1 person found this helpful
We're obviously not experts on the Windows time service, but an NTP query from ESXi to a Microsoft Domain Controller will not work (that is, ntpq -p 10.7.10.108 will always fail) because the Windows time service does not support NTP mode 6 packets. These packets are control messages for NTP, To our knowledge, the Windows time service supports mode 3 (client) and mode 4 (server) packets, but not mode 6 packets.
According to this Microsoft KB article: How to configure an authoritative time server in Windows Server "The PDC master must not be configured to synchronize with itself." [Click on the + that is just after the sad looking faceless person holding a wrench.]
If you really want to synchronize your ESXi server with an Windows Active Directory Server that has no upstream servers, you must do three things via regedit on your Windows 2008 R2 server. First, in W32Time/Config, set AnnounceFlags to 5. Second, in W32time/Config, set LocalClockDispersion to 1. Third, in W32Time/Parameters, set Type to NoSync. Exit regedit, stop and start the w32time service.
I can't say that I would recommend this approach, but it should work.