I had yet another one of those head banging on desk moments yesterday and then discovered the solution today! The problem was that I could NOT log onto SharePoint 2010 Foundation on the machine that was hosting the site (known as the WFE, the Web Front End) using the FQDN (Fully Qualified Domain Name), such as http://mydev.foobar.com. I could, however, log in just fine externally from the domain and even from a different machine in the same domain. I could also log into it on the WFE using the local machine name, like http://MyServer. No matter how hard I tried I could NOT log into the damned SharePoint site using the FQDN on the actual WFE. It prompted me for credentials which I entered correctly but it just kept prompting me.
 
I even had the network guys set up a zone on the DNS and create A Records etc. But still it wouldn't work. Not only that but the Search Engine Crawl failed for the FQDN and would only work for the Local machine name. So I went on a quest and found the answer. Rather than claim it as my own I have added the link to the article AND also added the resolution steps, just in case the article vanishes from the web! Don't you just hate it when someone posts something and all they do is say the answer is in this link, then the link is so old that it's gone! 
 
http://sharepoint.stackexchange.com/questions/5574/i-cant-login-to-sharepoint-2010-whats-wrong
For the record, this solved my issue on Windows Server 2008 R2 running SharePoint 2010. ALSO AS DC! :) For all you purists!
Disable the loopback check loadTOCNode(2, 'workaround'); Follow these steps:
1.    Click Start, click Run, type regedit, and then click OK.
2.    In Registry Editor, locate and then click the following registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
3.    Right-click Lsa, point to New, and then click DWORD Value. Type DisableLoopbackCheck, and then press ENTER.
4.    Right-click DisableLoopbackCheck, and then click Modify. In the Value data box, type 1, and then click OK.1.2.
RESTART PC!
 
This explains the reason why! http://www.harbar.net/archive/2009/07/02/disableloopbackcheck-amp-sharepoint-what-every-admin-and-developer-should-know.aspx

The OFFICIAL Microsoft KB article describes the 2 different ways to resolve this issue.
http://support.microsoft.com/kb/896861

The following is copied from the KB link above.
There are two methods to work around this issue, use one of the following methods, as appropriate for your situation.

Method 1: Specify host names (Preferred method if NTLM authentication is desired)

To specify the host names that are mapped to the loopback address and can connect to Web sites on your computer, follow these steps:

  1. Set the DisableStrictNameChecking registry entry to 1. For more information about how to do this, click the following article number to view the article in the Microsoft Knowledge Base:
    281308 (http://support.microsoft.com/kb/281308/ ) Connecting to SMB share on a Windows 2000-based computer or a Windows Server 2003-based computer may not work with an alias name
  2. Click Start, click Run, type regedit, and then click OK.
  3. In Registry Editor, locate and then click the following registry key:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0
  4. Right-click MSV1_0, point to New, and then click Multi-String Value.
  5. Type BackConnectionHostNames, and then press ENTER.
  6. Right-click BackConnectionHostNames, and then click Modify.
  7. In the Value data box, type the host name or the host names for the sites that are on the local computer, and then click OK.
  8. Quit Registry Editor, and then restart the IISAdmin service.

Method 2: Disable the loopback check (less-recommended method)

The second method is to disable the loopback check by setting the DisableLoopbackCheck registry key.

To set the DisableLoopbackCheck registry key, follow these steps:

  1. Set the DisableStrictNameChecking registry entry to 1. For more information about how to do this, click the following article number to view the article in the Microsoft Knowledge Base:
    281308 (http://support.microsoft.com/kb/281308/ ) Connecting to SMB share on a Windows 2000-based computer or a Windows Server 2003-based computer may not work with an alias name
  2. Click Start, click Run, type regedit, and then click OK.
  3. In Registry Editor, locate and then click the following registry key:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
  4. Right-click Lsa, point to New, and then click DWORD Value.
  5. Type DisableLoopbackCheck, and then press ENTER.
  6. Right-click DisableLoopbackCheck, and then click Modify.
  7. In the Value data box, type 1, and then click OK.
  8. Quit Registry Editor, and then restart your computer.


I hope this helps someone out there!