Export (0) Print
Expand All
Expand Minimize

MaxPageSize is non-default

[This topic is intended to address a specific issue called out by the Exchange Server Analyzer Tool. You should apply it only to systems that have had the Exchange Server Analyzer Tool run against them and are experiencing that specific issue. The Exchange Server Analyzer Tool, available as a free download, remotely collects configuration data from each server in the topology and automatically analyzes the data. The resulting report details important configuration issues, potential problems, and nondefault product settings. By following these recommendations, you can achieve better performance, scalability, reliability, and uptime. For more information about the tool or to download the latest versions, see "Microsoft Exchange Analyzers" at http://go.microsoft.com/fwlink/?linkid=34707.]  

Topic Last Modified: 2009-08-17

The Microsoft® Exchange Server Analyzer Tool verifies the Lightweight Directory Access Protocol (LDAP) configuration of a domain controller by checking the attributes of the Default Query Policy object in the Query-Policies container in the Active Directory® directory service. If the Exchange Server Analyzer determines that the MaxPageSize value of the LDAPAdminLimits attribute has been changed from its default of 1000, a non-default configuration message is displayed.

The LDAP administrative limits balance the Active Directory operational capabilities and its performance. These limits prevent specific operations from adversely affecting the performance of the server, and also make the server resilient to denial of service attacks. Increasing this setting beyond its default value could have an adverse impact on your Active Directory infrastructure.

LDAP policies are implemented by using objects of the queryPolicy class. Query policy objects can be created in the Query-Policies container, which is a child of the Directory Service container in the configuration naming context.

The MaxPageSize value of the LDAPAdminLimits attribute controls the number of records that can be returned for an LDAP query. The default is 1000 records. If there are more than 1000 items returned, Active Directory will see this maximum value and will return nothing.

This limit controls the supportable numbers of several types of Active Directory objects. For example, each organization can have up to 1000 servers, up to 1000 administrative groups, and up to 1000 address lists; each administrative group can have up to 1000 routing groups; and each routing group can have up to 1000 connectors.

Unless you are instructed by Microsoft Product Support Services to use a different value, you should reset this value back to 1000.

To modify the MaxPageSize value, use Ntdsutil.exe. Ntdsutil.exe is located in the Support tools folder on the Microsoft Windows® 2000 Server installation CD-ROM. Ntdsutil.exe is installed in the System32 folder by default.

  1. Click Start, and then click Run.

  2. In the Open text box, type ntdsutil, and then press ENTER. To view Help at any time, type ? at the command prompt.

  1. At the Ntdsutil.exe command prompt, type LDAP policies, and then press ENTER.

  2. At the LDAP policy command prompt, type connections, and then press ENTER.

  3. At the server connection command prompt, type connect to server DNS name of server, and then press ENTER. You want to connect to the server that you are currently working with.

  4. At the server connection command prompt, type q, and then press ENTER to return to the previous menu.

  5. At the LDAP policy command prompt, type Show Values, and then press ENTER.

    A display of the policies as they exist appears.

    noteNote:
    This procedure only shows the Default Domain Policy settings. If you apply your own policy setting, you cannot see it.

  1. At the Ntdsutil.exe command prompt, type LDAP policies, and then press ENTER.

  2. At the LDAP policy command prompt, type Set MaxPageSize to 1000, and then press ENTER.

    You can use the Show Values command to verify your changes.

  3. To save the changes, use Commit Changes.

  4. When you finish, type q, and then press ENTER.

  5. To quit Ntdsutil.exe, at the command prompt, type q, and then press ENTER.

For more information about configuring LDAP policies, see the Microsoft Knowledge Base Article 315071, "How to view and set lightweight directory access protocol policies by using Ntdsutil.exe in Windows 2000" (http://go.microsoft.com/fwlink/?LinkId=3052&kbid=315071).

 
Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft