edpa.exe enumerating user's AD groups on system power on
We have some behavior I can't explain which has been producing significate network impact. We have traced our issue to edpa.exe perform LDAP group enumeration AD groups of logged in users. This is generating a signifcate amount of LDAP traffic across my orginization. Everything from security groups to distribution lists that the logged in user belongs to is being enumerated by DLP. This happens once when the computer is powered on. Has anyone seen this behavior and what could be causing it?