Websites are getting bigger and complicated by the day. Video, images, custom fonts are all great for showcasing your product/service. But the price to pay in terms of reduced page load times and ultimately, decreased sales, can lead to some difficult decisions about what to cut.
Course Of The Month
4 days, 11 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Sharepoint-Header is too long (MaxRequestBytes)
Posted on 2011-02-22
Dear all,
I would like to inquire about the registry parameter (MaxFieldLength-MaxRequest
Currently we have set the following values:
MaxFieldLength: 65534
MaxRequestBytes: 65534
But some users may receive this error because they belong to many groups and to get the kerberos ticket I believe it is long. The tech people told me that the value (MaxRequestBytes) can not be increased without affecting the infrastructure. I would like to understand why and how it can affect specifically.
I was reading this article: http://support.microsoft.com/kb/2020943
I would like to inquire about the registry parameter (MaxFieldLength-MaxRequest
Currently we have set the following values:
MaxFieldLength: 65534
MaxRequestBytes: 65534
But some users may receive this error because they belong to many groups and to get the kerberos ticket I believe it is long. The tech people told me that the value (MaxRequestBytes) can not be increased without affecting the infrastructure. I would like to understand why and how it can affect specifically.
I was reading this article: http://support.microsoft.com/kb/2020943
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
-
3
4 Comments
Impact:
It will have to be executed on all the servers of the farm (not the sql server), and you will need to take it up in your upgrade plan of your farm so that if you are adding a webfrontend that you are changing the registry key there as well. If you don't, and you will forget :) ,adding a new frontend will give these users the same error when they are directed to the new frontend by the load balancer.
It will have to be executed on all the servers of the farm (not the sql server), and you will need to take it up in your upgrade plan of your farm so that if you are adding a webfrontend that you are changing the registry key there as well. If you don't, and you will forget :) ,adding a new frontend will give these users the same error when they are directed to the new frontend by the load balancer.
Active 5 days ago
Thanks Kown,
What was to do was change in the 8 servers in the farm, but i recieve this answer: No, because.
"IMPORTANT: Changing These registry keys Can Be Considered Extremely Dangerous. These larger keys allow HTTP packets to Be Sent to IIS s, which in turn causes May Http.sys to use more memory and May Increase vulnerability to malicious attacks."
I would like to know as it relates to add this parameter in the registry on all servers in the farm?. Why not raise it above 64k recommend?.
They are Windows Server 2003 x64 8GB Ram
What was to do was change in the 8 servers in the farm, but i recieve this answer: No, because.
"IMPORTANT: Changing These registry keys Can Be Considered Extremely Dangerous. These larger keys allow HTTP packets to Be Sent to IIS s, which in turn causes May Http.sys to use more memory and May Increase vulnerability to malicious attacks."
I would like to know as it relates to add this parameter in the registry on all servers in the farm?. Why not raise it above 64k recommend?.
They are Windows Server 2003 x64 8GB Ram
Active 5 days ago
The infrastructure "would suffer"because the one who takes Http.sys Requests to put in a queue that then processes the App Pool ... if you accept headers larger (much larger) memory escalate considerably more, depending on how much it add, which may cause the IIS service fall completely.
The first request falls into Http.sys, so if you enlarge the size of the header that can be reached, it would be easier to kill the server by sending many large requests (Requests headers large) ... you understand?
There is more vulnerable the Http.sys, but the infrastructure that would come larger headers ... so mark it in bold, because much will depend on how you calculate it for the header ... it is best to take the header of the friends of Indonesia and see what is the maximum you header is coming, and on that basis to the maximum, ie, be as restrictive as possible.
Anyway, I recommend that you analyze the log of the server HTTPERR and see if they are well identified any IP they receive that message (in the field s-reason), because of having different IPs to those of Indonesia, without a cause "explained, "is to take care of making this change.
The first request falls into Http.sys, so if you enlarge the size of the header that can be reached, it would be easier to kill the server by sending many large requests (Requests headers large) ... you understand?
There is more vulnerable the Http.sys, but the infrastructure that would come larger headers ... so mark it in bold, because much will depend on how you calculate it for the header ... it is best to take the header of the friends of Indonesia and see what is the maximum you header is coming, and on that basis to the maximum, ie, be as restrictive as possible.
Anyway, I recommend that you analyze the log of the server HTTPERR and see if they are well identified any IP they receive that message (in the field s-reason), because of having different IPs to those of Indonesia, without a cause "explained, "is to take care of making this change.
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Lync server 2013 or Skype for business Backup Service Error ID 4049 – After File Share Migration
I thought I'd write this up for anyone who has a request to create an anonymous whistle-blower-type submission form created using SharePoint 2010 (this would probably work the same for 2013). It's not 100% fool-proof but it's as close as you can get…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses
Course of the Month4 days, 11 hours left to enroll
Earn Certification
MTA - Cloud Fundamentals - 98-369
$59.00$53.10
690 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.