When connecting to or logging into Verastream Host Integrator (VHI), you may see the following error:
 Token current time is outside of validity range.
This error message typically occurs with one of the following events:
- When security is enabled on the Session Server, and your client application is attempting to connect.
- In version 6.6 or earlier, when security is enabled, and you are logging into Administrative WebStation.
- In version 6.6 or earlier, when security is enabled on the load balancing domain, and your client application is attempting to connect via domain.
Check the time and time zone configuration of your systems. On Linux/UNIX systems, set the system clock by running the date command as the superuser (root user). To avoid recurring problems due to clock drift, use NTP or time protocol to regularly synchronize system clocks.
In version 6.6 or earlier, clocks on the systems running Session Server and AADS services should be less than 3 seconds apart, to ensure authentication can complete within 5 seconds.
Beginning in version 7.0, clocks on the systems running Session Server and Management Server services should be less than 5 minutes apart. In addition to the token duration of 5 seconds, there is a configurable token grace period which defaults to 300 seconds (5 minutes). The tokenGracePeriod property can be adjusted by editing the ManagementServer/services/vhi/META-INF/service-ctx.xml file. Changes take effect after restarting the Management Server service. For information on manually restarting the service, see KB 7021352.