What would be the normal depth of nested groups in Active Directory? LDAP in general? What would be the maximum depth of nested groups in Active Directory? LDAP in general? I have found in most examples and even on some of our servers that the normal depth of nested groups is about 5. Server -> Domain Name -> Organization -> Organization Unit -> User Do scenarios actually exist in which we could see this: Server -> Domain Name -> Organization -> Organization Unit 1 -> Organization Unit 2 -> Some Other Qualifer 1 -> Some Other Qualifier 2 -> ... -> Some Other Qualifier X -> User where 'X' could be 10 or 20 nested groups deep? toolmania1

On Wed, 19 Sep 2012 15:08:23 +0000, toolmania1 wrote: >What would be the normal depth of nested groups in Active Directory? LDAP in general? The only answer to that is "it depends". >What would be the maximum depth of nested groups in Active Directory? LDAP in general? I don't know that there is any limit. LDAP has nothing to do with in any case. >I have found in most examples and even on some of our servers that the normal depth of nested groups is about 5. > >Server -> Domain Name -> Organization -> Organization Unit -> User > >Do scenarios actually exist in which we could see this: > >Server -> Domain Name -> Organization -> Organization Unit 1 -> Organization Unit 2 -> Some Other Qualifer 1 -> Some Other Qualifier 2 -> ... -> Some Other Qualifier X -> User > >where 'X' could be 10 or 20 nested groups deep? "Could" it be? Sure. Do you allow it? That's up to your admins, I suppose. How groups are structured usually depends a lot on how the company is structured. --- Rich Matheisen MCSE+I, Exchange MVP --- Rich Matheisen MCSE+I, Exchange MVP

Thanks for the reply. I just wanted to be aware of any anomalies that could occur with bizarre / extreme structures so that we know what to test. I really doubt this will happen because how many sub departments can you have in a real organization? Here would be a blown out of proportion example to illustrate why I ask about the maximum level depth: Baseball -> Teams -> Yankess -> Players -> Pitchers -> Right Handed -> Under 40 -> Over 6 feet tall -> With a good curve ball -> etc. Even in that example, the categories used for each nested group starts to get ridiculous. So, maybe this discussion is pointless...lol.toolmania1

On Wed, 19 Sep 2012 15:56:09 +0000, toolmania1 wrote: >I just wanted to be aware of any anomalies that could occur with bizarre / extreme structures so that we know what to test. I really doubt this will happen because how many sub departments can you have in a real organization? Hmmm . . . Here's seven without really trying: ..All users ...Asia ....China .....Province ......City .......Building ........Floor I've seen some pretty, errr, creative group structures over the years. :-) >Here would be a blown out of proportion example to illustrate why I ask about the maximum level depth: > >Baseball -> Teams -> Yankess -> Players -> Pitchers -> Right Handed -> Under 40 -> Over 6 feet tall -> With a good curve ball -> etc. > >Even in that example, the categories used for each nested group starts to get ridiculous. So, maybe this discussion is pointless...lol. > > >toolmania1 --- Rich Matheisen MCSE+I, Exchange MVP --- Rich Matheisen MCSE+I, Exchange MVP

Ya, I see your point. Good to know also from your first hand experience. We will prepare for such structures then. Thanks!toolmania1