Whilst trying to setup the Dirsync/AAD Connect group licensing, I came across this the link below:
https://docs.microsoft.com/en-us/azure/active-directory/active-directory-licensing-group-advanced#limitations-and-known-issues
Great read, outlining the following limitations of AAD Connect replication:
- Group nesting.
- Group licensing being only available to security groups.
- Impacts of removing a user from a group.
- Performance implications.
- Logging and auditing.