Migrated Users from old domain to new domain are getting HTTP 400 Bad Request for Intranet site

February 4, 2015, 3:23 pm

≫ Next: Printer Properties box freezes when printing a pdf from IE10...

Hi all, I'm hoping someone can help. As the title states users are getting an http 400 bad request error message when visiting an intranet page. This is only happening for a few users, and started happening after they were migrated. We are using SID history for access to resources. Here's what i've tried so far.

Enable old account, site works w/ no issues
Duplicate new account to use that as a test, and start removing security groups from new test account. Eventually the AD account was able to access the account after i removed enough groups. This is not really a feasible solution at this time since we still have both domains up and running.

This tells me I'm looking at a token size issues.
I installed Fiddler on the workstation to captures some information. With Fiddler running the user is able to access the site w/ no issues. I'm assuming there is no useable information in Fiddler then since it couldn't catch any errors. My experience w/ fiddler is limited so if you have any suggestions feel free to give them.
I started looking at this URL which is a fairly decent write up
http://blogs.technet.com/b/surama/archive/2009/04/06/kerberos-authentication-problem-with-active-directory.aspx
On the webserver
MaxRequestBytes was already set to 65534
MaxFieldLenghth was already set to 65534. I increased this to the max for testing 16777216 and restarted IIS
MaxTokenSize on the workstation and Webserver by default is set to 48000. For testing I set it to 65534 and rebooted both.
Here is a screenshot of the tokensz utility, after I removed the maxtokensize reg key
Ran the ntdsutil and queried the number of groups the user is in. So effectively if i understand this, the user is in 242 groups because of SID history.

WebServer is Windows 2000. w/ IIS 5
Workstations are Windows 7 x86

Hopefully someone has some ideas, any and all are welcome. Thanks in advance.

↧

Printer Properties box freezes when printing a pdf from IE10...

June 14, 2013, 12:03 pm

≫ Next: upgrade from ie9 to ie11 results in suspected javascript problem

≪ Previous: Migrated Users from old domain to new domain are getting HTTP 400 Bad Request for Intranet site

Hello --

I have a clean install of Win7 Professional (32-bit).. installed Adobe Reader 9.. installed Win7 SP1 and all necessary and recommended updates.. updated Reader to v9.5.5 (this is the only/latest version supported by some of our company software).. There is nothing else installed on this machine.

The problem: When I open IE10, click on a pdf link (the pdf displays properly in the browser), click the Print icon in the upper-left, click Properties in the Print dialog, the Properties dialog comes up and then freezes. The tabs, buttons, and mouse pointer graphically change, but clicking does nothing. Clicking the underlying Print dialog box makes the Properties box flash, so it's not totally locked, but just unresponsive to clicks. The only way to close the dialog box is to stop the iexplore process in taskmgr. This happens with any printer selected (tested on local and network printers, and even MS XPS Doc Writer, and Fax).

I can save the pdf and print from Reader directly with no problem, and I understand that I can deselect "Display pdfs in browser" in Reader options, however, those workarounds won't satisfy the users.

I'm at a loss as to what could be causing this or how to proceed further in troubleshooting this.. Can anyone lend a hand please?

Thanks.

↧

upgrade from ie9 to ie11 results in suspected javascript problem

January 24, 2015, 2:01 am

≫ Next: When going to secure sites they load in HTML format

≪ Previous: Printer Properties box freezes when printing a pdf from IE10...

Upgraded Win7 to Win7sp1, in order to allow upgrade from ie9 to ie11. Install not straightforward and no confirmation if install was seen for ie11. Have checked version on 'about' screen, and it is ie11 (v 11.0.9600.17501 , update version 11.0.15 KB3008923.

Suspected Javascript failure as video on BBC sites don't load. Have checked in 'Tools' 'Advanced' on menu for script related options but am unclear about all options.

Any help appreciated.

↧

When going to secure sites they load in HTML format

February 5, 2015, 1:01 pm

≫ Next: IE 11 Group Policy Home Page

≪ Previous: upgrade from ie9 to ie11 results in suspected javascript problem

Occurs in IE 11 and downgraded to IE10 with the same issue. Reset IE to default settings and tried in Compatibility view still same issue.

