My company employs Active Directory security groups to administer permissions in SharePoint online. For example we have a SharePoint group that has contribute permissions to one of our sites. We make the security group a member of that SharePoint group. When an employee requires contribute permissions to that site we simply add that person to the AD security group and wait for replication. That approach has served us well...until now.
Now, when adding an employee to a security group that is a member of a SharePoint group we find that the permission level that SP group should confer is not being passed onto said employee. When you examine the employee's permission under "Check Permissions" they only show limited access with no mention of membership in that SP group. This remains true even days after the employee has been added to the security group. Any advice?