(Cloud) Tip of the Day: Resolving HTTP 400 Request Header too long
Today’s Tip…
When you get the following error message…
HTTP 400 - Bad Request (Request Header too long)
This is most common when the user is a member of many Active Directory user groups. When a user is a member of a large number of active directory groups the Kerberos authentication token for the user increases in size. The HTTP request that the user sends to the HTTP server contains the Kerberos token in the WWW-Authenticate header, and the header size increases as the number of groups goes up. If the HTTP header or packet size increases past the limits configured in IIS, IIS may reject the request and send this error as the response.
You can resolve this by performing the steps in the following KB article…