SharePoint - User Profile Picture Sync without FIM/MIM

Import profile pictures from Active Directory to SharePoint.  This is a PowerShell script that will work on SharePoint 2013 or SharePoint 2016 so you can use Active Directory Import and this script to get your pictures sync'd.This assumes that the profiles are populated.  There i

5 Star
2,259 times
Add to favorites
E-mail Twitter Digg Facebook
Sign in to ask a question

  • Error in log.
    2 Posts | Last post Tue 2:31 AM
    • I've the script working after going through lot's of troubleshooting. I had the same issue as canoj below and resolved it using his fix for "Setting the use different account flag to true"
      I know have one final issue I am trying to resolve. I run the script and it appears to be importing photos very quickly (it should probably take longer if it's actually grabbing them).
      In the log I can see this
      Could not find User Profile for XXXXXXXXXXXXXX
      Could not find User Profile for XXXXXXXXXXXXXX
      Could not find User Profile for XXXXXXXXXXXXXX
      Summary: Upload completed at 11/29/2019 15:20:24(took 00:00:26.7346169).  XXX users imported from AD. XXX errors. 0 user photos successfully uploaded.
      Errors are = to amount of users we have. The script is successfully touching all of the users..
      Does anyone have any thoughts?
    • Edit. I resolved this myself, found an small error in an entry I made in the script. After I fixed that, this worked beautifully. Thank you very much!
  • Information on source
    2 Posts | Last post November 08, 2019
    • We have a folder containing pictures in this format "samaccountname.jpg" (but way better resolution as Ad Thumbnail..), do you think we can easily skip the AD part to use a UNC directory ?
      If yes, I guess we just have to modify the "$photo[0]" part below ?
      $files.add("User Photos/Profile Pictures/" + $filename,$photo[0],$true)
    • That would work.  You could skip the AD part and loop through all the pictures in folder.
  • Could not find User Profiles
    2 Posts | Last post September 05, 2019
    • Hello, the script finds all Profiles with Thumbnails in my environment. But in the out.log i find for every user the message "Could not find User Profile for xxx". Im on SharePoint 2019.
      Does anyone know which way i have to look to for a solution?
      Thank you!
    • Depends on what authentication we're using here and the User Profiles.  We could also be failing due to the permissions of the account running the script not having access to the User Profile Service Application.
  • write to AD?
    2 Posts | Last post September 05, 2019
    • Hello, I was able to run the script successfully to get images from AD to SP2016 which uses AD import. What about upload pictures to AD? Prior to SP2016 and AD import, the sync would export the user picture that got uploaded to Sharepoint to AD and that is how our user change their pictures. 
    • This is import only.  The reverse would be a different script since we'd be pulling from SharePoint and writing to AD.  This is something I've been thinking about creating a POC.  Stay tuned on
  • PartitionId purpose in uploaded photo filename
    2 Posts | Last post September 05, 2019
    • Hi,
      When the photos are imported from AD into the mysite host location they are in the format:
      This format is specified in the script using the partition id
      Filename = [userProfileManager.PartitionID]_[userProfile.recordId].jpg
      So is the partition id needed as part of the filename? I read on another forum it is, I quote "Update-SPProfilePhotoStore only works if temporary images actually show in User Photos (with partitionid syntax)." So just some clarity around this would be great, it would be nice just to strip it out but what would be the knock on effect of this. Also many thanks for this script very useful really appreciate it.
    • The partition ID is needed for creating the 3 thumbnails.  Removing this would cause the thumbnails not be created.
  • Error Running Script
    2 Posts | Last post July 24, 2019
    • Getting the error: 
      Exception calling "SendRequest" with "1" argument(s): "The user has insufficient access rights."
      At D:\scripts\PictureUpload1.3.ps1:167 char:5
      +     $Response = $LDAPConnection.SendRequest($Request)
      +     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
          + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
          + FullyQualifiedErrorId : DirectoryOperationException
