I am trying to clean up 2003 directory services. I am getting W32Time errors all over the domain controllers and clients. On the domain controllers, I have the default domain policy pointing at time.apple.com; NTP; defaults- and the time server enabled for directory services which does not seem to be working, I'm guessing I may have overlooked something and need a second opinion. We have mac's in house and management thought this was a better approach than the default windows time server.
My default domain policy aims at my PDC with 0x02 to round robin to all domain controllers, but I have a domain controller that was demoted and is in the environment as a member server hosting a critical web app, for some reason clients are trying to target this server as a time source and domain controller. Can I perform a partial metadata cleanup of some sort to remove the pointer to it as a replication/time partner without destroying the computer object to retain the web application?