From 6e75aeb09189a4c679e6787d260e9514e87885c9 Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Tue, 25 Jan 2022 19:49:04 +0530
Subject: [PATCH 001/123] sheshachary-5714481

---
 windows/client-management/manage-corporate-devices.md       | 6 ------
 ...age-windows-10-in-your-organization-modern-management.md | 2 +-
 windows/client-management/mdm/alljoynmanagement-csp.md      | 2 +-
 .../mdm/azure-active-directory-integration-with-mdm.md      | 3 ++-
 .../mdm/change-history-for-mdm-documentation.md             | 2 +-
 windows/client-management/mdm/enterprise-app-management.md  | 2 +-
 .../mdm/mdm-enrollment-of-windows-devices.md                | 2 +-
 .../mdm/new-in-windows-mdm-enrollment-management.md         | 2 +-
 windows/client-management/mdm/oma-dm-protocol-support.md    | 4 ++--
 windows/client-management/mdm/passportforwork-csp.md        | 2 +-
 10 files changed, 11 insertions(+), 16 deletions(-)

diff --git a/windows/client-management/manage-corporate-devices.md b/windows/client-management/manage-corporate-devices.md
index f953bdeb3d..fb532ca4b1 100644
--- a/windows/client-management/manage-corporate-devices.md
+++ b/windows/client-management/manage-corporate-devices.md
@@ -49,14 +49,8 @@ You can use the same management tools to manage all device types running Windows
 
 [Azure AD Join on Windows 10 (and Windows 11) devices](https://go.microsoft.com/fwlink/p/?LinkId=616791)
 
-[Azure AD support for Windows 10 (and Windows 11)](https://go.microsoft.com/fwlink/p/?LinkID=615765)
-
 [Windows 10 (and Windows 11) and Azure Active Directory: Embracing the Cloud](https://go.microsoft.com/fwlink/p/?LinkId=615768)
 
-[How to manage Windows 10 (and Windows 11) devices using Intune](https://go.microsoft.com/fwlink/p/?LinkId=613620)
-
-[Using Intune alone and with Configuration Manager](https://go.microsoft.com/fwlink/p/?LinkId=613207)
-
 Microsoft Virtual Academy course: [System Center 2012 R2 Configuration Manager & Windows Intune](/learn/)
 
 
diff --git a/windows/client-management/manage-windows-10-in-your-organization-modern-management.md b/windows/client-management/manage-windows-10-in-your-organization-modern-management.md
index 0e9dd8a789..55882ecb16 100644
--- a/windows/client-management/manage-windows-10-in-your-organization-modern-management.md
+++ b/windows/client-management/manage-windows-10-in-your-organization-modern-management.md
@@ -135,6 +135,6 @@ There are a variety of steps you can take to begin the process of modernizing de
 
 ## Related topics
 
--   [What is Intune?](//mem/intune/fundamentals/what-is-intune)
+-   [What is Intune?](/mem/intune/fundamentals/what-is-intune)
 -   [Windows 10 Policy CSP](./mdm/policy-configuration-service-provider.md)
 -   [Windows 10 Configuration service Providers](./mdm/configuration-service-provider-reference.md)
diff --git a/windows/client-management/mdm/alljoynmanagement-csp.md b/windows/client-management/mdm/alljoynmanagement-csp.md
index 26bcc2dda6..b2a25f79cf 100644
--- a/windows/client-management/mdm/alljoynmanagement-csp.md
+++ b/windows/client-management/mdm/alljoynmanagement-csp.md
@@ -24,7 +24,7 @@ This CSP was added in Windows 10, version 1511.
 
  
 
-For the firewall settings, note that PublicProfile and PrivateProfile are mutually exclusive. The Private Profile must be set on the directly on the device itself, and the only supported operation is Get. For PublicProfile, both Add and Get are supported. This CSP is intended to be used in conjunction with the AllJoyn Device System Bridge, and an understanding of the bridge will help when determining when and how to use this CSP. For more information, see [Device System Bridge (DSB) Project](https://go.microsoft.com/fwlink/p/?LinkId=615876) and [AllJoyn Device System Bridge](https://go.microsoft.com/fwlink/p/?LinkId=615877).
+For the firewall settings, note that PublicProfile and PrivateProfile are mutually exclusive. The Private Profile must be set on the directly on the device itself, and the only supported operation is Get. For PublicProfile, both Add and Get are supported. This CSP is intended to be used in conjunction with the AllJoyn Device System Bridge, and an understanding of the bridge will help when determining when and how to use this CSP. For more information, see [AllJoyn – Wikipedia](https://wikipedia.org/wiki/AllJoyn).
 
 The following shows the AllJoynManagement configuration service provider in tree format
 
diff --git a/windows/client-management/mdm/azure-active-directory-integration-with-mdm.md b/windows/client-management/mdm/azure-active-directory-integration-with-mdm.md
index 634025c4b9..e1c7c75a0f 100644
--- a/windows/client-management/mdm/azure-active-directory-integration-with-mdm.md
+++ b/windows/client-management/mdm/azure-active-directory-integration-with-mdm.md
@@ -379,9 +379,10 @@ Additional claims may be present in the Azure AD token, such as:
 
 Access tokens issued by Azure AD are JSON web tokens (JWTs). A valid JWT token is presented by Windows at the MDM enrollment endpoint to start the enrollment process. There are a couple of options to evaluate the tokens:
 
--   Use the JWT Token Handler extension for WIF to validate the contents of the access token and extract claims required for use. For more information, see [JSON Web Token Handler](/previous-versions/dotnet/framework/security/json-web-token-handler).
+-   Use the JWT Token Handler extension for WIF to validate the contents of the access token and extract claims required for use. For more information, see [JwtSecurityTokenHandler Class](/dotnet/api/system.identitymodel.tokens.jwt.jwtsecuritytokenhandler).
 -   Refer to the Azure AD authentication code samples to get a sample for working with access tokens. For an example, see [NativeClient-DotNet](https://go.microsoft.com/fwlink/p/?LinkId=613667).
 
+
 ## Device Alert 1224 for Azure AD user token
 
 An alert is sent when the DM session starts and there's an Azure AD user logged in. The alert is sent in OMA DM pkg\#1. Here's an example:
diff --git a/windows/client-management/mdm/change-history-for-mdm-documentation.md b/windows/client-management/mdm/change-history-for-mdm-documentation.md
index 089b3868fd..7c7a59ddea 100644
--- a/windows/client-management/mdm/change-history-for-mdm-documentation.md
+++ b/windows/client-management/mdm/change-history-for-mdm-documentation.md
@@ -225,7 +225,7 @@ This article lists new and updated articles for the Mobile Device Management (MD
 |New or updated article|Description|
 |--- |--- |
 |[WindowsDefenderApplicationGuard CSP](windowsdefenderapplicationguard-csp.md)|Added the following node in Windows 10, version 1803:<li>Settings/AllowVirtualGPU<li>Settings/SaveFilesToHost|
-|[NetworkProxy CSP](\networkproxy--csp.md)|Added the following node in Windows 10, version 1803:<li>ProxySettingsPerUser|
+|[NetworkProxy CSP](networkproxy-csp.md)|Added the following node in Windows 10, version 1803:<li>ProxySettingsPerUser|
 |[Accounts CSP](accounts-csp.md)|Added a new CSP in Windows 10, version 1803.|
 |[MDM Migration Analysis Tool (MMAT)](https://aka.ms/mmat)|Updated version available. MMAT is a tool you can use to determine which Group Policies are set on a target user/computer and cross-reference them against the list of supported MDM policies.|
 |[CSP DDF files download](configuration-service-provider-reference.md#csp-ddf-files-download)|Added the DDF download of Windows 10, version 1803 configuration service providers.|
diff --git a/windows/client-management/mdm/enterprise-app-management.md b/windows/client-management/mdm/enterprise-app-management.md
index 9397684167..ddd6fe4dd5 100644
--- a/windows/client-management/mdm/enterprise-app-management.md
+++ b/windows/client-management/mdm/enterprise-app-management.md
@@ -400,7 +400,7 @@ If you purchased an app from the Store for Business and the app is specified for
 
 Here are the requirements for this scenario:
 
-- The location of the app can be a local files system (C:\\StagedApps\\app1.appx), a UNC path (\\\\server\\share\\app1.apx), or an HTTPS location (https://contoso.com/app1.appx\_
+- The location of the app can be a local files system (C:\\StagedApps\\app1.appx), a UNC path (\\\\server\\share\\app1.apx), or an HTTPS location (`https://contoso.com/app1.appx`).
 - The user must have permission to access the content location. For HTTPs, you can use server authentication or certificate authentication using a certificate associated with the enrollment. HTTP locations are supported, but not recommended because of lack of authentication requirements.
 - The device doesn't need to have connectivity to the Microsoft Store, store services, or have the Microsoft Store UI be enabled.
 - The user must be logged in, but association with Azure AD identity isn't required.
diff --git a/windows/client-management/mdm/mdm-enrollment-of-windows-devices.md b/windows/client-management/mdm/mdm-enrollment-of-windows-devices.md
index e475077509..96508d3fa6 100644
--- a/windows/client-management/mdm/mdm-enrollment-of-windows-devices.md
+++ b/windows/client-management/mdm/mdm-enrollment-of-windows-devices.md
@@ -291,7 +291,7 @@ The deep link used for connecting your device to work will always use the follow
 > [!NOTE]
 > Deep links only work with Internet Explorer or Microsoft Edge browsers. When connecting to MDM using a deep link, the URI you should use is:
 > **ms-device-enrollment:?mode=mdm** 
-> **ms-device-enrollment:?mode=mdm&username=someone@example.com&servername=<https://example.server.com>**
+> **ms-device-enrollment:?mode=mdm&username=someone@example.com&servername=<`https://example.server.com`>**
 
 To connect your devices to MDM using deep links:
 
diff --git a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md
index a982810497..305070c1af 100644
--- a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md
+++ b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md
@@ -270,7 +270,7 @@ The DM agent for [push-button reset](/windows-hardware/manufacture/desktop/push-
 No. Only one MDM is allowed.
 
 ### How do I set the maximum number of Azure Active Directory joined devices per user?
-1.  Login to the portal as tenant admin: https://manage.windowsazure.com.
+1.  Login to the portal as tenant admin: https://portal.azure.com.
 2.  Click Active Directory on the left pane.
 3.  Choose your tenant.
 4.  Click **Configure**.
diff --git a/windows/client-management/mdm/oma-dm-protocol-support.md b/windows/client-management/mdm/oma-dm-protocol-support.md
index 8249c0eca9..1fdbc0a4dd 100644
--- a/windows/client-management/mdm/oma-dm-protocol-support.md
+++ b/windows/client-management/mdm/oma-dm-protocol-support.md
@@ -29,8 +29,8 @@ The following table shows the OMA DM standards that Windows uses.
 |OMA DM standard objects|DevInfo<li>DevDetail<li>OMA DM DMS account objects (OMA DM version 1.2)|
 |Security|<li>Authenticate DM server initiation notification SMS message (not used by enterprise management)<li>Application layer Basic and MD5 client authentication<li>Authenticate server with MD5 credential at application level<li>Data integrity and authentication with HMAC at application level<li>SSL level certificate-based client/server authentication, encryption, and data integrity check|
 |Nodes|In the OMA DM tree, the following rules apply for the node name:<br/><li>"." can be part of the node name.<li>The node name cannot be empty.<li>The node name cannot be only the asterisk (*) character.|
-|Provisioning Files|Provisioning XML must be well formed and follow the definition in SyncML Representation Protocol](https://go.microsoft.com/fwlink/p/?LinkId=526905).<br/><br/>If an XML element that is not a valid OMA DM command is under SyncBody, the status code 400 is returned for that element.<div class="alert">**Note**<br>To represent a Unicode string as a URI, first encode the string as UTF-8. Then encode each of the UTF-8 bytes using URI encoding.</div>|
-|WBXML support|Windows supports sending and receiving SyncML in both XML format and encoded WBXML format. This is configurable by using the DEFAULTENCODING node under the w7 APPLICATION characteristic during enrollment. For more information about WBXML encoding, see section 8 of the [SyncML Representation Protocol](https://go.microsoft.com/fwlink/p/?LinkId=526905) specification.|
+|Provisioning Files|Provisioning XML must be well formed and follow the definition in [SyncML Representation Protocol](https://www.openmobilealliance.org/release/Common/V1_2_2-20090724-A/OMA-TS-SyncML-RepPro-V1_2_2-20090724-A.pdf).<br/><br/>If an XML element that is not a valid OMA DM command is under SyncBody, the status code 400 is returned for that element.<div class="alert">**Note**<br>To represent a Unicode string as a URI, first encode the string as UTF-8. Then encode each of the UTF-8 bytes using URI encoding.</div>|
+|WBXML support|Windows supports sending and receiving SyncML in both XML format and encoded WBXML format. This is configurable by using the DEFAULTENCODING node under the w7 APPLICATION characteristic during enrollment. For more information about WBXML encoding, see section 8 of the [SyncML Representation Protocol](https://www.openmobilealliance.org/release/Common/V1_2_2-20090724-A/OMA-TS-SyncML-RepPro-V1_2_2-20090724-A.pdf) specification.|
 |Handling of large objects|In Windows 10, version 1511, client support for uploading large objects to the server was added.|
 
 
diff --git a/windows/client-management/mdm/passportforwork-csp.md b/windows/client-management/mdm/passportforwork-csp.md
index 68bd28dd1e..5506461678 100644
--- a/windows/client-management/mdm/passportforwork-csp.md
+++ b/windows/client-management/mdm/passportforwork-csp.md
@@ -88,7 +88,7 @@ PassportForWork
 Root node for PassportForWork configuration service provider.
 
 <a href="" id="tenantid"></a>***TenantId***  
-A globally unique identifier (GUID), without curly braces ( { , } ), that is used as part of Windows Hello for Business provisioning and management. To get a GUID, use the PowerShell cmdlet [Get-AzureAccount](/powershell/module/servicemanagement/azure/get-azureaccount). For more information see [Get Windows Azure Active Directory Tenant ID in Windows PowerShell](https://devblogs.microsoft.com/scripting/get-windows-azure-active-directory-tenant-id-in-windows-powershell).
+A globally unique identifier (GUID), without curly braces ( { , } ), that is used as part of Windows Hello for Business provisioning and management. To get a GUID, use the PowerShell cmdlet [Get-AzureAccount](/powershell/module/servicemanagement/azure.service/get-azureaccount). For more information see [Get Windows Azure Active Directory Tenant ID in Windows PowerShell](https://devblogs.microsoft.com/scripting/get-windows-azure-active-directory-tenant-id-in-windows-powershell).
 
 <a href="" id="tenantid-policies"></a>***TenantId*/Policies**  
 Node for defining the Windows Hello for Business policy settings.

From 533cf1d70244bc853ba3fe6e368c5ef678034bc5 Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Tue, 1 Feb 2022 18:05:13 +0530
Subject: [PATCH 002/123] Updated the changes for the broken links

---
 .../enterprise-mode-schema-version-1-guidance.md                | 2 +-
 .../enterprise-mode-schema-version-2-guidance.md                | 2 +-
 windows/client-management/mdm/alljoynmanagement-csp.md          | 2 +-
 .../client-management/mdm/policies-in-policy-csp-admx-backed.md | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
index 8ee8fbf055..b3d946c53c 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
@@ -35,7 +35,7 @@ If you don't want to use the Enterprise Mode Site List Manager, you also have th
 The following is an example of the Enterprise Mode schema v.1. This schema can run on devices running Windows 7 and Windows 8.1.
 
 > [!IMPORTANT]
-> Make sure that you don't specify a protocol when adding your URLs. Using a URL like `<domain>contoso.com</domain>` automatically applies to both http://contoso.com and https://contoso.com.
+> Make sure that you don't specify a protocol when adding your URLs. Using a URL like `<domain>contoso.com</domain>` automatically applies to both `http://contoso.com` and `https://contoso.com`.
 
 ```xml
 <rules version="1">
diff --git a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md
index 825646b237..d35dd497b1 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md
@@ -109,7 +109,7 @@ The &lt;url&gt; attribute, as part of the &lt;site&gt; element in the v.2 versio
 
 |Attribute|Description|Supported browser|
 |---------|---------|---------|
-|allow-redirect|A boolean attribute of the &lt;open-in&gt; element that controls the behavior for redirected sites. Setting this attribute to "true" indicates that the site will open in IE11 or Microsoft Edge even if the site is navigated to as part of a HTTP or meta refresh redirection chain. Omitting the attribute is equivalent to "false" (sites in redirect chain will not open in another browser).<br>**Example**<pre class="syntax">&lt;site url="contoso.com/travel"&gt;<br>  &lt;open-in allow-redirect="true"&gt;IE11 &lt;/open-in&gt;<br>&lt;/site&gt;</pre> In this example, if [https://contoso.com/travel](https://contoso.com/travel) is encountered in a redirect chain in Microsoft Edge, it will be opened in Internet Explorer. <li>| Internet Explorer 11 and Microsoft Edge|
+|allow-redirect|A boolean attribute of the &lt;open-in&gt; element that controls the behavior for redirected sites. Setting this attribute to "true" indicates that the site will open in IE11 or Microsoft Edge even if the site is navigated to as part of a HTTP or meta refresh redirection chain. Omitting the attribute is equivalent to "false" (sites in redirect chain will not open in another browser).<br>**Example**<pre class="syntax">&lt;site url="contoso.com/travel"&gt;<br>  &lt;open-in allow-redirect="true"&gt;IE11 &lt;/open-in&gt;<br>&lt;/site&gt;</pre> In this example, if `https://contoso.com/travel` is encountered in a redirect chain in Microsoft Edge, it will be opened in Internet Explorer. <li>| Internet Explorer 11 and Microsoft Edge|
 |version     |Specifies the version of the Enterprise Mode Site List. This attribute is supported for the &lt;site-list&gt; element.   | Internet Explorer 11 and Microsoft Edge|
 |url|Specifies the URL (and port number using standard port conventions) to which the child elements apply. The URL can be a domain, sub-domain, or any path URL.<br> **Note**<br> Make sure that you don't specify a protocol. Using &lt;site url="contoso.com"&gt;  applies to both [https://contoso.com](https://contoso.com) and [https://contoso.com](https://contoso.com). <br> **Example**<pre class="syntax">&lt;site url="contoso.com:8080"&gt;<br>   &lt;compat-mode&gt;IE8Enterprise&lt;/compat-mode&gt; <br> &lt;open-in&gt;IE11&lt;/open-in&gt;<br>&lt;/site&gt;</pre>In this example, going to [https://contoso.com:8080](https://contoso.com:8080) using Microsoft Edge, causes the site to open in IE11 and load in IE8 Enterprise Mode. | Internet Explorer 11 and Microsoft Edge|
 
diff --git a/windows/client-management/mdm/alljoynmanagement-csp.md b/windows/client-management/mdm/alljoynmanagement-csp.md
index b2a25f79cf..6e986105de 100644
--- a/windows/client-management/mdm/alljoynmanagement-csp.md
+++ b/windows/client-management/mdm/alljoynmanagement-csp.md
@@ -24,7 +24,7 @@ This CSP was added in Windows 10, version 1511.
 
  
 
-For the firewall settings, note that PublicProfile and PrivateProfile are mutually exclusive. The Private Profile must be set on the directly on the device itself, and the only supported operation is Get. For PublicProfile, both Add and Get are supported. This CSP is intended to be used in conjunction with the AllJoyn Device System Bridge, and an understanding of the bridge will help when determining when and how to use this CSP. For more information, see [AllJoyn – Wikipedia](https://wikipedia.org/wiki/AllJoyn).
+For the firewall settings, note that PublicProfile and PrivateProfile are mutually exclusive. The Private Profile must be set on the directly on the device itself, and the only supported operation is Get. For PublicProfile, both Add and Get are supported. This CSP is intended to be used in conjunction with the AllJoyn Device System Bridge, and an understanding of the bridge will help when determining when and how to use this CSP. For more information, see [Device System Bridge (DSB)](https://wikipedia.org/wiki/AllJoyn). For more information, see [AllJoyn Device System Bridge](https://wikipedia.org/wiki/AllJoyn).
 
 The following shows the AllJoynManagement configuration service provider in tree format
 
diff --git a/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md b/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md
index 40aa9ba5d3..cb1c4ed088 100644
--- a/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md
@@ -980,7 +980,7 @@ ms.date: 10/08/2020
 - [ADMX_sdiageng/ScriptedDiagnosticsExecutionPolicy](./policy-csp-admx-sdiageng.md#admx-sdiageng-scripteddiagnosticsexecutionpolicy)
 - [ADMX_sdiageng/ScriptedDiagnosticsSecurityPolicy](./policy-csp-admx-sdiageng.md#admx-sdiageng-scripteddiagnosticssecuritypolicy)
 - [ADMX_sdiagschd/ScheduledDiagnosticsExecutionPolicy](./policy-csp-admx-sdiagschd.md#admx-sdiagschd-scheduleddiagnosticsexecutionpolicy)
-- [ADMX_Securitycenter/SecurityCenter_SecurityCenterInDomain](/policy-csp-admx-securitycenter.md#admx-securitycenter-securitycenter-securitycenterindomain)
+- [ADMX_Securitycenter/SecurityCenter_SecurityCenterInDomain](./policy-csp-admx-securitycenter.md#admx-securitycenter-securitycenter-securitycenterindomain)
 - [ADMX_Sensors/DisableLocationScripting_1](./policy-csp-admx-sensors.md#admx-sensors-disablelocationscripting-1)
 - [ADMX_Sensors/DisableLocationScripting_2](./policy-csp-admx-sensors.md#admx-sensors-disablelocationscripting-2)
 - [ADMX_Sensors/DisableLocation_1](./policy-csp-admx-sensors.md#admx-sensors-disablelocation-1)

From 50793c318e0848d68e47041591ac0abbe23ea02d Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Tue, 1 Feb 2022 18:41:20 +0530
Subject: [PATCH 003/123] updated the changes

---
 .../mdm/new-in-windows-mdm-enrollment-management.md           | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md
index 305070c1af..ca53db2988 100644
--- a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md
+++ b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md
@@ -33,9 +33,9 @@ For details about Microsoft mobile device management protocols for Windows 10 a
 
 ## Breaking changes and known issues
 
-### Get command inside an atomic command is not supported
+### Get command inside an atomic command isn’t supported
 
-In Windows 10 and Windows 11, a Get command inside an atomic command is not supported. 
+In Windows 10 and Windows 11, a Get command inside an atomic command isn't supported. 
 
 ### Apps installed using WMI classes are not removed
 

From 4f66822a2f59db87b26aee9de0de419c618d4dc2 Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Tue, 1 Feb 2022 18:53:33 +0530
Subject: [PATCH 004/123] updated the changes

---
 .../client-management/mdm/oma-dm-protocol-support.md   | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/windows/client-management/mdm/oma-dm-protocol-support.md b/windows/client-management/mdm/oma-dm-protocol-support.md
index 1fdbc0a4dd..5195faa1a4 100644
--- a/windows/client-management/mdm/oma-dm-protocol-support.md
+++ b/windows/client-management/mdm/oma-dm-protocol-support.md
@@ -25,11 +25,11 @@ The following table shows the OMA DM standards that Windows uses.
 |--- |--- |
 |Data transport and session|<li>Client-initiated remote HTTPS DM session over SSL.<li>Remote HTTPS DM session over SSL.<li>Remote DM server initiation notification using WAP Push over Short Message Service (SMS). Not used by enterprise management.<li>Remote bootstrap by using WAP Push over SMS. Not used by enterprise management.|
 |Bootstrap XML|OMA Client Provisioning XML.|
-|DM protocol commands|The following list shows the commands that are used by the device. For more information about the OMA DM command elements, see "[OMA website](https://www.openmobilealliance.org/release/DM/V1_1_2-20031209-A/)" available from the OMA website.<br/><li>Add (Implicit Add supported)<li>Alert (DM alert): Generic alert (1226) is used by enterprise management client when the user triggers an MDM unenrollment action from the device or when a CSP finishes some asynchronous actions. Device alert (1224) is used to notify the server some device triggered event.<li>Atomic: Performing an Add command followed by Replace on the same node within an atomic element is not supported. Nested Atomic and Get commands are not allowed and will generate error code 500.<li>Delete: Removes a node from the DM tree, and the entire subtree beneath that node if one exists<li>Exec: Invokes an executable on the client device<li>Get: Retrieves data from the client device; for interior nodes, the child node names in the Data element are returned in URI-encoded format<li>Replace: Overwrites data on the client device<li>Result: Returns the data results of a Get command to the DM server<li>Sequence: Specifies the order in which a group of commands must be processed<li>Status: Indicates the completion status (success or failure) of an operation<br/><br/>If an XML element that is not a valid OMA DM command is under one of the following elements, the status code 400 is returned for that element:<br/><li>SyncBody<li>Atomic<li>Sequence<br><br/>If no CmdID is provided in the DM command, the client returns blank in the status element and the status code 400.<br/><br/>If Atomic elements are nested, the following status codes are returned:<br/><li>The nested Atomic command returns 500.<li>The parent Atomic command returns 507.<br/><br/>For more information about the Atomic command, see OMA DM protocol common elements.<br>Performing an Add command followed by Replace on the same node within an Atomic element is not supported.<br><br/>LocURI cannot start with `/`.<br/><br/>Meta XML tag in SyncHdr is ignored by the device.|
+|DM protocol commands|The following list shows the commands that are used by the device. For more information about the OMA DM command elements, see "[OMA website](https://www.openmobilealliance.org/release/DM/V1_1_2-20031209-A/)" available from the OMA website.<br/><li>Add (Implicit Add supported)<li>Alert (DM alert): Generic alert (1226) is used by enterprise management client when the user triggers an MDM unenrollment action from the device or when a CSP finishes some asynchronous actions. Device alert (1224) is used to notify the server some device triggered event.<li>Atomic: Performing an Add command followed by Replace on the same node within an atomic element isn't supported. Nested Atomic and Get commands aren't allowed and will generate error code 500.<li>Delete: Removes a node from the DM tree, and the entire subtree beneath that node if one exists<li>Exec: Invokes an executable on the client device<li>Get: Retrieves data from the client device; for interior nodes, the child node names in the Data element are returned in URI-encoded format<li>Replace: Overwrites data on the client device<li>Result: Returns the data results of a Get command to the DM server<li>Sequence: Specifies the order in which a group of commands must be processed<li>Status: Indicates the completion status (success or failure) of an operation<br/><br/>If an XML element that isn't a valid OMA DM command is under one of the following elements, the status code 400 is returned for that element:<br/><li>SyncBody<li>Atomic<li>Sequence<br><br/>If no CmdID is provided in the DM command, the client returns blank in the status element and the status code 400.<br/><br/>If Atomic elements are nested, the following status codes are returned:<br/><li>The nested Atomic command returns 500.<li>The parent Atomic command returns 507.<br/><br/>For more information about the Atomic command, see OMA DM protocol common elements.<br>Performing an Add command followed by Replace on the same node within an Atomic element isn't supported.<br><br/>LocURI can't start with `/`.<br/><br/>Meta XML tag in SyncHdr is ignored by the device.|
 |OMA DM standard objects|DevInfo<li>DevDetail<li>OMA DM DMS account objects (OMA DM version 1.2)|
 |Security|<li>Authenticate DM server initiation notification SMS message (not used by enterprise management)<li>Application layer Basic and MD5 client authentication<li>Authenticate server with MD5 credential at application level<li>Data integrity and authentication with HMAC at application level<li>SSL level certificate-based client/server authentication, encryption, and data integrity check|
 |Nodes|In the OMA DM tree, the following rules apply for the node name:<br/><li>"." can be part of the node name.<li>The node name cannot be empty.<li>The node name cannot be only the asterisk (*) character.|
-|Provisioning Files|Provisioning XML must be well formed and follow the definition in [SyncML Representation Protocol](https://www.openmobilealliance.org/release/Common/V1_2_2-20090724-A/OMA-TS-SyncML-RepPro-V1_2_2-20090724-A.pdf).<br/><br/>If an XML element that is not a valid OMA DM command is under SyncBody, the status code 400 is returned for that element.<div class="alert">**Note**<br>To represent a Unicode string as a URI, first encode the string as UTF-8. Then encode each of the UTF-8 bytes using URI encoding.</div>|
+|Provisioning Files|Provisioning XML must be well formed and follow the definition in [SyncML Representation Protocol](https://www.openmobilealliance.org/release/Common/V1_2_2-20090724-A/OMA-TS-SyncML-RepPro-V1_2_2-20090724-A.pdf).<br/><br/>If an XML element that isn't a valid OMA DM command is under SyncBody, the status code 400 is returned for that element.<div class="alert">**Note**<br>To represent a Unicode string as a URI, first encode the string as UTF-8. Then encode each of the UTF-8 bytes using URI encoding.</div>|
 |WBXML support|Windows supports sending and receiving SyncML in both XML format and encoded WBXML format. This is configurable by using the DEFAULTENCODING node under the w7 APPLICATION characteristic during enrollment. For more information about WBXML encoding, see section 8 of the [SyncML Representation Protocol](https://www.openmobilealliance.org/release/Common/V1_2_2-20090724-A/OMA-TS-SyncML-RepPro-V1_2_2-20090724-A.pdf) specification.|
 |Handling of large objects|In Windows 10, version 1511, client support for uploading large objects to the server was added.|
 
@@ -52,7 +52,7 @@ Common elements are used by other OMA DM element types. The following table list
 |MsgID|Specifies a unique identifier for an OMA DM session message.|
 |MsgRef|Specifies the ID of the corresponding request message. This element takes the value of the request message MsgID element.|
 |RespURI|Specifies the URI that the recipient must use when sending a response to this message.|
-|SessionID|Specifies the identifier of the OMA DM session associated with the containing message.<div class="alert">**Note**<br>  If the server does not notify the device that it supports a new version (through SyncApplicationVersion node in the DMClient CSP), the client returns the SessionID in integer in decimal format. If the server supports DM session sync version 2.0, which is used in Windows 10, the device client returns 2 bytes.</div>|
+|SessionID|Specifies the identifier of the OMA DM session associated with the containing message.<div class="alert">**Note**<br>  If the server doesn't notify the device that it supports a new version (through SyncApplicationVersion node in the DMClient CSP), the client returns the SessionID in integer in decimal format. If the server supports DM session sync version 2.0, which is used in Windows 10, the device client returns 2 bytes.</div>|
 |Source|Specifies the message source address.|
 |SourceRef|Specifies the source of the corresponding request message. This element takes the value of the request message Source element and is returned in the Status or Results element.|
 |Target|Specifies the address of the node, in the DM Tree, that is the target of the OMA DM command.|
@@ -125,7 +125,7 @@ Below is an alert example:
 </Alert>
 ```
 
-The server notifies the device whether it is a user targeted or device targeted configuration by a prefix to the management node’s LocURL, with ./user for user targeted configuration, or ./device for device targeted configuration. By default, if no prefix with ./device or ./user, it is device targeted configuration.
+The server notifies the device whether it's a user targeted or device targeted configuration by a prefix to the management node’s LocURL, with ./user for user targeted configuration, or ./device for device targeted configuration. By default, if no prefix with ./device or ./user, it's device targeted configuration.
 
 The following LocURL shows a per user CSP node configuration: **./user/vendor/MSFT/EnterpriseModernAppManagement/AppInstallation/&lt;PackageFamilyName&gt;/StoreInstall**
 
@@ -135,7 +135,7 @@ The following LocURL shows a per device CSP node configuration: **./device/vendo
 <a href="" id="syncml-response-codes"></a>
 ## SyncML response status codes
 
-When using SyncML in OMA DM, there are standard response status codes that are returned. The following table lists the common SyncML response status codes you are likely to see. For more information about SyncML response status codes, see section 10 of the [SyncML Representation Protocol](https://openmobilealliance.org/release/Common/V1_2_2-20090724-A/OMA-TS-SyncML-RepPro-V1_2_2-20090724-A.pdf) specification.
+When using SyncML in OMA DM, there are standard response status codes that are returned. The following table lists the common SyncML response status codes you're likely to see. For more information about SyncML response status codes, see section 10 of the [SyncML Representation Protocol](https://openmobilealliance.org/release/Common/V1_2_2-20090724-A/OMA-TS-SyncML-RepPro-V1_2_2-20090724-A.pdf) specification.
 
 | Status code | Description |
 |---|----|

From a7014ba160a6c67f8bc329960a9e2ff41e7a3ef8 Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Wed, 2 Feb 2022 12:01:13 +0530
Subject: [PATCH 005/123] updated the changes

---
 windows/client-management/mdm/oma-dm-protocol-support.md | 6 +++---
 windows/client-management/mdm/passportforwork-csp.md     | 6 +++---
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/windows/client-management/mdm/oma-dm-protocol-support.md b/windows/client-management/mdm/oma-dm-protocol-support.md
index 5195faa1a4..0533507105 100644
--- a/windows/client-management/mdm/oma-dm-protocol-support.md
+++ b/windows/client-management/mdm/oma-dm-protocol-support.md
@@ -28,7 +28,7 @@ The following table shows the OMA DM standards that Windows uses.
 |DM protocol commands|The following list shows the commands that are used by the device. For more information about the OMA DM command elements, see "[OMA website](https://www.openmobilealliance.org/release/DM/V1_1_2-20031209-A/)" available from the OMA website.<br/><li>Add (Implicit Add supported)<li>Alert (DM alert): Generic alert (1226) is used by enterprise management client when the user triggers an MDM unenrollment action from the device or when a CSP finishes some asynchronous actions. Device alert (1224) is used to notify the server some device triggered event.<li>Atomic: Performing an Add command followed by Replace on the same node within an atomic element isn't supported. Nested Atomic and Get commands aren't allowed and will generate error code 500.<li>Delete: Removes a node from the DM tree, and the entire subtree beneath that node if one exists<li>Exec: Invokes an executable on the client device<li>Get: Retrieves data from the client device; for interior nodes, the child node names in the Data element are returned in URI-encoded format<li>Replace: Overwrites data on the client device<li>Result: Returns the data results of a Get command to the DM server<li>Sequence: Specifies the order in which a group of commands must be processed<li>Status: Indicates the completion status (success or failure) of an operation<br/><br/>If an XML element that isn't a valid OMA DM command is under one of the following elements, the status code 400 is returned for that element:<br/><li>SyncBody<li>Atomic<li>Sequence<br><br/>If no CmdID is provided in the DM command, the client returns blank in the status element and the status code 400.<br/><br/>If Atomic elements are nested, the following status codes are returned:<br/><li>The nested Atomic command returns 500.<li>The parent Atomic command returns 507.<br/><br/>For more information about the Atomic command, see OMA DM protocol common elements.<br>Performing an Add command followed by Replace on the same node within an Atomic element isn't supported.<br><br/>LocURI can't start with `/`.<br/><br/>Meta XML tag in SyncHdr is ignored by the device.|
 |OMA DM standard objects|DevInfo<li>DevDetail<li>OMA DM DMS account objects (OMA DM version 1.2)|
 |Security|<li>Authenticate DM server initiation notification SMS message (not used by enterprise management)<li>Application layer Basic and MD5 client authentication<li>Authenticate server with MD5 credential at application level<li>Data integrity and authentication with HMAC at application level<li>SSL level certificate-based client/server authentication, encryption, and data integrity check|
-|Nodes|In the OMA DM tree, the following rules apply for the node name:<br/><li>"." can be part of the node name.<li>The node name cannot be empty.<li>The node name cannot be only the asterisk (*) character.|
+|Nodes|In the OMA DM tree, the following rules apply for the node name:<br/><li>"." can be part of the node name.<li>The node name can't be empty.<li>The node name can’t be only the asterisk (*) character.|
 |Provisioning Files|Provisioning XML must be well formed and follow the definition in [SyncML Representation Protocol](https://www.openmobilealliance.org/release/Common/V1_2_2-20090724-A/OMA-TS-SyncML-RepPro-V1_2_2-20090724-A.pdf).<br/><br/>If an XML element that isn't a valid OMA DM command is under SyncBody, the status code 400 is returned for that element.<div class="alert">**Note**<br>To represent a Unicode string as a URI, first encode the string as UTF-8. Then encode each of the UTF-8 bytes using URI encoding.</div>|
 |WBXML support|Windows supports sending and receiving SyncML in both XML format and encoded WBXML format. This is configurable by using the DEFAULTENCODING node under the w7 APPLICATION characteristic during enrollment. For more information about WBXML encoding, see section 8 of the [SyncML Representation Protocol](https://www.openmobilealliance.org/release/Common/V1_2_2-20090724-A/OMA-TS-SyncML-RepPro-V1_2_2-20090724-A.pdf) specification.|
 |Handling of large objects|In Windows 10, version 1511, client support for uploading large objects to the server was added.|
@@ -106,7 +106,7 @@ For CSPs and policies that support per user configuration, the MDM server can se
 The data part of this alert could be one of following strings:
 
 -   User – the user that enrolled the device is actively logged in. The MDM server could send user-specific configuration for CSPs/policies that support per user configuration
--   Others – another user login but that user does not have an MDM account. The server can only apply device-wide configuration, for example, configuration applies to all users in the device.
+-   Others – another user login but that user doesn't have an MDM account. The server can only apply device-wide configuration, for example, configuration applies to all users in the device.
 -   None – no active user login. The server can only apply device-wide configuration and available configuration is restricted to the device environment (no active user login).
 
 Below is an alert example:
@@ -141,7 +141,7 @@ When using SyncML in OMA DM, there are standard response status codes that are r
 |---|----|
 | 200         | The SyncML command completed successfully.  |
 | 202         | Accepted for processing. This is usually an asynchronous operation, such as a request to run a remote execution of an application.  |
-| 212         | Authentication accepted. Normally you'll only see this in response to the SyncHdr element (used for authentication in the OMA-DM standard). You may see this if you look at OMA DM logs, but CSPs do not typically generate this. |
+| 212         | Authentication accepted. Normally you'll only see this in response to the SyncHdr element (used for authentication in the OMA-DM standard). You may see this if you look at OMA DM logs, but CSPs don't typically generate this. |
 | 214         | Operation canceled. The SyncML command completed successfully, but no more commands will be processed within the session. |
 | 215         | Not executed. A command was not executed as a result of user interaction to cancel the command.  |
 | 216         | `Atomic` roll back OK. A command was inside an `Atomic` element and `Atomic` failed. This command was rolled back successfully.  |
diff --git a/windows/client-management/mdm/passportforwork-csp.md b/windows/client-management/mdm/passportforwork-csp.md
index 5506461678..4155f26107 100644
--- a/windows/client-management/mdm/passportforwork-csp.md
+++ b/windows/client-management/mdm/passportforwork-csp.md
@@ -88,7 +88,7 @@ PassportForWork
 Root node for PassportForWork configuration service provider.
 
 <a href="" id="tenantid"></a>***TenantId***  
-A globally unique identifier (GUID), without curly braces ( { , } ), that is used as part of Windows Hello for Business provisioning and management. To get a GUID, use the PowerShell cmdlet [Get-AzureAccount](/powershell/module/servicemanagement/azure.service/get-azureaccount). For more information see [Get Windows Azure Active Directory Tenant ID in Windows PowerShell](https://devblogs.microsoft.com/scripting/get-windows-azure-active-directory-tenant-id-in-windows-powershell).
+A globally unique identifier (GUID), without curly braces ( { , } ), that is used as part of Windows Hello for Business provisioning and management. To get a GUID, use the PowerShell cmdlet [Get-AzureAccount](/powershell/module/servicemanagement/azure.service/get-azureaccount). For more information, see [Get Windows Azure Active Directory Tenant ID in Windows PowerShell](https://devblogs.microsoft.com/scripting/get-windows-azure-active-directory-tenant-id-in-windows-powershell).
 
 <a href="" id="tenantid-policies"></a>***TenantId*/Policies**  
 Node for defining the Windows Hello for Business policy settings.
@@ -103,7 +103,7 @@ Supported operations are Add, Get, Delete, and Replace.
 <a href="" id="tenantid-policies-requiresecuritydevice"></a>***TenantId*/Policies/RequireSecurityDevice**  
 Boolean value that requires a Trusted Platform Module (TPM) for Windows Hello for Business. TPM provides an additional security benefit over software so that data stored in it cannot be used on other devices.
 
-Default value is false. If you set this policy to true, only devices with a usable TPM can provision Windows Hello for Business. If you set this policy to false, all devices can provision Windows Hello for Business using software even if there is not a usable TPM. If you do not configure this setting, all devices can provision Windows Hello for Business using software if the TPM is non-functional or unavailable.
+Default value is false. If you set this policy to true, only devices with a usable TPM can provision Windows Hello for Business. If you set this policy to false, all devices can provision Windows Hello for Business using software even if there isn't a usable TPM. If you don’t configure this setting, all devices can provision Windows Hello for Business using software if the TPM is non-functional or unavailable.
 
 Supported operations are Add, Get, Delete, and Replace.
 
@@ -126,7 +126,7 @@ This cloud service encrypts a recovery secret, which is stored locally on the cl
 
 Default value is false. If you enable this policy setting, the PIN recovery secret will be stored on the device and the user can change their PIN if needed.
 
-If you disable or do not configure this policy setting, the PIN recovery secret will not be created or stored. If the user's PIN is forgotten, the only way to get a new PIN is by deleting the existing PIN and creating a new one, which will require the user to re-register with any services the old PIN provided access to.
+If you disable or don't configure this policy setting, the PIN recovery secret won't be created or stored. If the user's PIN is forgotten, the only way to get a new PIN is by deleting the existing PIN and creating a new one, which will require the user to re-register with any services the old PIN provided access to.
 
 Supported operations are Add, Get, Delete, and Replace.
 

From 7239e0d863843bd2134ecda600e67b6f5bd5f17f Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Mon, 7 Feb 2022 18:17:25 +0530
Subject: [PATCH 006/123] updated the changes

---
 .../deploy-windows-mdt/deploy-a-windows-10-image-using-mdt.md   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt.md b/windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt.md
index 9d20892e07..ab01c29d1c 100644
--- a/windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt.md
+++ b/windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt.md
@@ -359,7 +359,7 @@ On **MDT01**:
    - Specify Product Key: Do not specify a product key at this time
    - Full Name: Contoso
    - Organization: Contoso
-   - Internet Explorer home page: https://www.contoso.com
+   - Internet Explorer home page: `https://www.contoso.com`
    - Admin Password: Do not specify an Administrator Password at this time
 
 ### Edit the Windows 10 task sequence

From 590f91837e80fc25ac436007e412b03019954ce2 Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Wed, 9 Feb 2022 13:24:32 +0530
Subject: [PATCH 007/123] updated the changes

---
 .../upgrade/resolution-procedures.md          |  4 +--
 .../windows-deployment-scenarios-and-tools.md | 36 +++++++++----------
 2 files changed, 20 insertions(+), 20 deletions(-)

diff --git a/windows/deployment/upgrade/resolution-procedures.md b/windows/deployment/upgrade/resolution-procedures.md
index c76c4c1372..5e73a42ab6 100644
--- a/windows/deployment/upgrade/resolution-procedures.md
+++ b/windows/deployment/upgrade/resolution-procedures.md
@@ -45,10 +45,10 @@ See the following general troubleshooting procedures associated with a result co
 | :---     |  :---  |  :--- |
 | 0xC1900101 - 0x20004   | Uninstall antivirus applications.<br>Remove all unused SATA devices. <br>Remove all unused devices and drivers. <br>Update drivers and BIOS.     | Windows Setup encountered an error during the SAFE_OS with the INSTALL_RECOVERY_ENVIRONMENT operation. <br>This is generally caused by out-of-date drivers.    |
 | 0xC1900101 - 0x2000c     | Disconnect all peripheral devices that are connected to the system, except for the mouse, keyboard and display.<br> Contact your hardware vendor to obtain updated device drivers.<br> Ensure that "Download and install updates (recommended)" is accepted at the start of the upgrade process.       | Windows Setup encountered an unspecified error during Wim apply in the WinPE phase.<br> This is generally caused by out-of-date drivers      |
-| 0xC1900101 - 0x20017 | Ensure that all that drivers are updated.<br>Open the Setuperr.log and Setupact.log files in the %windir%\Panther directory, and then locate the problem drivers.<br>For more information, see [Windows Vista, Windows 7, Windows Server 2008 R2, Windows 8.1, and Windows 10 setup log file locations](/troubleshoot/windows-client/deployment/windows-setup-log-file-locations).<br>Update or uninstall the problem drivers. | A driver has caused an illegal operation.<br>Windows was not able to migrate the driver, resulting in a rollback of the operating system.<br>This is a SafeOS boot failure, typically caused by drivers or non-Microsoft disk encryption software.<br>This can also be caused by a hardware failure. |
+| 0xC1900101 - 0x20017 | Ensure that all that drivers are updated.<br>Open the Setuperr.log and Setupact.log files in the %windir%\Panther directory, and then locate the problem drivers.<br>For more information, see [Windows Vista, Windows 7, Windows Server 2008 R2, Windows 8.1, and Windows 10 setup log file locations](/troubleshoot/windows-client/deployment/windows-setup-log-file-locations).<br>Update or uninstall the problem drivers. | A driver has caused an illegal operation.<br>Windows wasn't able to migrate the driver, resulting in a rollback of the operating system.<br>This is a SafeOS boot failure, typically caused by drivers or non-Microsoft disk encryption software.<br>This can also be caused by a hardware failure. |
 | 0xC1900101 - 0x30018 | Disconnect all peripheral devices that are connected to the system, except for the mouse, keyboard and display.<br>Contact your hardware vendor to obtain updated device drivers.<br>Ensure that &quot;Download and install updates (recommended)&quot; is accepted at the start of the upgrade process. | A device driver has stopped responding to setup.exe during the upgrade process. |
 | 0xC1900101 - 0x3000D | Disconnect all peripheral devices that are connected to the system, except for the mouse, keyboard and display.<br>Update or uninstall the display driver. | Installation failed during the FIRST_BOOT phase while attempting the MIGRATE_DATA operation.<br>This can occur due to a problem with a display driver. |
-| 0xC1900101 - 0x4000D | Check supplemental rollback logs for a setupmem.dmp file, or event logs for any unexpected reboots or errors.<br>Review the rollback log and determine the stop code.<br>The rollback log is located in the <strong>$Windows.~BT\Sources\Rollback</strong> folder.  An example analysis is shown below. This example is not representative of all cases:<br>&nbsp;<br>Info SP     Crash 0x0000007E detected<br>Info SP       Module name           :<br>Info SP       Bugcheck parameter 1  : 0xFFFFFFFFC0000005<br>Info SP       Bugcheck parameter 2  : 0xFFFFF8015BC0036A<br>Info SP       Bugcheck parameter 3  : 0xFFFFD000E5D23728<br>Info SP       Bugcheck parameter 4  : 0xFFFFD000E5D22F40<br>Info SP     Cannot recover the system.<br>Info SP     Rollback: Showing splash window with restoring text: Restoring your previous version of Windows.<br>&nbsp;<br>Typically, there is a dump file for the crash to analyze. If you are not equipped to debug the dump, then attempt the following basic troubleshooting procedures:<br>&nbsp;<br>1. Make sure you have enough disk space.<br>2. If a driver is identified in the bug check message, disable the driver or check with the manufacturer for driver updates.<br>3. Try changing video adapters.<br>4. Check with your hardware vendor for any BIOS updates.<br>5. Disable BIOS memory options such as caching or shadowing. | A rollback occurred due to a driver configuration issue.<br>Installation failed during the second boot phase while attempting the MIGRATE_DATA operation.<br>This can occur because of incompatible drivers. |
+| 0xC1900101 - 0x4000D | Check supplemental rollback logs for a setupmem.dmp file, or event logs for any unexpected reboots or errors.<br>Review the rollback log and determine the stop code.<br>The rollback log is located in the <strong>$Windows.~BT\Sources\Rollback</strong> folder.  An example analysis is shown below. This example isn't representative of all cases:<br>&nbsp;<br>Info SP     Crash 0x0000007E detected<br>Info SP       Module name           :<br>Info SP       Bugcheck parameter 1: 0xFFFFFFFFC0000005<br>Info SP       Bugcheck parameter 2: 0xFFFFF8015BC0036A<br>Info SP       Bugcheck parameter 3: 0xFFFFD000E5D23728<br>Info SP       Bugcheck parameter 4  : 0xFFFFD000E5D22F40<br>Info SP     Can't recover the system.<br>Info SP     Rollback: Showing splash window with restoring text: Restoring your previous version of Windows.<br>&nbsp;<br>Typically, there's a dump file for the crash to analyze. If you aren't equipped to debug the dump, then attempt the following basic troubleshooting procedures:<br>&nbsp;<br>1. Make sure you have enough disk space.<br>2. If a driver is identified in the bug check message, disable the driver or check with the manufacturer for driver updates.<br>3. Try changing video adapters.<br>4. Check with your hardware vendor for any BIOS updates.<br>5. Disable BIOS memory options such as caching or shadowing. | A rollback occurred due to a driver configuration issue.<br>Installation failed during the second boot phase while attempting the MIGRATE_DATA operation.<br>This can occur because of incompatible drivers. |
 | 0xC1900101 - 0x40017 | Clean boot into Windows, and then attempt the upgrade to Windows 10. For more information, see [How to perform a clean boot in Windows](https://support.microsoft.com/kb/929135).<br>Ensure that you select the option to "Download and install updates (recommended)."<br>&nbsp;<br><b>Computers that run Citrix VDA</b>  <br>You may see this message after you upgrade a computer from Windows 10, version 1511 to Windows 10, version 1607. After the second system restart, the system generates this error and then rolls back to the previous version. This problem has also been observed in upgrades to Windows 8.1 and Windows 8.  <br>&nbsp;<br>This problem occurs because the computer has Citrix Virtual Delivery Agent (VDA) installed. Citrix VDA installs device drivers and a file system filter driver (CtxMcsWbc). This Citrix filter driver prevents the upgrade from writing changes to the disk, so the upgrade cannot complete and the system rolls back.  <br>&nbsp;<br>**Resolution**<br>&nbsp;<br>To resolve this problem, install [Cumulative update for Windows 10 Version 1607 and Windows Server 2016: November 8, 2016](https://support.microsoft.com/help/3200970/cumulative-update-for-windows-10-version-1607-and-windows-server-2016).<br>&nbsp;<br>You can work around this problem in two ways:<br>&nbsp;<br>**Workaround 1**<br>&nbsp;<br>1. Use the VDA setup application (VDAWorkstationSetup_7.11) to uninstall Citrix VDA.<br>2. Run the Windows upgrade again.<br>3. Reinstall Citrix VDA.<br>&nbsp;<br>**Workaround 2**<br>&nbsp;<br>If you cannot uninstall Citrix VDA, follow these steps to work around this problem:  <br>&nbsp;<br>1. In Registry Editor, go to the following subkey:<br> **HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}\CtxMcsWbc**<br>2. Change the value of the **Start** entry from **0** to **4**. This change disables the Citrix MCS cache service.<br>3. Go to the following subkey:<br> **HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}**<br>4. Delete the **CtxMcsWbc** entry.<br>5. Restart the computer, and then try the upgrade again.<br>&nbsp;<br>**Non-Microsoft information disclaimer**  <br>The non-Microsoft products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products. | Windows 10 upgrade failed after the second reboot.<br>This is usually caused by a faulty driver. For example: antivirus filter drivers or encryption drivers. |
 
 ## 0x800xxxxx
diff --git a/windows/deployment/windows-deployment-scenarios-and-tools.md b/windows/deployment/windows-deployment-scenarios-and-tools.md
index 70d738e262..aa0a53a1a5 100644
--- a/windows/deployment/windows-deployment-scenarios-and-tools.md
+++ b/windows/deployment/windows-deployment-scenarios-and-tools.md
@@ -18,7 +18,7 @@ ms.collection: highpri
 # Windows 10 deployment scenarios and tools
 
 
-To successfully deploy the Windows 10 operating system and applications for your organization, it is essential that you know about the available tools to help with the process. In this topic, you will learn about the most commonly used tools for Windows 10 deployment.
+To successfully deploy the Windows 10 operating system and applications for your organization, it is essential that you know about the available tools to help with the process. In this topic, you'll learn about the most commonly used tools for Windows 10 deployment.
 
 Microsoft provides many tools, services, and solutions. These tools include Windows Deployment Services (WDS), the Volume Activation Management Tool (VAMT), the User State Migration Tool (USMT), Windows System Image Manager (Windows SIM), Windows Preinstallation Environment (Windows PE), and Windows Recovery Environment (Windows RE). Keep in mind that these are just tools and not a complete solution on their own. It’s when you combine these tools with solutions like [Microsoft Deployment Toolkit (MDT)](./deploy-windows-mdt/prepare-for-windows-deployment-with-mdt.md) or [Configuration Manager](deploy-windows-cm/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md) that you get the complete deployment solution.
 
@@ -27,7 +27,7 @@ In this topic, you also learn about different types of reference images that you
 ## Windows Assessment and Deployment Kit
 
 
-Windows ADK contains core assessment and deployment tools and technologies, including Deployment Image Servicing and Management (DISM), Windows Imaging and Configuration Designer (Windows ICD), Windows System Image Manager (Windows SIM), User State Migration Tool (USMT), Volume Activation Management Tool (VAMT), Windows Preinstallation Environment (Windows PE), Windows Assessment Services, Windows Performance Toolkit (WPT), Application Compatibility Toolkit (ACT), and Microsoft SQL Server 2012 Express. For more details, see [Windows ADK for Windows 10](/windows-hardware/get-started/adk-install) or [Windows ADK for Windows 10 scenarios for IT Pros](windows-adk-scenarios-for-it-pros.md).
+Windows ADK contains core assessment and deployment tools and technologies, including Deployment Image Servicing and Management (DISM), Windows Imaging and Configuration Designer (Windows ICD), Windows System Image Manager (Windows SIM), User State Migration Tool (USMT), Volume Activation Management Tool (VAMT), Windows Preinstallation Environment (Windows PE), Windows Assessment Services, Windows Performance Toolkit (WPT), Application Compatibility Toolkit (ACT), and Microsoft SQL Server 2012 Express. For more information, see [Windows ADK for Windows 10](/windows-hardware/get-started/adk-install) or [Windows ADK for Windows 10 scenarios for IT Pros](windows-adk-scenarios-for-it-pros.md).
 
 ![figure 1.](images/win-10-adk-select.png)
 
@@ -61,7 +61,7 @@ For more information on DISM, see [DISM technical reference](/windows-hardware/m
 USMT is a backup and restore tool that allows you to migrate user state, data, and settings from one installation to another. Microsoft Deployment Toolkit (MDT) and System Center 2012 R2 Configuration Manager use USMT as part of the operating system deployment process.
 
 **Note**  
-Occasionally, we find that customers are wary of USMT because they believe it requires significant configuration, but, as you will learn below, using USMT is not difficult. If you use MDT and Lite Touch to deploy your machines, the USMT feature is automatically configured and extended so that it is easy to use. With MDT, you do nothing at all and USMT just works.
+Occasionally, we find that customers are wary of USMT because they believe it requires significant configuration, but, as you'll learn below, using USMT isn't difficult. If you use MDT and Lite Touch to deploy your machines, the USMT feature is automatically configured and extended so that it's easy to use. With MDT, you do nothing at all and USMT just works.
 
  
 
@@ -98,7 +98,7 @@ These are the settings migrated by the default MigUser.xml and MigApp.xml templa
 
 ### Windows Imaging and Configuration Designer
 
-Windows Imaging and Configuration Designer (Windows ICD) is a tool designed to assist with the creation of provisioning packages that can be used to dynamically configure a Windows device (PCs, tablets, and phones). This is particularly useful for setting up new devices, without the need for re-imaging the device with a custom image.
+Windows Imaging and Configuration Designer (Windows ICD) is a tool designed to assist with the creation of provisioning packages that can be used to dynamically configure a Windows device (PCs, tablets, and phones). This is particularly useful for setting up new devices, without the need for reimaging the device with a custom image.
 
 ![figure 4.](images/windows-icd.png)
 
@@ -108,7 +108,7 @@ For more information, see [Windows Imaging and Configuration Designer](/windows/
 
 ### Windows System Image Manager (Windows SIM)
 
-Windows SIM is an authoring tool for Unattend.xml files. When using MDT and/or Configuration Manager, you don’t need Windows SIM very often because those systems automatically update the Unattend.xml file during the deployment, greatly simplifying the process overall.
+Windows SIM is an authoring tool for Unattend.xml files. When using MDT and/or Configuration Manager, you don’t need Windows SIM often because those systems automatically update the Unattend.xml file during the deployment, greatly simplifying the process overall.
 
 ![figure 7.](images/mdt-11-fig07.png)
 
@@ -142,12 +142,12 @@ The key thing to know about Windows PE is that, like the operating system, it ne
 
 A machine booted with the Windows ADK default Windows PE boot image.
 
-For more details on Windows PE, see [Windows PE (WinPE)](/windows-hardware/manufacture/desktop/winpe-intro).
+For more information on Windows PE, see [Windows PE (WinPE)](/windows-hardware/manufacture/desktop/winpe-intro).
 
 ## <a href="" id="sec07"></a>Windows Recovery Environment
 
 
-Windows Recovery Environment (Windows RE) is a diagnostics and recovery toolset included in Windows Vista and later operating systems. The latest version of Windows RE is based on Windows PE. You can also extend Windows RE and add your own tools if needed. If a Windows installation fails to start and Windows RE is installed, you will see an automatic failover into Windows RE.
+Windows Recovery Environment (Windows RE) is a diagnostics and recovery toolset included in Windows Vista and later operating systems. The latest version of Windows RE is based on Windows PE. You can also extend Windows RE and add your own tools if needed. If a Windows installation fails to start and Windows RE is installed, you'll see an automatic failover into Windows RE.
 
 ![figure 8.](images/mdt-11-fig10.png)
 
@@ -158,17 +158,17 @@ For more information on Windows RE, see [Windows Recovery Environment](/windows-
 ## Windows Deployment Services
 
 
-Windows Deployment Services (WDS) has been updated and improved in several ways starting with Windows 8. Remember that the two main functions you will use are the PXE boot support and multicast. Most of the changes are related to management and increased performance. In Windows Server 2012 R2, WDS also can be used for the Network Unlock feature in BitLocker.
+Windows Deployment Services (WDS) has been updated and improved in several ways starting with Windows 8. Remember that the two main functions you'll use are the PXE boot support and multicast. Most of the changes are related to management and increased performance. In Windows Server 2012 R2, WDS also can be used for the Network Unlock feature in BitLocker.
 
 ![figure 9.](images/mdt-11-fig11.png)
 
 Windows Deployment Services using multicast to deploy three machines.
 
-In Windows Server 2012 R2, [Windows Deployment Services](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/hh831764(v=ws.11)) can be configured for stand-alone mode or for Active Directory integration. In most scenarios, the Active Directory integration mode is the best option. WDS also has the capability to manage drivers; however, driver management through MDT and Configuration Manager is more suitable for deployment due to the flexibility offered by both solutions, so you will use them instead. In WDS, it is possible to pre-stage devices in Active Directory, but here, too, Configuration Manager has that capability built in, and MDT has the ability to use a SQL Server database for pre-staging. In most scenarios, those solutions are better than the built-in pre-staging function as they allow greater control and management.
+In Windows Server 2012 R2, [Windows Deployment Services](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/hh831764(v=ws.11)) can be configured for stand-alone mode or for Active Directory integration. In most scenarios, the Active Directory integration mode is the best option. WDS also has the capability to manage drivers; however, driver management through MDT and Configuration Manager is more suitable for deployment due to the flexibility offered by both solutions, so you'll use them instead. In WDS, it's possible to pre-stage devices in Active Directory, but here, too, Configuration Manager has that capability built in, and MDT has the ability to use a SQL Server database for pre-staging. In most scenarios, those solutions are better than the built-in pre-staging function as they allow greater control and management.
 
 ### Trivial File Transfer Protocol (TFTP) configuration
 
-In some cases, you need to modify TFTP Maximum Block Size settings for performance tuning reasons, especially when PXE traffic travels through routers and such. In the previous version of WDS, it was possible to change that, but the method of do so—editing the registry—was not user friendly. In Windows Server 2012, this has become much easier to do as it can be configured as a setting.
+In some cases, you need to modify TFTP Maximum Block Size settings for performance tuning reasons, especially when PXE traffic travels through routers and such. In the previous version of WDS, it was possible to change that, but the method of do so—editing the registry—wasn't user friendly. In Windows Server 2012, this has become much easier to do as it can be configured as a setting.
 
 Also, there are a few new features related to TFTP performance:
 
@@ -264,13 +264,13 @@ As the replacement to BIOS, UEFI has many features that Windows can and will use
 With UEFI, you can benefit from:
 
 -   **Support for large disks.** UEFI requires a GUID Partition Table (GPT) based disk, which means a limitation of roughly 16.8 million TB in disk size and more than 100 primary disks.
--   **Faster boot time.** UEFI does not use INT 13, and that improves boot time, especially when it comes to resuming from hibernate.
+-   **Faster boot time.** UEFI doesn't use INT 13, and that improves boot time, especially when it comes to resuming from hibernate.
 -   **Multicast deployment.** UEFI firmware can use multicast directly when it boots up. In WDS, MDT, and Configuration Manager scenarios, you need to first boot up a normal Windows PE in unicast and then switch into multicast. With UEFI, you can run multicast from the start.
 -   **Compatibility with earlier BIOS.** Most of the UEFI implementations include a compatibility support module (CSM) that emulates BIOS.
 -   **CPU-independent architecture.** Even if BIOS can run both 32- and 64-bit versions of firmware, all firmware device drivers on BIOS systems must also be 16-bit, and this affects performance. One of the reasons is the limitation in addressable memory, which is only 64 KB with BIOS.
--   **CPU-independent drivers.** On BIOS systems, PCI add-on cards must include a ROM that contains a separate driver for all supported CPU architectures. That is not needed for UEFI because UEFI has the ability to use EFI Byte Code (EBC) images, which allow for a processor-independent device driver environment.
+-   **CPU-independent drivers.** On BIOS systems, PCI add-on cards must include a ROM that contains a separate driver for all supported CPU architectures. That isn't needed for UEFI because UEFI has the ability to use EFI Byte Code (EBC) images, which allow for a processor-independent device driver environment.
 -   **Flexible pre-operating system environment.** UEFI can perform many functions for you. You just need an UEFI application, and you can perform diagnostics and automatic repairs, and call home to report errors.
--   **Secure boot.** Windows 8 and later can use the UEFI firmware validation process, called secure boot, which is defined in UEFI 2.3.1. Using this process, you can ensure that UEFI launches only a verified operating system loader and that malware cannot switch the boot loader.
+-   **Secure boot.** Windows 8 and later can use the UEFI firmware validation process, called secure boot, which is defined in UEFI 2.3.1. Using this process, you can ensure that UEFI launches only a verified operating system loader and that malware can't switch the boot loader.
 
 ### Versions
 
@@ -283,22 +283,22 @@ In regard to UEFI, hardware is divided into four device classes:
 -   **Class 0 devices.** This is the UEFI definition for a BIOS, or non-UEFI, device.
 -   **Class 1 devices.** These devices behave like a standard BIOS machine, but they run EFI internally. They should be treated as normal BIOS-based machines. Class 1 devices use a CSM to emulate BIOS. These older devices are no longer manufactured.
 -   **Class 2 devices.** These devices have the capability to behave as a BIOS- or a UEFI-based machine, and the boot process or the configuration in the firmware/BIOS determines the mode. Class 2 devices use a CSM to emulate BIOS. These are the most common type of devices currently available.
--   **Class 3 devices.** These are UEFI-only devices, which means you must run an operating system that supports only UEFI. Those operating systems include Windows 8, Windows 8.1, Windows Server 2012, and Windows Server 2012 R2. Windows 7 is not supported on these class 3 devices. Class 3 devices do not have a CSM to emulate BIOS.
+-   **Class 3 devices.** These are UEFI-only devices, which means you must run an operating system that supports only UEFI. Those operating systems include Windows 8, Windows 8.1, Windows Server 2012, and Windows Server 2012 R2. Windows 7 isn't supported on these class 3 devices. Class 3 devices don't have a CSM to emulate BIOS.
 
 ### Windows support for UEFI
 
 Microsoft started with support for EFI 1.10 on servers and then added support for UEFI on both clients and servers.
 
-With UEFI 2.3.1, there are both x86 and x64 versions of UEFI. Windows 10 supports both. However, UEFI does not support cross-platform boot. This means that a computer that has UEFI x64 can run only a 64-bit operating system, and a computer that has UEFI x86 can run only a 32-bit operating system.
+With UEFI 2.3.1, there are both x86 and x64 versions of UEFI. Windows 10 supports both. However, UEFI doesn't support cross-platform boot. This means that a computer that has UEFI x64 can run only a 64-bit operating system, and a computer that has UEFI x86 can run only a 32-bit operating system.
 
 ### How UEFI is changing operating system deployment
 
 There are many things that affect operating system deployment as soon as you run on UEFI/EFI-based hardware. Here are considerations to keep in mind when working with UEFI devices:
 
 -   Switching from BIOS to UEFI in the hardware is easy, but you also need to reinstall the operating system because you need to switch from MBR/NTFS to GPT/FAT32 and NTFS.
--   When you deploy to a Class 2 device, make sure the boot option you select matches the setting you want to have. It is common for old machines to have several boot options for BIOS but only a few for UEFI, or vice versa.
--   When deploying from media, remember the media has to be FAT32 for UEFI, and FAT32 has a file-size limitation of 4GB.
--   UEFI does not support cross-platform booting; therefore, you need to have the correct boot media (32- or 64-bit).
+-   When you deploy to a Class 2 device, make sure the boot option you select matches the setting you want to have. It's common for old machines to have several boot options for BIOS but only a few for UEFI, or vice versa.
+-   When deploying from media, remember the media has to be FAT32 for UEFI, and FAT32 has a file-size limitation of 4 GB.
+-   UEFI doesn't support cross-platform booting; therefore, you need to have the correct boot media (32-bit or 64-bit).
 
 For more information on UEFI, see the [UEFI firmware](/previous-versions/windows/it-pro/windows-8.1-and-8/hh824898(v=win.10)) overview and related resources.
 

From 97607eedd329eb120cd66e64bd3cc0a656b3734a Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Wed, 9 Feb 2022 14:36:19 +0530
Subject: [PATCH 008/123] updated the changes

---
 windows/deployment/upgrade/resolution-procedures.md | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/windows/deployment/upgrade/resolution-procedures.md b/windows/deployment/upgrade/resolution-procedures.md
index 5e73a42ab6..a19e56b4aa 100644
--- a/windows/deployment/upgrade/resolution-procedures.md
+++ b/windows/deployment/upgrade/resolution-procedures.md
@@ -49,22 +49,22 @@ See the following general troubleshooting procedures associated with a result co
 | 0xC1900101 - 0x30018 | Disconnect all peripheral devices that are connected to the system, except for the mouse, keyboard and display.<br>Contact your hardware vendor to obtain updated device drivers.<br>Ensure that &quot;Download and install updates (recommended)&quot; is accepted at the start of the upgrade process. | A device driver has stopped responding to setup.exe during the upgrade process. |
 | 0xC1900101 - 0x3000D | Disconnect all peripheral devices that are connected to the system, except for the mouse, keyboard and display.<br>Update or uninstall the display driver. | Installation failed during the FIRST_BOOT phase while attempting the MIGRATE_DATA operation.<br>This can occur due to a problem with a display driver. |
 | 0xC1900101 - 0x4000D | Check supplemental rollback logs for a setupmem.dmp file, or event logs for any unexpected reboots or errors.<br>Review the rollback log and determine the stop code.<br>The rollback log is located in the <strong>$Windows.~BT\Sources\Rollback</strong> folder.  An example analysis is shown below. This example isn't representative of all cases:<br>&nbsp;<br>Info SP     Crash 0x0000007E detected<br>Info SP       Module name           :<br>Info SP       Bugcheck parameter 1: 0xFFFFFFFFC0000005<br>Info SP       Bugcheck parameter 2: 0xFFFFF8015BC0036A<br>Info SP       Bugcheck parameter 3: 0xFFFFD000E5D23728<br>Info SP       Bugcheck parameter 4  : 0xFFFFD000E5D22F40<br>Info SP     Can't recover the system.<br>Info SP     Rollback: Showing splash window with restoring text: Restoring your previous version of Windows.<br>&nbsp;<br>Typically, there's a dump file for the crash to analyze. If you aren't equipped to debug the dump, then attempt the following basic troubleshooting procedures:<br>&nbsp;<br>1. Make sure you have enough disk space.<br>2. If a driver is identified in the bug check message, disable the driver or check with the manufacturer for driver updates.<br>3. Try changing video adapters.<br>4. Check with your hardware vendor for any BIOS updates.<br>5. Disable BIOS memory options such as caching or shadowing. | A rollback occurred due to a driver configuration issue.<br>Installation failed during the second boot phase while attempting the MIGRATE_DATA operation.<br>This can occur because of incompatible drivers. |
-| 0xC1900101 - 0x40017 | Clean boot into Windows, and then attempt the upgrade to Windows 10. For more information, see [How to perform a clean boot in Windows](https://support.microsoft.com/kb/929135).<br>Ensure that you select the option to "Download and install updates (recommended)."<br>&nbsp;<br><b>Computers that run Citrix VDA</b>  <br>You may see this message after you upgrade a computer from Windows 10, version 1511 to Windows 10, version 1607. After the second system restart, the system generates this error and then rolls back to the previous version. This problem has also been observed in upgrades to Windows 8.1 and Windows 8.  <br>&nbsp;<br>This problem occurs because the computer has Citrix Virtual Delivery Agent (VDA) installed. Citrix VDA installs device drivers and a file system filter driver (CtxMcsWbc). This Citrix filter driver prevents the upgrade from writing changes to the disk, so the upgrade cannot complete and the system rolls back.  <br>&nbsp;<br>**Resolution**<br>&nbsp;<br>To resolve this problem, install [Cumulative update for Windows 10 Version 1607 and Windows Server 2016: November 8, 2016](https://support.microsoft.com/help/3200970/cumulative-update-for-windows-10-version-1607-and-windows-server-2016).<br>&nbsp;<br>You can work around this problem in two ways:<br>&nbsp;<br>**Workaround 1**<br>&nbsp;<br>1. Use the VDA setup application (VDAWorkstationSetup_7.11) to uninstall Citrix VDA.<br>2. Run the Windows upgrade again.<br>3. Reinstall Citrix VDA.<br>&nbsp;<br>**Workaround 2**<br>&nbsp;<br>If you cannot uninstall Citrix VDA, follow these steps to work around this problem:  <br>&nbsp;<br>1. In Registry Editor, go to the following subkey:<br> **HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}\CtxMcsWbc**<br>2. Change the value of the **Start** entry from **0** to **4**. This change disables the Citrix MCS cache service.<br>3. Go to the following subkey:<br> **HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}**<br>4. Delete the **CtxMcsWbc** entry.<br>5. Restart the computer, and then try the upgrade again.<br>&nbsp;<br>**Non-Microsoft information disclaimer**  <br>The non-Microsoft products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products. | Windows 10 upgrade failed after the second reboot.<br>This is usually caused by a faulty driver. For example: antivirus filter drivers or encryption drivers. |
+| 0xC1900101 - 0x40017 | Clean boot into Windows, and then attempt the upgrade to Windows 10. For more information, see [How to perform a clean boot in Windows](https://support.microsoft.com/kb/929135).<br>Ensure that you select the option to "Download and install updates (recommended)."<br>&nbsp;<br><b>Computers that run Citrix VDA</b>  <br>You may see this message after you upgrade a computer from Windows 10, version 1511 to Windows 10, version 1607. After the second system restart, the system generates this error and then rolls back to the previous version. This problem has also been observed in upgrades to Windows 8.1 and Windows 8.  <br>&nbsp;<br>This problem occurs because the computer has Citrix Virtual Delivery Agent (VDA) installed. Citrix VDA installs device drivers and a file system filter driver (CtxMcsWbc). This Citrix filter driver prevents the upgrade from writing changes to the disk, so the upgrade can't complete and the system rolls back.  <br>&nbsp;<br>**Resolution**<br>&nbsp;<br>To resolve this problem, install [Cumulative update for Windows 10 Version 1607 and Windows Server 2016: November 8, 2016](https://support.microsoft.com/help/3200970/cumulative-update-for-windows-10-version-1607-and-windows-server-2016).<br>&nbsp;<br>You can work around this problem in two ways:<br>&nbsp;<br>**Workaround 1**<br>&nbsp;<br>1. Use the VDA setup application (VDAWorkstationSetup_7.11) to uninstall Citrix VDA.<br>2. Run the Windows upgrade again.<br>3. Reinstall Citrix VDA.<br>&nbsp;<br>**Workaround 2**<br>&nbsp;<br>If you can't uninstall Citrix VDA, follow these steps to work around this problem:  <br>&nbsp;<br>1. In Registry Editor, go to the following subkey:<br> **HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}\CtxMcsWbc**<br>2. Change the value of the **Start** entry from **0** to **4**. This change disables the Citrix MCS cache service.<br>3. Go to the following subkey:<br> **HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}**<br>4. Delete the **CtxMcsWbc** entry.<br>5. Restart the computer, and then try the upgrade again.<br>&nbsp;<br>**Non-Microsoft information disclaimer**  <br>The non-Microsoft products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products. | Windows 10 upgrade failed after the second reboot.<br>This is caused by a faulty driver. For example: antivirus filter drivers or encryption drivers. |
 
 ## 0x800xxxxx
 
-Result codes that start with the digits 0x800 are also important to understand. These error codes indicate general operating system errors, and are not unique to the Windows upgrade process. Examples include timeouts, devices not functioning, and a process stopping unexpectedly.
+Result codes that start with the digits 0x800 are also important to understand. These error codes indicate general operating system errors, and aren't unique to the Windows upgrade process. Examples include timeouts, devices not functioning, and a process stopping unexpectedly.
 
 See the following general troubleshooting procedures associated with a result code of 0x800xxxxx:
 
 | Code | Mitigation | Cause |
 | :---     |  :---  |  :--- |
 | 80040005 - 0x20007     |  This error has more than one possible cause. Attempt [quick fixes](quick-fixes.md), and if not successful, [analyze log files](log-files.md#analyze-log-files) in order to determine the problem and solution.  |   An unspecified error occurred with a driver during the SafeOS phase.   |
-| 0x80073BC3 - 0x20009<br>0x80070002 - 0x20009<br>0x80073B92 - 0x20009     |  These errors occur during partition analysis and validation, and can be caused by the presence of multiple system partitions. For example, if you installed a new system drive but left the previous system drive connected, this can cause a conflict. To resolve the errors, disconnect or temporarily disable drives that contain the unused system partition. You can reconnect the drive after the upgrade has completed. Alternatively, you can delete the unused system partition.  |   The requested system device cannot be found, there is a sharing violation, or there are multiple devices matching the identification criteria.   |
+| 0x80073BC3 - 0x20009<br>0x80070002 - 0x20009<br>0x80073B92 - 0x20009     |  These errors occur during partition analysis and validation, and can be caused by the presence of multiple system partitions. For example, if you installed a new system drive but left the previous system drive connected, this can cause a conflict. To resolve the errors, disconnect or temporarily disable drives that contain the unused system partition. You can reconnect the drive after the upgrade has completed. Alternatively, you can delete the unused system partition.  |   The requested system device can't be found, there is a sharing violation, or there are multiple devices matching the identification criteria.   |
 | 800704B8 - 0x3001A   |  Disable or uninstall non-Microsoft antivirus applications, disconnect all unnecessary devices, and perform a [clean boot](https://support.microsoft.com/kb/929135).  |   An extended error has occurred during the first boot phase.   |
-| 8007042B - 0x4000D    |  [Analyze log files](log-files.md#analyze-log-files) in order to determine the file, application, or driver that is not able to be migrated. Disconnect, update, remove, or replace the device or object.  |   The installation failed during the second boot phase while attempting the MIGRATE_DATA operation.<br>This issue can occur due to file system, application, or driver issues.   |
-| 8007001F - 0x3000D    |  [Analyze log files](log-files.md#analyze-log-files) in order to determine the files or registry entries that are blocking data migration.<br>&nbsp;<br>This error can be due to a problem with user profiles. It can occur due to corrupt registry entries under **HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\ProfileList** or invalid files in the **\\Users** directory.<br>&nbsp;<br>**Note**: If a previous upgrade did not complete, invalid profiles might exist in the **Windows.old\\Users** directory.<br>&nbsp;<br>To repair this error, ensure that deleted accounts are not still present in the Windows registry and that files under the \\Users directory are valid. Delete the invalid files or user profiles that are causing this error. The specific files and profiles that are causing the error will be recorded in the Windows setup log files.|   The installation failed in the FIRST_BOOT phase with an error during MIGRATE_DATA operation.   |
-| 8007001F - 0x4000D     |  [Analyze log files](log-files.md#analyze-log-files) in order to determine the device that is not functioning properly. Disconnect, update, or replace the device.  |   General failure, a device attached to the system is not functioning.   |
+| 8007042B - 0x4000D    |  [Analyze log files](log-files.md#analyze-log-files) in order to determine the file, application, or driver that isn't able to be migrated. Disconnect, update, remove, or replace the device or object.  |   The installation failed during the second boot phase while attempting the MIGRATE_DATA operation.<br>This issue can occur due to file system, application, or driver issues.   |
+| 8007001F - 0x3000D    |  [Analyze log files](log-files.md#analyze-log-files) in order to determine the files or registry entries that are blocking data migration.<br>&nbsp;<br>This error can be due to a problem with user profiles. It can occur due to corrupt registry entries under **HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\ProfileList** or invalid files in the **\\Users** directory.<br>&nbsp;<br>**Note**: If a previous upgrade didn't complete, invalid profiles might exist in the **Windows.old\\Users** directory.<br>&nbsp;<br>To repair this error, ensure that deleted accounts aren't still present in the Windows registry and that files under the \\Users directory are valid. Delete the invalid files or user profiles that are causing this error. The specific files and profiles that are causing the error will be recorded in the Windows setup log files.|   The installation failed in the FIRST_BOOT phase with an error during MIGRATE_DATA operation.   |
+| 8007001F - 0x4000D     |  [Analyze log files](log-files.md#analyze-log-files) in order to determine the device that isn't functioning properly. Disconnect, update, or replace the device.  |   General failure, a device attached to the system isn't functioning.   |
 | 8007042B - 0x4001E   |  This error has more than one possible cause. Attempt [quick fixes](quick-fixes.md), and if not successful, [analyze log files](log-files.md#analyze-log-files) in order to determine the problem and solution.  |   The installation failed during the second boot phase while attempting the PRE_OOBE operation.   |
 
 ## Other result codes

From 2dc7c0aed79deccbc057019bbb5c5e15d153e6ea Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Wed, 9 Feb 2022 14:47:47 +0530
Subject: [PATCH 009/123] updated the changes

---
 .../windows-deployment-scenarios-and-tools.md          | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/windows/deployment/windows-deployment-scenarios-and-tools.md b/windows/deployment/windows-deployment-scenarios-and-tools.md
index aa0a53a1a5..72b609643b 100644
--- a/windows/deployment/windows-deployment-scenarios-and-tools.md
+++ b/windows/deployment/windows-deployment-scenarios-and-tools.md
@@ -18,7 +18,7 @@ ms.collection: highpri
 # Windows 10 deployment scenarios and tools
 
 
-To successfully deploy the Windows 10 operating system and applications for your organization, it is essential that you know about the available tools to help with the process. In this topic, you'll learn about the most commonly used tools for Windows 10 deployment.
+To successfully deploy the Windows 10 operating system and applications for your organization, it's essential that you know about the available tools to help with the process. In this topic, you'll learn about the most commonly used tools for Windows 10 deployment.
 
 Microsoft provides many tools, services, and solutions. These tools include Windows Deployment Services (WDS), the Volume Activation Management Tool (VAMT), the User State Migration Tool (USMT), Windows System Image Manager (Windows SIM), Windows Preinstallation Environment (Windows PE), and Windows Recovery Environment (Windows RE). Keep in mind that these are just tools and not a complete solution on their own. It’s when you combine these tools with solutions like [Microsoft Deployment Toolkit (MDT)](./deploy-windows-mdt/prepare-for-windows-deployment-with-mdt.md) or [Configuration Manager](deploy-windows-cm/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md) that you get the complete deployment solution.
 
@@ -94,7 +94,7 @@ By default USMT migrates many settings, most of which are related to the user pr
 -   Operating system component settings
 -   Application settings
 
-These are the settings migrated by the default MigUser.xml and MigApp.xml templates. For more details on what USMT migrates, see [What does USMT migrate?](./usmt/usmt-what-does-usmt-migrate.md) For more information on the USMT overall, see the [USMT technical reference](./usmt/usmt-reference.md).
+These are the settings migrated by the default MigUser.xml and MigApp.xml templates. For more information on what USMT migrates, see [What does USMT migrate?](./usmt/usmt-what-does-usmt-migrate.md) For more information on the USMT overall, see the [USMT technical reference](./usmt/usmt-reference.md).
 
 ### Windows Imaging and Configuration Designer
 
@@ -110,7 +110,7 @@ For more information, see [Windows Imaging and Configuration Designer](/windows/
 
 Windows SIM is an authoring tool for Unattend.xml files. When using MDT and/or Configuration Manager, you don’t need Windows SIM often because those systems automatically update the Unattend.xml file during the deployment, greatly simplifying the process overall.
 
-![figure 7.](images/mdt-11-fig07.png)
+![figure 5.](images/mdt-11-fig07.png)
 
 Windows answer file opened in Windows SIM.
 
@@ -248,7 +248,7 @@ For more information on WSUS, see the [Windows Server Update Services Overview](
 ## Unified Extensible Firmware Interface
 
 
-For many years BIOS has been the industry standard for booting a PC. BIOS has served us well, but it is time to replace it with something better. **UEFI** is the replacement for BIOS, so it is important to understand the differences between BIOS and UEFI. In this section, you learn the major differences between the two and how they affect operating system deployment.
+For many years BIOS has been the industry standard for booting a PC. BIOS has served us well, but it's time to replace it with something better. **UEFI** is the replacement for BIOS, so it's important to understand the differences between BIOS and UEFI. In this section, you learn the major differences between the two and how they affect operating system deployment.
 
 ### Introduction to UEFI
 
@@ -267,7 +267,7 @@ With UEFI, you can benefit from:
 -   **Faster boot time.** UEFI doesn't use INT 13, and that improves boot time, especially when it comes to resuming from hibernate.
 -   **Multicast deployment.** UEFI firmware can use multicast directly when it boots up. In WDS, MDT, and Configuration Manager scenarios, you need to first boot up a normal Windows PE in unicast and then switch into multicast. With UEFI, you can run multicast from the start.
 -   **Compatibility with earlier BIOS.** Most of the UEFI implementations include a compatibility support module (CSM) that emulates BIOS.
--   **CPU-independent architecture.** Even if BIOS can run both 32- and 64-bit versions of firmware, all firmware device drivers on BIOS systems must also be 16-bit, and this affects performance. One of the reasons is the limitation in addressable memory, which is only 64 KB with BIOS.
+-   **CPU-independent architecture.** Even if BIOS can run both 32-bit and 64-bit versions of firmware, all firmware device drivers on BIOS systems must also be 16-bit, and this affects performance. One of the reasons is the limitation in addressable memory, which is only 64 KB with BIOS.
 -   **CPU-independent drivers.** On BIOS systems, PCI add-on cards must include a ROM that contains a separate driver for all supported CPU architectures. That isn't needed for UEFI because UEFI has the ability to use EFI Byte Code (EBC) images, which allow for a processor-independent device driver environment.
 -   **Flexible pre-operating system environment.** UEFI can perform many functions for you. You just need an UEFI application, and you can perform diagnostics and automatic repairs, and call home to report errors.
 -   **Secure boot.** Windows 8 and later can use the UEFI firmware validation process, called secure boot, which is defined in UEFI 2.3.1. Using this process, you can ensure that UEFI launches only a verified operating system loader and that malware can't switch the boot loader.

From 810a47bc0f8e36d1511c5f4a060fbffc96b25198 Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Wed, 9 Feb 2022 18:41:33 +0530
Subject: [PATCH 010/123] updated the changes

---
 .../guidelines-for-assigned-access-app.md            | 12 ++++++------
 .../configuration/wcd/wcd-firewallconfiguration.md   |  2 +-
 .../hello-for-business/hello-hybrid-aadj-sso-base.md |  2 +-
 3 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/windows/configuration/guidelines-for-assigned-access-app.md b/windows/configuration/guidelines-for-assigned-access-app.md
index b66df8ec19..47b5e6b872 100644
--- a/windows/configuration/guidelines-for-assigned-access-app.md
+++ b/windows/configuration/guidelines-for-assigned-access-app.md
@@ -82,7 +82,7 @@ Restart on Idle Time | Specify when Kiosk Browser should restart in a fresh stat
 > 
 > 1. Create the provisioning package. When ready to export, close the project in Windows Configuration Designer.
 > 2. Open the customizations.xml file in the project folder (e.g C:\Users\name\Documents\Windows Imaging and Configuration Designer (WICD)\Project_18). 
-> 3. Insert the null character string in between each URL (e.g www.bing.com`&#xF000;`www.contoso.com). 
+> 3. Insert the null character string in between each URL (e.g www.bing.com`&#xF000; www.contoso.com)`. 
 > 4. Save the XML file.
 > 5. Open the project again in Windows Configuration Designer.
 > 6. Export the package. Ensure you do not revisit the created policies under Kiosk Browser or else the null character will be removed.
@@ -120,8 +120,8 @@ The following table describes the results for different combinations of blocked
 
 Blocked URL rule |  Block URL exception rule | Result
 --- | --- | ---
-`*` | `contoso.com`<br>`fabrikam.com` | All requests are blocked unless it is to contoso.com, fabrikam.com, or any of their subdomains.
-`contoso.com` | `mail.contoso.com`<br>`.contoso.com`<br>`.www.contoso.com` | Block all requests to contoso.com, except for the main page and its mail subdomain.
+`*` | `contoso.com`<br>`fabrikam.com` | All requests are blocked unless it is to `contoso.com, fabrikam.com,` or any of their subdomains.
+`contoso.com` | `mail.contoso.com`<br>`.contoso.com`<br>`.www.contoso.com` | Block all requests to `contoso.com,` except for the main page and its mail subdomain.
 `youtube.com` | `youtube.com/watch?v=v1`<br>`youtube.com/watch?v=v2` | Blocks all access to youtube.com except for the specified videos (v1 and v2).
 
 The following table gives examples for blocked URLs. 
@@ -129,11 +129,11 @@ The following table gives examples for blocked URLs.
 
 |          Entry           |                                    Result                                     |
 |--------------------------|-------------------------------------------------------------------------------|
-|      `contoso.com`       | Blocks all requests to contoso.com, www.contoso.com, and sub.www.contoso.com  |
+|      `contoso.com`       | Blocks all requests to contoso.com, `www.contoso.com,` and sub.www.contoso.com  |
 |       `https://*`        |                   Blocks all HTTPS requests to any domain.                    |
-|    `mail.contoso.com`    | Blocks requests to mail.contoso.com but not to www.contoso.com or contoso.com |
+|    `mail.contoso.com`    | Blocks requests to mail.contoso.com but not to `www.contoso.com` or contoso.com |
 |      `.contoso.com`      |    Blocks contoso.com but not its subdomains, like subdomain.contoso.com.     |
-|    `.www.contoso.com`    |                Blocks www.contoso.com but not its subdomains.                 |
+|    `.www.contoso.com`    |                Blocks `www.contoso.com` but not its subdomains.                 |
 |           `*`            |    Blocks all requests except for URLs in the Blocked URL Exceptions list.    |
 |         `*:8080`         |                       Blocks all requests to port 8080.                       |
 |   `contoso.com/stuff`    |         Blocks all requests to contoso.com/stuff and its subdomains.          |
diff --git a/windows/configuration/wcd/wcd-firewallconfiguration.md b/windows/configuration/wcd/wcd-firewallconfiguration.md
index cd505cda87..82dcdf2dce 100644
--- a/windows/configuration/wcd/wcd-firewallconfiguration.md
+++ b/windows/configuration/wcd/wcd-firewallconfiguration.md
@@ -27,4 +27,4 @@ Set to **True** or **False**.
 
 ## Related topics
 
-- [AllJoyn](https://developer.microsoft.com/windows/iot/docs/alljoyn)
+- For more information, see [AllJoyn – Wikipedia](https://wikipedia.org/wiki/AllJoyn).
diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md
index 4176bd6721..ed4dc68548 100644
--- a/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md
+++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md
@@ -193,7 +193,7 @@ The web server is ready to host the CRL distribution point.  Now, configure the
 1. On the issuing certificate authority, sign-in as a local administrator.  Start the **Certificate Authority** console from **Administrative Tools**. 
 2. In the navigation pane, right-click the name of the certificate authority and click **Properties**
 3. Click **Extensions**.  On the **Extensions** tab, select **CRL Distribution Point (CDP)** from the **Select extension** list.
-4. On the **Extensions** tab, click **Add**. Type <b>http://crl.[domainname]/cdp/</b> in **location**.  For example, *<http://crl.corp.contoso.com/cdp/>* or *<http://crl.contoso.com/cdp/>* (do not forget the trailing forward slash). 
+4. On the **Extensions** tab, click **Add**. Type <b>http://crl.[domainname]/cdp/</b> in **location**.  For example, `<http://crl.corp.contoso.com/cdp/> or <http://crl.contoso.com/cdp/> (do not forget the trailing forward slash). `
    ![CDP New Location dialog box.](images/aadj/cdp-extension-new-location.png)
 5. Select **\<CaName>** from the **Variable** list and click **Insert**.  Select **\<CRLNameSuffix>** from the **Variable** list and click **Insert**.  Select **\<DeltaCRLAllowed>** from the **Variable** list and click **Insert**.
 6. Type **.crl** at the end of the text in **Location**. Click **OK**.

From 96ae5670f93011861d0048d251448aa364af2e46 Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Fri, 11 Feb 2022 18:38:02 +0530
Subject: [PATCH 011/123] updated the changes

---
 .../enterprise-mode-schema-version-2-guidance.md            | 6 +++---
 windows/client-management/manage-corporate-devices.md       | 2 --
 windows/client-management/mdm/alljoynmanagement-csp.md      | 2 +-
 windows/client-management/mdm/enterprise-app-management.md  | 2 +-
 windows/client-management/mdm/passportforwork-csp.md        | 2 +-
 .../client-management/mdm/policy-csp-internetexplorer.md    | 6 +++---
 windows/configuration/guidelines-for-assigned-access-app.md | 2 +-
 .../hello-for-business/hello-hybrid-aadj-sso-base.md        | 2 +-
 8 files changed, 11 insertions(+), 13 deletions(-)

diff --git a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md
index d35dd497b1..5af6fab521 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-2-guidance.md
@@ -45,7 +45,7 @@ You can continue to use the v.1 version of the schema on Windows 10, but you wo
 The following is an example of the v.2 version of the Enterprise Mode schema.
 
 > [!IMPORTANT]
-> Make sure that you don't specify a protocol when adding your URLs. Using a URL like `<url="contoso.com">`, automatically applies to both http://contoso.com and https://contoso.com.
+> Make sure that you don't specify a protocol when adding your URLs. Using a URL like `<url="contoso.com">`, automatically applies to both `http://contoso.com` and `https://contoso.com`.
  
 ```xml
 <site-list version="205">
@@ -109,9 +109,9 @@ The &lt;url&gt; attribute, as part of the &lt;site&gt; element in the v.2 versio
 
 |Attribute|Description|Supported browser|
 |---------|---------|---------|
-|allow-redirect|A boolean attribute of the &lt;open-in&gt; element that controls the behavior for redirected sites. Setting this attribute to "true" indicates that the site will open in IE11 or Microsoft Edge even if the site is navigated to as part of a HTTP or meta refresh redirection chain. Omitting the attribute is equivalent to "false" (sites in redirect chain will not open in another browser).<br>**Example**<pre class="syntax">&lt;site url="contoso.com/travel"&gt;<br>  &lt;open-in allow-redirect="true"&gt;IE11 &lt;/open-in&gt;<br>&lt;/site&gt;</pre> In this example, if `https://contoso.com/travel` is encountered in a redirect chain in Microsoft Edge, it will be opened in Internet Explorer. <li>| Internet Explorer 11 and Microsoft Edge|
+|allow-redirect|A boolean attribute of the &lt;open-in&gt; element that controls the behavior for redirected sites. Setting this attribute to "true" indicates that the site will open in IE11 or Microsoft Edge even if the site is navigated to as part of a HTTP or meta refresh redirection chain. Omitting the attribute is equivalent to "false" (sites in redirect chain will not open in another browser).<br>**Example**<pre class="syntax">&lt;site url="contoso.com/travel"&gt;<br>  &lt;open-in allow-redirect="true"&gt;IE11 &lt;/open-in&gt;<br>&lt;/site&gt;</pre> In this example, if `https://contoso.com/travel` is encountered in a redirect chain in Microsoft Edge, it will be opened in Internet Explorer. | Internet Explorer 11 and Microsoft Edge|
 |version     |Specifies the version of the Enterprise Mode Site List. This attribute is supported for the &lt;site-list&gt; element.   | Internet Explorer 11 and Microsoft Edge|
-|url|Specifies the URL (and port number using standard port conventions) to which the child elements apply. The URL can be a domain, sub-domain, or any path URL.<br> **Note**<br> Make sure that you don't specify a protocol. Using &lt;site url="contoso.com"&gt;  applies to both [https://contoso.com](https://contoso.com) and [https://contoso.com](https://contoso.com). <br> **Example**<pre class="syntax">&lt;site url="contoso.com:8080"&gt;<br>   &lt;compat-mode&gt;IE8Enterprise&lt;/compat-mode&gt; <br> &lt;open-in&gt;IE11&lt;/open-in&gt;<br>&lt;/site&gt;</pre>In this example, going to [https://contoso.com:8080](https://contoso.com:8080) using Microsoft Edge, causes the site to open in IE11 and load in IE8 Enterprise Mode. | Internet Explorer 11 and Microsoft Edge|
+|url|Specifies the URL (and port number using standard port conventions) to which the child elements apply. The URL can be a domain, sub-domain, or any path URL.<br> **Note**<br> Make sure that you don't specify a protocol. Using &lt;site url="contoso.com"&gt;  applies to both `http://contoso.com` and `https://contoso.com`. <br> **Example**<pre class="syntax">&lt;site url="contoso.com:8080"&gt;<br>   &lt;compat-mode&gt;IE8Enterprise&lt;/compat-mode&gt; <br> &lt;open-in&gt;IE11&lt;/open-in&gt;<br>&lt;/site&gt;</pre>In this example, going to `https://contoso.com:8080` using Microsoft Edge, causes the site to open in IE11 and load in IE8 Enterprise Mode. | Internet Explorer 11 and Microsoft Edge|
 
 ### Deprecated attributes
 These v.1 version schema attributes have been deprecated in the v.2 version of the schema:
diff --git a/windows/client-management/manage-corporate-devices.md b/windows/client-management/manage-corporate-devices.md
index fb532ca4b1..100a615574 100644
--- a/windows/client-management/manage-corporate-devices.md
+++ b/windows/client-management/manage-corporate-devices.md
@@ -47,8 +47,6 @@ You can use the same management tools to manage all device types running Windows
 
 [Microsoft Intune End User Enrollment Guide](/samples/browse/?redirectedfrom=TechNet-Gallery)
 
-[Azure AD Join on Windows 10 (and Windows 11) devices](https://go.microsoft.com/fwlink/p/?LinkId=616791)
-
 [Windows 10 (and Windows 11) and Azure Active Directory: Embracing the Cloud](https://go.microsoft.com/fwlink/p/?LinkId=615768)
 
 Microsoft Virtual Academy course: [System Center 2012 R2 Configuration Manager & Windows Intune](/learn/)
diff --git a/windows/client-management/mdm/alljoynmanagement-csp.md b/windows/client-management/mdm/alljoynmanagement-csp.md
index 6e986105de..1df422d0db 100644
--- a/windows/client-management/mdm/alljoynmanagement-csp.md
+++ b/windows/client-management/mdm/alljoynmanagement-csp.md
@@ -24,7 +24,7 @@ This CSP was added in Windows 10, version 1511.
 
  
 
-For the firewall settings, note that PublicProfile and PrivateProfile are mutually exclusive. The Private Profile must be set on the directly on the device itself, and the only supported operation is Get. For PublicProfile, both Add and Get are supported. This CSP is intended to be used in conjunction with the AllJoyn Device System Bridge, and an understanding of the bridge will help when determining when and how to use this CSP. For more information, see [Device System Bridge (DSB)](https://wikipedia.org/wiki/AllJoyn). For more information, see [AllJoyn Device System Bridge](https://wikipedia.org/wiki/AllJoyn).
+For the firewall settings, note that PublicProfile and PrivateProfile are mutually exclusive. The Private Profile must be set on the directly on the device itself, and the only supported operation is Get. For PublicProfile, both Add and Get are supported. This CSP is intended to be used in conjunction with the AllJoyn Device System Bridge, and an understanding of the bridge will help when determining when and how to use this CSP. For more information, see [Device System Bridge (DSB)](https://wikipedia.org/wiki/AllJoyn). For more information, see [AllJoyn - Wikipedia](https://wikipedia.org/wiki/AllJoyn).
 
 The following shows the AllJoynManagement configuration service provider in tree format
 
diff --git a/windows/client-management/mdm/enterprise-app-management.md b/windows/client-management/mdm/enterprise-app-management.md
index ddd6fe4dd5..d5a45549a2 100644
--- a/windows/client-management/mdm/enterprise-app-management.md
+++ b/windows/client-management/mdm/enterprise-app-management.md
@@ -517,7 +517,7 @@ Provisioning allows you to stage the app to the device and all users of the devi
 
 Here are the requirements for this scenario:
 
-- The location of the app can be the local files system (C:\\StagedApps\\app1.appx), a UNC path (\\\\server\\share\\app1.apx), or an HTTPS location (https://contoso.com/app1.appx\_
+- The location of the app can be the local files system (C:\\StagedApps\\app1.appx), a UNC path (\\\\server\\share\\app1.apx), or an HTTPS location (`https://contoso.com/app1.appx\`)
 - The user must have permission to access the content location. For HTTPs, you can use server authentication or certificate authentication using a certificate associated with the enrollment. HTTP locations are supported, but not recommended because of lack of authentication requirements.
 - The device doesn't need to have connectivity to the Microsoft Store, or store services enabled.
 - The device doesn't need any Azure AD identity or domain membership.
diff --git a/windows/client-management/mdm/passportforwork-csp.md b/windows/client-management/mdm/passportforwork-csp.md
index 4155f26107..6c384c45db 100644
--- a/windows/client-management/mdm/passportforwork-csp.md
+++ b/windows/client-management/mdm/passportforwork-csp.md
@@ -88,7 +88,7 @@ PassportForWork
 Root node for PassportForWork configuration service provider.
 
 <a href="" id="tenantid"></a>***TenantId***  
-A globally unique identifier (GUID), without curly braces ( { , } ), that is used as part of Windows Hello for Business provisioning and management. To get a GUID, use the PowerShell cmdlet [Get-AzureAccount](/powershell/module/servicemanagement/azure.service/get-azureaccount). For more information, see [Get Windows Azure Active Directory Tenant ID in Windows PowerShell](https://devblogs.microsoft.com/scripting/get-windows-azure-active-directory-tenant-id-in-windows-powershell).
+A globally unique identifier (GUID), without curly braces ( { , } ), that is used as part of Windows Hello for Business provisioning and management. To get a GUID, use the PowerShell cmdlet [Get-AzureAccount](https://docs.microsoft.com/powershell/module/servicemanagement/azure.service/get-azureaccount). For more information, see [Get Windows Azure Active Directory Tenant ID in Windows PowerShell](https://devblogs.microsoft.com/scripting/get-windows-azure-active-directory-tenant-id-in-windows-powershell).
 
 <a href="" id="tenantid-policies"></a>***TenantId*/Policies**  
 Node for defining the Windows Hello for Business policy settings.
diff --git a/windows/client-management/mdm/policy-csp-internetexplorer.md b/windows/client-management/mdm/policy-csp-internetexplorer.md
index 036aa82cdc..2775253a06 100644
--- a/windows/client-management/mdm/policy-csp-internetexplorer.md
+++ b/windows/client-management/mdm/policy-csp-internetexplorer.md
@@ -1960,7 +1960,7 @@ Internet Explorer has 4 security zones, numbered 1-4, and these are used by this
 
 If you enable this policy setting, you can enter a list of sites and their related zone numbers. The association of a site with a zone will ensure that the security settings for the specified zone are applied to the site.  For each entry that you add to the list, enter the following information:
 
-Valuename – A host for an intranet site, or a fully qualified domain name for other sites. The valuename may also include a specific protocol. For example, if you enter <http://www.contoso.com> as the valuename, other protocols are not affected. If you enter just www.contoso.com, then all protocols are affected for that site, including http, https, ftp, and so on. The site may also be expressed as an IP address (e.g., 127.0.0.1) or range (e.g., 127.0.0.1-10). To avoid creating conflicting policies, do not include additional characters after the domain such as trailing slashes or URL path. For example, policy settings for www.contoso.com and www.contoso.com/mail would be treated as the same policy setting by Internet Explorer, and would therefore be in conflict.
+Valuename – A host for an intranet site, or a fully qualified domain name for other sites. The valuename may also include a specific protocol. For example, if you enter `<http://www.contoso.com>` as the valuename, other protocols are not affected. If you enter just `www.contoso.com,` then all protocols are affected for that site, including http, https, ftp, and so on. The site may also be expressed as an IP address (e.g., 127.0.0.1) or range (e.g., 127.0.0.1-10). To avoid creating conflicting policies, do not include additional characters after the domain such as trailing slashes or URL path. For example, policy settings for www.contoso.com and www.contoso.com/mail would be treated as the same policy setting by Internet Explorer, and would therefore be in conflict.
 
 Value - A number indicating the zone with which this site should be associated for security settings. The Internet Explorer zones described above are 1-4.
 
@@ -2002,8 +2002,8 @@ ADMX Info:
 ```
 
 Value and index pairs in the SyncML example:  
-- http://adfs.contoso.org 1
-- https://microsoft.com 2
+- `http://adfs.contoso.org 1`
+- `https://microsoft.com 2`
 
 <!--/Example-->
 <!--/Policy-->
diff --git a/windows/configuration/guidelines-for-assigned-access-app.md b/windows/configuration/guidelines-for-assigned-access-app.md
index 47b5e6b872..312cbd0bc3 100644
--- a/windows/configuration/guidelines-for-assigned-access-app.md
+++ b/windows/configuration/guidelines-for-assigned-access-app.md
@@ -131,7 +131,7 @@ The following table gives examples for blocked URLs.
 |--------------------------|-------------------------------------------------------------------------------|
 |      `contoso.com`       | Blocks all requests to contoso.com, `www.contoso.com,` and sub.www.contoso.com  |
 |       `https://*`        |                   Blocks all HTTPS requests to any domain.                    |
-|    `mail.contoso.com`    | Blocks requests to mail.contoso.com but not to `www.contoso.com` or contoso.com |
+|    `mail.contoso.com`    | Blocks requests to mail.contoso.com but not to `www.contoso.com` or `contoso.com` |
 |      `.contoso.com`      |    Blocks contoso.com but not its subdomains, like subdomain.contoso.com.     |
 |    `.www.contoso.com`    |                Blocks `www.contoso.com` but not its subdomains.                 |
 |           `*`            |    Blocks all requests except for URLs in the Blocked URL Exceptions list.    |
diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md
index ed4dc68548..8fd660dd30 100644
--- a/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md
+++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md
@@ -193,7 +193,7 @@ The web server is ready to host the CRL distribution point.  Now, configure the
 1. On the issuing certificate authority, sign-in as a local administrator.  Start the **Certificate Authority** console from **Administrative Tools**. 
 2. In the navigation pane, right-click the name of the certificate authority and click **Properties**
 3. Click **Extensions**.  On the **Extensions** tab, select **CRL Distribution Point (CDP)** from the **Select extension** list.
-4. On the **Extensions** tab, click **Add**. Type <b>http://crl.[domainname]/cdp/</b> in **location**.  For example, `<http://crl.corp.contoso.com/cdp/> or <http://crl.contoso.com/cdp/> (do not forget the trailing forward slash). `
+4. On the **Extensions** tab, click **Add**. Type <b>http://crl.[domainname]/cdp/</b> in **location**.  For example, `<http://crl.corp.contoso.com/cdp/>` or `<http://crl.contoso.com/cdp/> (do not forget the trailing forward slash). `
    ![CDP New Location dialog box.](images/aadj/cdp-extension-new-location.png)
 5. Select **\<CaName>** from the **Variable** list and click **Insert**.  Select **\<CRLNameSuffix>** from the **Variable** list and click **Insert**.  Select **\<DeltaCRLAllowed>** from the **Variable** list and click **Insert**.
 6. Type **.crl** at the end of the text in **Location**. Click **OK**.

From efabcb4e1816644716cd55ec1b7e14ac6d4cb2ce Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Fri, 11 Feb 2022 19:04:19 +0530
Subject: [PATCH 012/123] updated the changes

---
 windows/client-management/mdm/passportforwork-csp.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/client-management/mdm/passportforwork-csp.md b/windows/client-management/mdm/passportforwork-csp.md
index 6c384c45db..91f61459ed 100644
--- a/windows/client-management/mdm/passportforwork-csp.md
+++ b/windows/client-management/mdm/passportforwork-csp.md
@@ -88,7 +88,7 @@ PassportForWork
 Root node for PassportForWork configuration service provider.
 
 <a href="" id="tenantid"></a>***TenantId***  
-A globally unique identifier (GUID), without curly braces ( { , } ), that is used as part of Windows Hello for Business provisioning and management. To get a GUID, use the PowerShell cmdlet [Get-AzureAccount](https://docs.microsoft.com/powershell/module/servicemanagement/azure.service/get-azureaccount). For more information, see [Get Windows Azure Active Directory Tenant ID in Windows PowerShell](https://devblogs.microsoft.com/scripting/get-windows-azure-active-directory-tenant-id-in-windows-powershell).
+A globally unique identifier (GUID), without curly braces ( { , } ), that is used as part of Windows Hello for Business provisioning and management. To get a GUID, use the PowerShell cmdlet [Get-AzureAccount]([https://powershell/module/servicemanagement/azure.service/get-azureaccount]). For more information, see [Get Windows Azure Active Directory Tenant ID in Windows PowerShell](https://devblogs.microsoft.com/scripting/get-windows-azure-active-directory-tenant-id-in-windows-powershell).
 
 <a href="" id="tenantid-policies"></a>***TenantId*/Policies**  
 Node for defining the Windows Hello for Business policy settings.

From 48573664759c502ac0204cc3a2f233e312947606 Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Mon, 14 Feb 2022 17:48:09 +0530
Subject: [PATCH 013/123] updated the changes

---
 .../enterprise-mode-schema-version-1-guidance.md          | 8 ++++----
 .../mdm/policy-csp-admx-windowsexplorer.md                | 2 +-
 windows/client-management/mdm/policy-csp-connectivity.md  | 2 +-
 windows/privacy/manage-windows-1709-endpoints.md          | 8 ++++----
 windows/privacy/manage-windows-1803-endpoints.md          | 8 ++++----
 5 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
index b3d946c53c..e486ed248d 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/enterprise-mode-schema-version-1-guidance.md
@@ -71,7 +71,7 @@ This table includes the elements used by the Enterprise Mode schema.
 |&lt;emie&gt;     |The parent node for the Enterprise Mode section of the schema. All &lt;domain&gt; entries will have either IE8 Enterprise Mode or IE7 Enterprise Mode applied. <br> **Example** <pre class="syntax">&lt;rules version="205"&gt; <br> &lt;emie&gt; <br>   &lt;domain&gt;contoso.com&lt;/domain&gt; <br> &lt;/emie&gt;<br>&lt;/rules&gt;  <br> </pre><p> **or** <br> For IPv6 ranges: <pre class="syntax"><br>&lt;rules version="205"&gt; <br> &lt;emie&gt; <br>  &lt;domain&gt;[10.122.34.99]:8080&lt;/domain&gt; <br> &lt;/emie&gt;<br>&lt;/rules&gt; </pre><p> <br> **or**<br> For IPv4 ranges:<pre class="syntax">&lt;rules version="205"&gt; <br> &lt;emie&gt; <br>  &lt;domain&gt;[10.122.34.99]:8080&lt;/domain&gt; <br> &lt;/emie&gt;<br>&lt;/rules&gt; | Internet Explorer 11 and Microsoft Edge       |
 |&lt;docMode&gt;     |The parent node for the document mode section of the section. All &lt;domain&gt; entries will get IE5 - IE11 document modes applied. If there's a &lt;domain&gt; element in the docMode section that uses the same value as a &lt;domain&gt; element in the emie section, the emie element is applied.  <br> **Example** <pre class="syntax"> <br/>&lt;rules version="205"&gt; <br> &lt;docmode&gt; <br>   &lt;domain docMode="7"&gt;contoso.com&lt;/domain&gt; <br> &lt;/docmode&gt;<br>&lt;/rules&gt;     |Internet Explorer 11         |
 |&lt;domain&gt;     |A unique entry added for each site you want to put on the Enterprise Mode site list. The first &lt;domain&gt; element will overrule any additional &lt;domain&gt; elements that use the same value for the section. You can use port numbers for this element. <br> **Example** <pre class="syntax"> <br/>&lt;emie&gt; <br> &lt;domain&gt;contoso.com:8080&lt;/domain&gt;<br>&lt;/emie&gt;       |Internet Explorer 11 and Microsoft Edge         |
-|&lt;path&gt;    |A unique entry added for each path under a domain you want to put on the Enterprise Mode site list. The &lt;path&gt; element is a child of the &lt;domain&gt; element. Additionally, the first &lt;path&gt; element will overrule any additional &lt;path&gt; elements in the schema section.<br> **Example**  <pre class="syntax"> <br/>&lt;emie&gt; <br> &lt;domain exclude="true"&gt;fabrikam.com <br>   &lt;path exclude="false"&gt;/products&lt;/path&gt;<br> &lt;/domain&gt;<br>&lt;/emie&gt;</pre><p> <br> Where [https://fabrikam.com](https://fabrikam.com) doesn't use IE8 Enterprise Mode, but [https://fabrikam.com/products](https://fabrikam.com/products) does.   |Internet Explorer 11 and Microsoft Edge         |
+|&lt;path&gt;    |A unique entry added for each path under a domain you want to put on the Enterprise Mode site list. The &lt;path&gt; element is a child of the &lt;domain&gt; element. Additionally, the first &lt;path&gt; element will overrule any additional &lt;path&gt; elements in the schema section.<br> **Example**  <pre class="syntax"> <br/>&lt;emie&gt; <br> &lt;domain exclude="true"&gt;fabrikam.com <br>   &lt;path exclude="false"&gt;/products&lt;/path&gt;<br> &lt;/domain&gt;<br>&lt;/emie&gt;</pre><p> <br> Where `https://fabrikam.com` doesn't use IE8 Enterprise Mode, but `https://fabrikam.com/products` does.   |Internet Explorer 11 and Microsoft Edge         |
 
 ### Schema attributes
 This table includes the attributes used by the Enterprise Mode schema.
@@ -79,10 +79,10 @@ This table includes the attributes used by the Enterprise Mode schema.
 |Attribute|Description|Supported browser|
 |--- |--- |--- |
 |version|Specifies the version of the Enterprise Mode Site List. This attribute is supported for the &lt;rules&gt; element.|Internet Explorer 11 and Microsoft Edge|
-|exclude|Specifies the domain or path that is excluded from getting the behavior applied. This attribute is supported on the &lt;domain&gt; and &lt;path&gt; elements.<br> **Example** <pre class="syntax">&lt;emie&gt;<br>  &lt;domain exclude="false"&gt;fabrikam.com <br>    &lt;path exclude="true"&gt;/products&lt;/path&gt;<br>  &lt;/domain&gt;<br>&lt;/emie&gt; </pre><p> Where [https://fabrikam.com](https://fabrikam.com) doesn't use IE8 Enterprise Mode, but [https://fabrikam.com/products](https://fabrikam.com/products) does.|Internet Explorer 11 and Microsoft Edge|
+|exclude|Specifies the domain or path that is excluded from getting the behavior applied. This attribute is supported on the &lt;domain&gt; and &lt;path&gt; elements.<br> **Example** <pre class="syntax">&lt;emie&gt;<br>  &lt;domain exclude="false"&gt;fabrikam.com <br>    &lt;path exclude="true"&gt;/products&lt;/path&gt;<br>  &lt;/domain&gt;<br>&lt;/emie&gt; </pre><p> Where `https://fabrikam.com` doesn't use IE8 Enterprise Mode, but `https://fabrikam.com/products` does.|Internet Explorer 11 and Microsoft Edge|
 |docMode|Specifies the document mode to apply. This attribute is only supported on &lt;domain&gt; or &lt;path&gt;elements in the &lt;docMode&gt; section.<br> **Example**<pre class="syntax">&lt;docMode&gt; <br>  &lt;domain exclude="false"&gt;fabrikam.com <br>    &lt;path docMode="9"&gt;/products&lt;/path&gt;<br>  &lt;/domain&gt;<br>&lt;/docMode&gt;|Internet Explorer 11|
-|doNotTransition| Specifies that the page should load in the current browser, otherwise it will open in IE11. This attribute is supported on all &lt;domain&gt; or &lt;path&gt; elements. If this attribute is absent, it defaults to false.<br> **Example**<pre class="syntax">&lt;emie&gt;<br> &lt;domain doNotTransition=&quot;false&quot;&gt;fabrikam.com <br>   &lt;path doNotTransition=&quot;true&quot;&gt;/products&lt;/path&gt;<br> &lt;/domain&gt;<br>&lt;/emie&gt;</pre><p>Where [https://fabrikam.com](https://fabrikam.com) opens in the IE11 browser, but [https://fabrikam.com/products](https://fabrikam.com/products) loads in the current browser (eg. Microsoft Edge)|Internet Explorer 11 and Microsoft Edge|
-|forceCompatView|Specifies that the page should load in IE7 document mode (Compat View). This attribute is only supported on &lt;domain&gt; or &lt;path&gt; elements in the &lt;emie&gt; section. If the page is also configured to load in Enterprise Mode, it will load in IE7 Enterprise Mode. Otherwise (exclude=&quot;true&quot;), it will load in IE11's IE7 document mode. If this attribute is absent, it defaults to false. <br> **Example**<pre class="syntax">&lt;emie&gt;<br> &lt;domain exclude=&quot;true&quot;&gt;fabrikam.com <br>   &lt;path forcecompatview=&quot;true&quot;&gt;/products&lt;/path&gt;<br> &lt;/domain&gt;<br>&lt;/emie&gt;</pre><p>Where [https://fabrikam.com](https://fabrikam.com) does not use Enterprise Mode, but [https://fabrikam.com/products](https://fabrikam.com/products) uses IE7 Enterprise Mode.|Internet Explorer 11|
+|doNotTransition| Specifies that the page should load in the current browser, otherwise it will open in IE11. This attribute is supported on all &lt;domain&gt; or &lt;path&gt; elements. If this attribute is absent, it defaults to false.<br> **Example**<pre class="syntax">&lt;emie&gt;<br> &lt;domain doNotTransition=&quot;false&quot;&gt;fabrikam.com <br>   &lt;path doNotTransition=&quot;true&quot;&gt;/products&lt;/path&gt;<br> &lt;/domain&gt;<br>&lt;/emie&gt;</pre><p>Where `https://fabrikam.com` opens in the IE11 browser, but `https://fabrikam.com/products` loads in the current browser (eg. Microsoft Edge)|Internet Explorer 11 and Microsoft Edge|
+|forceCompatView|Specifies that the page should load in IE7 document mode (Compat View). This attribute is only supported on &lt;domain&gt; or &lt;path&gt; elements in the &lt;emie&gt; section. If the page is also configured to load in Enterprise Mode, it will load in IE7 Enterprise Mode. Otherwise (exclude=&quot;true&quot;), it will load in IE11's IE7 document mode. If this attribute is absent, it defaults to false. <br> **Example**<pre class="syntax">&lt;emie&gt;<br> &lt;domain exclude=&quot;true&quot;&gt;fabrikam.com <br>   &lt;path forcecompatview=&quot;true&quot;&gt;/products&lt;/path&gt;<br> &lt;/domain&gt;<br>&lt;/emie&gt;</pre><p>Where `https://fabrikam.com` does not use Enterprise Mode, but `https://fabrikam.com/products` uses IE7 Enterprise Mode.|Internet Explorer 11|
 
 ### Using Enterprise Mode and document mode together
 If you want to use both Enterprise Mode and document mode together, you need to be aware that  &lt;emie&gt; entries override &lt;docMode&gt; entries for the same domain. 
diff --git a/windows/client-management/mdm/policy-csp-admx-windowsexplorer.md b/windows/client-management/mdm/policy-csp-admx-windowsexplorer.md
index 3046a4d8ab..0d0d03dec5 100644
--- a/windows/client-management/mdm/policy-csp-admx-windowsexplorer.md
+++ b/windows/client-management/mdm/policy-csp-admx-windowsexplorer.md
@@ -3686,7 +3686,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to add Internet or intranet sites to the "Search again" links located at the bottom of search results in File Explorer and the Start menu links. The "Search again" links at the bottom of the Search Results view allow the user to reconduct a search but in a different location. The Internet search site will be searched with the text in the search box. To add an Internet search site, specify the URL of the search site in OpenSearch format with {searchTerms} for the query string (for example, http://www.example.com/results.aspx?q={searchTerms}).
+This policy setting allows you to add Internet or intranet sites to the "Search again" links located at the bottom of search results in File Explorer and the Start menu links. The "Search again" links at the bottom of the Search Results view allow the user to reconduct a search but in a different location. The Internet search site will be searched with the text in the search box. To add an Internet search site, specify the URL of the search site in OpenSearch format with {searchTerms} for the query string (for example, `http://www.example.com/results.aspx?q={searchTerms}`).
 
 You can add up to five additional links to the "Search again" links at the bottom of results returned in File Explorer after a search is executed. These links will be shared between Internet search sites and Search Connectors/Libraries. Search Connector/Library links take precedence over Internet search links.
 
diff --git a/windows/client-management/mdm/policy-csp-connectivity.md b/windows/client-management/mdm/policy-csp-connectivity.md
index a4eb170e5c..8c9e5e185c 100644
--- a/windows/client-management/mdm/policy-csp-connectivity.md
+++ b/windows/client-management/mdm/policy-csp-connectivity.md
@@ -649,7 +649,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Network Connection Status Indicator (NCSI) detects Internet connectivity and corporate network connectivity status. NCSI sends a DNS request and HTTP query to <http://www.msftconnecttest.com/connecttest.txt> to determine if the device can communicate with the Internet.  This policy disables the NCSI active probe, preventing network connectivity to www.msftconnecttest.com.
+Network Connection Status Indicator (NCSI) detects Internet connectivity and corporate network connectivity status. NCSI sends a DNS request and HTTP query to `<http://www.msftconnecttest.com/connecttest.txt>` to determine if the device can communicate with the Internet.  This policy disables the NCSI active probe, preventing network connectivity to www.msftconnecttest.com.
 
 Value type is integer.
 
diff --git a/windows/privacy/manage-windows-1709-endpoints.md b/windows/privacy/manage-windows-1709-endpoints.md
index f3bc7923bd..bff89da8b6 100644
--- a/windows/privacy/manage-windows-1709-endpoints.md
+++ b/windows/privacy/manage-windows-1709-endpoints.md
@@ -133,21 +133,21 @@ If you [turn off traffic for this endpoint](manage-connections-from-windows-oper
 
 | Source process | Protocol | Destination |
 |----------------|----------|------------|
-| backgroundtaskhost  | HTTPS   | www.bing.com/client |
+| backgroundtaskhost  | HTTPS   | `www.bing.com/client` |
 
 The following endpoint is used to configure parameters, such as how often the Live Tile is updated. It's also used to activate experiments. 
 If you [turn off traffic for this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-cortana), parameters wouldn't be updated and the device would no longer participate in experiments.
 
 | Source process | Protocol | Destination |
 |----------------|----------|------------|
-| backgroundtaskhost  | HTTPS   | www.bing.com/proactive |
+| backgroundtaskhost  | HTTPS   | `www.bing.com/proactive` |
 
 The following endpoint is used by Cortana to report diagnostic and diagnostic data information.
 If you [turn off traffic for this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-cortana), Microsoft won't be aware of issues with Cortana and can't fix them.
 
 | Source process | Protocol | Destination |
 |----------------|----------|------------|
-| searchui <br> backgroundtaskhost | HTTPS   | www.bing.com/threshold/xls.aspx |
+| searchui <br> backgroundtaskhost | HTTPS   | `www.bing.com/threshold/xls.aspx` |
 
 ## Certificates
 
@@ -290,7 +290,7 @@ If you [turn off traffic for this endpoint](manage-connections-from-windows-oper
 
 | Source process | Protocol | Destination |
 |----------------|----------|------------|
-|  | HTTP   | www.msftconnecttest.com/connecttest.txt |
+|  | HTTP   | `www.msftconnecttest.com/connecttest.txt` |
 
 ## Office
 
diff --git a/windows/privacy/manage-windows-1803-endpoints.md b/windows/privacy/manage-windows-1803-endpoints.md
index fdc72f92e7..da6f2a324a 100644
--- a/windows/privacy/manage-windows-1803-endpoints.md
+++ b/windows/privacy/manage-windows-1803-endpoints.md
@@ -134,21 +134,21 @@ If you [turn off traffic for this endpoint](manage-connections-from-windows-oper
 
 | Source process | Protocol | Destination |
 |----------------|----------|------------|
-| backgroundtaskhost  | HTTPS   | www.bing.com/client |
+| backgroundtaskhost  | HTTPS   | `www.bing.com/client` |
 
 The following endpoint is used to configure parameters, such as how often the Live Tile is updated. It's also used to activate experiments. 
 If you [turn off traffic for this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-cortana), parameters wouldn't be updated and the device would no longer participate in experiments.
 
 | Source process | Protocol | Destination |
 |----------------|----------|------------|
-| backgroundtaskhost  | HTTPS   | www.bing.com/proactive |
+| backgroundtaskhost  | HTTPS   | `www.bing.com/proactive` |
 
 The following endpoint is used by Cortana to report diagnostic and diagnostic data information.
 If you [turn off traffic for this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-cortana), Microsoft won't be aware of issues with Cortana and can't fix them.
 
 | Source process | Protocol | Destination |
 |----------------|----------|------------|
-| searchui <br> backgroundtaskhost | HTTPS   | www.bing.com/threshold/xls.aspx |
+| searchui <br> backgroundtaskhost | HTTPS   | `www.bing.com/threshold/xls.aspx` |
 
 ## Certificates
 
@@ -294,7 +294,7 @@ If you [turn off traffic for this endpoint](manage-connections-from-windows-oper
 
 | Source process | Protocol | Destination |
 |----------------|----------|------------|
-|  | HTTP   | www.msftconnecttest.com/connecttest.txt |
+|  | HTTP   | `www.msftconnecttest.com/connecttest.txt` |
 
 ## Office
 

From 3ceb8abd922ca726ef8b388a2bbab349cc09ee70 Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Mon, 14 Feb 2022 17:54:57 +0530
Subject: [PATCH 014/123] updated the changes

---
 .../prerequisites-microsoft-store-for-business.md               | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/store-for-business/prerequisites-microsoft-store-for-business.md b/store-for-business/prerequisites-microsoft-store-for-business.md
index 187abb5bb8..31b44cada9 100644
--- a/store-for-business/prerequisites-microsoft-store-for-business.md
+++ b/store-for-business/prerequisites-microsoft-store-for-business.md
@@ -68,7 +68,7 @@ If your organization restricts computers on your network from connecting to the
 - \*.microsoft.com
 - \*.s-microsoft.com
 - www.msftncsi.com (prior to Windows 10, version 1607)
-- www.msftconnecttest.com/connecttest.txt (replaces www.msftncsi.com
+- `www.msftconnecttest.com/connecttest.txt` (replaces www.msftncsi.com
   starting with Windows 10, version 1607)
  
 Store for Business requires Microsoft Windows HTTP Services (WinHTTP) to install, or update apps.

From 7158db78e0ee81f32d3fd0195c5d0705933803f1 Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Tue, 15 Feb 2022 10:44:25 +0530
Subject: [PATCH 015/123] updated the changes

---
 windows/privacy/manage-windows-1709-endpoints.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/windows/privacy/manage-windows-1709-endpoints.md b/windows/privacy/manage-windows-1709-endpoints.md
index bff89da8b6..4e9d31d458 100644
--- a/windows/privacy/manage-windows-1709-endpoints.md
+++ b/windows/privacy/manage-windows-1709-endpoints.md
@@ -457,4 +457,6 @@ To view endpoints for non-Enterprise Windows 10 editions, see:
 ## Related links
 
 - [Office 365 URLs and IP address ranges](/microsoft-365/enterprise/urls-and-ip-address-ranges)
-- [Network infrastructure requirements for Microsoft Intune](/mem/intune/fundamentals/intune-endpoints)
\ No newline at end of file
+- [Network infrastructure requirements for Microsoft Intune](/mem/intune/fundamentals/intune-endpoints)
+
+ 
\ No newline at end of file

From 07aa97efcf4c381652fbf13c3d0a6b32ad2f7473 Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Tue, 15 Feb 2022 10:52:47 +0530
Subject: [PATCH 016/123] updated the changes

---
 windows/client-management/mdm/passportforwork-csp.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/client-management/mdm/passportforwork-csp.md b/windows/client-management/mdm/passportforwork-csp.md
index 91f61459ed..46e3bb3016 100644
--- a/windows/client-management/mdm/passportforwork-csp.md
+++ b/windows/client-management/mdm/passportforwork-csp.md
@@ -88,7 +88,7 @@ PassportForWork
 Root node for PassportForWork configuration service provider.
 
 <a href="" id="tenantid"></a>***TenantId***  
-A globally unique identifier (GUID), without curly braces ( { , } ), that is used as part of Windows Hello for Business provisioning and management. To get a GUID, use the PowerShell cmdlet [Get-AzureAccount]([https://powershell/module/servicemanagement/azure.service/get-azureaccount]). For more information, see [Get Windows Azure Active Directory Tenant ID in Windows PowerShell](https://devblogs.microsoft.com/scripting/get-windows-azure-active-directory-tenant-id-in-windows-powershell).
+A globally unique identifier (GUID), without curly braces ( { , } ), that is used as part of Windows Hello for Business provisioning and management. To get a GUID, use the PowerShell cmdlet [Get-AzureAccount](https://powershell/module/servicemanagement/azure.service/get-azureaccount). For more information, see [Get Windows Azure Active Directory Tenant ID in Windows PowerShell](https://devblogs.microsoft.com/scripting/get-windows-azure-active-directory-tenant-id-in-windows-powershell).
 
 <a href="" id="tenantid-policies"></a>***TenantId*/Policies**  
 Node for defining the Windows Hello for Business policy settings.

From 5718f9cda3dd3ca098bde6a5fe286946c0a4be7c Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Tue, 15 Feb 2022 11:12:17 +0530
Subject: [PATCH 017/123] updated the changes

---
 .../mdm/policy-csp-connectivity.md            | 22 +++++++++----------
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/windows/client-management/mdm/policy-csp-connectivity.md b/windows/client-management/mdm/policy-csp-connectivity.md
index 8c9e5e185c..cd025e67f7 100644
--- a/windows/client-management/mdm/policy-csp-connectivity.md
+++ b/windows/client-management/mdm/policy-csp-connectivity.md
@@ -107,7 +107,7 @@ Allows the user to enable Bluetooth or restrict access.
 > [!NOTE]
 >  This value is not supported in Windows 10.
 
-If this is not set or it is deleted, the default value of 2 (Allow) is used.
+If this isn't set or it's deleted, the default value of 2 (Allow) is used.
 
 Most restricted value is 0.
 
@@ -115,7 +115,7 @@ Most restricted value is 0.
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 – Disallow Bluetooth. If this is set to 0, the radio in the Bluetooth control panel will be grayed out and the user will not be able to turn Bluetooth on.
+-   0 – Disallow Bluetooth. If this is set to 0, the radio in the Bluetooth control panel will be grayed out and the user won't be able to turn Bluetooth on.
 -   1 – Reserved. If this is set to 1, the radio in the Bluetooth control panel will be functional and the user will be able to turn Bluetooth on.
 -   2 (default) – Allow Bluetooth. If this is set to 2, the radio in the Bluetooth control panel will be functional and the user will be able to turn Bluetooth on.
 
@@ -151,15 +151,15 @@ The following list shows the supported values:
 
 <!--/Scope-->
 <!--Description-->
-Allows the cellular data channel on the device. Device reboot is not required to enforce the policy.
+Allows the cellular data channel on the device. Device reboot isn't required to enforce the policy.
 
 <!--/Description-->
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 – Do not allow the cellular data channel. The user cannot turn it on. This value is not supported in Windows 10, version 1511.
+-   0 – Don't allow the cellular data channel. The user can’t turn it on. This value isn't supported in Windows 10, version 1511.
 -   1 (default) – Allow the cellular data channel. The user can turn it off.
--   2 - Allow the cellular data channel. The user cannot turn it off.
+-   2 - Allow the cellular data channel. The user can’t turn it off.
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -193,7 +193,7 @@ The following list shows the supported values:
 
 <!--/Scope-->
 <!--Description-->
-Allows or disallows cellular data roaming on the device. Device reboot is not required to enforce the policy.
+Allows or disallows cellular data roaming on the device. Device reboot isn't required to enforce the policy.
 
 Most restricted value is 0.
 
@@ -209,9 +209,9 @@ ADMX Info:
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 – Do not allow cellular data roaming. The user cannot turn it on. This value is not supported in Windows 10, version 1511.
+-   0 – Don't allow cellular data roaming. The user can’t turn it on. This value isn't supported in Windows 10, version 1511.
 -   1 (default) – Allow cellular data roaming.
--   2 - Allow cellular data roaming on. The user cannot turn it off.
+-   2 - Allow cellular data roaming on. The user can’t turn it off.
 
 <!--/SupportedValues-->
 <!--Validation-->
@@ -301,8 +301,8 @@ The following list shows the supported values:
 <!--Description-->
 This policy allows IT admins to turn off the ability to Link a Phone with a PC to continue tasks, such as reading, email, and other tasks that require linking between Phone and PC.
 
-If you enable this policy setting, the Windows device will be able to enroll in Phone-PC linking functionality and participate in 'Continue on PC experiences'. If you disable this policy setting, the Windows device is not allowed to be linked to phones, will remove itself from the device list of any linked Phones, and cannot participate in 'Continue on PC experiences'.
-If you do not configure this policy setting, the default behavior depends on the Windows edition. Changes to this policy take effect on reboot.
+If you enable this policy setting, the Windows device will be able to enroll in Phone-PC linking functionality and participate in 'Continue on PC experiences'. If you disable this policy setting, the Windows device isn't allowed to be linked to phones, will remove itself from the device list of any linked Phones, and can’t participate in 'Continue on PC experiences'.
+If you don't configure this policy setting, the default behavior depends on the Windows edition. Changes to this policy take effect on reboot.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -314,7 +314,7 @@ ADMX Info:
 <!--SupportedValues-->
 This setting supports a range of values between 0 and 1.
 
-- 0 - Do not link
+- 0 - Don't link
 - 1 (default) - Allow phone-PC linking
 
 <!--/SupportedValues-->

From 40e451b5a1af5b914a7cca13bb14e8119470a6a9 Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Wed, 16 Feb 2022 11:10:14 +0530
Subject: [PATCH 018/123] updated the link

---
 .../mdm/structure-of-oma-dm-provisioning-files.md               | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/client-management/mdm/structure-of-oma-dm-provisioning-files.md b/windows/client-management/mdm/structure-of-oma-dm-provisioning-files.md
index ee78eb1927..07ca47599d 100644
--- a/windows/client-management/mdm/structure-of-oma-dm-provisioning-files.md
+++ b/windows/client-management/mdm/structure-of-oma-dm-provisioning-files.md
@@ -29,7 +29,7 @@ The following table shows the OMA DM versions that are supported.
 
