Naming convention

General Concept

Structure

In order to be able to standardise environments, naming is incredibly important.

The following contents must be included in the name of an entity:

Hyphen can be used to separate the entities.

Basic concept

<Entity>-<Affected Technology>-<CompanyTag>-<Object>-<Description>-<Status>

Tag Name

Description

Examplee

Entity

What is the object?

ST, RB, CAP, CAR

Affected Technology

Which technology is affected?

MW, CVD, AVD, CPC, WIN, INT, MEID, MFT, RB, SPO, EXO, TVW, ALL

Company Tag

Which scope or Company is affected?

LNC, XYZ, ALL

Object

Which objects are affected?

USER, DEVICE, GROUP, ROLE, PERMISSION, INTUNE, ALL

Description

What is the purpose?

Short description in Pascal Case

Status

How is this object used?

PROD, NONPROD, DELETED

Location

In which region or location is the entity stored / created?

WE, CH, F3

For example:

MEID-WIN-ALL-USER-IamDoingSomething-PROD

Summary of abbreviations

Abbreviations for naming convention

This table represents a lot of common usecases and the standardised abbreviations.

Abbreviation Meaning Category
MEID Microsoft Entra ID Entity, Affected Technology
AAP Azure App Application (App Registration) Entity
ACP Account Protection Policy Entity
ADAT Active Directory Attribute Schema Entity
ADCD Active Directory Child Domain Entity
ADCL Active Directory Class Schema Entity
ADDG Active Directory Distribution Group Entity
ADEA Active Directory External Account Entity
ADFA Active Directory Functional Account Entity
ADFP Active Directory Federation Party Entity
ADSA Active Directory Service Account Entity
ADSG Active Directory Security Group Entity
ADSI Active Directory Site Entity
ADSRV Active Directory Server Entity
ADTA Active Directory Test Account Entity
ADU Administrative Unit Entity
ADUSR Active Directory User Entity
ALL All Objects General
ANC Azure Network Connection Entity
APG Application Group Entity
AVD Azure Virtual Desktop Entity, Affected Technology
CA Conditional Access Entity
CAP Client App Entity
CAR Custom Azure Role Entity
CERT Azure Runbook Certificate Entity
CFP Configuration Profile Entity
CGR Connection Group Entity
CIM Cloud PC Custom Image Entity
CLP Claim Policy Entity
CLS Client Secret Entity
CPC Cloud PC Entity
CPP Compliance Policy Entity
CVD Citrix Virtual Desktop Entity
DPR Deployment Profile Entity
DSC Device Script Entity
ESP Enrollment Service Profile Entity
FI Filter Entity
FKEY Function Key Entity
FUNC Azure Function Entity
GPO Group Policy Object Entity
GRT GroupTag Entity
HP Host Pool Entity
IAP Intune App Entity
INT Intune Affected Technology
IRA Intune Role Assignment Entity
IRO Intune Role Entity
LDS Lightweight Directory Service Entity
MAI Managed Identity Entity
MC Machine Catalog Entity
MW Modern Workplace (3.0) Entity
PP Provisioning Policy Entity
PRP Cloud PC Provisioning Policy Entity
PSO Password Setting Object Entity
RB Azure Runbook Entity
RG Resource Group Entity
RS Remediation Script Entity
RSC Remediation Script Entity
SCED Azure Runbook Schedule Entity
SCP Scaling Plan Entity
SCT Intune Scope Tag Entity
SP Service Principle Entity
ST Storage Table Entity
STT Azure Storage Table Entity
TVG TeamViewer Group Entity
TVP TeamViewer Policy Entity
TVW TeamViewer Affected Technology
UP Update Policy Entity
USE Cloud PC User Settings Entity
VAR Azure Runbook Variable Entity
WIN Windows Devices Affected Technology
WSP AVD Workspaces Entity

Namings specific to technology

This technology specifc naming convention was created to have a standardised naming solution.

Microsoft Entra ID

Group

MEID-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>
Example: MEID-MW-ALL-USER-IAmDoingSomething-NONPROD

AllUsers Group

MEID-<Technology>-<CompanyTag>-USER-AllCompanyUsers-<Status>
Example: MEID-ALL-LNC-USER-CompanyAllUsers-PROD

AllAdmins Group

MEID-<Technology>-<CompanyTag>-USER-AllAdminAccounts-<Status>
Example: MEID-WIN-LNC-USER-CompanyAllAdmins-PROD

Conditional Access

CA-<Technology>-<CompanyTag>-SETTING-<Description>-<Status>
Example: CA-WIN-ALL-SETTING-IamDoingSomething-PROD

Custom Azure Rolle

CAR-MEID-ALL-ROLE-<Description>-<Status>
Example: CAR-MEID-ALL-ROLE-CompanyReader-PROD

Administrative Unit

ADU-<Technology>-<CompanyTag>-GROUPS-<Description>-<Status>
Example: ADU-MW-LNC-GROUPS-Role01-PROD

App (Registration)

APR-<Technology>-<CompanyTag>-PERMISSION-<Description>-<Status>
Example: APR-RB-LNC-PERMISSION-CleanUpMEIDDevices-PROD

Service Principal

SP-<Technology>-<CompanyTag>-PERMISSION-<Description>-<Status>
Example: SP-SPO-LNC-PERMISSION-SiteXYZ-PROD

Client Secret

CLS-<Technology>-<CompanyTag>-SECRET-<Description>-<Status>

Connector Group

CGR-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>

Connector

<FQDNServer>

Claim Policy

CLP-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>

Managed Identity

MAI-<Technology>-<CompanyTag>-PERMISSION-<Description>-<Status>
Example: MAI-FUNC-LNC-PERMISSION-CreateProfile-PROD

Custom Role

CAR-MEID-ALL-SETTING-<Description>-<Status>

Intune

Deployment Profile

DEP-<Technology>-<CompanyTag>-DEVICE-<Description>-<Status>
Example: DEP-MW-LNC-DEVICE-CompanyProfile-PROD

Devicename

<Technology>-<CompanyTag>-<Serialnumber>
Zum Example:
MWP-LNC-4CE0460D0G-> Modern Workplace (physical)
CPC-LNC-4CE0460D0G-> Cloud PC Workplace
AVD-LNC-4CE0460D0G-> Azure Virtual Desktop Workplace
CVD-LNC-4CE0460D0G-> Citrix Virtual Desktop Workplace

GroupTag

GRT-<Technology>-<CompanyTag>-DEVICE-<Description>-<Status>
Example: GRT-MW-LNC-DEVICE-CompanyDevice-PROD

Enrollment Service Profile

ESP-<Technology>-<CompanyTag>-DEVICE-<Description>-<Status>
Example: ESP-MW-LNC-DEVICE-CompanyEnrollment-PROD

Filter

FI-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>
Example: FI-CPC-LNC-DEVICE-CompanyDevices-PROD

Configuration Profile

CFP-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>
Example: CFP-WIN-ALL-DEVICE-SeLNCityBaselines-PROD

Compliance Policy

CPP-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>
Example: CPP-MW-LNC-USER-LNClockerActivation-NONPROD

Device Script

DSC-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>
Example: DSC-MW-ALL-DEVICE-InstallFollowMePrint-PROD

Remediation Script

RSC-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>
Example: RSC-MW-LNC-PS1-EnableSeLNCeBoot-NONPROD

Update Policy

UP-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>
Example: UPP-WIN-ALL-DEVICE-Ring1CIT -PROD

Scope Tag

SCT-<Technology>-<CompanyTag>-INTUNE-<Description>-<Status>
Example: SCT-INT-LNC-INTUNE-CompanyObjects-PROD

Custom Intune Rollen

IRO-<Technology>-<CompanyTag>-ROLE-<Description>-<Status>
Example: IRO-CVD-LNC-ROLE-LimitedIntuneReader-PROD

