powershellactive-directory

What is the correct way to set an AD user country?

I have to maintain a PowerShell script which transfer the employees informations from our database into our Active Directory.
This script runs every night automatically with elevated rights that I do not posess. In other words, I cannot "test" the script. To run the script, I have to commit my changes and create a PR that will trigger a deployment when accepted and wait until the next morning to see if it worked.
The informations are usually updated without any problems, except for the country. I tried updating the fields countryCode, c and co and it didn't work because we received an error like "value was not in the acceptable range...". Apparently this error happens when you try to update one of these 3 fields separately.
I found how to update them all at once and I was going to make the changes but I was surprised to discover that there is another field called Country.
I have a few questions :

  1. Why does that Country field even exist ? Aren't countryCode, c and co enough ?
  2. Should I update Country or should I update the countryCode, c and co ?
  3. Why are there 4 different fields in the AD just to hold the country ?

I'd like to know more about this because I really want to get this right on the second try (the first one failed, hence why I'm here) Thanks in advance for your help !

Solution

  • Why does that Country field even exist ? Aren't countryCode, c and co enough ?

    It doesn't actually exist - the Country property exposed by the ActiveDirectory module maps directly to the c attribute in the AD schema - it's just an alias.

    Should I update Country or should I update the countryCode, c and co?

    Given the answer above, no, you don't need to set Country when you set c.

    Why are there 4 different fields in the AD just to hold the country ?

    As we've established, there are only 3: