Active Directory replication target principal name incorrect

You probably need to reset secure channel from the domain controller that is not the PDCE (CENTRAL, assuming the logs are correct and TERMINAL is the PDCE). See the following for the procedure:

Error Message "Target Principal Name is Incorrect" When Manually Replicating Data Between Domain Controllers
https://support.microsoft.com/en-us/kb/288167

On domain controllers that are experiencing this issue, disable the Kerberos Key Distribution Center service (KDC). To do so:

  • Click Start, point to Programs, click Administrative Tools, and then click Services.
  • Double-click KDC, set the startup type to Disabled, and then restart the computer.

After the computer restarts, use the Netdom utility to reset the secure channels between these domain controllers and the PDC Emulator operations master role holder. To do so, run the following command from the domain controllers other than the PDC Emulator operations master role holder:

netdom resetpwd /server:server_name /userd:domain_name\administrator /passwordd:administrator_password  

Where server_name is the name of the server that is the PDC Emulator operations master role holder.

Change the KDC service startup mode back to automatic and restart.