修改 AD架構為了使頭像能夠顯示在GAL中,需要讓其在全域編錄(GC)中進行複製 ,
預設情況下,對象 的“thumbnailphoto”屬性 值不會在GC中進行複製 ,通過修改 AD架構可以是實現 這一個功能。
1. 在以管理 員身份開啟cmd,並執行 Regsvr32 schmmgmt.dll註冊AD架構嵌入式管理單元,如所示:
2. 開啟MMC控制 台,添加AD架構管理 單元
3. 在活動 目錄 架構管理 單元中展開“屬性 ”節點,定位到“thumbnailPhoto”。
4. 開啟“thumbnailPhoto”的屬性 對話方塊,在“常規”選項 卡上勾選“將此屬性 複製 到全域編錄”。
修改完畢後儲存。以下幾種方式進行修改。
提示:
我們要實現準備好一些照片,照片不要超過大小不要超過30KB,所以尺寸也要控制好,一般就96X96就差不多了,太大了沒有意義,因為這些照片是存在AD內的,所以如果太大的話,會導致AD的資料庫增大,從而影響複製
1、powershell指令碼修改
指令碼1:
$SAMName=Read-Host "Enter a username"
$root = [ADSI]'GC://dc=uc,dc=local'
$searcher = new-object System.DirectoryServices.DirectorySearcher($root)
$searcher.filter = "(&(objectClass=user)(sAMAccountName=$SAMName))"
$user = $searcher.findall()
$userdn = $user[0].path
$userdn = $userdn.trim("GC")
$userdn = "LDAP" + $userdn
function Select-FileDialog
{
param([string]$Title,[string]$Directory,[string]$Filter="All Files (*.*)|*.*")
[System.Reflection.Assembly]::LoadWithPartialName("System.Windows.Forms") | Out-Null
$objForm = New-Object System.Windows.Forms.OpenFileDialog
$objForm.InitialDirectory = $Directory
$objForm.Filter = $Filter
$objForm.Title = $Title
$objForm.ShowHelp = $true
$Show = $objForm.ShowDialog()
If ($Show -eq "OK")
{
Return $objForm.FileName
}
Else
{
Write-Error "Operation cancelled by user."
}
}
$photo = Select-FileDialog -Title "Select a photo" -Directory "%userprofile%" -Filter "JPG Images (*.jpg)|*.jpg"
$user = [ADSI]($userdn)
[byte[]]$file = Get-Content $photo -Encoding Byte
# clear previous image if exist
$user.Properties["thumbnailPhoto"].Clear()
# write the image to the user's thumbnailPhoto attribute by converting the byte[] to Base64String
$user.Properties["thumbnailPhoto"].Add([System.Convert]::ToBase64String($file))
# commit the changes to AD
$user.CommitChanges()
指令碼2:
#Add-ADPhoto Powershell v1 compatibile script for updating
#user thumbnailphoto attribute. Resizes input photo to recommended
#dimensions and size. Only updates for the currently logged in user.
#This is a script for user self service.
#Author: Nathan Linley
#Site: http://myitpath.blogspot.com
$infile = $args[0]
$aspect = $args[1]
function usage {
write-host "Usage: Add-ADPhoto filename [aspect]"
write-host " Provide the name of an image file in your current directory."
write-host " If you wish to preserve the aspect ratio of the image, type"
write-host " 1 after your file name. Images are resized to the recommended"
write-host " 96x96, converted to JPG and set to 70% quality to limit size."
