Join XP into s4?

ronnie sahlberg ronniesahlberg at
Tue Jul 7 21:09:26 GMT 2009

Can you create a keytab file containing the secret for the server?

Wireshark should then be able to decrypt SecureLDAP, both RFC1964 and
also RFC4121 style.

On Wed, Jul 8, 2009 at 7:02 AM, Volker
Lendecke<Volker.Lendecke at> wrote:
> Hi!
> While trying to join an XP workstation into a current Samba4
> DC, I'm getting
> NTLM2: created signature over 117 bytes of input:
> BAD SIG NTLM2: wanted signature over 117 bytes of input:
> BAD SIG: got signature over 117 bytes of input:
> NTLMSSP NTLM2 packet check failed due to invalid signature on 117 bytes of input!
> on stdout. This is a merged build smbd4, but running all
> services. From looking at the sniff, to me it looks that an
> encrypted LDAP connection is being terminated by the DC.
> How do I debug this? Sniffs & any logs certainly available
> on request.
> Thanks,
> Volker
> Version: GnuPG v1.4.9 (GNU/Linux)
> iEYEARECAAYFAkpTt9EACgkQbsgDfmnSbrZmQgCdEvxTRJwudeMyfn9Jeh10l7JM
> KF0AnAqvPRwGCITg3kGW7wXtyf09vxI6
> =Awgh

More information about the samba-technical mailing list