If you're using AD Synchronization v1.0 but not all your users appear to be synchronizing with the Intranet (i.e. either you can’t find all your users or they aren’t updating), this could be due to the limitation on the number of objects.
When you use AD Sync, the program is limited to the number of objects specified in the MaxPageSize which defaults to 1000 objects. Microsoft provides instructions on increasing this setting in its article How to view and set LDAP policy in Active Directory.
To resolve this:
- Go to the domain controller that we’re connecting to for the sync
- Find the file ntdsutil.exe (most likely under c:\windows\system32 or c:\winnt\system32
- Run the ntdsutil.exe
- Type “ldap policies” and enter
- Type "connections" and enter
- Type "Connect to server [YourDCName]" and enter
- Type "q" and enter
- Type "Show Values" to see the current settings
- Type “Set MaxPageSize to 2000” and enter
- Type “Commit Changes” and enter
- Type “Show Values” and enter
You should see the number set to 2000 now. If you need a larger value to accommodate your user base, you can adjust this. You should now be able to run your AD Sync again. (uncheck the 'enable sync' button, save the changes and then re-enable the sync).
