Supporting the Bind Operation for Down-Level Clients


The IADsADSystemInfo interface isn't available for Windows clients earlier than Windows 2000 (i.e., Windows NT, Windows Me, and Windows 9x). If these clients have Windows Script Host (WSH) 2.0 or later (WSH 5.6 is recommended) and the Active Directory (AD) client extension installed and they log on to an AD domain, you can modify RndmPwdAge.vbs to work with those clients. To modify RndmPwdAge.vbs, replace the lines of code at callout A in Listing 1, page 3, with DownLevelBind.vbs, which Listing A shows. DownLevelBind.vbs hard-codes the Users container for these clients but still lets you specify a grace period and time window for checking user accounts in that container. After you test the script, you can call it from the NetLogon share or add it to an existing logon-script-processing infrastructure that doesn't rely on Group Policy processing. Earlier clients don't support Group Policy processing.

You can download the AD client extensions for NT Workstation 4.0 from The client extensions for Windows Me and Win9x are available in the Clients folder of the Win2K Server installation CD-ROM. You can download WSH 5.6 for Win2K, NT 4.0, Windows Me, and Win98 from Note that Win2K and later clients are AD-enabled, and Windows XP clients include WSH 5.6.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.