 ## File format
 
-The following example shows the general structure of the XML document sent by the server using OMA DM version 1.2.1 for demonstration purposes only. The initial XML packages exchanged between client and server could contain additional XML tags. For a detailed description and samples for those packages, see the [OMA Device Management Protocol 1.2.1](https://go.microsoft.com/fwlink/p/?LinkId=526902) specification.
+The following example shows the general structure of the XML document sent by the server using OMA DM version 1.2.1 for demonstration purposes only. The initial XML packages exchanged between client and server could contain additional XML tags. For a detailed description and samples for those packages, see the [OMA Device Management Protocol 1.2.1](https://www.openmobilealliance.org/release/DM/V1_2_1-20080617-A/OMA-TS-DM_Protocol-V1_2_1-20080617-A.pdf) specification.
 
 ```xml
 <SyncML xmlns='SYNCML:SYNCML1.2'>

From 7ca0ff70301cafac096295554ee0227f4eac2f3a Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Wed, 16 Feb 2022 11:56:18 +0530
Subject: [PATCH 019/123] updated the broken links

---
 .../access-control/active-directory-security-groups.md          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/identity-protection/access-control/active-directory-security-groups.md b/windows/security/identity-protection/access-control/active-directory-security-groups.md
index c95e92b80c..cd2c717433 100644
--- a/windows/security/identity-protection/access-control/active-directory-security-groups.md
+++ b/windows/security/identity-protection/access-control/active-directory-security-groups.md
@@ -342,7 +342,7 @@ This security group has not changed since Windows Server 2008.
 
 Members of the Cloneable Domain Controllers group that are domain controllers may be cloned. In Windows Server 2012 R2 and Windows Server 2012, you can deploy domain controllers by copying an existing virtual domain controller. In a virtual environment, you no longer have to repeatedly deploy a server image that is prepared by using sysprep.exe, promote the server to a domain controller, and then complete additional configuration requirements for deploying each domain controller (including adding the virtual domain controller to this security group).
 
-For more information, see [Introduction to Active Directory Domain Services (AD DS) Virtualization (Level 100)](https://technet.microsoft.com/library/hh831734.aspx).
+For more information, see [Introduction to Active Directory Domain Services (AD DS) Virtualization (Level 100)](https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/introduction-to-active-directory-domain-services-ad-ds-virtualization-level-100).
 
 This security group was introduced in Windows Server 2012, and it has not changed in subsequent versions.
 

From 75468a14c644b6b6788cef7d505770d7eb513fc2 Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Wed, 16 Feb 2022 12:02:57 +0530
Subject: [PATCH 020/123] updated the warning

---
 .../access-control/active-directory-security-groups.md          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/identity-protection/access-control/active-directory-security-groups.md b/windows/security/identity-protection/access-control/active-directory-security-groups.md
index cd2c717433..2ec117c8b9 100644
--- a/windows/security/identity-protection/access-control/active-directory-security-groups.md
+++ b/windows/security/identity-protection/access-control/active-directory-security-groups.md
@@ -342,7 +342,7 @@ This security group has not changed since Windows Server 2008.
 
 Members of the Cloneable Domain Controllers group that are domain controllers may be cloned. In Windows Server 2012 R2 and Windows Server 2012, you can deploy domain controllers by copying an existing virtual domain controller. In a virtual environment, you no longer have to repeatedly deploy a server image that is prepared by using sysprep.exe, promote the server to a domain controller, and then complete additional configuration requirements for deploying each domain controller (including adding the virtual domain controller to this security group).
 
-For more information, see [Introduction to Active Directory Domain Services (AD DS) Virtualization (Level 100)](https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/introduction-to-active-directory-domain-services-ad-ds-virtualization-level-100).
+For more information, see [Introduction to Active Directory Domain Services (AD DS) Virtualization (Level 100)](/windows-server/identity/ad-ds/introduction-to-active-directory-domain-services-ad-ds-virtualization-level-100).
 
 This security group was introduced in Windows Server 2012, and it has not changed in subsequent versions.
 

From 5915093a0c0a8db97c1048e07aa510db6e29288c Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Wed, 16 Feb 2022 18:06:47 +0530
Subject: [PATCH 021/123] updated the changes

---
 .../smart-card-certificate-requirements-and-enumeration.md     | 2 +-
 .../identity-protection/vpn/vpn-auto-trigger-profile.md        | 3 +--
 .../secure-the-windows-10-boot-process.md                      | 2 +-
 3 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/windows/security/identity-protection/smart-cards/smart-card-certificate-requirements-and-enumeration.md b/windows/security/identity-protection/smart-cards/smart-card-certificate-requirements-and-enumeration.md
index 5bb30875b0..c1e4b2c2d4 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-certificate-requirements-and-enumeration.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-certificate-requirements-and-enumeration.md
@@ -187,7 +187,7 @@ The smart card certificate has specific format requirements when it is used with
 
 |            **Component**             |                                                                **Requirements for Windows 8.1, Windows 8, Windows 7, Windows Vista, Windows 10, and Windows 11**                                                                 |                                                                                                **Requirements for Windows XP**                                                                                                 |
 |--------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-|   CRL distribution point location    |                                                                                               Not required                                                                                               |             The location must be specified, online, and available, for example:<br>\[1\]CRL Distribution Point<br>Distribution Point Name:<br>Full Name:<br>URL=<http://server1.contoso.com/CertEnroll/caname.crl>             |
+|   CRL distribution point location    |                                                                                               Not required                                                                                               |             The location must be specified, online, and available, for example:<br>\[1\]CRL Distribution Point<br>Distribution Point Name:<br>Full Name:<br>URL=`<http://server1.contoso.com/CertEnroll/caname.crl>`             |
 |              Key usage               |                                                                                            Digital signature                                                                                             |                                                                                                       Digital signature                                                                                                        |
 |          Basic constraints           |                                                                                               Not required                                                                                               |                                                                              \[Subject Type=End Entity, Path Length Constraint=None\] (Optional)                                                                               |
 |       Enhanced key usage (EKU)       | The smart card sign-in object identifier is not required.<br><br>**Note**&nbsp;&nbsp;If an EKU is present, it must contain the smart card sign-in EKU. Certificates with no EKU can be used for sign-in. |      -   Client Authentication (1.3.6.1.5.5.7.3.2)<br>The client authentication object identifier is required only if a certificate is used for SSL authentication.<br><br>- Smart Card Sign-in (1.3.6.1.4.1.311.20.2.2)       |
diff --git a/windows/security/identity-protection/vpn/vpn-auto-trigger-profile.md b/windows/security/identity-protection/vpn/vpn-auto-trigger-profile.md
index 5e8dbb7965..59a725fa26 100644
--- a/windows/security/identity-protection/vpn/vpn-auto-trigger-profile.md
+++ b/windows/security/identity-protection/vpn/vpn-auto-trigger-profile.md
@@ -35,8 +35,7 @@ VPN profiles in Windows 10 or Windows 11 can be configured to connect automatica
 
 The app identifier for a desktop app is a file path. The app identifier for a UWP app is a package family name.
 
-[Find a package family name (PFN) for per-app VPN configuration](/intune/deploy-use/find-a-pfn-for-per-app-vpn)
-
+[Find a package family name (PFN) for per-app VPN configuration](/mem/configmgr/protect/deploy-use/find-a-pfn-for-per-app-vpn)
 
 ## Name-based trigger
 
diff --git a/windows/security/information-protection/secure-the-windows-10-boot-process.md b/windows/security/information-protection/secure-the-windows-10-boot-process.md
index 654ea1271b..b316f1c2c3 100644
--- a/windows/security/information-protection/secure-the-windows-10-boot-process.md
+++ b/windows/security/information-protection/secure-the-windows-10-boot-process.md
@@ -124,7 +124,7 @@ Figure 2 illustrates the Measured Boot and remote attestation process.
 **Figure 2. Measured Boot proves the PC’s health to a remote server**
 
 
-Windows includes the application programming interfaces to support Measured Boot, but you’ll need non-Microsoft tools to implement a remote attestation client and trusted attestation server to take advantage of it. For an example of such a tool, download the [TPM Platform Crypto-Provider Toolkit](https://research.microsoft.com/en-us/downloads/74c45746-24ad-4cb7-ba4b-0c6df2f92d5d/) from Microsoft Research or Microsoft Enterprise Security MVP Dan Griffin’s [Measured Boot Tool](http://mbt.codeplex.com/).
+Windows includes the application programming interfaces to support Measured Boot, but you’ll need non-Microsoft tools to implement a remote attestation client and trusted attestation server to take advantage of it. For an example of such a tool, download the [TPM Platform Crypto-Provider Toolkit](https://research.microsoft.com/en-us/downloads/74c45746-24ad-4cb7-ba4b-0c6df2f92d5d/) from Microsoft Research or Microsoft Enterprise Security MVP Dan Griffin’s [Measured Boot Tool](http://www.mbt.codeplex.com.urlcounters.com/).
 
 Measured Boot uses the power of UEFI, TPM, and Windows to give you a way to confidently assess the trustworthiness of a client PC across the network.
 

From 5d8862b6810be11a73ceb4b348fe6eacc386c59e Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Fri, 18 Feb 2022 10:03:01 +0530
Subject: [PATCH 022/123] updated the changes

---
 education/trial-in-a-box/educator-tib-get-started.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/education/trial-in-a-box/educator-tib-get-started.md b/education/trial-in-a-box/educator-tib-get-started.md
index 92cf989109..e79ce2ca66 100644
--- a/education/trial-in-a-box/educator-tib-get-started.md
+++ b/education/trial-in-a-box/educator-tib-get-started.md
@@ -338,7 +338,7 @@ For more information about checking for updates, and how to optionally turn on a
 
 ## Get more info
 * Learn more at <a href="https://www.microsoft.com/education" target="_blank">microsoft.com/education</a>
-* Find out if your school is eligible for a device trial at <a href="https://aka.ms/EDUTrialInABox" target="_blank">aka.ms/EDUTrialInABox</a>
+* Find out if your school is eligible for a device trial at `https://aka.ms/EDUTrialInABox`
 * <a href="https://www.microsoft.com/education/devices/default.aspx" target="_blank">Buy Windows 10 devices</a>
 
 <br/>

From de56beee7154fce77e62386f37f82ca9476a0f6b Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Fri, 18 Feb 2022 16:39:02 +0530
Subject: [PATCH 023/123] updated the changes

---
 windows/whats-new/whats-new-windows-10-version-1909.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/whats-new/whats-new-windows-10-version-1909.md b/windows/whats-new/whats-new-windows-10-version-1909.md
index 712131a5fc..2533b87d96 100644
--- a/windows/whats-new/whats-new-windows-10-version-1909.md
+++ b/windows/whats-new/whats-new-windows-10-version-1909.md
@@ -56,7 +56,7 @@ Windows 10, version 1909 also includes two new features called **Key-rolling** a
 
 ### Transport Layer Security (TLS)
 
-An experimental implementation of TLS 1.3 is included in Windows 10, version 1909. TLS 1.3 disabled by default system wide. If you enable TLS 1.3 on a device for testing, then it can also be enabled in Internet Explorer 11.0 and Microsoft Edge by using Internet Options. For beta versions of Microsoft Edge on Chromium, TLS 1.3 is not built on the Windows TLS stack, and is instead configured independently, using the **Edge://flags** dialog. Also see [Microsoft Edge platform status](https://developer.microsoft.com/microsoft-edge/platform/status/tls13/).
+An experimental implementation of TLS 1.3 is included in Windows 10, version 1909. TLS 1.3 disabled by default system wide. If you enable TLS 1.3 on a device for testing, then it can also be enabled in Internet Explorer 11.0 and Microsoft Edge by using Internet Options. For beta versions of Microsoft Edge on Chromium, TLS 1.3 is not built on the Windows TLS stack, and is instead configured independently, using the **Edge://flags** dialog. Also see [Microsoft Edge platform status](https://developer.microsoft.com/microsoft-edge/status/tls13/)
 
 ## Virtualization
 

From 4cd8dd50a34f46768cf2f92d57cb364bb7c7f718 Mon Sep 17 00:00:00 2001
From: Siddarth Mandalika <v-smandalika@microsoft.com>
Date: Mon, 7 Mar 2022 18:21:24 +0530
Subject: [PATCH 024/123] Acrolinx enhancement effort

---
 .../policy-csp-admx-controlpaneldisplay.md    |  76 ++++++-------
 .../mdm/policy-csp-admx-credssp.md            |  62 +++++------
 .../mdm/policy-csp-admx-credui.md             |   6 +-
 .../mdm/policy-csp-admx-ctrlaltdel.md         |  16 +--
 .../mdm/policy-csp-admx-datacollection.md     |   4 +-
 .../mdm/policy-csp-admx-dcom.md               |  20 ++--
 .../mdm/policy-csp-admx-desktop.md            | 102 +++++++++---------
 .../mdm/policy-csp-admx-deviceguard.md        |   4 +-
 .../mdm/policy-csp-admx-deviceinstallation.md |  26 ++---
 .../mdm/policy-csp-admx-devicesetup.md        |   8 +-
 .../mdm/policy-csp-admx-digitallocker.md      |   8 +-
 .../mdm/policy-csp-admx-disknvcache.md        |  14 +--
 .../mdm/policy-csp-admx-diskquota.md          |  26 ++---
 ...policy-csp-admx-distributedlinktracking.md |   2 +-
 .../mdm/policy-csp-admx-dnsclient.md          |  86 +++++++--------
 15 files changed, 230 insertions(+), 230 deletions(-)

diff --git a/windows/client-management/mdm/policy-csp-admx-controlpaneldisplay.md b/windows/client-management/mdm/policy-csp-admx-controlpaneldisplay.md
index 4ffc124899..a76ab3fb39 100644
--- a/windows/client-management/mdm/policy-csp-admx-controlpaneldisplay.md
+++ b/windows/client-management/mdm/policy-csp-admx-controlpaneldisplay.md
@@ -132,7 +132,7 @@ manager: dansimp
 <!--Description-->
 Disables the Display Control Panel.
 
-If you enable this setting, the Display Control Panel does not run. When users try to start Display, a message appears explaining that a setting prevents the action.
+If you enable this setting, the Display Control Panel doesn't run. When users try to start Display, a message appears explaining that a setting prevents the action.
 
 Also, see the "Prohibit access to the Control Panel" (User Configuration\Administrative Templates\Control Panel) and "Remove programs on Settings menu" (User Configuration\Administrative Templates\Start Menu & Taskbar) settings.
 
@@ -222,9 +222,9 @@ ADMX Info:
 <!--Description-->
 This setting forces the theme color scheme to be the default color scheme.
 
-If you enable this setting, a user cannot change the color scheme of the current desktop theme.
+If you enable this setting, a user can't change the color scheme of the current desktop theme.
 
-If you disable or do not configure this setting, a user may change the color scheme of the current desktop theme.
+If you disable or don't configure this setting, a user may change the color scheme of the current desktop theme.
 
 For Windows 7 and later, use the "Prevent changing color and appearance" setting.
 
@@ -269,12 +269,12 @@ ADMX Info:
 <!--Description-->
 This setting disables the theme gallery in the Personalization Control Panel.
 
-If you enable this setting, users cannot change or save a theme. Elements of a theme such as the desktop background, color, sounds, and screen saver can still be changed (unless policies are set to turn them off).
+If you enable this setting, users can't change or save a theme. Elements of a theme such as the desktop background, color, sounds, and screen saver can still be changed (unless policies are set to turn them off).
 
-If you disable or do not configure this setting, there is no effect.
+If you disable or don't configure this setting, there's no effect.
 
 > [!NOTE]
-> If you enable this setting but do not specify a theme using the "load a specific theme" setting, the theme defaults to whatever the user previously set or the system default.
+> If you enable this setting but don't specify a theme using the "load a specific theme" setting, the theme defaults to whatever the user previously set or the system default.
 
 <!--/Description-->
 
@@ -362,9 +362,9 @@ ADMX Info:
 <!--Description-->
 Enables desktop screen savers.
 
-If you disable this setting, screen savers do not run. Also, this setting disables the Screen Saver section of the Screen Saver dialog in the Personalization or Display Control Panel. As a result, users cannot change the screen saver options.
+If you disable this setting, screen savers don't run. Also, this setting disables the Screen Saver section of the Screen Saver dialog in the Personalization or Display Control Panel. As a result, users can't change the screen saver options.
 
-If you do not configure it, this setting has no effect on the system.
+If you don't configure it, this setting has no effect on the system.
 
 If you enable it, a screen saver runs, provided the following two conditions hold: First, a valid screen saver on the client is specified through the "Screen Saver executable name" setting or through Control Panel on the client computer. Second, the screen saver timeout is set to a nonzero value through the setting or Control Panel.
 
@@ -409,13 +409,13 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This setting allows you to force a specific default lock screen and logon image by entering the path (location) of the image file. The same image will be used for both the lock and logon screens.
+This setting allows you to force a specific default lock screen and sign-in image by entering the path (location) of the image file. The same image will be used for both the lock and sign-in screens.
 
-This setting lets you specify the default lock screen and logon image shown when no user is signed in, and also sets the specified image as the default for all users (it replaces the inbox default image).
+This setting lets you specify the default lock screen and sign-in image shown when no user is signed in, and also sets the specified image as the default for all users (it replaces the inbox default image).
 
-To use this setting, type the fully qualified path and name of the file that stores the default lock screen and logon image. You can type a local path, such as C:\Windows\Web\Screen\img104.jpg or a UNC path, such as `\\Server\Share\Corp.jpg`.
+To use this setting, type the fully qualified path and name of the file that stores the default lock screen and sign-in image. You can type a local path, such as C:\Windows\Web\Screen\img104.jpg or a UNC path, such as `\\Server\Share\Corp.jpg`.
 
-This can be used in conjunction with the "Prevent changing lock screen and logon image" setting to always force the specified lock screen and logon image to be shown.
+This setting can be used in conjunction with the "Prevent changing lock screen and logon image" setting to always force the specified lock screen and sign-in image to be shown.
 
 Note: This setting only applies to Enterprise, Education, and Server SKUs.
 
@@ -463,7 +463,7 @@ Prevents users from changing the size of the font in the windows and buttons dis
 
 If this setting is enabled, the "Font size" drop-down list on the Appearance tab in Display Properties is disabled. 
 
-If you disable or do not configure this setting, a user may change the font size using the "Font size" drop-down list on the Appearance tab.
+If you disable or don't configure this setting, a user may change the font size using the "Font size" drop-down list on the Appearance tab.
 
 <!--/Description-->
 
@@ -504,11 +504,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Prevents users from changing the background image shown when the machine is locked or when on the logon screen.
+Prevents users from changing the background image shown when the machine is locked or when on the sign-in screen.
 
-By default, users can change the background image shown when the machine is locked or displaying the logon screen.
+By default, users can change the background image shown when the machine is locked or displaying the sign-in screen.
 
-If you enable this setting, the user will not be able to change their lock screen and logon image, and they will instead see the default image.
+If you enable this setting, the user won't be able to change their lock screen and sign-in image, and they'll instead see the default image.
 
 <!--/Description-->
 
@@ -553,7 +553,7 @@ Prevents users from changing the look of their start menu background, such as it
 
 By default, users can change the look of their start menu background, such as its color or accent.
 
-If you enable this setting, the user will be assigned the default start menu background and colors and will not be allowed to change them.
+If you enable this setting, the user will be assigned the default start menu background and colors and won't be allowed to change them.
 
 If the "Force a specific background and accent color" policy is also set on a supported version of Windows, then those colors take precedence over this policy.
 
@@ -598,13 +598,13 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Disables the Color (or Window Color) page in the Personalization Control Panel, or the Color Scheme dialog in the Display Control Panel on systems where the Personalization feature is not available.
+Disables the Color (or Window Color) page in the Personalization Control Panel, or the Color Scheme dialog in the Display Control Panel on systems where the Personalization feature isn't available.
 
 This setting prevents users from using Control Panel to change the window border and taskbar color (on Windows 8), glass color (on Windows Vista and Windows 7), system colors, or color scheme of the desktop and windows.
 
 If this setting is disabled or not configured, the Color (or Window Color) page or Color Scheme dialog is available in the Personalization or Display Control Panel.
 
-For systems prior to Windows Vista, this setting hides the Appearance and Themes tabs in the in Display in Control Panel.
+For systems prior to Windows Vista, this setting hides the Appearance and Themes tabs in the Display in Control Panel.
 
 <!--/Description-->
 
@@ -745,9 +745,9 @@ ADMX Info:
 <!--Description-->
 Available in the latest Windows 10 Insider Preview Build. This policy setting controls whether the lock screen appears for users.
 
-If you enable this policy setting, users that are not required to press CTRL + ALT + DEL before signing in will see their selected tile after locking their PC.
+If you enable this policy setting, users that aren't required to press CTRL + ALT + DEL before signing in will see their selected tile after locking their PC.
 
-If you disable or do not configure this policy setting, users that are not required to press CTRL + ALT + DEL before signing in will see a lock screen after locking their PC. They must dismiss the lock screen using touch, the keyboard, or by dragging it with the mouse.
+If you disable or don't configure this policy setting, users that aren't required to press CTRL + ALT + DEL before signing in will see a lock screen after locking their PC. They must dismiss the lock screen using touch, the keyboard, or by dragging it with the mouse.
 
 <!--/Description-->
 
@@ -835,7 +835,7 @@ ADMX Info:
 <!--Description-->
 Prevents the Screen Saver dialog from opening in the Personalization or Display Control Panel.
 
-This setting prevents users from using Control Panel to add, configure, or change the screen saver on the computer. It does not prevent a screen saver from running.
+This setting prevents users from using Control Panel to add, configure, or change the screen saver on the computer. It doesn't prevent a screen saver from running.
 
 <!--/Description-->
 
@@ -925,7 +925,7 @@ Forces Windows to use the specified colors for the background and accent. The co
 
 By default, users can change the background and accent colors.
 
-If this setting is enabled, the background and accent colors of Windows will be set to the specified colors and users cannot change those colors. This setting will not be applied if the specified colors do not meet a contrast ratio of 2:1 with white text.
+If this setting is enabled, the background and accent colors of Windows will be set to the specified colors and users can't change those colors. This setting won't be applied if the specified colors don't meet a contrast ratio of 2:1 with white text.
 
 <!--/Description-->
 
@@ -968,11 +968,11 @@ ADMX Info:
 <!--Description-->
 Determines whether screen savers used on the computer are password protected.
 
-If you enable this setting, all screen savers are password protected. If you disable this setting, password protection cannot be set on any screen saver.
+If you enable this setting, all screen savers are password protected. If you disable this setting, password protection can't be set on any screen saver.
 
 This setting also disables the "Password protected" checkbox on the Screen Saver dialog in the Personalization or Display Control Panel, preventing users from changing the password protection setting.
 
-If you do not configure this setting, users can choose whether or not to set password protection on each screen saver.
+If you don't configure this setting, users can choose whether or not to set password protection on each screen saver.
 
 To ensure that a computer will be password protected, enable the "Enable Screen Saver" setting and specify a timeout via the "Screen Saver timeout" setting.
 
@@ -1020,7 +1020,7 @@ ADMX Info:
 <!--Description-->
 Specifies how much user idle time must elapse before the screen saver is launched.
 
-When configured, this idle time can be set from a minimum of 1 second to a maximum of 86,400 seconds, or 24 hours. If set to zero, the screen saver will not be started.
+When configured, this idle time can be set from a minimum of 1 second to a maximum of 86,400 seconds, or 24 hours. If set to zero, the screen saver won't be started.
 
 This setting has no effect under any of the following circumstances:
 
@@ -1030,7 +1030,7 @@ This setting has no effect under any of the following circumstances:
 
 - The "Enable Screen Saver" setting is disabled.
 
-- Neither the "Screen saver executable name" setting nor the Screen Saver dialog of the client computer's Personalization or Display Control Panel specifies a valid existing screen saver program on the client.
+- The "Screen saver executable name" setting and the Screen Saver dialog of the client computer's Personalization or Display Control Panel don't specify a valid existing screen saver program on the client.
 
 When not configured, whatever wait time is set on the client through the Screen Saver dialog in the Personalization or Display Control Panel is used. The default is 15 minutes.
 
@@ -1077,14 +1077,14 @@ Specifies the screen saver for the user's desktop.
 
 If you enable this setting, the system displays the specified screen saver on the user's desktop. Also, this setting disables the drop-down list of screen savers in the Screen Saver dialog in the Personalization or Display Control Panel, which prevents users from changing the screen saver.
 
-If you disable this setting or do not configure it, users can select any screen saver.
+If you disable this setting or don't configure it, users can select any screen saver.
 
-If you enable this setting, type the name of the file that contains the screen saver, including the .scr file name extension. If the screen saver file is not in the %Systemroot%\System32 directory, type the fully qualified path to the file.
+If you enable this setting, type the name of the file that contains the screen saver, including the .scr file name extension. If the screen saver file isn't in the %Systemroot%\System32 directory, type the fully qualified path to the file.
 
-If the specified screen saver is not installed on a computer to which this setting applies, the setting is ignored.
+If the specified screen saver isn't installed on a computer to which this setting applies, the setting is ignored.
 
 > [!NOTE]
-> This setting can be superseded by the "Enable Screen Saver" setting.  If the "Enable Screen Saver" setting is disabled, this setting is ignored, and screen savers do not run.
+> This setting can be superseded by the "Enable Screen Saver" setting.  If the "Enable Screen Saver" setting is disabled, this setting is ignored, and screen savers don't run.
 
 <!--/Description-->
 
@@ -1127,9 +1127,9 @@ ADMX Info:
 <!--Description-->
 Available in the latest Windows 10 Insider Preview Build. Specifies which theme file is applied to the computer the first time a user logs on.
 
-If you enable this setting, the theme that you specify will be applied when a new user logs on for the first time.  This policy does not prevent the user from changing the theme or any of the theme elements such as the desktop background, color, sounds, or screen saver after the first logon.
+If you enable this setting, the theme that you specify will be applied when a new user logs on for the first time.  This policy doesn't prevent the user from changing the theme or any of the theme elements such as the desktop background, color, sounds, or screen saver after the first sign in.
 
-If you disable or do not configure this setting, the default theme will be applied at the first logon.
+If you disable or don't configure this setting, the default theme will be applied at the first sign in.
 
 <!--/Description-->
 
@@ -1172,18 +1172,18 @@ ADMX Info:
 <!--Description-->
 This setting allows you to force a specific visual style file by entering the path (location) of the visual style file.
 
-This can be a local computer visual style (aero.msstyles), or a file located on a remote server using a UNC path (\\Server\Share\aero.msstyles).
+This file can be a local computer visual style (aero.msstyles) one, or a file located on a remote server using a UNC path (\\Server\Share\aero.msstyles).
 
 If you enable this setting, the visual style file that you specify will be used. Also, a user may not apply a different visual style when changing themes.
 
-If you disable or do not configure this setting, the users can select the visual style that they want to use by changing themes (if the Personalization Control Panel is available).
+If you disable or don't configure this setting, the users can select the visual style that they want to use by changing themes (if the Personalization Control Panel is available).
 
 > [!NOTE]
-> If this setting is enabled and the file is not available at user logon, the default visual style is loaded.
+> If this setting is enabled and the file isn't available at user logon, the default visual style is loaded.
 >
 > When running Windows XP, you can select the Luna visual style by typing %windir%\resources\Themes\Luna\Luna.msstyles.
 >
-> To select the Windows Classic visual style, leave the box blank beside "Path to Visual Style:" and enable this setting. When running Windows 8 or Windows RT, you cannot apply the Windows Classic visual style.
+> To select the Windows Classic visual style, leave the box blank beside "Path to Visual Style:" and enable this setting. When running Windows 8 or Windows RT, you can't apply the Windows Classic visual style.
 
 <!--/Description-->
 
@@ -1228,7 +1228,7 @@ Forces the Start screen to use one of the available backgrounds, 1 through 20, a
 
 If this setting is set to zero or not configured, then Start uses the default background, and users can change it.
 
-If this setting is set to a nonzero value, then Start uses the specified background, and users cannot change it. If the specified background is not supported, the default background is used.
+If this setting is set to a nonzero value, then Start uses the specified background, and users can't change it. If the specified background isn't supported, the default background is used.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-credssp.md b/windows/client-management/mdm/policy-csp-admx-credssp.md
index 6644992e57..18929d3fd6 100644
--- a/windows/client-management/mdm/policy-csp-admx-credssp.md
+++ b/windows/client-management/mdm/policy-csp-admx-credssp.md
@@ -95,9 +95,9 @@ This policy setting applies to applications using the Cred SSP component (for ex
 
 This policy setting applies when server authentication was achieved via NTLM.
 
-If you enable this policy setting, you can specify the servers to which the user's default credentials can be delegated (default credentials are those that you use when first logging on to Windows).
+If you enable this policy setting, you can specify the servers to which the user's default credentials can be delegated (default credentials are those credentials that you use when first signing in to Windows).
 
-If you disable or do not configure (by default) this policy setting, delegation of default credentials is not permitted to any machine.
+If you disable or don't configure (by default) this policy setting, delegation of default credentials isn't permitted to any machine.
 
 > [!NOTE]
 > The "Allow delegating default credentials with NTLM-only server authentication" policy setting can be set to one or more Service Principal Names (SPNs). The SPN represents the target server to which the user credentials can be delegated.  The use of a single wildcard character is permitted when specifying the SPN.
@@ -152,11 +152,11 @@ This policy setting applies to applications using the Cred SSP component (for ex
 
 This policy setting applies when server authentication was achieved by using a trusted X509 certificate or Kerberos.
 
-If you enable this policy setting, you can specify the servers to which the user's default credentials can be delegated (default credentials are those that you use when first logging on to Windows).
+If you enable this policy setting, you can specify the servers to which the user's default credentials can be delegated (default credentials are those credentials that you use when first logging on to Windows).
 
 The policy becomes effective the next time the user signs on to a computer running Windows.
 
-If you disable or do not configure (by default) this policy setting, delegation of default credentials is not permitted to any computer. Applications depending upon this delegation behavior might fail authentication. For more information, see KB.
+If you disable or don't configure (by default) this policy setting, delegation of default credentials isn't permitted to any computer. Applications depending upon this delegation behavior might fail authentication. For more information, see KB.
 
 FWlink for KB:
 https://go.microsoft.com/fwlink/?LinkId=301508
@@ -215,14 +215,14 @@ Some versions of the CredSSP protocol are vulnerable to an encryption oracle att
 
 If you enable this policy setting, CredSSP version support will be selected based on the following options:
 
-- Force Updated Clients: Client applications which use CredSSP will not be able to fall back to the insecure versions and services using CredSSP will not accept unpatched clients. 
+- Force Updated Clients: Client applications that use CredSSP won't be able to fall back to the insecure versions and services using CredSSP won't accept unpatched clients. 
 
     > [!NOTE]
     > This setting should not be deployed until all remote hosts support the newest version.
 
-- Mitigated: Client applications which use CredSSP will not be able to fall back to the insecure version but services using CredSSP will accept unpatched clients. See the link below for important information about the risk posed by remaining unpatched clients.
+- Mitigated: Client applications that use CredSSP won't be able to fall back to the insecure version but services using CredSSP will accept unpatched clients. See the link below for important information about the risk posed by remaining unpatched clients.
 
-- Vulnerable: Client applications which use CredSSP will expose the remote servers to attacks by supporting fall back to the insecure versions and services using CredSSP will accept unpatched clients.
+- Vulnerable: Client applications that use CredSSP will expose the remote servers to attacks by supporting a fallback to the insecure versions and services using CredSSP will accept unpatched clients.
 
 For more information about the vulnerability and servicing requirements for protection, see https://go.microsoft.com/fwlink/?linkid=866660
 
@@ -269,11 +269,11 @@ This policy setting applies to applications using the Cred SSP component (for ex
 
 This policy setting applies when server authentication was achieved via a trusted X509 certificate or Kerberos.
 
-If you enable this policy setting, you can specify the servers to which the user's fresh credentials can be delegated (fresh credentials are those that you are prompted for when executing the application).
+If you enable this policy setting, you can specify the servers to which the user's fresh credentials can be delegated (fresh credentials are those credentials that you're prompted for when executing the application).
 
-If you do not configure (by default) this policy setting, after proper mutual authentication, delegation of fresh credentials is permitted to Remote Desktop Session Host running on any machine (TERMSRV/*).
+If you don't configure (by default) this policy setting, after proper mutual authentication, delegation of fresh credentials is permitted to Remote Desktop Session Host running on any machine (TERMSRV/*).
 
-If you disable this policy setting, delegation of fresh credentials is not permitted to any machine.
+If you disable this policy setting, delegation of fresh credentials isn't permitted to any machine.
 
 > [!NOTE]
 > The "Allow delegating fresh credentials" policy setting can be set to one or more Service Principal Names (SPNs). The SPN represents the target server to which the user credentials can be delegated. The use of a single wildcard is permitted when specifying the SPN.
@@ -327,11 +327,11 @@ This policy setting applies to applications using the Cred SSP component (for ex
 
 This policy setting applies when server authentication was achieved via NTLM.
 
-If you enable this policy setting, you can specify the servers to which the user's fresh credentials can be delegated (fresh credentials are those that you are prompted for when executing the application).
+If you enable this policy setting, you can specify the servers to which the user's fresh credentials can be delegated (fresh credentials are those credentials that you're prompted for when executing the application).
 
-If you do not configure (by default) this policy setting, after proper mutual authentication, delegation of fresh credentials is permitted to Remote Desktop Session Host running on any machine (TERMSRV/*).
+If you don't configure (by default) this policy setting, after proper mutual authentication, delegation of fresh credentials is permitted to Remote Desktop Session Host running on any machine (TERMSRV/*).
 
-If you disable this policy setting, delegation of fresh credentials is not permitted to any machine.
+If you disable this policy setting, delegation of fresh credentials isn't permitted to any machine.
 
 > [!NOTE]
 > The "Allow delegating fresh credentials with NTLM-only server authentication" policy setting can be set to one or more Service Principal Names (SPNs). The SPN represents the target server to which the user credentials can be delegated. The use of a single wildcard character is permitted when specifying the SPN.
@@ -385,11 +385,11 @@ This policy setting applies to applications using the Cred SSP component (for ex
 
 This policy setting applies when server authentication was achieved via a trusted X509 certificate or Kerberos.
 
-If you enable this policy setting, you can specify the servers to which the user's saved credentials can be delegated (saved credentials are those that you elect to save/remember using the Windows credential manager).
+If you enable this policy setting, you can specify the servers to which the user's saved credentials can be delegated (saved credentials are those credentials that you elect to save/remember using the Windows credential manager).
 
-If you do not configure (by default) this policy setting, after proper mutual authentication, delegation of saved credentials is permitted to Remote Desktop Session Host running on any machine (TERMSRV/*).
+If you don't configure (by default) this policy setting, after proper mutual authentication, delegation of saved credentials is permitted to Remote Desktop Session Host running on any machine (TERMSRV/*).
 
-If you disable this policy setting, delegation of saved credentials is not permitted to any machine.
+If you disable this policy setting, delegation of saved credentials isn't permitted to any machine.
 
 > [!NOTE]
 > The "Allow delegating saved credentials" policy setting can be set to one or more Service Principal Names (SPNs). The SPN represents the target server to which the user credentials can be delegated. The use of a single wildcard character is permitted when specifying the SPN.
@@ -443,11 +443,11 @@ This policy setting applies to applications using the Cred SSP component (for ex
 
 This policy setting applies when server authentication was achieved via NTLM.
 
-If you enable this policy setting, you can specify the servers to which the user's saved credentials can be delegated (saved credentials are those that you elect to save/remember using the Windows credential manager).
+If you enable this policy setting, you can specify the servers to which the user's saved credentials can be delegated (saved credentials are those credentials that you elect to save/remember using the Windows credential manager).
 
-If you do not configure (by default) this policy setting, after proper mutual authentication, delegation of saved credentials is permitted to Remote Desktop Session Host running on any machine (TERMSRV/*) if the client machine is not a member of any domain. If the client is domain-joined, by default the delegation of saved credentials is not permitted to any machine.
+If you don't configure (by default) this policy setting, after proper mutual authentication, delegation of saved credentials is permitted to Remote Desktop Session Host running on any machine (TERMSRV/*) if the client machine isn't a member of any domain. If the client is domain-joined, by default, the delegation of saved credentials isn't permitted to any machine.
 
-If you disable this policy setting, delegation of saved credentials is not permitted to any machine.
+If you disable this policy setting, delegation of saved credentials isn't permitted to any machine.
 
 > [!NOTE]
 > The "Allow delegating saved credentials with NTLM-only server authentication" policy setting can be set to one or more Service Principal Names (SPNs). The SPN represents the target server to which the user credentials can be delegated. The use of a single wildcard character is permitted when specifying the SPN.
@@ -499,12 +499,12 @@ ADMX Info:
 <!--Description-->
 This policy setting applies to applications using the Cred SSP component (for example: Remote Desktop Connection).
 
-If you enable this policy setting, you can specify the servers to which the user's default credentials cannot be delegated (default credentials are those that you use when first logging on to Windows).
+If you enable this policy setting, you can specify the servers to which the user's default credentials can't be delegated (default credentials are those credentials that you use when first logging on to Windows).
 
-If you disable or do not configure (by default) this policy setting, this policy setting does not specify any server.
+If you disable or don't configure (by default) this policy setting, this policy setting doesn't specify any server.
 
 > [!NOTE]
-> The "Deny delegating default credentials" policy setting can be set to one or more Service Principal Names (SPNs). The SPN represents the target server to which the user credentials cannot be delegated. The use of a single wildcard character is permitted when specifying the SPN.
+> The "Deny delegating default credentials" policy setting can be set to one or more Service Principal Names (SPNs). The SPN represents the target server to which the user credentials can't be delegated. The use of a single wildcard character is permitted when specifying the SPN.
 >
 > For Example:
 >
@@ -555,12 +555,12 @@ ADMX Info:
 <!--Description-->
 This policy setting applies to applications using the Cred SSP component (for example: Remote Desktop Connection).
 
-If you enable this policy setting, you can specify the servers to which the user's fresh credentials cannot be delegated (fresh credentials are those that you are prompted for when executing the application).
+If you enable this policy setting, you can specify the servers to which the user's fresh credentials can't be delegated (fresh credentials are those credentials that you're prompted for when executing the application).
 
-If you disable or do not configure (by default) this policy setting, this policy setting does not specify any server.
+If you disable or don't configure (by default) this policy setting, this policy setting doesn't specify any server.
 
 > [!NOTE]
-> The "Deny delegating fresh credentials" policy setting can be set to one or more Service Principal Names (SPNs). The SPN represents the target server to which the user credentials cannot be delegated. The use of a single wildcard character is permitted when specifying the SPN.
+> The "Deny delegating fresh credentials" policy setting can be set to one or more Service Principal Names (SPNs). The SPN represents the target server to which the user credentials can't be delegated. The use of a single wildcard character is permitted when specifying the SPN.
 >
 > For Example:
 >
@@ -611,12 +611,12 @@ ADMX Info:
 <!--Description-->
 This policy setting applies to applications using the Cred SSP component (for example: Remote Desktop Connection).
 
-If you enable this policy setting, you can specify the servers to which the user's saved credentials cannot be delegated (saved credentials are those that you elect to save/remember using the Windows credential manager).
+If you enable this policy setting, you can specify the servers to which the user's saved credentials can't be delegated (saved credentials are those credentials that you elect to save/remember using the Windows credential manager).
 
-If you disable or do not configure (by default) this policy setting, this policy setting does not specify any server.
+If you disable or don't configure (by default) this policy setting, this policy setting doesn't specify any server.
 
 > [!NOTE]
-> The "Deny delegating saved credentials" policy setting can be set to one or more Service Principal Names (SPNs). The SPN represents the target server to which the user credentials cannot be delegated. The use of a single wildcard character is permitted when specifying the SPN.
+> The "Deny delegating saved credentials" policy setting can be set to one or more Service Principal Names (SPNs). The SPN represents the target server to which the user credentials can't be delegated. The use of a single wildcard character is permitted when specifying the SPN.
 >
 > For Example:
 >
@@ -665,7 +665,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-When running in Restricted Admin or Remote Credential Guard mode, participating apps do not expose signed in or supplied credentials to a remote host. Restricted Admin limits access to resources located on other servers or networks from the remote host because credentials are not delegated. Remote Credential Guard does not limit access to resources because it redirects all requests back to the client device.
+When the participating applications are running in Restricted Admin or Remote Credential Guard mode, participating applications don't expose signed in or supplied credentials to a remote host. Restricted Admin limits access to resources located on other servers or networks from the remote host because credentials aren't delegated. Remote Credential Guard doesn't limit access to resources because it redirects all requests back to the client device.
 
 Participating apps:
 Remote Desktop Client
@@ -676,12 +676,12 @@ If you enable this policy setting, the following options are supported:
 - Require Remote Credential Guard: Participating applications must use Remote Credential Guard to connect to remote hosts.
 - Require Restricted Admin: Participating applications must use Restricted Admin to connect to remote hosts.
 
-If you disable or do not configure this policy setting, Restricted Admin and Remote Credential Guard mode are not enforced and participating apps can delegate credentials to remote devices.
+If you disable or don't configure this policy setting, Restricted Admin and Remote Credential Guard mode aren't enforced and participating apps can delegate credentials to remote devices.
 
 > [!NOTE]
 > To disable most credential delegation, it may be sufficient to deny delegation in Credential Security Support Provider (CredSSP) by modifying Administrative template settings (located at Computer Configuration\Administrative Templates\System\Credentials Delegation).
 >
-> On Windows 8.1 and Windows Server 2012 R2, enabling this policy will enforce Restricted Administration mode, regardless of the mode chosen. These versions do not support Remote Credential Guard.
+> On Windows 8.1 and Windows Server 2012 R2, enabling this policy will enforce Restricted Administration mode, regardless of the mode chosen. These versions don't support Remote Credential Guard.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-credui.md b/windows/client-management/mdm/policy-csp-admx-credui.md
index d6bc1bc1fd..a62ce22ddd 100644
--- a/windows/client-management/mdm/policy-csp-admx-credui.md
+++ b/windows/client-management/mdm/policy-csp-admx-credui.md
@@ -69,9 +69,9 @@ This policy setting requires the user to enter Microsoft Windows credentials usi
 > [!NOTE]
 > This policy affects nonlogon authentication tasks only. As a security best practice, this policy should be enabled.
 
-If you enable this policy setting, users will be required to enter Windows credentials on the Secure Desktop by means of the trusted path mechanism.
+If you enable this policy setting, users will be required to enter Windows credentials on the Secure Desktop through the trusted path mechanism.
 
-If you disable or do not configure this policy setting, users will enter Windows credentials within the user’s desktop session, potentially allowing malicious code access to the user’s Windows credentials.
+If you disable or don't configure this policy setting, users will enter Windows credentials within the user’s desktop session, potentially allowing malicious code access to the user’s Windows credentials.
 
 <!--/Description-->
 
@@ -112,7 +112,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Available in the latest Windows 10 Insider Preview Build. If you turn this policy setting on, local users won’t be able to set up and use security questions to reset their passwords.
+Available in the latest Windows 10 Insider Preview Build. If you turn on this policy setting, local users won’t be able to set up and use security questions to reset their passwords.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-ctrlaltdel.md b/windows/client-management/mdm/policy-csp-admx-ctrlaltdel.md
index 7bdb85337f..89ce54faf5 100644
--- a/windows/client-management/mdm/policy-csp-admx-ctrlaltdel.md
+++ b/windows/client-management/mdm/policy-csp-admx-ctrlaltdel.md
@@ -72,7 +72,7 @@ manager: dansimp
 <!--Description-->
 This policy setting prevents users from changing their Windows password on demand.
 
-If you enable this policy setting, the 'Change Password' button on the Windows Security dialog box will not appear when you press Ctrl+Alt+Del.
+If you enable this policy setting, the **Change Password** button on the Windows Security dialog box won't appear when you press Ctrl+Alt+Del.
 
 However, users are still able to change their password when prompted by the system. The system prompts users for a new password when an administrator requires a new password or their password is expiring.
 
@@ -119,11 +119,11 @@ ADMX Info:
 <!--Description-->
 This policy setting prevents users from locking the system.
 
-While locked, the desktop is hidden and the system cannot be used. Only the user who locked the system or the system administrator can unlock it.
+While locked, the desktop is hidden and the system can't be used. Only the user who locked the system or the system administrator can unlock it.
 
-If you enable this policy setting, users cannot lock the computer from the keyboard using Ctrl+Alt+Del.
+If you enable this policy setting, users can't lock the computer from the keyboard using Ctrl+Alt+Del.
 
-If you disable or do not configure this policy setting, users will be able to lock the computer from the keyboard using Ctrl+Alt+Del.
+If you disable or don't configure this policy setting, users will be able to lock the computer from the keyboard using Ctrl+Alt+Del.
 
 > [!TIP]
 > To lock a computer without configuring a setting, press Ctrl+Alt+Delete, and then click Lock this computer.
@@ -170,9 +170,9 @@ This policy setting prevents users from starting Task Manager.
 
 Task Manager (**taskmgr.exe**) lets users start and stop programs, monitor the performance of their computers, view and monitor all programs running on their computers, including system services, find the executable names of programs, and change the priority of the process in which programs run.
 
-If you enable this policy setting, users will not be able to access Task Manager. If users try to start Task Manager, a message appears explaining that a policy prevents the action.
+If you enable this policy setting, users won't be able to access Task Manager. If users try to start Task Manager, a message appears explaining that a policy prevents the action.
 
-If you disable or do not configure this policy setting, users can access Task Manager to start and stop programs, monitor the performance of their computers, view and monitor all programs running on their computers, including system services, find the executable names of programs, and change the priority of the process in which programs run.
+If you disable or don't configure this policy setting, users can access Task Manager to start and stop programs, monitor the performance of their computers, view and monitor all programs running on their computers, including system services, find the executable names of programs, and change the priority of the process in which programs run.
 
 <!--/Description-->
 
@@ -215,11 +215,11 @@ ADMX Info:
 <!--Description-->
 This policy setting disables or removes all menu items and buttons that log the user off the system.
 
-If you enable this policy setting, users will not see the Log off menu item when they press Ctrl+Alt+Del. This will prevent them from logging off unless they restart or shutdown the computer, or clicking Log off from the Start menu.
+If you enable this policy setting, users won't see the Log off menu item when they press Ctrl+Alt+Del. This scenario will prevent them from logging off unless they restart or shut down the computer, or clicking Log off from the Start menu.
 
 Also, see the 'Remove Logoff on the Start Menu' policy setting.
 
-If you disable or do not configure this policy setting, users can see and select the Log off menu item when they press Ctrl+Alt+Del.
+If you disable or don't configure this policy setting, users can see and select the Log off menu item when they press Ctrl+Alt+Del.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-datacollection.md b/windows/client-management/mdm/policy-csp-admx-datacollection.md
index 280a763699..33f7687705 100644
--- a/windows/client-management/mdm/policy-csp-admx-datacollection.md
+++ b/windows/client-management/mdm/policy-csp-admx-datacollection.md
@@ -63,9 +63,9 @@ manager: dansimp
 <!--Description-->
 This policy setting defines the identifier used to uniquely associate this device’s telemetry data as belonging to a given organization.
 
-If your organization is participating in a program that requires this device to be identified as belonging to your organization then use this setting to provide that identification. The value for this setting will be provided by Microsoft as part of the onboarding process for the program.
+If your organization is participating in a program that requires this device to be identified as belonging to your organization, then use this setting to provide that identification. The value for this setting will be provided by Microsoft as part of the onboarding process for the program.
 
-If you disable or do not configure this policy setting, then Microsoft will not be able to use this identifier to associate this machine and its telemetry data with your organization.
+If you disable or don't configure this policy setting, then Microsoft won't be able to use this identifier to associate this machine and its telemetry data with your organization.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-dcom.md b/windows/client-management/mdm/policy-csp-admx-dcom.md
index 4efe29532e..510d934391 100644
--- a/windows/client-management/mdm/policy-csp-admx-dcom.md
+++ b/windows/client-management/mdm/policy-csp-admx-dcom.md
@@ -66,10 +66,10 @@ manager: dansimp
 <!--Description-->
 This policy setting allows you to specify that local computer administrators can supplement the "Define Activation Security Check exemptions" list.
   
-- If you enable this policy setting, and DCOM does not find an explicit entry for a DCOM server application ID (appid) in the "Define Activation Security Check exemptions" policy (if enabled). Then DCOM will look for an entry in the locally configured list.
+- If you enable this policy setting, and DCOM doesn't find an explicit entry for a DCOM server application ID (appid) in the "Define Activation Security Check exemptions" policy (if enabled). Then DCOM will look for an entry in the locally configured list.
 
-- If you disable this policy setting, DCOM will not look in the locally configured DCOM activation security check exemption list.  
-If you do not configure this policy setting, DCOM will only look in the locally configured exemption list if the "Define Activation Security Check exemptions" policy is not configured.
+- If you disable this policy setting, DCOM won't look in the locally configured DCOM activation security check exemption list.  
+If you don't configure this policy setting, DCOM will only look in the locally configured exemption list if the "Define Activation Security Check exemptions" policy isn't configured.
 
 > [!NOTE]
 > This policy setting applies to all sites in Trusted zones.
@@ -113,25 +113,25 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to view and change a list of DCOM server application IDs (app ids), which are exempted from the DCOM Activation security check.  
+This policy setting allows you to view and change a list of DCOM server application IDs (app IDs), which are exempted from the DCOM Activation security check.  
 DCOM uses two such lists, one configured via Group Policy through this policy setting, and the other via the actions of local computer administrators.  
 DCOM ignores the second list when this policy setting is configured, unless the "Allow local activation security check exemptions" policy is enabled. 
 DCOM server application IDs added to this policy must be listed in curly brace format.
 
 For example, `{b5dcb061-cefb-42e0-a1be-e6a6438133fe}`.
-If you enter a non-existent or improperly formatted application ID DCOM will add it to the list without checking for errors.  
+If you enter a non-existent or improperly formatted application, ID DCOM will add it to the list without checking for errors.  
 - If you enable this policy setting, you can view and change the list of DCOM activation security check exemptions defined by Group Policy settings. 
 
-If you add an application ID to this list and set its value to one, DCOM will not enforce the Activation security check for that DCOM server.   
-If you add an application ID to this list and set its value to zero DCOM will always enforce the Activation security check for that DCOM server regardless of local 
+If you add an application ID to this list and set its value to one, DCOM won't enforce the Activation security check for that DCOM server.   
+If you add an application ID to this list and set its value to 0, DCOM will always enforce the Activation security check for that DCOM server regardless of local 
 settings.  
 - If you disable this policy setting, the application ID exemption list defined by Group Policy is deleted, and the one defined by local computer administrators is used.  
 
-If you do not configure this policy setting, the application ID exemption list defined by local computer administrators is used.  Notes:  The DCOM Activation security check is done after a DCOM server process is started, but before an object activation request is dispatched to the server process.   
-This access check is done against the DCOM server's custom launch permission security descriptor if it exists, or otherwise against the configured defaults.  If the DCOM server's custom launch permission contains explicit DENY entries this may mean that object activations that would have previously succeeded for such specified users, once the DCOM server process was up and running, might now fail instead.  
+If you don't configure this policy setting, the application ID exemption list defined by local computer administrators is used.  Notes:  The DCOM Activation security check is done after a DCOM server process is started, but before an object activation request is dispatched to the server process.   
+This access check is done against the DCOM server's custom launch permission security descriptor if it exists, or otherwise against the configured defaults. If the DCOM server's custom launch permission contains explicit DENY entries, then the object activations that would have previously succeeded for such specified users, once the DCOM server process was up and running, might now fail instead.  
 
 The proper action in this situation is to reconfigure the DCOM server's custom launch permission settings for correct security settings, but this policy setting may be used in the short term as an application compatibility deployment aid.  
-DCOM servers added to this exemption list are only exempted if their custom launch permissions do not contain specific LocalLaunch, RemoteLaunch, LocalActivate, or RemoteActivate grant or deny entries for any users or groups.  
+DCOM servers added to this exemption list are only exempted if their custom launch permissions don't contain specific LocalLaunch, RemoteLaunch, LocalActivate, or RemoteActivate grant or deny entries for any users or groups.  
 
 > [!NOTE]
 > Exemptions for DCOM Server Application IDs added to this list will apply to both 32-bit and 64-bit versions of the server if present.
diff --git a/windows/client-management/mdm/policy-csp-admx-desktop.md b/windows/client-management/mdm/policy-csp-admx-desktop.md
index 1a66b56054..a7ea8ccda9 100644
--- a/windows/client-management/mdm/policy-csp-admx-desktop.md
+++ b/windows/client-management/mdm/policy-csp-admx-desktop.md
@@ -145,13 +145,13 @@ manager: dansimp
 
 <!--/Scope-->
 <!--Description-->
-Displays the filter bar above the results of an Active Directory search. The filter bar consists of buttons for applying additional filters to search results.
+Displays the filter bar above the results of an Active Directory search. The filter bar consists of buttons for applying more filters to search results.
 
 If you enable this setting, the filter bar appears when the Active Directory Find dialog box opens, but users can hide it.
 
-If you disable this setting or do not configure it, the filter bar does not appear, but users can display it by selecting "Filter" on the "View" menu.
+If you disable this setting or don't configure it, the filter bar doesn't appear, but users can display it by selecting "Filter" on the "View" menu.
 
-To see the filter bar, open Network Locations, click Entire Network, and then click Directory. Right-click the name of a Windows domain, and click Find. Type the name of an object in the directory, such as  "Administrator." If the filter bar does not appear above the resulting display, on the View menu, click Filter.
+To see the filter bar, open Network Locations, click Entire Network, and then click Directory. Right-click the name of a Windows domain, and click Find. Type the name of an object in the directory, such as  "Administrator." If the filter bar doesn't appear above the resulting display, on the View menu, click Filter.
 
 <!--/Description-->
 
@@ -197,9 +197,9 @@ Hides the Active Directory folder in Network Locations.
 
 The Active Directory folder displays Active Directory objects in a browse window.
 
-If you enable this setting, the Active Directory folder does not appear in the Network Locations folder.
+If you enable this setting, the Active Directory folder doesn't appear in the Network Locations folder.
 
-If you disable this setting or do not configure it, the Active Directory folder appears in the Network Locations folder.
+If you disable this setting or don't configure it, the Active Directory folder appears in the Network Locations folder.
 
 This setting is designed to let users search Active Directory but not tempt them to casually browse Active Directory.
 
@@ -243,11 +243,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Specifies the maximum number of objects the system displays in response to a command to browse or search Active Directory. This setting affects all browse displays associated with Active Directory, such as those in Local Users and Groups, Active Directory Users and Computers, and dialog boxes used to set permissions for user or group objects in Active Directory.
+Specifies the maximum number of objects the system displays in response to a command to browse or search Active Directory. This setting affects all browse displays associated with Active Directory, such as those displays in Local Users and Groups, Active Directory Users and Computers, and dialog boxes used to set permissions for user or group objects in Active Directory.
 
 If you enable this setting, you can use the "Number of objects returned" box to limit returns from an Active Directory search.
 
-If you disable this setting or do not configure it, the system displays up to 10,000 objects. This consumes approximately 2 MB of memory or disk space.
+If you disable this setting or don't configure it, the system displays up to 10,000 objects. This screen-display consumes approximately 2 MB of memory or disk space.
 
 This setting is designed to protect the network and the domain controller from the effect of expansive searches.
 
@@ -295,7 +295,7 @@ Enables Active Desktop and prevents users from disabling it.
 
 This setting prevents users from trying to enable or disable Active Desktop while a policy controls it.
 
-If you disable this setting or do not configure it, Active Desktop is disabled by default, but users can enable it.
+If you disable this setting or don't configure it, Active Desktop is disabled by default, but users can enable it.
 
 > [!NOTE]
 > If both the "Enable Active Desktop" setting and the "Disable Active Desktop" setting are enabled, the "Disable Active Desktop" setting is ignored.  If the "Turn on Classic Shell" setting (in User Configuration\Administrative Templates\Windows Components\Windows Explorer) is enabled, Active Desktop is disabled, and both of these policies are ignored.
@@ -343,7 +343,7 @@ Disables Active Desktop and prevents users from enabling it.
 
 This setting prevents users from trying to enable or disable Active Desktop while a policy controls it.
 
-If you disable this setting or do not configure it, Active Desktop is disabled by default, but users can enable it.
+If you disable this setting or don't configure it, Active Desktop is disabled by default, but users can enable it.
 
 > [!NOTE]
 > If both the "Enable Active Desktop" setting and the "Disable Active Desktop" setting are enabled, the "Disable Active Desktop" setting is ignored. If the "Turn on Classic Shell" setting (in User Configuration\Administrative Templates\Windows Components\Windows Explorer) is enabled, Active Desktop is disabled, and both these policies are ignored.
@@ -390,7 +390,7 @@ ADMX Info:
 <!--Description-->
 Prevents the user from enabling or disabling Active Desktop or changing the Active Desktop configuration.
 
-This is a comprehensive setting that locks down the configuration you establish by using other policies in this folder. This setting removes the Web tab from Display in Control Panel. As a result, users cannot enable or disable Active Desktop. If Active Desktop is already enabled, users cannot add, remove, or edit Web content or disable, lock, or synchronize Active Desktop components.
+This setting is a comprehensive one that locks down the configuration you establish by using other policies in this folder. This setting removes the Web tab from Display in Control Panel. As a result, users can't enable or disable Active Desktop. If Active Desktop is already enabled, users can't add, remove, or edit Web content or disable, lock, or synchronize Active Desktop components.
 
 <!--/Description-->
 
@@ -433,9 +433,9 @@ ADMX Info:
 <!--Description-->
 Removes icons, shortcuts, and other default and user-defined items from the desktop, including Briefcase, Recycle Bin, Computer, and Network Locations.
 
-Removing icons and shortcuts does not prevent the user from using another method to start the programs or opening the items they represent.
+Removing icons and shortcuts doesn't prevent the user from using another method to start the programs or opening the items they represent.
 
-Also, see "Items displayed in Places Bar" in User Configuration\Administrative Templates\Windows Components\Common Open File Dialog to remove the Desktop icon from the Places Bar. This will help prevent users from saving data to the Desktop.
+Also, see "Items displayed in Places Bar" in User Configuration\Administrative Templates\Windows Components\Common Open File Dialog to remove the Desktop icon from the Places Bar. The removal of the Desktop icon will help prevent users from saving data to the Desktop.
 
 <!--/Description-->
 
@@ -479,12 +479,12 @@ ADMX Info:
 <!--Description-->
 Prevents users from using the Desktop Cleanup Wizard.
 
-If you enable this setting, the Desktop Cleanup wizard does not automatically run on a users workstation every 60 days. The user will also not be able to access the Desktop Cleanup Wizard.
+If you enable this setting, the Desktop Cleanup wizard doesn't automatically run on a user's workstation every 60 days. The user will also not be able to access the Desktop Cleanup Wizard.
 
-If you disable this setting or do not configure it, the default behavior of the Desktop Clean Wizard running every 60 days occurs.
+If you disable this setting or don't configure it, the default behavior of the Desktop Clean Wizard running every 60 days occurs.
 
 > [!NOTE]
-> When this setting is not enabled, users can run the Desktop Cleanup Wizard, or have it run automatically every 60 days from Display, by clicking the Desktop tab and then clicking the Customize Desktop button.
+> When this setting isn't enabled, users can run the Desktop Cleanup Wizard, or have it run automatically every 60 days from Display, by clicking the Desktop tab and then clicking the Customize Desktop button.
 
 <!--/Description-->
 
@@ -528,7 +528,7 @@ ADMX Info:
 <!--Description-->
 Removes the Internet Explorer icon from the desktop and from the Quick Launch bar on the taskbar.
 
-This setting does not prevent the user from starting Internet Explorer by using other methods.
+This setting doesn't prevent the user from starting Internet Explorer by using other methods.
 
 <!--/Description-->
 
@@ -576,10 +576,10 @@ If you enable this setting, Computer is hidden on the desktop, the new Start men
 
 If you disable this setting, Computer is displayed as usual, appearing as normal on the desktop, Start menu, folder tree pane, and Web views, unless restricted by another setting.
 
-If you do not configure this setting, the default is to display Computer as usual.
+If you don't configure this setting, the default is to display Computer as usual.
 
 > [!NOTE]
-> In operating systems earlier than Microsoft Windows Vista, this policy applies to the My Computer icon. Hiding Computer and its contents does not hide the contents of the child folders of Computer. For example, if the users navigate into one of their hard drives, they see all of their folders and files there, even if this setting is enabled.
+> In operating systems earlier than Microsoft Windows Vista, this policy applies to the My Computer icon. Hiding Computer and its contents doesn't hide the contents of the child folders of Computer. For example, if the users navigate into one of their hard drives, they see all of their folders and files there, even if this setting is enabled.
 
 <!--/Description-->
 
@@ -625,9 +625,9 @@ Removes most occurrences of the My Documents icon.
 
 This setting removes the My Documents icon from the desktop, from File Explorer, from programs that use the File Explorer windows, and from the standard Open dialog box.
 
-This setting does not prevent the user from using other methods to gain access to the contents of the My Documents folder.
+This setting doesn't prevent the user from using other methods to gain access to the contents of the My Documents folder.
 
-This setting does not remove the My Documents icon from the Start menu. To do so, use the "Remove My Documents icon from Start Menu" setting.
+This setting doesn't remove the My Documents icon from the Start menu. To do so, use the "Remove My Documents icon from Start Menu" setting.
 
 > [!NOTE]
 > To make changes to this setting effective, you must log off from and log back on to Windows 2000 Professional.
@@ -673,7 +673,7 @@ ADMX Info:
 <!--Description-->
 Removes the Network Locations icon from the desktop.
 
-This setting only affects the desktop icon. It does not prevent users from connecting to the network or browsing for shared computers on the network.
+This setting only affects the desktop icon. It doesn't prevent users from connecting to the network or browsing for shared computers on the network.
 
 > [!NOTE]
 > In operating systems earlier than Microsoft Windows Vista, this policy applies to the My Network Places icon.
@@ -720,9 +720,9 @@ ADMX Info:
 <!--Description-->
 This setting hides Properties on the context menu for Computer.
 
-If you enable this setting, the Properties option will not be present when the user right-clicks My Computer or clicks Computer and then goes to the File menu.  Likewise, Alt-Enter does nothing when Computer is selected.
+If you enable this setting, the Properties option won't be present when the user right-clicks My Computer or clicks Computer and then goes to the File menu.  Likewise, Alt-Enter does nothing when Computer is selected.
 
-If you disable or do not configure this setting, the Properties option is displayed as usual.
+If you disable or don't configure this setting, the Properties option is displayed as usual.
 
 <!--/Description-->
 
@@ -766,13 +766,13 @@ ADMX Info:
 <!--Description-->
 This policy setting hides the Properties menu command on the shortcut menu for the My Documents icon.
 
-If you enable this policy setting, the Properties menu command will not be displayed when the user does any of the following:
+If you enable this policy setting, the Properties menu command won't be displayed when the user does any of the following tasks:
 
 - Right-clicks the My Documents icon.
 - Clicks the My Documents icon, and then opens the File menu.
 - Clicks the My Documents icon, and then presses ALT+ENTER.
 
-If you disable or do not configure this policy setting, the Properties menu command is displayed.
+If you disable or don't configure this policy setting, the Properties menu command is displayed.
 
 <!--/Description-->
 
@@ -814,11 +814,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Remote shared folders are not added to Network Locations whenever you open a document in the shared folder.
+Remote shared folders aren't added to Network Locations whenever you open a document in the shared folder.
 
-If you disable this setting or do not configure it, when you open a document in a remote shared folder, the system adds a connection to the shared folder to Network Locations.
+If you disable this setting or don't configure it, when you open a document in a remote shared folder, the system adds a connection to the shared folder to Network Locations.
 
-If you enable this setting, shared folders are not added to Network Locations automatically when you open a document in the shared folder.
+If you enable this setting, shared folders aren't added to Network Locations automatically when you open a document in the shared folder.
 
 <!--/Description-->
 
@@ -864,7 +864,7 @@ Removes most occurrences of the Recycle Bin icon.
 
 This setting removes the Recycle Bin icon from the desktop, from File Explorer, from programs that use the File Explorer windows, and from the standard Open dialog box.
 
-This setting does not prevent the user from using other methods to gain access to the contents of the Recycle Bin folder.
+This setting doesn't prevent the user from using other methods to gain access to the contents of the Recycle Bin folder.
 
 > [!NOTE]
 > To make changes to this setting effective, you must log off and then log back on.
@@ -910,9 +910,9 @@ ADMX Info:
 <!--Description-->
 Removes the Properties option from the Recycle Bin context menu.
 
-If you enable this setting, the Properties option will not be present when the user right-clicks on Recycle Bin or opens Recycle Bin and then clicks File. Likewise, Alt-Enter does nothing when Recycle Bin is selected.
+If you enable this setting, the Properties option won't be present when the user right-clicks on Recycle Bin or opens Recycle Bin and then clicks File. Likewise, Alt-Enter does nothing when Recycle Bin is selected.
 
-If you disable or do not configure this setting, the Properties option is displayed as usual.
+If you disable or don't configure this setting, the Properties option is displayed as usual.
 
 <!--/Description-->
 
@@ -956,7 +956,7 @@ ADMX Info:
 <!--Description-->
 Prevents users from saving certain changes to the desktop.
 
-If you enable this setting, users can change the desktop, but some changes, such as the position of open windows or the size and position of the taskbar, are not saved when users log off. However, shortcuts placed on the desktop are always saved.
+If you enable this setting, users can change the desktop, but some changes, such as the position of open windows or the size and position of the taskbar, aren't saved when users sign out. However, shortcuts placed on the desktop are always saved.
 
 <!--/Description-->
 
@@ -1000,9 +1000,9 @@ ADMX Info:
 <!--Description-->
 Prevents windows from being minimized or restored when the active window is shaken back and forth with the mouse.
 
-If you enable this policy, application windows will not be minimized or restored when the active window is shaken back and forth with the mouse.
+If you enable this policy, application windows won't be minimized or restored when the active window is shaken back and forth with the mouse.
 
-If you disable or do not configure this policy, this window minimizing and restoring gesture will apply.
+If you disable or don't configure this policy, this window minimizing and restoring gesture will apply.
 
 <!--/Description-->
 
@@ -1047,14 +1047,14 @@ Specifies the desktop background ("wallpaper") displayed on all users' desktops.
 
 This setting lets you specify the wallpaper on users' desktops and prevents users from changing the image or its presentation. The wallpaper you specify can be stored in a bitmap (*.bmp) or JPEG (*.jpg) file.
 
-To use this setting, type the fully qualified path and name of the file that stores the wallpaper image. You can type a local path, such as C:\Windows\web\wallpaper\home.jpg or a UNC path, such as \\\Server\Share\Corp.jpg. If the specified file is not available when the user logs on, no wallpaper is displayed. Users cannot specify alternative wallpaper. You can also use this setting to specify that the wallpaper image be centered, tiled, or stretched. Users cannot change this specification.
+To use this setting, type the fully qualified path and name of the file that stores the wallpaper image. You can type a local path, such as C:\Windows\web\wallpaper\home.jpg or a UNC path, such as \\\Server\Share\Corp.jpg. If the specified file isn't available when the user logs on, no wallpaper is displayed. Users can't specify alternative wallpaper. You can also use this setting to specify that the wallpaper image be centered, tiled, or stretched. Users can't change this specification.
 
-If you disable this setting or do not configure it, no wallpaper is displayed. However, users can select the wallpaper of their choice.
+If you disable this setting or don't configure it, no wallpaper is displayed. However, users can select the wallpaper of their choice.
 
 Also, see the "Allow only bitmapped wallpaper" in the same location, and the "Prevent changing wallpaper" setting in User Configuration\Administrative Templates\Control Panel.
 
 > [!NOTE]
-> This setting does not apply to remote desktop server sessions.
+> This setting doesn't apply to remote desktop server sessions.
 
 <!--/Description-->
 
@@ -1097,7 +1097,7 @@ ADMX Info:
 <!--Description-->
 Prevents users from adding Web content to their Active Desktop.
 
-This setting removes the "New" button from Web tab in Display in Control Panel. As a result, users cannot add Web pages or pictures from the Internet or an intranet to the desktop. This setting does not remove existing Web content from their Active Desktop, or prevent users from removing existing Web content.
+This setting removes the "New" button from Web tab in Display in Control Panel. As a result, users can't add Web pages or pictures from the Internet or an intranet to the desktop. This setting doesn't remove existing Web content from their Active Desktop, or prevent users from removing existing Web content.
 
 Also, see the "Disable all items" setting.
 
@@ -1142,12 +1142,12 @@ ADMX Info:
 <!--Description-->
 Prevents users from removing Web content from their Active Desktop.
 
-In Active Desktop, you can add items to the desktop but close them so they are not displayed.
+In Active Desktop, you can add items to the desktop but close them so they aren't displayed.
 
-If you enable this setting, items added to the desktop cannot be closed; they always appear on the desktop. This setting removes the check boxes from items on the Web tab in Display in Control Panel.
+If you enable this setting, items added to the desktop can't be closed; they always appear on the desktop. This setting removes the check boxes from items on the Web tab in Display in Control Panel.
 
 > [!NOTE]
-> This setting does not prevent users from deleting items from their Active Desktop.
+> This setting doesn't prevent users from deleting items from their Active Desktop.
 
 <!--/Description-->
 
@@ -1193,7 +1193,7 @@ Prevents users from deleting Web content from their Active Desktop.
 
 This setting removes the Delete button from the Web tab in Display in Control Panel. As a result, users can temporarily remove, but not delete, Web content from their Active Desktop.
 
-This setting does not prevent users from adding Web content to their Active Desktop.
+This setting doesn't prevent users from adding Web content to their Active Desktop.
 
 Also, see the "Prohibit closing items" and "Disable all items" settings.
 
@@ -1239,7 +1239,7 @@ ADMX Info:
 <!--Description-->
 Prevents users from changing the properties of Web content items on their Active Desktop.
 
-This setting disables the Properties button on the Web tab in Display in Control Panel. Also, it removes the Properties item from the menu for each item on the Active Desktop. As a result, users cannot change the properties of an item, such as its synchronization schedule, password, or display characteristics.
+This setting disables the Properties button on the Web tab in Display in Control Panel. Also, it removes the Properties item from the menu for each item on the Active Desktop. As a result, users can't change the properties of an item, such as its synchronization schedule, password, or display characteristics.
 
 <!--/Description-->
 
@@ -1283,10 +1283,10 @@ ADMX Info:
 <!--Description-->
 Removes Active Desktop content and prevents users from adding Active Desktop content. 
 
-This setting removes all Active Desktop items from the desktop. It also removes the Web tab from Display in Control Panel. As a result, users cannot add Web pages or  pictures from the Internet or an intranet to the desktop.
+This setting removes all Active Desktop items from the desktop. It also removes the Web tab from Display in Control Panel. As a result, users can't add Web pages or  pictures from the Internet or an intranet to the desktop.
 
 > [!NOTE]
-> This setting does not disable Active Desktop. Users can  still use image formats, such as JPEG and GIF, for their desktop wallpaper.
+> This setting doesn't disable Active Desktop. Users can  still use image formats, such as JPEG and GIF, for their desktop wallpaper.
 
 <!--/Description-->
 
@@ -1335,10 +1335,10 @@ You can use the "Add" box in this setting to add particular Web-based items or s
 You can also use this setting to delete particular Web-based items from users' desktops. Users can add the item again (if settings allow), but the item is deleted each time the setting is refreshed.
 
 > [!NOTE]
-> Removing an item from the "Add" list for this setting is not the same as deleting it. Items that are removed from the "Add" list are not removed from the desktop. They are simply not added again.
+> Removing an item from the "Add" list for this setting isn't the same as deleting it. Items that are removed from the "Add" list aren't removed from the desktop. They are simply not added again.
 
 > [!NOTE]
-> For this setting to take affect, you must log off and log on to the system.
+> For this setting to take effect, you must log off and log on to the system.
 
 <!--/Description-->
 
@@ -1382,7 +1382,7 @@ ADMX Info:
 <!--Description-->
 Prevents users from manipulating desktop toolbars.
 
-If you enable this setting, users cannot add or remove toolbars from the desktop. Also, users cannot drag toolbars on to or off of docked toolbars.
+If you enable this setting, users can't add or remove toolbars from the desktop. Also, users can't drag toolbars onto or off from the docked toolbars.
 
 > [!NOTE]
 > If users have added or removed toolbars, this setting prevents them from restoring the default configuration.
@@ -1432,9 +1432,9 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Prevents users from adjusting the length of desktop toolbars. Also, users cannot reposition items or toolbars on docked toolbars.
+Prevents users from adjusting the length of desktop toolbars. Also, users can't reposition items or toolbars on docked toolbars.
 
-This setting does not prevent users from adding or removing toolbars on the desktop.
+This setting doesn't prevent users from adding or removing toolbars on the desktop.
 
 > [!NOTE]
 > If users have adjusted their toolbars, this setting prevents them from restoring the default configuration.
@@ -1481,7 +1481,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Permits only bitmap images for wallpaper. This setting limits the desktop background ("wallpaper") to bitmap (.bmp) files. If users select files with other image formats, such as JPEG, GIF, PNG, or HTML, through the Browse button on the Desktop tab, the wallpaper does not load. Files that are autoconverted to a .bmp format, such as JPEG, GIF, and PNG, can be set as Wallpaper by right-clicking the image and selecting "Set as Wallpaper".
+Permits only bitmap images for wallpaper. This setting limits the desktop background ("wallpaper") to bitmap (.bmp) files. If users select files with other image formats, such as JPEG, GIF, PNG, or HTML, through the Browse button on the Desktop tab, the wallpaper doesn't load. Files that are autoconverted to a .bmp format, such as JPEG, GIF, and PNG, can be set as Wallpaper by right-clicking the image and selecting "Set as Wallpaper".
 
 Also, see the "Desktop Wallpaper" and the "Prevent changing wallpaper" (in User Configuration\Administrative Templates\Control Panel\Display) settings.
 
diff --git a/windows/client-management/mdm/policy-csp-admx-deviceguard.md b/windows/client-management/mdm/policy-csp-admx-deviceguard.md
index 6ef592107b..5ac4d423c2 100644
--- a/windows/client-management/mdm/policy-csp-admx-deviceguard.md
+++ b/windows/client-management/mdm/policy-csp-admx-deviceguard.md
@@ -65,12 +65,12 @@ This policy setting lets you deploy a Code Integrity Policy to a machine to cont
 
 If you deploy a Code Integrity Policy, Windows will restrict what can run in both kernel mode and on the Windows Desktop based on the policy. 
 
-To enable this policy the machine must be rebooted.  
+To enable this policy, the machine must be rebooted.  
 The file path must be either a UNC path (for example, `\\ServerName\ShareName\SIPolicy.p7b`),
 or a locally valid path (for example, `C:\FolderName\SIPolicy.p7b)`. 
  
 The local machine account (LOCAL SYSTEM) must have access permission to the policy file.    
-If using a signed and protected policy then disabling this policy setting doesn't remove the feature from the computer. Instead, you must either:  
+If using a signed and protected policy, then disabling this policy setting doesn't remove the feature from the computer. Instead, you must either:  
 1. First update the policy to a non-protected policy and then disable the setting.  
 2. Disable the setting and then remove the policy from each computer, with a physically present user.
 
diff --git a/windows/client-management/mdm/policy-csp-admx-deviceinstallation.md b/windows/client-management/mdm/policy-csp-admx-deviceinstallation.md
index 596d4df2ed..62efd762ae 100644
--- a/windows/client-management/mdm/policy-csp-admx-deviceinstallation.md
+++ b/windows/client-management/mdm/policy-csp-admx-deviceinstallation.md
@@ -86,7 +86,7 @@ This policy setting allows you to determine whether members of the Administrator
 
 If you enable this policy setting, members of the Administrators group can use the Add Hardware wizard or the Update Driver wizard to install and update the drivers for any device. If you enable this policy setting on a remote desktop server, the policy setting affects redirection of the specified devices from a remote desktop client to the remote desktop server.
 
-If you disable or do not configure this policy setting, members of the Administrators group are subject to all policy settings that restrict device installation.
+If you disable or don't configure this policy setting, members of the Administrators group are subject to all policy settings that restrict device installation.
 
 <!--/Description-->
 
@@ -132,7 +132,7 @@ This policy setting allows you to display a custom message to users in a notific
 
 If you enable this policy setting, Windows displays the text you type in the Detail Text box when a policy setting prevents device installation.
 
-If you disable or do not configure this policy setting, Windows displays a default message when a policy setting prevents device installation.
+If you disable or don't configure this policy setting, Windows displays a default message when a policy setting prevents device installation.
 
 <!--/Description-->
 
@@ -178,7 +178,7 @@ This policy setting allows you to display a custom message title in a notificati
 
 If you enable this policy setting, Windows displays the text you type in the Main Text box as the title text of a notification when a policy setting prevents device installation.
 
-If you disable or do not configure this policy setting, Windows displays a default title in a notification when a policy setting prevents device installation.
+If you disable or don't configure this policy setting, Windows displays a default title in a notification when a policy setting prevents device installation.
 
 <!--/Description-->
 
@@ -224,7 +224,7 @@ This policy setting allows you to configure the number of seconds Windows waits
 
 If you enable this policy setting, Windows waits for the number of seconds you specify before terminating the installation.
 
-If you disable or do not configure this policy setting, Windows waits 240 seconds for a device installation task to complete before terminating the installation.
+If you disable or don't configure this policy setting, Windows waits 240 seconds for a device installation task to complete before terminating the installation.
 
 <!--/Description-->
 
@@ -268,11 +268,11 @@ ADMX Info:
 <!--Description-->
 This policy setting establishes the amount of time (in seconds) that the system will wait to reboot in order to enforce a change in device installation restriction policies.
 
-If you enable this policy setting, set the amount of seconds you want the system to wait until a reboot.
+If you enable this policy setting, set the number of seconds you want the system to wait until a reboot.
 
-If you disable or do not configure this policy setting, the system does not force a reboot.
+If you disable or don't configure this policy setting, the system doesn't force a reboot.
 
-Note: If no reboot is forced, the device installation restriction right will not take effect until the system is restarted.
+Note: If no reboot is forced, the device installation restriction right won't take effect until the system is restarted.
 
 <!--/Description-->
 
@@ -314,11 +314,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to prevent Windows from installing removable devices. A device is considered removable when the driver for the device to which it is connected indicates that the device is removable. For example, a Universal Serial Bus (USB) device is reported to be removable by the drivers for the USB hub to which the device is connected. This policy setting takes precedence over any other policy setting that allows Windows to install a device.
+This policy setting allows you to prevent Windows from installing removable devices. A device is considered removable when the driver for the device to which it's connected indicates that the device is removable. For example, a Universal Serial Bus (USB) device is reported to be removable by the drivers for the USB hub to which the device is connected. This policy setting takes precedence over any other policy setting that allows Windows to install a device.
 
-If you enable this policy setting, Windows is prevented from installing removable devices and existing removable devices cannot have their drivers updated. If you enable this policy setting on a remote desktop server, the policy setting affects redirection of removable devices from a remote desktop client to the remote desktop server.
+If you enable this policy setting, Windows is prevented from installing removable devices and existing removable devices can't have their drivers updated. If you enable this policy setting on a remote desktop server, the policy setting affects redirection of removable devices from a remote desktop client to the remote desktop server.
 
-If you disable or do not configure this policy setting, Windows can install and update device drivers for removable devices as allowed or prevented by other policy settings.
+If you disable or don't configure this policy setting, Windows can install and update device drivers for removable devices as allowed or prevented by other policy settings.
 <!--/Description-->
 
 
@@ -361,9 +361,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to prevent Windows from creating a system restore point during device activity that would normally prompt Windows to create a system restore point. Windows normally creates restore points for certain driver activity, such as the installation of an unsigned driver. A system restore point enables you to more easily restore your system to its state before the activity. 
 
-If you enable this policy setting, Windows does not create a system restore point when one would normally be created.
+If you enable this policy setting, Windows doesn't create a system restore point when one would normally be created.
 
-If you disable or do not configure this policy setting, Windows creates a system restore point as it normally would.
+If you disable or don't configure this policy setting, Windows creates a system restore point as it normally would.
 
 <!--/Description-->
 
@@ -409,7 +409,7 @@ This policy setting specifies a list of device setup class GUIDs describing devi
 
 If you enable this policy setting, members of the Users group may install new drivers for the specified device setup classes. The drivers must be signed according to Windows Driver Signing Policy, or be signed by publishers already in the TrustedPublisher store.
 
-If you disable or do not configure this policy setting, only members of the Administrators group are allowed to install new device drivers on the system.
+If you disable or don't configure this policy setting, only members of the Administrators group are allowed to install new device drivers on the system.
 
 
 <!--/Description-->
diff --git a/windows/client-management/mdm/policy-csp-admx-devicesetup.md b/windows/client-management/mdm/policy-csp-admx-devicesetup.md
index ae07cf6eb3..c54fe1375e 100644
--- a/windows/client-management/mdm/policy-csp-admx-devicesetup.md
+++ b/windows/client-management/mdm/policy-csp-admx-devicesetup.md
@@ -66,9 +66,9 @@ manager: dansimp
 <!--Description-->
 This policy setting allows you to turn off "Found New Hardware" balloons during device installation.
 
-If you enable this policy setting, "Found New Hardware" balloons do not appear while a device is being installed.
+If you enable this policy setting, "Found New Hardware" balloons don't appear while a device is being installed.
 
-If you disable or do not configure this policy setting, "Found New Hardware" balloons appear while a device is being installed, unless the driver for the device suppresses the balloons.
+If you disable or don't configure this policy setting, "Found New Hardware" balloons appear while a device is being installed, unless the driver for the device suppresses the balloons.
 
 <!--/Description-->
 
@@ -114,9 +114,9 @@ This policy setting allows you to specify the order in which Windows searches so
 
 If you enable this policy setting, you can select whether Windows searches for drivers on Windows Update unconditionally, only if necessary, or not at all.
 
-Note that searching always implies that Windows will attempt to search Windows Update exactly one time. With this setting, Windows will not continually search for updates. This setting is used to ensure that the best software will be found for the device, even if the network is temporarily available. If the setting for searching only if needed is specified, then Windows will search for a driver only if a driver is not locally available on the system.
+Searching always implies that Windows will attempt to search Windows Update exactly one time. With this setting, Windows won't continually search for updates. This setting is used to ensure that the best software will be found for the device, even if the network is temporarily available. If the setting for searching only if needed is specified, then Windows will search for a driver only if a driver isn't locally available on the system.
 
-If you disable or do not configure this policy setting, members of the Administrators group can determine the priority order in which Windows searches source locations for device drivers.
+If you disable or don't configure this policy setting, members of the Administrators group can determine the priority order in which Windows searches source locations for device drivers.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-digitallocker.md b/windows/client-management/mdm/policy-csp-admx-digitallocker.md
index 731f55b062..fafc357e89 100644
--- a/windows/client-management/mdm/policy-csp-admx-digitallocker.md
+++ b/windows/client-management/mdm/policy-csp-admx-digitallocker.md
@@ -68,9 +68,9 @@ This policy setting specifies whether Digital Locker can run.
 
 Digital Locker is a dedicated download manager associated with Windows Marketplace and a feature of Windows that can be used to manage and download products acquired and stored in the user's Windows Marketplace Digital Locker.
 
-If you enable this setting, Digital Locker will not run.
+If you enable this setting, Digital Locker won't run.
 
-If you disable or do not configure this setting, Digital Locker can be run.
+If you disable or don't configure this setting, Digital Locker can be run.
 
 <!--/Description-->
 
@@ -116,9 +116,9 @@ This policy setting specifies whether Digital Locker can run.
 
 Digital Locker is a dedicated download manager associated with Windows Marketplace and a feature of Windows that can be used to manage and download products acquired and stored in the user's Windows Marketplace Digital Locker.
 
-If you enable this setting, Digital Locker will not run.
+If you enable this setting, Digital Locker won't run.
 
-If you disable or do not configure this setting, Digital Locker can be run.
+If you disable or don't configure this setting, Digital Locker can be run.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-disknvcache.md b/windows/client-management/mdm/policy-csp-admx-disknvcache.md
index 87b9aee1a3..6e82fec127 100644
--- a/windows/client-management/mdm/policy-csp-admx-disknvcache.md
+++ b/windows/client-management/mdm/policy-csp-admx-disknvcache.md
@@ -67,14 +67,14 @@ manager: dansimp
 
 <!--/Scope-->
 <!--Description-->
-This policy setting turns off the boot and resume optimizations for the hybrid hard disks in the system.  
+This policy setting turns off the boot and resumes optimizations for the hybrid hard disks in the system.  
 
-If you enable this policy setting, the system does not use the non-volatile (NV) cache to optimize boot and resume.  
+If you enable this policy setting, the system doesn't use the non-volatile (NV) cache to optimize boot and resume.  
 
 If you disable this policy setting, the system uses the NV cache to achieve faster boot and resume. 
 The system determines the data that will be stored in the NV cache to optimize boot and resume. 
 
-The required data is stored in the NV cache during shutdown and hibernate, respectively. This might cause a slight increase in the time taken for shutdown and hibernate.  If you do not configure this policy setting, the default behavior is observed and the NV cache is used for boot and resume optimizations. 
+The required data is stored in the NV cache during shutdown and hibernate, respectively. This storage in such a location might cause a slight increase in the time taken for shutdown and hibernate.  If you don't configure this policy setting, the default behavior is observed and the NV cache is used for boot and resume optimizations. 
 
 This policy setting is applicable only if the NV cache feature is on.
 
@@ -119,11 +119,11 @@ This policy setting turns off all support for the non-volatile (NV) cache on all
 
 To check if you have hybrid hard disks in the system, from Device Manager, right-click the disk drive and select Properties. The NV cache can be used to optimize boot and resume by reading data from the cache while the disks are spinning up. The NV cache can also be used to reduce the power consumption of the system by keeping the disks spun down while satisfying reads and writes from the cache.  
 
-If you enable this policy setting, the system will not manage the NV cache and will not enable NV cache power saving mode.  
+If you enable this policy setting, the system won't manage the NV cache and won't enable NV cache power saving mode.  
 
 If you disable this policy setting, the system will manage the NV cache on the disks if the other policy settings for the NV cache are appropriately configured. 
 
-This policy setting will take effect on next boot.  If you do not configure this policy setting, the default behavior is to turn on support for the NV cache.
+This policy setting will take effect on next boot.  If you don't configure this policy setting, the default behavior is to turn on support for the NV cache.
 
 
 
@@ -170,9 +170,9 @@ This policy setting turns off the solid state mode for the hybrid hard disks.
 
 If you enable this policy setting, frequently written files such as the file system metadata and registry may not be stored in the NV cache.  
 
-If you disable this policy setting, the system will store frequently written data into the non-volatile (NV) cache. This allows the system to exclusively run out of the NV cache and power down the disk for longer periods to save power. 
+If you disable this policy setting, the system will store frequently written data into the non-volatile (NV) cache. This storage allows the system to exclusively run out of the NV cache and power down the disk for longer periods to save power.
 
-This can cause increased wear of the NV cache.  If you do not configure this policy setting, the default behavior of the system is observed and frequently written files will be stored in the NV cache.  Note: This policy setting is applicable only if the NV cache feature is on.
+This usage can cause increased wear of the NV cache.  If you don't configure this policy setting, the default behavior of the system is observed and frequently written files will be stored in the NV cache.  Note: This policy setting is applicable only if the NV cache feature is on.
 
 
 <!--/Description-->
diff --git a/windows/client-management/mdm/policy-csp-admx-diskquota.md b/windows/client-management/mdm/policy-csp-admx-diskquota.md
index cc4ff2f0b5..5982c438b4 100644
--- a/windows/client-management/mdm/policy-csp-admx-diskquota.md
+++ b/windows/client-management/mdm/policy-csp-admx-diskquota.md
@@ -79,7 +79,7 @@ manager: dansimp
 <!--Description-->
 This policy setting extends the disk quota policies in this folder to NTFS file system volumes on the removable media.  
 
-If you disable or do not configure this policy setting, the disk quota policies established in this folder apply to fixed-media NTFS volumes only. 
+If you disable or don't configure this policy setting, the disk quota policies established in this folder apply to fixed-media NTFS volumes only. 
 
 When this policy setting is applied, the computer will apply the disk quota to both fixed and removable media.
 
@@ -124,13 +124,13 @@ ADMX Info:
 <!--Description-->
 This policy setting turns on and turns off disk quota management on all NTFS volumes of the computer, and prevents users from changing the setting.  
 
-If you enable this policy setting, disk quota management is turned on, and users cannot turn it off.  
+If you enable this policy setting, disk quota management is turned on, and users can't turn it off.
 
-If you disable the policy setting, disk quota management is turned off, and users cannot turn it on. When this policy setting is not configured then the disk quota management is turned off by default, and the administrators can turn it on. 
+If you disable the policy setting, disk quota management is turned off, and users can't turn it on. When this policy setting isn't configured then the disk quota management is turned off by default, and the administrators can turn it on. 
 
 To prevent users from changing the setting while a setting is in effect, the system disables the "Enable quota management" option on the Quota tab of NTFS volumes.
 
-This policy setting turns on disk quota management but does not establish or enforce a particular disk quota limit. 
+This policy setting turns on disk quota management but doesn't establish or enforce a particular disk quota limit. 
 
 To specify a disk quota limit, use the "Default quota limit and warning level" policy setting. Otherwise, the system uses the physical space on the volume as the quota limit. 
 
@@ -180,9 +180,9 @@ This policy setting determines whether disk quota limits are enforced and preven
 
 If you enable this policy setting, disk quota limits are enforced. 
 
-If you disable this policy setting, disk quota limits are not enforced. When you enable or disable this policy setting, the system disables the "Deny disk space to users exceed quota limit" option on the Quota tab. Therefore, the administrators cannot make changes while the setting is in effect. 
+If you disable this policy setting, disk quota limits aren't enforced. When you enable or disable this policy setting, the system disables the "Deny disk space to users exceed quota limit" option on the Quota tab. Therefore, the administrators can't make changes while the setting is in effect. 
 
-If you do not configure this policy setting, the disk quota limit is not enforced by default, but administrators can change the setting. Enforcement is optional. When users reach an enforced disk quota limit, the system responds as though the physical space on the volume were exhausted. When users reach an unenforced limit, their status in the Quota Entries window changes. However, the users can continue to write to the volume as long as physical space is available. 
+If you don't configure this policy setting, the disk quota limit isn't enforced by default, but administrators can change the setting. Enforcement is optional. When users reach an enforced disk quota limit, the system responds as though the physical space on the volume were exhausted. When users reach an unenforced limit, their status in the Quota Entries window changes. However, the users can continue to write to the volume as long as physical space is available. 
 
 This policy setting overrides user settings that enable or disable quota enforcement on their volumes. 
 
@@ -232,9 +232,9 @@ This policy setting determines whether the system records an event in the local
 
 If you enable this policy setting, the system records an event when the user reaches their limit. 
 
-If you disable this policy setting, no event is recorded. Also, when you enable or disable this policy setting, the system disables the "Log event when a user exceeds their quota limit" option on the Quota tab, so administrators cannot change the setting while a setting is in effect. If you do not configure this policy setting, no events are recorded, but administrators can use the Quota tab option to change the setting. 
+If you disable this policy setting, no event is recorded. Also, when you enable or disable this policy setting, the system disables the "Log event when a user exceeds their quota limit" option on the Quota tab, so administrators can't change the setting while a setting is in effect. If you don't configure this policy setting, no events are recorded, but administrators can use the Quota tab option to change the setting. 
 
-This policy setting is independent of the enforcement policy settings for disk quotas. As a result, you can direct the system to log an event, regardless of whether or not you choose to enforce the disk quota limit. Also, this policy setting does not affect the Quota Entries window on the Quota tab. Even without the logged event, users can detect that they have reached their limit, because their status in the Quota Entries window changes. 
+This policy setting is independent of the enforcement policy settings for disk quotas. As a result, you can direct the system to log an event, regardless of whether or not you choose to enforce the disk quota limit. Also, this policy setting doesn't affect the Quota Entries window on the Quota tab. Even without the logged event, users can detect that they've reached their limit, because their status in the Quota Entries window changes. 
 
 To find the logging option, in My Computer, right-click the name of an NTFS file system volume, click Properties, and then click the Quota tab.
 
@@ -282,9 +282,9 @@ This policy setting determines whether the system records an event in the Applic
 
 If you enable this policy setting, the system records an event.
 
-If you disable this policy setting, no event is recorded. When you enable or disable this policy setting, the system disables the corresponding "Log event when a user exceeds their warning level" option on the Quota tab so that administrators cannot change logging while a policy setting is in effect.  
+If you disable this policy setting, no event is recorded. When you enable or disable this policy setting, the system disables the corresponding "Log event when a user exceeds their warning level" option on the Quota tab so that administrators can't change logging while a policy setting is in effect.  
 
-If you do not configure this policy setting, no event is recorded, but administrators can use the Quota tab option to change the logging setting. This policy setting does not affect the Quota Entries window on the Quota tab. Even without the logged event, users can detect that they have reached their warning level because their status in the Quota Entries window changes. 
+If you don't configure this policy setting, no event is recorded, but administrators can use the Quota tab option to change the logging setting. This policy setting doesn't affect the Quota Entries window on the Quota tab. Even without the logged event, users can detect that they've reached their warning level because their status in the Quota Entries window changes. 
 
 To find the logging option, in My Computer, right-click the name of an NTFS file system volume, click Properties, and then click the Quota tab.
 
@@ -332,11 +332,11 @@ This policy setting specifies the default disk quota limit and warning level for
 This policy setting determines how much disk space can be used by each user on each of the NTFS file system volumes on a computer. It also specifies the warning level, the point at which the user's status in the Quota Entries window changes to indicate that the user is approaching the disk quota limit. 
 
 This setting overrides new users’ settings for the disk quota limit and warning level on their volumes, and it disables the corresponding options in the "Select the default quota limit for new users of this volume" section on the Quota tab. 
-This policy setting applies to all new users as soon as they write to the volume. It does not affect disk quota limits for current users, or affect customized limits and warning levels set for particular users (on the Quota tab in Volume Properties).  
+This policy setting applies to all new users as soon as they write to the volume. It doesn't affect disk quota limits for current users, or affect customized limits and warning levels set for particular users (on the Quota tab in Volume Properties).  
 
-If you disable or do not configure this policy setting, the disk space available to users is not limited. The disk quota management feature uses the physical space on each volume as its quota limit and warning level. When you select a limit, remember that the same limit applies to all users on all volumes, regardless of actual volume size. Be sure to set the limit and warning level so that it is reasonable for the range of volumes in the group. 
+If you disable or don't configure this policy setting, the disk space available to users isn't limited. The disk quota management feature uses the physical space on each volume as its quota limit and warning level. When you select a limit, remember that the same limit applies to all users on all volumes, regardless of actual volume size. Be sure to set the limit and warning level so that it's reasonable for the range of volumes in the group. 
 
-This policy setting is effective only when disk quota management is enabled on the volume. Also, if disk quotas are not enforced, users can exceed the quota limit you set. When users reach the quota limit, their status in the Quota Entries window changes, but users can continue to write to the volume.
+This policy setting is effective only when disk quota management is enabled on the volume. Also, if disk quotas aren't enforced, users can exceed the quota limit you set. When users reach the quota limit, their status in the Quota Entries window changes, but users can continue to write to the volume.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-distributedlinktracking.md b/windows/client-management/mdm/policy-csp-admx-distributedlinktracking.md
index 5c192b7816..ff67fc4f25 100644
--- a/windows/client-management/mdm/policy-csp-admx-distributedlinktracking.md
+++ b/windows/client-management/mdm/policy-csp-admx-distributedlinktracking.md
@@ -64,7 +64,7 @@ manager: dansimp
 This policy specifies that Distributed Link Tracking clients in this domain may use the Distributed Link Tracking (DLT) server, which runs on domain controllers.  
 The DLT client enables programs to track linked  files that are moved within an NTFS volume, to another NTFS volume on the same computer, or to an NTFS volume on  another computer.   
 The DLT client can more reliably track links when allowed to use the DLT server.  
-This policy should not be set unless the DLT server is running on all domain controllers in the domain.
+This policy shouldn't be set unless the DLT server is running on all domain controllers in the domain.
 
 > [!NOTE]
 > This policy setting applies to all sites in Trusted zones.
diff --git a/windows/client-management/mdm/policy-csp-admx-dnsclient.md b/windows/client-management/mdm/policy-csp-admx-dnsclient.md
index 89e960919b..8410109042 100644
--- a/windows/client-management/mdm/policy-csp-admx-dnsclient.md
+++ b/windows/client-management/mdm/policy-csp-admx-dnsclient.md
@@ -127,7 +127,7 @@ This policy setting specifies that NetBIOS over TCP/IP (NetBT) queries are issue
 
 If you enable this policy setting, NetBT queries will be issued for multi-label and fully qualified domain names, such as "www.example.com" in addition to single-label names.
 
-If you disable this policy setting, or if you do not configure this policy setting, NetBT queries will only be issued for single-label names, such as "example" and not for multi-label and fully qualified domain names.
+If you disable this policy setting, or if you don't configure this policy setting, NetBT queries will only be issued for single-label names, such as "example" and not for multi-label and fully qualified domain names.
 
 <!--/Description-->
 
@@ -180,7 +180,7 @@ If you enable this policy setting, suffixes are allowed to be appended to an unq
 
 If you disable this policy setting, no suffixes are appended to unqualified multi-label name queries if the original name query fails.
 
-If you do not configure this policy setting, computers will use their local DNS client settings to determine the query behavior for unqualified multi-label names.
+If you don't configure this policy setting, computers will use their local DNS client settings to determine the query behavior for unqualified multi-label names.
 
 <!--/Description-->
 
@@ -225,7 +225,7 @@ This policy setting specifies a connection-specific DNS suffix. This policy sett
 
 If you enable this policy setting, the DNS suffix that you enter will be applied to all network connections used by computers that receive this policy setting.  
 
-If you disable this policy setting, or if you do not configure this policy setting, computers will use the local or DHCP supplied connection specific DNS suffix, if configured.
+If you disable this policy setting, or if you don't configure this policy setting, computers will use the local or DHCP supplied connection specific DNS suffix, if configured.
 
 <!--/Description-->
 
@@ -273,22 +273,22 @@ With devolution, a DNS client creates queries by appending a single-label, unqua
 
 The DNS client appends DNS suffixes to the single-label, unqualified domain name based on the state of the Append primary and connection specific DNS suffixes radio button and Append parent suffixes of the primary DNS suffix check box on the DNS tab in Advanced TCP/IP Settings for the Internet Protocol (TCP/IP) Properties dialog box.
 
-Devolution is not enabled if a global suffix search list is configured using Group Policy.
+Devolution isn't enabled if a global suffix search list is configured using Group Policy.
 
-If a global suffix search list is not configured, and the Append primary and connection specific DNS suffixes radio button is selected, the DNS client appends the following names to a single-label name when it sends DNS queries:  
+If a global suffix search list isn't configured, and the Append primary and connection specific DNS suffixes radio button is selected, the DNS client appends the following names to a single-label name when it sends DNS queries:  
 
 - The primary DNS suffix, as specified on the Computer Name tab of the System control panel.
 - Each connection-specific DNS suffix, assigned either through DHCP or specified in the DNS suffix for this connection box on the DNS tab in the Advanced TCP/IP Settings dialog box for each connection.
 
 For example, when a user submits a query for a single-label name such as "example," the DNS client attaches a suffix such as "microsoft.com" resulting in the query "example.microsoft.com," before sending the query to a DNS server.
 
-If a DNS suffix search list is not specified, the DNS client attaches the primary DNS suffix to a single-label name. If this query fails, the connection-specific DNS suffix is attached for a new query. If none of these queries are resolved, the client devolves the primary DNS suffix of the computer (drops the leftmost label of the primary DNS suffix), attaches this devolved primary DNS suffix to the single-label name, and submits this new query to a DNS server.
+If a DNS suffix search list isn't specified, the DNS client attaches the primary DNS suffix to a single-label name. If this query fails, the connection-specific DNS suffix is attached for a new query. If none of these queries are resolved, the client devolves the primary DNS suffix of the computer (drops the leftmost label of the primary DNS suffix), attaches this devolved primary DNS suffix to the single-label name, and submits this new query to a DNS server.
 
-For example, if the primary DNS suffix ooo.aaa.microsoft.com is attached to the non-dot-terminated single-label name "example," and the DNS query for example.ooo.aaa.microsoft.com fails, the DNS client devolves the primary DNS suffix (drops the leftmost label) till the specified devolution level, and submits a query for example.aaa.microsoft.com. If this query fails, the primary DNS suffix is devolved further if it is under specified devolution level and the query example.microsoft.com is submitted. If this query fails, devolution continues if it is under specified devolution level and the query example.microsoft.com is submitted, corresponding to a devolution level of two. The primary DNS suffix cannot be devolved beyond a devolution level of two. The devolution level can be configured using this policy setting. The default devolution level is two.
+For example, if the primary DNS suffix ooo.aaa.microsoft.com is attached to the non-dot-terminated single-label name "example," and the DNS query for example.ooo.aaa.microsoft.com fails, the DNS client devolves the primary DNS suffix (drops the leftmost label) till the specified devolution level, and submits a query for example.aaa.microsoft.com. If this query fails, the primary DNS suffix is devolved further if it is under specified devolution level and the query example.microsoft.com is submitted. If this query fails, devolution continues if it is under specified devolution level and the query example.microsoft.com is submitted, corresponding to a devolution level of two. The primary DNS suffix can't be devolved beyond a devolution level of two. The devolution level can be configured using this policy setting. The default devolution level is two.
 
 If you enable this policy setting and DNS devolution is also enabled, DNS clients use the DNS devolution level that you specify.
 
-If you disable this policy setting or do not configure it, DNS clients use the default devolution level of two provided that DNS devolution is enabled.
+If you disable this policy setting or don't configure it, DNS clients use the default devolution level of two if DNS devolution is enabled.
 
 <!--/Description-->
 
@@ -333,9 +333,9 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies whether the DNS client should convert internationalized domain names (IDNs) to Punycode when the computer is on non-domain networks with no WINS servers configured.
 
-If this policy setting is enabled, IDNs are not converted to Punycode.
+If this policy setting is enabled, IDNs aren't converted to Punycode.
 
-If this policy setting is disabled, or if this policy setting is not configured, IDNs are converted to Punycode when the computer is on non-domain networks with no WINS servers configured.
+If this policy setting is disabled, or if this policy setting isn't configured, IDNs are converted to Punycode when the computer is on non-domain networks with no WINS servers configured.
 
 <!--/Description-->
 
@@ -381,7 +381,7 @@ This policy setting specifies whether the DNS client should convert internationa
 
 If this policy setting is enabled, IDNs are converted to the Nameprep form.
 
-If this policy setting is disabled, or if this policy setting is not configured, IDNs are not converted to the Nameprep form.
+If this policy setting is disabled, or if this policy setting isn't configured, IDNs aren't converted to the Nameprep form.
 
 <!--/Description-->
 
@@ -429,7 +429,7 @@ To use this policy setting, click Enabled, and then enter a space-delimited list
 
 If you enable this policy setting, the list of DNS servers is applied to all network connections used by computers that receive this policy setting. 
 
-If you disable this policy setting, or if you do not configure this policy setting, computers will use the local or DHCP supplied list of DNS servers, if configured.
+If you disable this policy setting, or if you don't configure this policy setting, computers will use the local or DHCP supplied list of DNS servers, if configured.
 
 <!--/Description-->
 
@@ -475,7 +475,7 @@ This policy setting specifies that responses from link local name resolution pro
 
 If you enable this policy setting, responses from link local protocols will be preferred over DNS responses if the local responses are from a network with a higher binding order.
 
-If you disable this policy setting, or if you do not configure this policy setting, then DNS responses from networks lower in the binding order will be preferred over responses from link local protocols received from networks higher in the binding order.
+If you disable this policy setting, or if you don't configure this policy setting, then DNS responses from networks lower in the binding order will be preferred over responses from link local protocols received from networks higher in the binding order.
 
 > [!NOTE]
 > This policy setting is applicable only if the turn off smart multi-homed name resolution policy setting is disabled or not configured.
@@ -531,7 +531,7 @@ If you enable this policy setting, it supersedes the primary DNS suffix configur
 
 You can use this policy setting to prevent users, including local administrators, from changing the primary DNS suffix.
 
-If you disable this policy setting, or if you do not configure this policy setting, each computer uses its local primary DNS suffix, which is usually the DNS name of Active Directory domain to which it is joined.
+If you disable this policy setting, or if you don't configure this policy setting, each computer uses its local primary DNS suffix, which is usually the DNS name of Active Directory domain to which it's joined.
 <!--/Description-->
 
 
@@ -576,13 +576,13 @@ This policy setting specifies if a computer performing dynamic DNS registration
 
 By default, a DNS client performing dynamic DNS registration registers A and PTR resource records with a concatenation of its computer name and the primary DNS suffix. For example, a computer name of mycomputer and a primary DNS suffix of microsoft.com will be registered as: mycomputer.microsoft.com.
 
-If you enable this policy setting, a computer will register A and PTR resource records with its connection-specific DNS suffix, in addition to the primary DNS suffix. This applies to all network connections used by computers that receive this policy setting.
+If you enable this policy setting, a computer will register A and PTR resource records with its connection-specific DNS suffix, in addition to the primary DNS suffix. This suffix-update applies to all network connections used by computers that receive this policy setting.
 
 For example, with a computer name of mycomputer, a primary DNS suffix of microsoft.com, and a connection specific DNS suffix of VPNconnection, a computer will register A and PTR resource records for mycomputer.VPNconnection and mycomputer.microsoft.com when this policy setting is enabled.
 
 Important: This policy setting is ignored on a DNS client computer if dynamic DNS registration is disabled.
 
-If you disable this policy setting, or if you do not configure this policy setting, a DNS client computer will not register any A and PTR resource records using a connection-specific DNS suffix.
+If you disable this policy setting, or if you don't configure this policy setting, a DNS client computer won't register any A and PTR resource records using a connection-specific DNS suffix.
 <!--/Description-->
 
 
@@ -631,11 +631,11 @@ If you enable this policy setting, registration of PTR records will be determine
 
 To use this policy setting, click Enabled, and then select one of the following options from the drop-down list:
 
-- Do not register: Computers will not attempt to register PTR resource records
-- Register: Computers will attempt to register PTR resource records even if registration of the corresponding A records was not successful.
+- don't register: Computers won't attempt to register PTR resource records
+- Register: Computers will attempt to register PTR resource records even if registration of the corresponding A records wasn't successful.
 - Register only if A record registration succeeds: Computers will attempt to register PTR resource records only if registration of the corresponding A records was successful.
 
-If you disable this policy setting, or if you do not configure this policy setting, computers will use locally configured settings.
+If you disable this policy setting, or if you don't configure this policy setting, computers will use locally configured settings.
 <!--/Description-->
 
 
@@ -678,7 +678,7 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies if DNS dynamic update is enabled. Computers configured for DNS dynamic update automatically register and update their DNS resource records with a DNS server.
 
-If you enable this policy setting, or you do not configure this policy setting, computers will attempt to use dynamic DNS registration on all network connections that have connection-specific dynamic DNS registration enabled. For a dynamic DNS registration to be enabled on a network connection, the connection-specific configuration must allow dynamic DNS registration, and this policy setting must not be disabled.
+If you enable this policy setting, or you don't configure this policy setting, computers will attempt to use dynamic DNS registration on all network connections that have connection-specific dynamic DNS registration enabled. For a dynamic DNS registration to be enabled on a network connection, the connection-specific configuration must allow dynamic DNS registration, and this policy setting must not be disabled.
 
 If you disable this policy setting, computers may not use dynamic DNS registration for any of their network connections, regardless of the configuration for individual network connections.
 
@@ -724,13 +724,13 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies whether dynamic updates should overwrite existing resource records that contain conflicting IP addresses.
 
-This policy setting is designed for computers that register address (A) resource records in DNS zones that do not use Secure Dynamic Updates. Secure Dynamic Update preserves ownership of resource records and does not allow a DNS client to overwrite records that are registered by other computers.
+This policy setting is designed for computers that register address (A) resource records in DNS zones that don't use Secure Dynamic Updates. Secure Dynamic Update preserves ownership of resource records and doesn't allow a DNS client to overwrite records that are registered by other computers.
 
-During dynamic update of resource records in a zone that does not use Secure Dynamic Updates, an A resource record might exist that associates the client's host name with an IP address different than the one currently in use by the client. By default, the DNS client attempts to replace the existing A resource record with an A resource record that has the client's current IP address.
+During dynamic update of resource records in a zone that doesn't use Secure Dynamic Updates, an A resource record might exist that associates the client's host name with an IP address different than the one currently in use by the client. By default, the DNS client attempts to replace the existing A resource record with an A resource record that has the client's current IP address.
 
-If you enable this policy setting or if you do not configure this policy setting, DNS clients maintain their default behavior and will attempt to replace conflicting A resource records during dynamic update.
+If you enable this policy setting or if you don't configure this policy setting, DNS clients maintain their default behavior and will attempt to replace conflicting A resource records during dynamic update.
 
-If you disable this policy setting, existing A resource records that contain conflicting IP addresses will not be replaced during a dynamic update, and an error will be recorded in Event Viewer.
+If you disable this policy setting, existing A resource records that contain conflicting IP addresses won't be replaced during a dynamic update, and an error will be recorded in Event Viewer.
 
 <!--/Description-->
 
@@ -774,7 +774,7 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies the interval used by DNS clients to refresh registration of A and PTR resource. This policy setting only applies to computers performing dynamic DNS updates.
 
-Computers configured to perform dynamic DNS registration of A and PTR resource records periodically reregister their records with DNS servers, even if the record has not changed. This reregistration is required to indicate to DNS servers that records are current and should not be automatically removed (scavenged) when a DNS server is configured to delete stale records.
+Computers configured to perform dynamic DNS registration of A and PTR resource records periodically reregister their records with DNS servers, even if the record hasn't changed. This reregistration is required to indicate to DNS servers that records are current and shouldn't be automatically removed (scavenged) when a DNS server is configured to delete stale records.
 
 > [!WARNING]
 > If record scavenging is enabled on the zone, the value of this policy setting should never be longer than the value of the DNS zone refresh interval. Configuring the registration refresh interval to be longer than the refresh interval of the DNS zone might result in the undesired deletion of A and PTR resource records.
@@ -783,7 +783,7 @@ To specify the registration refresh interval, click Enabled and then enter a val
 
 If you enable this policy setting, registration refresh interval that you specify will be applied to all network connections used by computers that receive this policy setting.
 
-If you disable this policy setting, or if you do not configure this policy setting, computers will use the local or DHCP supplied setting. By default, client computers configured with a static IP address attempt to update their DNS resource records once every 24 hours and DHCP clients will attempt to update their DNS resource records when a DHCP lease is granted or renewed.
+If you disable this policy setting, or if you don't configure this policy setting, computers will use the local or DHCP supplied setting. By default, client computers configured with a static IP address attempt to update their DNS resource records once every 24 hours and DHCP clients will attempt to update their DNS resource records when a DHCP lease is granted or renewed.
 
 <!--/Description-->
 
@@ -831,7 +831,7 @@ To specify the TTL, click Enabled and then enter a value in seconds (for example
 
 If you enable this policy setting, the TTL value that you specify will be applied to DNS resource records registered for all network connections used by computers that receive this policy setting.
 
-If you disable this policy setting, or if you do not configure this policy setting, computers will use the TTL settings specified in DNS. By default, the TTL is 1200 seconds (20 minutes).
+If you disable this policy setting, or if you don't configure this policy setting, computers will use the TTL settings specified in DNS. By default, the TTL is 1200 seconds (20 minutes).
 
 <!--/Description-->
 
@@ -875,7 +875,7 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies the DNS suffixes to attach to an unqualified single-label name before submission of a DNS query for that name.
 
-An unqualified single-label name contains no dots. The name "example" is a single-label name. This is different from a fully qualified domain name such as "example.microsoft.com."
+An unqualified single-label name contains no dots. The name "example" is a single-label name. This name is different from a fully qualified domain name such as "example.microsoft.com."
 
 Client computers that receive this policy setting will attach one or more suffixes to DNS queries for a single-label name. For example, a DNS query for the single-label name "example" will be modified to "example.microsoft.com" before sending the query to a DNS server if this policy setting is enabled with a suffix of "microsoft.com."
 
@@ -883,7 +883,7 @@ To use this policy setting, click Enabled, and then enter a string value represe
 
 If you enable this policy setting, one DNS suffix is attached at a time for each query. If a query is unsuccessful, a new DNS suffix is added in place of the failed suffix, and this new query is submitted. The values are used in the order they appear in the string, starting with the leftmost value and proceeding to the right until a query is successful or all suffixes are tried.
 
-If you disable this policy setting, or if you do not configure this policy setting, the primary DNS suffix and network connection-specific DNS suffixes are appended to the unqualified queries.
+If you disable this policy setting, or if you don't configure this policy setting, the primary DNS suffix and network connection-specific DNS suffixes are appended to the unqualified queries.
 
 <!--/Description-->
 
@@ -926,11 +926,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting specifies that a multi-homed DNS client should optimize name resolution across networks. The setting improves performance by issuing parallel DNS, link local multicast name resolution (LLMNR) and NetBIOS over TCP/IP (NetBT) queries across all networks. In the event that multiple positive responses are received, the network binding order is used to determine which response to accept.
+This policy setting specifies that a multi-homed DNS client should optimize name resolution across networks. The setting improves performance by issuing parallel DNS, link local multicast name resolution (LLMNR) and NetBIOS over TCP/IP (NetBT) queries across all networks. If multiple positive responses are received, the network binding order is used to determine which response to accept.
 
-If you enable this policy setting, the DNS client will not perform any optimizations.  DNS queries will be issued across all networks first. LLMNR queries will be issued if the DNS queries fail, followed by NetBT queries if LLMNR queries fail.
+If you enable this policy setting, the DNS client won't perform any optimizations.  DNS queries will be issued across all networks first. LLMNR queries will be issued if the DNS queries fail, followed by NetBT queries if LLMNR queries fail.
 
-If you disable this policy setting, or if you do not configure this policy setting, name resolution will be optimized when issuing DNS, LLMNR and NetBT queries.
+If you disable this policy setting, or if you don't configure this policy setting, name resolution will be optimized when issuing DNS, LLMNR and NetBT queries.
 
 <!--/Description-->
 
@@ -976,7 +976,7 @@ This policy setting specifies that the DNS client should prefer responses from l
 
 If you enable this policy setting, the DNS client will prefer DNS responses, followed by LLMNR, followed by NetBT for all networks.  
 
-If you disable this policy setting, or if you do not configure this policy setting, the DNS client will prefer link local responses for flat name queries on non-domain networks. 
+If you disable this policy setting, or if you don't configure this policy setting, the DNS client will prefer link local responses for flat name queries on non-domain networks. 
 
 > [!NOTE]
 > This policy setting is applicable only if the turn off smart multi-homed name resolution policy setting is disabled or not configured.
@@ -1030,7 +1030,7 @@ To use this policy setting, click Enabled and then select one of the following v
 
 If you enable this policy setting, computers that attempt to send dynamic DNS updates will use the security level that you specify in this policy setting.
 
-If you disable this policy setting, or if you do not configure this policy setting, computers will use local settings. By default, DNS clients attempt to use unsecured dynamic update first. If an unsecured update is refused, clients try to use secure update.
+If you disable this policy setting, or if you don't configure this policy setting, computers will use local settings. By default, DNS clients attempt to use unsecured dynamic update first. If an unsecured update is refused, clients try to use secure update.
 
 <!--/Description-->
 
@@ -1078,7 +1078,7 @@ By default, a DNS client that is configured to perform dynamic DNS update will u
 
 If you enable this policy setting, computers send dynamic updates to any zone that is authoritative for the resource records that the computer needs to update, except the root zone.
 
-If you disable this policy setting, or if you do not configure this policy setting, computers do not send dynamic updates to the root zone or top-level domain zones that are authoritative for the resource records that the computer needs to update.
+If you disable this policy setting, or if you don't configure this policy setting, computers don't send dynamic updates to the root zone or top-level domain zones that are authoritative for the resource records that the computer needs to update.
 
 <!--/Description-->
 
@@ -1126,9 +1126,9 @@ With devolution, a DNS client creates queries by appending a single-label, unqua
 
 The DNS client appends DNS suffixes to the single-label, unqualified domain name based on the state of the Append primary and connection specific DNS suffixes radio button and Append parent suffixes of the primary DNS suffix check box on the DNS tab in Advanced TCP/IP Settings for the Internet Protocol (TCP/IP) Properties dialog box.
 
-Devolution is not enabled if a global suffix search list is configured using Group Policy.
+Devolution isn't enabled if a global suffix search list is configured using Group Policy.
 
-If a global suffix search list is not configured, and the Append primary and connection specific DNS suffixes radio button is selected, the DNS client appends the following names to a single-label name when it sends DNS queries:
+If a global suffix search list isn't configured, and the Append primary and connection specific DNS suffixes radio button is selected, the DNS client appends the following names to a single-label name when it sends DNS queries:
 
 The primary DNS suffix, as specified on the Computer Name tab of the System control panel.
 
@@ -1136,13 +1136,13 @@ Each connection-specific DNS suffix, assigned either through DHCP or specified i
 
 For example, when a user submits a query for a single-label name such as "example," the DNS client attaches a suffix such as "microsoft.com" resulting in the query "example.microsoft.com," before sending the query to a DNS server.
 
-If a DNS suffix search list is not specified, the DNS client attaches the primary DNS suffix to a single-label name. If this query fails, the connection-specific DNS suffix is attached for a new query. If none of these queries are resolved, the client devolves the primary DNS suffix of the computer (drops the leftmost label of the primary DNS suffix), attaches this devolved primary DNS suffix to the single-label name, and submits this new query to a DNS server.
+If a DNS suffix search list isn't specified, the DNS client attaches the primary DNS suffix to a single-label name. If this query fails, the connection-specific DNS suffix is attached for a new query. If none of these queries are resolved, the client devolves the primary DNS suffix of the computer (drops the leftmost label of the primary DNS suffix), attaches this devolved primary DNS suffix to the single-label name, and submits this new query to a DNS server.
 
-For example, if the primary DNS suffix ooo.aaa.microsoft.com is attached to the non-dot-terminated single-label name "example," and the DNS query for example.ooo.aaa.microsoft.com fails, the DNS client devolves the primary DNS suffix (drops the leftmost label) till the specified devolution level, and submits a query for example.aaa.microsoft.com. If this query fails, the primary DNS suffix is devolved further if it is under specified devolution level and the query example.microsoft.com is submitted. If this query fails, devolution continues if it is under specified devolution level and the query example.microsoft.com is submitted, corresponding to a devolution level of two. The primary DNS suffix cannot be devolved beyond a devolution level of two. The devolution level can be configured using the primary DNS suffix devolution level policy setting. The default devolution level is two.
+For example, if the primary DNS suffix ooo.aaa.microsoft.com is attached to the non-dot-terminated single-label name "example," and the DNS query for example.ooo.aaa.microsoft.com fails, the DNS client devolves the primary DNS suffix (drops the leftmost label) till the specified devolution level, and submits a query for example.aaa.microsoft.com. If this query fails, the primary DNS suffix is devolved further if it is under specified devolution level and the query example.microsoft.com is submitted. If this query fails, devolution continues if it is under specified devolution level and the query example.microsoft.com is submitted, corresponding to a devolution level of two. The primary DNS suffix can't be devolved beyond a devolution level of two. The devolution level can be configured using the primary DNS suffix devolution level policy setting. The default devolution level is two.
 
-If you enable this policy setting, or if you do not configure this policy setting, DNS clients attempt to resolve single-label names using concatenations of the single-label name to be resolved and the devolved primary DNS suffix.
+If you enable this policy setting, or if you don't configure this policy setting, DNS clients attempt to resolve single-label names using concatenations of the single-label name to be resolved and the devolved primary DNS suffix.
 
-If you disable this policy setting, DNS clients do not attempt to resolve names that are concatenations of the single-label name to be resolved and the devolved primary DNS suffix.
+If you disable this policy setting, DNS clients don't attempt to resolve names that are concatenations of the single-label name to be resolved and the devolved primary DNS suffix.
 
 <!--/Description-->
 
@@ -1186,11 +1186,11 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies that link local multicast name resolution (LLMNR) is disabled on client computers.
 
-LLMNR is a secondary name resolution protocol. With LLMNR, queries are sent using multicast over a local network link on a single subnet from a client computer to another client computer on the same subnet that also has LLMNR enabled. LLMNR does not require a DNS server or DNS client configuration, and provides name resolution in scenarios in which conventional DNS name resolution is not possible.
+LLMNR is a secondary name resolution protocol. With LLMNR, queries are sent using multicast over a local network link on a single subnet from a client computer to another client computer on the same subnet that also has LLMNR enabled. LLMNR doesn't require a DNS server or DNS client configuration, and provides name resolution in scenarios in which conventional DNS name resolution isn't possible.
 
 If you enable this policy setting, LLMNR will be disabled on all available network adapters on the client computer.
 
-If you disable this policy setting, or you do not configure this policy setting, LLMNR will be enabled on all available network adapters.
+If you disable this policy setting, or you don't configure this policy setting, LLMNR will be enabled on all available network adapters.
 
 <!--/Description-->
 

From 8d605ae5295d6152ddf4a13b04ffafcec9e46943 Mon Sep 17 00:00:00 2001
From: Siddarth Mandalika <v-smandalika@microsoft.com>
Date: Thu, 10 Mar 2022 19:11:51 +0530
Subject: [PATCH 025/123] Acrolinx Enhancement

---
 .../mdm/policy-csp-admx-dwm.md                |  24 +--
 .../mdm/policy-csp-admx-eaime.md              |  28 ++--
 .../mdm/policy-csp-admx-enhancedstorage.md    |  16 +-
 .../mdm/policy-csp-admx-errorreporting.md     | 128 ++++++++--------
 .../mdm/policy-csp-admx-eventforwarding.md    |   6 +-
 .../mdm/policy-csp-admx-eventlog.md           |  68 ++++-----
 .../mdm/policy-csp-admx-eventlogging.md       |   4 +-
 .../mdm/policy-csp-admx-eventviewer.md        |   6 +-
 .../mdm/policy-csp-admx-explorer.md           |  12 +-
 .../mdm/policy-csp-admx-externalboot.md       |  12 +-
 .../mdm/policy-csp-admx-filerevocation.md     |   4 +-
 .../mdm/policy-csp-admx-filesys.md            |   4 +-
 .../mdm/policy-csp-admx-folderredirection.md  |  18 +--
 .../mdm/policy-csp-admx-framepanes.md         |  14 +-
 .../mdm/policy-csp-admx-globalization.md      | 144 +++++++++---------
 15 files changed, 244 insertions(+), 244 deletions(-)

diff --git a/windows/client-management/mdm/policy-csp-admx-dwm.md b/windows/client-management/mdm/policy-csp-admx-dwm.md
index 94017ac6c2..10b9761d52 100644
--- a/windows/client-management/mdm/policy-csp-admx-dwm.md
+++ b/windows/client-management/mdm/policy-csp-admx-dwm.md
@@ -76,11 +76,11 @@ manager: dansimp
 
 <!--/Scope-->
 <!--Description-->
-This policy setting controls the default color for window frames when the user does not specify a color. 
+This policy setting controls the default color for window frames when the user doesn't specify a color. 
 
-If you enable this policy setting and specify a default color, this color is used in glass window frames, if the user does not specify a color. 
+If you enable this policy setting and specify a default color, this color is used in glass window frames, if the user doesn't specify a color. 
 
-If you disable or do not configure this policy setting, the default internal color is used, if the user does not specify a color. 
+If you disable or don't configure this policy setting, the default internal color is used, if the user doesn't specify a color. 
 
 > [!NOTE]
 > This policy setting can be used in conjunction with the "Prevent color changes of window frames" setting, to enforce a specific color for window frames that cannot be changed by users.
@@ -125,11 +125,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting controls the default color for window frames when the user does not specify a color. 
+This policy setting controls the default color for window frames when the user doesn't specify a color. 
 
-If you enable this policy setting and specify a default color, this color is used in glass window frames, if the user does not specify a color. 
+If you enable this policy setting and specify a default color, this color is used in glass window frames, if the user doesn't specify a color. 
 
-If you disable or do not configure this policy setting, the default internal color is used, if the user does not specify a color. 
+If you disable or don't configure this policy setting, the default internal color is used, if the user doesn't specify a color. 
 
 > [!NOTE]
 > This policy setting can be used in conjunction with the "Prevent color changes of window frames" setting, to enforce a specific color for window frames that cannot be changed by users.
@@ -178,9 +178,9 @@ This policy setting controls the appearance of window animations such as those f
 
 If you enable this policy setting, window animations are turned off. 
 
-If you disable or do not configure this policy setting, window animations are turned on. 
+If you disable or don't configure this policy setting, window animations are turned on. 
 
-Changing this policy setting requires a logoff for it to be applied.
+Changing this policy setting requires a sign out for it to be applied.
 
 <!--/Description-->
 
@@ -226,9 +226,9 @@ This policy setting controls the appearance of window animations such as those f
 
 If you enable this policy setting, window animations are turned off. 
 
-If you disable or do not configure this policy setting, window animations are turned on. 
+If you disable or don't configure this policy setting, window animations are turned on. 
 
-Changing this policy setting requires a logoff for it to be applied.
+Changing this policy setting requires out a sign for it to be applied.
 
 <!--/Description-->
 
@@ -274,7 +274,7 @@ This policy setting controls the ability to change the color of window frames.
 
 If you enable this policy setting, you prevent users from changing the default window frame color. 
 
-If you disable or do not configure this policy setting, you allow users to change the default window frame color. 
+If you disable or don't configure this policy setting, you allow users to change the default window frame color. 
 
 > [!NOTE]
 > This policy setting can be used in conjunction with the "Specify a default color for window frames" policy setting, to enforce a specific color for window frames that cannot be changed by users.
@@ -323,7 +323,7 @@ This policy setting controls the ability to change the color of window frames.
 
 If you enable this policy setting, you prevent users from changing the default window frame color. 
 
-If you disable or do not configure this policy setting, you allow users to change the default window frame color. 
+If you disable or don't configure this policy setting, you allow users to change the default window frame color. 
 
 > [!NOTE] 
