I have been looking at an Active Directory that has several thousand groups, where pairs of groups are members of each other.
GroupA has GroupB as a Member.
GroupB has GroupA as a Member.
Oy. I am trying to think through possible consequences of this circular nesting of groups.
Best Answer
Well first of all, be careful that you don't have users that are members of too many groups - this can cause their token to be too large and you end up with things like this:
And also GPOs will stop being processed, startup scripts, etc.
This isn't directly answering your question, but a bunch of nested groups can definitely exacerbate this problem. There's nothing inherently terrible about groups being members of one another. i.e. the space-time continuum will not tear open... the only things I can think of is that you might confuse some applications that make extensive use of LDAP queries... things like Exchange, etc.