How To Add Company Photo On Domain_9

[Update] This post was updated on May 22, 2019

User photos stored in Active Directory can be used past applications like Outlook, Skype for Business (Lync) or SharePoint to brandish the picture show of currently logged-in user in their interface. Notwithstanding, you can take even more advantage of Active Directory photos and use them as business relationship pictures in Windows 10 (and other versions of Windows as well, starting from Windows vii). All you have to practice is make sure that you lot already accept user photos added in Active Directory (or add together them yourself) and create a Group Policy object (GPO) that will execute a script to change users' account pictures in your domain automatically. Optionally, you may besides need to globally change some of the users' privileges, merely we'll get back to that later. Some of these steps can easily be done using CodeTwo Active Directory Photos, which is completely free! Equally for the other steps, this article will guide you through them smoothly.

Accept a good look at this default account moving picture, as you will probably see it for the concluding time:

How to use Active Directory user photos in Windows 10 - Default Windows 10 account picture

Follow these steps to use Agile Directory user photos in Windows ten

Import photos into Active Directory
Create a new GPO for your domain
Add together a logoff script to GPO
Add registry cardinal permissions in GPO

Importing photos into Active Directory

At that place is a simple Set-ADUser cmdlet that can exist used to import user photos to Agile Directory. Information technology saves an epitome file in the thumbnailPhoto Active Directory aspect. An example of the command that needs to be run in PowerShell looks as follows:

$ADphoto = [byte[]](Get-Content <path to file> -Encoding byte) Ready-ADUser <username> -Supplant @{thumbnailPhoto=$ADphoto}

Just remember to provide an exact path to the image file and the user's name (acquire about other means of identifying your Agile Directory users in this Microsoft commodity), for case:

$ADphoto = [byte[]](Get-Content C:\AD_Photos\ad-brian-johnson -Encoding byte) Prepare-ADUser BrianJ -Replace @{thumbnailPhoto=$ADphoto}

Of course, this is a no-become when you lot want to import photos for a lot of users. A similar command can exist used to import multiple pictures into Active Directory. But starting time, you need to prepare a CSV file with the listing of users and their respective photos. Hither'south an case content of such a file:

AD_user, path_to_file AlexD , C:\AD_Photos\ad-alex-darrow.jpg AnneW, C:\ AD_Photos\ad-anne-wallace.jpg BrianJ, C:\ AD_Photos\advertising-brian-johnson.png

Once the file is ready, use the following command:

Import-Csv C:\AD_Photos\photos.csv |%{Set up-ADUser -Identity $_.AD_user -Replace @{thumbnailPhoto=([byte[]](Get-Content $_.path_to_file -Encoding byte))}}

Creating such a file tin as well be quite time-consuming. This is where CodeTwo Active Directory Photos comes into play. The plan non only allows you to chop-chop connect to Active Directory and import (single or multiple) files, simply it comes with the power to lucifer photos automatically with respective Active Directory users. Plus, you can do all that from an intuitive and user-friendly interface.

How to use Active Directory user photos in Windows 10 - Matching photos in CodeTwo Active Directory Photos

There is likewise one of import aspect that hasn't been mentioned yet – the photo stored in the thumbnailPhoto aspect cannot be bigger than 100 kB, and the recommended size is 96 x 96 pixels. Here y'all can also brand utilize of CodeTwo Agile Directory Photos, as it lets you adjust both the size of the file likewise equally its dimensions.

How to use Active Directory user photos in Windows 10 - Editing photos in CodeTwo Active Directory Photos

With this program, you will likewise instantly know which users don't have their photos added to Active Directory by merely looking at the user's listing.

How to use Active Directory user photos in Windows 10 - Viewing users in CodeTwo Active Directory Photos

Otherwise, you can, for instance, open up the Active Directory Users and Computers tool and cheque if the thumbnailPhoto attribute shows whatsoever value. If you see <not set>, it means there is no photo there.

How to use Active Directory user photos in Windows 10 - Checking thumbnailPhoto attribute in Active Directory Users and Computers

If you can't notice the Attribute Editor tab in the Backdrop window, make sure the Avant-garde Features options on the View menu is checked.

