Our Computers are out by a couple of minutes on the network. I have checked the registry on a computer and found that the type is NT5DS which I believe that it is getting the time from our Domain Server. Also in the registry under NtpServer it is stating time.windows.com.
I have searched around and found that w32tm may have something to do with changing the time.
I'm looking for the correct way of changing the time, but keep the NTP internal rather than get the time from an external source. Also my concerns are, will the computers on the network be OK after the time change, as I have heard that if the system is more than 5 mins out of the NTP it can stop things from working.
Best Answer
There is a built-in hierarchy for this already, and you shouldn't change it. The computers will find a domain controller nearest to them for time synchronization based on the site and subnet information defined in Sites and Services. Those domain controllers in turn will synchronize their time with the domain controller that holds the PDC emulator FSMO role. That domain controller holding the role should be configured to use NTP time synchronization against a reliable source be it internal or external, and all the rest of the domain members should fall in line. Typically people will sync against NIST, Microsoft, Apple, or pool.ntp.org. It's also pretty common to have your core switch/router do this and then point all devices needing time sync to that.
EDIT
Here is a couple articles referring to doing just this:
http://technet.microsoft.com/en-us/library/cc786897(v=ws.10).aspx
http://social.technet.microsoft.com/wiki/contents/articles/8863.time-service-configuration-on-pdc-emulator-fsmo-role-holding-domain-controller-en-us.aspx
Here's the command to run on your DC that is the PDC emulator:
All you need to do here is configure and sync that PDC emulator DC and everything else joined to AD will start to synchronize and you can call it a day. Attached the image below for your reference (it's in one of the links above). It's also worth noting that this takes care of your Microsoft systems just fine, but if say you had Linux servers or networking devices needing NTP protocol responses you may run into compatibility issue since Microsoft's implementation as an NTP server is shall we say... not so great. Like I mentioned above I will typically point my core router at an external time source, and then point the PDC emulator at that. Everything else in my network needing NTP gets pointed to their local router which is in turn pointed to my core router.