Active Directory LDAP queries are limited to returning 1000 objects (users and groups). Here are some suggestions to get around the query limit.
It might be possible to change this server side, as suggested in this link: http://stackoverflow.com/questions/3488394/c-sharp-active-directory-services-findall-returns-only-1000-entries.
One other possible way to override this value is to look at a class called AdsiDataFactory in EPiServer.Security namespace. There is a method called FindAll()
public override IList<DirectoryData> FindAll(string filter, SearchScope scope, string sortByProperty)
Within this method, there is a property called PageSize:
directorySearcher.PageSize = this.PageSize;
You can override the behavior of the base class by writing your own class inheriting from this and change directorySearcher.PageSize to be set to some other value in order to return more than 1000 objects. This blog post offers an example: http://bergdaniel.se/using-the-active-directory-membership-provider-with-episerver, like setting PageSize to something like Int32.MaxValue instead of this.PageSize (which seems to default to 1000).
There isn't a simple web.config way to do this, but overriding the behavior of that base class might do the trick.
Another blog post reference: http://dev.solita.fi/episerver/2016/01/08/active-directory-integration-with-episerver.html