Quite briefly - YES, if you do not remember about VPN.
A little more detailed - RPC is used to communicate with a domain controller, which uses dynamic ports by default and a bunch of vulnerabilities were found in it, so publishing the controller on the Internet is highly discouraged (although technically possible). A lot of crutches have been invented to reduce the danger, such as RODC and AD-LDS, but still not recommended. RPC is also used to replicate controllers within a site, with the same problems. Theoretically, intersite controller replication can be configured via SMTP, but no one uses this.
In short, in practice, communication between departments united in one domain is always organized through site-to-site VPN tunnels. Communication between pisyuk and controllers is either not configured in any way (the pisyuk transparently caches everything and works more or less normally outside its domain if it appears on the local network of the domain at least once every couple of months), or they also use point-to-site VPN tunnels , from classic PPTP to transparent DirectAccess.

Can you clarify what you mean by "outside the local network"?
AD - initially, this is the implementation of the Directory Services from MS.
Why would a directory service exist outside of a local network?