IIS creates it's session based on information from the client (and keep it in cookie for trip-around), when you are browsing the same site from the same browser IIS will combine all those queries under the same session.
If browsing different users of the same site from the same browser is a reality for your application you can not use IIS session for state management.
You may read here -
https://support.microsoft.com/kb/899918[
^]...
IMHO you left with two options only:
1. Make you application stateless...
2. Do your own state management...
I have the same issue you have - where the same person - using the same browser - logs in with different accounts...I do assign a GUID to every login and use it to manage session state for that user only...