Shutdown workstation without logging on


Workstation default allows anyone to shut the system down without logging
on. Requiring logon prior to being able to shutdown the box is the default for
server. To disble on Windows NT, Windows 2000, or Windows XP workstation:

Hive: HKEY_LOCAL_MACHINE
Key: Software\Microsoft\Windows
NT\CurrentVersion\Winlogon

Name: ShutdownWithoutLogon
Type: REG_SZ
Value: 1 Yes
Value: 0 No

Note: some Microsoft documentation lists
this as REG_DWORD. That is incorrect. It is REG_SZ in NT, W2K and XP. ShutdownWithoutLogon can also be set by GUI tool,
RegKey.exe from the Resource Kit. From a security perspective, not particularly
useful unless the power switch is also secured. Another approach is to remove
the user right Shutdown the system. By default
workstation setups grants this right to Everyone, Users, and Power Users as well
as Administrators.

Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top