Montag, 15. November 2010

Import Exchange Global Address List (GAL) images into Active Directory (Part 2)

Over the years, displaying recipient photographs in the Global Address List (GAL) has been a frequently-requested feature, high on the wish lists of many Exchange folks. Particularly in large organizations or geographically dispersed teams, it's great to be able to put a face to a name for people you've never met or don't frequently have face time with. Employees are commonly photographed when issuing badges/IDs, and many organizations publish the photos on intranets.
There have been questions about workarounds or third-party add-ins for Outlook, and you can also find some sample code on MSDN and elsewhere. A few years ago, an IT person wrote ASP code to make employee photos show up on the intranet based on the Employee ID attribute in Active Directory (AD) - which was imported from the company's LDAP directory. A fun project to satisfy the coder alter-ego of the IT person.
Luckily, you won't need to turn to your alter-ego to do this. Exchange 2010 and Outlook 2010 make this task a snap, with help from AD. AD includes the Picture attribute (we'll refer to it using its ldapDisplayName: thumbnailPhoto) to store thumbnail photos, and you can easily import photos— not the high-res ones from your 20 megapixel digital camera, but small, less-than-10K-ish ones, using Exchange 2010's Import-RecipientDataProperty cmdlet.
The first question most IT folks would want to ask is— What's importing all those photos going to do to the size of my Active Directory database? And how much Active Directory replication traffic will this generate? The thumbnailPhoto attribute can accomodate photos of up to 100K in size, but the Import-RecipientDataProperty cmdlet won't allow you to import a photo that's larger than 10K. (Note, the attribute limit was stated as 10K earlier. This has been updated to state the correct value. -Bharat)
The original picture used in this example was 9K, and you can compress it further to a much smaller size - let's say approximately 2K-2.5K, without any noticeable degradation when displayed at the smaller sizes. If you store user certificates in Active Directory, the 10K or smaller size thumbnail pictures are comparable in size. Storing thumbnails for 10,000 users would take close to 100 Mb, and it's data that doesn't change frequently.
Note: The recommended thumbnail photo size in pixels is 96x96 pixels.
With that out of the way, let's go through the process of adding pictures.

A minor schema change

First stop, the AD Schema. A minor schema modification is required to flip the thumbnailPhoto attribute to make it replicate to the Global Catalog.
  1. If you haven't registered the Schema MMC snap-in on the server you want to make this change on, go ahead and do so using the following command:
    Regsvr32 schmmgmt.dll
  2. Fire up a MMC console (Start -> Run -> MMC) and add the Schema snap-in
  3. In the Active Directory Schema snap-in, expand the Attributes node, and then locate the thumbnailPhoto attribute. (The Schema snap-in lists attributes by its ldapDisplayName).
  4. In the Properties page, select Replicate this attribute to the Global Catalog, and click OK.

    Figure 1: Modifying the thumbnailPhoto attribute to replicate it to Global Catalog

Loading pictures into Active Directory

Now you can start uploading pictures to Active Directory using the Import-RecipientDataProperty cmdlet, as shown in this example:
Import-RecipientDataProperty -Identity "Bharat Suneja" -Picture -FileData ([Byte[]]$(Get-Content -Path "C:\pictures\BharatSuneja.jpg" -Encoding Byte -ReadCount 0))
To perform a bulk operation you can use Get-Mailbox cmdlet with your choice of filter (or Get-DistributionGroupMember if you want to do this for members of a distribution group), and pipe the mailboxes to a foreach loop. You can also retrieve the user name and path to the thumbnail picture from a CSV/TXT file.

Thumbnails in Outlook 2010

Now, let's fire up Outlook 2010 and take a look what that looks like.
In the Address Book/GAL properties for the recipient

Figure 2: Thumbnail displayed in a recipient's property pages in the GAL

When you receive a message from a user who has the thumbnail populated, it shows up in the message preview.

Figure 3: Thumbnail displayed in a message
While composing a message, the thumbnail also shows up when you hover the mouse on the recipient's name.

Figure 4: Recipient's thumbnail displayed on mouse over when composing a message
There are other locations in Outlook where photos are displayed. For example, in the Account Settings section in the Backstage Help view.
Update from the Outlook team
Our friends from the Outlook team have requested us to point out that the new Outlook Social Connector also displays GAL Photos, as well as photos from Contacts folders and from social networks, as shown in this screenshot.

Figure 5: Thumbnail photos displayed in the People Pane in the Outlook Social ConnectorMore details and video in Announcing the Outlook Social Connector on the Outlook team blog.

GAL Photos and the Offline Address Book

After you've loaded photos in Active Directory, you'll need to update the Offline Address Book (OAB) for Outlook cached mode clients. This example updates the Default Offline Address Book:
Update-OfflineAddressBook "Default Offline Address Book"
In Exchange 2010, the attributes in an OAB can be customized. This is done using the ConfiguredAttributes property of the OAB (see Set-OfflineAddressBook cmdlet). ConfiguredAttributes is populated with the default set of attributes, and you can modify it to add/remove attributes as required.
By default, thumbnailPhoto is included in the OAB as an Indicator attribute. This means the value of the attribute isn't copied to the OAB— instead, it simply indicates the client should get the value from AD. If an Outlook client (including Outlook Anywhere clients connected to Exchange using HTTPS) can access AD, the thumbnail will be downloaded and displayed. When offline, no thumbnail downloads. Another example of an Indicator attribute is the UmSpokenName.
You can list all attributes included in the default OAB using the following command:
(Get-OfflineAddressBook "Default Offline Address Book").ConfiguredAttributes
For true offline use, you could modify the ConfiguredAttributes of an OAB to make thumbnailPhoto a Value attribute. After this is done and the OAB updated, the photos are added to the OAB (yes, all 20,000 photos you just uploaded...). Depending on the number of users and sizes of thumbnail photos uploaded, this would add significant bulk to the OAB. Test this scenario thoroughly in a lab environment— chances are you may not want to provide the GAL photo bliss to offline clients in this manner.
To prevent Outlook cached mode clients from displaying thumbnail photos (remember, the photo is not in the OAB— just a pointer to go fetch it from AD), you can remove the thumbnailPhoto attribute from the ConfiguredAttributes property of an OAB using the following command:
$attributes = (Get-OfflineAddressBook "Default Offline Address Book").ConfiguredAttributes
Set-OfflineAddressBook "Default Offline Address Book" -ConfiguredAttributes $attributes

Keine Kommentare:

Kommentar veröffentlichen

Rename Onedrive Business root folder

Rename Onedrive Business root folder Here is what I remember: In the Office 365 web admin pages, change the organization name to a shorte...