i havent read the article(s) that you posted yet.
i could only see a major reason for excluding the netlogon:
when a lot of clients access the netlogon directory (i.e. boot up their computer at the start of the day) it will slow the reading of the netlogon directory/scripts execution thus making it a good idea to exclude
on the other hand, files in the netlogon could be infected too, if a computer logs on it will execute the scripts in that directory as an elevated user meaning admin level access, if a virus finds its way into that directory your complete network could be infected in a mather of minutes....
therefor i would personally NOT exclude that directory for this above reason...
(sorry for the late reaction)