Naming convention
General Concept
Structure
In order to be able to standardise environments, naming is incredibly important.
The following contents must be included in the name of an entity:
- Object entity (Microsoft Entra ID Group, Intune Configuration Profile, Microsoft Entra ID Administrative Unit, AD Group, etc.)
- Affected Technology (Azure Virtual Desktop, Cloud PC, Modern Workplace, etc.)
- CompanyTag(ELB, PRD, DEV, ALL, etc.)
- Object type (USER, DEVICE, PERMISSION, ALL, etc.)
- Description of Environment in Pascal Case-Convention (I am doing something -> IAmDoingSomething)
- Production status (PROD, NONPROD, TODELETE, etc.)
- (Location)
Hyphen can be used to separate the entities.
Basic concept
<Entity>-<Affected Technology>-<CompanyTag>-<Object>-<Description>-<Status>
|
Tag Name |
Description |
Examplee |
|
Entity |
What is the object? |
ST, RB, CAP, CAR |
|
Affected Technology |
Which technology is affected? |
MW, CVD, AVD, CPC, WIN, INT, MEID, MFT, RB, SPO, EXO, TVW, ALL |
|
Company Tag |
Which scope or Company is affected? |
LNC, XYZ, ALL |
|
Object |
Which objects are affected? |
USER, DEVICE, GROUP, ROLE, PERMISSION, INTUNE, ALL |
|
Description |
What is the purpose? |
Short description in Pascal Case |
|
Status |
How is this object used? |
PROD, NONPROD, DELETED |
|
Location |
In which region or location is the entity stored / created? |
WE, CH, F3 |
For example:
MEID-WIN-ALL-USER-IamDoingSomething-PROD
Summary of abbreviations
Abbreviations for naming convention
This table represents a lot of common usecases and the standardised abbreviations.
| Abbreviation | Meaning | Category |
| MEID | Microsoft Entra ID | Entity, Affected Technology |
| AAP | Azure App Application (App Registration) | Entity |
| ACP | Account Protection Policy | Entity |
| ADAT | Active Directory Attribute Schema | Entity |
| ADCD | Active Directory Child Domain | Entity |
| ADCL | Active Directory Class Schema | Entity |
| ADDG | Active Directory Distribution Group | Entity |
| ADEA | Active Directory External Account | Entity |
| ADFA | Active Directory Functional Account | Entity |
| ADFP | Active Directory Federation Party | Entity |
| ADSA | Active Directory Service Account | Entity |
| ADSG | Active Directory Security Group | Entity |
| ADSI | Active Directory Site | Entity |
| ADSRV | Active Directory Server | Entity |
| ADTA | Active Directory Test Account | Entity |
| ADU | Administrative Unit | Entity |
| ADUSR | Active Directory User | Entity |
| ALL | All Objects | General |
| ANC | Azure Network Connection | Entity |
| APG | Application Group | Entity |
| AVD | Azure Virtual Desktop | Entity, Affected Technology |
| CA | Conditional Access | Entity |
| CAP | Client App | Entity |
| CAR | Custom Azure Role | Entity |
| CERT | Azure Runbook Certificate | Entity |
| CFP | Configuration Profile | Entity |
| CGR | Connection Group | Entity |
| CIM | Cloud PC Custom Image | Entity |
| CLP | Claim Policy | Entity |
| CLS | Client Secret | Entity |
| CPC | Cloud PC | Entity |
| CPP | Compliance Policy | Entity |
| CVD | Citrix Virtual Desktop | Entity |
| DPR | Deployment Profile | Entity |
| DSC | Device Script | Entity |
| ESP | Enrollment Service Profile | Entity |
| FI | Filter | Entity |
| FKEY | Function Key | Entity |
| FUNC | Azure Function | Entity |
| GPO | Group Policy Object | Entity |
| GRT | GroupTag | Entity |
| HP | Host Pool | Entity |
| IAP | Intune App | Entity |
| INT | Intune | Affected Technology |
| IRA | Intune Role Assignment | Entity |
| IRO | Intune Role | Entity |
| LDS | Lightweight Directory Service | Entity |
| MAI | Managed Identity | Entity |
| MC | Machine Catalog | Entity |
| MW | Modern Workplace (3.0) | Entity |
| PP | Provisioning Policy | Entity |
| PRP | Cloud PC Provisioning Policy | Entity |
| PSO | Password Setting Object | Entity |
| RB | Azure Runbook | Entity |
| RG | Resource Group | Entity |
| RS | Remediation Script | Entity |
| RSC | Remediation Script | Entity |
| SCED | Azure Runbook Schedule | Entity |
| SCP | Scaling Plan | Entity |
| SCT | Intune Scope Tag | Entity |
| SP | Service Principle | Entity |
| ST | Storage Table | Entity |
| STT | Azure Storage Table | Entity |
| TVG | TeamViewer Group | Entity |
| TVP | TeamViewer Policy | Entity |
| TVW | TeamViewer | Affected Technology |
| UP | Update Policy | Entity |
| USE | Cloud PC User Settings | Entity |
| VAR | Azure Runbook Variable | Entity |
| WIN | Windows Devices | Affected Technology |
| WSP | AVD Workspaces | Entity |
Namings specific to technology
This technology specifc naming convention was created to have a standardised naming solution.
Microsoft Entra ID
Group
MEID-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>
Example: MEID-WIN-ALL-USER-IAmDoingSomething-NONPROD
AllUsers Group
MEID-<Technology>-<CompanyTag>-USER-AllCompanyUsers-<Status>
Example: MEID-ALL-LNC-USER-CompanyAllUsers-PROD
AllAdmins Group
MEID-<Technology>-<CompanyTag>-USER-AllAdminAccounts-<Status>
Example: MEID-WIN-LNC-USER-CompanyAllAdmins-PROD
Conditional Access
CA-<Technology>-<CompanyTag>-SETTING-<Description>-<Status>
Example: CA-WIN-ALL-SETTING-IamDoingSomething-PROD
Custom Azure Rolle
CAR-MEID-ALL-ROLE-<Description>-<Status>
Example: CAR-MEID-ALL-ROLE-CompanyReader-PROD
Administrative Unit
ADU-<Technology>-<CompanyTag>-GROUPS-<Description>-<Status>
Example: ADU-WIN-LNC-GROUPS-Role01-PROD
App (Registration)
APR-<Technology>-<CompanyTag>-PERMISSION-<Description>-<Status>
Example: APR-RB-LNC-PERMISSION-CleanUpMEIDDevices-PROD
Service Principal
SP-<Technology>-<CompanyTag>-PERMISSION-<Description>-<Status>
Example: SP-SPO-LNC-PERMISSION-SiteXYZ-PROD
Client Secret
CLS-<Technology>-<CompanyTag>-SECRET-<Description>-<Status>
Connector Group
CGR-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>
Connector
<FQDNServer>
Claim Policy
CLP-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>
Managed Identity
MAI-<Technology>-<CompanyTag>-PERMISSION-<Description>-<Status>
Example: MAI-FUNC-LNC-PERMISSION-CreateProfile-PROD
Custom Role
CAR-<Technology>-<CompanyTag>-SETTING-<Description>-<Status>
CAR-MEID-ALL-SETTING-<Description>-<Status>
Access Package
APA-<Technology>-<CompanyTag>-ACCESS-<Description>-<Status>
Example: APA-MEID-LNC-ACCESS-App1-NONPROD
Log Analytics Workspace
LAW-<Technology>-<CompanyTag>-ACCESS-<Description>-<Status>
Example: LAW-MEID-LNC-LOG-EntraIDLogs-PROD
Intune
Deployment Profile
DEP-<Technology>-<CompanyTag>-DEVICE-<Description>-<Status>
Example: DEP-WIN-LNC-DEVICE-CompanyProfile-PROD
Devicename
<Technology>-<CompanyTag>-<Serialnumber>
Zum Example:
MWP-LNC-4CE0460D0G-> Modern Workplace (physical)
CPC-LNC-4CE0460D0G-> Cloud PC Workplace
AVD-LNC-4CE0460D0G-> Azure Virtual Desktop Workplace
CVD-LNC-4CE0460D0G-> Citrix Virtual Desktop Workplace
GroupTag
GRT-<Technology>-<CompanyTag>-DEVICE-<Description>-<Status>
Example: GRT-WIN-LNC-DEVICE-CompanyDevice-PROD
Enrollment Service Profile
ESP-<Technology>-<CompanyTag>-DEVICE-<Description>-<Status>
Example: ESP-WIN-LNC-DEVICE-CompanyEnrollment-PROD
Filter
FI-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>
Example: FI-CPC-LNC-DEVICE-CompanyDevices-PROD
Configuration Profile
CFP-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>
Example: CFP-WIN-ALL-DEVICE-SecurityBaselines-PROD
Compliance Policy
CPP-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>
Example: CPP-WIN-LNC-USER-BitlockerActivation-NONPROD
Device Script
DSC-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>
Example: DSC-WIN-ALL-DEVICE-InstallFollowMePrint-PROD
Remediation Script
RSC-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>
Example: RSC-WIN-LNC-PS1-EnableSecureBoot-NONPROD
Update Policy
UP-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>
Example: UPP-WIN-ALL-DEVICE-Ring1CIT -PROD
Scope Tag