How to use Active Directory user photos in Windows 10 - Enabling Advanced Features in Active Directory Users and Computers

Creating a new GPO for your domain

Now, to propagate these Active Directory photos every bit Windows x account pictures, you can make use of Grouping Policy objects. Or more specifically – a Grouping Policy logoff scripts. They are used to perform automated tasks on each machine in a specified domain when a user logs off in Windows. That way, changes are introduced without whatsoever conflicts and fifty-fifty without any interaction on users' part.

The script that we're going to utilise was found on this site. You tin can adapt this code to your needs, or merely re-create it as it is and paste information technology into an empty text document. Save the file and change its extension from .txt to .ps1. Side by side, copy the file to a network location, eastward.k. %logonserver%\netlogon.
[CmdletBinding(SupportsShouldProcess=$true)]Param() function Exam-Null($InputObject) { return !([bool]$InputObject) } Function ResizeImage() { param([String]$ImagePath, [Int]$Quality = ninety, [Int]$targetSize, [Cord]$OutputLocation) Add-Type -AssemblyName "System.Cartoon" $img = [System.Drawing.Image]::FromFile($ImagePath) $CanvasWidth = $targetSize $CanvasHeight = $targetSize #Encoder parameter for image quality $ImageEncoder = [Organisation.Drawing.Imaging.Encoder]::Quality $encoderParams = New-Object System.Cartoon.Imaging.EncoderParameters(i) $encoderParams.Param[0] = New-Object Organisation.Drawing.Imaging.EncoderParameter($ImageEncoder, $Quality) # get codec $Codec = [System.Drawing.Imaging.ImageCodecInfo]::GetImageEncoders() | Where {$_.MimeType -eq 'image/jpeg'} #compute the concluding ratio to use $ratioX = $CanvasWidth / $img.Width; $ratioY = $CanvasHeight / $img.Height; $ratio = $ratioY if ($ratioX -le $ratioY) { $ratio = $ratioX } $newWidth = [int] ($img.Width * $ratio) $newHeight = [int] ($img.Superlative * $ratio) $bmpResized = New-Object System.Drawing.Bitmap($newWidth, $newHeight) $graph = [Arrangement.Cartoon.Graphics]::FromImage($bmpResized) $graph.InterpolationMode = [System.Cartoon.Drawing2D.InterpolationMode]::HighQualityBicubic $graph.Clear([System.Drawing.Color]::White) $graph.DrawImage($img, 0, 0, $newWidth, $newHeight) #save to file $bmpResized.Salve($OutputLocation, $Codec, $($encoderParams)) $bmpResized.Dispose() $img.Dispose() } #get sid and photo for current user $user = ([ADSISearcher]"(&(objectCategory=User)(SAMAccountName=$env:username))").FindOne().Properties $user_photo = $user.thumbnailphoto $user_sid = [System.Security.Principal.WindowsIdentity]::GetCurrent().User.Value Write-Verbose "Updating account picture for $($user.displayname)..." #keep if an prototype was returned If ((Examination-Null $user_photo) -eq $false) { Write-Verbose "Success. Photograph exists in Active Directory." #set up image sizes and base of operations path $image_sizes = @(32, forty, 48, 96, 192, 200, 240, 448) $image_mask = "Paradigm{0}.jpg" $image_base = "C:\ProgramData\AccountPictures" #set upwards registry $reg_base = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\AccountPicture\Users\{0}" $reg_key = [string]::format($reg_base, $user_sid) $reg_value_mask = "Prototype{0}" If ((Exam-Path -Path $reg_key) -eq $false) { New-Item -Path $reg_key } #salve images, set up reg keys ForEach ($size in $image_sizes) { #create subconscious directory, if information technology doesn't exist $dir = $image_base + "\" + $user_sid If ((Exam-Path -Path $dir) -eq $false) { $(mkdir $dir).Attributes = "Hidden" } #save photo to disk, overwrite existing files $file_name = ([string]::format($image_mask, $size)) $pathtmp = $dir + "\_" + $file_name $path = $dir + "\" + $file_name Write-Verbose " saving: $file_name" $user_photo | Gear up-Content -Path $pathtmp -Encoding Byte -Strength ResizeImage $pathtmp $size $size $path Remove-Item $pathtmp #relieve the path in registry, overwrite existing entries $name = [cord]::format($reg_value_mask, $size) $value = New-ItemProperty -Path $reg_key -Name $name -Value $path -Strength } Write-Verbose "Washed." } else { Write-Error "No photograph institute in Agile Directory for $env:username" }

