Intro:
We are using NetIQ IDM since version IDM 4.0. We have developed customer workflows (PRDs) and still we continue using them.
We recently upgraded to IDM 4.6 and in that we see that there is a new UI (idmdash) is introduced with lot of improved features, options, look and feel.
We have not released the NewUI (/idmdash) to end users, we are still evaluating. We have plans to release it in a few months.
So, the end users are continue using IDMProv in IDM 4.6 version, requesting the accesses using the custom workflows (PRDs).
We have around 25 custom workflows respective to each application, where the users can search for the roles that he/she requires access.

Our requirement:
We have a plan like, after a month once we release the /idmdash to end users and they will continue accessing custom workflows from /idmdash.
But in idmdash there is an option to request for permissions. In that we wanted to hide all the roles that are available to search/request via PRD.

You may ask why? Reason: We have done lot of customization on the form. For example added start / end date, duration, owner information display etc.
So, we want to continue the same in /idmdash - PRD. At the same time these role should not be visible in Permission search option on /idmdash -> New Request (for self)

For example: We have a workflow SAP System Access, which will show the roles from the eDirectory roles container Roledefs/level10/SAPCRM.
But those roles should not be requested via /idmdash --> new request --> permissions selection option.

I hope that the issue is clearly explained.

Please let me know if this can be achieved.

Note: I have tried hiding the roles by removing trustee but the role was hidden in both places /IDMProv PRDs and /idmdash.
If I make it visible its visible in both the places.

Our thougths:
Can we control /idmdash's permission search functionality to use search based on other user id trustee rigths (instead of taking currently logged in users rights)
? But not sure, if we able to do it, will it effect/applicable for PRDs also... if yes, then this is not good thought.
Something like: /idmdash - permission search should do search based on proxy user
at the same time, PRDs should do queries/search based on currently logged in user rights

Is it doable.?

Thanks in advance