I had just finished setting up a new web server when I realized I authentication problems. The server was a Windows Server 2008 R2 box running IIS 7. The hosted web application was written in .Net and uses windows authentication. When I tried to access the site from an XP box using a local account on the machine, I kept getting a 401.1 error. The event logs didn’t help much. They showed that I was correctly typing the computer name for the domain and the appropriate username. After a few attempts, the local account would be locked so I was trying to authenticate with the correct account. To make matters even more confusing, I could connect using the same local account from another Windows Server 2008 box. What really confused me was that domain accounts would authenticate without issue.
Long story short, the Windows Server 2008 box was set to only allow NTLM v2. The XP box was set to only use NTLM. Switching the LMCompatibilityLevel solved the problem. The system registry path is HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa and the DWord name is LmCompatibilityLevel. The following link was very helpful in fixing the problem http://technet.microsoft.com/en-us/magazine/2006.08.securitywatch.aspx