Hello colleagues

Please bear with me since I am new to NetIQ / SSO / SAML.
I did a lot of reading and searching and I feel a little bit comfortable
setting a federated authenication using SAML 2.0
My environment is NetIQ Access Manager installed on SUSE (SLES) 11, and
LDAP for authentication

I set up a new vendor as SP in our IdP by exchanging the SAML metadata,
assigning the attributes, and importing their root cert into the trust

When I tested the SP's SAML login page, I get the following error on
their page:

Details: CSOD and client timestamp are not matching. (CSOD is the SP)
Information : SAML Response is not well formed. Missing SAML 2.0
attribute 'NotOnOrAfter'.

The vendor is asking me to add SAML 2.0 attribute 'NotOnOrAfter'. and to
skew the timestamp.

I read documentation and searched the forum and I have no idea how to
add the attribute to our SAML metadata in our IdP and no idea how to
skew the timestamp.

Any idea or assistance are greatly appreciated.

Thank you

hrquibi's Profile: https://forums.netiq.com/member.php?userid=11669
View this thread: https://forums.netiq.com/showthread.php?t=55647