N-central RDP Connections

Is your N-Central, Take Control RDP Connection not working?

N-Central, Take Control RDP Connections not working

N‑able™ Take Control is a remote support solution which has troubleshooting tools designed to help you resolve issues quickly and effectively.

The Take Control tool on N-Able is the default and preferred (mostly) tool to connect to any server or workstation. But sometimes, there are problems quite frequently wherein the Take Control does not work for various reasons.

The alternative in such cases is using RDP to connect to the device. However, in such cases, we need RDP to be enabled on the device before we can use this option. In some cases, because we don’t have access to the server, it is not possible to enable RDP.

To work around this issue, we can add a registry key via the N-Able Tools command line. This is done to enable RDP remotely on the server without having to access the server. However, please note that the device needs to have N-central Professional License and “Direct Support” enabled under N-Able Device settings.

 

In the device view on N-central, Navigate to Tools > Command prompt

Paste the below mentioned key to ensure RDP connections are accepted:
reg add “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server” /vfDenyTSConnections /t REG_DWORD /d 0 /f

 

In some cases, after entering the login credentials the server returns the error: “An authentication error has occurred. The function requested is not supported. Remote computer: <computer name or IP>. This could be due to CredSSP encryption oracle remediation.

 

What is CredSSP?

CredSSP stands for Credential Security Support Provider protocol. As the name itself suggests, CredSSP is a Security Support Provider and it is implemented by using the SSPI – Security Support Provider Interface.

 

Why does a CredSSP error occur?

It occurs if you are trying to establish an unsecured RDP connection and if the connection is blocked by an Encryption Oracle Remediation policy setting on the server or client. This setting defines how to build an RDP session by using CredSSP, and whether an unsecured RDP is allowed.

This error usually is caused when CredSSP updates are not installed on the client or the server, or when the Windows updates on the server are not up to date. Ideally, to resolve the issue, CredSSP updates need to be installed for both client and server so that RDP can be established in a secure manner.

However, if this error still comes up, even after installing the updates, or for some reason, you are unable to install the updates and need to access the server, the error can be bypassed via another registry key. Again, the N-central license requirements need to be in place for the Tools to work.

If presented with a credSSP issue, paste the following key:
REG ADD “HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters” /v AllowEncryptionOracle /t REG_DWORD /d 2

and the issue should be resolved.

 

Upcoming

We upload new blogs on our website quite frequently.  Keep an eye out for those.

Lastly, if you need any help with more such IT Solutions, you can reach out to us. We’ll be happy to resolve your queries. 

 

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Sreehari Kartha
Sreehari Kartha

Sreehari Joined Infrassist in 2013 as a NOC engineer. He currently works with us as a senior engineer and Tech lead specializing in Sophos XG and Sophos Central with extensive experience in Microsoft Office365, Servers, Exchange, and Anti-Spam Gateway solutions like Mimecast and SolarWinds N-able Mail Assure.

Thanks For Reading