Once local users have logged onto the Windows 2000 domain, I would like for
them to access my IIS website that is secured with NTLM/Integrated Windows
Authentication.

When a user accesses http://webserver they are taken straigh to the start
page.
When a user accesses http://webserver.domain.com they are prompted for their
credentials.
When a user accesses http://192.168.1.1 they are prompted for their
credentials.

All of the above resolve to the same Server. The server has no header
defined in IIS.

The client and server are on the same subnet and do not use
proxy/gateway/firewall or anything else.
It is a 2000 Domain (mixed mode) with both DNS and WINS servers.

Could WINS name resolution somehow allow the credentials to be carried over
to the server while DNS name resolution does not?
The only difference that I can see is that http://webserver may use WINS
while http://webserver.domain.com would use DNS and http://192.168.1.1 would
access the machine directly.

Users have been complaining (which they are very good at doing) about the
number of times they have to log in to get to their Web Based Email. I need
for them to always use http://webserver.domain.com as they are not very
literate - so asking them to alter the URL is not a favourable option.

My long terms goal is to avoid all login prompts unless absolutely necessary
(some users will access the site from outside the company). Also, certain
users will be accessing via an ISA proxy so I wanted to implement Digest
Authentication - but I would like to get http://webserver.scd.ie with NTLM
working first.

Any help is appreciated. I am stumped and am unable to find a solution
myself.

Thanks to Miha Pihler and my ability to read other posts only after I have
posted myself, I have found out that I must add the site to my Intranet Zone
in IE security on the clients.

I can do this in and AD GPO.

I am so full of chocolate right now. Thank you Miha.