Active Directory Search Limit
How do I modify the number of Active Directory objects to search?
By default, the Windows 2000 Active Directory searches 10,000 objects at a time. This policy affects all browse displays associated with AD, the Microsoft Management Console (MMC) Active Directory Users and Computers snap-in, and the dialog boxes you use to set permissions for user or group objects in AD. As your organization grows, you might need to change the number of objects to search.
Passwords Haven’t Disappeared Yet
123456. Qwerty. Iloveyou. No, these are not exercises for people who are brand new to typing. Shockingly, they are among the most common passwords that end users choose in 2021. Research has found that the average business user must manually type out, or copy/paste, the credentials to 154 websites per month. We repeatedly got one question that surprised us: “Why would I ever trust a third party with control of my network?
To set the number for a group policy object:
- Start the MMC Active Directory Users and Computers snap-in.
- Right-click the container, and select Properties.
- Select the Group Policy tab.
- Select the Group Policy Object, and select Edit.
- Select the User Configuration branch, and expand Administrative Templates > Desktop > Active Directory.
- Double-click Maximum size of Active Directory searches.
- Select Enabled, and set the number (e.g., 20000).
- Click Apply.
- Click OK.
- Close the Group Policy Editor.
To edit the registry to set the number for a user:
- Start regedit.
- Go to the
- From the Edit menu, select New > Key.
- Select the new Windows key, and from the Edit menu, select New, Key.
- Go to the Directory UI key, and from the Edit menu, select New, DWORD Value.
and press Enter.
- Double-click the new value, and set the decimal value (i.e. 20000).
- Click OK.
- Close the registry editor.
For both methods, the change will take effect when the user logs on the next time.
Note: Original tip can be found HERE