You may see the following symptoms if you have just configured your Personalization servers for load balancing, with Windows authentication:
- The Personalizaton Operations console is inaccessible, with a 500.19 error:
HTTP Error 500.0 - Internal Server Error
The page cannot be displayed because an internal server error has occurred.
- It is not possible to connect to the Personalization server via the EM console, as it will display a "Contacting Personalization Server" error for an extended period of time:
- Personalization fails for users - if you review a set of EM client logs ( instructions on how to collect them are here ) you may see lines similar to the following:
L3 T14532 10:33:29.883 [w32httplib::WinHttpClient::Navigate] ReceiveResponse HTTP status code: 
L1 T14532 10:33:29.899 [w32httplib::WinHttpClient::HandleAuthentication] WinHttpQueryAuthSchemes failed. Error 
L1 T14532 10:33:29.901 [ProfileManager::AddCommsLogEntry] CommsLog: [Failed to get serverlist from http://servername:7771/PersonalizationServer,http://servername.local:7771/PersonalizationServer, error 4317]
This issue is seen when the IIS_IUSRS group is missing from the following group policy:
Computer Configuration > Windows Settings > Security Settings > Local Policies > User Rights Assignment > Impersonate a client after authentication
The IIS_IUSRS group is added to the security token for each worker process (w3wp.exe) used to run the website, which allows additional permissions relevant to IIS to be added without explicitly adding them to the app pool identity (in this case the load balancing service account you have configured).
If you are seeing this issue, you will need to ensure that IIS_IUSRS is added to this policy, and then restart IIS.