Hello,
I'm trying to figure out the reason for some LDAP traffic between our root and subdomains. Using Process Monitor I was able to find out that Oultook.exe is connecting to every domain controller from every subdomain using LDAP. Please see the screenshot I attached.
Basically we have some Terminal servers running in the root Domain and Users connecting to them. Our users mailboxes are running on Office 365 and we have several instances of Azure AD Sync which sync our users to multiple O365 tenants.

After blocking LDAP between our root and subdomains, everything still seems to work fine. But I wanted to find out why Outlook is trying to connect to other subdomain controllers?
Do you have any idea?
Regards,
Philipp
