Setting development machine behind corporate proxy + authentication

Developing in companies that have proxy servers for developers can be frustrating in this age when every tool needs access to online resources and even parts of software development life cycle are cloud based. Proxy servers that require NTLM authentication just add to that frustration. NTLM is developed by Microsoft but many applications built by Microsoft do not support it or require some configuration and in worst cases some hacking to make it work. Below is a list of some the tools that developers might be using on a daily basis and what you need to do to make them connect via NTLM proxy. I keep adding more to the list as I encounter them.

  • Visual Studio Code (VSCode)
  • NPM
  • Visual Studio, Web Platform Installer and other .NET Applications

Visual Studio Code (VSCode)

VSCode 1.15 and up now supports NTLM proxy (finally Microsoft supported its own authentication protocol).


For NPM you have two options. Either to send proxy address and credentials in every single command you run or to set them in the global configuration of NPM. I recommend the former because it is more secure.

Set proxy in every command

When calling NPM command you can always use --proxy switch to set proxy for each command. The syntax for using this switch is the following.

--proxy username:password@proxyaddress:port

For example to use myproxy:8080 as proxy address and my-domain\reza as username and P@ssw0rd as password when calling the install command you can type the following.

npm install --proxy http://my-domain%5Creza:P%40ssw0rd@myproxy:8080

Please note that both username and password are URL encoded. You can use the following command in your browser’s developer tools to encode them.


Set proxy in NPM configuration

To set the proxy in the global configuration of NPM you need use the same format as above for sending the proxy address, username and password and use npm config set to store it in the configuration. For example to set the proxy address to myproxy:8080 and username to my-domain\reza and password to P@ssw0rd you can use the following command.

npm config set proxy http://my-domain%5Creza:P%40ssword@myproxy:8080

Visual Studio, Web Platform Installer and other .NET applications

To set the proxy for pretty much any .NET application, you need to put the following in the configuration file of that application.

    <defaultProxy useDefaultCredentials="true" enabled="true">
        <proxy bypassonlocal="true" proxyaddress="http://myproxy:8080" />

For Visual Studio I suggest also enabling IPV6 if the above configuration did not work as suggested by some other developers.

        <ipv6 enabled="true"/>
    <defaultProxy useDefaultCredentials="true" enabled="true">
        <proxy bypassonlocal="true" proxyaddress="http://myproxy:8080" />

For executable files the configuration file is named the same as executable’s file name but with .exe.config extension. For Visual Studio it is called devenv.exe.config and for Web Platform Installer it is WebPlatformInstaller.exe.config.


At the moment Postman (v7.0.4) does not support NTLM authentication and the only best way that you can make it work is by using Fiddler. Here is what you need to do, step by step:

  1. Install Fiddler and run it.
  2. Make sure Rules > Automatically Authenticate is selected. This will enable Fiddler to authenticate on behalf of Postman with your current user account.
  3. * In Postman, go to File > Settings and then Proxy and turn on Global Proxy Configuration
  4. For Proxy Type select both HTTP and HTTPS
  5. For the Proxy Server, use (If you you have changed the default port that Fiddler is listening on you will need to change it here as well).
  6. ** In Fiddler, go to Tools > Options... and then in HTTP tab, select Capture HTTPS CONNECTs and Decrypt HTTPS traffic and install the certificate when prompted.
  7. In Postman go to File > Settings > General, turn off SSLS certificate verification. You need to do this because currently, Postman does not support intermediate proxies.

* In step 6, instead of using Global Proxy Configuration you may also use Use System Proxy, but in that case you need to make sure in Fiddler, Capture Traffic is selected under File menu. This way Fiddler will capture all the HTTP traffic by setting Windows Proxy settings.

