Office 365 Photo Availability Issue Summary

Having user photos available consistently across the Microsoft Office 365 offerings greatly enhances the user collaboration experience.  Unfortunately, when a customer has a Hybrid Exchange / Office 365 implementation, directory synchronization is typically insufficient and unreliable in more advanced environments.

Sourcing the user photos through directory synchronization currently has the following limitations:

  • Photos are typically uploaded via batch file to the on-prem thumbnailPhoto AD attribute, which has a limitation of 100Kb.

  • When these photos are synchronized to Office 365 via directory synchronization, they will remain low resolution photos.

  • Once a photo has been set for an individual user, directory synchronization does not update the photo again, even if it has been modified through the on-prem AD.

In addition, if a customer wishes to take advantage of a third-party data service such as WorkDay via Okta, often times these third party solutions cannot handle photo replication appropriately, if at all.

Therefore, another method is typically required in order to import low-res photos to the on-prem AD directory while simultaneously utilizing hi-res photos for Office 365 services.

Office 365 Photo Workflow

Exchange Online is the authoritative source for photos accessed through Office 365.  The photos are stored in user mailboxes are either accessed by all O365 services from the mailbox or propagated out to the other services, depending upon which service is in question.  Lync accesses the photos directly, while SharePoint replicates copies and generates its own set of hi-res photos.

Exchange Online is also capable of storing high resolution photos that are much larger than the 100Kb on-prem AD attribute limit.

In general, photos uploaded to Exchange Online are available sometime between immediately (in the case of OWA, Lync (Windows) or Outlook (Windows) in Online (not cached) mode).  Photos can take up to 24-48 hours to become available through other clients (Outlook cached mode (Windows only), Lync for Mac).

Photo Conversion Solution Summary

This section will review the major functions used to convert the photos from base64 and the basic commands used to import them to Exchange Online.

For the full script and documentation on generating the on-prem AD thumbnail photos and importing the photos to Exchange Online, please contact us.

Import the CSV containing the photo data

With many cloud hosted HR systems, organizations may receive photo data via a weekly CSV file which includes a base64-encoded field containing the photo data.  So the first step is to convert the photo data from base64 back to *.jpg. 

For this we use a little PowerShell magic.  First, we utilize the Import-CSV PowerShell cmdlet to pull the CSV into memory.  A nice feature of Import-CSV is that it automatically sets the headers of each column as a separate variable name.  So we can move directly to a ForEach loop to handle each photo field.

               Example:  $ImportCSV = Import-CSV $FileName

While we’re at it, we can set a directory to send the converted photos to:

$FileExportDir = "C:\Photos\"

Next, we can set a ForEach loop to handle each line in the CSV.  This sets the variable $Line to represent each line in the imported CSV:

     ForEach ($Line in $ImportCSV){

The header in the CSV file which contains the base64-encoded strings is attachment_Photo_Content, so we specify this to set the variable for each line that contains a photo:

               $CurUserPhoto = $Line.attachment_Photo_Content

We also specify a couple more variables to pull each user’s email address from the CSV as well as specify to add *.jpg to the filename.

$CurUserName = $Line.primaryWorkEmail -replace "@DOMAIN.com$", ""

$CurADUserPhoto = $CurUserName + ".jpg"

Then we tell the script to check for the presence of photo data for each user (not all users will have photos)

If (!$CurUserPhoto)

If the photo does not exist, as indicated by the “!” in the If statement above, the script will simply report a photo is missing and move on to the next line in the CSV.

Convert the photos from base64 to JPG

If, however, a value in the attachment_Photo_Content field does exist for a specific user, we need to convert it from base64 to a more appropriate format we can import, like JPG.

To do this, we summon our .Net Kung Fu as follows:

[Convert]::FromBase64String($CurUserPhoto) | Set-Content -Path ("$FileExportDir" + "$CurUserName.jpg") -Encoding Byte

And bingo!!  If the base64 string contained in the CSV file is valid, we’ll have a picture named USERNAME.JPG in the C:\PHOTOS directory.

Generate 96x96 AD thumbnailPhotos and import high-res photos to Exchange Online

For information on generating the smaller 96x96 on-prem AD thumbnailPhotos and importing the converted hi-res photos to Exchange Online, please see part 2 of this post, coming soon.

The above is informational in nature. ZAG does not warrant the above for the reader's specific environment. Please contact us with questions or if you would like to engage us to implement this solution in your environment.

Author:

Loraine Treadwell

Consultant

ZAG Technical Services, Inc.