OK, now I'm with you.
If we're talking about an Active Directory domain then you can run a report from PowerShell to find the last logged-on user. I'm not hugely proficient with PowerShell so I don't know the command myself.
You can't stop the user from logging on locally, but you can stop them from accessing your network remotely by disabling the computer account within AD. If someone calls to complain then you've found your culprit.