Active Directory Client Extensions
|Archived content. No warranty is made as to technical accuracy. Content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.|
For Windows NT Workstation 4.0
Microsoft has developed extensions for the Windows® 95, Windows 98, and Windows NT® 4.0 operating systems that allow those client platforms to take advantage of features provided by the Windows 2000 Active DirectoryTM service. These client extensions were developed for customers who wish to deploy Windows 2000 Server in environments with Windows 95-, Windows 98-, and Windows NT 4-based client workstations.
On This Page
Microsoft Windows NT 4.0 with SP6a
Microsoft Internet Explorer 4.01 or higher
Active Directory Features Supported
Windows 9x- and Windows NT 4-based clients lack many of the features of Windows 2000 Professional that are related to Active Directory. The Active Directory client extension is an upgrade or patch for Windows 95, Windows 98, and Windows NT 4.0, which enables the following Active Directory features:
Site awareness. This includes the ability to log on to the domain controller that is closest to the client in the network and the ability to change passwords on any Windows 2000-based domain controller, instead of the primary domain controller (PDC).
Note: Active Directory Client for Windows NT4.0 does not change the NT4.0 WinLogon change password behavior. The WinLogon change password still contacts the PDC. However, Active Directory Client extension provides necessary APIs to change the password to any Windows 2000 based domain controller.
Active Directory Service Interfaces (ADSI). ADSI allows scripting to Active Directory and provides a common programming API to Active Directory programmers.
DFS fault tolerance client. This provides access to Windows 2000 distributed file system (DFS) fault tolerant and fail-over file shares specified in Active Directory.
Active Directory Windows Address Book (WAB) property pages. These allow users who have permission to change properties on user objects (for example, phone number and address) by means of the user object pages, which can be accessed by clicking the Start menu, and then pointing to Search and For People. This also includes support for display specifiers that allow rendering of new schema elements stored on the user object in Active Directory.
NTLM version 2 authentication. The client extensions take advantage of the improved authentication features available in NTLM version 2.
Active Directory Features Not Supported
Significant architectural advancements have been made in the Windows 2000 Professional client platform. They deliver functionality that the Active Directory client extensions on Windows 9x and Windows NT 4.0 cannot deliver. Users can take advantage of these additional capabilities by upgrading to Windows 2000 Professional. Note that the client extension does NOT provide the following:
Kerberos support. The Active Directory client extension does not deliver Kerberos support to Windows 9x- and Windows NT 4.0-based clients.
Group Policy or IntelliMirror support. The Active Directory client extension does not deliver IntelliMirrorTM management technologies or Windows 2000 Group Policy functionality.
IPSec or L2TP support. The Active Directory client extension does not deliver advanced virtual private networking (VPN) protocols, like Internet Protocol security (IPSec) or Layer 2 Tunneling Protocol (L2TP).
SPN or mutual authentication. The Active Directory client extension does not deliver Service Principal Name (SPN) or mutual authentication.
Windows 95/Windows 98-based Active Directory client extension is distributed on the Windows 2000 Server product compact disc.
The final release of the Windows NT 4.0-based Active Directory client extension is available for download above.