| Release |
1.19 |
| Date |
2018-02-12 |
About this Document
This document is the schema for the first phase of the Enterprise Directory system.
It contains most of the demographic data about a person that will be in the final phase of the Enterprise Directory, with the exception of those attributes which a person will have direct control over as this directory does not allow for writes.
It also contains group and service entry representation.
ED-Auth, ED-Lite, and ED-ID attributes are marked in the objectClass outline sections.
Layout
This document will begin with an outline of the schema used in the ED-LDAP directory which will give the object class and attributes in the class as well as the DIT for the directory. An in-depth description of each attribute will follow the outline.
Indexing
As with databases, LDAP directories provide a mechanism for creating indexes.
Searching on indexed attributes provide far faster results than searching on non-indexed fields.
The two most common types of indexing for LDAP directories are equality and substring.
Those attributes marked as being equality indexed allow exact match searches to be performed against them.
Attributes indexed in a substring manner allow wildcard searches to be performed against them.
If an attribute is marked as having both equality and substring indexes, the equality search will perform better and should be used if possible.
The equality index is used when no wildcard character appears in the string being searched for.
Schema Outline
ObjectClass Outline
objectclass virginiaTechPerson
See detailed schema reference for complete attribute definitions.
| superior: |
top |
|
|
|
| required: |
|
|
|
|
| |
|
ED-ID |
ED-Auth |
ED-Lite |
| |
cn |
✔ |
|
✔ |
| |
creationDate |
✔ |
|
|
| |
eduPersonAffiliation |
✔ |
✔ |
|
| |
eduPersonPrimaryAffiliation |
✔ |
✔ |
|
| |
gender |
✔ |
|
|
| |
personType |
✔ |
|
|
| |
sn |
✔ |
|
✔ |
| |
uid |
✔ |
✔ |
✔ |
| |
virginiaTechAffiliation |
✔ |
✔ |
|
| optional: |
|
|
|
|
| |
accountCreationDate |
✔ |
|
|
| |
accountExpirationDate |
✔ |
|
|
| |
accountRecoveryMaintenanceDate |
✔ |
|
|
| |
accountShelveDate |
✔ |
|
|
| |
accountState |
✔ |
✔ |
|
| |
address |
✔ |
|
|
| |
authId |
✔ |
✔ |
|
| |
bannerName |
✔ |
|
|
| |
bannerPIDM |
✔ |
|
|
| |
c |
✔ |
|
✔ |
| |
campus |
✔ |
|
|
| |
classLevel |
✔ |
|
|
| |
classLevelCode |
✔ |
|
|
| |
confidentialFlag |
✔ |
|
|
| |
dateOfBirth |
✔ |
|
|
| |
degreeType |
✔ |
|
|
| |
department |
✔ |
|
✔ |
| |
departmentNumber |
✔ |
|
✔ |
| |
displayName |
✔ |
|
✔ |
| |
eduPersonPrincipalName |
✔ |
|
|
| |
employeeOffCampus |
✔ |
|
|
| |
expirationDate |
✔ |
|
|
| |
facsimileTelephoneNumber |
✔ |
|
|
| |
givenName |
✔ |
|
✔ |
| |
groupAddDate |
✔ |
|
|
| |
groupExpireDate |
✔ |
|
|
| |
groupMembership |
✔ |
✔ |
|
| |
groupMembershipUugid |
✔ |
✔ |
|
| |
guestId |
✔ |
✔ |
|
| |
homeFAX |
✔ |
|
|
| |
homeMobile |
✔ |
|
|
| |
homePager |
✔ |
|
|
| |
homePhone |
✔ |
|
|
| |
homePostalAddress |
✔ |
|
|
| |
initials |
✔ |
|
|
| |
instantMessagingID |
✔ |
|
✔ |
| |
jpegPhoto |
✔ |
|
|
| |
l |
✔ |
|
✔ |
| |
labeledURI |
✔ |
|
✔ |
| |
lastEnrollmentTerm |
✔ |
|
|
| |
lastEnrollmentTermCode |
✔ |
|
|
| |
localFAX |
✔ |
|
|
| |
localMobile |
✔ |
|
|
| |
localPager |
✔ |
|
|
| |
localPhone |
✔ |
|
✔ |
| |
localPostalAddress |
✔ |
|
✔ |
| |
mail |
✔ |
|
|
| |
mailAccount |
✔ |
|
|
| |
mailAlias |
✔ |
|
|
| |
mailAuxiliaryAccount |
✔ |
|
|
| |
mailExternalAddress |
✔ |
|
|
| |
mailForwardingAddress |
✔ |
|
|
| |
mailPreferredAddress |
✔ |
|
✔ |
| |
mailStop |
✔ |
|
✔ |
| |
major |
✔ |
|
✔ |
| |
majorCode |
✔ |
|
|
| |
middleName |
✔ |
|
✔ |
| |
mobile |
✔ |
|
|
| |
networkPassword |
✔ |
|
|
| |
nextEnrollmentTerm |
✔ |
|
|
| |
nextEnrollmentTermCode |
✔ |
|
|
| |
pager |
✔ |
|
|
| |
passwordChangeDate |
✔ |
✔ |
|
| |
passwordExpirationDate |
✔ |
✔ |
|
| |
passwordState |
✔ |
✔ |
|
| |
personData |
✔ |
|
✔ |
| |
postalAddress |
✔ |
|
✔ |
| |
postalCode |
✔ |
|
✔ |
| |
postOfficeBox |
✔ |
|
✔ |
| |
preferredLanguage |
✔ |
|
|
| |
publicKey |
✔ |
|
✔ |
| |
responsiblePerson |
✔ |
|
|
| |
st |
✔ |
|
✔ |
| |
street |
✔ |
|
✔ |
| |
studentLevelCode |
✔ |
|
|
| |
suppressEmployeeDisplay |
✔ |
|
|
| |
suppressDisplay |
✔ |
|
|
| |
suppressedAttribute |
✔ |
|
|
| |
telephoneNumber |
✔ |
|
✔ |
| |
title |
✔ |
|
✔ |
| |
udcIdentifier |
✔ |
|
|
| |
undergraduateLevel |
✔ |
|
|
| |
userCertificate |
✔ |
|
✔ |
| |
userPassword |
✔ |
✔ |
|
| |
userSMIMECertificate |
✔ |
|
✔ |
| |
uupid |
✔ |
✔ |
✔ |
| |
virginiaTechID |
✔ |
|
|
objectclass virginiaTechGroup
| superior: |
top |
|
|
|
| required: |
|
|
|
|
| |
|
ED-ID |
ED-Auth |
ED-Lite |
| |
contactPerson |
✔ |
|
|
| |
creationDate |
✔ |
|
|
| |
uid |
✔ |
✔ |
✔ |
| |
uugid |
✔ |
✔ |
✔ |
| optional: |
|
|
|
|
| |
administrator |
✔ |
|
|
| |
displayName |
✔ |
|
✔ |
| |
emailAddress |
✔ |
|
✔ |
| |
expirationDate |
✔ |
|
|
| |
groupData |
✔ |
|
✔ |
| |
groupMembership |
✔ |
✔ |
✔ |
| |
labeledURI |
✔ |
|
✔ |
| |
manager |
✔ |
|
|
| |
member |
✔ |
✔ |
✔ |
| |
suppressDisplay |
✔ |
|
✔ |
| |
suppressMembers |
✔ |
|
✔ |
| |
viewer |
✔ |
|
|
objectclass virginiaTechService
| superior: |
top |
|
|
|
| required: |
|
|
|
|
| |
|
ED-ID |
ED-Auth |
ED-Lite |
| |
accountState |
✔ |
|
|
| |
administrator |
✔ |
|
|
| |
certificate |
✔ |
|
|
| |
contactPerson |
✔ |
|
|
| |
creationDate |
✔ |
|
|
| |
serviceDN |
✔ |
|
|
| |
serviceType |
✔ |
|
|
| |
uid |
✔ |
|
|
| |
uusid |
✔ |
|
|
| optional: |
|
|
|
|
| |
endpointBinding |
✔ |
|
|
| |
endpointProtocol |
✔ |
|
|
| |
endpointURI |
✔ |
|
|
| |
expirationDate |
✔ |
|
|
| |
viewablePersonAttribute |
✔ |
|
|
objectclass virginiaTechEntitlement
| superior: |
top |
|
|
|
| required: |
|
|
|
|
| |
|
ED-ID |
ED-Auth |
ED-Lite |
| |
creationDate |
✔ |
|
|
| |
entitlement |
✔ |
|
|
| |
manager |
✔ |
|
|
| |
uid |
✔ |
|
|
| optional: |
|
|
|
|
| |
entitled |
✔ |
|
|
| |
expirationDate |
✔ |
|
|
| |
sponsor |
✔ |
|
|
| |
viewer |
✔ |
|
|
objectclass virginiaTechOrganization
| superior: |
top |
|
|
|
| required: |
|
|
|
|
| |
|
ED-ID |
ED-Auth |
ED-Lite |
| |
orgCode |
✔ |
|
|
| |
orgTitle |
✔ |
|
|
| |
orgLevel |
✔ |
|
|
| |
orgLevelCode |
✔ |
|
|
| |
uid |
✔ |
|
|
| |
orgStatus |
✔ |
|
|
| optional: |
|
|
|
|
| |
creationDate |
✔ |
|
|
| |
orgEmployee |
✔ |
|
|
| |
orgLevelCode 1 |
✔ |
|
|
| |
orgLevelCode 2 |
✔ |
|
|
| |
orgLevelCode 3 |
✔ |
|
|
| |
orgLevelCode 4 |
✔ |
|
|
| |
orgLevelCode 5 |
✔ |
|
|
| |
orgLevelCode 6 |
✔ |
|
|
Object Classes
Objectclass virginiaTechPerson
See detailed schema reference.
Objectclass virginiaTechGroup
administrator
| Required: |
No |
| Cardinality: |
multi |
| Indexing: |
equality, presence |
| Definition: |
These are the DNs of the people who may administer this group. |
| Notes: |
|
| Example: |
administrator: uid=987654,ou=People,dc=vt,dc=edu |
| Required: |
Yes |
| Cardinality: |
multi |
| Indexing: |
equality, presence |
| Definition: |
This is the DN of the person who should receive any correspondence for the group. |
| Notes: |
This is the person that will be contacted for administrative purposes (such a group renewal announcements). If a group email address isn’t specified this person will also get the daily correspondence for this group. |
| Example: |
