Monthly Archives: March 2007

Import User Pictures (links) from Active Directory (AD) into SharePoint (MOSS)


A project on which I am currently working on is moving content out of Vignette and into MOSS. This blog has nothing to do with the Vignette migration but actually on user profiles. Maybe in a later post, I may publish Vignette to MOSS information.

The client had different locations/data sources for user information and not in Active Directory since ‘not all users had a computer’. We decided to make Active Directory as the master copy of information for all employees. Added the non-computer users – created a network account with a password known only to help desk – did not create an Exchange Mailbox, plus disabled the newly created account. MOSS will import disabled accounts and display in People Search. Since the particular user does not have a computer, no need to create mailbox, as it will be confusing to others when searching for that person and attempting to send an email. MOSS won’t show the email if no mailbox exists. THINK, PLAN, REVIST.

The advantage of moving all user information into AD is we can easily access it with SharePoint web services, if needed for other applications (non Microsoft). Plus it looks way ‘cooler’ than custom phone lists. There are other ways of extracting AD user info, but since this is a MOSS related topic, we would go with web services for argument sake.

Common requirement is a company phone list. Sometimes the organization issues ID/badges with the staff picture. The security office obviously has a list of those pictures.

What if client wanted to use the pictures from the ID/badges into MOSS? Plus, users should not be able to edit their pictures.

Else you might get some really ‘cool’ pictures that totally defy the HR and makes them go a bit overboard.

OK, coming back to our solution (click on thumbnail to view image):

  1. On the portal home, create a Picture Library called “Staff Pictures”
  2. Give appropriate permissions to security office or the help desk to update this library and others to read. How to implement the business process is upto your and the client requirment. You could also uncheck “Allow items from this picture library to appear in search results” from Settings, Advanced Perms; search results will not show content from this library.
  3. Upload pictures with some unique identifies, we plan on using the Employee ID as “1233621.jpg” or “nkelkar.jpg”. Use 100 pixels by 75 pixels resolution.
  4. Open Active Directory Users & Computers (with Exchange Server add in)
  5. Select properties of user you want to edit
  6. Click on “Exchange Advanced” tab
    ad_profile_01.jpg
  7. Click on “Custom Attributes”
    ad_profile_02.jpg
  8. For “extensionAttribute1” (or other) update it to http://moss_name/Staff Pictures/1233621.jpg
    ad_profile_03.jpgad_profile_04.jpg
  9. Open MOSS Central Admin, then Shared Services
  10. Under “User Profiles and My Sites” section, click on “User profiles and properties”
  11. Open “View profile properties”
  12. Edit the “PictureURL” property
    ad_profile_06.jpg
  13. Under “Edit Settings” select “Do not allow users to edit values for this property”
  14. Under “Property Import Mapping” map it to “extensionAttribute1”
  15. I also unchecked “Show on the Edit Details page” under “Display Settings”. If user cannot modify why show them the property in the first place. Food for thought. For this example, I left it on, see #17 to view how it looks to the end-user.
  16. Do a full profile import.
  17. If a user edits their own profile, notice how the pictureurl gets a read only.
    ad_profile_05.jpg
  18. If you search for that user, the same old search page is shown, except now, the picture is from our “Staff Pictures”
    ad_profile_07.jpg

On my test environment, currently if the property is mapped by the user before performing this setup, it gave me error. Just an FYI. Plan it before deploying.