This subject is giving our department some headaches and we wanted to lean on some other individuals who might have been in the same boat. What we are looking at: when a problem occurs that requires the user's account to be logged into their system, we don't know what their password is and should never know what it is. Most of our employees feel that they shouldn't be there while we work on PC. So how do we log into their system under their account without knowing their password and not bringing liability back into our laps again? If we made it mandatory that they be there when we worked on any issue requiring them to be there to log us in and out, it would bring a bad PR hit. This is a situation where we can have the best technology, but the inter business politics can pull us down. If you don't know what I mean read some Dilbert comic strips. So how are other organizations handling help desk requests with scenarios like this one.
This does relate to security, so if anyone feels that they should not release any policy practice out to the public I understand completely.
Thanks for your time,