We do have a case where we would like to setup an Exchange distribution group (created using New-DistributionGroup with closed joining and leaving) in order to easily reach multiple teams. Adding users directly works just fine but using the security groups of those teams doesn't seem to work. The security groups are not mail enabled but each individual user object within the security group has a mailbox.
Would anyone happen to know if there is a way to make this work? It looks like distribution groups only check their direct members? Could it be because the distribution group is a universal group while the security groups are just global? I do know the revers doesn't work.
One question I came across mentioned this technet article citing the general definition of a distribution group as an answer but that doesn't answer the question.
Best Answer
As joeqwerty commented it doesn't seem like this is possible. There is no direct documentation that states this, just various posts on questions regarding this topic.
The best answer I came across was on a technet forum post from Jason Chao:
It's not actually a AD limitation. Running
Get-ADGroupMember -Recursiveon a distribution group is working perfectly fine. It's an Exchange limitation which only looks at group members that are mail enabled. So nesting mail enabled groups works. I haven't tried whenever just populating the E-Mail address field of a group might be enough.