Console users are unable to add users to a security role due to "HTTP Error 404.15 - Not Found" page being returned

Article:TECH190418  |  Created: 2012-06-05  |  Updated: 2013-01-03  |  Article URL http://www.symantec.com/docs/TECH190418
Article Type
Technical Solution


Issue



When attempting to add users to a security role the following error page (or something similar to it) is returned


Error



HTTP Error 404.15 - Not Found The request filtering module is configured to deny a request where the query string is too long.

Module RequestFilteringModule
Notification BeginRequest
Handler PageHandlerFactory-ISAPI-2.0-64
Error Code 0x00000000

Requested URL http://localhost:80/Altiris/NS/ItemListView.aspx?&Url=http%3a%2f%2flocalhost%2fAltiris%2fConsole%2ftree.aspx%3fTreeGuid%3da57fb0e9-0676-4e00-929a-6bb37dc1f888%26RootNode%3d2f8d24ec-77cf-4db3-980c-03e7022cf19d%26%26ConsoleGuid%3d1b22db4e-a898-443f-9b99-855b1653d3f5&TreeGuid=a57fb0e9-0676-4e00-929a-6bb37dc1f888&RootNode=2f8d24ec-77cf-4db3-980c-03e7022cf19d&ParentGuid=00000000-0000-0000-0000-000000000000&ItemGuid=2f8d24ec-77cf-4db3-980c-03e7022cf19d&ConsoleGuid=1b22db4e-a898-443f-9b99-855b1653d3f5
Physical Path C:\Program Files\Altiris\Notification Server\Web\ItemListView.aspx
Logon Method Not yet determined
Logon User Not yet determined

 


Environment



SMP 7.1 SP2


Cause



When the option to select to add members to the role is selected the picker will pull all current members (their Guids) and pass them in so that they can be excluded from the current selection window (because they are already members). When the membership reaches 55 it will cause the string of Guids it is passing in to be too long to be handled by IIS's pre-set parameters.
 


Solution



Run the following command on the SMP server to extend the IIS maximum:

%systemroot%\system32\inetsrv\appcmd.exe set config /section:system.webServer/security/requestFiltering /requestLimits.maxQueryString:"6074" /commit:apphost

This setting can also be changed (and the current setting viewed) by doing the following:

* Open IIS Manager
* Browse down to "Default Web Site"
* In the Features View, in the right pane, under IIS, double-click on "Request Filtering"
* In the far right pane select the "Edit Feature Settings..." link.
* The value in the bottom box "Maximum query string (Bytes):" is the value to change.

If, after changing the max query  string to a higher value, the error still occurs then try a higher value until the error goes away.

 




Article URL http://www.symantec.com/docs/TECH190418


Terms of use for this information are found in Legal Notices