|Because network traffic does not pass through the domain controller, so you can not do monitoring on the domain controller server.|
As mentioned by wanderer, setting up a proxy server will be a good choice.
However, I would prefer setting up a mirroring port in your switch to do the job. Because setting up a mirroring port does no change to your network topology, but a proxy server requires every computer to change its settings.
In my network, I configured a mirroring port in my cisco 2950, and use a monitoring program named WFilter Enterprise to sniff internet activities. And it works well.