This post is also available in: Italian

Reading Time: 2 minutes

Probably it’s already a well know issues and it’s also resolved for the most. But there are so many systems that are isolated or system with an old patching plan, or simple you have installated a Windows Server from an old ISO.

The Credential Security Support Provider protocol (CredSSP) updates for CVE-2018-0886 patch, released on May 8th 2018, if applied (on the client or the server) make not possible connect using RDP unless both endpoints have the patch applied.

The error will be:

An authentication error has occurred.

The function requested is not supported.

This could be due to CredSSP encryption oracle remediation.

For more information, see https://go.microsoft.com/fwlink/?linkid=866660

 

How can you fix the issue? Just update your systems… but if you cannot update (yet)?

There is a temporally solution. You can consider changing the policy settings on the client to temporarily gain RDP access to the servers. You can change the settings in Local Group Policy Editor. Execute gpedit.msc and browse to Computer Configuration / Administrative Templates / System / Credentials Delegation in the left pane:

A faster way is to run this command:

REG ADD HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters\ /v AllowEncryptionOracle /t REG_DWORD /d 2

See also:

Andrea MauroAbout Andrea Mauro (2918 Posts)

Virtualization, Cloud and Storage Architect. Tech Field delegate. VMUG IT Co-Founder and board member. VMware VMTN Moderator and vExpert 2010-18. Dell TechCenter Rockstar 2014-15. Microsoft MVP 2014-16. Veeam Vanguard 2015-18. Nutanix NTC 2014-18. PernixPro 2014-16. Several certifications including: VCDX-DCV, VCP-DCV/DT/Cloud, VCAP-DCA/DCD/CIA/CID/DTA/DTD, MCSA, MCSE, MCITP, CCA, NPP.


Share