How to run ISAM on Virtual Box (and how to run it using Vagrant)

The goal of this post is to get IBM Security Access Manager running on Virtual Box ( https://www.virtualbox.org/ ), on my local machine. This will allow me to test the Ansible playbooks I’m preparing locally before committing them onto the Git repository.
As a small addition, I have Vagrant , to quickly set up a new clean instance. Vagrant does not really bring a whole lot of value in this case, because ISAM is a locked down appliance and Vagrant can’t really do a lot.

Download the ISAM 9.0.6 ISO file

Get the ISAM 9.0.6 (or whatever the most recent version is) from Passport Advantage.

Setup Virtual Box

Under File/Preferences/Network , create a new NAT network.
You can just accept the defaults.

Create new Virtual Machine

Create a new virtual machine.

• Configure 2 NIC’s, both configured with the Intel E1000 adapter
  Connect the first NIC to the NAT Network you prepared.
  Connect the second NIC to the Host-Only Network.

• Configure Storage : create a new SCSI controller, with LSI Logic adapter
  Create a new disk, with a size of at least 8 GB (recommended is 100Gb)

• Connect the CD/DVD to the ISO file you downloaded earlier with ISAM on it

• Assign 2048 Mb of memory  

• Disable Audio

Advanced configuration for the Virtual Machine

To run the ISAM appliance on Virtual Box, we need to trick it to think it’s running on VMWare.

Open a command prompt and navigate to the Virtual Box installation folder.
Run the “list vms” command to get a list of your virtual machines.

C:\\Program Files\\Oracle\\VirtualBox>VBoxManage.exe list vms
"isam905" {1c548e84-f7cd-4283-a36a-71843757d1af}

Run the following command to “fake” Vmware. Use the output of the previous command for the vm info. This is the “magic” command that makes everything work:

VBoxManage setextradata "isam905" "VBoxInternal/Devices/pcbios/0/Config/DmiBIOSVendor" "VMware Virtual Platform"

These commands configure port forwarding for initial configuration:

VBoxManage modifyvm "isam905" --natpf1 "guestssh,tcp,,2222,,22"  
VBoxManage modifyvm "isam905" --natpf1 "lmi,tcp,,4443,,443"  

Configure ISAM

Start the vm and configure it.
After initial booting from the dvd and installing the image, you must disconnect the dvd pointing to the iso file.

Then reboot the machine again; and it should boot to the console .

Access the LMI

You can now access the LMI on https://127.0.0.1:4443/core/login

The console is available by ssh on port 2222:

ssh -p 2222 admin@127.0.0.1  

Next steps

I can now use Ansible to configure the ISAM vm, specifically :

• perform first steps , activation etc.
• configure the second interface on the Host Only adapter, so ISAM is accessible on a “normal” address as well (without port forwarding).

Another thing I’m working on, is to use Vagrant to be able to rapidly start up a temporary ISAM appliance .

Sources

• https://www.vagrantup.com/docs/virtualbox/boxes.html
• https://idmdepot.com/How_To/Running_ISIM_or_ISIG_VA_on_VirtualBox.html
• https://www.virtualbox.org/