The realm (if specified) is also revealed in the popup window requesting authentication information.

my IIS 5.0 server replies with

HTTP/1.1 401 Access Denied
Server: Microsoft-IIS/5.0
Date: Sun, 04 Dec 2005 21:17:01 GMT
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
Content-Length: 24
Content-Type: text/html

Error: Access is Denied.

Connection to host lost.
I have my system configured to use Kerbose authentiation and if the client is not capable then to fall back on NTLM. The realm has been replaced by the domain and is provided by the client (since this system is connected to several domains)

Review: http://www.owasp.org/columns/jlima/joelima2.html for more information on IIS authentication. It is not a great article, but the MS info is kinda spread... and this is simple and concise.

Lastly view:
http://www.microsoft.com/windows2000...p/apro9ael.htm
for information about modifying the realm settings in the metabase.

cheers,

catch