SCT-<Technology>-<CompanyTag>-INTUNE-<Description>-<Status>
Example: SCT-INT-LNC-INTUNE-CompanyObjects-PROD
Custom Intune Rollen
IRO-<Technology>-<CompanyTag>-ROLE-<Description>-<Status>
Example: IRO-CVD-LNC-ROLE-LimitedIntuneReader-PROD
Intune Role Assignment
IRA-INT-<CompanyTag>-ROLE-<RollenName>-<STATUS>
Example: IRA-INT-LNC-ROLE-CompanyReader-PROD
Account Protection Policy
ACP-<Technology>-<CompanyTag>-DEVICE-<Serialnumber>-<Status>
Example: ACP-WIN-LNC-DEVICE-5CG9272S38-PROD
Intune Apps
IAP-<Technology>-<CompanyTag>-APP-<AppManufacturer>.<AppName>-<Status>
Example: IAP-ALL-LNC-APP-Microsoft.PowerToys-PROD
Endpoint Privilege Management Profile
EPM-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>
Example: EPM-CPC-LNC-DEVICE-AutoDeskApp-NONPROD
TeamViewer
TeamViewer Policy
TVP-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>
Example: TVP-ALL-ALL-DEVICE-AllCompanyDevices-PROD
TeamViewer Device Group
TVG-<Technology>-<CompanyTag>-DEVICE-<Description>-<Status>
Example: TVG-ALL-LNC-DEVICE-AllCompanyDevices-PROD
Cloud PC
Provisioning Policy
PRP-CPC-<CompanyTag>-USER-<Description>-<Status>
Example: PRP-CPC-LNC-USER-CloudPCAdvanced-PROD
Azure Network Connections Policy
ANC-CPC-<CompanyTag>-DEVICE-<Description>-<Status>
Example: ANC-CPC-LNC-DEVICE-CloudPCStandardAdmin-PROD
User Settings
USE-CPC-<CompanyTag>-USER-<Description>-<Status>
Example: USS-CPC-LNC-USER-RestorePointFrequency-PROD
Custom Image
CIM-CPC-<CompanyTag>-IMAGE-<Description>-<Status>
Example: CIM-CPC-LNC-IMAGE-RestorePointFrequency-PROD
Azure Virtual Desktop
MEID App Groups
MEID-AVD-<CompanyTag>-USER-<Description>-<Status>
Example: MEID-AVD-LNC-USER-APP.Microsoft.Office-PROD
Application Groups
APG-AVD-<CompanyTag>-APP-<Description>-<Status>-<Location>
Example: APG-AVD-LNC-APP-Messerli.BauAD-PROD-WE
Host Pools
HPO-AVD-<CompanyTag>-APPGROUP-<Description>-<Status>-<Location>
Example: HP-AVD-IFB-APPGROUP-AppPool-PROD-WE
Workspaces
WSP-AVD-<CompanyTag>-APPGROUP-<Description>-<Status>-<Location>
Example: WS-AVD-ELB-APPGROUP-<Description>-PROD-WE
Scaling Plan
SCP-AVD-<CompanyTag>-HOSTPOOL-<Description>-<Status>-<Location>
SCP-AVD-LNC-HOSTPOOL-<Description>-PROD-WE
Citrix Virtual Desktop
GPO
GPO-CVD-<CompanyTag>-DEVICE-<Description>-<Status>
Example: GPO-CVD-LNC-DEVICE-IntuneJoin-PROD
APP Group
ADG-CVD-<CompanyTag>-<Object>-<AppManufacturer>.<AppName>-<Status>
Example: ADG-CVD-ALL-USER-APP.Microsoft.PowerToys-PROD
Machine Catalog
MAC-CVD-<CompanyTag>-DEVICE-<Description>-<Status>
Example: MC-CVD-LNC-DEVICE-Sidoun-PROD
Active Directory
Security Groups
ADSG-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>
Distribution Group
ADDG-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>
Federation Group
ADFG-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>
Federation Party
ADFP-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>
Service Account
ADSA-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>
Functional Account
ADFA-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>
Test Account
ADTA-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>
Password Setting Object
PSO-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>
Child Domain
