While doing tests for GPO I have a lot of message like this in the log:
BAD SIG NTLM2: wanted signature over 199 bytes of input:
 01 00 00 00 7C 54 B8 9A 0C 73 04 05 00 00 00 00 ....|T.. .s......
BAD SIG: got signature over 199 bytes of input:
 01 00 00 00 07 4B 78 45 20 F9 EE 3C 00 00 00 00 .....KxE ..<....
NTLMSSP NTLM2 packet check failed due to invalid signature on 199 bytes of input!
Does this cause failures, or just noise?
Some windows clients send sealed data but indicate it as signed. We try one and then the other.
(yes, we should quiet the warning)
I'm not sure wether it's noise or error. It looks like the first one though but this message appear in the whole thing that is not working ...
I've to admit that I notice this also on my Windows client test box (Win2k) but I didn't notice errorneous behaviour. I think it could just be threated as a kind of warning.
Andrew, would you like to comment on those warnings? I think they're just normal and we should close this bug.
We just need to quiet the warning, it's expected (sadly we are forced to try one mode, then try the other)
Just a warning.
Should be fixed!