Where is cached Universal Group information stored?

A. When Universal Group caching is enabled, the user's Universal Group membership is stored in the msDS-Cached-Membership attribute of the user's account, and the current time is written to the msDS-Cached-Membership-Time-Stamp value along with msDS-Site-Affinity to identify the user's logon site the first time he or she logs on. Only the msDS-Site-Affinity attribute is replicated between domain controllers (DCs); the timestamp and list of group SIDs aren't replicated and are stored only on the authenticating DC. The next time the user logs on, the system reads the SIDs from the msDS-Cached-Membership attribute instead of consulting a Global Catalog (GC), assuming the msDS-Cached-Membership-Time-Stamp is within the staleness time period (7 days by default). If the cached membership information is stale, the system consults a GC for Universal Group membership information and updates the msDS-Cached-Membership and msDS-Cached-Membership-Time-Stamp attributes. The cached information is updated every 8 hours by default, and as many as 500 accounts will refresh in each refresh cycle. To modify the default values associated with cached Universal Groups, perform these steps: