Setting NTP on Windows 2008 Domain

There is a built-in hierarchy for this already, and you shouldn't change it. The computers will find a domain controller nearest to them for time synchronization based on the site and subnet information defined in Sites and Services. Those domain controllers in turn will synchronize their time with the domain controller that holds the PDC emulator FSMO role. That domain controller holding the role should be configured to use NTP time synchronization against a reliable source be it internal or external, and all the rest of the domain members should fall in line. Typically people will sync against NIST, Microsoft, Apple, or pool.ntp.org. It's also pretty common to have your core switch/router do this and then point all devices needing time sync to that.

EDIT

Here is a couple articles referring to doing just this:

http://technet.microsoft.com/en-us/library/cc786897(v=ws.10).aspx

http://social.technet.microsoft.com/wiki/contents/articles/8863.time-service-configuration-on-pdc-emulator-fsmo-role-holding-domain-controller-en-us.aspx

Here's the command to run on your DC that is the PDC emulator:

w32tm /config /manualpeerlist: peers /syncfromflags:manual /reliable:yes /update

All you need to do here is configure and sync that PDC emulator DC and everything else joined to AD will start to synchronize and you can call it a day. Attached the image below for your reference (it's in one of the links above). It's also worth noting that this takes care of your Microsoft systems just fine, but if say you had Linux servers or networking devices needing NTP protocol responses you may run into compatibility issue since Microsoft's implementation as an NTP server is shall we say... not so great. Like I mentioned above I will typically point my core router at an external time source, and then point the PDC emulator at that. Everything else in my network needing NTP gets pointed to their local router which is in turn pointed to my core router.