Service Publication and Service Principal Names Technical Reference

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2

Services use service publication in the Active Directory directory service to provide information about themselves in the directory for easy discovery by client applications and other services. Service publication occurs when the installation program for a service publishes information about the service, including binding and keyword information, to the directory. In addition, Active Directory supports service principal names (SPNs) as a means by which client applications can identify and authenticate the services that they use. Service publication is accomplished through the creation of service objects (also called connection point objects) in Active Directory. Service authentication is accomplished through Kerberos authentication of SPNs.


In Windows 2000 Server and Windows Server 2003, the directory service is named Active Directory. In Windows Server 2008 and Windows Server 2008 R2, the directory service is named Active Directory Domain Services (AD DS). The rest of this topic refers to Active Directory, but the information is also applicable to AD DS.

In this subject