      Where does this account not have sufficient rights? It is in the Farm Admin's Group, also has "Replicating Directory Changes" applied to it. Any help would be greatly appreciated!
    • A post below answered my question. This script helped out a lot! Thank you!
  • Non English language support
    2 Posts | Last post March 07, 2019
    • I've nearly finished working through an issue I hit with your script, the folder name the photos are uploaded to assumes English. For our german language install the folder "User Photos/Profile Pictures" is actually "User Photos/Profilbilder". The tricky part with troubleshooting is the Update-SPProfilePhotoStore command will run and return after a few seconds with no error, but this would actually be correct behaviour as it can't see the correct folder and therefore any contents to update.
      Apart from that great work and helps solve a Problem for us.
    • Glad it could help out.  I did not have the framework to setup and I did not think about other language locals.  I will look into getting that into a variable to for easy modification.
  • error when running the script. sp2013
    4 Posts | Last post January 31, 2019
    • I have set my variables but I get an error when running the script. I run .\PictureUpload1.2.ps1 and get this error/output. I am running ps as a farm admin. thanks
      new-object : Exception calling ".ctor" with "2" argument(s): "UserProfileApplicationNotAvailableException_Logging ::
      UserProfileApplicationProxy.ApplicationProperties ProfilePropertyCache does not have
      At D:\Scripts\SharePoint\PhotoSync\PictureUpload1.2.ps1:36 char:13
      + $pm       = new-object Microsoft.Office.Server.UserProfiles.UserProfi ...
      +             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
          + CategoryInfo          : InvalidOperation: (:) [New-Object], MethodInvocationException
          + FullyQualifiedErrorId : ConstructorInvokedThrowException,Microsoft.PowerShell.Commands.NewObjectCommand
      Exception calling "Add" with "1" argument(s): "<nativehr>0x80070002</nativehr><nativestack></nativestack>"
      At D:\Scripts\SharePoint\PhotoSync\PictureUpload1.2.ps1:70 char:5
      +     $site.RootWeb.GetFolder("User Photos").subfolders.Add("Profile Pi ...
      +     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
          + CategoryInfo          : NotSpecified: (:) [], ParentContainsErrorRecordException
          + FullyQualifiedErrorId : FileNotFoundException
    • This is due to the account running the script not having permissions to the UPA.
    • I am also getting the error - Exception calling "Add" with "1" argument(s): "<nativehr>0x80070002</nativehr><nativestack></nativestack>
      The outlog has-  Unable to get UserPhotos/Profile Pictures.  Trying to create.
      Unable to create the Profile Pictures.  Check log below and permissions
      Account running does have full control permissions for the UPA as well as the AD Replication permissions. 
    • I was able to resolve my issue. Thanks for the article.  My issues were that I had my SharePoint Site URL in the site variable, instead of the SharePoint My Site URL.  Also, the user account running the script did not have some permission. Setting the use different account flag to true, then using that account worked. 
  • Does it delete photos?
    3 Posts | Last post January 16, 2019
    • If someone deletes their profile picture from AD, does this script remove the picture from the  SharePoint user profile?
    • This would not delete the picture from AD.
    • **This would not delete pictures from SharePoint.  I would suggest that user uploading a placeholder picture in AD or we can manually delete the picture in the user profiles.
  • DirSync - Incremental Issue
    2 Posts | Last post January 03, 2019
    • Thanks for the script. When I run the script for the first time (Full Import) everything works as expected. However, if I run the script to do an incremental update the user objects which are returned are all missing the sAMAccountName attribute. I am not sure if this is related to the Cookie. If I remove the Cookie.bin, aduser.clixml and reset the DNLookup.xml file and re-run the script (Full Import again) the user objects are created as expected and I am able to successfully create the Thumbnail images, etc...  
      This gets round the issue but it takes a long time to re-import all the time. Is there anything I should check? 
    • I found the issue and think I have resolved this in the 1.3 version.  This will be published soon.
1 - 10 of 19 Items