System.IO.FileLoadException for System.ServiceModel.dll in SharePoint 2013

I came across an interesting situation recently when doing a fresh installation of SharePoint 2013 where once the installation was done no one could access the site - instead there was a tonne of errors in the ULS logs with the below exception:

The given assembly name or codebase, 'C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll', was invalid.

It took a little bit of digging, but in my case this was actually caused by some very strict group policies that were being applied to the servers. When I had a machine with no policies my deployment ran fine - after some additional digging I narrowed it down to this setting specifically:

Computer Configuration > Policies > Windows Settings > Security Settings > Local Policies > User Rights Assignment - Impersonate a client after authentication

This impersonation right is needed for SharePoint to correctly work with Windows authentication, so to ensure that you environment behaves correctly you need to ensure that the service accounts that are running your application pools are in the list of accounts that are allowed this permission in your policy. Also you need to ensure that your farm account has this as well, as it is the account that will be used to run the application pool for your Central Admin website. In my case as soon as I added a new policy to override the default one (the new one applying just to the SharePoint servers that needed it) this exception went away and SharePoint behaved normally. As far as I'm aware this might not be the only cause of this exception, but it is worth looking in to if you are experiencing this - especially if you know a tight group policy strategy is in place.