This article was previously published under Q245809
The Windows 2000 Dcpromo.exe tool supports Active Directory domain names up to 64 UTF-8 bytes. Note that this feature was not included before Windows 2000 Release Candidate 3, build 2167.
Prior to Windows 2000 Release Candidate 3, the Dcpromo.exe tool limited Active Directory domain names to 155 UTF-8 bytes. This was due to the fact that the maximum length of a DNS name is 255 UTF-8 bytes, but the locator attached various prefixes (domain GUIDs, site names, and so on) to the records entered in DNS, making the longest possible fully qualified Active Directory domain name 155 UTF-8 bytes long.
Win32 file APIs permit file paths, including UNC paths, to be up to 260 characters (MAX_PATH) in length. Given a Windows 2000 tree several domains deep, each with long Active Directory domain names, a UNC path including a DNS name can exceed the 260 character MAX_PATH limit.
The MAX_PATH limit is important to Group Policy which references files in the SYSVOL using UNC paths. A typical UNC path used by group policy might look like this:
If the length of a policy UNC path exceeds MAX_PATH, Policy cannot be read and then applied to Windows 2000 domain controllers, servers and workstations.
This limits the fully qualified DNS domain name of an Active Directory domain to less than 64 UTF-8 bytes, where the exact number of characters allowed depends on the characters used. An example of a fully-qualified Active Directory DNS domain name that is longer than 64 bytes is: