NetMsmqBinding WAS服务无法从工作组中的远程MSMQ队列读取消息

Question

We have a service that is hosted in IIS using WAS with the net.msmq binding. The service reads messages from a private transactional MSMQ queue. I need it to work by reading from a queue that is on a different machine to the service. I can get it working if the queue is on the same machine, but not if it is on a different machine.

Environment information

• The servers are running Windows Web Server 2008 R2.
• The servers are in a workgroup, ie, they are not part of a domain.
• MSMQ has been installed without the directory service integration feature.
• I believe that the required Windows features are installed (WCF Non-Http Activation and Http Activation, Message Queuing Server, Multicasting Support, Message Queueing DCOM Proxy, Windows Process Activation Service, .NET Environment, Configuration APIs)
• I have made the following registry changes on the machines:
  • NewRemoteReadServerAllowNoneSecurityClient = 1
  • NewRemoteReadServerDenyWorkgroupClient = 0
  • AllowNonauthenticatedRpc = 1
• DTC has been enabled, with Network DTC Access, Allow Remote Clients, Allow Inbound, Allow Outbound, No Authentication Required and Enable SNA LU 6.2 Transactions all selected.
• Firewall changes have been made.

Service configuration information

• We are using netMsmqBinding.
• The transport Security Mode of the netMsmqBinding is None.
• ExactlyOnce is true
• UseActiveDirectory is false
• Durable is true
• The queue address is net.msmq://the-host-computer-name/private/EmailAsyncService

WCF logging

• There is a warning:

Cannot detect if the queue is transactional". The FormatName of the queue in the error is DIRECT=OS:the-host-computer-name\\private$\\EmailAsyncService

• There is then an error:

An error occurred when converting the 'the-host-computer-name\\private$\\EmailAsyncService' > queue path name to the format name: Unrecognized error -1072824300 (0xc00e0014). All operations on the queued channel failed. Ensure that the queue address is valid. MSMQ must be installed with Active Directory integration enabled and access to it is available.

What I have tried

• I can read messages from the remote queue from the machine the service is on if I manually create and use a MessageQueue instance.
• I've tried hosting the service as a standalone console application. The error messages are the same.
• I have tried disabling the firewalls involved.
• I've tried the changes on http://msdn.microsoft.com/en-us/library/ms752246.aspx , which relate to running such services on a computer joined to a workgroup. ("both the activation service and the worker process must be run with a specific user account (must be same for both) and the queue must have ACLs for the specific user account... In workgroup, the service must also run using an unrestricted token.") The user account I'm currently using is Network Service.

Some thoughts

• I don't believe that there is a firewall or permissions issue.
• Despite the fact that the service configuration has UseActiveDirectory set to false, the queue address of net.msmq://the-host-computer-name/private/EmailAsyncService seems to be getting translated into the-host-computer-name\\private$\\EmailAsyncService, which AFAIK is a name format that requires lookup via Active Directory.

Answer 1

I'm a little late here, but since you have no other answers, I may still be of help.

You might want to try enabling Directory Service Integration, as I believe you need to muck with certificates to operate in Workgroup Mode.

Also, Juval Lowy's WCF book makes it clear that when you have queued services hosted in WAS you have to name the queue the exact same as the virtual path to your svc file. So if your service is actually hosted at /EmailAsyncService/EmailService.svc then that's precisely what you need to name your queue (without the first slash).