You have some extra time and are looking for a WCF related puzzle that will waste some of it? Awesome. Here’s what you can do:

Create a simple WCF service, host it in IIS and change its application pool’s identity to a windows user you create and only provide with the minimum set of permissions you think it needs. Then create a proxy and try to make a successful call to the service without reading the rest of this post :)

Apparently if you don’t grant the application pool’s identity write permissions on C:\Windows\Temp, fascinating things happen to the service. It seems up, the ?wsdl works but proxies cannot be created because the XML schemas referenced within the WSDL fail to download. These are usually urls of type ?xsd=xsd0, ?xsd=xsd1, etc. Additionally, some tools (e.g. svcutil.exe) and IIS get into an argument about MIME types, HTTP code 415 ‘Other mime type expected, expected application/soap+msbin1 but got application/soap+xml and whatnot.

Obviously the XSDs are somehow dynamically compiled and cached in C:\Windows\Temp but it is certainly interesting to learn about this behavior if you encounter the aforementioned symptoms. Fortunately the fix is already out there.