The error "Invalid time in the Assertion sent by IdP. Ensure time synchronization between NetScaler and Idp" occurs for Security Assertion Markup Language (SAML) authentication through a NetScaler Gateway.

NetScaler Gateway is configured to use the SAML authentication. After the SAML redirects the users back to the NetScaler Gateway, the preceding error message is displayed on the page.
Note: IdP stand sfor Identity Provider.

1. Verify that the same date and timezone is set on the SAML server and the NetScaler.

   1. To verify the date on the NetScaler, run the date command from the NetScaler shell:
      root@mike# date
      Wed Mar 20 00:34:00 UTC 2013

   2. To set the date, run the following command in the following format:
      date yymmdayhrmin
      date 201403201100

2. Set the correct timezone and perform the following task. This will set the timezeone to EDT. To see a list of other timezones, see the cd /usr/share/zoneinfo:
   cp /usr/share/zoneinfo/America/New_York /etc/localtime

3. After setting the date and timezone, run the date command to ensure that the date and timezone display appropriately as the following example. After the date is verified, test your SAML authentication:
   date
   Wed Mar 20 00:41:08 EDT 2013