I notice you're using System.DirectoryServices to configure these features on IIS7 (according to your tags).

In IIS7 you can configure both of these settings using the Microsoft.Web.Administration library instead:

Setting the authentication type (replaces AuthFlags):

IIS 7 Configuration: Security Authentication <authentication>

To configure Forms Authentication:

using Microsoft.Web.Administration;
   ...
long iisNumber = 1234;
using(ServerManager serverManager = new ServerManager())
{
  Site site = serverManager.Sites.Where(s => s.Id == iisNumber).Single();

  Configuration config = serverManager.GetWebConfiguration(site.Name);
  ConfigurationSection authenticationSection = 
               config.GetSection("system.web/authentication");
  authenticationSection.SetAttributeValue("mode", "Forms");

  ConfigurationSection authorizationSection = 
               config.GetSection("system.web/authorization");
  ConfigurationElementCollection addOrDenyCollection = 
               authorizationSection.GetCollection();
  ConfigurationElement allowElement = addOrDenyCollection.CreateElement("allow");
  allowElement["users"] = "?";

  addOrDenyCollection.Add(allowElement);
  serverManager.CommitChanges();
}

The code above will create a new web.config file in the root of the website or modify an existing one.

To use Microsoft.Web.Administration, add a reference to C:\Windows\System32\InetSrv\Microsoft.Web.Administration.dll.

Source

using System;
using System.Text;
using Microsoft.Web.Administration;

internal static class Sample {

   private static void Main() {

      using(ServerManager serverManager = new ServerManager()) { 
         Configuration config = serverManager.GetApplicationHostConfiguration();

         ConfigurationSection anonymousAuthenticationSection = config.GetSection("system.webServer/security/authentication/anonymousAuthentication", "Contoso");
         anonymousAuthenticationSection["enabled"] = false;

         ConfigurationSection windowsAuthenticationSection = config.GetSection("system.webServer/security/authentication/windowsAuthentication", "Contoso");
         windowsAuthenticationSection["enabled"] = true;

         serverManager.CommitChanges();
      }
   }
}

I would recommend a slightly different approach if maintaining IIS 7 or 7.5. The concepts are similar but de-emphasizing the ASP.Net oriented <system.web> in the local application web.config in trade for emphasizing the IIS oriented <system.webServer> in the server applicationHost.config.

Start at the bottom of this link and scroll up... http://www.iis.net/ConfigReference/system.webServer/security/authentication/windowsAuthentication

Imports System
Imports System.Text
Imports Microsoft.Web.Administration

Module Sample
   Sub Main()
      Dim serverManager As ServerManager = New ServerManager
      Dim config As Configuration = serverManager.GetApplicationHostConfiguration

      Dim anonymousAuthenticationSection As ConfigurationSection = config.GetSection("system.webServer/security/authentication/anonymousAuthentication", "Default Web Site/App1")
      anonymousAuthenticationSection("enabled") = False

      Dim windowsAuthenticationSection As ConfigurationSection = config.GetSection("system.webServer/security/authentication/windowsAuthentication", "Default Web Site/App1")
      windowsAuthenticationSection("enabled") = True

      serverManager.CommitChanges()
   End Sub
End Module

The core approach is to make changes in IIS Manager and observe how the application host config changes for that application. Then you replicate those changes by driving the new Microsoft.Web.Administration assembly appropriately.

Location: %systemroot%\system32\inetsrv\config\applicationHost.config

Things to look for:

<location path="Default Web Site/App1">
    <system.webServer>
        <security>
            <authentication>
                <anonymousAuthentication enabled="true" />
                <windowsAuthentication enabled="true" />
            </authentication>
        </security>
    </system.webServer>
</location>