What is the correct WCF net.tcp binding security for this scenario?

I have a WCF service which is hosted in a Windows Service and has net.tcp endpoint. The clients are in the same LAN (Workgroup) as the service but they don't have the server's Windows user accounts.

PS: When I set the Security.Mode to None in both client and server, I receive the following error:

The requested upgrade is not supported by '{SERVICE ADDRESS}'This could be due to mismatched bindings (for example security enabled on the client and not o开发者_开发问答n the server).

Nettcp binding is secure by default, your clients must provide Windows credentials because all messages are signed and encrypted over tcp. Setting it to none will probably cause a problem, you'll want something like:

<netTcpBinding>
     <binding name="netTcp">
       <security mode="Transport">
         <transport clientCredentialType="Windows" />
       </security>
     </binding>
</netTcpBinding>

OK, I solved the problem.

I don't know why it is like this, but if I uncheck the "Use simple file sharing" in Folder Options of the server, everything works perfectly.

I have self-hosted net.tcp services and they work fine with or without security, in fact, you can host multiple secure and unsecure net.tcp contracts on the same port, which makes firewall setup simpler.

If turning off Simple File Sharing is what allowed your client/service to work, then I suspect that the port you chose to host the service was also in use by Simple File Sharing.

if any of the above solution does not work for you then try to remove identity from your endpoint as shown below:

<endpoint address="net.tcp://127.0.0.1/FacilitySchedulesService/FacilitySchedulesService.svc"
                binding="netTcpBinding" bindingConfiguration="FacilityScheduleDSTCP"
                contract="FacilitySchedules.IFacilitySchedulesService" name="FacilityScheduleDSTCP">
        <!--<identity>
          <userPrincipalName value="abc" />
        </identity>-->
      </endpoint>