If you are supporting SharePoint application long enough, you might constantly get support request that users are missing pictures. There are many different reasons that users are missing pictures. We will discuss the how to debug and some tips to resolve in details.
SharePoint 2013 now has three methods for sync process.
- SharePoint Profile Synchronization (lightweight FIM)
- Active Directory Import
- External Identity Manager (C#)
As we described
before, you should not use SharePoint 2013 new Active Directory Import feature for picture
sync at this time since it does not seem to sync the AD’s thumbnailPhoto
attribute. We are still working with Microsoft to debug this issue. In this article, we will
focus the tips on SharePoint
2013 User Profile Synchronization Service Application for picture sync.
The most common issue is some users missing pictures everywhere inside
SharePoint. In this case, those users’ pictures may not synced to SharePoint. You
would need to review the User Profile Synchronization Service Application. There are many good articles
to provide step by step importing user photos from active directory into
SharePoint 2013 from User Profile Synchronization Service Application. Here is the summary for the procedure.
1. Create
UPA AD Sync Connection using FIM
2. Configure
the Picture profile property as the following:
a. Picture (Type URL), replicable, do not allow user to edit values for this
property
b. Attribute: thumbnailPhoto , Import
3. Make
sure sync process account have Replicate Directory Changes permission on the
domain with which you'll synchronize. See Microsoft site for details.
4. Run
a full synchronization
5. Run
Update-SPProfilePhotoStore –MySiteHostLocation http://mysitehost –CreateThumbnailsForImportedPhotos:$true
a. Make sure you use the optional parameter CreateThumbnailsForImportedPhotos
b. Make that both the Distributed Caching process account and the account you’re
using to run the cmdlet have Full Control permissions in UPA, otherwise you’ll
get an exception.
One
way is to verify mysite user photos list - go to http://my/User%20Photos to see the imported
photos and thumbnails for the user as in the picture.
The second way is to verify the FIM logs - invoke the file
..\Program
Files\Microsoft Office Servers\15.0\Synchronization Service\UIShell\miisclient.exe. You could select the users whether the Picture attribute filled in binary.
The
third way is to verify user Sync database on sync process - check User_Sync_DB and
run the query after FLL sync completed
Select sAMAccountName,PictureURL from MMS_Metaverse with(nolock) Where SAMAccountName = 'userID'
Select NTname,PictureURL from UserProfile_full
with(nolock) where NTName = 'domain\userID'
The fifth way is to verify whether AD thumbnailPhoto
attribute has the binary photo - See blog for details.
Another common issue is some users have pictures inside users photos but are missing pictures when you view the permissions. You could go to display the hidden user list http://webapp/siteURL/_catalogs/users/simple.aspx. If you select "Detailed View" you could verify which user is missing picture. You could set the pictures from user photo list to the site using powershell script. We will share the script in later time.
This is as designed. ADI will NOT import pictures.
ReplyDelete