Difference between revisions of "Active Directory/Naming Standards"
(→Groups) |
|||
Line 11: | Line 11: | ||
<tr> | <tr> | ||
<td width="200px" valign="top"><b>Software Groups</b></td> | <td width="200px" valign="top"><b>Software Groups</b></td> | ||
− | <td> | + | <td width="400px"> |
*<b>Format</b> | *<b>Format</b> | ||
**SW-<DEPT>-<COMPANY>-<PRODUCT>-<VERSION>-<PACKAGEDATE> | **SW-<DEPT>-<COMPANY>-<PRODUCT>-<VERSION>-<PACKAGEDATE> |
Revision as of 21:15, 27 February 2006
The WOLFTECH domain is designed to be usable by any organization within NC State University. Consequently, special naming considerations are necessary to promote organization, prevent conflicts, and ease delegation.
Most objects within Active Directory are required to have unique names. In addition, it is important that an objects name indicate its purpose, as well as the organization it belongs to. The following naming standards were developed to help achieve these goals. Please be sure to follow these standards, as any unidentifiable or conflicting objects may be removed.
Groups
Active Directory requires that all groups have unique names. This is achieved by including the acronym of the department, college, or university that the group belongs to. The table below outlines the naming conventions that should be used for different types of groups on the WOLFTECH domain.
Software Groups |
|
Freeware Groups |
|
User/Computer Groups |
|
Group Policies
Active Directory requires that all group policies have unique names. This is achieved by including the acronym of the department, college, or university that the group policy belongs to. The table below outlines the naming conventions that should be used for different types of group policies on the WOLFTECH domain. Software Group Policy Format: SW-<DEPT>-<COMPANY>-<PRODUCT>-<VERSION>-<PACKAGEDATE> Example: SW-ECE-Microsoft-Office-2003-20041104 Notes: For more information about software distribution, see the Software Distribution page. Freeware Group Policy Format: FW-<DEPT>-<COMPANY>-<PRODUCT>-<VERSION>-<PACKAGEDATE> Example: FW-ECE-Mozilla-Firefox-1.0.2-20050325 Notes: For more information about software distribution, see the Software Distribution page. Departmental Security Policy Format: <DEPT>-<NAME> Example: ECE-Staff Policy Notes: These policies are used with one departmental OU. Multi-Departmental Security Policy Format: Managed-<NAME> Example: Managed-Member Server Policy Notes: These policies are common baseline security policies based on Microsoft's security guides. These policies are managed by the WolfTech Systems staff and are updated periodically to improve security. Domain-wide Security Policy Format: Domain-<NAME> Example: Domain-Local Accounts Policy Notes: These policies apply to the entire domain.
Machines
Active Directory requires that all machines have unique names. In addition, it is good network etiquette to not duplicate any other machine's name on the NCSU network. Please check QIP to ensure that the name you wish to use is not already in use on the NCSU network.
Rather than choosing a formula for naming machines, we've chosen thematic machine names that evoke personality, such as star constellations, athletic teams, and 15th century romantic poets. This helps administrators remember where the machine is, who uses it, and any past history. We've found that having this knowledge is indispensable and it would not be possible with formulaic names like ECE-PC-342-DANIELS-001.
Organizational Units
Active Directory does *NOT* require organizational units to have unique names. The only naming requirement for OUs is that they clearly indicate their purpose. There is, however, a default OU organization structure that is created for each new departmental OU. OU Admins are free to change, or even scrap, the default setup within their departmental OU if it does not meet their needs.
Above the departmental OUs, the WOLFTECH domain has a rigid OU architecture. To learn more, see OU Architecture Overview and Detailed Architecture.
Users
Active Directory requires that all users have unique names. This is achieved by using users UnityID (guaranteed to be unique), and in some cases, special suffixes. The table below outlines the naming conventions that should be used for different types of users on the WOLFTECH domain. Normal Users (w/ UnityID) Format: <UNITYID> Example: jqpublic Notes: The username and display name should be the user's UnityID. These accounts should only exist in the People OU. Normal Users (w/o UnityID) Format: <DEPT>.<FIRSTNAME>.<LASTNAME> Example: ECE.John.Public Notes: The username and display name should be <DEPT>.<FIRSTNAME>.<LASTNAME> to prevent confusion or conflicts with UnityIDs. These accounts should only exist in the departmental OU's Departmental Users OU. Domain Admin Format: <UNITYID>.domadmin Example: jqpublic.domadmin Notes: Domain Admins have administrative privileges on the entire domain and have local administrator on all domain machines (except those that manually remove Domain Administrator from the local Administrators group). The membership of the Domain Admins group is tightly screened by the WolfTech Director. OU Admin Format: <UNITYID>.ouadmin Example: jqpublic.ouadmin Notes: OU Admins have administrative privileges over their departmental OU. Departmental Computer Admin Format: <UNITYID>.admin Example: jqpublic.admin Notes: Departmental Computer Admins have local Administrator privileges on all computers in their departmental OU. This requires that <DEPT>-OU Policy be defined correctly to add <DEPT>-Computer Admins to the local Administrators group of the machines in the OU. These accounts are used by departmental, and if desired, college IT help desk staff to provide computer support.
Courses
To facilitate using Active Directory in lab environments, the WOLFTECH domain is automatically populated with course groups for courses in supported colleges. The groups can be used to give the appropriate students access in computer labs. The following naming standards are used:
Departmental Students |
|
Departmental Semester Students |
|
Course Semester |
|
Course Section Semester |
|