Thursday, September 19, 2013

A Photo by Any Other Name...

Active Directory is directory service based on X.500 directory services, which has been around since the 1980s. Lightweight Directory Access Protocol (LDAP) is an application protocol created to query X.500 directory services, and it still functions today as a method to query Active Directory.  

A lot of the attributes that are found in Active Directory were carried over from X.500 directory services (for example, commonName, manager, and photo), but some were not.  I particularly lament the fact that AD did not implement the favouriteDrink attribute.

Active Directory's schema includes some "new" attributes that did not exist in the X.500 implementation. For example, AD added the jpegPhoto and thumbnailPhoto attributes in addition to the photo attribute. All of this begs the question, "What's the difference and how do Microsoft products use them?"
  • thumbnailPhoto is single valued, stores the photo using the JPEG File Interchange Format, and has a upper-Range of 102,400 bytes (100 KB).

  • jpegPhoto is multivalued, stores photos using the JPEG File Interchange Format, and doesn't enforce an upper-Range.


  • photo is multivalued, stores photos encoded in G3 fax format, and doesn't enforce an upper-Range.

Does Exchange 2013 automatically import or reference a user’s thumbnailPhoto attribute from AD if it is populated?  Yes, it's fairly well documented in the article, GAL Photos in Exchange 2010 and Outlook 2010.  As I wrote in my article, Working with Hi-Res Photos in Exchange 2013 and Lync 2013, Exchange 2013 now goes to eleven by storing hi-res photos in the user's mailbox, as well, but this requires Outlook 2013 or Lync 2013 to view it.  Lower level clients still use thumbnailPhoto.

If you upload a photo to Exchange 2013, does that write back to thumbnailPhoto in AD?  Yes, see same articles for more detail.

Does the “photo” attribute in AD get used at all? Ever? Not by Exchange, Lync or SharePoint. The fact that it uses G3 fax encoding (do any of you kids even know what a G3 fax is?) makes it pretty much useless for modern day computing needs, but who knows what the NSA is doing with it.

Thanks to my colleague and fellow Lync MCM, Greyson Mitchem, for the great questions and blog suggestion.

4:26 PM