Enterprise Directory Schema

Release	1.19
Date	2018-02-12

About this Document

This document is the schema for the first phase of the Enterprise Directory system. It contains most of the demographic data about a person that will be in the final phase of the Enterprise Directory, with the exception of those attributes which a person will have direct control over as this directory does not allow for writes. It also contains group and service entry representation.

ED-Auth, ED-Lite, and ED-ID attributes are marked in the objectClass outline sections.

Layout

This document will begin with an outline of the schema used in the ED-LDAP directory which will give the object class and attributes in the class as well as the DIT for the directory. An in-depth description of each attribute will follow the outline.

Indexing

As with databases, LDAP directories provide a mechanism for creating indexes. Searching on indexed attributes provide far faster results than searching on non-indexed fields. The two most common types of indexing for LDAP directories are equality and substring. Those attributes marked as being equality indexed allow exact match searches to be performed against them. Attributes indexed in a substring manner allow wildcard searches to be performed against them. If an attribute is marked as having both equality and substring indexes, the equality search will perform better and should be used if possible. The equality index is used when no wildcard character appears in the string being searched for.

Schema Outline

ObjectClass Outline

objectclass virginiaTechPerson

See detailed schema reference for complete attribute definitions.

*superior:*	top
*required:*
		ED-ID	ED-Auth	ED-Lite
	cn	✔		✔
	creationDate	✔
	eduPersonAffiliation	✔	✔
	eduPersonPrimaryAffiliation	✔	✔
	gender	✔
	personType	✔
	sn	✔		✔
	uid	✔	✔	✔
	virginiaTechAffiliation	✔	✔
*optional:*
	accountCreationDate	✔
	accountExpirationDate	✔
	accountRecoveryMaintenanceDate	✔
	accountShelveDate	✔
	accountState	✔	✔
	address	✔
	authId	✔	✔
	bannerName	✔
	bannerPIDM	✔
	c	✔		✔
	campus	✔
	classLevel	✔
	classLevelCode	✔
	confidentialFlag	✔
	dateOfBirth	✔
	degreeType	✔
	department	✔		✔
	departmentNumber	✔		✔
	displayName	✔		✔
	eduPersonPrincipalName	✔
	employeeOffCampus	✔
	expirationDate	✔
	facsimileTelephoneNumber	✔
	givenName	✔		✔
	groupAddDate	✔
	groupExpireDate	✔
	groupMembership	✔	✔
	groupMembershipUugid	✔	✔
	guestId	✔	✔
	homeFAX	✔
	homeMobile	✔
	homePager	✔
	homePhone	✔
	homePostalAddress	✔
	initials	✔
	instantMessagingID	✔		✔
	jpegPhoto	✔
	l	✔		✔
	labeledURI	✔		✔
	lastEnrollmentTerm	✔
	lastEnrollmentTermCode	✔
	localFAX	✔
	localMobile	✔
	localPager	✔
	localPhone	✔		✔
	localPostalAddress	✔		✔
	mail	✔
	mailAccount	✔
	mailAlias	✔
	mailAuxiliaryAccount	✔
	mailExternalAddress	✔
	mailForwardingAddress	✔
	mailPreferredAddress	✔		✔
	mailStop	✔		✔
	major	✔		✔
	majorCode	✔
	middleName	✔		✔
	mobile	✔
	networkPassword	✔
	nextEnrollmentTerm	✔
	nextEnrollmentTermCode	✔
	pager	✔
	passwordChangeDate	✔	✔
	passwordExpirationDate	✔	✔
	passwordState	✔	✔
	personData	✔		✔
	postalAddress	✔		✔
	postalCode	✔		✔
	postOfficeBox	✔		✔
	preferredLanguage	✔
	publicKey	✔		✔
	responsiblePerson	✔
	st	✔		✔
	street	✔		✔
	studentLevelCode	✔
	suppressEmployeeDisplay	✔
	suppressDisplay	✔
	suppressedAttribute	✔
	telephoneNumber	✔		✔
	title	✔		✔
	udcIdentifier	✔
	undergraduateLevel	✔
	userCertificate	✔		✔
	userPassword	✔	✔
	userSMIMECertificate	✔		✔
	uupid	✔	✔	✔
	virginiaTechID	✔

