You can get this error while trying to open an RDP session.
An authentication error has occurred. The function requested is not supported
This is due to a combination of three factors:
- You activated NLA on your target computer
- The target computer is not patched for CVE-2018-0886
- You enforced the Force updated clients or Mitigated parameters on the source computer
Actually, NLA uses CredSPP (for pre-authentication) which is impacted by CVE-2018-0886.
The most common scenario is the following one:
- You enforced NLA on your servers since a long time
- You recently patched your workstations for CVE-2018-0886 and enforced the Force updated clients or Mitigated parameters on your workstations
- However, meanwhile, you didn’t patch your servers for CVE-2018-0886
- An now you are stuck with this error message when you try to open an RDP session on a non-patched server.
Choose one of the following solutions and see links in the More about section below if you don’t know how to do it.
- Patch your target computer for CVE-2018-0886 (Recommended)
- Enforce the Vulnerable parameter on the source computer (Not recommended)
- Disable NLA on your target computer (Not recommended)
Despite solution 2 and 3 are really not recommended, they can be a temporary workaround until you patch your target computer.
A possible resolution plan could be:
- Enforce the Vulnerable parameter on all computers (i.e. workstations and servers) with a GPO.
Now, as soon as this GPO has been deployed everywhere,
everything is working fine again,
and you have all the time you want to deploy the patch for CVE-2018-0886.
- Patch all computers (i.e. workstations and servers) for CVE-2018-0886
- Update the GPO to enforce the Force updated clients or Mitigated parameters
Finally, Microsoft has published an article about this issue.
You can find it here: