Automatic certificate enrollment for local system failed to enroll for one Domain Controller certificate (0x80070005). Access is denied.
We received this error on a 2nd domain controller after installing the certificate services on our 1st domain controller.
To fix this, I added the computer account of the domain controller where the message was logged to the CERTSVC_DCOM_ACCESS security group in Active Directory.
After doing this the error was no longer logged to the event log.
If this does not help, then you might also have to restart the KDC services on the domain controller.