Hi Sanjeev,
I’ll answer your questions separately:
Q1: Now if user is connected to O365 mailbox, then where will be authentication done?
A1: That will depend on if the ADFS service is deployed. If ADFS service is deployed, the user will need to authenticate from the on-premises AD server. Otherwise, he/she will be authenticated directly from Office 365.
Q2: Why do we need Microsoft managed domain controller at Microsoft forest?
A2: After deploy DirSync, all the user attributes will be synced to Office 365, which will be used in Exchange Online and other Office 365 services. If we don’t have the AD services provided in Office 365, we will need to manually copy these attributes to Office 365.