Data flows between Active Directory and the Identity Vault by using the Publisher and Subscriber channels.
The Publisher channel does the following:
Reads events from Active Directory for the domain hosted on the server that the driver shim is connecting to.
Submits that information to the Identity Vault.
The Subscriber channel does the following:
Watches for additions and modifications to the Identity Vault objects.
Makes changes to Active Directory that reflect those changes.
You can configure the driver so that both Active Directory and the Identity Vault are allowed to update a specific attribute. In this configuration, the most recent change determines the attribute value, except for merge operations that are controlled by the filters and merge authority.
NOTE:A single transaction can handle multiple events. When any one of the event fails, the driver fails to execute all the subsequent events in the transaction.