Hi!
I am monitoring the behavior of the deployment of certificates from the CA and i have not seen the cross forest is not enabled from the failed request until now.
For the RPC error. I just found out that the workstation that have this error cannot reach its parent domain in Forest B we allow it first then test manual enrollment via mmc and it has successfully enrolled the certificate.
additional I also added domain computers group from forest B and its child domain and domain controllers group to the certificate services DCOM access in Forest A. I don't know if this also has an impact to fix the issue. But its worth a try.
Until now Cross forest enrollment is okay. and will still monitor and update this thread if something unusual comes up.
Thanks for all your help!
@Vadims Podāns @Daisy Zhou @Thameur-BOURBITA