We are a financial institution in the process of moving to Windows 7 from XP. We need certain PCs to have static desktops, meaning they don't change regardless of the Edirectory user that is logged in. My DLU policy creates a single local account that is used by every Edir user that signs in on that PC. This is working fine in both XP and 7. The problem is when the station is locked (automatically after 15 minutes or manually by the user). In XP, only an administrator or the logged in user could unlock the workstation. If an admin entered their credentials in XP, the current user would be logged out and the initial login screen would be displayed. Here is the scenario I am running into in the same situation with Win 7:

-"Edir user 1" logs into a workstation.
-Station gets locked.
-"Edir user 2" needs access to that PC and "Edir user 1" is unavailable.
-"Edir user 2" selects Switch User, selects Novell login and enters credentials.
-The station is unlocked for "Edir user 2", but is still logged in as "Edir user 1". All of "Edir user 1"'s rescourses, email, file rights and whatever "Edir user 1" had open are available to "Edir user 2".

This happens regardless of who is logged in to Edir or who is unlocking. You can see the issue this would cause for a financial institution. I can disable fast user switching, but this eliminates the ability for an admin to unlock a locked workstation.

Is it possible to make this function in 7 as it does in XP? I have not been able to find anyone having similar issues.