I’m trying to set up a TFS2010 (with SP1) server and I keep running into hurdles.

The latest prevents me from doing anything useful as every HTTP request to “https://tfs.myserver.com/tfs” results in a HTTP 401. It doesn’t matter if these requests come from the TFS Administration Console or from a web-browser. Every time I’m prompted to authenticate I enter the domain Administrator’s fully-qualified username and password and I always get this error message:

Team Foundation Server
TF30063: You are not authorized to access https://tfs.myserver.com/tfs. - The remote erver returned an error: (401) Unauthorized.

Only a few settings in the Administration Console work (such as “Change URLs”) but others, like “Group Membership” (either on the Application Tier node or on a Team Project Collection) results in the same prompt-then-fail.

The SSL certificate is valid, and the URLs seem consistent. I can’t think what I’m missing out on.

EDIT: There is nothing relevant in the usual Event Logs. The Security log does show my Audit Failures, but I don’t understand them because I’m entering the usernames and passwords correctly (the very same I use to access the servers over RDP):

An account failed to log on.

Subject:
    Security ID:        NULL SID
    Account Name:       -
    Account Domain:     -
    Logon ID:       0x0

Logon Type:         3

Account For Which Logon Failed:
    Security ID:        NULL SID
    Account Name:       Administrator
    Account Domain:     DOMAIN

Failure Information:
    Failure Reason:     Unknown user name or bad password.
    Status:         0xc000006d
    Sub Status:     0xc000006a