Maximum Number of Users in a group?

Discussion in 'Active Directory' started by Jeff, Oct 28, 2004.

  1. Jeff

    Jeff Guest

    What is the maximum number of objects a group in Active Diretory can hold?
    I've been told in W2K there was a limit of 5000 users per group. Is that
    true?

    Thanks,

    Jeff
     
    Jeff, Oct 28, 2004
    #1
    1. Advertisements

  2. Hello Jeff,

    It is somewhat true:
    In Windows 2000 all direct members of a group are replicated as one
    attribute. The replication is a transaction, and there's a limit on the
    maximum size of an transaction. One attribute needs to be replicated
    within one transaction.

    The limit of the transaction concludes in a limit of the direct
    memberships of a group at about 5000 direct members.

    In Windows Server 2003 Linked Value Replication was introduced, and the
    member-attribute of the group object so replicate now like separate
    attributes.

    This leads to two major improvements:
    1. There's no limit for about 5000 direct members in a group anymore
    2. If you change the memberships of a group on two different DCs, e.g.
    delete a member on one dc and add a member on another, after the
    replication the latest change would win and e.g. the new member is
    there but the old one is still there as well. Since WS2k3 replicates
    the changes within this attribute the membership we'll have the new
    member there and the old one removes - as it's supposed to be.

    --
    Gruesse - Sincerely,

    Ulf B. Simon-Weidner

    MVP-Book "Windows XP - Die Expertentipps": http://tinyurl.com/44zcz
    Weblog: http://msmvps.org/UlfBSimonWeidner
    WebSite: http://www.windowsserverfaq.org
     
    Ulf B. Simon-Weidner [MVP], Oct 28, 2004
    #2
    1. Advertisements

  3. Hello there,
    Yes it is, Values that can be written in a single transaction are 5,000. The
    effect of this limit depends on the forest functional level.

    In Windows 2000 forest functional level, The minimum unit of replication at
    this level is the entire attribute. Therefore, changes to any value in the
    linked, multivalued member attribute results in replicating the entire
    attribute. For this reason, the supported size of group membership is
    limited to 5,000.


    --
    Regards
    Christoffer Andersson
    Microsoft MVP - Directory Services

    No email replies please - reply in the newsgroup
     
    Chriss3 [MVP], Oct 28, 2004
    #3
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.