When Cisco routers are configured to use the NTP servers placed in the Active Directory, the Cisco routers do not receive any NTP packets from the NTP server. This issue occurs because Cisco routers use NTP and Active Directory domains use W32Time service. W32Time uses Simple Network Time Protocol (SNTP), a subset of NTP, for time synchronization. SNTP and NTP use the same network-packet format. The main difference between SNTP and NTP is that SNTP does not provide the error-check and filtering functions that NTP provides. Cisco router and switches use NTP and allow for all error-checking and filtering functions provided by NTP v3.
Windows W32Time shows that it is an SNTP implementation inside (rather claiming itself NTP). Cisco IOS-NTP, which tries to sync with W32Time, gets its own root-dispersion value that it sends to the W32Time and this proves costly for Cisco IOS-NTP to synchronize. Because the root-dispersion value of Cisco IOS-NTP goes higher than 1000 ms, it unsynchronizes itself (clock-select procedure). Since the Cisco IOS based routers run the full RFC implementation of NTP they do not sync to an SNTP server. In this case the output of the show ntp associations detail command shows that the server is flagged as insane, invalid. The root dispersion value is in excess of 1000 ms, which causes the Cisco IOS NTP implementation to reject the association. Routers that run Cisco IOS can be unable to synchronize to an NTP server if it is a Windows system that runs the W32Time service. If the server is not synchronized, the routers are not able to transmit to and receive packets from the server.