I'm currently helping a company that got following issue:
Their needs are to block sites like youtube.com/facebook.com etc anything not work related.
That is currently done by redirecting the website on the Domain Controllers DNS, so the users can't do domain lookups.
The problem is that some users need to get access to some of those websites.
The current solutions that is done is with changing the dns on the users PC to googleDNS.
But that leaves problems when the users need to sync up to the AD.(note the company currently only has one DC)
I have tried with creating hosts file on the PC while using google dns
But still when doing nslookup to dc00/dc00.company.local or 10.8.8.2 it wont look up in the hosts file before it looks in google dns.
Anyone have idea what a possible solutions could be?