Loading a Windows 7 User Tile using the picture in Active Directory

The Explanation

Back in 2010 as Microsoft was putting the finishing touches on Office 2010, the Microsoft Exchange team mentioned that it was going to possible to show pictures in Outlook 2010. They also talked about how these pictures could be loaded directly into Active Directory and Outlook would be able to pull them from the directory. It didn’t take me long to make the required schema change on our network at work and load a few pictures in for testing. Once I updated our system to support Windows 2008 domain controllers, the display of pictures in the beta version of Outlook started working perfectly.

Even before I got the picture display to work in Outlook, I started wondering if it would be possible to make Windows 7 automatically load those pictures for its User Tile (I actually even asked the question on the blog post by the MS Exchange Team). It seemed that this wasn’t possible. Supposedly the fact that this was desired was passed on to the Windows team, but even after Windows 7 SP1 came out there didn’t seem to be any official support for this feature. And as far as I can tell, none is forthcoming.

The other day, I happened across a post by a guy named Joco where he detailed an undocumented API in Windows 7 that sets the User Tile. He also included some sample C# code that you can execute with command line arguments for the username and the picture location. However, I want to load the pictures directly from AD and I’ve done most of my “programming” in Visual Basic, not C#. So, I took his sample code, translated the API declaration to VB and added some code to retrieve the picture from Active Directory.

The Executable File

For simplicity, I’m providing an executable file already compiled against .Net 3.5 (which comes with Windows 7). This executable is signed by a CA Cert code signing certificate. If you do not have their root certificates installed, Windows will tell you that it’s an invalid signature.

To use this file, it can be simply be run by the user. You can launch this automatically as part of a login script (which is how I use it). The logic script application I use also allows me to hide any output so the DOS box never gets seen by our users.

Note: The icon used in this executable is licensed under the CC Attribution-Noncommercial-Share Alike 3.0 license. I’m open to using a different icon if I can find one a little more representative of what the program is doing.

Source code and some basic directions for using it can be found after the break.

The VB.net Code

This code was written using the free Visual Basic 2010 Express. Once you have that installed, you can create a new Console Application named “setUserTile”.

From the “Project” menu, select “Add Reference…”

And add a reference to both “System.DirectoryServices” and “System.DirectoryServices.AccountManagement”.

NOTE: You may also wish to change the version of .Net for this application to 3.5, which is the version that ships with Windows 7. If you leave it at 4.0 (the default for VB.Net 2010) the application will only be able to run on systems that have installed v4.0 of the .Net framework.

Module setUserTile
    ' Undocumented API learned from http://joco.name/2010/12/06/i-discovered-the-new-windows-user-tile-api/
    <system .Runtime.InteropServices.DllImport("shell32.dll", EntryPoint:="#262", CharSet:=Runtime.InteropServices.CharSet.Unicode, PreserveSig:=False)> _
    Private Sub SetUserTile(ByVal strUserName As String, ByVal intWhatever As Integer, ByVal strPicPath As String)
        ' This is just to fool WordPress which thinks it's being helpful </system>
    End Sub
    Sub Main()
        Dim strUser As String
        Dim currentADUser As System.DirectoryServices.AccountManagement.UserPrincipal
        Dim de As System.DirectoryServices.DirectoryEntry
        Dim b() As Byte
        Dim strTempFile As String
        Dim stream As System.IO.FileStream
            ' The WindowsIdenty object can retrieve the current username (with domain), but not the AD Object
            ' The "AccountManagement" object can retrieve the current user, but not the thumbnailPhoto
            ' The "DirectoryEntry" object can retrieve the thumbnailPhoto, but not the current user
            ' So we use all three objects...
            '     The WindowsIdentity object to pass the full domain\username string to our API
            '     And the "AccountManagement" object to tell the "DirectoryEntry" object which user to get the photo for
            strUser = System.Security.Principal.WindowsIdentity.GetCurrent().Name
            currentADUser = System.DirectoryServices.AccountManagement.UserPrincipal.Current
            de = New System.DirectoryServices.DirectoryEntry("LDAP://" + currentADUser.DistinguishedName)
            b = de.Properties("thumbnailPhoto").Value
            If b IsNot Nothing Then
                ' We've got a picture... save it to %TEMP% ...
                strTempFile = System.IO.Path.GetTempFileName
                stream = New System.IO.FileStream(strTempFile, System.IO.FileMode.Create)
                stream.Write(b, 0, b.Length)
                ' ... call our API ...
                SetUserTile(strUser, 0, strTempFile)
                ' ... and delete the temporary file.
            End If
        Catch ex As Exception
            ' Fail silently
        End Try
    End Sub
End Module

Creative Commons LicensesetUserTile in VB.Net by Jacob Steenhagen is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.
Based on a work at joco.name.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.