Data flows between SharePoint and the Identity Vault by using the Publisher and Subscriber channels.
The Publisher channel does the following:
Watches for changes to SharePoint users and groups.
Synchronizes SharePoint user and group changes with the Identity Vault.
The Subscriber channel does the following:
Watches for changes to the Identity Vault users and groups.
Synchronizes Identity Vault user and groups changes with SharePoint.
HINT:Run the get-spuser powershell command to verify if the user is added to SharePoint. For example, the get-spuser -Web <http://sharepoint server> command returns all users and the get-spuser "SHAREPOINT\johndoe" -Web http://sharepoint server | Format-List command returns all attributes.
You can configure the driver so that Identity Vault is allowed to update a specific attribute. In this configuration, the most recent change determines the attribute value, except in the case of merge operations that are controlled by the filters and merge authority.