Service Connection Point Properties

The attributes of the serviceConnectionPoint class are sufficient for the needs of most services. Active Directory does not define how the attributes are to be used, so the clients of your service must be able to interpret and use the information in your service's SCPs. Services that need to publish additional information about themselves can extend the Active Directory schema by creating a subclass of the serviceConnectionPoint class, giving the subclass a distinct name that makes it easily recognizable. For more information about schema extensions, see Extending the Schema.

The most important attributes of an SCP are keywords, serviceDNSName, serviceDNSNameType, serviceClassName, and serviceBindingInformation. Client applications search the directory for keywords values to locate your SCP. Having found your SCP, clients read the other attributes to retrieve information about your service.

keywords

The keywords attribute can contain multiple string values that identify your service. This attribute is included in the global catalog, which means that clients in any domain of an enterprise forest can search the global catalog for keywords associated with your service. This attribute is also indexed, which improves the performance of queries. The installation program that creates the SCP sets the values of the keywords attribute. Typically, these values are not modified by the service that is running.

The exact keywords you should include in your SCP depend on how clients will search for your service. The best keywords to use are GUID strings because GUIDs are guaranteed to be unique in a forest. Use the GUID string format returned by the UuidToString function in the RPC library. You can also include human-readable names, if clients may use them to search for your service. The keywords in an SCP should include GUID strings and/or names that identify the following information about your service:

• Your company or organization, for example, Microsoft.
• The product or service, for example, SQL Server. This enables client applications to find SCPs for services of that type.
• The specific version of the product or service, such as 7.5.
• For SCPs that publish a specific set of data or capabilities for a type of service, include a GUID string or name that identifies the specific instance. For example, a database service could publish an SCP for a specific database. In this case, the SCP would include a product GUID to identify the service and another GUID to identify the database.

serviceDNSName and serviceDNSNameType

Client applications use the serviceDNSName and serviceDNSNameType attributes to determine the service's host computer. The serviceDNSNameType value indicates the type of DNS name specified by serviceDNSName–usually "A" if serviceDNSName contains a host name or "SRV" if serviceDNSName contains a SRV record name.

The serviceDNSName value is typically the DNS name of the service's host computer. Your service installation program can call the GetComputerNameEx function to get the DNS name of the local computer.

For services that have DNS SRV records, serviceDNSName can be the name of the SRV record. A client application uses the DNS APIs to retrieve all the SRV records that match this name. The client then retrieves the DNS host name from one of the SRV records. This technique is useful for replicated services because SRV records also include information that enables the client to select the best replica.

serviceBindingInformation

A multi-valued property that contains string values that store information needed to bind to a service. This property is indexed and is replicated to the global catalog.

The content of serviceBindingInformation is specific to the service that published the SCP; clients must know how to interpret the binding information. In the simplest and most common case, the binding information consists of a port number on the service's host computer.

serviceClassName

A single-valued property that identifies the class of service represented by the SCP. This is a descriptive string specific to the service that published the SCP, for example SqlServer. For services that support mutual authentication, clients can use this property (along with the DNS name of the service's host computer) to form a service principal name (SPN). For more information, see Mutual Authentication Using Kerberos.