Microsoft Intune, eine leistungsstarke Cloud-basierte Endpunktverwaltungslösung, ermöglicht es Unternehmen, ihre Geräte und Anwendungen sicher zu verwalten. Ein wichtiger Aspekt bei der Einrichtung einer effizienten Intune-Umgebung ist die Festlegung einer klar definierten und konsistenten Namenskonvention.
Dieser Beitrag ist der Dritte der "Intune Starter Serie"
Table of Contents
Warum?
Eine Namenskonvention ist ein systematischer Ansatz zur Benennung von Geräten, Anwendungen und anderen Ressourcen in Intune. Die Implementierung einer standardisierten Benennungskonvention bietet Unternehmen mehrere Vorteile:
- Verbesserte Organisation: Ein klares und strukturiertes Benennungssystem vereinfacht die Identifizierung und Gruppierung von Geräten und Anwendungen. Dies hilft IT-Administratoren bei der effizienten Verwaltung umfangreicher Implementierungen.
- Optimierte Fehlersuche: Eine einheitliche Namensgebung erleichtert die schnelle Fehlerbehebung, da Administratoren bestimmte Geräte oder Anwendungen schnell lokalisieren können.
- Effiziente Berichterstattung: Eine gut durchdachte Benennungskonvention trägt zu einer genaueren und aussagekräftigeren Berichterstattung bei. Sie ermöglicht es Administratoren, Berichte nach bestimmten Kriterien zu erstellen, z. B. nach Gerätetypen, Betriebssystemen oder Standorten.
Eine wirksame Namenskonvention entwerfen
Creating an effective naming convention requires thoughtful planning and consideration of the organization's unique requirements. Here are some guidelines to help you develop a robust naming convention:
- Clarity and Consistency: The primary goal of a naming convention is to create clear and consistent identifiers. Avoid using ambiguous abbreviations or acronyms that may confuse users or administrators. Ensure that the naming format is easy to understand and adhered to uniformly across all devices and applications.
- Relevant Information: Incorporate relevant information into the naming convention to provide valuable insights at a glance. Elements like device type, operating system version, department, or user ID can help organize and manage devices efficiently.
- Avoid Sensitive Information: While including pertinent details is essential, avoid using sensitive or personal information in naming conventions. Instead, focus on data that assists with management and tracking without compromising security or privacy.
- Short and Precise: Keep the naming convention as concise as possible. Lengthy names can be cumbersome and may lead to errors during manual entry or data retrieval.
Examples of Naming Conventions
Here are some examples of naming conventions for different types of resources in Microsoft Intune:
Devices
From on Premisses we are used to naming conventions of our devices and needed to be aware, that the names are unique.
Winin Intune that diesnt matter anymore. Theoretically we could name all Devices the same. To search for devices we have much more data like the primary user, the serialnumber and of course the classical device name.
With an Autopilot Profile you can make predefinied devicenames out oif rules. For that you have two parameters:
- %RAND:x%
- gives a random numer (repalce x with a numer eg. 3 = 001)
- %SERIAL%
- Adds the Serialnumer to the name., be aware that the name can't be longer than 15 characters, everithing beond thos 15 characters will be cutted.
simple | [Company]-[Number] | scloud-001 |
advanced | [Location]-[Department]-[SerialNumber] | CH-IT-FD3648 |
Applications
For applications, I think you can keep it as simple as possible, as the names can be visible in the Company Portal, during installations and updates. Personally, I'm not a fan of having the version in the name, because you can use a dedicated version field in Intune, which is displayed in the Company Portal.
Here are some variations:
[AppName] | Visual Studio Code |
[Vendor]-[AppName]-[Language] | Microsoft Visual Studio Code MUI |
[Vendor]-[AppName]-[Version]-[Language] | Microsoft Visual Studio Code 1.81.0 MUI |
Users
Standard users should be simple and streamlined.
For Admins or other special users, you can add the role and/or use an abbreviation.
general users | [FirstName].[LastName]@[Domain] | |
special users | [FirstName].[LastName]-[UserRole]@[Domain] | |
special users | [UserRole].[abbreviation]@[Domain] |
Groups
Names for groups are one of the more complex topics. Maybe you already have a concept for them in your on-premiss environment. In that case I suggest extending it to the Cloud and Intune.
Du give you some ideas i put together a some ideas for App, Device and user groups
Apps | [Service]-[Device/User]-[Name] | INTUNE-DEV-VSCode INTUNE-USR-MicrosoftTeams |
[Service]-[Device/User]-[Name]-[InstallType] | INTUNE-DEV-VSCode-install INTUNE-DEV-VSCode-optional INTUNE-DEV-VSCode-uninstall | |
Devices | [Service]-[Device]-[Purpose] | INTUNE-DEV-Pilot INTUNE-DEV-Broad INTUNE-DEV-Marketing INTUNE-DEV-Kiosk |
Users | [Service]-[User]-[Purpose] | INTUNE-USR-Pilot INTUNE-DEV-All INTUNE-DEV-Marketing |
Configurations
For configurations in a small environment, you can go very simple by just using the purpose. In more advanced environments it's a good idea to add some structure with sections / departments or even the OS type (Yes, you see the OS in a separate column, but I like it 😉. Especially when exporting the config, you won't see it on first sight.
simple | [Purpose] | BitLocker InternetSecurity |
medium | [OS]-[Purpose] | WIN-BitLocker iOS-WLAN-scloud |
advanced | [OS]-[Department]-[Purpose] | WIN-All-BitLocker WIN-ICT-BitLocker AND-RD-MSLaucher |
Conclusion
A well-thought-out naming convention is an essential component of a successful Microsoft Intune deployment. It enhances organization, security, troubleshooting, and reporting capabilities, leading to more efficient device management. By following the guidelines and examples provided in this article, organizations can design a naming convention that suits their specific needs and paves the way for seamless Intune administration and control.