The 2,000 rule: because stored procedure calls to SQL Server slow down as you reach 2,000 items, have less than that in a view on a List. Less than 200 ideally to have optimum performance.
Have less than 2000 AD users or groups in a SharePoint Group for the same reason. An AD group in a SharePoint group counts as one item, but the first time a user edits content in a site collection, they are added to the user list for that site collection. The best way to avoid this problem is to have lots of site collections so the users and groups are more spread out.
Indexing an item with about 1,000 entries on it's ACL (access control list) will fail. The limit is 64k for the ACL of any item being crawled, on the file system or in SharePoint. Avoid this by assigning access via AD groups rather than directly.
Any user can only be in 1024 AD groups. To avoid this, you could put the users in SharePoint groups if you think this limit might be reached.
The bottom line is you can have as many readers as you like on SharePoint site collections as you like, but if you get to between 1,500 and 2,000 contributors (to reach that 64k limit) you will get errors. Note these are Windows limits that SharePoint is dependent on since it is built on Windows. SQL adds the performance limits for views on lists.
These points are examined in more detail here as well as linking to details of the issues in MS KB articles: http://weblogs.asp.net/erobillard/archive/2008/09/11/sharepoint-security-hard-limits-and-recommended-practices.aspx thanks Eli!
Labels: Planning
