Please follow the below template, it will help us to help you!
Expected Behaviour:
Pihole should validate DNSSEC when acting as a forwarder from Windows AD DNS. Clients would be using AD DNS as the local resolver in DHCP
Actual Behaviour:
Pihole validates DNSSEC only if added as the local DNS on the client. DNSSEC is not validated when local DNS is set to AD and pihole is a forwarder
In this case does DNSSEC need to be enabled on the Windows side? I did search around quite a bit for this and couldn't find a solution.