Probably it’s already a well know issues and it’s also resolved for the most. But there are so many systems that are isolated or system with an old patching plan, or simple you have installated a Windows Server from an old ISO.

The Credential Security Support Provider protocol (CredSSP) updates for CVE-2018-0886 patch, released on May 8th 2018, if applied (on the client or the server) make not possible connect using RDP unless both endpoints have the patch applied.

The error will be:

An authentication error has occurred.

The function requested is not supported.

This could be due to CredSSP encryption oracle remediation.

For more information, see https://go.microsoft.com/fwlink/?linkid=866660

 

How can you fix the issue? Just update your systems… but if you cannot update (yet)?

There is a temporally solution. You can consider changing the policy settings on the client to temporarily gain RDP access to the servers. You can change the settings in Local Group Policy Editor. Execute gpedit.msc and browse to Computer Configuration / Administrative Templates / System / Credentials Delegation in the left pane:

A faster way is to run this command:

REG ADD HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters\ /v AllowEncryptionOracle /t REG_DWORD /d 2

See also:

• CredSSP updates for CVE-2018-0886

• “CredSSP encryption oracle remediation” error when you try to RDP to a Windows VM in Azure

• Unable to RDP to Virtual Machine: CredSSP Encryption Oracle Remediation