you can t use a recordset value in a security assist access rule.
instead, edit the recordset on the verifiy listing page and add an additional where clause to check the ID column agains the directoryid session variable.
that way if they try to access a record that is not theres, it will return an empty recordset.