If you have error reporting with notice in apache, will header()-redirect fail to work because there is some notice errors before header().
Scenario: You are not logged in, then going to the admincp - the header() will now try to redirect you to login, but fails because of the notice errors. The rest of the page will now render like you where logged in and show you some info like users and some settings, and you can create users/projects/milestones etc(!), (havent looked so much at it).
I've not been able to reproduce this, did you maybe setup the config.php file wrong?.