W2000 Server --> SBS 2003 --> Logon Failure: The target account name is incorret.

I have a SBS 2003 Premiun Server and a W2000 Server. The last is used for fax services and terminal services and it is BDC for the domain.

The W2000 server chrashed last week and we recovered to a 2-months old stage. Now we are getting the following situations:

1.- When trying to access share drives out of the SBS or just browse the \\SBSSERVER we get: Logon Failure: The target account name is incorret.

2.- Changes to Active Users & Computers on SBS are not replicated to W2000.

3.- On the SBS Event viewwer we found multiple:
Event Type:      Error
Event Source:      Kerberos
Event Category:      None
Event ID:      4
Date:            5/24/2007
Time:            8:38:21 AM
User:            N/A
Computer:      SBSSERVER
Description:
The kerberos client received a KRB_AP_ERR_MODIFIED error from the server FAXSERVER$.  The target name used was ldap/faxserver.colonial.local. This indicates that the password used to encrypt the kerberos service ticket is different than that on the target server. Commonly, this is due to identically named  machine accounts in the target realm (COLONIAL.LOCAL), and the client realm.   Please contact your system administrator.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
------------------------------------------

Event Type:      Error
Event Source:      NTDS Replication
Event Category:      Replication
Event ID:      1863
Date:            5/23/2007
Time:            6:36:09 PM
User:            NT AUTHORITY\ANONYMOUS LOGON
Computer:      SBSSERVER
Description:
This is the replication status for the following directory partition on the local domain controller.
 
Directory partition:
CN=Schema,CN=Configuration,DC=colonial,DC=local
 
The local domain controller has not received replication information from a number of domain controllers within the configured latency interval.
 
Latency Interval (Hours):
24
Number of domain controllers in all sites:
1
Number of domain controllers in this site:
1
 
The latency interval can be modified with the following registry key.
 
Registry Key:  
HKLM\System\CurrentControlSet\Services\NTDS\Parameters\Replicator latency error interval (hours)
 
To identify the domain controllers by name, install the support tools included on the installation  CD and run dcdiag.exe.
You can also use the support tool repadmin.exe to display the replication latencies of the domain controllers in the forest.   The command is "repadmin /showvector /latency <partition-dn>".

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
------------------------------------
Event Type:      Warning
Event Source:      NTDS KCC
Event Category:      Knowledge Consistency Checker
Event ID:      1308
Date:            5/21/2007
Time:            5:41:09 PM
User:            NT AUTHORITY\ANONYMOUS LOGON
Computer:      SBSSERVER
Description:
The Knowledge Consistency Checker (KCC) has detected that successive attempts to replicate with the following domain controller has consistently failed.
 
Attempts:
3
Domain controller:
CN=NTDS Settings,CN=FAXSERVER,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=colonial,DC=local
Period of time (minutes):
131
 
The Connection object for this domain controller will be ignored, and a new temporary connection will be established to ensure that replication continues. Once replication with this domain controller resumes, the temporary connection will be removed.
 
Additional Data
Error value:
8524 The DSA operation is unable to proceed because of a DNS lookup failure.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
------------------------------------

So, it is clear that there is an issue with AD replication. What can we do? We have remote user unable to logon.

Any ideas will be highly appreciatted.

P/Hermida