I logged remotely to a server with RDP and I noticed that I had options to restart or shutdown that server. This means we can shutdown or restart a server without physical access and without authentication:
We can remove the Shut down and Restart hyperlink by setting the following REG_DWORD value UseShutDownControls to 0 in the HKLM\SOFTWARE\SSOProvider\SuperGina registry key.
So this is a clear case of misconfiguration, probably due to the fact that the installation script was copied from a workstation installation where you might want to allow this setting.
But even on a workstation you might not want to have those options when connecting to it remotely. So do consider carefully if you want to enable this setting.
Was once an enthusiastic PepperByte employee but is now working elsewhere. His blogs are still valuable to us and we hope to you too.