System.Net.WebClient doesn't work with Windows Authentication

Question

I am trying to use System.Net.WebClient in a WinForms application to upload a file to an IIS6 server which has Windows Authentication as it only \'Authentication\' method.

Answer 1

I have seen a similar issue, where the Integrated / NTLM security will only work if you are accessing the host by machine name or localhost. In fact, it is a [poorly] document feature in Windows that is designed to protect against "reflection attacks".

Basically, you need to create a registry key on the machine that is trying to access the server, and whitelist the domain you are trying to hit. Each host name / FQDN needs to be on it's own line - there are no wildcards and the name must match exactly. From the KB Article:

• Click Start, click Run, type regedit, and then click OK.
• In Registry Editor, locate and then click the following registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0
• Right-click MSV1_0, point to New, and then click Multi-String Value.
• Type BackConnectionHostNames, and then press ENTER.
• Right-click BackConnectionHostNames, and then click Modify.
• In the Value data box, type the host name or the host names for the sites that are on the local computer, and then click OK.
• Exit Registry Editor, and then restart the computer.

http://support.microsoft.com/kb/956158/en-us