Pi-Hole, Part Two

So after DHCP propagated my new Pi-Hole servers I've realized that my test domain is unable to authenticate. This makes sense to me now because PH-01 and PH-02 have no way of finding my test domain do they? So in this scenario I have two sets of DNS servers that don't know about each other. I could point the DCs to Pi-Hole or I could point Pi-Hole to the DCs.

Well if I point the DCs to Pi-Hole that will have my clients utilizing the DCs for DNS which would mean all the cool logging in Pi-Hole would be worthless as it would all come directly from the DCs. So I'll have my clients point to Pi-Hole, and have Pi-Hole point towards the DCs. Just look at all the pretty graphs! Why wouldn't I want to look at them?

So to achieve this I logged into Pi-Hole and go to settings. Then the DNS tab. I uncheck all the Upstream DNS Servers then I add DC-01 and DC-02's IPs to the two Custom Upstream DNS Servers. When I go to test I am still having trouble with logging into domain machines.

So I go to Local DNS and select DNS Records and I add the following A records:

• domain.local > 10.10.10.XXX
• domaindnszones.domain.local > 10.10.10.XXX
• dc-01.domain.local > 10.10.10.XXX
• dc-02.domain.local > 10.10.10.XXX
• forestdnszones.domain.local > 10.10.10.XXX

At this point all of my testing is successful so it looks like I am all done here.