Freitag, 1. März 2013

Using a proxy server with Lotus Notes: NTLM authentication and exclusion lists

If you ever wondered why it's sometimes such a hassle to copy & paste data from a webbrowser directly into your Lotus Notes Client, it might be due to a missing proxy configuration.
If your company's proxy server requires NTLM-Authentication, you'll notice that entering your domain-credentials in the proxy configuration dialog of your location document will not work as expected. The client will keep prompting for the proper credentials since it will always try basic authentication with the proxy server. That's because Lotus Notes doesn't support NTLM-authentication out of the box. In order to make this work, you need to set the (undocumented) parameter W3ContextNTLMMode=1 in notes.ini. Now you don't even need to enter any credentials in order to use the proxy, since the Lotus Notes Client (on a Windows OS) will use your operating system login to authenticate with the proxy server.
Now that you're able to use your companies proxy server with your Lotus Notes Client, you'll quite probably want to make some exclusions for hosts that aren't accessible through the proxy server (hosts on your internal network)
When you try to do this through a policy, you need to enter multiple values separated with semicolons. If you separate them with CRLFs, only the first entry of the list will be honored. Unfortunately, this isn't documented anywhere, so i had to figure this out using trial & error.