Recently, I was trying to log into one of our local servers and was confused when after typing my password, I encountered this error message:
An authentication error has occurred. The function requested is not supported.
This could be due to CredSSP encryption oracle remediation. For more information, see https://go.microsoft.com/fwlink/?linkid=866660
The referenced website explains that there is a vulnerability in unpatched versions of CredSSP and that an update that has been pushed out to patch this. Once a client is patched, by default, it cannot connect to an unpatched RDP server. The first obvious solution is to run updates on the unpatched server, but in my case, I have too many servers I remote into and do not have the kind of access that allows me to run updates.
Too get around this, on the client, I can set myself as still vulnerable in order to bypass this check. This fix only requires that you have access to the client.
- Open Local Group Policy Editor and Navigate to:
Computer Configuration -> Administrative Templates -> System -> Credentials Delegation -> Edit Encryption Oracle Remediation
- A new window will open
- Set it to ‘Enabled’
- In the ‘Protection Level’ combo box, select Vulnerable and then apply.
That’s it! While this isn’t going to fix the vulnerability, this will allow you into servers that have not patched CredSSP. For more information, please refer to https://support.microsoft.com/en-gb/help/4093492/credssp-updates-for-cve-2018-0886-march-13-2018