RDP/CredSSP – An Authentication Error Has Occurred: Function Not Supported

When you try to connect through RDP to remote machines, you may get the following error message:

An authentication error has occurred.
The function requested is not supported

Remote computer: <xxx.xxx.xxx.xxx>
This could be due to CredSSP encryption oracle remediation.
For more information, see https:/go.microsoft.com/fwlink/?linkid=866660

The Microsoft Security patch issued on Tuesday, May 8th requires remote connections at the highest security level. More information here: https://support.microsoft.com/en-us/help/4093492/credssp-updates-for-cve-2018-0886-march-13-2018. So you are probably trying to connect to a patched machine from an unpatched machine. If you can’t patch both machines, you can use the following workaround using GPO.

Note: If you work in a workgroup, you can enable this setting using Local Group Policy Editor.

Navigate to the following path:

  1. Computer Configuration
  2. Administrative Templates
  3. System
  4. Credentials Delegation and select Encryption Oracle Remediation 

Select Enabled and Vulnerable

Vulnerable: Client applications which use CredSSP will expose the remote servers to attacks by supporting fall back to the insecure versions and services using CredSSP will accept unpatched clients.

It is not suggested as a long-term fix, so please note that you must update all your machines!

 

Thanks for reading! You can follow me on Twitter @PrigentNico

About Nicolas 235 Articles
I work as a System Engineer, based in Switzerland with a primary focus on Microsoft technologies. I have 7 years experience in administering Windows Servers. . I am a Microsoft MVP for Cloud & Datacenter Management. I also received the PowerShell Hero 2016 award by PowerShell.0rg. And finally, I am "MCSE: Cloud Platform and Infrastructure", "MCSA: Windows Servers" and "Administering & Deploying SCCM" certified.