** You won’t need to do step 6 and 7 if you won’t be working with HTTPS URLs.

Setting development machine behind corporate proxy + authentication

How to warm-up SharePoint or other web applications and WCF (SOAP) services with PowerShell

There are many reasons you might want to warm-up a web application occasionally. It can be after a fresh deployment or on a regular basis after recycling application pools. Some times you might also need to warm-up SOAP services without going through front-end.

It might seems to be any easy task specially if you have PowerShell 3.0 or higher on your servers, but after Googling a while and reviewing some of the top hits I discovered that each solution is missing a part. Some only work in a single server scenario and some has forgotten that each HTTP response might contain links to scripts and images that we need to download and finally I could not find anything for SOAP services that just works. Long story short I decided to put together a simple script that just works and is easy to change to everyone’s needs.

Please note that my only assumption is you have PowerShell 3.0+ in your servers.

Currently the script takes care of the following tasks, but I will most likely improve it to cover other useful scenarios.

  • Calling SOAP operations and sending parameters and custom headers
  • Calling front-end URIs and downloading scripts and images that are local to the front-end
  • Logging to a configurable folder and file name
  • Cleaning up old log files

Currently, I have the following points in mind to improve the script.

  • Put configuration in a different file.
  • Improve function definitions (named and typed parameters and description).
  • Default values for parameters when it makes sense (e.g. log folder can be the current folder).
  • Support REST services.

I’m open to any suggestion and feature request. Please let me know if you found it useful or if have got something wrong.

How to warm-up SharePoint or other web applications and WCF (SOAP) services with PowerShell

How to read optional attributes in XML with default values

When we are reading data from XML data sources, it is very common that when a value is not given for an attribute or an element, we have to use a default value instead. Having to check for the existence of the node each and every time we are reading a value can be annoying and clutter the code. To address this issue I have made a few useful extension method that you can use copy and use in your code. These are written on top of XAttribute class, but you can write similar methods for other types and APIs pretty much the same way.

public static class XmlExtentions
    public static string ValueOrDefault(this XAttribute attr)
        return ValueOrDefault(attr, string.Empty);
    public static string ValueOrDefault(this XAttribute attr, string defaultValue)
        return attr == null ? defaultValue : attr.Value;

    public static T ValueOrDefault<T>(this XAttribute attr, T defaultValue) where T : struct
        if (attr == null) { return defaultValue; }
        var value = attr.Value;
        var convertedValue = typeof(T).IsEnum ? Enum.Parse(typeof(T), value) : Convert.ChangeType(value, typeof(T));
        if (convertedValue == null) { return defaultValue; }
        return (T) convertedValue;

    public static T ValueOrDefault<T>(this XAttribute attr, Func<T> defaultDelegate) where T : struct
        if (attr == null) { return defaultDelegate(); }
        var convertedValue = Convert.ChangeType(attr.Value, typeof(T));
        if (convertedValue == null) { return defaultDelegate(); }
        return (T)convertedValue;

Once you get it in place. It is pretty easy to use. Assume that we have the following XML document:

    <Search Enabled="True" RankingAlghorithm="BS77" LowMark="1000" HighMark="2000">
        <Source Name="Orders" Type="WebService" />
        <Source Name="Products" Type="REST" />

As is shown below, you can read any type of values exactly the same way.

// reading a bool
var isEnabled = sourceNode.Attribute("Enabled").ValueOrDefault(false);

// reading a string
var scopeName = sourceNode.Attribute("Name").ValueOrDefault("Default");

// reading a string and using empty string (string.Empty) as default value
var scopeName = sourceNode.Attribute("Name").ValueOrDefault();

// reading an enum
var sourceType = sourceNode.Attribute("Type").ValueOrDefault(SearchSources.Html);

// reading an integer
var lowMark = sourceNode.Attribute("LowMark").ValueOrDefault(100);

// Using a delegate to provide the default value
var highMark = sourceNode.Attribute("HighMark").ValueOrDefault(()=> App.GetUserSetting("Search.HighMark"));
How to read optional attributes in XML with default values

Disabling Security warning for Attach to process in Visual Studio 2010, 2013 and 2015

You probably have already suffered from the pain of having to click one more time when attaching visual studio’s debugger to a process. As developers we all have the obsession to be more productive and everything that comes in the way is a bummer. I should have shared this little secret before, but … I forgot.

