<authentication mode="Windows" />
<deny users="?" />
Above is simple syntax for setup windows authentication at web.config.
At your IIS site, you also need to change things, you'll need to go to your IIS site and select Authentication, you should been see Windows Authentication. If there's no Windows Authentication then you need to install. You need to also turn Anonymous Anthentication off.
That's should be all of it, but you might seen something that when you hit the site it'll keep asking the user and password. Although you enter the correct user and password, it'll ask again.
So, I searched at stackoverflow, following answer resolve my issue.
401 Unauthorized error web api mvc windows authentication
- Set the DisableStrictNameChecking registry entry to 1. For more information about how to do this, click the following article number to view the article in the Microsoft Knowledge Base: 281308 Connecting to SMB share on a Windows 2000-based computer or a Windows Server 2003-based computer may not work with an alias name
- Click Start, click Run, type regedit, and then click OK.
- In Registry Editor, locate and then click the following registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0
- Right-click MSV1_0, point to New, and then click Multi-String Value.
- Type BackConnectionHostNames, and then press ENTER.
- Right-click BackConnectionHostNames, and then click Modify.
- In the Value data box, type the host name or the host names for the sites that are on the local computer, and then click OK.
- Quit Registry Editor, and then restart the IISAdmin service.