On Windows Server 2003 / IIS 6, I use a custom class that extend the PreAuthenticationFilter class.

I configured IIS to 'Windows Authentication' only. I need to get the login used during the NTLM challenge.

When users have an account in the domain, it works, I get the remote username in the method getAutheticatedUsername from the HttpServelRequest.

But when users are not part of the domain, then the username I get is 'Guest'
and not the one they used for the NTLM challenge.

I noticed that on Windows XP / IIS 5, I don't have this problem. The username I receive is not Guest, but the username of the client.

Why do I get 'Guest' on Windows Server 2003?
Is there a permission or a local policy setting that I am missing?