diff --git a/python/samba/tests/dcerpc/raw_protocol.py b/python/samba/tests/dcerpc/raw_protocol.py
index 95b3533cfad..0cc26cf4d56 100755
--- a/python/samba/tests/dcerpc/raw_protocol.py
+++ b/python/samba/tests/dcerpc/raw_protocol.py
@@ -6720,6 +6720,7 @@ class TestDCERPC_BIND(RawDCERPCTest):
 
     def _test_spnego_level_bind(self, auth_level,
                                 g_auth_level=dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY,
+                                auth_pad_alignment=dcerpc.DCERPC_AUTH_PAD_ALIGNMENT,
                                 alter_fault=None,
                                 request_fault=None,
                                 response_fault_flags=0):
@@ -6749,10 +6750,10 @@ class TestDCERPC_BIND(RawDCERPCTest):
         self.assertIsNotNone(g)
 
         stub_bin = b'\x00' * 17
-        mod_len = len(stub_bin) % dcerpc.DCERPC_AUTH_PAD_ALIGNMENT
+        mod_len = len(stub_bin) % auth_pad_alignment
         auth_pad_length = 0
         if mod_len > 0:
-            auth_pad_length = dcerpc.DCERPC_AUTH_PAD_ALIGNMENT - mod_len
+            auth_pad_length = auth_pad_alignment - mod_len
         stub_bin += b'\x00' * auth_pad_length
 
         if g_auth_level >= dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY:
@@ -6882,6 +6883,20 @@ class TestDCERPC_BIND(RawDCERPCTest):
                                             request_fault=dcerpc.DCERPC_NCA_S_OP_RNG_ERROR,
                                             response_fault_flags=dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE)
 
+    def test_spnego_integrity_bind_auth_align4(self):
+        return self._test_spnego_level_bind(auth_level=dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY,
+                                            g_auth_level=dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY,
+                                            auth_pad_alignment=4,
+                                            request_fault=dcerpc.DCERPC_NCA_S_OP_RNG_ERROR,
+                                            response_fault_flags=dcerpc.DCERPC_PFC_FLAG_DID_NOT_EXECUTE)
+
+    def test_spnego_integrity_bind_auth_align2(self):
+        return self._test_spnego_level_bind(auth_level=dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY,
+                                            g_auth_level=dcerpc.DCERPC_AUTH_LEVEL_INTEGRITY,
+                                            auth_pad_alignment=2,
+                                            request_fault=dcerpc.DCERPC_NCA_S_PROTO_ERROR,
+                                            response_fault_flags=0)
+
     def test_spnego_privacy_bind_none(self):
         # This fails...
         return self._test_spnego_level_bind(auth_level=dcerpc.DCERPC_AUTH_LEVEL_PRIVACY,
diff --git a/selftest/knownfail.d/dcerpc-auth-pad b/selftest/knownfail.d/dcerpc-auth-pad
index f1daffa3771..add136710e0 100644
--- a/selftest/knownfail.d/dcerpc-auth-pad
+++ b/selftest/knownfail.d/dcerpc-auth-pad
@@ -17,3 +17,4 @@
 ^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_tail_pad_ntlm_auth3
 ^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_tail_pad_spnego_alter
 ^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_auth_tail_pad_spnego_auth3
+^samba.tests.dcerpc.raw_protocol.samba.tests.dcerpc.raw_protocol.TestDCERPC_BIND.test_spnego_integrity_bind_auth_align2