Connecting applications to AD
Here I'm collecting all I learn about connecting applications to AD, most often this is done with LDAP.
Most applications can handle recursive groups in LDAP/AD with the search filter.
Here's one such filter example.
(&(objectClass=user)( memberOf:1.2.840.1135184.108.40.2061:=CN=My nested group,DC=domain,DC=local )(name=Stefan Midjich))
The OID placed in memberOf is a sort of AD recursive search function that tells LDAP to recursively search the group ''CN=My nested group'' for the name=Stefan Midjich.
So don't ask me how it works but there are apparently pre-defined OIDs like that, it's not random or specific to the OIDs in your directory.