SharePoint and HTTP 400 Bad Request Error
V: 1.0
Scenario
Users go to SharePoint site and get HTTP 400 Error. They may be able to see partial page but in most cases will get the error on all the sites.
The error is consistent between Internet Explorer and Chrome browsers. Go to Internet Explorer Tool > Internet Options > Advanced tab and uncheck the option ‘Show friendly HTTP error messages‘. Click OK.
Then refresh the page and you will see the error details.
HTTP 400 – Bad Request (Request Header Too Long)
Cause
The issue can happen if a user is part of too many Active Directory groups. Too many groups can increase the Kerberos authentication token size. The HTTP request sent to IIS web server will be rejected by IIS and users get this error.
Note: Active Directory uses Kerberos protocol.
Resolution
There are two options. Either remove extra AD groups from the user’s AD account or configure the registry settings on IIS (Internet Information Server) web servers.
Registry loaction on IIS web servers:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters
Set values for MaxFieldLength and MaxRequestBytes registry keys.
Name | Value Type | Value Data |
MaxFieldLength | DWORD | 65534 |
MaxRequestBytes | DWORD | 16777216 |
Registry file contents. Save below as .reg file and run on servers.
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\HTTP\Parameters]
“MaxFieldLength”=dword:00065534
“MaxRequestBytes”=dword:16777216
Click here to Download registry file
After theses settings, restart your servers. In case of SharePoint, I recommend to apply this setting on all WFE and App servers in the farm.
References:
- “HTTP 400 – Bad Request (Request Header too long)” error in Internet Information Services (IIS)
- Problems with Kerberos authentication when a user belongs to many groups
Keywords:
- HTTP 400 error in SharePoint
- HTTP 400 on sharepoint page and site
- SharePoint Bad Request error