You can exclude a specific user from a DD group with the Set-DynamicDistributionGroup commandlet. Specifically with the -RecipientFilter option.
Example:
Set-DynamicDistributionGroup -Identity MadeUpName -RecipientFilter {((RecipientType -eq 'UserMailbox') -and -not(Name -like 'Journal User'))}
Note that this example is just with recipient type = userMailbox. You can get the current recipientFilter of your DD group and modify it however from powershell.
(get-DynamicDistributionGroup -Identity MadeUpName).RecipientFilter
This means that I create AD Group, enable mail, and put users I want,
in. Then, the replication will synchronize AD Group with O365 (with
DirSync if I'm right).
That's pretty much it, yes. There's plenty of resources out there covering the installation and setup of DirSync, and you may refer to this table of attributes that are synced from on-premises AD to Office 365. You can manually trigger a sync of dirsync by opening DirSyncConfigShell and running Start-OnlineCoexistenceSync
So you can create a DG on-premises, set the Mail and ProxyAddresses attributes and then DirSync will create a synchronised DG in O365. This group will show up in the ECP > Groups, the same as a group which is created online. However, since the group was created on-premises it must be managed on-premises (as the sync is one-way). Trying to alter the attributes online will give you:
The action 'Set-DistributionGroup', 'PrimarySmtpAddress', can't be
performed on the object 'IT-team' because the object is being
synchronized from your on-premises organization.
There is no need to mail-enable the DG, as DGs are mail-enabled by default at creation.
To be clear, question is : Can I create a DG from local AD server in
PS (Create-Group), by setting the mail address (and others attributes
I dont now yet), and then Exchange will see it as a good DG and I'll
be able to send email to it ?
Broadly yes. You'll have to use a PS cmdlet that actually exists though, ie New-ADGroup and specify -GroupCategory Distribution
Best Answer
It seems that it is not possible to do this. It is possible to convert a distribution group to an o365 group however. I have not found documentation to support my statement, but I was told this by a microsoft tech.