Security groups can do the same things that a distribution group can do with the added advantage that they can also be used to assign permissions to files or shares whereas distribution groups cannot. 


If that is the case then why would anyone ever want to create a distribution group instead of a security group?


You want to create a distribution group if you intend to use the group for email distribution rather than for security.

Adding a user to a large number of security groups will increase the size of the user's security token (e.g. NTFS, Public Folder permission), a problem that will be avoided by using distribution groups where a security context is not required.


AD Groups supported in eMailSignature:

  1. Distribution lists
  2. Nested distribution lists
  3. Security groups - no nested groups