Windows RDP – CredSSP encryption oracle remediation

I have encountered this error on several systems over the past couple of months while attempting to create an RDP session to a Windows remote machine:

RDPCredSSPError1

I found adding the registry entry detailed below to the client machine the quickest fix:

HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters 

Create REG_DWORD: AllowEncryptionOracle
Value: 2

RDPCredSSPError2

You can run the following cmd from an elevated prompt to apply the registry config:

REG ADD HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters\ /v AllowEncryptionOracle /t REG_DWORD /d 2

RDPCredSSPError3

As per MS the issue was caused by a CredSSP update:

‘The most common scenario is that the client has the CredSSP update installed, and the Encryption Oracle Remediation policy setting does not allow an insecure RDP connection to a server that does not have the CredSSP update installed.’

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s