Without more details regarding your Active Directory / Domain config it’s hard to give a solution to your situation. Having said that…you could set the local security policy to the following: 1.Require CTRL,ALT,DEL for the logon window 2.Enable Interactive Logon: Do Not Display Last User Name 3.Config the Number of Logons to Cache 4. Force Virtual Page File to clear
You have not mentioned if there are Network Shares assigned to the people using these PC’s and need to access them such as their personal folder. If they are only accessing company data you could create a Group in Active Directory and add these PC’s to it. Then create a user account with the level of access desired. Although it would be difficult to track who did what ( Scary Security Scenario ).