<< Back To All Blogs
Fixing 400 RequestLength Issue in SharePoint and IIS
Thursday, July 16th, 2009
We recently came across an issue where a specific user was always receiving a 400 RequestLength error any time they attempted to view our SharePoint server. The issue turned out to be related to the user's group memberships and the fact that they were a member of a large number of groups.
The issue arises from the limits in IIS (and therefore SharePoint) with regards to the length of header fields. By default, the limit is 16384, and in this user's case the Kerberos token was beyond that limit, and therefore IIS would return an error with, exactly what it said, RequestLength.
There is, however, a resolution to the problem here.
We resolved the issue by adding the following DWORD registry value in HKLM\System\CurrentControlSet\Services\HTTP\Parameters:
MaxFieldLength = 65534 (This allows header fields to have a length of up to 65534)
You should also note that the DWORD key MaxRequestLength should also be added. MaxRequestLength is a limit to the entire number of bytes a specific request can contain. MaxRequestLength also encapsulates the MaxFieldLength. In other words, if MaxRequestLength is 1000, and MaxFieldLength is 2000, MaxFieldLength will effectively be 1000 as it is limited by the size of MaxRequestLength. MaxRequestLength can be set all the way up to 16777216 (16MB).
Restart your server and you should no longer receive the issue.
NOTE: As our trusty Network Admin pointed out, Windows machines will require a change per this article. This article relates to a broader issue which prevents user machines from accessing file shares and other network services as a result of the default Kerberos token size in Windows itself being limited to 12000 bytes.
400in' Tom Out.
Configuring ASP.NET (And SharePoint) to use SQL-based Sessions
Resolving "Tracing Service lost trace events" in MOSS 2007
Fixing MOSS/WSS SharePoint errors with Alternate Access Mappings
Currently no comments.
Add A Comment
Email Address: (not public, used to send notifications on further comments)
Enter the text above, except for the 1st and last character: