Forum Discussion
ATP GMSA Password password could not be retrieved
I have 8 Domain Controllers in my test environment. Four are failing with the error above. The gmsa is configured and the DC's are in a security groups that has "PrincipalsAllowedToRetrivePasswo...
Are the 4 DCs in a different domain? They won't be able to access the credentials if there isn't a two-way kerberos trust between the two domains.
Otherwise, I'd recommend opening a Service Request for this one. Seems like you hit all the obvious nails.