NSX-T 3.0.2 & 3.1 UI broken for "Request Header Or Cookie Too Large"
search cancel

NSX-T 3.0.2 & 3.1 UI broken for "Request Header Or Cookie Too Large"

book

Article ID: 314291

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

This article provides steps for Hand-patching a 3.1 NSX Manager to increase maximum HTTP header sizes.

Symptoms:
NSX UI is broken, when you login with AD users who belong to considerable amount of AD groups 100+.
 
You will see this error :



Environment

VMware NSX-T Data Center
VMware NSX-T Data Center 3.x

Cause

This is a known issue affecting VMware NSX-T 3.0.2 and 3.1.
 When LDAP authentication is configured and a user is a member of many LDAP groups, the x-nsx-groups header might exceed nginx's default buffer size of 8k.
 

Resolution

This has been fixed in Highline Maintenance (3.1.1) release

Workaround:
Please create a Support Request with VMware Support and reference this KB for the steps to work around this issue. For helping with creating a Support Request see this KB: https://kb.vmware.com/s/article/2006985