ADCD-<Number>.net
Parent Domain
ADPD-<Number>.net
LDS Instance
LDS-<Number>.net
AD Site
ADSI-<Technology>-<CompanyTag>-<Object>-<City<<Street><Number>-<Status>
Password Setting Object
PSO-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>
Class Schema
ADCL-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>
Attribute Schema
ADAT-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>
Group Policy Management
GPO Client Computers
GPO-CVD-<CompanyTag>-SETTING-<Description>-<Status>
Beispiel: GPO-CVD-LNC-SETTING-<Description>-<Status>
GPO External Accounts
GPO-ADEA-<CompanyTag>-SETTING-<Description>-<Status>
GPO Functional Accounts
GPO-ADFA-<CompanyTag>-SETTING-<Description>-<Status>
GPO Service Accounts
GPO-ADSA-<CompanyTag>-SETTING-<Description>-<Status>
GPO Test Accounts
GPO-ADTA-<CompanyTag>-SETTING-<Description>-<Status>
GPO Servers
GPO-ADSRV-<CompanyTag>-SETTING-<Description>-<Status>
GPO Users
GPO-ADUSR-<CompanyTag>-SETTING-<Description>-<Status>
Azure Function App
Function
FUNC-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>-<Location>
Example: FUNC-WIN-ALL-PS1-GetStorageTableContent-PROD-WE
Function Key
FKEY-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>-<Location>
Example: FKEY-RS-ALL-KEY-SetLanguageByUPN-PROD-WE
Azure Automation Account
Runbook
RB-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>-<Location>
RB-EXO-BKW-PS1-CreateDomainByCompany-PROD-WE
Secret
CERT-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>-<Location>
CERT-RB-BKW-CERT-CleanUpMEIDDevices-PROD-WE
Variable
VAR-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>-<Location>
VAR-RB-BKW-CLIENTID-CleanUpMEIDDevices-PROD-WE
Schedule
SCED-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>-<Location>
SCED-RB-BKW-DAILY-CheckLicenseCount-PROD-WE
Azure Storage
Azure Storage Table
STT-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>-<Location>
Example: STT-ALL-ALL--WPSMasterTable-PROD-WE
Azure Resources
Subscription
SUB-<Technology>-<CompanyTag>-<Description>-<Status>-<Location>
Resourcegroup
RG-<Technology>-<CompanyTag>-<Description>-<Status>-<Location>
Virtual Machines
VM-<Technology>-<CompanyTag>-<Description>-<Status>-<Location>
Example: VM-WIN-LNC-AppPackaging-NONPROD-CHN
Virtual Network
VNET-<Technology>-<CompanyTag>-<Description>-<Status>-<Location>
Example: VNET-SUBNET-LNC-TerraformTesting-NONPROD-WE
Subnet
Example: SUBNET-NSG-LNC-TerraformTesting-NONPROD-WE
Network Security Group
NSG-<Technology>-<CompanyTag>-<Description>-<Status>-<Location>
Example: NSG-NIC-LNC-TerraformTesting-NONPROD-WE
Network Interfaces
NIC-<Technology>-<CompanyTag>-<Description>-<Status>-<Location>
Example: NIC-VM-LNC-TerraformTesting-NONPROD-WE
Public IP
PIP-<Technology>-<CompanyTag>-<Description>-<Status>-<Location>
Example: PIP-IP-LNC-TerraformTesting-NONPROD-WE
Disk
VMWare ESXi
VCenter Compute Node
VMHOST-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>-<Location>
Example: VMHOST-ESXI-LNC-VMS-PackagingVirtualizer-NONPROD-F3
Identity Access Management
Exchange Online
Mail enabled security group
MESG-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>
Example: MESG-AAP-ALL-USER-CleanUpMEIDGuestUser-PROD