contactPerson: uid=1234567,ou=People,dc=vt,dc=edu |
creationDate
| Required: |
Yes |
| Cardinality: |
single |
| Indexing: |
none |
| Definition: |
This is the date the group was added to the directory. |
| Notes: |
Time is 24 hour based. Format is yyyy-mm-ddThh:mm:ssTZD TZD = Time Zone Designator. For the Eastern Time zone this is –0500 |
| Example: |
creationDate: 2001-11-09T15:25:15-0500 |
displayName
| Required: |
No |
| Cardinality: |
single |
| Indexing: |
none |
| Definition: |
This represents the human readable name of a group and will be displayed in place of, or along side of, the group’s uugid. |
| Notes: |
This name is not guaranteed to be unique. |
| Example: |
displayName: Karate Club |
emailAddress
| Required: |
No |
| Cardinality: |
single |
| Indexing: |
none |
| Definition: |
This is the email address that everyday correspondence to the group should be sent to. |
| Notes: |
If no email address is specified email correspondence will be sent to the contact person’s email address. |
| Example: |
emailAddress: karate_club@vt.edu |
expirationDate
| Required: |
No |
| Cardinality: |
single |
| Indexing: |
none |
| Definition: |
This is the date the group is set to expire from the directory. |
| Notes: |
Time is 24 hour based. Format is yyyy-mm-ddThh:mm:ssTZD TZD = Time Zone Designator. For the Eastern Time zone this is –0500 |
| Example: |
expirationDate: 2001-11-09T15:25:15-0500 |
groupData
| Required: |
No |
| Cardinality: |
multi |
| Indexing: |
none |
| Definition: |
This field allows a group to store additional information about the group, which may be displayed along with other group information. |
| Notes: |
Some information that may be included here is a telephone number, an address, other websites, etc. Valid XHTML may be included to added emphasis to certain items. |
| Example: |
groupData: Meets on Thursdays from 5-7 |
groupMembership
| Required: |
No |
| Cardinality: |
multi |
| Indexing: |
equality, presence |
| Definition: |
A list of the group DNs this group is a member of. |
| Notes: |
|
| Example: |
groupMembership: uugid=bioclub,ou=Groups,dc=vt,dc=edu |
labeledURI
| Required: |
No |
| Cardinality: |
multi |
| Indexing: |
none |
| Definition: |
Webpage(s) associated with the group. |
| Notes: |
The format for this attribute is “label:url”, where the label describes the link and the url is the URL of the link. |
| Example: |
labeledURI: homepage:http://filebox.vt.edu/karate_club |
manager
| Required: |
No |
| Cardinality: |
multi |
| Indexing: |
none |
| Definition: |
A list of the DNs who are managers of this group. |
| Notes: |
|
| Example: |
manager: uid=1234567,ou=people,dc=vt,dc=edu |
member
| Required: |
No |
| Cardinality: |
multi |
| Indexing: |
equality, presence |
| Definition: |
A list of the DNs who are members of this group. May include person and/or group DNs. |
| Notes: |
|
| Example: |
member: uid=1234567,ou=people,dc=vt,dc=edu |
suppressDisplay
| Required: |
No |
| Cardinality: |
single |
| Indexing: |
none |
| Definition: |
Whether this group’s entire record should be suppressed from public view. |
| Notes: |
|
| Example: |
suppressDisplay: true |
suppressMembers
| Required: |
No |
| Cardinality: |
single |
| Indexing: |
none |
| Definition: |
Whether this group’s membership should be suppressed from public view. |
| Notes: |
|
| Example: |
suppressMembers: true |
uid
| Required: |
Yes |
| Cardinality: |
single |
| Indexing: |
equality |
| Definition: |
The unique indentifier for this group. Corresponds to the sequence number in the Registry. |
| Notes: |
|
| Example: |
uid: 1 |
uugid
| Required: |
Yes |
