imageI logged remotely to a server with RDP and I noticed that  I had options to restart or shutdown that server. This means we can shutdown or restart a server without physical access and without authentication:

Windows Server 2003 Logon Screen | Imprivata | Shutdown | REstart

We can remove the Shut down and Restart hyperlink by setting the following REG_DWORD value UseShutDownControls to 0 in the HKLM\SOFTWARE\SSOProvider\SuperGina registry key.

So this is a clear case of misconfiguration, probably due to the fact that the installation script was copied from a workstation installation where you might want to allow this setting.

But even on a workstation you might not want to have those options when connecting to it remotely. So do consider carefully if you want to enable this setting.