objectclass virginiaTechGroup

*superior:*	top
*required:*
		ED-ID	ED-Auth	ED-Lite
	contactPerson	✔
	creationDate	✔
	uid	✔	✔	✔
	uugid	✔	✔	✔
*optional:*
	administrator	✔
	displayName	✔		✔
	emailAddress	✔		✔
	expirationDate	✔
	groupData	✔		✔
	groupMembership	✔	✔	✔
	labeledURI	✔		✔
	manager	✔
	member	✔	✔	✔
	suppressDisplay	✔		✔
	suppressMembers	✔		✔
	viewer	✔

objectclass virginiaTechService

*superior:*	top
*required:*
		ED-ID	ED-Auth	ED-Lite
	accountState	✔
	administrator	✔
	certificate	✔
	contactPerson	✔
	creationDate	✔
	serviceDN	✔
	serviceType	✔
	uid	✔
	uusid	✔
*optional:*
	endpointBinding	✔
	endpointProtocol	✔
	endpointURI	✔
	expirationDate	✔
	viewablePersonAttribute	✔

objectclass virginiaTechEntitlement

*superior:*	top
*required:*
		ED-ID	ED-Auth	ED-Lite
	creationDate	✔
	entitlement	✔
	manager	✔
	uid	✔
*optional:*
	entitled	✔
	expirationDate	✔
	sponsor	✔
	viewer	✔

objectclass virginiaTechOrganization

*superior:*	top
*required:*
		ED-ID	ED-Auth	ED-Lite
	orgCode	✔
	orgTitle	✔
	orgLevel	✔
	orgLevelCode	✔
	uid	✔
	orgStatus	✔
*optional:*
	creationDate	✔
	orgEmployee	✔
	orgLevelCode 1	✔
	orgLevelCode 2	✔
	orgLevelCode 3	✔
	orgLevelCode 4	✔
	orgLevelCode 5	✔
	orgLevelCode 6	✔

Object Classes

Objectclass virginiaTechPerson

See detailed schema reference.

Objectclass virginiaTechGroup

administrator

*Required:*	No
*Cardinality:*	multi
*Indexing:*	equality, presence
*Definition:*	These are the DNs of the people who may administer this group.
*Notes:*
*Example:*	administrator: uid=987654,ou=People,dc=vt,dc=edu

contactPerson

*Required:*	Yes
*Cardinality:*	multi
*Indexing:*	equality, presence
*Definition:*	This is the DN of the person who should receive any correspondence for the group.
*Notes:*	This is the person that will be contacted for administrative purposes (such a group renewal announcements). If a group email address isn’t specified this person will also get the daily correspondence for this group.
*Example:*	contactPerson: uid=1234567,ou=People,dc=vt,dc=edu

creationDate

*Required:*	Yes
*Cardinality:*	single
*Indexing:*	none
*Definition:*	This is the date the group was added to the directory.
*Notes:*	Time is 24 hour based. Format is yyyy-mm-ddThh:mm:ssTZD TZD = Time Zone Designator. For the Eastern Time zone this is –0500
*Example:*	creationDate: 2001-11-09T15:25:15-0500

displayName

*Required:*	No
*Cardinality:*	single
*Indexing:*	none
*Definition:*	This represents the human readable name of a group and will be displayed in place of, or along side of, the group’s uugid.
*Notes:*	This name is not guaranteed to be unique.
*Example:*	displayName: Karate Club

emailAddress

*Required:*	No
*Cardinality:*	single
*Indexing:*	none
*Definition:*	This is the email address that everyday correspondence to the group should be sent to.
*Notes:*	If no email address is specified email correspondence will be sent to the contact person’s email address.
*Example:*	emailAddress: karate_club@vt.edu

expirationDate

*Required:*	No
*Cardinality:*	single
*Indexing:*	none
*Definition:*	This is the date the group is set to expire from the directory.
*Notes:*	Time is 24 hour based. Format is yyyy-mm-ddThh:mm:ssTZD TZD = Time Zone Designator. For the Eastern Time zone this is –0500
*Example:*	expirationDate: 2001-11-09T15:25:15-0500

groupData

*Required:*	No
*Cardinality:*	multi
*Indexing:*	none
*Definition:*	This field allows a group to store additional information about the group, which may be displayed along with other group information.
*Notes:*	Some information that may be included here is a telephone number, an address, other websites, etc. Valid XHTML may be included to added emphasis to certain items.
*Example:*	groupData: Meets on Thursdays from 5-7

groupMembership

*Required:*	No
*Cardinality:*	multi
*Indexing:*	equality, presence
*Definition:*	A list of the group DNs this group is a member of.
*Notes:*
*Example:*	groupMembership: uugid=bioclub,ou=Groups,dc=vt,dc=edu

labeledURI

*Required:*	No
*Cardinality:*	multi
*Indexing:*	none
*Definition:*	Webpage(s) associated with the group.
*Notes:*	The format for this attribute is “label:url”, where the label describes the link and the url is the URL of the link.
*Example:*	labeledURI: homepage:http://filebox.vt.edu/karate_club

manager

*Required:*	No
*Cardinality:*	multi
*Indexing:*	none
*Definition:*	A list of the DNs who are managers of this group.
*Notes:*
*Example:*	manager: uid=1234567,ou=people,dc=vt,dc=edu

member

*Required:*	No
*Cardinality:*	multi
*Indexing:*	equality, presence
*Definition:*	A list of the DNs who are members of this group. May include person and/or group DNs.
*Notes:*
*Example:*	member: uid=1234567,ou=people,dc=vt,dc=edu

suppressDisplay

*Required:*	No
*Cardinality:*	single
*Indexing:*	none
*Definition:*	Whether this group’s entire record should be suppressed from public view.
*Notes:*
*Example:*	suppressDisplay: true

suppressMembers

*Required:*	No
*Cardinality:*	single
*Indexing:*	none
*Definition:*	Whether this group’s membership should be suppressed from public view.
*Notes:*
*Example:*	suppressMembers: true

uid

*Required:*	Yes
*Cardinality:*	single
*Indexing:*	equality
*Definition:*	The unique indentifier for this group. Corresponds to the sequence number in the Registry.
*Notes:*
*Example:*	uid: 1

uugid

*Required:*	Yes
*Cardinality:*	single
*Indexing:*	equality, substring, presence
*Definition:*	This Universally Unique Group Identifier is the unique identifier of a group within the directory.
*Notes:*
*Example:*

viewer

*Required:*	No
*Cardinality:*	multi
*Indexing:*	none
*Definition:*	The DNs that may view this group and its membership.
*Notes:*
*Example:*	user: uusid=exampleService,ou=Services,dc=vt,dc=edu

Objectclass virginiaTechService

accountState

*Required:*	Yes
*Cardinality:*	single
*Indexing:*	none
*Definition:*	The current state of this service account.
*Notes:*	May be one of two values: active or inactive.
*Example:*	accountState: active

administrator

*Required:*	Yes
*Cardinality:*	multi
*Indexing:*	equality, presence
*Definition:*	A list of people DNs that may administer a service.
*Notes:*	Administrators may add or remove authorized users from a service.
*Example:*	administrator: uid=1254884,ou=People,dc=vt,dc=edu

contactPerson

*Required:*	Yes
*Cardinality:*	single
*Indexing:*	equality, presence
*Definition:*	This is the DN of the person who is ultimately responsible for this service.
*Notes:*
*Example:*	contactPerson: uid=987654,ou=People,dc=vt,dc=edu

creationDate

*Required:*	Yes
*Cardinality:*	single
*Indexing:*	none
*Definition:*	This is the date the service was added to the directory.
*Notes:*	Time is 24 hour based. Format is yyyy-mm-ddThh:mmTZD TZD = Time Zone Designator. For the Eastern Time zone this is –0500
*Example:*	creationDate: 2001-11-09T15:25:15-0500

certificate

*Required:*	Yes
*Cardinality:*	multi
*Indexing:*	none
*Definition:*	The public certificate of the service
*Notes:*
*Example:*

endpointBinding

*Required:*	No
*Cardinality:*	multi
*Indexing:*	none
*Definition:*	The endpoint binding.
*Notes:*
*Example:*	endpointBinding: POST

endpointProtocol

*Required:*	No
*Cardinality:*	multi
*Indexing:*	none
*Definition:*	The endpoint protocol.
*Notes:*
*Example:*	endpointProtocol: SAML

endpointURI

*Required:*	No
*Cardinality:*	multi
*Indexing:*	none
*Definition:*	The endpoint URI.
*Notes:*
*Example:*	endpointURI: https://foo.com/bar

expirationDate

*Required:*	No
*Cardinality:*	single
*Indexing:*	none
*Definition:*	This is the date the service is set to expire from the directory.
*Notes:*	Time is 24 hour based. Format is yyyy-mm-ddThh:mm:ssTZD TZD = Time Zone Designator. For the Eastern Time zone this is –0500
*Example:*	expirationDate: 2001-11-09T15:25:15-0500

serviceDN

*Required:*	Yes
*Cardinality:*	multi
*Indexing:*	equality
*Definition:*	The DN of the service certificate
*Notes:*	The serviceDN must map to the certificate that did TLS client authentication to ED-LDAP for the service to have any privileges other than anonymous access.
*Example:*	cn=ED-ID Service,ou=1,ou=Middleware-Client,o=Virginia Polytechnic Institute and State University,l=Blacksburg,st=Virginia,c=US,dc=vt,dc=edu

serviceType

*Required:*	Yes
*Cardinality:*	single
*Indexing:*	none
*Definition:*	This is the service type of the service.
*Notes:*	Personal services may view any non-suppressed person attribute as well as any suppressed attribute in it’s view access control list (vACL) for the authenticated user originating the request, and may only display that information to that authenticated user. In other words a personal service will show you any of your suppressed attributes in its vACL, but only to you. Private services may view any non-suppressed person attribute as well as any suppressed attribute in its vACL for any person, however it may not make this information publicly viewable.
*Example:*	serviceType: personal

uid

*Required:*	Yes
*Cardinality:*	single
*Indexing:*	equality
*Definition:*	The unique indentifier for this service. Corresponds to the sequence number in the Registry.
*Notes:*
*Example:*	uid: 1

uusid

*Required:*	Yes
*Cardinality:*	single
*Indexing:*	equality, substring, presence
*Definition:*	This Universally Unique Service Id is the unique identifier of a service within the directory.
*Notes:*
*Example:*	uusid: filebox

viewablePersonAttribute

*Required:*	No
*Cardinality:*	multi
*Indexing:*	equality, presence
*Definition:*	This is a list of virginiaTechPerson attributes that this service may view.
*Notes:*	This list in used in conjunction with the service type to determine what usersuppressed fields a service can view.
*Example:*	viewablePersonAttribute: mail

Objectclass virginiaTechEntitlement

creationDate

*Required:*	Yes
*Cardinality:*	single
*Indexing:*	none
*Definition:*	This is the date the entitlement was added to the directory.
*Notes:*	Time is 24 hour based. Format is yyyy-mm-ddThh:mmTZD TZD = Time Zone Designator. For the Eastern Time zone this is –0500
*Example:*	creationDate: 2001-11-09T15:25:15-0500

entitled

*Required:*	No
*Cardinality:*	multi
*Indexing:*	none
*Definition:*	A DN that represents the entry with this virginiaTechEntitlement.
*Notes:*	Only people can currently have entitlements. In the future, this may be expanded to include services and groups.
*Example:*	entitled: uid=1152120,ou=People,dc=vt,dc=edu

entitlement

*Required:*	Yes
*Cardinality:*	single
*Indexing:*	none
*Definition:*	A string that identifies the virginiaTechEntitlement
*Notes:*	May coexist with eduPersonEntitlement in the future.
*Example:*	entitlement: middleware:dat:person:create

expirationDate

*Required:*	No
*Cardinality:*	single
*Indexing:*	none
*Definition:*	The date this virginiaTechEntitlement will expire.
*Notes:*	Time is 24 hour based. Format is yyyy-mm-ddThh:mm:ssTZD TZD = Time Zone Designator. For the Eastern Time zone this is -0500
*Example:*	expirationDate: 2001-11-09T15:25:15-0500

manager

*Required:*	Yes
*Cardinality:*	multi
*Indexing:*	none
*Definition:*	The DN of the service that manages this virginaTechEntitlement.
*Notes:*	Though this will initially only contain service DNs, it may contain people or group DNs in the future. This attribute is defined as multi-valued in RFC1274 (used by inetOrgPerson), but it should always contain one value. This will be enforced through replication.
*Example:*	manager: uusid=service-manager,ou=Services,dc=vt,dc=edu

*Required:*	No
*Cardinality:*	single
*Indexing:*	none
*Definition:*	The DN that is sponsoring this virginiaTechEntitlement.
*Notes:*	Initially this will be a person DN, but in the future it may contain service or group DNs.
*Example:*	sponsor: uid=1152120,ou=People,dc=vt,dc=edu

uid

*Required:*	Yes
*Cardinality:*	single
*Indexing:*	equality
*Definition:*	The unique identifier for this virginiaTechEntitlement. Corresponds to VTENTITLEMENTS.VTENTITLEMENT_SEQNO in the Registry.
*Notes:*	Not to be confused with a person, group, or service uid.
*Example:*	uid: 1

viewer

*Required:*	No
*Cardinality:*	multi
*Indexing:*	none
*Definition:*	The DNs that may view this virginiaTechEntitlement.
*Notes:*	Similar to a group’s viewer.
*Example:*	viewer: uusid=viewer-service,ou=Services,dc=vt,dc=edu

Objectclass virginiaTechOrganization

orgCode

*Required*	Yes
*Cardinality:*	single
*Indexing:*	equality
*Definition:*	The organization code.
*Example:*	orgCode: 066103

orgTitle

*Required*	Yes
*Cardinality:*	single
*Indexing:*	equality, substring
*Definition:*	The human readable organization title.
*Example:*	orgTitle: Middleware & Identity Apps

orgLevel

*Required*	Yes
*Cardinality:*	single
*Indexing:*	none
*Definition:*	The numeric level of this organization.
*Example:*	orgLevel: 6

orgLevelCode

*Required*	Yes
*Cardinality:*	multi
*Indexing:*	equality
*Definition:*	An organization level code.
*Example:*	orgLevelCode: 066103

orgStatus

*Required*	Yes
*Cardinality:*	single
*Indexing:*	equality
*Definition:*	The organization status.
*Example:*	orgStatus: A

orgEmployee

*Required*	Yes
*Cardinality:*	multi
*Indexing:*	equality
*Definition:*	The DNs of the employees in this organization.
*Example:*	orgEmployee: uid=1152120,ou=People,dc=vt,dc=edu

orgLevelCode[1-6]

*Required*	Yes
*Cardinality:*	multi
*Indexing:*	equality
*Definition:*	The organization level code with the level number.
*Example:*	orgLevelCode6: 066103

uid

*Required:*	Yes
*Cardinality:*	single
*Indexing:*	equality
*Definition:*	The unique indentifier.
*Notes:*
*Example:*	uid: 1

creationDate

*Required:*	No
*Cardinality:*	single
*Indexing:*	none
*Definition:*	This is the date the organization was added to the directory.
*Notes:*	Time is 24 hour based. Format is yyyy-mm-ddThh:mm:ssTZD TZD = Time Zone Designator. For the Eastern Time zone this is –0500
*Example:*	creationDate: 2001-11-09T15:25:15-0500

Change Log

1.0 -> 1.1

Added type “meeting” to the addressType attribute of the address object class
Added memberOf attribute to virginiaTechPerson object class
Added groupType attribute to group object class

1.1 -> 1.2

Renamed address, group, and service objectclasses to virginiaTechAddress, virginiaTechGroup, virginiaTechService respectively
Removed alternateID, userOfService, serviceExpirationDate, serviceAddDate, and groupVisibility from person object
Added bannerPIDM, chapSecret, departmentNumber, previousVirginiaTechID, and virginiaTechID attributes to person
Renamed memberOf attribute in person object to isMemberOf
Renamed currentState to accountState to bring schema inline with ED-Auth schema
Renamed responsibleID attribute in person object to responsiblePerson
Removed groupType attribute from groups
Added allowedServices attribute to groups
Removed user and viewableGroup attributes from service
Added contactPerson attribute to services
Renamed credential attribute on services to certificate

1.2 -> 1.3

Added legalName, majorCode, mailPreferredAddress, mailForwardingAddress, localPhone, localPostalAddress, mailStop, and title attributes
Changed the definitions of homePhone and homePostalAddress such that they only contain home address data
Changed the definitions of c, facsimileTelephoneNumber, l, postalAddress, postalCode, postalOfficeBox, st, street, and telephoneNumber such that they only contain business address data
Moved address, c, homepostalAddress, postalAddress, and postalCode from required attributes to optional attributes
Changed address definition to refer to address dn.

1.3 -> 1.4

Added mailAlias
Added mailAccount
Added lastEnrollmentTermCode
Changed lastEnrollmentTerm to be the human readable form of lastEnrollmentTermCode
Added nextEnrollmentTermCode
Changed nextEnrollmentTerm to be the human readable form of nextEnrollmentTermCode
In addresses, changed the definition of country so that it is no longer a required attribute

1.4 -> 1.5

Added suppressDisplay attribute for people
Moved administrator from required to optional for services
Renamed isMemberOf attribute in person object to groupMembership
Finalized group schema
Updated documentation for attributes that claim to contain UIDs, they really contain DNs

1.5 -> 1.6

Removed amateurRadioCallsign
Removed unixUid
Removed previousVirginiaTechID
Added personData
accountState, passwordState, userPassword, and uupid are no longer required attributes for virginiaTechPerson

1.6 -> 1.7

Added homeFAX, homeMobile, homePager, localFAX, localMobile, and localPager
Made localPhone multi-value
Renamed facsimileNumber to facsimileTelephoneNumber in virginiaTechAddress
Added personType
Made city and postalCode optional in virginiaTechAddress

1.7 -> 1.8

Added accountCreationDate, accountExpirationDate, accountShelveDate, classLevel, classLevelCode to virginiaTechPerson
Made uid a required attribute for virginiaTechService and virginiaTechGroup
Added manager and suppressMembers to virginiaTechGroup

1.8 -> 1.9

Add virginiaTechEntitlement objectclass.
Remove joinability and leaveability from virginiaTechGroup.
Add suppressEmployeeDisplay to virginiaTechPerson.
Make contactPerson multi-valued.
Add serviceDN to virginiaTechService.
Make certificate multi-valued.
Add authId and guestId.

1.9 -> 1.10

Add required attribute gender to virginiaTechPerson.
Add optional attribute employeeOffCampus to virginiaTechPerson.

1.10 -> 1.11

Change legalName to bannerName. Keep legalName as an alias to bannerName.
Add udcIdentifier.

1.12 -> 1.13

Add studentLevelCode.

1.13 -> 1.14

Add confidentialFlag.
Add accountRecoveryMaintenanceDate

1.14 -> 1.15

Add virginiaTechAffiliation
Note preference of using vtAffiliation instead of eduPersonAffilation.

1.15 -> 1.16

Replace chapSecret with networkPassword.

1.16 -> 1.17

Add passwordExpirationDate.

1.17 -> 1.18

Add groupMembershipUugid.
Add virginiaTechOrganization:
- orgCode
- orgTitle
- orgLevel
- orgLevelCode
- orgStatus
- orgEmployee
- orgLevelCode1
- orgLevelCode2
- orgLevelCode3
- orgLevelCode4
- orgLevelCode5
- orgLevelCode6
Add passwordChangeDate.

1.18 -> 1.19

Add mailAuxiliaryAccount.

1.19 -> 1.20

Remove virginiaTechAddress.

About this Document

Layout

Indexing

Schema Outline

ObjectClass Outline

objectclass virginiaTechPerson

objectclass virginiaTechGroup

objectclass virginiaTechService

objectclass virginiaTechEntitlement

objectclass virginiaTechOrganization

Object Classes

Objectclass virginiaTechPerson

Objectclass virginiaTechGroup

administrator

contactPerson

creationDate

displayName

emailAddress

expirationDate

groupData

groupMembership

labeledURI

manager

member

suppressDisplay

suppressMembers

uid

uugid

viewer

Objectclass virginiaTechService

accountState

administrator

contactPerson

creationDate

certificate

endpointBinding

endpointProtocol

endpointURI

expirationDate

serviceDN

serviceType

uid

uusid

viewablePersonAttribute

Objectclass virginiaTechEntitlement

creationDate

entitled

entitlement

expirationDate

manager

sponsor

uid

viewer

Objectclass virginiaTechOrganization

orgCode

orgTitle

orgLevel

orgLevelCode

orgStatus

orgEmployee

orgLevelCode[1-6]

uid

creationDate

Change Log

1.0 -> 1.1

1.1 -> 1.2

1.2 -> 1.3

1.3 -> 1.4

1.4 -> 1.5

1.5 -> 1.6

1.6 -> 1.7

1.7 -> 1.8

1.8 -> 1.9

1.9 -> 1.10

1.10 -> 1.11

1.12 -> 1.13

1.13 -> 1.14

1.14 -> 1.15

1.15 -> 1.16