The script gets a user photo from Microsoft 365 and sets it into the AD account of the user. To run the script, create a custom command or scheduled task configured for the User object type.
PowerShell
# Get user ID in Microsoft 365
$azureID = $Context.TargetObject.AzureID
if ($NULL -eq $azureID)
{
$Context.LogMessage("The user does not have a Microsoft 365 account", "Warning")
return
}
# Connect to Microsoft Graph PowerShell
$accessToken = $Context.CloudServices.GetAzureAuthAccessToken()
$accessToken | out-file c:\token.txt
Connect-MgGraph -AccessToken ($accessToken | ConvertTo-SecureString -AsPlainText -Force)
# Get temp file path
$tempFodlerPath = [System.IO.path]::GetTempPath()
$tempFilePath = "$tempFodlerPath\photo.tmp"
# Download user photo
try
{
Get-MgUserPhotoContent -UserId $azureID -OutFile $tempFilePath
}
catch
{
$Context.LogMessage("The user has no photo", "Warning")
}
$photoBytes = [System.IO.File]::ReadAllBytes($tempFilePath)
if ($NULL -ne $photoBytes)
{
# Update user photo in AD
$user = $Context.BindToObjectEx($Context.TargetObject.AdsPath, $True)
$user.Put("thumbnailPhoto", $photoBytes)
$user.SetInfo()
}
# Remove temp file
Remove-Item $tempFilePath -Force -Confirm:$False
What exactly do you mean? Could you, please, describe the desired behavior in all the possible details with live examples?
As it is mentioned in the script description, it can be executed in a scheduled task or custom command. As such, the easiest option is to create a one-time task executing the script and add All objects to the Activity Scope.
Microsoft annouched they will stop the get-userphoto cmdlet from Exchange Online. Will you be upgrading the script to the Microsoft Graph PowerShell ((Updated) ExchangePowerShell: retirement of tenant admin cmdlets to Get, Set, and Remove UserPhotos)?
The script uses the Get-MgUserPhotoContent cmdlet from the Microsoft.Graph PowerShell module to get the photo. Please, note that for the script to work, the module must be installed on the computer where the Adaxes service runs. If you have multiple Adaxes services sharing a common configuration, the module must be installed on each computer where the Adaxes service runs.
I've just tried to run this on my tenant and got the following error?
Is there a particular version of the Graph modules required?
---------------------------
Run Script - User McUser
---------------------------
[UnknownError] : Stack trace: at Get-MgUserPhotoContent<Process>, C:\Program Files\WindowsPowerShell\Modules\Microsoft.Graph.Users\2.26.1\exports\ProxyCmdletDefinitions.ps1: line 12253
at <ScriptBlock>, <No file>: line 21
---------------------------
> I've just tried to run this on my tenant and got the following error?
How exactly did you execute the script? Was it in Windows PowerShell?
For troubleshooting purposes, please, send us (support@adaxes.com) a screenshot of the error you are facing.
>Is there a particular version of the Graph modules required?
It is only required to have a version of the module compatible with PowerShell 5. As of now, Adaxes does not support PowerShell 7.