 > This policy setting can be used in conjunction with the "Specify a default color for window frames" policy setting, to enforce a specific color for window frames that cannot be changed by users.
diff --git a/windows/client-management/mdm/policy-csp-admx-eaime.md b/windows/client-management/mdm/policy-csp-admx-eaime.md
index 4a47e54126..21ee8c0b36 100644
--- a/windows/client-management/mdm/policy-csp-admx-eaime.md
+++ b/windows/client-management/mdm/policy-csp-admx-eaime.md
@@ -96,9 +96,9 @@ manager: dansimp
 <!--Description-->
 This policy setting allows you to include the Non-Publishing Standard Glyph in the candidate list when Publishing Standard Glyph for the word exists.
 
-If you enable this policy setting, Non-Publishing Standard Glyph is not included in the candidate list when Publishing Standard Glyph for the word exists.
+If you enable this policy setting, Non-Publishing Standard Glyph isn't included in the candidate list when Publishing Standard Glyph for the word exists.
 
-If you disable or do not configure this policy setting, both Publishing Standard Glyph and Non-Publishing Standard Glyph are included in the candidate list.
+If you disable or don't configure this policy setting, both Publishing Standard Glyph and Non-Publishing Standard Glyph are included in the candidate list.
 
 This policy setting applies to Japanese Microsoft IME only.
 
@@ -161,7 +161,7 @@ If you enable this policy setting, then only the character code ranges specified
 - 0x1000 // IVS char
 - 0xFFFF // no definition.
 
-If you disable or do not configure this policy setting, no range of characters are filtered by default.
+If you disable or don't configure this policy setting, no range of characters are filtered by default.
 
 This policy setting applies to Japanese Microsoft IME only.
 
@@ -210,9 +210,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to turn off the ability to use a custom dictionary.
 
-If you enable this policy setting, you cannot add, edit, and delete words in the custom dictionary either with GUI tools or APIs. A word registered in the custom dictionary before enabling this policy setting can continue to be used for conversion.
+If you enable this policy setting, you can't add, edit, and delete words in the custom dictionary either with GUI tools or APIs. A word registered in the custom dictionary before enabling this policy setting can continue to be used for conversion.
 
-If you disable or do not configure this policy setting, the custom dictionary can be used by default.
+If you disable or don't configure this policy setting, the custom dictionary can be used by default.
 
 For Japanese Microsoft IME, [Clear auto-tuning information] works, even if this policy setting is enabled, and it clears self-tuned words from the custom dictionary.
 
@@ -265,7 +265,7 @@ This policy setting allows you to turn off history-based predictive input.
 
 If you enable this policy setting, history-based predictive input is turned off.
 
-If you disable or do not configure this policy setting, history-based predictive input is on by default.
+If you disable or don't configure this policy setting, history-based predictive input is on by default.
 
 This policy setting applies to Japanese Microsoft IME only.
 
@@ -315,9 +315,9 @@ This policy setting allows you to turn off Internet search integration.
 
 Search integration includes both using Search Provider (Japanese Microsoft IME) and performing Bing search from predictive input for Japanese Microsoft IME.
 
-If you enable this policy setting, you cannot use search integration.
+If you enable this policy setting, you can't use search integration.
 
-If you disable or do not configure this policy setting, the search integration function can be used by default.
+If you disable or don't configure this policy setting, the search integration function can be used by default.
 
 This policy setting applies to Japanese Microsoft IME.
 
@@ -366,11 +366,11 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to turn off Open Extended Dictionary.
 
-If you enable this policy setting, Open Extended Dictionary is turned off. You cannot add a new Open Extended Dictionary.
+If you enable this policy setting, Open Extended Dictionary is turned off. You can't add a new Open Extended Dictionary.
 
-For Japanese Microsoft IME, an Open Extended Dictionary that is added before enabling this policy setting is not used for conversion.
+For Japanese Microsoft IME, an Open Extended Dictionary that is added before enabling this policy setting isn't used for conversion.
 
-If you disable or do not configure this policy setting, Open Extended Dictionary can be added and used by default.
+If you disable or don't configure this policy setting, Open Extended Dictionary can be added and used by default.
 
 This policy setting is applied to Japanese Microsoft IME.
 
@@ -416,9 +416,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to turn off saving the auto-tuning result to file.
 
-If you enable this policy setting, the auto-tuning data is not saved to file.
+If you enable this policy setting, the auto-tuning data isn't saved to file.
 
-If you disable or do not configure this policy setting, auto-tuning data is saved to file by default.
+If you disable or don't configure this policy setting, auto-tuning data is saved to file by default.
 
 This policy setting applies to Japanese Microsoft IME only.
 
@@ -666,7 +666,7 @@ This policy setting allows you to turn on logging of misconversion for the misco
 
 If you enable this policy setting, misconversion logging is turned on.
 
-If you disable or do not configure this policy setting, misconversion logging is turned off.
+If you disable or don't configure this policy setting, misconversion logging is turned off.
 
 This policy setting applies to Japanese Microsoft IME and Traditional Chinese IME.
 
diff --git a/windows/client-management/mdm/policy-csp-admx-enhancedstorage.md b/windows/client-management/mdm/policy-csp-admx-enhancedstorage.md
index 6ac5c0d97c..2ab763817c 100644
--- a/windows/client-management/mdm/policy-csp-admx-enhancedstorage.md
+++ b/windows/client-management/mdm/policy-csp-admx-enhancedstorage.md
@@ -80,7 +80,7 @@ This policy setting allows you to configure a list of Enhanced Storage devices b
 
 If you enable this policy setting, only Enhanced Storage devices that contain a manufacturer and product ID specified in this policy are usable on your computer.
 
-If you disable or do not configure this policy setting, all Enhanced Storage devices are usable on your computer.
+If you disable or don't configure this policy setting, all Enhanced Storage devices are usable on your computer.
 
 <!--/Description-->
 
@@ -125,7 +125,7 @@ This policy setting allows you to create a list of IEEE 1667 silos, compliant wi
 
 If you enable this policy setting, only IEEE 1667 silos that match a silo type identifier specified in this policy are usable on your computer.
 
-If you disable or do not configure this policy setting, all IEEE 1667 silos on Enhanced Storage devices are usable on your computer.
+If you disable or don't configure this policy setting, all IEEE 1667 silos on Enhanced Storage devices are usable on your computer.
 
 <!--/Description-->
 
@@ -168,9 +168,9 @@ ADMX Info:
 <!--Description-->
 This policy setting configures whether or not a password can be used to unlock an Enhanced Storage device.
 
-If you enable this policy setting, a password cannot be used to unlock an Enhanced Storage device.
+If you enable this policy setting, a password can't be used to unlock an Enhanced Storage device.
 
-If you disable or do not configure this policy setting, a password can be used to unlock an Enhanced Storage device.
+If you disable or don't configure this policy setting, a password can be used to unlock an Enhanced Storage device.
 
 <!--/Description-->
 
@@ -213,9 +213,9 @@ ADMX Info:
 <!--Description-->
 This policy setting configures whether or not non-Enhanced Storage removable devices are allowed on your computer.
 
-If you enable this policy setting, non-Enhanced Storage removable devices are not allowed on your computer.
+If you enable this policy setting, non-Enhanced Storage removable devices aren't allowed on your computer.
 
-If you disable or do not configure this policy setting, non-Enhanced Storage removable devices are allowed on your computer.
+If you disable or don't configure this policy setting, non-Enhanced Storage removable devices are allowed on your computer.
 
 <!--/Description-->
 
@@ -262,7 +262,7 @@ This policy setting is supported in Windows Server SKUs only.
 
 If you enable this policy setting, the Enhanced Storage device remains locked when the computer is locked.
 
-If you disable or do not configure this policy setting, the Enhanced Storage device state is not changed when the computer is locked.
+If you disable or don't configure this policy setting, the Enhanced Storage device state isn't changed when the computer is locked.
 
 <!--/Description-->
 
@@ -307,7 +307,7 @@ This policy setting configures whether or not only USB root hub connected Enhanc
 
 If you enable this policy setting, only USB root hub connected Enhanced Storage devices are allowed.
 
-If you disable or do not configure this policy setting, USB Enhanced Storage devices connected to both USB root hubs and non-root hubs will be allowed.
+If you disable or don't configure this policy setting, USB Enhanced Storage devices connected to both USB root hubs and non-root hubs will be allowed.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-errorreporting.md b/windows/client-management/mdm/policy-csp-admx-errorreporting.md
index cb39601404..7e72497d05 100644
--- a/windows/client-management/mdm/policy-csp-admx-errorreporting.md
+++ b/windows/client-management/mdm/policy-csp-admx-errorreporting.md
@@ -151,7 +151,7 @@ If you enable this policy setting, you can instruct Windows Error Reporting in t
 
 If the Report all errors in Microsoft applications check box is filled, all errors in Microsoft applications are reported, regardless of the setting in the Default pull-down menu. When the Report all errors in Windows check box is filled, all errors in Windows applications are reported, regardless of the setting in the Default dropdown list. The Windows applications category is a subset of Microsoft applications.
 
-If you disable or do not configure this policy setting, users can enable or disable Windows Error Reporting in Control Panel. The default setting in Control Panel is Upload all applications.
+If you disable or don't configure this policy setting, users can enable or disable Windows Error Reporting in Control Panel. The default setting in Control Panel is Upload all applications.
 
 This policy setting is ignored if the Configure Error Reporting policy setting is disabled or not configured.
 
@@ -198,11 +198,11 @@ ADMX Info:
 <!--Description-->
 This policy setting controls Windows Error Reporting behavior for errors in general applications when Windows Error Reporting is turned on.
 
-If you enable this policy setting, you can create a list of applications that are never included in error reports. To create a list of applications for which Windows Error Reporting never reports errors, click Show under the Exclude errors for applications on this list setting, and then add or remove applications from the list of application file names in the Show Contents dialog box (example: notepad.exe). File names must always include the .exe file name extension. Errors that are generated by applications in this list are not reported, even if the Default Application Reporting Settings policy setting is configured to report all application errors.
+If you enable this policy setting, you can create a list of applications that are never included in error reports. To create a list of applications for which Windows Error Reporting never reports errors, click Show under the Exclude errors for applications on this list setting, and then add or remove applications from the list of application file names in the Show Contents dialog box (example: notepad.exe). File names must always include the .exe file name extension. Errors that are generated by applications in this list aren't reported, even if the Default Application Reporting Settings policy setting is configured to report all application errors.
 
 If this policy setting is enabled, the Exclude errors for applications on this list setting takes precedence. If an application is listed both in the List of applications to always report errors for policy setting, and in the exclusion list in this policy setting, the application is excluded from error reporting. You can also use the exclusion list in this policy setting to exclude specific Microsoft applications or parts of Windows if the check boxes for these categories are filled in the Default application reporting settings policy setting.
 
-If you disable or do not configure this policy setting, the Default application reporting settings policy setting takes precedence.
+If you disable or don't configure this policy setting, the Default application reporting settings policy setting takes precedence.
 
 <!--/Description-->
 
@@ -245,13 +245,13 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies applications for which Windows Error Reporting should always report errors.
 
-To create a list of applications for which Windows Error Reporting never reports errors, click Show under the Exclude errors for applications on this list setting, and then add or remove applications from the list of application file names in the Show Contents dialog box (example: notepad.exe). Errors that are generated by applications in this list are not reported, even if the Default Application Reporting Settings policy setting is configured to report all application errors.
+To create a list of applications for which Windows Error Reporting never reports errors, click Show under the Exclude errors for applications on this list setting, and then add or remove applications from the list of application file names in the Show Contents dialog box (example: notepad.exe). Errors that are generated by applications in this list aren't reported, even if the Default Application Reporting Settings policy setting is configured to report all application errors.
 
 If you enable this policy setting, you can create a list of applications that are always included in error reporting. To add applications to the list, click Show under the Report errors for applications on this list setting, and edit the list of application file names in the Show Contents dialog box. The file names must include the .exe file name extension (for example, notepad.exe). Errors that are generated by applications on this list are always reported, even if the Default dropdown in the Default application reporting policy setting is set to report no application errors.
 
 If the Report all errors in Microsoft applications or Report all errors in Windows components check boxes in the Default Application Reporting policy setting are filled, Windows Error Reporting reports errors as if all applications in these categories were added to the list in this policy setting. (Note: The Microsoft applications category includes the Windows components category.)
 
-If you disable this policy setting or do not configure it, the Default application reporting settings policy setting takes precedence.
+If you disable this policy setting or don't configure it, the Default application reporting settings policy setting takes precedence.
 
 Also see the "Default Application Reporting" and "Application Exclusion List" policies.
 
@@ -299,26 +299,26 @@ ADMX Info:
 <!--Description-->
 This policy setting configures how errors are reported to Microsoft, and what information is sent when Windows Error Reporting is enabled.
 
-This policy setting does not enable or disable Windows Error Reporting. To turn Windows Error Reporting on or off, see the Turn off Windows Error Reporting policy setting in Computer Configuration/Administrative Templates/System/Internet Communication Management/Internet Communication settings.
+This policy setting doesn't enable or disable Windows Error Reporting. To turn Windows Error Reporting on or off, see the Turn off Windows Error Reporting policy setting in Computer Configuration/Administrative Templates/System/Internet Communication Management/Internet Communication settings.
 
 > [!IMPORTANT]
-> If the Turn off Windows Error Reporting policy setting is not configured, then Control Panel settings for Windows Error Reporting override this policy setting.
+> If the Turn off Windows Error Reporting policy setting isn't configured, then Control Panel settings for Windows Error Reporting override this policy setting.
 
-If you enable this policy setting, the setting overrides any user changes made to Windows Error Reporting settings in Control Panel, and default values are applied for any Windows Error Reporting policy settings that are not configured (even if users have changed settings by using Control Panel). If you enable this policy setting, you can configure the following settings in the policy setting:
+If you enable this policy setting, the setting overrides any user changes made to Windows Error Reporting settings in Control Panel, and default values are applied for any Windows Error Reporting policy settings that aren't configured (even if users have changed settings by using Control Panel). If you enable this policy setting, you can configure the following settings in the policy setting:
 
-- "Do not display links to any Microsoft ‘More information’ websites": Select this option if you do not want error dialog boxes to display links to Microsoft websites.
+- "Do not display links to any Microsoft ‘More information’ websites": Select this option if you don't want error dialog boxes to display links to Microsoft websites.
 
-- "Do not collect additional files": Select this option if you do not want additional files to be collected and included in error reports.
+- "Do not collect additional files": Select this option if you don't want extra files to be collected and included in error reports.
 
-- "Do not collect additional computer data": Select this if you do not want additional information about the computer to be collected and included in error reports.
+- "Do not collect additional computer data": Select this option if you don't want additional information about the computer to be collected and included in error reports.
 
-- "Force queue mode for application errors": Select this option if you do not want users to report errors. When this option is selected, errors are stored in a queue directory, and the next administrator to log on to the computer can send the error reports to Microsoft.
+- "Force queue mode for application errors": Select this option if you don't want users to report errors. When this option is selected, errors are stored in a queue directory, and the next administrator to sign in to the computer can send the error reports to Microsoft.
 
-- "Corporate file path": Type a UNC path to enable Corporate Error Reporting.  All errors are stored at the specified location instead of being sent directly to Microsoft, and the next administrator to log onto the computer can send the error reports to Microsoft.
+- "Corporate file path": Type a UNC path to enable Corporate Error Reporting.  All errors are stored at the specified location instead of being sent directly to Microsoft, and the next administrator to sign in to the computer can send the error reports to Microsoft.
 
 - "Replace instances of the word ‘Microsoft’ with":  You can specify text with which to customize your error report dialog boxes.  The word ""Microsoft"" is replaced with the specified text.
 
-If you do not configure this policy setting, users can change Windows Error Reporting settings in Control Panel. By default, these settings are Enable Reporting on computers that are running Windows XP, and Report to Queue on computers that are running Windows Server 2003.
+If you don't configure this policy setting, users can change Windows Error Reporting settings in Control Panel. By default, these settings are Enable Reporting on computers that are running Windows XP, and Report to Queue on computers that are running Windows Server 2003.
 
 If you disable this policy setting, configuration settings in the policy setting are left blank.
 
@@ -367,9 +367,9 @@ This policy setting controls whether errors in the operating system are included
 
 If you enable this policy setting, Windows Error Reporting includes operating system errors.
 
-If you disable this policy setting, operating system errors are not included in error reports.
+If you disable this policy setting, operating system errors aren't included in error reports.
 
-If you do not configure this policy setting, users can change this setting in Control Panel. By default, Windows Error Reporting settings in Control Panel are set to upload operating system errors.
+If you don't configure this policy setting, users can change this setting in Control Panel. By default, Windows Error Reporting settings in Control Panel are set to upload operating system errors.
 
 See also the Configure Error Reporting policy setting.
 
@@ -416,7 +416,7 @@ This policy setting controls the behavior of the Windows Error Reporting archive
 
 If you enable this policy setting, you can configure Windows Error Reporting archiving behavior. If Archive behavior is set to Store all, all data collected for each error report is stored in the appropriate location. If Archive behavior is set to Store parameters only, only the minimum information required to check for an existing solution is stored. The Maximum number of reports to store setting determines how many reports are stored before older reports are automatically deleted.
 
-If you disable or do not configure this policy setting, no Windows Error Reporting information is stored.
+If you disable or don't configure this policy setting, no Windows Error Reporting information is stored.
 
 <!--/Description-->
 
@@ -461,7 +461,7 @@ This policy setting controls the behavior of the Windows Error Reporting archive
 
 If you enable this policy setting, you can configure Windows Error Reporting archiving behavior. If Archive behavior is set to Store all, all data collected for each error report is stored in the appropriate location. If Archive behavior is set to Store parameters only, only the minimum information required to check for an existing solution is stored. The Maximum number of reports to store setting determines how many reports are stored before older reports are automatically deleted.
 
-If you disable or do not configure this policy setting, no Windows Error Reporting information is stored.
+If you disable or don't configure this policy setting, no Windows Error Reporting information is stored.
 
 <!--/Description-->
 
@@ -502,9 +502,9 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting controls whether memory dumps in support of OS-generated error reports can be sent to Microsoft automatically. This policy does not apply to error reports generated by 3rd-party products, or additional data other than memory dumps.
+This policy setting controls whether memory dumps in support of OS-generated error reports can be sent to Microsoft automatically. This policy doesn't apply to error reports generated by 3rd-party products, or to data other than memory dumps.
 
-If you enable or do not configure this policy setting, any memory dumps generated for error reports by Microsoft Windows are automatically uploaded, without notification to the user.
+If you enable or don't configure this policy setting, any memory dumps generated for error reports by Microsoft Windows are automatically uploaded, without notification to the user.
 
 If you disable this policy setting, then all memory dumps are uploaded according to the default consent and notification settings.
 
@@ -547,9 +547,9 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting controls whether memory dumps in support of OS-generated error reports can be sent to Microsoft automatically. This policy does not apply to error reports generated by 3rd-party products, or additional data other than memory dumps.
+This policy setting controls whether memory dumps in support of OS-generated error reports can be sent to Microsoft automatically. This policy doesn't apply to error reports generated by 3rd-party products, or to data other than memory dumps.
 
-If you enable or do not configure this policy setting, any memory dumps generated for error reports by Microsoft Windows are automatically uploaded, without notification to the user.
+If you enable or don't configure this policy setting, any memory dumps generated for error reports by Microsoft Windows are automatically uploaded, without notification to the user.
 
 If you disable this policy setting, then all memory dumps are uploaded according to the default consent and notification settings.
 
@@ -590,11 +590,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting determines whether Windows Error Reporting (WER) sends additional, second-level report data even if a CAB file containing data about the same event types has already been uploaded to the server.
+This policy setting determines whether Windows Error Reporting (WER) sends more first-level report data, accompanied by second-level report data, even if a CAB file containing data about the same event types has already been uploaded to the server.
 
-If you enable this policy setting, WER does not throttle data; that is, WER uploads additional CAB files that can contain data about the same event types as an earlier uploaded report.
+If you enable this policy setting, WER doesn't throttle data; that is, WER uploads more CAB files that can contain data about the same event types as an earlier uploaded report.
 
-If you disable or do not configure this policy setting, WER throttles data by default; that is, WER does not upload more than one CAB file for a report that contains data about the same event types.
+If you disable or don't configure this policy setting, WER throttles data by default; that is, WER doesn't upload more than one CAB file for a report that contains data about the same event types.
 
 <!--/Description-->
 
@@ -635,11 +635,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting determines whether Windows Error Reporting (WER) sends additional, second-level report data even if a CAB file containing data about the same event types has already been uploaded to the server.
+This policy setting determines whether Windows Error Reporting (WER) sends more first-level report data, accompanied by second-level report data, even if a CAB file containing data about the same event types has already been uploaded to the server.
 
-If you enable this policy setting, WER does not throttle data; that is, WER uploads additional CAB files that can contain data about the same event types as an earlier uploaded report.
+If you enable this policy setting, WER doesn't throttle data; that is, WER uploads more CAB files that can contain data about the same event types as an earlier uploaded report.
 
-If you disable or do not configure this policy setting, WER throttles data by default; that is, WER does not upload more than one CAB file for a report that contains data about the same event types.
+If you disable or don't configure this policy setting, WER throttles data by default; that is, WER doesn't upload more than one CAB file for a report that contains data about the same event types.
 
 <!--/Description-->
 
@@ -682,9 +682,9 @@ ADMX Info:
 <!--Description-->
 This policy setting determines whether Windows Error Reporting (WER) checks for a network cost policy that restricts the amount of data that is sent over the network.
 
-If you enable this policy setting, WER does not check for network cost policy restrictions, and transmits data even if network cost is restricted.
+If you enable this policy setting, WER doesn't check for network cost policy restrictions, and transmits data even if network cost is restricted.
 
-If you disable or do not configure this policy setting, WER does not send data, but will check the network cost policy again if the network profile is changed.
+If you disable or don't configure this policy setting, WER doesn't send data, but will check the network cost policy again if the network profile is changed.
 
 <!--/Description-->
 
@@ -727,9 +727,9 @@ ADMX Info:
 <!--Description-->
 This policy setting determines whether Windows Error Reporting (WER) checks for a network cost policy that restricts the amount of data that is sent over the network.
 
-If you enable this policy setting, WER does not check for network cost policy restrictions, and transmits data even if network cost is restricted.
+If you enable this policy setting, WER doesn't check for network cost policy restrictions, and transmits data even if network cost is restricted.
 
-If you disable or do not configure this policy setting, WER does not send data, but will check the network cost policy again if the network profile is changed.
+If you disable or don't configure this policy setting, WER doesn't send data, but will check the network cost policy again if the network profile is changed.
 
 <!--/Description-->
 
@@ -770,11 +770,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting determines whether Windows Error Reporting (WER) checks if the computer is running on battery power. By default, when a computer is running on battery power, WER only checks for solutions, but does not upload additional report data until the computer is connected to a more permanent power source.
+This policy setting determines whether Windows Error Reporting (WER) checks if the computer is running on battery power. By default, when a computer is running on battery power, WER only checks for solutions, but doesn't upload extra report data until the computer is connected to a more permanent power source.
 
-If you enable this policy setting, WER does not determine whether the computer is running on battery power, but checks for solutions and uploads report data normally.
+If you enable this policy setting, WER doesn't determine whether the computer is running on battery power, but checks for solutions and uploads report data normally.
 
-If you disable or do not configure this policy setting, WER checks for solutions while a computer is running on battery power, but does not upload report data until the computer is connected to a more permanent power source.
+If you disable or don't configure this policy setting, WER checks for solutions while a computer is running on battery power, but doesn't upload report data until the computer is connected to a more permanent power source.
 
 <!--/Description-->
 
@@ -815,11 +815,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting determines whether Windows Error Reporting (WER) checks if the computer is running on battery power. By default, when a computer is running on battery power, WER only checks for solutions, but does not upload additional report data until the computer is connected to a more permanent power source.
+This policy setting determines whether Windows Error Reporting (WER) checks if the computer is running on battery power. By default, when a computer is running on battery power, WER only checks for solutions, but doesn't upload extra report data until the computer is connected to a more permanent power source.
 
-If you enable this policy setting, WER does not determine whether the computer is running on battery power, but checks for solutions and uploads report data normally.
+If you enable this policy setting, WER doesn't determine whether the computer is running on battery power, but checks for solutions and uploads report data normally.
 
-If you disable or do not configure this policy setting, WER checks for solutions while a computer is running on battery power, but does not upload report data until the computer is connected to a more permanent power source.
+If you disable or don't configure this policy setting, WER checks for solutions while a computer is running on battery power, but doesn't upload report data until the computer is connected to a more permanent power source.
 
 <!--/Description-->
 
@@ -860,11 +860,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting specifies a corporate server to which Windows Error Reporting sends reports (if you do not want to send error reports to Microsoft).
+This policy setting specifies a corporate server to which Windows Error Reporting sends reports (if you don't want to send error reports to Microsoft).
 
 If you enable this policy setting, you can specify the name or IP address of an error report destination server on your organization’s network. You can also select Connect using SSL to transmit error reports over a Secure Sockets Layer (SSL) connection, and specify a port number on the destination server for transmission.
 
-If you disable or do not configure this policy setting, Windows Error Reporting sends error reports to Microsoft.
+If you disable or don't configure this policy setting, Windows Error Reporting sends error reports to Microsoft.
 
 <!--/Description-->
 
@@ -907,19 +907,19 @@ ADMX Info:
 <!--Description-->
 This policy setting determines the consent behavior of Windows Error Reporting for specific event types.
 
-If you enable this policy setting, you can add specific event types to a list by clicking Show, and typing event types in the Value Name column of the Show Contents dialog box. Event types are those for generic, non-fatal errors: crash, no response, and kernel fault errors. For each specified event type, you can set a consent level of 0, 1, 2, 3, or 4.
+If you enable this policy setting, you can add specific event types to a list by clicking Show, and typing event types in the Value Name column of the Show Contents dialog box. Event types are those types meant for generic, non-fatal errors: crash, no response, and kernel fault errors. For each specified event type, you can set a consent level of 0, 1, 2, 3, or 4.
 
 - 0 (Disable): Windows Error Reporting sends no data to Microsoft for this event type.
 
 - 1 (Always ask before sending data): Windows prompts the user for consent to send reports.
 
-- 2 (Send parameters): Windows Error Reporting automatically sends the minimum data required to check for an existing solution, and Windows prompts the user for consent to send any additional data requested by Microsoft.
+- 2 (Send parameters): Windows Error Reporting automatically sends the minimum data required to check for an existing solution, and Windows prompts the user for consent to send more data requested by Microsoft.
 
-- 3 (Send parameters and safe additional data): Windows Error Reporting automatically sends the minimum data required to check for an existing solution, as well as data which Windows has determined (within a high probability) does not contain personally identifiable data, and prompts the user for consent to send any additional data requested by Microsoft.
+- 3 (Send parameters and safe extra data): Windows Error Reporting automatically sends the minimum data required to check for an existing solution, and data which Windows has determined (within a high probability) doesn't contain personally identifiable data, and prompts the user for consent to send more data requested by Microsoft.
 
 - 4 (Send all data): Any data requested by Microsoft is sent automatically.
 
-If you disable or do not configure this policy setting, then the default consent settings that are applied are those specified by the user in Control Panel, or in the Configure Default Consent policy setting.
+If you disable or don't configure this policy setting, then the default consent settings that are applied are those settings specified by the user in Control Panel, or in the Configure Default Consent policy setting.
 
 <!--/Description-->
 
@@ -964,7 +964,7 @@ This policy setting determines the behavior of the Configure Default Consent set
 
 If you enable this policy setting, the default consent levels of Windows Error Reporting always override any other consent policy setting.
 
-If you disable or do not configure this policy setting, custom consent policy settings for error reporting determine the consent level for specified event types, and the default consent setting determines only the consent level of any other error reports.
+If you disable or don't configure this policy setting, custom consent policy settings for error reporting determine the consent level for specified event types, and the default consent setting determines only the consent level of any other error reports.
 
 <!--/Description-->
 
@@ -1009,7 +1009,7 @@ This policy setting determines the behavior of the Configure Default Consent set
 
 If you enable this policy setting, the default consent levels of Windows Error Reporting always override any other consent policy setting.
 
-If you disable or do not configure this policy setting, custom consent policy settings for error reporting determine the consent level for specified event types, and the default consent setting determines only the consent level of any other error reports.
+If you disable or don't configure this policy setting, custom consent policy settings for error reporting determine the consent level for specified event types, and the default consent setting determines only the consent level of any other error reports.
 
 <!--/Description-->
 
@@ -1056,9 +1056,9 @@ If you enable this policy setting, you can set the default consent handling for
 
 - Always ask before sending data: Windows prompts users for consent to send reports.
 
-- Send parameters: Only the minimum data that is required to check for an existing solution is sent automatically, and Windows prompts users for consent to send any additional data that is requested by Microsoft.
+- Send parameters: Only the minimum data that is required to check for an existing solution is sent automatically, and Windows prompts users for consent to send more data that is requested by Microsoft.
 
-- Send parameters and safe additional data: the minimum data that is required to check for an existing solution, along with data which Windows has determined (within a high probability) does not contain personally-identifiable information is sent automatically, and Windows prompts the user for consent to send any additional data that is requested by Microsoft.
+- Send parameters and safe extra data: the minimum data that is required to check for an existing solution, along with data which Windows has determined (within a high probability) doesn't contain personally identifiable information is sent automatically, and Windows prompts the user for consent to send more data that is requested by Microsoft.
 
 - Send all data: any error reporting data requested by Microsoft is sent automatically.
 
@@ -1109,9 +1109,9 @@ If you enable this policy setting, you can set the default consent handling for
 
 - Always ask before sending data: Windows prompts users for consent to send reports.
 
-- Send parameters: Only the minimum data that is required to check for an existing solution is sent automatically, and Windows prompts users for consent to send any additional data that is requested by Microsoft.
+- Send parameters: Only the minimum data that is required to check for an existing solution is sent automatically, and Windows prompts users for consent to send more data that is requested by Microsoft.
 
-- Send parameters and safe additional data: the minimum data that is required to check for an existing solution, along with data which Windows has determined (within a high probability) does not contain personally-identifiable information is sent automatically, and Windows prompts the user for consent to send any additional data that is requested by Microsoft.
+- Send parameters and safe extra data: the minimum data that is required to check for an existing solution, along with data which Windows has determined (within a high probability) doesn't contain personally identifiable information is sent automatically, and Windows prompts the user for consent to send more data that is requested by Microsoft.
 
 - Send all data: any error reporting data requested by Microsoft is sent automatically.
 
@@ -1156,11 +1156,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting turns off Windows Error Reporting, so that reports are not collected or sent to either Microsoft or internal servers within your organization when software unexpectedly stops working or fails.
+This policy setting turns off Windows Error Reporting, so that reports aren't collected or sent to either Microsoft or internal servers within your organization when software unexpectedly stops working or fails.
 
-If you enable this policy setting, Windows Error Reporting does not send any problem information to Microsoft. Additionally, solution information is not available in Security and Maintenance in Control Panel.
+If you enable this policy setting, Windows Error Reporting doesn't send any problem information to Microsoft. Additionally, solution information isn't available in Security and Maintenance in Control Panel.
 
-If you disable or do not configure this policy setting, the Turn off Windows Error Reporting policy setting in Computer Configuration/Administrative Templates/System/Internet Communication Management/Internet Communication settings takes precedence. If Turn off Windows Error Reporting is also either disabled or not configured, user settings in Control Panel for Windows Error Reporting are applied.
+If you disable or don't configure this policy setting, the Turn off Windows Error Reporting policy setting in Computer Configuration/Administrative Templates/System/Internet Communication Management/Internet Communication settings takes precedence. If Turn off Windows Error Reporting is also either disabled or not configured, user settings in Control Panel for Windows Error Reporting are applied.
 
 <!--/Description-->
 
@@ -1205,7 +1205,7 @@ This policy setting limits Windows Error Reporting behavior for errors in genera
 
 If you enable this policy setting, you can create a list of applications that are never included in error reports. To create a list of applications for which Windows Error Reporting never reports errors, click Show, and then add or remove applications from the list of application file names in the Show Contents dialog box (example: notepad.exe). File names must always include the .exe file name extension. To remove an application from the list, click the name, and then press DELETE. If this policy setting is enabled, the Exclude errors for applications on this list setting takes precedence.
 
-If you disable or do not configure this policy setting, errors are reported on all Microsoft and Windows applications by default.
+If you disable or don't configure this policy setting, errors are reported on all Microsoft and Windows applications by default.
 
 
 <!--/Description-->
@@ -1251,7 +1251,7 @@ This policy setting limits Windows Error Reporting behavior for errors in genera
 
 If you enable this policy setting, you can create a list of applications that are never included in error reports. To create a list of applications for which Windows Error Reporting never reports errors, click Show, and then add or remove applications from the list of application file names in the Show Contents dialog box (example: notepad.exe). File names must always include the .exe file name extension. To remove an application from the list, click the name, and then press DELETE. If this policy setting is enabled, the Exclude errors for applications on this list setting takes precedence.
 
-If you disable or do not configure this policy setting, errors are reported on all Microsoft and Windows applications by default.
+If you disable or don't configure this policy setting, errors are reported on all Microsoft and Windows applications by default.
 
 <!--/Description-->
 
@@ -1294,9 +1294,9 @@ ADMX Info:
 <!--Description-->
 This policy setting controls whether Windows Error Reporting saves its own events and error messages to the system event log.
 
-If you enable this policy setting, Windows Error Reporting events are not recorded in the system event log.
+If you enable this policy setting, Windows Error Reporting events aren't recorded in the system event log.
 
-If you disable or do not configure this policy setting, Windows Error Reporting events and errors are logged to the system event log, as with other Windows-based programs.
+If you disable or don't configure this policy setting, Windows Error Reporting events and errors are logged to the system event log, as with other Windows-based programs.
 
 <!--/Description-->
 
@@ -1339,9 +1339,9 @@ ADMX Info:
 <!--Description-->
 This policy setting controls whether Windows Error Reporting saves its own events and error messages to the system event log.
 
-If you enable this policy setting, Windows Error Reporting events are not recorded in the system event log.
+If you enable this policy setting, Windows Error Reporting events aren't recorded in the system event log.
 
-If you disable or do not configure this policy setting, Windows Error Reporting events and errors are logged to the system event log, as with other Windows-based programs.
+If you disable or don't configure this policy setting, Windows Error Reporting events and errors are logged to the system event log, as with other Windows-based programs.
 
 <!--/Description-->
 
@@ -1382,11 +1382,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting controls whether additional data in support of error reports can be sent to Microsoft automatically.
+This policy setting controls whether more data in support of error reports can be sent to Microsoft automatically.
 
-If you enable this policy setting, any additional data requests from Microsoft in response to a Windows Error Reporting report are automatically declined, without notification to the user.
+If you enable this policy setting, any extra-data requests from Microsoft in response to a Windows Error Reporting report are automatically declined, without notification to the user.
 
-If you disable or do not configure this policy setting, then consent policy settings in Computer Configuration/Administrative Templates/Windows Components/Windows Error Reporting/Consent take precedence.
+If you disable or don't configure this policy setting, then consent policy settings in Computer Configuration/Administrative Templates/Windows Components/Windows Error Reporting/Consent take precedence.
 
 <!--/Description-->
 
@@ -1433,7 +1433,7 @@ If you enable this policy setting, you can configure report queue behavior by us
 
 The Maximum number of reports to queue setting determines how many reports can be queued before older reports are automatically deleted. The setting for Number of days between solution check reminders determines the interval time between the display of system notifications that remind the user to check for solutions to problems. A value of 0 disables the reminder.
 
-If you disable or do not configure this policy setting, Windows Error Reporting reports are not queued, and users can only send reports at the time that a problem occurs.
+If you disable or don't configure this policy setting, Windows Error Reporting reports aren't queued, and users can only send reports at the time that a problem occurs.
 
 <!--/Description-->
 
@@ -1480,7 +1480,7 @@ If you enable this policy setting, you can configure report queue behavior by us
 
 The Maximum number of reports to queue setting determines how many reports can be queued before older reports are automatically deleted. The setting for Number of days between solution check reminders determines the interval time between the display of system notifications that remind the user to check for solutions to problems. A value of 0 disables the reminder.
 
-If you disable or do not configure this policy setting, Windows Error Reporting reports are not queued, and users can only send reports at the time that a problem occurs.
+If you disable or don't configure this policy setting, Windows Error Reporting reports aren't queued, and users can only send reports at the time that a problem occurs.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-eventforwarding.md b/windows/client-management/mdm/policy-csp-admx-eventforwarding.md
index becd6119b7..ffd209aa8f 100644
--- a/windows/client-management/mdm/policy-csp-admx-eventforwarding.md
+++ b/windows/client-management/mdm/policy-csp-admx-eventforwarding.md
@@ -67,9 +67,9 @@ manager: dansimp
 <!--Description-->
 This policy setting controls resource usage for the forwarder (source computer) by controlling the events/per second sent to the Event Collector.
 
-If you enable this policy setting, you can control the volume of events sent to the Event Collector by the source computer. This may be required in high volume environments.
+If you enable this policy setting, you can control the volume of events sent to the Event Collector by the source computer. This volume-control may be required in high-volume environments.
 
-If you disable or do not configure this policy setting, forwarder resource usage is not specified.
+If you disable or don't configure this policy setting, forwarder resource usage isn't specified.
 
 This setting applies across all subscriptions for the forwarder (source computer).
 
@@ -128,7 +128,7 @@ Server=https://<FQDN of the collector>:5986/wsman/SubscriptionManager/WEC,Refres
 
 When using the HTTP protocol, use port 5985.
 
-If you disable or do not configure this policy setting, the Event Collector computer will not be specified.
+If you disable or don't configure this policy setting, the Event Collector computer won't be specified.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-eventlog.md b/windows/client-management/mdm/policy-csp-admx-eventlog.md
index 81b5a76522..5156768413 100644
--- a/windows/client-management/mdm/policy-csp-admx-eventlog.md
+++ b/windows/client-management/mdm/policy-csp-admx-eventlog.md
@@ -123,7 +123,7 @@ manager: dansimp
 <!--Description-->
 This policy setting turns on logging.
 
-If you enable or do not configure this policy setting, then events can be written to this log.
+If you enable or don't configure this policy setting, then events can be written to this log.
 
 If the policy setting is disabled, then no new events can be logged. Events can always be read from the log, regardless of this policy setting.
 
@@ -170,7 +170,7 @@ This policy setting controls the location of the log file. The location of the f
 
 If you enable this policy setting, the Event Log uses the path specified in this policy setting.
 
-If you disable or do not configure this policy setting, the Event Log uses the folder %SYSTEMROOT%\System32\winevt\Logs.
+If you disable or don't configure this policy setting, the Event Log uses the folder %SYSTEMROOT%\System32\winevt\Logs.
 
 <!--/Description-->
 
@@ -215,7 +215,7 @@ This policy setting controls the location of the log file. The location of the f
 
 If you enable this policy setting, the Event Log uses the path specified in this policy setting.
 
-If you disable or do not configure this policy setting, the Event Log uses the folder %SYSTEMROOT%\System32\winevt\Logs.
+If you disable or don't configure this policy setting, the Event Log uses the folder %SYSTEMROOT%\System32\winevt\Logs.
 
 <!--/Description-->
 
@@ -260,7 +260,7 @@ This policy setting controls the location of the log file. The location of the f
 
 If you enable this policy setting, the Event Log uses the path specified in this policy setting.
 
-If you disable or do not configure this policy setting, the Event Log uses the folder %SYSTEMROOT%\System32\winevt\Logs.
+If you disable or don't configure this policy setting, the Event Log uses the folder %SYSTEMROOT%\System32\winevt\Logs.
 
 <!--/Description-->
 
@@ -305,7 +305,7 @@ This policy setting controls the location of the log file. The location of the f
 
 If you enable this policy setting, the Event Log uses the path specified in this policy setting.
 
-If you disable or do not configure this policy setting, the Event Log uses the folder %SYSTEMROOT%\System32\winevt\Logs.
+If you disable or don't configure this policy setting, the Event Log uses the folder %SYSTEMROOT%\System32\winevt\Logs.
 
 <!--/Description-->
 
@@ -348,9 +348,9 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies the maximum size of the log file in kilobytes.
 
-If you enable this policy setting, you can configure the maximum log file size to be between 1 megabyte (1024 kilobytes) and 2 terabytes (2147483647 kilobytes), in kilobyte increments.
+If you enable this policy setting, you can configure the maximum log file size to be between 1 megabyte (1024 kilobytes) and 2 terabytes (2,147,483,647 kilobytes), in kilobyte increments.
 
-If you disable or do not configure this policy setting, the maximum size of the log file will be set to the locally configured value. This value can be changed by the local administrator using the Log Properties dialog, and it defaults to 1 megabyte.
+If you disable or don't configure this policy setting, the maximum size of the log file will be set to the locally configured value. This value can be changed by the local administrator using the Log Properties dialog, and it defaults to 1 megabyte.
 
 <!--/Description-->
 
@@ -393,11 +393,11 @@ ADMX Info:
 <!--Description-->
 This policy setting controls Event Log behavior when the log file reaches its maximum size and takes effect only if the "Retain old events" policy setting is enabled.
 
-If you enable this policy setting and the "Retain old events" policy setting is enabled, the Event Log file is automatically closed and renamed when it is full. A new file is then started.
+If you enable this policy setting and the "Retain old events" policy setting is enabled, the Event Log file is automatically closed and renamed when it's full. A new file is then started.
 
 If you disable this policy setting and the "Retain old events" policy setting is enabled, new events are discarded and old events are retained.
 
-If you do not configure this policy setting and the "Retain old events" policy setting is enabled, new events are discarded and the old events are retained.
+If you don't configure this policy setting and the "Retain old events" policy setting is enabled, new events are discarded and the old events are retained.
 
 <!--/Description-->
 
@@ -440,11 +440,11 @@ ADMX Info:
 <!--Description-->
 This policy setting controls Event Log behavior when the log file reaches its maximum size and takes effect only if the "Retain old events" policy setting is enabled.
 
-If you enable this policy setting and the "Retain old events" policy setting is enabled, the Event Log file is automatically closed and renamed when it is full. A new file is then started.
+If you enable this policy setting and the "Retain old events" policy setting is enabled, the Event Log file is automatically closed and renamed when it's full. A new file is then started.
 
 If you disable this policy setting and the "Retain old events" policy setting is enabled, new events are discarded and old events are retained.
 
-If you do not configure this policy setting and the "Retain old events" policy setting is enabled, new events are discarded and the old events are retained.
+If you don't configure this policy setting and the "Retain old events" policy setting is enabled, new events are discarded and the old events are retained.
 
 <!--/Description-->
 
@@ -487,11 +487,11 @@ ADMX Info:
 <!--Description-->
 This policy setting controls Event Log behavior when the log file reaches its maximum size and takes effect only if the "Retain old events" policy setting is enabled.
 
-If you enable this policy setting and the "Retain old events" policy setting is enabled, the Event Log file is automatically closed and renamed when it is full. A new file is then started.
+If you enable this policy setting and the "Retain old events" policy setting is enabled, the Event Log file is automatically closed and renamed when it's full. A new file is then started.
 
 If you disable this policy setting and the "Retain old events" policy setting is enabled, new events are discarded and old events are retained.
 
-If you do not configure this policy setting and the "Retain old events" policy setting is enabled, new events are discarded and the old events are retained.
+If you don't configure this policy setting and the "Retain old events" policy setting is enabled, new events are discarded and the old events are retained.
 
 <!--/Description-->
 
@@ -534,11 +534,11 @@ ADMX Info:
 <!--Description-->
 This policy setting controls Event Log behavior when the log file reaches its maximum size and takes effect only if the "Retain old events" policy setting is enabled.
 
-If you enable this policy setting and the "Retain old events" policy setting is enabled, the Event Log file is automatically closed and renamed when it is full. A new file is then started.
+If you enable this policy setting and the "Retain old events" policy setting is enabled, the Event Log file is automatically closed and renamed when it's full. A new file is then started.
 
 If you disable this policy setting and the "Retain old events" policy setting is enabled, new events are discarded and old events are retained.
 
-If you do not configure this policy setting and the "Retain old events" policy setting is enabled, new events are discarded and the old events are retained.
+If you don't configure this policy setting and the "Retain old events" policy setting is enabled, new events are discarded and the old events are retained.
 
 <!--/Description-->
 
@@ -583,7 +583,7 @@ This policy setting specifies the security descriptor to use for the log using t
 
 If you enable this policy setting, only those users matching the security descriptor can access the log.
 
-If you disable or do not configure this policy setting, all authenticated users and system services can write, read, or clear this log.
+If you disable or don't configure this policy setting, all authenticated users and system services can write, read, or clear this log.
 
 > [!NOTE]
 > If you enable this policy setting, some tools and APIs may ignore it. The same change should be made to the "Configure log access (legacy)" policy setting to enforce this change across all tools and APIs.
@@ -627,11 +627,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting specifies the security descriptor to use for the log using the Security Descriptor Definition Language (SDDL) string. You cannot configure write permissions for this log. You must set both "configure log access" policy settings for this log in order to affect the both modern and legacy tools.
+This policy setting specifies the security descriptor to use for the log using the Security Descriptor Definition Language (SDDL) string. You can't configure write permissions for this log. You must set both "configure log access" policy settings for this log in order to affect both modern and legacy tools.
 
 If you enable this policy setting, only those users whose security descriptor matches the configured specified value can access the log.
 
-If you disable or do not configure this policy setting, only system software and administrators can read or clear this log.
+If you disable or don't configure this policy setting, only system software and administrators can read or clear this log.
 
 > [!NOTE]
 > If you enable this policy setting, some tools and APIs may ignore it. The same change should be made to the "Configure log access (legacy)" policy setting to enforce this change across all tools and APIs.
@@ -679,7 +679,7 @@ This policy setting specifies the security descriptor to use for the log using t
 
 If you enable this policy setting, only those users matching the security descriptor can access the log.
 
-If you disable or do not configure this policy setting, all authenticated users and system services can write, read, or clear this log.
+If you disable or don't configure this policy setting, all authenticated users and system services can write, read, or clear this log.
 
 > [!NOTE]
 > If you enable this policy setting, some tools and APIs may ignore it. The same change should be made to the "Configure log access (legacy)" policy setting to enforce this change across all tools and APIs.
@@ -723,11 +723,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting specifies the security descriptor to use for the log using the Security Descriptor Definition Language (SDDL) string. You must set both "configure log access" policy settings for this log in order to affect the both modern and legacy tools.
+This policy setting specifies the security descriptor to use for the log using the Security Descriptor Definition Language (SDDL) string. You must set both "configure log access" policy settings for this log in order to affect both modern and legacy tools.
 
 If you enable this policy setting, only users whose security descriptor matches the configured value can access the log.
 
-If you disable or do not configure this policy setting, only system software and administrators can write or clear this log, and any authenticated user can read events from it.
+If you disable or don't configure this policy setting, only system software and administrators can write or clear this log, and any authenticated user can read events from it.
 
 > [!NOTE]
 > If you enable this policy setting, some tools and APIs may ignore it. The same change should be made to the "Configure log access (legacy)" policy setting to enforce this change across all tools and APIs.
@@ -771,13 +771,13 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting specifies the security descriptor to use for the log using the Security Descriptor Definition Language (SDDL) string. You must set both "configure log access" policy settings for this log in order to affect the both modern and legacy tools.
+This policy setting specifies the security descriptor to use for the log using the Security Descriptor Definition Language (SDDL) string. You must set both "configure log access" policy settings for this log in order to affect both modern and legacy tools.
 
 If you enable this policy setting, only those users matching the security descriptor can access the log.
 
 If you disable this policy setting, all authenticated users and system services can write, read, or clear this log.
 
-If you do not configure this policy setting, the previous policy setting configuration remains in effect.
+If you don't configure this policy setting, the previous policy setting configuration remains in effect.
 
 <!--/Description-->
 
@@ -818,13 +818,13 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting specifies the security descriptor to use for the log using the Security Descriptor Definition Language (SDDL) string. You cannot configure write permissions for this log.
+This policy setting specifies the security descriptor to use for the log using the Security Descriptor Definition Language (SDDL) string. You can't configure write permissions for this log.
 
 If you enable this policy setting, only those users whose security descriptor matches the configured specified value can access the log.
 
 If you disable this policy setting, only system software and administrators can read or clear this log.
 
-If you do not configure this policy setting, the previous policy setting configuration remains in effect.
+If you don't configure this policy setting, the previous policy setting configuration remains in effect.
 
 <!--/Description-->
 
@@ -865,13 +865,13 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting specifies the security descriptor to use for the log using the Security Descriptor Definition Language (SDDL) string. You must set both "configure log access" policy settings for this log in order to affect the both modern and legacy tools.
+This policy setting specifies the security descriptor to use for the log using the Security Descriptor Definition Language (SDDL) string. You must set both "configure log access" policy settings for this log in order to affect both modern and legacy tools.
 
 If you enable this policy setting, only those users matching the security descriptor can access the log.
 
 If you disable this policy setting, all authenticated users and system services can write, read, or clear this log.
 
-If you do not configure this policy setting, the previous policy setting configuration remains in effect.
+If you don't configure this policy setting, the previous policy setting configuration remains in effect.
 
 <!--/Description-->
 
@@ -918,7 +918,7 @@ If you enable this policy setting, only users whose security descriptor matches
 
 If you disable this policy setting, only system software and administrators can write or clear this log, and any authenticated user can read events from it.
 
-If you do not configure this policy setting, the previous policy setting configuration remains in effect.
+If you don't configure this policy setting, the previous policy setting configuration remains in effect.
 
 <!--/Description-->
 
@@ -961,9 +961,9 @@ ADMX Info:
 <!--Description-->
 This policy setting controls Event Log behavior when the log file reaches its maximum size.
 
-If you enable this policy setting and a log file reaches its maximum size, new events are not written to the log and are lost.
+If you enable this policy setting and a log file reaches its maximum size, new events aren't written to the log and are lost.
 
-If you disable or do not configure this policy setting and a log file reaches its maximum size, new events overwrite old events.
+If you disable or don't configure this policy setting and a log file reaches its maximum size, new events overwrite old events.
 
 Note: Old events may or may not be retained according to the "Backup log automatically when full" policy setting.
 
@@ -1008,9 +1008,9 @@ ADMX Info:
 <!--Description-->
 This policy setting controls Event Log behavior when the log file reaches its maximum size.
 
-If you enable this policy setting and a log file reaches its maximum size, new events are not written to the log and are lost.
+If you enable this policy setting and a log file reaches its maximum size, new events aren't written to the log and are lost.
 
-If you disable or do not configure this policy setting and a log file reaches its maximum size, new events overwrite old events.
+If you disable or don't configure this policy setting and a log file reaches its maximum size, new events overwrite old events.
 
 Note: Old events may or may not be retained according to the "Backup log automatically when full" policy setting.
 
@@ -1056,9 +1056,9 @@ ADMX Info:
 <!--Description-->
 This policy setting controls Event Log behavior when the log file reaches its maximum size.
 
-If you enable this policy setting and a log file reaches its maximum size, new events are not written to the log and are lost.
+If you enable this policy setting and a log file reaches its maximum size, new events aren't written to the log and are lost.
 
-If you disable or do not configure this policy setting and a log file reaches its maximum size, new events overwrite old events.
+If you disable or don't configure this policy setting and a log file reaches its maximum size, new events overwrite old events.
 
 Note: Old events may or may not be retained according to the "Backup log automatically when full" policy setting.
 
diff --git a/windows/client-management/mdm/policy-csp-admx-eventlogging.md b/windows/client-management/mdm/policy-csp-admx-eventlogging.md
index 5139f4db6e..135c65ed8f 100644
--- a/windows/client-management/mdm/policy-csp-admx-eventlogging.md
+++ b/windows/client-management/mdm/policy-csp-admx-eventlogging.md
@@ -65,9 +65,9 @@ This policy setting lets you configure Protected Event Logging.
 
 - If you enable this policy setting, components that support it will use the certificate you supply to encrypt potentially sensitive event log data before writing it to the event log. Data will be encrypted using the Cryptographic Message Syntax (CMS) standard and the public key you provide. 
 
-You can use the Unprotect-CmsMessage PowerShell cmdlet to decrypt these encrypted messages, provided that you have access to the private key corresponding to the public key that they were encrypted with.  
+You can use the Unprotect-CmsMessage PowerShell cmdlet to decrypt these encrypted messages, if you have access to the private key corresponding to the public key that they were encrypted with.  
 
-- If you disable or do not configure this policy setting, components will not encrypt event log messages before writing them to the event log.
+- If you disable or don't configure this policy setting, components won't encrypt event log messages before writing them to the event log.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-eventviewer.md b/windows/client-management/mdm/policy-csp-admx-eventviewer.md
index 69eeef1d15..b5dd4d7f65 100644
--- a/windows/client-management/mdm/policy-csp-admx-eventviewer.md
+++ b/windows/client-management/mdm/policy-csp-admx-eventviewer.md
@@ -67,7 +67,7 @@ manager: dansimp
 
 <!--/Scope-->
 <!--Description-->
-This is the program that will be invoked when the user clicks the `events.asp` link.
+This program is the one that will be invoked when the user clicks the `events.asp` link.
 
 <!--/Description-->
  
@@ -109,7 +109,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This specifies the command line parameters that will be passed to the `events.asp` program.
+This program specifies the command line parameters that will be passed to the `events.asp` program.
 
 <!--/Description-->
 
@@ -150,7 +150,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This is the URL that will be passed to the Description area in the Event Properties dialog box. 
+This URL is the one that will be passed to the Description area in the Event Properties dialog box. 
 Change this value if you want to use a different Web server to handle event information requests.
 
 
diff --git a/windows/client-management/mdm/policy-csp-admx-explorer.md b/windows/client-management/mdm/policy-csp-admx-explorer.md
index c77ca20992..cc7f6818aa 100644
--- a/windows/client-management/mdm/policy-csp-admx-explorer.md
+++ b/windows/client-management/mdm/policy-csp-admx-explorer.md
@@ -121,7 +121,7 @@ Available in the latest Windows 10 Insider Preview Build. This policy setting co
 
 If you enable this policy setting, the menu bar will be displayed in File Explorer.
 
-If you disable or do not configure this policy setting, the menu bar will not be displayed in File Explorer.  
+If you disable or don't configure this policy setting, the menu bar won't be displayed in File Explorer.  
 
 > [!NOTE]
 > When the menu bar is not displayed, users can access the menu bar by pressing the 'ALT' key.
@@ -163,9 +163,9 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows administrators who have configured roaming profile in conjunction with Delete Cached Roaming Profile Group Policy setting to ensure that Explorer will not reinitialize default program associations and other settings to default values.
+This policy setting allows administrators who have configured roaming profile in conjunction with Delete Cached Roaming Profile Group Policy setting to ensure that Explorer won't reinitialize default program associations and other settings to default values.
 
-If you enable this policy setting on a machine that does not contain all programs installed in the same manner as it was on the machine on which the user had last logged on, unexpected behavior could occur.
+If you enable this policy setting on a machine that doesn't contain all programs installed in the same manner as it was on the machine on which the user had last logged on, unexpected behavior could occur.
 
 <!--/Description-->
 
@@ -210,10 +210,10 @@ This policy setting allows administrators to prevent users from adding new items
 
 If you enable this policy setting, users will no longer be able to add new items such as files or folders to the root of their Users Files folder in File Explorer.
 
-If you disable or do not configure this policy setting, users will be able to add new items such as files or folders to the root of their Users Files folder in File Explorer.
+If you disable or don't configure this policy setting, users will be able to add new items such as files or folders to the root of their Users Files folder in File Explorer.
 
 > [!NOTE]
-> Enabling this policy setting does not prevent the user from being able to add new items such as files and folders to their actual file system profile folder at %userprofile%.
+> Enabling this policy setting doesn't prevent the user from being able to add new items such as files and folders to their actual file system profile folder at %userprofile%.
 
 <!--/Description-->
 
@@ -254,7 +254,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy is similar to settings directly available to computer users.  Disabling animations can improve usability for users with some visual disabilities as well as improving performance and battery life in some scenarios.
+This policy is similar to settings directly available to computer users.  Disabling animations can improve usability for users with some visual disabilities, and also improve performance and battery life in some scenarios.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-externalboot.md b/windows/client-management/mdm/policy-csp-admx-externalboot.md
index 7b5fcf2e88..88a074cba8 100644
--- a/windows/client-management/mdm/policy-csp-admx-externalboot.md
+++ b/windows/client-management/mdm/policy-csp-admx-externalboot.md
@@ -73,7 +73,7 @@ This policy specifies whether the PC can use the hibernation sleep state (S4) wh
 
 - If you enable this setting, Windows, when started from a Windows To Go workspace, can hibernate the PC.  
 
-- If you disable or do not configure this setting, Windows, when started from a Windows To Go workspace, and cannot hibernate the PC.
+- If you disable or don't configure this setting, Windows, when started from a Windows To Go workspace, and can't hibernate the PC.
 
 
 <!--/Description-->
@@ -119,9 +119,9 @@ ADMX Info:
 <!--Description-->
 This policy specifies whether the PC can use standby sleep states (S1-S3) when starting from a Windows To Go workspace.  
 
-If you enable this setting, Windows, when started from a Windows To Go workspace, cannot use standby states to make the PC sleep.  
+If you enable this setting, Windows, when started from a Windows To Go workspace, can't use standby states to make the PC sleep.  
 
-If you disable or do not configure this setting, Windows, when started from a Windows To Go workspace, can use standby states to make the PC sleep.
+If you disable or don't configure this setting, Windows, when started from a Windows To Go workspace, can use standby states to make the PC sleep.
 
 <!--/Description-->
 
@@ -165,11 +165,11 @@ ADMX Info:
 <!--Description-->
 This policy setting controls whether the PC will boot to Windows To Go if a USB device containing a Windows To Go workspace is connected, and controls whether users can make changes using the Windows To Go Startup Options Control Panel item.  
 
-- If you enable this setting, booting to Windows To Go when a USB device is connected will be enabled, and users will not be able to make changes using the Windows To Go Startup Options Control Panel item.  
+- If you enable this setting, booting to Windows To Go when a USB device is connected will be enabled, and users won't be able to make changes using the Windows To Go Startup Options Control Panel item.  
 
-- If you disable this setting, booting to Windows To Go when a USB device is connected will not be enabled unless a user configures the option manually in the BIOS or other boot order configuration.  
+- If you disable this setting, booting to Windows To Go when a USB device is connected won't be enabled unless a user configures the option manually in the BIOS or other boot order configuration.  
 
-If you do not configure this setting, users who are members of the Administrators group can make changes using the Windows To Go Startup Options Control Panel item.
+If you don't configure this setting, users who are members of the Administrators group can make changes using the Windows To Go Startup Options Control Panel item.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-filerevocation.md b/windows/client-management/mdm/policy-csp-admx-filerevocation.md
index f2085397e4..3fd0807394 100644
--- a/windows/client-management/mdm/policy-csp-admx-filerevocation.md
+++ b/windows/client-management/mdm/policy-csp-admx-filerevocation.md
@@ -57,12 +57,12 @@ manager: dansimp
 
 <!--/Scope-->
 <!--Description-->
-Windows Runtime applications can protect content which has been associated with an enterprise identifier (EID), but can only revoke access to content it protected. To allow an application to revoke access to all content on the device that is protected by a particular enterprise, add an entry to the list on a new line that contains the enterprise identifier, separated by a comma, and the Package Family Name of the application. The EID must be an internet domain belonging to the enterprise in standard international domain name format.   
+Windows Runtime applications can protect content that has been associated with an enterprise identifier (EID), but can only revoke access to content it protected. To allow an application to revoke access to all content on the device that is protected by a particular enterprise, add an entry to the list on a new line that contains the enterprise identifier, separated by a comma, and the Package Family Name of the application. The EID must be an internet domain belonging to the enterprise in standard international domain name format.   
 Example value: `Contoso.com,ContosoIT.HumanResourcesApp_m5g0r7arhahqy` 
 
 - If you enable this policy setting, the application identified by the Package Family Name will be permitted to revoke access to all content protected using the specified EID on the device.    
 
-- If you disable or do not configure this policy setting, the only Windows Runtime applications that can revoke access to all enterprise-protected content on the device are Windows Mail and the user-selected mailto protocol handler app.  
+- If you disable or don't configure this policy setting, the only Windows Runtime applications that can revoke access to all enterprise-protected content on the device are Windows Mail and the user-selected mailto protocol handler app.  
 
 Any other Windows Runtime application will only be able to revoke access to content it protected.  
 
diff --git a/windows/client-management/mdm/policy-csp-admx-filesys.md b/windows/client-management/mdm/policy-csp-admx-filesys.md
index 7564a4e11d..ab0c455e6b 100644
--- a/windows/client-management/mdm/policy-csp-admx-filesys.md
+++ b/windows/client-management/mdm/policy-csp-admx-filesys.md
@@ -282,7 +282,7 @@ ADMX Info:
 <!--Description-->
 This policy setting provides control over whether or not short names are generated during file creation. Some applications require short names for compatibility, but short names have a negative performance impact on the system.
 
-If you enable short names on all volumes then short names will always be generated. If you disable them on all volumes then they will never be generated. If you set short name creation to be configurable on a per volume basis then an on-disk flag will determine whether or not short names are created on a given volume. If you disable short name creation on all data volumes then short names will only be generated for files created on the system volume.
+If you enable short names on all volumes, then short names will always be generated. If you disable them on all volumes, then they'll never be generated. If you set short name creation to be configurable on a per volume basis, then an on-disk flag will determine whether or not short names are created on a given volume. If you disable short name creation on all data volumes, then short names will only be generated for files created on the system volume.
 
 <!--/Description-->
 
@@ -329,7 +329,7 @@ Symbolic links can introduce vulnerabilities in certain applications. To mitigat
 - Remote Link to Remote Target
 - Remote Link to Local Target
 
-For more information, refer to the Windows Help section.
+For more information, see the Windows Help section.
 
 > [!NOTE]
 > If this policy is disabled or not configured, local administrators may select the types of symbolic links to be evaluated.
diff --git a/windows/client-management/mdm/policy-csp-admx-folderredirection.md b/windows/client-management/mdm/policy-csp-admx-folderredirection.md
index e37fe6b015..cebe91fbd3 100644
--- a/windows/client-management/mdm/policy-csp-admx-folderredirection.md
+++ b/windows/client-management/mdm/policy-csp-admx-folderredirection.md
@@ -82,12 +82,12 @@ This policy setting allows you to control whether all redirected shell folders,
 
 If you enable this policy setting, users must manually select the files they wish to make available offline.  
 
-If you disable or do not configure this policy setting, redirected shell folders are automatically made available offline. All subfolders within the redirected folders are also made available offline.  
+If you disable or don't configure this policy setting, redirected shell folders are automatically made available offline. All subfolders within the redirected folders are also made available offline.  
 
 > [!NOTE]
 > This policy setting does not prevent files from being automatically cached if the network share is configured for "Automatic Caching", nor does it affect the availability of the "Always available offline" menu option in the user interface.  
 >
-> Do not enable this policy setting if users will need access to their redirected files if the network or server holding the redirected files becomes unavailable.
+> Don't enable this policy setting if users will need access to their redirected files if the network or server holding the redirected files becomes unavailable.
 >
 > If one or more valid folder GUIDs are specified in the policy setting "Do not automatically make specific redirected folders available offline", that setting will override the configured value of "Do not automatically make all redirected folders available offline".
 
@@ -133,7 +133,7 @@ This policy setting allows you to control whether individual redirected shell fo
 
 For the folders affected by this setting, users must manually select the files they wish to make available offline.
 
-If you disable or do not configure this policy setting, all redirected shell folders are automatically made available offline. All subfolders within the redirected folders are also made available offline.
+If you disable or don't configure this policy setting, all redirected shell folders are automatically made available offline. All subfolders within the redirected folders are also made available offline.
 
 > [!NOTE]
 > This policy setting does not prevent files from being automatically cached if the network share is configured for "Automatic Caching", nor does it affect the availability of the "Always available offline" menu option in the user interface.
@@ -179,11 +179,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting controls whether the contents of redirected folders is copied from the old location to the new location or simply renamed in the Offline Files cache when a folder is redirected to a new location.
+This policy setting controls whether the contents of redirected folders is copied from the old location to the new location or renamed in the Offline Files cache when a folder is redirected to a new location.
 
 If you enable this policy setting, when the path to a redirected folder is changed from one network location to another and Folder Redirection is configured to move the content to the new location, instead of copying the content to the new location, the cached content is renamed in the local cache and not copied to the new location. To use this policy setting, you must move or restore the server content to the new network location using a method that preserves the state of the files, including their timestamps, before updating the Folder Redirection location.
 
-If you disable or do not configure this policy setting, when the path to a redirected folder is changed and Folder Redirection is configured to move the content to the new location, Windows copies the contents of the local cache to the new network location, then deleted the content from the old network location.
+If you disable or don't configure this policy setting, when the path to a redirected folder is changed and Folder Redirection is configured to move the content to the new location, Windows copies the contents of the local cache to the new network location, then deleted the content from the old network location.
 
 <!--/Description-->
 
@@ -319,13 +319,13 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting controls whether folders are redirected on a user's primary computers only. This policy setting is useful to improve logon performance and to increase security for user data on computers where the user might not want to download private data, such as on a meeting room computer or on a computer in a remote office.
+This policy setting controls whether folders are redirected on a user's primary computers only. This policy setting is useful to improve sign-in performance and to increase security for user data on computers where the user might not want to download private data, such as on a meeting room computer or on a computer in a remote office.
 
 To designate a user's primary computers, an administrator must use management software or a script to add primary computer attributes to the user's account in Active Directory Domain Services (AD DS). This policy setting also requires the Windows Server 2012 version of the Active Directory schema to function.
 
 If you enable this policy setting and the user has redirected folders, such as the Documents and Pictures folders, the folders are redirected on the user's primary computer only.
 
-If you disable or do not configure this policy setting and the user has redirected folders, the folders are redirected on every computer that the user logs on to.
+If you disable or don't configure this policy setting and the user has redirected folders, the folders are redirected on every computer that the user signs in to.
 
 > [!NOTE]
 > If you enable this policy setting in Computer Configuration and User Configuration, the Computer Configuration policy setting takes precedence.
@@ -368,13 +368,13 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting controls whether folders are redirected on a user's primary computers only. This policy setting is useful to improve logon performance and to increase security for user data on computers where the user might not want to download private data, such as on a meeting room computer or on a computer in a remote office.
+This policy setting controls whether folders are redirected on a user's primary computers only. This policy setting is useful to improve sign-in performance and to increase security for user data on computers where the user might not want to download private data, such as on a meeting room computer or on a computer in a remote office.
 
 To designate a user's primary computers, an administrator must use management software or a script to add primary computer attributes to the user's account in Active Directory Domain Services (AD DS). This policy setting also requires the Windows Server 2012 version of the Active Directory schema to function.
 
 If you enable this policy setting and the user has redirected folders, such as the Documents and Pictures folders, the folders are redirected on the user's primary computer only.
 
-If you disable or do not configure this policy setting and the user has redirected folders, the folders are redirected on every computer that the user logs on to.
+If you disable or don't configure this policy setting and the user has redirected folders, the folders are redirected on every computer that the user signs in to.
 
 > [!NOTE]
 > If you enable this policy setting in Computer Configuration and User Configuration, the Computer Configuration policy setting takes precedence.
diff --git a/windows/client-management/mdm/policy-csp-admx-framepanes.md b/windows/client-management/mdm/policy-csp-admx-framepanes.md
index 11e25bde64..4b83f0c105 100644
--- a/windows/client-management/mdm/policy-csp-admx-framepanes.md
+++ b/windows/client-management/mdm/policy-csp-admx-framepanes.md
@@ -63,16 +63,16 @@ manager: dansimp
 <!--Description-->
 This policy setting shows or hides the Details Pane in File Explorer.  
 
-- If you enable this policy setting and configure it to hide the pane, the Details Pane in File Explorer is hidden and cannot be turned on by the user.  
+- If you enable this policy setting and configure it to hide the pane, the Details Pane in File Explorer is hidden and can't be turned on by the user.  
 
-- If you enable this policy setting and configure it to show the pane, the Details Pane is always visible and cannot be hidden by the user. 
+- If you enable this policy setting and configure it to show the pane, the Details Pane is always visible and can't be hidden by the user. 
 
 > [!NOTE]
-> This has a side effect of not being able to toggle to the Preview Pane since the two cannot be displayed at the same time.  
+> This has a side effect of not being able to toggle to the Preview Pane since the two can't be displayed at the same time.  
 
-- If you disable, or do not configure this policy setting, the Details Pane is hidden by default and can be displayed by the user. 
+- If you disable, or don't configure this policy setting, the Details Pane is hidden by default and can be displayed by the user.
 
-This is the default policy setting.
+This setting is the default policy setting.
 
 <!--/Description--> 
 
@@ -114,9 +114,9 @@ ADMX Info:
 <!--Description-->
 Hides the Preview Pane in File Explorer.  
 
-- If you enable this policy setting, the Preview Pane in File Explorer is hidden and cannot be turned on by the user.  
+- If you enable this policy setting, the Preview Pane in File Explorer is hidden and can't be turned on by the user.  
 
-- If you disable, or do not configure this setting, the Preview Pane is hidden by default and can be displayed by the user.
+- If you disable, or don't configure this setting, the Preview Pane is hidden by default and can be displayed by the user.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-globalization.md b/windows/client-management/mdm/policy-csp-admx-globalization.md
index c16cc7e02d..45623d01c7 100644
--- a/windows/client-management/mdm/policy-csp-admx-globalization.md
+++ b/windows/client-management/mdm/policy-csp-admx-globalization.md
@@ -132,7 +132,7 @@ manager: dansimp
 <!--Description-->
 This policy prevents automatic copying of user input methods to the system account for use on the sign-in screen. The user is restricted to the set of input methods that are enabled in the system account.
 
-Note this does not affect the availability of user input methods on the lock screen or with the UAC prompt.
+This confinement doesn't affect the availability of user input methods on the lock screen or with the UAC prompt.
 
 If the policy is Enabled, then the user will get input methods enabled for the system account on the sign-in page.
 
@@ -180,17 +180,17 @@ ADMX Info:
 <!--Description-->
 This policy setting prevents a user from selecting a supplemental custom locale as their user locale. The user is restricted to the set of locales that are installed with the operating system.
 
-This does not affect the selection of replacement locales. To prevent the selection of replacement locales, adjust the permissions of the %windir%\Globalization directory to prevent the installation of locales by unauthorized users.
+This confinement doesn't affect the selection of replacement locales. To prevent the selection of replacement locales, adjust the permissions of the %windir%\Globalization directory to prevent the installation of locales by unauthorized users.
 
-The policy setting "Restrict user locales" can also be enabled to disallow selection of a custom locale, even if this policy setting is not configured.
+The policy setting "Restrict user locales" can also be enabled to disallow selection of a custom locale, even if this policy setting isn't configured.
 
-If you enable this policy setting, the user cannot select a custom locale as their user locale, but they can still select a replacement locale if one is installed.
+If you enable this policy setting, the user can't select a custom locale as their user locale, but they can still select a replacement locale if one is installed.
 
-If you disable or do not configure this policy setting, the user can select a custom locale as their user locale.
+If you disable or don't configure this policy setting, the user can select a custom locale as their user locale.
 
-If this policy setting is enabled at the machine level, it cannot be disabled by a per-user policy setting. If this policy setting is disabled at the machine level, the per-user policy setting will be ignored. If this policy setting is not configured at the machine level, restrictions will be based on per-user policy settings.
+If this policy setting is enabled at the machine level, it can't be disabled by a per-user policy setting. If this policy setting is disabled at the machine level, the per-user policy setting will be ignored. If this policy setting isn't configured at the machine level, restrictions will be based on per-user policy settings.
 
-To set this policy setting on a per-user basis, make sure that you do not configure the per-machine policy setting.
+To set this policy setting on a per-user basis, make sure that you don't configure the per-machine policy setting.
 
 <!--/Description-->
 
@@ -233,17 +233,17 @@ ADMX Info:
 <!--Description-->
 This policy setting prevents a user from selecting a supplemental custom locale as their user locale. The user is restricted to the set of locales that are installed with the operating system.
 
-This does not affect the selection of replacement locales. To prevent the selection of replacement locales, adjust the permissions of the %windir%\Globalization directory to prevent the installation of locales by unauthorized users.
+This confinement doesn't affect the selection of replacement locales. To prevent the selection of replacement locales, adjust the permissions of the %windir%\Globalization directory to prevent the installation of locales by unauthorized users.
 
-The policy setting "Restrict user locales" can also be enabled to disallow selection of a custom locale, even if this policy setting is not configured.
+The policy setting "Restrict user locales" can also be enabled to disallow selection of a custom locale, even if this policy setting isn't configured.
 
-If you enable this policy setting, the user cannot select a custom locale as their user locale, but they can still select a replacement locale if one is installed.
+If you enable this policy setting, the user can't select a custom locale as their user locale, but they can still select a replacement locale if one is installed.
 
-If you disable or do not configure this policy setting, the user can select a custom locale as their user locale.
+If you disable or don't configure this policy setting, the user can select a custom locale as their user locale.
 
-If this policy setting is enabled at the machine level, it cannot be disabled by a per-user policy setting. If this policy setting is disabled at the machine level, the per-user policy setting will be ignored. If this policy setting is not configured at the machine level, restrictions will be based on per-user policy settings.
+If this policy setting is enabled at the machine level, it can't be disabled by a per-user policy setting. If this policy setting is disabled at the machine level, the per-user policy setting will be ignored. If this policy setting isn't configured at the machine level, restrictions will be based on per-user policy settings.
 
-To set this policy setting on a per-user basis, make sure that you do not configure the per-machine policy setting.
+To set this policy setting on a per-user basis, make sure that you don't configure the per-machine policy setting.
 
 <!--/Description-->
 
@@ -286,13 +286,13 @@ ADMX Info:
 <!--Description-->
 This policy setting removes the Administrative options from the Region settings control panel.
 
-Administrative options include interfaces for setting system locale and copying settings to the default user. This policy setting does not, however, prevent an administrator or another application from changing these values programmatically.
+Administrative options include interfaces for setting system locale and copying settings to the default user. This policy setting doesn't, however, prevent an administrator or another application from changing these values programmatically.
 
 This policy setting is used only to simplify the Regional Options control panel.
 
-If you enable this policy setting, the user cannot see the Administrative options.
+If you enable this policy setting, the user can't see the Administrative options.
 
-If you disable or do not configure this policy setting, the user can see the Administrative options.
+If you disable or don't configure this policy setting, the user can see the Administrative options.
 
 > [!NOTE]
 > Even if a user can see the Administrative options, other policies may prevent them from modifying the values.
@@ -341,9 +341,9 @@ This policy setting removes the option to change the user's geographical locatio
 
 This policy setting is used only to simplify the Regional Options control panel.
 
-If you enable this policy setting, the user does not see the option to change the GeoID. This does not prevent the user or an application from changing the GeoID programmatically.
+If you enable this policy setting, the user doesn't see the option to change the GeoID. This lack of display doesn't prevent the user or an application from changing the GeoID programmatically.
 
-If you disable or do not configure this policy setting, the user sees the option for changing the user location (GeoID).
+If you disable or don't configure this policy setting, the user sees the option for changing the user location (GeoID).
 
 > [!NOTE]
 > Even if a user can see the GeoID option, the "Disallow changing of geographical location" option can prevent them from actually changing their current geographical location.
@@ -391,7 +391,7 @@ This policy setting removes the option to change the user's menus and dialogs (U
 
 This policy setting is used only to simplify the Regional Options control panel.
 
-If you enable this policy setting, the user does not see the option for changing the UI language. This does not prevent the user or an application from changing the UI language programmatically.  If you disable or do not configure this policy setting, the user sees the option for changing the UI language.
+If you enable this policy setting, the user doesn't see the option for changing the UI language. This lack of display doesn't prevent the user or an application from changing the UI language programmatically.  If you disable or don't configure this policy setting, the user sees the option for changing the UI language.
 
 > [!NOTE]
 > Even if a user can see the option to change the UI language, other policy settings can prevent them from changing their UI language.
@@ -440,9 +440,9 @@ This policy setting removes the regional formats interface from the Region setti
 
 This policy setting is used only to simplify the Regional and Language Options control panel.
 
-If you enable this policy setting, the user does not see the regional formats options. This does not prevent the user or an application from changing their user locale or user overrides programmatically.
+If you enable this policy setting, the user doesn't see the regional formats options. This lack of display doesn't prevent the user or an application from changing their user locale or user overrides programmatically.
 
-If you disable or do not configure this policy setting, the user sees the regional formats options for changing and customizing the user locale.
+If you disable or don't configure this policy setting, the user sees the regional formats options for changing and customizing the user locale.
 
 <!--/Description-->
 
@@ -485,16 +485,16 @@ ADMX Info:
 <!--Description-->
 This policy setting turns off the automatic learning component of handwriting recognition personalization.
 
-Automatic learning enables the collection and storage of text and ink written by the user in order to help adapt handwriting recognition to the vocabulary and handwriting style of the user.  Text that is collected includes all outgoing messages in Windows Mail, and MAPI enabled email clients, as well as URLs from the Internet Explorer browser history. The information that is stored includes word frequency and new words not already known to the handwriting recognition engines (for example, proper names and acronyms). Deleting email content or the browser history does not delete the stored personalization data. Ink entered through Input Panel is collected and stored.
+Automatic learning enables the collection and storage of text and ink written by the user in order to help adapt handwriting recognition to the vocabulary and handwriting style of the user.  Text that is collected includes all outgoing messages in Windows Mail, and MAPI enabled email clients, and URLs from the Internet Explorer browser history. The information that is stored includes word frequency and new words not already known to the handwriting recognition engines (for example, proper names and acronyms). Deleting email content or the browser history doesn't delete the stored personalization data. Ink entered through Input Panel is collected and stored.
 
 > [!NOTE]
-> Automatic learning of both text and ink might not be available for all languages, even when handwriting personalization is available. See Tablet PC Help for more information.
+> Automatic learning of both text and ink might not be available for all languages, even when handwriting personalization is available. For more information, see Tablet PC Help.
 
-If you enable this policy setting, automatic learning stops and any stored data is deleted. Users cannot configure this setting in Control Panel.
+If you enable this policy setting, automatic learning stops and any stored data is deleted. Users can't configure this setting in Control Panel.
 
-If you disable this policy setting, automatic learning is turned on. Users cannot configure this policy setting in Control Panel. Collected data is only used for handwriting recognition, if handwriting personalization is turned on.
+If you disable this policy setting, automatic learning is turned on. Users can't configure this policy setting in Control Panel. Collected data is only used for handwriting recognition, if handwriting personalization is turned on.
 
-If you do not configure this policy, users can choose to enable or disable automatic learning either from the Handwriting tab in the Tablet Settings in Control Panel or from the opt-in dialog.
+If you don't configure this policy, users can choose to enable or disable automatic learning either from the Handwriting tab in the Tablet Settings in Control Panel or from the opt-in dialog.
 
 This policy setting is related to the "Turn off handwriting personalization" policy setting.
 
@@ -544,16 +544,16 @@ ADMX Info:
 <!--Description-->
 This policy setting turns off the automatic learning component of handwriting recognition personalization.
 
-Automatic learning enables the collection and storage of text and ink written by the user in order to help adapt handwriting recognition to the vocabulary and handwriting style of the user.  Text that is collected includes all outgoing messages in Windows Mail, and MAPI enabled email clients, as well as URLs from the Internet Explorer browser history. The information that is stored includes word frequency and new words not already known to the handwriting recognition engines (for example, proper names and acronyms). Deleting email content or the browser history does not delete the stored personalization data. Ink entered through Input Panel is collected and stored.
+Automatic learning enables the collection and storage of text and ink written by the user in order to help adapt handwriting recognition to the vocabulary and handwriting style of the user.  Text that is collected includes all outgoing messages in Windows Mail, and MAPI enabled email clients, and URLs from the Internet Explorer browser history. The information that is stored includes word frequency and new words not already known to the handwriting recognition engines (for example, proper names and acronyms). Deleting email content or the browser history doesn't delete the stored personalization data. Ink entered through Input Panel is collected and stored.
 
 > [!NOTE]
-> Automatic learning of both text and ink might not be available for all languages, even when handwriting personalization is available. See Tablet PC Help for more information.
+> Automatic learning of both text and ink might not be available for all languages, even when handwriting personalization is available. For more information, see Tablet PC Help.
 
-If you enable this policy setting, automatic learning stops and any stored data is deleted. Users cannot configure this setting in Control Panel.
+If you enable this policy setting, automatic learning stops and any stored data is deleted. Users can't configure this setting in Control Panel.
 
-If you disable this policy setting, automatic learning is turned on. Users cannot configure this policy setting in Control Panel. Collected data is only used for handwriting recognition, if handwriting personalization is turned on.
+If you disable this policy setting, automatic learning is turned on. Users can't configure this policy setting in Control Panel. Collected data is only used for handwriting recognition, if handwriting personalization is turned on.
 
-If you do not configure this policy, users can choose to enable or disable automatic learning either from the Handwriting tab in the Tablet Settings in Control Panel or from the opt-in dialog.
+If you don't configure this policy, users can choose to enable or disable automatic learning either from the Handwriting tab in the Tablet Settings in Control Panel or from the opt-in dialog.
 
 This policy setting is related to the "Turn off handwriting personalization" policy setting.
 
@@ -601,13 +601,13 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting restricts the permitted system locales to the specified list. If the list is empty, it locks the system locale to its current value. This policy setting does not change the existing system locale; however, the next time that an administrator attempts to change the computer's system locale, they will be restricted to the specified list.
+This policy setting restricts the permitted system locales to the specified list. If the list is empty, it locks the system locale to its current value. This policy setting doesn't change the existing system locale; however, the next time that an administrator attempts to change the computer's system locale, they'll be restricted to the specified list.
 
 The locale list is specified using language names, separated by a semicolon (;). For example, en-US is English (United States). Specifying "en-US;en-CA" would restrict the system locale to English (United States) and English (Canada).
 
 If you enable this policy setting, administrators can select a system locale only from the specified system locale list.
 
-If you disable or do not configure this policy setting, administrators can select any system locale shipped with the operating system.
+If you disable or don't configure this policy setting, administrators can select any system locale shipped with the operating system.
 
 <!--/Description-->
 
@@ -648,15 +648,15 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting restricts users on a computer to the specified list of user locales. If the list is empty, it locks all user locales to their current values. This policy setting does not change existing user locale settings; however, the next time a user attempts to change their user locale, their choices will be restricted to locales in this list.
+This policy setting restricts users on a computer to the specified list of user locales. If the list is empty, it locks all user locales to their current values. This policy setting doesn't change existing user locale settings; however, the next time a user attempts to change their user locale, their choices will be restricted to locales in this list.
 
-To set this policy setting on a per-user basis, make sure that you do not configure the per-computer policy setting.
+To set this policy setting on a per-user basis, make sure that you don't configure the per-computer policy setting.
 
 The locale list is specified using language tags, separated by a semicolon (;). For example, en-US is English (United States). Specifying "en-CA;fr-CA" would restrict the user locale to English (Canada) and French (Canada).
 
 If you enable this policy setting, only locales in the specified locale list can be selected by users.
 
-If you disable or do not configure this policy setting, users can select any locale installed on the computer, unless restricted by the "Disallow selection of Custom Locales" policy setting.  If this policy setting is enabled at the computer level, it cannot be disabled by a per-user policy. If this policy setting is disabled at the computer level, the per-user policy is ignored. If this policy setting is not configured at the computer level, restrictions are based on per-user policies.
+If you disable or don't configure this policy setting, users can select any locale installed on the computer, unless restricted by the "Disallow selection of Custom Locales" policy setting.  If this policy setting is enabled at the computer level, it can't be disabled by a per-user policy. If this policy setting is disabled at the computer level, the per-user policy is ignored. If this policy setting isn't configured at the computer level, restrictions are based on per-user policies.
 
 <!--/Description-->
 
@@ -697,17 +697,17 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting restricts users on a computer to the specified list of user locales. If the list is empty, it locks all user locales to their current values. This policy setting does not change existing user locale settings; however, the next time a user attempts to change their user locale, their choices will be restricted to locales in this list.
+This policy setting restricts users on a computer to the specified list of user locales. If the list is empty, it locks all user locales to their current values. This policy setting doesn't change existing user locale settings; however, the next time a user attempts to change their user locale, their choices will be restricted to locales in this list.
 
-To set this policy setting on a per-user basis, make sure that you do not configure the per-computer policy setting.
+To set this policy setting on a per-user basis, make sure that you don't configure the per-computer policy setting.
 
 The locale list is specified using language tags, separated by a semicolon (;). For example, en-US is English (United States). Specifying "en-CA;fr-CA" would restrict the user locale to English (Canada) and French (Canada).
 
 If you enable this policy setting, only locales in the specified locale list can be selected by users.
 
-If you disable or do not configure this policy setting, users can select any locale installed on the computer, unless restricted by the "Disallow selection of Custom Locales" policy setting.
+If you disable or don't configure this policy setting, users can select any locale installed on the computer, unless restricted by the "Disallow selection of Custom Locales" policy setting.
 
-If this policy setting is enabled at the computer level, it cannot be disabled by a per-user policy. If this policy setting is disabled at the computer level, the per-user policy is ignored. If this policy setting is not configured at the computer level, restrictions are based on per-user policies.
+If this policy setting is enabled at the computer level, it can't be disabled by a per-user policy. If this policy setting is disabled at the computer level, the per-user policy is ignored. If this policy setting isn't configured at the computer level, restrictions are based on per-user policies.
 
 <!--/Description-->
 
@@ -750,11 +750,11 @@ ADMX Info:
 <!--Description-->
 This policy setting restricts the Windows UI language for all users.
 
-This is a policy setting for computers with more than one UI language installed.
+This policy setting is meant for computers with more than one UI language installed.
 
-If you enable this policy setting, the UI language of Windows menus and dialogs for systems with more than one language will follow the language specified by the administrator as the system UI languages. The UI language selected by the user will be ignored if it is different than any of the system UI languages.
+If you enable this policy setting, the UI language of Windows menus and dialogs for systems with more than one language will follow the language specified by the administrator as the system UI languages. The UI language selected by the user will be ignored if it's different than any of the system UI languages.
 
-If you disable or do not configure this policy setting, the user can specify which UI language is used.
+If you disable or don't configure this policy setting, the user can specify which UI language is used.
 
 <!--/Description-->
 
@@ -799,9 +799,9 @@ This policy setting restricts the Windows UI language for specific users.
 
 This policy setting applies to computers with more than one UI language installed.
 
-If you enable this policy setting, the UI language of Windows menus and dialogs for systems with more than one language is restricted to a specified language for the selected user. If the specified language is not installed on the target computer or you disable this policy setting, the language selection defaults to the language selected by the user.
+If you enable this policy setting, the UI language of Windows menus and dialogs for systems with more than one language is restricted to a specified language for the selected user. If the specified language isn't installed on the target computer or you disable this policy setting, the language selection defaults to the language selected by the user.
 
-If you disable or do not configure this policy setting, there is no restriction on which language users should use.
+If you disable or don't configure this policy setting, there's no restriction on which language users should use.
 
 To enable this policy setting in Windows Server 2003, Windows XP, or Windows 2000, to use the "Restrict selection of Windows menus and dialogs language" policy setting.
 
@@ -846,13 +846,13 @@ ADMX Info:
 <!--Description-->
 This policy setting prevents users from changing their user geographical location (GeoID).
 
-If you enable this policy setting, users cannot change their GeoID.
+If you enable this policy setting, users can't change their GeoID.
 
-If you disable or do not configure this policy setting, users may select any GeoID.
+If you disable or don't configure this policy setting, users may select any GeoID.
 
-If you enable this policy setting at the computer level, it cannot be disabled by a per-user policy setting. If you disable this policy setting at the computer level, the per-user policy is ignored. If you do not configure this policy setting at the computer level, restrictions are based on per-user policy settings.
+If you enable this policy setting at the computer level, it can't be disabled by a per-user policy setting. If you disable this policy setting at the computer level, the per-user policy is ignored. If you don't configure this policy setting at the computer level, restrictions are based on per-user policy settings.
 
-To set this policy setting on a per-user basis, make sure that the per-computer policy setting is not configured.
+To set this policy setting on a per-user basis, make sure that the per-computer policy setting isn't configured.
 
 <!--/Description-->
 
@@ -895,13 +895,13 @@ ADMX Info:
 <!--Description-->
 This policy setting prevents users from changing their user geographical location (GeoID).
 
-If you enable this policy setting, users cannot change their GeoID.
+If you enable this policy setting, users can't change their GeoID.
 
-If you disable or do not configure this policy setting, users may select any GeoID.
+If you disable or don't configure this policy setting, users may select any GeoID.
 
-If you enable this policy setting at the computer level, it cannot be disabled by a per-user policy setting. If you disable this policy setting at the computer level, the per-user policy is ignored. If you do not configure this policy setting at the computer level, restrictions are based on per-user policy settings.
+If you enable this policy setting at the computer level, it can't be disabled by a per-user policy setting. If you disable this policy setting at the computer level, the per-user policy is ignored. If you don't configure this policy setting at the computer level, restrictions are based on per-user policy settings.
 
-To set this policy setting on a per-user basis, make sure that the per-computer policy setting is not configured.
+To set this policy setting on a per-user basis, make sure that the per-computer policy setting isn't configured.
 
 <!--/Description-->
 
@@ -946,13 +946,13 @@ This policy setting prevents the user from customizing their locale by changing
 
 Any existing overrides in place when this policy is enabled will be frozen. To remove existing user overrides, first reset the user(s) values to the defaults and then apply this policy.
 
-When this policy setting is enabled, users can still choose alternate locales installed on the system unless prevented by other policies, however, they will be unable to customize those choices.
+When this policy setting is enabled, users can still choose alternate locales installed on the system unless prevented by other policies, however, they'll be unable to customize those choices.
 
-The user cannot customize their user locale with user overrides.
+The user can't customize their user locale with user overrides.
 
 If this policy setting is disabled or not configured, then the user can customize their user locale overrides.
 
-If this policy is set to Enabled at the computer level, then it cannot be disabled by a per-User policy. If this policy is set to Disabled at the computer level, then the per-User policy will be ignored. If this policy is set to Not Configured at the computer level, then restrictions will be based on per-User policies.
+If this policy is set to Enabled at the computer level, then it can't be disabled by a per-User policy. If this policy is set to Disabled at the computer level, then the per-User policy will be ignored. If this policy is set to Not Configured at the computer level, then restrictions will be based on per-User policies.
 
 To set this policy on a per-user basis, make sure that the per-computer policy is set to Not Configured.
 
@@ -999,13 +999,13 @@ This policy setting prevents the user from customizing their locale by changing
 
 Any existing overrides in place when this policy is enabled will be frozen. To remove existing user overrides, first reset the user(s) values to the defaults and then apply this policy.
 
-When this policy setting is enabled, users can still choose alternate locales installed on the system unless prevented by other policies, however, they will be unable to customize those choices.
+When this policy setting is enabled, users can still choose alternate locales installed on the system unless prevented by other policies, however, they'll be unable to customize those choices.
 
-The user cannot customize their user locale with user overrides.
+The user can't customize their user locale with user overrides.
 
 If this policy setting is disabled or not configured, then the user can customize their user locale overrides.
 
-If this policy is set to Enabled at the computer level, then it cannot be disabled by a per-User policy. If this policy is set to Disabled at the computer level, then the per-User policy will be ignored. If this policy is set to Not Configured at the computer level, then restrictions will be based on per-User policies.
+If this policy is set to Enabled at the computer level, then it can't be disabled by a per-User policy. If this policy is set to Disabled at the computer level, then the per-User policy will be ignored. If this policy is set to Not Configured at the computer level, then restrictions will be based on per-User policies.
 
 To set this policy on a per-user basis, make sure that the per-computer policy is set to Not Configured.
 
@@ -1048,13 +1048,13 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting restricts users to the specified language by disabling the menus and dialog box controls in the Region settings control panel. If the specified language is not installed on the target computer, the language selection defaults to English.
+This policy setting restricts users to the specified language by disabling the menus and dialog box controls in the Region settings control panel. If the specified language isn't installed on the target computer, the language selection defaults to English.
 
-If you enable this policy setting, the dialog box controls in the Regional and Language Options control panel are not accessible to the logged on user. This prevents users from specifying a language different than the one used.
+If you enable this policy setting, the dialog box controls in the Regional and Language Options control panel aren't accessible to the signed-in user. This prevention of access prevents users from specifying a language different than the one used.
 
 To enable this policy setting in Windows Vista, use the "Restricts the UI languages Windows should use for the selected user" policy setting.
 
-If you disable or do not configure this policy setting, the logged-on user can access the dialog box controls in the Regional and Language Options control panel to select any available UI language.
+If you disable or don't configure this policy setting, the logged-on user can access the dialog box controls in the Regional and Language Options control panel to select any available UI language.
 
 <!--/Description-->
 
@@ -1095,7 +1095,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy turns off the autocorrect misspelled words option. This does not, however, prevent the user or an application from changing the setting programmatically.
+This policy turns off the autocorrect misspelled words option. This turn off doesn't, however, prevent the user or an application from changing the setting programmatically.
 
 The autocorrect misspelled words option controls whether or not errors in typed text will be automatically corrected.
 
@@ -1103,7 +1103,7 @@ If the policy is Enabled, then the option will be locked to not autocorrect miss
 
 If the policy is Disabled or Not Configured, then the user will be free to change the setting according to their preference.
 
-Note that the availability and function of this setting is dependent on supported languages being enabled.
+The availability and function of this setting is dependent on supported languages being enabled.
 <!--/Description-->
 
 <!--ADMXBacked-->
@@ -1143,7 +1143,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy turns off the highlight misspelled words option. This does not, however, prevent the user or an application from changing the setting programmatically.
+This policy turns off the highlight misspelled words option. This turn off doesn't, however, prevent the user or an application from changing the setting programmatically.
 
 The highlight misspelled words option controls whether or next spelling errors in typed text will be highlighted.
 
@@ -1151,7 +1151,7 @@ If the policy is Enabled, then the option will be locked to not highlight misspe
 
 If the policy is Disabled or Not Configured, then the user will be free to change the setting according to their preference.
 
-Note that the availability and function of this setting is dependent on supported languages being enabled.
+The availability and function of this setting is dependent on supported languages being enabled.
 
 <!--/Description-->
 
@@ -1192,7 +1192,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy turns off the insert a space after selecting a text prediction option. This does not, however, prevent the user or an application from changing the setting programmatically.
+This policy turns off the insert a space after selecting a text prediction option. This turn off doesn't, however, prevent the user or an application from changing the setting programmatically.
 
 The insert a space after selecting a text prediction option controls whether or not a space will be inserted after the user selects a text prediction candidate when using the on-screen keyboard.
 
@@ -1200,7 +1200,7 @@ If the policy is Enabled, then the option will be locked to not insert a space a
 
 If the policy is Disabled or Not Configured, then the user will be free to change the setting according to their preference.
 
-Note that the availability and function of this setting is dependent on supported languages being enabled.
+The availability and function of this setting is dependent on supported languages being enabled.
 <!--/Description-->
 
 <!--ADMXBacked-->
@@ -1240,7 +1240,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy turns off the offer text predictions as I type option. This does not, however, prevent the user or an application from changing the setting programmatically.
+This policy turns off the offer text predictions as I type option. This turn off doesn't, however, prevent the user or an application from changing the setting programmatically.
 
 The offer text predictions as I type option controls whether or not text prediction suggestions will be presented to the user on the on-screen keyboard.
 
@@ -1248,7 +1248,7 @@ If the policy is Enabled, then the option will be locked to not offer text predi
 
 If the policy is Disabled or Not Configured, then the user will be free to change the setting according to their preference.
 
-Note that the availability and function of this setting is dependent on supported languages being enabled.
+The availability and function of this setting is dependent on supported languages being enabled.
 
 <!--/Description-->
 
@@ -1291,13 +1291,13 @@ ADMX Info:
 <!--Description-->
 This policy setting determines how programs interpret two-digit years.
 
-This policy setting affects only the programs that use this Windows feature to interpret two-digit years. If a program does not interpret two-digit years correctly, consult the documentation or manufacturer of the program.
+This policy setting affects only the programs that use this Windows feature to interpret two-digit years. If a program doesn't interpret two-digit years correctly, consult the documentation or manufacturer of the program.
 
 If you enable this policy setting, the system specifies the largest two-digit year interpreted as being preceded by 20. All numbers less than or equal to the specified value are interpreted as being preceded by 20. All numbers greater than the specified value are interpreted as being preceded by 19.
 
 For example, the default value, 2029, specifies that all two-digit years less than or equal to 29 (00 to 29) are interpreted as being preceded by 20, that is 2000 to 2029. Conversely, all two-digit years greater than 29 (30 to 99) are interpreted as being preceded by 19, that is, 1930 to 1999.
 
-If you disable or do not configure this policy setting, Windows does not interpret two-digit year formats using this scheme for the program.
+If you disable or don't configure this policy setting, Windows doesn't interpret two-digit year formats using this scheme for the program.
 
 <!--/Description-->
 

From d55df1c82571985694e2ee7c61c0de7908db93d0 Mon Sep 17 00:00:00 2001
From: Siddarth Mandalika <v-smandalika@microsoft.com>
Date: Fri, 11 Mar 2022 17:05:34 +0530
Subject: [PATCH 026/123] Acrolinx topology

---
 .../mdm/policy-csp-admx-grouppolicy.md        | 226 +++++++++---------
 .../mdm/policy-csp-admx-help.md               |  20 +-
 .../mdm/policy-csp-admx-icm.md                | 118 ++++-----
 .../mdm/policy-csp-admx-iis.md                |   6 +-
 .../mdm/policy-csp-admx-iscsi.md              |   2 +-
 .../mdm/policy-csp-admx-kdc.md                |  36 +--
 .../mdm/policy-csp-admx-kerberos.md           |  29 +--
 .../mdm/policy-csp-admx-lanmanserver.md       |  16 +-
 .../mdm/policy-csp-admx-lanmanworkstation.md  |  12 +-
 ...icy-csp-admx-linklayertopologydiscovery.md |   8 +-
 10 files changed, 236 insertions(+), 237 deletions(-)

diff --git a/windows/client-management/mdm/policy-csp-admx-grouppolicy.md b/windows/client-management/mdm/policy-csp-admx-grouppolicy.md
index 8213ae894c..f3e83e48f1 100644
--- a/windows/client-management/mdm/policy-csp-admx-grouppolicy.md
+++ b/windows/client-management/mdm/policy-csp-admx-grouppolicy.md
@@ -189,18 +189,18 @@ manager: dansimp
 <!--Description-->
 This policy setting allows user-based policy processing, roaming user profiles, and user object logon scripts for interactive logons across forests.
 
-This policy setting affects all user accounts that interactively log on to a computer in a different forest when a trust across forests or a two-way forest trust exists.
+This policy setting affects all user accounts that interactively sign in to a computer in a different forest when a trust across forests or a two-way forest trust exists.
 
-If you do not configure this policy setting:
+If you don't configure this policy setting:
 
 - No user-based policy settings are applied from the user's forest.
-- Users do not receive their roaming profiles; they receive a local profile on the computer from the local forest. A warning message appears to the user, and an event log message (1529) is posted.
+- Users don't receive their roaming profiles; they receive a local profile on the computer from the local forest. A warning message appears to the user, and an event log message (1529) is posted.
 - Loopback Group Policy processing is applied, using the Group Policy Objects (GPOs) that are scoped to the computer.
 - An event log message (1109) is posted, stating that loopback was invoked in Replace mode.
 
 If you enable this policy setting, the behavior is exactly the same as in Windows 2000: user policy is applied, and a roaming user profile is allowed from the trusted forest.
 
-If you disable this policy setting, the behavior is the same as if it is not configured.
+If you disable this policy setting, the behavior is the same as if it isn't configured.
 
 <!--/Description-->
 
@@ -248,11 +248,11 @@ This policy setting affects all policy settings that use the software installati
 
 This policy setting overrides customized settings that the program implementing the software installation policy set when it was installed.
 
-If you enable this policy setting, you can use the check boxes provided to change the options. If you disable or do not configure this policy setting, it has no effect on the system.
+If you enable this policy setting, you can use the check boxes provided to change the options. If you disable or don't configure this policy setting, it has no effect on the system.
 
 The "Allow processing across a slow network connection" option updates the policies even when the update is being transmitted across a slow network connection, such as a telephone line. Updates across slow connections can cause significant delays.
 
-The "Process even if the Group Policy objects have not changed" option updates and reapplies the policies even if the policies have not changed. Many policy setting implementations specify that they are updated only when changed. However, you might want to update unchanged policy settings, such as reapplying a desired policies in case a user has changed it.
+The "Process even if the Group Policy objects have not changed" option updates and reapplies the policies even if the policies haven't changed. Many policy setting implementations specify that they're updated only when changed. However, you might want to update unchanged policy settings, such as reapplying a desired policy in case a user has changed it.
 
 <!--/Description-->
 
@@ -296,17 +296,17 @@ ADMX Info:
 <!--Description-->
 This policy setting determines when disk quota policies are updated.
 
-This policy setting affects all policies that use the disk quota component of Group Policy, such as those in Computer Configuration\Administrative Templates\System\Disk Quotas.
+This policy setting affects all policies that use the disk quota component of Group Policy, such as those policies in Computer Configuration\Administrative Templates\System\Disk Quotas.
 
 This policy setting overrides customized settings that the program implementing the disk quota policy set when it was installed.
 
-If you enable this policy setting, you can use the check boxes provided to change the options. If you disable or do not configure this policy setting, it has no effect on the system.
+If you enable this policy setting, you can use the check boxes provided to change the options. If you disable or don't configure this policy setting, it has no effect on the system.
 
 The "Allow processing across a slow network connection" option updates the policies even when the update is being transmitted across a slow network connection, such as a telephone line. Updates across slow connections can cause significant delays.
 
-The "Do not apply during periodic background processing" option prevents the system from updating affected policies in the background while the computer is in use. When background updates are disabled, policy changes will not take effect until the next user logon or system restart.
+The "Do not apply during periodic background processing" option prevents the system from updating affected policies in the background while the computer is in use. When background updates are disabled, policy changes won't take effect until the next user sign in or system restart.
 
-The "Process even if the Group Policy objects have not changed" option updates and reapplies the policies even if the policies have not changed. Many policy implementations specify that they are updated only when changed. However, you might want to update unchanged policies, such as reapplying a desired setting in case a user has changed it.
+The "Process even if the Group Policy objects have not changed" option updates and reapplies the policies even if the policies haven't changed. Many policy implementations specify that they're updated only when changed. However, you might want to update unchanged policies, such as reapplying a desired setting in case a user has changed it.
 
 <!--/Description-->
 
@@ -354,13 +354,13 @@ This policy setting affects all policies that use the encryption component of Gr
 
 It overrides customized settings that the program implementing the encryption policy set when it was installed.
 
-If you enable this policy setting, you can use the check boxes provided to change the options. If you disable or do not configure this policy setting, it has no effect on the system.
+If you enable this policy setting, you can use the check boxes provided to change the options. If you disable or don't configure this policy setting, it has no effect on the system.
 
 The "Allow processing across a slow network connection" option updates the policies even when the update is being transmitted across a slow network connection, such as a telephone line. Updates across slow connections can cause significant delays.
 
-The "Do not apply during periodic background processing" option prevents the system from updating affected policies in the background while the computer is in use. When background updates are disabled, policy changes will not take effect until the next user logon or system restart.
+The "Do not apply during periodic background processing" option prevents the system from updating affected policies in the background while the computer is in use. When background updates are disabled, policy changes won't take effect until the next user sign in or system restart.
 
-The "Process even if the Group Policy objects have not changed" option updates and reapplies the policies even if the policies have not changed. Many policy implementations specify that they are updated only when changed. However, you might want to update unchanged policies, such as reapplying a desired setting in case a user has changed it.
+The "Process even if the Group Policy objects have not changed" option updates and reapplies the policies even if the policies haven't changed. Many policy implementations specify that they're updated only when changed. However, you might want to update unchanged policies, such as reapplying a desired setting in case a user has changed it.
 
 <!--/Description-->
 
@@ -404,15 +404,15 @@ ADMX Info:
 <!--Description-->
 This policy setting determines when folder redirection policies are updated.
 
-This policy setting affects all policies that use the folder redirection component of Group Policy, such as those in WindowsSettings\Folder Redirection. You can only set folder redirection policy for Group Policy objects, stored in Active Directory, not for Group Policy objects on the local computer.
+This policy setting affects all policies that use the folder redirection component of Group Policy, such as those policies in WindowsSettings\Folder Redirection. You can only set folder redirection policy for Group Policy objects, stored in Active Directory, not for Group Policy objects on the local computer.
 
 This policy setting overrides customized settings that the program implementing the folder redirection policy setting set when it was installed.
 
-If you enable this policy setting, you can use the check boxes provided to change the options. If you disable or do not configure this policy setting, it has no effect on the system.
+If you enable this policy setting, you can use the check boxes provided to change the options. If you disable or don't configure this policy setting, it has no effect on the system.
 
 The "Allow processing across a slow network connection" option updates the policies even when the update is being transmitted across a slow network connection, such as a telephone line. Updates across slow connections can cause significant delays.
 
-The "Process even if the Group Policy objects have not changed" option updates and reapplies the policies even if the policies have not changed. Many policy implementations specify that they are updated only when changed. However, you might want to update unchanged policies, such as reapplying a desired setting in case a user has changed it.
+The "Process even if the Group Policy objects have not changed" option updates and reapplies the policies even if the policies haven't changed. Many policy implementations specify that they're updated only when changed. However, you might want to update unchanged policies, such as reapplying a desired setting in case a user has changed it.
 
 <!--/Description-->
 
@@ -456,17 +456,17 @@ ADMX Info:
 <!--Description-->
 This policy setting determines when Internet Explorer Maintenance policies are updated.
 
-This policy setting affects all policies that use the Internet Explorer Maintenance component of Group Policy, such as those in Windows Settings\Internet Explorer Maintenance.
+This policy setting affects all policies that use the Internet Explorer Maintenance component of Group Policy, such as those policies in Windows Settings\Internet Explorer Maintenance.
 
 This policy setting overrides customized settings that the program implementing the Internet Explorer Maintenance policy set when it was installed.
 
-If you enable this policy setting, you can use the check boxes provided to change the options. If you disable or do not configure this policy setting, it has no effect on the system.
+If you enable this policy setting, you can use the check boxes provided to change the options. If you disable or don't configure this policy setting, it has no effect on the system.
 
 The "Allow processing across a slow network connection" option updates the policies even when the update is being transmitted across a slow network connection, such as a telephone line. Updates across slow connections can cause significant delays.
 
-The "Do not apply during periodic background processing" option prevents the system from updating affected policies in the background while the computer is in use. When background updates are disabled, policy changes will not take effect until the next user logon or system restart.
+The "Do not apply during periodic background processing" option prevents the system from updating affected policies in the background while the computer is in use. When background updates are disabled, policy changes won't take effect until the next user sign in or system restart.
 
-The "Process even if the Group Policy objects have not changed" option updates and reapplies the policies even if the policies have not changed. Many policy implementations specify that they are updated only when changed. However, you might want to update unchanged policies, such as reapplying a desired policy setting in case a user has changed it.
+The "Process even if the Group Policy objects have not changed" option updates and reapplies the policies even if the policies haven't changed. Many policy implementations specify that they're updated only when changed. However, you might want to update unchanged policies, such as reapplying a desired policy setting in case a user has changed it.
 
 <!--/Description-->
 
@@ -514,13 +514,13 @@ This policy setting affects all policies that use the IP security component of G
 
 This policy setting overrides customized settings that the program implementing the IP security policy set when it was installed.
 
-If you enable this policy setting, you can use the check boxes provided to change the options. If you disable or do not configure this policy setting, it has no effect on the system.
+If you enable this policy setting, you can use the check boxes provided to change the options. If you disable or don't configure this policy setting, it has no effect on the system.
 
 The "Allow processing across a slow network connection" option updates the policies even when the update is being transmitted across a slow network connection, such as a telephone line. Updates across slow connections can cause significant delays.
 
-The "Do not apply during periodic background processing" option prevents the system from updating affected policies in the background while the computer is in use. When background updates are disabled, policy changes will not take effect until the next user logon or system restart.
+The "Do not apply during periodic background processing" option prevents the system from updating affected policies in the background while the computer is in use. When background updates are disabled, policy changes won't take effect until the next user sign in or system restart.
 
-The "Process even if the Group Policy objects have not changed" option updates and reapplies the policies even if the policies have not changed. Many policy implementations specify that they are updated only when changed. However, you might want to update unchanged policies, such as reapplying a desired policy setting in case a user has changed it.
+The "Process even if the Group Policy objects have not changed" option updates and reapplies the policies even if the policies haven't changed. Many policy implementations specify that they're updated only when changed. However, you might want to update unchanged policies, such as reapplying a desired policy setting in case a user has changed it.
 
 <!--/Description-->
 
@@ -566,11 +566,11 @@ This policy setting determines when registry policies are updated.
 
 This policy setting affects all policies in the Administrative Templates folder and any other policies that store values in the registry. It overrides customized settings that the program implementing a registry policy set when it was installed.
 
-If you enable this policy setting, you can use the check boxes provided to change the options. If you disable or do not configure this policy setting, it has no effect on the system.
+If you enable this policy setting, you can use the check boxes provided to change the options. If you disable or don't configure this policy setting, it has no effect on the system.
 
-The "Do not apply during periodic background processing" option prevents the system from updating affected policies in the background while the computer is in use. When background updates are disabled, policy changes will not take effect until the next user logon or system restart.
+The "Do not apply during periodic background processing" option prevents the system from updating affected policies in the background while the computer is in use. When background updates are disabled, policy changes won't take effect until the next user sign in or system restart.
 
-The "Process even if the Group Policy objects have not changed" option updates and reapplies the policies even if the policies have not changed. Many policy implementations specify that they are updated only when changed. However, you might want to update unchanged policies, such as reapplying a desired policy setting in case a user has changed it.
+The "Process even if the Group Policy objects have not changed" option updates and reapplies the policies even if the policies haven't changed. Many policy implementations specify that they're updated only when changed. However, you might want to update unchanged policies, such as reapplying a desired policy setting in case a user has changed it.
 
 <!--/Description-->
 
@@ -614,15 +614,15 @@ ADMX Info:
 <!--Description-->
 This policy setting determines when policies that assign shared scripts are updated.
 
-This policy setting affects all policies that use the scripts component of Group Policy, such as those in WindowsSettings\Scripts. It overrides customized settings that the program implementing the scripts policy set when it was installed.
+This policy setting affects all policies that use the scripts component of Group Policy, such as those policies in WindowsSettings\Scripts. It overrides customized settings that the program implementing the scripts policy set when it was installed.
 
-If you enable this policy setting, you can use the check boxes provided to change the options. If you disable or do not configure this setting, it has no effect on the system.
+If you enable this policy setting, you can use the check boxes provided to change the options. If you disable or don't configure this setting, it has no effect on the system.
 
 The "Allow processing across a slow network connection" option updates the policies even when the update is being transmitted across a slow network connection, such as a telephone line. Updates across slow connections can cause significant delays.
 
-The "Do not apply during periodic background processing" option prevents the system from updating affected policies in the background while the computer is in use. When background updates are disabled, policy changes will not take effect until the next user logon or system restart.
+The "Do not apply during periodic background processing" option prevents the system from updating affected policies in the background while the computer is in use. When background updates are disabled, policy changes won't take effect until the next user sign in or system restart.
 
-The "Process even if the Group Policy objects have not changed" option updates and reapplies the policies even if the policies have not changed. Many policy implementations specify that they are updated only when changed. However, you might want to update unchanged policies, such as reapplying a desired policy setting in case a user has changed it.
+The "Process even if the Group Policy objects have not changed" option updates and reapplies the policies even if the policies haven't changed. Many policy implementations specify that they're updated only when changed. However, you might want to update unchanged policies, such as reapplying a desired policy setting in case a user has changed it.
 
 <!--/Description-->
 
@@ -666,15 +666,15 @@ ADMX Info:
 <!--Description-->
 This policy setting determines when security policies are updated.
 
-This policy setting affects all policies that use the security component of Group Policy, such as those in Windows Settings\Security Settings.
+This policy setting affects all policies that use the security component of Group Policy, such as those policies in Windows Settings\Security Settings.
 
 This policy setting overrides customized settings that the program implementing the security policy set when it was installed.
 
-If you enable this policy setting, you can use the check boxes provided to change the options. If you disable or do not configure this policy setting, it has no effect on the system.
+If you enable this policy setting, you can use the check boxes provided to change the options. If you disable or don't configure this policy setting, it has no effect on the system.
 
-The "Do not apply during periodic background processing" option prevents the system from updating affected policies in the background while the computer is in use. When background updates are disabled, policy changes will not take effect until the next user logon or system restart.
+The "Do not apply during periodic background processing" option prevents the system from updating affected policies in the background while the computer is in use. When background updates are disabled, policy changes won't take effect until the next user sign in or system restart.
 
-The "Process even if the Group Policy objects have not changed" option updates and reapplies the policies even if the policies have not changed. Many policy implementations specify that they be updated only when changed. However, you might want to update unchanged policies, such as reapplying a desired policy setting in case a user has changed it.
+The "Process even if the Group Policy objects have not changed" option updates and reapplies the policies even if the policies haven't changed. Many policy implementations specify that they be updated only when changed. However, you might want to update unchanged policies, such as reapplying a desired policy setting in case a user has changed it.
 
 <!--/Description-->
 
@@ -718,19 +718,19 @@ ADMX Info:
 <!--Description-->
 This policy setting determines when policies that assign wired network settings are updated.
 
-This policy setting affects all policies that use the wired network component of Group Policy, such as those in Windows Settings\Wired Network Policies.
+This policy setting affects all policies that use the wired network component of Group Policy, such as those policies in Windows Settings\Wired Network Policies.
 
 It overrides customized settings that the program implementing the wired network set when it was installed.
 
 If you enable this policy, you can use the check boxes provided to change the options.
 
-If you disable this setting or do not configure it, it has no effect on the system.
+If you disable this setting or don't configure it, it has no effect on the system.
 
 The "Allow processing across a slow network connection" option updates the policies even when the update is being transmitted across a slow network connection, such as a telephone line. Updates across slow connections can cause significant delays.
 
-The "Do not apply during periodic background processing" option prevents the system from updating affected policies in the background while the computer is in use. When background updates are disabled, policy changes will not take effect until the next user logon or system restart.
+The "Do not apply during periodic background processing" option prevents the system from updating affected policies in the background while the computer is in use. When background updates are disabled, policy changes won't take effect until the next user sign in or system restart.
 
-The "Process even if the Group Policy objects have not changed" option updates and reapplies the policies even if the policies have not changed. Many policy implementations specify that they are updated only when changed. However, you might want to update unchanged policies, such as reapplying a desired setting in case a user has changed it.
+The "Process even if the Group Policy objects have not changed" option updates and reapplies the policies even if the policies haven't changed. Many policy implementations specify that they're updated only when changed. However, you might want to update unchanged policies, such as reapplying a desired setting in case a user has changed it.
 
 <!--/Description-->
 
@@ -774,19 +774,19 @@ ADMX Info:
 <!--Description-->
 This policy setting determines when policies that assign wireless network settings are updated.
 
-This policy setting affects all policies that use the wireless network component of Group Policy, such as those in WindowsSettings\Wireless Network Policies.
+This policy setting affects all policies that use the wireless network component of Group Policy, such as those policies in WindowsSettings\Wireless Network Policies.
 
 It overrides customized settings that the program implementing the wireless network set when it was installed.
 
 If you enable this policy, you can use the check boxes provided to change the options.
 
-If you disable this setting or do not configure it, it has no effect on the system.
+If you disable this setting or don't configure it, it has no effect on the system.
 
 The "Allow processing across a slow network connection" option updates the policies even when the update is being transmitted across a slow network connection, such as a telephone line. Updates across slow connections can cause significant delays.
 
-The "Do not apply during periodic background processing" option prevents the system from updating affected policies in the background while the computer is in use. When background updates are disabled, policy changes will not take effect until the next user logon or system restart.
+The "Do not apply during periodic background processing" option prevents the system from updating affected policies in the background while the computer is in use. When background updates are disabled, policy changes won't take effect until the next user sign in or system restart.
 
-The "Process even if the Group Policy objects have not changed" option updates and reapplies the policies even if the policies have not changed. Many policy implementations specify that they are updated only when changed. However, you might want to update unchanged policies, such as reapplying a desired setting in case a user has changed it.
+The "Process even if the Group Policy objects have not changed" option updates and reapplies the policies even if the policies haven't changed. Many policy implementations specify that they're updated only when changed. However, you might want to update unchanged policies, such as reapplying a desired setting in case a user has changed it.
 
 <!--/Description-->
 
@@ -828,11 +828,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting specifies how long Group Policy should wait for workplace connectivity notifications during startup policy processing. If the startup policy processing is synchronous, the computer is blocked until workplace connectivity is available or the wait time is reached. If the startup policy processing is asynchronous, the computer is not blocked and policy processing will occur in the background. In either case, configuring this policy setting overrides any system-computed wait times.
+This policy setting specifies how long Group Policy should wait for workplace connectivity notifications during startup policy processing. If the startup policy processing is synchronous, the computer is blocked until workplace connectivity is available or the wait time is reached. If the startup policy processing is asynchronous, the computer isn't blocked and policy processing will occur in the background. In either case, configuring this policy setting overrides any system-computed wait times.
 
 If you enable this policy setting, Group Policy uses this administratively configured maximum wait time for workplace connectivity, and overrides any default or system-computed wait time.
 
