The issue I am facing:
Hi everyone, I'm having an issue implementing PiHole, computers keep losses connection with the Active directory once I impost the DNS of PiHole, it doesn't lose it immediately but after a restart of the PC.
I tried to setup a recrusive DNS, modifying the Host file and added the DNS of the Active Directory but nothing changed.
Any Ideas?
Details about my system:
Please upload a debug log and post just the token URL that is generated after the log is uploaded by running the following command from the Pi-hole host terminal:
pihole -d
or do it through the Web interface:
Tools > Generate Debug Log
thanks for the reply, please view the file below that contains the debug log information
(Moderator edit: explicit debug log removed)
(Just post the token, please. For your own privacy and security, do not post the full, unsanitised debug log output here.)
Your debug log suggests that you haven't fully onfigured the firewall on the CentOS system that is hosting your Pi-hole:
*** [ DIAGNOSING ]: FirewallD
[i] Firewalld service active
[✓] Allow Service: http
[✓] Allow Service: dns
[✓] Allow Service: dhcp
[✓] Allow Service: dhcpv6
[✗] FTL Custom Zone Not Detected (https://docs.pi-hole.net/main/prerequisites/#firewalld)
See also our documentation on Pi-hole's prerequisites.
EDIT:
I see your Pi-hole's only upstream is at 192.168.9.199, and you also have enabled Conditional Forwarding to 192.168.9.1.
Presuming .199 to be your AD server and .1 to be your router, that would mean that your AD doesn't receive that fraction of DNS queries that you configured to be sent to your .1.
Depending on how your .1 further handles those requests, that may or may not interfere with your intended resolution of local names.
This might have to do with the fact that PCs keep disconecting from Active Directory?
so i have to disable conditional forwarding 9.1?
Are my assumptions correct, or is .199 another router or switch?
To help me answer your question, perhaps you could detail your intended DNS resolution chains?
yes, you are correct, i want that the pc first looks for the DNS .199 (AD) and than the pihole dns, the point is that the PCs shouldn't lost the connection with the AD while using pihole dns to block/whitelist pages
How is your router currently configured to make use of Pi-hole?
For that to happen, you'd have to configure your AD to use Pi-hole as its only upstream DNS resolver, and your router to distribute your AD as local DNS server.
There should be no references to Pi-hole in your router.
Your DNS resolution chain would then look like this:
client 
AD Pi-hole public DNS resolver
This will only provide local names if your AD is actually aware of local names, which probably would require your AD to employ the equivalent of Pi-hole's Condtional Forwarding if your router would be handling DHCP.
isnt this the same thing by setting the dns of AD in the host file and then setting the dns of pihole manually on pc?
No.
It is unclear what host file you are referring to.
On Linux, /etc/hosts holds IP address to name associations - it is not involved in determining which DNS resolver is used.
If you manually configure your PC to use Pi-hole as DNS server, your resolution chain would be:
client Pi-hole public DNS resolver
And that would contradict your intention:
The file i am refering to is in windows OS C:/Windows/System32/Drivers/etc
That file has the same intent then /etc/hosts - no effect on choice of DNS resolvers.
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.