My understanding is that we can only apply policy to user when using eDirectory.
So when a user log hes supposed to get its published policy (that's working fine).
But if this user turn off the computer and another user power it on and authenticate locally (with a local user that does not exist in the tree and has no policy at all associated, for example Administrator) then this user will inherit the last policy published for the eDir user.
It looks like policies are applied to a workstation-basis way...

Is that working as designed??

Thanks in advance!