How to Block Users from Updating Their Photo in Teams

Also, Microsoft Updates Teams to Allow Organizers to End Meetings

Some interesting responses to customer requests have appeared on Teams User Voice recently. Apart from the first acknowledgement that Teams will add extra participants to the video view for meetings, now confirmed to be a 3 x 3 view with an expanded view coming, the Teams developers have moved to close off two irritations.

Block Teams Users from Changing Their Account Picture

First, they’re bringing back the feature that existed in Skype for Business Online where the SetPhotoEnabled setting in the Exchange Online OWA Mailbox policy assigned to accounts controls whether users can change the avatar (picture) in Teams settings (Figure 1).

Where to change an account picture in Teams settings
Figure 1: Where to change an account picture in Teams settings

Although it might not seem a big thing to stop users updating their photos, changing the user picture in Teams creates a ripple effect as the picture is updated for all Office 365 apps.

Updating and Assigning a OWA Mailbox Policy to Block Photo Upload

According to Office 365 notification MC209349, this change will roll out in mid-April. When the update is available in a tenant, if you want to block users from updating their picture, you’ll have to change the value for the SetPhotoEnabled setting to False in existing OWA mailbox policies. Alternatively, you can create a new OWA mailbox policy, update it with the setting, and assign it to selected mailboxes. Here’s how to update a policy and assign it to a mailbox:

Set-OWAMailboxPolicy -Identity "OWAMailboxPolicy-Default" -SetPhotoEnabled $False
Set-CASMailbox -Identity Kim.Akers -OwaMailboxPolicy OWAMailboxPolicy-Default

When the new policy is in place, users won’t be able to update their photo anywhere in Office 365 (for instance, in the Personal Info page).

Guest User Photos

Guest users don’t get to change their picture. However, administrators can do this by uploading pictures to guest user accounts. You can even use PowerShell to assign a default picture to all guests in a tenant.

Organizers Can End Teams Meetings

Teams meetings last until the last user has left the meeting (if the meeting is recorded, the recording lasts a maximum of four hours). I often forget to stop meetings that I organize and only realize the fact when I switch tenants (this automatically terminates calls).

Microsoft has recently satisfied the user request to allow organizers to terminate meetings. The request is:

People should not have to manually leave meetings in order for them to end. We have had several people forget to manually leave meetings, and the channel continues to show that a meeting is in progress when in fact it has ended.

On April 9, Microsoft announced that the ability for organizers to terminate meetings was being distributed to tenants. Organizers should see the End meeting option in the meeting menu now (Figure 2).

Ending a Teams meeting
Figure 2: Ending a Teams meeting

Lots of changes are happening in Teams right now. Stay up to date with important developments by subscribing to the Office 365 for IT Pros eBook.

13 Replies to “How to Block Users from Updating Their Photo in Teams”

  1. In the Office 365 notification, they also mention changes to the global Teams policies. I am happy with the way they are set right now. E.g. I allow anonymous people to start the meeting and allow everyone to bypass the lobby.

    If I understand this correctly, this policy will be changed and I have to check daily if that update has been applied to my tenant and revert it. Or is there a way to block the change or some other option?

    If that info is in the book, please feel free to point me there, I must have missed it 🙂

    1. The information isn’t in the book… I’m not sure how Microsoft will handle the policy update. I believe they’ll leave a policy that has non-default values alone because a tenant has made a decision to change the policy (like you). At least, I hope they will…

    2. I asked… and Microsoft confirmed that the policy update will not apply if you have made changes to the meetings global policy.

  2. Any idea if this update has pushed to the GCC High Tenant? I’m having the same issue. I tested setting the policy which works for OWA but I can still go into teams and change the photo and it then populates to owa and everywhere else.

  3. So I have done this in a test environment because a client is requesting that this be stopped. I set the value to false and assigned it to my profile. When going into Teams from the fat client I am still able to update my profile picture. Is there something I missed or will this only apply if the users are using the web client?

    1. Nevermind. Took time to propagate apparently. Ok. Next question. Does this policy need to be assigned by user or can it be assigned by group?

      1. Do you mean an OWA mailbox policy? If so, it’s easy to assign this by group in PowerShell. Set up a group, retrieve its membership, and run Set-CASMailbox to assign the policy to each mailbox.

    1. The OWA mailbox policy controls the user ability to update photos, so you could create a DL of users you want to allow/block and then assign a relevant OWA mailbox policy to the members of the DL.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.