Skip to content

Managing Multi-Host Groups

Multi-host groups enable bulk source creation of infrastructure components and server configuration managed from a centralized location. You can create and manage groups of sources created within the multi-host solution.

After creating a multi-host group, you can view sources and schedule account aggregation groups, and entitlement aggregation groups.

Creating Multi-Host Groups

A multi-host group is a container that holds multi-host sources and their associated account aggregation and entitlement aggregation groups. Multi-host groups can help manage your infrastructure by grouping servers, for example by business functions or geographical location.

Follow the SailPoint Connector Multi-Host documentation for guidance on configuring your specific multi-host group.

Notes

  • A multi-host group can contain a maximum of 250 sources.
  • The import csv file must only contain new source names that do not currently exist in Identity Security Cloud.
  • Any existing sources within the import file will be ignored.

When you have created your multi-host group, you can view your multi-host sources.

Viewing Sources Created in Multi-Host Groups

After you have created a multi-host group, you can view the sources contained within it, as well as manage account aggregation and entitlement aggregation.

  1. Go to Admin > Connections > Multi-Host Sources.

  2. Select a multi-host group to view details about the integration.

  3. Select Edit to view the Source List.

The Source List displays information about each source, including if it has a warning or error status. Select the Actions menu to edit the source configuration or test the connection to the source.

Select the Source Name to view the accounts on the source and to configure account correlation.

Viewing Errors

Select View Logs to view logs of any source creation failures or source deletion failures.

To view aggregation failures, go to Admin > Dashboard > Aggregation Activity.

Deleting, Testing, and Editing Multi-Host Groups

From the Sources List, you can test the connection to all sources or delete all sources in a multi-host group. You can also edit the multi-host group configuration.

Select Delete to delete the multi-host group and all associated sources. Source deletion failures can be viewed within the multi-host logs.

Caution

Deleting a multi-host group will permanently delete the multi-host group and all of is associated sources, account aggregation, and entitlement aggregation groups. This action cannot be undone.

Select Test Connection to test the connection to all sources within the multi-host group. Refresh the page to see the updated status.

Select Edit to edit the base configuration and integration settings that were configured when the multi-host group was created.

Managing Multi-Host Account Aggregation Groups

Account aggregation is the process of loading account data into Identity Security Cloud from external sources. Account aggregation groups enable centralized management of account aggregation for multiple sources.

An account aggregation group can contain a maximum of 10 sources. During the source creation process, the required number of account aggregation groups are automatically created and sources are automatically distributed between groups.

Note

Manual creation of account aggregation groups and manual allocation of sources within the groups is not supported.

You can schedule or manually start account aggregations.

Scheduling Aggregations for Multi-Host Account Aggregation Groups

You can schedule aggregation to automatically load new account data for all sources within the group on a regular basis from the Account Aggregation tab.

  1. Go to Admin > Connections > Multi-Host Sources and select a multi-host group.

  2. Select Edit and choose the Account Aggregation tab.

  3. You can enable aggregation scheduling and set the frequency, time, and recurrence. Refer to Scheduling Aggregations for Direct Connect Sources for guidance.

  4. (Optional) Select the Disable Account Deletion checkbox to ensure no accounts are deleted.

    Alternatively, you can set the percentage of allowed deleted accounts per aggregation in the Account Delete Threshold section. Choose a percentage from the dropdown list or enter the percentage of accounts in the threshold field. The "%" sign is automatically added. Select Save to save your changes.

    Note

    The percentage must be an integer between 1 and 100. If the deletions exceed this value, no accounts will be deleted. SailPoint recommends using this option to avoid removing user data in the event of a misconfiguration.

    Account Deletion Limitations
    • If a source has 10 or fewer accounts, setting this value to 4 percent or less will result in the number being rounded to 1 percent to prevent all accounts from being deleted.
    • If a source has 11 - 20 accounts, setting this value to 2 percent or less will will result in the number being rounded to 1 percent to prevent all accounts from being deleted.
  5. Select Save to schedule the source aggregation.

Manually Aggregating Multi-Host Account Aggregation Groups

You can manually aggregate account data for sources within an account aggregation group from the Account Aggregation tab.

  1. Go to Admin > Connections > Multi-Host Sources and select a multi-host group.

  2. Select Edit and choose the Account Aggregation tab.

  3. (Optional) Select the Disable Account Deletion checkbox to ensure no accounts are deleted.

    Alternatively, you can set the percentage of allowed deleted accounts per aggregation in the Account Delete Threshold section. Choose a percentage from the dropdown list or enter the percentage of accounts in the threshold field. The "%" sign is automatically added. Select Save to save your changes.

    Note

    The percentage must be an integer between 1 and 100. If the deletions exceed this value, no accounts will be deleted. SailPoint recommends using this option to avoid removing user data in the event of a misconfiguration.

    Account Deletion Limitations
    • If a source has 10 or fewer accounts, setting this value to 4 percent or less will result in the number being rounded to 1 percent to prevent all accounts from being deleted.
    • If a source has 11 - 20 accounts, setting this value to 2 percent or less will will result in the number being rounded to 1 percent to prevent all accounts from being deleted.
  4. Select Manual Aggregation to start the account aggregation process.

Managing Multi-Host Entitlement Aggregation Groups

Entitlement aggregation is the process of loading entitlement data into Identity Security Cloud from external sources. Entitlement aggregation groups enable centralized management of entitlement aggregation for multiple sources.

An entitlement aggregation group can contain a maximum of 10 sources. During the source creation process, the required number of entitlement aggregation groups are automatically created and sources are automatically distributed between groups.

Note

Manual creation of entitlement aggregation groups and manual allocation of sources within the groups is not supported.

You can schedule or manually start entitlement aggregations.

Scheduling Aggregations for Multi-Host Entitlement Aggregation Groups

You can schedule aggregation to automatically load new entitlement data for all sources within the group on a regular basis from the Entitlement Aggregation tab.

  1. Go to Admin > Connections > Multi-Host Sources and select a multi-host group.

  2. Select Edit and choose the Entitlement Aggregation tab.

  3. You can enable aggregation scheduling and set the frequency, time, and recurrence. Refer to Scheduling Recurring Aggregations for guidance.

Notes

  • To maintain peak aggregation performance, the first source within the group will start aggregation, followed after a short delay by the next source, until all sources have started aggregation.
  • If aggregation fails for a specific source within the aggregation group, the process will move on to the next source and continue the aggregation process.

Manually Aggregating Multi-Host Entitlement Aggregation Groups

You can manually aggregate entitlement data for sources within an entitlement aggregation group from the Entitlement Aggregation tab.

  1. Go to Admin > Connections > Multi-Host Sources and select a multi-host group.

  2. Select Edit and choose the Entitlement Aggregation tab.

  3. Select Manual Aggregation to start the entitlement aggregation process.

Documentation Feedback

Feedback is provided as an informational resource only and does not form part of SailPoint’s official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.