NTP Server is setup for ntp keys. How can we configure windows server to communicate to our time server using the keys?
Solution 1:
w32time is not compatible with ntpd's symmetric key implementation. Meinberg cites Microsoft MS-SNTP spec in which packets are either using MS netlogon based auth extension, or unauthenticated. ntpd gained experimental mssntp support, but no guarantee it will be available on your NTP server.
The goal of NTP auth is to reduce the risk of an impostor NTP server serving the wrong time. When this is difficult to implement, use alternative controls at the network level.
Assuming you wish to continue running your NTP servers on not-Windows, remove the keys and use unauthenticated. Domain controllers use it as an "internet" source. Protect the NTP server by restricting access to it. Use a private network for transport. Limit queries to allowed subnets with firewalls and possibly ntpd's restrict keyword.