Hi,
first - I I've read through all articles popular search engines find to this topic.
For your information: The system affected is Dynamics 365
We have the following situation:
After switching the CRM System to https (has been done with the CRM partner) some users can no longer login to Dynamics 365. All what they get with Internet Explorer is a "HTTP Error 400. The size of the rquest headers is too long"
Now this information is available on thousands of results within the web. We have applied the "fix" found inhttps://support.microsoft.com/en-us/help/2020943/http-400-bad-request-request-header-too-long-response-to-http-request and still the issue persists.
I've now done a lot of testing and those are my findings:
With Chrome (on the same client with the same username) everything works fine. I've done a Fiddler Trace and I do see that Chrome is using Kerberos for Authentication.
When we disable "Enable Integrated Windows Authentication" in Internet Explorer the Authentication works, but uses NTLM. I've seen this article about a detailed description again with the above described error:https://blogs.msdn.microsoft.com/ieinternals/2011/07/06/integrated-windows-authentication/
As the authentication is successful with Chrome and Kerberos it sounds like that the problem is related to Internet Explorer and the Kerberos Token.
Now the question is: Does anybody else has any other ideas how to use Kerberos with Internet Explorer?
Thanks for any hint!
