sspi authentication

i'm trying to enable sspi authentication with the latest postgresql
(8.3.4) on windows 2003 (standard edition, sp2, latest updates).

i configured pg_hba.conf:

host all all <my-ip>/32 sspi

but get this error when connecting from an xp client (via pgAdmin III):
"Error connecting to the server: FATAL: SSPI authentication failed for
user "postgres"."

i'm very much in the dark about how to configure this, esp. with windows
(eg: Group Policy). i googled for Group Policy and postgresql, but i
didn't find anything obvious about what I should do. my understanding is
that sspi should authenticate (transparently) via windows authentication
with the currently logged-in user, and, if successful, map that user to
the postgresql login-role specified in the connection string (in my case,
postgres). i presume the mapping is automatic as long as the user is
listed in the pg_hba.conf file.

so, i guess my question is, how can i track down the problem? i presume
it's something in windows security, but maybe i should do something in
postgresql.conf (the docs are extremely confusing; there's very little
about sspi - just a couple sentences - mostly consisting of a reference to
gssapi, which refers to kerberos, and in the end i'm left unsure whether i
should set anything or not, even for the simple case of all-windows
clients).

i see nothing in the system event logs or the postgres logs except: SSPI
authentication failed for user "postgres"

i saw a comment about "Guest" being the default if simple networking is
enabled, which doesn't make sense to me, but i don't think that's enabled
(or even an option on windows 2003 server?).

any help is appreciated!!

thanks,
--craig