samba - Sep 2014 - change primaryGroupID - unwilling to perform

My tool is growing fast and it takes me to the finishing line for 
setting up my new user database. But nw I came across another strange issue:

I'd like to change the primaryGroupID. It is currently set to 513, which 
simply does not exist. I wanted to set to 100, which exists and actually 
the user is a member of this group, but then I get the following exception:

ldap.UNWILLING_TO_PERFORM: {'info': 'error in module samldb:
Unwilling
to perform during LDB_MODIFY (53)', 'desc': 'Server is unwilling
to
perform'}

This is the equivalent LDIF:

dn: CN=Lars LH. Hanke,CN=Users,DC=ad,DC=microsult,DC=de
changetype: modify
replace: primaryGroupID
primaryGroupID: 100

Any ideas, why this is prohibited?

Regards,
  - lars.

On 11/09/14 22:31, Lars Hanke wrote:
> My tool is growing fast and it takes me to the finishing line for 
> setting up my new user database. But nw I came across another strange 
> issue:
>
> I'd like to change the primaryGroupID. It is currently set to 513, 
> which simply does not exist. I wanted to set to 100, which exists and 
> actually the user is a member of this group, but then I get the 
> following exception:
>
> ldap.UNWILLING_TO_PERFORM: {'info': 'error in module samldb:
Unwilling
> to perform during LDB_MODIFY (53)', 'desc': 'Server is
unwilling to
> perform'}
>
> This is the equivalent LDIF:
>
> dn: CN=Lars LH. Hanke,CN=Users,DC=ad,DC=microsult,DC=de
> changetype: modify
> replace: primaryGroupID
> primaryGroupID: 100
>
> Any ideas, why this is prohibited?
>
> Regards,
>  - lars.
Why do want to do this ???

Does a group with the ID '100' exist in AD ?

Much easier to do what everybody else does, just give the user a gidNumber.

Rowland