Last Updated on July 11, 2015 by Dishan M. Francis

In one of my previous posts I explain the how to setup a branch network properly. In there I mentioned how we can utilize the bandwidth between corporate office and the branch office. One of the method we can use for that is universal group membership caching. If the branch office AD servers are not acting as global catalog servers, UGMC allows to store data about membership of the universal groups in cache. This cache is set to update in every eight hours by default. As result of UGMC, branch office domain controllers can process the log on or resources requests without going to a GC server via WAN link.

UGMC have to enable per site basis. In order to get this function work, each user must have logged on when GC server available and UGMC feature is enabled.

Let’s see how we can enable this feature.

1)    Log in to the domain controller as member of domain admin group or enterprise admin group.
2)    Then go to server manager > tools > active directory sites and services


3)    Then in mmc, select the Site you need UGMC enabled


4)    In right hand panel right click on “NTDS site settings” and click properties


5)    In properties window click to enable “Enable Universal Group Membership Caching


6)    Under the refresh cache from drop down you can select which site it should use to get the cache.


7)    Once this is done click ok to apply the change

Now it enables UGMC in the given site. If you have any questions about the steps feel free to contact me on