-If you disable or do not configure this policy setting, Group Policy will use the default wait time of 60 seconds on computers running Windows operating systems greater than Windows 7 configured for workplace connectivity.
+If you disable or don't configure this policy setting, Group Policy will use the default wait time of 60 seconds on computers running Windows operating systems greater than Windows 7 configured for workplace connectivity.
 
 <!--/Description-->
 
@@ -878,12 +878,12 @@ This policy setting controls the ability of users to view their Resultant Set of
 
 By default, interactively logged on users can view their own Resultant Set of Policy (RSoP) data.
 
-If you enable this policy setting, interactive users cannot generate RSoP data.
+If you enable this policy setting, interactive users can't generate RSoP data.
 
-If you disable or do not configure this policy setting, interactive users can generate RSoP.
+If you disable or don't configure this policy setting, interactive users can generate RSoP.
 
 > [!NOTE]
-> This policy setting does not affect administrators. If you enable or disable this policy setting, by default administrators can view RSoP data.
+> This policy setting doesn't affect administrators. If you enable or disable this policy setting, by default administrators can view RSoP data.
 >
 > To view RSoP data on a client computer, use the RSoP snap-in for the Microsoft Management Console. You can launch the RSoP snap-in from the command line by typing RSOP.msc.
 >
@@ -933,12 +933,12 @@ This policy setting controls the ability of users to view their Resultant Set of
 
 By default, interactively logged on users can view their own Resultant Set of Policy (RSoP) data.
 
-If you enable this policy setting, interactive users cannot generate RSoP data.
+If you enable this policy setting, interactive users can't generate RSoP data.
 
-If you disable or do not configure this policy setting, interactive users can generate RSoP
+If you disable or don't configure this policy setting, interactive users can generate RSoP
 
 > [!NOTE]
-> This policy setting does not affect administrators. If you enable or disable this policy setting, by default administrators can view RSoP data.
+> This policy setting doesn't affect administrators. If you enable or disable this policy setting, by default administrators can view RSoP data.
 >
 > To view RSoP data on a client computer, use the RSoP snap-in for the Microsoft Management Console. You can launch the RSoP snap-in from the command line by typing RSOP.msc.
 >
@@ -1028,11 +1028,11 @@ ADMX Info:
 <!--Description-->
 Prevents the system from updating the Administrative Templates source files automatically when you open the Group Policy Object Editor.
 
-Administrators might want to use this if they are concerned about the amount of space used on the system volume of a DC.
+Administrators might want to use this option if they're concerned about the amount of space used on the system volume of a DC.
 
 By default, when you start the Group Policy Object Editor, a timestamp comparison is performed on the source files in the local %SYSTEMROOT%\inf directory and the source files stored in the GPO.
 
-If the local files are newer, they are copied into the GPO.
+If the local files are newer, they're copied into the GPO.
 
 Changing the status of this setting to Enabled will keep any source files from copying to the GPO.
 
@@ -1085,9 +1085,9 @@ ADMX Info:
 <!--Description-->
 This policy setting prevents Group Policy from being updated while the computer is in use. This policy setting applies to Group Policy for computers, users, and domain controllers.
 
-If you enable this policy setting, the system waits until the current user logs off the system before updating the computer and user settings.
+If you enable this policy setting, the system waits until the current user signs out the system before updating the computer and user settings.
 
-If you disable or do not configure this policy setting, updates can be applied while users are working. The frequency of updates is determined by the "Set Group Policy refresh interval for computers" and "Set Group Policy refresh interval for users" policy settings.
+If you disable or don't configure this policy setting, updates can be applied while users are working. The frequency of updates is determined by the "Set Group Policy refresh interval for computers" and "Set Group Policy refresh interval for users" policy settings.
 
 > [!NOTE]
 > If you make changes to this policy setting, you must restart your computer for it to take effect.
@@ -1136,12 +1136,12 @@ This policy setting prevents Local Group Policy Objects (Local GPOs) from being
 
 By default, the policy settings in Local GPOs are applied before any domain-based GPO policy settings. These policy settings can apply to both users and the local computer. You can disable the processing and application of all Local GPOs to ensure that only domain-based GPOs are applied.
 
-If you enable this policy setting, the system does not process and apply any Local GPOs.
+If you enable this policy setting, the system doesn't process and apply any Local GPOs.
 
-If you disable or do not configure this policy setting, Local GPOs continue to be applied.
+If you disable or don't configure this policy setting, Local GPOs continue to be applied.
 
 > [!NOTE]
-> For computers joined to a domain, it is strongly recommended that you only configure this policy setting  in domain-based GPOs. This policy setting will be ignored on computers that are joined to a workgroup.
+> For computers joined to a domain, it's strongly recommended that you only configure this policy setting  in domain-based GPOs. This policy setting will be ignored on computers that are joined to a workgroup.
 
 <!--/Description-->
 
@@ -1185,9 +1185,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to control a user's ability to invoke a computer policy refresh.
 
-If you enable this policy setting, users are not able to invoke a refresh of computer policy. Computer policy will still be applied at startup or when an official policy refresh occurs.
+If you enable this policy setting, users aren't able to invoke a refresh of computer policy. Computer policy will still be applied at startup or when an official policy refresh occurs.
 
-If you disable or do not configure this policy setting, the default behavior applies. By default, computer policy is applied when the computer starts up. It also applies at a specified refresh interval or when manually invoked by the user.
+If you disable or don't configure this policy setting, the default behavior applies. By default, computer policy is applied when the computer starts up. It also applies at a specified refresh interval or when manually invoked by the user.
 
 > [!NOTE]
 > This policy setting applies only to non-administrators. Administrators can still invoke a refresh of computer policy at any time, no matter how this policy setting is configured.
@@ -1241,9 +1241,9 @@ This policy setting determines whether the Windows device is allowed to particip
 
 If you enable this policy setting, the Windows device is discoverable by other Windows devices that belong to the same user, and can participate in cross-device experiences.
 
-If you disable this policy setting, the Windows device is not discoverable by other devices, and cannot participate in cross-device experiences.
+If you disable this policy setting, the Windows device isn't discoverable by other devices, and can't participate in cross-device experiences.
 
-If you do not configure this policy setting, the default behavior depends on the Windows edition. Changes to this policy take effect on reboot.
+If you don't configure this policy setting, the default behavior depends on the Windows edition. Changes to this policy take effect on reboot.
 
 <!--/Description-->
 
@@ -1287,13 +1287,13 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to configure Group Policy caching behavior.
 
-If you enable or do not configure this policy setting, Group Policy caches policy information after every background processing session. This cache saves applicable GPOs and the settings contained within them. When Group Policy runs in synchronous foreground mode, it refers to this cache, which enables it to run faster. When the cache is read, Group Policy attempts to contact a logon domain controller to determine the link speed. When Group Policy runs in background mode or asynchronous foreground mode, it continues to download the latest version of the policy information, and it uses a bandwidth estimate to determine slow link thresholds. (See the “Configure Group Policy Slow Link Detection” policy setting to configure asynchronous foreground behavior.)
+If you enable or don't configure this policy setting, Group Policy caches policy information after every background processing session. This cache saves applicable GPOs and the settings contained within them. When Group Policy runs in synchronous foreground mode, it refers to this cache, which enables it to run faster. When the cache is read, Group Policy attempts to contact a logon domain controller to determine the link speed. When Group Policy runs in background mode or asynchronous foreground mode, it continues to download the latest version of the policy information, and it uses a bandwidth estimate to determine slow link thresholds. (See the “Configure Group Policy Slow Link Detection” policy setting to configure asynchronous foreground behavior.)
 
 The slow link value that is defined in this policy setting determines how long Group Policy will wait for a response from the domain controller before reporting the link speed as slow. The default is 500 milliseconds.
 
-The timeout value that is defined in this policy setting determines how long Group Policy will wait for a response from the domain controller before determining that there is no network connectivity. This stops the current Group Policy processing. Group Policy will run in the background the next time a connection to a domain controller is established. Setting this value too high might result in longer waits for the user at boot or logon. The default is 5000 milliseconds.
+The timeout value that is defined in this policy setting determines how long Group Policy will wait for a response from the domain controller before determining that there's no network connectivity. This waiting period stops the current Group Policy processing. Group Policy will run in the background the next time a connection to a domain controller is established. Setting this value too high might result in longer waits for the user at boot or sign in. The default is 5000 milliseconds.
 
-If you disable this policy setting, the Group Policy client will not cache applicable GPOs or settings that are contained within the GPOs. When Group Policy runs synchronously, it downloads the latest version of the policy from the network and uses bandwidth estimates to determine slow link thresholds. (See the “Configure Group Policy Slow Link Detection” policy setting to configure asynchronous foreground behavior.)
+If you disable this policy setting, the Group Policy client won't cache applicable GPOs or settings that are contained within the GPOs. When Group Policy runs synchronously, it downloads the latest version of the policy from the network and uses bandwidth estimates to determine slow link thresholds. (See the “Configure Group Policy Slow Link Detection” policy setting to configure asynchronous foreground behavior.)
 
 <!--/Description-->
 
@@ -1341,9 +1341,9 @@ If you enable this policy setting, Group Policy caches policy information after
 
 The slow link value that is defined in this policy setting determines how long Group Policy will wait for a response from the domain controller before reporting the link speed as slow. The default is 500 milliseconds.
 
-The timeout value that is defined in this policy setting determines how long Group Policy will wait for a response from the domain controller before determining that there is no network connectivity. This stops the current Group Policy processing. Group Policy will run in the background the next time a connection to a domain controller is established. Setting this value too high might result in longer waits for the user at boot or logon. The default is 5000 milliseconds.
+The timeout value that is defined in this policy setting determines how long Group Policy will wait for a response from the domain controller before determining that there's no network connectivity. This waiting period stops the current Group Policy processing. Group Policy will run in the background the next time a connection to a domain controller is established. Setting this value too high might result in longer waits for the user at boot or sign in. The default is 5000 milliseconds.
 
-If you disable or do not configure this policy setting, the Group Policy client will not cache applicable GPOs or settings that are contained within the GPOs. When Group Policy runs synchronously, it downloads the latest version of the policy from the network and uses bandwidth estimates to determine slow link thresholds. (See the “Configure Group Policy Slow Link Detection” policy setting to configure asynchronous foreground behavior.)
+If you disable or don't configure this policy setting, the Group Policy client won't cache applicable GPOs or settings that are contained within the GPOs. When Group Policy runs synchronously, it downloads the latest version of the policy from the network and uses bandwidth estimates to determine slow link thresholds. (See the “Configure Group Policy Slow Link Detection” policy setting to configure asynchronous foreground behavior.)
 
 <!--/Description-->
 
@@ -1385,13 +1385,13 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy allows IT admins to turn off the ability to Link a Phone with a PC to continue reading, emailing and other tasks that requires linking between Phone and PC.
+This policy allows IT admins to turn off the ability to Link a Phone with a PC to continue reading, emailing and other tasks that require linking between Phone and PC.
 
 If you enable this policy setting, the Windows device will be able to enroll in Phone-PC linking functionality and participate in Continue on PC experiences.
 
-If you disable this policy setting, the Windows device is not allowed to be linked to Phones, will remove itself from the device list of any linked Phones, and cannot participate in Continue on PC experiences.
+If you disable this policy setting, the Windows device isn't allowed to be linked to Phones, will remove itself from the device list of any linked Phones, and can't participate in Continue on PC experiences.
 
-If you do not configure this policy setting, the default behavior depends on the Windows edition. Changes to this policy take effect on reboot.
+If you don't configure this policy setting, the default behavior depends on the Windows edition. Changes to this policy take effect on reboot.
 
 <!--/Description-->
 
@@ -1435,11 +1435,11 @@ ADMX Info:
 <!--Description-->
 This policy setting prevents administrators from viewing or using Group Policy preferences.
 
-A Group Policy administration (.adm) file can contain both true settings and preferences. True settings, which are fully supported by Group Policy, must use registry entries in the Software\Policies or Software\Microsoft\Windows\CurrentVersion\Policies registry subkeys. Preferences, which are not fully supported, use registry entries in other subkeys.
+A Group Policy administration (.adm) file can contain both true settings and preferences. True settings, which are fully supported by Group Policy, must use registry entries in the Software\Policies or Software\Microsoft\Windows\CurrentVersion\Policies registry subkeys. Preferences, which aren't fully supported, use registry entries in other subkeys.
 
-If you enable this policy setting, the "Show Policies Only" command is turned on, and administrators cannot turn it off. As a result, Group Policy Object Editor displays only true settings; preferences do not appear.
+If you enable this policy setting, the "Show Policies Only" command is turned on, and administrators can't turn it off. As a result, Group Policy Object Editor displays only true settings; preferences don't appear.
 
-If you disable or do not configure this policy setting, the "Show Policies Only" command is turned on by default, but administrators can view preferences by turning off the "Show Policies Only" command.
+If you disable or don't configure this policy setting, the "Show Policies Only" command is turned on by default, but administrators can view preferences by turning off the "Show Policies Only" command.
 
 > [!NOTE]
 > To find the "Show Policies Only" command, in Group Policy Object Editor, click the Administrative Templates folder (either one), right-click the same folder, and then point to "View."
@@ -1488,7 +1488,7 @@ ADMX Info:
 <!--Description-->
 This security feature provides a global setting to prevent programs from loading untrusted fonts. Untrusted fonts are any font installed outside of the %windir%\Fonts directory. 
 
-This feature can be configured to be in 3 modes: On, Off, and Audit. By default, it is Off and no fonts are blocked. If you aren't quite ready to deploy this feature into your organization, you can run it in Audit mode to see if blocking untrusted fonts causes any usability or compatibility issues.
+This feature can be configured to be in three modes: On, Off, and Audit. By default, it's Off and no fonts are blocked. If you aren't ready to deploy this feature into your organization, you can run it in Audit mode to see if blocking untrusted fonts causes any usability or compatibility issues.
 
 <!--/Description-->
 
@@ -1532,7 +1532,7 @@ ADMX Info:
 <!--Description-->
 This policy setting determines which domain controller the Group Policy Object Editor snap-in uses.
 
-If you enable this setting, you can which domain controller is used according to these options:
+If you enable this setting, you can know which domain controller is used according to these options:
 
 "Use the Primary Domain Controller" indicates that the Group Policy Object Editor snap-in reads and writes changes to the domain controller designated as the PDC Operations Master for the domain.
 
@@ -1540,7 +1540,7 @@ If you enable this setting, you can which domain controller is used according to
 
 "Use any available domain controller" indicates that the Group Policy Object Editor snap-in can read and write changes to any available domain controller.
 
-If you disable this setting or do not configure it, the Group Policy Object Editor snap-in uses the domain controller designated as the PDC Operations Master for the domain.
+If you disable this setting or don't configure it, the Group Policy Object Editor snap-in uses the domain controller designated as the PDC Operations Master for the domain.
 
 > [!NOTE]
 > To change the PDC Operations Master for a domain, in Active Directory Users and Computers, right-click a domain, and then click "Operations Masters."
@@ -1589,18 +1589,18 @@ This policy setting defines a slow connection for purposes of applying and updat
 
 If the rate at which data is transferred from the domain controller providing a policy update to the computers in this group is slower than the rate specified by this setting, the system considers the connection to be slow.
 
-The system's response to a slow policy connection varies among policies. The program implementing the policy can specify the response to a slow link. Also, the policy processing settings in this folder lets you override the programs' specified responses to slow links.
+The system's response to a slow policy connection varies among policies. The program implementing the policy can specify the response to a slow link. Also, the policy processing settings in this folder let you override the programs' specified responses to slow links.
 
 If you enable this setting, you can, in the "Connection speed" box, type a decimal number between 0 and 4,294,967,200, indicating a transfer rate in kilobits per second. Any connection slower than this rate is considered to be slow. If you type 0, all connections are considered to be fast.
 
-If you disable this setting or do not configure it, the system uses the default value of 500 kilobits per second.
+If you disable this setting or don't configure it, the system uses the default value of 500 kilobits per second.
 
 This setting appears in the Computer Configuration and User Configuration folders. The setting in Computer Configuration defines a slow link for policies in the Computer Configuration folder. The setting in User Configuration defines a slow link for settings in the User Configuration folder.
 
 Also, see the "Do not detect slow network connections" and related policies in Computer Configuration\Administrative Templates\System\User Profile.
 
 > [!NOTE]
-> If the profile server has IP connectivity, the connection speed setting is used. If the profile server does not have IP connectivity, the SMB timing is used.
+> If the profile server has IP connectivity, the connection speed setting is used. If the profile server doesn't have IP connectivity, the SMB timing is used.
 
 <!--/Description-->
 
@@ -1646,18 +1646,18 @@ This policy setting defines a slow connection for purposes of applying and updat
 
 If the rate at which data is transferred from the domain controller providing a policy update to the computers in this group is slower than the rate specified by this setting, the system considers the connection to be slow.
 
-The system's response to a slow policy connection varies among policies. The program implementing the policy can specify the response to a slow link. Also, the policy processing settings in this folder lets you override the programs' specified responses to slow links.
+The system's response to a slow policy connection varies among policies. The program implementing the policy can specify the response to a slow link. Also, the policy processing settings in this folder let you override the programs' specified responses to slow links.
 
 If you enable this setting, you can, in the "Connection speed" box, type a decimal number between 0 and 4,294,967,200, indicating a transfer rate in kilobits per second. Any connection slower than this rate is considered to be slow. If you type 0, all connections are considered to be fast.
 
-If you disable this setting or do not configure it, the system uses the default value of 500 kilobits per second.
+If you disable this setting or don't configure it, the system uses the default value of 500 kilobits per second.
 
 This setting appears in the Computer Configuration and User Configuration folders. The setting in Computer Configuration defines a slow link for policies in the Computer Configuration folder. The setting in User Configuration defines a slow link for settings in the User Configuration folder.
 
 Also, see the "Do not detect slow network connections" and related policies in Computer Configuration\Administrative Templates\System\User Profile. 
 
 > [!NOTE]
-> If the profile server has IP connectivity, the connection speed setting is used. If the profile server does not have IP connectivity, the SMB timing is used.
+> If the profile server has IP connectivity, the connection speed setting is used. If the profile server doesn't have IP connectivity, the SMB timing is used.
 
 <!--/Description-->
 
@@ -1705,7 +1705,7 @@ In addition to background updates, Group Policy for the computer is always updat
 
 By default, computer Group Policy is updated in the background every 90 minutes, with a random offset of 0 to 30 minutes.
 
-If you enable this setting, you can specify an update rate from 0 to 64,800 minutes (45 days). If you select 0 minutes, the computer tries to update Group Policy every 7 seconds. However, because updates might interfere with users' work and increase network traffic, very short update intervals are not appropriate for most installations.
+If you enable this setting, you can specify an update rate from 0 to 64,800 minutes (45 days). If you select 0 minutes, the computer tries to update Group Policy every 7 seconds. However, because updates might interfere with users' work and increase network traffic, very short update intervals aren't appropriate for most installations.
 
 If you disable this setting, Group Policy is updated every 90 minutes (the default). To specify that Group Policy should never be updated while the computer is in use, select the "Turn off background refresh of Group Policy" policy.
 
@@ -1713,7 +1713,7 @@ The Set Group Policy refresh interval for computers policy also lets you specify
 
 This setting establishes the update rate for computer Group Policy. To set an update rate for user policies, use the "Set Group Policy refresh interval for users" setting (located in User Configuration\Administrative Templates\System\Group Policy).
 
-This setting is only used when the "Turn off background refresh of Group Policy" setting is not enabled.
+This setting is only used when the "Turn off background refresh of Group Policy" setting isn't enabled.
 
 > [!NOTE]
 > Consider notifying users that their policy is updated periodically so that they recognize the signs of a policy update. When Group Policy is updated, the Windows desktop is refreshed; it flickers briefly and closes open menus. Also, restrictions imposed by Group Policies, such as those that limit the programs users can run, might interfere with tasks in progress.
@@ -1758,13 +1758,13 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting specifies how often Group Policy is updated on domain controllers while they are running (in the background). The updates specified by this setting occur in addition to updates performed when the system starts.
+This policy setting specifies how often Group Policy is updated on domain controllers while they're running (in the background). The updates specified by this setting occur in addition to updates performed when the system starts.
 
 By default, Group Policy on the domain controllers is updated every five minutes.
 
-If you enable this setting, you can specify an update rate from 0 to 64,800 minutes (45 days). If you select 0 minutes, the domain controller tries to update Group Policy every 7 seconds. However, because updates might interfere with users' work and increase network traffic, very short update intervals are not appropriate for most installations.
+If you enable this setting, you can specify an update rate from 0 to 64,800 minutes (45 days). If you select 0 minutes, the domain controller tries to update Group Policy every 7 seconds. However, because updates might interfere with users' work and increase network traffic, very short update intervals aren't appropriate for most installations.
 
-If you disable or do not configure this setting, the domain controller updates Group Policy every 5 minutes (the default). To specify that Group Policies for users should never be updated while the computer is in use, select the "Turn off background refresh of Group Policy" setting.
+If you disable or don't configure this setting, the domain controller updates Group Policy every 5 minutes (the default). To specify that Group Policies for users should never be updated while the computer is in use, select the "Turn off background refresh of Group Policy" setting.
 
 This setting also lets you specify how much the actual update interval varies. To prevent domain controllers with the same update interval from requesting updates simultaneously, the system varies the update interval for each controller by a random number of minutes. The number you type in the random time box sets the upper limit for the range of variance. For example, if you type 30 minutes, the system selects a variance of 0 to 30 minutes. Typing a large number establishes a broad range and makes it less likely that update requests overlap. However, updates might be delayed significantly.
 
@@ -1813,11 +1813,11 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies how often Group Policy for users is updated while the computer is in use (in the background). This setting specifies a background update rate only for the Group Policies in the User Configuration folder.
 
-In addition to background updates, Group Policy for users is always updated when users log on.
+In addition to background updates, Group Policy for users is always updated when users sign in.
 
 By default, user Group Policy is updated in the background every 90 minutes, with a random offset of 0 to 30 minutes.
 
-If you enable this setting, you can specify an update rate from 0 to 64,800 minutes (45 days). If you select 0 minutes, the computer tries to update user Group Policy every 7 seconds. However, because updates might interfere with users' work and increase network traffic, very short update intervals are not appropriate for most installations.
+If you enable this setting, you can specify an update rate from 0 to 64,800 minutes (45 days). If you select 0 minutes, the computer tries to update user Group Policy every 7 seconds. However, because updates might interfere with users' work and increase network traffic, very short update intervals aren't appropriate for most installations.
 
 If you disable this setting, user Group Policy is updated every 90 minutes (the default). To specify that Group Policy for users should never be updated while the computer is in use, select the "Turn off background refresh of Group Policy" setting.
 
@@ -1874,15 +1874,15 @@ ADMX Info:
 <!--Description-->
 Enter “0” to disable Logon Script Delay.
 
-This policy setting allows you to configure how long the Group Policy client waits after logon before running scripts.
+This policy setting allows you to configure how long the Group Policy client waits after a sign in before running scripts.
 
-By default, the Group Policy client waits five minutes before running logon scripts. This helps create a responsive desktop environment by preventing disk contention.
+By default, the Group Policy client waits 5 minutes before running logon scripts. This 5-minute wait helps create a responsive desktop environment by preventing disk contention.
 
 If you enable this policy setting, Group Policy will wait for the specified amount of time before running logon scripts.
 
-If you disable this policy setting, Group Policy will run scripts immediately after logon.
+If you disable this policy setting, Group Policy will run scripts immediately after a sign in.
 
-If you do not configure this policy setting, Group Policy will wait five minutes before running logon scripts.
+If you don't configure this policy setting, Group Policy will wait five minutes before running logon scripts.
 
 <!--/Description-->
 
@@ -1976,7 +1976,7 @@ This policy setting allows you to create new Group Policy object links in the di
 
 If you enable this setting, you can create all new Group Policy object links in the disabled state by default. After you configure and test the new object links by using a policy compliant Group Policy management tool such as  Active Directory Users and Computers or Active Directory Sites and Services, you can enable the object links for use on the system.
 
-If you disable this setting or do not configure it, new Group Policy object links are created in the enabled state. If you do not want them to be effective until they are configured and tested, you must disable the object link.
+If you disable this setting or don't configure it, new Group Policy object links are created in the enabled state. If you don't want them to be effective until they're configured and tested, you must disable the object link.
 
 <!--/Description-->
 
@@ -2020,9 +2020,9 @@ ADMX Info:
 <!--Description-->
 This policy setting lets you always use local ADM files for the Group Policy snap-in.
 
-By default, when you edit a Group Policy Object (GPO) using the Group Policy Object Editor snap-in, the ADM files are loaded from that GPO into the Group Policy Object Editor snap-in. This allows you to use the same version of the ADM files that were used to create the GPO while editing this GPO.
+By default, when you edit a Group Policy Object (GPO) using the Group Policy Object Editor snap-in, the ADM files are loaded from that GPO into the Group Policy Object Editor snap-in. This edit-option allows you to use the same version of the ADM files that were used to create the GPO while editing this GPO.
 
-This leads to the following behavior:
+This edit-option leads to the following behavior:
 
 - If you originally created the GPO with, for example, an English system, the GPO contains English ADM files.
 
@@ -2032,14 +2032,14 @@ You can change this behavior by using this setting.
 
 If you enable this setting, the Group Policy Object Editor snap-in always uses local ADM files in your %windir%\inf directory when editing GPOs.
 
-This leads to the following behavior:
+This pattern leads to the following behavior:
 
 - If you had originally created the GPO with an English system, and then you edit the GPO with a Japanese system, the Group Policy Object Editor snap-in uses the local Japanese ADM files, and you see the text in Japanese under Administrative Templates.
 
-If you disable or do not configure this setting, the Group Policy Object Editor snap-in always loads all ADM files from the actual GPO.
+If you disable or don't configure this setting, the Group Policy Object Editor snap-in always loads all ADM files from the actual GPO.
 
 > [!NOTE]
-> If the ADMs that you require are not all available locally in your %windir%\inf directory, you might not be able to see all the settings that have been configured in the GPO that you are editing.
+> If the ADMs that you require aren't all available locally in your %windir%\inf directory, you might not be able to see all the settings that have been configured in the GPO that you are editing.
 
 <!--/Description-->
 
@@ -2082,7 +2082,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This security feature provides a means to override individual process MitigationOptions settings. This can be used to enforce a number of security policies specific to applications. The application name is specified as the Value name, including extension. The Value is specified as a bit field with a series of flags in particular positions. Bits can be set to either 0 (setting is forced off), 1 (setting is forced on), or ? (setting retains its existing value prior to GPO evaluation). The recognized bit locations are:
+This security feature provides a means to override individual process MitigationOptions settings. This security feature can be used to enforce many security policies specific to applications. The application name is specified as the Value name, including extension. The Value is specified as a bit field with a series of flags in particular positions. Bits can be set to either 0 (setting is forced off), 1 (setting is forced on), or ? (setting retains its existing value prior to GPO evaluation). The recognized bit locations are:
 
 PROCESS_CREATION_MITIGATION_POLICY_DEP_ENABLE (0x00000001)
 Enables data execution prevention (DEP) for the child process
@@ -2094,7 +2094,7 @@ PROCESS_CREATION_MITIGATION_POLICY_SEHOP_ENABLE (0x00000004)
 Enables structured exception handler overwrite protection (SEHOP) for the child process. SEHOP blocks exploits that use the structured exception handler (SEH) overwrite technique.
 
 PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_ALWAYS_ON (0x00000100)
-The force Address Space Layout Randomization (ASLR) policy forcibly rebases images that are not dynamic base compatible by acting as though an image base collision happened at load time. If relocations are required, images that do not have a base relocation section will not be loaded.
+The force Address Space Layout Randomization (ASLR) policy forcibly rebases images that aren't dynamic base compatible by acting as though an image base collision happened at load time. If relocations are required, images that don't have a base relocation section won't be loaded.
 
 PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_ALWAYS_ON (0x00010000)
 PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_ALWAYS_OFF (0x00020000)
@@ -2151,7 +2151,7 @@ RSoP logs information on Group Policy settings that have been applied to the cli
 
 If you enable this setting, RSoP logging is turned off.
 
-If you disable or do not configure this setting, RSoP logging is turned on. By default, RSoP logging is always on.
+If you disable or don't configure this setting, RSoP logging is turned on. By default, RSoP logging is always on.
 
 > [!NOTE]
 > To view the RSoP information logged on a client computer, you can use the RSoP snap-in in the Microsoft Management Console (MMC).
@@ -2245,9 +2245,9 @@ When Group Policy detects the bandwidth speed of a Direct Access connection, the
 > [!NOTE]
 > When Group Policy detects a slow network connection, Group Policy will only process those client side extensions configured for processing across a slow link (slow network connection).
 
-If you enable this policy, when Group Policy cannot determine the bandwidth speed across Direct Access, Group Policy will evaluate the network connection as a fast link and process all client side extensions.
+If you enable this policy, when Group Policy can't determine the bandwidth speed across Direct Access, Group Policy will evaluate the network connection as a fast link and process all client side extensions.
 
-If you disable this setting or do not configure it, Group Policy will evaluate the network connection as a slow link and process only those client side extensions configured to process over a slow link.
+If you disable this setting or don't configure it, Group Policy will evaluate the network connection as a slow link and process only those client side extensions configured to process over a slow link.
 
 <!--/Description-->
 
@@ -2289,13 +2289,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy directs Group Policy processing to skip processing any client side extension that requires synchronous processing (that is, whether computers wait for the network to be fully initialized during computer startup and user logon) when a slow network connection is detected.
+This policy directs Group Policy processing to skip processing any client side extension that requires synchronous processing (that is, whether computers wait for the network to be fully initialized during computer startup and user sign in) when a slow network connection is detected.
 
 If you enable this policy setting, when a slow network connection is detected, Group Policy processing will always run in an asynchronous manner.
-Client computers will not wait for the network to be fully initialized at startup and logon. Existing users will be logged on using cached credentials,
-which will result in shorter logon times. Group Policy will be applied in the background after the network becomes available.
-Note that because this is a background refresh, extensions requiring synchronous processing such as Software Installation, Folder Redirection
-and Drive Maps preference extension will not be applied.
+Client computers won't wait for the network to be fully initialized at startup and sign in. Existing users will be signed in using cached credentials, which will result in shorter sign-in times. Group Policy will be applied in the background after the network becomes available.
+Because this policy setting enables a background refresh, extensions requiring synchronous processing such as Software Installation, Folder Redirection and Drive Maps preference extension won't be applied.
 
 > [!NOTE]
 > There are two conditions that will cause Group Policy to be processed synchronously even if this policy setting is enabled:
@@ -2303,7 +2301,7 @@ and Drive Maps preference extension will not be applied.
 > - 1 - At the first computer startup after the client computer has joined the domain.
 > - 2 - If the policy setting "Always wait for the network at computer startup and logon" is enabled.
 
-If you disable or do not configure this policy setting, detecting a slow network connection will not affect whether Group Policy processing will be synchronous or asynchronous.
+If you disable or don't configure this policy setting, detecting a slow network connection won't affect whether Group Policy processing will be synchronous or asynchronous.
 
 <!--/Description-->
 
@@ -2345,11 +2343,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting specifies how long Group Policy should wait for network availability notifications during startup policy processing. If the startup policy processing is synchronous, the computer is blocked until the network is available or the default wait time is reached. If the startup policy processing is asynchronous, the computer is not blocked and policy processing will occur in the background. In either case, configuring this policy setting overrides any system-computed wait times.
+This policy setting specifies how long Group Policy should wait for network availability notifications during startup policy processing. If the startup policy processing is synchronous, the computer is blocked until the network is available or the default wait time is reached. If the startup policy processing is asynchronous, the computer isn't blocked and policy processing will occur in the background. In either case, configuring this policy setting overrides any system-computed wait times.
 
 If you enable this policy setting, Group Policy will use this administratively configured maximum wait time and override any default or system-computed wait time.
 
-If you disable or do not configure this policy setting, Group Policy will use the default wait time of 30 seconds on computers running Windows Vista operating system.
+If you disable or don't configure this policy setting, Group Policy will use the default wait time of 30 seconds on computers running Windows Vista operating system.
 
 <!--/Description-->
 
@@ -2391,9 +2389,9 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting directs the system to apply the set of Group Policy objects for the computer to any user who logs on to a computer affected by this setting. It is intended for special-use computers, such as those in public places, laboratories, and classrooms, where you must modify the user setting based on the computer that is being used.
+This policy setting directs the system to apply the set of Group Policy objects for the computer to any user who signs in to a computer affected by this setting. It's intended for special-use computers, such as those in public places, laboratories, and classrooms, where you must modify the user setting based on the computer that is being used.
 
-By default, the user's Group Policy Objects determine which user settings apply. If this setting is enabled, then, when a user logs on to this computer, the computer's Group Policy Objects determine which set of Group Policy Objects applies.
+By default, the user's Group Policy Objects determine which user settings apply. If this setting is enabled, then, when a user signs in to this computer, the computer's Group Policy Objects determine which set of Group Policy Objects applies.
 
 If you enable this setting, you can select one of the following modes from the Mode box:
 
@@ -2401,7 +2399,7 @@ If you enable this setting, you can select one of the following modes from the M
 
 "Merge" indicates that the user settings defined in the computer's Group Policy Objects and the user settings normally applied to the user are combined. If the settings conflict, the user settings in the computer's Group Policy Objects take precedence over the user's normal settings.
 
-If you disable this setting or do not configure it, the user's Group Policy Objects determines which user settings apply.
+If you disable this setting or don't configure it, the user's Group Policy Objects determines which user settings apply.
 
 > [!NOTE]
 > This setting is effective only when both the computer account and the user account are in at least Windows 2000 domains.
diff --git a/windows/client-management/mdm/policy-csp-admx-help.md b/windows/client-management/mdm/policy-csp-admx-help.md
index 647e532ec1..3bdf5aa985 100644
--- a/windows/client-management/mdm/policy-csp-admx-help.md
+++ b/windows/client-management/mdm/policy-csp-admx-help.md
@@ -73,9 +73,9 @@ This policy setting allows you to exclude HTML Help Executable from being monito
 
 Data Execution Prevention (DEP) is designed to block malicious code that takes advantage of exception-handling mechanisms in Windows by monitoring your programs to make sure that they use system memory safely.
 
-If you enable this policy setting, DEP for HTML Help Executable is turned off. This will allow certain legacy ActiveX controls to function without DEP shutting down HTML Help Executable.
+If you enable this policy setting, DEP for HTML Help Executable is turned off. This turn off will allow certain legacy ActiveX controls to function without DEP shutting down HTML Help Executable.
 
-If you disable or do not configure this policy setting, DEP is turned on for HTML Help Executable. This provides an additional security benefit, but HTML Help stops if DEP detects system memory abnormalities.
+If you disable or don't configure this policy setting, DEP is turned on for HTML Help Executable. This turn on provides one more security benefit, but HTML Help stops if DEP detects system memory abnormalities.
 
 <!--/Description-->
 
@@ -117,25 +117,25 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to restrict certain HTML Help commands to function only in HTML Help (.chm) files within specified folders and their subfolders. Alternatively, you can disable these commands on the entire system. It is strongly recommended that only folders requiring administrative privileges be added to this policy setting.
+This policy setting allows you to restrict certain HTML Help commands to function only in HTML Help (.chm) files within specified folders and their subfolders. Alternatively, you can disable these commands on the entire system. It's recommended that only folders requiring administrative privileges be added to this policy setting.
 
 If you enable this policy setting, the commands function only for .chm files in the specified folders and their subfolders.
 
 To restrict the commands to one or more folders, enable the policy setting and enter the desired folders in the text box on the Settings tab of the Policy Properties dialog box. Use a semicolon to separate folders. For example, to restrict the commands to only .chm files in the %windir%\help folder and D:\somefolder, add the following string to the edit box: "%windir%\help;D:\somefolder".
 
 > [!NOTE]
-> An environment variable may be used, (for example, %windir%), as long as it is defined on the system. For example, %programfiles% is not defined on some early versions of Windows.
+> An environment variable may be used, (for example, %windir%), as long as it's defined on the system. For example, %programfiles% is not defined on some early versions of Windows.
 
 The "Shortcut" command is used to add a link to a Help topic, and runs executables that are external to the Help file. The "WinHelp" command is used to add a link to a Help topic, and runs a WinHLP32.exe Help (.hlp) file.
 
 To disallow the "Shortcut" and "WinHelp" commands on the entire local system, enable the policy setting and leave the text box on the Settings tab of the Policy Properties dialog box blank.
 
-If you disable or do not configure this policy setting, these commands are fully functional for all Help files.
+If you disable or don't configure this policy setting, these commands are fully functional for all Help files.
 
 > [!NOTE]
 > Only folders on the local computer can be specified in this policy setting. You cannot use this policy setting to enable the "Shortcut" and "WinHelp" commands for .chm files that are stored on mapped drives or accessed using UNC paths.
 
-For additional options, see the "Restrict these programs from being launched from Help" policy.
+For more options, see the "Restrict these programs from being launched from Help" policy.
 
 <!--/Description-->
 
@@ -179,9 +179,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to restrict programs from being run from online Help.
 
-If you enable this policy setting, you can prevent specified programs from being run from Help. When you enable this policy setting, enter the file names names of the programs you want to restrict, separated by commas.
+If you enable this policy setting, you can prevent specified programs from being run from Help. When you enable this policy setting, enter the file names of the programs you want to restrict, separated by commas.
 
-If you disable or do not configure this policy setting, users can run all applications from online Help.
+If you disable or don't configure this policy setting, users can run all applications from online Help.
 
 > [!NOTE]
 > You can also restrict users from running applications by using the Software Restriction Policy settings available in Computer Configuration\Security Settings.
@@ -230,9 +230,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to restrict programs from being run from online Help.
 
-If you enable this policy setting, you can prevent specified programs from being run from Help. When you enable this policy setting, enter the file names names of the programs you want to restrict, separated by commas.
+If you enable this policy setting, you can prevent specified programs from being run from Help. When you enable this policy setting, enter the file names of the programs you want to restrict, separated by commas.
 
-If you disable or do not configure this policy setting, users can run all applications from online Help.
+If you disable or don't configure this policy setting, users can run all applications from online Help.
 
 > [!NOTE]
 > You can also restrict users from running applications by using the Software Restriction Policy settings available in Computer Configuration\Security Settings.
diff --git a/windows/client-management/mdm/policy-csp-admx-icm.md b/windows/client-management/mdm/policy-csp-admx-icm.md
index 67493c8dbe..2f9b7183ac 100644
--- a/windows/client-management/mdm/policy-csp-admx-icm.md
+++ b/windows/client-management/mdm/policy-csp-admx-icm.md
@@ -135,13 +135,13 @@ manager: dansimp
 
 <!--/Scope-->
 <!--Description-->
-This policy setting turns off the Windows Customer Experience Improvement Program. The Windows Customer Experience Improvement Program collects information about your hardware configuration and how you use our software and services to identify trends and usage patterns. Microsoft will not collect your name, address, or any other personally identifiable information. There are no surveys to complete, no salesperson will call, and you can continue working without interruption. It is simple and user-friendly.
+This policy setting turns off the Windows Customer Experience Improvement Program. The Windows Customer Experience Improvement Program collects information about your hardware configuration and how you use our software and services to identify trends and usage patterns. Microsoft won't collect your name, address, or any other personally identifiable information. There are no surveys to complete, no salesperson will call, and you can continue working without interruption. It's simple and user-friendly.
 
 If you enable this policy setting, all users are opted out of the Windows Customer Experience Improvement Program.
 
 If you disable this policy setting, all users are opted into the Windows Customer Experience Improvement Program.
 
-If you do not configure this policy setting, the administrator can use the Problem Reports and Solutions component in Control Panel to enable Windows Customer Experience Improvement Program for all users.
+If you don't configure this policy setting, the administrator can use the Problem Reports and Solutions component in Control Panel to enable Windows Customer Experience Improvement Program for all users.
 
 <!--/Description-->
 
@@ -187,9 +187,9 @@ This policy setting specifies whether to automatically update root certificates
 
 Typically, a certificate is used when you use a secure website or when you send and receive secure email. Anyone can issue certificates, but to have transactions that are as secure as possible, certificates must be issued by a trusted certificate authority (CA). Microsoft has included a list in Windows XP and other products of companies and organizations that it considers trusted authorities.
 
-If you enable this policy setting, when you are presented with a certificate issued by an untrusted root authority, your computer will not contact the Windows Update website to see if Microsoft has added the CA to its list of trusted authorities.
+If you enable this policy setting, when you're presented with a certificate issued by an untrusted root authority, your computer won't contact the Windows Update website to see if Microsoft has added the CA to its list of trusted authorities.
 
-If you disable or do not configure this policy setting, your computer will contact the Windows Update website.
+If you disable or don't configure this policy setting, your computer will contact the Windows Update website.
 
 <!--/Description-->
 
@@ -233,14 +233,14 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies whether to allow printing over HTTP from this client.
 
-Printing over HTTP allows a client to print to printers on the intranet as well as the Internet.
+Printing over HTTP allows a client to print to printers on the intranet and the Internet.
 
 > [!NOTE]
-> This policy setting affects the client side of Internet printing only. It does not prevent this computer from acting as an Internet Printing server and making its shared printers available via HTTP.
+> This policy setting affects the client side of Internet printing only. It doesn't prevent this computer from acting as an Internet Printing server and making its shared printers available via HTTP.
 
 If you enable this policy setting, it prevents this client from printing to Internet printers over HTTP.
 
-If you disable or do not configure this policy setting, users can choose to print to Internet printers over HTTP.  Also, see the "Web-based printing" policy setting in Computer Configuration/Administrative Templates/Printers.
+If you disable or don't configure this policy setting, users can choose to print to Internet printers over HTTP.  Also, see the "Web-based printing" policy setting in Computer Configuration/Administrative Templates/Printers.
 
 <!--/Description-->
 
@@ -287,13 +287,13 @@ This policy setting specifies whether to allow this client to download print dri
 To set up HTTP printing, non-inbox drivers need to be downloaded over HTTP.
 
 > [!NOTE]
-> This policy setting does not prevent the client from printing to printers on the Intranet or the Internet over HTTP.
+> This policy setting doesn't prevent the client from printing to printers on the Intranet or the Internet over HTTP.
 
-It only prohibits downloading drivers that are not already installed locally.
+It only prohibits downloading drivers that aren't already installed locally.
 
-If you enable this policy setting, print drivers cannot be downloaded over HTTP.
+If you enable this policy setting, print drivers can't be downloaded over HTTP.
 
-If you disable or do not configure this policy setting, users can download print drivers over HTTP.
+If you disable or don't configure this policy setting, users can download print drivers over HTTP.
 
 <!--/Description-->
 
@@ -337,13 +337,13 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies whether Windows searches Windows Update for device drivers when no local drivers for a device are present.
 
-If you enable this policy setting, Windows Update is not searched when a new device is installed.
+If you enable this policy setting, Windows Update isn't searched when a new device is installed.
 
 If you disable this policy setting, Windows Update is always searched for drivers when no local drivers are present.
 
-If you do not configure this policy setting, searching Windows Update is optional when installing a device.
+If you don't configure this policy setting, searching Windows Update is optional when installing a device.
 
-Also see "Turn off Windows Update device driver search prompt" in "Administrative Templates/System," which governs whether an administrator is prompted before searching Windows Update for device drivers if a driver is not found locally.
+Also see "Turn off Windows Update device driver search prompt" in "Administrative Templates/System," which governs whether an administrator is prompted before searching Windows Update for device drivers if a driver isn't found locally.
 
 > [!NOTE]
 > This policy setting is replaced by "Specify Driver Source Search Order" in "Administrative Templates/System/Device Installation" on newer versions of Windows.
@@ -392,9 +392,9 @@ This policy setting specifies whether "Events.asp" hyperlinks are available for
 
 The Event Viewer normally makes all HTTP(S) URLs into hyperlinks that activate the Internet browser when clicked. In addition, "More Information" is placed at the end of the description text if the event is created by a Microsoft component. This text contains a link (URL) that, if clicked, sends information about the event to Microsoft, and allows users to learn more about why that event occurred.
 
-If you enable this policy setting, event description hyperlinks are not activated and the text "More Information" is not displayed at the end of the description.
+If you enable this policy setting, event description hyperlinks aren't activated and the text "More Information" isn't displayed at the end of the description.
 
-If you disable or do not configure this policy setting, the user can click the hyperlink, which prompts the user and then sends information about the event over the Internet to Microsoft.
+If you disable or don't configure this policy setting, the user can click the hyperlink, which prompts the user and then sends information about the event over the Internet to Microsoft.
 
 Also, see "Events.asp URL", "Events.asp program", and "Events.asp Program Command Line Parameters" settings in "Administrative Templates/Windows Components/Event Viewer".
 
@@ -444,9 +444,9 @@ This content is dynamically updated when users who are connected to the Internet
 
 If you enable this policy setting, the Help and Support Center no longer retrieves nor displays "Did you know?" content.
 
-If you disable or do not configure this policy setting, the Help and Support Center retrieves and displays "Did you know?" content.
+If you disable or don't configure this policy setting, the Help and Support Center retrieves and displays "Did you know?" content.
 
-You might want to enable this policy setting for users who do not have Internet access, because the content in the "Did you know?" section will remain static indefinitely without an Internet connection.
+You might want to enable this policy setting for users who don't have Internet access, because the content in the "Did you know?" section will remain static indefinitely without an Internet connection.
 
 <!--/Description-->
 
@@ -494,7 +494,7 @@ The Knowledge Base is an online source of technical support information and self
 
 If you enable this policy setting, it removes the Knowledge Base section from the Help and Support Center "Set search options" page, and only Help content on the local computer is searched.
 
-If you disable or do not configure this policy setting, the Knowledge Base is searched if the user has a connection to the Internet and has not disabled the Knowledge Base search from the Search Options page.
+If you disable or don't configure this policy setting, the Knowledge Base is searched if the user has a connection to the Internet and hasn't disabled the Knowledge Base search from the Search Options page.
 
 <!--/Description-->
 
@@ -538,11 +538,11 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies whether Windows can access the Internet to accomplish tasks that require Internet resources.
 
-If you enable this setting, all of the the policy settings listed in the "Internet Communication settings" section are set such that their respective features cannot access the Internet.
+If you enable this setting, all of the policy settings listed in the "Internet Communication settings" section are set such that their respective features can't access the Internet.
 
-If you disable this policy setting, all of the the policy settings listed in the "Internet Communication settings" section are set such that their respective features can access the Internet.
+If you disable this policy setting, all of the policy settings listed in the "Internet Communication settings" section are set such that their respective features can access the Internet.
 
-If you do not configure this policy setting, all of the the policy settings in the "Internet Communication settings" section are set to not configured.
+If you don't configure this policy setting, all of the policy settings in the "Internet Communication settings" section are set to not configured.
 
 <!--/Description-->
 
@@ -586,11 +586,11 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies whether Windows can access the Internet to accomplish tasks that require Internet resources.
 
-If you enable this setting, all of the the policy settings listed in the "Internet Communication settings" section are set such that their respective features cannot access the Internet.
+If you enable this setting, all of the policy settings listed in the "Internet Communication settings" section are set such that their respective features can't access the Internet.
 
-If you disable this policy setting, all of the the policy settings listed in the "Internet Communication settings" section are set such that their respective features can access the Internet.
+If you disable this policy setting, all of the policy settings listed in the "Internet Communication settings" section are set such that their respective features can access the Internet.
 
-If you do not configure this policy setting, all of the the policy settings in the "Internet Communication settings" section are set to not configured.
+If you don't configure this policy setting, all of the policy settings in the "Internet Communication settings" section are set to not configured.
 <!--/Description-->
 
 
@@ -633,9 +633,9 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies whether the Internet Connection Wizard can connect to Microsoft to download a list of Internet Service Providers (ISPs).
 
-If you enable this policy setting, the "Choose a list of Internet Service Providers" path in the Internet Connection Wizard causes the wizard to exit. This prevents users from retrieving the list of ISPs, which resides on Microsoft servers.
+If you enable this policy setting, the "Choose a list of Internet Service Providers" path in the Internet Connection Wizard causes the wizard to exit. This exit prevents users from retrieving the list of ISPs, which resides on Microsoft servers.
 
-If you disable or do not configure this policy setting, users can connect to Microsoft to download a list of ISPs for their area.
+If you disable or don't configure this policy setting, users can connect to Microsoft to download a list of ISPs for their area.
 
 <!--/Description-->
 
@@ -679,11 +679,11 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies whether the Windows Registration Wizard connects to Microsoft.com for online registration.
 
-If you enable this policy setting, it blocks users from connecting to Microsoft.com for online registration and users cannot register their copy of Windows online.
+If you enable this policy setting, it blocks users from connecting to Microsoft.com for online registration and users can't register their copy of Windows online.
 
-If you disable or do not configure this policy setting, users can connect to Microsoft.com to complete the online Windows Registration.
+If you disable or don't configure this policy setting, users can connect to Microsoft.com to complete the online Windows Registration.
 
-Note that registration is optional and involves submitting some personal information to Microsoft. However, Windows Product Activation is required but does not involve submitting any personal information (except the country/region you live in).
+Registration is optional and involves submitting some personal information to Microsoft. However, Windows Product Activation is required but doesn't involve submitting any personal information (except the country/region you live in).
 
 <!--/Description-->
 
@@ -729,9 +729,9 @@ This policy setting controls whether or not errors are reported to Microsoft.
 
 Error Reporting is used to report information about a system or application that has failed or has stopped responding and is used to improve the quality of the product.
 
-If you enable this policy setting, users are not given the option to report errors.
+If you enable this policy setting, users aren't given the option to report errors.
 
-If you disable or do not configure this policy setting, the errors may be reported to Microsoft via the Internet or to a corporate file share.
+If you disable or don't configure this policy setting, the errors may be reported to Microsoft via the Internet or to a corporate file share.
 
 This policy setting overrides any user setting made from the Control Panel for error reporting.  
 
@@ -779,9 +779,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to remove access to Windows Update.
 
-If you enable this policy setting, all Windows Update features are removed. This includes blocking access to the Windows Update website at https://windowsupdate.microsoft.com, from the Windows Update hyperlink on the Start menu, and also on the Tools menu in Internet Explorer. Windows automatic updating is also disabled; you will neither be notified about nor will you receive critical updates from Windows Update. This policy setting also prevents Device Manager from automatically installing driver updates from the Windows Update website.
+If you enable this policy setting, all Windows Update features are removed. This list of features includes blocking access to the Windows Update website at https://windowsupdate.microsoft.com, from the Windows Update hyperlink on the Start menu, and also on the Tools menu in Internet Explorer. Windows automatic updating is also disabled; you won't get notified or receive critical updates from Windows Update. This policy setting also prevents Device Manager from automatically installing driver updates from the Windows Update website.
 
-If you disable or do not configure this policy setting, users can access the Windows Update website and enable automatic updating to receive notifications and critical updates from Windows Update.
+If you disable or don't configure this policy setting, users can access the Windows Update website and enable automatic updating to receive notifications and critical updates from Windows Update.
 
 > [!NOTE]
 > This policy applies only when this PC is configured to connect to an intranet update service using the "Specify intranet Microsoft update service location" policy.
@@ -828,11 +828,11 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies whether Search Companion should automatically download content updates during local and Internet searches.
 
-When users search the local computer or the Internet, Search Companion occasionally connects to Microsoft to download an updated privacy policy and additional content files used to format and display results.
+When users search the local computer or the Internet, Search Companion occasionally connects to Microsoft to download an updated privacy policy and more content files used to format and display results.
 
-If you enable this policy setting, Search Companion does not download content updates during searches.
+If you enable this policy setting, Search Companion doesn't download content updates during searches.
 
-If you disable or do not configure this policy setting, Search Companion downloads content updates unless the user is using Classic Search.
+If you disable or don't configure this policy setting, Search Companion downloads content updates unless the user is using Classic Search.
 
 > [!NOTE]
 > Internet searches still send the search text and information about the search to Microsoft and the chosen search provider. Choosing Classic Search turns off the Search Companion feature completely.
@@ -879,11 +879,11 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies whether to use the Microsoft Web service for finding an application to open a file with an unhandled file association.
 
-When a user opens a file that has an extension that is not associated with any applications on the computer, the user is given the choice to select a local application or use the Web service to find an application.
+When a user opens a file that has an extension that isn't associated with any applications on the computer, the user is given the choice to select a local application or use the Web service to find an application.
 
 If you enable this policy setting, the link and the dialog for using the Web service to open an unhandled file association are removed.
 
-If you disable or do not configure this policy setting, the user is allowed to use the Web service.
+If you disable or don't configure this policy setting, the user is allowed to use the Web service.
 
 <!--/Description-->
 
@@ -927,11 +927,11 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies whether to use the Microsoft Web service for finding an application to open a file with an unhandled file association.
 
-When a user opens a file that has an extension that is not associated with any applications on the computer, the user is given the choice to select a local application or use the Web service to find an application.
+When a user opens a file that has an extension that isn't associated with any applications on the computer, the user is given the choice to select a local application or use the Web service to find an application.
 
 If you enable this policy setting, the link and the dialog for using the Web service to open an unhandled file association are removed.
 
-If you disable or do not configure this policy setting, the user is allowed to use the Web service.
+If you disable or don't configure this policy setting, the user is allowed to use the Web service.
 
 <!--/Description-->
 
@@ -975,11 +975,11 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies whether to use the Store service for finding an application to open a file with an unhandled file type or protocol association.
 
-When a user opens a file type or protocol that is not associated with any applications on the computer, the user is given the choice to select a local application or use the Store service to find an application.
+When a user opens a file type or protocol that isn't associated with any applications on the computer, the user is given the choice to select a local application or use the Store service to find an application.
 
 If you enable this policy setting, the "Look for an app in the Store" item in the Open With dialog is removed.
 
-If you disable or do not configure this policy setting, the user is allowed to use the Store service and the Store item is available in the Open With dialog.
+If you disable or don't configure this policy setting, the user is allowed to use the Store service and the Store item is available in the Open With dialog.
 
 <!--/Description-->
 
@@ -1023,11 +1023,11 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies whether to use the Store service for finding an application to open a file with an unhandled file type or protocol association.
 
-When a user opens a file type or protocol that is not associated with any applications on the computer, the user is given the choice to select a local application or use the Store service to find an application.
+When a user opens a file type or protocol that isn't associated with any applications on the computer, the user is given the choice to select a local application or use the Store service to find an application.
 
 If you enable this policy setting, the "Look for an app in the Store" item in the Open With dialog is removed.
 
-If you disable or do not configure this policy setting, the user is allowed to use the Store service and the Store item is available in the Open With dialog.
+If you disable or don't configure this policy setting, the user is allowed to use the Store service and the Store item is available in the Open With dialog.
 
 <!--/Description-->
 
@@ -1071,11 +1071,11 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies whether Windows should download a list of providers for the web publishing and online ordering wizards.  These wizards allow users to select from a list of companies that provide services such as online storage and photographic printing. By default, Windows displays providers downloaded from a Windows website in addition to providers specified in the registry.
 
-If you enable this policy setting, Windows does not download providers, and only the service providers that are cached in the local registry are displayed.
+If you enable this policy setting, Windows doesn't download providers, and only the service providers that are cached in the local registry are displayed.
 
-If you disable or do not configure this policy setting, a list of providers are downloaded when the user uses the web publishing or online ordering wizards.
+If you disable or don't configure this policy setting, a list of providers is downloaded when the user uses the web publishing or online ordering wizards.
 
-See the documentation for the web publishing and online ordering wizards for more information, including details on specifying service providers in the registry.
+For more information, including details on specifying service providers in the registry, see the documentation for the web publishing and online ordering wizards.
 
 <!--/Description-->
 
@@ -1121,7 +1121,7 @@ This policy setting specifies whether the "Order Prints Online" task is availabl
 
 The Order Prints Online Wizard is used to download a list of providers and allow users to order prints online.  If you enable this policy setting, the task "Order Prints Online" is removed from Picture Tasks in File Explorer folders.
 
-If you disable or do not configure this policy setting, the task is displayed.
+If you disable or don't configure this policy setting, the task is displayed.
 
 <!--/Description-->
 
@@ -1169,7 +1169,7 @@ The Order Prints Online Wizard is used to download a list of providers and allow
 
 If you enable this policy setting, the task "Order Prints Online" is removed from Picture Tasks in File Explorer folders.
 
-If you disable or do not configure this policy setting, the task is displayed.
+If you disable or don't configure this policy setting, the task is displayed.
 
 <!--/Description-->
 
@@ -1215,7 +1215,7 @@ This policy setting specifies whether the tasks "Publish this file to the Web,"
 
 The Web Publishing Wizard is used to download a list of providers and allow users to publish content to the web.
 
-If you enable this policy setting, these tasks are removed from the File and Folder tasks in Windows folders. If you disable or do not configure this policy setting, the tasks are shown.
+If you enable this policy setting, these tasks are removed from the File and Folder tasks in Windows folders. If you disable or don't configure this policy setting, the tasks are shown.
 
 <!--/Description-->
 
@@ -1263,7 +1263,7 @@ The Web Publishing Wizard is used to download a list of providers and allow user
 
 If you enable this policy setting, these tasks are removed from the File and Folder tasks in Windows folders.
 
-If you disable or do not configure this policy setting, the tasks are shown.
+If you disable or don't configure this policy setting, the tasks are shown.
 
 <!--/Description-->
 
@@ -1305,15 +1305,15 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting specifies whether Windows Messenger collects anonymous information about how Windows Messenger software and service is used.
+This policy setting specifies whether Windows Messenger collects anonymous information about how Windows Messenger software and service are used.
 
 With the Customer Experience Improvement program, users can allow Microsoft to collect anonymous information about how the product is used.
 
 This information is used to improve the product in future releases.
 
-If you enable this policy setting, Windows Messenger does not collect usage information, and the user settings to enable the collection of usage information are not shown.
+If you enable this policy setting, Windows Messenger doesn't collect usage information, and the user settings to enable the collection of usage information aren't shown.
 
-If you disable this policy setting, Windows Messenger collects anonymous usage information, and the setting is not shown.  If you do not configure this policy setting, users have the choice to opt in and allow information to be collected.
+If you disable this policy setting, Windows Messenger collects anonymous usage information, and the setting isn't shown. If you don't configure this policy setting, users have the choice to opt in and allow information to be collected.
 
 <!--/Description-->
 
@@ -1355,17 +1355,17 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting specifies whether Windows Messenger collects anonymous information about how Windows Messenger software and service is used.
+This policy setting specifies whether Windows Messenger collects anonymous information about how Windows Messenger software and service are used.
 
 With the Customer Experience Improvement program, users can allow Microsoft to collect anonymous information about how the product is used.
 
 This information is used to improve the product in future releases.
 
-If you enable this policy setting, Windows Messenger does not collect usage information, and the user settings to enable the collection of usage information are not shown.
+If you enable this policy setting, Windows Messenger doesn't collect usage information, and the user settings to enable the collection of usage information aren't shown.
 
-If you disable this policy setting, Windows Messenger collects anonymous usage information, and the setting is not shown.
+If you disable this policy setting, Windows Messenger collects anonymous usage information, and the setting isn't shown.
 
-If you do not configure this policy setting, users have the choice to opt in and allow information to be collected.
+If you don't configure this policy setting, users have the choice to opt in and allow information to be collected.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-iis.md b/windows/client-management/mdm/policy-csp-admx-iis.md
index addcae962e..424b4a38f2 100644
--- a/windows/client-management/mdm/policy-csp-admx-iis.md
+++ b/windows/client-management/mdm/policy-csp-admx-iis.md
@@ -62,11 +62,11 @@ manager: dansimp
 <!--Description-->
 This policy setting prevents installation of Internet Information Services (IIS) on this computer. 
 
-- If you enable this policy setting, Internet Information Services (IIS) cannot be installed, and you will not be able to install Windows components or applications that require IIS. Users installing Windows components or applications that require IIS might not receive a warning that IIS cannot be installed because of this Group Policy setting. 
+- If you enable this policy setting, Internet Information Services (IIS) can't be installed, and you'll not be able to install Windows components or applications that require IIS. Users installing Windows components or applications that require IIS might not receive a warning that IIS can't be installed because of this Group Policy setting. 
 
-Enabling this setting will not have any effect on IIS if IIS is already installed on the computer. 
+Enabling this setting won't have any effect on IIS if IIS is already installed on the computer. 
 
-- If you disable or do not configure this policy setting, IIS can be installed, as well as all the programs and applications that require IIS to run."
+- If you disable or don't configure this policy setting, IIS can be installed, and all the programs and applications that require IIS to run."
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-iscsi.md b/windows/client-management/mdm/policy-csp-admx-iscsi.md
index b15ce97b66..c9465d3231 100644
--- a/windows/client-management/mdm/policy-csp-admx-iscsi.md
+++ b/windows/client-management/mdm/policy-csp-admx-iscsi.md
@@ -154,7 +154,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-If enabled then do not allow the initiator CHAP secret to be changed. 
+If enabled then don't allow the initiator CHAP secret to be changed. 
 
 If disabled then the initiator CHAP secret may be changed.
 
diff --git a/windows/client-management/mdm/policy-csp-admx-kdc.md b/windows/client-management/mdm/policy-csp-admx-kdc.md
index f1bcc844ef..1173ca86f8 100644
--- a/windows/client-management/mdm/policy-csp-admx-kdc.md
+++ b/windows/client-management/mdm/policy-csp-admx-kdc.md
@@ -79,18 +79,18 @@ This policy setting allows you to configure a domain controller to support claim
 
 If you enable this policy setting, client computers that support claims and compound authentication for Dynamic Access Control and are Kerberos armor-aware will use this feature for Kerberos authentication messages. This policy should be applied to all domain controllers to ensure consistent application of this policy in the domain. 
 
-If you disable or do not configure this policy setting, the domain controller does not support claims, compound authentication or armoring.
+If you disable or don't configure this policy setting, the domain controller doesn't support claims, compound authentication or armoring.
 
-If you configure the "Not supported" option, the domain controller does not support claims, compound authentication or armoring which is the default behavior for domain controllers running Windows Server 2008 R2 or earlier operating systems.
+If you configure the "Not supported" option, the domain controller doesn't support claims, compound authentication or armoring, which is the default behavior for domain controllers running Windows Server 2008 R2 or earlier operating systems.
 
 > [!NOTE]
-> For the following options of this KDC policy to be effective, the Kerberos Group Policy "Kerberos client support for claims, compound authentication and Kerberos armoring" must be enabled on supported systems. If the Kerberos policy setting is not enabled, Kerberos authentication messages will not use these features.  
+> For the following options of this KDC policy to be effective, the Kerberos Group Policy "Kerberos client support for claims, compound authentication and Kerberos armoring" must be enabled on supported systems. If the Kerberos policy setting isn't enabled, Kerberos authentication messages won't use these features.  
 
 If you configure "Supported", the domain controller supports claims, compound authentication and Kerberos armoring. The domain controller advertises to Kerberos client computers that the domain is capable of claims and compound authentication for Dynamic Access Control and Kerberos armoring. 
 
 **Domain functional level requirements**
 
-For the options "Always provide claims" and "Fail unarmored authentication requests", when the domain functional level is set to Windows Server 2008 R2 or earlier then domain controllers behave as if the "Supported" option is selected. 
+For the options "Always provide claims" and "Fail unarmored authentication requests", when the domain functional level is set to Windows Server 2008 R2 or earlier, then domain controllers behave as if the "Supported" option is selected. 
 
 When the domain functional level is set to Windows Server 2012 then the domain controller advertises to Kerberos client computers that the domain is capable of claims and compound authentication for Dynamic Access Control and Kerberos armoring, and:
 
@@ -98,15 +98,15 @@ When the domain functional level is set to Windows Server 2012 then the domain c
 - If you set the "Fail unarmored authentication requests" option, rejects unarmored Kerberos messages.
 
 > [!WARNING]
-> When "Fail unarmored authentication requests" is set, then client computers which do not support Kerberos armoring will fail to authenticate to the domain controller.
+> When "Fail unarmored authentication requests" is set, then client computers which don't support Kerberos armoring will fail to authenticate to the domain controller.
 
 To ensure this feature is effective, deploy enough domain controllers that support claims and compound authentication for Dynamic Access Control and are Kerberos armor-aware to handle the authentication requests. Insufficient number of domain controllers that support this policy result in authentication failures whenever Dynamic Access Control or Kerberos armoring is required (that is, the "Supported" option is enabled).
 
 Impact on domain controller performance when this policy setting is enabled:
 
-- Secure Kerberos domain capability discovery is required resulting in additional message exchanges.
-- Claims and compound authentication for Dynamic Access Control increases the size and complexity of the data in the message which results in more processing time and greater Kerberos service ticket size.
-- Kerberos armoring fully encrypts Kerberos messages and signs Kerberos errors which results in increased processing time, but does not change the service ticket size.
+- Secure Kerberos domain capability discovery is required, resulting in more message exchanges.
+- Claims and compound authentication for Dynamic Access Control increase the size and complexity of the data in the message, which results in more processing time and greater Kerberos service ticket size.
+- Kerberos armoring fully encrypts Kerberos messages and signs Kerberos errors, which results in increased processing time, but doesn't change the service ticket size.
 
 <!--/Description-->
 
@@ -150,9 +150,9 @@ ADMX Info:
 <!--Description-->
 This policy setting defines the list of trusting forests that the Key Distribution Center (KDC) searches when attempting to resolve two-part service principal names (SPNs).
 
-If you enable this policy setting, the KDC will search the forests in this list if it is unable to resolve a two-part SPN in the local forest. The forest search is performed by using a global catalog or name suffix hints. If a match is found, the KDC will return a referral ticket to the client for the appropriate domain.
+If you enable this policy setting, the KDC will search the forests in this list if it's unable to resolve a two-part SPN in the local forest. The forest search is performed by using a global catalog or name suffix hints. If a match is found, the KDC will return a referral ticket to the client for the appropriate domain.
 
-If you disable or do not configure this policy setting, the KDC will not search the listed forests to resolve the SPN. If the KDC is unable to resolve the SPN because the name is not found, NTLM authentication might be used.
+If you disable or don't configure this policy setting, the KDC won't search the listed forests to resolve the SPN. If the KDC is unable to resolve the SPN because the name isn't found, NTLM authentication might be used.
 
 To ensure consistent behavior, this policy setting must be supported and set identically on all domain controllers in the domain.
 
@@ -196,7 +196,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Support for PKInit Freshness Extension requires Windows Server 2016 domain functional level (DFL). If the domain controller’s domain is not at Windows Server 2016 DFL or higher this policy will not be applied.
+Support for PKInit Freshness Extension requires Windows Server 2016 domain functional level (DFL). If the domain controller’s domain isn't at Windows Server 2016 DFL or higher, this policy won't be applied.
 
 This policy setting allows you to configure a domain controller (DC) to support the PKInit Freshness Extension.
 
@@ -204,7 +204,7 @@ If you enable this policy setting, the following options are supported:
 
 Supported: PKInit Freshness Extension is supported on request. Kerberos clients successfully authenticating with the PKInit Freshness Extension will get the fresh public key identity SID.
 
-Required: PKInit Freshness Extension is required for successful authentication. Kerberos clients which do not support the PKInit Freshness Extension will always fail when using public key credentials.
+Required: PKInit Freshness Extension is required for successful authentication. Kerberos clients that don't support the PKInit Freshness Extension will always fail when using public key credentials.
 
 If you disable or not configure this policy setting, then the DC will never offer the PKInit Freshness Extension and  accept valid authentication requests without checking for freshness. Users will never receive the fresh public key identity SID.
 
@@ -255,7 +255,7 @@ This policy setting allows you to configure a domain controller to request compo
 
 If you enable this policy setting, domain controllers will request compound authentication. The returned service ticket will contain compound authentication only when the account is explicitly configured. This policy should be applied to all domain controllers to ensure consistent application of this policy in the domain. 
 
-If you disable or do not configure this policy setting, domain controllers will return service tickets that contain compound authentication any time the client sends a compound authentication request regardless of the account configuration.
+If you disable or don't configure this policy setting, domain controllers will return service tickets that contain compound authentication anytime the client sends a compound authentication request regardless of the account configuration.
 
 <!--/Description-->
 
@@ -299,9 +299,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to configure at what size Kerberos tickets will trigger the warning event issued during Kerberos authentication. The ticket size warnings are logged in the System log.
 
-If you enable this policy setting, you can set the threshold limit for Kerberos ticket which trigger the warning events. If set too high, then authentication failures might be occurring even though warning events are not being logged. If set too low, then there will be too many ticket warnings in the log to be useful for analysis. This value should be set to the same value as the Kerberos policy "Set maximum Kerberos SSPI context token buffer size" or the smallest MaxTokenSize used in your environment if you are not configuring using Group Policy.
+If you enable this policy setting, you can set the threshold limit for Kerberos ticket, which triggers the warning events. If set too high, then authentication failures might be occurring even though warning events aren't being logged. If set too low, then there will be too many ticket warnings in the log to be useful for analysis. This value should be set to the same value as the Kerberos policy "Set maximum Kerberos SSPI context token buffer size" or the smallest MaxTokenSize used in your environment if you aren't configuring using Group Policy.
 
-If you disable or do not configure this policy setting, the threshold value defaults to 12,000 bytes, which is the default Kerberos MaxTokenSize for Windows 7, Windows Server 2008 R2 and prior versions.
+If you disable or don't configure this policy setting, the threshold value defaults to 12,000 bytes, which is the default Kerberos MaxTokenSize for Windows 7, Windows Server 2008 R2 and prior versions.
 
 <!--/Description-->
 
@@ -347,12 +347,12 @@ This policy setting controls whether the domain controller provides information
 
 If you enable this policy setting, the domain controller provides the information message about previous logons.
 
-For Windows Logon to leverage this feature, the "Display information about previous logons during user logon" policy setting located in the Windows Logon Options node under Windows Components also needs to be enabled.
+For Windows Logon to use this feature, the "Display information about previous logons during user logon" policy setting located in the Windows Logon Options node under Windows Components also needs to be enabled.
 
-If you disable or do not configure this policy setting, the domain controller does not provide information about previous logons unless the "Display information about previous logons during user logon" policy setting is enabled.
+If you disable or don't configure this policy setting, the domain controller doesn't provide information about previous logons unless the "Display information about previous logons during user logon" policy setting is enabled.
 
 > [!NOTE]
-> Information about previous logons is provided only if the domain functional level is Windows Server 2008. In domains with a domain functional level of Windows Server 2003, Windows 2000 native, or Windows 2000 mixed, domain controllers cannot provide information about previous logons, and enabling this policy setting does not affect anything.
+> Information about previous logons is provided only if the domain functional level is Windows Server 2008. In domains with a domain functional level of Windows Server 2003, Windows 2000 native, or Windows 2000 mixed, domain controllers cannot provide information about previous logons, and enabling this policy setting doesn't affect anything.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-kerberos.md b/windows/client-management/mdm/policy-csp-admx-kerberos.md
index f87e1c15d3..998eb8189d 100644
--- a/windows/client-management/mdm/policy-csp-admx-kerberos.md
+++ b/windows/client-management/mdm/policy-csp-admx-kerberos.md
@@ -88,7 +88,7 @@ This policy setting controls whether a device always sends a compound authentica
 
 If you enable this policy setting and the resource domain requests compound authentication, devices that support compound authentication always send a compound authentication request. 
 
-If you disable or do not configure this policy setting and the resource domain requests compound authentication, devices will send a non-compounded authentication request first then a compound authentication request when the service requests compound authentication.
+If you disable or don't configure this policy setting and the resource domain requests compound authentication, devices will send a non-compounded authentication request first then a compound authentication request when the service requests compound authentication.
 
 <!--/Description-->
 
@@ -130,18 +130,18 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Support for device authentication using certificate will require connectivity to a DC in the device account domain which supports certificate authentication for computer accounts.
+Support for device authentication using certificate will require connectivity to a DC in the device account domain that supports certificate authentication for computer accounts.
 
 This policy setting allows you to set support for Kerberos to attempt authentication using the certificate for the device to the domain.
 
 If you enable this policy setting, the device's credentials will be selected based on the following options:
 
-- Automatic: Device will attempt to authenticate using its certificate. If the DC does not support computer account authentication using certificates then authentication with password will be attempted.
-- Force: Device will always authenticate using its certificate. If a DC cannot be found which support computer account authentication using certificates then authentication will fail.
+- Automatic: Device will attempt to authenticate using its certificate. If the DC doesn't support computer account authentication using certificates, then authentication with password will be attempted.
+- Force: Device will always authenticate using its certificate. If a DC can't be found which support computer account authentication using certificates, then authentication will fail.
 
 If you disable this policy setting, certificates will never be used.
 
-If you do not configure this policy setting, Automatic will be used.
+If you don't configure this policy setting, Automatic will be used.
 
 <!--/Description-->
 
@@ -189,7 +189,7 @@ If you enable this policy setting, you can view and change the list of DNS host
 
 If you disable this policy setting, the host name-to-Kerberos realm mappings list defined by Group Policy is deleted.
 
-If you do not configure this policy setting, the system uses the host name-to-Kerberos realm mappings that are defined in the local registry, if they exist.
+If you don't configure this policy setting, the system uses the host name-to-Kerberos realm mappings that are defined in the local registry, if they exist.
 
 <!--/Description-->
 
@@ -234,9 +234,10 @@ ADMX Info:
 This policy setting allows you to disable revocation check for the SSL certificate of the targeted KDC proxy server.
 
 If you enable this policy setting, revocation check for the SSL certificate of the KDC proxy server is ignored by the Kerberos client. This policy setting should only be used in troubleshooting KDC proxy connections. 
-Warning: When revocation check is ignored, the server represented by the certificate is not guaranteed valid. 
+> [!WARNING]
+> When revocation check is ignored, the server represented by the certificate isn't guaranteed valid.
 
-If you disable or do not configure this policy setting, the Kerberos client enforces the revocation check for the SSL certificate. The connection to the KDC proxy server is not established if the revocation check fails.
+If you disable or don't configure this policy setting, the Kerberos client enforces the revocation check for the SSL certificate. The connection to the KDC proxy server isn't established if the revocation check fails.
 
 <!--/Description-->
 
@@ -280,9 +281,9 @@ ADMX Info:
 <!--Description-->
 This policy setting configures the Kerberos client's mapping to KDC proxy servers for domains based on their DNS suffix names.
 
-If you enable this policy setting, the Kerberos client will use the KDC proxy server for a domain when a domain controller cannot be located based on the configured mappings. To map a KDC proxy server to a domain, enable the policy setting, click Show, and then map the KDC proxy server name(s) to the DNS name for the domain using the syntax described in the options pane. In the Show Contents dialog box in the Value Name column, type a DNS suffix name. In the Value column, type the list of proxy servers using the appropriate syntax format. To view the list of mappings, enable the policy setting and then click the Show button. To remove a mapping from the list, click the mapping entry to be removed, and then press the DELETE key. To edit a mapping, remove the current entry from the list and add a new one with different parameters.
+If you enable this policy setting, the Kerberos client will use the KDC proxy server for a domain when a domain controller can't be located based on the configured mappings. To map a KDC proxy server to a domain, enable the policy setting, click Show, and then map the KDC proxy server name(s) to the DNS name for the domain using the syntax described in the options pane. In the Show Contents dialog box in the Value Name column, type a DNS suffix name. In the Value column, type the list of proxy servers using the appropriate syntax format. To view the list of mappings, enable the policy setting and then click the Show button. To remove a mapping from the list, click the mapping entry to be removed, and then press the DELETE key. To edit a mapping, remove the current entry from the list and add a new one with different parameters.
 
-If you disable or do not configure this policy setting, the Kerberos client does not have KDC proxy servers settings defined by Group Policy.
+If you disable or don't configure this policy setting, the Kerberos client doesn't have KDC proxy servers settings defined by Group Policy.
 
 <!--/Description-->
 
@@ -330,7 +331,7 @@ If you enable this policy setting, you can view and change the list of interoper
 
 If you disable this policy setting, the interoperable Kerberos V5 realm settings defined by Group Policy are deleted.
 
-If you do not configure this policy setting, the system uses the interoperable Kerberos V5 realm settings that are defined in the local registry, if they exist.
+If you don't configure this policy setting, the system uses the interoperable Kerberos V5 realm settings that are defined in the local registry, if they exist.
 
 <!--/Description-->
 
@@ -374,7 +375,7 @@ ADMX Info:
 <!--Description-->
 This policy setting controls configuring the device's Active Directory account for compound authentication.
 
-Support for providing compound authentication which is used for access control will require enough domain controllers in the resource account domains to support the requests. The Domain Administrator must configure the policy "Support Dynamic Access Control and Kerberos armoring" on all the domain controllers to support this policy.
+Support for providing compound authentication that is used for access control will require enough domain controllers in the resource account domains to support the requests. The Domain Administrator must configure the policy "Support Dynamic Access Control and Kerberos armoring" on all the domain controllers to support this policy.
 
 If you enable this policy setting, the device's Active Directory account will be configured for compound authentication by the following options:
 
@@ -384,7 +385,7 @@ If you enable this policy setting, the device's Active Directory account will be
 
 If you disable this policy setting, Never will be used.
 
-If you do not configure this policy setting, Automatic will be used.
+If you don't configure this policy setting, Automatic will be used.
 
 <!--/Description-->
 
@@ -430,7 +431,7 @@ This policy setting allows you to configure this server so that Kerberos can dec
 
 If you enable this policy setting, only services running as LocalSystem or NetworkService are allowed to accept these connections. Services running as identities different from LocalSystem or NetworkService might fail to authenticate.
 
-If you disable or do not configure this policy setting, any service is allowed to accept incoming connections by using this system-generated SPN.
+If you disable or don't configure this policy setting, any service is allowed to accept incoming connections by using this system-generated SPN.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-lanmanserver.md b/windows/client-management/mdm/policy-csp-admx-lanmanserver.md
index 92155a01ef..a905d94c9a 100644
--- a/windows/client-management/mdm/policy-csp-admx-lanmanserver.md
+++ b/windows/client-management/mdm/policy-csp-admx-lanmanserver.md
@@ -73,7 +73,7 @@ This policy setting determines the cipher suites used by the SMB server.
 
 If you enable this policy setting, cipher suites are prioritized in the order specified.
 
-If you enable this policy setting and do not specify at least one supported cipher suite, or if you disable or do not configure this policy setting, the default cipher suite order is used.
+If you enable this policy setting and don't specify at least one supported cipher suite, or if you disable or don't configure this policy setting, the default cipher suite order is used.
 
 SMB 3.11 cipher suites:  
 
@@ -139,9 +139,9 @@ This policy setting specifies whether a hash generation service generates hashes
 
 Policy configuration
 
-Select one of the following:
+Select one of the following options:
 
-- Not Configured. With this selection, hash publication settings are not applied to file servers. In the circumstance where file servers are domain members but you do not want to enable BranchCache on all file servers, you can specify Not Configured for this domain Group Policy setting, and then configure local machine policy to enable BranchCache on individual file servers. Because the domain Group Policy setting is not configured, it will not over-write the enabled setting that you use on individual servers where you want to enable BranchCache.
+- Not Configured. With this selection, hash publication settings aren't applied to file servers. In the circumstance where file servers are domain members but you don't want to enable BranchCache on all file servers, you can specify Not Configured for this domain Group Policy setting, and then configure local machine policy to enable BranchCache on individual file servers. Because the domain Group Policy setting isn't configured, it will not over-write the enabled setting that you use on individual servers where you want to enable BranchCache.
 - Enabled. With this selection, hash publication is turned on for all file servers where Group Policy is applied. For example, if Hash Publication for BranchCache is enabled in domain Group Policy, hash publication is turned on for all domain member file servers to which the policy is applied. The file servers are then able to create content information for all content that is stored in BranchCache-enabled file shares.
 - Disabled. With this selection, hash publication is turned off for all file servers where Group Policy is applied.
 
@@ -149,7 +149,7 @@ In circumstances where this policy setting is enabled, you can also select the f
 
 - Allow hash publication for all shared folders. With this option, BranchCache generates content information for all content in all shares on the file server.
 - Allow hash publication only for shared folders on which BranchCache is enabled. With this option, content information is generated only for shared folders on which BranchCache is enabled. If you use this setting, you must enable BranchCache for individual shares in Share and Storage Management on the file server.
-- Disallow hash publication on all shared folders. With this option, BranchCache does not generate content information for any shares on the computer and does not send content information to client computers that request content.
+- Disallow hash publication on all shared folders. With this option, BranchCache doesn't generate content information for any shares on the computer and doesn't send content information to client computers that request content.
 
 <!--/Description-->
 
@@ -197,13 +197,13 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies whether the BranchCache hash generation service supports version 1 (V1) hashes, version 2 (V2) hashes, or both V1 and V2 hashes. Hashes, also called content information, are created based on the data in shared folders where BranchCache is enabled. 
 
-If you specify only one version that is supported, content information for that version is the only type that is generated by BranchCache, and it is the only type of content information that can be retrieved by client computers. For example, if you enable support for V1 hashes, BranchCache generates only V1 hashes and client computers can retrieve only V1 hashes.
+If you specify only one version that is supported, content information for that version is the only type that is generated by BranchCache, and it's the only type of content information that can be retrieved by client computers. For example, if you enable support for V1 hashes, BranchCache generates only V1 hashes and client computers can retrieve only V1 hashes.
 
 Policy configuration
 
-Select one of the following:
+Select one of the following options:
 
-- Not Configured. With this selection, BranchCache settings are not applied to client computers by this policy setting. In this circumstance, which is the default, both V1 and V2 hash generation and retrieval are supported.
+- Not Configured. With this selection, BranchCache settings aren't applied to client computers by this policy setting. In this circumstance, which is the default, both V1 and V2 hash generation and retrieval are supported.
 - Enabled. With this selection, the policy setting is applied and the hash version(s) that are specified in "Hash version supported" are generated and retrieved.
 - Disabled. With this selection, both V1 and V2 hash generation and retrieval are supported.
 
@@ -259,7 +259,7 @@ This policy setting determines how the SMB server selects a cipher suite when ne
 
 If you enable this policy setting, the SMB server will select the cipher suite it most prefers from the list of client-supported cipher suites, ignoring the client's preferences.
 
-If you disable or do not configure this policy setting, the SMB server will select the cipher suite the client most prefers from the list of server-supported cipher suites.
+If you disable or don't configure this policy setting, the SMB server will select the cipher suite the client most prefers from the list of server-supported cipher suites.
 
 > [!NOTE]
 > When configuring this security setting, changes will not take effect until you restart Windows.
diff --git a/windows/client-management/mdm/policy-csp-admx-lanmanworkstation.md b/windows/client-management/mdm/policy-csp-admx-lanmanworkstation.md
index c85abbdff3..8fcfe9af1e 100644
--- a/windows/client-management/mdm/policy-csp-admx-lanmanworkstation.md
+++ b/windows/client-management/mdm/policy-csp-admx-lanmanworkstation.md
@@ -70,7 +70,7 @@ This policy setting determines the cipher suites used by the SMB client.
 
 If you enable this policy setting, cipher suites are prioritized in the order specified.
 
-If you enable this policy setting and do not specify at least one supported cipher suite, or if you disable or do not configure this policy setting, the default cipher suite order is used.
+If you enable this policy setting and don't specify at least one supported cipher suite, or if you disable or don't configure this policy setting, the default cipher suite order is used.
 
 SMB 3.11 cipher suites:
 
@@ -135,12 +135,12 @@ ADMX Info:
 <!--Description-->
 This policy setting determines the behavior of SMB handle caching for clients connecting to an SMB share where the Continuous Availability (CA) flag is enabled.
 
-If you enable this policy setting, the SMB client will allow cached handles to files on CA shares. This may lead to better performance when repeatedly accessing a large number of unstructured data files on CA shares running in Microsoft Azure Files.
+If you enable this policy setting, the SMB client will allow cached handles to files on CA shares. This provision may lead to better performance when repeatedly accessing a large number of unstructured data files on CA shares running in Microsoft Azure Files.
 
-If you disable or do not configure this policy setting, Windows will prevent use of cached handles to files opened through CA shares.
+If you disable or don't configure this policy setting, Windows will prevent use of cached handles to files opened through CA shares.
 
 > [!NOTE]
-> This policy has no effect when connecting Scale-out File Server shares provided by a Windows Server. Microsoft does not recommend enabling this policy for clients that routinely connect to files hosted on a Windows Failover Cluster with the File Server for General Use role, as it can lead to adverse failover times and increased memory and CPU usage.
+> This policy has no effect when connecting Scale-out File Server shares provided by a Windows Server. Microsoft doesn't recommend enabling this policy for clients that routinely connect to files hosted on a Windows Failover Cluster with the File Server for General Use role, as it can lead to adverse failover times and increased memory and CPU usage.
 
 <!--/Description-->
 
@@ -186,10 +186,10 @@ This policy setting determines the behavior of Offline Files on clients connecti
 
 If you enable this policy setting, the "Always Available offline" option will appear in the File Explorer menu on a Windows computer when connecting to a CA-enabled share. Pinning of files on CA-enabled shares using client-side caching will also be possible.
 
-If you disable or do not configure this policy setting, Windows will prevent use of Offline Files with CA-enabled shares.
+If you disable or don't configure this policy setting, Windows will prevent use of Offline Files with CA-enabled shares.
 
 > [!NOTE]
-> Microsoft does not recommend enabling this group policy. Use of CA with Offline Files will lead to very long transition times between the online and offline states.
+> Microsoft doesn't recommend enabling this group policy. Use of CA with Offline Files will lead to very long transition times between the online and offline states.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-linklayertopologydiscovery.md b/windows/client-management/mdm/policy-csp-admx-linklayertopologydiscovery.md
index 0f473f45a4..841a1b47a1 100644
--- a/windows/client-management/mdm/policy-csp-admx-linklayertopologydiscovery.md
+++ b/windows/client-management/mdm/policy-csp-admx-linklayertopologydiscovery.md
@@ -67,9 +67,9 @@ This policy setting changes the operational behavior of the Mapper I/O network p
 
 LLTDIO allows a computer to discover the topology of a network it's connected to. It also allows a computer to initiate Quality-of-Service requests such as bandwidth estimation and network health analysis.
 
-If you enable this policy setting, additional options are available to fine-tune your selection. You may choose the "Allow operation while in domain" option to allow LLTDIO to operate on a network interface that's connected to a managed network. On the other hand, if a network interface is connected to an unmanaged network, you may choose the "Allow operation while in public network" and "Prohibit operation while in private network" options instead.
+If you enable this policy setting, more options are available to fine-tune your selection. You may choose the "Allow operation while in domain" option to allow LLTDIO to operate on a network interface that's connected to a managed network. On the other hand, if a network interface is connected to an unmanaged network, you may choose the "Allow operation while in public network" and "Prohibit operation while in private network" options instead.
 
-If you disable or do not configure this policy setting, the default behavior of LLTDIO will apply.
+If you disable or don't configure this policy setting, the default behavior of LLTDIO will apply.
 
 <!--/Description-->
 
@@ -115,9 +115,9 @@ This policy setting changes the operational behavior of the Responder network pr
 
 The Responder allows a computer to participate in Link Layer Topology Discovery requests so that it can be discovered and located on the network. It also allows a computer to participate in Quality-of-Service activities such as bandwidth estimation and network health analysis.
 
-If you enable this policy setting, additional options are available to fine-tune your selection. You may choose the "Allow operation while in domain" option to allow the Responder to operate on a network interface that's connected to a managed network. On the other hand, if a network interface is connected to an unmanaged network, you may choose the "Allow operation while in public network" and "Prohibit operation while in private network" options instead.
+If you enable this policy setting, more options are available to fine-tune your selection. You may choose the "Allow operation while in domain" option to allow the Responder to operate on a network interface that's connected to a managed network. On the other hand, if a network interface is connected to an unmanaged network, you may choose the "Allow operation while in public network" and "Prohibit operation while in private network" options instead.
 
-If you disable or do not configure this policy setting, the default behavior for the Responder will apply.
+If you disable or don't configure this policy setting, the default behavior for the Responder will apply.
 
 <!--/Description-->
 

From ade0f87219b9c609b3b8d7de7756ab25b8030c35 Mon Sep 17 00:00:00 2001
From: Siddarth Mandalika <v-smandalika@microsoft.com>
Date: Mon, 14 Mar 2022 17:42:05 +0530
Subject: [PATCH 027/123] Acrolinx enhancement effort

---
 .../mdm/policy-csp-admx-logon.md              |  68 ++---
 ...icy-csp-admx-microsoftdefenderantivirus.md | 288 +++++++++---------
 .../mdm/policy-csp-admx-mmc.md                |  50 +--
 .../mdm/policy-csp-admx-msapolicy.md          |   6 +-
 .../mdm/policy-csp-admx-msched.md             |   6 +-
 .../mdm/policy-csp-admx-msdt.md               |  20 +-
 .../mdm/policy-csp-admx-msi.md                |  86 +++---
 .../mdm/policy-csp-admx-msifilerecovery.md    |  10 +-
 .../mdm/policy-csp-admx-nca.md                |  18 +-
 .../mdm/policy-csp-admx-netlogon.md           | 152 ++++-----
 10 files changed, 352 insertions(+), 352 deletions(-)

diff --git a/windows/client-management/mdm/policy-csp-admx-logon.md b/windows/client-management/mdm/policy-csp-admx-logon.md
index 224ceae595..2f68cebffb 100644
--- a/windows/client-management/mdm/policy-csp-admx-logon.md
+++ b/windows/client-management/mdm/policy-csp-admx-logon.md
@@ -104,9 +104,9 @@ manager: dansimp
 <!--Description-->
 This policy prevents the user from showing account details (email address or user name) on the sign-in screen. 
 
-If you enable this policy setting, the user cannot choose to show account details on the sign-in screen.
+If you enable this policy setting, the user can't choose to show account details on the sign-in screen.
 
-If you disable or do not configure this policy setting, the user may choose to show account details on the sign-in screen.
+If you disable or don't configure this policy setting, the user may choose to show account details on the sign-in screen.
 
 <!--/Description-->
 
@@ -152,7 +152,7 @@ This policy setting disables the acrylic blur effect on logon background image.
 
 If you enable this policy, the logon background image shows without blur.
 
-If you disable or do not configure this policy, the logon background image adopts the acrylic blur effect.
+If you disable or don't configure this policy, the logon background image adopts the acrylic blur effect.
 
 <!--/Description-->
 
@@ -294,11 +294,11 @@ ADMX Info:
 <!--Description-->
 This policy setting ignores customized run-once lists.
 
-You can create a customized list of additional programs and documents that are started automatically the next time the system starts (but not thereafter). These programs are added to the standard list of programs and services that the system starts.
+You can create a customized list of other programs and documents that are started automatically the next time the system starts (but not thereafter). These programs are added to the standard list of programs and services that the system starts.
 
 If you enable this policy setting, the system ignores the run-once list.
 
-If you disable or do not configure this policy setting, the system runs the programs in the run-once list.
+If you disable or don't configure this policy setting, the system runs the programs in the run-once list.
 
 This policy setting appears in the Computer Configuration and User Configuration folders. If both policy settings are configured, the policy setting in Computer Configuration takes precedence over the policy setting in User Configuration.
 
@@ -347,11 +347,11 @@ ADMX Info:
 <!--Description-->
 This policy setting ignores customized run-once lists.
 
-You can create a customized list of additional programs and documents that are started automatically the next time the system starts (but not thereafter). These programs are added to the standard list of programs and services that the system starts.
+You can create a customized list of other programs and documents that are started automatically the next time the system starts (but not thereafter). These programs are added to the standard list of programs and services that the system starts.
 
 If you enable this policy setting, the system ignores the run-once list.
 
-If you disable or do not configure this policy setting, the system runs the programs in the run-once list.
+If you disable or don't configure this policy setting, the system runs the programs in the run-once list.
 
 This policy setting appears in the Computer Configuration and User Configuration folders. If both policy settings are configured, the policy setting in Computer Configuration takes precedence over the policy setting in User Configuration.
 
@@ -400,9 +400,9 @@ ADMX Info:
 <!--Description-->
 This policy setting suppresses system status messages.
 
-If you enable this setting, the system does not display a message reminding users to wait while their system starts or shuts down, or while users log on or off.
+If you enable this setting, the system doesn't display a message reminding users to wait while their system starts or shuts down, or while users sign in or sign out.
 
-If you disable or do not configure this policy setting, the system displays the message reminding users to wait while their system starts or shuts down, or while users log on or off.
+If you disable or don't configure this policy setting, the system displays the message reminding users to wait while their system starts or shuts down, or while users sign in or sign out.
 
 <!--/Description-->
 
@@ -446,9 +446,9 @@ ADMX Info:
 <!--Description-->
 This policy setting prevents connected users from being enumerated on domain-joined computers.
 
-If you enable this policy setting, the Logon UI will not enumerate any connected users on domain-joined computers.
+If you enable this policy setting, the Logon UI won't enumerate any connected users on domain-joined computers.
 
-If you disable or do not configure this policy setting, connected users will be enumerated on domain-joined computers.
+If you disable or don't configure this policy setting, connected users will be enumerated on domain-joined computers.
 
 <!--/Description-->
 
@@ -496,9 +496,9 @@ If you enable this policy setting, the welcome screen is hidden from the user lo
 
 Users can still display the welcome screen by selecting it on the Start menu or by typing "Welcome" in the Run dialog box.
 
-If you disable or do not configure this policy, the welcome screen is displayed each time a user logs on to the computer.
+If you disable or don't configure this policy, the welcome screen is displayed each time a user signs in to the computer.
 
-This setting applies only to Windows. It does not affect the "Configure Your Server on a Windows Server" screen on Windows Server.
+This setting applies only to Windows. It doesn't affect the "Configure Your Server on a Windows Server" screen on Windows Server.
 
 > [!NOTE]
 > This setting appears in the Computer Configuration and User Configuration folders. If both settings are configured, the setting in Computer Configuration takes precedence over the setting in User Configuration.
@@ -553,7 +553,7 @@ If you enable this policy setting, the welcome screen is hidden from the user lo
 
 Users can still display the welcome screen by selecting it on the Start menu or by typing "Welcome" in the Run dialog box.
 
-If you disable or do not configure this policy, the welcome screen is displayed each time a user logs on to the computer.  This setting applies only to Windows. It does not affect the "Configure Your Server on a Windows Server" screen on Windows Server.
+If you disable or don't configure this policy, the welcome screen is displayed each time a user signs in to the computer.  This setting applies only to Windows. It doesn't affect the "Configure Your Server on a Windows Server" screen on Windows Server.
 
 > [!NOTE]
 > This setting appears in the Computer Configuration and User Configuration folders. If both settings are configured, the setting in Computer Configuration takes precedence over the setting in User Configuration.
@@ -601,18 +601,18 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting specifies additional programs or documents that Windows starts automatically when a user logs on to the system.
+This policy setting specifies other programs or documents that Windows starts automatically when a user signs in to the system.
 
-If you enable this policy setting, you can specify which programs can run at the time the user logs on to this computer that has this policy applied.
+If you enable this policy setting, you can specify which programs can run at the time the user signs in to this computer that has this policy applied.
 
 To specify values for this policy setting, click Show. In the Show Contents dialog box in the Value column, type the name of the executable program (.exe) file or document file. To specify another name, press ENTER, and type the name. Unless the file is located in the %Systemroot% directory, you must specify the fully qualified path to the file.
 
-If you disable or do not configure this policy setting, the user will have to start the appropriate programs after logon.
+If you disable or don't configure this policy setting, the user will have to start the appropriate programs after signing in.
 
 > [!NOTE]
 > This setting appears in the Computer Configuration and User Configuration folders. If both settings are configured, the system starts the programs specified in the Computer Configuration setting just before it starts the programs specified in the User Configuration setting.
 
-Also, see the "Do not process the legacy run list" and the "Do not process the run once list" settings.
+Also, see the "Do not process the legacy run list" and the "don't process the run once list" settings.
 
 <!--/Description-->
 
@@ -654,18 +654,18 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting specifies additional programs or documents that Windows starts automatically when a user logs on to the system.
+This policy setting specifies other programs or documents that Windows starts automatically when a user signs in to the system.
 
-If you enable this policy setting, you can specify which programs can run at the time the user logs on to this computer that has this policy applied.
+If you enable this policy setting, you can specify which programs can run at the time the user signs in to this computer that has this policy applied.
 
 To specify values for this policy setting, click Show. In the Show Contents dialog box in the Value column, type the name of the executable program (.exe) file or document file. To specify another name, press ENTER, and type the name. Unless the file is located in the %Systemroot% directory, you must specify the fully qualified path to the file.
 
-If you disable or do not configure this policy setting, the user will have to start the appropriate programs after logon.
+If you disable or don't configure this policy setting, the user will have to start the appropriate programs after signing in.
 
 > [!NOTE]
 > This setting appears in the Computer Configuration and User Configuration folders. If both settings are configured, the system starts the programs specified in the Computer Configuration setting just before it starts the programs specified in the User Configuration setting.
 
-Also, see the "Do not process the legacy run list" and the "Do not process the run once list" settings.
+Also, see the "Do not process the legacy run list" and the "don't process the run once list" settings.
 
 
 <!--/Description-->
@@ -708,29 +708,29 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting determines whether Group Policy processing is synchronous (that is, whether computers wait for the network to be fully initialized during computer startup and user logon). By default, on client computers, Group Policy processing is not synchronous; client computers typically do not wait for the network to be fully initialized at startup and logon. Existing users are logged on using cached credentials, which results in shorter logon times. Group Policy is applied in the background after the network becomes available. 
+This policy setting determines whether Group Policy processing is synchronous (that is, whether computers wait for the network to be fully initialized during computer startup and user sign in). By default, on client computers, Group Policy processing isn't synchronous; client computers typically don't wait for the network to be fully initialized at startup and sign in. Existing users are signed in using cached credentials, which results in shorter sign-in times. Group Policy is applied in the background after the network becomes available.
 
-Note that because this is a background refresh, extensions such as Software Installation and Folder Redirection take two logons to apply changes. To be able to operate safely, these extensions require that no users be logged on. Therefore, they must be processed in the foreground before users are actively using the computer. In addition, changes that are made to the user object, such as adding a roaming profile path, home directory, or user object logon script, may take up to two logons to be detected.
+Because this process (of applying Group Policy) is a background refresh, extensions such as Software Installation and Folder Redirection take two sign-ins to apply changes. To be able to operate safely, these extensions require that no users be signed in. Therefore, they must be processed in the foreground before users are actively using the computer. In addition, changes that are made to the user object, such as adding a roaming profile path, home directory, or user object logon script, may take up to two sign-ins to be detected.
 
-If a user with a roaming profile, home directory, or user object logon script logs on to a computer, computers always wait for the network to be initialized before logging the user on. If a user has never logged on to this computer before, computers always wait for the network to be initialized.
+If a user with a roaming profile, home directory, or user object logon script signs in to a computer, computers always wait for the network to be initialized before signing in the user. If a user has never signed in to this computer before, computers always wait for the network to be initialized.
 
-If you enable this policy setting, computers wait for the network to be fully initialized before users are logged on. Group Policy is applied in the foreground, synchronously.
+If you enable this policy setting, computers wait for the network to be fully initialized before users are signed in. Group Policy is applied in the foreground, synchronously.
 
 On servers running Windows Server 2008 or later, this policy setting is ignored during Group Policy processing at computer startup and Group Policy processing will be synchronous (these servers wait for the network to be initialized during computer startup).
 
-If the server is configured as follows, this policy setting takes effect during Group Policy processing at user logon:
+If the server is configured as follows, this policy setting takes effect during Group Policy processing at user sign in:
 
 - The server is configured as a terminal server (that is, the Terminal Server role service is installed and configured on the server); and
 - The “Allow asynchronous user Group Policy processing when logging on through Terminal Services” policy setting is enabled. This policy setting is located under Computer Configuration\Policies\Administrative templates\System\Group Policy\\.
 
-If this configuration is not implemented on the server, this policy setting is ignored. In this case, Group Policy processing at user logon is synchronous (these servers wait for the network to be initialized during user logon).
+If this configuration isn't implemented on the server, this policy setting is ignored. In this case, Group Policy processing at user sign in is synchronous (these servers wait for the network to be initialized during user sign in).
 
-If you disable or do not configure this policy setting and users log on to a client computer or a server running Windows Server 2008 or later and that is configured as described earlier, the computer typically does not wait for the network to be fully initialized. In this case, users are logged on with cached credentials. Group Policy is applied asynchronously in the background.
+If you disable or don't configure this policy setting and users sign in to a client computer or a server running Windows Server 2008 or later and that is configured as described earlier, the computer typically doesn't wait for the network to be fully initialized. In this case, users are logged on with cached credentials. Group Policy is applied asynchronously in the background.
 
 > [!NOTE]
 >
-> - If you want to guarantee the application of Folder Redirection, Software Installation, or roaming user profile settings in just one logon, enable this policy setting to ensure that Windows waits for the network to be available before applying policy. 
-> - If Folder Redirection policy will apply during the next logon, security policies will be applied asynchronously during the next update cycle, if network connectivity is available.
+> - If you want to guarantee the application of Folder Redirection, Software Installation, or roaming user profile settings in just one sign in, enable this policy setting to ensure that Windows waits for the network to be available before applying policy. 
+> - If Folder Redirection policy will apply during the next sign in, security policies will be applied asynchronously during the next update cycle, if network connectivity is available.
 
 <!--/Description-->
 
@@ -774,9 +774,9 @@ ADMX Info:
 <!--Description-->
 This policy setting ignores Windows Logon Background.
 
-This policy setting may be used to make Windows give preference to a custom logon background.  If you enable this policy setting, the logon screen always attempts to load a custom background instead of the Windows-branded logon background.
+This policy setting may be used to make Windows give preference to a custom logon background. If you enable this policy setting, the sign-in screen always attempts to load a custom background instead of the Windows-branded logon background.
 
-If you disable or do not configure this policy setting, Windows uses the default Windows logon background or custom background.
+If you disable or don't configure this policy setting, Windows uses the default Windows logon background or custom background.
 
 <!--/Description-->
 
@@ -824,7 +824,7 @@ This policy setting is designed for advanced users who require this information.
 
 If you enable this policy setting, the system displays status messages that reflect each step in the process of starting, shutting down, logging on, or logging off the system.
 
-If you disable or do not configure this policy setting, only the default status messages are displayed to the user during these processes.
+If you disable or don't configure this policy setting, only the default status messages are displayed to the user during these processes.
 
 > [!NOTE]
 > This policy setting is ignored if the "Remove Boot/Shutdown/Logon/Logoff status messages" policy setting is enabled.
diff --git a/windows/client-management/mdm/policy-csp-admx-microsoftdefenderantivirus.md b/windows/client-management/mdm/policy-csp-admx-microsoftdefenderantivirus.md
index 551efcc569..c2d83759c2 100644
--- a/windows/client-management/mdm/policy-csp-admx-microsoftdefenderantivirus.md
+++ b/windows/client-management/mdm/policy-csp-admx-microsoftdefenderantivirus.md
@@ -338,7 +338,7 @@ manager: dansimp
 <!--Description-->
 This policy setting controls the load priority for the antimalware service. Increasing the load priority will allow for faster service startup, but may impact performance.
 
-If you enable or do not configure this setting, the antimalware service will load as a normal priority task.
+If you enable or don't configure this setting, the antimalware service will load as a normal priority task.
 
 If you disable this setting, the antimalware service will load as a low priority task.
 
@@ -384,13 +384,13 @@ ADMX Info:
 <!--Description-->
 This policy setting turns off Microsoft Defender Antivirus.
 
-If you enable this policy setting, Microsoft Defender Antivirus does not run, and will not scan computers for malware or other potentially unwanted software.
+If you enable this policy setting, Microsoft Defender Antivirus doesn't run, and won't scan computers for malware or other potentially unwanted software.
 
 If you disable this policy setting, Microsoft Defender Antivirus will run regardless of any other installed antivirus product.
 
-If you do not configure this policy setting, Windows will internally manage Microsoft Defender Antivirus. If you install another antivirus program, Windows automatically disables Microsoft Defender Antivirus. Otherwise, Microsoft Defender Antivirus will scan your computers for malware and other potentially unwanted software.
+If you don't configure this policy setting, Windows will internally manage Microsoft Defender Antivirus. If you install another antivirus program, Windows automatically disables Microsoft Defender Antivirus. Otherwise, Microsoft Defender Antivirus will scan your computers for malware and other potentially unwanted software.
 
-Enabling or disabling this policy may lead to unexpected or unsupported behavior. It is recommended that you leave this policy setting unconfigured.
+Enabling or disabling this policy may lead to unexpected or unsupported behavior. It's recommended that you leave this policy setting unconfigured.
 
 <!--/Description-->
 
@@ -438,7 +438,7 @@ Disabled (Default):
 Microsoft Defender Antivirus will exclude pre-defined list of paths from the scan to improve performance.
 
 Enabled:
-Microsoft Defender Antivirus will not exclude pre-defined list of paths from scans. This can impact machine performance in some scenarios.
+Microsoft Defender Antivirus won't exclude pre-defined list of paths from scans. This non-exclusion can impact machine performance in some scenarios.
 
 Not configured:
 Same as Disabled.
@@ -483,17 +483,17 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This feature ensures the device checks in real time with the Microsoft Active Protection Service (MAPS) before allowing certain content to be run or accessed. If this feature is disabled, the check will not occur, which will lower the protection state of the device.
+This feature ensures the device checks in real time with the Microsoft Active Protection Service (MAPS) before allowing certain content to be run or accessed. If this feature is disabled, the check won't occur, which will lower the protection state of the device.
 
 Enabled – The Block at First Sight setting is turned on.
 Disabled – The Block at First Sight setting is turned off.
     
 This feature requires these Policy settings to be set as follows:
 
-- MAPS -> The “Join Microsoft MAPS” must be enabled or the “Block at First Sight” feature will not function.
-- MAPS -> The “Send file samples when further analysis is required” should be set to 1 (Send safe samples) or 3 (Send all samples). Setting to 0 (Always Prompt) will lower the protection state of the device. Setting to 2 (Never send) means the “Block at First Sight” feature will not function.
-- Real-time Protection -> The “Scan all downloaded files and attachments” policy must be enabled or the “Block at First Sight” feature will not function.
-- Real-time Protection -> Do not enable the “Turn off real-time protection” policy or the “Block at First Sight” feature will not function.
+- MAPS -> The “Join Microsoft MAPS” must be enabled or the “Block at First Sight” feature won't function.
+- MAPS -> The “Send file samples when further analysis is required” should be set to 1 (Send safe samples) or 3 (Send all samples). Setting to 0 (Always Prompt) will lower the protection state of the device. Setting to 2 (Never send) means the “Block at First Sight” feature won't function.
+- Real-time Protection -> The “Scan all downloaded files and attachments” policy must be enabled or the “Block at First Sight” feature won't function.
+- Real-time Protection -> don't enable the “Turn off real-time protection” policy or the “Block at First Sight” feature won't function.
 
 <!--/Description-->
 
@@ -537,7 +537,7 @@ ADMX Info:
 <!--Description-->
 This policy setting controls whether or not complex list settings configured by a local administrator are merged with Policy settings. This setting applies to lists such as threats and Exclusions.
 
-If you enable or do not configure this setting, unique items defined in Policy and in preference settings configured by the local administrator will be merged into the resulting effective policy. In the case of conflicts, Policy Settings will override preference settings.
+If you enable or don't configure this setting, unique items defined in Policy and in preference settings configured by the local administrator will be merged into the resulting effective policy. If conflicts occur, Policy Settings will override preference settings.
 
 If you disable this setting, only items defined by Policy will be used in the resulting effective policy. Policy settings will override preference settings configured by the local administrator.
 
@@ -585,9 +585,9 @@ This policy setting turns off real-time protection prompts for known malware det
 
 Microsoft Defender Antivirus alerts you when malware or potentially unwanted software attempts to install itself or to run on your computer.
 
-If you enable this policy setting, Microsoft Defender Antivirus will not prompt users to take actions on malware detections.
+If you enable this policy setting, Microsoft Defender Antivirus won't prompt users to take actions on malware detections.
 
-If you disable or do not configure this policy setting, Microsoft Defender Antivirus will prompt users to take actions on malware detections.
+If you disable or don't configure this policy setting, Microsoft Defender Antivirus will prompt users to take actions on malware detections.
 
 <!--/Description-->
 
@@ -631,9 +631,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to configure whether Microsoft Defender Antivirus automatically takes action on all detected threats. The action to be taken on a particular threat is determined by the combination of the policy-defined action, user-defined action, and the signature-defined action.
 
-If you enable this policy setting, Microsoft Defender Antivirus does not automatically take action on the detected threats, but prompts users to choose from the actions available for each threat.
+If you enable this policy setting, Microsoft Defender Antivirus doesn't automatically take action on the detected threats, but prompts users to choose from the actions available for each threat.
 
-If you disable or do not configure this policy setting, Microsoft Defender Antivirus automatically takes action on all detected threats after a nonconfigurable delay of approximately five seconds.
+If you disable or don't configure this policy setting, Microsoft Defender Antivirus automatically takes action on all detected threats after a nonconfigurable delay of approximately five seconds.
 
 <!--/Description-->
 
@@ -675,7 +675,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you specify a list of file types that should be excluded from scheduled, custom, and real-time scanning. File types should be added under the Options for this setting. Each entry must be listed as a name value pair, where the name should be a string representation of the file type extension (such as "obj" or "lib"). The value is not used and it is recommended that this be set to 0.
+This policy setting allows you to specify a list of file types that should be excluded from scheduled, custom, and real-time scanning. File types should be added under the Options for this setting. Each entry must be listed as a name value pair, where the name should be a string representation of the file type extension (such as "obj" or "lib"). The value isn't used and it's recommended that this value is set to 0.
 
 <!--/Description-->
 
@@ -719,7 +719,7 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to disable scheduled and real-time scanning for files under the paths specified or for the fully qualified resources specified. Paths should be added under the Options for this setting. Each entry must be listed as a name value pair, where the name should be a string representation of a path or a fully qualified resource name.
 
-As an example, a path might be defined as: "c:\Windows" to exclude all files in this directory. A fully qualified resource name might be defined as: "C:\Windows\App.exe". The value is not used and it is recommended that this be set to 0.
+As an example, a path might be defined as: "c:\Windows" to exclude all files in this directory. A fully qualified resource name might be defined as: "C:\Windows\App.exe". The value isn't used and it's recommended that this value is set to 0.
 
 <!--/Description-->
 
@@ -761,7 +761,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to disable scheduled and real-time scanning for any file opened by any of the specified processes. The process itself will not be excluded. To exclude the process, use the Path exclusion. Processes should be added under the Options for this setting. Each entry must be listed as a name value pair, where the name should be a string representation of the path to the process image. Note that only executables can be excluded. For example, a process might be defined as: "c:\windows\app.exe". The value is not used and it is recommended that this be set to 0.
+This policy setting allows you to disable scheduled and real-time scanning for any file opened by any of the specified processes. The process itself won't be excluded. To exclude the process, use the Path exclusion. Processes should be added under the Options for this setting. Each entry must be listed as a name value pair, where the name should be a string representation of the path to the process image. Only executables can be excluded. For example, a process might be defined as: "c:\windows\app.exe". The value isn't used and it's recommended that this value is set to 0.
 
 <!--/Description-->
 
@@ -818,7 +818,7 @@ No exclusions will be applied to the ASR rules.
 Not configured:
 Same as Disabled.
 
-You can configure ASR rules in the Configure Attack Surface Reduction rules GP setting.
+You can configure ASR rules in the "Configure Attack Surface Reduction rules" GP setting.
 
 <!--/Description-->
 
@@ -860,13 +860,13 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Set the state for each Attack Surface Reduction (ASR) rule.
+Set the state for each ASR rule.
 
-After enabling this setting, you can set each rule to the following in the Options section:
+After enabling this setting, you can set each rule to the following values in the Options section:
 
-- Block: the rule will be applied
-- Audit Mode: if the rule would normally cause an event, then it will be recorded (although the rule will not actually be applied)
-- Off: the rule will not be applied
+- Block: The rule will be applied
+- Audit Mode: If the rule would normally cause an event, then it will be recorded (although the rule won't actually be applied)
+- Off: The rule won't be applied
 
 Enabled:
 Specify the state for each ASR rule under the Options section for this setting.
@@ -933,24 +933,24 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Add additional applications that should be considered "trusted" by controlled folder access.
+Add other applications that should be considered "trusted" by controlled folder access.
 
 These applications are allowed to modify or delete files in controlled folder access folders.
 
-Microsoft Defender Antivirus automatically determines which applications should be trusted. You can configure this setting to add additional applications.
+Microsoft Defender Antivirus automatically determines which applications should be trusted. You can configure this setting to add other applications.
 
 Enabled: 
-Specify additional allowed applications in the Options section..
+Specify other allowed applications in the Options section.
 
 Disabled:
-No additional applications will be added to the trusted list.
+No other applications will be added to the trusted list.
 
 Not configured:
 Same as Disabled.
 
-You can enable controlled folder access in the Configure controlled folder access GP setting.
+You can enable controlled folder access in the "Configure controlled folder access" GP setting.
 
-Default system folders are automatically guarded, but you can add folders in the configure protected folders GP setting.
+Default system folders are automatically guarded, but you can add folders in the "Configure protected folders" GP setting.
 
 <!--/Description-->
 
@@ -994,23 +994,23 @@ ADMX Info:
 <!--Description-->
 Specify additional folders that should be guarded by the Controlled folder access feature.
 
-Files in these folders cannot be modified or deleted by untrusted applications.
+Files in these folders can't be modified or deleted by untrusted applications.
 
-Default system folders are automatically protected. You can configure this setting to add additional folders. 
+Default system folders are automatically protected. You can configure this setting to add more folders. 
 The list of default system folders that are protected is shown in Windows Security.
 
 Enabled:
-Specify additional folders that should be protected in the Options section.
+Specify more folders that should be protected in the Options section.
 
 Disabled:
-No additional folders will be protected.
+No other folders will be protected.
 
 Not configured:
 Same as Disabled.
 
-You can enable controlled folder access in the Configure controlled folder access GP setting.
+You can enable controlled folder access in the "Configure controlled folder access" GP setting.
 
-Microsoft Defender Antivirus automatically determines which applications can be trusted. You can add additional trusted applications in the Configure allowed applications GP setting.
+Microsoft Defender Antivirus automatically determines which applications can be trusted. You can add more trusted applications in the "Configure allowed applications" GP setting.
 
 <!--/Description-->
 
@@ -1055,10 +1055,10 @@ ADMX Info:
 Enable or disable file hash computation feature.
 
 Enabled:
-When this feature is enabled Microsoft Defender Antivirus will compute hash value for files it scans.
+When this feature is enabled, Microsoft Defender Antivirus will compute hash value for files it scans.
 
 Disabled:
-File hash value is not computed
+File hash value isn't computed
 
 Not configured:
 Same as Disabled.
@@ -1103,9 +1103,9 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to configure definition retirement for network protection against exploits of known vulnerabilities. Definition retirement checks to see if a computer has the required security updates necessary to protect it against a particular vulnerability. If the system is not vulnerable to the exploit detected by a definition, then that definition is "retired". If all security intelligence for a given protocol are retired then that protocol is no longer parsed. Enabling this feature helps to improve performance. On a computer that is up-to-date with all the latest security updates, network protection will have no impact on network performance.
+This policy setting allows you to configure definition retirement for network protection against exploits of known vulnerabilities. Definition retirement checks to see if a computer has the required security updates necessary to protect it against a particular vulnerability. If the system isn't vulnerable to the exploit detected by a definition, then that definition is "retired". If all security intelligence for a given protocol are retired, then that protocol is no longer parsed. Enabling this feature helps to improve performance. On a computer that is up-to-date with all the latest security updates, network protection will have no impact on network performance.
 
-If you enable or do not configure this setting, definition retirement will be enabled.
+If you enable or don't configure this setting, definition retirement will be enabled.
 
 If you disable this setting, definition retirement will be disabled.
 
@@ -1149,7 +1149,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting defines additional definition sets to enable for network traffic inspection. Definition set GUIDs should be added under the Options for this setting. Each entry must be listed as a name value pair, where the name should be a string representation of a definition set GUID. As an example, the definition set GUID to enable test security intelligence is defined as: “{b54b6ac9-a737-498e-9120-6616ad3bf590}”. The value is not used and it is recommended that this be set to 0.
+This policy setting defines more definition sets to enable for network traffic inspection. Definition set GUIDs should be added under the Options for this setting. Each entry must be listed as a name value pair, where the name should be a string representation of a definition set GUID. As an example, the definition set GUID to enable test security intelligence is defined as: “{b54b6ac9-a737-498e-9120-6616ad3bf590}”. The value isn't used and it's recommended that this value is set to 0.
 
 <!--/Description-->
 
@@ -1193,7 +1193,7 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to configure protocol recognition for network protection against exploits of known vulnerabilities.
 
-If you enable or do not configure this setting, protocol recognition will be enabled.
+If you enable or don't configure this setting, protocol recognition will be enabled.
 
 If you disable this setting, protocol recognition will be disabled.
 
@@ -1241,7 +1241,7 @@ This policy, if defined, will prevent antimalware from using the configured prox
 
 If you enable this setting, the proxy server will be bypassed for the specified addresses.
 
-If you disable or do not configure this setting, the proxy server will not be bypassed for the specified addresses.
+If you disable or don't configure this setting, the proxy server won't be bypassed for the specified addresses.
 
 <!--/Description-->
 
@@ -1283,7 +1283,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting defines the URL of a proxy .pac file that should be used when the client attempts to connect the network for security intelligence updates and MAPS reporting. If the proxy auto-config fails or if there is no proxy auto-config specified, the client will fall back to the alternative options (in order):
+This policy setting defines the URL of a proxy .pac file that should be used when the client attempts to connect the network for security intelligence updates and MAPS reporting. If the proxy auto-config fails or if there's no proxy auto-config specified, the client will fall back to the alternative options (in order):
 
 1. Proxy server (if specified)
 2. Proxy .pac URL (if specified)
@@ -1293,7 +1293,7 @@ This policy setting defines the URL of a proxy .pac file that should be used whe
 
 If you enable this setting, the proxy setting will be set to use the specified proxy .pac according to the order specified above.
 
-If you disable or do not configure this setting, the proxy will skip over this fallback step according to the order specified above.
+If you disable or don't configure this setting, the proxy will skip over this fallback step according to the order specified above.
 
 <!--/Description-->
 
@@ -1335,7 +1335,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to configure the named proxy that should be used when the client attempts to connect to the network for security intelligence updates and MAPS reporting. If the named proxy fails or if there is no proxy specified, the client will fall back to the alternative options (in order):
+This policy setting allows you to configure the named proxy that should be used when the client attempts to connect to the network for security intelligence updates and MAPS reporting. If the named proxy fails or if there's no proxy specified, the client will fall back to the alternative options (in order):
 
 1. Proxy server (if specified)
 2. Proxy .pac URL (if specified)
@@ -1345,7 +1345,7 @@ This policy setting allows you to configure the named proxy that should be used
 
 If you enable this setting, the proxy will be set to the specified URL according to the order specified above. The URL should be proceeded with either http:// or https://.
 
-If you disable or do not configure this setting, the proxy will skip over this fallback step according to the order specified above.
+If you disable or don't configure this setting, the proxy will skip over this fallback step according to the order specified above.
 
 <!--/Description-->
 
@@ -1391,7 +1391,7 @@ This policy setting configures a local override for the configuration of the num
 
 If you enable this setting, the local preference setting will take priority over Policy.
 
-If you disable or do not configure this setting, Policy will take priority over the local preference setting.
+If you disable or don't configure this setting, Policy will take priority over the local preference setting.
 
