HttpContext.Current.User returns admin account instead of user account

Question

I have two Windows accounts, my regular user-level one, and an Administrator one. As far as I know, there is no connection between the two in AD, other than my name. I normally log into my dev machine using the user account.

If I run my website locally using VS/IIS Express, I get the following values (as expected):

System.Web.HttpContext.Current.User.Identity.Name = "DOMAIN\\jespaillat"
WindowsIdentity.GetCurrent().Name = "DOMAIN\\jespaillat"

On the deployed site, however, when using both Chrome and IE11, I get the following:

System.Web.HttpContext.Current.User.Identity.Name = "DOMAIN\\admin-jespaillat"
WindowsIdentity.GetCurrent().Name = "IIS APPPOOL\\DefaultAppPool"

Both browsers automatically send my Windows credentials to the server, and do not prompt for login. I get the same behavior when running incognito. I can see in Fiddler that the browser is sending a Kerberos ticket with the request, though the account name is not visible within the base64 string.

So where is it getting the name of the admin account, which I am NOT logged in as? And how are the two accounts even connected?

(Interestingly, Firefox DOES prompt for credentials every time, so I am able to enter the correct value.)

---

Windows Server 2016, IIS 10, .NET 4.7.2 . Desktop is Windows 7

<system.web>
  <authentication mode="Windows" />
  <authorization>
    <deny users="?" />
  </authorization>
</system.web>

Only Windows Authentication is enabled in IIS

Answer 1

Credential Manager was the culprit.

Turns out that CM had an entry for every remote drive that I've ever used Explorer to connect to (and yes, I had checked the box to "remember my credentials"). Including the drive on the web server.

All of the browsers (except Firefox) were conflating the username/password used to access a file share on a machine, with the username/password to access the website on the same machine. Once I deleted the CM entry for the web server, it worked.