NSX-T 3.0.2 & 3.1 UI broken for "Request Header Or Cookie Too Large"
Article ID: 314291
Updated On:
Products
VMware NSX
Issue/Introduction
This article provides steps for Hand-patching a 3.1 NSX Manager to increase maximum HTTP header sizes.
Symptoms:
NSX UI is broken, when you login with AD users who belong to considerable amount of AD groups 100+.
You will see this error :
400 Bad Request: Request Header Or Cookie Too Large - nginx
Symptoms:
NSX UI is broken, when you login with AD users who belong to considerable amount of AD groups 100+.
You will see this error :
400 Bad Request: Request Header Or Cookie Too Large - nginx
Environment
VMware NSX-T Data Center
VMware NSX-T Data Center 3.x
VMware NSX-T Data Center 3.x
Cause
This is a known issue affecting VMware NSX-T 3.0.2 and 3.1.
When LDAP authentication is configured and a user is a member of many LDAP groups, the x-nsx-groups header might exceed nginx's default buffer size of 8k.
When LDAP authentication is configured and a user is a member of many LDAP groups, the x-nsx-groups header might exceed nginx's default buffer size of 8k.
Resolution
This issue is resolved in VMware NSX 3.1.1 available at Broadcom downloads
Workaround:
If you believe you have encountered this issue, please open a support case with Broadcom Support and refer to this KB article. For more information, see Creating and managing Broadcom support cases
Workaround:
If you believe you have encountered this issue, please open a support case with Broadcom Support and refer to this KB article. For more information, see Creating and managing Broadcom support cases
Feedback
Yes
No
Powered by
