Publishing with Service Connection Points

The Active Directory™ schema defines a serviceConnectionPoint (SCP) object class to make it easy for a service to publish service-specific information in the directory. Clients of the service use the information in an SCP to locate, connect to, and authenticate an instance of your service.

This section provides an overview of service connection points and code samples that show how a client/service application uses SCPs.

The example follows these steps to implement service publication with SCPs:

To create SCPs in the directory at service installation

For sample code that performs these steps, see Creating a Service Connection Point.

1. Bind to the computer object for the host computer on which the service instance is being installed.
2. Create an SCP object as a child of the computer object, specifying the initial values for the attributes of the SCP.
3. Set access control entries (ACEs) in the security descriptor of the SCP object to enable the service to modify SCP properties at run time.
4. Cache the objectGUID of the SCP in the registry on the service's host computer.

To update the SCP attributes at service startup

For sample code that performs these steps, see Updating a Service Connection Point.

1. Retrieve the objectGUID from the registry and use it to bind to the SCP.
2. Retrieve attributes, such as serviceDNSName and serviceBindingInformation, from the SCP. Compare these values to the current values and update the SCP if necessary.

To find and use an SCP by a client application

For sample code that performs these steps, see How Clients Find and Use a Service Connection Point.

1. Bind to the global catalog and search for objects with a keywords property that matches the service's product GUID. Each object found is an instance of the service. Select an instance and retrieve the distinguished name of the SCP.
2. Use the distinguished name to bind to the SCP.
3. Retrieve the values of various attributes from the SCP, such as serviceDNSName and serviceBindingInformation. Use these values to connect to and authenticate the service instance.

For information on who can create and update an SCP, see Security Issues for Service Publication.

For information on where to create an SCP, see Where to Create a Service Connection Point.

For a discussion of the kind of information to store in an SCP, see Service Connection Point Properties.

For a discussion of how a service installation program and the service itself work together to keep up-to-date information in an SCP, see Creating and Maintaining a Service Connection Point.