Thursday, May 17, 2018

Attempting to remote desktop to Windows server fails with the error: "An authentication error has occurred. The function requested is not supported"


You attempt to use a Windows 10 workstation to remote desktop to a server but notice that the connection fails with the following error message:

An authentication error has occurred.

The function requested is not supported

Remote computer: <computerName>

This could be due to CredSSP encryption oracle remediation.

For more information, see


Reviewing the System logs on the client will show that the following error is logged:

A CredSSP authentication to TERMSRV/ failed to negotiate a common protocol version. The remote host offered version 3 which is not permitted by Encryption Oracle Remediation.

See for more information.


Using a Windows 7 workstation to perform the same operation would display the following error message:

An authentication error has occurred.

The function requested is not supported

Remote computer: <computerName>



The cause of this error is explained in detail in the following TechNet blog post:

The short answer is that a patch was released in May 2018 that addresses a vulnerability issue with the Credential Security Support Provider protocol (CredSSP) and if you have patched your workstation with this patch but have not done the same for the server then this error would be displayed. Note that patching the server but not patching the workstation would not cause this issue.

There are several ways to work around this and they are:

Workaround #1 – Disable NLA on Server

Disable Allow connections only from computers running Remote Desktop with Network Level Authentication (recommended) for the server:


Workaround #2 – Uninstall Patch

Another way is to uninstall the patch from the workstations. The patch to uninstall for Windows 10 is:



The patch to uninstall for Windows 7 is:



You can use the following cmdlets to search:

Get-HotFix | Where HotfixID -match "4103712"

… or with the following to uninstall the patch:

wusa.exe /uninstall /kb:<KB Number>

**Refer to this blog post for using PowerShell to search for installed hotfixes:

Workaround #3 – Adjust Encryption Oracle Remediation

The new configuration that causes this error can be located on the patched workstation’s Computer Configuration / Administrative Templates / System / Credentials Delegation:


You can temporarily disable this by changing Encryption Oracle Remediation policy to Enabled, and Protection Level to Vulnerable:


Recommended Solution

The three of these work arounds is *not* recommended as they are temporary measures and does not address the vulnerability. The recommended way of addressing this would be to install the corresponding update on the server:




Anonymous said...

Thank you, I tested the 3rd Workaround and it's working well.

Anonymous said...

I tried the Workaround #3 and its working for me. Although it may make the server vulnerable but i accepted the risk on my test environment.

Mithun said...

Excellent blog post.
MCITP Training in Chennai
MCITP Training Institute in Chennai
MCITP Training Center in Chennai
MCITP Training Course in Chennai
MCITP Training