How to enable Windows Authentication and NetTCPBinding WCF webservice on IIS7?

I am attempting to set up a web service that uses windows authentication and NetTCPBinding on IIS 7. currently I am getting this error when I attempt to access the wysdl

"Security settings for this service require 'Anonymous' Authentication but it is not enabled for the IIS application that hosts this service. "

The relevant sections of my Config file look like this...

<behaviors>
    ...
    <serviceBehaviors>
        <behavior name="WCFHostService.MyServiceBehavior">
            <serviceMetadata httpGetEnabled="false" />
            <serviceDebug includeExceptionDetailInFaults="false" />
        </behavior>
    </serviceBehaviors开发者_开发技巧>
</behaviors>
<services>
    <service name="UPMC.ISD.EADIS.ACO.ACOServiceConcept">
        <endpoint name ="TCP_Binding"
                address=""
                binding="netTcpBinding"
                contract="UPMC.ISD.EADIS.ACO.ACOServiceConcept.IACOService"/>
        <endpoint name="mexHttpbinding"
                contract="IMetadataExchange"
                binding="mexTcpBinding"
                address="mex" />
    </service>
</services>

How do I get the "security settings" for my service to align to allow me to access this service? I also just read that you can get rid of the error by getting rid of your mex binding endpoints or by enabling anonymous authentication. But how do you get your wsdl if you don't have mex binding? Well I guess I will give that a go, but if you have any other advice I will most certainly take it.

Thanks.

According to WCF NetTcpBinding Security - how does it work?, the default security setting for NetTCP is Windows Authentication. It sounds like one or two things might be the issue:

1. Ensure Windows Authentication is enabled (in the IIS Management Console under Authentication - same place where you find the switch for Anonymous Authentication as in @Joel C's answer).

2. You might want to try specifying the windows account credentials when you create the client proxy, in case the account running the client is unable to authenticate.

Are the client and the server in the same domain?

Have you verified that Anonymous Authentication is enabled in the IIS application where you're hosting your service? In the IIS management console, browse to the site and application where your service is being hosted. Then make sure you have the "Features View" selected, and select the "Authentication" option. You should see various forms of authentication (anonymous, Windows, ASP.NET Impersonation, etc.) and each should say either enabled or disabled next to it.