolution: Farm service account must have the following user rights assignments – Generate Security Audit, Bypass Traverse Checking, Log on as a service.

2.  All option to provision new services under manage service applications grayed out. Central Admin does not display admin account login on the top of the browser. On the event viewer, following error logged in

Log Name: Application
Source: ASP.NET 4.0.30319.0
Event ID: 1309
Task Category: Web Event
Level: Warning
Keywords: Classic
User: N/A
Computer: SPCONTOSO.contoso.com
Description:
Event code: 3012 Event message: An error occurred processing a web or script resource request. The requested resource ‘ZSystem.Web.Extensions,4.0.0.0,,31bf3856ad364e35|MicrosoftAjaxWebForms.js|’ does not exist or there was a problem loading it. Event time: 1/19/2018 4:08:16 PM Event time (UTC):  Event ID: 7a22414f7b594efc9911ac74be0c4197 Event sequence: 5 Event occurrence: 1 Event detail code: 0 Application information: Application domain: /LM/W3SVC/240423334/ROOT-1-131608696796766797 Trust level: Full Application Virtual Path: / Application Path: C:\inetpub\wwwroot\wss\VirtualDirectories\5318\ Machine name: SPCONTOSO Process information: Process ID: 3560 Process name: w3wp.exe Account name: CONTOSO\spfarm Exception information: Exception type: ZLibException Exception message: The underlying compression routine could not be loaded correctly.
at System.IO.Compression.DeflaterZLib.DeflateInit(CompressionLevel compressionLevel, Int32 windowBits, Int32 memLevel, CompressionStrategy strategy)

3012
An error occurred processing a web or script resource request. The requested resource ‘ZSystem.Web.Extensions,4.0.0.0,,31bf3856ad364e35|MicrosoftAjaxWebForms.js|’ does not exist or there was a problem loading it.
7a22414f7b594efc9911ac74be0c4197
5
1
0
/LM/W3SVC/240423334/ROOT-1-131608696796766797
Full
/
C:\inetpub\wwwroot\wss\VirtualDirectories\5318\
SPCONTOSO

3560
w3wp.exe
CONTOSO\spfarm
ZLibException
The underlying compression routine could not be loaded correctly. at System.IO.Compression.DeflaterZLib.DeflateInit(CompressionLevel compressionLevel, Int32 windowBits, Int32 memLevel, CompressionStrategy strategy) at System.IO.Compression.DeflaterZLib..ctor(CompressionLevel compressionLevel) at System.IO.Compression.DeflateStream.CreateDeflater(Nullable`1 compressionLevel) at System.IO.Compression.DeflateStream..ctor(Stream stream, CompressionMode mode, Boolean leaveOpen) at System.IO.Compression.GZipStream..ctor(Stream stream, CompressionMode mode) at System.Web.Handlers.ScriptResourceHandler.ProcessRequestInternal(HttpResponseBase response, String decryptedString, VirtualFileReader fileReader) at System.Web.Handlers.ScriptResourceHandler.ProcessRequest(HttpContextBase context, VirtualFileReader fileReader, Action`2 logAction, Boolean validatePath) The type initializer for ‘NativeZLibDLLStub’ threw an exception. at System.IO.Compression.ZLibNative.ZLibStreamHandle.DeflateInit2_(CompressionLevel level, Int32 windowBits, Int32 memLevel, CompressionStrategy strategy) at System.IO.Compression.DeflaterZLib.DeflateInit(CompressionLevel compressionLevel, Int32 windowBits, Int32 memLevel, CompressionStrategy strategy) Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED)) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHR(Int32 errorCode, IntPtr errorInfo) at System.IO.Compression.ZLibNative.ZLibStreamHandle.NativeZLibDLLStub.LoadZLibDLL() at System.IO.Compression.ZLibNative.ZLibStreamHandle.NativeZLibDLLStub..cctor()
http://spcontoso:5432/ScriptResource.axd?d=MoSG-2iH7RsVnnX_62A0pY44zsDc6iPeRfGWtoDQii3gH1yZZ74e7oxxFyy_ZwpYmuMYyCrI9OPYO-c3sZkieE_vONlIyxlJC2F2p0LYgLMTCLiwlhvQiPlPzTRM0xtPqMKHNt1WIjjUEzbk7YCP_3dJ19GMMxpJ7ZmpJgMAEO2FnUWtgdbPsEx0RmNhI-e-0&t=ffffffffd416f7fc
/ScriptResource.axd
::1

False

NT AUTHORITY\IUSR
9
NT AUTHORITY\IUSR
False
at System.IO.Compression.DeflaterZLib.DeflateInit(CompressionLevel compressionLevel, Int32 windowBits, Int32 memLevel, CompressionStrategy strategy) at System.IO.Compression.DeflaterZLib..ctor(CompressionLevel compressionLevel) at System.IO.Compression.DeflateStream.CreateDeflater(Nullable`1 compressionLevel) at System.IO.Compression.DeflateStream..ctor(Stream stream, CompressionMode mode, Boolean leaveOpen) at System.IO.Compression.GZipStream..ctor(Stream stream, CompressionMode mode) at System.Web.Handlers.ScriptResourceHandler.ProcessRequestInternal(HttpResponseBase response, String decryptedString, VirtualFileReader fileReader) at System.Web.Handlers.ScriptResourceHandler.ProcessRequest(HttpContextBase context, VirtualFileReader fileReader, Action`2 logAction, Boolean validatePath)

Resolution:You cannot run SharePoint successfully if the FIPS 140-2 is enabled on the server. The server on which you are installing SharePoint, you must exclude it from GPO that applies FIPS 140-2 (cryptography module).Follow the my post  https://www.bomzan.com/2018/01/11/guide-to-exclude-single-user-or-computer-to-exclude-from-the-group-policy/