Back

Outlook Profile Autodiscover and SCP for Office 365 Migrations

When you install the Client Access server role on a computer running Exchange 2010 a default virtual directory named Autodiscover is created under th...

2 min read
Published on Oct 7, 2011
Outlook Profile Autodiscover and SCP for Office 365 Migrations

When you install the Client Access server role on a computer running Exchange 2010, a default virtual directory named Autodiscover is created under the default Web site in Internet Information Services (IIS). This virtual directory handles Autodiscover service requests from Outlook 2007 or Outlook 2010 clients and supported mobile phones under the following circumstances:

  • When a new user account is configured or updated
  • When an Outlook client periodically checks for changes to the Exchange Web Services URLs
  • When underlying network connection changes occur in your Exchange messaging environment

Additionally, a new Active Directory object named the service connection point (SCP) is created on the server where you install the Client Access server role. The SCP object contains the authoritative list of Autodiscover service URLs for the forest. You can use theĀ Set-ClientAccessServerĀ cmdlet to update the SCP object. For more information, seeĀ Set-ClientAccessServer. For more information about SCP objects, seeĀ Publishing with Service Connection Points.

The following figure shows how a client connects to a Client Access server the first time from inside the internal network. For external access, or using DNS, the client locates the Autodiscover service on the Internet by using the primary SMTP domain address from the user’s e-mail address.

The Autodiscover service process for internal access The Autodiscover service process for internal access

If the SCP is not available, the client looks for a valid SSL certificate typically a CNAME record for autodiscover.outlook.com for Office 365 Ā 

The Autodiscover service process for external access The Autodiscover service process for external access

To Disable SCP, on a forest that is migrating to hosted exchange or Office 365, and you’re NOTĀ using the Microsoft Online Migrations Tool(web based Office 365 tool), you may need to disable the SCP in your Active Directory by running the following command in the Echange Server Management Shell:

Set-ClientAccessServer -Identity ā€œSERVERNAMEā€ -AutoDiscoverServiceInternalUri $NULL

If you have multiple Exchange servers, You may need to run this replacing SERVERNAME with all the Exchange servers in the directory. If you don’t have access to the Exchange server, and it was not uninstalled properly, you can delete the SCP entries using ADSIEdit in the following container: CN=Autodiscover,CN=Microsoft Exchange,CN=Services, [Configuration Naming Context].

This post has matured and its content may no longer be relevant beyond historical reference. To see the most current information on a given topic, click on the associated category or tag.

Related Posts

Compliant Tenant Migration for DoD Subcontractors

Compliant Tenant-to-Tenant Migration for DoD Subcontractors

Learn how to execute a secure and compliant Microsoft 365 tenant-to-tenant migration for DoD subcontractors while protecting CUI and meeting DFARS and NIST 800-171.

Oct 27, 2025
8 min read
NIST SP 800-171 Considerations in Microsoft 365 Tenant Migrations

NIST SP 800-171 Considerations in Microsoft 365 Tenant Migrations

Ensure compliance with NIST 800-171 when migrating Microsoft 365 tenants. Learn how to secure CUI, meet control requirements, and reduce migration risks.

Oct 27, 2025
7 min read
Secure Tenant Migration for Defense Contractors

Secure Tenant-to-Tenant Migration for Defense Contractors

Learn how defense contractors can perform secure tenant-to-tenant migrations while protecting CUI and meeting DFARS and CMMC requirements.

Oct 27, 2025
8 min read
GCC High Tenant Migration Guide for Secure Environments

How to Migrate Tenants to GCC or GCC High Environments

Learn how to migrate Microsoft 365 tenants to GCC or GCC High for compliance with DFARS, NIST 800-171, and CMMC requirements. Step-by-step guidance included.

Oct 24, 2025
8 min read
Microsoft 365 Backup vs. Partner Solutions

Comparing Native Microsoft 365 Backup with Partner Solutions

Explore the differences between native Microsoft 365 backup and third-party partner solutions, including features, compliance, and recovery capabilities.

Oct 24, 2025
6 min read
Microsoft 365 Tenant Migration with CUI | Compliance & Security Guide

Microsoft 365 Tenant Migration with Controlled Unclassified Information (CUI)

Learn how to securely migrate Microsoft 365 tenants while handling Controlled Unclassified Information (CUI), with a focus on compliance, data protection, and tenant security.

Oct 24, 2025
7 min read

Ready to Secure and Defend Your Data
So Your Business Can Thrive?

Fill out the form to see how we can protect your data and help your business grow.

Loading...
Secure. Defend. Thrive.

Let's start a conversation

Discover more about Agile IT's range of services by reaching out.

Don’t want to wait for us to get back to you?

Schedule a Free Consultation

Location

Agile IT Headquarters
4660 La Jolla Village Drive #100
San Diego, CA 92122