In a corporate environment most machines will be domain joined and therefore get their time from the DCs. However, sometimes you get a machine that isn't in the domain. By default these machines will use time.windows.com as their time source.
Does anyone see a down side to adding a DNS entry for time.windows.com that points to the internal time source? This would result in all non-domain-joined machines still syncing their time to the domain time source.
Shouldn't be a problem. Just create a zone on your DNS server called 'time.windows.com'. We do it all the time for various things we want to override.
You can also try handing out the NTP server parameter (option ntp-servers) on your DHCP server. Windows may not pick it up, but it couldn't hurt.
Another option would be to alias time.windows.com to an appropriate subdomain of pool.ntp.org (e.g. us.pool.ntp.org)...particularly useful for folks who don't have a local time server on their network. (Check out the information at www.pool.ntp.org.)