I had a question around adding multiple AGPM servers into a single domain. I understand that in the AGPM deployment documentation it says:
Note Ensure that each domain is served by only one AGPM Server. Do not let multiple AGPM Servers serve the same domain.
But what is the actual negative effect of having multiple AGPM servers in a single domain? I assume it is to do with someone attempting to take control of the same GPO from multiple servers? If this is the case, and you run AGPM with least privilege access and they can only control the GPO's you give the service access to, is this still an issue? Or are there other factors which need to be considered?