Originally Posted by schnoz
By grop membership, I mean any logical group mechnism. My cient wants only a subset on BES users to be logged (for legal SEC compliance), and not the entire BES user community.
That's fine. You can certainly do that.
Create an IT Policy (you can copy the existing IT Policy these users have) and enable PIN logging.
Assign that IT Policy to only those individuals you wish to audit.
You can also assign the users to a particular group, and then assign the IT Policy to that group.
Makes it easier for admin purposes.