40

I'm trying to RDP into one of my servers, which as Network Level Authentication Enabled as well as NTLMv2 being forced. This worked fine until the server had to reboot for updates. Now, I cannot RDP into my server anymore. I get this error trying to connect via RDP:

An authentication error has occurred - The function requested is not supported enter image description here

This translates to: An authentication error has occurred. The function requested is not supported

I tried several things I found by googling, for example adding extra SecurityPackages values to the registry as described here: http://funeasytech.com/rdp-connection-error-of-the-requested-security-package-does-not-exist/ but that didn't work. Neither did changing the Group Policy on the client solve my issue, as described here: https://stackoverflow.com/questions/17371311/the-function-requested-is-not-supported-exception-when-using-smtpclient-in-azu

The problem is that I don't have physical access to this box, only via RDP. The server is running Windows Server 2012 R2 Standard, the client is running Windows 10 Pro.

How can I regain access to my server?

1:

Aravinda
  • 1,081
  • 5
  • 12
  • 30
Freek
  • 521
  • 1
  • 4
  • 6
  • Have the same problem, seems to be something client side, as I can connect from other computers. Client also on Win 10 Pro. Did you ever find the solution? – toster-cx Nov 29 '16 at 16:14
  • I have the same problem, client is a 2012R2 itself, can't connect to several Windows Servers anymore. Other clients work, so I blame it on the client not the remote server as well. – Peter Hahndorf Mar 04 '17 at 05:03
  • Details on the error should be in the Windows event log: `Microsoft-Windows-TerminalServices-RDPClient/Operational` – Peter Hahndorf Mar 04 '17 at 05:16
  • @toster-cx Sorry for the delayed reply, but no, I did not find a solution and ended up formatting the machine :( – Freek Apr 26 '17 at 07:00
  • @Freek any chance you used blackbird or similar software on the client machine? This solved it for me: https://serverfault.com/questions/818792/ – toster-cx Apr 29 '17 at 11:45
  • @toster-cx Yeah I remember install EvlWatcher before it broke down, pretty similar to BlackBird by the looks of it. – Freek Apr 30 '17 at 10:20

4 Answers4

55

I had the same issue. I found the issue has to do with a Windows Update patch that was pushed out to my work station in last nights Windows Updates. There was a critical CVE (CVE-2018-0886) for RDP which required a patch to fix.

If your workstation is patched, but your server isn't, your workstation will fail to connect.

Quoting from the following blog website with information about the issue, you've got three options:

  • Patch your target computer for CVE-2018-0886 (Recommended)
  • Enforce the Vulnerable parameter on the source computer (Not recommended)
  • Disable NLA on your target computer (Not recommended)

I didn't have alternative access to the server(remote access only), so I had to chose Option 2 so I could go do the updates on the server.

I opened the start menu on my work station, searched for "group policy", clicked Edit Group Policy. Then following Microsoft spec, Go to "Computer Configuration -> Administrative Templates -> System -> Credentials Delegation", then :

  • Setting Encryption Oracle Remedation set to "Enabled"
  • In Options below, set "Protection Level: to Vulnerable
Joshua Michael
  • 661
  • 5
  • 9
  • 1
    Thank you, man. I dig into this a hour already. Lowering security from System -> Advanced didn't worked. Microsoft should add a warning, or better message, instead of blocking access. P.S. **Encryption Oracle Remedation** is the key, which must to be enabled. – TPAKTOPA May 10 '18 at 08:15
  • Well, I have windows 10 Home and there is no Group Policy! – Ali Yousefi May 12 '18 at 06:47
  • My Windows 10 machine had this problem after updating. Could not connect to a Windows Server 2016 box. Installed KB4103723 on the server, rebooted, and can now connect. Server 2012 r2 will need KB4103725. – root May 14 '18 at 19:15
  • Do you have to reboot your client after applying this GPO change? – RonJohn May 18 '18 at 15:01
  • @RonJohn No, I didn't have to reboot. – Joshua Michael May 21 '18 at 00:04
2

See Windows RDP: ‘An authentication error has occurred’

This is happening after you have a applied a windows security update it was this security update. It also tells you how to change your GPOs accordingly.

Don’t Simply Uninstall Windows updates KB41037272. and or KB4103718 – just because something works does not mean that’s what you should do!

Pete Long
  • 21
  • 1
2

I had the same issue with a remote VM, with only RDP access. This worked for me...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters] "AllowEncryptionOracle"=dword:00000002

Thomas
  • 4,155
  • 5
  • 21
  • 28
David Hahn
  • 21
  • 2
0

If your target server is Windows Server 2016, the first package from this list (2018-05 Cumulative Update for Windows Server 2016 for x64-based Systems (KB4103723)) worked for me:

  • Download and Install on target server
  • Restart

As already mentioned, this is the recommended way and does not require any other changes on source machines.

For Windows Server 2012 R2 the package 2018-05 Security Only Quality Update for Windows Server 2012 R2 for x64-based Systems (KB4103715) from here solved the issue.

Alexei
  • 202
  • 3
  • 11