We are running into a weird problem with two users on an internal only app at a client. The application uses Windows Authentication. It only happens with these two users and have had no other reports of authentication issues from any other users. Here is the scenario:

1. User logs into domain user id in Windows 10 and successfully logs in.
2. Loads recent Chrome, or Edge, browser.
3. Navigates to our application.
4. User is presented with a pop up to enter user id and password. This is incorrect behavior. The user should be automatically connected and is for 99+% of our users. The user can enter their information into the user id and password window and are successfully authenticated.

This is a highly locked down desktop environment. One thing that we are doing is checking the entries for the internet options -> security tab -> trusted sites in the control panel. Unfortunately, it takes a lot of time to get to this because the environment is really locked down and people aren’t always available onsite, so we don’t even know what the values are.

What things should we check? Are there any browser/windows options we should look into? I’ve even suggested looking for some malware on the systems, so no option is too weird.