I saw this post over on MSBlog and wanted to preserve it for my own memory.

  • maximum number of GPOs that can apply to a user/computer: 999 
  • maximum number of DNS servers in an AD-integrated zone (without manually adding the details): 850 (Windows 2000), 1300 (Windows 2003)
  • maximum number of supported DCs in a given domain: 1200
  • maximum number of members of a group: 5000 (Windows 2000), unlimited in Windows 2003
  • maximum number of DHCP servers in a forest: 850 (Windows 2000 SP1 or RTM), unlimited (Windows 2000 SP2 or later and Windows 2003)
  • maximum number of UPN suffixes that can be set through the UI: 850 (you can set more if you need to via ADSI scripts)
  • maximum number of objects that can be created over the lifetime of a given DIT (i.e. the AD database on a given DC): 2 billion