Hi Sue,

I am confused

This often poses a problem for us. We often see yellow stickies asking people not to touch the system. Shutting down someones system is simply not an option.
I haved worked with NT family environments for a good few years and have never found this a problem. You use the word "often" twice?

My experience would suggest a frequency that "I could count on the fingers of one hand in a year"

This suggests that you might have process/practice/procedures problems.

As suggested by the other members, the feature is deliberate. Unless you used a cracking tool, the admin cannot look at a user's password, you can only reset it. This is to make the user wholly responsible for their desktop whilst logged in?

IMHO to try to circumvent this will punch a great hole in your potential to enforce an AUP, as you cannot pin down the use of a workstation to a particular user at any one time?

My questions are:

1. Why do you "often" have to access a users workstation when they are logged in but not present?

2. What are they running that makes them have to often leave sticky notes on their screens?

I think that there might be a work around, but compromising the existing security would only be a very last resort, and require some considerable justification?

Cheers