Service Connection Point (SCP) In Exchange 2010…

Every Exchange administrator will have heard the term “Service Connection Point” or SCP when autodiscover is mentioned. What is SCP and where can I find it? What is it used for? These are some of the questions that need clarification.

Whenever a client access server is installed, a new service connection point (SCP) Active Directory object is created for that server. The SCP object is used by domain joined clients to locate the Autodiscover service. Where can I find SCP? You can view the SCP object using Active Directory Sites and Services, after you have enabled the “View Services Node” option from the “View” tab.

SCP object in Sites and Services

You will have a list of SCPs if you have more than one CAS server in your environment. If you right click and take the properties of the SCP object (Attribute Editor tab), it contains two two pieces of information which is of interest, the “serviceBindingInformation” attribute and thekeywords” attribute.

The “serviceBindingInformation” attribute has the Fully Qualified Domain Name (FQDN) of the Client Access server in the form of https://hewexch.hew.local/autodiscover/autodiscover.xml, where hewexch.hew.local is the FQDN of the CAS server. This url is mostly changed to one that is covered by the SAN/UCC certificate. It is this url which internal Outlook client uses to connect to the mailbox and other Exchange features published using autodiscover.


The “keywords” attribute specifies the Active Directory sites to which this SCP record is associated. By default, this attribute specifies the Active Directory site to which the Client Access server belongs.


When using a domain joined client, Outlook 2007+ client authenticates to Active Directory and tries to locate the SCP objects by using the user’s credentials. After the client obtains and enumerates the instances of the Autodiscover service, it connects to the first Client Access server in the enumerated list and obtains the profile information in the form of XML data that is needed to connect to the user’s mailbox and available Exchange features.

Rajith Jose Enchiparambil

UC Architect, Blogger, Husband & Dad. I have been in IT for the last 17 years, with interests in Exchange, Office 365 & Azure. I am active on Experts Exchange & TechNet forums and I am a technical author for SearchExchange. Follow me on Twitter, LinkedIn, Facebook or Google+ for the latest updates. For consultancy opportunities, drop me a line.

Click Here to Leave a Comment Below 51 comments