This subject is giving our department some headaches and we wanted to lean on some other individuals who might have been in the same boat. What we are looking at: when a problem occurs that requires the user's account to be logged into their system, we don't know what their password is and should never know what it is. Most of our employees feel that they shouldn't be there while we work on PC. So how do we log into their system under their account without knowing their password and not bringing liability back into our laps again? If we made it mandatory that they be there when we worked on any issue requiring them to be there to log us in and out, it would bring a bad PR hit. This is a situation where we can have the best technology, but the inter business politics can pull us down. If you don't know what I mean read some Dilbert comic strips. So how are other organizations handling help desk requests with scenarios like this one.

This does relate to security, so if anyone feels that they should not release any policy practice out to the public I understand completely.

Thanks for your time,


Let me make another thing clear. We do not want to log into their system under their account. So I am not asking how to hack the system, but what do we tell our users? Do we tell them please be there when the scenario occurs that requires them to log in for us. Or do we reset their password, do what we need to do, and make it mandatory that they create a new password. There might be a way in Windows (2003 Family) that we can fix their problems and never need to use their account. I would like to know how. I've looked at options of using remote assistance that is built in and I personally like it. Although it may be good, it still requires the employee to be at their PC. To sum things up: I need a way to fix a problem without using an account other than my own or an administrative level account.