Asking Users for their Passwords

A statement was made at my company that we (1st, 2nd and 3rd level IS support) should never have to ask a user for their password for any reason because this conflicts with IS’s statement that a user should never give out their password. Today we use this as one of our main troubleshooting tools. Can we recreate the problem on a different PC logged in as the user? A feature works for me but not someone else – let’s log in as that person so we can troubleshoot without camping out at the person’s workstation and prohibiting further work. What does everyone else think of a policy where the user is never asked for their password? Is this do-able?