How to Update User Photos with Microsoft Graph PowerShell

User profile photo management in Microsoft 365 is a necessary task to ensure all users are represented in a professional manner across your organisation’s services. 

In this tutorial, I am going to show you how to upload user photos to Microsoft 365 for other users in your organisation with Microsoft Graph PowerShell. 

Why update user photos manually?

While some organisations opt for allowing end users to upload their own profile photos for their corporate Microsoft 365 account, this can often lead to users uploading inconsistent or unprofessional photos. 

By enabling administrators to upload profile photos for users within their organisation, business owners can ensure that all user photos are consistent with the company’s brand and remain professional. 

The utilisation of Microsoft Graph PowerShell for this task enables admins to automate this process for single or multiple users while at the user onboarding phase or at any future time.

Requirements

The requirements for using Microsoft Graph PowerShell to update users’ profile photos in Microsoft 365 are as follows:

  • The Microsoft Graph PowerShell modules are installed (at least version 2).
  • Global Administrator rights (to grant permissions to applications in Microsoft Entra)
For this guide, I am going to connect to our application using a Client Secret in PowerShell, this requires the use of the -ClientSecretCredential parameter which is only available in version 2 of the Microsoft Graph PowerShell SDK.

Updating the photo of other users in your organisation requires Application permissions with Microsoft Graph, unlike most other user management-related tasks with Microsoft Graph PowerShell which can be done with Delegated permissions. This adds another level of complexity to completing this fairly simple task, hence the user of a Service Principal in the next steps.

How to update a users photo with Microsoft Graph PowerShell

Follow the below steps to update the Microsoft 365 photo for other users in your organisation using Microsoft Graph PowerShell.

1. Start by registering a new application (Service Principal) in Microsoft Entra. This will allow you to connect to it and use application permissions to update the user photos. Follow the steps I have written in the following post to register a new application, assign the permissions, and create a client secret: Register an application in Microsoft Entra.

The permission you need to assign to your Service Principal is User.ReadWrite.All.

2. Once you have prepared your Service Principal by following the above steps, connect to Microsoft Graph in PowerShell with your client secret.

$ApplicationId = "Value"
$SecuredPassword = "Value"
$tenantID = "Value"

$SecuredPasswordPassword = ConvertTo-SecureString `
-String $SecuredPassword -AsPlainText -Force

$ClientSecretCredential = New-Object `
-TypeName System.Management.Automation.PSCredential `
-ArgumentList $ApplicationId, $SecuredPasswordPassword

Connect-MgGraph -TenantId $tenantID -ClientSecretCredential $ClientSecretCredential

Here is the context of my session after connecting:

Update Photos with Graph PowerShell context
Update Photos with Graph PowerShell context

3. Ensure the profile image you wish to upload is the correct size. Microsoft supports profile image sizes of up to 648 x 648. To ensure your image displays in the highest quality, I recommend you use the maximum allowed dimensions. To check the dimensions of your image, right-click the image in your File Explorer and click Properties, then click the Details tab. 

4. Now you are ready to upload your photo, use the Set-MgUserPhotoContent cmdlet and supply the target user’s Username and the target photo’s location on your local device.

Set-MgUserPhotoContent -UserId [email protected] -InFile `
C:\temp\userphoto.png

5. Verify the photo has been successfully uploaded by checking the user from the Microsoft Entra admin center. 

Set-MgUserPhotoContent verification
Set-MgUserPhotoContent verification

Update multiple users photo's

The Set-MgUserPhotoContent cmdlet can also be used with some PowerShell logic to update multiple users’ photos at the same time. The idea behind this is to ensure each user’s photo is named as their first and last name, in larger organisations this would be achieved simplest by having each user supply and rename the photo themselves with some guidance. I have stored some sample user photos on my local machine like below.

User Photos Example
User Photos Example

I also have a CSV list of all of my users, which contains their firstname, lastname, username suffix and location of their image file. For my example below I have removed the domain suffix from the UserName column, but for your data, ensure this is included.

UsersList Example
UsersList Example

Below is a simple baseline script that will import the CSV file containing the user information and loop through each user to set their profile photo in Microsoft 365. There is also some basic error handling to produce a list of users which the script could not update the image for.

$Users = Import-CSV c:\temp\userlist.csv
$failed = [System.Collections.Generic.List[Object]]::new()

ForEach ($user in $users){
    Write-host "Setting user profile for $($user.UserName)"
    Try{
        Set-MgUserPhotoContent -UserId $user.username -InFile $user.photo
    } catch {
        Write-host "Unable to set photo for $($user.UserName)"
         $failed.Add($user.UserName)
    }
}

Write-host "Unable to set profile for for the following users: `n" ($failed -join "`n") -ForegroundColor Yellow

Daniel Bradley

My name is Daniel Bradley and I work with Microsoft 365 and Azure as an Engineer and Consultant. I enjoy writing technical content for you and engaging with the community. All opinions are my own.

Leave a Reply