 <!--/Description-->
 
@@ -1437,7 +1437,7 @@ This policy setting defines the number of days items should be kept in the Quara
 
 If you enable this setting, items will be removed from the Quarantine folder after the number of days specified.
 
-If you disable or do not configure this setting, items will be kept in the quarantine folder indefinitely and will not be automatically removed.
+If you disable or don't configure this setting, items will be kept in the quarantine folder indefinitely and won't be automatically removed.
 
 <!--/Description-->
 
@@ -1481,7 +1481,7 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to enable or disable randomization of the scheduled scan start time and the scheduled security intelligence update start time. This setting is used to distribute the resource impact of scanning. For example, it could be used in guest virtual machines sharing a host, to prevent multiple guest virtual machines from undertaking a disk-intensive operation at the same time.
 
-If you enable or do not configure this setting, scheduled tasks will begin at a random time within an interval of 30 minutes before and after the specified start time.
+If you enable or don't configure this setting, scheduled tasks will begin at a random time within an interval of 30 minutes before and after the specified start time.
 
 If you disable this setting, scheduled tasks will begin at the specified start time.
 
@@ -1527,7 +1527,7 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to configure behavior monitoring.
 
-If you enable or do not configure this setting, behavior monitoring will be enabled.
+If you enable or don't configure this setting, behavior monitoring will be enabled.
 
 If you disable this setting, behavior monitoring will be disabled.
 
@@ -1573,7 +1573,7 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to configure scanning for all downloaded files and attachments.
 
-If you enable or do not configure this setting, scanning for all downloaded files and attachments will be enabled.
+If you enable or don't configure this setting, scanning for all downloaded files and attachments will be enabled.
 
 If you disable this setting, scanning for all downloaded files and attachments will be disabled.
 
@@ -1619,7 +1619,7 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to configure monitoring for file and program activity.
 
-If you enable or do not configure this setting, monitoring for file and program activity will be enabled.
+If you enable or don't configure this setting, monitoring for file and program activity will be enabled.
 
 If you disable this setting, monitoring for file and program activity will be disabled.
 
@@ -1665,7 +1665,7 @@ ADMX Info:
 <!--Description-->
 This policy setting controls whether raw volume write notifications are sent to behavior monitoring.
 
-If you enable or do not configure this setting, raw write notifications will be enabled.
+If you enable or don't configure this setting, raw write notifications will be enabled.
 
 If you disable this setting, raw write notifications be disabled.
 
@@ -1709,11 +1709,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to configure process scanning when real-time protection is turned on. This helps to catch malware which could start when real-time protection is turned off.
+This policy setting allows you to configure process scanning when real-time protection is turned on. This configuration helps to catch malware that could start when real-time protection is turned off.
 
-If you enable or do not configure this setting, a process scan will be initiated when real-time protection is turned on.
+If you enable or don't configure this setting, a process scan will be initiated when real-time protection is turned on.
 
-If you disable this setting, a process scan will not be initiated when real-time protection is turned on.
+If you disable this setting, a process scan won't be initiated when real-time protection is turned on.
 
 <!--/Description-->
 
@@ -1759,7 +1759,7 @@ This policy setting defines the maximum size (in kilobytes) of downloaded files
 
 If you enable this setting, downloaded files and attachments smaller than the size specified will be scanned.
 
-If you disable or do not configure this setting, a default size will be applied.
+If you disable or don't configure this setting, a default size will be applied.
 
 <!--/Description-->
 
@@ -1805,7 +1805,7 @@ This policy setting configures a local override for the configuration of behavio
 
 If you enable this setting, the local preference setting will take priority over Policy.
 
-If you disable or do not configure this setting, Policy will take priority over the local preference setting.
+If you disable or don't configure this setting, Policy will take priority over the local preference setting.
 
 <!--/Description-->
 
@@ -1851,7 +1851,7 @@ This policy setting configures a local override for the configuration of scannin
 
 If you enable this setting, the local preference setting will take priority over Policy.
 
-If you disable or do not configure this setting, Policy will take priority over the local preference setting.
+If you disable or don't configure this setting, Policy will take priority over the local preference setting.
 
 <!--/Description-->
 
@@ -1897,7 +1897,7 @@ This policy setting configures a local override for the configuration of monitor
 
 If you enable this setting, the local preference setting will take priority over Policy.
 
-If you disable or do not configure this setting, Policy will take priority over the local preference setting.
+If you disable or don't configure this setting, Policy will take priority over the local preference setting.
 
 <!--/Description-->
 
@@ -1943,7 +1943,7 @@ This policy setting configures a local override for the configuration to turn on
 
 If you enable this setting, the local preference setting will take priority over Policy.
 
-If you disable or do not configure this setting, Policy will take priority over the local preference setting.
+If you disable or don't configure this setting, Policy will take priority over the local preference setting.
 
 <!--/Description-->
 
@@ -1989,7 +1989,7 @@ This policy setting configures a local override for the configuration of monitor
 
 If you enable this setting, the local preference setting will take priority over Policy.
 
-If you disable or do not configure this setting, Policy will take priority over the local preference setting.
+If you disable or don't configure this setting, Policy will take priority over the local preference setting.
 
 <!--/Description-->
 
@@ -2035,7 +2035,7 @@ This policy setting configures a local override for the configuration of the tim
 
 If you enable this setting, the local preference setting will take priority over Policy.
 
-If you disable or do not configure this setting, Policy will take priority over the local preference setting.
+If you disable or don't configure this setting, Policy will take priority over the local preference setting.
 
 <!--/Description-->
 
@@ -2093,7 +2093,7 @@ This setting can be configured with the following ordinal number values:
 
 If you enable this setting, a scheduled full scan to complete remediation will run at the frequency specified.
 
-If you disable or do not configure this setting, a scheduled full scan to complete remediation will run at a default frequency.
+If you disable or don't configure this setting, a scheduled full scan to complete remediation will run at a default frequency.
 
 <!--/Description-->
 
@@ -2139,7 +2139,7 @@ This policy setting allows you to specify the time of day at which to perform a
 
 If you enable this setting, a scheduled full scan to complete remediation will run at the time of day specified.
 
-If you disable or do not configure this setting, a scheduled full scan to complete remediation will run at a default time.
+If you disable or don't configure this setting, a scheduled full scan to complete remediation will run at a default time.
 
 <!--/Description-->
 
@@ -2267,9 +2267,9 @@ ADMX Info:
 <!--Description-->
 Use this policy setting to specify if you want Microsoft Defender Antivirus enhanced notifications to display on clients.
 
-If you disable or do not configure this setting, Microsoft Defender Antivirus enhanced notifications will display on clients.
+If you disable or don't configure this setting, Microsoft Defender Antivirus enhanced notifications will display on clients.
 
-If you enable this setting, Microsoft Defender Antivirus enhanced notifications will not display on clients.
+If you enable this setting, Microsoft Defender Antivirus enhanced notifications won't display on clients.
 
 <!--/Description-->
 
@@ -2312,9 +2312,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to configure whether or not Watson events are sent.
 
-If you enable or do not configure this setting, Watson events will be sent.
+If you enable or don't configure this setting, Watson events will be sent.
 
-If you disable this setting, Watson events will not be sent.
+If you disable this setting, Watson events won't be sent.
 
 <!--/Description-->
 
@@ -2531,9 +2531,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to manage whether or not end users can pause a scan in progress.
 
-If you enable or do not configure this setting, a new context menu will be added to the task tray icon to allow the user to pause a scan.
+If you enable or don't configure this setting, a new context menu will be added to the task tray icon to allow the user to pause a scan.
 
-If you disable this setting, users will not be able to pause scans.
+If you disable this setting, users won't be able to pause scans.
 
 <!--/Description-->
 
@@ -2579,7 +2579,7 @@ This policy setting allows you to configure the maximum directory depth level in
 
 If you enable this setting, archive files will be scanned to the directory depth level specified.
 
-If you disable or do not configure this setting, archive files will be scanned to the default directory depth level.
+If you disable or don't configure this setting, archive files will be scanned to the default directory depth level.
 
 <!--/Description-->
 
@@ -2625,7 +2625,7 @@ This policy setting allows you to configure the maximum size of archive files su
 
 If you enable this setting, archive files less than or equal to the size specified will be scanned.
 
-If you disable or do not configure this setting, archive files will be scanned according to the default value.
+If you disable or don't configure this setting, archive files will be scanned according to the default value.
 
 <!--/Description-->
 
@@ -2670,9 +2670,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to configure scans for malicious software and unwanted software in archive files such as .ZIP or .CAB files.
 
-If you enable or do not configure this setting, archive files will be scanned.
+If you enable or don't configure this setting, archive files will be scanned.
 
-If you disable this setting, archive files will not be scanned.
+If you disable this setting, archive files won't be scanned.
 
 <!--/Description-->
 
@@ -2718,7 +2718,7 @@ This policy setting allows you to configure e-mail scanning. When e-mail scannin
 
 If you enable this setting, e-mail scanning will be enabled.
 
-If you disable or do not configure this setting, e-mail scanning will be disabled.
+If you disable or don't configure this setting, e-mail scanning will be disabled.
 
 <!--/Description-->
 
@@ -2760,9 +2760,9 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to configure heuristics. Suspicious detections will be suppressed right before reporting to the engine client. Turning off heuristics will reduce the capability to flag new threats. It is recommended that you do not turn off heuristics.
+This policy setting allows you to configure heuristics. Suspicious detections will be suppressed right before reporting to the engine client. Turning off heuristics will reduce the capability to flag new threats. It's recommended that you don't turn off heuristics.
 
-If you enable or do not configure this setting, heuristics will be enabled.
+If you enable or don't configure this setting, heuristics will be enabled.
 
 If you disable this setting, heuristics will be disabled.
 
@@ -2806,11 +2806,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to configure scanning for packed executables. It is recommended that this type of scanning remain enabled.
+This policy setting allows you to configure scanning for packed executables. It's recommended that this type of scanning remains enabled.
 
-If you enable or do not configure this setting, packed executables will be scanned.
+If you enable or don't configure this setting, packed executables will be scanned.
 
-If you disable this setting, packed executables will not be scanned.
+If you disable this setting, packed executables won't be scanned.
 
 <!--/Description-->
 
@@ -2856,7 +2856,7 @@ This policy setting allows you to manage whether or not to scan for malicious so
 
 If you enable this setting, removable drives will be scanned during any type of scan.
 
-If you disable or do not configure this setting, removable drives will not be scanned during a full scan. Removable drives may still be scanned during quick scan and custom scan.
+If you disable or don't configure this setting, removable drives won't be scanned during a full scan. Removable drives may still be scanned during quick scan and custom scan.
 
 <!--/Description-->
 
@@ -2898,11 +2898,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to configure reparse point scanning. If you allow reparse points to be scanned, there is a possible risk of recursion. However, the engine supports following reparse points to a maximum depth so at worst scanning could be slowed. Reparse point scanning is disabled by default and this is the recommended state for this functionality. 
+This policy setting allows you to configure reparse point scanning. If you allow reparse points to be scanned, there's a possible risk of recursion. However, the engine supports following reparse points to a maximum depth so at worst scanning could be slowed. Reparse point scanning is disabled by default and this setting is the recommended state for this functionality. 
 
 If you enable this setting, reparse point scanning will be enabled.
 
-If you disable or do not configure this setting, reparse point scanning will be disabled.
+If you disable or don't configure this setting, reparse point scanning will be disabled.
 
 <!--/Description-->
 
@@ -2948,7 +2948,7 @@ This policy setting allows you to create a system restore point on the computer
 
 If you enable this setting, a system restore point will be created.
 
-If you disable or do not configure this setting, a system restore point will not be created.
+If you disable or don't configure this setting, a system restore point won't be created.
 
 <!--/Description-->
 
@@ -2993,7 +2993,7 @@ This policy setting allows you to configure scanning mapped network drives.
 
 If you enable this setting, mapped network drives will be scanned.
 
-If you disable or do not configure this setting, mapped network drives will not be scanned.
+If you disable or don't configure this setting, mapped network drives won't be scanned.
 
 <!--/Description-->
 
@@ -3035,11 +3035,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to configure scanning for network files. It is recommended that you do not enable this setting.
+This policy setting allows you to configure scanning for network files. It's recommended that you don't enable this setting.
 
 If you enable this setting, network files will be scanned.
 
-If you disable or do not configure this setting, network files will not be scanned.
+If you disable or don't configure this setting, network files won't be scanned.
 
 <!--/Description-->
 
@@ -3085,7 +3085,7 @@ This policy setting configures a local override for the configuration of maximum
 
 If you enable this setting, the local preference setting will take priority over Policy.
 
-If you disable or do not configure this setting, Policy will take priority over the local preference setting.
+If you disable or don't configure this setting, Policy will take priority over the local preference setting.
 
 <!--/Description-->
 
@@ -3131,7 +3131,7 @@ This policy setting configures a local override for the configuration of the sca
 
 If you enable this setting, the local preference setting will take priority over Policy.
 
-If you disable or do not configure this setting, Policy will take priority over the local preference setting.
+If you disable or don't configure this setting, Policy will take priority over the local preference setting.
 
 <!--/Description-->
 
@@ -3177,7 +3177,7 @@ This policy setting configures a local override for the configuration of schedul
 
 If you enable this setting, the local preference setting will take priority over Policy.
 
-If you disable or do not configure this setting, Policy will take priority over the local preference setting.
+If you disable or don't configure this setting, Policy will take priority over the local preference setting.
 
 <!--/Description-->
 
@@ -3223,7 +3223,7 @@ This policy setting configures a local override for the configuration of schedul
 
 If you enable this setting, the local preference setting will take priority over Policy.
 
-If you disable or do not configure this setting, Policy will take priority over the local preference setting.
+If you disable or don't configure this setting, Policy will take priority over the local preference setting.
 
 <!--/Description-->
 
@@ -3269,7 +3269,7 @@ This policy setting configures a local override for the configuration of schedul
 
 If you enable this setting, the local preference setting will take priority over Policy.
 
-If you disable or do not configure this setting, Policy will take priority over the local preference setting.
+If you disable or don't configure this setting, Policy will take priority over the local preference setting.
 
 <!--/Description-->
 
@@ -3315,7 +3315,7 @@ This policy setting allows you to enable or disable low CPU priority for schedul
 
 If you enable this setting, low CPU priority will be used during scheduled scans.
 
-If you disable or do not configure this setting, not changes will be made to CPU priority for scheduled scans. 
+If you disable or don't configure this setting, not changes will be made to CPU priority for scheduled scans. 
 
 <!--/Description-->
 
@@ -3361,7 +3361,7 @@ This policy setting allows you to define the number of consecutive scheduled sca
 
 If you enable this setting, a catch-up scan will occur after the specified number consecutive missed scheduled scans.
 
-If you disable or do not configure this setting, a catch-up scan will occur after the 2 consecutive missed scheduled scans.
+If you disable or don't configure this setting, a catch-up scan will occur after the 2 consecutive missed scheduled scans.
 
 <!--/Description-->
 
@@ -3403,11 +3403,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting defines the number of days items should be kept in the scan history folder before being permanently removed. The value represents the number of days to keep items in the folder. If set to zero, items will be kept forever and will not be automatically removed. By default, the value is set to 30 days.
+This policy setting defines the number of days items should be kept in the scan history folder before being permanently removed. The value represents the number of days to keep items in the folder. If set to zero, items will be kept forever and won't be automatically removed. By default, the value is set to 30 days.
 
 If you enable this setting, items will be removed from the scan history folder after the number of days specified.
 
-If you disable or do not configure this setting, items will be kept in the scan history folder for the default number of days.
+If you disable or don't configure this setting, items will be kept in the scan history folder for the default number of days.
 
 <!--/Description-->
 
@@ -3449,11 +3449,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to specify an interval at which to perform a quick scan. The time value is represented as the number of hours between quick scans. Valid values range from 1 (every hour) to 24 (once per day). If set to zero, interval quick scans will not occur. By default, this setting is set to 0.
+This policy setting allows you to specify an interval at which to perform a quick scan. The time value is represented as the number of hours between quick scans. Valid values range from 1 (every hour) to 24 (once per day). If set to zero, interval quick scans won't occur. By default, this setting is set to 0.
 
 If you enable this setting, a quick scan will run at the interval specified.
 
-If you disable or do not configure this setting, a quick scan will run at a default time.
+If you disable or don't configure this setting, a quick scan will run at a default time.
 
 <!--/Description-->
 
@@ -3497,7 +3497,7 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to configure scheduled scans to start only when your computer is on but not in use.
 
-If you enable or do not configure this setting, scheduled scans will only run when the computer is on but not in use.
+If you enable or don't configure this setting, scheduled scans will only run when the computer is on but not in use.
 
 If you disable this setting, scheduled scans will run at the scheduled time.
 
@@ -3557,7 +3557,7 @@ This setting can be configured with the following ordinal number values:
 
 If you enable this setting, a scheduled scan will run at the frequency specified.
 
-If you disable or do not configure this setting, a scheduled scan will run at a default frequency.
+If you disable or don't configure this setting, a scheduled scan will run at a default frequency.
 
 <!--/Description-->
 
@@ -3603,7 +3603,7 @@ This policy setting allows you to specify the time of day at which to perform a
 
 If you enable this setting, a scheduled scan will run at the time of day specified.
 
-If you disable or do not configure this setting, a scheduled scan will run at a default time.
+If you disable or don't configure this setting, a scheduled scan will run at a default time.
 
 <!--/Description-->
 
@@ -3645,11 +3645,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to configure whether or not the antimalware service remains running when antivirus and antispyware security intelligence is disabled. It is recommended that this setting remain disabled.
+This policy setting allows you to configure whether or not the antimalware service remains running when antivirus and antispyware security intelligence is disabled. It's recommended that this setting remains disabled.
 
-If you enable this setting, the antimalware service will always remain running even if both antivirus and antispyware security intelligence is disabled.
+If you enable this setting, the antimalware service will always remain running even if both antivirus and antispyware security intelligence are disabled.
 
-If you disable or do not configure this setting, the antimalware service will be stopped when both antivirus and antispyware security intelligence is disabled. If the computer is restarted, the service will be started if it is set to Automatic startup. After the service has started, there will be a check to see if antivirus and antispyware security intelligence is enabled. If at least one is enabled, the service will remain running. If both are disabled, the service will be stopped.
+If you disable or don't configure this setting, the antimalware service will be stopped when both antivirus and antispyware security intelligence is disabled. If the computer is restarted, the service will be started if it's set to Automatic startup. After the service has started, there will be a check to see if antivirus and antispyware security intelligence is enabled. If at least one is enabled, the service will remain running. If both are disabled, the service will be stopped.
 
 <!--/Description-->
 
@@ -3691,13 +3691,13 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to define the number of days that must pass before spyware security intelligence is considered out of date. If security intelligence is determined to be out of date, this state may trigger several additional actions, including falling back to an alternative update source or displaying a warning icon in the user interface. By default, this value is set to 14 days.
+This policy setting allows you to define the number of days that must pass before spyware security intelligence is considered out of date. If security intelligence is determined to be out of date, this state may trigger several other actions, including falling back to an alternative update source or displaying a warning icon in the user interface. By default, this value is set to 14 days.
 
-We do not recommend setting the value to less than 2 days to prevent machines from going out of date.
+We don't recommend setting the value to less than 2 days to prevent machines from going out of date.
 
 If you enable this setting, spyware security intelligence will be considered out of date after the number of days specified have passed without an update.
 
-If you disable or do not configure this setting, spyware security intelligence will be considered out of date after the default number of days have passed without an update.
+If you disable or don't configure this setting, spyware security intelligence will be considered out of date after the default number of days have passed without an update.
 
 <!--/Description-->
 
@@ -3739,11 +3739,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to define the number of days that must pass before virus security intelligence is considered out of date. If security intelligence is determined to be out of date, this state may trigger several additional actions, including falling back to an alternative update source or displaying a warning icon in the user interface. By default, this value is set to 14 days.
+This policy setting allows you to define the number of days that must pass before virus security intelligence is considered out of date. If security intelligence is determined to be out of date, this state may trigger several other actions, including falling back to an alternative update source or displaying a warning icon in the user interface. By default, this value is set to 14 days.
 
 If you enable this setting, virus security intelligence will be considered out of date after the number of days specified have passed without an update.
 
-If you disable or do not configure this setting, virus security intelligence will be considered out of date after the default number of days have passed without an update.
+If you disable or don't configure this setting, virus security intelligence will be considered out of date after the default number of days have passed without an update.
 
 <!--/Description-->
 
@@ -3787,9 +3787,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to configure UNC file share sources for downloading security intelligence updates. Sources will be contacted in the order specified. The value of this setting should be entered as a pipe-separated string enumerating the security intelligence update sources. For example: "{\\\unc1 | \\\unc2 }". The list is empty by default.
 
-If you enable this setting, the specified sources will be contacted for security intelligence updates. Once security intelligence updates have been successfully downloaded from one specified source, the remaining sources in the list will not be contacted.
+If you enable this setting, the specified sources will be contacted for security intelligence updates. Once security intelligence updates have been successfully downloaded from one specified source, the remaining sources in the list won't be contacted.
 
-If you disable or do not configure this setting, the list will remain empty by default and no sources will be contacted.
+If you disable or don't configure this setting, the list will remain empty by default and no sources will be contacted.
 
 <!--/Description-->
 
@@ -3831,11 +3831,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to configure the automatic scan which starts after a security intelligence update has occurred.
+This policy setting allows you to configure the automatic scan that starts after a security intelligence update has occurred.
 
-If you enable or do not configure this setting, a scan will start following a security intelligence update.
+If you enable or don't configure this setting, a scan will start following a security intelligence update.
 
-If you disable this setting, a scan will not start following a security intelligence update.
+If you disable this setting, a scan won't start following a security intelligence update.
 
 <!--/Description-->
 
@@ -3879,7 +3879,7 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to configure security intelligence updates when the computer is running on battery power.
 
-If you enable or do not configure this setting, security intelligence updates will occur as usual regardless of power state.
+If you enable or don't configure this setting, security intelligence updates will occur as usual regardless of power state.
 
 If you disable this setting, security intelligence updates will be turned off while the computer is running on battery power.
 
@@ -3923,11 +3923,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to configure security intelligence updates on startup when there is no antimalware engine present.
+This policy setting allows you to configure security intelligence updates on startup when there's no antimalware engine present.
 
-If you enable or do not configure this setting, security intelligence updates will be initiated on startup when there is no antimalware engine present.
+If you enable or don't configure this setting, security intelligence updates will be initiated on startup when there's no antimalware engine present.
 
-If you disable this setting, security intelligence updates will not be initiated on startup when there is no antimalware engine present.
+If you disable this setting, security intelligence updates won't be initiated on startup when there's no antimalware engine present.
 
 <!--/Description-->
 
@@ -3973,9 +3973,9 @@ This policy setting allows you to define the order in which different security i
 
 For example: { InternalDefinitionUpdateServer | MicrosoftUpdateServer | MMPC }
 
-If you enable this setting, security intelligence update sources will be contacted in the order specified. Once security intelligence updates have been successfully downloaded from one specified source, the remaining sources in the list will not be contacted.
+If you enable this setting, security intelligence update sources will be contacted in the order specified. Once security intelligence updates have been successfully downloaded from one specified source, the remaining sources in the list won't be contacted.
 
-If you disable or do not configure this setting, security intelligence update sources will be contacted in a default order.
+If you disable or don't configure this setting, security intelligence update sources will be contacted in a default order.
 
 <!--/Description-->
 
@@ -4021,7 +4021,7 @@ This policy setting allows you to enable download of security intelligence updat
 
 If you enable this setting, security intelligence updates will be downloaded from Microsoft Update.
 
-If you disable or do not configure this setting, security intelligence updates will be downloaded from the configured download source.
+If you disable or don't configure this setting, security intelligence updates will be downloaded from the configured download source.
 
 <!--/Description-->
 
@@ -4065,9 +4065,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to enable real-time security intelligence updates in response to reports sent to Microsoft MAPS. If the service reports a file as an unknown and Microsoft MAPS finds that the latest security intelligence update has security intelligence for a threat involving that file, the service will receive all of the latest security intelligence for that threat immediately. You must have configured your computer to join Microsoft MAPS for this functionality to work.
 
-If you enable or do not configure this setting, real-time security intelligence updates will be enabled.
+If you enable or don't configure this setting, real-time security intelligence updates will be enabled.
 
-If you disable this setting, real-time security intelligence updates will disabled.
+If you disable this setting, real-time security intelligence updates will be disabled.
 
 <!--/Description-->
 
@@ -4125,7 +4125,7 @@ This setting can be configured with the following ordinal number values:
 
 If you enable this setting, the check for security intelligence updates will occur at the frequency specified.
 
-If you disable or do not configure this setting, the check for security intelligence updates will occur at a default frequency.
+If you disable or don't configure this setting, the check for security intelligence updates will occur at a default frequency.
 
 <!--/Description-->
 
@@ -4171,7 +4171,7 @@ This policy setting allows you to specify the time of day at which to check for
 
 If you enable this setting, the check for security intelligence updates will occur at the time of day specified.
 
-If you disable or do not configure this setting,  the check for security intelligence updates will occur at the default time.
+If you disable or don't configure this setting,  the check for security intelligence updates will occur at the default time.
 
 <!--/Description-->
 
@@ -4215,7 +4215,7 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to define the security intelligence location for VDI-configured computers. 
 
-If you disable or do not configure this setting, security intelligence will be referred from the default local source.
+If you disable or don't configure this setting, security intelligence will be referred from the default local source.
 
 <!--/Description-->
 
@@ -4259,9 +4259,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to configure the antimalware service to receive notifications to disable individual security intelligence in response to reports it sends to Microsoft MAPS. Microsoft MAPS uses these notifications to disable security intelligence that are causing false positive reports. You must have configured your computer to join Microsoft MAPS for this functionality to work.
 
-If you enable this setting or do not configure, the antimalware service will receive notifications to disable security intelligence.
+If you enable this setting or don't configure, the antimalware service will receive notifications to disable security intelligence.
 
-If you disable this setting, the antimalware service will not receive notifications to disable security intelligence.
+If you disable this setting, the antimalware service won't receive notifications to disable security intelligence.
 
 <!--/Description-->
 
@@ -4307,7 +4307,7 @@ This policy setting allows you to define the number of days after which a catch-
 
 If you enable this setting, a catch-up security intelligence update will occur after the specified number of days.
 
-If you disable or do not configure this setting, a catch-up security intelligence update will be required after the default number of days.
+If you disable or don't configure this setting, a catch-up security intelligence update will be required after the default number of days.
 
 <!--/Description-->
 
@@ -4353,7 +4353,7 @@ This policy setting allows you to manage whether a check for new virus and spywa
 
 If you enable this setting, a check for new security intelligence will occur after service startup.
 
-If you disable this setting or do not configure this setting, a check for new security intelligence will not occur after service startup.
+If you disable this setting or don't configure this setting, a check for new security intelligence won't occur after service startup.
 
 <!--/Description-->
 
@@ -4397,7 +4397,7 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to join Microsoft MAPS. Microsoft MAPS is the online community that helps you choose how to respond to potential threats. The community also helps stop the spread of new malicious software infections.
 
-You can choose to send basic or additional information about detected software. Additional information helps Microsoft create new security intelligence and help it to protect your computer. This information can include things like location of detected items on your computer if harmful software was removed. The information will be automatically collected and sent. In some instances, personal information might unintentionally be sent to Microsoft. However, Microsoft will not use this information to identify you or contact you.
+You can choose to send basic or additional information about detected software. Additional information helps Microsoft create new security intelligence and help it to protect your computer. This information can include things like location of detected items on your computer if harmful software was removed. The information will be automatically collected and sent. In some instances, personal information might unintentionally be sent to Microsoft. However, Microsoft won't use this information to identify you or contact you.
 
 Possible options are:
 
@@ -4409,9 +4409,9 @@ Basic membership will send basic information to Microsoft about software that ha
 
 Advanced membership, in addition to basic information, will send more information to Microsoft about malicious software, spyware, and potentially unwanted software, including the location of the software, file names, how the software operates, and how it has impacted your computer.
 
-If you enable this setting, you will join Microsoft MAPS with the membership specified.
+If you enable this setting, you'll join Microsoft MAPS with the membership specified.
 
-If you disable or do not configure this setting, you will not join Microsoft MAPS.
+If you disable or don't configure this setting, you won't join Microsoft MAPS.
   
 In Windows 10, Basic membership is no longer available, so setting the value to 1 or 2 enrolls the device into Advanced membership.
 
@@ -4459,7 +4459,7 @@ ADMX Info:
 
 If you enable this setting, the local preference setting will take priority over Policy.
 
-If you disable or do not configure this setting, Policy will take priority over the local preference setting.
+If you disable or don't configure this setting, Policy will take priority over the local preference setting.
 
 <!--/Description-->
 
@@ -4502,7 +4502,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting customize which remediation action will be taken for each listed Threat ID when it is detected during a scan. Threats should be added under the Options for this setting. Each entry must be listed as a name value pair. The name defines a valid Threat ID, while the value contains the action ID for the remediation action that should be taken.
+This policy setting customizes which remediation action will be taken for each listed Threat ID when it's detected during a scan. Threats should be added under the Options for this setting. Each entry must be listed as a name value pair. The name defines a valid Threat ID, while the value contains the action ID for the remediation action that should be taken.
 
 Valid remediation action values are:
 
@@ -4550,11 +4550,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to configure whether or not to display additional text to clients when they need to perform an action. The text displayed is a custom administrator-defined string. For example, the phone number to call the company help desk. The client interface will only display a maximum of 1024 characters. Longer strings will be truncated before display.
+This policy setting allows you to configure whether or not to display more text to clients when they need to perform an action. The text displayed is a custom administrator-defined string. For example, the phone number to call the company help desk. The client interface will only display a maximum of 1024 characters. Longer strings will be truncated before display.
 
-If you enable this setting, the additional text specified will be displayed.
+If you enable this setting, the extra text specified will be displayed.
 
-If you disable or do not configure this setting, there will be no additional text displayed.
+If you disable or don't configure this setting, there will be no extra text displayed.
 
 <!--/Description-->
 
@@ -4598,9 +4598,9 @@ ADMX Info:
 <!--Description-->
 Use this policy setting to specify if you want Microsoft Defender Antivirus notifications to display on clients.
 
-If you disable or do not configure this setting, Microsoft Defender Antivirus notifications will display on clients.
+If you disable or don't configure this setting, Microsoft Defender Antivirus notifications will display on clients.
 
-If you enable this setting, Microsoft Defender Antivirus notifications will not display on clients.
+If you enable this setting, Microsoft Defender Antivirus notifications won't display on clients.
 
 <!--/Description-->
 
@@ -4644,7 +4644,7 @@ ADMX Info:
 <!--Description-->
 This policy setting allows user to suppress reboot notifications in UI only mode (for cases where UI can't be in lockdown mode).
 
-If you enable this setting AM UI won't show reboot notifications.
+If you enable this setting, AM UI won't show reboot notifications.
 
 <!--/Description-->
 
@@ -4688,7 +4688,7 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to configure whether or not to display AM UI to the users.
 
-If you enable this setting AM UI won't be available to users.
+If you enable this setting, AM UI won't be available to users.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-mmc.md b/windows/client-management/mdm/policy-csp-admx-mmc.md
index d7bfdd79d3..33f6ed7399 100644
--- a/windows/client-management/mdm/policy-csp-admx-mmc.md
+++ b/windows/client-management/mdm/policy-csp-admx-mmc.md
@@ -76,17 +76,17 @@ This policy setting permits or prohibits use of this snap-in.
 
 If you enable this setting, the snap-in is permitted. If you disable the setting, the snap-in is prohibited.
 
-If this setting is not configured, the setting of the "Restrict users to the explicitly permitted list of snap-ins" setting determines whether this snap-in is permitted or prohibited.
+If this setting isn't configured, the setting of the "Restrict users to the explicitly permitted list of snap-ins" setting determines whether this snap-in is permitted or prohibited.
 
-- If "Restrict users to the explicitly permitted list of snap-ins" is enabled, users cannot use any snap-in except those explicitly permitted.
+- If "Restrict users to the explicitly permitted list of snap-ins" is enabled, users can't use any snap-in except those snap-ins explicitly permitted.
 
-To explicitly permit use of this snap-in, enable this setting. If this setting is not configured (or disabled), this snap-in is prohibited.
+To explicitly permit use of this snap-in, enable this setting. If this setting isn't configured (or disabled), this snap-in is prohibited.
 
-- If "Restrict users to the explicitly permitted list of snap-ins" is disabled or not configured, users can use any snap-in except those explicitly prohibited.
+- If "Restrict users to the explicitly permitted list of snap-ins" is disabled or not configured, users can use any snap-in except those snap-ins explicitly prohibited.
 
-To explicitly prohibit use of this snap-in, disable this setting. If this setting is not configured (or enabled), the snap-in is permitted.
+To explicitly prohibit use of this snap-in, disable this setting. If this setting isn't configured (or enabled), the snap-in is permitted.
 
-When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in window in MMC. Also, when a user opens a console file that includes a prohibited snap-in, the console file opens, but the prohibited snap-in does not appear.
+When a snap-in is prohibited, it doesn't appear in the Add/Remove Snap-in window in MMC. Also, when a user opens a console file that includes a prohibited snap-in, the console file opens, but the prohibited snap-in doesn't appear.
 
 <!--/Description-->
 
@@ -132,17 +132,17 @@ This policy setting permits or prohibits use of this snap-in.
 
 If you enable this setting, the snap-in is permitted. If you disable the setting, the snap-in is prohibited.
 
-If this setting is not configured, the setting of the "Restrict users to the explicitly permitted list of snap-ins" setting determines whether this snap-in is permitted or prohibited.
+If this setting isn't configured, the setting of the "Restrict users to the explicitly permitted list of snap-ins" setting determines whether this snap-in is permitted or prohibited.
 
-- If "Restrict users to the explicitly permitted list of snap-ins" is enabled, users cannot use any snap-in except those explicitly permitted.
+- If "Restrict users to the explicitly permitted list of snap-ins" is enabled, users can't use any snap-in except those snap-ins explicitly permitted.
 
-To explicitly permit use of this snap-in, enable this setting. If this setting is not configured (or disabled), this snap-in is prohibited.
+To explicitly permit use of this snap-in, enable this setting. If this setting isn't configured (or disabled), this snap-in is prohibited.
 
-- If "Restrict users to the explicitly permitted list of snap-ins" is disabled or not configured, users can use any snap-in except those explicitly prohibited.
+- If "Restrict users to the explicitly permitted list of snap-ins" is disabled or not configured, users can use any snap-in except those snap-ins explicitly prohibited.
 
-To explicitly prohibit use of this snap-in, disable this setting. If this setting is not configured (or enabled), the snap-in is permitted.
+To explicitly prohibit use of this snap-in, disable this setting. If this setting isn't configured (or enabled), the snap-in is permitted.
 
-When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in window in MMC. Also, when a user opens a console file that includes a prohibited snap-in, the console file opens, but the prohibited snap-in does not appear.
+When a snap-in is prohibited, it doesn't appear in the Add/Remove Snap-in window in MMC. Also, when a user opens a console file that includes a prohibited snap-in, the console file opens, but the prohibited snap-in doesn't appear.
 
 <!--/Description-->
 
@@ -188,17 +188,17 @@ This policy setting permits or prohibits use of this snap-in.
 
 If you enable this setting, the snap-in is permitted. If you disable the setting, the snap-in is prohibited.
 
-If this setting is not configured, the setting of the "Restrict users to the explicitly permitted list of snap-ins" setting determines whether this snap-in is permitted or prohibited.
+If this setting isn't configured, the setting of the "Restrict users to the explicitly permitted list of snap-ins" setting determines whether this snap-in is permitted or prohibited.
 
-- If "Restrict users to the explicitly permitted list of snap-ins" is enabled, users cannot use any snap-in except those explicitly permitted.
+- If "Restrict users to the explicitly permitted list of snap-ins" is enabled, users can't use any snap-in except those snap-ins explicitly permitted.
 
-To explicitly permit use of this snap-in, enable this setting. If this setting is not configured (or disabled), this snap-in is prohibited.
+To explicitly permit use of this snap-in, enable this setting. If this setting isn't configured (or disabled), this snap-in is prohibited.
 
-- If "Restrict users to the explicitly permitted list of snap-ins" is disabled or not configured, users can use any snap-in except those explicitly prohibited.
+- If "Restrict users to the explicitly permitted list of snap-ins" is disabled or not configured, users can use any snap-in except those snap-ins explicitly prohibited.
 
-To explicitly prohibit use of this snap-in, disable this setting. If this setting is not configured (or enabled), the snap-in is permitted.
+To explicitly prohibit use of this snap-in, disable this setting. If this setting isn't configured (or enabled), the snap-in is permitted.
 
-When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in window in MMC. Also, when a user opens a console file that includes a prohibited snap-in, the console file opens, but the prohibited snap-in does not appear.
+When a snap-in is prohibited, it doesn't appear in the Add/Remove Snap-in window in MMC. Also, when a user opens a console file that includes a prohibited snap-in, the console file opens, but the prohibited snap-in doesn't appear.
 
 <!--/Description-->
 
@@ -244,11 +244,11 @@ This policy setting prevents users from entering author mode.
 
 This setting prevents users from opening the Microsoft Management Console (MMC) in author mode, explicitly opening console files in author mode, and opening any console files that open in author mode by default.
 
-As a result, users cannot create console files or add or remove snap-ins. Also, because they cannot open author-mode console files, they cannot use the tools that the files contain.
+As a result, users can't create console files or add or remove snap-ins. Also, because they can't open author-mode console files, they can't use the tools that the files contain.
 
-This setting permits users to open MMC user-mode console files, such as those on the Administrative Tools menu in Windows 2000 Server family or Windows Server 2003 family. However, users cannot open a blank MMC console window on the Start menu. (To open the MMC, click Start, click Run, and type mmc.) Users also cannot open a blank MMC console window from a command prompt.
+This setting permits users to open MMC user-mode console files, such as those on the Administrative Tools menu in Windows 2000 Server family or Windows Server 2003 family. However, users can't open a blank MMC console window on the Start menu. (To open the MMC, click Start, click Run, and type mmc.) Users also can't open a blank MMC console window from a command prompt.
 
-If you disable this setting or do not configure it, users can enter author mode and open author-mode console files.
+If you disable this setting or don't configure it, users can enter author mode and open author-mode console files.
 
 <!--/Description-->
 
@@ -292,18 +292,18 @@ ADMX Info:
 <!--Description-->
 This policy setting lets you selectively permit or prohibit the use of Microsoft Management Console (MMC) snap-ins.
 
-- If you enable this setting, all snap-ins are prohibited, except those that you explicitly permit. Use this setting if you plan to prohibit use of most snap-ins.
+- If you enable this setting, all snap-ins are prohibited, except those snap-ins that you explicitly permit. Use this setting if you plan to prohibit use of most snap-ins.
 
 To explicitly permit a snap-in, open the Restricted/Permitted snap-ins setting folder and enable the settings representing the snap-in you want to permit. If a snap-in setting in the folder is disabled or not configured, the snap-in is prohibited.
 
-- If you disable this setting or do not configure it, all snap-ins are permitted, except those that you explicitly prohibit. Use this setting if you plan to permit use of most snap-ins.
+- If you disable this setting or don't configure it, all snap-ins are permitted, except those snap-ins that you explicitly prohibit. Use this setting if you plan to permit use of most snap-ins.
 
 To explicitly prohibit a snap-in, open the Restricted/Permitted snap-ins setting folder and then disable the settings representing the snap-ins you want to prohibit. If a snap-in setting in the folder is enabled or not configured, the snap-in is permitted.
 
-When a snap-in is prohibited, it does not appear in the Add/Remove Snap-in window in MMC. Also, when a user opens a console file that includes a prohibited snap-in, the console file opens, but the prohibited snap-in does not appear.
+When a snap-in is prohibited, it doesn't appear in the Add/Remove Snap-in window in MMC. Also, when a user opens a console file that includes a prohibited snap-in, the console file opens, but the prohibited snap-in doesn't appear.
 
 > [!NOTE]
-> If you enable this setting, and you do not enable any settings in the Restricted/Permitted snap-ins folder, users cannot use any MMC snap-ins.
+> If you enable this setting, and you don't enable any settings in the Restricted/Permitted snap-ins folder, users can't use any MMC snap-ins.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-msapolicy.md b/windows/client-management/mdm/policy-csp-admx-msapolicy.md
index 2e8a050a34..21ecaf3e29 100644
--- a/windows/client-management/mdm/policy-csp-admx-msapolicy.md
+++ b/windows/client-management/mdm/policy-csp-admx-msapolicy.md
@@ -62,11 +62,11 @@ manager: dansimp
 <!--Description-->
 This policy setting controls whether users can provide Microsoft accounts for authentication for applications or services. If this setting is enabled, all applications and services on the device are prevented from using Microsoft accounts for authentication.
 
-This applies both to existing users of a device and new users who may be added. However, any application or service that has already authenticated a user will not be affected by enabling this setting until the authentication cache expires.
+This functionality applies both to existing users of a device and new users who may be added. However, any application or service that has already authenticated a user won't be affected by enabling this setting until the authentication cache expires.
 
-It is recommended to enable this setting before any user signs in to a device to prevent cached tokens from being present. If this setting is disabled or not configured, applications and services can use Microsoft accounts for authentication.
+It's recommended to enable this setting before any user signs in to a device to prevent cached tokens from being present. If this setting is disabled or not configured, applications and services can use Microsoft accounts for authentication.
 
-By default, this setting is Disabled. This setting does not affect whether users can sign in to devices by using Microsoft accounts, or the ability for users to provide Microsoft accounts via the browser for authentication with web-based applications.
+By default, this setting is Disabled. This setting doesn't affect whether users can sign in to devices by using Microsoft accounts, or the ability for users to provide Microsoft accounts via the browser for authentication with web-based applications.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-msched.md b/windows/client-management/mdm/policy-csp-admx-msched.md
index e302ab1e87..4bcef7a8d0 100644
--- a/windows/client-management/mdm/policy-csp-admx-msched.md
+++ b/windows/client-management/mdm/policy-csp-admx-msched.md
@@ -65,9 +65,9 @@ manager: dansimp
 <!--Description-->
 This policy setting allows you to configure Automatic Maintenance activation boundary. The maintenance activation boundary is the daily scheduled time at which Automatic Maintenance starts.
 
-If you enable this policy setting, this will override the default daily scheduled time as specified in Security and Maintenance/Automatic Maintenance Control Panel.
+If you enable this policy setting, this scheduled time will override the default daily scheduled time as specified in Security and Maintenance/Automatic Maintenance Control Panel.
 
-If you disable or do not configure this policy setting, the daily scheduled time as specified in Security and Maintenance/Automatic Maintenance Control Panel will apply.
+If you disable or don't configure this policy setting, the daily scheduled time as specified in Security and Maintenance/Automatic Maintenance Control Panel will apply.
 
 <!--/Description-->
 
@@ -115,7 +115,7 @@ The maintenance random delay is the amount of time up to which Automatic Mainten
 
 If you enable this policy setting, Automatic Maintenance will delay starting from its Activation Boundary, by up to this time.
 
-If you do not configure this policy setting, 4 hour random delay will be applied to Automatic Maintenance.
+If you don't configure this policy setting, 4 hour random delay will be applied to Automatic Maintenance.
 
 If you disable this policy setting, no random delay will be applied to Automatic Maintenance.
 
diff --git a/windows/client-management/mdm/policy-csp-admx-msdt.md b/windows/client-management/mdm/policy-csp-admx-msdt.md
index c5b5ff4f3f..74fa908dc8 100644
--- a/windows/client-management/mdm/policy-csp-admx-msdt.md
+++ b/windows/client-management/mdm/policy-csp-admx-msdt.md
@@ -72,9 +72,9 @@ If you enable this policy setting, users can use MSDT to collect and send diagno
 
 By default, the support provider is set to Microsoft Corporation.
 
-If you disable this policy setting, MSDT cannot run in support mode, and no data can be collected or sent to the support provider.
+If you disable this policy setting, MSDT can't run in support mode, and no data can be collected or sent to the support provider.
 
-If you do not configure this policy setting, MSDT support mode is enabled by default.
+If you don't configure this policy setting, MSDT support mode is enabled by default.
 
 No reboots or service restarts are required for this policy setting to take effect. Changes take effect immediately.
 
@@ -122,23 +122,23 @@ This policy setting restricts the tool download policy for Microsoft Support Dia
 
 Microsoft Support Diagnostic Tool (MSDT) gathers diagnostic data for analysis by support professionals.
 
-For some problems, MSDT may prompt the user to download additional tools for troubleshooting.  These tools are required to completely troubleshoot the problem.
+For some problems, MSDT may prompt the user to download more tools for troubleshooting.  These tools are required to completely troubleshoot the problem.
 
 If tool download is restricted, it may not be possible to find the root cause of the problem.
 
-If you enable this policy setting for remote troubleshooting, MSDT prompts the user to download additional tools to diagnose problems on remote computers only.
+If you enable this policy setting for remote troubleshooting, MSDT prompts the user to download more tools to diagnose problems on remote computers only.
 
-If you enable this policy setting for local and remote troubleshooting, MSDT always prompts for additional tool downloading.
+If you enable this policy setting for local and remote troubleshooting, MSDT always prompts for more tool downloading.
 
 If you disable this policy setting, MSDT never downloads tools, and is unable to diagnose problems on remote computers.
 
-If you do not configure this policy setting, MSDT prompts the user before downloading any additional tools.  No reboots or service restarts are required for this policy setting to take effect. Changes take effect immediately.
+If you don't configure this policy setting, MSDT prompts the user before downloading any extra tools.  No reboots or service restarts are required for this policy setting to take effect. Changes take effect immediately.
 
 This policy setting will take effect only when MSDT is enabled.
 
 This policy setting will only take effect when the Diagnostic Policy Service (DPS) is in the running state.
 
-When the service is stopped or disabled, diagnostic scenarios are not executed.
+When the service is stopped or disabled, diagnostic scenarios aren't executed.
 
 The DPS can be configured with the Services snap-in to the Microsoft Management Console.
 
@@ -186,13 +186,13 @@ This policy setting determines the execution level for Microsoft Support Diagnos
 
 Microsoft Support Diagnostic Tool (MSDT) gathers diagnostic data for analysis by support professionals.  If you enable this policy setting, administrators can use MSDT to collect and send diagnostic data to a support professional to resolve a problem.
 
-If you disable this policy setting, MSDT cannot gather diagnostic data.  If you do not configure this policy setting, MSDT is turned on by default.
+If you disable this policy setting, MSDT can't gather diagnostic data.  If you don't configure this policy setting, MSDT is turned on by default.
 
-This policy setting takes effect only if the diagnostics-wide scenario execution policy is not configured.
+This policy setting takes effect only if the diagnostics-wide scenario execution policy isn't configured.
 
 No reboots or service restarts are required for this policy setting to take effect. Changes take effect immediately.
 
-This policy setting will only take effect when the Diagnostic Policy Service (DPS) is in the running state. When the service is stopped or disabled, diagnostic scenarios will not be executed. The DPS can be configured with the Services snap-in to the Microsoft Management Console.
+This policy setting will only take effect when the Diagnostic Policy Service (DPS) is in the running state. When the service is stopped or disabled, diagnostic scenarios won't be executed. The DPS can be configured with the Services snap-in to the Microsoft Management Console.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-msi.md b/windows/client-management/mdm/policy-csp-admx-msi.md
index 1292f4bf46..acdf31ff93 100644
--- a/windows/client-management/mdm/policy-csp-admx-msi.md
+++ b/windows/client-management/mdm/policy-csp-admx-msi.md
@@ -132,11 +132,11 @@ This policy setting allows users to search for installation files during privile
 
 If you enable this policy setting, the Browse button in the "Use feature from" dialog box is enabled. As a result, users can search for installation files even when the installation program is running with elevated system privileges.
 
-Because the installation is running with elevated system privileges, users can browse through directories that their own permissions would not allow.
+Because the installation is running with elevated system privileges, users can browse through directories that their own permissions wouldn't allow.
 
-This policy setting does not affect installations that run in the user's security context. Also, see the "Remove browse dialog box for new source" policy setting.
+This policy setting doesn't affect installations that run in the user's security context. Also, see the "Remove browse dialog box for new source" policy setting.
 
-If you disable or do not configure this policy setting, by default, only system administrators can browse during installations with elevated privileges, such as installations offered on the desktop or displayed in Add or Remove Programs.
+If you disable or don't configure this policy setting, by default, only system administrators can browse during installations with elevated privileges, such as installations offered on the desktop or displayed in Add or Remove Programs.
 
 <!--/Description-->
 
@@ -183,9 +183,9 @@ This policy setting allows users to install programs from removable media during
 
 If you enable this policy setting, all users are permitted to install programs from removable media, such as floppy disks and CD-ROMs, even when the installation program is running with elevated system privileges.
 
-This policy setting does not affect installations that run in the user's security context. By default, users can install from removable media when the installation runs in their own security context.
+This policy setting doesn't affect installations that run in the user's security context. By default, users can install from removable media when the installation runs in their own security context.
 
-If you disable or do not configure this policy setting, by default, users can install programs from removable media only when the installation runs in the user's security context. During privileged installations, such as those offered on the desktop or displayed in Add or Remove Programs, only system administrators can install from removable media.
+If you disable or don't configure this policy setting, by default, users can install programs from removable media only when the installation runs in the user's security context. During privileged installations, such as those offered on the desktop or displayed in Add or Remove Programs, only system administrators can install from removable media.
 
 Also, see the "Prevent removable media source for any install" policy setting.
 
@@ -234,9 +234,9 @@ This policy setting allows users to patch elevated products.
 
 If you enable this policy setting, all users are permitted to install patches, even when the installation program is running with elevated system privileges. Patches are updates or upgrades that replace only those program files that have changed. Because patches can easily be vehicles for malicious programs, some installations prohibit their use.
 
-If you disable or do not configure this policy setting, by default, only system administrators can apply patches during installations with elevated privileges, such as installations offered on the desktop or displayed in Add or Remove Programs.
+If you disable or don't configure this policy setting, by default, only system administrators can apply patches during installations with elevated privileges, such as installations offered on the desktop or displayed in Add or Remove Programs.
 
-This policy setting does not affect installations that run in the user's security context. By default, users can install patches to programs that run in their own security context. Also, see the "Prohibit patching" policy setting.
+This policy setting doesn't affect installations that run in the user's security context. By default, users can install patches to programs that run in their own security context. Also, see the "Prohibit patching" policy setting.
 <!--/Description-->
 
 
@@ -288,7 +288,7 @@ If you enable this policy setting, you can use the options in the Prohibit Use o
 
 - The "Restart Manager Off for Legacy App Setup" option applies to packages that were created for Windows Installer versions lesser than 4.0. This option lets those packages display the legacy files in use UI while still using Restart Manager for detection.
 
-If you disable or do not configure this policy setting, Windows Installer will use Restart Manager to detect files in use and mitigate a system restart, when possible.
+If you disable or don't configure this policy setting, Windows Installer will use Restart Manager to detect files in use and mitigate a system restart, when possible.
 
 <!--/Description-->
 
@@ -337,9 +337,9 @@ If you enable this policy setting, the Browse button beside the "Use feature fro
 
 This policy setting applies even when the installation is running in the user's security context.
 
-If you disable or do not configure this policy setting, the Browse button is enabled when an installation is running in the user's security context. But only system administrators can browse when an installation is running with elevated system privileges, such as installations offered on the desktop or in Add or Remove Programs.
+If you disable or don't configure this policy setting, the Browse button is enabled when an installation is running in the user's security context. But only system administrators can browse when an installation is running with elevated system privileges, such as installations offered on the desktop or in Add or Remove Programs.
 
-This policy setting affects Windows Installer only. It does not prevent users from selecting other browsers, such as File Explorer or Network Locations, to search for installation files.
+This policy setting affects Windows Installer only. It doesn't prevent users from selecting other browsers, such as File Explorer or Network Locations, to search for installation files.
 
 Also, see the "Enable user to browse for source while elevated" policy setting.
 
@@ -388,7 +388,7 @@ This policy setting controls the ability to turn off all patch optimizations.
 
 If you enable this policy setting, all Patch Optimization options are turned off during the installation.
 
-If you disable or do not configure this policy setting, it enables faster application of patches by removing execution of unnecessary actions. The flyweight patching mode is primarily designed for patches that just update a few files or registry values. The Installer will analyze the patch for specific changes to determine if optimization is possible. If so, the patch will be applied using a minimal set of processing.
+If you disable or don't configure this policy setting, it enables faster application of patches by removing execution of unnecessary actions. The flyweight patching mode is primarily designed for patches that just update a few files or registry values. The Installer will analyze the patch for specific changes to determine if optimization is possible. If so, the patch will be applied using a minimal set of processing.
 
 <!--/Description-->
 
@@ -439,7 +439,7 @@ If you enable this policy setting, you can use the options in the Disable loggin
 
 - The "Logging via package settings off" option turns off the automatic logging behavior when specified via the MsiLogging policy. Log files can still be generated using the logging command line switch or the Logging policy.
 
-If you disable or do not configure this policy setting, Windows Installer will automatically generate log files for those packages that include the MsiLogging property.
+If you disable or don't configure this policy setting, Windows Installer will automatically generate log files for those packages that include the MsiLogging property.
 
 <!--/Description-->
 
@@ -488,11 +488,11 @@ If you enable this policy setting, you can prevent users from installing softwar
 
 - The "Never" option indicates Windows Installer is fully enabled. Users can install and upgrade software. 
 
-- The "For non-managed applications only" option permits users to install only those programs that a system administrator assigns (offers on the desktop) or publishes (adds them to Add or Remove Programs). This is the default behavior of Windows Installer on Windows Server 2003 family when the policy is not configured.
+- The "For non-managed applications only" option permits users to install only those programs that a system administrator assigns (offers on the desktop) or publishes (adds them to Add or Remove Programs). This option's induced behavior is the default behavior of Windows Installer on Windows Server 2003 family when the policy isn't configured.
 
 - The "Always" option indicates that Windows Installer is disabled.
 
-This policy setting affects Windows Installer only. It does not prevent users from using other methods to install and upgrade programs.
+This policy setting affects Windows Installer only. It doesn't prevent users from using other methods to install and upgrade programs.
 
 <!--/Description-->
 
@@ -537,11 +537,11 @@ ADMX Info:
 <!--Description-->
 This policy setting prevents users from installing any programs from removable media.
 
-If you enable this policy setting, if a user tries to install a program from removable media, such as CD-ROMs, floppy disks, and DVDs, a message appears stating that the feature cannot be found.
+If you enable this policy setting, if a user tries to install a program from removable media, such as CD-ROMs, floppy disks, and DVDs, a message appears stating that the feature can't be found.
 
 This policy setting applies even when the installation is running in the user's security context.
 
-If you disable or do not configure this policy setting, users can install from removable media when the installation is running in their own security context, but only system administrators can use removable media when an installation is running with elevated system privileges, such as installations offered on the desktop or in Add or Remove Programs.
+If you disable or don't configure this policy setting, users can install from removable media when the installation is running in their own security context, but only system administrators can use removable media when an installation is running with elevated system privileges, such as installations offered on the desktop or in Add or Remove Programs.
 
 Also, see the "Enable user to use media source while elevated" and "Hide the 'Add a program from CD-ROM or floppy disk' option" policy settings.
 
@@ -593,7 +593,7 @@ If you enable this policy setting, users are prevented from using Windows Instal
 > [!NOTE]
 > This policy setting applies only to installations that run in the user's security context.
 
-If you disable or do not configure this policy setting, by default, users who are not system administrators cannot apply patches to installations that run with elevated system privileges, such as those offered on the desktop or in Add or Remove Programs.
+If you disable or don't configure this policy setting, by default, users who aren't system administrators can't apply patches to installations that run with elevated system privileges, such as those offered on the desktop or in Add or Remove Programs.
 
 Also, see the "Enable user to patch elevated products" policy setting.
 
@@ -640,11 +640,11 @@ ADMX Info:
 <!--Description-->
 This policy setting prohibits Windows Installer from generating and saving the files it needs to reverse an interrupted or unsuccessful installation.
 
-If you enable this policy setting, Windows Installer is prevented from recording the original state of the system and sequence of changes it makes during installation. It also prevents Windows Installer from retaining files it intends to delete later. As a result, Windows Installer cannot restore the computer to its original state if the installation does not complete.
+If you enable this policy setting, Windows Installer is prevented from recording the original state of the system and sequence of changes it makes during installation. It also prevents Windows Installer from retaining files it intends to delete later. As a result, Windows Installer can't restore the computer to its original state if the installation doesn't complete.
 
-This policy setting is designed to reduce the amount of temporary disk space required to install programs. Also, it prevents malicious users from interrupting an installation to gather data about the internal state of the computer or to search secure system files. However, because an incomplete installation can render the system or a program inoperable, do not use this policy setting unless it is essential.
+This policy setting is designed to reduce the amount of temporary disk space required to install programs. Also, it prevents malicious users from interrupting an installation to gather data about the internal state of the computer or to search secure system files. However, because an incomplete installation can render the system or a program inoperable, don't use this policy setting unless it's essential.
 
-This policy setting appears in the Computer Configuration and User Configuration folders. If the policy setting is enabled in either folder, it is considered be enabled, even if it is explicitly disabled in the other folder.
+This policy setting appears in the Computer Configuration and User Configuration folders. If the policy setting is enabled in either folder, it's considered to be enabled, even if it's explicitly disabled in the other folder.
 <!--/Description-->
 
 
@@ -688,11 +688,11 @@ ADMX Info:
 <!--Description-->
 This policy setting prohibits Windows Installer from generating and saving the files it needs to reverse an interrupted or unsuccessful installation.
 
-If you enable this policy setting, Windows Installer is prevented from recording the original state of the system and sequence of changes it makes during installation. It also prevents Windows Installer from retaining files it intends to delete later. As a result, Windows Installer cannot restore the computer to its original state if the installation does not complete.
+If you enable this policy setting, Windows Installer is prevented from recording the original state of the system and sequence of changes it makes during installation. It also prevents Windows Installer from retaining files it intends to delete later. As a result, Windows Installer can't restore the computer to its original state if the installation doesn't complete.
 
-This policy setting is designed to reduce the amount of temporary disk space required to install programs. Also, it prevents malicious users from interrupting an installation to gather data about the internal state of the computer or to search secure system files. However, because an incomplete installation can render the system or a program inoperable, do not use this policy setting unless it is essential.
+This policy setting is designed to reduce the amount of temporary disk space required to install programs. Also, it prevents malicious users from interrupting an installation to gather data about the internal state of the computer or to search secure system files. However, because an incomplete installation can render the system or a program inoperable, don't use this policy setting unless it's essential.
 
-This policy setting appears in the Computer Configuration and User Configuration folders. If the policy setting is enabled in either folder, it is considered be enabled, even if it is explicitly disabled in the other folder.
+This policy setting appears in the Computer Configuration and User Configuration folders. If the policy setting is enabled in either folder, it's considered to be enabled, even if it's explicitly disabled in the other folder.
 
 <!--/Description-->
 
@@ -739,7 +739,7 @@ This policy setting controls the ability to turn off shared components.
 
 If you enable this policy setting, no packages on the system get the shared component functionality enabled by the msidbComponentAttributesShared attribute in the Component Table.
 
-If you disable or do not configure this policy setting, by default, the shared component functionality is allowed.
+If you disable or don't configure this policy setting, by default, the shared component functionality is allowed.
 
 <!--/Description-->
 
@@ -788,7 +788,7 @@ When you enable this policy setting, you can specify the types of events you wan
 
 To disable logging, delete all of the letters from the box.
 
-If you disable or do not configure this policy setting, Windows Installer logs the default event types, represented by the letters "iweap."
+If you disable or don't configure this policy setting, Windows Installer logs the default event types, represented by the letters "iweap."
 
 <!--/Description-->
 
@@ -838,7 +838,7 @@ Non-administrator updates provide a mechanism for the author of an application t
 
 If you enable this policy setting, only administrators or users with administrative privileges can apply updates to Windows Installer based applications.
 
-If you disable or do not configure this policy setting, users without administrative privileges can install non-administrator updates.
+If you disable or don't configure this policy setting, users without administrative privileges can install non-administrator updates.
 
 <!--/Description-->
 
@@ -884,11 +884,11 @@ ADMX Info:
 <!--Description-->
 This policy setting controls the ability for users or administrators to remove Windows Installer based updates.
 
-This policy setting should be used if you need to maintain a tight control over updates. One example is a lockdown environment where you want to ensure that updates once installed cannot be removed by users or administrators.
+This policy setting should be used if you need to maintain a tight control over updates. One example is a lockdown environment where you want to ensure that updates once installed can't be removed by users or administrators.
 
-If you enable this policy setting, updates cannot be removed from the computer by a user or an administrator. The Windows Installer can still remove an update that is no longer applicable to the product.
+If you enable this policy setting, updates can't be removed from the computer by a user or an administrator. The Windows Installer can still remove an update that is no longer applicable to the product.
 
-If you disable or do not configure this policy setting, a user can remove an update from the computer only if the user has been granted privileges to remove the update. This can depend on whether the user is an administrator, whether "Disable Windows Installer" and "Always install with elevated privileges" policy settings are set, and whether the update was installed in a per-user managed, per-user unmanaged, or per-machine context."
+If you disable or don't configure this policy setting, a user can remove an update from the computer only if the user has been granted privileges to remove the update. This grant of privileges can depend on whether the user is an administrator, whether "Disable Windows Installer" and "Always install with elevated privileges" policy settings are set, and whether the update was installed in a per-user managed, per-user unmanaged, or per-machine context."
 
 <!--/Description-->
 
@@ -932,11 +932,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting prevents Windows Installer from creating a System Restore checkpoint each time an application is installed. System Restore enables users, in the event of a problem, to restore their computers to a previous state without losing personal data files.
+This policy setting prevents Windows Installer from creating a System Restore checkpoint each time an application is installed. System Restore enables users - when a problem occurs - to restore their computers to a previous state without losing personal data files.
 
-If you enable this policy setting, the Windows Installer does not generate System Restore checkpoints when installing applications.
+If you enable this policy setting, the Windows Installer doesn't generate System Restore checkpoints when installing applications.
 
-If you disable or do not configure this policy setting, by default, the Windows Installer automatically creates a System Restore checkpoint each time an application is installed, so that users can restore their computer to the state it was in before installing the application.
+If you disable or don't configure this policy setting, by default, the Windows Installer automatically creates a System Restore checkpoint each time an application is installed, so that users can restore their computer to the state it was in before installing the application.
 
 <!--/Description-->
 
@@ -982,9 +982,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to configure user installs. To configure this policy setting, set it to enabled and use the drop-down list to select the behavior you want.
 
-If you do not configure this policy setting, or if the policy setting is enabled and "Allow User Installs" is selected, the installer allows and makes use of products that are installed per user, and products that are installed per computer. If the installer finds a per-user install of an application, this hides a per-computer installation of that same product.
+If you don't configure this policy setting, or if the policy setting is enabled and "Allow User Installs" is selected, the installer allows and makes use of products that are installed per user, and products that are installed per computer. If the installer finds a per-user install of an application, the per-computer installation of that same product is hidden.
 
-If you enable this policy setting and "Hide User Installs" is selected, the installer ignores per-user applications. This causes a per-computer installed application to be visible to users, even if those users have a per-user install of the product registered in their user profile.
+If you enable this policy setting and "Hide User Installs" is selected, the installer ignores per-user applications. This behavior of the installer causes a per-computer installed application to be visible to users, even if those users have a per-user install of the product registered in their user profile.
 
 <!--/Description-->
 
@@ -1030,15 +1030,15 @@ ADMX Info:
 <!--Description-->
 This policy setting causes the Windows Installer to enforce strict rules for component upgrades.
 
-If you enable this policy setting, strict upgrade rules will be enforced by the Windows Installer which may cause some upgrades to fail. Upgrades can fail if they attempt to do one of the following:
+If you enable this policy setting, strict upgrade rules will be enforced by the Windows Installer, which may cause some upgrades to fail. Upgrades can fail if they attempt to do one of the following steps:
 
 (1) Remove a component from a feature.
-This can also occur if you change the GUID of a component. The component identified by the original GUID appears to be removed and the component as identified by the new GUID appears as a new component.
+This removal can also occur if you change the GUID of a component. The component identified by the original GUID appears to be removed and the component as identified by the new GUID appears as a new component.
 
 (2) Add a new feature to the top or middle of an existing feature tree.
 The new feature must be added as a new leaf feature to an existing feature tree.
 
-If you disable or do not configure this policy setting, the Windows Installer will use less restrictive rules for component upgrades.
+If you disable or don't configure this policy setting, the Windows Installer will use less restrictive rules for component upgrades.
 
 <!--/Description-->
 
@@ -1085,13 +1085,13 @@ This policy controls the percentage of disk space available to the Windows Insta
 
 The Windows Installer uses the baseline file cache to save baseline files modified by binary delta difference updates. The cache is used to retrieve the baseline file for future updates. The cache eliminates user prompts for source media when new updates are applied.
 
-If you enable this policy setting you can modify the maximum size of the Windows Installer baseline file cache.
+If you enable this policy setting, you can modify the maximum size of the Windows Installer baseline file cache.
 
 If you set the baseline cache size to 0, the Windows Installer will stop populating the baseline cache for new updates. The existing cached files will remain on disk and will be deleted when the product is removed.
 
 If you set the baseline cache to 100, the Windows Installer will use available free space for the baseline file cache.
 
-If you disable or do not configure this policy setting, the Windows Installer will uses a default value of 10 percent for the baseline file cache maximum size.
+If you disable or don't configure this policy setting, the Windows Installer will use a default value of 10 percent for the baseline file cache maximum size.
 
 <!--/Description-->
 
@@ -1138,7 +1138,7 @@ This policy setting controls the ability to prevent embedded UI.
 
 If you enable this policy setting, no packages on the system can run embedded UI.
 
-If you disable or do not configure this policy setting, embedded UI is allowed to run.
+If you disable or don't configure this policy setting, embedded UI is allowed to run.
 
 <!--/Description-->
 
@@ -1183,7 +1183,7 @@ ADMX Info:
 <!--Description-->
 This policy setting allows Web-based programs to install software on the computer without notifying the user.
 
-If you disable or do not configure this policy setting, by default, when a script hosted by an Internet browser tries to install a program on the system, the system warns users and allows them to select or refuse the installation.
+If you disable or don't configure this policy setting, by default, when a script hosted by an Internet browser tries to install a program on the system, the system warns users and allows them to select or refuse the installation.
 
 If you enable this policy setting, the warning is suppressed and allows the installation to proceed.
 
@@ -1232,7 +1232,7 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies the order in which Windows Installer searches for installation files.
 
-If you disable or do not configure this policy setting, by default, the Windows Installer searches the network first, then removable media (floppy drive, CD-ROM, or DVD), and finally, the Internet (URL).
+If you disable or don't configure this policy setting, by default, the Windows Installer searches the network first, then removable media (floppy drive, CD-ROM, or DVD), and finally, the Internet (URL).
 
 If you enable this policy setting, you can change the search order by specifying the letters representing each file source in the order that you want Windows Installer to search:
 
@@ -1289,7 +1289,7 @@ Transform files consist of instructions to modify or customize a program during
 
 If you enable this policy setting, the transform file is saved in a secure location on the user's computer.
 
-If you do not configure this policy setting on Windows Server 2003, Windows Installer requires the transform file in order to repeat an installation in which the transform file was used, therefore, the user must be using the same computer or be connected to the original or identical media to reinstall, remove, or repair the installation.
+If you don't configure this policy setting on Windows Server 2003, Windows Installer requires the transform file in order to repeat an installation in which the transform file was used, therefore, the user must be using the same computer or be connected to the original or identical media to reinstall, remove, or repair the installation.
 
 This policy setting is designed for enterprises to prevent unauthorized or malicious editing of transform files.
 
diff --git a/windows/client-management/mdm/policy-csp-admx-msifilerecovery.md b/windows/client-management/mdm/policy-csp-admx-msifilerecovery.md
index 7eb8878caf..2d23267cbd 100644
--- a/windows/client-management/mdm/policy-csp-admx-msifilerecovery.md
+++ b/windows/client-management/mdm/policy-csp-admx-msifilerecovery.md
@@ -62,19 +62,19 @@ manager: dansimp
 <!--Description-->
 This policy setting allows you to configure the recovery behavior for corrupted MSI files to one of three states:  
 
-- Prompt for Resolution: Detection, troubleshooting, and recovery of corrupted MSI applications will be turned on. Windows will prompt the user with a dialog-box when application reinstallation is required. 
-This is the default recovery behavior on Windows client.  
+- Prompt for Resolution: Detection, troubleshooting, and recovery of corrupted MSI applications will be turned on. Windows will prompt the user with a dialog-box when application reinstallation is required.
+This behavior is the default recovery behavior on Windows client.  
 
-- Silent: Detection, troubleshooting, and notification of MSI application to reinstall will occur with no UI. Windows will log an event when corruption is determined and will suggest the application that should be re-installed. This behavior is recommended for headless operation and is the default recovery behavior on Windows server.  
+- Silent: Detection, troubleshooting, and notification of MSI application to reinstall will occur with no UI. Windows will log an event when corruption is determined and will suggest the application that should be reinstalled. This behavior is recommended for headless operation and is the default recovery behavior on Windows server.  
 
 - Troubleshooting Only: Detection and verification of file corruption will be performed without UI.  
-Recovery is not attempted.  
+Recovery isn't attempted.  
 
 - If you enable this policy setting, the recovery behavior for corrupted files is set to either the Prompt For Resolution (default on Windows client), Silent (default on Windows server), or Troubleshooting Only.  
 
 - If you disable this policy setting, the troubleshooting and recovery behavior for corrupted files will be disabled. No troubleshooting or resolution will be attempted.  
 
-If you do not configure this policy setting, the recovery behavior for corrupted files will be set to the default recovery behavior. No system or service restarts are required for changes to this policy setting to take immediate effect after a Group Policy refresh.  
+If you don't configure this policy setting, the recovery behavior for corrupted files will be set to the default recovery behavior. No system or service restarts are required for changes to this policy setting to take immediate effect after a Group Policy refresh.  
 
 > [!NOTE]
 > This policy setting will take effect only when the Diagnostic Policy Service (DPS) is in the running state. When the service is stopped or disabled, system file recovery will not be attempted. The DPS can be configured with the Services snap-in to the Microsoft Management Console.
diff --git a/windows/client-management/mdm/policy-csp-admx-nca.md b/windows/client-management/mdm/policy-csp-admx-nca.md
index 78826d464b..4a0b0ee3ae 100644
--- a/windows/client-management/mdm/policy-csp-admx-nca.md
+++ b/windows/client-management/mdm/policy-csp-admx-nca.md
@@ -92,8 +92,8 @@ Each string can be one of the following types:
 
 > [!IMPORTANT]
 > At least one of the entries must be a PING: resource.
-> -	A Uniform Resource Locator (URL) that NCA queries with a Hypertext Transfer Protocol (HTTP) request. The contents of the web page do not matter. The syntax is “HTTP:” followed by a URL. The host portion of the URL must resolve to an IPv6 address of a Web server or contain an IPv6 address. Examples: HTTP:http://myserver.corp.contoso.com/ or HTTP:http://2002:836b:1::1/.
-> -	A Universal Naming Convention (UNC) path to a file that NCA checks for existence. The contents of the file do not matter. The syntax is “FILE:” followed by a UNC path. The ComputerName portion of the UNC path must resolve to an IPv6 address or contain an IPv6 address. Examples: FILE:\\myserver\myshare\test.txt or FILE:\\2002:836b:1::1\myshare\test.txt.
+> -	A Uniform Resource Locator (URL) that NCA queries with a Hypertext Transfer Protocol (HTTP) request. The contents of the web page don't matter. The syntax is “HTTP:” followed by a URL. The host portion of the URL must resolve to an IPv6 address of a Web server or contain an IPv6 address. Examples: HTTP:http://myserver.corp.contoso.com/ or HTTP:http://2002:836b:1::1/.
+> -	A Universal Naming Convention (UNC) path to a file that NCA checks for existence. The contents of the file don't matter. The syntax is “FILE:” followed by a UNC path. The ComputerName portion of the UNC path must resolve to an IPv6 address or contain an IPv6 address. Examples: FILE:\\myserver\myshare\test.txt or FILE:\\2002:836b:1::1\myshare\test.txt.
 
 You must configure this setting to have complete NCA functionality.
 
@@ -229,7 +229,7 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies the string that appears for DirectAccess connectivity when the user clicks the Networking notification area icon. For example, you can specify “Contoso Intranet Access” for the DirectAccess clients of the Contoso Corporation.
 
-If this setting is not configured, the string that appears for DirectAccess connectivity is “Corporate Connection”.
+If this setting isn't configured, the string that appears for DirectAccess connectivity is “Corporate Connection”.
 
 <!--/Description-->
 
@@ -273,16 +273,16 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies whether the user has Connect and Disconnect options for the DirectAccess entry when the user clicks the Networking notification area icon.
 
-If the user clicks the Disconnect option, NCA removes the DirectAccess rules from the Name Resolution Policy Table (NRPT) and the DirectAccess client computer uses whatever normal name resolution is available to the client computer in its current network configuration, including sending all DNS queries to the local intranet or Internet DNS servers. Note that NCA does not remove the existing IPsec tunnels and users can still access intranet resources across the DirectAccess server by specifying IPv6 addresses rather than names.
+If the user clicks the Disconnect option, NCA removes the DirectAccess rules from the Name Resolution Policy Table (NRPT) and the DirectAccess client computer uses whatever normal name resolution is available to the client computer in its current network configuration, including sending all DNS queries to the local intranet or Internet DNS servers. NCA doesn't remove the existing IPsec tunnels and users can still access intranet resources across the DirectAccess server by specifying IPv6 addresses rather than names.
 
-The ability to disconnect allows users to specify single-label, unqualified names (such as “PRINTSVR”) for local resources when connected to a different intranet and for temporary access to intranet resources when network location detection has not correctly determined that the DirectAccess client computer is connected to its own intranet.
+The ability to disconnect allows users to specify single-label, unqualified names (such as “PRINTSVR”) for local resources when connected to a different intranet and for temporary access to intranet resources when network location detection hasn't correctly determined that the DirectAccess client computer is connected to its own intranet.
 
 To restore the DirectAccess rules to the NRPT and resume normal DirectAccess functionality, the user clicks Connect.
 
 > [!NOTE]
 > If the DirectAccess client computer is on the intranet and has correctly determined its network location, the Disconnect option has no effect because the rules for DirectAccess are already removed from the NRPT.
 
-If this setting is not configured, users do not have Connect or Disconnect options.
+If this setting isn't configured, users don't have Connect or Disconnect options.
 
 <!--/Description-->
 
@@ -326,7 +326,7 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies whether NCA service runs in Passive Mode or not.
 
-Set this to Disabled to keep NCA probing actively all the time. If this setting is not configured, NCA probing is in active mode by default.
+Set this policy setting to Disabled to keep NCA probing actively all the time. If this setting isn't configured, NCA probing is in active mode by default.
 <!--/Description-->
 
 
@@ -369,9 +369,9 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies whether an entry for DirectAccess connectivity appears when the user clicks the Networking notification area icon.
 
-Set this to Disabled to prevent user confusion when you are just using DirectAccess to remotely manage DirectAccess client computers from your intranet and not providing seamless intranet access. 
+Set this policy setting to Disabled to prevent user confusion when you're just using DirectAccess to remotely manage DirectAccess client computers from your intranet and not providing seamless intranet access. 
 
-If this setting is not configured, the entry for DirectAccess connectivity appears.
+If this setting isn't configured, the entry for DirectAccess connectivity appears.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-netlogon.md b/windows/client-management/mdm/policy-csp-admx-netlogon.md
index 2b5699063f..4527aa2946 100644
--- a/windows/client-management/mdm/policy-csp-admx-netlogon.md
+++ b/windows/client-management/mdm/policy-csp-admx-netlogon.md
@@ -162,19 +162,19 @@ manager: dansimp
 
 <!--/Scope-->
 <!--Description-->
-This policy setting configures how a domain controller (DC) behaves when responding to a client whose IP address does not map to any configured site.
+This policy setting configures how a domain controller (DC) behaves when responding to a client whose IP address doesn't map to any configured site.
 
-Domain controllers use the client IP address during a DC locator ping request to compute which Active Directory site the client belongs to. If no site mapping can be computed, the DC may do an address lookup on the client network name to discover other IP addresses which may then be used to compute a matching site for the client. 
+Domain controllers use the client IP address during a DC locator ping request to compute which Active Directory site the client belongs to. If no site mapping can be computed, the DC may do an address lookup on the client network name to discover other IP addresses that may then be used to compute a matching site for the client.
 
 The allowable values for this setting result in the following behaviors:
 
 - 0 - DCs will never perform address lookups.
-- 1 - DCs will perform an exhaustive address lookup to discover additional client IP addresses.
-- 2 - DCs will perform a fast, DNS-only address lookup to discover additional client IP addresses.
+- 1 - DCs will perform an exhaustive address lookup to discover more client IP addresses.
+- 2 - DCs will perform a fast, DNS-only address lookup to discover more client IP addresses.
 
 To specify this behavior in the DC Locator DNS SRV records, click Enabled, and then enter a value. The range of values is from 0 to 2.
 
-If you do not configure this policy setting, it is not applied to any DCs, and DCs use their local configuration.
+If you don't configure this policy setting, it isn't applied to any DCs, and DCs use their local configuration.
 
 <!--/Description-->
 
@@ -220,11 +220,11 @@ This policy setting determines the type of IP address that is returned for a dom
 
 By default, DC Locator APIs can return IPv4/IPv6 DC address. But if some applications are broken due to the returned IPv6 DC address, this policy can be used to disable the default behavior and enforce to return only IPv4 DC address. Once applications are fixed, this policy can be used to enable the default behavior.
 
-If you enable this policy setting, DC Locator APIs can return IPv4/IPv6 DC address. This is the default behavior of the DC Locator.
+If you enable this policy setting, DC Locator APIs can return IPv4/IPv6 DC address. This behavior is the default behavior of the DC Locator.
 
 If you disable this policy setting, DC Locator APIs will ONLY return IPv4 DC address if any. So if the domain controller supports both IPv4 and IPv6 addresses, DC Locator APIs will return IPv4 address. But if the domain controller supports only IPv6 address, then DC Locator APIs will fail.
 
-If you do not configure this policy setting, DC Locator APIs can return IPv4/IPv6 DC address. This is the default behavior of the DC Locator.
+If you don't configure this policy setting, DC Locator APIs can return IPv4/IPv6 DC address. This behavior is the default behavior of the DC Locator.
 
 <!--/Description-->
 
@@ -268,13 +268,13 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting specifies whether the computers to which this setting is applied attempts DNS name resolution of single-label domain names, by appending different registered DNS suffixes, and uses NetBIOS name resolution only if DNS name resolution fails. This policy, including the specified default behavior, is not used if the AllowSingleLabelDnsDomain policy setting is enabled.
+This policy setting specifies whether the computers to which this setting is applied attempts DNS name resolution of single-label domain names, by appending different registered DNS suffixes, and uses NetBIOS name resolution only if DNS name resolution fails. This policy, including the specified default behavior, isn't used if the AllowSingleLabelDnsDomain policy setting is enabled.
 
 By default, when no setting is specified for this policy, the behavior is the same as explicitly enabling this policy, unless the AllowSingleLabelDnsDomain policy setting is enabled.
 
-If you enable this policy setting, when the AllowSingleLabelDnsDomain policy is not enabled, computers to which this policy is applied, will locate a domain controller hosting an Active Directory domain specified with a single-label name, by appending different registered DNS suffixes to perform DNS name resolution. The single-label name is not used without appending DNS suffixes unless the computer is joined to a domain that has a single-label DNS name in the Active Directory forest. NetBIOS name resolution is performed on the single-label name only, in the event that DNS resolution fails.
+If you enable this policy setting, when the AllowSingleLabelDnsDomain policy isn't enabled, computers to which this policy is applied, will locate a domain controller hosting an Active Directory domain specified with a single-label name, by appending different registered DNS suffixes to perform DNS name resolution. The single-label name isn't used without appending DNS suffixes unless the computer is joined to a domain that has a single-label DNS name in the Active Directory forest. NetBIOS name resolution is performed on the single-label name only, if DNS resolution fails.
 
-If you disable this policy setting, when the AllowSingleLabelDnsDomain policy is not enabled, computers to which this policy is applied, will only use NetBIOS name resolution to attempt to locate a domain controller hosting an Active Directory domain specified with a single-label name. The computers will not attempt DNS name resolution in this case, unless the computer is searching for a domain with a single label DNS name to which this computer is joined, in the Active Directory forest.
+If you disable this policy setting, when the AllowSingleLabelDnsDomain policy isn't enabled, computers to which this policy is applied, will only use NetBIOS name resolution to attempt to locate a domain controller hosting an Active Directory domain specified with a single-label name. The computers won't attempt DNS name resolution in this case, unless the computer is searching for a domain with a single label DNS name to which this computer is joined, in the Active Directory forest.
 
 <!--/Description-->
 
@@ -318,15 +318,15 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting controls whether the Net Logon service will allow the use of older cryptography algorithms that are used in Windows NT 4.0. The cryptography algorithms used in Windows NT 4.0 and earlier are not as secure as newer algorithms used in Windows 2000 or later, including this version of Windows.
+This policy setting controls whether the Net Logon service will allow the use of older cryptography algorithms that are used in Windows NT 4.0. The cryptography algorithms used in Windows NT 4.0 and earlier aren't as secure as newer algorithms used in Windows 2000 or later, including this version of Windows.
 
-By default, Net Logon will not allow the older cryptography algorithms to be used and will not include them in the negotiation of cryptography algorithms. Therefore, computers running Windows NT 4.0 will not be able to establish a connection to this domain controller.
+By default, Net Logon won't allow the older cryptography algorithms to be used and won't include them in the negotiation of cryptography algorithms. Therefore, computers running Windows NT 4.0 won't be able to establish a connection to this domain controller.
  
 If you enable this policy setting, Net Logon will allow the negotiation and use of older cryptography algorithms compatible with Windows NT 4.0. However, using the older algorithms represents a potential security risk.
 
-If you disable this policy setting, Net Logon will not allow the negotiation and use of older cryptography algorithms. 
+If you disable this policy setting, Net Logon won't allow the negotiation and use of older cryptography algorithms. 
 
-If you do not configure this policy setting, Net Logon will not allow the negotiation and use of older cryptography algorithms.
+If you don't configure this policy setting, Net Logon won't allow the negotiation and use of older cryptography algorithms.
 
 <!--/Description-->
 
@@ -370,15 +370,15 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting specifies whether the computers to which this setting is applied attempt DNS name resolution of a single-label domain names.
+This policy setting specifies whether the computers to which this setting is applied attempt DNS name resolution of a single-label domain name.
 
 By default, the behavior specified in the AllowDnsSuffixSearch is used. If the AllowDnsSuffixSearch policy is disabled, then NetBIOS name resolution is used exclusively, to locate a domain controller hosting an Active Directory domain specified with a single-label name.
 
 If you enable this policy setting, computers to which this policy is applied will attempt to locate a domain controller hosting an Active Directory domain specified with a single-label name using DNS name resolution.
 
-If you disable this policy setting, computers to which this setting is applied will use the AllowDnsSuffixSearch policy, if it is not disabled or perform NetBIOS name resolution otherwise, to attempt to locate a domain controller that hosts an Active Directory domain specified with a single-label name. the computers will not the DNS name resolution in this case, unless the computer is searching for a domain with a single label DNS name that exists in the Active Directory forest to which this computer is joined.
+If you disable this policy setting, computers to which this setting is applied will use the AllowDnsSuffixSearch policy, if it isn't disabled or perform NetBIOS name resolution otherwise, to attempt to locate a domain controller that hosts an Active Directory domain specified with a single-label name. the computers won't the DNS name resolution in this case, unless the computer is searching for a domain with a single label DNS name that exists in the Active Directory forest to which this computer is joined.
 
-If you do not configure this policy setting, it is not applied to any computers, and computers use their local configuration.
+If you don't configure this policy setting, it isn't applied to any computers, and computers use their local configuration.
 
 <!--/Description-->
 
@@ -422,13 +422,13 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting determines whether domain controllers (DC) will dynamically register DC Locator site-specific SRV records for the closest sites where no DC for the same domain exists (or no Global Catalog for the same forest exists). These DNS records are dynamically registered by the Net Logon service, and they are used to locate the DC.
+This policy setting determines whether domain controllers (DC) will dynamically register DC Locator site-specific SRV records for the closest sites where no DC for the same domain exists (or no Global Catalog for the same forest exists). These DNS records are dynamically registered by the Net Logon service, and they're used to locate the DC.
 
 If you enable this policy setting, the DCs to which this setting is applied dynamically register DC Locator site-specific DNS SRV records for the closest sites where no DC for the same domain, or no Global Catalog for the same forest, exists.
 
-If you disable this policy setting, the DCs will not register site-specific DC Locator DNS SRV records for any other sites but their own.
+If you disable this policy setting, the DCs won't register site-specific DC Locator DNS SRV records for any other sites but their own.
 
-If you do not configure this policy setting, it is not applied to any DCs, and DCs use their local configuration.
+If you don't configure this policy setting, it isn't applied to any DCs, and DCs use their local configuration.
 
 <!--/Description-->
 
@@ -474,12 +474,12 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to control the domain controller (DC) location algorithm. By default, the DC location algorithm prefers DNS-based discovery if the DNS domain name is known. If DNS-based discovery fails and the NetBIOS domain name is known, the algorithm then uses NetBIOS-based discovery as a fallback mechanism.
 
-NetBIOS-based discovery uses a WINS server and mailslot messages but does not use site information. Hence it does not ensure that clients will discover the closest DC. It also allows a hub-site client to discover a branch-site DC even if the branch-site DC only registers site-specific DNS records (as recommended). For these reasons, NetBIOS-based discovery is not recommended.
+NetBIOS-based discovery uses a WINS server and mailslot messages but doesn't use site information. Hence it doesn't ensure that clients will discover the closest DC. It also allows a hub-site client to discover a branch-site DC even if the branch-site DC only registers site-specific DNS records (as recommended). For these reasons, NetBIOS-based discovery isn't recommended.
 
 > [!NOTE]
-> This policy setting does not affect NetBIOS-based discovery for DC location if only the NetBIOS domain name is known.
+> This policy setting doesn't affect NetBIOS-based discovery for DC location if only the NetBIOS domain name is known.
 
-If you enable or do not configure this policy setting, the DC location algorithm does not use NetBIOS-based discovery as a fallback mechanism when DNS-based discovery fails. This is the default behavior.
+If you disable or don't configure this policy setting, the DC location algorithm doesn't use NetBIOS-based discovery as a fallback mechanism when DNS-based discovery fails. This behavior is the default behavior.
 
 If you disable this policy setting, the DC location algorithm can use NetBIOS-based discovery as a fallback mechanism when DNS based discovery fails.
 
@@ -531,9 +531,9 @@ Contacting the PDC emulator is useful in case the client’s password was recent
 
 If you enable this policy setting, the DCs to which this policy setting applies will attempt to verify a password with the PDC emulator if the DC fails to validate the password.
 
-If you disable this policy setting, the DCs will not attempt to verify any passwords with the PDC emulator. 
+If you disable this policy setting, the DCs won't attempt to verify any passwords with the PDC emulator. 
 
-If you do not configure this policy setting, it is not applied to any DCs.
+If you don't configure this policy setting, it isn't applied to any DCs.
 
 <!--/Description-->
 
@@ -588,7 +588,7 @@ This setting is relevant only to those callers of DsGetDcName that have specifie
 If the value of this setting is less than the value specified in the NegativeCachePeriod subkey, the value in the NegativeCachePeriod subkey is used.
 
 > [!WARNING]
-> If the value for this setting is too large, a client will not attempt to find any DCs that were initially unavailable. If the value set in this setting is very small and the DC is not available, the traffic caused by periodic DC discoveries may be excessive.
+> If the value for this setting is too large, a client won't attempt to find any DCs that were initially unavailable. If the value set in this setting is very small and the DC isn't available, the traffic caused by periodic DC discoveries may be excessive.
 
 <!--/Description-->
 
@@ -645,7 +645,7 @@ If the value for this setting is smaller than the value specified for the Initia
 > [!WARNING]
 > If the value for this setting is too large, a client may take very long periods to try to find a DC.
 
-If the value for this setting is too small and the DC is not available, the frequent retries may produce excessive network traffic.
+If the value for this setting is too small and the DC isn't available, the frequent retries may produce excessive network traffic.
 
 <!--/Description-->
 
@@ -738,7 +738,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting determines when a successful DC cache entry is refreshed. This policy setting is applied to caller programs that periodically attempt to locate DCs, and it is applied before  returning the DC information to the caller program. The default value for this setting is infinite (4294967200). The maximum value for this setting is (4294967200), while the maximum that is not treated as infinity is 49 days (49*24*60*60=4233600). Any larger value is treated as infinity. The minimum value for this setting is to always refresh (0).
+This policy setting determines when a successful DC cache entry is refreshed. This policy setting is applied to caller programs that periodically attempt to locate DCs, and it's applied before  returning the DC information to the caller program. The default value for this setting is infinite (4294967200). The maximum value for this setting is (4294967200), while the maximum that isn't treated as infinity is 49 days (49*24*60*60=4233600). Any larger value is treated as infinity. The minimum value for this setting is to always refresh (0).
 
 <!--/Description-->
 
@@ -790,7 +790,7 @@ If you enable this policy setting and specify a non-zero value, debug informatio
 
 If you specify zero for this policy setting, the default behavior occurs as described above.
 
-If you disable this policy setting or do not configure it, the default behavior occurs as described above.
+If you disable this policy setting or don't configure it, the default behavior occurs as described above.
 
 <!--/Description-->
 
@@ -834,9 +834,9 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting determines which DC Locator DNS records are not registered by the Net Logon service.
+This policy setting determines which DC Locator DNS records aren't registered by the Net Logon service.
 
-If you enable this policy setting, select Enabled and specify a list of space-delimited mnemonics (instructions) for the DC Locator DNS records that will not be registered by the DCs to which this setting is applied.
+If you enable this policy setting, select Enabled and specify a list of space-delimited mnemonics (instructions) for the DC Locator DNS records that won't be registered by the DCs to which this setting is applied.
 
 Select the mnemonics from the following table:
 
@@ -866,7 +866,7 @@ Select the mnemonics from the following table:
 
 If you disable this policy setting, DCs configured to perform dynamic registration of DC Locator DNS records register all DC Locator DNS resource records.
 
-If you do not configure this policy setting, DCs use their local configuration.
+If you don't configure this policy setting, DCs use their local configuration.
 
 <!--/Description-->
 
@@ -912,14 +912,14 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies the Refresh Interval of the DC Locator DNS resource records for DCs to which this setting is applied. These DNS records are dynamically registered by the Net Logon service and are used by the DC Locator algorithm to locate the DC. This setting may be applied only to DCs using dynamic update.
 
-DCs configured to perform dynamic registration of the DC Locator DNS resource records periodically reregister their records with DNS servers, even if their records’ data has not changed. If authoritative DNS servers are configured to perform scavenging of the stale records, this reregistration is required to instruct the DNS servers configured to automatically remove (scavenge) stale records that these records are current and should be preserved in the database.
+DCs configured to perform dynamic registration of the DC Locator DNS resource records periodically reregister their records with DNS servers, even if their records’ data hasn't changed. If authoritative DNS servers are configured to perform scavenging of the stale records, this reregistration is required to instruct the DNS servers configured to automatically remove (scavenge) stale records that these records are current and should be preserved in the database.
 
 > [!WARNING]
 > If the DNS resource records are registered in zones with scavenging enabled, the value of this setting should never be longer than the Refresh Interval configured for these zones. Setting the Refresh Interval of the DC Locator DNS records to longer than the Refresh Interval of the DNS zones may result in the undesired deletion of DNS resource records.
 
 To specify the Refresh Interval of the DC records, click Enabled, and then enter a value larger than 1800. This value specifies the Refresh Interval of the DC records in seconds (for example, the value 3600 is 60 minutes).
 
-If you do not configure this policy setting, it is not applied to any DCs, and DCs use their local configuration.
+If you don't configure this policy setting, it isn't applied to any DCs, and DCs use their local configuration.
 
 <!--/Description-->
 
@@ -973,7 +973,7 @@ If not configured, domain controllers will default to using their local configur
 
 The default local configuration is enabled.
 
-A reboot is not required for changes to this setting to take effect.
+A reboot isn't required for changes to this setting to take effect.
 <!--/Description-->
 
 
@@ -1016,11 +1016,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting specifies the value for the Time-To-Live (TTL) field in SRV resource records that are registered by the Net Logon service. These DNS records are dynamically registered, and they are used to locate the domain controller (DC).
+This policy setting specifies the value for the Time-To-Live (TTL) field in SRV resource records that are registered by the Net Logon service. These DNS records are dynamically registered, and they're used to locate the domain controller (DC).
 
 To specify the TTL for DC Locator DNS records, click Enabled, and then enter a value in seconds (for example, the value "900" is 15 minutes).
 
-If you do not configure this policy setting, it is not applied to any DCs, and DCs use their local configuration.
+If you don't configure this policy setting, it isn't applied to any DCs, and DCs use their local configuration.
 <!--/Description-->
 
 
@@ -1063,11 +1063,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting specifies the additional time for the computer to wait for the domain controller’s (DC) response when logging on to the network.
+This policy setting specifies the extra time for the computer to wait for the domain controller’s (DC) response when logging on to the network.
 
-To specify the expected dial-up delay at logon, click Enabled, and then enter the desired value in seconds (for example, the value "60" is 1 minute).
+To specify the expected dial-up delay at sign in, click Enabled, and then enter the desired value in seconds (for example, the value "60" is 1 minute).
 
-If you do not configure this policy setting, it is not applied to any computers, and computers use their local configuration.
+If you don't configure this policy setting, it isn't applied to any computers, and computers use their local configuration.
 
 <!--/Description-->
 
@@ -1113,13 +1113,13 @@ ADMX Info:
 <!--Description-->
 This policy setting determines the interval for when a Force Rediscovery is carried out by DC Locator.
 
-The Domain Controller Locator (DC Locator) service is used by clients to find domain controllers for their Active Directory domain. When DC Locator finds a domain controller, it caches domain controllers to improve the efficiency of the location algorithm. As long as the cached domain controller meets the requirements and is running, DC Locator will continue to return it. If a new domain controller is introduced, existing clients will only discover it when a Force Rediscovery is carried out by DC Locator. To adapt to changes in network conditions DC Locator will by default carry out a Force Rediscovery according to a specific time interval and maintain efficient load-balancing of clients across all available domain controllers in all domains or forests. The default time interval for Force Rediscovery by DC Locator is 12 hours. Force Rediscovery can also be triggered if a call to DC Locator uses the DS_FORCE_REDISCOVERY flag. Rediscovery resets the timer on the cached domain controller entries.
+The Domain Controller Locator (DC Locator) service is used by clients to find domain controllers for their Active Directory domain. When DC Locator finds a domain controller, it caches domain controllers to improve the efficiency of the location algorithm. As long as the cached domain controller meets the requirements and is running, DC Locator will continue to return it. If a new domain controller is introduced, existing clients will only discover it when a Force Rediscovery is carried out by DC Locator. To adapt to changes in network conditions, DC Locator will, by default, carry out a Force Rediscovery according to a specific time interval and maintain efficient load-balancing of clients across all available domain controllers in all domains or forests. The default time interval for Force Rediscovery by DC Locator is 12 hours. Force Rediscovery can also be triggered if a call to DC Locator uses the DS_FORCE_REDISCOVERY flag. Rediscovery resets the timer on the cached domain controller entries.
 
-If you enable this policy setting, DC Locator on the machine will carry out Force Rediscovery periodically according to the configured time interval. The minimum time interval is 3600 seconds (1 hour) to avoid excessive network traffic from rediscovery. The maximum allowed time interval is 4294967200 seconds, while any value greater than 4294967 seconds (~49 days) will be treated as infinity.
+If you enable this policy setting, DC Locator on the machine will carry out Force Rediscovery periodically according to the configured time interval. The minimum time interval is 3600 seconds (1 hour) to avoid excessive network traffic from rediscovery. The maximum allowed time interval is 4,294,967,200 seconds, while any value greater than 4294967 seconds (~49 days) will be treated as infinity.
 
 If you disable this policy setting, Force Rediscovery will be used by default for the machine at every 12 hour interval.
 
-If you do not configure this policy setting, Force Rediscovery will be used by default for the machine at every 12 hour interval, unless the local machine setting in the registry is a different value.
+If you don't configure this policy setting, Force Rediscovery will be used by default for the machine at every 12 hour interval, unless the local machine setting in the registry is a different value.
 
 <!--/Description-->
 
@@ -1165,11 +1165,11 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies the sites for which the global catalogs (GC) should register site-specific GC locator DNS SRV resource records. These records are registered in addition to the site-specific SRV records registered for the site where the GC resides, and records registered by a GC configured to register GC Locator DNS SRV records for those sites without a GC that are closest to it. 
 
-The GC Locator DNS records and the site-specific SRV records are dynamically registered by the Net Logon service, and they are used to locate the GC. An Active Directory site is one or more well-connected TCP/IP subnets that allow administrators to configure Active Directory access and replication. A GC is a domain controller that contains a partial replica of every domain in Active Directory.
+The GC Locator DNS records and the site-specific SRV records are dynamically registered by the Net Logon service, and they're used to locate the GC. An Active Directory site is one or more well-connected TCP/IP subnets that allow administrators to configure Active Directory access and replication. A GC is a domain controller that contains a partial replica of every domain in Active Directory.
 
 To specify the sites covered by the GC Locator DNS SRV records, click Enabled, and enter the sites' names in a space-delimited format.
 
-If you do not configure this policy setting, it is not applied to any GCs, and GCs use their local configuration.
+If you don't configure this policy setting, it isn't applied to any GCs, and GCs use their local configuration.
 
 <!--/Description-->
 
@@ -1218,11 +1218,11 @@ This policy setting allows you to control the processing of incoming mailslot me
 > [!NOTE]
 > To locate a remote DC based on its NetBIOS (single-label) domain name, DC Locator first gets the list of DCs from a WINS server that is configured in its local client settings. DC Locator then sends a mailslot message to each remote DC to get more information. DC location succeeds only if a remote DC responds to the mailslot message.
 
-This policy setting is recommended to reduce the attack surface on a DC, and can be used in an environment without WINS, in an IPv6-only environment, and whenever DC location based on a NetBIOS domain name is not required. This policy setting does not affect DC location based on DNS names.
+This policy setting is recommended to reduce the attack surface on a DC, and can be used in an environment without WINS, in an IPv6-only environment, and whenever DC location based on a NetBIOS domain name isn't required. This policy setting doesn't affect DC location based on DNS names.
 
-If you enable this policy setting, this DC does not process incoming mailslot messages that are used for NetBIOS domain name based DC location.
+If you enable this policy setting, this DC doesn't process incoming mailslot messages that are used for NetBIOS domain name based DC location.
 
-If you disable or do not configure this policy setting, this DC processes incoming mailslot messages. This is the default behavior of DC Locator.
+If you disable or don't configure this policy setting, this DC processes incoming mailslot messages. This hevaior is the default behavior of DC Locator.
 
 <!--/Description-->
 
@@ -1272,7 +1272,7 @@ The Priority field in the SRV record sets the preference for target hosts (speci
 
 To specify the Priority in the DC Locator DNS SRV resource records, click Enabled, and then enter a value. The range of values is from 0 to 65535.
 
-If you do not configure this policy setting, it is not applied to any DCs, and DCs use their local configuration.
+If you don't configure this policy setting, it isn't applied to any DCs, and DCs use their local configuration.
 
 <!--/Description-->
 
@@ -1316,13 +1316,13 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting specifies the Weight field in the SRV resource records registered by the domain controllers (DC) to which this setting is applied. These DNS records are dynamically registered by the Net Logon service, and they are used to locate the DC.
+This policy setting specifies the Weight field in the SRV resource records registered by the domain controllers (DC) to which this setting is applied. These DNS records are dynamically registered by the Net Logon service, and they're used to locate the DC.
 
 The Weight field in the SRV record can be used in addition to the Priority value to provide a load-balancing mechanism where multiple servers are specified in the SRV records Target field and are all set to the same priority. The probability with which the DNS client randomly selects the target host to be contacted is proportional to the Weight field value in the SRV record.
 
 To specify the Weight in the DC Locator DNS SRV records, click Enabled, and then enter a value. The range of values is from 0 to 65535.
 
-If you do not configure this policy setting, it is not applied to any DCs, and DCs use their local configuration.
+If you don't configure this policy setting, it isn't applied to any DCs, and DCs use their local configuration.
 
 <!--/Description-->
 
@@ -1368,9 +1368,9 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies the maximum size in bytes of the log file netlogon.log in the directory %windir%\debug when logging is enabled.
 
-By default, the maximum size of the log file is 20MB. If you enable this policy setting, the maximum size of the log file is set to the specified size.  Once this size is reached the log file is saved to netlogon.bak and netlogon.log is truncated. A reasonable value based on available storage should be specified.
+By default, the maximum size of the log file is 20 MB. If you enable this policy setting, the maximum size of the log file is set to the specified size.  Once this size is reached, the log file is saved to netlogon.bak and netlogon.log is truncated. A reasonable value based on available storage should be specified.
 
-If you disable or do not configure this policy setting, the default behavior occurs as indicated above.
+If you disable or don't configure this policy setting, the default behavior occurs as indicated above.
 
 <!--/Description-->
 
@@ -1416,11 +1416,11 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies the sites for which the domain controllers (DC) that host the application directory partition should register the site-specific, application directory partition-specific DC Locator DNS SRV resource records. These records are registered in addition to the site-specific SRV records registered for the site where the DC resides, and records registered by a DC configured to register DC Locator DNS SRV records for those sites without a DC that are closest to it. 
 
-The application directory partition DC Locator DNS records and the site-specific SRV records are dynamically registered by the Net Logon service, and they are used to locate the application directory partition-specific DC. An Active Directory site is one or more well-connected TCP/IP subnets that allow administrators to configure Active Directory access and replication.
+The application directory partition DC Locator DNS records and the site-specific SRV records are dynamically registered by the Net Logon service, and they're used to locate the application directory partition-specific DC. An Active Directory site is one or more well-connected TCP/IP subnets that allow administrators to configure Active Directory access and replication.
 
 To specify the sites covered by the DC Locator application directory partition-specific DNS SRV records, click Enabled, and then enter the site names in a space-delimited format.
 
-If you do not configure this policy setting, it is not applied to any DCs, and DCs use their local configuration.
+If you don't configure this policy setting, it isn't applied to any DCs, and DCs use their local configuration.
 
 <!--/Description-->
 
@@ -1464,12 +1464,12 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting specifies the amount of time (in seconds) the DC locator remembers that a domain controller (DC) could not be found in a domain. When a subsequent attempt to locate the DC occurs within the time set in this setting, DC Discovery immediately fails, without attempting to find the DC.
+This policy setting specifies the amount of time (in seconds) the DC locator remembers that a domain controller (DC) couldn't be found in a domain. When a subsequent attempt to locate the DC occurs within the time set in this setting, DC Discovery immediately fails, without attempting to find the DC.
 
 The default value for this setting is 45 seconds. The maximum value for this setting is 7 days (7*24*60*60). The minimum value for this setting is 0.
 
 > [!WARNING]
-> If the value for this setting is too large, a client will not attempt to find any DCs that were initially unavailable. If the value for this setting is too small, clients will attempt to find DCs even when none are available.
+> If the value for this setting is too large, a client won't attempt to find any DCs that were initially unavailable. If the value for this setting is too small, clients will attempt to find DCs even when none are available.
 
 <!--/Description-->
 
@@ -1517,14 +1517,14 @@ This policy setting controls whether or not the Netlogon share created by the Ne
 
 If you enable this policy setting, the Netlogon share will honor file sharing semantics that grant requests for exclusive read access to files on the share even when the caller has only read permission.
 
-If you disable or do not configure this policy setting, the Netlogon share will grant shared read access to files on the share when exclusive access is requested and the caller has only read permission.
+If you disable or don't configure this policy setting, the Netlogon share will grant shared read access to files on the share when exclusive access is requested and the caller has only read permission.
 
 By default, the Netlogon share will grant shared read access to files on the share when exclusive access is requested.
 
 > [!NOTE]
 > The Netlogon share is a share created by the Net Logon service for use by client machines in the domain. The default behavior of the Netlogon share ensures that no application with only read permission to files on the Netlogon share can lock the files by requesting exclusive read access, which might prevent Group Policy settings from being updated on clients in the domain. When this setting is enabled, an application that relies on the ability to lock files on the Netlogon share with only read permission will be able to deny Group Policy clients from reading the files, and in general the availability of the Netlogon share on the domain will be decreased.
 
-If you enable this policy setting, domain administrators should ensure that the only applications using the exclusive read capability in the domain are those approved by the administrator.
+If you enable this policy setting, domain administrators should ensure that the only applications using the exclusive read capability in the domain are those applications approved by the administrator.
 
 <!--/Description-->
 
@@ -1568,9 +1568,9 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting determines when a successful DC cache entry is refreshed. This policy setting is applied to caller programs that do not periodically attempt to locate DCs, and it is applied before the returning the DC information to the caller program. This policy setting is relevant to only those callers of DsGetDcName that have not specified the DS_BACKGROUND_ONLY flag.
+This policy setting determines when a successful DC cache entry is refreshed. This policy setting is applied to caller programs that don't periodically attempt to locate DCs, and it's applied before the returning the DC information to the caller program. This policy setting is relevant to only those callers of DsGetDcName that haven't specified the DS_BACKGROUND_ONLY flag.
 
-The default value for this setting is 30 minutes (1800). The maximum value for this setting is (4294967200), while the maximum that is not treated as infinity is 49 days (49*24*60*60=4233600). Any larger value will be treated as infinity. The minimum value for this setting is to always refresh (0).
+The default value for this setting is 30 minutes (1800). The maximum value for this setting is (4294967200), while the maximum that isn't treated as infinity is 49 days (49*24*60*60=4233600). Any larger value will be treated as infinity. The minimum value for this setting is to always refresh (0).
 
 <!--/Description-->
 
@@ -1616,7 +1616,7 @@ ADMX Info:
 <!--Description-->
 This policy setting configures whether the computers to which this setting is applied are more aggressive when trying to locate a domain controller (DC).
 
-When an environment has a large number of DCs running both old and new operating systems, the default DC locator discovery behavior may be insufficient to find DCs running a newer operating system.  This policy setting can be enabled to configure DC locator to be more aggressive about trying to locate a DC in such an environment, by pinging DCs at a higher frequency.  Enabling this setting may result in additional network traffic and increased load on DCs.  You should disable this setting once all DCs are running the same OS version.
+When an environment has a large number of DCs running both old and new operating systems, the default DC locator discovery behavior may be insufficient to find DCs running a newer operating system. This policy setting can be enabled to configure DC locator to be more aggressive about trying to locate a DC in such an environment, by pinging DCs at a higher frequency. Enabling this setting may result in more network traffic and increased load on DCs. You should disable this setting once all DCs are running the same OS version.
 
 The allowable values for this setting result in the following behaviors:
 
@@ -1625,7 +1625,7 @@ The allowable values for this setting result in the following behaviors:
 
 To specify this behavior, click Enabled and then enter a value. The range of values is from 1 to 2.
 
-If you do not configure this policy setting, it is not applied to any computers, and computers use their local configuration.
+If you don't configure this policy setting, it isn't applied to any computers, and computers use their local configuration.
 
 <!--/Description-->
 
@@ -1673,11 +1673,11 @@ This policy setting determines the interval at which Netlogon performs the follo
 
 - Checks if a password on a secure channel needs to be modified, and modifies it if necessary.
 
-- On the domain controllers (DC), discovers a DC that has not been discovered.
+- On the domain controllers (DC), discovers a DC that hasn't been discovered.
 
 - On the PDC, attempts to add the `<DomainName>`[1B] NetBIOS name if it hasn’t already been successfully added.
 
-None of these operations are critical. 15 minutes is optimal in all but extreme cases. For instance, if a DC is separated from a trusted domain by an expensive (e.g., ISDN) line, this parameter might be adjusted upward to avoid frequent automatic discovery of DCs in a trusted domain.
+None of these operations are critical. 15 minutes is optimal in all but extreme cases. For instance, if a DC is separated from a trusted domain by an expensive (for example, ISDN) line, this parameter might be adjusted upward to avoid frequent automatic discovery of DCs in a trusted domain.
 
 To enable the setting, click Enabled, and then specify the interval in seconds.
 
@@ -1725,11 +1725,11 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies the sites for which the domain controllers (DC) register the site-specific DC Locator DNS SRV resource records. These records are registered in addition to the site-specific SRV records registered for the site where the DC resides, and records registered by a DC configured to register DC Locator DNS SRV records for those sites without a DC that are closest to it. 
 
-The DC Locator DNS records are dynamically registered by the Net Logon service, and they are used to locate the DC. An Active Directory site is one or more well-connected TCP/IP subnets that allow administrators to configure Active Directory access and replication.
+The DC Locator DNS records are dynamically registered by the Net Logon service, and they're used to locate the DC. An Active Directory site is one or more well-connected TCP/IP subnets that allow administrators to configure Active Directory access and replication.
 
 To specify the sites covered by the DC Locator DNS SRV records, click Enabled, and then enter the sites names in a space-delimited format.
 
-If you do not configure this policy setting, it is not applied to any DCs, and DCs use their local configuration.
+If you don't configure this policy setting, it isn't applied to any DCs, and DCs use their local configuration.
 
 <!--/Description-->
 
@@ -1777,9 +1777,9 @@ This policy setting specifies the Active Directory site to which computers belon
 
 An Active Directory site is one or more well-connected TCP/IP subnets that allow administrators to configure Active Directory access and replication.
 
-To specify the site name for this setting, click Enabled, and then enter the site name. When the site to which a computer belongs is not specified, the computer automatically discovers its site from Active Directory.
+To specify the site name for this setting, click Enabled, and then enter the site name. When the site to which a computer belongs isn't specified, the computer automatically discovers its site from Active Directory.
 
-If you do not configure this policy setting, it is not applied to any computers, and computers use their local configuration.
+If you don't configure this policy setting, it isn't applied to any computers, and computers use their local configuration.
 
 <!--/Description-->
 
@@ -1834,7 +1834,7 @@ By default, the SYSVOL share will grant shared read access to files on the share
 > [!NOTE]
 > The SYSVOL share is a share created by the Net Logon service for use by Group Policy clients in the domain. The default behavior of the SYSVOL share ensures that no application with only read permission to files on the sysvol share can lock the files by requesting exclusive read access, which might prevent Group Policy settings from being updated on clients in the domain. When this setting is enabled, an application that relies on the ability to lock files on the SYSVOL share with only read permission will be able to deny Group Policy clients from reading the files, and in general the availability of the SYSVOL share on the domain will be decreased.
 
-If you enable this policy setting, domain administrators should ensure that the only applications using the exclusive read capability in the domain are those approved by the administrator.
+If you enable this policy setting, domain administrators should ensure that the only applications using the exclusive read capability in the domain are those applications approved by the administrator.
 
 <!--/Description-->
 
@@ -1878,15 +1878,15 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting enables DC Locator to attempt to locate a DC in the nearest site based on the site link cost if a DC in same the site is not found. In scenarios with multiple sites, failing over to the try next closest site during DC Location streamlines network traffic more effectively.
+This policy setting enables DC Locator to attempt to locate a DC in the nearest site based on the site link cost if a DC in same the site isn't found. In scenarios with multiple sites, failing over to the try next closest site during DC Location streamlines network traffic more effectively.
 
-The DC Locator service is used by clients to find domain controllers for their Active Directory domain. The default behavior for DC Locator is to find a DC in the same site. If none are found in the same site, a DC in another site, which might be several site-hops away, could be returned by DC Locator. Site proximity between two sites is determined by the total site-link cost between them. A site is closer if it has a lower site link cost than another site with a higher site link cost. 
+The DC Locator service is used by clients to find domain controllers for their Active Directory domain. The default behavior for DC Locator is to find a DC in the same site. If none is found in the same site, a DC in another site, which might be several site-hops away, could be returned by DC Locator. Site proximity between two sites is determined by the total site-link cost between them. A site is closer if it has a lower site link cost than another site with a higher site link cost. 
 
 If you enable this policy setting, Try Next Closest Site DC Location will be turned on for the computer.
 
-If you disable this policy setting, Try Next Closest Site DC Location will not be used by default for the computer. However, if a DC Locator call is made using the DS_TRY_NEXTCLOSEST_SITE flag explicitly, the Try Next Closest Site behavior is honored.
+If you disable this policy setting, Try Next Closest Site DC Location won't be used by default for the computer. However, if a DC Locator call is made using the DS_TRY_NEXTCLOSEST_SITE flag explicitly, the Try Next Closest Site behavior is honored.
 
-If you do not configure this policy setting, Try Next Closest Site DC Location will not be used by default for the machine. If the DS_TRY_NEXTCLOSEST_SITE flag is used explicitly, the Next Closest Site behavior will be used.
+If you don't configure this policy setting, Try Next Closest Site DC Location won't be used by default for the machine. If the DS_TRY_NEXTCLOSEST_SITE flag is used explicitly, the Next Closest Site behavior will be used.
 
 <!--/Description-->
 
@@ -1934,9 +1934,9 @@ This policy setting determines if dynamic registration of the domain controller
 
 If you enable this policy setting, DCs to which this setting is applied dynamically register DC Locator DNS resource records through dynamic DNS update-enabled network connections.
 
-If you disable this policy setting, DCs will not register DC Locator DNS resource records.
+If you disable this policy setting, DCs won't register DC Locator DNS resource records.
 
-If you do not configure this policy setting, it is not applied to any DCs, and DCs use their local configuration.
+If you don't configure this policy setting, it isn't applied to any DCs, and DCs use their local configuration.
 
 <!--/Description-->
 

From b1b2fe8e25345732f9121ba52280ac1678158018 Mon Sep 17 00:00:00 2001
From: Siddarth Mandalika <v-smandalika@microsoft.com>
Date: Tue, 15 Mar 2022 15:33:01 +0530
Subject: [PATCH 028/123] Acrolinx enhancement effort

---
 .../mdm/policy-csp-admx-networkconnections.md | 174 ++++++-------
 .../mdm/policy-csp-admx-offlinefiles.md       | 238 +++++++++---------
 .../mdm/policy-csp-admx-peertopeercaching.md  | 102 ++++----
 .../policy-csp-admx-performancediagnostics.md |  32 +--
 ...licy-csp-admx-powershellexecutionpolicy.md |  12 +-
 .../mdm/policy-csp-admx-printing.md           | 130 +++++-----
 .../mdm/policy-csp-admx-printing2.md          |  46 ++--
 .../mdm/policy-csp-admx-programs.md           |  26 +-
 .../mdm/policy-csp-admx-radar.md              |   6 +-
 .../mdm/policy-csp-admx-reliability.md        |  20 +-
 10 files changed, 393 insertions(+), 393 deletions(-)

diff --git a/windows/client-management/mdm/policy-csp-admx-networkconnections.md b/windows/client-management/mdm/policy-csp-admx-networkconnections.md
index 70691cee2e..5da60f709b 100644
--- a/windows/client-management/mdm/policy-csp-admx-networkconnections.md
+++ b/windows/client-management/mdm/policy-csp-admx-networkconnections.md
@@ -141,11 +141,11 @@ manager: dansimp
 <!--Description-->
 This policy setting determines whether administrators can add and remove network components for a LAN or remote access connection. This setting has no effect on nonadministrators.
 
-If you enable this setting (and enable the "Enable Network Connections settings for Administrators" setting), the Install and Uninstall buttons for components of connections are disabled, and administrators are not permitted to access network components in the Windows Components Wizard.
+If you enable this setting (and enable the "Enable Network Connections settings for Administrators" setting), the Install and Uninstall buttons for components of connections are disabled, and administrators aren't permitted to access network components in the Windows Components Wizard.
 
-If the "Enable Network Connections settings for Administrators" is disabled or not configured, this setting will not apply to administrators on post-Windows 2000 computers.
+If the "Enable Network Connections settings for Administrators" is disabled or not configured, this setting won't apply to administrators on post-Windows 2000 computers.
 
-If you disable this setting or do not configure it, the Install and Uninstall buttons for components of connections in the Network Connections folder are enabled. Also, administrators can gain access to network components in the Windows Components Wizard.
+If you disable this setting or don't configure it, the Install and Uninstall buttons for components of connections in the Network Connections folder are enabled. Also, administrators can gain access to network components in the Windows Components Wizard.
 
 The Install button opens the dialog boxes used to add network components. Clicking the Uninstall button removes the selected component in the components list (above the button).
 
@@ -202,9 +202,9 @@ The Advanced Settings item lets users view and change bindings and view and chan
 
 If you enable this setting (and enable the "Enable Network Connections settings for Administrators" setting), the Advanced Settings item is disabled for administrators.
 
-If the "Enable Network Connections settings for Administrators" is disabled or not configured, this setting will not apply to administrators on post-Windows 2000 computers.
+If the "Enable Network Connections settings for Administrators" is disabled or not configured, this setting won't apply to administrators on post-Windows 2000 computers.
 
-If you disable this setting or do not configure it, the Advanced Settings item is enabled for administrators.
+If you disable this setting or don't configure it, the Advanced Settings item is enabled for administrators.
 
 > [!NOTE]
 > Nonadministrators are already prohibited from accessing the Advanced Settings dialog box, regardless of this setting.
@@ -251,18 +251,18 @@ ADMX Info:
 <!--Description-->
 This policy setting determines whether users can configure advanced TCP/IP settings.
 
-If you enable this setting (and enable the "Enable Network Connections settings for Administrators" setting), the Advanced button on the Internet Protocol (TCP/IP) Properties dialog box is disabled for all users (including administrators). As a result, users cannot open the Advanced TCP/IP Settings Properties page and modify IP settings, such as DNS and WINS server information.
+If you enable this setting (and enable the "Enable Network Connections settings for Administrators" setting), the Advanced button on the Internet Protocol (TCP/IP) Properties dialog box is disabled for all users (including administrators). As a result, users can't open the Advanced TCP/IP Settings Properties page and modify IP settings, such as DNS and WINS server information.
 
-If the "Enable Network Connections settings for Administrators" is disabled or not configured, this setting will not apply to administrators on post-Windows 2000 computers.
+If the "Enable Network Connections settings for Administrators" is disabled or not configured, this setting won't apply to administrators on post-Windows 2000 computers.
 
 If you disable this setting, the Advanced button is enabled, and all users can open the Advanced TCP/IP Setting dialog box.
 
-This setting is superseded by settings that prohibit access to properties of connections or connection components. When these policies are set to deny access to the connection properties dialog box or Properties button for connection components, users cannot gain access to the Advanced button for TCP/IP configuration.
+This setting is superseded by settings that prohibit access to properties of connections or connection components. When these policies are set to deny access to the connection properties dialog box or Properties button for connection components, users can't gain access to the Advanced button for TCP/IP configuration.
 
-Changing this setting from Enabled to Not Configured does not enable the Advanced button until the user logs off.
+Changing this setting from Enabled to Not Configured doesn't enable the Advanced button until the user signs out.
 
 > [!NOTE]
-> Nonadministrators (excluding Network Configuration Operators) do not have permission to access TCP/IP advanced configuration for a LAN connection, regardless of this setting.
+> Nonadministrators (excluding Network Configuration Operators) don't have permission to access TCP/IP advanced configuration for a LAN connection, regardless of this setting.
 
 > [!TIP]
 > To open the Advanced TCP/IP Setting dialog box, in the Network Connections folder, right-click a connection icon, and click Properties. For remote access connections, click the Networking tab.  In the "Components checked are used by this connection" box, click Internet Protocol (TCP/IP), click the Properties button, and then click the Advanced button.
@@ -309,11 +309,11 @@ ADMX Info:
 <!--Description-->
 This policy setting Determines whether administrators can enable and disable the components used by LAN connections.
 
-If you enable this setting (and enable the "Enable Network Connections settings for Administrators" setting), the check boxes for enabling and disabling components are disabled. As a result, administrators cannot enable or disable the components that a connection uses.
+If you enable this setting (and enable the "Enable Network Connections settings for Administrators" setting), the check boxes for enabling and disabling components are disabled. As a result, administrators can't enable or disable the components that a connection uses.
 
-If the "Enable Network Connections settings for Administrators" is disabled or not configured, this setting will not apply to administrators on post-Windows 2000 computers.
+If the "Enable Network Connections settings for Administrators" is disabled or not configured, this setting won't apply to administrators on post-Windows 2000 computers.
 
-If you disable this setting or do not configure it, the Properties dialog box for a connection includes a check box beside the name of each component that the connection uses. Selecting the check box enables the component, and clearing the check box disables the component.
+If you disable this setting or don't configure it, the Properties dialog box for a connection includes a check box beside the name of each component that the connection uses. Selecting the check box enables the component, and clearing the check box disables the component.
 
 > [!NOTE]
 > When the "Prohibit access to properties of a LAN connection" setting is enabled, users are blocked from accessing the check boxes for enabling and disabling the components of a LAN connection.
@@ -366,18 +366,18 @@ To create an all-user remote access connection, on the Connection Availability p
 
