I have a folder in my intranet set to disallow anonymous access and to authenticate using NTLM. When some users hit this folder, they are prompted for user name and password, while other users are not -- they are allowed right in.<BR><BR>Which behavior is correct, and how do I make it consistent for all users? Is it a browser thing, a registry thing, or something else?