User root from client can be all another users

[Marcelo Gomes <marmitsbr@yahoo.com.br>]

Hi!

In my network, when some client do login as root (local) he can type "su -l" and be all another user from ldap.

How can i block this ? 


thanks

Marcelo Gomes