The administrative limit for this request was exceeded.

The administrative limit for this request was exceeded.

As an organization we needed to make some changes to our Global Address List to make it easier for some people to find what they needed.

After creating the global address list and then running Update-GlobalAddressList I ran into the exception:
The administrative limit for this request was exceeded..

The error in this case was caused by the Active Directory attribute userCertificate which was unusually large.  The user was auto-enrolling for a certificate every time they logged in.

To remove the hundreds of certificates I did a very small c# program.

 using System;  
 using System.Collections.Generic;  
 using System.Linq;  
 using System.Text;  
 using System.DirectoryServices;  
 namespace ClearUserCert  
 {  
   class Program  
   {  
     static void Main(string[] args)  
     {  
       DirectoryEntry de = new DirectoryEntry("LDAP://CN=The User,OU=Staff,DC=TheDomain,DC=Local");  
       de.Properties["userCertificate"].Clear();  
       de.CommitChanges();  
       de.Dispose();  
     }  
   }  
 }  

In this case we weren't worried about retaining the users certificates as we didn't need them.

I should also point out you need to either turn off auto-enrolment for users or fix the cause of the multiple certificates.

Update-GlobalAddressList now ran with out a hitch.