Home > Active Directory, Exchange, Microsoft, Powershell, Quickie > Quickie: Add your photo into AD

Quickie: Add your photo into AD

More and more are people working with Outlook 2007+, using Lync clients, … all of these applications have ability to show pictures of users in their interface. Let’s look how to implement picture into AD for some users.

Picture in AD is stored in one AD attribute called thumbnailPhoto. We need to put picture into this attribute. Exchange servers and other services use Global Catalog Domain Controllers to resolve attributes for objects in domains. So first of all we need to make sure attribute thumbnailPhoto is propagated into Global Catalog database. We need to modify properties of attribute thumbnailPhoto:

  • Register MMC snap-in for Active Directory Schema running command:

Regsvr32 schmmgmt.dll

  • Open up Active Directory Schema MMC snap-in
  • Under Attributes look for thumbnailPhoto and open its properties
  • Check option “Replicate this attribute to the Global Catalog”

Edit thumbnailPhoto properties

Edit thumbnailPhoto properties

There is lots ot ways how to add picture into this attribute. One way is to let users to change their pictures using SharePoint MySite functionality. I like to use Exchange 2010 PowerShell cmd-let called Import-RecipientDataProperty. You can use following syntax:

Import-RecipientDataProperty -Identity “cievo” -Picture -FileData ([Byte[]] $(Get-Content -Path “C:\tmp\cievo.jpg” -Encoding Byte -ReadCount 0))

As you can see it’s very easy to script it if your pictures of people have same name as people’s identity.

Then, for example, when you send e-mails inside company, everyone can see you in their Outlooks:

Outlook with pictures

Outlook with pictures

There are also facts and limitations:

  • thumbnailPhoto attribute can be only 100KB in size
  • PowerShell cmd-let Import-RecipientDataProperty supports only 10KB pictures
  • Pictures should have rectangle shape
  • Optimal size in pixels is 96×96
  • When you enable some attribute to propagate to Global Catalogs, all Domain Controllers with Global Catalog databases will re-render whole database from scratch which can produce little stress on CPU
  • AD database will grow in size

I think that even there are some limitations this is nice feature, but Microsoft should have create some native way to add pictures into AD. There are lots of 3rd party utilities, but I’m not fan of them.

Have a nice day,


  1. No comments yet.
  1. No trackbacks yet.