Although SecureLogin facilitates you to enable SSO for Windows, web, and Java applications; some applications cannot be enabled for SSO. The applications that cannot be enabled include certain installers, SecureLogin and Windows system files. Enabling these applications might affect your computer’s performance or create a security risk.
These applications are hard-coded and are excluded from SSO.
Table 4-1 Applications excluded from SSO
|
setup.exe |
Nwadmn95.exe |
acsagent.exe |
|
_isdel.exe |
loginw95.exe |
adamconfig.exe |
|
msiexec.exe |
NWTray.exe |
rdbgwiz.exe |
|
MSDEV.exe |
loginw32.exe |
ProtocomSysTray.exe |
|
devenv.exe |
scrnlock.scr |
ac.aac.run.exe |
|
SLBroker.EXE |
MMC.EXE |
SLBroker64.EXE |
|
tlaunch.exe |
slwinsso.exe |
slwinsso64.exe |
|
SLProto.exe |
SLManager.exe |
SLManager64.exe |
|
nswebsso.exe |
sllock.scr |
tlaunch64.exe |
|
Nwadmn32.exe |
ConsoleOne.exe |
SLProto64.exe |
|
Nwadmnnt.exe |
SLLauncher.exe |
Although the applications disabled for SSO are hardcoded, you can modify the behavior by creating a text file at the SecureLogin installation path. For example, at C:\Program Files\Novell\SecureLogin\ and name it exclude.ini.
NOTE:Despite its extension, the exclude.ini file is not in an .ini file format.
You can open this file in any text editor and make the changes. You can extend or modify the list.
You can modify the file in the following ways:
If you want to disable more applications apart from the hardcoded applications, add the names of the application to the exclude.ini file. For example, you can add grpwise.exe to the exclude.ini file. With this, GroupWise is also disabled for SSO.
NOTE:If you add an existing application to the list of applications in the exclude.ini file, it does not impact the original list. For example, if you add SLProto.exe to the exclude.ini file, it does not impact the function although it is listed twice.
If you want to enable only a set of applications for SSO, use Include keyword in exclude.ini file
In the exclude.ini file add the Include keyword to enable an executable for SSO. By including the Include keyword, the list is converted to an include list.
For example, when you add
Include
Trillian.exe
Trillian application is enabled for SSO. The next time you log in, you are prompted to enable SSO.
If you use the include keyword you must list all of the desired applications you want to use SecureLogin with. All other applications will be ignored. For more information, see TID 7009238
If you want to define a custom list for disabling the applications for SSO, include the NoDefault keyword. When you include the NoDefault keyword, the hardcoded applications are overriden.
For example, if you modify the list as:
NoDefault
NMCL32.exe
the hardcoded applications that are disabled for SSO is not read by SecureLogin. Instead, the executables listed with the NoDefault keyword in the exclude.ini file are considered and all the applications listed in the file are disabled for SSO.