I had someone ping me about an issue with maxValRange a few months ago and they mentioned that MSFT had changed some internal hard coded limits. I meant to go look into it but never found time. This was just posted on ActiveDir Org the last few days which makes it so I don’t have to go check the source code. 🙂
Hardcoded LDAP limitations have been introduced in Windows Server 2008 R2 and Windows Server 2008 to prevent overloading the domain controller. These limits overwrite the LDAP policy setting when the policy value should be higher.
LDAP setting maximum value (hardcoded) MaxReceiveBuffer 20971520 MaxPageSize 20000 MaxQueryDuration 1200 MaxTempTableSize 100000 MaxValRange 5000