Intune Role Assignment

IRA-INT-<CompanyTag>-ROLE-<RollenName>-<STATUS>
Example: IRA-INT-LNC-ROLE-CompanyReader-PROD

Account Protection Policy

ACP-<Technology>-<CompanyTag>-DEVICE-<Serialnumber>-<Status>
Example: ACP-WIN-LNC-DEVICE-5CG9272S38-PROD

Intune Apps

IAP-<Technology>-<CompanyTag>-APP-<AppManufacturer>.<AppName>-<Status>
Example: IAP-ALL-LNC-APP-Microsoft.PowerToys-PROD

Endpoint Privilege Management Profile

EPM-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>
Example: EPM-CPC-LNC-DEVICE-AutoDeskApp-NONPROD

TeamViewer

TeamViewer Policy

TVP-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>
Example: TVP-ALL-ALL-DEVICE-AllCompanyDevices-PROD

TeamViewer Device Group

TVG-<Technology>-<CompanyTag>-DEVICE-<Description>-<Status>
Example: TVG-ALL-LNC-DEVICE-AllCompanyDevices-PROD

Cloud PC

Provisioning Policy

PRP-CPC-<CompanyTag>-USER-<Description>-<Status>
Example: PRP-CPC-LNC-USER-CloudPCAdvanced-PROD

Azure Network Connections Policy

ANC-CPC-<CompanyTag>-DEVICE-<Description>-<Status>
Example: ANC-CPC-LNC-DEVICE-CloudPCStandardAdmin-PROD

User Settings

USE-CPC-<CompanyTag>-USER-<Description>-<Status>
Example: USS-CPC-LNC-USER-RestorePointFrequency-PROD

Custom Image

CIM-CPC-<CompanyTag>-IMAGE-<Description>-<Status>
Example: CIM-CPC-LNC-IMAGE-RestorePointFrequency-PROD

Azure Virtual Desktop

MEID App Groups

MEID-AVD-<CompanyTag>-USER-<Description>-<Status>
Example: MEID-AVD-LNC-USER-APP.Microsoft.Office-PROD

Application Groups

APG-AVD-<CompanyTag>-APP-<Description>-<Status>-<Location>
Example: APG-AVD-LNC-APP-Messerli.BauAD-PROD-WE

Host Pools

HPO-AVD-<CompanyTag>-APPGROUP-<Description>-<Status>-<Location>
Example: HP-AVD-IFB-APPGROUP-AppPool-PROD-WE

Workspaces

WSP-AVD-<CompanyTag>-APPGROUP-<Description>-<Status>-<Location>
Example: WS-AVD-ELB-APPGROUP-<Description>-PROD-WE

Scaling Plan

SCP-AVD-<CompanyTag>-HOSTPOOL-<Description>-<Status>-<Location>
SCP-AVD-LNC-HOSTPOOL-<Description>-PROD-WE

Citrix Virtual Desktop

GPO

GPO-CVD-<CompanyTag>-DEVICE-<Description>-<Status>
Example: GPO-CVD-LNC-DEVICE-IntuneJoin-PROD

APP Group

ADG-CVD-<CompanyTag>-<Object>-<AppManufacturer>.<AppName>-<Status>
Example: ADG-CVD-ALL-USER-APP.Microsoft.PowerToys-PROD

Machine Catalog

MAC-CVD-<CompanyTag>-DEVICE-<Description>-<Status>
Example: MC-CVD-LNC-DEVICE-Sidoun-PROD

Active Directory

Security Groups

ADSG-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>

Distribution Group

ADDG-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>

Federation Group

ADFG-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>

Federation Party

ADFP-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>

Service Account

ADSA-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>

Functional Account

ADFA-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>

Test Account

ADTA-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>

Password Setting Object

PSO-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>

Child Domain

ADCD-<Number>.net

Parent Domain

ADPD-<Number>.net

LDS Instance

LDS-<Number>.net

AD Site

ADSI-<Technology>-<CompanyTag>-<Object>-<City<<Street><Number>-<Status>

Password Setting Object

PSO-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>

Class Schema

ADCL-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>

Attribute Schema

ADAT-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>

Group Policy Management

GPO Client Computers

GPO-CVD-<CompanyTag>-SETTING-<Description>-<Status>
Beispiel: GPO-CVD-LNC-SETTING-<Description>-<Status>

GPO External Accounts

GPO-ADEA-<CompanyTag>-SETTING-<Description>-<Status>

GPO Functional Accounts

GPO-ADFA-<CompanyTag>-SETTING-<Description>-<Status>

GPO Service Accounts

GPO-ADSA-<CompanyTag>-SETTING-<Description>-<Status>

GPO Test Accounts

GPO-ADTA-<CompanyTag>-SETTING-<Description>-<Status>

GPO Servers

GPO-ADSRV-<CompanyTag>-SETTING-<Description>-<Status>

GPO Users

GPO-ADUSR-<CompanyTag>-SETTING-<Description>-<Status>

Azure Function App

Function

FUNC-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>-<Location>
Example: FUNC-WIN-ALL-PS1-GetStorageTableContent-PROD-WE

Function Key

FKEY-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>-<Location>
Example: FKEY-RS-ALL-KEY-SetLanguageByUPN-PROD-WE

Azure Automation Account

Runbook

RB-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>-<Location>
RB-EXO-BKW-PS1-CreateDomainByCompany-PROD-WE

Secret

CERT-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>-<Location>
CERT-RB-BKW-CERT-CleanUpMEIDDevices-PROD-WE

Variable

VAR-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>-<Location>
VAR-RB-BKW-CLIENTID-CleanUpMEIDDevices-PROD-WE

Schedule

SCED-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>-<Location>
SCED-RB-BKW-DAILY-CheckLicenseCount-PROD-WE

Azure Storage

Azure Storage Table

STT-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>-<Location>
Example: STT-ALL-ALL--WPSMasterTable-PROD-WE

Azure Resources

Resourcegroup

RG-<Technology>-<CompanyTag>-<Description>-<Status>-<Location>

Virtual Machines

VM-<Technology>-<CompanyTag>-<Description>-<Status>-<Location>
Example: VM-WIN-LNC-AppPackaging-NONPROD-CHN

Virtual Network

VNET-<Technology>-<CompanyTag>-<Description>-<Status>-<Location>
Example: VNET-SUBNET-LNC-TerraformTesting-NONPROD-WE

Subnet

SUBNET-<Technology>-<CompanyTag>-<Description>-<Status>-<Location>
Example: SUBNET-NSG-LNC-TerraformTesting-NONPROD-WE

Network Security Group

NSG-<Technology>-<CompanyTag>-<Description>-<Status>-<Location>
Example: NSG-NIC-LNC-TerraformTesting-NONPROD-WE

Network Interfaces

NIC-<Technology>-<CompanyTag>-<Description>-<Status>-<Location>
Example: NIC-VM-LNC-TerraformTesting-NONPROD-WE

Public IP

PIP-<Technology>-<CompanyTag>-<Description>-<Status>-<Location>
Example: PIP-IP-LNC-TerraformTesting-NONPROD-WE

Disk

DSK-<Technology>-<CompanyTag>-<Description>-<Status>-<Location>
Example: DSK-VM-LNC-TerraformTesting-NONPROD-WE

VMWare ESXi

VCenter Compute Node

VMHOST-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>-<Location>
Example: VMHOST-ESXI-LNC-VMS-PackagingVirtualizer-NONPROD-F3

Identity Access Management

Exchange Online

Mail enabled security group

MESG-<Technology>-<CompanyTag>-<Object>-<Description>-<Status>
Example: MESG-AAP-ALL-USER-CleanUpMEIDGuestUser-PROD