I'm going to move my PDC emulator role off of a W2K3 server to a 2K8 R2 server, so I started looking into Windows time and looking at how our Time is currently setup, and I'm confused.
My current PDC emulator is setup to pull time from an external source and we have rules in our firewalls that allow for this. In the registry, under HKLM\System\CurrentControlSet\Services\W32Time\Parameters\NtpServer is set to an external address.
But, when I look at any other server I see the same registry key set to time.windows.com,0x1, if the server is 2003 and time.windows.com,0x9, if it's a 2K8 R2 server. I did a NSLOOKUP on time.windows.com and come up with 65.55.21.21. That address is no where in our firewalls and we don't use DNS names in our firewalls.
So, does the Type REG_SZ of NT5DS force my other DCs and member servers to look to my PDC Emulator instead of what is listed in the NtpServer field? I've been trying to find this answer for a little while now, but I haven't found anything definitive.