| Cardinality: |
single |
| Indexing: |
equality, substring, presence |
| Definition: |
This Universally Unique Group Identifier is the unique identifier of a group within the directory. |
| Notes: |
|
| Example: |
|
viewer
| Required: |
No |
| Cardinality: |
multi |
| Indexing: |
none |
| Definition: |
The DNs that may view this group and its membership. |
| Notes: |
|
| Example: |
user: uusid=exampleService,ou=Services,dc=vt,dc=edu |
Objectclass virginiaTechService
accountState
| Required: |
Yes |
| Cardinality: |
single |
| Indexing: |
none |
| Definition: |
The current state of this service account. |
| Notes: |
May be one of two values: active or inactive. |
| Example: |
accountState: active |
administrator
| Required: |
Yes |
| Cardinality: |
multi |
| Indexing: |
equality, presence |
| Definition: |
A list of people DNs that may administer a service. |
| Notes: |
Administrators may add or remove authorized users from a service. |
| Example: |
administrator: uid=1254884,ou=People,dc=vt,dc=edu |
| Required: |
Yes |
| Cardinality: |
single |
| Indexing: |
equality, presence |
| Definition: |
This is the DN of the person who is ultimately responsible for this service. |
| Notes: |
|
| Example: |
contactPerson: uid=987654,ou=People,dc=vt,dc=edu |
creationDate
| Required: |
Yes |
| Cardinality: |
single |
| Indexing: |
none |
| Definition: |
This is the date the service was added to the directory. |
| Notes: |
Time is 24 hour based. Format is yyyy-mm-ddThh:mmTZD TZD = Time Zone Designator. For the Eastern Time zone this is –0500 |
| Example: |
creationDate: 2001-11-09T15:25:15-0500 |
certificate
| Required: |
Yes |
| Cardinality: |
multi |
| Indexing: |
none |
| Definition: |
The public certificate of the service |
| Notes: |
|
| Example: |
|
endpointBinding
| Required: |
No |
| Cardinality: |
multi |
| Indexing: |
none |
| Definition: |
The endpoint binding. |
| Notes: |
|
| Example: |
endpointBinding: POST |
endpointProtocol
| Required: |
No |
| Cardinality: |
multi |
| Indexing: |
none |
| Definition: |
The endpoint protocol. |
| Notes: |
|
| Example: |
endpointProtocol: SAML |
endpointURI
| Required: |
No |
| Cardinality: |
multi |
| Indexing: |
none |
| Definition: |
The endpoint URI. |
| Notes: |
|
| Example: |
endpointURI: https://foo.com/bar |
expirationDate
| Required: |
No |
| Cardinality: |
single |
| Indexing: |
none |
| Definition: |
This is the date the service is set to expire from the directory. |
| Notes: |
Time is 24 hour based. Format is yyyy-mm-ddThh:mm:ssTZD TZD = Time Zone Designator. For the Eastern Time zone this is –0500 |
| Example: |
expirationDate: 2001-11-09T15:25:15-0500 |
serviceDN
| Required: |
Yes |
| Cardinality: |
multi |
| Indexing: |
equality |
| Definition: |
The DN of the service certificate |
| Notes: |
The serviceDN must map to the certificate that did TLS client authentication to ED-LDAP for the service to have any privileges other than anonymous access. |
| Example: |
cn=ED-ID Service,ou=1,ou=Middleware-Client,o=Virginia Polytechnic Institute and State University,l=Blacksburg,st=Virginia,c=US,dc=vt,dc=edu |
serviceType
| Required: |
Yes |
| Cardinality: |
single |
| Indexing: |
none |
| Definition: |
This is the service type of the service. |
| Notes: |
Personal services may view any non-suppressed person attribute as well as any suppressed attribute in it’s view access control list (vACL) for the authenticated user originating the request, and may only display that information to that authenticated user. In other words a personal service will show you any of your suppressed attributes in its vACL, but only to you. Private services may view any non-suppressed person attribute as well as any suppressed attribute in its vACL for any person, however it may not make this information publicly viewable. |
| Example: |
serviceType: personal |
uid
| Required: |
Yes |
| Cardinality: |
single |
| Indexing: |
equality |
| Definition: |
The unique indentifier for this service. Corresponds to the sequence number in the Registry. |
| Notes: |
|
| Example: |
uid: 1 |
uusid
| Required: |
Yes |
| Cardinality: |
single |
| Indexing: |
equality, substring, presence |
| Definition: |
This Universally Unique Service Id is the unique identifier of a service within the directory. |
| Notes: |
|
| Example: |
uusid: filebox |
viewablePersonAttribute
| Required: |
No |
| Cardinality: |
multi |
| Indexing: |
equality, presence |
| Definition: |
This is a list of virginiaTechPerson attributes that this service may view. |
| Notes: |
This list in used in conjunction with the service type to determine what usersuppressed fields a service can view. |
| Example: |
viewablePersonAttribute: mail |
Objectclass virginiaTechEntitlement
creationDate
| Required: |
Yes |
| Cardinality: |
single |
| Indexing: |
none |
| Definition: |
This is the date the entitlement was added to the directory. |
| Notes: |
Time is 24 hour based. Format is yyyy-mm-ddThh:mmTZD TZD = Time Zone Designator. For the Eastern Time zone this is –0500 |
| Example: |
creationDate: 2001-11-09T15:25:15-0500 |
entitled
| Required: |
No |
| Cardinality: |
multi |
| Indexing: |
none |
| Definition: |
A DN that represents the entry with this virginiaTechEntitlement. |
| Notes: |
Only people can currently have entitlements. In the future, this may be expanded to include services and groups. |
| Example: |
entitled: uid=1152120,ou=People,dc=vt,dc=edu |
entitlement
| Required: |
Yes |
| Cardinality: |
single |
| Indexing: |
none |
| Definition: |
A string that identifies the virginiaTechEntitlement |
| Notes: |
May coexist with eduPersonEntitlement in the future. |
| Example: |
entitlement: middleware:dat:person:create |
expirationDate
| Required: |
No |
| Cardinality: |
single |
| Indexing: |
none |
| Definition: |
The date this virginiaTechEntitlement will expire. |
| Notes: |
Time is 24 hour based. Format is yyyy-mm-ddThh:mm:ssTZD TZD = Time Zone Designator. For the Eastern Time zone this is -0500 |
| Example: |
expirationDate: 2001-11-09T15:25:15-0500 |
manager
| Required: |
Yes |
| Cardinality: |
multi |
| Indexing: |
none |
| Definition: |
The DN of the service that manages this virginaTechEntitlement. |
| Notes: |
Though this will initially only contain service DNs, it may contain people or group DNs in the future. This attribute is defined as multi-valued in RFC1274 (used by inetOrgPerson), but it should always contain one value. This will be enforced through replication. |
| Example: |
manager: uusid=service-manager,ou=Services,dc=vt,dc=edu |
| Required: |
No |
| Cardinality: |
single |
| Indexing: |
none |
| Definition: |
The DN that is sponsoring this virginiaTechEntitlement. |
| Notes: |
Initially this will be a person DN, but in the future it may contain service or group DNs. |
| Example: |
sponsor: uid=1152120,ou=People,dc=vt,dc=edu |
uid
| Required: |
Yes |
| Cardinality: |
single |
| Indexing: |
equality |
| Definition: |
The unique identifier for this virginiaTechEntitlement. Corresponds to VTENTITLEMENTS.VTENTITLEMENT_SEQNO in the Registry. |
| Notes: |
Not to be confused with a person, group, or service uid. |
| Example: |
uid: 1 |
viewer
| Required: |
No |
| Cardinality: |
multi |
| Indexing: |
none |
| Definition: |
The DNs that may view this virginiaTechEntitlement. |
| Notes: |
Similar to a group’s viewer. |
| Example: |
viewer: uusid=viewer-service,ou=Services,dc=vt,dc=edu |
Objectclass virginiaTechOrganization
orgCode
| Required |
Yes |
| Cardinality: |
single |
| Indexing: |
equality |
| Definition: |
The organization code. |
| Example: |
orgCode: 066103 |
orgTitle
| Required |
Yes |
| Cardinality: |
single |
| Indexing: |
equality, substring |
| Definition: |
The human readable organization title. |
| Example: |
orgTitle: Middleware & Identity Apps |
orgLevel
| Required |
Yes |
| Cardinality: |
single |
| Indexing: |
none |
| Definition: |
The numeric level of this organization. |
| Example: |
orgLevel: 6 |
orgLevelCode
| Required |
Yes |
| Cardinality: |
multi |
| Indexing: |
equality |
| Definition: |
An organization level code. |
| Example: |
orgLevelCode: 066103 |
orgStatus
| Required |
Yes |
| Cardinality: |
single |
| Indexing: |
equality |
| Definition: |
The organization status. |
| Example: |
orgStatus: A |
orgEmployee
| Required |
Yes |
| Cardinality: |
single |
| Indexing: |
equality |
| Definition: |
The DNs of the employees in this organization. |
| Example: |
orgEmployee: uid=1152120,ou=People,dc=vt,dc=edu |
orgLevelCode[1-6]
| Required |
Yes |
| Cardinality: |
multi |
| Indexing: |
equality |
| Definition: |
The organization level code with the level number. |
| Example: |
orgLevelCode6: 066103 |
uid
| Required: |
Yes |
| Cardinality: |
single |
| Indexing: |
equality |
| Definition: |
The unique indentifier. |
| Notes: |
|
| Example: |
uid: 1 |
creationDate
| Required: |
No |
| Cardinality: |
single |
| Indexing: |
none |
| Definition: |
This is the date the organization was added to the directory. |
| Notes: |
Time is 24 hour based. Format is yyyy-mm-ddThh:mm:ssTZD TZD = Time Zone Designator. For the Eastern Time zone this is –0500 |
| Example: |
creationDate: 2001-11-09T15:25:15-0500 |
Change Log
1.0 -> 1.1
- Added type “meeting” to the addressType attribute of the address object class
- Added memberOf attribute to virginiaTechPerson object class
- Added groupType attribute to group object class
1.1 -> 1.2
- Renamed address, group, and service objectclasses to virginiaTechAddress, virginiaTechGroup, virginiaTechService respectively
- Removed alternateID, userOfService, serviceExpirationDate, serviceAddDate, and groupVisibility from person object
- Added bannerPIDM, chapSecret, departmentNumber, previousVirginiaTechID, and virginiaTechID attributes to person
- Renamed memberOf attribute in person object to isMemberOf
- Renamed currentState to accountState to bring schema inline with ED-Auth schema
- Renamed responsibleID attribute in person object to responsiblePerson
- Removed groupType attribute from groups
- Added allowedServices attribute to groups
- Removed user and viewableGroup attributes from service
- Added contactPerson attribute to services
- Renamed credential attribute on services to certificate
1.2 -> 1.3
- Added legalName, majorCode, mailPreferredAddress, mailForwardingAddress, localPhone, localPostalAddress, mailStop, and title attributes
- Changed the definitions of homePhone and homePostalAddress such that they only contain home address data
- Changed the definitions of c, facsimileTelephoneNumber, l, postalAddress, postalCode, postalOfficeBox, st, street, and telephoneNumber such that they only contain business address data
- Moved address, c, homepostalAddress, postalAddress, and postalCode from required attributes to optional attributes
- Changed address definition to refer to address dn.
