Set user thumbnail photo and get Office 365 domain references via the Azure AD Preview module

New version of the AzureADPreview module is available, you can get the module and full changelog from the PowerShell Gallery. I thought few additions are worth mentioning:

  • We now have full control over the ThumbnailPhoto attribute. I first noticed the existence of said attribute back in July, when I first blogged about the Azure AD module on Enow’s blog. At the time being, there was no way to configure the attribute, but now we can do so via the Get-/Set-AzureADUserThumbnailPhoto cmdlets. While the usual remark about using ObjectId applies, this time the team has made the cmdlet use much easier by introducing the FilePath parameter, allowing you to simply point to an image located on your PC:
 Set-AzureADUserThumbnailPhoto -ObjectId b96b3cae-888c-4b85-8871-c9766cb4791b -FilePath 'C:\blabla.jpg'

Get-AzureADUserThumbnailPhoto -ObjectId b96b3cae-888c-4b85-8871-c9766cb4791b

Tag :
PhysicalDimension : {Width=300, Height=300}
Size : {Width=300, Height=300}
Width : 300
Height : 300
HorizontalResolution : 300
VerticalResolution : 300
Flags : 77840
RawFormat : [ImageFormat: b96b3cae-0728-11d3-9d7b-0000f81ef32e]
PixelFormat : Format24bppRgb
Palette : System.Drawing.Imaging.ColorPalette
FrameDimensionsList : {7462dc86-6180-4c7e-8e3f-ee7333a7a483}
PropertyIdList : {20625, 20624}
PropertyItems : {20625, 20624}

You can also use a File stream or ByteArray to provide the image data if more appropriate. The size of the image you select must be appropriate for thumbnail, 100 KB or so. Exceeding this limit will result in the following error message:

Set-AzureADUserThumbnailPhoto -ObjectId b96b3cae-888c-4b85-8871-c9766cb4791b -FilePath 'C:\blabla2.jpg'

Set-AzureADUserThumbnailPhoto : Error occurred while executing SetAzureADUserThumbnailPhoto
StatusCode: BadRequest
ErrorCode: Request_BadRequest
Message: The stream write request would result in an excessive number of bytes being written.
At line:1 char:1

+ Set-AzureADUserThumbnailPhoto -ObjectId b96b3cae-888c-4b85-8871-c9766 ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Set-AzureADUserThumbnailPhoto], ApiException
+ FullyQualifiedErrorId : Microsoft.Open.AzureAD16.Client.ApiException,Microsoft.Open.AzureAD16.Graph.PowerShell.Custom.Cmdlet.SetAzureADUserThumbnailPhotoCustom

The ThumbnailPhoto itself doesn’t seem to be currently used by any of the Office 365 services, but I guess that’s about to change soon.

  • Another convenient improvement is the Get-AzureADDomainNameReference cmdlet. You can use it to quickly list all objects which have attributes associated with a particular domain in your tenant. For example:
Get-AzureADDomainNameReference -Name tenant.onmicrosoft.com

The cmdlet works very similar to what we previously had available in the MSOL module:

Get-MsolUser -DomainName michev.onmicrosoft.com

However, unlike the MSOL cmdlet which only returns matching user objects, Get-AzureADDomainNameReference will also return group objects (both Office 365 Groups and “regular” ones). Some formatting issues are noticeable in the output due to the “mixed” object types however, here’s an example:

Get-AzureADDomainNameReference -Name michev.onmicrosoft.com

ObjectId DisplayName UserPrincipalName UserType
-------- ----------- ----------------- --------
fedf6ef0-235f-43cf-ae0c-e82f833c3e91 blabla xxx@michev.onmicrosoft.com Member

DeletionTimeStamp :
ObjectId : c12c1b90-0464-4ffc-a953-681b98ffcba4
ObjectType : Group
DisplayName : First group

DeletionTimeStamp :
ObjectId : 16ca4613-1ae7-45f0-94a7-a060f41f63fb
ObjectType : Group
DisplayName : Unified2

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.