Databases
StackOverflow2013
Postsdbo
POThe HTTP request is unauthorized with client authentication scheme 'Ntlm' The authentication header received from the server was 'NTLM'
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POThe HTTP request is unauthorized with client authentication scheme 'Ntlm' The authentication header received from the server was 'NTLM'
    text
    copied!<p>I know there's a lot of questions on SO similar to this, but I couldn't find one for this particular issue.</p> <p>A couple of points, first:</p> <ul> <li>I have <strong>no control</strong> over our Sharepoint server. I cannot tweak any IIS settings.</li> <li>I believe our IIS server version is IIS 7.0.</li> <li>Our Sharepoint Server is anticipating requests via NTLM.</li> <li>Our Sharepoint Server is on the same domain as my client computer.</li> <li>I am using .NET Framework 3.5, Visual Studio 2008</li> </ul> <p>I am trying to write a simple console app to manipulate Sharepoint data using Sharepoint Web Services. I have added the Service Reference, and the following is my app.config:</p> <pre><code>&lt;system.serviceModel&gt; &lt;bindings&gt; &lt;basicHttpBinding&gt; &lt;binding name="ListsSoap" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true"&gt; &lt;readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" /&gt; &lt;security mode="Transport"&gt; &lt;transport clientCredentialType="Ntlm" proxyCredentialType="Ntlm" /&gt; &lt;/security&gt; &lt;/binding&gt; &lt;/basicHttpBinding&gt; &lt;/bindings&gt; &lt;client&gt; &lt;endpoint address="https://subdomain.companysite.com/subsite/_vti_bin/Lists.asmx" binding="basicHttpBinding" bindingConfiguration="ListsSoap" contract="ServiceReference1.ListsSoap" name="ListsSoap" /&gt; &lt;/client&gt; &lt;/system.serviceModel&gt; </code></pre> <p>This is my code:</p> <pre><code>static void Main(string[] args) { using (var client = new ListsSoapClient()) { client.ClientCredentials.Windows.ClientCredential = new NetworkCredential("username", "password", "domain"); client.GetListCollection(); } } </code></pre> <p>When I call GetListCollection(), the following <strong>MessageSecurityException</strong> gets thrown:</p> <pre><code>The HTTP request is unauthorized with client authentication scheme 'Ntlm'. The authentication header received from the server was 'NTLM'. </code></pre> <p>With an inner WebException:</p> <pre><code>"The remote server returned an error: (401) Unauthorized." </code></pre> <p>I've tried various bindings and various code tweaks to try to authenticate properly, but to no avail. I'll list those below.</p> <hr> <h2>I've tried the following steps:</h2> <p><strong>Using a native Win32 Impersonator before creating the client</strong></p> <pre><code>using (new Impersonator.Impersonator("username", "password", "domain")) using (var client = new ListsSoapClient()) { client.ClientCredentials.Windows.ClientCredential = new NetworkCredential("dpincas", "password", "domain"); client.GetListCollection(); } </code></pre> <p>This produced the same error message.</p> <hr> <p><strong>Setting TokenImpersonationLevel for my client credentials</strong></p> <pre><code>using (var client = new ListsSoapClient()) { client.ClientCredentials.Windows.AllowedImpersonationLevel = TokenImpersonationLevel.Impersonation; client.GetListCollection(); } </code></pre> <p>This produced the same error message.</p> <hr> <p><strong>Using security mode=TransportCredentialOnly</strong></p> <pre><code>&lt;security mode="TransportCredentialOnly"&gt; &lt;transport clientCredentialType="Ntlm" /&gt; &lt;/security&gt; </code></pre> <p>This resulted in a different error message:</p> <pre><code>The provided URI scheme 'https' is invalid; expected 'http'. Parameter name: via </code></pre> <p>However, I need to use https, so I cannot change my URI scheme.</p> <hr> <p>I've tried some other combinations that I can't remember, but I'll post them when I do. I'm really at wits end here. I see a lot of links on Google that say "switch to Kerberos", but my server seems to only be accepting NTLM, not "Negotiate" (as it would say if it was looking for Kerberos), so that is unfortunately not an option.</p> <p>Any help out there, folks?</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload