Some users want to be able to hide their photograph so that other users will not see it when looking at them from the Organization Chart or from performing a Directory Search within the User Application. However, members of the Human Resources group need the ability to see every User’s photograph when looking at the Organization Chart or when performing a Directory Search.
In the User Application, there is the ability for Users to hide their photograph so that it can not be seen by other users. However, when an attribute is added to the attribute srvprvHideAttributes that attribute can not be seen on the user in question by any other user within the User Application. There is not the ability to have certain users / groups still be able to see these “hidden” attribute(s) on the user.
Utilize ACL’s within the IDVault, a Null Driver, and do not use the attribute srvprvHideAttributes Attached is a Null Driver that will monitor for a configured boolean attribute to change state and take the following actions:
This null driver has been written to utilize GCVs as must as possible so that it will not require the code in the rules to be re-written. The driver has the following GCVs:
All configuration notes for this driver are located in three (3) locations:
Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment. It just worked for at least one person, and perhaps it will be useful for you too. Be sure to test in a non-production environment.