I have a server that is running NTP and is configured to get it's time
from NIST. This server is the primary source of time on my network.
I'm not using broadcast mode or peer to peer mode and all of my servers
and workstations are set to use this server to get time. This is the
only device in which the NTP ports are opened for in our perimeter firewall.

I have a problem with workstations trying to GIVE time to this server.
I'm not using any encryption keys so the server is not allowing this but
I don't understand why these workstations think that they are
authoritative over the server.

One thing that comes to mind is that Windows Time service does not use
NTP. I'm wondering if the workstations - being the MS beasties they are
- think that because the Windows Time service says they should be
authoritative - that they are ending up trying to push their info out to
the other devices?

Any thoughts or help on this would be appreciated.