-
Notifications
You must be signed in to change notification settings - Fork 3
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
windows 2008 #20
Comments
I'm receiving a mix of this and failures after "Step 5", quite intermittently |
Server 2008 (non R2 version) is quite difficult because it doesn't have TLS 1.2 available as a reliable patch. I know Microsoft did release a TLS 1.2 patch but from my testing it just doesn't work from a server perspective. The The other issue is that the 3rd step can change based on the CredSSP version in play. By default Have a look at the security event logs on the Windows host to see if it gives you any error codes that explains the failure. Also try just connecting with CredSSP auth from an actual Windows client to ensure that the host itself isn't faulty. |
Sorry, I should've said that my test host is 2008R2 (I may have misread the title of this bug!). I've in fact got two separate systems that exhibit this issue so it seems fairly easily reproducible - I wonder whether MS have released a patch that's changed something slightly. I've checked the security event logs and can't see anything immediately apparent and I can RDP into both hosts which from what I've read uses CredSSP too? Is there anything else I should be looking for or any other information you need? |
windows server 2008 r2 ,After The Windows update.Server did not response with a CredSSP token after step Step 5. Delegate Credentials - actual '' |
They did but that was in 2018. This library should support servers with and without this patch though. One issue with both Server 2008 and 2008 R2 is that they both don't have TLS 1.2 enabled by default. If you haven't installed the TLS 1.2 patch and enabled the protocol on the server through the required registry keys then CredSSP will be using TLS 1.0. This has some problems in the handshake process and requires a specific flag to be set
There's nothing else that I know off, you might be able to get some more information by enabling SChannel debug logs and see if that reports anything. Also making sure you can connect using CredSSP with native PowerShell remoting |
Server did not response with a CredSSP token after step Step 3. Server Authentication - actual 'Negotiate, CredSSP'
The text was updated successfully, but these errors were encountered: