Posted on

How to Configure Web Services in Load Balancer with WCF Test Client?

Issue:

I have web services that hosted on farm environment with load balancer (LB) and SSL terminated on web services. Meaning web service running on port 80 only without certificate, SSL is handle in LB. I can’t get it to work with wsHttpBinding. How can I get wsHttpBinding to work with load balancer on port 80?

Flow:

LB (SSL) -> Apps (Node A/B) -> LB (SSL) -> Web Services (Node A/B on Port 80)

Environment:

Windows 10, Microsoft WCF Test Client version 12.0.*, IIS on Windows Server 2012 R2, Load Balancer

Resolution:

Since LB terminate the SSL at LB lever, web service needs to be host as http (port 80), not https. To do that, here are settings for WCF server and client.

Step-by-step instructions:-

  1. WCF Server Settings 
     <system.serviceModel>
     <services>
     <service behaviorConfiguration="ServiceBehavior" name="My.Ns.WcfService">
     <clear />
     <endpoint address=""
    binding="wsHttpBinding"
    bindingConfiguration="wsHttpBinding_IWcfService"
    name="IWcfServiceEndpoint"
    bindingNamespace="https://my.domain.com/App/WcfService.svc"
    contract="My.Ns.IWcfService" >
     <identity>
     <dns value="localhost" />
     </identity>
     </endpoint>
     <endpoint address="basic"
    binding="basicHttpBinding"
    bindingConfiguration="basicHttpBinding_IWcfService"
    name="basicHttpBinding"
    bindingNamespace="https://my.domain.com/App/WcfService.svc"
    contract="My.Ns.IWcfService" >
     <identity>
     <dns value="localhost" />
     </identity>
     </endpoint>
     <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
     </service>
     </services>
     <protocolMapping>
     <add scheme="http" binding="wsHttpBinding" bindingConfiguration="wsHttpBinding_IWcfService" />
     </protocolMapping>
     <bindings>
     <wsHttpBinding>
     <binding name="wsHttpBinding_IWcfService" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647">
     <readerQuotas maxDepth="32" maxStringContentLength="5242880" maxArrayLength="2147483646" maxBytesPerRead="4096" maxNameTableCharCount="5242880"/>
     <security mode="None">
     <transport clientCredentialType="None"/>
     </security>
     </binding>
     </wsHttpBinding>
     <basicHttpBinding>
     <binding name="basicHttpBinding_IWcfService" maxBufferPoolSize="2147483647" maxReceivedMessageSize="2147483647">
     <readerQuotas maxDepth="32" maxStringContentLength="5242880" maxArrayLength="2147483646" maxBytesPerRead="4096" maxNameTableCharCount="5242880" />
     <security mode="None" />
     </binding>
     </basicHttpBinding>
     </bindings>
     </system.serviceModel>
  2. WCF Client Settings 
     <system.serviceModel>
     <bindings>
     <basicHttpBinding>
     <binding name="basicHttpBinding" />
     </basicHttpBinding>
     <wsHttpBinding>
     <binding name="wsHttpBinding">
     <security mode="Transport">
     <transport clientCredentialType="None" />
     </security>
     </binding>
     </wsHttpBinding>
     </bindings>
     <client>
     <endpoint address="https://my.domain.com/App/WcfService.svc"
    binding="wsHttpBinding" bindingConfiguration="wsHttpBinding"
    contract="MyServiceRef.IWcfService" name="wsHttpBinding">
     <identity>
     <dns value="localhost" />
     </identity>
     </endpoint>
     <endpoint address="http://my.domain.com/App/WcfService.svc/basic"
    binding="basicHttpBinding" bindingConfiguration="basicHttpBinding"
    contract="MyServiceRef.IWcfService" name="basicHttpBinding" />
     </client>
     </system.serviceModel>
  3. To test service in WCF Test Client (C:\Program Files (x86)\Microsoft Visual Studio\2017\Enterprise\Common7\IDE\WcfTestClient.exe)
    1. Add service by clicking on File, Add Service
    2. Enter service URL with https, ex., https://my.domain.com/app/wcfservice.svc
    3. Right click on Config File and select Edit with SvcConfigEditor
    4. Change https to http since service is running on port 80
    5. Change security to none
    6. Click on File, Save, File, Exit, and Reload.
    7. (Alternative) Edit Client.dll.config file directly and change https to http and security to none as shown below:

