Environment:

SharePoint 2010, 3 farms: Collaboration, Service apps, FAST

Issue:

When users hit the site, they get "Unexpected Error occurred" and a correlation ID. After reviewing the ULS log, I find the following:

User Profile   Exception occured while connecting to WCF endpoint: System.ServiceModel.Security.SecurityAccessDeniedException: Access is denied.

Resolution:

Grant full control permission to the UPS service app for the web application app pool service account and the farm service account of the Collaboration farm:

Go to the Central Admin of the farm that is hosting the UPS service app,  Central Administration > User Profile Service Application Instance > Permissions