For organizations where users serve multiple roles in an implementation, but still need to see the system at the level where they are authorized. This becomes more important as advanced authentication techniques are mandated by government and corporate policy (no basic authentication, CAC/Smartcard login, AD authentication tied to user accounts). This would be essentially "elevating" the user to a higer level of access.
Scenario: User A is a superuser who provides Org admin, Site admin, user support, and performs normal user duties within Windchill.
User_A is supporting a normal user and needs to verify that without admin, the system is working as expected as a normal user.
User_A finds out something is wrong and needs to reauthenticate as org_admin_A to investigate. Issue is still not resolved, so user_A needs to login as site_admin_a to fix say a CAD publishing issue.
In the current scenario, Admin accounts are in Windchill DS where the normal user account is required to be in Active Directory. When CAC/Smartcard is required, this would mean that anyone requiring access at multiple levels (test accounts, admin accounts) would be required to have multiple smartcards, certificates and Active Directory accounts, increasing org burden.