Share
ReportHi,
first - I've read through all articles popular search engines find to this topic.
Please be aware: I've no clue about CRM itself - I work at the customer at an engineer for general Windows Support and he told me about this issue.
We have the following situation:
After switching the CRM System to https (has been done with the CRM partner) some users can no longer login to Dynamics 365. All what they get with Internet Explorer is a "HTTP Error 400. The size of the rquest headers is too long"
Now this information is available on thousands of results within the web. We have applied the "fix" found in https://support.microsoft.com/en-us/help/2020943/http-400-bad-request-request-header-too-long-response-to-http-request and still the issue persists.
I've now done a lot of testing and those are my findings:
With Chrome (on the same client with the same username) everything works fine. I've done a Fiddler Trace and I do see that Chrome is using Kerberos for Authentication.
When we disable "Enable Integrated Windows Authentication" in Internet Explorer the Authentication works, but uses NTLM. I've seen this article about a detailed description again with the above described error: https://blogs.msdn.microsoft.com/ieinternals/2011/07/06/integrated-windows-authentication/
As the authentication is successful with Chrome and Kerberos it sounds like that the problem is related to Internet Explorer and the Kerberos Token.
Now the question is: Does anybody else has any other ideas how to use Kerberos with Internet Explorer?
Thanks for any hint!
*This post is locked for comments
All responses (
Answers (
83
