- We are facing an issue with our WHFB enrollment process.
- The ADFS server Windows Intergrated login process is throwing error:
HTTP 400 – Bad Request (Request header too long). - The issue is limited to one user at this point of time
- ADFS IDPinitiatedSignon page working on IE but not on Edge/Google Chrome with the above error when attempting kerberos authentication
- The user is part of 56 groups.
- SAM account name is of 20 characters (Migrated from a separate forest)
ADFS 4.0 IDPinitiatedSignOn Page Error: HTTP 400 – Bad Request (Request header too long)
active-directoryadfskerberos
Best Answer
Then IE is probably falling back to NTLM, which is bad in itself.
The solution for IIS can be found on: https://support.microsoft.com/en-us/help/2020943/http-400-bad-request-request-header-too-long-response-to-http-request