What does this script do? More often than not, it exports the photo stored in the thumbnailPhoto attribute and saves it on your machine, in a specified binder (in this example: C:\ProgramData\AccountPictures\{User SID}). Yous volition notice that in that location will be eight JPG files stored in this folder, each of different size (from 32×32 px to 448×448 px), and name, specifying photo's size (Image32.jpg, Image96.jpg, etc.). Additionally, new registry keys will be created under MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AccountPicture\Users\{User SID} in the Windows registry, with paths to these photos.

To create a new GPO, open Group Policy Management console (if you can't find it, follow these steps to install it), find your domain in the console tree, right-click information technology and select Create a GPO in this domain, and Link information technology here.

How to use Active Directory user photos in Windows 10 - Creating a new GPO

Provide whatsoever name you want and click OK. A new GPO will announced under Group Policy Objects.

How to use Active Directory user photos in Windows 10 - Newly created Group Policy Object

Calculation a logoff script to GPO

Correct-click this GPO and choose Edit. The Group Policy Direction Editor window will open. Navigate to User Configuration > Policies > Windows Settings > Scripts (Logon/Logoff), so double-click Logoff in the correct pane.

How to use Active Directory user photos in Windows 10 - Adding a new Logoff script

In the Logoff Properties window, go to the PowerShell Scripts tab. Click Add > Browse and point to the PS1 script file in the %logonserver%\netlogon path. Exit the Script Parameters field empty.

How to use Active Directory user photos in Windows 10 - Custom Windows 10 account picture - Selecting the script file

When done, simply click OK 2 times.

And this should do the trick. The next fourth dimension a user logs off from any machine in this domain and logs in once more, the account picture should update automatically. Nevertheless, this will only piece of work if users in your domain take local administrative privileges assigned. If not, there is one more than thing you demand to do. And information technology likewise involves GPO.

How to use Active Directory user photos in Windows 10 - Custom Windows 10 account picture

Calculation registry key permissions in GPO

Think the registry central mentioned earlier? The key Automobile\SOFTWARE\Microsoft\Windows\CurrentVersion\AccountPicture\Users is where the data virtually the account motion picture is stored. Users cannot change their account pictures unless they are granted Full Control permission to that key. This can as well exist done via GPO. You can fifty-fifty use the aforementioned i you've created to run the logoff script.

Back in the Group Policy Management Editor, go to Computer Configuration > Policies > Windows Settings > Security Settings, right-click the Registry node and select Add Key.

How to use Active Directory user photos in Windows 10 - Configure a registry key using GPO

Navigate to MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AccountPicture\Users (or merely copy this key and paste information technology under theSelected cardinal field) and click OK.

How to use Active Directory user photos in Windows 10 - Selecting specific registry key

Select Users under Group or user names and tick the Allow checkbox next to Full Control.

How to use Active Directory user photos in Windows 10 - Granting Full Control permissions to a registry key

Once you click OK, another window will open. Select the Replace existing permissions on all subkeys with inheritable permissions option and click OK.

How to use Active Directory user photos in Windows 10 - Configuring additional permission options

Now, it may accept some time for the GPO to make the change in the Registry Editor – it is unremarkably also required to restart the client machine. Only once a non-admin user has full access to the registry primal in question, and in one case they sign out and in once more, their profile motion-picture show should be updated.

Only there is one more thing CodeTwo Agile Directory Photos can do for you. Once you have deployed the logoff script, information technology will be executed every time a user logs off (until you delete this GPO). Thanks to that, you can use this gratuitous tool to quickly change user photos in the Agile Directory, and the business relationship pictures will likewise change automatically.

How to use Active Directory user photos in Windows 10 - Changing user photos in CodeTwo Active Directory Photos

You can use this characteristic to, for case, change user photos for the upcoming holiday flavor or any of import events affecting your company.

To sum up, using Active Directory user photos to personalize profile pictures in Windows 10 is quite an easy task that won't take long to complete. Plus, as mentioned at the beginning of this commodity, these photos will as well be used in programs similar Skype or Outlook. Apply this opportunity to personalize your email signatures too!