exit
}
$imagefile = (pwd).path + "\" + $infile
$imagefileout = (pwd).path + "\adout.jpg"
##############################################################################
#Check to see if the argument for filename was provided, and that it exists###
##############################################################################
if ([string]::isnullorempty($infile) -or -not (test-path $imagefile)) {
&usage
}
###############################
#Remove any old converted file#
###############################
if (test-path $imagefileout) {
del -path $imagefileout -ErrorAction "silentlycontinue"
}
$Image = New-Object -ComObject Wia.ImageFile
$ImageProcessor = New-Object -ComObject Wia.ImageProcess
##########################################################
#Try loading the file, if its not an image this will fail#
##########################################################
$Image.LoadFile($ImageFile)
if (-not $?) { &usage }
#############################################################
#Create filters, set aspect ratio setting, change dimensions#
#to max 96pixels, convert to JPG and set quality #
#############################################################
$Scale = $ImageProcessor.FilterInfos.Item("Scale").FilterId
$ImageProcessor.Filters.Add($Scale)
$Qual = $ImageProcessor.FilterInfos.Item("Convert").FilterID
$ImageProcessor.Filters.Add($qual)
if ([string]::isnullorempty($aspect) -or [string]$aspect -ne "1") {
$ImageProcessor.Filters.Item(1).Properties.Item("PreserveAspectRatio") = $false
} else {
$ImageProcessor.Filters.Item(1).Properties.Item("PreserveAspectRatio") = $true
}
$ImageProcessor.Filters.Item(1).Properties.Item("MaximumHeight") = 96
$ImageProcessor.Filters.Item(1).Properties.Item("MaximumWidth") = 96
$ImageProcessor.Filters.Item(2).Properties.Item("FormatID") = "{B96B3CAE-0728-11D3-9D7B-0000F81EF32E}"
####################################################################
#Drop image quality until it meets the size recommendation of 10kb #
####################################################################
$quality = 80
do {
Remove-Item -path $imagefileout -ErrorAction "silentlycontinue"
$ImageProcessor.Filters.Item(2).Properties.Item("Quality") = $quality
$Image = $ImageProcessor.Apply($Image)
$Image.SaveFile($ImageFileOut)
[byte[]]$imagedata = get-content $imagefileout -encoding byte
$quality -= 10
} while ($imagedata.length -gt 10kb)
#####################################################################
#Find domain, and Account distinguished name. Open user object, add#
#thumbnailphoto data and save.
#####################################################################
$de = new-object directoryservices.directoryentry("LDAP://" + $env:logonserver.substring(2))
$ds = new-object directoryservices.directorysearcher($de)
$ds.filter = "(&(objectclass=user)(samaccountname=" + $env:username + "))"
$myaccount = $ds.findone()
$de = new-object directoryservices.directoryentry($myaccount.path)
$de.properties["Thumbnailphoto"].clear()
$de.properties["Thumbnailphoto"].add($imagedata) |out-null
$de.setinfo()
Write-Host "Photo has been uploaded"
2、vbscript指令碼修改
我AD裡面的使用者名稱字是張三,那麼照片也是張三。
AD裡面使用者的名稱為張三,而AD屬性裡面對應名稱欄位的值為name,要以這個為準。因為我們一會指令碼搜尋的屬性也是這個name屬性。
照片就非常簡單了,使用者的名字為檔案名稱。
Const ForReading = 1
'圖片存的目錄
InDir = "C:\photo"
Set fso = CreateObject("Scripting.FileSystemObject")
set oIADS = GetObject("LDAP://RootDSE")
strDefaultNC = oIADS.Get("defaultnamingcontext")
Set theConn = CreateObject("ADODB.Connection")
theConn.Provider = "ADsDSOObject"
theConn.Open "ADs Provider"
Set theCmd = CreateObject("ADODB.Command")
theCmd.ActiveConnection = theConn
Set objRecordSet = CreateObject("ADODB.Recordset")
For Each tFile In fso.GetFolder(InDir).Files
tName = tFile.Name
tName = Left(tName, InStrRev(tName,".")-1)
strQuery = "<LDAP://" & strDefaultNC & ">;" & "(&(objectClass=person)(name=" & tName & "));name,adspath;subtree"
theCmd.CommandText = strQuery
Set objRS = theCmd.Execute
If objRS.RecordCount = 0 Then
MsgBox "Can't find account for " & tName
Else
Set objUser = GetObject(objRS("adspath"))
ObjUser.Put "thumbnailPhoto", ReadByteArray(tFile.Path)
ObjUser.SetInfo
End If
Next
Function ReadByteArray(strFileName)
Const adTypeBinary = 1
Dim bin
Set bin = CreateObject("ADODB.Stream")
bin.Type = adTypeBinary
bin.Open
bin.LoadFromFile strFileName
ReadByteArray = bin.Read
End Function
3、C#代碼修改
DirectoryEntry container = new DirectoryEntry(LDAP_URI + USERS_DIR);
DirectoryEntry user = container.Children.Add("cn=" + username, "user");
// Set other property's of the user object:
//// user.Properties ["xxx"].Value = "yyy";
//// ...
byte [] buffer;
FileStream fileStream = new FileStream(@"c:\photo.jpg", FileMode.Open, FileAccess.Read);
try {
int length = (int) fileStream.Length; // get file length
buffer = new byte [length]; // create buffer
int count; // actual number of bytes read
int sum = 0; // total number of bytes read
// read until Read method returns 0 (end of the stream has been reached)
while ((count = fileStream.Read(buffer, sum, length - sum)) > 0)
sum += count; // sum is a buffer offset for next reading
}
finally {
fileStream.Close();
}
user.Properties ["thumbnailPhoto"].Value = buffer;
user.CommitChanges();
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
