Replace w32tm with NTP on 2008 domain controller

We have a 2008 R2 domain spread over many sites around the world and have been using the built in w32tm service for quite some time. We have found that the times are inaccurate in the order of seconds between devices in the domain.
More importantly we have some devices (Cisco switches) mark the DCs time servers as insane and do not sync their time at all.
Cisco states that insane is used rejects NTP servers with large offsets – however we , and others on the web have found that this is also done for the SNTP server in Windows 2xxx.

So we have begun experimenting with replacing the W32TM service with a real NTP service as this article from Microsoft implies this is allowed. I say implied as it doesn't specifically mention DCs but its an article on how the whole hierarchy works.

The Windows Time service (W32Time) can be completely disabled. If you
choose to implement a third-party time synchronization product that
uses NTP…

This avoids the need to re-point our clients

However we now get errors from DCdiag – Some we can probably say are false positive type results for example "A Time Service could not be located" and an expected result for this message "the 32Time service is disabled"
However we also get in the Locator checks the message "The server holding the PDC Role is down"

So my questions are – has anyone done this sort of replacement , does anyone know if the PDC emulator actually relies on the W32Tm . Alternatively is there a better way to do this
The alternative seems to me is to run a separate NTP hierarchy which has the problem of where do I put it and I then have two known different clock sources in the domain and have to re-point our clients, or wait to upgrade to 2016.