On ActiveDir.org a couple of weeks ago, there was a discussion around the fact that Microsoft now have hardcoded LDAP limits for Active Directory. This may not directly affect you in a Windows 2003 forest – but if you have changed your LDAP Policies to make a poorly written application work in Windows Server 2003 then in Windows Server 2008 and 2008 R2 rather than modify Active Directory – you may have to modify the application – which might not be that simple.
Hardcoded LDAP limitations have been introduced in Windows Server 2008 R2 and Windows Server 2008 to prevent overloading the domain controller. These limits overwrite the LDAP policy setting when the policy value should be higher.
|LDAP setting hardcoded)||Maximum value (hardcoded)|
Full KB Article: