Read time 5 minutes
Outlook on the web (OWA) helps users access Exchange mailboxes from any browser. But sometimes users face the HTTP 400 Bad Request error while opening Outlook Web App, ECP, or Exchange mailbox data.
This issue mainly appears in Exchange Server 2010, 2013, and 2016 environments because of IIS limits, damaged browser cache, incorrect authentication, oversized Active Directory tokens, or Exchange database corruption that affects mailbox accessibility and web services.
In this guide, we will explore quick methods to fix the HTTP 400 Bad Request error in Exchange Server with a step-by-step process.
"This error (HTTP 400 Bad Request) means that Internet Explorer was able to connect to the web server, but the webpage could not be found because of a problem with the address."
What is an HTTP 400 bad request error?
When the user proxies an HTTP request from an Exchange Server 2013 Client Access Server) or Microsoft Exchange Server 2016 (running client access service) to an older version of Exchange server, then you may get a bad request error, as mentioned above.
Mostly, this issue is found in Exchange Server 2016 (Enterprise & Standard Edition), Exchange Server 2013 (Enterprise & Standard Edition), and Exchange Server 2010 (Standard & Enterprise) environments.
Also, Exchange Server 2013 Client Access server show the following in the Exchange logs ( <Exchange Server Install Path>\Logging\HttpProxy\<Http resource>):
2014-07-24T16:56:17.806Z,ddf5379e-4a97-4833-b331-36328b9f8b58,15,0,913,7,,Owa,outlook.Wingtiptoys.com,/owa/,,Negotiate,True,WINGTIPTOYS
\user003,,Sid~S-1-5-21-3205615561-4199783494-2467053687-1128,Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET4.0C; .NET4.0E; .NET CLR 3.5.30729; .NET CLR 3.0.30729),192.168.137.113,WINGTIP-E2K13,400,400,,GET,Proxy,wingtip-e2k10.wingtiptoys.com,14.03.0123.000,IntraForest,WindowsIdentity-ServerCookie,Server~WINGTIP-E2K10.Wingtiptoys.com~1937997947~07/24/2014 17:01:18,,,0,342,1,,4,14,,0,,0,,0,0,,0,46.8744,0,,,,18,0,1,0,0,1,38,1,20,20,20,24,43,,,BeginRequest=
2014-07-24T16:56:17.759Z;CorrelationID=;ProxyState-Run=None;ProxyToDownLevel=True;BeginGetResponse=2014-07-24T16:56:17.791Z;OnResponseReady=2014-07-24T16:56:17.806Z;EndGetResponse=2014-07-24T16:56:17.806Z;ProxyState-Complete=ProxyResponseData;EndRequest=2014-07-24T16:56:17.806Z;,WebExceptionStatus=ProtocolError;ResponseStatusCode=400;WebException
=System.Net.WebException: The remote server returned an error: (400) Bad Request. at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult) at Microsoft.Exchange.HttpProxy.ProxyRequestHandler.<>c__DisplayClass2a.b__28();
Moreover, the Exchange Server 2010 and Exchange Server 2007’s Client Access Server may have the following error message in their HTTPERR logs:
2014-07-24 16:48:06 192.168.137.113 53335 192.168.137.110 443 HTTP/1.1 GET /owa/ 400 – RequestLength –
2014-07-24 16:48:06 192.168.137.113 53335 192.168.137.110 443 HTTP/1.1 GET /owa/ 400 – FieldLength –
Cause of the HTTP 400 Bad request error
The cause of the error is the presence of your account in the multiple Active Directory Groups. The error may occur in the proxy request form the Client Access Server of Exchange Server 2016 or 2013 to that of Exchange Server 2010. Users may often encounter 400 bad requests when entering invalid URLs, outdated cookies and cache files, or a Conditional Access Policy blocking the authentication.
List of 400 client errors
Here are some common “request failed with status code 400” errors that users often face while accessing Exchange Server mailbox.
- HTTP 401 Unauthorized: The error code HTTP 401 or Unauthorized states that the client is deprived of the proper credentials to get access to the server. This can be due to missing, incorrect, or expired credentials being entered.
- HTTP 403 Forbidden: Error HTTP 403 Forbidden is encountered when a user is not provided the requested access even after successful authentication. This happens when the user does not have the required permissions or if the IP address is blacklisted.
- HTTP 404: HTTP request has exceeded the allotted timeout or HTTP 404 error appears when you attempt to move a mailbox from on-premises Exchange to Exchange Online. Users may face this error if ExchangeGUID property of the Exchange Online MailUser object does not match that of the on-premises Exchange.
