How To Fix "CredSSP" Error When Remoting into Windows Server 2012 R2 and Other Versions

Had to set up a new Windows Server 2012 R2 virtual machine. I’d run into this problem before but it cleared up on its own after updates. This fix works on other versions of Windows as well. I won’t go into specific details because the firewall configuration varies for each version of Windows whether it is Server or a Desktop version.

The issue is that at least on virtual machines, Server 2012 won’t let you RDP into the box. This is true even if Remote Desktop access is enabled either manually or by group policy. Your first step is to let RDP through the firewall.

Allow Remote Desktop Access Through Windows Firewall

I don’t have steps for this yet, but it’s fairly simple. Get into Windows Firewall through the control panel. Under whatever sort of network you’re connected to there are rules for letting applications and protocols though the firewall. Just enable all of them labeled “Remote Desktop”. There were two on my Server 2012 R2 box.

Fix CredSSP Error After Enabling Firewall Access

I’ve had this happen a few times. The specific error is something like this (I copied from Microsoft).

An authentication error has occurred. The function requested is not supported. Remote computer: <computer name or IP>. This could be due to CredSSP encryption oracle remediation.

The problem usually clears up on its own after updates. The specific update you need to install is KB4103725 to fix the issue. You can get this update through Microsoft’s Update Catalog.

If you aren’t trying to fix Server 2012 R2, here’s a link to a Microsoft article with the version of the update you need. It’s very specific and I tried installing the 2012 non-R2 version on mine twice before realizing there was a separate update for R2.

3 replies on “How To Fix "CredSSP" Error When Remoting into Windows Server 2012 R2 and Other Versions”

The update in May is made to correct how CredSSP validates requests during the authentication process. Microsoft has found a credssp error in rdp and found a fix for the vulnerability by mandatory requiring to update both the client and server computer to work properly.

Upgraded server 2008r2 to 2012 and came across this error. To fix this error followed the GPO method but could not find Encryption Oracle Remediation. does this mean i should do a manual entry into registry?

I don’t think you’d need to apply any kind of registry edits. Every time I’ve seen this happen it’s resolved by updates. There are a couple of powershell scripts you can run remotely on your server to attempt a fix on that MS article. Getting into the server physically and running updates fixes it most of the time. If it’s a VMware vm the esx console will work in lieu of a monitor.

Leave a Reply

Your email address will not be published. Required fields are marked *