• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

Tachytelic.net

  • Sco Openserver
    • Sco Unix Support
    • SCO Openserver Installation ISOs
    • SCO Openserver Binaries
    • Add a Hard Drive to an Openserver 5 Virtual Machine
    • Install SCO Vision SQL-Retriever ODBC Driver on Windows 10
    • License Expired on Virtual SCO Openserver Installation
    • How to reset the root password on SCO Openserver 5
  • Scripting
    • PowerShell
      • Add leading zeros
      • Check if a File Exists
      • Grep with Powershell
      • Create Environment Variables
      • Test for open Ports
      • Append to a Text File
    • VBScript
      • Check if a File Exists
      • lpad and rpad functions
      • Windows Update E-Mail Notification
  • Office 365
    • Connect to Office 365 with PowerShell
    • Add or remove an email alias using Powershell
    • Change Primary email address of Active Directory user
    • How to hide an AD user from the Global Address List
    • How to hide mail contacts from the Global Address List
    • Change the primary email address for an account with PowerShell
    • Change Primary email address of an AD User
    • Grant a single user access to access to all calendars
    • Forward email to an external address using Powershell
    • Convert shared mailbox to user mailbox with Powershell
  • Get in Touch
  • About Me
    • Privacy Policy

Remote Desktop CredSSP encryption Oracle remediation Registry fix

February 20, 2019 by Paulie 8 Comments

This is a quick credssp registry fix for the following error when trying to connect to a machine using RDP (Remote Desktop):

Image showing RDP CredSSP Authentication Error when connecting to a host with RDP
An authentication error has occurred. The function requested is not supported

This is because the server you are connecting to is not patched up to date, and the machine you are connecting from is. Modify the registry to allow your machine to connect to it:

  1. Open Regedit.
  2. Navigate to the following registry key, or create it if it does not exist:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters
  3. Create a new DWORD value called “AllowEncryptionOracle“
  4. Set the new registry entry to have a value of 2:

    Image showing AllowEncryptionOracle registry entry being set to a value of 2
    Set the value of AllowEncryptionOracle to 2
  5. Connect to the server that you were unable to connect to before.

Run this from an elevated command prompt to achieve the same result:

REG ADD "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters" /v AllowEncryptionOracle /t REG_DWORD /d 2

This registry entry is a temporary workaround until you have patched your server, when you have done that, remove the setting with this command.

REG Delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters" /v AllowEncryptionOracle

Related

Filed Under: Technical Posts Tagged With: Remote Desktop, Windows Server 2012 r2, Windows Server 2016

Reader Interactions

Comments

  1. shreyash says

    August 6, 2019 at 6:09 pm

    Wow Thats straight forward simple and effective.
    Thanks for making simple and easy steps.
    thaks alot

  2. fredrick says

    September 12, 2019 at 10:47 am

    great,

  3. agung says

    September 16, 2019 at 5:45 am

    thank you, work in me

  4. Maricela Hdz says

    May 14, 2020 at 11:46 pm

    I Love it!! thank you

  5. Martin Brown says

    May 15, 2020 at 12:07 pm

    It worked for me as well

  6. olukotun Abayomi says

    May 22, 2020 at 9:40 pm

    Thanks boss

  7. Jose Castineiras says

    July 17, 2020 at 7:59 pm

    Amazing, if the creddssp\parameters folder does not exist create it and it work.

  8. Ravi says

    November 25, 2020 at 8:43 am

    Thanks. worked….

Leave a Reply Cancel reply

Primary Sidebar

Link to my LinkedIn Profile
Go to mobile version