Maximum number of access control entries in the access control list
Content provided by Microsoft
Applies to: Windows Server 2008 R2 DatacenterWindows Server 2008 R2 EnterpriseWindows Server 2008 R2 for Itanium-Based SystemsWindows Server 2008 R2 StandardWindows Server 2008 DatacenterWindows Server 2008 Datacenter without Hyper-VWindows Server 2008 EnterpriseWindows Server 2008 Enterprise without Hyper-VWindows Server 2008 for Itanium-Based SystemsMicrosoft Windows Server 2003 Web EditionMicrosoft Windows Server 2003 Enterprise x64 EditionMicrosoft Windows Server 2003 Enterprise Edition (32-bit x86)Microsoft Windows Server 2003 Datacenter Edition (32-bit x86)Microsoft Windows Server 2003 Standard Edition (32-bit x86)Microsoft Windows XP Professional x64 EditionMicrosoft Windows XP ProfessionalMicrosoft Windows XP Home EditionMore
When you add users or groups to the security permissions of an object share, file, or directory, you may receive the following error message:
You have exceeded the operating system's limit on the number of users and groups that can be in a security information structure. Remove some users or groups and try the operation again.
Additonally, when you use Cacls.exe to perform this function, you may receive the following error message:
The parameter is incorrect.
This issue occurs when you reach the maximum size of the access control list (ACL). The size of an ACL varies with the number and size of its access control entries (ACEs). The maximum size of an ACL is 64 kilobytes (KB), or approximately 1,820 ACEs. However, for performance reasons, the maximum size is not practical.
For more information about security descriptors and ACLs, go to the following Microsoft website: