diff --git a/CUST/NYBU/saml/default.asp b/CUST/NYBU/saml/default.asp
new file mode 100644
index 0000000000..a26468d602
--- /dev/null
+++ b/CUST/NYBU/saml/default.asp
@@ -0,0 +1,56 @@
+<%@ language = "JavaScript" %>
+<% /*
+    $Revision$
+    $Id$
+    File:        cust/nybu/saml/default.asp
+    Description: Single Sign On script
+    Parameters:
+    Context:
+    Note:
+*/ %>
+<%
+    Response.Expires=-1;
+    Session("customerId") = "NYBU";
+    ANONYMOUS_Allowed = 1;
+%>
+<!-- #include file="../../../appl/Shared/common.inc" -->
+<!-- #include file="../../../appl/shared/login.inc" -->
+<%
+//    for (i=1; i <= Request.ServerVariables.Count; i++)
+//    {
+//        __DoLog(Request.ServerVariables.key(i) + ": " + Request.ServerVariables(i));
+//    }
+
+    var uname = String(Request.ServerVariables("HTTP_EPPN"));
+//    __DoLog("uname: " + uname);
+    Response.Write("SAML user detected as: " + uname);
+    var sql = "SELECT prs_perslid_oslogin"
+            + "  FROM prs_perslid pp"
+            + "     , prs_kenmerklink pkl"
+            + " WHERE pp.prs_perslid_key = pkl.prs_link_key"
+            + "   AND pkl.prs_kenmerklink_niveau = 'P'"
+            + "   AND pkl.prs_kenmerk_key = 1000" // IID
+            + "   AND pkl.prs_kenmerklink_waarde = " + safe.quoted_sql(uname)
+    var oRs = Oracle.Execute(sql);
+    if (!oRs.Eof)
+    {
+        uname = oRs("prs_perslid_oslogin").Value;
+       __Log("IID vertaald naar: " + uname);
+    }
+
+    var newUrl = rooturl + "/";
+    var sso_qs = String(Request.ServerVariables("QUERY_STRING"));
+    if (sso_qs)
+        newUrl += "?" + sso_qs;
+
+    if (tryLogin(uname, null))
+    {
+        //Response.Write("Hoera: je bent user: " + user_key);
+        Response.Redirect(newUrl);
+    }
+    else
+    {   // Automatisch naar het inlogscherm
+        __DoLog("SAML login not found in Facilitor: " + uname);
+        Response.Redirect(newUrl);
+    }
+%>
\ No newline at end of file