Error message when an Outlook Web Access user tries to access a mailbox in Exchange Server 2003: "HTTP 400 Bad Request (Request header too long)" (920862)


The information in this article applies to:

  • Microsoft Exchange Server 2003 Enterprise Edition
  • Microsoft Exchange Server 2003 Standard Edition
Important This article contains information about how to modify the registry. Make sure to back up the registry before you modify it. Make sure that you know how to restore the registry if a problem occurs. For more information about how to back up, restore, and modify the registry, click the following article number to view the article in the Microsoft Knowledge Base:

256986 Description of the Microsoft Windows registry

SYMPTOMS

A Microsoft Office Outlook Web Access for Exchange Server 2003 user tries to access a mailbox on a computer that is running Microsoft Exchange Server 2003. When this occurs, the user receives an error message that resembles the following error message:
HTTP 400 Bad Request (Request header too long)

CAUSE

This issue may occur when the Outlook Web Access user is a member of many Microsoft Windows user groups. For example, the issue occurs when the user is a member of over a hundred Windows user groups.

RESOLUTION

Warning Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall your operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk.

To resolve this issue, you must configure three registry entries on the following computers:
  • The front-end Exchange Server 2003-based computer that provides Outlook Web Access access
  • The back-end Exchange Server 2003-based computer that hosts the mailbox
The three registry entries that you must configure are as follows:
  • MaxClientRequestBuffer
  • MaxFieldLength
  • MaxRequestBytes
These registry entries are found under two registry subkeys. Configure them as shown in the following tables.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\w3svc\parameters

NameValue typeValue data
MaxClientRequestBufferDWORD32768

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters

NameValue typeValue data
MaxFieldLengthDWORD65534
MaxRequestBytesDWORD500000

MORE INFORMATION

The MaxClientRequestBuffer registry entry

The data that is limited by MaxClientRequestBuffer (the response line and headers) consists of all data from the first byte of the request through the last byte before the entity body. This includes the method, the URL, any additional path information, the query string, the HTTP version, all the headers, and the characters that delimit all parts of the request. In other words, this includes all data that is not part of the body of the request.

Because Microsoft Internet Information Services (IIS) reads the blocks of the request data into buffers, the limit that is set by MaxClientRequestBuffer is not very precise. Therefore, after you use MaxClientRequestBuffer, you may have to test to verify that the actual limit on the size of the client request and of the header fields is what you expect.

You may want to use the POST method instead of the GET method to send lots of data in the request. GET requests use the URL part of the request line to send information to IIS. However, the POST method sends the information in the body of the request.

The MaxFieldLength and the MaxRequestBytes registry entries

By default, the MaxFieldLength registry entry is not present. This registry entry specifies the maximum size of any individual HTTP client request. Typically, this registry entry is configured together with the MaxRequestBytes registry entry.

In large environments, Outlook Web Access users may experience logon failures if the values for both these entries are not set to 32768. To enable users who are members of many Windows user groups to log on to Outlook Web Access, the MaxRequestBytes value must be configured to a larger value.

The MaxRequestBytes value determines the upper limit for the total size of the request line and the headers. If the MaxRequestBytes value is lower than the MaxFieldLength value, the MaxFieldLength value is adjusted.

REFERENCES

For more information about the MaxClientRequestBuffer registry entry, click the following article number to view the article in the Microsoft Knowledge Base:

260694 Description of the MaxClientRequestBuffer registry value


For more information about the MaxFieldLength registry entry, click the following link to view the document on the Microsoft Technet Web site:

http://www.microsoft.com/technet/prodtechnol/exchange/Analyzer/4925b93a-393f-4263-a9b4-f44c74db6a55.mspx

Modification Type:MajorLast Reviewed:8/21/2006
Keywords:kbtshoot kbprb KB920862 kbAudITPRO
©2004 Microsoft Corporation. All rights reserved.