AD users unable to view and edit DRS settings
search cancel

AD users unable to view and edit DRS settings

book

Article ID: 319441

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

Symptoms:

  • AD users unable to view and edit DRS settings
  • SSO user is able to view and edit DRS settings

 

Cause

Envoy logs -

2023-09-01T12:31:37.516Z - - HTTP/1.1 431 http1.headers_too_large DPE 0 31 0 - - 127.0.0.1:41252 127.0.0.1:1080 - -

2023-09-01T12:31:40.524Z info envoy[140411437238080] [Originator@6876 sub=Default] 2023-09-01T12:31:38.830Z - - HTTP/1.1 431 http1.headers_too_large DPE 0 31 0 - - 127.0.0.1:46396 127.0.0.1:1080 - -

2023-09-01T12:31:38.435Z info envoy[140411437238080] [Originator@6876 sub=Default] 2023-09-01T12:31:37.516Z - - HTTP/1.1 431 http1.headers_too_large DPE 0 31 0 - - 127.0.0.1:41252 127.0.0.1:1080 - -

2023-09-01T12:31:40.524Z info envoy[140411437238080] [Originator@6876 sub=Default] 2023-09-01T12:31:38.830Z - - HTTP/1.1 431 http1.headers_too_large DPE 0 31 0 - - 127.0.0.1:46396 127.0.0.1:1080 - -

VCSA's envoy fails the request with HTTP status 431 as the request headers size has exceeded the configured/default 60KB limit.

Resolution

Increase the Request Headers Size Limit -

  • Take a snapshot of the vCenter.
  • Navigate to location - cd /etc/vmware-rhttpproxy/
  • Edit the file - vi config.xml 
  • Search for the tag - <envoy>
  • Add/Edit below tag:

<http>

<maxRequestHeadersKb>96</maxRequestHeadersKb>

</http>

  • Restart the rhttpproxy service - service-control --restart rhttpproxy



Additional Information

Impact/Risks:

AD users wouldn't be able to view or edit DRS settings.


Powered by Wolken Software