So far any group in the user's token could be used as primary group.
Windows doesn't check if the primary group is enabled or not, it just
has no meaning. From a POSIXy point of view it can lead to weird
results though.
* uinfo.cc (check_token_membership): New static function.
(internal_getlogin): Only allow enabled groups as primary group.