This domain controller has received an invalid Authentication Service (AS) request from the primary domain controller (PDC). It is possible that someone is attempting to spoof the PDC for the domain.
Verify that this domain controller can communicate with the PDC by reviewing the alerts created by the AD Op Master Response script.
Verify that there is no firewall blocking the Kerberos port.
Reset the password on the machine account for the PDC.
Use Adsiedit.msc to verify that the PDC machine account does not have a user principal name (UPN) defined.
For more information, see:
Microsoft Help and Support for Microsoft Windows Server 2003
Microsoft Knowledge Base