September 10, 2016

How to force Google Safe Search - Microsoft AD DNS

Forcing safe-search for Google is very simple, and pretty hard to turn off. Couple it together with filtering DNS queries and you’ve got yourself a pretty robust content filter.
First I’m going to show you the powershell way, then I will show you the GUI way.

add-dnsserverprimaryzone -ReplicationScope Forest -Name -Verbose
Add-DnsServerResourceRecord -DName -ZoneName -name "@" -DomainNameAlias -Verbose
Add-DnsServerResourceRecordA -IPv4Address -name "@" -ZoneName -Verbose
As you can see the powershell way is the preferred method.
Here’s how to do it the GUI way:
Open up AD DNS or just type dnsmgmt.msc in a RUN box.
Add a new primary zone, replicated to the whole forest for “”
Now go to the zone, and create a A record pointing to “”.
Now right click and create ” other new records…” we’ll select DNAME.
Now add “” as the FQDN, leave alias name blank.
Now flush your DNS and test it out!

if we try to turn safesearch off via the settings, it does not work!!!
Same result.




Post a Comment