Using Exchange 2013 high-resolution photos from SharePoint Server 2013
In this post I described how Lync 2013 Preview can use high-resolution photos available in Exchange 2013 Preview mailboxes. SharePoint Server 2013 is also able to use the same high-resolution photos. The SharePoint-Exchange photo sync feature implements this.
How it works
SharePoint Server 2013 maintains a library of User Photos, just like in SharePoint Server 2010. When SharePoint-Exchange photo sync is enabled, SharePoint's local photo store becomes a cache, and SharePoint Server 2013 treats Exchange 2013 as the master photo store. SharePoint-Exchange photo sync is not a regular sync job that runs on a recurring cycle. Instead, SharePoint Server 2013 requests photos from Exchange 2013 automatically when a user performs an operation that causes a request for their own photo (for example, browsing to their own user profile page). That means that the user needs to have requested his/her own photo, before other users will be able to see it.
When a user with a valid Exchange 2013 mailbox attempts to change their profile photo, SharePoint Server 2013 will launch the Outlook 2013 Web App photo upload dialog.
Two variables (which can be set per web-application) help govern the syncing behavior:
- UserPhotoExpiration (in hours) specifies the minimum time that must elapse before SharePoint Server 2013 will check for a given user's photo again.
- UserPhotoErrorExpiration (in hours) specifies the minimum time that must elapse before SharePoint Server 2013 will check for a given user's photo when it received an error on the previous attempt.
SharePoint Server 2013 is using the Exchange Web Services Managed API V2.0 and Server to Server authentication (S2SOAuth) to be able to read data from Exchange 2013.
Let me show how to configure the integration. I will use the following sample environment to illustrate the configuration:
- One Exchange 2013 Client Access server with FQDN e15fe.contoso.com
- One Exchange 2013 Mailbox server with FQDN e15be.contoso.com.
- One SharePoint Server 2013 server with FQDN sps15.contoso.com
- A DNS record for autodiscover.contoso.com points to e15fe.contoso.com
In the sample environment the programs have been installed on the C: drive.
Step 1: Exchange 2013 Autodiscover Service
Configure the Exchange 2013 Autodiscover service to be available on the FQDN autodiscover.contoso.com. Use the following Exchange Management Shell command on e15fe.contoso.com.
Get-ClientAccessServer | Set-ClientAccessServer -AutoDiscoverServiceInternalUri https://autodiscover.contoso.com/autodiscover/autodiscover.xml
Step 2: External Url's set
SharePoint Server 2013 use the external Url variants for EWS and ECP when accessing the photos on Exchange 2013. In the sample environment I'll use the internal FQDN's also for external use. Use the following Exchange Management Shell command on e15fe.contoso.com.
Step 3: Exchange Web Services Managed API V2.0
Install the EWS Managed API from the link above on sps15.contoso.com. Make sure that the Microsoft.Exchange.WebServices.dll is loaded into the GAC by using GacUtil. Make sure to use the .NET 4 version of GacUtil (C:\Program Files\Microsoft SDKs\Windows\v7.1\Bin\NETFX 4.0 Tools after you have installed .NET 4.0 SDK)
GacUtil /i C:\Program Files\Microsoft\Exchange\Web Services\2.0\Microsoft.Exchange.WebServices.dll
Step 4 SharePoint S2SOAuth configuration with Exchange
Now it is time to configure SharePoint to do S2SOAuth with Exchange. Use the following SharePoint 2013 Management Shell commands:
- New-SPTrustedSecurityTokenIssuer -name "Exchange" -MetadataEndPoint "https://autodiscover.contoso.com/autodiscover/metadata/json/1"
- $sts.HybridStsSelectionEnabled = $true
- $sts.AllowMetadataOverHttp = $false
- $sts.AllowOAuthOverHttp = $false
- $exchange=Get-SPTrustedSecurityTokenIssuer "Exchange"
- $app=Get-SPAppPrincipal -Site http://sps15 -NameIdentifier $exchange.NameId
- $site=Get-SPSite http://sps15
- Set-SPAppPrincipalPermission -AppPrincipal $app -Site $site.RootWeb -Scope sitesubscription -Right fullcontrol -EnableAppOnlyPolicy
Step 5 Exchange S2SOAuth configuration with SharePoint
We now need to configure the Exchange 2013 side of things. Use the following Exchange Management Shell commands:
- cd \Program Files\Microsoft\Exchange Server\V15\Scripts>
- .\Configure-EnterprisePartnerApplication.ps1 -AuthMetadataUrl https://sps15/_layouts/15/metadata/json/1 -ApplicationType sharepoint
Make sure to restart IIS on both front-end and back-end by issuing the following commands in a command window:
- iisreset e15fe
- iisreset e15be
Step 6 Configure SharePoint 2013 Exchange photo sync
Use the following SharePoint 2013 Management Shell commands:
- $wa = Get-SPWebApplication http://sps15
- $wa.Properties["ExchangeAutodiscoverDomain"] = "autodiscover.contoso.com"
- $wa.UserPhotoImportEnabled = $true
- $wa.UserPhotoErrorExpiration = 1.0
- $wa.UserPhotoExpiration = 6.0
How to try it out?
Sign in to Windows as test1 and use IE to access his My site at http://sps15/my. You should now see the high-resolution photo being shown as the profile photo.
If some reason, the photo is not showing you might be able to diagnose the issue by examining the ULS logs available at C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\LOGS.
Thanks to Ryan, Nathaniel and Sesha for their input to this post.