http error 400 the size of the request headers is too long (Network Steve Forum)

http error 400 the size of the request headers is too long

We have Exchange 2010 SP3 with CU4 and Exchange 2013 CU8.
We switched the CAS from 2010 to 2013.
Most users can succesfull connect to OWA and Outlook.
Unfortunately some users get on OWA > http error 400 the size of the request headers is too long
And when they start Outlook > server is not available

I found this post > http://smtp4it.net/2013/12/05/exchange-2013-to-2007-outlook-anywhere-proxy-issue/ and some other technet artciles but they all mention Exchange 2003 or 2007.
Also I read 1000+ groups we not have nearly that amount of groups.

When i switch CAS back to 2010 user can succesfully open OWA.

In exchange 2013 server in httper folder/log i see

2015-06-03 08:30:08 10.212.119.31 31657 10.212.119.31 444 HTTP/1.1 RPC_IN_DATA /rpc/rpcproxy.dll?server1.contoso.com:6001 400 2 BadRequest MSExchangeRpcProxyAppPool

Please any guidance

Edited by dirkverhagen123 Wednesday, June 03, 2015 8:54 AM

June 3rd, 2015 8:41am

In IISLog i find a entry for a problem user which connects to CAS 2013

2015-06-04 03:54:07 10.212.119.34 GET /OWA/ &CorrelationID=<empty>;&ClientId=XDDXUTAMREEBSLTXWRFG&cafeReqId=e1bd242a-35a3-40f6-874a-6a5182cff960; 443 CONTOSO\user1 10.12.1.12 Mozilla/5.0+(Linux;+Android+4.4.4;+XT1039+Build/KXB21.14-L1.56)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/43.0.2357.78+Mobile+Safari/537.36 https://webmail.contoso.com/CookieAuth.dll?GetLogon?curl=Z2FOWAZ2F&reason=0&formdir=25 400 0 0 171

Free Windows Admin Tool Kit Click here and download it now

June 4th, 2015 10:46am

Hi Allen,

We applied the regkeys to the 3 Exchange 2010 CAS servers and gave iisreset.

We did not apply the keys to the 6 Exchange 2010 MBX servers , is this necessary?

Issue still persists and error http 400 remains.

no need to apply to the MBX from what I have seen.

I would reboot the CAS and see if that fixes it.

June 4th, 2015 10:50am

Thanks for the reply

When with my test account i go to webmail.contoso.com or webmail.contoso.com/owa (we have redirect) i enter succesfull (now cas points to cas 2010)

Now when i directly go to https://webmail.contoso.com/owa/auth/logon.aspx i get FBA i enter credentials and then Bad Request 400 , the url in the top bar shows https://webmail.contoso.com/owa/auth.owa

The webpage cannot be found

Edited by dirkverhagen123 15 hours 49 minutes ago

Free Windows Admin Tool Kit Click here and download it now

June 4th, 2015 11:39am

Thanks for the reply

When with my test account i go to webmail.contoso.com or webmail.contoso.com/owa (we have redirect) i enter succesfull (now cas points to cas 2010)

The webpage cannot be found

Edited by dirkverhagen123 Thursday, June 04, 2015 3:39 PM

June 4th, 2015 3:37pm

I did a dsquery and found the user is member of only 300 groups (no including subgroups) so that probably the reason why the regkeys dont work as i dont hit the limit.

Anyone got a solution ?

Free Windows Admin Tool Kit Click here and download it now

June 8th, 2015 9:44am

Due to a blogpost we found we imported the regkeys and did iisreset.

Reading this article that explains exactly our errors in logging it states a complete reboot is necessary

https://support.microsoft.com/en-us/kb/2988444

Will try this tonight

Proposed as answer by Sathish VeerapandianMVP 16 hours 23 minutes ago

June 9th, 2015 9:11am

Thanks for sharing .

Free Windows Admin Tool Kit Click here and download it now

June 9th, 2015 11:09am

This topic is archived. No further replies will be accepted.