That is controlled by the attribute primaryGroupID
. It is not exposed by the default UserPrincipal
so you must either make your own subclass that exposes it or use the more RAW underlying System.DirectoryServices
objects and set the attribute.
(UPDATE: 2008 and earlier articles of MSDN magazine are no longer available via a web interface. You need to download the January 2008 magazine's chm file and find the article "Look it Up: Managing Directory Security Principals in the .NET Framework 3.5" to see the article about making a subclass)
The attribute value is the RID of the group so you need to get the primaryGroupToken
attribute from the new group and set it to the users primaryGroupID
attribute.