Recovery : Authentication error occurred – Requested function not supported

Since the May 2018 Windows 10 update, most computers that have the Windows Remote Desktop feature installed are experiencing the “RDP Authentication Error, Requested Feature Not Supported” issue when they receive the following error when connecting to a remote computer using RDP.

An authentication error has occurred.
The requested function is not supported

This is due to a recently patched vulnerability in Windows 10 and Windows 7. After installing the latest update KB4103727 for Windows 10 version 1709 and KB4103718 for Windows 7, you get this error.

If you use the Remote Desktop Protocol on your network and allow connections to your server, you should probably fix this bug immediately.

Windows uses the Credential Security Support Provider (CredSSP) protocol to authenticate clients to RDP servers. A serious vulnerability has been discovered in the CredSSP protocol, which can affect the security of both server and client.

To address this issue, Microsoft has introduced the Network Level Authentication (NLA) protocol, which works in conjunction with CredSSP to pre-authenticate RDP client users via TLS/SSL or Kerberos.

In a situation where the server does not have the required Windows update patch, the updated client computer will refuse to connect to the unprotected server because Microsoft makes it mandatory to enable NLA to securely connect to the remote desktop.

What causes the ‘authentication occurred – the requested feature is not supported’ error

What causes the 'authentication occurred - the requested feature is not supported' error

We investigated this specific issue by reviewing several user reports. From what we have seen, there are several different scenarios that could cause this particular error message.

  • Error caused by a Windows update: There is a strong possibility that the error is caused by a Windows update released in mid-2018. The patch forces Remote Desktop Connection to ensure that both affected workstations are running the March 2018 CredSPP patch. By updating both computers with the latest updates, you ensure that they are ready to allow Remote Desktop Connection.
  • Oracle Encryption recovery policy disabled: some affected users found that the local group policy was disabled in their case the culprit. If the operating system version allows it, you can probably get around the error by enabling the Oracle Encryption repair policy.
  • AllowEncryptionOracle has a value of 2: there is a specific registry key (AllowEncryptionOracle) that is known to trigger this particular error message when it is not enabled. Several users experiencing the same problem have reported that after changing the registry key, the problem was resolved.

If you are having trouble resolving this error message, check out this article to check out the steps to fix it. Below is a set of methods that other users in a similar situation have used to fix the error Authentication error encountered during the requested function is not supported.

All of the methods below should help you solve the problem. So follow the method that seems most appropriate for your scenario.

 

To fix the authentication error that occurred – the requested function is not supported

To fix the authentication error that occurred - the requested function is not supported

Disable network-level authentication on the RDP server

The first way to fix the “Requested feature not supported” error in RDP is to disable network-level authentication on the RDP server side. To do this:

  1. Open System Properties and select the Remote tab.
  2. Uncheck Allow connections only from computers running Remote Desktop with network-level authentication and click OK.
  3. Note: If the RDP server is a Windows 7 computer, select the Allow connections from computers running any version of Remote Desktop (less secure) checkbox.
  4. Now try to connect to the server using the RDP client.

Enable the Oracle encryption patch on the RDP client

The next way to fix the “Requested feature not supported” authentication error in RDP is to change the Oracle Encryption patch settings on the Remote Desktop client. To do this:

On professional versions of Windows:

  1. Press Windows + R to open the Run command window.
  2. Type GPEdit.MSC and press Enter.
  3. In the Group Policy Editor, go to the following path (in the left pane):
  4. Computer Configuration -> Administrative Templates -> System -> Delegation of Authority.
  5. In the right pane, open the Oracle Encryption patch settings.
  6. Select “Enable”, set the “Degree of protection” to “Vulnerable” and click “OK”.
  7. Close the Group Policy Editor and try to connect to the RDP server.

In Windows Home versions:

  1. Open a command prompt as an administrator. To do this:
  2. In the search box, type: command prompt or cmd.
  3. Right-click on the command line results and select Run as administrator.
  4. At the command prompt, type the following command and press Enter.
  5. reg add “HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesSystemCredSSParameters” /f /v AllowEncryptionOracle /t REG_DWORD /d 2
  6. Close the command line and restart the computer.
  7. After the restart, connect to the server using the Remote Desktop application.

 

Frequently Asked Questions

The first way to fix the "Requested feature not supported" error in RDP is to disable network-level authentication on the RDP server side. To do this, open the System Properties and select the Remote tab.

  1. Adjust the remote desktop settings.
  2. Enable Oracle Encryption Fix.
  3. Edit the registry.
  4. Remove updates from May.
  5. Perform an onsite update.

If only one user is affected, try resetting the user's password and uncheck "Change password at next login".

  1. Go to Computer Configuration -> Administrative Template -> System -> Credential Delegation -> Oracle Encryption Removal.
  2. Double-click "Encryption Oracle Remediation", select "Enable" and change the security level to "Vulnerable", then click "Apply" or "Ok".