An admin can configure the exclude.ini file to exclude applications or classes of applications that do not require single sign-on. For example, exclude an anti-virus application because it does not require single sign-on. The admin can configure the exclude.ini file to achieve the following outcomes:
Exclude heavy applications that might cause performance issues.
Exclude the classes that do not require single sign-on to improve the performance of applications.
IMPORTANT:SecureLogin does not process the applications or classes specified in the exclude.ini file for single sign-on even if application definition is published for these applications.
By default, for optimal performance, the following executables are not processed for single sign-on by SecureLogin:
msdev.exe slbroker.exe tlaunch.exe slproto.exe notes.exe nswebsso.exe nwadmn32.exe nwadmnnt.exe nwadmn95.exe loginw95.exe setup.exe nwtray.exe loginw32.exe scrnlock.scr wfica32.exe mmc.exe slwinsso.exe slmanager.exe sllock.scr
Perform the following steps to configure the exclude.ini file:
Create an exclude.ini file in the C:\Program Files\NetIQ\SecureLogin directory.
IMPORTANT:If you are using Notepad to create or edit the exclude.ini file, make sure to set the encoding to Unicode.
Specify the application executables or classes in the exclude.ini file in the following format:
Include executable1.exe executable2.exe Classes class1 class2 Nodefault Exclude default1.exe default2.exe
In this example configuration of exclude.ini, SecureLogin will perform the following tasks:
SecureLogin will not process executable1.exe and executable2.exe for single sign-on.
SecureLogin will not process class1 and class2 for single sign-on.
SecureLogin will process default1.exe and default2.exe for single sign-on. It will override the default configuration.