We have multiple IIS7.5 web sites that now return a 401 unauthorized error when users try to access them. The current authentication is set to Windows Authentication with Negotiate and NTLM providers. If I move NTLM up to the first provider, the sites work. Why did Negotiate suddenly quit working? Our infrastructure teams made some changes to routing and DNS, but I've been told that all DNS changes have been reverted.
What also makes this issue more interesting is that it only happens to certain sites. Our HQ site works fine with Negotiate, but our remote sites only work with NTLM listed first.