In the SharePoint 2013 tip series-Active Directory sync show user photos, this article describes how to synchronize Active Directory show user photos, but after synchronization is complete, the size and resolution of your photos are not ideal. This article describes how to synchronize high-definition user photos on the Exchange Server.
Principle
Similar to SharePoint Server 2010, there is a user photo directory in Sharepoint Server 2013. When SharePoint enables exchange photo synchronization, Sharepoint uses Exchange Server 2013 as the photo Access Directory, while the SharePoint local photo directory is blocked, that is, after SharePoint-exchange photo synchronization is set, users are not allowed to modify their profile photos through Sharepoint. In the Central Administration-user profile-manage user profiles, you can see that the picture attribute displays "you can't change this person's photo because it is synchronized with Microsoft Exchange .".
Note that you must configure the Exchange Server and restart IIS when setting synchronization. In SharePoint 2013, You need to configure related permissions and services so that SharePoint 2013 can connect to the Exchange Server and obtain user data.
Environment instance
To avoid misunderstanding, we define some environment configurations to facilitate calling in detailed steps:
1. Sharepoint Server 2013 (http: // people), you need to add alternate access ing https: // people. This connection points to my site.
2. Exchange 2013 Client Access Server (FQDN) http://e15fe.test.com.
3. Exchange 2013 mailbox server (FQDN) http://e15be.test.com. Confirm that the test user account has been created, for example, [email protected]. In addition, confirm that the HD photo has been uploaded.
4. Add DNS record so that autodiscover.test.com points to the http://e15fe.test.com.
Procedure
After confirming all the above configurations, We will configure the following steps.
Step 1: add the exchange 2013 autodiscover service and run the following command in the exchange management shell command,
Get-clientaccessserver | set-clientaccessserver-autodiscoverserviceinternaluri https://autodiscover.test.com/autodiscover/autodiscover.xml
Step 2: SharePoint 2013 uses an external connection EWS and ECP to read the exchange 2013 user photo data. Now we need to use exchange management shell command to run,
Get-webservicesvirtualdirectory | set-webservicesvirtualdirectory-internalurl https://e15fe.test.com/ews/exchange.asmx-externalurl https://e15fe.test.com/ews/exchange.asmx
Get-ecpvirtualdirectory | set-ecpvirtualdirectory-internalurl https://e15fe.test.com/ecp-externalurl https://e15fe.test.com/ecp
Step 3: After completing the above exchange server configuration, you must install exchange web services managed API V2.0 in SharePoint 2013 and load Microsoft. Exchange. WebServices. DLL to GAC. In this step, we need to use the. NET 4 command gacutil. Therefore, before performing this step, make sure that the. NET 4.0 SDK has been installed on the server. After installation, run the following command in powershell to load Microsoft. Exchange. WebServices. dll. After loading, You need to restart IIS.
Set-location "C: \ Program Files \ Microsoft \ exchange \ Web Services \ 2.0"
[System. reflection. Assembly]: load ("system. enterpriseservices, version = 4.0.0.0, culture = neutral, publickeytoken = b03f5f7f11d50a3a ")
$ Publish = new-Object System. kerberiseservices. Internal. Publish
$ Publish. gacinstall ("C: \ Program Files \ Microsoft \ exchange \ Web Services \ 2.0 \ microsoft. Exchange. WebServices. dll ")
Iisreset
Step 4: Configure s2soauth in SharePoint 2013 and run the following command using SharePoint 2013 management shell command:
New-sptrustedsecuritytokenissuer-name "Exchange"-metadataendpoint "https://email.test.com/autodiscover/metadata/json/1"
$ STS = Get-spsecuritytokenserviceconfig
$ STS. hybridstsselectionenabled = $ true
$ STS. allowmetadataoverhttp = $ false
$ STS. allowoauthoverhttp = $ false
$ STS. Update ()
$ Exchange = Get-sptrustedsecuritytokenissuer "Exchange"
$ APP = Get-spappprincipal-site http: // people-nameidentifier $ exchange. nameid
$ Site = Get-spsite http: // people
Set-spappprincipalpermission-appprincipal $ app-site $ site. rootweb-scope sitesubscription-Right fullcontrol-enableapponlypolicy
Step 5: Configure s2soauth in Exchange Server and run the following command in exchange management Shell
CD \ Program Files \ Microsoft \ Exchange Server \ V15 \ scripts>
. \ Configure-EnterprisePartnerApplication.ps1-authmetadataurl https: // people/_ layouts/15/metadata/JSON/1-applicationtype SharePoint
After the preceding commands are completed, you need to restart IIS,
Iisreset e15fe
Iisreset e15be
Step 6: Configure SharePoint 2013 and Exchange Server photo Synchronization
$ WA = Get-spwebapplication http: // people
$ Wa. properties ["exchangeautodiscoverdomain"] = "email.test.com"
$ Wa. userphotoimportenabled = $ true
$ Wa. userphotoerrorexpiration = 1.0
$ Wa. userphotoexpiration = 6.0
$ Wa. Update ()
After completing the preceding steps, log on to http: // people using the test account. Then, refresh the page to obtain the HD user photo from the Exchange Server.
Note that if you still display a small Active Directory photo, you can edit the picture attribute in the central administration-user profile service-manage user properties file, delete the property mapping for synchronization mapped to Active Directory, and then "start full profile synchronization.
Comparison result:
Before Synchronization
After Synchronization
In http: // people, the large photo shows more obvious comparison, so it will not be uploaded here.
If you have better suggestions and methods, leave a message to discuss them.
SharePoint 2013 tip sharing series-sync exchange display HD user photos