hi ron
As jesse wrote in order to do this you will need to populate an attribute and then use it to seggregate incident access in role definition. There is several way to do it :
- If you could add an attribute in AD or CSV file you will be able to use a lookup plugin to populate it.
- Doing a custom plugin which will check if sender or userID is in a list you will maintain manually or automatically
- if you dont use incident severity for anything else, you could set a new rule in your policy to set severity to "High" when there is soemone from your VIP list and set severity of all other rule to "low". Then you will be able to create a response rule using severity as condition (E.G. if severity = High then populate attribute VIP with YES)
but as it seems you have two issues (VIP and special group of users), you may need to mix both solutions above.
Regards.