Hi @Mike Morgan ,
We can assume the the service account is not a member of the protected users group.
There are a few things you can check:
Ensure that constrained delegation has not been enabled, check this article https://learn.microsoft.com/en-us/windows-server/security/kerberos/kerberos-constrained-delegation-overview
When Logged in with the service account can you complete the operation in error report manually, do you get the same error.
Probably not related but worth checking, is the group in question protected by the sdprop process, check out the page: https://nettools.net/sdprop/
Does the service account have rights to update the target objects, in the error report the source user object has been deleted, is this the first time a source object has been deleted and hence why you are only just seeing the error. You could check the service account has effective right by look at the AD effective rights article on the NetTools site.
Is there any additional logging you can enable to get more details on the cause of the problem.
Hope this helps,
Gary.