LDAP traffic between Outlook clients and domain controllers

Philipp Mair 26 Reputation points
2021-04-07T13:45:47.617+00:00

Hello,

I'm trying to figure out the reason for some LDAP traffic between our root and subdomains. Using Process Monitor I was able to find out that Oultook.exe is connecting to every domain controller from every subdomain using LDAP. Please see the screenshot I attached.
Basically we have some Terminal servers running in the root Domain and Users connecting to them. Our users mailboxes are running on Office 365 and we have several instances of Azure AD Sync which sync our users to multiple O365 tenants.

85316-2021-04-07-09-23-58-mremoteng-confconsxml-cloudacs.jpg

After blocking LDAP between our root and subdomains, everything still seems to work fine. But I wanted to find out why Outlook is trying to connect to other subdomain controllers?

Do you have any idea?

Regards,
Philipp

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,123 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,852 questions
Outlook Management
Outlook Management
Outlook: A family of Microsoft email and calendar products.Management: The act or process of organizing, handling, directing or controlling something.
4,885 questions
Accepted answer
  1. Daisy Zhou 18,701 Reputation points Microsoft Vendor
    2021-04-22T06:11:34.91+00:00

    Hello @Philipp Mair ,

    Thank you for your update.

    This may involve how Outlook works.

    According to my guess, it may be that the Outlook mailbox account comes from AD, so you need to go to AD to find the corresponding account and the information in the account attributes, such as display name, email and other information.

    I suggest you can try to ask the question in Outlook forum by selecting Outlook tag, open a new post again.

    Thank you for your understanding and support.

    Best Regards,
    Daisy Zhou

    0 comments

3 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Daisy Zhou 18,701 Reputation points Microsoft Vendor
    2021-04-08T08:38:27.68+00:00

    Hello @Philipp Mair ,

    Thank you for posting here.

    I asked the engineer from outlook team, they told me we can see LDAP information of outlook below.

    85629-ldap1.png

    Internet directory services, also known as LDAP services, are used to find e-mail addresses that are not in your local Outlook contacts. Directory services search directories on other servers to look up names and other information that can then be viewed in Outlook. You can locate an LDAP server on the Internet, on your organization's intranet, or through another company that hosts an LDAP server.

    For more information, we can read the third-part link .
    Setting up Outlook to Use LDAP Address Book
    https://support.kerioconnect.gfi.com/hc/en-us/articles/360015199019-Setting-up-Outlook-to-Use-LDAP-Address-Book

    LDAP in Outlook 2013 & 2016 (Windows)
    https://help.uis.cam.ac.uk/service/email/hermes/ldap-settings/outlook-2013-and-2016-windows

    Please note: I am sorry, I can not find official link to explain it. Information posted in the given link is hosted by a third party. Microsoft does not guarantee the accuracy and effectiveness of information.

    Best Regards,
    Daisy Zhou

    1 person found this answer helpful.
    0 comments
  2. Philipp Mair 26 Reputation points
    2021-04-22T05:49:25.567+00:00

    Hello Daisy,

    sorry for my late reply.
    Yes, I'm aware that it's possible to manually configure LDAP servers as an additional Adress Book. I also checked and non of our users enabled this feature.
    But we still see LDAP traffic coming from Outlook.exe, trying to reach all Domain Controllers from all subdomains.

    Regards,
    Philipp

    1 person found this answer helpful.
    0 comments
  3. Philipp Mair 26 Reputation points
    2021-04-22T06:27:16.16+00:00

    Ok thank you Daisy!