 If you enable this setting, all users can delete shared remote access connections. In addition, if your file system is NTFS, users need to have Write access to Documents and Settings\All Users\Application Data\Microsoft\Network\Connections\Pbk to delete a shared remote access connection.
 
-If you disable this setting (and enable the "Enable Network Connections settings for Administrators" setting), users (including administrators) cannot delete all-user remote access connections. (By default, users can still delete their private connections, but you can change the default by using the "Prohibit deletion of remote access connections" setting.)
+If you disable this setting (and enable the "Enable Network Connections settings for Administrators" setting), users (including administrators) can't delete all-user remote access connections. (By default, users can still delete their private connections, but you can change the default by using the "Prohibit deletion of remote access connections" setting.)
 
-If the "Enable Network Connections settings for Administrators" is disabled or not configured, this setting will not apply to administrators on post-Windows 2000 computers.
+If the "Enable Network Connections settings for Administrators" is disabled or not configured, this setting won't apply to administrators on post-Windows 2000 computers.
 
-If you do not configure this setting, only Administrators and Network Configuration Operators can delete all user remote access connections.
+If you don't configure this setting, only Administrators and Network Configuration Operators can delete all user remote access connections.
 
-When enabled, the "Prohibit deletion of remote access connections" setting takes precedence over this setting. Users (including administrators) cannot delete any remote access connections, and this setting is ignored.
+When enabled, the "Prohibit deletion of remote access connections" setting takes precedence over this setting. Users (including administrators) can't delete any remote access connections, and this setting is ignored.
 
 > [!NOTE]
-> LAN connections are created and deleted automatically by the system when a LAN adapter is installed or removed. You cannot use the Network Connections folder to create or delete a LAN connection.
+> LAN connections are created and deleted automatically by the system when a LAN adapter is installed or removed. You can't use the Network Connections folder to create or delete a LAN connection.
 > 
-> This setting does not prevent users from using other programs, such as Internet Explorer, to bypass this setting.
+> This setting doesn't prevent users from using other programs, such as Internet Explorer, to bypass this setting.
 
 <!--/Description-->
 
@@ -421,20 +421,20 @@ ADMX Info:
 <!--Description-->
 This policy setting determines whether users can delete remote access connections.
 
-If you enable this setting (and enable the "Enable Network Connections settings for Administrators" setting), users (including administrators) cannot delete any remote access connections. This setting also disables the Delete option on the context menu for a remote access connection and on the File menu in the Network Connections folder.
+If you enable this setting (and enable the "Enable Network Connections settings for Administrators" setting), users (including administrators) can't delete any remote access connections. This setting also disables the Delete option on the context menu for a remote access connection and on the File menu in the Network Connections folder.
 
-If the "Enable Network Connections settings for Administrators" is disabled or not configured, this setting will not apply to administrators on post-Windows 2000 computers.
+If the "Enable Network Connections settings for Administrators" is disabled or not configured, this setting won't apply to administrators on post-Windows 2000 computers.
 
-If you disable this setting or do not configure it, all users can delete their private remote access connections. Private connections are those that are available only to one user. (By default, only Administrators and Network Configuration Operators can delete connections available to all users, but you can change the default by using the "Ability to delete all user remote access connections" setting.)
+If you disable this setting or don't configure it, all users can delete their private remote access connections. Private connections are those connections that are available only to one user. (By default, only Administrators and Network Configuration Operators can delete connections available to all users, but you can change the default by using the "Ability to delete all user remote access connections" setting.)
 
-When enabled, this setting takes precedence over the "Ability to delete all user remote access connections" setting. Users cannot delete any remote access connections, and the "Ability to delete all user remote access connections" setting is ignored.
+When enabled, this setting takes precedence over the "Ability to delete all user remote access connections" setting. Users can't delete any remote access connections, and the "Ability to delete all user remote access connections" setting is ignored.
 
 > [!NOTE]
-> LAN connections are created and deleted automatically when a LAN adapter is installed or removed. You cannot use the Network Connections folder to create or delete a LAN connection.
+> LAN connections are created and deleted automatically when a LAN adapter is installed or removed. You can't use the Network Connections folder to create or delete a LAN connection.
 >
-> This setting does not prevent users from using other programs, such as Internet Explorer, to bypass this setting.
+> This setting doesn't prevent users from using other programs, such as Internet Explorer, to bypass this setting.
 > 
-> This setting does not prevent users from using other programs, such as Internet Explorer, to bypass this setting.
+> This setting doesn't prevent users from using other programs, such as Internet Explorer, to bypass this setting.
 
 <!--/Description-->
 
@@ -478,13 +478,13 @@ ADMX Info:
 <!--Description-->
 This policy setting determines whether the Remote Access Preferences item on the Advanced menu in Network Connections folder is enabled.
 
-The Remote Access Preferences item lets users create and change connections before logon and configure automatic dialing and callback features.
+The Remote Access Preferences item lets users create and change connections before signing in and configure automatic dialing and callback features.
 
 If you enable this setting (and enable the "Enable Network Connections settings for Administrators" setting), the Remote Access Preferences item is disabled for all users (including administrators).
 
-If the "Enable Network Connections settings for Administrators" is disabled or not configured, this setting will not apply to administrators on post-Windows 2000 computers.
+If the "Enable Network Connections settings for Administrators" is disabled or not configured, this setting won't apply to administrators on post-Windows 2000 computers.
 
-If you disable this setting or do not configure it, the Remote Access Preferences item is enabled for all users.
+If you disable this setting or don't configure it, the Remote Access Preferences item is enabled for all users.
 
 <!--/Description-->
 
@@ -530,7 +530,7 @@ This policy setting specifies whether or not the "local access only" network ico
 
 When enabled, the icon for Internet access will be shown in the system tray even when a user is connected to a network with local access only.
 
-If you disable this setting or do not configure it, the "local access only" icon will be used when a user is connected to a network with local access only.
+If you disable this setting or don't configure it, the "local access only" icon will be used when a user is connected to a network with local access only.
 
 <!--/Description-->
 
@@ -576,11 +576,11 @@ This policy setting determines whether settings that existed in Windows 2000 Ser
 
 The set of Network Connections group settings that existed in Windows 2000 Professional also exists in Windows XP Professional. In Windows 2000 Professional, all of these settings had the ability to prohibit the use of certain features from Administrators.
 
-By default, Network Connections group settings in Windows do not have the ability to prohibit the use of features from Administrators.
+By default, Network Connections group settings in Windows don't have the ability to prohibit the use of features from Administrators.
 
 If you enable this setting, the Windows XP settings that existed in Windows 2000 Professional will have the ability to prohibit Administrators from using certain features. These settings are "Ability to rename LAN connections or remote access connections available to all users", "Prohibit access to properties of components of a LAN connection", "Prohibit access to properties of components of a remote access connection", "Ability to access TCP/IP advanced configuration", "Prohibit access to the Advanced Settings Item on the Advanced Menu", "Prohibit adding and removing components for a LAN or remote access connection", "Prohibit access to properties of a LAN connection", "Prohibit Enabling/Disabling components of a LAN connection", "Ability to change properties of an all user remote access connection", "Prohibit changing properties of a private remote access connection", "Prohibit deletion of remote access connections", "Ability to delete all user remote access connections", "Prohibit connecting and disconnecting a remote access connection", "Ability to Enable/Disable a LAN connection", "Prohibit access to the New Connection Wizard", "Prohibit renaming private remote access connections", "Prohibit access to the Remote Access Preferences item on the Advanced menu", "Prohibit viewing of status for an active connection". When this setting is enabled, settings that exist in both Windows 2000 Professional and Windows behave the same for administrators.
 
-If you disable this setting or do not configure it, Windows settings that existed in Windows 2000 will not apply to administrators.
+If you disable this setting or don't configure it, Windows settings that existed in Windows 2000 won't apply to administrators.
 
 
 
@@ -630,9 +630,9 @@ When a remote client computer connects to an internal network using DirectAccess
 
 If you enable this policy setting, all traffic between a remote client computer running DirectAccess and the Internet is routed through the internal network.
 
-If you disable this policy setting, traffic between remote client computers running DirectAccess and the Internet is not routed through the internal network.
+If you disable this policy setting, traffic between remote client computers running DirectAccess and the Internet isn't routed through the internal network.
 
-If you do not configure this policy setting, traffic between remote client computers running DirectAccess and the Internet is not routed through the internal network.
+If you don't configure this policy setting, traffic between remote client computers running DirectAccess and the Internet isn't routed through the internal network.
 
 <!--/Description-->
 
@@ -674,11 +674,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to manage whether notifications are shown to the user when a DHCP-configured connection is unable to retrieve an IP address from a DHCP server. This is often signified by the assignment of an automatic private IP address"(i.e. an IP address in the range 169.254.*.*). This indicates that a DHCP server could not be reached or the DHCP server was reached but unable to respond to the request with a valid IP address. By default, a notification is displayed providing the user with information on how the problem can be resolved.
+This policy setting allows you to manage whether notifications are shown to the user when a DHCP-configured connection is unable to retrieve an IP address from a DHCP server. This retrieval failure is often signified by the assignment of an automatic private IP address"(that is, an IP address in the range 169.254.*.*). This assignment indicates that a DHCP server couldn't be reached or the DHCP server was reached but unable to respond to the request with a valid IP address. By default, a notification is displayed providing the user with information on how the problem can be resolved.
 
-If you enable this policy setting, this condition will not be reported as an error to the user.
+If you enable this policy setting, this condition won't be reported as an error to the user.
 
-If you disable or do not configure this policy setting, a DHCP-configured connection that has not been assigned an IP address will be reported via a notification, providing the user with information as to how the problem can be resolved.
+If you disable or don't configure this policy setting, a DHCP-configured connection that hasn't been assigned an IP address will be reported via a notification, providing the user with information as to how the problem can be resolved.
 
 <!--/Description-->
 
@@ -726,14 +726,14 @@ This setting determines whether the Properties button for components of a LAN co
 
 If you enable this setting (and enable the "Enable Network Connections settings for Administrators" setting), the Properties button is disabled for Administrators. Network Configuration Operators are prohibited from accessing connection components, regardless of the "Enable Network Connections settings for Administrators" setting.
 
-If the "Enable Network Connections settings for Administrators" is disabled or not configured, this setting does not apply to administrators on post-Windows 2000 computers.
+If the "Enable Network Connections settings for Administrators" is disabled or not configured, this setting doesn't apply to administrators on post-Windows 2000 computers.
 
-If you disable this setting or do not configure it, the Properties button is enabled for administrators and Network Configuration Operators.
+If you disable this setting or don't configure it, the Properties button is enabled for administrators and Network Configuration Operators.
 
 The Local Area Connection Properties dialog box includes a list of the network components that the connection uses. To view or change the properties of a component, click the name of the component, and then click the Properties button beneath the component list.
 
 > [!NOTE]
-> Not all network components have configurable properties. For components that are not configurable, the Properties button is always disabled.
+> Not all network components have configurable properties. For components that aren't configurable, the Properties button is always disabled.
 >
 > When the "Prohibit access to properties of a LAN connection" setting is enabled, users are blocked from accessing the Properties button for LAN connection components.
 >
@@ -787,9 +787,9 @@ If you enable this setting, the Enable and Disable options for LAN connections a
 
 If you disable this setting (and enable the "Enable Network Connections settings for Administrators" setting), double-clicking the icon has no effect, and the Enable and Disable menu items are disabled for all users (including administrators).
 
-If the "Enable Network Connections settings for Administrators" is disabled or not configured, this setting will not apply to administrators on post-Windows 2000 computers.
+If the "Enable Network Connections settings for Administrators" is disabled or not configured, this setting won't apply to administrators on post-Windows 2000 computers.
 
-If you do not configure this setting, only Administrators and Network Configuration Operators can enable/disable LAN connections.
+If you don't configure this setting, only Administrators and Network Configuration Operators can enable/disable LAN connections.
 
 > [!NOTE]
 > Administrators can still enable/disable LAN connections from Device Manager when this setting is disabled.
@@ -838,11 +838,11 @@ This policy setting determines whether users can change the properties of a LAN
 
 This setting determines whether the Properties menu item is enabled, and thus, whether the Local Area Connection Properties dialog box is available to users.
 
-If you enable this setting (and enable the "Enable Network Connections settings for Administrators" setting), the Properties menu items are disabled for all users, and users cannot open the Local Area Connection Properties dialog box.
+If you enable this setting (and enable the "Enable Network Connections settings for Administrators" setting), the Properties menu items are disabled for all users, and users can't open the Local Area Connection Properties dialog box.
 
-If the "Enable Network Connections settings for Administrators" is disabled or not configured, this setting will not apply to administrators on post-Windows 2000 computers.
+If the "Enable Network Connections settings for Administrators" is disabled or not configured, this setting won't apply to administrators on post-Windows 2000 computers.
 
-If you disable this setting or do not configure it, a Properties menu item appears when users right-click the icon representing a LAN connection. Also, when users select the connection, Properties is enabled on the File menu.
+If you disable this setting or don't configure it, a Properties menu item appears when users right-click the icon representing a LAN connection. Also, when users select the connection, Properties is enabled on the File menu.
 
 > [!NOTE]
 > This setting takes precedence over settings that manipulate the availability of features inside the Local Area Connection Properties dialog box. If this setting is enabled, nothing within the properties dialog box for a LAN connection is available to users.
@@ -891,16 +891,16 @@ ADMX Info:
 <!--Description-->
 This policy setting determines whether users can use the New Connection Wizard, which creates new network connections.
 
-If you enable this setting (and enable the "Enable Network Connections settings for Administrators" setting), the Make New Connection icon does not appear in the Start Menu on in the Network Connections folder. As a result, users (including administrators) cannot start the New Connection Wizard.
+If you enable this setting (and enable the "Enable Network Connections settings for Administrators" setting), the Make New Connection icon doesn't appear in the Start Menu on in the Network Connections folder. As a result, users (including administrators) can't start the New Connection Wizard.
 
-If the "Enable Network Connections settings for Administrators" is disabled or not configured, this setting will not apply to administrators on post-Windows 2000 computers.
+If the "Enable Network Connections settings for Administrators" is disabled or not configured, this setting won't apply to administrators on post-Windows 2000 computers.
 
-If you disable this setting or do not configure it, the Make New Connection icon appears in the Start menu and in the Network Connections folder for all users. Clicking the Make New Connection icon starts the New Connection Wizard.
+If you disable this setting or don't configure it, the Make New Connection icon appears in the Start menu and in the Network Connections folder for all users. Clicking the Make New Connection icon starts the New Connection Wizard.
 
 > [!NOTE]
-> Changing this setting from Enabled to Not Configured does not restore the Make New Connection icon until the user logs off or on. When other changes to this setting are applied, the icon does not appear or disappear in the Network Connections folder until the folder is refreshed.
+> Changing this setting from Enabled to Not Configured doesn't restore the Make New Connection icon until the user logs off or on. When other changes to this setting are applied, the icon doesn't appear or disappear in the Network Connections folder until the folder is refreshed.
 >
-> This setting does not prevent users from using other programs, such as Internet Explorer, to bypass this setting.
+> This setting doesn't prevent users from using other programs, such as Internet Explorer, to bypass this setting.
 
 <!--/Description-->
 
@@ -947,15 +947,15 @@ This policy setting prohibits use of Internet Connection Firewall on your DNS do
 Determines whether users can enable the Internet Connection Firewall feature on a connection, and if the Internet Connection Firewall service can run on a computer.
 
 > [!IMPORTANT]
-> This setting is location aware. It only applies when a computer is connected to the same DNS domain network it was connected to when the setting was refreshed on that computer. If a computer is connected to a DNS domain network other than the one it was connected to when the setting was refreshed, this setting does not apply.
+> This setting is location aware. It only applies when a computer is connected to the same DNS domain network it was connected to when the setting was refreshed on that computer. If a computer is connected to a DNS domain network other than the one it was connected to when the setting was refreshed, this setting doesn't apply.
 
 The Internet Connection Firewall is a stateful packet filter for home and small office users to protect them from Internet network security threats.
 
-If you enable this setting, Internet Connection Firewall cannot be enabled or configured by users (including administrators), and the Internet Connection Firewall service cannot run on the computer. The option to enable the Internet Connection Firewall through the Advanced tab is removed. In addition, the Internet Connection Firewall is not enabled for remote access connections created through the Make New Connection Wizard. The Network Setup Wizard is disabled.
+If you enable this setting, Internet Connection Firewall can't be enabled or configured by users (including administrators), and the Internet Connection Firewall service can't run on the computer. The option to enable the Internet Connection Firewall through the Advanced tab is removed. In addition, the Internet Connection Firewall isn't enabled for remote access connections created through the Make New Connection Wizard. The Network Setup Wizard is disabled.
 
 If you enable the "Windows Firewall: Protect all network connections" policy setting, the "Prohibit use of Internet Connection Firewall on your DNS domain network" policy setting has no effect on computers that are running Windows Firewall, which replaces Internet Connection Firewall when you install Windows XP Service Pack 2.
 
-If you disable this setting or do not configure it, the Internet Connection Firewall is disabled when a LAN Connection or VPN connection is created, but users can use the Advanced tab in the connection properties to enable it. The Internet Connection Firewall is enabled by default on the connection for which Internet Connection Sharing is enabled. In addition, remote access connections created through the Make New Connection Wizard have the Internet Connection Firewall enabled.
+If you disable this setting or don't configure it, the Internet Connection Firewall is disabled when a LAN Connection or VPN connection is created, but users can use the Advanced tab in the connection properties to enable it. The Internet Connection Firewall is enabled by default on the connection for which Internet Connection Sharing is enabled. In addition, remote access connections created through the Make New Connection Wizard have the Internet Connection Firewall enabled.
 
 <!--/Description-->
 
@@ -1005,16 +1005,16 @@ This setting determines whether the Properties menu item is enabled, and thus, w
 
 If you enable this setting, a Properties menu item appears when any user right-clicks the icon for a remote access connection. Also, when any user selects the connection, Properties appears on the File menu.
 
-If you disable this setting (and enable the "Enable Network Connections settings for Administrators" setting), the Properties menu items are disabled, and users (including administrators) cannot open the remote access connection properties dialog box.
+If you disable this setting (and enable the "Enable Network Connections settings for Administrators" setting), the Properties menu items are disabled, and users (including administrators) can't open the remote access connection properties dialog box.
 
-If the "Enable Network Connections settings for Administrators" is disabled or not configured, this setting will not apply to administrators on post-Windows 2000 computers.
+If the "Enable Network Connections settings for Administrators" is disabled or not configured, this setting won't apply to administrators on post-Windows 2000 computers.
 
-If you do not configure this setting, only Administrators and Network Configuration Operators can change properties of all-user remote access connections.
+If you don't configure this setting, only Administrators and Network Configuration Operators can change properties of all-user remote access connections.
 
 > [!NOTE]
 > This setting takes precedence over settings that manipulate the availability of features inside the Remote Access Connection Properties dialog box. If this setting is disabled, nothing within the properties dialog box for a remote access connection will be available to users.
 > 
-> This setting does not prevent users from using other programs, such as Internet Explorer, to bypass this setting.
+> This setting doesn't prevent users from using other programs, such as Internet Explorer, to bypass this setting.
 
 <!--/Description-->
 
@@ -1062,18 +1062,18 @@ This setting determines whether the Properties button for components used by a p
 
 If you enable this setting (and enable the "Enable Network Connections settings for Administrators" setting), the Properties button is disabled for all users (including administrators).
 
-If the "Enable Network Connections settings for Administrators" is disabled or not configured, this setting does not apply to administrators on post-Windows 2000 computers.
+If the "Enable Network Connections settings for Administrators" is disabled or not configured, this setting doesn't apply to administrators on post-Windows 2000 computers.
 
-If you disable this setting or do not configure it, the Properties button is enabled for all users.
+If you disable this setting or don't configure it, the Properties button is enabled for all users.
 
 The Networking tab of the Remote Access Connection Properties dialog box includes a list of the network components that the connection uses. To view or change the properties of a component, click the name of the component, and then click the Properties button beneath the component list.
 
 > [!NOTE]
-> Not all network components have configurable properties. For components that are not configurable, the Properties button is always disabled.
+> Not all network components have configurable properties. For components that aren't configurable, the Properties button is always disabled.
 >
 > When the "Ability to change properties of an all user remote access connection" or "Prohibit changing properties of a private remote access connection" settings are set to deny access to the Remote Access Connection Properties dialog box, the Properties button for remote access connection components is blocked.
 >
-> This setting does not prevent users from using other programs, such as Internet Explorer, to bypass this setting.
+> This setting doesn't prevent users from using other programs, such as Internet Explorer, to bypass this setting.
 
 <!--/Description-->
 
@@ -1119,9 +1119,9 @@ This policy setting determines whether users can connect and disconnect remote a
 
 If you enable this setting (and enable the "Enable Network Connections settings for Administrators" setting), double-clicking the icon has no effect, and the Connect and Disconnect menu items are disabled for all users (including administrators).
 
-If the "Enable Network Connections settings for Administrators" is disabled or not configured, this setting will not apply to administrators on post-Windows 2000 computers.
+If the "Enable Network Connections settings for Administrators" is disabled or not configured, this setting won't apply to administrators on post-Windows 2000 computers.
 
-If you disable this setting or do not configure it, the Connect and Disconnect options for remote access connections are available to all users. Users can connect or disconnect a remote access connection by double-clicking the icon representing the connection, by right-clicking it, or by using the File menu.
+If you disable this setting or don't configure it, the Connect and Disconnect options for remote access connections are available to all users. Users can connect or disconnect a remote access connection by double-clicking the icon representing the connection, by right-clicking it, or by using the File menu.
 
 <!--/Description-->
 
@@ -1171,14 +1171,14 @@ This setting determines whether the Properties menu item is enabled, and thus, w
 
 If you enable this setting (and enable the "Enable Network Connections settings for Administrators" setting), the Properties menu items are disabled, and no users (including administrators) can open the Remote Access Connection Properties dialog box for a private connection.
 
-If the "Enable Network Connections settings for Administrators" is disabled or not configured, this setting will not apply to administrators on post-Windows 2000 computers.
+If the "Enable Network Connections settings for Administrators" is disabled or not configured, this setting won't apply to administrators on post-Windows 2000 computers.
 
-If you disable this setting or do not configure it, a Properties menu item appears when any user right-clicks the icon representing a private remote access connection. Also, when any user selects the connection, Properties appears on the File menu.
+If you disable this setting or don't configure it, a Properties menu item appears when any user right-clicks the icon representing a private remote access connection. Also, when any user selects the connection, Properties appears on the File menu.
 
 > [!NOTE]
 > This setting takes precedence over settings that manipulate the availability of features in the Remote Access Connection Properties dialog box. If this setting is enabled, nothing within the properties dialog box for a remote access connection will be available to users.
 >
-> This setting does not prevent users from using other programs, such as Internet Explorer, to bypass this setting.
+> This setting doesn't prevent users from using other programs, such as Internet Explorer, to bypass this setting.
 
 <!--/Description-->
 
@@ -1228,14 +1228,14 @@ If you enable this setting, the Rename option is enabled for all-user remote acc
 
 If you disable this setting, the Rename option is disabled for nonadministrators only.
 
-If you do not configure the setting, only Administrators and Network Configuration Operators can rename all-user remote access connections.
+If you don't configure the setting, only Administrators and Network Configuration Operators can rename all-user remote access connections.
 
 > [!NOTE]
-> This setting does not apply to Administrators.
+> This setting doesn't apply to Administrators.
 
-When the "Ability to rename LAN connections or remote access connections available to all users" setting is configured (set to either Enabled or Disabled), this setting does not apply.
+When the "Ability to rename LAN connections or remote access connections available to all users" setting is configured (set to either Enabled or Disabled), this setting doesn't apply.
 
-This setting does not prevent users from using other programs, such as Internet Explorer, to bypass this setting.
+This setting doesn't prevent users from using other programs, such as Internet Explorer, to bypass this setting.
 
 <!--/Description-->
 
@@ -1283,14 +1283,14 @@ If you enable this setting, the Rename option is enabled for all users. Users ca
 
 If you disable this setting (and enable the "Enable Network Connections settings for Administrators" setting), the Rename option for LAN and all user remote access connections is disabled for all users (including Administrators and Network Configuration Operators).
 
-If the "Enable Network Connections settings for Administrators" is disabled or not configured, this setting will not apply to administrators on post-Windows 2000 computers.
+If the "Enable Network Connections settings for Administrators" is disabled or not configured, this setting won't apply to administrators on post-Windows 2000 computers.
 
-If this setting is not configured, only Administrators and Network Configuration Operators have the right to rename LAN or all user remote access connections.
+If this setting isn't configured, only Administrators and Network Configuration Operators have the right to rename LAN or all user remote access connections.
 
 > [!NOTE]
 > When configured, this setting always takes precedence over the "Ability to rename LAN connections" and "Ability to rename all user remote access connections" settings.
 >
-> This setting does not prevent users from using other programs, such as Internet Explorer, to rename remote access connections.
+> This setting doesn't prevent users from using other programs, such as Internet Explorer, to rename remote access connections.
 
 <!--/Description-->
 
@@ -1338,12 +1338,12 @@ If you enable this setting, the Rename option is enabled for LAN connections. No
 
 If you disable this setting, the Rename option is disabled for nonadministrators only.
 
-If you do not configure this setting, only Administrators and Network Configuration Operators can rename LAN connections
+If you don't configure this setting, only Administrators and Network Configuration Operators can rename LAN connections
 
 > [!NOTE]
-> This setting does not apply to Administrators.
+> This setting doesn't apply to Administrators.
 
-When the "Ability to rename LAN connections or remote access connections available to all users" setting is configured (set to either enabled or disabled), this setting does not apply.
+When the "Ability to rename LAN connections or remote access connections available to all users" setting is configured (set to either enabled or disabled), this setting doesn't apply.
 
 <!--/Description-->
 
@@ -1387,16 +1387,16 @@ ADMX Info:
 <!--Description-->
 This policy setting determines whether users can rename their private remote access connections.
 
-Private connections are those that are available only to one user. To create a private connection, on the Connection Availability page in the New Connection Wizard, click the "Only for myself" option.
+Private connections are those connections that are available only to one user. To create a private connection, on the Connection Availability page in the New Connection Wizard, click the "Only for myself" option.
 
 If you enable this setting (and enable the "Enable Network Connections settings for Administrators" setting), the Rename option is disabled for all users (including administrators).
 
-If the "Enable Network Connections settings for Administrators" is disabled or not configured, this setting will not apply to administrators on post-Windows 2000 computers.
+If the "Enable Network Connections settings for Administrators" is disabled or not configured, this setting won't apply to administrators on post-Windows 2000 computers.
 
-If you disable this setting or do not configure it, the Rename option is enabled for all users' private remote access connections. Users can rename their private connection by clicking an icon representing the connection or by using the File menu.
+If you disable this setting or don't configure it, the Rename option is enabled for all users' private remote access connections. Users can rename their private connection by clicking an icon representing the connection or by using the File menu.
 
 > [!NOTE]
-> This setting does not prevent users from using other programs, such as Internet Explorer, to bypass this setting.
+> This setting doesn't prevent users from using other programs, such as Internet Explorer, to bypass this setting.
 
 <!--/Description-->
 
@@ -1442,9 +1442,9 @@ This policy setting determines whether administrators can enable and configure t
 
 ICS lets administrators configure their system as an Internet gateway for a small network and provides network services, such as name resolution and addressing through DHCP, to the local private network.
 
-If you enable this setting, ICS cannot be enabled or configured by administrators, and the ICS service cannot run on the computer. The Advanced tab in the Properties dialog box for a LAN or remote access connection is removed. The Internet Connection Sharing page is removed from the New Connection Wizard. The Network Setup Wizard is disabled.
+If you enable this setting, ICS can't be enabled or configured by administrators, and the ICS service can't run on the computer. The Advanced tab in the Properties dialog box for a LAN or remote access connection is removed. The Internet Connection Sharing page is removed from the New Connection Wizard. The Network Setup Wizard is disabled.
 
-If you disable this setting or do not configure it and have two or more connections, administrators can enable ICS. The Advanced tab in the properties dialog box for a LAN or remote access connection is available. In addition, the user is presented with the option to enable Internet Connection Sharing in the Network Setup Wizard and Make New Connection Wizard. 
+If you disable this setting or don't configure it and have two or more connections, administrators can enable ICS. The Advanced tab in the properties dialog box for a LAN or remote access connection is available. In addition, the user is presented with the option to enable Internet Connection Sharing in the Network Setup Wizard and Make New Connection Wizard. 
 
 By default, ICS is disabled when you create a remote access connection, but administrators can use the Advanced tab to enable it. When running the New Connection Wizard or Network Setup Wizard, administrators can choose to enable ICS.
 
@@ -1455,7 +1455,7 @@ When the "Prohibit access to properties of a LAN connection," "Ability to change
 
 Nonadministrators are already prohibited from configuring Internet Connection Sharing, regardless of this setting.
 
-Disabling this setting does not prevent Wireless Hosted Networking from using the ICS service for DHCP services. To prevent the ICS service from running, on the Network Permissions tab in the network's policy properties, select the "Don't use hosted networks" check box.
+Disabling this setting doesn't prevent Wireless Hosted Networking from using the ICS service for DHCP services. To prevent the ICS service from running, on the Network Permissions tab in the network's policy properties, select the "Don't use hosted networks" check box.
 
 <!--/Description-->
 
@@ -1501,11 +1501,11 @@ This policy setting determines whether users can view the status for an active c
 
 Connection status is available from the connection status taskbar icon or from the Status dialog box. The Status dialog box displays information about the connection and its activity. It also provides buttons to disconnect and to configure the properties of the connection.
 
-If you enable this setting, the connection status taskbar icon and Status dialog box are not available to users (including administrators). The Status option is disabled in the context menu for the connection and on the File menu in the Network Connections folder. Users cannot choose to show the connection icon in the taskbar from the Connection Properties dialog box.
+If you enable this setting, the connection status taskbar icon and Status dialog box aren't available to users (including administrators). The Status option is disabled in the context menu for the connection and on the File menu in the Network Connections folder. Users can't choose to show the connection icon in the taskbar from the Connection Properties dialog box.
 
-If the "Enable Network Connections settings for Administrators" is disabled or not configured, this setting will not apply to administrators on post-Windows 2000 computers.
+If the "Enable Network Connections settings for Administrators" is disabled or not configured, this setting won't apply to administrators on post-Windows 2000 computers.
 
-If you disable this setting or do not configure it, the connection status taskbar icon and  Status dialog box are available to all users.
+If you disable this setting or don't configure it, the connection status taskbar icon and  Status dialog box are available to all users.
 
 <!--/Description-->
 
@@ -1551,7 +1551,7 @@ This policy setting determines whether to require domain users to elevate when s
 
 If you enable this policy setting, domain users must elevate when setting a network's location.
 
-If you disable or do not configure this policy setting, domain users can set a network's location without elevating.
+If you disable or don't configure this policy setting, domain users can set a network's location without elevating.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-offlinefiles.md b/windows/client-management/mdm/policy-csp-admx-offlinefiles.md
index 212028ab92..6a461fb657 100644
--- a/windows/client-management/mdm/policy-csp-admx-offlinefiles.md
+++ b/windows/client-management/mdm/policy-csp-admx-offlinefiles.md
@@ -197,11 +197,11 @@ manager: dansimp
 <!--Description-->
 This policy setting makes subfolders available offline whenever their parent folder is made available offline.
 
-This setting automatically extends the "make available offline" setting to all new and existing subfolders of a folder. Users do not have the option of excluding subfolders.
+This setting automatically extends the "make available offline" setting to all new and existing subfolders of a folder. Users don't have the option of excluding subfolders.
 
 If you enable this setting, when you make a folder available offline, all folders within that folder are also made available offline. Also, new folders that you create within a folder that is available offline are made available offline when the parent folder is synchronized.
 
-If you disable this setting or do not configure it, the system asks users whether they want subfolders to be made available offline when they make a parent folder available offline.
+If you disable this setting or don't configure it, the system asks users whether they want subfolders to be made available offline when they make a parent folder available offline.
 
 <!--/Description-->
 
@@ -243,13 +243,13 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting lists network files and folders that are always available for offline use. This ensures that the specified files and folders are available offline to users of the computer.
+This policy setting lists network files and folders that are always available for offline use. Activation of this policy setting ensures that the specified files and folders are available offline to users of the computer.
 
 If you enable this policy setting, the files you enter are always available offline to users of the computer. To specify a file or folder, click Show. In the Show Contents dialog box in the Value Name column, type the fully qualified UNC path to the file or folder. Leave the Value column field blank.
 
-If you disable this policy setting, the list of files or folders made always available offline (including those inherited from lower precedence GPOs) is deleted and no files or folders are made available for offline use by Group Policy (though users can still specify their own files and folders for offline use).
+If you disable this policy setting, the list of files or folders made always available offline (including those files or folders inherited from lower precedence GPOs) is deleted and no files or folders are made available for offline use by Group Policy (though users can still specify their own files and folders for offline use).
 
-If you do not configure this policy setting, no files or folders are made available for offline use by Group Policy.
+If you don't configure this policy setting, no files or folders are made available for offline use by Group Policy.
 
 > [!NOTE]
 > This setting appears in the Computer Configuration and User Configuration folders. If both policy settings are configured, the policy settings will be combined and all specified files will be available for offline use.
@@ -294,13 +294,13 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting lists network files and folders that are always available for offline use. This ensures that the specified files and folders are available offline to users of the computer.
+This policy setting lists network files and folders that are always available for offline use. Activation of this policy setting ensures that the specified files and folders are available offline to users of the computer.
 
 If you enable this policy setting, the files you enter are always available offline to users of the computer. To specify a file or folder, click Show. In the Show Contents dialog box in the Value Name column, type the fully qualified UNC path to the file or folder. Leave the Value column field blank.
 
-If you disable this policy setting, the list of files or folders made always available offline (including those inherited from lower precedence GPOs) is deleted and no files or folders are made available for offline use by Group Policy (though users can still specify their own files and folders for offline use).
+If you disable this policy setting, the list of files or folders made always available offline (including those files or folders inherited from lower precedence GPOs) is deleted and no files or folders are made available for offline use by Group Policy (though users can still specify their own files and folders for offline use).
 
-If you do not configure this policy setting, no files or folders are made available for offline use by Group Policy.
+If you don't configure this policy setting, no files or folders are made available for offline use by Group Policy.
 
 > [!NOTE]
 > This setting appears in the Computer Configuration and User Configuration folders. If both policy settings are configured, the policy settings will be combined and all specified files will be available for offline use.
@@ -345,13 +345,13 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting controls when background synchronization occurs while operating in slow-link mode, and applies to any user who logs onto the specified machine while this policy is in effect. To control slow-link mode, use the "Configure slow-link mode" policy setting.
+This policy setting controls when background synchronization occurs while operating in slow-link mode, and applies to any user who signs in to the specified machine while this policy is in effect. To control slow-link mode, use the "Configure slow-link mode" policy setting.
 
-If you enable this policy setting, you can control when Windows synchronizes in the background while operating in slow-link mode. Use  the 'Sync Interval' and 'Sync Variance' values to override the default sync interval and variance settings. Use 'Blockout Start Time' and 'Blockout Duration' to set a period of time where background sync is disabled. Use the 'Maximum Allowed Time Without A Sync' value to ensure that all  network folders on the machine are synchronized with the server on a regular basis.
+If you enable this policy setting, you can control when Windows synchronizes in the background while operating in slow-link mode. Use  the 'Sync Interval' and 'Sync Variance' values to override the default sync interval and variance settings. Use 'Blockout Start Time' and 'Blockout Duration' to set a period of time where background sync is disabled. Use the 'Maximum Allowed Time Without A Sync' value to ensure that all network folders on the machine are synchronized with the server regularly.
 
 You can also configure Background Sync for network shares that are in user selected Work Offline mode. This mode is in effect when a user selects the Work Offline button for a specific share. When selected, all configured settings will apply to shares in user selected Work Offline mode as well.
 
-If you disable or do not configure this policy setting, Windows performs a background sync of offline folders in the slow-link mode at a default interval with the start of the sync varying between 0 and 60 additional minutes. In Windows 7 and Windows Server 2008 R2, the default sync interval is 360 minutes. In Windows 8 and Windows Server 2012, the default sync interval is 120 minutes.
+If you disable or don't configure this policy setting, Windows performs a background sync of offline folders in the slow-link mode at a default interval, with the start of the sync varying between 0 and 60 extra minutes. In Windows 7 and Windows Server 2008 R2, the default sync interval is 360 minutes. In Windows 8 and Windows Server 2012, the default sync interval is 120 minutes.
 
 <!--/Description-->
 
@@ -393,15 +393,15 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting limits the amount of disk space that can be used to store offline files. This includes the space used by automatically cached files and files that are specifically made available offline. Files can be automatically cached if the user accesses a file on an automatic caching network share.
+This policy setting limits the volume of disk space that can be used to store offline files. This volume includes the space used by automatically cached files and files that are made available offline. Files can be automatically cached if the user accesses a file on an automatic caching network share.
 
-This setting also disables the ability to adjust, through the Offline Files control panel applet, the disk space limits on the Offline Files cache. This prevents users from trying to change the option while a policy setting controls it.
+This setting also disables the ability to adjust, through the Offline Files control panel applet, the disk space limits on the Offline Files cache. This disablement prevents users from trying to change the option while a policy setting controls it.
 
 If you enable this policy setting, you can specify the disk space limit (in megabytes) for offline files and also specify how much of that disk space can be used by automatically cached files.
 
 If you disable this policy setting, the system limits the space that offline files occupy to 25 percent of the total space on the drive where the Offline Files cache is located.  The limit for automatically cached files is 100 percent of the total disk space limit.
 
-If you do not configure this policy setting, the system limits the space that offline files occupy to 25 percent of the total space on the drive where the Offline Files cache is located. The limit for automatically cached files is 100 percent of the total disk space limit.  However, the users can change these values using the Offline Files control applet.
+If you don't configure this policy setting, the system limits the space that offline files occupy to 25 percent of the total space on the drive where the Offline Files cache is located. The limit for automatically cached files is 100 percent of the total disk space limit.  However, the users can change these values using the Offline Files control applet.
 
 If you enable this setting and specify a total size limit greater than the size of the drive hosting the Offline Files cache, and that drive is the system drive, the total size limit is automatically adjusted downward to 75 percent of the size of the drive.  If the cache is located on a drive other than the system drive, the limit is automatically adjusted downward to 100 percent of the size of the drive.
 
@@ -453,17 +453,17 @@ ADMX Info:
 <!--Description-->
 This policy setting determines whether network files remain available if the computer is suddenly disconnected from the server hosting the files.
 
-This setting also disables the "When a network connection is lost" option on the Offline Files tab. This prevents users from trying to change the option while a setting controls it.
+This setting also disables the "When a network connection is lost" option on the Offline Files tab. This disablement prevents users from trying to change the option while a setting controls it.
 
 If you enable this setting, you can use the "Action" box to specify how computers in the group respond.
 
 - "Work offline" indicates that the computer can use local copies of network files while the server is inaccessible.
 
-- "Never go offline" indicates that network files are not available while the server is inaccessible.
+- "Never go offline" indicates that network files aren't available while the server is inaccessible.
 
 If you disable this setting or select the "Work offline" option, users can work offline if disconnected.
 
-If you do not configure this setting, users can work offline by default, but they can change this option.
+If you don't configure this setting, users can work offline by default, but they can change this option.
 
 This setting appears in the Computer Configuration and User Configuration folders. If both settings are configured, the setting in Computer  Configuration takes precedence over the setting in User Configuration.
 
@@ -514,17 +514,17 @@ ADMX Info:
 <!--Description-->
 This policy setting determines whether network files remain available if the computer is suddenly disconnected from the server hosting the files.
 
-This setting also disables the "When a network connection is lost" option on the Offline Files tab. This prevents users from trying to change the option while a setting controls it.
+This setting also disables the "When a network connection is lost" option on the Offline Files tab. This disablement prevents users from trying to change the option while a setting controls it.
 
 If you enable this setting, you can use the "Action" box to specify how computers in the group respond.
 
 - "Work offline" indicates that the computer can use local copies of network files while the server is inaccessible.
 
-- "Never go offline" indicates that network files are not available while the server is inaccessible.
+- "Never go offline" indicates that network files aren't available while the server is inaccessible.
 
 If you disable this setting or select the "Work offline" option, users can work offline if disconnected.
 
-If you do not configure this setting, users can work offline by default, but they can change this option.
+If you don't configure this setting, users can work offline by default, but they can change this option.
 
 This setting appears in the Computer Configuration and User Configuration folders. If both settings are configured, the setting in Computer  Configuration takes precedence over the setting in User Configuration.
 
@@ -575,17 +575,17 @@ ADMX Info:
 <!--Description-->
 Limits the percentage of the computer's disk space that can be used to store automatically cached offline files.
 
-This setting also disables the "Amount of disk space to use for temporary offline files" option on the Offline Files tab. This prevents users from trying to change the option while a setting controls it.
+This setting also disables the "Amount of disk space to use for temporary offline files" option on the Offline Files tab. This disablement prevents users from trying to change the option while a setting controls it.
 
 Automatic caching can be set on any network share. When a user opens a file on the share, the system automatically stores a copy of the file on the user's computer.
 
-This setting does not limit the disk space available for files that user's make available offline manually.
+This setting doesn't limit the disk space available for files that user's make available offline manually.
 
 If you enable this setting, you can specify an automatic-cache disk space limit.
 
 If you disable this setting, the system limits the space that automatically cached files occupy to 10 percent of the space on the system drive.
 
-If you do not configure this setting, disk space for automatically cached files is limited to 10 percent of the system drive by default, but users can change it.
+If you don't configure this setting, disk space for automatically cached files is limited to 10 percent of the system drive by default, but users can change it.
 
 > [!TIP]
 > To change the amount of disk space used for automatic caching without specifying a setting, in Windows Explorer, on the Tools menu, click Folder Options, click the Offline Files tab, and then use the slider bar associated with the "Amount of disk space to use for temporary offline files" option.
@@ -630,16 +630,16 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting determines whether the Offline Files feature is enabled. Offline Files saves a copy of network files on the user's computer for use when the computer is not connected to the network.
+This policy setting determines whether the Offline Files feature is enabled. Offline Files saves a copy of network files on the user's computer for use when the computer isn't connected to the network.
 
-If you enable this policy setting, Offline Files is enabled and users cannot disable it.
+If you enable this policy setting, Offline Files is enabled and users can't disable it.
 
-If you disable this policy setting, Offline Files is disabled and users cannot enable it.
+If you disable this policy setting, Offline Files is disabled and users can't enable it.
 
-If you do not configure this policy setting, Offline Files is enabled on Windows client computers, and disabled on computers running Windows Server, unless changed by the user.
+If you don't configure this policy setting, Offline Files is enabled on Windows client computers, and disabled on computers running Windows Server, unless changed by the user.
 
 > [!NOTE]
-> Changes to this policy setting do not take effect until the affected computer is restarted.
+> Changes to this policy setting don't take effect until the affected computer is restarted.
 
 <!--/Description-->
 
@@ -685,16 +685,16 @@ This policy setting determines whether offline files are encrypted.
 
 Offline files are locally cached copies of files from a network share. Encrypting this cache reduces the likelihood that a user could access files from the Offline Files cache without proper permissions.
 
-If you enable this policy setting, all files in the Offline Files cache are encrypted.  This includes existing files as well as files added later. The cached copy on the local computer is affected, but the associated network copy is not. The user cannot unencrypt Offline Files through the user interface.
+If you enable this policy setting, all files in the Offline Files cache are encrypted.  These files include existing files and files added later. The cached copy on the local computer is affected, but the associated network copy isn't. The user can't unencrypt Offline Files through the user interface.
 
-If you disable this policy setting, all files in the Offline Files cache are unencrypted. This includes existing files as well as files added later, even if the files were stored using NTFS encryption or BitLocker Drive Encryption while on the server. The cached copy on the local computer is affected, but the associated network copy is not. The user cannot encrypt Offline Files through the user interface.
+If you disable this policy setting, all files in the Offline Files cache are unencrypted. These files include existing files and files added later, even if the files were stored using NTFS encryption or BitLocker Drive Encryption while on the server. The cached copy on the local computer is affected, but the associated network copy isn't. The user can't encrypt Offline Files through the user interface.
 
-If you do not configure this policy setting, encryption of the Offline Files cache is controlled by the user through the user interface. The current cache state is retained, and if the cache is only partially encrypted, the operation completes so that it is fully encrypted. The cache does not return to the unencrypted state. The user must be an administrator on the local computer to encrypt or decrypt the Offline Files cache.
+If you don't configure this policy setting, encryption of the Offline Files cache is controlled by the user through the user interface. The current cache state is retained, and if the cache is only partially encrypted, the operation completes so that it's fully encrypted. The cache doesn't return to the unencrypted state. The user must be an administrator on the local computer to encrypt or decrypt the Offline Files cache.
 
 > [!NOTE]
 > By default, this cache is protected on NTFS partitions by ACLs.
 
-This setting is applied at user logon. If this setting is changed after user logon then user logoff and logon is required for this setting to take effect.
+This setting is applied at user sign in. If this setting is changed after user sign in, then user sign out and sign in is required for this setting to take effect.
 <!--/Description-->
 
 
@@ -737,7 +737,7 @@ ADMX Info:
 <!--Description-->
 This policy setting determines which events the Offline Files feature records in the event log.
 
-Offline Files records events in the Application log in Event Viewer when it detects errors. By default, Offline Files records an event only when the offline files storage cache is corrupted. However, you can use this setting to specify additional events you want Offline Files to record.
+Offline Files records events in the Application log in Event Viewer when it detects errors. By default, Offline Files records an event only when the offline files storage cache is corrupted. However, you can use this setting to specify the other events you want Offline Files to record.
 
 To use this setting, in the "Enter" box, select the number corresponding to the events you want the system to log. The levels are cumulative; that is, each level includes the events in all preceding levels.
 
@@ -794,7 +794,7 @@ ADMX Info:
 <!--Description-->
 This policy setting determines which events the Offline Files feature records in the event log.
 
-Offline Files records events in the Application log in Event Viewer when it detects errors. By default, Offline Files records an event only when the offline files storage cache is corrupted. However, you can use this setting to specify additional events you want Offline Files to record.
+Offline Files records events in the Application log in Event Viewer when it detects errors. By default, Offline Files records an event only when the offline files storage cache is corrupted. However, you can use this setting to specify the other events you want Offline Files to record.
 
 To use this setting, in the "Enter" box, select the number corresponding to the events you want the system to log. The levels are cumulative; that is, each level includes the events in all preceding levels.
 
@@ -853,7 +853,7 @@ This policy setting enables administrators to block certain file types from bein
 
 If you enable this policy setting, a user will be unable to create files with the specified file extensions in any of the folders that have been made available offline.
 
-If you disable or do not configure this policy setting, a user can create a file of any type in the folders that have been made available offline.
+If you disable or don't configure this policy setting, a user can create a file of any type in the folders that have been made available offline.
 
 <!--/Description-->
 
@@ -895,11 +895,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Lists types of files that cannot be used offline.
+Lists types of files that can't be used offline.
 
-This setting lets you exclude certain types of files from automatic and manual caching for offline use. The system does not cache files of the type specified in this setting even when they reside on a network share configured for automatic caching. Also, if users try to make a file of this type available offline, the operation will fail and the following message will be displayed in the Synchronization Manager progress dialog box: "Files of this type cannot be made available offline."
+This setting lets you exclude certain types of files from automatic and manual caching for offline use. The system doesn't cache files of the type specified in this setting even when they reside on a network share configured for automatic caching. Also, if users try to make a file of this type available offline, the operation will fail and the following message will be displayed in the Synchronization Manager progress dialog box: "Files of this type cannot be made available offline."
 
-This setting is designed to protect files that cannot be separated, such as database components.
+This setting is designed to protect files that can't be separated, such as database components.
 
 To use this setting, type the file name extension in the "Extensions" box. To type more than one extension, separate the extensions with a semicolon (;).
 
@@ -948,17 +948,17 @@ ADMX Info:
 <!--Description-->
 This policy setting determines whether network files remain available if the computer is suddenly disconnected from the server hosting the files.
 
-This setting also disables the "When a network connection is lost" option on the Offline Files tab. This prevents users from trying to change the option while a setting controls it.
+This setting also disables the "When a network connection is lost" option on the Offline Files tab. This disablement prevents users from trying to change the option while a setting controls it.
 
 If you enable this setting, you can use the "Action" box to specify how computers in the group respond.
 
 - "Work offline" indicates that the computer can use local copies of network files while the server is inaccessible.
 
-- "Never go offline" indicates that network files are not available while the server is inaccessible.
+- "Never go offline" indicates that network files aren't available while the server is inaccessible.
 
 If you disable this setting or select the "Work offline" option, users can work offline if disconnected.
 
-If you do not configure this setting, users can work offline by default, but they can change this option.
+If you don't configure this setting, users can work offline by default, but they can change this option.
 
 This setting appears in the Computer Configuration and User Configuration folders. If both settings are configured, the setting in Computer  Configuration takes precedence over the setting in User Configuration.
 
@@ -1009,17 +1009,17 @@ ADMX Info:
 <!--Description-->
 This policy setting determines whether network files remain available if the computer is suddenly disconnected from the server hosting the files.
 
-This setting also disables the "When a network connection is lost" option on the Offline Files tab. This prevents users from trying to change the option while a setting controls it.
+This setting also disables the "When a network connection is lost" option on the Offline Files tab. This disablement prevents users from trying to change the option while a setting controls it.
 
 If you enable this setting, you can use the "Action" box to specify how computers in the group respond.
 
 - "Work offline" indicates that the computer can use local copies of network files while the server is inaccessible.
 
-- "Never go offline" indicates that network files are not available while the server is inaccessible.
+- "Never go offline" indicates that network files aren't available while the server is inaccessible.
 
 If you disable this setting or select the "Work offline" option, users can work offline if disconnected.
 
-If you do not configure this setting, users can work offline by default, but they can change this option.
+If you don't configure this setting, users can work offline by default, but they can change this option.
 
 This setting appears in the Computer Configuration and User Configuration folders. If both settings are configured, the setting in Computer  Configuration takes precedence over the setting in User Configuration.
 
@@ -1070,9 +1070,9 @@ ADMX Info:
 <!--Description-->
 This policy setting disables the Offline Files folder.
 
-This setting disables the "View Files" button on the Offline Files tab. As a result, users cannot use the Offline Files folder to view or open copies of network files stored on their computer. Also, they cannot use the folder to view characteristics of offline files, such as their server status, type, or location.
+This setting disables the "View Files" button on the Offline Files tab. As a result, users can't use the Offline Files folder to view or open copies of network files stored on their computer. Also, they can't use the folder to view characteristics of offline files, such as their server status, type, or location.
 
-This setting does not prevent users from working offline or from saving local copies of files available offline. Also, it does not prevent them from using other programs, such as Windows Explorer, to view their offline files.
+This setting doesn't prevent users from working offline or from saving local copies of files available offline. Also, it doesn't prevent them from using other programs, such as Windows Explorer, to view their offline files.
 
 This setting appears in the Computer Configuration and User Configuration folders. If both settings are configured, the setting in Computer Configuration takes precedence over the setting in User Configuration.
 
@@ -1121,9 +1121,9 @@ ADMX Info:
 <!--Description-->
 This policy setting disables the Offline Files folder.
 
-This setting disables the "View Files" button on the Offline Files tab. As a result, users cannot use the Offline Files folder to view or open copies of network files stored on their computer. Also, they cannot use the folder to view characteristics of offline files, such as their server status, type, or location.
+This setting disables the "View Files" button on the Offline Files tab. As a result, users can't use the Offline Files folder to view or open copies of network files stored on their computer. Also, they can't use the folder to view characteristics of offline files, such as their server status, type, or location.
 
-This setting does not prevent users from working offline or from saving local copies of files available offline. Also, it does not prevent them from using other programs, such as Windows Explorer, to view their offline files.
+This setting doesn't prevent users from working offline or from saving local copies of files available offline. Also, it doesn't prevent them from using other programs, such as Windows Explorer, to view their offline files.
 
 This setting appears in the Computer Configuration and User Configuration folders. If both settings are configured, the setting in Computer Configuration takes precedence over the setting in User Configuration.
 
@@ -1172,14 +1172,14 @@ ADMX Info:
 <!--Description-->
 This policy setting prevents users from enabling, disabling, or changing the configuration of Offline Files.
 
-This setting removes the Offline Files tab from the Folder Options dialog box. It also removes the Settings item from the Offline Files context menu and disables the Settings button on the Offline Files Status dialog box. As a result, users cannot view or change the options on the Offline Files tab or Offline Files dialog box.
+This setting removes the Offline Files tab from the Folder Options dialog box. It also removes the Settings item from the Offline Files context menu and disables the Settings button on the Offline Files Status dialog box. As a result, users can't view or change the options on the Offline Files tab or Offline Files dialog box.
 
-This is a comprehensive setting that locks down the configuration you establish by using other settings in this folder.
+This setting is a comprehensive setting that locks down the configuration you establish by using other settings in this folder.
 
 This setting appears in the Computer Configuration and User Configuration folders. If both settings are configured, the setting in Computer Configuration takes precedence over the setting in User Configuration.
 
 > [!TIP]
-> This setting provides a quick method for locking down the default settings for Offline Files. To accept the defaults, just enable this setting. You do not have to disable any other settings in this folder.
+> This setting provides a quick method for locking down the default settings for Offline Files. To accept the defaults, just enable this setting. You don't have to disable any other settings in this folder.
 
 <!--/Description-->
 
@@ -1223,14 +1223,14 @@ ADMX Info:
 <!--Description-->
 This policy setting prevents users from enabling, disabling, or changing the configuration of Offline Files.
 
-This setting removes the Offline Files tab from the Folder Options dialog box. It also removes the Settings item from the Offline Files context menu and disables the Settings button on the Offline Files Status dialog box. As a result, users cannot view or change the options on the Offline Files tab or Offline Files dialog box.
+This setting removes the Offline Files tab from the Folder Options dialog box. It also removes the Settings item from the Offline Files context menu and disables the Settings button on the Offline Files Status dialog box. As a result, users can't view or change the options on the Offline Files tab or Offline Files dialog box.
 
-This is a comprehensive setting that locks down the configuration you establish by using other settings in this folder.
+This setting is a comprehensive setting that locks down the configuration you establish by using other settings in this folder.
 
 This setting appears in the Computer Configuration and User Configuration folders. If both settings are configured, the setting in Computer Configuration takes precedence over the setting in User Configuration.
 
 > [!TIP]
-> This setting provides a quick method for locking down the default settings for Offline Files. To accept the defaults, just enable this setting. You do not have to disable any other settings in this folder.
+> This setting provides a quick method for locking down the default settings for Offline Files. To accept the defaults, just enable this setting. You don't have to disable any other settings in this folder.
 
 <!--/Description-->
 
@@ -1274,9 +1274,9 @@ ADMX Info:
 <!--Description-->
 This policy setting prevents users from making network files and folders available offline.
 
-If you enable this policy setting, users cannot designate files to be saved on their computer for offline use. However, Windows will still cache local copies of files that reside on network shares designated for automatic caching.
+If you enable this policy setting, users can't designate files to be saved on their computer for offline use. However, Windows will still cache local copies of files that reside on network shares designated for automatic caching.
 
-If you disable or do not configure this policy setting, users can manually specify files and folders that they want to make available offline.
+If you disable or don't configure this policy setting, users can manually specify files and folders that they want to make available offline.
 
 > [!NOTE]
 > - This policy setting appears in the Computer Configuration and User Configuration folders. If both policy settings are configured, the policy setting in Computer Configuration takes precedence.
@@ -1324,9 +1324,9 @@ ADMX Info:
 <!--Description-->
 This policy setting prevents users from making network files and folders available offline.
 
-If you enable this policy setting, users cannot designate files to be saved on their computer for offline use. However, Windows will still cache local copies of files that reside on network shares designated for automatic caching.
+If you enable this policy setting, users can't designate files to be saved on their computer for offline use. However, Windows will still cache local copies of files that reside on network shares designated for automatic caching.
 
-If you disable or do not configure this policy setting, users can manually specify files and folders that they want to make available offline.
+If you disable or don't configure this policy setting, users can manually specify files and folders that they want to make available offline.
 
 > [!NOTE]
 > - This policy setting appears in the Computer Configuration and User Configuration folders. If both policy settings are configured, the policy setting in Computer Configuration takes precedence.
@@ -1374,16 +1374,16 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to manage a list of files and folders for which you want to block the "Make Available Offline" command.
 
-If you enable this policy setting, the "Make Available Offline" command is not available for the files and folders that you list. To specify these files and folders, click Show. In the Show Contents dialog box, in the Value Name column box, type the fully qualified UNC path to the file or folder. Leave the Value column field blank.
+If you enable this policy setting, the "Make Available Offline" command isn't available for the files and folders that you list. To specify these files and folders, click Show. In the Show Contents dialog box, in the Value Name column box, type the fully qualified UNC path to the file or folder. Leave the Value column field blank.
 
 If you disable this policy setting, the list of files and folders is deleted, including any lists inherited from lower precedence GPOs, and the "Make Available Offline" command is displayed for all files and folders.
 
-If you do not configure this policy setting, the "Make Available Offline" command is available for all files and folders.
+If you don't configure this policy setting, the "Make Available Offline" command is available for all files and folders.
 
 > [!NOTE]
 > - This policy setting appears in the Computer Configuration and User Configuration folders. If both policy settings are configured, the policy settings are combined, and the "Make Available Offline" command is unavailable for all specified files and folders.
 > - The "Make Available Offline" command is called "Always available offline" on computers running Windows Server 2012, Windows Server 2008 R2, Windows Server 2008, Windows 8, Windows 7, or Windows Vista.
-> - This policy setting does not prevent files from being automatically cached if the network share is configured for "Automatic Caching." It only affects the display of the "Make Available Offline" command in File Explorer.
+> - This policy setting doesn't prevent files from being automatically cached if the network share is configured for "Automatic Caching." It only affects the display of the "Make Available Offline" command in File Explorer.
 > - If the "Remove 'Make Available Offline' command" policy setting is enabled, this setting has no effect.
 
 <!--/Description-->
@@ -1428,16 +1428,16 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to manage a list of files and folders for which you want to block the "Make Available Offline" command.
 
-If you enable this policy setting, the "Make Available Offline" command is not available for the files and folders that you list. To specify these files and folders, click Show. In the Show Contents dialog box, in the Value Name column box, type the fully qualified UNC path to the file or folder. Leave the Value column field blank.
+If you enable this policy setting, the "Make Available Offline" command isn't available for the files and folders that you list. To specify these files and folders, click Show. In the Show Contents dialog box, in the Value Name column box, type the fully qualified UNC path to the file or folder. Leave the Value column field blank.
 
 If you disable this policy setting, the list of files and folders is deleted, including any lists inherited from lower precedence GPOs, and the "Make Available Offline" command is displayed for all files and folders.
 
-If you do not configure this policy setting, the "Make Available Offline" command is available for all files and folders.
+If you don't configure this policy setting, the "Make Available Offline" command is available for all files and folders.
 
 > [!NOTE]
 > - This policy setting appears in the Computer Configuration and User Configuration folders. If both policy settings are configured, the policy settings are combined, and the "Make Available Offline" command is unavailable for all specified files and folders.
 > - The "Make Available Offline" command is called "Always available offline" on computers running Windows Server 2012, Windows Server 2008 R2, Windows Server 2008, Windows 8, Windows 7, or Windows Vista.
-> - This policy setting does not prevent files from being automatically cached if the network share is configured for "Automatic Caching." It only affects the display of the "Make Available Offline" command in File Explorer.
+> - This policy setting doesn't prevent files from being automatically cached if the network share is configured for "Automatic Caching." It only affects the display of the "Make Available Offline" command in File Explorer.
 > - If the "Remove 'Make Available Offline' command" policy setting is enabled, this setting has no effect.
 
 <!--/Description-->
@@ -1482,13 +1482,13 @@ ADMX Info:
 <!--Description-->
 Hides or displays reminder balloons, and prevents users from changing the setting.
 
-Reminder balloons appear above the Offline Files icon in the notification area to notify users when they have lost the connection to a networked file and are working on a local copy of the file. Users can then decide how to proceed.
+Reminder balloons appear above the Offline Files icon in the notification area to notify users when they've lost the connection to a networked file and are working on a local copy of the file. Users can then decide how to proceed.
 
 If you enable this setting, the system hides the reminder balloons, and prevents users from displaying them.
 
 If you disable the setting, the system displays the reminder balloons and prevents users from hiding them.
 
-If this setting is not configured, reminder balloons are displayed by default when you enable offline files, but users can change the setting.
+If this setting isn't configured, reminder balloons are displayed by default when you enable offline files, but users can change the setting.
 
 To prevent users from changing the setting while a setting is in effect, the system disables the "Enable reminders" option on the Offline Files tab
 
@@ -1539,13 +1539,13 @@ ADMX Info:
 <!--Description-->
 Hides or displays reminder balloons, and prevents users from changing the setting.
 
-Reminder balloons appear above the Offline Files icon in the notification area to notify users when they have lost the connection to a networked file and are working on a local copy of the file. Users can then decide how to proceed.
+Reminder balloons appear above the Offline Files icon in the notification area to notify users when they've lost the connection to a networked file and are working on a local copy of the file. Users can then decide how to proceed.
 
 If you enable this setting, the system hides the reminder balloons, and prevents users from displaying them.
 
 If you disable the setting, the system displays the reminder balloons and prevents users from hiding them.
 
-If this setting is not configured, reminder balloons are displayed by default when you enable offline files, but users can change the setting.
+If this setting isn't configured, reminder balloons are displayed by default when you enable offline files, but users can change the setting.
 
 To prevent users from changing the setting while a setting is in effect, the system disables the "Enable reminders" option on the Offline Files tab
 
@@ -1594,15 +1594,15 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting controls whether files read from file shares over a slow network are transparently cached in the Offline Files cache for future reads. When a user tries to access a file that has been transparently cached, Windows reads from the cached copy after verifying its integrity. This improves end-user response times and decreases bandwidth consumption over WAN links.
+This policy setting controls whether files read from file shares over a slow network are transparently cached in the Offline Files cache for future reads. When a user tries to access a file that has been transparently cached, Windows reads from the cached copy after verifying its integrity. This read-action improves end-user response times and decreases bandwidth consumption over WAN links.
 
-The cached files are temporary and are not available to the user when offline. The cached files are not kept in sync with the version on the server, and the most current version from the server is always available for subsequent reads.
+The cached files are temporary and aren't available to the user when offline. The cached files aren't kept in sync with the version on the server, and the most current version from the server is always available for subsequent reads.
 
-This policy setting is triggered by the configured round trip network latency value. We recommend using this policy  setting when the network connection to the server is slow. For example, you can configure a value of 60 ms as the round trip latency of the network above which files should be transparently cached in the Offline Files cache. If the round trip latency of the network is less than 60ms, reads to remote files will not be cached.
+This policy setting is triggered by the configured round trip network latency value. We recommend using this policy  setting when the network connection to the server is slow. For example, you can configure a value of 60 ms as the round trip latency of the network above which files should be transparently cached in the Offline Files cache. If the round trip latency of the network is less than 60 ms, reads to remote files won't be cached.
 
 If you enable this policy setting, transparent caching is enabled and configurable.
 
-If you disable or do not configure this policy setting, remote files will be not be transparently cached on client computers.
+If you disable or don't configure this policy setting, remote files won't be transparently cached on client computers.
 
 <!--/Description-->
 
@@ -1646,11 +1646,11 @@ ADMX Info:
 <!--Description-->
 This policy setting makes subfolders available offline whenever their parent folder is made available offline.
 
-This setting automatically extends the "make available offline" setting to all new and existing subfolders of a folder. Users do not have the option of excluding subfolders.
+This setting automatically extends the "make available offline" setting to all new and existing subfolders of a folder. Users don't have the option of excluding subfolders.
 
 If you enable this setting, when you make a folder available offline, all folders within that folder are also made available offline. Also, new folders that you create within a folder that is available offline are made available offline when the parent folder is synchronized.
 
-If you disable this setting or do not configure it, the system asks users whether they want subfolders to be made available offline when they make a parent folder available offline.
+If you disable this setting or don't configure it, the system asks users whether they want subfolders to be made available offline when they make a parent folder available offline.
 
 <!--/Description-->
 
@@ -1692,14 +1692,14 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting deletes local copies of the user's offline files when the user logs off.
+This policy setting deletes local copies of the user's offline files when the user signs out.
 
-This setting specifies that automatically and manually cached offline files are retained only while the user is logged on to the computer. When the user logs off, the system deletes all local copies of offline files.
+This setting specifies that automatically and manually cached offline files are retained only while the user is logged on to the computer. When the user signs out, the system deletes all local copies of offline files.
 
-If you disable this setting or do not configure it, automatically and manually cached copies are retained on the user's computer for later offline use.
+If you disable this setting or don't configure it, automatically and manually cached copies are retained on the user's computer for later offline use.
 
 > [!CAUTION]
-> Files are not synchronized before they are deleted. Any changes to local files since the last synchronization are lost.
+> Files aren't synchronized before they're deleted. Any changes to local files since the last synchronization are lost.
 
 <!--/Description-->
 
@@ -1743,7 +1743,7 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to turn on economical application of administratively assigned Offline Files.
 
-If you enable or do not configure this policy setting, only new files and folders in administratively assigned folders are synchronized at logon. Files and folders that are already available offline are skipped and are synchronized later.
+If you enable or don't configure this policy setting, only new files and folders in administratively assigned folders are synchronized at sign in. Files and folders that are already available offline are skipped and are synchronized later.
 
 If you disable this policy setting, all administratively assigned folders are synchronized at logon.
 
@@ -1791,7 +1791,7 @@ This policy setting determines how often reminder balloon updates appear.
 
 If you enable this setting, you can select how often reminder balloons updates appear and also prevent users from changing this setting.
 
-Reminder balloons appear when the user's connection to a network file is lost or reconnected, and they are updated periodically. By default, the first reminder for an event is displayed for 30 seconds. Then, updates appear every 60 minutes and are displayed for 15 seconds. You can use this setting to change the update interval.
+Reminder balloons appear when the user's connection to a network file is lost or reconnected, and they're updated periodically. By default, the first reminder for an event is displayed for 30 seconds. Then, updates appear every 60 minutes and are displayed for 15 seconds. You can use this setting to change the update interval.
 
 This setting appears in the Computer Configuration and User Configuration folders. If both settings are configured, the setting in Computer Configuration takes precedence over the setting in User Configuration.
 
@@ -1842,7 +1842,7 @@ This policy setting determines how often reminder balloon updates appear.
 
 If you enable this setting, you can select how often reminder balloons updates appear and also prevent users from changing this setting.
 
-Reminder balloons appear when the user's connection to a network file is lost or reconnected, and they are updated periodically. By default, the first reminder for an event is displayed for 30 seconds. Then, updates appear every 60 minutes and are displayed for 15 seconds. You can use this setting to change the update interval.
+Reminder balloons appear when the user's connection to a network file is lost or reconnected, and they're updated periodically. By default, the first reminder for an event is displayed for 30 seconds. Then, updates appear every 60 minutes and are displayed for 15 seconds. You can use this setting to change the update interval.
 
 This setting appears in the Computer Configuration and User Configuration folders. If both settings are configured, the setting in Computer Configuration takes precedence over the setting in User Configuration.
 
@@ -1891,7 +1891,7 @@ ADMX Info:
 <!--Description-->
 This policy setting determines how long the first reminder balloon for a network status change is displayed.
 
-Reminder balloons appear when the user's connection to a network file is lost or reconnected, and they are updated periodically. By default, the first reminder for an event is displayed for 30 seconds. Then, updates appear every 60 minutes and are displayed for 15 seconds. You can use this setting to change the duration of the first reminder.
+Reminder balloons appear when the user's connection to a network file is lost or reconnected, and they're updated periodically. By default, the first reminder for an event is displayed for 30 seconds. Then, updates appear every 60 minutes and are displayed for 15 seconds. You can use this setting to change the duration of the first reminder.
 
 This setting appears in the Computer Configuration and User Configuration folders. If both settings are configured, the setting in Computer Configuration takes precedence over the setting in User Configuration.
 
@@ -1937,7 +1937,7 @@ ADMX Info:
 <!--Description-->
 This policy setting determines how long the first reminder balloon for a network status change is displayed.
 
-Reminder balloons appear when the user's connection to a network file is lost or reconnected, and they are updated periodically. By default, the first reminder for an event is displayed for 30 seconds. Then, updates appear every 60 minutes and are displayed for 15 seconds. You can use this setting to change the duration of the first reminder.
+Reminder balloons appear when the user's connection to a network file is lost or reconnected, and they're updated periodically. By default, the first reminder for an event is displayed for 30 seconds. Then, updates appear every 60 minutes and are displayed for 15 seconds. You can use this setting to change the duration of the first reminder.
 
 This setting appears in the Computer Configuration and User Configuration folders. If both settings are configured, the setting in Computer Configuration takes precedence over the setting in User Configuration.
 
@@ -1983,7 +1983,7 @@ ADMX Info:
 <!--Description-->
 This policy setting determines how long updated reminder balloons are displayed.
 
-Reminder balloons appear when the user's connection to a network file is lost or reconnected, and they are updated periodically. By default, the first reminder for an event is displayed for 30 seconds. Then, updates appear every 60 minutes and are displayed for 15 seconds. You can use this setting to change the duration of the update reminder.
+Reminder balloons appear when the user's connection to a network file is lost or reconnected, and they're updated periodically. By default, the first reminder for an event is displayed for 30 seconds. Then, updates appear every 60 minutes and are displayed for 15 seconds. You can use this setting to change the duration of the update reminder.
 
 This setting appears in the Computer Configuration and User Configuration folders. If both settings are configured, the setting in Computer Configuration takes precedence over the setting in User Configuration.
 
@@ -2029,7 +2029,7 @@ ADMX Info:
 <!--Description-->
 This policy setting determines how long updated reminder balloons are displayed.
 
-Reminder balloons appear when the user's connection to a network file is lost or reconnected, and they are updated periodically. By default, the first reminder for an event is displayed for 30 seconds. Then, updates appear every 60 minutes and are displayed for 15 seconds. You can use this setting to change the duration of the update reminder.
+Reminder balloons appear when the user's connection to a network file is lost or reconnected, and they're updated periodically. By default, the first reminder for an event is displayed for 30 seconds. Then, updates appear every 60 minutes and are displayed for 15 seconds. You can use this setting to change the duration of the update reminder.
 
 This setting appears in the Computer Configuration and User Configuration folders. If both settings are configured, the setting in Computer Configuration takes precedence over the setting in User Configuration.
 
@@ -2073,21 +2073,21 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting controls the network latency and throughput thresholds that will cause a client computers to transition files and folders that are already available offline to the slow-link mode so that the user's access to this data is not degraded due to network slowness. When Offline Files is operating in the slow-link mode, all network file requests are satisfied from the Offline Files cache. This is similar to a user working offline.
+This policy setting controls the network latency and throughput thresholds that will cause a client computer to transition files and folders that are already available offline to the slow-link mode so that the user's access to this data isn't degraded due to network slowness. When Offline Files is operating in the slow-link mode, all network file requests are satisfied from the Offline Files cache. This scenario is similar to a user working offline.
 
 If you enable this policy setting, Offline Files uses the slow-link mode if the network throughput between the client and the server is below (slower than) the Throughput threshold parameter, or if the round-trip network latency is above (slower than) the Latency threshold parameter.
 
-You can configure the slow-link mode by specifying threshold values for Throughput (in bits per second) and/or Latency (in milliseconds) for specific UNC paths. We recommend that you always specify a value for Latency, since the round-trip network latency detection is faster. You can use wildcard characters (*) for specifying UNC paths. If you do not specify a Latency or Throughput value, computers running Windows Vista or Windows Server 2008 will not use the slow-link mode.
+You can configure the slow-link mode by specifying threshold values for Throughput (in bits per second) and/or Latency (in milliseconds) for specific UNC paths. We recommend that you always specify a value for Latency, since the round-trip network latency detection is faster. You can use wildcard characters (*) for specifying UNC paths. If you don't specify a Latency or Throughput value, computers running Windows Vista or Windows Server 2008 won't use the slow-link mode.
 
-If you do not configure this policy setting, computers running Windows Vista or Windows Server 2008 will not transition a shared folder to the slow-link mode. Computers running Windows 7 or Windows Server 2008 R2 will use the default latency value of 80 milliseconds when transitioning a folder to the slow-link mode. Computers running Windows 8 or Windows Server 2012 will use the default latency value of 35 milliseconds when transitioning a folder to the slow-link mode. To avoid extra charges on cell phone or broadband plans, it may be necessary to configure the latency threshold to be lower than the round-trip network latency.
+If you don't configure this policy setting, computers running Windows Vista or Windows Server 2008 won't transition a shared folder to the slow-link mode. Computers running Windows 7 or Windows Server 2008 R2 will use the default latency value of 80 milliseconds when transitioning a folder to the slow-link mode. Computers running Windows 8 or Windows Server 2012 will use the default latency value of 35 milliseconds when transitioning a folder to the slow-link mode. To avoid extra charges on cell phone or broadband plans, it may be necessary to configure the latency threshold to be lower than the round-trip network latency.
 
 In Windows Vista or Windows Server 2008, once transitioned to slow-link mode, users will continue to operate in slow-link mode until the user clicks the Work Online button on the toolbar in Windows Explorer. Data will only be synchronized to the server if the user manually initiates synchronization by using Sync Center.
 
 In Windows 7, Windows Server 2008 R2, Windows 8 or Windows Server 2012, when operating in slow-link mode Offline Files synchronizes the user's files in the background at regular intervals, or as configured by the "Configure Background Sync" policy. While in slow-link mode, Windows periodically checks the connection to the folder and brings the folder back online if network speeds improve.
 
-In Windows 8 or Windows Server 2012, set the Latency threshold to 1ms to keep users always working offline in slow-link mode.
+In Windows 8 or Windows Server 2012, set the Latency threshold to 1 m to keep users always working offline in slow-link mode.
 
-If you disable this policy setting, computers will not use the slow-link mode.
+If you disable this policy setting, computers won't use the slow-link mode.
 
 <!--/Description-->
 
@@ -2131,7 +2131,7 @@ ADMX Info:
 <!--Description-->
 This policy setting configures the threshold value at which Offline Files considers a network connection to be "slow". Any network speed below this value is considered to be slow.
 
-When a connection is considered slow, Offline Files automatically adjust its behavior to avoid excessive synchronization traffic and will not automatically reconnect to a server when the presence of a server is detected.
+When a connection is considered slow, Offline Files automatically adjust its behavior to avoid excessive synchronization traffic and won't automatically reconnect to a server when the presence of a server is detected.
 
 If you enable this setting, you can configure the threshold value that will be used to determine a slow network connection.
 
@@ -2179,15 +2179,15 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting determines whether offline files are fully synchronized when users log off.
+This policy setting determines whether offline files are fully synchronized when users sign out.
 
-This setting also disables the "Synchronize all offline files before logging off" option on the Offline Files tab. This prevents users from trying to change the option while a setting controls it.
+This setting also disables the "Synchronize all offline files before logging off" option on the Offline Files tab. This disablement prevents users from trying to change the option while a setting controls it.
 
 If you enable this setting, offline files are fully synchronized. Full synchronization ensures that offline files are complete and current.
 
-If you disable this setting, the system only performs a quick synchronization. Quick synchronization ensures that files are complete, but does not ensure that they are current.
+If you disable this setting, the system only performs a quick synchronization. Quick synchronization ensures that files are complete, but doesn't ensure that they're current.
 
-If you do not configure this setting, the system performs a quick synchronization by default, but users can change this option.
+If you don't configure this setting, the system performs a quick synchronization by default, but users can change this option.
 
 This setting appears in the Computer Configuration and User Configuration folders. If both settings are configured, the setting in Computer Configuration takes precedence over the setting in User Configuration.
 
@@ -2234,15 +2234,15 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting determines whether offline files are fully synchronized when users log off.
+This policy setting determines whether offline files are fully synchronized when users sign out.
 
-This setting also disables the "Synchronize all offline files before logging off" option on the Offline Files tab. This prevents users from trying to change the option while a setting controls it.
+This setting also disables the "Synchronize all offline files before logging off" option on the Offline Files tab. This disablement prevents users from trying to change the option while a setting controls it.
 
 If you enable this setting, offline files are fully synchronized. Full synchronization ensures that offline files are complete and current.
 
-If you disable this setting, the system only performs a quick synchronization. Quick synchronization ensures that files are complete, but does not ensure that they are current.
+If you disable this setting, the system only performs a quick synchronization. Quick synchronization ensures that files are complete, but doesn't ensure that they're current.
 
-If you do not configure this setting, the system performs a quick synchronization by default, but users can change this option.
+If you don't configure this setting, the system performs a quick synchronization by default, but users can change this option.
 
 This setting appears in the Computer Configuration and User Configuration folders. If both settings are configured, the setting in Computer Configuration takes precedence over the setting in User Configuration.
 
@@ -2289,15 +2289,15 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting determines whether offline files are fully synchronized when users log on.
+This policy setting determines whether offline files are fully synchronized when users sign in.
 
-This setting also disables the "Synchronize all offline files before logging on" option on the Offline Files tab. This prevents users from trying to change the option while a setting controls it.
+This setting also disables the "Synchronize all offline files before logging on" option on the Offline Files tab. This disablement prevents users from trying to change the option while a setting controls it.
 
-If you enable this setting, offline files are fully synchronized at logon. Full synchronization ensures that offline files are complete and current. Enabling this setting automatically enables logon synchronization in Synchronization Manager.
+If you enable this setting, offline files are fully synchronized at sign in. Full synchronization ensures that offline files are complete and current. Enabling this setting automatically enables logon synchronization in Synchronization Manager.
 
-If this setting is disabled and Synchronization Manager is configured for logon synchronization, the system performs only a quick synchronization. Quick synchronization ensures that files are complete but does not ensure that they are current.
+If this setting is disabled and Synchronization Manager is configured for logon synchronization, the system performs only a quick synchronization. Quick synchronization ensures that files are complete but doesn't ensure that they're current.
 
-If you do not configure this setting and Synchronization Manager is configured for logon synchronization, the system performs a quick synchronization by default, but users can change this option.
+If you don't configure this setting and Synchronization Manager is configured for logon synchronization, the system performs a quick synchronization by default, but users can change this option.
 
 This setting appears in the Computer Configuration and User Configuration folders. If both settings are configured, the setting in Computer Configuration takes precedence over the setting in User Configuration.
 
@@ -2346,15 +2346,15 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting determines whether offline files are fully synchronized when users log on.
+This policy setting determines whether offline files are fully synchronized when users sign in.
 
-This setting also disables the "Synchronize all offline files before logging on" option on the Offline Files tab. This prevents users from trying to change the option while a setting controls it.
+This setting also disables the "Synchronize all offline files before logging on" option on the Offline Files tab. This disablement prevents users from trying to change the option while a setting controls it.
 
-If you enable this setting, offline files are fully synchronized at logon. Full synchronization ensures that offline files are complete and current. Enabling this setting automatically enables logon synchronization in Synchronization Manager.
+If you enable this setting, offline files are fully synchronized at sign in. Full synchronization ensures that offline files are complete and current. Enabling this setting automatically enables logon synchronization in Synchronization Manager.
 
-If this setting is disabled and Synchronization Manager is configured for logon synchronization, the system performs only a quick synchronization. Quick synchronization ensures that files are complete but does not ensure that they are current.
+If this setting is disabled and Synchronization Manager is configured for logon synchronization, the system performs only a quick synchronization. Quick synchronization ensures that files are complete but doesn't ensure that they're current.
 
-If you do not configure this setting and Synchronization Manager is configured for logon synchronization, the system performs a quick synchronization by default, but users can change this option.
+If you don't configure this setting and Synchronization Manager is configured for logon synchronization, the system performs a quick synchronization by default, but users can change this option.
 
 This setting appears in the Computer Configuration and User Configuration folders. If both settings are configured, the setting in Computer Configuration takes precedence over the setting in User Configuration.
 
@@ -2405,10 +2405,10 @@ This policy setting determines whether offline files are synchronized before a c
 
 If you enable this setting, offline files are synchronized whenever the computer is suspended. Setting the synchronization action to "Quick" ensures only that all files in the cache are complete. Setting the synchronization action to "Full" ensures that all cached files and folders are up-to-date with the most current version.
 
-If you disable or do not configuring this setting, files are not synchronized when the computer is suspended.
+If you disable or don't configure this setting, files aren't synchronized when the computer is suspended.
 
 > [!NOTE]
-> If the computer is suspended by closing the display on a portable computer, files are not synchronized. If multiple users are logged on to the computer at the time the computer is suspended, a synchronization is not performed.
+> If the computer is suspended by closing the display on a portable computer, files aren't synchronized. If multiple users are logged on to the computer at the time the computer is suspended, a synchronization isn't performed.
 
 <!--/Description-->
 
@@ -2454,10 +2454,10 @@ This policy setting determines whether offline files are synchronized before a c
 
 If you enable this setting, offline files are synchronized whenever the computer is suspended. Setting the synchronization action to "Quick" ensures only that all files in the cache are complete. Setting the synchronization action to "Full" ensures that all cached files and folders are up-to-date with the most current version.
 
-If you disable or do not configuring this setting, files are not synchronized when the computer is suspended.
+If you disable or don't configure this setting, files aren't synchronized when the computer is suspended.
 
 > [!NOTE]
-> If the computer is suspended by closing the display on a portable computer, files are not synchronized. If multiple users are logged on to the computer at the time the computer is suspended, a synchronization is not performed.
+> If the computer is suspended by closing the display on a portable computer, files aren't synchronized. If multiple users are logged on to the computer at the time the computer is suspended, a synchronization isn't performed.
 
 <!--/Description-->
 
@@ -2501,9 +2501,9 @@ ADMX Info:
 <!--Description-->
 This policy setting determines whether offline files are synchronized in the background when it could result in extra charges on cell phone or broadband plans.
 
-If you enable this setting, synchronization can occur in the background when the user's network is roaming, near, or over the plan's data limit.  This may result in extra charges on cell phone or broadband plans.
+If you enable this setting, synchronization can occur in the background when the user's network is roaming, near, or over the plan's data limit. This synchronization may result in extra charges on cell phone or broadband plans.
 
-If this setting is disabled or not configured, synchronization will not run in the background on network folders when the user's network is roaming, near, or over the plan's data limit. The network folder must also be in "slow-link" mode, as specified by the "Configure slow-link mode" policy to avoid network usage.
+If this setting is disabled or not configured, synchronization won't run in the background on network folders when the user's network is roaming, near, or over the plan's data limit. The network folder must also be in "slow-link" mode, as specified by the "Configure slow-link mode" policy to avoid network usage.
 
 <!--/Description-->
 
@@ -2547,9 +2547,9 @@ ADMX Info:
 <!--Description-->
 This policy setting removes the "Work offline" command from Explorer, preventing users from manually changing whether Offline Files is in online mode or offline mode.
 
-If you enable this policy setting, the "Work offline" command is not displayed in File Explorer.
+If you enable this policy setting, the "Work offline" command isn't displayed in File Explorer.
 
-If you disable or do not configure this policy setting, the "Work offline" command is displayed in File Explorer.
+If you disable or don't configure this policy setting, the "Work offline" command is displayed in File Explorer.
 
 <!--/Description-->
 
@@ -2593,9 +2593,9 @@ ADMX Info:
 <!--Description-->
 This policy setting removes the "Work offline" command from Explorer, preventing users from manually changing whether Offline Files is in online mode or offline mode.
 
-If you enable this policy setting, the "Work offline" command is not displayed in File Explorer.
+If you enable this policy setting, the "Work offline" command isn't displayed in File Explorer.
 
-If you disable or do not configure this policy setting, the "Work offline" command is displayed in File Explorer.
+If you disable or don't configure this policy setting, the "Work offline" command is displayed in File Explorer.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-peertopeercaching.md b/windows/client-management/mdm/policy-csp-admx-peertopeercaching.md
index 3ca3837ece..d6a2ec5b2f 100644
--- a/windows/client-management/mdm/policy-csp-admx-peertopeercaching.md
+++ b/windows/client-management/mdm/policy-csp-admx-peertopeercaching.md
@@ -83,7 +83,7 @@ manager: dansimp
 
 <!--/Scope-->
 <!--Description-->
-This policy setting specifies whether BranchCache is enabled on client computers to which this policy is applied. In addition to this policy setting, you must specify whether the client computers are hosted cache mode or distributed cache mode clients. To do so, configure one of the following the policy settings: 
+This policy setting specifies whether BranchCache is enabled on client computers to which this policy is applied. In addition to this policy setting, you must specify whether the client computers are hosted cache mode or distributed cache mode clients. To do so, configure one of the following policy settings: 
 
 - Set BranchCache Distributed Cache mode
 - Set BranchCache Hosted Cache mode
@@ -91,11 +91,11 @@ This policy setting specifies whether BranchCache is enabled on client computers
 
 Policy configuration
 
-Select one of the following:
+Select one of the following options:
 
-- Not Configured. With this selection, BranchCache settings are not applied to client computers by this policy. In the circumstance where client computers are domain members but you do not want to enable BranchCache on all client computers, you can specify Not Configured for this domain Group Policy setting, and then configure local computer policy to enable BranchCache on individual client computers. Because the domain Group Policy setting is not configured, it will not over-write the enabled setting that you use on individual client computers where you want to enable BranchCache.
-- Enabled. With this selection, BranchCache is turned on for all client computers where the policy is applied. For example, if this policy is enabled in domain Group Policy, BranchCache is turned on for all domain member client computers to which the policy is applied.
-- Disabled. With this selection, BranchCache is turned off for all client computers where the policy is applied.
+- Not Configured: With this selection, BranchCache settings aren't applied to client computers by this policy. In the circumstance where client computers are domain members but you don't want to enable BranchCache on all client computers, you can specify Not Configured for this domain Group Policy setting, and then configure local computer policy to enable BranchCache on individual client computers. Because the domain Group Policy setting isn't configured, it won't over-write the enabled setting that you use on individual client computers where you want to enable BranchCache.
+- Enabled: With this selection, BranchCache is turned on for all client computers where the policy is applied. For example, if this policy is enabled in domain Group Policy, BranchCache is turned on for all domain member client computers to which the policy is applied.
+- Disabled: With this selection, BranchCache is turned off for all client computers where the policy is applied.
 
 > [!NOTE]
 > This policy setting is supported on computers that are running Windows Vista Business, Enterprise, and Ultimate editions with Background Intelligent Transfer Service (BITS) 4.0 installed.
@@ -146,11 +146,11 @@ In distributed cache mode, client computers download content from BranchCache-en
 
 Policy configuration
 
-Select one of the following:
+Select one of the following options:
 
-- Not Configured. With this selection, BranchCache settings are not applied to client computers by this policy. In the circumstance where client computers are domain members but you do not want to enable BranchCache on all client computers, you can specify Not Configured for this domain Group Policy setting, and then configure local computer policy to enable BranchCache on individual client computers. Because the domain Group Policy setting is not configured, it will not over-write the enabled setting that you use on individual client computers where you want to enable BranchCache.
-- Enabled. With this selection, BranchCache distributed cache mode is enabled for all client computers where the policy is applied. For example, if this policy is enabled in domain Group Policy, BranchCache distributed cache mode is turned on for all domain member client computers to which the policy is applied.
-- Disabled. With this selection, BranchCache distributed cache mode is turned off for all client computers where the policy is applied.
+- Not Configured: With this selection, BranchCache settings aren't applied to client computers by this policy. In the circumstance where client computers are domain members but you don't want to enable BranchCache on all client computers, you can specify Not Configured for this domain Group Policy setting, and then configure local computer policy to enable BranchCache on individual client computers. Because the domain Group Policy setting isn't configured, it won't over-write the enabled setting that you use on individual client computers where you want to enable BranchCache.
+- Enabled: With this selection, BranchCache distributed cache mode is enabled for all client computers where the policy is applied. For example, if this policy is enabled in domain Group Policy, BranchCache distributed cache mode is turned on for all domain member client computers to which the policy is applied.
+- Disabled: With this selection, BranchCache distributed cache mode is turned off for all client computers where the policy is applied.
 
 > [!NOTE]
 > This policy setting is supported on computers that are running Windows Vista Business, Enterprise, and Ultimate editions with Background Intelligent Transfer Service (BITS) 4.0 installed.
@@ -197,15 +197,15 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies whether BranchCache hosted cache mode is enabled on client computers to which this policy is applied. In addition to this policy, you must use the policy "Turn on BranchCache" to enable BranchCache on client computers.
 
-When a client computer is configured as a hosted cache mode client, it is able to download cached content from a hosted cache server that is located at the branch office. In addition, when the hosted cache client obtains content from a content server, the client can upload the content to the hosted cache server for access by other hosted cache clients at the branch office.
+When a client computer is configured as a hosted cache mode client, it's able to download cached content from a hosted cache server that is located at the branch office. In addition, when the hosted cache client obtains content from a content server, the client can upload the content to the hosted cache server for access by other hosted cache clients at the branch office.
 
 Policy configuration
 
-Select one of the following:
+Select one of the following options:
 
-- Not Configured. With this selection, BranchCache settings are not applied to client computers by this policy. In the circumstance where client computers are domain members but you do not want to enable BranchCache on all client computers, you can specify Not Configured for this domain Group Policy setting, and then configure local computer policy to enable BranchCache on individual client computers. Because the domain Group Policy setting is not configured, it will not over-write the enabled setting that you use on individual client computers where you want to enable BranchCache.
-- Enabled. With this selection, BranchCache hosted cache mode is enabled for all client computers where the policy is applied. For example, if this policy is enabled in domain Group Policy, BranchCache hosted cache mode is turned on for all domain member client computers to which the policy is applied.
-- Disabled. With this selection, BranchCache hosted cache mode is turned off for all client computers where the policy is applied.
+- Not Configured: With this selection, BranchCache settings aren't applied to client computers by this policy. In the circumstance where client computers are domain members but you don't want to enable BranchCache on all client computers, you can specify Not Configured for this domain Group Policy setting, and then configure local computer policy to enable BranchCache on individual client computers. Because the domain Group Policy setting isn't configured, it won't over-write the enabled setting that you use on individual client computers where you want to enable BranchCache.
+- Enabled: With this selection, BranchCache hosted cache mode is enabled for all client computers where the policy is applied. For example, if this policy is enabled in domain Group Policy, BranchCache hosted cache mode is turned on for all domain member client computers to which the policy is applied.
+- Disabled: With this selection, BranchCache hosted cache mode is turned off for all client computers where the policy is applied.
 
 In circumstances where this setting is enabled, you can also select and configure the following option:
 
@@ -258,27 +258,27 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies whether client computers should attempt the automatic configuration of hosted cache mode by searching for hosted cache servers publishing service connection points that are associated with the client's current Active Directory site. If you enable this policy setting, client computers to which the policy setting is applied search for hosted cache servers using Active Directory, and will prefer both these servers and hosted cache mode rather than manual BranchCache configuration or BranchCache configuration by other group policies.
 
-If you enable this policy setting in addition to the "Turn on BranchCache" policy setting, BranchCache clients attempt to discover hosted cache servers in the local branch office. If client computers detect hosted cache servers, hosted cache mode is turned on. If they do not detect hosted cache servers, hosted cache mode is not turned on, and the client uses any other configuration that is specified manually or by Group Policy.
+If you enable this policy setting in addition to the "Turn on BranchCache" policy setting, BranchCache clients attempt to discover hosted cache servers in the local branch office. If client computers detect hosted cache servers, hosted cache mode is turned on. If they don't detect hosted cache servers, hosted cache mode isn't turned on, and the client uses any other configuration that is specified manually or by Group Policy.
 
-When this policy setting is applied, the client computer performs or does not perform automatic hosted cache server discovery under the following circumstances:
+When this policy setting is applied, the client computer performs or doesn't perform automatically hosted cache server discovery under the following circumstances:
 
-If no other BranchCache mode-based policy settings are applied, the client computer performs automatic hosted cache server discovery. If one or more hosted cache servers is found, the client computer self-configures for hosted cache mode.
+If no other BranchCache mode-based policy settings are applied, the client computer performs automatically hosted cache server discovery. If one or more hosted cache servers is found, the client computer self-configures for hosted cache mode.
 
-If the policy setting "Set BranchCache Distributed Cache Mode" is applied in addition to this policy, the client computer performs automatic hosted cache server discovery. If one or more hosted cache servers are found, the client computer self-configures for hosted cache mode only.
+If the policy setting "Set BranchCache Distributed Cache Mode" is applied in addition to this policy, the client computer performs automatically hosted cache server discovery. If one or more hosted cache servers are found, the client computer self-configures for hosted cache mode only.
 
-If the policy setting "Set BranchCache Hosted Cache Mode" is applied, the client computer does not perform automatic hosted cache discovery. This is also true in cases where the policy setting "Configure Hosted Cache Servers" is applied.
+If the policy setting "Set BranchCache Hosted Cache Mode" is applied, the client computer doesn't perform automatically hosted cache discovery. This restriction is also true in cases where the policy setting "Configure Hosted Cache Servers" is applied.
 
 This policy setting can only be applied to client computers that are running at least Windows 8. This policy has no effect on computers that are running Windows 7 or Windows Vista.  
 
-If you disable, or do not configure this setting, a client will not attempt to discover hosted cache servers by service connection point.
+If you disable, or don't configure this setting, a client won't attempt to discover hosted cache servers by service connection point.
 
 Policy configuration
 
-Select one of the following:
+Select one of the following options:
 
-- Not Configured. With this selection, BranchCache settings are not applied to client computers by this policy setting, and client computers do not perform hosted cache server discovery.
-- Enabled. With this selection, the policy setting is applied to client computers, which perform automatic hosted cache server discovery and which are configured as hosted cache mode clients.
-- Disabled. With this selection, this policy is not applied to client computers.
+- Not Configured: With this selection, BranchCache settings aren't applied to client computers by this policy setting, and client computers don't perform hosted cache server discovery.
+- Enabled: With this selection, the policy setting is applied to client computers, which perform automatically hosted cache server discovery and which are configured as hosted cache mode clients.
+- Disabled: With this selection, this policy isn't applied to client computers.
 
 <!--/Description-->
 
@@ -324,17 +324,17 @@ This policy setting specifies whether client computers are configured to use hos
 
 If you enable this policy setting and specify valid computer names of hosted cache servers, hosted cache mode is enabled for all client computers to which the policy setting is applied. For this policy setting to take effect, you must also enable the "Turn on BranchCache" policy setting.
 
-This policy setting can only be applied to client computers that are running at least Windows 8. This policy has no effect on computers that are running Windows 7 or Windows Vista. Client computers to which this policy setting is applied, in addition to the "Set BranchCache Hosted Cache mode" policy setting, use the hosted cache servers that are specified in this policy setting and do not use the hosted cache server that is configured in the policy setting "Set BranchCache Hosted Cache Mode."
+This policy setting can only be applied to client computers that are running at least Windows 8. This policy has no effect on computers that are running Windows 7 or Windows Vista. Client computers to which this policy setting is applied, in addition to the "Set BranchCache Hosted Cache mode" policy setting, use the hosted cache servers that are specified in this policy setting and don't use the hosted cache server that is configured in the policy setting "Set BranchCache Hosted Cache Mode."
 
-If you do not configure this policy setting, or if you disable this policy setting, client computers that are configured with hosted cache mode still function correctly.
+If you don't configure this policy setting, or if you disable this policy setting, client computers that are configured with hosted cache mode still function correctly.
 
 Policy configuration
 
-Select one of the following:
+Select one of the following options:
 
-- Not Configured. With this selection, BranchCache settings are not applied to client computers by this policy setting.
-- Enabled. With this selection, the policy setting is applied to client computers, which are configured as hosted cache mode clients that use the hosted cache servers that you specify in "Hosted cache servers."
-- Disabled. With this selection, this policy is not applied to client computers.
+- Not Configured: With this selection, BranchCache settings aren't applied to client computers by this policy setting.
+- Enabled: With this selection, the policy setting is applied to client computers, which are configured as hosted cache mode clients that use the hosted cache servers that you specify in "Hosted cache servers."
+- Disabled: With this selection, this policy isn't applied to client computers.
 
 In circumstances where this setting is enabled, you can also select and configure the following option:
 
@@ -380,15 +380,15 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting is used only when you have deployed one or more BranchCache-enabled file servers at your main office. This policy setting specifies when client computers in branch offices start caching content from file servers based on the network latency - or delay - that occurs when the clients download content from the main office over a Wide Area Network (WAN) link. When you configure a value for this setting, which is the maximum round trip network latency allowed before caching begins, clients do not cache content until the network latency reaches the specified value; when network latency is greater than the value, clients begin caching content after they receive it from the file servers.
+This policy setting is used only when you've deployed one or more BranchCache-enabled file servers at your main office. This policy setting specifies when client computers in branch offices start caching content from file servers based on the network latency - or delay - that occurs when the clients download content from the main office over a Wide Area Network (WAN) link. When you configure a value for this setting, which is the maximum round trip network latency allowed before caching begins, clients don't cache content until the network latency reaches the specified value; when network latency is greater than the value, clients begin caching content after they receive it from the file servers.
 
 Policy configuration
 
-Select one of the following:
+Select one of the following options:
 
-- Not Configured. With this selection, BranchCache latency settings are not applied to client computers by this policy. In the circumstance where client computers are domain members but you do not want to configure a BranchCache latency setting on all client computers, you can specify Not Configured for this domain Group Policy setting, and then configure local computer policy to enable BranchCache latency settings on individual client computers. Because the domain Group Policy setting is not configured, it will not over-write the latency setting that you use on individual client computers.
-- Enabled. With this selection, the BranchCache maximum round trip latency setting is enabled for all client computers where the policy is applied. For example, if Configure BranchCache for network files is enabled in domain Group Policy, the BranchCache latency setting that you specify in the policy is turned on for all domain member client computers to which the policy is applied.
-- Disabled. With this selection, BranchCache client computers use the default latency setting of 80 milliseconds.
+- Not Configured: With this selection, BranchCache latency settings aren't applied to client computers by this policy. In the circumstance where client computers are domain members but you don't want to configure a BranchCache latency setting on all client computers, you can specify Not Configured for this domain Group Policy setting, and then configure local computer policy to enable BranchCache latency settings on individual client computers. Because the domain Group Policy setting isn't configured, it won't over-write the latency setting that you use on individual client computers.
+- Enabled: With this selection, the BranchCache maximum round trip latency setting is enabled for all client computers where the policy is applied. For example, if Configure BranchCache for network files is enabled in domain Group Policy, the BranchCache latency setting that you specify in the policy is turned on for all domain member client computers to which the policy is applied.
+- Disabled: With this selection, BranchCache client computers use the default latency setting of 80 milliseconds.
 
 In circumstances where this policy setting is enabled, you can also select and configure the following option:
 
@@ -438,15 +438,15 @@ This policy setting specifies the default percentage of total disk space that is
 
 If you enable this policy setting, you can configure the percentage of total disk space to allocate for the cache.
 
-If you disable or do not configure this policy setting, the cache is set to 5 percent of the total disk space on the client computer.
+If you disable or don't configure this policy setting, the cache is set to 5 percent of the total disk space on the client computer.
 
 Policy configuration
 
-Select one of the following:
+Select one of the following options:
 
-- Not Configured. With this selection, BranchCache client computer cache settings are not applied to client computers by this policy. In the circumstance where client computers are domain members but you do not want to configure a BranchCache client computer cache setting on all client computers, you can specify Not Configured for this domain Group Policy setting, and then configure local computer policy to enable BranchCache client computer cache settings on individual client computers. Because the domain Group Policy setting is not configured, it will not over-write the client computer cache setting that you use on individual client computers.
-- Enabled. With this selection, the BranchCache client computer cache setting is enabled for all client computers where the policy is applied. For example, if Set percentage of disk space used for client computer cache is enabled in domain Group Policy, the BranchCache client computer cache setting that you specify in the policy is turned on for all domain member client computers to which the policy is applied.
-- Disabled. With this selection, BranchCache client computers use the default client computer cache setting of five percent of the total disk space on the client computer.
+- Not Configured: With this selection, BranchCache client computer cache settings aren't applied to client computers by this policy. In the circumstance where client computers are domain members but you don't want to configure a BranchCache client computer cache setting on all client computers, you can specify Not Configured for this domain Group Policy setting, and then configure local computer policy to enable BranchCache client computer cache settings on individual client computers. Because the domain Group Policy setting isn't configured, it won't over-write the client computer cache setting that you use on individual client computers.
+- Enabled: With this selection, the BranchCache client computer cache setting is enabled for all client computers where the policy is applied. For example, if Set percentage of disk space used for client computer cache is enabled in domain Group Policy, the BranchCache client computer cache setting that you specify in the policy is turned on for all domain member client computers to which the policy is applied.
+- Disabled: With this selection, BranchCache client computers use the default client computer cache setting of five percent of the total disk space on the client computer.
 
 In circumstances where this setting is enabled, you can also select and configure the following option:
 
@@ -499,15 +499,15 @@ This policy setting specifies the default age in days for which segments are val
 
 If you enable this policy setting, you can configure the age for segments in the data cache.
 
-If you disable or do not configure this policy setting, the age is set to 28 days.
+If you disable or don't configure this policy setting, the age is set to 28 days.
 
 Policy configuration
 
-Select one of the following:
+Select one of the following options:
 
-- Not Configured. With this selection, BranchCache client computer cache age settings are not applied to client computers by this policy. In the circumstance where client computers are domain members but you do not want to configure a BranchCache client computer cache age setting on all client computers, you can specify Not Configured for this domain Group Policy setting, and then configure local computer policy to enable BranchCache client computer cache age settings on individual client computers. Because the domain Group Policy setting is not configured, it will not over-write the client computer cache age setting that you use on individual client computers.
-- Enabled. With this selection, the BranchCache client computer cache age setting is enabled for all client computers where the policy is applied. For example, if this policy setting is enabled in domain Group Policy, the BranchCache client computer cache age that you specify in the policy is turned on for all domain member client computers to which the policy is applied.
-- Disabled. With this selection, BranchCache client computers use the default client computer cache age setting of 28 days on the client computer.
+- Not Configured: With this selection, BranchCache client computer cache age settings aren't applied to client computers by this policy. In the circumstance where client computers are domain members but you don't want to configure a BranchCache client computer cache age setting on all client computers, you can specify Not Configured for this domain Group Policy setting, and then configure local computer policy to enable BranchCache client computer cache age settings on individual client computers. Because the domain Group Policy setting isn't configured, it won't over-write the client computer cache age setting that you use on individual client computers.
+- Enabled: With this selection, the BranchCache client computer cache age setting is enabled for all client computers where the policy is applied. For example, if this policy setting is enabled in domain Group Policy, the BranchCache client computer cache age that you specify in the policy is turned on for all domain member client computers to which the policy is applied.
+- Disabled: With this selection, BranchCache client computers use the default client computer cache age setting of 28 days on the client computer.
 
 In circumstances where this setting is enabled, you can also select and configure the following option:
 
@@ -553,19 +553,19 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting specifies whether BranchCache-capable client computers operate in a downgraded mode in order to maintain compatibility with previous versions of BranchCache. If client computers do not use the same BranchCache version, cache efficiency might be reduced because client computers that are using different versions of BranchCache might store cache data in incompatible formats.
+This policy setting specifies whether BranchCache-capable client computers operate in a downgraded mode in order to maintain compatibility with previous versions of BranchCache. If client computers don't use the same BranchCache version, cache efficiency might be reduced because client computers that are using different versions of BranchCache might store cache data in incompatible formats.
 
 If you enable this policy setting, all clients use the version of BranchCache that you specify in "Select from the following versions."
 
-If you do not configure this setting, all clients will use the version of BranchCache that matches their operating system.
+If you don't configure this setting, all clients will use the version of BranchCache that matches their operating system.
 
 Policy configuration
 
-Select one of the following:
+Select one of the following options:
 
-- Not Configured. With this selection, this policy setting is not applied to client computers, and the clients run the version of BranchCache that is included with their operating system.
-- Enabled. With this selection, this policy setting is applied to client computers based on the value of the option setting "Select from the following versions" that you specify.
-- Disabled. With this selection, this policy setting is not applied to client computers, and the clients run the version of BranchCache that is included with their operating system.
+- Not Configured: With this selection, this policy setting isn't applied to client computers, and the clients run the version of BranchCache that is included with their operating system.
+- Enabled: With this selection, this policy setting is applied to client computers based on the value of the option setting "Select from the following versions" that you specify.
+- Disabled: With this selection, this policy setting isn't applied to client computers, and the clients run the version of BranchCache that is included with their operating system.
 
 In circumstances where this setting is enabled, you can also select and configure the following option:
 
diff --git a/windows/client-management/mdm/policy-csp-admx-performancediagnostics.md b/windows/client-management/mdm/policy-csp-admx-performancediagnostics.md
index 131f8068f9..639a44a171 100644
--- a/windows/client-management/mdm/policy-csp-admx-performancediagnostics.md
+++ b/windows/client-management/mdm/policy-csp-admx-performancediagnostics.md
@@ -73,15 +73,15 @@ This policy setting determines the execution level for Windows Boot Performance
 
 If you enable this policy setting, you must select an execution level from the dropdown menu. If you select problem detection and troubleshooting only, the Diagnostic Policy Service (DPS) will detect Windows Boot Performance problems and attempt to determine their root causes. These root causes will be logged to the event log when detected, but no corrective action will be taken. If you select detection, troubleshooting and resolution, the DPS will detect Windows Boot Performance problems and indicate to the user that assisted resolution is available.
 
-If you disable this policy setting, Windows will not be able to detect, troubleshoot or resolve any Windows Boot Performance problems that are handled by the DPS.
+If you disable this policy setting, Windows won't be able to detect, troubleshoot or resolve any Windows Boot Performance problems that are handled by the DPS.
 
-If you do not configure this policy setting, the DPS will enable Windows Boot Performance for resolution by default.
+If you don't configure this policy setting, the DPS will enable Windows Boot Performance for resolution by default.
 
-This policy setting takes effect only if the diagnostics-wide scenario execution policy is not configured.
+This policy setting takes effect only if the diagnostics-wide scenario execution policy isn't configured.
 
 No system restart or service restart is required for this policy to take effect: changes take effect immediately.
 
-This policy setting will only take effect when the Diagnostic Policy Service is in the running state. When the service is stopped or disabled, diagnostic scenarios will not be executed.  The DPS can be configured with the Services snap-in to the Microsoft Management Console.
+This policy setting will only take effect when the Diagnostic Policy Service is in the running state. When the service is stopped or disabled, diagnostic scenarios won't be executed.  The DPS can be configured with the Services snap-in to the Microsoft Management Console.
 
 <!--/Description-->
 
@@ -127,15 +127,15 @@ Determines the execution level for Windows Standby/Resume Performance Diagnostic
 
 If you enable this policy setting, you must select an execution level from the dropdown menu. If you select problem detection and troubleshooting only, the Diagnostic Policy Service (DPS) will detect Windows Standby/Resume Performance problems and attempt to determine their root causes. These root causes will be logged to the event log when detected, but no corrective action will be taken. If you select detection, troubleshooting and resolution, the DPS will detect Windows Standby/Resume Performance problems and indicate to the user that assisted resolution is available.
 
-If you disable this policy setting, Windows will not be able to detect, troubleshoot or resolve any Windows Standby/Resume Performance problems that are handled by the DPS.
+If you disable this policy setting, Windows won't be able to detect, troubleshoot or resolve any Windows Standby/Resume Performance problems that are handled by the DPS.
 
-If you do not configure this policy setting, the DPS will enable Windows Standby/Resume Performance for resolution by default.
+If you don't configure this policy setting, the DPS will enable Windows Standby/Resume Performance for resolution by default.
 
-This policy setting takes effect only if the diagnostics-wide scenario execution policy is not configured.
+This policy setting takes effect only if the diagnostics-wide scenario execution policy isn't configured.
 
 No system restart or service restart is required for this policy to take effect: changes take effect immediately.
 
-This policy setting will only take effect when the Diagnostic Policy Service is in the running state. When the service is stopped or disabled, diagnostic scenarios will not be executed.  The DPS can be configured with the Services snap-in to the Microsoft Management Console.
+This policy setting will only take effect when the Diagnostic Policy Service is in the running state. When the service is stopped or disabled, diagnostic scenarios won't be executed.  The DPS can be configured with the Services snap-in to the Microsoft Management Console.
 
 <!--/Description-->
 
@@ -181,15 +181,15 @@ This policy setting determines the execution level for Windows Shutdown Performa
 
 If you enable this policy setting, you must select an execution level from the dropdown menu. If you select problem detection and troubleshooting only, the Diagnostic Policy Service (DPS) will detect Windows Shutdown Performance problems and attempt to determine their root causes. These root causes will be logged to the event log when detected, but no corrective action will be taken. If you select detection, troubleshooting and resolution, the DPS will detect Windows Shutdown Performance problems and indicate to the user that assisted resolution is available.
 
-If you disable this policy setting, Windows will not be able to detect, troubleshoot or resolve any Windows Shutdown Performance problems that are handled by the DPS.
+If you disable this policy setting, Windows won't be able to detect, troubleshoot or resolve any Windows Shutdown Performance problems that are handled by the DPS.
 
-If you do not configure this policy setting, the DPS will enable Windows Shutdown Performance for resolution by default.
+If you don't configure this policy setting, the DPS will enable Windows Shutdown Performance for resolution by default.
 
-This policy setting takes effect only if the diagnostics-wide scenario execution policy is not configured.
+This policy setting takes effect only if the diagnostics-wide scenario execution policy isn't configured.
 
 No system restart or service restart is required for this policy to take effect: changes take effect immediately.
 
-This policy setting will only take effect when the Diagnostic Policy Service is in the running state. When the service is stopped or disabled, diagnostic scenarios will not be executed.  The DPS can be configured with the Services snap-in to the Microsoft Management Console.
+This policy setting will only take effect when the Diagnostic Policy Service is in the running state. When the service is stopped or disabled, diagnostic scenarios won't be executed.  The DPS can be configured with the Services snap-in to the Microsoft Management Console.
 
 <!--/Description-->
 
@@ -235,15 +235,15 @@ Determines the execution level for Windows Standby/Resume Performance Diagnostic
 
 If you enable this policy setting, you must select an execution level from the dropdown menu. If you select problem detection and troubleshooting only, the Diagnostic Policy Service (DPS) will detect Windows Standby/Resume Performance problems and attempt to determine their root causes. These root causes will be logged to the event log when detected, but no corrective action will be taken. If you select detection, troubleshooting and resolution, the DPS will detect Windows Standby/Resume Performance problems and indicate to the user that assisted resolution is available.
 
-If you disable this policy setting, Windows will not be able to detect, troubleshoot or resolve any Windows Standby/Resume Performance problems that are handled by the DPS.
+If you disable this policy setting, Windows won't be able to detect, troubleshoot or resolve any Windows Standby/Resume Performance problems that are handled by the DPS.
 
-If you do not configure this policy setting, the DPS will enable Windows Standby/Resume Performance for resolution by default.
+If you don't configure this policy setting, the DPS will enable Windows Standby/Resume Performance for resolution by default.
 
-This policy setting takes effect only if the diagnostics-wide scenario execution policy is not configured.
+This policy setting takes effect only if the diagnostics-wide scenario execution policy isn't configured.
 
 No system restart or service restart is required for this policy to take effect: changes take effect immediately.
 
-This policy setting will only take effect when the Diagnostic Policy Service is in the running state. When the service is stopped or disabled, diagnostic scenarios will not be executed.  The DPS can be configured with the Services snap-in to the Microsoft Management Console.
+This policy setting will only take effect when the Diagnostic Policy Service is in the running state. When the service is stopped or disabled, diagnostic scenarios won't be executed.  The DPS can be configured with the Services snap-in to the Microsoft Management Console.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-powershellexecutionpolicy.md b/windows/client-management/mdm/policy-csp-admx-powershellexecutionpolicy.md
index f464f39c32..0f0b567c4d 100644
--- a/windows/client-management/mdm/policy-csp-admx-powershellexecutionpolicy.md
+++ b/windows/client-management/mdm/policy-csp-admx-powershellexecutionpolicy.md
@@ -74,7 +74,7 @@ This policy setting allows you to turn on logging for Windows PowerShell modules
 
 If you enable this policy setting, pipeline execution events for members of the specified modules are recorded in the Windows PowerShell log in Event Viewer. Enabling this policy setting for a module is equivalent to setting the LogPipelineExecutionDetails property of the module to True.
 
-If you disable this policy setting, logging of execution events is disabled for all Windows PowerShell modules. Disabling this policy setting for a module is equivalent to setting the LogPipelineExecutionDetails property of the module to False.  If this policy setting is not configured, the LogPipelineExecutionDetails property of a module or snap-in determines whether the execution events of a module or snap-in are logged. By default, the LogPipelineExecutionDetails property of all modules and snap-ins is set to False.
+If you disable this policy setting, logging of execution events is disabled for all Windows PowerShell modules. Disabling this policy setting for a module is equivalent to setting the LogPipelineExecutionDetails property of the module to False.  If this policy setting isn't configured, the LogPipelineExecutionDetails property of a module or snap-in determines whether the execution events of a module or snap-in are logged. By default, the LogPipelineExecutionDetails property of all modules and snap-ins is set to False.
 
 To add modules and snap-ins to the policy setting list, click Show, and then type the module names in the list. The modules and snap-ins in the list must be installed on the computer.
 
@@ -124,14 +124,14 @@ ADMX Info:
 <!--Description-->
 This policy setting lets you configure the script execution policy, controlling which scripts are allowed to run.
 
-If you enable this policy setting, the scripts selected in the drop-down list are allowed to run.  The "Allow only signed scripts" policy setting allows scripts to execute only if they are signed by a trusted publisher.
+If you enable this policy setting, the scripts selected in the drop-down list are allowed to run.  The "Allow only signed scripts" policy setting allows scripts to execute only if they're signed by a trusted publisher.
 
 The "Allow local scripts and remote signed scripts" policy setting allows any local scripts to run; scripts that originate from the Internet must be signed by a trusted publisher.  The "Allow all scripts" policy setting allows all scripts to run.
 
 If you disable this policy setting, no scripts are allowed to run.
 
 > [!NOTE]
-> This policy setting exists under both "Computer Configuration" and "User Configuration" in the Local Group Policy Editor. The "Computer Configuration" has precedence over "User Configuration."  If you disable or do not configure this policy setting, it reverts to a per-machine preference setting; the default if that is not configured is "No scripts allowed."
+> This policy setting exists under both "Computer Configuration" and "User Configuration" in the Local Group Policy Editor. The "Computer Configuration" has precedence over "User Configuration."  If you disable or do not configure this policy setting, it reverts to a per-machine preference setting; the default if that isn't configured is "No scripts allowed."
 
 <!--/Description-->
 
@@ -176,9 +176,9 @@ ADMX Info:
 <!--Description-->
 This policy setting lets you capture the input and output of Windows PowerShell commands into text-based transcripts.
 
-If you enable this policy setting, Windows PowerShell will enable transcripting for Windows PowerShell, the Windows PowerShell ISE, and any other  applications that leverage the Windows PowerShell engine. By default, Windows PowerShell will record transcript output to each users' My Documents directory, with a file name that includes 'PowerShell_transcript', along with the computer name and time started. Enabling this policy is equivalent  to calling the Start-Transcript cmdlet on each Windows PowerShell session.
+If you enable this policy setting, Windows PowerShell will enable transcription for Windows PowerShell, the Windows PowerShell ISE, and any other  applications that use the Windows PowerShell engine. By default, Windows PowerShell will record transcript output to each users' My Documents directory, with a file name that includes 'PowerShell_transcript', along with the computer name and time started. Enabling this policy is equivalent  to calling the Start-Transcript cmdlet on each Windows PowerShell session.
 
-If you disable this policy setting, transcripting of PowerShell-based applications is disabled by default, although transcripting can still be enabled  through the Start-Transcript cmdlet.
