Greetings @all, I would like to know the way Server 2003/2008 replicates the Universal Group Membership Caching tokens from/to a GC. Lets say I have 2 Sites, one main office and one branch office with a slow link. In the branch office I have 4 DCs running. I enable UGMC on the Sites Interface so now it is enabled and working for all 4 DCs, correct? That means if a user logs on for the first time, the DC that is the nearest will answer the users request and contact the nearest GC server in the main office? If yes, will that DC, lets say DC3 ask the main offices GC holder DC directly or will this traffic only happen over the designated Bridgehead Server in my branch office, lets say DC1? Second question is, if the 8 hours intervall update from DC3 will take place directly with the GC holder in the main office or if this also would take place over the defined Bridgehead Server DC1 in the branch office. Me and a colleague can't really follow these logics and we couldn't find any information on the net about this replication. It is also mentioned that the UGMC information is replicated among all the DCs in the branch office so we really would like to know what way everything takes and how it is replicated. It would be very nice if some pro could spend a few mins and answer our questions, thanks a ton and many greetings from Germany, Max

Hi To refresh the cache, domain controllers running Windows Server 2003 will send a universal group membership confirmation request to a nearest available global catalog directly. As its not related to any active directory replications, related request all the individual DCs contacts the nearest available global catalog directly after every 8 Hrs. For more info http://technet.microsoft.com/en-us/library/cc737290(WS.10).aspx RegardsRajesh J S

Hi ,Thank you for posting in windows forums,You can configured UGMC on the domain controllers . when users inital domain login occurs the request is placed to the DC with UGMC configured and that DC will contact the GC for first time and caches the user info . When the same user logins again into the domain then DC will not contact the GC rather uses Cached memberships and service user request.And when configuring the setting you can specify the site of the GC ,which i guess answered your 1st question.users --> DC ( with UGMC configure ) <---> GC regarding second question look at the below articlehttp://support.microsoft.com/kb/871159sainath !analyze

Thanks for all your answers ^^ I am a bit confused now, because it is said that you can't configure UGMC on a domain controller... it is a site setting and all domain controllers in that site would be UGMC enabled. Like @Rahjesh J S mentioned above. So if I get all the info correctly the domain controller that would serve the user in a specific site would contact the defined GC server individually and then replicate its cached info to all other dc's in that site? Sorry, but I am in that exam and one question points that out. Thanks kindly, Max

Hi, The domain controller obtains the universal group membership for a user from a global catalog the user attempts to log on for the first time. Every DC will contact GC to get the UGMC information. Generally speaking, cache will not be replicated to other DCs. Thanks. This posting is provided "AS IS" with no warranties, and confers no rights.

Ok, many thanks, that explains everything ^^ Thanks kindly, Max