    8. Test your method

Troubleshoot:

  1. If you get an address no match error, make sure your service method have [ServiceBehavior(AddressFilterMode = AddressFilterMode.Any)] added

Reference:

Sample Client.dll.config file for WCF Test Client

<?xml version="1.0" encoding="utf-8"?>
<configuration>
    <system.serviceModel>
        <bindings>
            <basicHttpBinding>
                <binding name="basicHttpBinding" sendTimeout="00:05:00" />
            </basicHttpBinding>
            <wsHttpBinding>
                <binding name="IWcfServiceEndpoint" sendTimeout="00:05:00">
                    <security mode="None" />
                </binding>
            </wsHttpBinding>
        </bindings>
        <client>
            <endpoint address="http://my.domain.com/app/WcfService.svc"
                binding="wsHttpBinding" bindingConfiguration="IWcfServiceEndpoint"
                contract="IWcfService" name="IWcfServiceEndpoint">
                <identity>
                    <dns value="localhost" />
                </identity>
            </endpoint>
            <endpoint address="http://my.domain.com/app/WcfService.svc/basic"
                binding="basicHttpBinding" bindingConfiguration="basicHttpBinding"
                contract="IWcfService" name="basicHttpBinding" />
        </client>
    </system.serviceModel>
</configuration>

 

 

 

Posted on

Windows 10 Can’t Connect to File Share with SMB1

Issue:

When I tried to copy files from my Windows 10 local drive to Windows 2008 R2 Server file share, I get a strange error:

You can't connect to the file share because it's not secure. This share requires the obsolete SMB1 protocol, which is unsafe and could expose your system to attack.
Your system requires SMB2 or higher. For more info on resolving this issue, see: https://go.microsoft.com/fwlink/?linkid=852747

It’s telling me the target file server is running an obsolete SMB1 protocol and I can’t connect to it from Windows 10. Windows 10 is running SMB2 and I can’t install SMB2 to Windows Server. What can I do?

Environment:

Windows 10, File Explorer, Windows 2008 R2 Server File Share

Resolution:

Since you can’t install SMB2 on Windows Server, what you can do is enable SMB1 on your Windows 10 machine. You can either enable SMB1 by GUI (Graphic User interface) or PowerShell script.

Step-by-step instructions:-

Enable SMB1 by GUI:

  1. Open Windows Features by searching for windows feature
  2. Click on “Turn Windows features on or off” and scroll down to “SMB 1.0/CIFS File Sharing Support”
  3. Click on check box next to “SMB 1.0/CIFS File Sharing Support”
  4. Click on “OK” button to apply the changes
  5. Follow the instructions to restart your machine for changes to take effect.
  6. Once restart, try to copy the file again.

 

Enable SMB1 by PowerShell (Run as administrator required):

  1. Open PowerShell window by searching for powershell on your Windows 10 machine
  2. Right click on “Windows PowerShell” and select “Run as administrator”
  3. Enable SMB1 by entering: Enable-WindowsOptionalFeature -Online -FeatureName SMB1Protocol 
    PS C:\windows\system32> Enable-WindowsOptionalFeature -Online -FeatureName SMB1Protocol

Do you want to restart the computer to complete this operation now?

[Y] Yes  [N] No  [?] Help (default is "Y"):

  4. Hit “Enter” key or type “y” to restart for changes to take effect
  5. Once restart, try to copy the file again.

 

Troubleshoot:

Enter this PowerShell (run as administrator) to check if SMB1 protocol enable on your machine:

PS C:\> Get-SmbServerConfiguration | Select EnableSMB1Protocol

EnableSMB1Protocol
------------------
             False

 

Reference:

How to detect, enable and disable SMBv1, SMBv2, and SMBv3 in Windows and Windows Server