How to install IBM Security Identity Manager 7 Virtual Appliance

VBoxManage setextradata "SDS" "VBoxInternal/Devices/pcbios/0/Config/DmiBIOSVendor" "VMware Virtual Platform"

Minimum 2 GB system memory
Disk space: 40GB free hard disk space (20GB is used for active partition and 20GB for backup partition)

VBoxManage setextradata "SDS" "VBoxInternal/Devices/pcbios/0/Config/DmiBIOSVendor" "VMware Virtual Platform"

Enable COM port
Mount ISO and install
IBM Security Identity Manager v7.0.1.6 virtual appliance Multil (CNK1QML) - SIM_7016_VA_ML.iso

Boot, it will copy the contents, reboot and configure the appliance to something like this

(packaged as a vagrant vm - with shell at all)

IBM SIM 7 with DB2 10.1, TDS 6.3.1, TDI 7.1.1

Installing the Data Layer

Installing DB 10.1

Make sure the path to the install does not contain spaces
sudo ./db2_install
yes to the default directory
pick ESE
no to the pureScale feature

Install db2 fixpack

(per http://www-01.ibm.com/support/knowledgecenter/SSEPGG_10.1.0/com.ibm.db2.luw.qb.server.doc/doc/t0024956.html?cp=SSEPGG_10.1.0)
(from http://www-01.ibm.com/support/knowledgecenter/SSEPGG_10.1.0/com.ibm.db2.luw.qb.server.doc/doc/t0006352.html?cp=SSEPGG_10.1.0%2F2-0-8)
Link to db2 fp 5
sudo ./installFixPack -b /opt/ibm/db2/V10.1

check the fp install by running
/usr/loca/bin/db2ls

Install TDS 6.3.1

You need graphical environment as root, the easiest way to get it is to
ssh -X root@localhost
/media/DirectoryV6.3.1/launchpad.sh
Click start install, when install manager comes up
On the features page UNSELECT DB2, then select SERVER (server is unselected by unselecting db2)
On the next page make sure "continue with the existing db2 - 10.1.0.5" is picked

Install TDS fixpack

(Install reference - http://www-01.ibm.com/support/knowledgecenter/SSVJJU_6.3.1.5/com.ibm.IBMDS.doc_6.3.1.5/t_ig_fixpack_installing_native.html)
Latest fp is here - http://www-01.ibm.com/support/docview.wss?uid=swg21496581#v631, all SDS FPs are here http://www-01.ibm.com/support/docview.wss?uid=swg27009778)
from the fixpack folder:
sudo ./idsinstall -u -f
enter '1' (agree)
verify
rpm -qa | grep idsldap

Install TDI 7.1.1 on the data box

(install reference - http://www-01.ibm.com/support/knowledgecenter/SSCQGF_7.1.1/com.ibm.IBMDI.doc_7.1.1/adminguide11.htm%23wq20?lang=en)
keep in mind that TDI is installed on the ISIM box already with FP4 and RMI dispatcher installed.
Latest fixpacks and links - http://www.tdi-users.org/twiki/bin/view/Integrator/WebHome)
./linux_x86_64/install_tdiv711_linux_x86_64.bin
Select custom install - unselect embedded web and AMC, select CE updated params
Select install a service tdi, everything else is default

Update Java for TDI

unzip java fp

cd /opt/IBM/TDI/V7.1.1/v jre/ jre.orig
cp -R /media/sf_Shared_Folder/java6.0-16.7/ibm-java-x86_64-60/jre .
chmod -R 755 jre (yes, really, that's how IBM asks it to be configured)

Install FP for TDI

in /opt/IBM/TDI/V7.1.1/maintenance
mv UpdateInstaller.jar UpdateInstaller.jar.orig
copy the one from the fixpack

chmod it to 755
ldap2:/opt/IBM/TDI/V7.1.1/bin # ./applyUpdates.sh -update  /media/sf_Shared_Folder/tdi7.1.1fp5/TDI-7.1.1-FP0005.zip

Install RMI

ITDI_HOME/jvm/jre/bin/java -jar DispatcherInstall.jar -i silent
or
ITDI_HOME/jvm/jre/bin/java -jar DispatcherInstall.jar -i silent -DUSER_INSTALL_DIR="/opt/IBM/TDI/V7.1" -DUSER_SELECTED_SOLDIR="/opt/IBM/TDI/V7.1/timsol" -DUSER_INPUT_RMI_PORTNUMBER=1099 -DUSER_INPUT_WS_PORTNUMBER=8081

Create DB2 database for ISIM

ISIM 7.0 doc for DB2 setup - https://www-01.ibm.com/support/knowledgecenter/SSRMWJ_7.0.0/com.ibm.isim.doc_7.0/installing/cpt/cpt_ic_ins_db_db2_manual.htm?lang=en

Configure db2 and ldap

use middleware configuration utility:
./cfg_itim_mw_xLinux
select both
fill in passwords, set seed as "seedseedseed"
leave everything else default:
dbname: itimdb
db admin id: db2admin
db user id: itimuser
ldap user id: itimldap
diretory server dbname: ldapdb2

after the config has completed run netstat -ant and record the db2 instance port

Configuring ISIM 7 VA

login to https://itimip:
create application interface
configure mail server (from sim7@data2.local)
configure db - use the previously recorded port, change database name to itimdb (to get port run db2 get dbm cfg as db2admin and look for the SVCENAME attribute)
configure ldap - e.g. "IDSake" idsake

Configuration after everything is working

Set db2 to start on boot

su - db2admin (not itimldap - db2 for ldap is started automatically by slapd)
db2iauto -on db2admin

Re-add the startup for the fault monitor

to remove from inittab and init.d and systemd (for RHEL)
sudo db2fmcu -d
re-add to inittab and init.d and systemd
sudo db2fmcu -u -p /opt/ibm/db2/V10.1/bin/db2fmcd

Turn on the fault monitor for this instance
db2fm -f on

Validate that it's configured
db2fm -s -S
should show

Gcf module 'fault monitor' state is AVAILABLE
Gcf module '/opt/ibm/db2/V10.1/lib64/libdb2gcf.so' state is AVAILABLE

Set LDAP to start on boot:
sudo vi /etc/inittab
add at the end
ids1:2345:once:/opt/ibm/ldap/V6.3.1/sbin/64/ibmslapd -I itimldap > /dev/null 2>&1

Reboot

Troubleshooting

idmdepot.com:Troubleshooting:DB2 Fixes

Notes

Running ISIM or ISIG VA on VirtualBox