ITsVISTA
Information that makes life easier when it comes to installing, managing, and using Windows Vista.
Start About FAQ Blogroll Shop

ITsVISTA KB-Link: KB971244

Windows Remote Management (WinRM) does not accept HTTP authorization requests that are larger than 16 KB on a computer that is running Windows Server 2008 or Windows Vista

Consider the following scenario:

  • You have Windows Remote Management (WinRM) installed on a computer that is running Windows Server 2008 or Windows Vista.
  • You have a user security token that is larger than 16 KB because of the domain configuration.
    Note: The size of the user security token grows together with the number of groups to which the user belongs.
  • You start a WinRM operation from this computer. Or, you use another application that uses WinRM for communication, such as Microsoft System Center Virtual Machine Manager.

In this scenario, the operation fails and you receive following error code:

0x803380f7

Additionally, the following event is logged in the System log:

Log Name: System
Source: Microsoft-Windows-Security-Kerberos
Date: Date & Time
Event ID: 6
Task Category: None
Level: Warning
Keywords: Classic
User: N/A
Computer: Computer Name
Description: The kerberos SSPI package generated an output token of size number bytes, which was too large to fit in the token buffer of size number bytes, provided by process id number. The output SSPI token being too large is probably the result of the user user name being a member of a large number of groups. It is recommended to minimize the number of groups a user belongs to. If the problem can not be corrected by reduction of the group memberships of this user, please contact your system administrator to increase the maximum token size, which in term is configured machine-wide via the following registry value: HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters\MaxTokenSize.
There is a download that resolves this issue. See Hotfixes for details.
64-Bit Download: Contact Microsoft

For more information on this issue, including potential causes, workarounds, and resolutions, see: Microsoft KB Article KB971244.

Get notified of new posts for FREE via RSS or E-mail

Subscribe to ITsVISTA!

Related Posts