Hi @Glenn Maxwell ,
According to my test results, you need to create a mail enabled security AD group(mail enabled DL AD group does not work). Then users in the synchronized group can access to sharepoint site.
Because syncing Active Directory groups to azure ad can only be mail enabled groups.
Reference: https://learn.microsoft.com/en-us/azure/active-directory/hybrid/concept-azure-ad-connect-sync-user-and-contacts
Below are my test results:
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.