diff --git a/Cargo.toml b/Cargo.toml
index 0a78bbf..e1cc199 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -40,7 +40,7 @@ tracing-subscriber = "^0.3.17"
 tracing = "^0.1.37"
 himmelblau_unix_common = { path = "src/common" }
 kanidm_unix_common = { path = "src/glue" }
-libhimmelblau = { version = "0.5.0" }
+libhimmelblau = { version = "0.5.1" }
 clap = { version = "^4.5", features = ["derive", "env"] }
 clap_complete = "^4.4.1"
 reqwest = { version = "^0.12.2", features = ["json"] }
diff --git a/src/common/src/idprovider/himmelblau.rs b/src/common/src/idprovider/himmelblau.rs
index 87fa030..7564f8e 100644
--- a/src/common/src/idprovider/himmelblau.rs
+++ b/src/common/src/idprovider/himmelblau.rs
@@ -37,6 +37,7 @@ use kanidm_hsm_crypto::{LoadableIdentityKey, LoadableMsOapxbcRsaKey, PinValue, S
 use reqwest;
 use serde::{Deserialize, Serialize};
 use std::collections::HashMap;
+use std::fs::File;
 use std::sync::Arc;
 use std::thread::sleep;
 use std::time::Duration;
@@ -1528,6 +1529,14 @@ impl HimmelblauProvider {
                         vec![]
                     }
                 };
+                // Set the profile picture
+                if let Ok(file) = File::create(format!("/var/lib/AccountsService/icons/{}", spn)) {
+                    // Ignore failures, since this isn't critical
+                    let _ = self
+                        .graph
+                        .fetch_user_profile_photo(access_token, file)
+                        .await;
+                }
             }
             None => {
                 debug!("Failed fetching user groups for {}", &spn);