But I can still login with the servername\Administrator account (which is a Local Admin on the VBR server).
Are local admins by default allowed to login to the VBR console even though they are not visible in the list of allowed users?
I only want to user in the image to be able to login.
Yes, this is documented in the User Guide. Due to their highest privileges, local admins can always make any changes to any application running on Windows (e.g. add themselves to any application role) so if your goal here is heightened security then it's not possible to "restrict" them even in theory.
And Linux is no different... there's no protection against root there either, removing it from application-level security roles is pointless as it can always take them back.
