From the reporter:
> 1. You have a new Windows 10 client
> 2. The computer MUST NOT be in the computer list in the AC-DC
> 3. You join the Windows client to the domain and reboot
> 4. About when the login screen appears on the Windows client, the
> error message pops up.
> If the computer is already listed in the AD-DC, you can remove and
> rejoin the Windows Client as much as you want without the error.
> And if the computer object is new, it also only happens I would say 4
> out of 5 times.
> I was able to record the logs with your suggested loglevel and a
> corresponding tcpdump. I will send it to you separately, maybe it
> Since everything else is working fine (join, login etc) this is
> definitely not a critical issue IMHO.
Created attachment 15939 [details]
packet which Samba parses incorrectly, eventually giving 'bad pad length'
Created attachment 15940 [details]
packet which Samba parses correctly
Both these dumps are cut off not to include the SPNEGO packet, as that may be sensitive, but it shows how we get the parse wrong.
The unclear message is improved in Samba 4.13 with:
Author: Andrew Bartlett <email@example.com>
Date: Fri Apr 24 11:04:00 2020 +1200
librpc: Provide clearer debug messages for malformed DCE/RPC bind
Signed-off-by: Andrew Bartlett <firstname.lastname@example.org>
Reviewed-by: Douglas Bagnall <email@example.com>
This is not fixed
Windows seems to be lazy and just changes num_contexts from 3 to 2,
but leaves the space for the 3rd context in the pdu, but leaves
auth_pad_length = 0.
So we have to ignore any padding bytes without generating an protocol error.