Thanks,

Eric

↧

IE 11 Group Policy Home Page

February 5, 2015, 1:35 pm

≫ Next: This organization's certificate has been revoked

≪ Previous: When going to secure sites they load in HTML format

I am working with IE 11 Group Policy Preferences.

First issue, is that I do not have a Home Page specified so that in my thinking, users home page will stay with they currently have setup.

Problem - users are getting message that "http://' is not currently available. So their home page is being directed to http:// and nothing else. They can specify a home page, but after Group Policy refreshes, they go back to http://.

I am editing the GPO on a 2012R2 server and the Home Page section on General tab is blank (no red lines, I hit F6)

↧

This organization's certificate has been revoked

February 5, 2015, 6:56 pm

≫ Next: How do I stop IE 11 from renaming downloads

≪ Previous: IE 11 Group Policy Home Page

When trying to access https://paypaperbills.postbillpay.com.au/postbillpay/default.aspx I get the error message "This organization's certificate has been revoked." Only "Click here to close this webpage." is available to click on.

Running Internet Explorer 11 on Windows 7.

This site is accessible from other computers.

I have tried clearing Internet Explorer cache, resetting advanced settings, and disabling "Check for publisher's certificate revocation".

↧

How do I stop IE 11 from renaming downloads

April 22, 2014, 9:07 am

≫ Next: Internet Explorer Run/Save/Cancel buttons don't work.

≪ Previous: This organization's certificate has been revoked

IE 11 renames files. For instance, .exe files become _exe, .zip become _zip. This is happening on Win 7 Ultimate-64-bit, Win 7 Pro 64-bit, and Win 8.1 Update.

This interferes with my ability to get updates to my Visual Studio and many other programming tools.

IE 11 won't even support the Akami system used by MS.

As far as I know all the security settings are set to allow downloads. Windows Firewall is configured to tell me when it blocks a program.

I read an earlier blog post from the IE Team that says this problem is due to some sites being creative!?!

The latest Firefox has no issues downloading.

M Whipps

↧

Internet Explorer Run/Save/Cancel buttons don't work.

February 2, 2015, 1:51 am

≫ Next: Internet Explorer Cannot display google.com or yahoo.com site but Chrome can.

≪ Previous: How do I stop IE 11 from renaming downloads

Hi,

I've got a laptop that I need to repair and it ran very slow. I took some malware, virusses and PUA (Potentionally unwanted/unsafe applications) off on an external computer with Malwarebtytes and ESET, I also ran sfc /scannow (with /offwindir and /offbootdir switches) and it returned no errors. When I placed the harddisk back in the laptop I ran another scan in safe mode, with Malwarebytes, and it found some more threats (non-malware), I also removed some applications I didn't trust manually in normal mode afterwards.

Then I wanted to download a file in Internet Explorer (v11) and I could browse sites and everything, it asked me if I want to configure/start add-ons, this all worked fine, the thing that doesn't work is the popup (Run/Save/Cancel) when I want to download a file the whole popup doesn't respond (not even the red close cross), the buttons are click-able and I see them being clicked, nothing happens.

I've tried a lot of things to solve this problem: sfc /scannow (with offline switches and when placed in laptop no errors, twice), reset IE via inetcpl.cpl > advanced settings (a few times), Restore advanced settings, Windows Updates, iexplore -extoff, I even removed IE 11 and reverted to IE10 the problem remained, I upgraded to IE11 and the problem remained. I cleaned all IE related files with CCleaner, which I also used to clean the registry after the malware scans. In safe mode the buttons also don't work. When I start Internet Explorer, it asks if I want to enable Ask Toolbar Quick View. I removed everything related to Ask Toolbar and I couldn't find this Ask Toolbar Quick View in Control Panel > Programs and Features if I open regedit and look for"ask", I get nothing related to this toolbar thing.

I've spent hours looking for a solution and tried everything I can think of, if anyone has experience with this problem or has tips to solve this issue, please share. I'll do likewise if I get to a solution.

Regards,

Ranko

↧

Internet Explorer Cannot display google.com or yahoo.com site but Chrome can.

