A much sought after feature by the Exchange user community has been the ability to add photos to the Global Address List; giving users a bit more of an identity. This is especially true for larger organizations that sometimes distribute photos through a network share. However it would be so much cooler if users could immediately see who they are sending e-mails to.
In the past, doing this was only possible through custom code. Exchange 2010 makes it possible - and easier - via a new PowerShell command. The process is rather simple, modify an attribute in AD and then upload photos using the Import-RecipientDataProperty cmdlet. Because the images you upload to AD are so small (typically between 3-5KB), the NTDS database size should not be a concern; imagine a 3KB image for 100 employees - this will increase the AD database size by 300KB which is hardly overkill (even with AD replication in mind).
The rest of this article will explain the process of how to add a photo to the GAL, with a demonstration of what you can expect to see when the process is completed.
Preparing the AD Schema
The first thing we need to do is to make a small change to the AD schema. We will set the thumbnailPhoto attribute to replicate to the Global Catalog. To do this, we need to register the schmmgmt.dll library which gives us access to the Active Directory Schema management console. Follow the instructions below:
-
Open a command prompt (cmd) and enter:
regsvr32 schmmgmt.dll
You should see a "succeeded" message box.
Next, click Start | Run... and run mmc.exe. This will bring up the management console.
Go to File | Add/Remove Snap-in... (or press CTRL+M) and choose the Active Directory Schema snap-in, then click Add and OK.
Expand the Active Directory Schema node and click on the Attributes folder. From the right hand pane, locate the thumbnailPhoto attribute. Right click on it and select Properties.
-
Check the option that says "Replicate this attribute to the Global Catalog" (as shown below) and click OK.
TIP: Using the Active Directory Sites and Services console, you can force replication between DCs. Alternatively, you'll have to wait for the default time to be reached until replication occurs.
Once this is done, we can move on to the next step, i.e. importing photos into the thumbnailPhoto attribute. We do this by using the Import-RecipientDataProperty cmdlet.
Importing a Photo into the Active Directory User Object
Follow the procedure below to import photos for a user.
TIP: The recommended image size is 96x96 pixels.
-
Open the Exchange Management Shell and enter:
Import-RecipientDataProperty -Identity "Rachel Peach" -Picture -FileData ([Byte[]]$(Get-Content -Path "C:\photos\RachelPeach.jpg" -Encoding Byte -ReadCount 0))
...replacing Rachel Peach with the name of the person you want to import a photo for of course.
-
If successful, it will automatically go to a new prompt (waiting for a new command) - as shown below:
-
If something goes wrong during the import, or there was an incorrect parameter in the cmdlet, you will get an error - as shown in this example:
Here, there was a mistake in the full path name to the photo.
Importing Photos for Multiple Users (Bulk Import)
If you wish to import photos for multiple users at one go, you can use the following PowerShell script. All files must be ".jpg" and have the same name as the user stored in Active Directory.
# Change the value of this variable according to where you have the photos stored.
$PhotoPath = "C:\Photos\*.*"
ForEach ($PhotoFile in gci $PhotoPath)
{
$User = '' + $PhotoFile.Name.substring(0, $PhotoFile.Name.Length - 4) + ''
Import-RecipientDataProperty -Identity $User -Picture -FileData ([Byte[]]$(Get-Content -Path $PhotoFile.Fullname -Encoding Byte -ReadCount 0))
}
If you ever wish to remove the photo for a particular user, you could do so by executing the following command at the Exchange Management Shell:
Set-Mailbox "Rachel Peach" -RemovePicture
Exporting a user's photo from Active Directory
While I'm at it, I thought it would be beneficial to show you how to export photos from the Active Directory user object. In case you ever needed to, you can use the Export-RecipientDataProperty, as the instructions below show:
-
Open the Exchange Management Shell and run the command:
Export-RecipientDataProperty -Identity "Rachel Peach" -Picture | ForEach {$_.FileData | Add-Content C:\exported\RachelPeach.jpg -Encoding Byte}
Where "Rachel Peach" would be the name of the user whose photo you want to export.
If successful, you will notice that the Exchange Management Shell moves to a fresh line waiting for new input. If you go to the location you specified for the export, you will see that the image has been exported correctly to the specified folder.
Updating the Offline Address Book
The final piece of the puzzle is to update the Offline Address Book (OAB) for outlook cached mode clients. The OAB thumbnailPhoto property controls how photos are to be retrieved. By default this is set as an Indicator property. The indicator is just a link that points to Active Directory for the photo download.
For the photo to be available offline we need to change the thumbnailPhoto from an Indicator to a Value attribute. Here are the steps to remove the Indicator:
$attributes = (Get-OfflineAddressBook "Default Offline Address Book").ConfiguredAttributes
$attributes.Remove("thumbnailphoto,Indicator")
Set-OfflineAddressBook "Default Offline Address Book" -ConfiguredAttributes $attributes
These are the steps to add the thumbnailPhoto property as a Value:
$attributes = (Get-OfflineAddressBook "Default Offline Address Book").ConfiguredAttributes
$attributes.Add("thumbnailphoto,Value")
Set-OfflineAddressBook "Default Offline Address Book" -ConfiguredAttributes $attributes
Once you do this, if you execute the (Get-OfflineAddressBook "Default Offline Address Book").ConfiguredAttributes command you will see that thumbnailPhoto is now represented as a Value in the Configured Attributes list.
Of course, if you don't want Outlook cached mode to display any photos, you could run the command shown above to remove the Indicator attribute from the configured attributes list, without adding it back as a Value attribute.
With the thumbnailPhoto property set, we can force a refresh of the OAB from the Exchange Management Shell:
Update-OfflineAddressBook "Default Offline Address Book"
Viewing GAL photos
So once you set everything up, where can users expect to see these thumbnail photos? Well, the two main applications are Microsoft Outlook and the Microsoft Outlook Social Connector. Within these applications there are a number of locations where the photos are displayed, including the Global Address List dialog box, when viewing a message received from that person, in the initial start screen within Outlook (backstage view found under File | Info), the user's contact card as well as the user's properties in the GAL.
Unfortunately, photos are not displayed in Outlook Web App at the present time.
Oulook Social Connector
The Outlook Social Connector is an add-in for Microsoft Outlook that allows you to view your connections' profiles and updates from one centralized location, without ever leaving Outlook itself. Once you perform the above procedure to import thumbnail photos into Active Directory, you will be able to view a user's photo from the Social Connector, as shown below:
Outlook 2010
From Microsoft Outlook, when you compose a message and choose the recipient, you can hover over the recipient's name to view their contact card. On the contact card there will be the recipient's thumbnail photo, as shown below:
When viewing a received message, the senders thumbnail image appears on the right hand side of the e-mail message:
If you enter the Global Address List, select the user you wish to view details for and select Properties, the thumbnail photo will be available on the right hand side of the properties window, as shown below:
Finally, from the backstage view, in the File | Info section, you can see the thumbnail image right next to the user account settings. In this example, we are displaying the Administrator account:
Conclusion
In this article I have shown you how to add photos to a Global Address List, making it easier for people to distinguish who they are communicating with. We looked at what is required in terms of preparing Active Directory, uploading photos into the Active Directory user object, updating the offline address book, and finally, viewing the photos as users would during normal operation. In the future, what we'd love to see from Microsoft is a GUI that will help make it easier for administrators to manage the upload process.