Here's the deal:

1. Windows 2008 AD server running on VMWare with host only network.

IP static

2. Windows 2008 App server running on same VMWare machine with host

only network tied to AD server and bridged network to the rest of the

world. Machine is part of machine 1's domain.

3. Personal PC in a workgroup.

I h ave a website running on machine 2 that I can connect to and

authenticate fine on machine 2. If I go onto machine 3 at home,

either wired or wireless, it keeps asking me to authenticate in IE.

If I go to work and plug the same machine into the network, I can

connect from machine 3 find. Only difference I can see is at work the

network is larger and has other domains on it, however since no one

but machine 2 can see the AD server running on machine 1, not sure why

it's failing. Any ideas?

Here is what is in the event log (and for the record, the username

() and password are right):

An account failed to log on.

Subject:

Security ID: NULL SID

Account Name: -

Account Domain: -

Logon ID: 0x0

Logon Type: 3

Account For Which Logon Failed:

Security ID: NULL SID

Account Name:

Account Domain:

Failure Information:

Failure Reason: Unknown user name or bad password.

Status: 0xc000006d

Sub Status: 0xc000006a

Process Information:

Caller Process ID: 0x0

Caller Process Name: -

Network Information:

Workstation Name: -

Source Network Address: 192.168.59.1

Source Port: 4110

Detailed Authentication Information:

Logon Process: Kerberos

Authentication Package: Kerberos

Transited Services: -

Package Name (NTLM only): -

Key Length: 0

This event is generated when a logon request fails. It is generated on

the computer where access was attempted.

The Subject fields indicate the account on the local system which

requested the logon. This is most commonly a service such as the

Server service, or a local process such as Winlogon.exe or

Services.exe.

The Logon Type field indicates the kind of logon that was requested.

The most common types are 2 (interactive) and 3 (network).

The Process Information fields indicate which account and process on

the system requested the logon.

The Network Information fields indicate where a remote logon request

originated. Workstation name is not always available and may be left

blank in some cases.

The authentication information fields provide detailed information

about this specific logon request.

- Transited services indicate which intermediate services have

participated in this logon request.

- Package name indicates which sub-protocol was used among the NTLM

protocols.

- Key length indicates the length of the generated session key. This

will be 0 if no session key was requested.