January 30, 2015, 7:14 am

≫ Next: [IE11] Detect if website is running in compability mode

≪ Previous: Internet Explorer Run/Save/Cancel buttons don't work.

Hi,

I have a PC in the office with a strange issue, please bare with me as this is most odd.

HP Z400 workstation, Windows 7 Ent X64, IE 11. On a Server 2008 Domain.

On this PC, for any user that logs on, IE will not display a lot of websites, examples are www.google.com and www.yahoo.com. I can access them in Chrome completely fine. IE just tells me "Cannot display the webpage".

I CAN ping the sites, and IE WILL display them if i enter the IP in the address bar. I just cannot access the site by name.

I have tried the following things to fix this and none of them worked;

1. Uninstall/RE-install IE

2. "Reset" IE to default using the advanced option button

3. IPconfig /flushDNS

4. Bypassed our internal Proxy server (websense) to rule that out

5. Cleared cached WPAD files (Del \wpad*.dat /S), combined with nbtstat -r, IE Reset and Flushdns

6. Changed physical network adaptor in the PC

7. Changed all network cabling from floor port to PC and patched to a different switch port in comms rack (clutching at straws at this point)

I think i can rule out out Domain's DNS, as other machines are OK and DNS Lookups are OK (as i can get the IP for the site and browse to that)

I have no more ideas to try out, so I come here pleading for your help to solve this before I decide on a career change and run away from it.

Hope I have provided enough info, let me know if you need anything further.

Thanks,

Tom

P.S. Please done respond just asking me to "Clean boot" the system, I tried safe mode with networking already and i still get the same problem.

↧

[IE11] Detect if website is running in compability mode

February 6, 2015, 1:57 am

≫ Next: Do the IE Developers Think the Experimental Mode in IE11 on Win 10 is even close to ready?

≪ Previous: Internet Explorer Cannot display google.com or yahoo.com site but Chrome can.

Added a website to the compability view list, opened up the developer tools but there's no way to determine if the website is running in compability view or not? Makes it hard to troubleshoot when using policies. Am i missing something?

↧

Do the IE Developers Think the Experimental Mode in IE11 on Win 10 is even close to ready?

February 6, 2015, 6:09 pm

≫ Next: advancing stories on msn home page

≪ Previous: [IE11] Detect if website is running in compability mode

Most forum editors either just flat don't work or yield very flaky results with IE11 as being delivered with the Win 10 previews. Even your forum editor here doesn't work well with it.

Microsoft claims to be listening to feedback from users for Win 10 (something I have yet to see evidence of), and I've provided feedback via the prescribed channels (Feedback App and frowny face), but I'm going to leave a note here too in the hopes that someone who matters might see it...

If you folks think IE 11's experimental mode is close to release readiness, you are mistaken.

FWIW, IE11 on Win 10 with the experimental mode turned off works passably well.

-Noel

Detailed how-to in my eBooks:

Configure The Windows 7 "To Work" Options
Configure The Windows 8 "To Work" Options

↧

advancing stories on msn home page

February 6, 2015, 6:22 pm

≫ Next: compatibility view GPO not take effect in IE10

≪ Previous: Do the IE Developers Think the Experimental Mode in IE11 on Win 10 is even close to ready?

How do I stop the story headlines from advancing so I can advance them manually?

↧

compatibility view GPO not take effect in IE10

January 30, 2015, 1:57 pm

≫ Next: IE11 Enterprise Mode SiteList

≪ Previous: advancing stories on msn home page

Posted the question on GPO forum but decided to ask on IE forum because somebody could experience and know IE10 specific problem. DCs are 2008 Functional Level 2003. Latest ADMXs in place.

Description:

I added contoso.com in

Computer Configuration / Administrative Templates / Windows Components / Internet Explorer / Compatibility View / show contents

GPO applied on workstation.

When check Compatibility View in IE it is empty. I guess it should appear there if GPO applied and not permitted for deletion.

HAVE TO add that the test is on W7 with IE10(64bit) installed on top of IE8

What could be a problem?

thx.

