Help

What naming convention do you use?

janzaldua
Contributor

Posted on ‎03-24-2023 09:59 AM

Hello all.

What is the best naming convention to use for Jamf. We recently talked to a systems engineer, who stated that having the Serial Number in the name is not a good practice, from a security standpoint. That it is not good to have serial numbers exposed.

What naming convention do you use for your devices in jamf?

0 Kudos
8 REPLIES 8

junjishimazaki
Valued Contributor

Posted on ‎03-24-2023 11:19 AM

There is no right way for a computer naming convention since every company is going to have its own process but typically you don't want to use serial number as a computer name.  Depending on how many office locations you. You can use country code+city location+asset tag#-mb/md. So for example: USLA43943-MB. The MB=Macbook. MD=Mac desktop(imac/mac mini).  

0 Kudos

janzaldua
Contributor
In response to junjishimazaki

Posted on ‎03-24-2023 02:08 PM

Sorry for my ignorance, but what would be the reason to NOT have the Serial Number as part of the computer name? If someone with bad intentions did have the serial number, what could they do with it?

0 Kudos

TrentO
Contributor II
In response to janzaldua

Posted on ‎03-24-2023 06:43 PM

Including the serial number in the hostname can inadvertently expose sensitive information about the hardware, making it easier for potential attackers to target specific models, manufacturers, or even individual devices. This information can be used to exploit known vulnerabilities or to customize attacks for specific hardware.

 

0 Kudos

MatG
Contributor III
In response to TrentO

‎03-27-2023 05:08 AM - edited ‎03-27-2023 05:09 AM

Pretty sure from early 2021 new Macs serial are random so there is no formula any more to work out hardware type.

https://www.macworld.com/article/676451/apple-switches-to-random-serial-numbers-on-its-products.html....

0 Kudos

TrentO
Contributor II
In response to MatG

Posted on ‎03-27-2023 06:54 AM

Yes, the reason is mostly only valid for earlier hardware.
0 Kudos

junjishimazaki
Valued Contributor

Posted on ‎03-24-2023 02:57 PM

I'm not saying for "security" reasons you shouldn't use the serial number as a computer name. It's just not generally good practice to use a serial number as a computer. You want a more short descriptive name for a computer name. I honestly don't think having a serial number can do much harm if it was "stolen". It just uniquely identifies the computer. If your system engineer can provide more insight into what can be done with it. 

0 Kudos

jpoirson
New Contributor III

Posted on ‎03-27-2023 05:47 AM

I use lastname-serialnumber , and do it this way during enrolment

many reasons are given inside my blog's article

https://automatizeblog.wordpress.com/2022/08/05/jamf-rename-a-mac-to-lastname-serial/

 

0 Kudos

ericbenfer
Contributor III

‎03-27-2023 04:09 PM - edited ‎03-27-2023 04:10 PM

I always try to avoid anything that requires a human being type something on the keyboard.

Humans suck at entering asset tags and stuff like that.

A naming convention should be fully automated and generate a unique string.

It is also a good idea to be under 15 characters in case you are interacting with AD.

For those reasons I really like something based off the serial number.

0 Kudos