Eradicating 401 "Unauthorised" responses followed by 200 "Ok" responses

Unfortunately this is an artifact of the HTTP NTLM authentication scheme.

In short, the browser (Internet Explorer or otherwise) doesn't know that it needs to authenticate at all until it gets bounced with a 401 response containing a WWW-Authenticate response header.

In the case of WWW-Authenticate: NTLM -- annoyingly enough -- it requires two 401 responses on a single persistent connection to complete, and this process must be repeated once the HTTP persistent connection is closed. So even if you were able to get the browser to initiate a request blindly attempting NTLM, at least one 401 response cannot be removed from the transaction.

I think your best bet would be to maximize the amount of time that persistent connections are left open when idle.

CSCRIPT.EXE c:\inetpub\adminscripts\ADSUTIL.VBS SET W3SVC/AuthPersistSingleRequest FALSE

Will reduce the amount of 401's significantly.