We have an Exchange hybrid organisation where all users are migrated to Exchange online. I have been using a script to update user photos in the local AD but because of the limitations with Azure AD Connect, I'd like to script the upload of photos to Exchange Online.
Since basic authentication isn't going to be supported for much longer I'd like to use modern authentication using the Exchange Online PowerShell V2 module that supports MFA and app-only authentication.
I have followed the guide on Docs on how to register an App in Azure AD and to be sure that there isn't a rights issue I have given the App the role of Global Administrator.
But I get an error message when trying to set the user photo.
These are the commands I use (sensitive data replaced with xxx):
Connect-ExchangeOnline -CertificateThumbPrint “xxxxxx” -AppID “xxx-xxx-xxx-xxx-xxxx” -Organization “myorg.onmicrosoft.com” -ConnectionUri https://outlook.office365.com/powershell-liveid/?proxyMethod=RPS
Set-UserPhoto -Identity hanstest -PictureData ([System.IO.File]::ReadAllBytes("C:\Install\be2.jpg")) -Confirm:$false
Which results in the following response:
Error on proxy command 'Set-UserPhoto -Identity:'hanstest' -PictureData:'255','216' ... ,'217' -Confirm:$False' to server AM6PR05MB5523.eurprd05.prod.outlook.com: Server version 15.20.337
0.0000, Proxy method RPS:
Connecting to remote server am6pr05mb5523.eurprd05.prod.outlook.com failed with the following error message : ば鸣˅ For more information, see the about
_Remote_Troubleshooting Help topic. [Server=DB8PR05MB6745,RequestId=311495a1-a0c5-4e8e-ba54-b8e539667afb,TimeStamp=2020-09-17 10:08:53] .
+ CategoryInfo : NotSpecified: (:) [Set-UserPhoto], CmdletProxyException
+ FullyQualifiedErrorId : [Server=DB8PR05MB6745,RequestId=311495a1-a0c5-4e8e-ba54-b8e539667afb,TimeStamp=2020-09-17 10:08:53] [FailureCategory=C
mdlet-CmdletProxyException] B833102,Microsoft.Exchange.Management.RecipientTasks.SetUserPhoto
+ PSComputerName : outlook.office365.com
To confirm that there's nothing wrong with the actual photo and command syntax I have tried with basic authentication and that works. Here are the commands I use for that:
$Credential = Get-Credential
$ExSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/?proxyMethod=RPS -Credential $Credential -Authentication Basic -AllowRedirection
Import-PSSession $ExSession
Set-UserPhoto -Identity hanstest -PictureData ([System.IO.File]::ReadAllBytes("C:\Install\be2.jpg")) -Confirm:$false
Assistance on how to make it work with the EXO V2 module would be most welcome. Thanks.