I use Azure Virtual Machines (VMs) a lot for demos and testing. Recently when I tried to connect to some of my VMs using remote desktop I got a error message. The message read “An authentication error has occurred. The function requested is not supported.” Researching this error on the Internet led me to a security update applied to Windows 10 and Windows Server 2016 that was rolled out on April 17, 2018. This update includes an update for the Remote Desktop Client (RDP) to fix a CredSSP authentication protocol vulnerability. After the update is applied you can no longer RDP to any machine that isn’t fully updated. My problem was that my Windows 10 laptop had been updated, but my Azure VMs had not been updated.
I’ve seen several fixes on the Internet to workaround this problem temporarily using registry settings or Group Policy Objects (GPO). Unfortunately, the only Active Directory server involved was also on Windows Server 2016, so there was no way to attach to it make registry changes or modify GPO settings. But I was able to find another workaround that let me access the affected servers via RDP so that I could update them.
The Solution
The trick was to find a server or workstation that hadn’t been updated yet. In my case I had a local Windows 8.1 Hyper-V VM that I hadn’t updated in a while. Using that I was able to access the affected VMs and run Windows Update. Once the update was applied I could RDP into them from my Windows 10 laptop.
I also found that I could still RDP from my iPhone to the affected servers to apply the update. I admit that the screen size is pretty small and difficult to work with, but it is possible. So if you don’t have a workstation or server that hasn’t been upgraded recently you can try to RDP in from your non-Microsoft phone. Note: I didn’t try using Android, but I assume it will also work.