With Office365 you can have profile pictures, and this setting is enabled by default. In larger organizations you may not want this policy enabled or have a customized policy for different departments. Here’s what I had to do to disable the picture upload capability by default and use powershell to update it for individuals by using a customized policy.
Let’s get started.
Connect to Office365 from Powershell:
|
1 2 3 4 5 |
Import-Module MSOnline $O365Cred = Get-Credential $O365Session = New-PSSession –ConfigurationName Microsoft.Exchange -ConnectionUri https://ps.outlook.com/powershell -Credential $O365Cred -Authentication Basic -AllowRedirection Import-PSSession $O365Session Connect-MsolService –Credential $O365Cred |
Check if you have any existing policies that allow photos to be enabled and displayed:
|
1 2 |
#Check which the default policy regarding the photo Get-OWAMailboxPolicy | FL *Photo* |
Result:
Let’s create a new policy:
|
1 2 |
#Create a New OWA Policy New-OWAMailboxPolicy –Name OWAUsersPicPolicy |
Check the setting for the newly created policy:
|
1 2 |
#Check the setting for the newly created Policy Get-OWAMailboxPolicy OWAUsersPicPolicy | FL *Photo* |
Result:
We need to make sure that users using this new policy are the only one that can upload their picture via the Office365 Portal.
|
1 2 |
#Set the Policy setting to have photo changing feature enabled Set-OwaMailboxPolicy OWAUsersPicPolicy -SetPhotoEnabled $True |
Set the default policy to restrict the capability to upload pictures:
|
1 2 |
#Set the default OWA policy to not allow profile pics Set-OwaMailboxPolicy Owamailboxpolicy-default -SetPhotoEnabled $False |
Check for how many policies you have now:
|
1 2 |
#Get OWA Policies (Should see two policies now) Get-OWAMailboxPolicy | FL Name |
Result:
Assign the new policy to admins:
|
1 2 |
#Assigning the newly created picture policy to the admins in the organization. Set-CASMailbox -Identity "adminemail@domain.com -OwaMailboxPolicy OWAUsersPicPolicy |
Normally you would never need this but still depending on your requirements if you wanted to apply the new policy (just change the policy name from the one list to the new one you created) or revert everything back to the default policy:
|
1 2 |
#Assign all users in the organization the default policy (Normally you will not have to do this) Get-Mailbox -ResultSize Unlimited | Set-CASMailbox -OWAMailboxPolicy Owamailboxpolicy-default |
Check the policy against users to see what they are using:
|
1 2 |
#Check the policy against one of the users Get-CASMailbox -Identity user@domain.com | FL *OWA* |
You are done.
Now each user with the new policy will be able to upload their profile pics and users with the default policy will not be able to upload their pictures.
Picture dimensions:
I have used 96×96 based on the MSDN forum in the past but noticed a lot of pixelation in the contact cards. I was able to get 280 x 280 resolution to get a nice resolution profile pic.