When the chaps from Impero set ours up certain client machines were not added and others were put into the Staff User group. Reading the comment by @russdev above I'm going to look into that further toward setting up a Group that have the Staff in so that the settings listed can be applied to the Group - in case they log on to any of the student client machines.
Epic reply :D
Originally Posted by russdev
I was wondering if we could do that and I was going to ask around so you've solved that problem! I've already spoken to Impero support with regards to remove staff entirely from the console.
speckytecky: setting up the staff group is easy enough, just make a new group call it what you want, then on the properties under the membership rules (I cant remember the wording and don't have it on this machine) just change the drop down to AD Group and then enter the name of staff group (In our case "Staff")
Next to ensure that staff dont show up anywhere else you can edit the membership of the other groups and choose AD Group again but put a "!" in front of the group name (So for us it's "!Staff") which equates to "NOT Staff" hence staff dont ever turn up in the "ICT Room X" groups.
After speaking to Impero you can actually go one step further which is what I have done, in the Server GUI you can assign permissions to the "Entire Network" group, so if you set no permissions on it (IE everyone, including admins, is denied) then you are basically prevented from seeing staff at all.
Im sure RussDev can explain it better or failing that send me a PM and I can talk you through it in a bit more detail :)
Imero is really nice, one of the reasons we licensed staff (Well, THE reason) is to remotely assist staff with silly things like not being able to use spellcheck or something and to quickly deploy a program if we need to (SCCM is slow slow slow) so having the ability to request access to their screen etc.. is exactly what we wanted so thanks for that RussDev!
If its any help, feel free to look over our Staff AUP here: http://www.mgs.kent.sch.uk/mg/conten...Use+Policy.pdf
It was borne out of the kent E-Safety group and has had lots of consultation with legal depts and unions etc