User A logs on w/SSO (Single SIgn-On) and gets User B’s Windows session
There's one limitation with our single-sign-on ( SSO ) that appears when one user logs on at pre-boot, logs out at Windows and another user logs on at Windows. Since there's no hard-and-fast relationship between the User Account at Pre-Boot and the Windows User Account, the Key file "remembers" the last windows credentials and will automatically log in with those.
Here's a worked example:
User 1 logs on at Pre-Boot. He then gets straight into Windows with the same credentials and everything is fine.
User 1 then logs out at Windows. He logs on again into into Windows with the same credentials and everything is still fine.
User 1 logs on again at Pre-Boot. He then gets straight into Windows with the same credentials and everything is fine.
User 1 then logs out at Windows. Now User 2 logs in at Windows WITHOUT using the "Use other credentials" option (requires our GINA or Credential Provider to be enabled).
This will cross-reference or confuse the relationship between the key file and the Windows User Account … the next time User 1 logs in to the PC at Pre-Boot, he'll get into User 2's Windows account because the Key File remembers that the last Windows account it got to was User 2's (There's no hard-and-fast relationship between the Key File and the Windows User account because of the many ways we permit users to log in - e.g. Autoboot uses 1 account to log in all autobooted machines through the preboot stage… then the "real" user authenticates at Windows with whatever Windows credentials the domain finds agreeable).
To correct this (assuming User 1 notices)… he must a) log out at Windows, then b) log in again at Windows with his correct windows account - that will reinstate the relationship between the key file and the Windows account, making User 1 Pre-boot point to User 1 Windows account.
It is unfortunately a limitation (and why we add the proviso "recommended for single-user computers") to the Single Sign On option