Set up the initial IBM Security Identity Manager virtual appliance

For the virtual appliance, the appliance setup wizard runs the first time when you connect to the virtual console of an unconfigured virtual appliance.

  1. Provide the following user credentials when the system restarts after ISIM virtual appliance installation:
    • Unconfigured login - admin
    • Password - admin

  2. On ISIM virtual appliance setup wizard screen, press Enter to continue.

  3. Choose one of these options to proceed.

    • Press 1 to choose the language.

    • Press 2 to read the IBM terms.

    • Press 3 to read the non-IBM terms.

    • Press 4 to accept the license terms.

      Software License Agreement Currently selected language: English 1: Select language for license display 2: Read IBM terms 3: Read non-IBM terms 4: Proceeed to acceptance Select option: 4 By choosing 'I agree,' you agree that (1) we have had the opportunity to review the terms of both the IBM and non-IBM licenses presented above and (2) such terms govern this transaction. If we do not agree, choose 'I do not agree'. 1: I agree 2: I do not agree Select option: 1

  4. Select whether or not to enable FIPS 140-2 mode.

      FIPS 140-2 Mode Configuration We must enable FIPS mode in order to comply with FIPS 140-2 and NIST 800131a. If we select to enable FIPS mode, appliance will be rebooted immediately to perform FIPS power-up integrity checks. Do not choose to enable FIPS mode without reading the FIPS section in the user guide. If we choose to enable FIPS mode now, we cannot disable it later without reinstalling the appliance. FIPS 140-2 Mode is not enabled. 1: Enable FIPS 140-2 Mode x: Exit p: Previous screen n: Next screen Select option: 1 FIPS 140-2 Configuration Enable FIPS 140-2 mode? 1: yes 2: no Enter index:

    If you enter 2, the wizard proceeds to step 5. If you enter 1, the wizard asks for your confirmation.

      You have selected to enable FIPS mode. The appliance will now reboot to perform the FIPS integrity checks. When appliance comes back up, you will need to login as admin user to complete the setup. Enter 'YES' to confirm:

    After you enter YES to confirm, FIPS is enabled in the background and the system reboots.

    After you log in, we are again prompted to accept the Software License Agreement (step 3). The wizard then proceeds to step 5.

  5. Change the virtual appliance password. After we change the virtual appliance password, continue to the next screen.

    Set a strong password. It must be at least 8 characters and contain one uppercase and one lowercase character, one numerical character, and one special character. We can try special characters such as !, @, #, or %. The special character cannot be any of the following symbols : <, >, `, &, $, \, ", :, and |. If 10 consecutive unsuccessful login attempts occur in an hour, the account is locked for an hour automatically.

      Appliance Password Password changes are applied immediately. Password has not been modified. 1: Change password x: Exit p: Previous screen Change Password Enter old password: Enter new password: Confirm new password: Password changed successfully. Appliance Password Password changes are applied immediately. Password has been modified. 1: Change password x: Exit p: Previous screen n: Next screen Select option: n

  6. Generate ISIM keystore. After we create ISIM keystore, continue to the next screen.

      ISIM Keystore Keystore changes are applied immediately. Keystore has not been modified. 1: Generate ISIM Keystore x: Exit p: Previous screen Select option: 1 Generate ISIM Keystore Enter keystore password: Confirm keystore password: Keystore successfully generated. ISIM Keystore Keystore changes are applied immediately. Keystore has not been modified. 1: Generate ISIM Keystore x: Exit p: Previous screen n: Next screen Select option: n

  7. Change the host name. Use a registered host name or static IP address to manage the virtual appliance for networking and recording important information for configuring the virtual appliance network.

      Change the Host Name Enter the new host name: isimva.us.example.com Host Name Configuration Host name: isimva.us.example.com 1: Change the host name x: Exit p: Previous screen n: Next screen Select option: n
    The host name is cited in the SSL certificate for the virtual appliance.

  8. Configure network interface M1 with the IP address, subnet mask, and default gateway.

      Management Interface Settings 1: Display device settings 2: Display policy 3: Configure M.1 4: Configure M.2 x: Exit p: Previous screen n: Next screen Select option: 3 Configure M.1 Select an IPv4 configuration mode: 1: Automatic 2: Manual Enter index: 2 Enter the IPv4 address: 192.0.2.21 Enter the IPv4 subnet mask: 255.255.254.0 Enter the IPv4 default gateway: 192.0.2.12 Select an IPv6 configuration mode: 1: Automatic 2: Manual Enter index: 1

  9. Configure the DNS for the virtual appliance. Use only a DNS registered IP address to manage the virtual appliance for configuring the virtual appliance network.

      DNS Configuration No DNS servers configured. 1: Set DNS server 1 2: Set DNS server 2 3: Set DNS server 3 x: Exit p: Previous screen n: Next screen Select option: 1 Set DNS Server 1 Enter the DNS Server IP address: 198.51.100.0 DNS Configuration DNS server 1: 198.51.100.0 1: Set DNS server 1 2: Set DNS server 2 3: Set DNS server 3 x: Exit p: Previous screen n: Next screen Select option: n

  10. Configure the time settings for the virtual appliance. To use this virtual appliance as a member node in the cluster, use the same date and time settings that we used to set up the virtual appliance for the primary node.

      Time Configuration Time configuration changes are applied immediately. Time: 08:28:58 Date: 09/09/2013 Time Zone: Asia/Kolkata 1: Change the time 2: Change the date 3: Change the time zone x: Exit p: Previous screen n: Next screen Select option: n Command cancelled 1: Change the time 2: Change the date 3: Change the time zone x: Exit p: Previous screen n: Next screen Select option: n
  11. Review the summary of configuration details.

  12. Press 1 to accept the configuration.

A message indicates the policy changes are successfully applied and the local management interface is restarted.

Log on to ISIM virtual appliance console.

Parent topic: VMware support