You know this message box, right?


Now when a colleague sent me a link to a blog post that explains how to change a registry key to disable the security warning in Visual Studio when attaching to processes, I decided to write a little “.reg” file to make it even easier for you. This warning is there to warn you when you are attaching the debugger to a process and that process is (that are running with different accounts than the one running Visual Studio)  The reg file works for Visual Studio 2010, 2013 and 2015 no matter which edition. You can view / download it from here:

Disabling Security warning for Attach to process in Visual Studio 2010, 2013 and 2015

How to install/update Atom, Sublime, VSCode and Brackets packages behind corporate proxy (NTLM)

Many developers these days are using these fancy new cross-platform text editors that are lightweight and fast to reduce the workflow of writing and testing code. I’m mostly talking about web developers here. If you are new in this world I suggest you give the followings a shot as after days of researching and trying I think currently they are the bests:

Now back to the subject. Many of these text editors support proxy servers, but none of them that I have tried support NTLM for authentication and if your corporate proxy is using NTLM they simply cannot connect to it. Or lets say not directly! Actually the only solution I have found is to use a software called CNTLM that can act as a proxy server itself and behind the scene it can connect to another proxy server that is using NTLM. The good news is this software is open-source, very lightweight and independent of any external library (written in C) and can take care of all the complexity of NTLM. In fact You can easily setup CNTLM to allow any application that does not support NTLM authentication to connect to the internet. Atom is based on NodeJS (most of them are) so you’ll be able to apply what you will learn hear to other similar text editors as well.

Configure CNTLM to use your corporate proxy

  1. CNTLM is an opensource software and you need to download its latest version from SourceForge website here.
  2. Now you need to install it by running the installation package. There is not much to worry about. it just adds a few shortcuts to your start menu and copies the file under “Program Files (x86)“.
  3. All the settings of CNTLM are stored in Program Files (x86)\Cntlm\cntlm.ini, and you can open this file from Start Menu > Cntlm > cntlm.ini
  4. The cntlm.ini file is quite self descriptive. You just need to add the following lines in this file:
Username    your-username
Domain      your-domain-name
Password    your-password-or-leave-empty
Proxy       proxy-ip-or-hostname:port
Proxy       another-proxy-ip-or-hostname:port
Listen      3128

you can add as many Proxy lines as you want, Cntlm will try them one by one until it can find one that works.

Please note that the address of your proxy will be "localhost:3128" by default but you can change it to any desired port that is not currently being used by another program. You just need to change the value in front of Listen setting. I have highlighted the line so you never miss it.

  1. Star the proxy server by  heading to Start Menu > Cntlm > “Start Cntlm Authentication Proxy”
  2. Test your shiny new proxy by using your favorite browser.

Configure Atom to use Cntlm as proxy server

  1. Start Atom by heading to Start Menu > All Programs > GitHub, Inc > Atom
  2. Go to File > Settings or press Ctrl+Comma. Click on “Open Config Folder” button in the left pane of the Settings tab. It will open and show all the content of the setting folder in Atom.
  3. Click and open .apmrc file located under the root setting folder (.atom folder) and add the following lines:

The last line (that I have highlighted) tells npm to use the http address instead of the default https address. This is because I noticed that Cntl might have some problems with https addresses. This issue might be solved later and you might not need it in the future.

  1. Restart Atom and enjoy using your favorite packages.

A little bonus

By running the following command you can tell many other programs to use your new little proxy server by default. Unfortunately not every program supports it.

netsh winhttp set proxy localhost:3128 "localhost,127.0.0.*"

How to install/update Atom, Sublime, VSCode and Brackets packages behind corporate proxy (NTLM)