Hi,
Not sure the process you created the GMSA.
If you try to use a gMSA too soon the key might not have been replicated to all domain controllers and therefore password retrieval might fail when the gMSA host attempts to retrieve the password. gMSA password retrieval failures can also occur when using DCs with limited replication schedules or if there is a replication issue.
I would recommend you recreate the KDSrootkey.
The Key Distribution Service (KDC) should be restarted on all domain controllers if the root key is recreated.
For your reference:
https://learn.microsoft.com/en-us/powershell/module/kds/add-kdsrootkey?view=win10-ps
https://learn.microsoft.com/en-us/windows-server/security/group-managed-service-accounts/create-the-key-distribution-services-kds-root-key
Best Regards,