Apr 28, 2010

AD limitations and scalability

This topic describes Active Directory scalability and other limitations, as well as recommendations that apply when you are designing or implementing an Active Directory infrastructure. These limitations include the following:


Maximum Number of Objects
Maximum Number of Security Identifiers
Maximum Number of entries in Discretionary and Security Access Control Lists
Group Memberships for Security Principals
FQDN Length Limitations
File Name and Path Length Limitations
Additional Name Length Limitations
Maximum Number of GPOs Applied
Trust Limitations
Maximum Number of Accounts per LDAP Transaction
Recommended Maximum Number of Users in a Group
Recommended Maximum Number of Domains in a Forest
Recommended Maximum Number of Domain Controllers in a Domain
Recommended Maximum Kerberos Settings
Maximum Number of Objects

MIT Kerberos 5 FAQ

Apr 7, 2010

Account lockout-related event logs

Event ID
Description
528
A user successfully logged on to a computer. For information about the type of logon, see the Logon Types table below.
529
Logon failure. A logon attempt was made with an unknown user name or a known user name with a bad password.
530
Logon failure. A logon attempt was made, but the user account tried to log on outside of the allowed time.