MicroStrategy ONE
Including Profile Photos in Microsoft Active Directory
When integrating
The steps below assume that you have imported Microsoft Active Directory users into your MicroStrategy Identity Network, as described in Including Profile Photos in Microsoft Active Directory.
Each profile photo has a maximum recommended size of 800 KB.
To Include Profile Photos in Microsoft Active Directory
- Create a directory location hosted by a web server that your Microsoft Active Directory server can access. This directory must be dedicated to storing profile photos.
- Store the photos for your users, using unique names for each photo. You can use each user's account name to create unique names for each photo. For example, you can create
jsmith.jpg
,jdoe.jpg
, andfjackson.jpg
. - With your web server deployed, ensure that you can view the profile pictures by navigating to the URL for a picture using the following format:
https://WebServer:PortNumber/PhotoDirectory
where: WebServer
: The web server where you host the profile photos.PortNumber
: The port number for your web server.-
PhotoDirectory
: The full path to the directory location where you store the profile photos.For example, the full URL to a photo could be:
https://example.company.com:1234/main/photos/jsmith.jpg
- Using Microsoft Active Directory, update each user to include their profile photo URL. You must include this URL in one of the following ways:
- If you have Microsoft Exchange™:
- You can extend the information for each user in Microsoft Active Directory to include extension attributes. These are named
extensionAttribute1
,extensionAttribute2
,...
,extensionAttributeN
, and these names also act as the entry values. - Include the profile photo URL in the same extension attribute for each user. For example, if
extensionAttribute1
is not used for any of the users in your Microsoft Active Directory, include the profile photo URL inextensionAttribute1
for every user.
- You can extend the information for each user in Microsoft Active Directory to include extension attributes. These are named
- If you do not have Microsoft Exchange:
- Determine a field in your Microsoft Active Directory that is not used for any user. You must also determine the entry value for this field. For example, the First Name field uses the entry value
givenName
and the Last Name field uses the entry valuesn
. Refer to your third-party Microsoft documentation for steps to determine the entry value for a field in Active Directory. - Include the profile photo URL in the same field for each user. For example, if the Description field (entry name is
description
) is not used for any of the users in your Microsoft Active Directory, include the profile photo URL in the Description field for every user.
- Determine a field in your Microsoft Active Directory that is not used for any user. You must also determine the entry value for this field. For example, the First Name field uses the entry value
- If you have Microsoft Exchange™:
- Log into Identity Manager.
- Click Users & Badges.
- Under User Management, click Edit.
- Under LDAP Mapping, click Edit Active Directory Attributes Mapping, then click Add Another. A row for an additional LDAP field is added.
- From the User Info drop-down list, select Photo URL.
- From the Available Active Directory Attributes drop-down list, select the Microsoft Active Directory field that contains information about each user's profile photo. For example, if you used
extensionAttribute1
to store the profile photo URLs, specifyextensionAttribute1
. - Click Save.