We have recently added our first child domain into our forest and we are currently seeing LDAP traffic between the root and child domain which we were not expecting. We have noticed that all of our root domain PCs seem to be sending LDAP packets to the child domains DC when logging on, unlocking PCs etc. Is there any way of preventing the traffic between the domains? Any advice on the matter would be highly appreciated. Thanks.