1

I have deploy WCF service on IIS of Remote Desktop Machine. I can be able to access that service in my local machine's chrome browser and I have added it as a service reference in my project. Now when my project trying to access service then it's giving me error like The caller was not authenticated by the service..

After r&d related to it I have added below lines for solution

_client.ClientCredentials.Windows.ClientCredential.Domain = "RDP Computer name";
_client.ClientCredentials.Windows.ClientCredential.UserName = "RDP Username";
_client.ClientCredentials.Windows.ClientCredential.Password = "RDP Password";

and again when I try then error changed as a Client is unable to finish the security negotiation within the configured timeout (00:00:00). The current negotiation leg is 1 (00:00:00).

I try to find Domain name on RDP machine as per suggestion from https://support.microsoft.com/en-in/help/17463/windows-7-connect-to-another-computer-remote-desktop-connection. But I didn't find any domain name there. it's workgroup name available in workgroup area.

On my local machine project app.config file contains service code like below : 

<system.serviceModel>
    <bindings>
      <wsDualHttpBinding>
        <binding name="WSDualHttpBinding_IService1">
        </binding>
      </wsDualHttpBinding>
    </bindings>
    <client>
      <endpoint address="http://xx.xx.xxx.xxx/Testing/Service1.svc"
        binding="wsDualHttpBinding" bindingConfiguration="WSDualHttpBinding_IService1"
        contract="ServiceReference1.IService1" name="WSDualHttpBinding_IService1">
        <identity>
          <servicePrincipalName value="host/RDPName" />
        </identity>
      </endpoint>
    </client>
  </system.serviceModel>

however on WCF service project side web.config file contains below code :

<protocolMapping>
      <add binding="basicHttpsBinding" scheme="https"/>
    </protocolMapping>
    <serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true"/>

    <services>
      <service name="WcfService.Service1">
        <endpoint address="" binding="wsDualHttpBinding" contract="WcfService.IService1" />
        <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
        <host>
          <timeouts closeTimeout="00:05:00" openTimeout="00:05:00" />
        </host>
      </service>
    </services>
    <bindings>
      <wsDualHttpBinding>
        <binding name="customBinding0"
                receiveTimeout="00:05:00"
                sendTimeout="00:05:00"
                openTimeout="00:05:00"
                closeTimeout="00:05:00"
                maxBufferPoolSize="2147483647"
                maxReceivedMessageSize="2147483647">
          <security mode="None">
          </security>
        </binding>
      </wsDualHttpBinding>
    </bindings>

I am doing r&d from last few days for resolve this issue but not succeed at all.

please can you suggest me that what should I do for resolve this one ?

Thank you.

Harry R
  • 69
  • 1
  • 11
  • You might be able to connect to a remote machine via RDP, because the RDP port is opened at firewall, but you might not be able to access any other as the firewall can block that. Also for workgroup setup, user accounts cannot go across different machines. You'd better set up a domain via AD. – Lex Li Jan 10 '20 at 02:55
  • @LexLi. I have try with setup Inbound rules by allowing that port for incoming request. But it's not working in this scenario. But let I try with setup new domain name. – Harry R Jan 10 '20 at 03:33
  • Please create an active directory domain. So that your server would able to authenticate either kerberos or NTLM token. Besides, you have to ensure 80 port have been exposed to internet. I mean either server's internal firewall and external firewall wall in your server's portal. – Jokies Ding Jan 10 '20 at 03:36
  • "I have try with setup Inbound rules by allowing that port", which port did you open for WCF? Make it clear. – Lex Li Jan 10 '20 at 12:59

1 Answers1

0

On my side, it works properly after setting up the windows credentials. This due to the fact that WCF created by the wsdualhttpbinding authenticates the client with windows credential by default.
Besides, why does the service address have “Testing” prefix? And the service address is void. Are you using virtual path?
In fact, there is no need to use duplex binding. Wshttpbinding is enough, or nettcpbinding, which also supports duplex communication. Wsdualhttpbinding might be blocked by the firewall, since it supports the callback contract.
Please refer to the below discussion.
WCF Duplex - Client is unable to finish the security negotiation within the configured timeout
https://social.msdn.microsoft.com/Forums/en-US/21160b92-bed5-4e5d-a1a9-6fc8e84f6299/client-is-unable-to-finish-the-security-negotiation-within-the-configured-timeout-000000-the?forum=csf
https://help.octopus.com/t/client-is-unable-to-finish-the-security-negotiation-within-the-configured-timeout/6827
Feel free to let me know if there is anything I can help with.
Updated.
In order to rules out the authentication and network issue, I suggest you use Basichttpbinding to create the WCF service first. The client-side could consume the service by adding service reference. please refer to the configuration.
Server-side. 

  <system.serviceModel>
    <behaviors>
      <serviceBehaviors>
        <behavior>
          <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
          <serviceDebug includeExceptionDetailInFaults="false" />
        </behavior>
      </serviceBehaviors>
    </behaviors>
    <protocolMapping>
      <add binding="basicHttpBinding" scheme="http"/>
    </protocolMapping>
    <serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
  </system.serviceModel>

Look forward to your further message.

Abraham Qian
  • 7,117
  • 1
  • 8
  • 22
  • thank you for your reply. I have try links which you have provided but still my application is not able to access service which I have deploy on RDP IIS server. Please can you guide me for this one ? – Harry R Jan 21 '20 at 18:50