Here at the customer we are encountering a problem when calling our .Net web applications.  Many users are getting a HTTP 400 – Bad Request error (Request Header Too Long). 

After many investigations with other people who do not have this problem when connecting to the web applications, it seems that only users who are belonging to too many groups (>300) get this error.

Here are a few articles on this problem:
http://support.microsoft.com/kb/327825
http://support.microsoft.com/kb/269643/
http://support.microsoft.com/kb/263693/

After checking the workaround proposed in these articles (increasing the MaxTokenSize value to 65535), but it is already done on our workstations!  According these articles, "the token size to 65 KB allows a user to be present in more than 900 groups. Because of the associated SID information, this number may vary”.  In addition, the naming conventions used here for security groups do not help!

If you want to check in which group you belong, you can use following command in a DOS box:

ismember /list

If you want to know, the total groups use this command:

ismember /list|find "User" /c

For myself, at this moment, I belong to 478 groups.

At For the moment, we do not have a solution for this problem.