Finally, let's take a look at the situation if the previous scenario took place over the Internet instead. Here, we still have everything from Microsoft. However, since the user logged on is authorized against a domain that's separate and unconnected from the server machine. One can't enjoy the cached user ID and password capability.
In this case, the IE 3.0 and IIS combination will still try the NTLM challenge/response sequence first using the cached user ID and password at the client end, but this attempt will fail (because the user is unknown to the server domain). IE 3.0 will then pop up a dialog box prompting the user for an ID and password. Next, IE 3.0 will reattempt the NTLM challenge/response authentication using this new set of user ID and password.
Since the user will enter a user ID and password which can be authenticated in the IIS's domain, this will succeed and the server will reply with the protected data. From this point on, if the server requests any further authentication, IE 3.0 will use the user-entered user ID and password to authenticate the request.
The end result is somewhere between the transparent, all-Microsoft intranet situation, and the any-browser/any-server situation: