Error: "A Security Package-Specific Error Occurred" (Error Code: 721) in ADAudit Plus

Error: "A Security Package-Specific Error Occurred" (Error Code: 721) in ADAudit Plus

In this article:  

  • Issue description

  • Possible causes

  • Prerequisites

  • Resolution

  • Related topics and articles

  • When and how to reach support

Issue description  

When using ManageEngine ADAudit Plus, the following error message appears: "A security package-specific error occurred, error code: 721." This error occurs when attempting to audit workstations or member servers in ADAudit Plus. It affects ADAudit Plus administrators monitoring workstations and member servers. ADAudit Plus logs may contain authentication failures related to NTLM or Kerberos, and the issue is observed in specific versions of ADAudit Plus.

Prerequisites

Before troubleshooting, verify that the following prerequisites are met:

The ADAudit Plus server has network connectivity with the target machine.

Administrative privileges are available to modify DNS records and SPNs.

Possible causes  

  • DNS Resolution Issues – If the forward or reverse DNS lookup entries for the target workstation or member server are incorrect, ADAudit Plus may fail to authenticate the machine.

  • Incorrect or Outdated DNS Records – Misconfigured DNS records on the domain controller can prevent accurate name resolution, leading to authentication failures.

  • Duplicate Service Principal Names (SPNs) – If multiple machines are assigned the same SPN, authentication requests may be misrouted, causing conflicts.

  • Service Authentication Issues – The Netlogon service on the target machine may not be functioning correctly, preventing successful authentication.

  • ADAudit Plus Service Dependencies – If necessary services are not restarted after making changes, authentication issues may persist.

Resolution  

Step 1: Verify forward and reverse DNS entries  

  1. Open Command Prompt on the ADAudit Plus server.

  2. Run the following command to check forward lookup:

  3. nslookup <TargetMachineHostname>

    • Ensure that it resolves to the correct IP address.

  1. Run the following command to check reverse lookup:

  2. nslookup <TargetMachineIP>

    • Ensure that it resolves to the correct hostname.

Step 2: Update DNS records  

  1. Open DNS Manager on the domain controller.

  2. Locate the forward and reverse lookup zones.

  3. Verify that the records for the target machine are correct.

  4. Remove or update any incorrect or duplicate entries.

Step 3: Check and remove duplicate SPNs  

  1. Open Command Prompt as an administrator.

  2. Run the following command to check for duplicate SPNs:

  3. setspn -Q */<TargetMachineHostname>

  4. If duplicates exist, remove them using:

  5. setspn -D <duplicateSPN> <MachineName>

Step 4: Restart services and validate  

  1. Restart the Netlogon service on the target machine:

  2. net stop netlogon
    net start netlogon

  3. Restart ADAudit Plus and verify if the error persists.

Related topics and articles  

When and how to reach support  

If the issue persists, contact our support team here

      New to M365 Manager Plus?
      New to M365 Manager Plus?
        New to RecoveryManager Plus?
        New to RecoveryManager Plus?
          New to Exchange Reporter Plus?
          New to Exchange Reporter Plus?
            New to SharePoint Manager Plus?
            New to SharePoint Manager Plus?
                See all integrations
                New to ADManager Plus?
                See all integrations
                New to ADManager Plus?

                  New to ADSelfService Plus?

                  Start your free trial
                  Start your free trial

                      Related Products