Windows Updates and App Store Updates – No Internet Connection Through an Authenticated ISA Proxy Error Code 0x8024401c

Having connected my Windows 8 laptop to my company network, joined the domain and configured my proxy settings, I thought I’d cracked internet access and for the most part I had. However, the Windows Update and App Store download/installs still didn’t seem to have any connectivity failing with 0x8024401c. For the first part I had configured the proxy setting in IE (LAN settings) and then run the following code then rebooted.

netsh winhttp import proxy source=ie

This got most internet connectivity working in both IE and apps, but the app store downloads kept failing and the Windows Update just stayed still on 0%.

So back to the drawing board. I eventually came across an excellent forum post which described a slightly long winded solution but it did work and is I think the only solution unless you have admin access to your proxy service to allow unauthenticated exceptions. As a summary, here are the steps I took.

  1. Download and install CNTLM from SourceForge
  2. Edit %programfiles(x86)%\cntlm\cntlm.ini (note that your text editor needs to be opened as an admin)
  3. Change the user/domain/password parameters as per your windows domain account. Note that the forum post describes a more secure way of encrypting the password.
  4. Update the proxy server to use the address of your authenticated server
  5. Change the proxy setting in IE using the Connections / LAN setting to be localhost on port 3128
  6. Make sure IE can open web sites.
  7. Run the command again to copy the settings for your apps netsh winhttp import proxy source=ie
  8. Download and install the enable loopback tool. This is required because by default Windows 8 apps are prevented from sending traffic through a proxy running on your local machine. Open the app, select all apps and click apply. Note that everytime you install a new app, you will need to repeat this step.
  9. In the Local Security Policy -> Administrative Tools -> Network -Network Isolation, update and enable Internet proxy servers for apps (inputting as the domian proxy). Also enable “Proxy definitions are authoritive”)
  10. Shutdown the app you want to test using Task Manager (if it’s already open) and re-start it. You will also want to restart the windows update service in the “View Local Services” settings.

If you are still having problems it might also be worth stopping the Windows Update Services then deleting C:\Windows\SoftwareDistribution – note you may need to restart the computer to release any locks of files in this folder.

UPDATE – Microsoft have finally acknowledged the issue and have detailed a workaround at the proxy level. Even this fix isn’t ideal but hopefully the issue will be fixed permanently in a future Windows Update.

Leave a Comment

NOTE - You can use these HTML tags and attributes:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>