**Cause** If your Active Directory contains large user groups and dependencies among them then it may occur that single sign on for some users that are members in a lot of user groups does not work. This is because the packet size of the AJP13 protocol that is used for the communication between IIS and Axon.ivy Engine is to small to hold all the necessary security information. **Solution** The problem can be solved by increasing the packet size (default value 8192) of the AJP13 protocol. The packet size must be configured with the same value on the IIS and Axon.ivy Engine side. If one side is not configured to the same size as the other, then the communication may fail. On the IIS side the packet size can be configured in the `workers.properties` file by setting the worker attribute `max_packet_size`. worker.AxonIvyEngine.max_packet_size=16384 **Axon.ivy Engine 7.2 and newer:** adjust the packet size in the file `configuration/ivy.yaml` Connector: AJP: Enabled: true PacketSize: 16384 **Axon.ivy Engine 7.1 and older:** the packet size can be set by changing the value of the system property `WebServer.AJP.PacketSize` in the AdminUI.

**Cause** If your Active Directory contains large user groups and dependencies among them then it may occur that single sign on for some users that are members in a lot of user groups does not work. This is because the packet size of the AJP13 protocol that is used for the communication between IIS and Axon.ivy Engine is to small to hold all the necessary security information. **Solution** The problem can be solved by increasing the packet size (default value 8192) of the AJP13 protocol. The packet size must be configured with the same value on the IIS and Axon.ivy Engine side. If one side is not configured to the same size as the other, then the communication may fail. On the IIS side the packet size can be configured in the `workers.properties` file by setting the worker attribute `max_packet_size`. worker.AxonIvyEngine.max_packet_size=16384 **Axon.ivy Engine 7.2 and newer:** adjust the packet size in the file `configuration/ivy.webserver.yaml``configuration/ivy.yaml` AJP: Enabled: true PacketSize: 16384 **Axon.ivy Engine 7.1 and older:** the packet size can be set by changing the value of the system property `WebServer.AJP.PacketSize` in the AdminUI.

**Cause** If your Active Directory contains large user groups and dependencies among them then it may occur that single sign on for some users that are members in a lot of user groups does not work. This is because the packet size of the AJP13 protocol that is used for the communication between IIS and Axon.ivy Engine is to small to hold all the necessary security information. **Solution** The problem can be solved by increasing the packet size (default value 8192) of the AJP13 protocol. The packet size must be configured with the same value on the IIS and Axon.ivy Engine side. If one side is not configured to the same size as the other, then the communication may fail. On the IIS side the packet size can be configured in the workers.properties `workers.properties` file by setting the worker attribute max_packet_size. **Example**`max_packet_size`. worker.AxonIvyEngine.max_packet_size=16384 On the Axon.ivy Engine side **Axon.ivy Engine 7.2 and newer:** adjust the packet size in the file `configuration/ivy.webserver.yaml` AJP: Enabled: true PacketSize: 16384 **Axon.ivy Engine 7.1 and older:** the packet size can be set by changing the value of the system property WebServer.AJP.PacketSize.`WebServer.AJP.PacketSize` in the AdminUI.

**Cause** If your Active Directory contains large user groups and dependencies among them then it may occur that single sign on for some users that are members in a lot of user groups does not work. This is because the packet size of the AJP13 protocol that is used for the communication between IIS and Axon.ivy Engine is to small to hold all the necessary security information. **Solution** The problem can be solved by increasing the packet size (default value 8192) of the AJP13 protocol. The packet size must be configured with the same value on the IIS and Axon.ivy Engine side. If one side is not configured to the same size as the other, then the communication may fail. On the IIS side the packet size can be configured in the workers.properties file by setting the worker attribute max_packet_size. **Example** worker.AxonIvyEngine.max_packet_size=16384 On the Axon.ivy Engine side the packet size can be set by changing the value of the system property WebServer.AJP.PacketSize.