This article was previously published under Q271088
This article has been archived. It is offered "as is" and will no longer be updated.
Exchange 2000 Server is dependent on the Microsoft Windows 2000 Active Directory for both user and configuration information. Exchange 2000 predominantly uses Lightweight Directory Access Protocol (LDAP) to communicate to the domain controller and global catalog servers for this information. Exchange 2000 uses Active Directory very efficiently, but for many server and user actions a LDAP directory lookup is required.
When there are numerous Exchange 2000 servers in a Windows 2000 site, a very large LDAP load may be put on the Active Directory servers. By default, Active Directory is configured to have a MaxActiveQueries value of 20 (LDAP queries). This setting is the maximum number of pending LDAP queries that Active Directory can process.
If this limit is reached, Active Directory returns an error message "LDAP_ADMIN_LIMIT_EXCEEDED" and does not process further LDAP queries. A MaxActiveQueries value of 20 is generally sufficient for most Active Directory servers, but you may need to increase this value if you are running domain controllers on servers that have six or eight processors and you receive this error message.
You can increase the MaxActiveQueries value by using the Windows 2000 Ntdsutil.exe tool.
If you increase this setting, a little more memory is used in the Lsass.exe process in Active Directory, so do not increase this value any higher than necessary. The procedure to change this value is outlined in the following example:
c:\>ntdsutil.exentdsutil: Ldap policiesldap policy: connectionsserver connections: Connect to server DCServer1Binding to DCServer1 ...Connected to DCServer1 using credentials of locally logged on userserver connections: qldap policy: Show ValuesPolicy Current(New)MaxPoolThreads 8MaxDatagramRecv 1024MaxReceiveBuffer 10485760InitRecvTimeout 120MaxConnections 5000MaxConnIdleTime 900MaxActiveQueries 20MaxPageSize 1000MaxQueryDuration 120MaxTempTableSize 10000MaxResultSetSize 262144MaxNotificationPerConn 5ldap policy: set MaxActiveQueries to 40ldap policy: Commit Changesldap policy: Show ValuesPolicy Current(New)MaxPoolThreads 8MaxDatagramRecv 1024MaxReceiveBuffer 10485760InitRecvTimeout 120MaxConnections 5000MaxConnIdleTime 900MaxActiveQueries 40MaxPageSize 1000MaxQueryDuration 120MaxTempTableSize 10000MaxResultSetSize 262144MaxNotificationPerConn 5ldap policy: qntdsutil: qDisconnecting from DCServer1
Active Directory picks up this change without restarting. In the preceding example, Active Directory processes no more than 40 LDAP queries at a time.
NOTE: This setting is global to all Active Directory servers in the forest. If you change this value on one Active Directory server, all the other domain controllers in the forest pick up the change as well.