Tag Archives: SEC_E_UNSUPPORTED_FUNCTION

Lync 2010 - NTLM protocol failed with error SEC_E_UNSUPPORTED_FUNCTION

If you receive this error inside of the Lync Server event log on your Front End server:

User authentication with NTLM protocol failed with error SEC_E_UNSUPPORTED_FUNCTION. This indicates a potential mismatch between security policy settings on the client and server computers.

Cause: This error can occur if the settings in "Network security: Minimum session security for NTLM SSP based (including secure RPC) clients" policy on the client computer are not the same as the settings in the "Network security: Minimum session security for NTLM SSP based (including secure RPC) servers" policy on this server. By default, the "Require 128-bit encryption" setting is disabled for computers running Windows Server 2008, Windows Vista, Windows Server 2003, Windows 2000 Server, or Windows XP. For computers running Windows 7 or Windows Server 2008 R2, this setting enabled by default.
Resolution:
Ensure that the "Network security: Minimum session security for NTLM SSP based (including secure RPC) clients" policy settings on the computers from which users log on are the same as "Network security: Minimum session security for NTLM SSP based (including secure RPC) servers" policy settings on this server.

Here is the fix:
1. Open up Group Policy Editor (Start->Run->gpedit.msc) (Or if you are on a domain, open up group policy editor on the domain controller)
2. Expand Local Policies under Computer Configuration
3. Select Security Options
4. Scroll Down and find the following policies:

  • Network security: Minimum session security for NTLM SSP based (including secure RPC) clients
  • Network security: Minimum session security for NTLM SSP based (including secure RPC) servers

5. Change both policies to have "Require 128-bit encryption" checked

Reboot the machine(s)