I have my AD DC set the time for my network. Since it’s not really that good at keeping time I had to set the DC to pull the time from the govn’ment. I set all this via command line in Windows 2008. I would cite where I got this from but didn’t note it at the time, sorry!
### steps to set up NTP servers on DC ###
0. make sure UDP port 123 is open bi-directionally
1. stop time service (net stop w32time or in list of services)
2. configure external sources-
w32tm /config /manualpeerlist:"0.pool.ntp.org,1.pool.ntp.org,2.pool.ntp.org" /syncfromflags:manual
3. set DC as reliable-
w32tm /config /reliable:yes
4: start time service (same as above)
5. check event viewer for errors
So once the DC is ‘cool’ for time giving, how is far off is it?
### to check how off your time is ###
w32tm /stripchart /computer:0.pool.ntp.org /dataonly
Then set the DC to use the internet time.
### to set your time to internet time ###
W32tm /resync /computer:time.windows.com /nowait
Then on each client machine you use the following to set them to use the DC for time giving-
### set time from DC ###
net time \\home.server.com /set /y
Good luck!
UPDATE-
This time I made note of where I got the instructions from- https://www.faqforge.com/windows-server-2016/configure-ntp-server-windows-server-2016/. The only addition this makes is to note the PowerShell command to update on the client side.