Pi-hole works by giving clients non-routable addresses in response to DNS queries of known ad-serving domains. If the client (web browser, phone, smart device, etc) doesn't let you set its DNS server (as many no longer do) and doesn't obey DHCP, then you can't feed them those addresses. You could block outbound DNS traffic from all clients except your Pi-hole, but in response some clients will just refuse to work entirely. And if they require DNSSEC (or DoT/DoH with a pinned certificate), there's nothing you can do.