Can Identity Manager manage the Primary Group field on Active Directory Endpoint accounts?

All Identity Manager versions

IM application does not support directly managing the AD Primary Group field and so this cannot be done with out of box functionality. Also if you were to look at the field in the Provisioning Manager it is a read-only field without the ability to modify it either.

The only suggestion I can make would be if you were to implement custom java code to be executed by the PX Policy where that custom code would then execute PowerShell to perform the modify you want.

This is a KB Article which explains the PX Policies executing custom java code:

https://knowledge.broadcom.com/external/article/36219

You can then search online for examples of how to use PowerShell to manage the AD primary group field.