I was requested to assign a data entry person privileges to update User information in Active Directory,
I delegated a group the privilege to read and write a number of User properties on the User Object in Active Directory. The data entry lady came back to me and said that she could not access to edit 'State/Province' and 'Country/Region' properties.
Some how I failed to delegate these privileges. There does not appear to be an obvious Security permissions for these attributes.
In summary, what I am asking is for a translation between the object fields that you see in Active Directory Users and Computers, and the security privileges presented in the Security tab