Active Directory

Why is there an "Access Denied" error when connecting a gMSA account?

I want to run SQL server under a domain account.
AD Server(Server 2012 R2): Dom
Domain: my.example
SQL Server(MSSQL 2008 R2: MySQLServer - it's in the domain. I
created a KDS key.
I create a gMSA record:

New-ADServiceAccount -Name SQLService -DNSHostName dom.my.example -PrincipalsAllowedToRetrieveManagedPassword MySQLServer$ -Enabled $true

As I understand it, I immediately set the account binding to the server.
Read what is better to do

ADD-ADComputerServiceAccount -identity MySQLServer -ServiceAccount SQLService

(I tried both with and without this line)
Actually, then on the SQL server itself I log in under the domain administrator account and write:
Install-ADServiceAccount -identity SQLService
What I get is the error: Unable to install the "Access Denied" service account. A process has requested access to an object, but access rights have not been granted.
It
Test-ADServiceAccount -identity SQLServicereturns True
MS SQL Server 2008 R2
What am I doing wrong?