You may encounter difficulties managing one of your domains, even though the service account has all the required permissions.
This may relate to the misconfiguration of the domain and its policies in ARS.
1) Make sure the 'Use as unmanaged domain' option is not selected
2) Check if the "Exclude from management scope" policy is listed for the affected domain
3) If the policy is missing, please ad it to the domain
4) Block the policy
5) Then remove the policy from domain