--- When you hit a wrong note its the next note that makes it good or bad. --- Miles Davis

↧

IE11 Enterprise Mode SiteList

February 6, 2015, 1:48 pm

≫ Next: file access with IIS

≪ Previous: compatibility view GPO not take effect in IE10

Hi,

We have Enterprise Mode enabled in the registry and have a sitelist location set up. It's seems to be working just fine.

Does anyone know how IE 11 will behave if the sitelist is no longer accessible (if the server that it is hosted on goes down)? Is the list copied locally somewhere?

Thanks,

Peggy

↧

file access with IIS

February 7, 2015, 6:49 am

≫ Next: IE9+ download prompts and download problems

≪ Previous: IE11 Enterprise Mode SiteList

how can i access files on my PC using IIS

↧

IE9+ download prompts and download problems

December 2, 2014, 2:29 pm

≫ Next: User names and passwords Not saving IE11 server 2012R2 & rds

≪ Previous: file access with IIS

I have two things going with IE9+, both related to downloads. I'll mention the problem first.

IE9+ apparently downloads similar to how FireFox downloads, in that it downloads straight to the location that you're looking to save the file, but as a '.part' file (or something along that line) until it's finished, at which point, it renames the file and completes the download. The problem I've been having since IE9 came out and still see with IE11 is with downloading to my 'special folders' (Downloads, Favorites, etc) which are redirected to a network location. Downloads using IE9+ will randomly fail for no apparent reason - except the download didn't actually fail - It'll get the whole download, then for whatever reason, be unable to rename it (I Assume) because the '.part' file is there and complete, and removing everything after the proper extension results in a proper and fully functional file. As much as I dislike Firefox, I've never had anything even close happen downloading to the same locations. Any thoughts as to why one download will 'fail' but another to the same place will be fine, and Firefox has never had this issue?

My other issue is with the download prompts. When downloading zip files, I get the prompt inserted below. Pretty much everything else prompts using a stupid bar along the bottom of the page - I LOATHE that stupid bar. How can I make *everything* prompt the same way I get prompted for zip files? Since it obviously works **RIGHT** for zip files, there has got to be a way to make it work the same for all file types. This issue along with the random 'failures' above are why I absolutely REFUSE to downgrade from IE8 to 9+ on any machine that I have a choice on, and use FireFox under protest everywhere else. IE8 was the last decent IE Browser.

Anyone have any thoughts?

Thanks

↧

User names and passwords Not saving IE11 server 2012R2 & rds

February 5, 2015, 3:06 am

≫ Next: Unable to install NetDvrPlugin.exe using explorer 11

≪ Previous: IE9+ download prompts and download problems

hello all

hope someone can advise

i have just built a new RDS environment (with citrix xenapp 7.6) everything is working fine except for saving usernames and passwords. its really frustrating. our legacy environment is the same except using 2008R2 and that works fine

could someone advise on what needs to be saved in the local profile where these settings are saved ? is there a policy that needs setting specific for IE11 ?

any advice appreciated

thanks

dave

dsbrown

↧

Unable to install NetDvrPlugin.exe using explorer 11

February 8, 2015, 6:30 am

≫ Next: Can't move toobars in IE 9 with Toolbars Unlocked

≪ Previous: User names and passwords Not saving IE11 server 2012R2 & rds

Hi,

I have installed a standalone DVR and when accessing it via its IP address IE asks me to download and install plug in (NetDvrPlugin.exe) .. when I do this I restart IE , but t still asks for the plug in each time ? I have also tried restarting the pc and the problem is the same ..... If I download the NetDvrPlugin.exe to the desktop the DVR can be seen , but it should install itself into IE as requested ..... any ideas how this problem can be solved ? It used to be fine in the older versions of IE any help appreciated kind regards Paul quovadisuk at aol . com

↧

Can't move toobars in IE 9 with Toolbars Unlocked

March 17, 2011, 12:12 pm

≫ Next: Akamai Download Manager in ie 11?

≪ Previous: Unable to install NetDvrPlugin.exe using explorer 11

According to the IE 9 help files, I should be able to move and resize the various IE 9 toolbars by clicking and draging on the "command bar separator" but this does not seem to work.

↧