Feigin, Andrew wrote:
HR would like to populate the “EmployeeID” Field and only allow certain
people to view it in ADUC.
I can enable it in the Schema for viewing when in ADUC advanced mode,
but how do I restrict who can view it?
Would restricting viewing it in ADUC stop someone from querying it in a
script?
I thought a certain trainer went over this in his outstanding AD class,
however I can’t seem to locate it. (DW)
Check if this will be helpful for You:
http://blogs.dirteam.com/blogs/tomek/archive/2005/11/21/confidential_bit.aspx
http://blogs.dirteam.com/blogs/tomek/archive/2005/11/29/confidential_bit_fp.aspx
--
Tomasz Onyszko
http://www.w2k.pl/blog/ - (PL)
http://blogs.dirteam.com/blogs/tomek/ - (EN)
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/