Other common reasons behind the HTTP 400 error include
- Corrupt browser cookies and cache
- Incorrect IIS authentication settings
- Invalid SSL certificate binding
- Broken Exchange virtual directories
- Large request headers in IIS
- Unsupported .NET Framework updates
- Hybrid Exchange configuration conflicts
Many Exchange administrators also report this issue after Exchange cumulative updates or security patches. In some environments, related service failures such as Exchange service error 1068 can also affect Exchange dependencies and contribute to mailbox access problems.
Resolve the HTTP 400 Bad request issue
To resolve the http status 400 bad request issue, you must remove the user account from multiple Active Directory Groups. Also, increase the MaxFieldLength and MaxRequestBytes subkeys for all Exchange Server 2010 CAS.
Method 1. Change Subkey Parameter
First, we will learn to change the subkey parameter in the Exchange Server 2010.
Step 1. Go to each Exchange Server 2010 Client Access Server and try to locate the following subkey;
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters
Step 2. Check the MaxFieldLength and MaxRequestBytes entries and change the value in their tables:
| Value Name | Value Type | Value Data | Value Base |
| MaxFieldLength | DWORD | 65536 | Decimal |
| MaxRequestBytes | DWORD | 65536 | Decimal |
Step 3. Restart the Client Access Server and try to run the proxy process again.
NOTE:
- If you do not find the entries for the MaxFieldLength or MaxRequestBytes, then create these entries manually.
- Increasing the values of these entries will allow larger HTTP packets to be sent to IIS and will cause the Http.sys to use more memory. It may further increase the chances of malicious malware and spyware attacks.
Method 2. Reduce the number of Active Directory groups
The second method is removing the user account from the different role groups of the Active Directory. A user account can be a member of multiple groups. The Bad Request error occurs when a user account that is running the proxy service is a member of multiple groups.
You can remove the user account from the group using the Exchange Shell cmdlets. Here is the example:
Remove-ADGroupMember -Identity <RoleGroupName> -Members <AccountName>
Example:
Remove-ADGroupMember -Identity Networking -Members Jonathan
The command will remove the account name Jonathan from the Networking Role Group.
Method 3. Clear Browser Cache and Cookies
Sometimes, outdated browser cookies create authentication conflicts with Outlook on the web. Clear browser cache and cookies, then reopen OWA or ECP.
After cache removal:
- Restart the browser
- Open Exchange URL again
- Try Incognito or Private mode
- Test another browser
This quick fix helps many users resolve temporary HTTP 400 request issues.
Method 4. Recreate OWA and ECP Virtual Directories
Damaged Exchange virtual directories may also trigger the HTTP 400 Bad Request issue. In such cases, recreate the OWA and ECP virtual directories with Exchange Management Shell.
Administrators often use this method after failed Exchange updates or IIS configuration issues. If the issue persists and mailbox accessibility remains affected, administrators often verify database health and, when required, perform an EDB to PST export to access critical mailbox data while troubleshooting the Exchange environment. Here are the commands to follow:
</> PowerShell
Remove-OwaVirtualDirectory -Identity “Server\owa (Default Web Site)”
New-OwaVirtualDirectory -WebSiteName “Default Web Site”
After completion, run:
</> PowerShell
iisreset
How to remove corruption from Exchange mailboxes?
The above-mentioned methods remove the causes affecting the proxy requests that give the bad request error 400. But sometimes, such errors may occur due to corruption in Exchange mailbox. The manual methods will not remove the corruption, and the issue will keep affecting Outlook Web Apps. So, you should also scan the EDB file for corruption issues, and if found, use Exchange recovery tool.
Kernel for Exchange Server tool helps repair corrupt EDB files and recover inaccessible mailbox data without complex manual steps. The software supports Exchange 2019, 2016, 2013, and older versions. It will recover deleted mailbox in Exchange server. It will give you a clear preview of the recovered data and allow you to save the recovered items in multiple output formats.
Author’s Verdict
As discussed in the blog, this HTTP 400 Bad Request error will mainly occur when your website cannot open OWA. Once you understand the proper cause, you can easily fix the issue using the given methods. Make sure to follow them properly with proper Exchange administrator rights. For better long-term Exchange management, administrators should also monitor database growth and split large EDB files when they become difficult to maintain or recover.
However, you can’t execute these methods in case of damaged or corrupted databases. Use the recommended Kernel for Exchange Server tool to restore and access your mailbox data safely.
Frequently Asked Questions
Ans: Yes, damaged EDB files or mailbox corruption may interrupt Exchange services and create access issues in OWA or ECP. To overcome the issue, repair corrupt EDB files.
Ans: The issue mostly affects Exchange Server 2010, 2013, 2016, and in some cases, Exchange 2019 also.
