Try to edit the applicationHost.config file in the webserver (under C:\Windows\System32\inetsrv\config) and add a location-section for the site at the end of the file (but before </configuration>) like this:
<location path="MyWebSite">
<system.webServer>
<security>
<authentication>
<windowsAuthentication enabled="false" />
</authentication>
</security>
</system.webServer>
</location>
It seems like the problem in [this link][1] is similar to yours, just the opposite, hope it helps.
[1]: https://stackoverflow.com/questions/25806418/deploying-website-disables-windows-authentication
We also had this problem using Octopus Deploy. Deploying to the testing environment went OK, with IIS keeping Windows Authentication = enabled, but when deploying to the dev environment then Windows Authentication was switched to disabled.
The solution for us was to edit the applicationHost.config file in the webserver (under C:\Windows\System32\inetsrv\config) and add a location-section for the site at the end of the file (but before `</configuration>`) like this:
<location path="MyWebSite">
<system.webServer>
<security>
<authentication>
<windowsAuthentication enabled="true" />
</authentication>
</security>
</system.webServer>
</location>
After this, the Windows Authentication setting was kept at enabled after deploy.