Anyone out there have situations where they need to be able to login as a particular user on their network for troubleshooting purposes? Make the situation even more sticky when that person is not in the office. That person's station is locked out with password protected screensaver (WinXP or Win2K.) That machine is running a three day select or load on a database of ten million+ records.

As network admin I can go ahead and login to the machine as domain admin user - no problem - except that this three day select or load will be halted. The results of this process are my company's bread and butter so it cannot be halted. Not to mention the possibility of corrupting data by stopping the process midstream.

I understand the fundamentals of password security. From all I read, each user is to have a private password "X" number of characters alpha, numeric, capitals and symbols, non dictionary blah blah blah. The user is also to have complete control over their password and it is not to be shared with anyone. The list goes on and all of it I understand.

How would you address this situation in a network with 100 unique logins any of which I may need access to at any time as the user who normally sits at that station. Do you recommend a separate database of users' passwords encrypted and accessible only to domain admins? Does one just throw their hands up and say that nothing can be done until that person returns?

Any recommendations of experience that you can share would be greatly appreciated.

Haknwak