Pi-Hole 5.0 in combination with Microsoft AD

Osanse · May 12, 2020, 7:55am

I've been using Pi-Hole happily for quite sometime now in our Windows Active Directory domain.
The setup is as follows
client → Microsoft DNS → Pi-Hole → OpenDNS

This works great since AD authentication is working as designed and clients can find all the required srv records in the Microsoft DNS.
Up till now the only drawback was that I could not see who did what query but that was not a huge issue.
With the release of the 5.0 and the client and group based exceptions I would really like to be able to get my setup like this.
client → Pi-Hole → Microsoft DNS → OpenDNS

I've already tested with it and configured as follows
Custom Upstream DNS Server = internal Microsoft DNS

This is giving me authentication problems on my domain.

jfb · May 12, 2020, 2:04pm

Do you need conditional forwarding in this instance? The Microsoft DNS is already acting as the upstream DNS server for Pi-hole, so anything Pi-hole cannot resolve goes to the Microsoft DNS server.

Osanse · May 12, 2020, 2:11pm

The idea was better safe than sorry, but even with this setup I get authentication issues in the domain and problems with clients unable to register DNS records.

I know the solution is to just use: client → Microsoft DNS → Pi-Hole → OpenDNS but it would be really nice if somebody found a way around this.

system · June 2, 2020, 2:11pm

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.