New Active Directory Documents for IT Pros Check out the maximum limits of Active Directory - Active Directory Documentation Team - Site Home - TechNet Blogs

Active Directory Documentation Team

Information for IT Professionals who work with Active Directory. All blog posts are provided "AS IS" with no warranties, and confer no rights.

Check out the maximum limits of Active Directory

Check out the maximum limits of Active Directory

  • Comments 1
  • Likes

Did you know that there are certain pre-defined limits of Active Directory? For example, there is a maximum on the number of objects (users, groups, computers, organizational units, group policies, etc.) that can exist in Active Directory; specifically, not more than 2.15 billion objects can exist in the directory and only about 1 billion security principles (users, groups, and computers) can exist. To learn more about specific limitations of Active Directory, check out the article Active Directory Maximum Limits.

This posting is provided "AS IS" with no warranties, and confers no rights.

  • There is a limit of approximately 1 billion security identifiers (SIDs) over the life of a domain. This limit is due to the size of the global relative identifier (RID) pool of 30 bits that makes each SID (that is assigned to user, group, and computer accounts) in a domain unique. The actual limit is 230 or 1,073,741,823 RIDs. Because RIDs are not reused—even if security principals are deleted—the maximum limit applies, even if there are less than 1 billion security principals in the domain.


    Vishal G Nar

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment