We manage many disparate domains as an MSP, naturally.
I have policies for workstations, and servers, respectively, where I want to set certain things that should be "universal". Within each policy one of the settings that is applied is credentials. These policies are set at the GlobalOrg level.
The username/password is universal across all domains, but of course the domains are different, so I have the policy set to "use machine's current domain". The policies are propagating to all the Organizations in question without problem, and the machines are not out of compliance.
The username in question is a domain admin across all the domains, and I've verified 100+ times that the password works on the clients network, and that I've typed in the correct password in the policy itself.
Yet, the credentials fail. If I apply credentials manually to the machine, they work fine.
I'd recommend you verify that you're fully up-to-date on hotfixes. There was an issue a while back regarding the background encoding of the password when set by policy, but I *believe* a hotfix was released to address that issue. Once you are up to date on hotfixes, Reapply the policy to at least one machine experiencing this issue - the reapply is NECESSARY in order for the hotfixed issue to actually populate through to the endpoint.
If that doesn't resolve the issue, please open a ticket. Support can run some checks to verify the encoding type of the passwords to determine whether that - or something else - is contributing to the issue.
I'm on SaaS platform so there's no hotfixes that I can install. I have reapplied the policy numerous times as well, as well as "clear override".
I would then suggest that you try to reprocess the policies on one machine (in the event the hf has been released and applied to the SaaS server already). But if that doesn't resolve, open a ticket with Support. They'll also be better able to identify whether the hotfix is still in the works, or if the issue you're seeing is related to that other issue.