Notes.ini Entry


Name:
    W3ContextNTLMMode

Syntax
    W3ContextNTLMMode=0 / 1

Applies to:
    Workstations

Add-on:

    First Release:
      8.0.2 / 8.5.0

    Obsolete since:

      Category:
        HTML, NTLM

      Default:
        None

      UI equivalent:
        None

      Description:
      Using this setting forced the Notes client to use the "NTLM mode" as authentication in the W3 context (e.g. for a HTML Proxy).

      Why does the Rich Text Element (RTE) not honor the "No proxy for these hosts or domains" list field when copying HTML from a local Intranet?

      Configure the Location document to bypass the proxy for a specific server, explicitly or using a wildcard * prefix.

      Steps to reproduce

      Browser setting in Location document is set to "Notes with Internet Explorer" (IE).
      Notes.ini parameter added W3ContextNtlmMode=1.
      Delete existing perweb documents.
      Set proxy NTLM credentials.
      Set "Use same proxy for all of the above".
      Copy html from external IE web browser and paste into a new memo.
      Perweb ignores the exception for the Intranet server and attempts to connect through proxy which does not have connectivity to the website.
      Pasting of Internet content into a new memo works fine.
      IE network setting use a pac file for deciding whether to route the request through the proxy or not. However, changing this to a static proxy entry and making the Intranet site an exception had no effect. So only perweb is making the request from the Notes client.

      Perweb.nsf will still perform authentication with the proxy server listed in the Location document.

      If you ever wondered why it's sometimes such a hassle to copy & paste data from a webbrowser directly into your Lotus Notes Client, it might be due to a missing proxy configuration.
      If your company's proxy server requires NTLM-Authentication, you'll notice that entering your domain-credentials in the proxy configuration dialog of your location document will not work as expected. The client will keep prompting for the proper credentials since it will always try basic authentication with the proxy server. That's because Lotus Notes doesn't support NTLM-authentication out of the box. In order to make this work, you need to set the (undocumented) parameter W3ContextNTLMMode=1 in notes.ini. Now you don't even need to enter any credentials in order to use the proxy, since the Lotus Notes Client (on a Windows OS) will use your operating system login to authenticate with the proxy server.
      Now that you're able to use your companies proxy server with your Lotus Notes Client, you'll quite probably want to make some exclusions for hosts that aren't accessible through the proxy server (hosts on your internal network)
      When you try to do this through a policy, you need to enter multiple values separated with semicolons. If you separate them with CRLFs, only the first entry of the list will be honored. Unfortunately, this isn't documented anywhere, so i had to figure this out using trial & error.