How to prevent local root from su to an NIS user?

We have a shared development box, running Solaris 10 that is an NIS client, all the developers have local root password. If they know the NIS uid of another user, they can just do

% useradd -u <uid> login

And then log in as that user and have full access to his files in his home directory. Is there any way to prevent this or is this a feature?

No, it's an artifact of your deployment. I'm assuming NIS & NFS. The developers don't need to add local uids for them to su if the pertinent filesystems and credentials are available. I can think (quickly) of only one way to deal with the issue and that is by implementing netgroups (man -k netgroup).

Developers having local root access is an insupportable security practice imho. Perhaps a well designed sudo implementation is in order.

I agree with you. I would like to change root password, what is the best way to force all users currently logged in as root to exit their root shell?

ps -U root and find the pids of all shells (left as an exercise), then I would warn all users that their sessions are going to be terminated and kill -9 each shell process.