1.3 -> 1.4
- Added mailAlias
- Added mailAccount
- Added lastEnrollmentTermCode
- Changed lastEnrollmentTerm to be the human readable form of lastEnrollmentTermCode
- Added nextEnrollmentTermCode
- Changed nextEnrollmentTerm to be the human readable form of nextEnrollmentTermCode
- In addresses, changed the definition of country so that it is no longer a required attribute
1.4 -> 1.5
- Added suppressDisplay attribute for people
- Moved administrator from required to optional for services
- Renamed isMemberOf attribute in person object to groupMembership
- Finalized group schema
- Updated documentation for attributes that claim to contain UIDs, they really contain DNs
1.5 -> 1.6
- Removed amateurRadioCallsign
- Removed unixUid
- Removed previousVirginiaTechID
- Added personData
- accountState, passwordState, userPassword, and uupid are no longer required attributes for virginiaTechPerson
1.6 -> 1.7
- Added homeFAX, homeMobile, homePager, localFAX, localMobile, and localPager
- Made localPhone multi-value
- Renamed facsimileNumber to facsimileTelephoneNumber in virginiaTechAddress
- Added personType
- Made city and postalCode optional in virginiaTechAddress
1.7 -> 1.8
- Added accountCreationDate, accountExpirationDate, accountShelveDate, classLevel, classLevelCode to virginiaTechPerson
- Made uid a required attribute for virginiaTechService and virginiaTechGroup
- Added manager and suppressMembers to virginiaTechGroup
1.8 -> 1.9
- Add virginiaTechEntitlement objectclass.
- Remove joinability and leaveability from virginiaTechGroup.
- Add suppressEmployeeDisplay to virginiaTechPerson.
- Make contactPerson multi-valued.
- Add serviceDN to virginiaTechService.
- Make certificate multi-valued.
- Add authId and guestId.
1.9 -> 1.10
- Add required attribute gender to virginiaTechPerson.
- Add optional attribute employeeOffCampus to virginiaTechPerson.
1.10 -> 1.11
- Change legalName to bannerName. Keep legalName as an alias to bannerName.
- Add udcIdentifier.
1.12 -> 1.13
1.13 -> 1.14
- Add confidentialFlag.
- Add accountRecoveryMaintenanceDate
1.14 -> 1.15
- Add virginiaTechAffiliation
- Note preference of using vtAffiliation instead of eduPersonAffilation.
1.15 -> 1.16
- Replace chapSecret with networkPassword.
1.16 -> 1.17
- Add passwordExpirationDate.
1.17 -> 1.18
- Add groupMembershipUugid.
- Add virginiaTechOrganization:
- orgCode
- orgTitle
- orgLevel
- orgLevelCode
- orgStatus
- orgEmployee
- orgLevelCode1
- orgLevelCode2
- orgLevelCode3
- orgLevelCode4
- orgLevelCode5
- orgLevelCode6
- Add passwordChangeDate.
1.18 -> 1.19
- Add mailAuxiliaryAccount.
1.19 -> 1.20
- Remove virginiaTechAddress.