I've got a customer with an interesting question; I've not played deeply enough with LDAP to provide him with an answer.

They would like to use the EmployeeID field in iManager, in the Business Profile. However, they have noticed that anyone can login using an LDAP browser and see that field in the user accounts.

So...is there a way to NOT expose a field in LDAP?