Adaxes

Disable changing photo

0 votes

In the SelfService portable users are able to edit some settings, but I don't want them to change their photo. They may view them only, how to accomplish this? I've searched through a lot off settings but was not able to find this one...

With regards,

Remco

by (780 points)

1 Answer

0 votes
by (216k points)

Hello Remco,

The permission to update certain properties of the users' own accounts is granted by the built in Security Role called User Self-Service. By default, it is assigned to Self and includes All objects in the Assignment Scope, which means that the permissions granted by the Role are granted to all users and apply to the users' own accounts.

The Allow Write Personal Information permission granted by the Role includes the permission to update the Picture property. To disallow users to change their own photos, you can add a permission to the User Self-Service Role that denies the right to update the Picture property. Since 'Deny' permissions always override 'Allow' permissions, users will no longer be able to update their own pictures. To do this:

  1. Launch Adaxes Administration Console.
  2. Expand the service node that represents your Adaxes service.
  3. Navigate to Configuration \ Security Roles \ Builtin.
  4. Select the User Self-Service Role.
  5. Right-click in the Result Pane (located to the right) and click Add.
  6. Select the User object type.
  7. In the Property-specific permissions section, select the Write 'Picture' property permission in the Deny column.
  8. Click OK and save the Security Role.

Related questions

0 votes
1 answer
is there a way to update the user photo in O365?

I'm looking at this onliner Set-AdmUser -Identity $DN -Replace @{AADPHoto = $photoBytes} -AdaxesService localhost -Server. I get an illegal operation error. Wondering what I ... the photo in AD and Azure at the same time to avoid waiting for synchronization.

asked Jan 30 by mightycabal (1.0k points)
0 votes
1 answer
Base64 decode and put in photo attribute

Hello, I am able to pull photo's of our employees from our HR solution into our active directory. However the HR api only provides a base64 encoded string. This string then ... work, if you have any better solutions or see any problems. Please let me know.

asked Feb 23, 2022 by vlg (40 points)
0 votes
1 answer
Import user photo error

Hello, When running the supplied script for importing a user photo into AD we encounter the following error: Exception calling "SetInfo" with "0" argument(s): "A ... /www.adaxes.com/script-repository/import-user-photo-s244.htm Thank you for your assistance!

asked Oct 26, 2020 by sgordon213 (110 points)
0 votes
1 answer
Send Higher resolution photo to Office 365 with upload from Adaxes web

By default when you upload a user photo to Adaxes, it converts it to less than 100kb for Active Directory, that photo is synced to Azure AD, and once and only ... older script that could grab the photo before the compression to 100kb, ideally after cropping?

asked Jun 16, 2020 by ethanthekiwi (30 points)
0 votes
1 answer
Outlook Photo

Dear Support, I want to upload files to the Exchange Server. We don't have Office 365. Command: Set-UserPhoto Nuno Mota -PictureData ([System.IO.File]::ReadAllBytes( D ... the Upload for Office 365, do you have ideas for this case? Thank you Regards Massimo

asked Jan 19, 2018 by massimo.ibba (450 points)
3,355 questions
3,054 answers
7,799 comments
545,154 users