Skip to content

Tag: Active Directory

Tool that bulk imports or removes User pictures

Simple Tool that bulk imports or removes user pictures, based on AD Group Membership.
If a user is in both groups, the picture will be removed!
Idea based on my old tool to import Active Directory pictures.
They are a bit to tiny, so I use Exchange now to make them look better in Exchange and Skype.

The tool will not check the pictures. As long as a picture exists, it will try to import it. Then the Exchange Server might reject the import, and you will get a warning. Same for users with non existing Mailboxes: The Tool will not check anything for the User before it tries to import the picture.

The Pictures should be in the JPG format and not larger than 648x648px. With a depth of 24 bits, each picture has around 200-250 kilobytes. Keep that in mind if you load a big bunch of pictures.

The following formats are used:

  • 48x48px – Active Directory thumbnailPhoto
  • 96x96px – Outlook, Outlook Web Access, Lync/Skype and SharePoint
  • 648x648px – Lync/Skype Clients and Lync/Skype Web App
This content is older than 2 years. It might be outdated.

Synchronize time with external NTP server

A reliable time source within an Active Directory environment (or networks in general) is critical.
A prefer an expensive GPS Clock; others don’t care… I decided a while ago that I sync my DCs with an NTP source.

Please keep in Mind, that your servers need access to the NTP Servers on the UDP Port 123 (NTP) to sync the clock with them. So your Firwall needs to allow this.

In a minimum your Server with the FSMO Role PDC should sync. Here is how to find this server:

1
2
3
rem Get the PDC FSMO Role (Or apply it to all your DCs)
netdom /query fsmo
rem This will show you all FSMO Roles, see the PDC role for your main DC server

You can do that on all your DCs (or at least on one in every location/Site).

This content is older than 2 years. It might be outdated.