Had the same problem with my current SysAdmin at school. Except we had Windows XP computers, all routing to a ntwork logon domain. And we deep freeze and the lot. So I told the principal they could care less. I then found that there backup was hosted on the network and could be access by ANYONE. I got the Student information list. And put it on everyones desktop, then 're-froze' it.
Alert the press and it'll be hillarious. News Headline: "Kid hacks into school, administrators careless"
Good luck,
Juf
P.S. Give them a solution to their problem and they are more likely to listen to you.