Confluence doesn't seem to currently support nested groups with LDAP External User Management. We'd like to have a structure in LDAP (we use Active Directory) such as:
Information Systems (IS Head Person, IS Assistant)
Communications (Person 1, Person 2 ..)
Infrastructure (Person 2, Person 5 ...)
HR (HR exec)
Payroll (another person)
Leave Management (another person, someone else)
Such that if USE permission is granted to a particular group, all members of that group and members of child groups. This would also need to apply when granting permissions for Spaces and Pages.