401 when calling Web Service only on particular machines

Question

We have developed a WPF Application with C# and are using RestSharp to communicate with a simple Web Service like this:

Client = new RestClient(serviceUri.AbsoluteUri);
Client.Authenticator = new NtlmAuthenticator(SvcUserName, SvcPassword.GetString());

It all worked great until we received calls that on some machines (most work) the app can't connect to the service. A direct call to the service method with fiddler worked. Then we extracted a small .net console app and tried the service call with RestSharp and directly with a HttpWebRequest and it failed again with 401. Now we enabled System.Net tracing and noticed something. After the first 401, which is normal,the faulty machine produces this log:

System.Net Information: 0 : [4480] Connection#3741682 - Received headers { Connection: Keep-Alive Content-Length: 1293 Content-Type: text/html Date: Mon, 10 Aug 2015 12:37:49 GMT Server: Microsoft-IIS/8.0 WWW-Authenticate: Negotiate,NTLM X-Powered-By: ASP.NET }. System.Net Information: 0 : [4480] ConnectStream#39451090::ConnectStream(Buffered 1293 bytes.) System.Net Information: 0 : [4480] Associating HttpWebRequest#2383799 with ConnectStream#39451090 System.Net Information: 0 : [4480] Associating HttpWebRequest#2383799 with HttpWebResponse#19515494 System.Net Information: 0 : [4480] Enumerating security packages: System.Net Information: 0 : [4480] Negotiate System.Net Information: 0 : [4480] NegoExtender System.Net Information: 0 : [4480] Kerberos System.Net Information: 0 : [4480] NTLM System.Net Information: 0 : [4480] Schannel System.Net Information: 0 : [4480] Microsoft Unified Security Protocol Provider System.Net Information: 0 : [4480] WDigest System.Net Information: 0 : [4480] TSSSP System.Net Information: 0 : [4480] pku2u System.Net Information: 0 : [4480] CREDSSP

System.Net Information: 0 : [4480] AcquireCredentialsHandle(package = NTLM, intent = Outbound, authdata = (string.empty)\corp\svc_account)

System.Net Information: 0 : [4480] InitializeSecurityContext(credential = System.Net.SafeFreeCredential_SECURITY, context = (null), targetName = HTTP/mysvc.mycorp.com, inFlags = Delegate, MutualAuth, Connection) System.Net Information: 0 : [4480] InitializeSecurityContext(In-Buffers count=1, Out-Buffer length=40, returned code=ContinueNeeded).

A working machine produces this output:

System.Net Information: 0 : [3432] Connection#57733168 - Empfangene Statusleiste: Version = 1.1, StatusCode = 401, StatusDescription = Unauthorized. System.Net Information: 0 : [3432] Connection#57733168 - Header { Content-Type: text/html Server: Microsoft-IIS/8.0 WWW-Authenticate: Negotiate,NTLM X-Powered-By: ASP.NET Date: Mon, 10 Aug 2015 15:15:11 GMT Content-Length: 1293 } wurden empfangen. System.Net Information: 0 : [3432] ConnectStream#35016340::ConnectStream(Es wurden 1293 Bytes gepuffert.) System.Net Information: 0 : [3432] Associating HttpWebRequest#64062224 with ConnectStream#35016340 System.Net Information: 0 : [3432] Associating HttpWebRequest#64062224 with HttpWebResponse#64254500 System.Net Information: 0 : [3432] Sicherheitspakete werden enumeriert: System.Net Information: 0 : [3432] Negotiate System.Net Information: 0 : [3432] NegoExtender System.Net Information: 0 : [3432] Kerberos System.Net Information: 0 : [3432] NTLM System.Net Information: 0 : [3432] Schannel System.Net Information: 0 : [3432] Microsoft Unified Security Protocol Provider System.Net Information: 0 : [3432] WDigest System.Net Information: 0 : [3432] TSSSP System.Net Information: 0 : [3432] pku2u System.Net Information: 0 : [3432] CREDSSP

System.Net Information: 0 : [3432] AcquireCredentialsHandle(package = Negotiate, intent = Outbound, authdata = System.Net.SafeSspiAuthDataHandle) System.Net Information: 0 : [3432] InitializeSecurityContext(credential = System.Net.SafeFreeCredential_SECURITY, context = (null), targetName = HTTP/mysvc.mycorp.com, inFlags = Delegate, MutualAuth, Connection)

System.Net Information: 0 : [3432] InitializeSecurityContext(Anzahl von In-Buffers = 1, Länge von Out-Buffer = 40, zurückgegebener Code = ContinueNeeded).

I wonder if some configuration on the faulty machine would cause this. At the moment I am not sure where to look next.

Update: Here is the Code of our simple test tool:

RestClient Client = new RestClient("https://mysvc.mycorp.com/service.svc");
        Client.Authenticator = new NtlmAuthenticator("corp\\svc_account", "mypassword");
        var request = new RestRequest("api/Method", Method.POST);
        request.RequestFormat = DataFormat.Json;
        request.AddBody(new { Device_Key = "somestring" });
        request.Timeout = 200000;


        RestResponse response = (RestResponse)Client.Execute(request);

Update 2: We have now confirmed that this Problem only occurs on newly installed win 7 machines that have an updated corporate Image. Almost Looks like some update in the last 2 months is screwing with us.

Answer 1

This is crazy: Turns out, as soon as I installed .net 4.5 on the Windows 7 machine, the WebRequest worked! We believe that the culprit was a missing patch of the .NET 4.0 Framework that is deployed to all client machines. So, patch your machines :)