Difference between revisions of "Active Directory/Naming Standards"

From WolfTech
Jump to navigation Jump to search
(Replacing page with '{{Active_Directory_toc}} [http://activedirectory.ncsu.edu/ou-admins/naming-conventions/ '''Migrated''']')
 
(28 intermediate revisions by 4 users not shown)
Line 1: Line 1:
 
{{Active_Directory_toc}}
 
{{Active_Directory_toc}}
The WOLFTECH domain is designed to be usable by any organization within NC State University. Consequently, special naming considerations are necessary to promote organization, prevent conflicts, and ease delegation.
 
  
Most objects within Active Directory are required to have unique names. In addition, it is important that an objects name indicate its purpose, as well as the organization it belongs to. The following naming standards were developed to help achieve these goals. Please be sure to follow these standards, as any unidentifiable or conflicting objects may be removed.
+
[http://activedirectory.ncsu.edu/ou-admins/naming-conventions/ '''Migrated''']
 
 
==Groups==
 
 
 
Active Directory requires that all groups have unique names. This is achieved by including the acronym of the department, college, or university that the group belongs to. The table below outlines the naming conventions that should be used for different types of groups on the WOLFTECH domain.
 
Software Groups
 
Format:
 
SW-<DEPT>-<COMPANY>-<PRODUCT>-<VERSION>-<PACKAGEDATE>
 
Example:
 
SW-ECE-Microsoft-Office-2003-20041104
 
Notes:
 
For more information about software distribution, see the Software Distribution page.
 
Freeware Groups
 
Format:
 
FW-<DEPT>-<COMPANY>-<PRODUCT>-<VERSION>-<PACKAGEDATE>
 
Example:
 
FW-ECE-Mozilla-Firefox-1.0.2-20050325
 
Notes:
 
For more information about software distribution, see the Software Distribution page.
 
User/Computer Groups
 
Format:
 
<DEPT>-<NAME> or <DEPT>-<SUBOU>.<TYPE>
 
Example:
 
ECE-ACS Users or ECE-Teaching Labs.Desktops
 
Notes:
 
For more information about software distribution, see the Software Distribution page.
 
 
 
==Group Policies==
 
 
 
Active Directory requires that all group policies have unique names. This is achieved by including the acronym of the department, college, or university that the group policy belongs to. The table below outlines the naming conventions that should be used for different types of group policies on the WOLFTECH domain.
 
Software Group Policy Format: SW-<DEPT>-<COMPANY>-<PRODUCT>-<VERSION>-<PACKAGEDATE>
 
Example: SW-ECE-Microsoft-Office-2003-20041104
 
Notes: For more information about software distribution, see the Software Distribution page.
 
Freeware Group Policy Format: FW-<DEPT>-<COMPANY>-<PRODUCT>-<VERSION>-<PACKAGEDATE>
 
Example: FW-ECE-Mozilla-Firefox-1.0.2-20050325
 
Notes: For more information about software distribution, see the Software Distribution page.
 
Departmental Security Policy Format: <DEPT>-<NAME>
 
Example: ECE-Staff Policy
 
Notes: These policies are used with one departmental OU.
 
Multi-Departmental Security Policy Format: Managed-<NAME>
 
Example: Managed-Member Server Policy
 
Notes: These policies are common baseline security policies based on Microsoft's security guides. These policies are managed by the WolfTech Systems staff and are updated periodically to improve security.
 
Domain-wide Security Policy Format: Domain-<NAME>
 
Example: Domain-Local Accounts Policy
 
Notes: These policies apply to the entire domain.
 
 
 
==Machines==
 
 
 
Active Directory requires that all machines have unique names. In addition, it is good network etiquette to not duplicate any other machine's name on the NCSU network. Please check QIP to ensure that the name you wish to use is not already in use on the NCSU network.
 
 
 
Rather than choosing a formula for naming machines, we've chosen thematic machine names that evoke personality, such as star constellations, athletic teams, and 15th century romantic poets. This helps administrators remember where the machine is, who uses it, and any past history. We've found that having this knowledge is indispensable and it would not be possible with formulaic names like ECE-PC-342-DANIELS-001.
 
 
 
==Organizational Units==
 
 
 
Active Directory does *NOT* require organizational units to have unique names. The only naming requirement for OUs is that they clearly indicate their purpose. There is, however, a default OU organization structure that is created for each new departmental OU. OU Admins are free to change, or even scrap, the default setup within their departmental OU if it does not meet their needs.
 
 
 
Above the departmental OUs, the WOLFTECH domain has a rigid OU architecture. To learn more, see OU Architecture Overview and Detailed Architecture.
 
 
 
==Users==
 
 
 
Active Directory requires that all users have unique names. This is achieved by using users UnityID (guaranteed to be unique), and in some cases, special suffixes. The table below outlines the naming conventions that should be used for different types of users on the WOLFTECH domain.
 
Normal Users (w/ UnityID) Format: <UNITYID>
 
Example: jqpublic
 
Notes: The username and display name should be the user's UnityID.  These accounts should only exist in the People OU.
 
Normal Users (w/o UnityID) Format: <DEPT>.<FIRSTNAME>.<LASTNAME>
 
Example: ECE.John.Public
 
Notes: The username and display name should be <DEPT>.<FIRSTNAME>.<LASTNAME> to prevent confusion or conflicts with UnityIDs.  These accounts should only exist in the departmental OU's Departmental Users OU.
 
Domain Admin Format: <UNITYID>.domadmin
 
Example: jqpublic.domadmin
 
Notes: Domain Admins have administrative privileges on the entire domain and have local administrator on all domain machines (except those that manually remove Domain Administrator from the local Administrators group). The membership of the Domain Admins group is tightly screened by the WolfTech Director.
 
OU Admin Format: <UNITYID>.ouadmin
 
Example: jqpublic.ouadmin
 
Notes: OU Admins have administrative privileges over their departmental OU.
 
Departmental Computer Admin Format: <UNITYID>.admin
 
Example: jqpublic.admin
 
Notes: Departmental Computer Admins have local Administrator privileges on all computers in their departmental OU.  This requires that <DEPT>-OU Policy be defined correctly to add <DEPT>-Computer Admins to the local Administrators group of the machines in the OU. These accounts are used by departmental, and if desired, college IT help desk staff to provide computer support.
 
 
 
==Courses==
 
 
 
To facilitate using Active Directory in lab environments, the WOLFTECH domain is automatically populated with course groups for courses in supported colleges. The groups can be used to give the appropriate students access in computer labs. The following naming standards are used:
 
 
 
<table align="center" cellpadding="5" cellspacing="0">
 
  <tr>
 
    <td>Departmental Students </td>
 
    <td>
 
Format: &lt;DEPT&gt;-Students
 
<br>Example: NCSU-Students
 
<br>Notes: This group contains all students enrolled in a class under it's hierarchy. This includes NCSU, colleges, and departments.
 
    </td>
 
  <tr>
 
    <td>Departmental Semester Students</td>
 
    <td>
 
Format: CRS-&lt;DEPT&gt;-&lt;SEMM&gt;&lt;YY&gt;
 
<br>Example: ECE-Students-FALL05
 
<br>Notes: This group contains all students enrolled in a class under it's hierarchy for the specified semester. This includes NCSU, colleges, and departments.
 
    </td>
 
  </tr>
 
  <tr>
 
    <td>Course Semester</td>
 
    <td>
 
Format: CRS-&lt;PRE&gt;-&lt;NUM&gt;&lt;S&gt;-&lt;SEMM&gt;&lt;YY&gt;
 
<br>Example: CRS-ECE-200L-FALL05
 
<br>Notes: This group contains all students enrolled in all sections of the specified class in the specified semester.
 
    </td>
 
  </tr>
 
  <tr>
 
    <td>Course Section Semester </td>
 
    <td>
 
Format: CRS-&lt;PRE&gt;-&lt;NUM&gt;&lt;S&gt;-&lt;SEC&gt;-&lt;SEMM&gt;&lt;YY&gt;
 
<br>Example: CRS-ECE-200L-001-FALL05
 
<br>Notes: This group contains all students enrolled in the specified section of the specified class in the specified semester.
 
    </td>
 
  </tr>
 
</table>
 

Latest revision as of 23:25, 18 June 2011