+If you disable this policy setting, transcription of PowerShell-based applications is disabled by default, although transcription can still be enabled  through the Start-Transcript cmdlet.
 
 If you use the OutputDirectory setting to enable transcript logging to a shared location, be sure to limit access to that directory to prevent users  from viewing the transcripts of other users or computers.
 
@@ -230,7 +230,7 @@ This policy setting allows you to set the default value of the SourcePath parame
 
 If you enable this policy setting, the Update-Help cmdlet will use the specified value as the default value for the SourcePath parameter. This default value can be overridden by specifying a different value with the SourcePath parameter on the Update-Help cmdlet.
 
-If this policy setting is disabled or not configured, this policy setting does not set a default value for the SourcePath parameter of the Update-Help cmdlet.
+If this policy setting is disabled or not configured, this policy setting doesn't set a default value for the SourcePath parameter of the Update-Help cmdlet.
 
 > [!NOTE]
 > This policy setting exists under both Computer Configuration and User Configuration in the Group Policy Editor. The Computer Configuration policy setting takes precedence over the User Configuration policy setting.
diff --git a/windows/client-management/mdm/policy-csp-admx-printing.md b/windows/client-management/mdm/policy-csp-admx-printing.md
index 5e99e594d1..0ea4840878 100644
--- a/windows/client-management/mdm/policy-csp-admx-printing.md
+++ b/windows/client-management/mdm/policy-csp-admx-printing.md
@@ -140,12 +140,12 @@ Internet printing lets you display printers on Web pages so that printers can be
 
 If you enable this policy setting, Internet printing is activated on this server.
 
-If you disable this policy setting or do not configure it, Internet printing is not activated.
+If you disable this policy setting or don't configure it, Internet printing isn't activated.
 
 Internet printing is an extension of Internet Information Services (IIS). To use Internet printing, IIS must be installed, and printing support and this setting must be enabled.
 
 > [!NOTE]
-> This setting affects the server side of Internet printing only. It does not prevent the print client on the computer from printing across the Internet.
+> This setting affects the server side of Internet printing only. It doesn't prevent the print client on the computer from printing across the Internet.
 
 Also, see the "Custom support URL in the Printers folder's left pane" setting in this folder and the "Browse a common Web site to find printers" setting in User Configuration\Administrative Templates\Control Panel\Printers.
 
@@ -191,15 +191,15 @@ ADMX Info:
 <!--Description-->
 Determines if print driver components are isolated from applications instead of normally loading them into applications. Isolating print drivers greatly reduces the risk of a print driver failure causing an application crash.
 
-Not all applications support driver isolation. By default, Microsoft Excel 2007, Excel 2010, Word 2007, Word 2010 and certain other applications are configured to support it. Other applications may also be capable of isolating print drivers, depending on whether they are configured for it.
+Not all applications support driver isolation. By default, Microsoft Excel 2007, Excel 2010, Word 2007, Word 2010 and certain other applications are configured to support it. Other applications may also be capable of isolating print drivers, depending on whether they're configured for it.
 
-If you enable or do not configure this policy setting, then applications that are configured to support driver isolation will be isolated.
+If you enable or don't configure this policy setting, then applications that are configured to support driver isolation will be isolated.
 
 If you disable this policy setting, then print drivers will be loaded within all associated application processes.
 
 > [!NOTE]
 > - This policy setting applies only to applications opted into isolation.
-> - This policy setting applies only to print drivers loaded by applications. Print drivers loaded by the print spooler are not affected.
+> - This policy setting applies only to print drivers loaded by applications. Print drivers loaded by the print spooler aren't affected.
 > - This policy setting is only checked once during the lifetime of a process. After changing the policy, a running application must be relaunched before settings take effect.
 
 <!--/Description-->
@@ -246,7 +246,7 @@ By default, the Printers folder includes a link to the Microsoft Support Web pag
 
 If you enable this policy setting, you replace the "Get help with printing" default link with a link to a Web page customized for your enterprise.
 
-If you disable this setting or do not configure it, or if you do not enter an alternate Internet address, the default link will appear in the Printers folder.
+If you disable this setting or don't configure it, or if you don't enter an alternate Internet address, the default link will appear in the Printers folder.
 
 > [!NOTE]
 > Web pages links only appear in the Printers folder when Web view is enabled. If Web view is disabled, the setting has no effect. (To enable Web view, open the Printers folder, and, on the Tools menu, click Folder Options, click the General tab, and then click "Enable Web content in folders.")
@@ -299,9 +299,9 @@ This policy setting allows you to manage where client computers search for Point
 
 If you enable this policy setting, the client computer will continue to search for compatible Point and Print drivers from Windows Update after it fails to find the compatible driver from the local driver store and the server driver cache.
 
-If you disable this policy setting, the client computer will only search the local driver store and server driver cache for compatible Point and Print drivers. If it is unable to find a compatible driver, then the Point and Print connection will fail.
+If you disable this policy setting, the client computer will only search the local driver store and server driver cache for compatible Point and Print drivers. If it's unable to find a compatible driver, then the Point and Print connection will fail.
 
-This policy setting is not configured by default, and the behavior depends on the version of Windows that you are using.
+This policy setting isn't configured by default, and the behavior depends on the version of Windows that you're using.
 
 
 <!--/Description-->
@@ -344,11 +344,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-If you enable this policy setting, it sets the maximum number of printers (of each type) that the Add Printer wizard will display on a computer on a managed network (when the computer is able to reach a domain controller, e.g. a domain-joined laptop on a corporate network.)
+If you enable this policy setting, it sets the maximum number of printers (of each type) that the Add Printer wizard will display on a computer on a managed network (when the computer is able to reach a domain controller, for example, a domain-joined laptop on a corporate network.)
 
-If this policy setting is disabled, the network scan page will not be displayed.
+If this policy setting is disabled, the network scan page won't be displayed.
 
-If this policy setting is not configured, the Add Printer wizard will display the default number of printers of each type:
+If this policy setting isn't configured, the Add Printer wizard will display the default number of printers of each type:
 
 - Directory printers: 20
 - TCP/IP printers: 0
@@ -360,9 +360,9 @@ In order to view available Web Services printers on your network, ensure that ne
 
 If you would like to not display printers of a certain type, enable this policy and set the number of printers to display to 0.
 
-In Windows 10 and later, only TCP/IP printers can be shown in the wizard. If you enable this policy setting, only TCP/IP printer limits are applicable. On Windows 10 only, if you disable or do not configure this policy setting, the default limit is applied.
+In Windows 10 and later, only TCP/IP printers can be shown in the wizard. If you enable this policy setting, only TCP/IP printer limits are applicable. On Windows 10 only, if you disable or don't configure this policy setting, the default limit is applied.
 
-In Windows 8 and later, Bluetooth printers are not shown so its limit does not apply to those versions of Windows.
+In Windows 8 and later, Bluetooth printers aren't shown so its limit doesn't apply to those versions of Windows.
 
 <!--/Description-->
 
@@ -406,12 +406,12 @@ ADMX Info:
 <!--Description-->
 Allows users to use the Add Printer Wizard to search the network for shared printers.
 
-If you enable this setting or do not configure it, when users choose to add a network printer by selecting the "A network printer, or a printer attached to another computer" radio button on Add Printer Wizard's page 2, and also check the "Connect to this printer (or to browse for a printer, select this option and click Next)" radio button on Add Printer Wizard's page 3, and do not specify a printer name in the adjacent "Name" edit box, then Add Printer Wizard displays the list of shared printers on the network and invites to choose a printer from the shown list.
+If you enable this setting or don't configure it, when users choose to add a network printer by selecting the "A network printer, or a printer attached to another computer" radio button on Add Printer Wizard's page 2, and also check the "Connect to this printer (or to browse for a printer, select this option and click Next)" radio button on Add Printer Wizard's page 3, and don't specify a printer name in the adjacent "Name" edit box, then Add Printer Wizard displays the list of shared printers on the network and invites to choose a printer from the shown list.
 
-If you disable this setting, the network printer browse page is removed from within the Add Printer Wizard, and users cannot search the network but must type a printer name.
+If you disable this setting, the network printer browse page is removed from within the Add Printer Wizard, and users can't search the network but must type a printer name.
 
 > [!NOTE]
-> This setting affects the Add Printer Wizard only. It does not prevent users from using other programs to search for shared printers or to connect to network printers.
+> This setting affects the Add Printer Wizard only. It doesn't prevent users from using other programs to search for shared printers or to connect to network printers.
 
 <!--/Description-->
 
@@ -453,22 +453,22 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-When printing through a print server, determines whether the print spooler on the client will process print jobs itself, or pass them on to the server to do the work.
+When printing is being done through a print server, determines whether the print spooler on the client will process print jobs itself, or pass them on to the server to do the work.
 
-This policy setting only effects printing to a Windows print server.
+This policy setting only affects printing to a Windows print server.
 
-If you enable this policy setting on a client machine, the client spooler will not process print jobs before sending them to the print server. This decreases the workload on the client at the expense of increasing the load on the server.
+If you enable this policy setting on a client machine, the client spooler won't process print jobs before sending them to the print server, thereby decreasing the workload on the client at the expense of increasing the load on the server.
 
-If you disable this policy setting on a client machine, the client itself will process print jobs into printer device commands. These commands will then be sent to the print server, and the server will simply pass the commands to the printer. This increases the workload of the client while decreasing the load on the server.
+If you disable this policy setting on a client machine, the client itself will process print jobs into printer device commands. These commands will then be sent to the print server, and the server will pass the commands to the printer. This process increases the workload of the client while decreasing the load on the server.
 
-If you do not enable this policy setting, the behavior is the same as disabling it.
+If you don't enable this policy setting, the behavior is the same as disabling it.
 
 > [!NOTE]
-> This policy does not determine whether offline printing will be available to the client. The client print spooler can always queue print jobs when not connected to the print server. Upon reconnecting to the server, the client will submit any pending print jobs.
+> This policy doesn't determine whether offline printing will be available to the client. The client print spooler can always queue print jobs when not connected to the print server. Upon reconnecting to the server, the client will submit any pending print jobs.
 >
-> Some printer drivers require a custom print processor. In some cases the custom print processor may not be installed on the client machine, such as when the print server does not support transferring print processors during point-and-print. In the case of a print processor mismatch, the client spooler will always send jobs to the print server for rendering. Disabling the above policy setting does not override this behavior.
+> Some printer drivers require a custom print processor. In some cases the custom print processor may not be installed on the client machine, such as when the print server doesn't support transferring print processors during point-and-print. In the case of a print processor mismatch, the client spooler will always send jobs to the print server for rendering. Disabling the above policy setting doesn't override this behavior.
 >
-> In cases where the client print driver does not match the server print driver (mismatched connection), the client will always process the print job, regardless of the setting of this policy.
+> In cases where the client print driver doesn't match the server print driver (mismatched connection), the client will always process the print job, regardless of the setting of this policy.
 
 <!--/Description-->
 
@@ -604,15 +604,15 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Determines whether printers using kernel-mode drivers may be installed on the local computer.  Kernel-mode drivers have access to system-wide memory, and therefore poorly-written kernel-mode drivers can cause stop errors.
+Determines whether printers using kernel-mode drivers may be installed on the local computer.  Kernel-mode drivers have access to system-wide memory, and therefore poorly written kernel-mode drivers can cause stop errors.
 
 
-If you do not configure this setting on Windows Server 2003 family products, the installation of kernel-mode printer drivers will be blocked.
+If you don't configure this setting on Windows Server 2003 family products, the installation of kernel-mode printer drivers will be blocked.
 
-If you enable this setting, installation of a printer using a kernel-mode driver will not be allowed.
+If you enable this setting, installation of a printer using a kernel-mode driver won't be allowed.
 
 > [!NOTE]
-> This policy does not apply to 64-bit kernel-mode printer drivers as they cannot be installed and associated with a print queue.
+> This policy doesn't apply to 64-bit kernel-mode printer drivers as they can't be installed and associated with a print queue.
 
 <!--/Description-->
 
@@ -656,11 +656,11 @@ ADMX Info:
 <!--Description-->
 This preference allows you to change default printer management.
 
-If you enable this setting, Windows will not manage the default printer.
+If you enable this setting, Windows won't manage the default printer.
 
 If you disable this setting, Windows will manage the default printer.
 
-If you do not configure this setting, default printer management will not change. 
+If you don't configure this setting, default printer management won't change. 
 
 <!--/Description-->
 
@@ -706,7 +706,7 @@ Microsoft XPS Document Writer (MXDW) generates OpenXPS (*.oxps) files by default
 
 If you enable this group policy setting, the default MXDW output format is the legacy Microsoft XPS (*.xps).
 
-If you disable or do not configure this policy setting, the default MXDW output format is OpenXPS (*.oxps).
+If you disable or don't configure this policy setting, the default MXDW output format is OpenXPS (*.oxps).
 
 <!--/Description-->
 
@@ -752,7 +752,7 @@ If this policy setting is enabled, it prevents users from deleting local and net
 
 If a user tries to delete a printer, such as by using the Delete option in Printers in Control Panel, a message appears explaining that a setting prevents the action.
 
-This setting does not prevent users from running other programs to delete a printer.
+This setting doesn't prevent users from running other programs to delete a printer.
 
 If this policy is disabled, or not configured, users can delete printers using the methods described above.
 
@@ -796,11 +796,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy sets the maximum number of printers (of each type) that the Add Printer wizard will display on a computer on an unmanaged network (when the computer is not able to reach a domain controller, e.g. a domain-joined laptop on a home network.)
+This policy sets the maximum number of printers (of each type) that the Add Printer wizard will display on a computer on an unmanaged network (when the computer isn't able to reach a domain controller, for example, a domain-joined laptop on a home network.)
 
-If this setting is disabled, the network scan page will not be displayed.
+If this setting is disabled, the network scan page won't be displayed.
 
-If this setting is not configured, the Add Printer wizard will display the default number of printers of each type:
+If this setting isn't configured, the Add Printer wizard will display the default number of printers of each type:
 
 - TCP/IP printers: 50
 - Web Services printers: 50
@@ -809,9 +809,9 @@ If this setting is not configured, the Add Printer wizard will display the defau
 
 If you would like to not display printers of a certain type, enable this policy and set the number of printers to display to 0.
 
-In Windows 10 and later, only TCP/IP printers can be shown in the wizard. If you enable this policy setting, only TCP/IP printer limits are applicable. On Windows 10 only, if you disable or do not configure this policy setting, the default limit is applied.
+In Windows 10 and later, only TCP/IP printers can be shown in the wizard. If you enable this policy setting, only TCP/IP printer limits are applicable. On Windows 10 only, if you disable or don't configure this policy setting, the default limit is applied.
 
-In Windows 8 and later, Bluetooth printers are not shown so its limit does not apply to those versions of Windows.
+In Windows 8 and later, Bluetooth printers aren't shown so its limit doesn't apply to those versions of Windows.
 
 <!--/Description-->
 
@@ -855,9 +855,9 @@ ADMX Info:
 <!--Description-->
 This policy restricts clients computers to use package point and print only.
 
-If this setting is enabled, users will only be able to point and print to printers that use package-aware drivers. When using package point and print, client computers will check the driver signature of all drivers that are downloaded from print servers.
+If this setting is enabled, users will only be able to point and print to printers that use package-aware drivers. When package point and print are being used, client computers will check the driver signature of all drivers that are downloaded from print servers.
 
-If this setting is disabled, or not configured, users will not be restricted to package-aware point and print only.
+If this setting is disabled, or not configured, users won't be restricted to package-aware point and print only.
 
 <!--/Description-->
 
@@ -901,9 +901,9 @@ ADMX Info:
 <!--Description-->
 This policy restricts clients computers to use package point and print only.
 
-If this setting is enabled, users will only be able to point and print to printers that use package-aware drivers. When using package point and print, client computers will check the driver signature of all drivers that are downloaded from print servers.
+If this setting is enabled, users will only be able to point and print to printers that use package-aware drivers. When package point and print are being used, client computers will check the driver signature of all drivers that are downloaded from print servers.
 
-If this setting is disabled, or not configured, users will not be restricted to package-aware point and print only.
+If this setting is disabled, or not configured, users won't be restricted to package-aware point and print only.
 
 <!--/Description-->
 
@@ -947,13 +947,13 @@ ADMX Info:
 <!--Description-->
 Restricts package point and print to approved servers.
 
-This policy setting restricts package point and print connections to approved servers. This setting only applies to Package Point and Print connections, and is completely independent from the "Point and Print Restrictions" policy that governs the behavior of non-package point and print connections.
+This policy setting restricts package point and print connections to approved servers. This setting only applies to Package Point and Print connections, and is independent from the "Point and Print Restrictions" policy that governs the behavior of non-package point and print connections.
 
 Windows Vista and later clients will attempt to make a non-package point and print connection anytime a package point and print connection fails, including attempts that are blocked by this policy. Administrators may need to set both policies to block all print connections to a specific print server.
 
-If this setting is enabled, users will only be able to package point and print to print servers approved by the network administrator. When using package point and print, client computers will check the driver signature of all drivers that are downloaded from print servers.
+If this setting is enabled, users will only be able to package point and print to print servers approved by the network administrator. When package point and print are being used, client computers will check the driver signature of all drivers that are downloaded from print servers.
 
-If this setting is disabled, or not configured, package point and print will not be restricted to specific print servers.
+If this setting is disabled, or not configured, package point and print won't be restricted to specific print servers.
 
 <!--/Description-->
 
@@ -997,13 +997,13 @@ ADMX Info:
 <!--Description-->
 Restricts package point and print to approved servers.
 
-This policy setting restricts package point and print connections to approved servers. This setting only applies to Package Point and Print connections, and is completely independent from the "Point and Print Restrictions" policy that governs the behavior of non-package point and print connections.
+This policy setting restricts package point and print connections to approved servers. This setting only applies to Package Point and Print connections, and is independent from the "Point and Print Restrictions" policy that governs the behavior of non-package point and print connections.
 
 Windows Vista and later clients will attempt to make a non-package point and print connection anytime a package point and print connection fails, including attempts that are blocked by this policy. Administrators may need to set both policies to block all print connections to a specific print server.
 
-If this setting is enabled, users will only be able to package point and print to print servers approved by the network administrator. When using package point and print, client computers will check the driver signature of all drivers that are downloaded from print servers.
+If this setting is enabled, users will only be able to package point and print to print servers approved by the network administrator. When package point and print are being used, client computers will check the driver signature of all drivers that are downloaded from print servers.
 
-If this setting is disabled, or not configured, package point and print will not be restricted to specific print servers.
+If this setting is disabled, or not configured, package point and print won't be restricted to specific print servers.
 
 <!--/Description-->
 
@@ -1053,7 +1053,7 @@ When Location Tracking is enabled, the system uses the specified location as a c
 
 Type the location of the user's computer. When users search for printers, the system uses the specified location (and other search criteria) to find a printer nearby. You can also use this setting to direct users to a particular printer or group of printers that you want them to use.
 
-If you disable this setting or do not configure it, and the user does not type a location as a search criterion, the system searches for a nearby printer based on the IP address and subnet mask of the user's computer.
+If you disable this setting or don't configure it, and the user doesn't type a location as a search criterion, the system searches for a nearby printer based on the IP address and subnet mask of the user's computer.
 
 <!--/Description-->
 
@@ -1101,7 +1101,7 @@ Use Location Tracking to design a location scheme for your enterprise and assign
 
 If you enable this setting, users can browse for printers by location without knowing the printer's location or location naming scheme. Enabling Location Tracking adds a Browse button in the Add Printer wizard's Printer Name and Sharing Location screen and to the General tab in the Printer Properties dialog box. If you enable the Group Policy Computer location setting, the default location you entered appears in the Location field by default.
 
-If you disable this setting or do not configure it, Location Tracking is disabled. Printer proximity is estimated using the standard method (that is, based on IP address and subnet mask).
+If you disable this setting or don't configure it, Location Tracking is disabled. Printer proximity is estimated using the standard method (that is, based on IP address and subnet mask).
 
 <!--/Description-->
 
@@ -1143,15 +1143,15 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting determines whether the print spooler will execute print drivers in an isolated or separate process. When print drivers are loaded in an isolated process (or isolated processes), a print driver failure will not cause the print spooler service to fail.
+This policy setting determines whether the print spooler will execute print drivers in an isolated or separate process. When print drivers are loaded in an isolated process (or isolated processes), a print driver failure won't cause the print spooler service to fail.
 
-If you enable or do not configure this policy setting, the print spooler will execute print drivers in an isolated process by default.
+If you enable or don't configure this policy setting, the print spooler will execute print drivers in an isolated process by default.
 
 If you disable this policy setting, the print spooler will execute print drivers in the print spooler process.
 
 > [!NOTE]
 > - Other system or driver policy settings may alter the process in which a print driver is executed.
-> - This policy setting applies only to print drivers loaded by the print spooler. Print drivers loaded by applications are not affected.
+> - This policy setting applies only to print drivers loaded by the print spooler. Print drivers loaded by applications aren't affected.
 > - This policy setting takes effect without restarting the print spooler service.
 
 <!--/Description-->
@@ -1194,15 +1194,15 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting determines whether the print spooler will override the Driver Isolation compatibility reported by the print driver. This enables executing print drivers in an isolated process, even if the driver does not report compatibility.
+This policy setting determines whether the print spooler will override the Driver Isolation compatibility reported by the print driver. This policy setting enables executing print drivers in an isolated process, even if the driver doesn't report compatibility.
 
-If you enable this policy setting, the print spooler isolates all print drivers that do not explicitly opt out of Driver Isolation.
+If you enable this policy setting, the print spooler isolates all print drivers that don't explicitly opt out of Driver Isolation.
 
-If you disable or do not configure this policy setting, the print spooler uses the Driver Isolation compatibility flag value reported by the print driver.
+If you disable or don't configure this policy setting, the print spooler uses the Driver Isolation compatibility flag value reported by the print driver.
 
 > [!NOTE]
 > - Other system or driver policy settings may alter the process in which a print driver is executed.
-> - This policy setting applies only to print drivers loaded by the print spooler. Print drivers loaded by applications are not affected.
+> - This policy setting applies only to print drivers loaded by the print spooler. Print drivers loaded by applications aren't affected.
 > - This policy setting takes effect without restarting the print spooler service.
 
 <!--/Description-->
@@ -1251,7 +1251,7 @@ The Add Printer Wizard gives users the option of searching Active Directory for
 
 If you enable this policy setting, these searches begin at the location you specify in the "Default Active Directory path" box. Otherwise, searches begin at the root of Active Directory.
 
-This setting only provides a starting point for Active Directory searches for printers. It does not restrict user searches through Active Directory.
+This setting only provides a starting point for Active Directory searches for printers. It doesn't restrict user searches through Active Directory.
 
 <!--/Description-->
 
@@ -1295,13 +1295,13 @@ ADMX Info:
 <!--Description-->
 Announces the presence of shared printers to print browse main servers for the domain.
 
-On domains with Active Directory, shared printer resources are available in Active Directory and are not announced.
+On domains with Active Directory, shared printer resources are available in Active Directory and aren't announced.
 
 If you enable this setting, the print spooler announces shared printers to the print browse main servers.
 
-If you disable this setting, shared printers are not announced to print browse main servers, even if Active Directory is not available.
+If you disable this setting, shared printers aren't announced to print browse main servers, even if Active Directory isn't available.
 
-If you do not configure this setting, shared printers are announced to browse main servers only when Active Directory is not available.
+If you don't configure this setting, shared printers are announced to browse main servers only when Active Directory isn't available.
 
 > [!NOTE]
 > A client license is used each time a client computer announces a printer to a print browse master on the domain.
@@ -1348,12 +1348,12 @@ ADMX Info:
 <!--Description-->
 This policy controls whether the print job name will be included in print event logs.
 
-If you disable or do not configure this policy setting, the print job name will not be included.
+If you disable or don't configure this policy setting, the print job name won't be included.
 
 If you enable this policy setting, the print job name will be included in new log entries.
 
 > [!NOTE]
-> This setting does not apply to Branch Office Direct Printing jobs.
+> This setting doesn't apply to Branch Office Direct Printing jobs.
 
 <!--/Description-->
 
@@ -1397,11 +1397,11 @@ ADMX Info:
 <!--Description-->
 This policy determines if v4 printer drivers are allowed to run printer extensions.
 
-V4 printer drivers may include an optional, customized user interface known as a printer extension. These extensions may provide access to more device features, but this may not be appropriate for all enterprises.
+V4 printer drivers may include an optional, customized user interface known as a printer extension. These extensions may provide access to more device features, but these extensions may not be appropriate for all enterprises.
 
-If you enable this policy setting, then all printer extensions will not be allowed to run.
+If you enable this policy setting, then all printer extensions won't be allowed to run.
 
-If you disable this policy setting or do not configure it, then all printer extensions that have been installed will be allowed to run.
+If you disable this policy setting or don't configure it, then all printer extensions that have been installed will be allowed to run.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-printing2.md b/windows/client-management/mdm/policy-csp-admx-printing2.md
index 5ba617c45b..87ff13e471 100644
--- a/windows/client-management/mdm/policy-csp-admx-printing2.md
+++ b/windows/client-management/mdm/policy-csp-admx-printing2.md
@@ -86,9 +86,9 @@ manager: dansimp
 <!--Description-->
 Determines whether the Add Printer Wizard automatically publishes the computer's shared printers in Active Directory.
 
-If you enable this setting or do not configure it, the Add Printer Wizard automatically publishes all shared printers.
+If you enable this setting or don't configure it, the Add Printer Wizard automatically publishes all shared printers.
 
-If you disable this setting, the Add Printer Wizard does not automatically publish printers. However, you can publish shared printers manually.
+If you disable this setting, the Add Printer Wizard doesn't automatically publish printers. However, you can publish shared printers manually.
 
 The default behavior is to automatically publish shared printers in Active Directory.
 
@@ -137,11 +137,11 @@ ADMX Info:
 <!--Description-->
 Determines whether the domain controller can prune (delete from Active Directory) the printers published by this computer.
 
-By default, the pruning service on the domain controller prunes printer objects from Active Directory if the computer that published them does not respond to contact requests. When the computer that published the printers restarts, it republishes any deleted printer objects.
+By default, the pruning service on the domain controller prunes printer objects from Active Directory if the computer that published them doesn't respond to contact requests. When the computer that published the printers restarts, it republishes any deleted printer objects.
 
-If you enable this setting or do not configure it, the domain controller prunes this computer's printers when the computer does not respond.
+If you enable this setting or don't configure it, the domain controller prunes this computer's printers when the computer doesn't respond.
 
-If you disable this setting, the domain controller does not prune this computer's printers. This setting is designed to prevent printers from being pruned when the computer is temporarily disconnected from the network.
+If you disable this setting, the domain controller doesn't prune this computer's printers. This setting is designed to prevent printers from being pruned when the computer is temporarily disconnected from the network.
 
 > [!NOTE]
 > You can use the "Directory Pruning Interval" and "Directory Pruning Retry" settings to adjust the contact interval and number of contact attempts.
@@ -186,20 +186,20 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Determines whether the pruning service on a domain controller prunes printer objects that are not automatically republished whenever the host computer does not respond,just as it does with Windows 2000 printers. This setting applies to printers running operating systems other than Windows 2000 and to Windows 2000 printers published outside their forest.
+Determines whether the pruning service on a domain controller prunes printer objects that aren't automatically republished whenever the host computer doesn't respond, just as it does with Windows 2000 printers. This setting applies to printers running operating systems other than Windows 2000 and to Windows 2000 printers published outside their forest.
 
-The Windows pruning service prunes printer objects from Active Directory when the computer that published them does not respond to contact requests. Computers running Windows 2000 Professional detect and republish deleted printer objects when they rejoin the network. However, because non-Windows 2000 computers and computers in other domains cannot republish printers in Active Directory automatically, by default, the system never prunes their printer objects.
+The Windows pruning service prunes printer objects from Active Directory when the computer that published them doesn't respond to contact requests. Computers running Windows 2000 Professional detect and republish deleted printer objects when they rejoin the network. However, because non-Windows 2000 computers and computers in other domains can't republish printers in Active Directory automatically, by default, the system never prunes their printer objects.
 
 You can enable this setting to change the default behavior. To use this setting, select one of the following options from the "Prune non-republishing printers" box:
 
-- "Never" specifies that printer objects that are not automatically republished are never pruned. "Never" is the default.
+- "Never" specifies that printer objects that aren't automatically republished are never pruned. "Never" is the default.
 
-- "Only if Print Server is found" prunes printer objects that are not automatically republished only when the print server responds, but the printer is unavailable.
+- "Only if Print Server is found" prunes printer objects that aren't automatically republished only when the print server responds, but the printer is unavailable.
 
-- "Whenever printer is not found" prunes printer objects that are not automatically republished whenever the host computer does not respond, just as it does with Windows 2000 printers.
+- "Whenever printer is not found" prunes printer objects that aren't automatically republished whenever the host computer doesn't respond, just as it does with Windows 2000 printers.
 
 > [!NOTE]
-> This setting applies to printers published by using Active Directory Users and Computers or Pubprn.vbs. It does not apply to printers published by using Printers in Control Panel.
+> This setting applies to printers published by using Active Directory Users and Computers or Pubprn.vbs. It doesn't apply to printers published by using Printers in Control Panel.
 
 > [!TIP]
 > If you disable automatic pruning, remember to delete printer objects manually whenever you remove a printer or print server.
@@ -246,13 +246,13 @@ ADMX Info:
 <!--Description-->
 Specifies how often the pruning service on a domain controller contacts computers to verify that their printers are operational.
 
-The pruning service periodically contacts computers that have published printers. If a computer does not respond to the contact message (optionally, after repeated attempts), the pruning service "prunes" (deletes from Active Directory) printer objects the computer has published.
+The pruning service periodically contacts computers that have published printers. If a computer doesn't respond to the contact message (optionally, after repeated attempts), the pruning service "prunes" (deletes from Active Directory) printer objects the computer has published.
 
 By default, the pruning service contacts computers every eight hours and allows two repeated contact attempts before deleting printers from Active Directory.
 
 If you enable this setting, you can change the interval between contact attempts.
 
-If you do not configure or disable this setting the default values will be used.
+If you don't configure or disable this setting, the default values will be used.
 
 > [!NOTE]
 > This setting is used only on domain controllers.
@@ -299,9 +299,9 @@ ADMX Info:
 <!--Description-->
 Sets the priority of the pruning thread.
 
-The pruning thread, which runs only on domain controllers, deletes printer objects from Active Directory if the printer that published the object does not respond to contact attempts. This process keeps printer information in Active Directory current.
+The pruning thread, which runs only on domain controllers, deletes printer objects from Active Directory if the printer that published the object doesn't respond to contact attempts. This process keeps printer information in Active Directory current.
 
-The thread priority influences the order in which the thread receives processor time and determines how likely it is to be preempted by higher priority threads.
+The thread priority influences the order in which the thread receives processor time and determines how likely it's to be preempted by higher priority threads.
 
 By default, the pruning thread runs at normal priority. However, you can adjust the priority to improve the performance of this service.
 
@@ -350,13 +350,13 @@ ADMX Info:
 <!--Description-->
 Specifies how many times the pruning service on a domain controller repeats its attempt to contact a computer before pruning the computer's printers.
 
-The pruning service periodically contacts computers that have published printers to verify that the printers are still available for use. If a computer does not respond to the contact message, the message is repeated for the specified number of times. If the computer still fails to respond, then the pruning service "prunes" (deletes from Active Directory) printer objects the computer has published.
+The pruning service periodically contacts computers that have published printers to verify that the printers are still available for use. If a computer doesn't respond to the contact message, the message is repeated for the specified number of times. If the computer still fails to respond, then the pruning service "prunes" (deletes from Active Directory) printer objects the computer has published.
 
 By default, the pruning service contacts computers every eight hours and allows two retries before deleting printers from Active Directory. You can use this setting to change the number of retries.
 
 If you enable this setting, you can change the interval between attempts.
 
-If you do not configure or disable this setting, the default values are used.
+If you don't configure or disable this setting, the default values are used.
 
 > [!NOTE]
 > This setting is used only on domain controllers.
@@ -403,13 +403,13 @@ ADMX Info:
 <!--Description-->
 Specifies whether or not to log events when the pruning service on a domain controller attempts to contact a computer before pruning the computer's printers.
 
-The pruning service periodically contacts computers that have published printers to verify that the printers are still available for use. If a computer does not respond to the contact attempt, the attempt is retried a specified number of times, at a specified interval. The "Directory pruning retry" setting determines the number of times the attempt is retried; the default value is two retries. The "Directory Pruning Interval" setting determines the time interval between retries; the default value is every eight hours. If the computer has not responded by the last contact attempt, its printers are pruned from the directory.
+The pruning service periodically contacts computers that have published printers to verify that the printers are still available for use. If a computer doesn't respond to the contact attempt, the attempt is retried a specified number of times, at a specified interval. The "Directory pruning retry" setting determines the number of times the attempt is retried; the default value is two retries. The "Directory Pruning Interval" setting determines the time interval between retries; the default value is every eight hours. If the computer hasn't responded by the last contact attempt, its printers are pruned from the directory.
 
 If you enable this policy setting, the contact events are recorded in the event log.
 
-If you disable or do not configure this policy setting, the contact events are not recorded in the event log.
+If you disable or don't configure this policy setting, the contact events aren't recorded in the event log.
 
-Note: This setting does not affect the logging of pruning events; the actual pruning of a printer is always logged.
+Note: This setting doesn't affect the logging of pruning events; the actual pruning of a printer is always logged.
 
 > [!NOTE]
 > This setting is used only on domain controllers.
@@ -456,9 +456,9 @@ ADMX Info:
 <!--Description-->
 This policy controls whether the print spooler will accept client connections.
 
-When the policy is not configured or enabled, the spooler will always accept client connections.
+When the policy isn't configured or enabled, the spooler will always accept client connections.
 
-When the policy is disabled, the spooler will not accept client connections nor allow users to share printers. All printers currently shared will continue to be shared.
+When the policy is disabled, the spooler won't accept client connections nor allow users to share printers. All printers currently shared will continue to be shared.
 
 The spooler must be restarted for changes to this policy to take effect.
 
@@ -506,7 +506,7 @@ Directs the system to periodically verify that the printers published by this co
 
 By default, the system only verifies published printers at startup. This setting allows for periodic verification while the computer is operating.
 
-To enable this additional verification, enable this setting, and then select a verification interval.
+To enable this extra verification, enable this setting, and then select a verification interval.
 
 To disable verification, disable this setting, or enable this setting and select "Never" for the verification interval.
 
diff --git a/windows/client-management/mdm/policy-csp-admx-programs.md b/windows/client-management/mdm/policy-csp-admx-programs.md
index 08c035bce0..c1089d79fe 100644
--- a/windows/client-management/mdm/policy-csp-admx-programs.md
+++ b/windows/client-management/mdm/policy-csp-admx-programs.md
@@ -78,15 +78,15 @@ manager: dansimp
 
 <!--/Scope-->
 <!--Description-->
-This setting removes the Set Program Access and Defaults page from the Programs Control Panel. As a result, users cannot view or change the associated page.
+This setting removes the Set Program Access and Defaults page from the Programs Control Panel. As a result, users can't view or change the associated page.
 
 The Set Program Access and Computer Defaults page allows administrators to specify default programs for certain activities, such as Web browsing or sending e-mail, as well as specify the programs that are accessible from the Start menu, desktop, and other locations.
 
 If this setting is disabled or not configured, the Set Program Access and Defaults button is available to all users.
 
-This setting does not prevent users from using other tools and methods to change program access or defaults.
+This setting doesn't prevent users from using other tools and methods to change program access or defaults.
 
-This setting does not prevent the Default Programs icon from appearing on the Start menu.
+This setting doesn't prevent the Default Programs icon from appearing on the Start menu.
 
 <!--/Description-->
 
@@ -134,9 +134,9 @@ This setting prevents users from accessing the "Get Programs" page from the Prog
 
 Published programs are those programs that the system administrator has explicitly made available to the user with a tool such as Windows Installer. Typically, system administrators publish programs to notify users of their availability, to recommend their use, or to enable users to install them without having to search for installation files.
 
-If this setting is enabled, users cannot view the programs that have been published by the system administrator, and they cannot use the "Get Programs" page to install published programs.  Enabling this feature does not prevent users from installing programs by using other methods.  Users will still be able to view and installed assigned (partially installed) programs that are offered on the desktop or on the Start menu.
+If this setting is enabled, users can't view the programs that have been published by the system administrator, and they can't use the "Get Programs" page to install published programs.  Enabling this feature doesn't prevent users from installing programs by using other methods.  Users will still be able to view and installed assigned (partially installed) programs that are offered on the desktop or on the Start menu.
 
-If this setting is disabled or is not configured, the "Install a program from the network" task to the "Get Programs" page will be available to all users.
+If this setting is disabled or isn't configured, the "Install a program from the network" task to the "Get Programs" page will be available to all users.
 
 > [!NOTE]
 > If the "Hide Programs Control Panel" setting is enabled, this setting is ignored.
@@ -187,7 +187,7 @@ This setting prevents users from accessing "Installed Updates" page from the "Vi
 
 If this setting is disabled or not configured, the "View installed updates" task and the "Installed Updates" page will be available to all users.
 
-This setting does not prevent users from using other tools and methods to install or uninstall programs.
+This setting doesn't prevent users from using other tools and methods to install or uninstall programs.
 
 <!--/Description-->
 
@@ -233,7 +233,7 @@ This setting prevents users from accessing "Programs and Features" to view, unin
 
 If this setting is disabled or not configured, "Programs and Features" will be available to all users.
 
-This setting does not prevent users from using other tools and methods to view or uninstall programs.  It also does not prevent users from linking to related Programs Control Panel Features including Windows Features, Get Programs, or Windows Marketplace.
+This setting doesn't prevent users from using other tools and methods to view or uninstall programs.  It also doesn't prevent users from linking to related Programs Control Panel Features including Windows Features, Get Programs, or Windows Marketplace.
 
 <!--/Description-->
 
@@ -283,7 +283,7 @@ If this setting is disabled or not configured, the Programs Control Panel in Cat
 
 When enabled, this setting takes precedence over the other settings in this folder.
 
-This setting does not prevent users from using other tools and methods to install or uninstall programs.
+This setting doesn't prevent users from using other tools and methods to install or uninstall programs.
 
 <!--/Description-->
 
@@ -325,11 +325,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This setting prevents users from accessing the "Turn Windows features on or off" task from the Programs Control Panel in Category View, Programs and Features in Classic View, and Get Programs. As a result, users cannot view, enable, or disable various Windows features and services.
+This setting prevents users from accessing the "Turn Windows features on or off" task from the Programs Control Panel in Category View, Programs and Features in Classic View, and Get Programs. As a result, users can't view, enable, or disable various Windows features and services.
 
-If this setting is disabled or is not configured, the "Turn Windows features on or off" task will be available to all users.
+If this setting is disabled or isn't configured, the "Turn Windows features on or off" task will be available to all users.
 
-This setting does not prevent users from using other tools and methods to configure services or enable or disable program components.
+This setting doesn't prevent users from using other tools and methods to configure services or enable or disable program components.
 
 <!--/Description-->
 
@@ -375,9 +375,9 @@ This setting prevents users from access the "Get new programs from Windows Marke
 
 Windows Marketplace allows users to purchase and/or download various programs to their computer for installation.
 
-Enabling this feature does not prevent users from navigating to Windows Marketplace using other methods. 
+Enabling this feature doesn't prevent users from navigating to Windows Marketplace using other methods. 
 
-If this feature is disabled or is not configured, the "Get new programs from Windows Marketplace" task link will be available to all users.
+If this feature is disabled or isn't configured, the "Get new programs from Windows Marketplace" task link will be available to all users.
 
 > [!NOTE]
 > If the "Hide Programs control Panel" setting is enabled, this setting is ignored.
diff --git a/windows/client-management/mdm/policy-csp-admx-radar.md b/windows/client-management/mdm/policy-csp-admx-radar.md
index a62022e062..80e2f293b0 100644
--- a/windows/client-management/mdm/policy-csp-admx-radar.md
+++ b/windows/client-management/mdm/policy-csp-admx-radar.md
@@ -67,10 +67,10 @@ This policy determines the execution level for Windows Resource Exhaustion Detec
 
 These root causes will be logged to the event log when detected, but no corrective action will be taken. If you select detection, troubleshooting and resolution, the DPS will detect Windows Resource Exhaustion problems and indicate to the user that assisted resolution is available.  
 
-- If you disable this policy setting, Windows will not be able to detect, troubleshoot or resolve any Windows Resource Exhaustion problems that are handled by the DPS.
+- If you disable this policy setting, Windows won't be able to detect, troubleshoot or resolve any Windows Resource Exhaustion problems that are handled by the DPS.
 
-If you do not configure this policy setting, the DPS will enable Windows Resource Exhaustion for resolution by default.  
-This policy setting takes effect only if the diagnostics-wide scenario execution policy is not configured.  No system restart or service restart is required for this policy to take effect: changes take effect immediately. This policy setting will only take effect when the Diagnostic Policy Service is in the running state. When the service is stopped or disabled, diagnostic scenarios will not be executed. The DPS can be configured with the Services snap-in to the Microsoft Management Console.
+If you don't configure this policy setting, the DPS will enable Windows Resource Exhaustion for resolution by default.  
+This policy setting takes effect only if the diagnostics-wide scenario execution policy isn't configured.  No system restart or service restart is required for this policy to take effect: changes take effect immediately. This policy setting will only take effect when the Diagnostic Policy Service is in the running state. When the service is stopped or disabled, diagnostic scenarios won't be executed. The DPS can be configured with the Services snap-in to the Microsoft Management Console.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-reliability.md b/windows/client-management/mdm/policy-csp-admx-reliability.md
index b278ae8152..006b2c772d 100644
--- a/windows/client-management/mdm/policy-csp-admx-reliability.md
+++ b/windows/client-management/mdm/policy-csp-admx-reliability.md
@@ -71,11 +71,11 @@ manager: dansimp
 <!--Description-->
 This policy setting allows the system to detect the time of unexpected shutdowns by writing the current time to disk on a schedule controlled by the Timestamp Interval.
 
-If you enable this policy setting, you are able to specify how often the Persistent System Timestamp is refreshed and subsequently written to the disk. You can specify the Timestamp Interval in seconds.
+If you enable this policy setting, you're able to specify how often the Persistent System Timestamp is refreshed and then written to the disk. You can specify the Timestamp Interval in seconds.
 
-If you disable this policy setting, the Persistent System Timestamp is turned off and the timing of unexpected shutdowns is not recorded.
+If you disable this policy setting, the Persistent System Timestamp is turned off and the timing of unexpected shutdowns isn't recorded.
 
-If you do not configure this policy setting, the Persistent System Timestamp is refreshed according the default, which is every 60 seconds beginning with Windows Server 2003.
+If you don't configure this policy setting, the Persistent System Timestamp is refreshed according to the default, which is every 60 seconds beginning with Windows Server 2003.
 
 > [!NOTE]
 > This feature might interfere with power configuration settings that turn off hard disks after a period of inactivity. These power settings may be accessed in the Power Options Control Panel.
@@ -126,9 +126,9 @@ This policy setting controls whether or not unplanned shutdown events can be rep
 
 If you enable this policy setting, error reporting includes unplanned shutdown events.
 
-If you disable this policy setting, unplanned shutdown events are not included in error reporting.
+If you disable this policy setting, unplanned shutdown events aren't included in error reporting.
 
-If you do not configure this policy setting, users can adjust this setting using the control panel, which is set to "Upload unplanned shutdown events" by default.
+If you don't configure this policy setting, users can adjust this setting using the control panel, which is set to "Upload unplanned shutdown events" by default.
 
 Also see the "Configure Error Reporting" policy setting.
 
@@ -176,13 +176,13 @@ ADMX Info:
 <!--Description-->
 This policy setting defines when the Shutdown Event Tracker System State Data feature is activated.
 
-The system state data file contains information about the basic system state as well as the state of all running processes.
+The system state data file contains information about the basic system state and the state of all running processes.
 
 If you enable this policy setting, the System State Data feature is activated when the user indicates that the shutdown or restart is unplanned.
 
 If you disable this policy setting, the System State Data feature is never activated.
 
-If you do not configure this policy setting, the default behavior for the System State Data feature occurs.
+If you don't configure this policy setting, the default behavior for the System State Data feature occurs.
 
 
 <!--/Description-->
@@ -227,7 +227,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-The Shutdown Event Tracker can be displayed when you shut down a workstation or server.  This is an extra set of questions that is displayed when you invoke a shutdown to collect information related to why you are shutting down the computer.
+The Shutdown Event Tracker can be displayed when you shut down a workstation or server.  This tracker is an extra set of questions that is displayed when you invoke a shutdown to collect information related to why you're shutting down the computer.
 
 If you enable this setting and choose "Always" from the drop-down menu list, the Shutdown Event Tracker is displayed when the computer shuts down.
 
@@ -235,9 +235,9 @@ If you enable this policy setting and choose "Server Only" from the drop-down me
 
 If you enable this policy setting and choose "Workstation Only" from the drop-down menu list, the Shutdown Event Tracker is displayed when you shut down a computer running a client version of Windows. (See "Supported on" for supported versions.)
 
-If you disable this policy setting, the Shutdown Event Tracker is not displayed when you shut down the computer.
+If you disable this policy setting, the Shutdown Event Tracker isn't displayed when you shut down the computer.
 
-If you do not configure this policy setting, the default behavior for the Shutdown Event Tracker occurs.
+If you don't configure this policy setting, the default behavior for the Shutdown Event Tracker occurs.
 
 > [!NOTE]
 > By default, the Shutdown Event Tracker is only displayed on computers running Windows Server.

From b65b89a1eac4157e503e3142ec6c96f83cd19453 Mon Sep 17 00:00:00 2001
From: Siddarth Mandalika <v-smandalika@microsoft.com>
Date: Wed, 16 Mar 2022 12:51:26 +0530
Subject: [PATCH 029/123] Acrolinx enhancement effort

---
 .../mdm/policy-csp-admx-remoteassistance.md   |  6 +--
 .../mdm/policy-csp-admx-rpc.md                | 18 +++----
 .../mdm/policy-csp-admx-scripts.md            | 48 +++++++++----------
 .../mdm/policy-csp-admx-sdiagschd.md          |  4 +-
 .../mdm/policy-csp-admx-securitycenter.md     |  6 +--
 5 files changed, 41 insertions(+), 41 deletions(-)

diff --git a/windows/client-management/mdm/policy-csp-admx-remoteassistance.md b/windows/client-management/mdm/policy-csp-admx-remoteassistance.md
index bff298711a..31a892b671 100644
--- a/windows/client-management/mdm/policy-csp-admx-remoteassistance.md
+++ b/windows/client-management/mdm/policy-csp-admx-remoteassistance.md
@@ -63,13 +63,13 @@ manager: dansimp
 
 <!--/Scope-->
 <!--Description-->
-This policy setting enables Remote Assistance invitations to be generated with improved encryption so that only computers running this version (or later versions) of the operating system can connect. This policy setting does not affect Remote Assistance connections that are initiated by instant messaging contacts or the unsolicited Offer Remote Assistance.
+This policy setting enables Remote Assistance invitations to be generated with improved encryption so that only computers running this version (or later versions) of the operating system can connect. This policy setting doesn't affect Remote Assistance connections that are initiated by instant messaging contacts or the unsolicited Offer Remote Assistance.
 
 If you enable this policy setting, only computers running this version (or later versions) of the operating system can connect to this computer.
 
 If you disable this policy setting, computers running this version and a previous version of the operating system can connect to this computer.
 
-If you do not configure this policy setting, users can configure the setting in System Properties in the Control Panel.
+If you don't configure this policy setting, users can configure the setting in System Properties in the Control Panel.
 
 <!--/Description-->
 
@@ -133,7 +133,7 @@ If you enable this policy setting, bandwidth optimization occurs at the level sp
 
 If you disable this policy setting, application-based settings are used.
 
-If you do not configure this policy setting, application-based settings are used.
+If you don't configure this policy setting, application-based settings are used.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-rpc.md b/windows/client-management/mdm/policy-csp-admx-rpc.md
index 8d55a90e21..24ee32b891 100644
--- a/windows/client-management/mdm/policy-csp-admx-rpc.md
+++ b/windows/client-management/mdm/policy-csp-admx-rpc.md
@@ -75,7 +75,7 @@ Extended error information includes the local time that the error occurred, the
 
 If you disable this policy setting, the RPC Runtime only generates a status code to indicate an error condition.
 
-If you do not configure this policy setting, it remains disabled.  It will only generate a status code to indicate an error condition.
+If you don't configure this policy setting, it remains disabled.  It will only generate a status code to indicate an error condition.
 
 If you enable this policy setting, the RPC runtime will generate extended error information.
 
@@ -136,17 +136,17 @@ ADMX Info:
 <!--Description-->
 This policy setting controls whether the RPC Runtime ignores delegation failures when delegation is requested.
 
-The constrained delegation model, introduced in Windows Server 2003, does not report that delegation was enabled on a security context when a client connects to a server. Callers of RPC and COM are encouraged to use the RPC_C_QOS_CAPABILITIES_IGNORE_DELEGATE_FAILURE flag, but some applications written for the traditional delegation model prior to Windows Server 2003 may not use this flag and will encounter RPC_S_SEC_PKG_ERROR when connecting to a server that uses constrained delegation.
+The constrained delegation model, introduced in Windows Server 2003, doesn't report that delegation was enabled on a security context when a client connects to a server. Callers of RPC and COM are encouraged to use the RPC_C_QOS_CAPABILITIES_IGNORE_DELEGATE_FAILURE flag, but some applications written for the traditional delegation model prior to Windows Server 2003 may not use this flag and will encounter RPC_S_SEC_PKG_ERROR when connecting to a server that uses constrained delegation.
 
 If you disable this policy setting, the RPC Runtime will generate RPC_S_SEC_PKG_ERROR errors to applications that ask for delegation and connect to servers using constrained delegation. 
 
-If you do not configure this policy setting, it remains disabled and will generate RPC_S_SEC_PKG_ERROR errors to applications that ask for delegation and connect to servers using constrained delegation.
+If you don't configure this policy setting, it remains disabled and will generate RPC_S_SEC_PKG_ERROR errors to applications that ask for delegation and connect to servers using constrained delegation.
 
 If you enable this policy setting, then:
 
-- "Off" directs the RPC Runtime to generate RPC_S_SEC_PKG_ERROR if the client asks for delegation, but the created security context does not support delegation.
+- "Off" directs the RPC Runtime to generate RPC_S_SEC_PKG_ERROR if the client asks for delegation, but the created security context doesn't support delegation.
 
-- "On" directs the RPC Runtime to accept security contexts that do not support delegation even if delegation was asked for.
+- "On" directs the RPC Runtime to accept security contexts that don't support delegation even if delegation was asked for.
 
 > [!NOTE]
 > This policy setting will not be applied until the system is rebooted.
@@ -202,7 +202,7 @@ The minimum allowed value for this policy setting is 90 seconds. The maximum is
 
 If you disable this policy setting, the idle connection timeout on the IIS server running the RPC HTTP proxy will be used.
 
-If you do not configure this policy setting, it will remain disabled.  The idle connection timeout on the IIS server running the RPC HTTP proxy will be used.
+If you don't configure this policy setting, it will remain disabled.  The idle connection timeout on the IIS server running the RPC HTTP proxy will be used.
 
 If you enable this policy setting, and the IIS server running the RPC HTTP proxy is configured with a lower idle connection timeout, the timeout on the IIS server is used. Otherwise, the provided timeout value is used. The timeout is given in seconds.
 
@@ -253,11 +253,11 @@ This policy setting determines whether the RPC Runtime maintains RPC state infor
 
 If you disable this policy setting, the RPC runtime defaults to "Auto2" level.
 
-If you do not configure this policy setting, the RPC  defaults to "Auto2" level. 
+If you don't configure this policy setting, the RPC  defaults to "Auto2" level. 
 
 If you enable this policy setting, you can use the drop-down box to determine which systems maintain RPC state information.
 
-- "None" indicates that the system does not maintain any RPC state information. Note: Because the basic state information required for troubleshooting has a negligible effect on performance and uses only about 4K of memory, this setting is not recommended for most installations.
+- "None" indicates that the system doesn't maintain any RPC state information. Note: Because the basic state information required for troubleshooting has a negligible effect on performance and uses only about 4K of memory, this setting isn't recommended for most installations.
 
 - "Auto1" directs RPC to maintain basic state information only if the computer has at least 64 MB of memory.
 
@@ -265,7 +265,7 @@ If you enable this policy setting, you can use the drop-down box to determine wh
 
 - "Server" directs RPC to maintain basic state information on the computer, regardless of its capacity.
 
-- "Full" directs RPC to maintain complete RPC state information on the system, regardless of its capacity. Because this level can degrade performance, it is recommended for use only while you are investigating an RPC problem.
+- "Full" directs RPC to maintain complete RPC state information on the system, regardless of its capacity. Because this level can degrade performance, it's recommended for use only while you're investigating an RPC problem.
 
 > [!NOTE]
 > To retrieve the RPC state information from a system that maintains it, you must use a debugging tool.
diff --git a/windows/client-management/mdm/policy-csp-admx-scripts.md b/windows/client-management/mdm/policy-csp-admx-scripts.md
index 82a3cfd387..46d2eeb48e 100644
--- a/windows/client-management/mdm/policy-csp-admx-scripts.md
+++ b/windows/client-management/mdm/policy-csp-admx-scripts.md
@@ -93,11 +93,11 @@ manager: dansimp
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows user logon scripts to run when the logon cross-forest, DNS suffixes are not configured, and NetBIOS or WINS is disabled. This policy setting affects all user accounts interactively logging on to the computer.
+This policy setting allows user logon scripts to run when the logon cross-forest, DNS suffixes aren't configured, and NetBIOS or WINS is disabled. This policy setting affects all user accounts interactively logging on to the computer.
 
 If you enable this policy setting, user logon scripts run if NetBIOS or WINS is disabled during cross-forest logons without the DNS suffixes being configured.
 
-If you disable or do not configure this policy setting, user account cross-forest, interactive logging cannot run logon scripts if NetBIOS or WINS is disabled, and the DNS suffixes are not configured.
+If you disable or don't configure this policy setting, user account cross-forest, interactive logging can't run logon scripts if NetBIOS or WINS is disabled, and the DNS suffixes aren't configured.
 
 <!--/Description-->
 
@@ -141,15 +141,15 @@ ADMX Info:
 <!--Description-->
 This policy setting determines how long the system waits for scripts applied by Group Policy to run. 
 
-This setting limits the total time allowed for all logon, logoff, startup, and shutdown scripts applied by Group Policy to finish running. If the scripts have not finished running when the specified time expires, the system stops script processing and records an error event.
+This setting limits the total time allowed for all logon, logoff, startup, and shutdown scripts applied by Group Policy to finish running. If the scripts haven't finished running when the specified time expires, the system stops script processing and records an error event.
 
 If you enable this setting, then, in the Seconds box, you can type a number from 1 to 32,000 for the number of seconds you want the system to wait for the set of scripts to finish. To direct the system to wait until the scripts have finished, no matter how long they take, type 0. 
 
-This interval is particularly important when other system tasks must wait while the scripts complete. By default, each startup script must complete before the next one runs. Also, you can use the "Run logon scripts synchronously" setting to direct the system to wait for the logon scripts to complete before loading the desktop. 
+This interval is important when other system tasks must wait while the scripts complete. By default, each startup script must complete before the next one runs. Also, you can use the "Run logon scripts synchronously" setting to direct the system to wait for the logon scripts to complete before loading the desktop. 
 
 An excessively long interval can delay the system and inconvenience users. However, if the interval is too short, prerequisite tasks might not be done, and the system can appear to be ready prematurely.
 
-If you disable or do not configure this setting the system lets the combined set of scripts run for up to 600 seconds (10 minutes). This is the default.
+If you disable or don't configure this setting, the system lets the combined set of scripts run for up to 600 seconds (10 minutes). This value is the default value.
 
 <!--/Description-->
 
@@ -262,11 +262,11 @@ ADMX Info:
 <!--Description-->
 This policy setting hides the instructions in logon scripts written for Windows NT 4.0 and earlier. 
 
-Logon scripts are batch files of instructions that run when the user logs on. By default, Windows displays the instructions in logon scripts written for Windows NT 4.0 and earlier in a command window as they run, although it does not display logon scripts written for Windows.
+Logon scripts are batch files of instructions that run when the user logs on. By default, Windows displays the instructions in logon scripts written for Windows NT 4.0 and earlier in a command window as they run, although it doesn't display logon scripts written for Windows.
 
-If you enable this setting, Windows does not display logon scripts written for Windows NT 4.0 and earlier.
+If you enable this setting, Windows doesn't display logon scripts written for Windows NT 4.0 and earlier.
 
-If you disable or do not configure this policy setting, Windows displays login scripts written for Windows NT 4.0 and earlier.
+If you disable or don't configure this policy setting, Windows displays login scripts written for Windows NT 4.0 and earlier.
 
 Also, see the "Run Logon Scripts Visible" setting.
 
@@ -312,11 +312,11 @@ ADMX Info:
 <!--Description-->
 This policy setting displays the instructions in logoff scripts as they run.
 
-Logoff scripts are batch files of instructions that run when the user logs off. By default, the system does not display the instructions in the logoff script.
+Logoff scripts are batch files of instructions that run when the user signs out. By default, the system doesn't display the instructions in the logoff script.
 
 If you enable this policy setting, the system displays each instruction in the logoff script as it runs. The instructions appear in a command window. This policy setting is designed for advanced users.
 
-If you disable or do not configure this policy setting, the instructions are suppressed.
+If you disable or don't configure this policy setting, the instructions are suppressed.
 
 <!--/Description-->
 
@@ -360,9 +360,9 @@ ADMX Info:
 <!--Description-->
 This policy setting directs the system to wait for logon scripts to finish running before it starts the File Explorer interface program and creates the desktop.
 
-If you enable this policy setting, File Explorer does not start until the logon scripts have finished running. This policy setting ensures that logon script processing is complete before the user starts working, but it can delay the appearance of the desktop.
+If you enable this policy setting, File Explorer doesn't start until the logon scripts have finished running. This policy setting ensures that logon script processing is complete before the user starts working, but it can delay the appearance of the desktop.
 
-If you disable or do not configure this policy setting, the logon scripts and File Explorer are not synchronized and can run simultaneously.
+If you disable or don't configure this policy setting, the logon scripts and File Explorer aren't synchronized and can run simultaneously.
 
 This policy setting appears in the Computer Configuration and User Configuration folders. The policy setting set in Computer Configuration takes precedence over the policy setting set in User Configuration.
 
@@ -408,9 +408,9 @@ ADMX Info:
 <!--Description-->
 This policy setting directs the system to wait for logon scripts to finish running before it starts the File Explorer interface program and creates the desktop.
 
-If you enable this policy setting, File Explorer does not start until the logon scripts have finished running. This policy setting ensures that logon script processing is complete before the user starts working, but it can delay the appearance of the desktop.
+If you enable this policy setting, File Explorer doesn't start until the logon scripts have finished running. This policy setting ensures that logon script processing is complete before the user starts working, but it can delay the appearance of the desktop.
 
-If you disable or do not configure this policy setting, the logon scripts and File Explorer are not synchronized and can run simultaneously.
+If you disable or don't configure this policy setting, the logon scripts and File Explorer aren't synchronized and can run simultaneously.
 
 This policy setting appears in the Computer Configuration and User Configuration folders. The policy setting set in Computer Configuration takes precedence over the policy setting set in User Configuration.
 
@@ -456,11 +456,11 @@ ADMX Info:
 <!--Description-->
 This policy setting displays the instructions in logon scripts as they run.
 
-Logon scripts are batch files of instructions that run when the user logs on. By default, the system does not display the instructions in logon scripts.
+Logon scripts are batch files of instructions that run when the user logs on. By default, the system doesn't display the instructions in logon scripts.
 
 If you enable this policy setting, the system displays each instruction in the logon script as it runs. The instructions appear in a command window. This policy setting is designed for advanced users.
 
-If you disable or do not configure this policy setting, the instructions are suppressed.
+If you disable or don't configure this policy setting, the instructions are suppressed.
 
 <!--/Description-->
 
@@ -504,11 +504,11 @@ ADMX Info:
 <!--Description-->
 This policy setting displays the instructions in shutdown scripts as they run.
 
-Shutdown scripts are batch files of instructions that run when the user restarts the system or shuts it down. By default, the system does not display the instructions in the shutdown script.
+Shutdown scripts are batch files of instructions that run when the user restarts the system or shuts it down. By default, the system doesn't display the instructions in the shutdown script.
 
 If you enable this policy setting, the system displays each instruction in the shutdown script as it runs. The instructions appear in a command window.
 
-If you disable or do not configure this policy setting, the instructions are suppressed.
+If you disable or don't configure this policy setting, the instructions are suppressed.
 
 <!--/Description-->
 
@@ -554,9 +554,9 @@ This policy setting lets the system run startup scripts simultaneously.
 
 Startup scripts are batch files that run before the user is invited to log on. By default, the system waits for each startup script to complete before it runs the next startup script.
 
-If you enable this policy setting, the system does not coordinate the running of startup scripts. As a result, startup scripts can run simultaneously.
+If you enable this policy setting, the system doesn't coordinate the running of startup scripts. As a result, startup scripts can run simultaneously.
 
-If you disable or do not configure this policy setting, a startup cannot run until the previous script is complete.
+If you disable or don't configure this policy setting, a startup can't run until the previous script is complete.
 
 > [!NOTE]
 > Starting with Windows Vista operating system, scripts that are configured to run asynchronously are no longer visible on startup, whether the "Run startup scripts visible" policy setting is enabled or not.
@@ -603,11 +603,11 @@ ADMX Info:
 <!--Description-->
 This policy setting displays the instructions in startup scripts as they run.
 
-Startup scripts are batch files of instructions that run before the user is invited to log on. By default, the system does not display the instructions in the startup script.
+Startup scripts are batch files of instructions that run before the user is invited to sign in. By default, the system doesn't display the instructions in the startup script.
 
 If you enable this policy setting, the system displays each instruction in the startup script as it runs. Instructions appear in a command window. This policy setting is designed for advanced users.
 
-If you disable or do not configure this policy setting, the instructions are suppressed.
+If you disable or don't configure this policy setting, the instructions are suppressed.
 
 > [!NOTE]
 > Starting with Windows Vista operating system, scripts that are configured to run asynchronously are no longer visible on startup, whether this policy setting is enabled or not.
@@ -653,9 +653,9 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting determines whether Windows PowerShell scripts are run before non-Windows PowerShell scripts during user logon and logoff. By default, Windows PowerShell scripts run after non-Windows PowerShell scripts. 
+This policy setting determines whether Windows PowerShell scripts are run before non-Windows PowerShell scripts during user sign in and sign out. By default, Windows PowerShell scripts run after non-Windows PowerShell scripts. 
  
-If you enable this policy setting, within each applicable Group Policy Object (GPO), PowerShell scripts are run before non-PowerShell scripts during user logon and logoff. 
+If you enable this policy setting, within each applicable Group Policy Object (GPO), PowerShell scripts are run before non-PowerShell scripts during user sign in and sign out. 
 
 For example, assume the following scenario: 
 
diff --git a/windows/client-management/mdm/policy-csp-admx-sdiagschd.md b/windows/client-management/mdm/policy-csp-admx-sdiagschd.md
index 3a414ed8e5..31c0354809 100644
--- a/windows/client-management/mdm/policy-csp-admx-sdiagschd.md
+++ b/windows/client-management/mdm/policy-csp-admx-sdiagschd.md
@@ -68,9 +68,9 @@ This policy determines whether scheduled diagnostics will run to proactively det
 If you choose detection and troubleshooting only, Windows will periodically detect and troubleshoot problems. The user will be notified of the problem for interactive resolution. 
 If you choose detection, troubleshooting and resolution, Windows will resolve some of these problems silently without requiring user input. 
 
-- If you disable this policy setting, Windows will not be able to detect, troubleshoot or resolve problems on a scheduled basis. 
+- If you disable this policy setting, Windows won't be able to detect, troubleshoot or resolve problems on a scheduled basis. 
 
-If you do not configure this policy setting, local troubleshooting preferences will take precedence, as configured in the control panel. If no local troubleshooting preference is configured, scheduled diagnostics are enabled for detection, troubleshooting and resolution by default. No reboots or service restarts are required for this policy to take effect: changes take effect immediately. This policy setting will only take effect when the Task Scheduler service is in the running state. When the service is stopped or disabled, scheduled diagnostics will not be executed.  The Task Scheduler service can be configured with the Services snap-in to the Microsoft Management Console.
+If you don't configure this policy setting, local troubleshooting preferences will take precedence, as configured in the control panel. If no local troubleshooting preference is configured, scheduled diagnostics are enabled for detection, troubleshooting and resolution by default. No reboots or service restarts are required for this policy to take effect: changes take effect immediately. This policy setting will only take effect when the Task Scheduler service is in the running state. When the service is stopped or disabled, scheduled diagnostics won't be executed.  The Task Scheduler service can be configured with the Services snap-in to the Microsoft Management Console.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-securitycenter.md b/windows/client-management/mdm/policy-csp-admx-securitycenter.md
index ae470ea353..92746a10df 100644
--- a/windows/client-management/mdm/policy-csp-admx-securitycenter.md
+++ b/windows/client-management/mdm/policy-csp-admx-securitycenter.md
@@ -60,11 +60,11 @@ manager: dansimp
 
 <!--/Scope-->
 <!--Description-->
- This policy setting specifies whether Security Center is turned on or off for computers that are joined to an Active Directory domain. When Security Center is turned on, it monitors essential security settings and notifies the user when the computer might be at risk. The Security Center Control Panel category view also contains a status section, where the user can get recommendations to help increase the computer's security. When Security Center is not enabled on the domain, neither the notifications nor the Security Center status section are displayed. 
+This policy setting specifies whether Security Center is turned on or off for computers that are joined to an Active Directory domain. When Security Center is turned on, it monitors essential security settings and notifies the user when the computer might be at risk. The Security Center Control Panel category view also contains a status section, where the user can get recommendations to help increase the computer's security. When Security Center isn't enabled on the domain, the notifications and the Security Center status section aren't displayed. 
 
-Note that Security Center can only be turned off for computers that are joined to a Windows domain. When a computer is not joined to a Windows domain, the policy setting will have no effect.
+Security Center can only be turned off for computers that are joined to a Windows domain. When a computer isn't joined to a Windows domain, the policy setting will have no effect.
 
-If you do not configure this policy setting, the Security Center is turned off for domain members. 
+If you don't configure this policy setting, the Security Center is turned off for domain members. 
 
 If you enable this policy setting, Security Center is turned on for all users. 
 

From cdb98c9186955867217fefc11348267a8705b50e Mon Sep 17 00:00:00 2001
From: Siddarth Mandalika <v-smandalika@microsoft.com>
Date: Wed, 16 Mar 2022 17:43:44 +0530
Subject: [PATCH 030/123] Acrolinx

---
 .../mdm/policy-csp-admx-servermanager.md      | 26 +++++++-------
 .../mdm/policy-csp-admx-servicing.md          |  4 +--
 .../mdm/policy-csp-admx-settingsync.md        | 34 +++++++++----------
 3 files changed, 32 insertions(+), 32 deletions(-)

diff --git a/windows/client-management/mdm/policy-csp-admx-servermanager.md b/windows/client-management/mdm/policy-csp-admx-servermanager.md
index ca95276d8d..8bb98497e4 100644
--- a/windows/client-management/mdm/policy-csp-admx-servermanager.md
+++ b/windows/client-management/mdm/policy-csp-admx-servermanager.md
@@ -70,13 +70,13 @@ manager: dansimp
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to turn off the automatic display of Server Manager at logon.  
+This policy setting allows you to turn off the automatic display of Server Manager at a sign in.  
 
-- If you enable this policy setting, Server Manager is not displayed automatically when a user logs on to the server.  
+- If you enable this policy setting, Server Manager isn't displayed automatically when a user signs in to the server.  
 
-- If you disable this policy setting, Server Manager is displayed automatically when a user logs on to the server.  
+- If you disable this policy setting, Server Manager is displayed automatically when a user signs in to the server.  
 
-If you do not configure this policy setting, Server Manager is displayed when a user logs on to the server. However, if the "Do not show me this console at logon" (Windows Server 2008 and Windows Server 2008 R2) or “Do not start Server Manager automatically at logon” (Windows Server 2012) option is selected, the console is not displayed automatically at logon.  
+If you don't configure this policy setting, Server Manager is displayed when a user signs in to the server. However, if the "Do not show me this console at logon" (Windows Server 2008 and Windows Server 2008 R2) or “Do not start Server Manager automatically at logon” (Windows Server 2012) option is selected, the console isn't displayed automatically at a sign in.  
 
 > [!NOTE]
 > Regardless of the status of this policy setting, Server Manager is available from the Start menu or the Windows taskbar.
@@ -122,11 +122,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to set the refresh interval for Server Manager. Each refresh provides Server Manager with updated information about which roles and features are installed on servers that you are managing by using Server Manager. Server Manager also monitors the status of roles and features installed on managed servers.  
+This policy setting allows you to set the refresh interval for Server Manager. Each refresh provides Server Manager with updated information about which roles and features are installed on servers that you're managing by using Server Manager. Server Manager also monitors the status of roles and features installed on managed servers.  
 
 - If you enable this policy setting, Server Manager uses the refresh interval specified in the policy setting instead of the “Configure Refresh Interval” setting (in Windows Server 2008 and Windows Server 2008 R2), or the “Refresh the data shown in Server Manager every [x] [minutes/hours/days]” setting (in Windows Server 2012) that is configured in the Server Manager console.  
 
-- If you disable this policy setting, Server Manager does not refresh automatically. If you do not configure this policy setting, Server Manager uses the refresh interval settings that are specified in the Server Manager console.  
+- If you disable this policy setting, Server Manager doesn't refresh automatically. If you don't configure this policy setting, Server Manager uses the refresh interval settings that are specified in the Server Manager console.  
 
 > [!NOTE]
 > The default refresh interval for Server Manager is two minutes in Windows Server 2008 and Windows Server 2008 R2, or 10 minutes in Windows Server 2012.
@@ -172,13 +172,13 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to turn off the automatic display of the Initial Configuration Tasks window at logon on Windows Server 2008 and Windows Server 2008 R2.  
+This policy setting allows you to turn off the automatic display of the Initial Configuration Tasks window at a sign in on Windows Server 2008 and Windows Server 2008 R2.  
 
-- If you enable this policy setting, the Initial Configuration Tasks window is not displayed when an administrator logs on to the server.  
+- If you enable this policy setting, the Initial Configuration Tasks window isn't displayed when an administrator signs in to the server.  
 
-- If you disable this policy setting, the Initial Configuration Tasks window is displayed when an administrator logs on to the server.
+- If you disable this policy setting, the Initial Configuration Tasks window is displayed when an administrator signs in to the server.
 
-If you do not configure this policy setting, the Initial Configuration Tasks window is displayed when an administrator logs on to the server. However, if an administrator selects the "Do not show this window at logon" option, the window is not displayed on subsequent logons.
+If you don't configure this policy setting, the Initial Configuration Tasks window is displayed when an administrator signs in to the server. However, if an administrator selects the "Do not show this window at logon" option, the window isn't displayed on subsequent logons.
 
 <!--/Description-->
 
@@ -222,11 +222,11 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to turn off the automatic display of the Manage Your Server page.  
 
-- If you enable this policy setting, the Manage Your Server page is not displayed each time an administrator logs on to the server.  
+- If you enable this policy setting, the Manage Your Server page isn't displayed each time an administrator signs in to the server.  
 
-- If you disable or do not configure this policy setting, the Manage Your Server page is displayed each time an administrator logs on to the server. 
+- If you disable or don't configure this policy setting, the Manage Your Server page is displayed each time an administrator signs in to the server. 
 
-However, if the administrator has selected the "Don’t display this page at logon" option at the bottom of the Manage Your Server page, the page is not displayed.
+However, if the administrator has selected the "Don’t display this page at logon" option at the bottom of the Manage Your Server page, the page isn't displayed.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-servicing.md b/windows/client-management/mdm/policy-csp-admx-servicing.md
index 25ffa880c7..a995b45573 100644
--- a/windows/client-management/mdm/policy-csp-admx-servicing.md
+++ b/windows/client-management/mdm/policy-csp-admx-servicing.md
@@ -59,9 +59,9 @@ This policy setting specifies the network locations that will be used for the re
 
 If you enable this policy setting and specify the new location, the files in that location will be used to repair operating system corruption and for enabling optional features that have had their payload files removed. You must enter the fully qualified path to the new location in the "Alternate source file path" text box. Multiple locations can be specified when each path is separated by a semicolon. 
 
-The network location can be either a folder, or a WIM file. If it is a WIM file, the location should be specified by prefixing the path with “wim:” and include the index of the image to use in the WIM file. For example “wim:\\server\share\install.wim:3”.
+The network location can be either a folder, or a WIM file. If it's a WIM file, the location should be specified by prefixing the path with “wim:” and include the index of the image to use in the WIM file, for example, “wim:\\server\share\install.wim:3”.
 
-If you disable or do not configure this policy setting, or if the required files cannot be found at the locations specified in this policy setting, the files will be downloaded from Windows Update, if that is allowed by the policy settings for the computer.
+If you disable or don't configure this policy setting, or if the required files can't be found at the locations specified in this policy setting, the files will be downloaded from Windows Update, if that is allowed by the policy settings for the computer.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-settingsync.md b/windows/client-management/mdm/policy-csp-admx-settingsync.md
index fa9ac041c3..a89b6d8cc0 100644
--- a/windows/client-management/mdm/policy-csp-admx-settingsync.md
+++ b/windows/client-management/mdm/policy-csp-admx-settingsync.md
@@ -86,11 +86,11 @@ manager: dansimp
 <!--Description-->
 Prevent the "AppSync" group from syncing to and from this PC. This turns off and disables the "AppSync" group on the "sync your settings" page in PC settings.
 
-If you enable this policy setting, the "AppSync" group will not be synced.
+If you enable this policy setting, the "AppSync" group won't be synced.
 
 Use the option "Allow users to turn app syncing on" so that syncing it turned off by default but not disabled.
 
-If you do not set or disable this setting, syncing of the "AppSync" group is on by default and configurable by the user.
+If you don't set or disable this setting, syncing of the "AppSync" group is on by default and configurable by the user.
 
 <!--/Description-->
 
@@ -134,11 +134,11 @@ ADMX Info:
 <!--Description-->
 Prevent the "app settings" group from syncing to and from this PC. This turns off and disables the "app settings" group on the "sync your settings" page in PC settings.
 
-If you enable this policy setting, the "app settings" group will not be synced.
+If you enable this policy setting, the "app settings" group won't be synced.
 
 Use the option "Allow users to turn app settings syncing on" so that syncing it turned off by default but not disabled.
 
-If you do not set or disable this setting, syncing of the "app settings" group is on by default and configurable by the user.
+If you don't set or disable this setting, syncing of the "app settings" group is on by default and configurable by the user.
 
 <!--/Description-->
 
@@ -182,11 +182,11 @@ ADMX Info:
 <!--Description-->
 Prevent the "passwords" group from syncing to and from this PC. This turns off and disables the "passwords" group on the "sync your settings" page in PC settings.
 
-If you enable this policy setting, the "passwords" group will not be synced.
+If you enable this policy setting, the "passwords" group won't be synced.
 
 Use the option "Allow users to turn passwords syncing on" so that syncing it turned off by default but not disabled.
 
-If you do not set or disable this setting, syncing of the "passwords" group is on by default and configurable by the user.
+If you don't set or disable this setting, syncing of the "passwords" group is on by default and configurable by the user.
 
 <!--/Description-->
 
@@ -230,11 +230,11 @@ ADMX Info:
 <!--Description-->
 Prevent the "desktop personalization" group from syncing to and from this PC. This turns off and disables the "desktop personalization" group on the "sync your settings" page in PC settings.
 
-If you enable this policy setting, the "desktop personalization" group will not be synced.
+If you enable this policy setting, the "desktop personalization" group won't be synced.
 
 Use the option "Allow users to turn desktop personalization syncing on" so that syncing it turned off by default but not disabled.
 
-If you do not set or disable this setting, syncing of the "desktop personalization" group is on by default and configurable by the user.
+If you don't set or disable this setting, syncing of the "desktop personalization" group is on by default and configurable by the user.
 
 <!--/Description-->
 
@@ -278,11 +278,11 @@ ADMX Info:
 <!--Description-->
 Prevent the "personalize" group from syncing to and from this PC. This turns off and disables the "personalize" group on the "sync your settings" page in PC settings.
 
-If you enable this policy setting, the "personalize" group will not be synced.
+If you enable this policy setting, the "personalize" group won't be synced.
 
 Use the option "Allow users to turn personalize syncing on" so that syncing it turned off by default but not disabled.
 
-If you do not set or disable this setting, syncing of the "personalize" group is on by default and configurable by the user.
+If you don't set or disable this setting, syncing of the "personalize" group is on by default and configurable by the user.
 
 <!--/Description-->
 
@@ -330,7 +330,7 @@ If you enable this policy setting, "sync your settings" will be turned off, and
 
 Use the option "Allow users to turn syncing on" so that syncing it turned off by default but not disabled.
 
-If you do not set or disable this setting, "sync your settings" is on by default and configurable by the user.
+If you don't set or disable this setting, "sync your settings" is on by default and configurable by the user.
 
 <!--/Description-->
 
@@ -374,11 +374,11 @@ ADMX Info:
 <!--Description-->
 Prevent the "Start layout" group from syncing to and from this PC. This turns off and disables the "Start layout" group on the "sync your settings" page in PC settings.
 
-If you enable this policy setting, the "Start layout" group will not be synced.
+If you enable this policy setting, the "Start layout" group won't be synced.
 
-Use the option "Allow users to turn start syncing on" so that syncing is turned off by default but not disabled.
+Use the option "Allow users to turn on start syncing" so that syncing is turned off by default but not disabled.
 
-If you do not set or disable this setting, syncing of the "Start layout" group is on by default and configurable by the user.
+If you don't set or disable this setting, syncing of the "Start layout" group is on by default and configurable by the user.
 
 <!--/Description-->
 
@@ -424,7 +424,7 @@ Prevent syncing to and from this PC when on metered Internet connections. This t
 
 If you enable this policy setting, syncing on metered connections will be turned off, and no syncing will take place when this PC is on a metered connection.
 
-If you do not set or disable this setting, syncing on metered connections is configurable by the user.
+If you don't set or disable this setting, syncing on metered connections is configurable by the user.
 
 <!--/Description-->
 
@@ -468,11 +468,11 @@ ADMX Info:
 <!--Description-->
 Prevent the "Other Windows settings" group from syncing to and from this PC.  This turns off and disables the "Other Windows settings" group on the "sync your settings" page in PC settings.
 
-If you enable this policy setting, the "Other Windows settings" group will not be synced.
+If you enable this policy setting, the "Other Windows settings" group won't be synced.
 
 Use the option "Allow users to turn other Windows settings syncing on" so that syncing it turned off by default but not disabled.
 
-If you do not set or disable this setting, syncing of the "Other Windows settings" group is on by default and configurable by the user.
+If you don't set or disable this setting, syncing of the "Other Windows settings" group is on by default and configurable by the user.
 
 <!--/Description-->
 

From ec7eb51e327b45fd9349c9966664bfa63c177bed Mon Sep 17 00:00:00 2001
From: Siddarth Mandalika <v-smandalika@microsoft.com>
Date: Thu, 17 Mar 2022 17:10:12 +0530
Subject: [PATCH 031/123] Acrolinx Enhancement effort

---
 .../mdm/policy-csp-admx-settingsync.md        |  18 +-
 .../mdm/policy-csp-admx-sharing.md            |   4 +-
 ...csp-admx-shellcommandpromptregedittools.md |  22 +-
 .../mdm/policy-csp-admx-smartcard.md          |  78 ++---
 .../mdm/policy-csp-admx-srmfci.md             |   6 +-
 .../mdm/policy-csp-admx-startmenu.md          | 270 +++++++++---------
 .../mdm/policy-csp-admx-tabletshell.md        |   8 +-
 .../mdm/policy-csp-admx-taskbar.md            |  83 +++---
 8 files changed, 246 insertions(+), 243 deletions(-)

diff --git a/windows/client-management/mdm/policy-csp-admx-settingsync.md b/windows/client-management/mdm/policy-csp-admx-settingsync.md
index a89b6d8cc0..9d61845ecc 100644
--- a/windows/client-management/mdm/policy-csp-admx-settingsync.md
+++ b/windows/client-management/mdm/policy-csp-admx-settingsync.md
@@ -84,7 +84,7 @@ manager: dansimp
 
 <!--/Scope-->
 <!--Description-->
-Prevent the "AppSync" group from syncing to and from this PC. This turns off and disables the "AppSync" group on the "sync your settings" page in PC settings.
+Prevent the "AppSync" group from syncing to and from this PC. This option turns off and disables the "AppSync" group on the "sync your settings" page in PC settings.
 
 If you enable this policy setting, the "AppSync" group won't be synced.
 
@@ -132,7 +132,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Prevent the "app settings" group from syncing to and from this PC. This turns off and disables the "app settings" group on the "sync your settings" page in PC settings.
+Prevent the "app settings" group from syncing to and from this PC. This option turns off and disables the "app settings" group on the "sync your settings" page in PC settings.
 
 If you enable this policy setting, the "app settings" group won't be synced.
 
@@ -180,7 +180,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Prevent the "passwords" group from syncing to and from this PC. This turns off and disables the "passwords" group on the "sync your settings" page in PC settings.
+Prevent the "passwords" group from syncing to and from this PC. This option turns off and disables the "passwords" group on the "sync your settings" page in PC settings.
 
 If you enable this policy setting, the "passwords" group won't be synced.
 
@@ -228,7 +228,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Prevent the "desktop personalization" group from syncing to and from this PC. This turns off and disables the "desktop personalization" group on the "sync your settings" page in PC settings.
+Prevent the "desktop personalization" group from syncing to and from this PC. This option turns off and disables the "desktop personalization" group on the "sync your settings" page in PC settings.
 
 If you enable this policy setting, the "desktop personalization" group won't be synced.
 
@@ -276,7 +276,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Prevent the "personalize" group from syncing to and from this PC. This turns off and disables the "personalize" group on the "sync your settings" page in PC settings.
+Prevent the "personalize" group from syncing to and from this PC. This option turns off and disables the "personalize" group on the "sync your settings" page in PC settings.
 
 If you enable this policy setting, the "personalize" group won't be synced.
 
@@ -324,7 +324,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Prevent syncing to and from this PC. This turns off and disables the "sync your settings" switch on the "sync your settings" page in PC Settings.
+Prevent syncing to and from this PC. This option turns off and disables the "sync your settings" switch on the "sync your settings" page in PC Settings.
 
 If you enable this policy setting, "sync your settings" will be turned off, and none of the "sync your setting" groups will be synced on this PC.
 
@@ -372,7 +372,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Prevent the "Start layout" group from syncing to and from this PC. This turns off and disables the "Start layout" group on the "sync your settings" page in PC settings.
+Prevent the "Start layout" group from syncing to and from this PC. This option turns off and disables the "Start layout" group on the "sync your settings" page in PC settings.
 
 If you enable this policy setting, the "Start layout" group won't be synced.
 
@@ -420,7 +420,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Prevent syncing to and from this PC when on metered Internet connections. This turns off and disables "sync your settings on metered connections" switch on the "sync your settings" page in PC Settings.
+Prevent syncing to and from this PC when on metered Internet connections. This option turns off and disables "sync your settings on metered connections" switch on the "sync your settings" page in PC Settings.
 
 If you enable this policy setting, syncing on metered connections will be turned off, and no syncing will take place when this PC is on a metered connection.
 
@@ -466,7 +466,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Prevent the "Other Windows settings" group from syncing to and from this PC.  This turns off and disables the "Other Windows settings" group on the "sync your settings" page in PC settings.
+Prevent the "Other Windows settings" group from syncing to and from this PC.  This option turns off and disables the "Other Windows settings" group on the "sync your settings" page in PC settings.
 
 If you enable this policy setting, the "Other Windows settings" group won't be synced.
 
diff --git a/windows/client-management/mdm/policy-csp-admx-sharing.md b/windows/client-management/mdm/policy-csp-admx-sharing.md
index dc1208a27c..72af1e5fd1 100644
--- a/windows/client-management/mdm/policy-csp-admx-sharing.md
+++ b/windows/client-management/mdm/policy-csp-admx-sharing.md
@@ -59,9 +59,9 @@ manager: dansimp
 
 <!--/Scope-->
 <!--Description-->
-This policy setting specifies whether users can share files within their profile. By default users are allowed to share files within their profile to other users on their network after an administrator opts in the computer.  An administrator can opt in the computer by using the sharing wizard to share a file within their profile.
+This policy setting specifies whether users can share files within their profile. By default, users are allowed to share files within their profile to other users on their network after an administrator opts in the computer.  An administrator can opt in the computer by using the sharing wizard to share a file within their profile.
 
-If you enable this policy setting, users cannot share files within their profile using the sharing wizard.  Also, the sharing wizard cannot create a share at %root%\users and can only be used to create SMB shares on folders.
+If you enable this policy setting, users can't share files within their profile using the sharing wizard.  Also, the sharing wizard can't create a share at %root%\users and can only be used to create SMB shares on folders.
 
 If you disable or don't configure this policy setting, users can share files out of their user profile after an administrator has opted in the computer.
 
diff --git a/windows/client-management/mdm/policy-csp-admx-shellcommandpromptregedittools.md b/windows/client-management/mdm/policy-csp-admx-shellcommandpromptregedittools.md
index ac2a57d74f..d9a9efabdf 100644
--- a/windows/client-management/mdm/policy-csp-admx-shellcommandpromptregedittools.md
+++ b/windows/client-management/mdm/policy-csp-admx-shellcommandpromptregedittools.md
@@ -76,10 +76,10 @@ This policy setting also determines whether batch files (.cmd and .bat) can run
 
 - If you enable this policy setting and the user tries to open a command window, the system displays a message explaining that a setting prevents the action. .  
 
--  If you disable this policy setting or do not configure it, users can run Cmd.exe and batch files normally.  
+-  If you disable this policy setting or don't configure it, users can run Cmd.exe and batch files normally.  
   
 > [!NOTE]
-> Do not prevent the computer from running batch files if the computer uses logon, logoff, startup, or shutdown batch file scripts, or for users that use Remote Desktop Services.
+> Don't prevent the computer from running batch files if the computer uses logon, logoff, startup, or shutdown batch file scripts, or for users that use Remote Desktop Services.
 
 
 <!--/Description-->
@@ -127,7 +127,7 @@ This policy setting disables the Windows registry editor Regedit.exe.
 
 - If you enable this policy setting and the user tries to start Regedit.exe, a message appears explaining that a policy setting prevents the action.  
 
-- If you disable this policy setting or do not configure it, users can run Regedit.exe normally.  
+- If you disable this policy setting or don't configure it, users can run Regedit.exe normally.  
 
 To prevent users from using other administrative tools, use the "Run only specified Windows applications" policy setting.
 
@@ -175,13 +175,13 @@ This policy setting limits the Windows programs that users have permission to ru
 
 - If you enable this policy setting, users can only run programs that you add to the list of allowed applications.  
 
-- If you disable this policy setting or do not configure it, users can run all applications.  This policy setting only prevents users from running programs that are started by the File Explorer process.
+- If you disable this policy setting or don't configure it, users can run all applications.  This policy setting only prevents users from running programs that are started by the File Explorer process.
 
-It does not prevent users from running programs such as Task Manager, which are started by the system process or by other processes.  Also, if users have access to the command prompt (Cmd.exe), this policy setting does not prevent them from starting programs in the command window even though they would be prevented from doing so using File Explorer.  
+It doesn't prevent users from running programs such as Task Manager, which is started by the system process or by other processes.  Also, if users have access to the command prompt (Cmd.exe), this policy setting doesn't prevent them from starting programs in the command window even though they would be prevented from doing so using File Explorer.  
 
 Non-Microsoft applications with Windows 2000 or later certification are required to comply with this policy setting.  
 
-To create a list of allowed applications, click Show.  In the Show Contents dialog box, in the Value column, type the application executable name (e.g., Winword.exe, Poledit.exe, Powerpnt.exe).
+To create a list of allowed applications, click Show.  In the Show Contents dialog box, in the Value column, type the application executable name (for example, Winword.exe, Poledit.exe, Powerpnt.exe).
 
 <!--/Description-->
 
@@ -225,15 +225,15 @@ ADMX Info:
 <!--Description-->
 This policy setting prevents Windows from running the programs you specify in this policy setting. 
 
-- If you enable this policy setting, users cannot run programs that you add to the list of disallowed applications.  
+- If you enable this policy setting, users can't run programs that you add to the list of disallowed applications.  
 
-- If you disable this policy setting or do not configure it, users can run any programs. 
+- If you disable this policy setting or don't configure it, users can run any programs. 
 
-This policy setting only prevents users from running programs that are started by the File Explorer process. It does not prevent users from running programs, such as Task Manager, which are started by the system process or by other processes.  Also, if users have access to the command prompt (Cmd.exe), this policy setting does not prevent them from starting programs in the command window even though they would be prevented from doing so using File Explorer.  
+This policy setting only prevents users from running programs that are started by the File Explorer process. It doesn't prevent users from running programs, such as Task Manager, which are started by the system process or by other processes.  Also, if users have access to the command prompt (Cmd.exe), this policy setting doesn't prevent them from starting programs in the command window even though they would be prevented from doing so using File Explorer.  
 
-Non-Microsoft applications with Windows 2000 or later certification are required to comply with this policy setting. 
+Non-Microsoft applications with Windows 2000 or later certification are required to comply with this policy setting.
 
-To create a list of allowed applications, click Show.  In the Show Contents dialog box, in the Value column, type the application executable name (e.g., Winword.exe, Poledit.exe, Powerpnt.exe).
+To create a list of allowed applications, click Show.  In the Show Contents dialog box, in the Value column, type the application executable name (for example, Winword.exe, Poledit.exe, Powerpnt.exe).
 
 
 <!--/Description-->
diff --git a/windows/client-management/mdm/policy-csp-admx-smartcard.md b/windows/client-management/mdm/policy-csp-admx-smartcard.md
index 942b369753..089c628ab8 100644
--- a/windows/client-management/mdm/policy-csp-admx-smartcard.md
+++ b/windows/client-management/mdm/policy-csp-admx-smartcard.md
@@ -105,17 +105,17 @@ manager: dansimp
 
 <!--/Scope-->
 <!--Description-->
-This policy setting lets you allow certificates without an Extended Key Usage (EKU) set to be used for logon.
+This policy setting lets you allow certificates without an Extended Key Usage (EKU) set to be used for signing in.
 
-In versions of Windows prior to Windows Vista, smart card certificates that are used for logon require an enhanced key usage (EKU) extension with a smart card logon object identifier. This policy setting can be used to modify that restriction.
+In versions of Windows prior to Windows Vista, smart card certificates that are used for a sign in require an enhanced key usage (EKU) extension with a smart card logon object identifier. This policy setting can be used to modify that restriction.
 
-If you enable this policy setting, certificates with the following attributes can also be used to log on with a smart card:
+If you enable this policy setting, certificates with the following attributes can also be used to sign in on with a smart card:
 
 - Certificates with no EKU
 - Certificates with an All Purpose EKU
 - Certificates with a Client Authentication EKU
 
-If you disable or do not configure this policy setting, only certificates that contain the smart card logon object identifier can be used to log on with a smart card.
+If you disable or don't configure this policy setting, only certificates that contain the smart card logon object identifier can be used to sign in with a smart card.
 
 <!--/Description-->
 
@@ -159,11 +159,11 @@ ADMX Info:
 <!--Description-->
 This policy setting lets you determine whether the integrated unblock feature will be available in the logon User Interface (UI).
 
-In order to use the integrated unblock feature your smart card must support this feature.  Please check with your hardware manufacturer to see if your smart card supports this feature.
+In order to use the integrated unblock feature, your smart card must support this feature.  Check with your hardware manufacturer to see if your smart card supports this feature.
 
 If you enable this policy setting, the integrated unblock feature will be available.
 
-If you disable or do not configure this policy setting then the integrated unblock feature will not be available.
+If you disable or don't configure this policy setting then the integrated unblock feature won't be available.
 
 <!--/Description-->
 
@@ -205,11 +205,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting lets you allow signature key-based certificates to be enumerated and available for logon.
+This policy setting lets you allow signature key-based certificates to be enumerated and available for a sign in.
 
-If you enable this policy setting then any certificates available on the smart card with a signature only key will be listed on the logon screen.
+If you enable this policy setting, then any certificates available on the smart card with a signature only key will be listed on the sign-in screen.
 
-If you disable or do not configure this policy setting, any available smart card signature key-based certificates will not be listed on the logon screen.
+If you disable or don't configure this policy setting, any available smart card signature key-based certificates won't be listed on the sign-in screen.
 
 <!--/Description-->
 
@@ -251,13 +251,13 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting permits those certificates to be displayed for logon that are either expired or not yet valid.
+This policy setting permits those certificates to be displayed for a sign in which are either expired or not yet valid.
 
 Under previous versions of Microsoft Windows, certificates were required to contain a valid time and not be expired. The certificate must still be accepted by the domain controller in order to be used. This setting only controls the displaying of the certificate on the client machine. 
 
-If you enable this policy setting certificates will be listed on the logon screen regardless of whether they have an invalid time or their time validity has expired.
+If you enable this policy setting, certificates will be listed on the sign-in screen regardless of whether they have an invalid time or their time validity has expired.
 
-If you disable or do not configure this policy setting, certificates which are expired or not yet valid will not be listed on the logon screen.
+If you disable or don't configure this policy setting, certificates that are expired or not yet valid won't be listed on the sign-in screen.
 
 <!--/Description-->
 
@@ -301,9 +301,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to manage the certificate propagation that occurs when a smart card is inserted.
 
-If you enable or do not configure this policy setting then certificate propagation will occur when you insert your smart card.
+If you enable or don't configure this policy setting then certificate propagation will occur when you insert your smart card.
 
-If you disable this policy setting, certificate propagation will not occur and the certificates will not be made available to applications such as Outlook.
+If you disable this policy setting, certificate propagation won't occur and the certificates won't be made available to applications such as Outlook.
 
 <!--/Description-->
 
@@ -345,7 +345,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to manage the cleanup behavior of root certificates.  If you enable this policy setting then root certificate cleanup will occur according to the option selected. If you disable or do not configure this setting then root certificate cleanup will occur on logoff.
+This policy setting allows you to manage the cleanup behavior of root certificates.  If you enable this policy setting, then root certificate cleanup will occur according to the option selected. If you disable or don't configure this setting then root certificate cleanup will occur on a sign out.
 
 <!--/Description-->
 
@@ -389,12 +389,12 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to manage the root certificate propagation that occurs when a smart card is inserted.
 
-If you enable or do not configure this policy setting then root certificate propagation will occur when you insert your smart card.
+If you enable or don't configure this policy setting then root certificate propagation will occur when you insert your smart card.
 
 > [!NOTE]
 > For this policy setting to work the following policy setting must also be enabled: Turn on certificate propagation from smart card.
 
-If you disable this policy setting then root certificates will not be propagated from the smart card.
+If you disable this policy setting, then root certificates won't be propagated from the smart card.
 
 <!--/Description-->
 
@@ -438,9 +438,9 @@ ADMX Info:
 <!--Description-->
 This policy setting prevents plaintext PINs from being returned by Credential Manager. 
 
-If you enable this policy setting, Credential Manager does not return a plaintext PIN. 
+If you enable this policy setting, Credential Manager doesn't return a plaintext PIN. 
 
-If you disable or do not configure this policy setting, plaintext PINs can be returned by Credential Manager.
+If you disable or don't configure this policy setting, plaintext PINs can be returned by Credential Manager.
 
 > [!NOTE]
 > Enabling this policy setting could prevent certain smart cards from working on Windows. Please consult your smart card manufacturer to find out whether you will be affected by this policy setting.
@@ -485,11 +485,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to control whether elliptic curve cryptography (ECC) certificates on a smart card can be used to log on to a domain.
+This policy setting allows you to control whether elliptic curve cryptography (ECC) certificates on a smart card can be used to sign in to a domain.
 
-If you enable this policy setting, ECC certificates on a smart card can be used to log on to a domain.
+If you enable this policy setting, ECC certificates on a smart card can be used to sign in to a domain.
 
-If you disable or do not configure this policy setting, ECC certificates on a smart card cannot be used to log on to a domain. 
+If you disable or don't configure this policy setting, ECC certificates on a smart card can't be used to sign in to a domain.
 
 > [!NOTE]
 > This policy setting only affects a user's ability to log on to a domain. ECC certificates on a smart card that are used for other applications, such as document signing, are not affected by this policy setting. 
@@ -536,14 +536,14 @@ ADMX Info:
 <!--Description-->
 This policy setting lets you configure if all your valid logon certificates are displayed.
 
-During the certificate renewal period, a user can have multiple valid logon certificates issued from the same certificate template.  This can cause confusion as to which certificate to select for logon. The common case for this behavior is when a certificate is renewed and the old one has not yet expired. Two certificates are determined to be the same if they are issued from the same template with the same major version and they are for the same user (determined by their UPN).
+During the certificate renewal period, a user can have multiple valid logon certificates issued from the same certificate template. This scenario can cause confusion as to which certificate to select for a sign in. The common case for this behavior is when a certificate is renewed and the old one hasn't yet expired. Two certificates are determined to be the same if they're issued from the same template with the same major version and they're for the same user (determined by their UPN).
 
-If there are two or more of the "same" certificate on a smart card and this policy is enabled then the certificate that is used for logon on Windows 2000, Windows XP, and Windows 2003 Server will be shown, otherwise the certificate with the expiration time furthest in the future will be shown.  
+If there are two or more of the "same" certificate on a smart card and this policy is enabled, then the certificate that is used for a sign in on Windows 2000, Windows XP, and Windows 2003 Server will be shown, otherwise the certificate with the expiration time furthest in the future will be shown.  
 
 > [!NOTE]
 > This setting will be applied after the following policy: "Allow time invalid certificates"
 
-If you enable or do not configure this policy setting, filtering will take place.
+If you enable or don't configure this policy setting, filtering will take place.
 
 If you disable this policy setting, no filtering will take place.
 
@@ -587,13 +587,13 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to manage the reading of all certificates from the smart card for logon.
+This policy setting allows you to manage the reading of all certificates from the smart card for a sign in.
 
-During logon Windows will by default only read the default certificate from the smart card unless it supports retrieval of all certificates in a single call. This setting forces Windows to read all the certificates from the card. This can introduce a significant performance decrease in certain situations. Please contact your smart card vendor to determine if your smart card and associated CSP supports the required behavior.
+During a sign in, Windows will by default only read the default certificate from the smart card unless it supports retrieval of all certificates in a single call. This setting forces Windows to read all the certificates from the card. This setting can introduce a significant performance decrease in certain situations. Contact your smart card vendor to determine if your smart card and associated CSP supports the required behavior.
 
 If you enable this setting, then Windows will attempt to read all certificates from the smart card regardless of the feature set of the CSP.
 
-If you disable or do not configure this setting, Windows will only attempt to read the default certificate from those cards that do not support retrieval of all certificates in a single call.  Certificates other than the default will not be available for logon.
+If you disable or don't configure this setting, Windows will only attempt to read the default certificate from those cards that don't support retrieval of all certificates in a single call. Certificates other than the default won't be available for a sign in.
 
 <!--/Description-->
 
@@ -642,7 +642,7 @@ If you enable this policy setting, the specified message will be displayed to th
 > [!NOTE]
 > The following policy setting must be enabled: Allow Integrated Unblock screen to be displayed at the time of logon.
 
-If you disable or do not configure this policy setting, the default message will be displayed to the user when the smart card is blocked, if the integrated unblock feature is enabled.
+If you disable or don't configure this policy setting, the default message will be displayed to the user when the smart card is blocked, if the integrated unblock feature is enabled.
 
 <!--/Description-->
 
@@ -684,11 +684,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting lets you reverse the subject name from how it is stored in the certificate when displaying it during logon.  
+This policy setting lets you reverse the subject name from how it's stored in the certificate when displaying it during a sign in.  
 
-By default the user principal name (UPN) is displayed in addition to the common name to help users distinguish one certificate from another. For example, if the certificate subject was CN=User1, OU=Users, DN=example, DN=com and had an UPN of user1@example.com then "User1" will be displayed along with "user1@example.com." If the UPN is not present then the entire subject name will be displayed. This setting controls the appearance of that subject name and might need to be adjusted per organization.
+By default the user principal name (UPN) is displayed in addition to the common name to help users distinguish one certificate from another. For example, if the certificate subject was CN=User1, OU=Users, DN=example, DN=com and had an UPN of user1@example.com then "User1" will be displayed along with "user1@example.com." If the UPN isn't present, then the entire subject name will be displayed. This setting controls the appearance of that subject name and might need to be adjusted per organization.
 
-If you enable this policy setting or do not configure this setting, then the subject name will be reversed.  
+If you enable this policy setting or don't configure this setting, then the subject name will be reversed.  
 
 If you disable, the subject name will be displayed as it appears in the certificate.
 
@@ -734,9 +734,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to control whether Smart Card Plug and Play is enabled.
 
-If you enable or do not configure this policy setting, Smart Card Plug and Play will be enabled and the system will attempt to install a Smart Card device driver when a card is inserted in a Smart Card Reader for the first time.
+If you enable or don't configure this policy setting, Smart Card Plug and Play will be enabled and the system will attempt to install a Smart Card device driver when a card is inserted in a Smart Card Reader for the first time.
 
-If you disable this policy setting, Smart Card Plug and Play will be disabled and a device driver will not be installed when a card is inserted in a Smart Card Reader.
+If you disable this policy setting, Smart Card Plug and Play will be disabled and a device driver won't be installed when a card is inserted in a Smart Card Reader.
 
 > [!NOTE]
 > This policy setting is applied only for smart cards that have passed the Windows Hardware Quality Labs (WHQL) testing process.
@@ -783,9 +783,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to control whether a confirmation message is displayed when a smart card device driver is installed.
 
-If you enable or do not configure this policy setting, a confirmation message will be displayed when a smart card device driver is installed.
+If you enable or don't configure this policy setting, a confirmation message will be displayed when a smart card device driver is installed.
 
-If you disable this policy setting, a confirmation message will not be displayed when a smart card device driver is installed.
+If you disable this policy setting, a confirmation message won't be displayed when a smart card device driver is installed.
 
 > [!NOTE]
 > This policy setting is applied only for smart cards that have passed the Windows Hardware Quality Labs (WHQL) testing process.
@@ -830,11 +830,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting lets you determine whether an optional field will be displayed during logon and elevation that allows a user to enter his or her user name or user name and domain, thereby associating a certificate with that user.
+This policy setting lets you determine whether an optional field will be displayed during a sign in and elevation that allows users to enter their user name or user name and domain, thereby associating a certificate with the users.
 
-If you enable this policy setting then an optional field that allows a user to enter their user name or user name and domain will be displayed.
+If you enable this policy setting, then an optional field that allows a user to enter their user name or user name and domain will be displayed.
 
-If you disable or do not configure this policy setting, an optional field that allows users to enter their user name or user name and domain will not be displayed.
+If you disable or don't configure this policy setting, an optional field that allows users to enter their user name or user name and domain won't be displayed.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-srmfci.md b/windows/client-management/mdm/policy-csp-admx-srmfci.md
index 57d4c0e161..325fd93379 100644
--- a/windows/client-management/mdm/policy-csp-admx-srmfci.md
+++ b/windows/client-management/mdm/policy-csp-admx-srmfci.md
@@ -106,13 +106,13 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting specifies the message that users see when they are denied access to a file or folder. You can customize the Access Denied message to include additional text and links. You can also provide users with the ability to send an email to request access to the file or folder to which they were denied access.  
+This policy setting specifies the message that users see when they're denied access to a file or folder. You can customize the Access Denied message to include more text and links. You can also provide users with the ability to send an email to request access to the file or folder to which they were denied access.  
 
 If you enable this policy setting, users receive a customized Access Denied message from the file servers on which this policy setting is applied.  
 
-If you disable this policy setting, users see a standard Access Denied message that doesn't provide any of the functionality controlled by this policy setting, regardless of the file server configuration.  
+If you disable this policy setting, users see a standard Access Denied message that doesn't provide any of the functionalities controlled by this policy setting, regardless of the file server configuration.  
 
-If you do not configure this policy setting, users see a standard Access Denied message unless the file server is configured to display the customized Access Denied message. By default, users see the standard Access Denied message.
+If you don't configure this policy setting, users see a standard Access Denied message unless the file server is configured to display the customized Access Denied message. By default, users see the standard Access Denied message.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-startmenu.md b/windows/client-management/mdm/policy-csp-admx-startmenu.md
index 5b8110067f..f89c8f56d9 100644
--- a/windows/client-management/mdm/policy-csp-admx-startmenu.md
+++ b/windows/client-management/mdm/policy-csp-admx-startmenu.md
@@ -260,9 +260,9 @@ manager: dansimp
 <!--Description-->
 If you enable this policy, a "Search the Internet" link is shown when the user performs a search in the start menu search box. This button launches the default browser with the search terms.
 
-If you disable this policy, there will not be a "Search the Internet" link when the user performs a search in the start menu search box.
+If you disable this policy, there won't be a "Search the Internet" link when the user performs a search in the start menu search box.
 
-If you do not configure this policy (default), there will not be a "Search the Internet" link on the start menu.
+If you don't configure this policy (default), there won't be a "Search the Internet" link on the start menu.
 
 <!--/Description-->
 
@@ -306,20 +306,20 @@ ADMX Info:
 <!--Description-->
 Clear history of recently opened documents on exit.
 
-If you enable this setting, the system deletes shortcuts to recently used document files when the user logs off. As a result, the Recent Items menu on the Start menu is always empty when the user logs on. In addition, recently and frequently used items in the Jump Lists off of programs in the Start Menu and Taskbar will be cleared when the user logs off.
+If you enable this setting, the system deletes shortcuts to recently used document files when the user signs out. As a result, the Recent Items menu on the Start menu is always empty when the user logs on. In addition, recently and frequently used items in the Jump Lists off of programs in the Start Menu and Taskbar will be cleared when the user signs out.
 
-If you disable or do not configure this setting, the system retains document shortcuts, and when a user logs on, the Recent Items menu and the Jump Lists appear just as it did when the user logged off.
+If you disable or don't configure this setting, the system retains document shortcuts, and when a user logs on, the Recent Items menu and the Jump Lists appear just as it did when the user logged off.
 
 > [!NOTE]
 > The system saves document shortcuts in the user profile in the System-drive\Users\User-name\Recent folder.
 
 Also, see the "Remove Recent Items menu from Start Menu" and "Do not keep history of recently opened documents" policies in this folder. The system only uses this setting when neither of these related settings are selected.
 
-This setting does not clear the list of recent files that Windows programs display at the bottom of the File menu. See the "Do not keep history of recently opened documents" setting.
+This setting doesn't clear the list of recent files that Windows programs display at the bottom of the File menu. See the "Do not keep history of recently opened documents" setting.
 
-This policy setting also does not hide document shortcuts displayed in the Open dialog box. See the "Hide the dropdown list of recent files" setting.
+This policy setting also doesn't hide document shortcuts displayed in the Open dialog box. See the "Hide the dropdown list of recent files" setting.
 
-This policy also does not clear items that the user may have pinned to the Jump Lists, or Tasks that the application has provided for their menu. See the "Do not allow pinning items in Jump Lists" setting.
+This policy also doesn't clear items that the user may have pinned to the Jump Lists, or Tasks that the application has provided for their menu. See the "Do not allow pinning items in Jump Lists" setting.
 
 <!--/Description-->
 
@@ -363,7 +363,7 @@ ADMX Info:
 <!--Description-->
 If you enable this policy setting, the recent programs list in the start menu will be blank for each new user.
 
-If you disable or do not configure this policy, the start menu recent programs list will be pre-populated with programs for each new user.
+If you disable or don't configure this policy, the start menu recent programs list will be pre-populated with programs for each new user.
 
 <!--/Description-->
 
@@ -407,9 +407,9 @@ ADMX Info:
 <!--Description-->
 If you enable this setting, the system deletes tile notifications when the user logs on. As a result, the Tiles in the start view will always show their default content when the user logs on. In addition, any cached versions of these notifications will be cleared when the user logs on.
 
-If you disable or do not configure this setting, the system retains notifications, and when a user logs on, the tiles appear just as they did when the user logged off, including the history of previous notifications for each tile.
+If you disable or don't configure this setting, the system retains notifications, and when a user logs on, the tiles appear just as they did when the user logged off, including the history of previous notifications for each tile.
 
-This setting does not prevent new notifications from appearing. See the "Turn off Application Notifications" setting to prevent new notifications.
+This setting doesn't prevent new notifications from appearing. See the "Turn off Application Notifications" setting to prevent new notifications.
 
 <!--/Description-->
 
@@ -545,15 +545,15 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy only applies to the classic version of the start menu and does not affect the new style start menu.
+This policy only applies to the classic version of the start menu and doesn't affect the new style start menu.
 
 Adds the "Log Off `<username>`" item to the Start menu and prevents users from removing it.
 
-If you enable this setting, the Log Off `<username>` item appears in the Start menu. This setting also removes the Display Logoff item from Start Menu Options. As a result, users cannot remove the Log Off `<username>` item from the Start Menu.
+If you enable this setting, the Log Off `<username>` item appears in the Start menu. This setting also removes the Display Logoff item from Start Menu Options. As a result, users can't remove the Log Off `<username>` item from the Start Menu.
 
-If you disable this setting or do not configure it, users can use the Display Logoff item to add and remove the Log Off item.
+If you disable this setting or don't configure it, users can use the Display Logoff item to add and remove the Log Off item.
 
-This setting affects the Start menu only. It does not affect the Log Off item on the Windows Security dialog box that appears when you press Ctrl+Alt+Del.
+This setting affects the Start menu only. It doesn't affect the Log Off item on the Windows Security dialog box that appears when you press Ctrl+Alt+Del.
 
 > [!NOTE]
 > To add or remove the Log Off item on a computer, click Start, click Settings, click Taskbar and Start Menu, click the Start Menu Options tab, and then, in the Start Menu Settings box, click Display Logoff.
@@ -650,11 +650,11 @@ ADMX Info:
 <!--Description-->
 Displays Start menu shortcuts to partially installed programs in gray text.
 
-This setting makes it easier for users to distinguish between programs that are fully installed and those that are only partially installed.
+This setting makes it easier for users to distinguish between programs that are fully installed and those programs that are only partially installed.
 
-Partially installed programs include those that a system administrator assigns using Windows Installer and those that users have configured for full installation upon first use.
+Partially installed programs include those programs that a system administrator assigns using Windows Installer and those programs that users have configured for full installation upon first use.
 
-If you disable this setting or do not configure it, all Start menu shortcuts appear as black text.
+If you disable this setting or don't configure it, all Start menu shortcuts appear as black text.
 
 > [!NOTE]
 > Enabling this setting can make the Start menu slow to open.
@@ -699,11 +699,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting prevents users from performing the following commands from the Windows security screen, the logon screen, and the Start menu: Shut Down, Restart, Sleep, and Hibernate. This policy setting does not prevent users from running Windows-based programs that perform these functions.
+This policy setting prevents users from performing the following commands from the Windows security screen, the sign-in screen, and the Start menu: Shut Down, Restart, Sleep, and Hibernate. This policy setting doesn't prevent users from running Windows-based programs that perform these functions.
 
-If you enable this policy setting, the shutdown, restart, sleep, and hibernate commands are removed from the Start menu. The Power button is also removed from the Windows Security screen, which appears when you press CTRL+ALT+DELETE, and from the logon screen.
+If you enable this policy setting, the shutdown, restart, sleep, and hibernate commands are removed from the Start menu. The Power button is also removed from the Windows Security screen, which appears when you press CTRL+ALT+DELETE, and from the sign in screen.
 
-If you disable or do not configure this policy setting, the Power button and the Shut Down, Restart, Sleep, and Hibernate commands are available on the Start menu. The Power button on the Windows Security and logon screens is also available.
+If you disable or don't configure this policy setting, the Power button and the Shut Down, Restart, Sleep, and Hibernate commands are available on the Start menu. The Power button on the Windows Security and sign-in screens is also available.
 
 <!--/Description-->
 
@@ -747,9 +747,9 @@ ADMX Info:
 <!--Description-->
 Disables personalized menus.
 
-Windows personalizes long menus by moving recently used items to the top of the menu and hiding items that have not been used recently. Users can display the hidden items by clicking an arrow to extend the menu.
+Windows personalizes long menus by moving recently used items to the top of the menu and hiding items that haven't been used recently. Users can display the hidden items by clicking an arrow to extend the menu.
 
-If you enable this setting, the system does not personalize menus. All menu items appear and remain in standard order. Also, this setting removes the "Use Personalized Menus" option so users do not try to change the setting while a setting is in effect.
+If you enable this setting, the system doesn't personalize menus. All menu items appear and remain in standard order. Also, this setting removes the "Use Personalized Menus" option so users don't try to change the setting while a setting is in effect.
 
 > [!NOTE]
 > Personalized menus require user tracking. If you enable the "Turn off user tracking" setting, the system disables user tracking and personalized menus and ignores this setting.
@@ -798,14 +798,14 @@ ADMX Info:
 <!--Description-->
 This setting affects the taskbar, which is used to switch between running applications.
 
-The taskbar includes the Start button, list of currently running tasks, and the notification area. By default, the taskbar is located at the bottom of the screen, but it can be dragged to any side of the screen. When it is locked, it cannot be moved or resized.
+The taskbar includes the Start button, list of currently running tasks, and the notification area. By default, the taskbar is located at the bottom of the screen, but it can be dragged to any side of the screen. When it's locked, it can't be moved or resized.
 
 If you enable this setting, it prevents the user from moving or resizing the taskbar. While the taskbar is locked, auto-hide and other taskbar options are still available in Taskbar properties.
 
-If you disable this setting or do not configure it, the user can configure the taskbar position.
+If you disable this setting or don't configure it, the user can configure the taskbar position.
 
 > [!NOTE]
-> Enabling this setting also locks the QuickLaunch bar and any other toolbars that the user has on their taskbar. The toolbar's position is locked, and the user cannot show and hide various toolbars using the taskbar context menu.
+> Enabling this setting also locks the QuickLaunch bar and any other toolbars that the user has on their taskbar. The toolbar's position is locked, and the user can't show and hide various toolbars using the taskbar context menu.
 
 <!--/Description-->
 
@@ -849,9 +849,9 @@ ADMX Info:
 <!--Description-->
 This policy setting lets users run a 16-bit program in a dedicated (not shared) Virtual DOS Machine (VDM) process.
 
-All DOS and 16-bit programs run on Windows 2000 Professional and Windows XP Professional in the Windows Virtual DOS Machine program. VDM simulates a 16-bit environment, complete with the DLLs required by 16-bit programs. By default, all 16-bit programs run as threads in a single, shared VDM process. As such, they share the memory space allocated to the VDM process and cannot run simultaneously.
+All DOS and 16-bit programs run on Windows 2000 Professional and Windows XP Professional in the Windows Virtual DOS Machine program. VDM simulates a 16-bit environment, complete with the DLLs required by 16-bit programs. By default, all 16-bit programs run as threads in a single, shared VDM process. As such, they share the memory space allocated to the VDM process and can't run simultaneously.
 
-Enabling this setting adds a check box to the Run dialog box, giving users the option of running a 16-bit program in its own dedicated NTVDM process. The additional check box is enabled only when a user enters a 16-bit program in the Run dialog box.
+Enabling this setting adds a check box to the Run dialog box, giving users the option of running a 16-bit program in its own dedicated NTVDM process. The extra check box is enabled only when a user enters a 16-bit program in the Run dialog box.
 
 <!--/Description-->
 
@@ -901,7 +901,7 @@ If you enable this setting, the system notification area expands to show all of
 
 If you disable this setting, the system notification area will always collapse notifications.
 
-If you do not configure it, the user can choose if they want notifications collapsed.
+If you don't configure it, the user can choose if they want notifications collapsed.
 
 <!--/Description-->
 
@@ -947,9 +947,9 @@ Hides pop-up text on the Start menu and in the notification area.
 
 When you hold the cursor over an item on the Start menu or in the notification area, the system displays pop-up text providing additional information about the object.
 
-If you enable this setting, some of this pop-up text is not displayed. The pop-up text affected by this setting includes "Click here to begin" on the Start button, "Where have all my programs gone" on the Start menu, and "Where have my icons gone" in the notification area.
+If you enable this setting, some of this pop-up text isn't displayed. The pop-up text affected by this setting includes "Click here to begin" on the Start button, "Where have all my programs gone" on the Start menu, and "Where have my icons gone" in the notification area.
 
-If you disable this setting or do not configure it, all pop-up text is displayed on the Start menu and in the notification area.
+If you disable this setting or don't configure it, all pop-up text is displayed on the Start menu and in the notification area.
 
 <!--/Description-->
 
@@ -993,9 +993,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to prevent users from changing their Start screen layout.
 
-If you enable this setting, you will prevent a user from selecting an app, resizing a tile, pinning/unpinning a tile or a secondary tile, entering the customize mode and rearranging tiles within Start and Apps.
+If you enable this setting, you'll prevent a user from selecting an app, resizing a tile, pinning/unpinning a tile or a secondary tile, entering the customize mode and rearranging tiles within Start and Apps.
 
-If you disable or do not configure this setting, you will allow a user to select an app, resize a tile, pin/unpin a tile or a secondary tile, enter the customize mode and rearrange tiles within Start and Apps.
+If you disable or don't configure this setting, you'll allow a user to select an app, resize a tile, pin/unpin a tile or a secondary tile, enter the customize mode and rearrange tiles within Start and Apps.
 
 <!--/Description-->
 
@@ -1037,11 +1037,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting prevents users from performing the following commands from the Start menu or Windows Security screen: Shut Down, Restart, Sleep, and Hibernate. This policy setting does not prevent users from running Windows-based programs that perform these functions.
+This policy setting prevents users from performing the following commands from the Start menu or Windows Security screen: Shut Down, Restart, Sleep, and Hibernate. This policy setting doesn't prevent users from running Windows-based programs that perform these functions.
 
 If you enable this policy setting, the Power button and the Shut Down, Restart, Sleep, and Hibernate commands are removed from the Start menu. The Power button is also removed from the Windows Security screen, which appears when you press CTRL+ALT+DELETE.
 
-If you disable or do not configure this policy setting, the Power button and the Shut Down, Restart, Sleep, and Hibernate commands are available on the Start menu. The Power button on the Windows Security screen is also available.
+If you disable or don't configure this policy setting, the Power button and the Shut Down, Restart, Sleep, and Hibernate commands are available on the Start menu. The Power button on the Windows Security screen is also available.
 
 > [!NOTE]
 > Third-party programs certified as compatible with Microsoft Windows Vista, Windows XP SP2, Windows XP SP1, Windows XP, or Windows 2000 Professional are required to support this policy setting.
@@ -1134,12 +1134,12 @@ ADMX Info:
 <!--Description-->
 Prevents users from adding the Favorites menu to the Start menu or classic Start menu.
 
-If you enable this setting, the Display Favorites item does not appear in the Advanced Start menu options box.
+If you enable this setting, the Display Favorites item doesn't appear in the Advanced Start menu options box.
 
-If you disable or do not configure this setting, the Display Favorite item is available.
+If you disable or don't configure this setting, the Display Favorite item is available.
 
 > [!NOTE]
-> The Favorities menu does not appear on the Start menu by default. To display the Favorites menu, right-click Start, click Properties, and then click Customize.  If you are using Start menu, click the Advanced tab, and then, under Start menu items, click the Favorites menu. If you are using the classic Start menu, click Display Favorites under Advanced Start menu options.
+> The Favorites menu doesn't appear on the Start menu by default. To display the Favorites menu, right-click Start, click Properties, and then click Customize.  If you are using Start menu, click the Advanced tab, and then, under Start menu items, click the Favorites menu. If you are using the classic Start menu, click Display Favorites under Advanced Start menu options.
 > 
 > The items that appear in the Favorites menu when you install Windows are preconfigured by the system to appeal to most users. However, users can add and remove items from this menu, and system administrators can create a customized Favorites menu for a user group.
 >
@@ -1185,18 +1185,18 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to remove the Search link from the Start menu, and disables some File Explorer search elements. Note that this does not remove the search box from the new style Start menu.
+This policy setting allows you to remove the Search link from the Start menu, and disables some File Explorer search elements. This policy setting doesn't remove the search box from the new style Start menu.
 
-If you enable this policy setting, the Search item is removed from the Start menu and from the context menu that appears when you right-click the Start menu. Also, the system does not respond when users press the Application key (the key with the Windows logo)+ F.
+If you enable this policy setting, the Search item is removed from the Start menu and from the context menu that appears when you right-click the Start menu. Also, the system doesn't respond when users press the Application key (the key with the Windows logo)+ F.
 
 > [!NOTE]
 > Enabling this policy setting also prevents the user from using the F3 key.
 
-In File Explorer, the Search item still appears on the Standard buttons toolbar, but the system does not respond when the user presses Ctrl+F. Also, Search does not appear in the context menu when you right-click an icon representing a drive or a folder.
+In File Explorer, the Search item still appears on the Standard buttons toolbar, but the system doesn't respond when the user presses Ctrl+F. Also, Search doesn't appear in the context menu when you right-click an icon representing a drive or a folder.
 
-This policy setting affects the specified user interface elements only. It does not affect Internet Explorer and does not prevent the user from using other methods to search.
+This policy setting affects the specified user interface elements only. It doesn't affect Internet Explorer and doesn't prevent the user from using other methods to search.
 
-If you disable or do not configure this policy setting, the Search link is available from the Start menu.
+If you disable or don't configure this policy setting, the Search link is available from the Start menu.
 
 <!--/Description-->
 
@@ -1238,9 +1238,9 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-If you enable this policy the start menu will not show a link to the Games folder.
+If you enable this policy, the start menu won't show a link to the Games folder.
 
-If you disable or do not configure this policy, the start menu will show a link to the Games folder, unless the user chooses to remove it in the start menu control panel.
+If you disable or don't configure this policy, the start menu will show a link to the Games folder, unless the user chooses to remove it in the start menu control panel.
 
 <!--/Description-->
 
@@ -1286,9 +1286,9 @@ This policy setting allows you to remove the Help command from the Start menu.
 
 If you enable this policy setting, the Help command is removed from the Start menu.
 
-If you disable or do not configure this policy setting, the Help command is available from the Start menu.
+If you disable or don't configure this policy setting, the Help command is available from the Start menu.
 
-This policy setting only affects the Start menu. It does not remove the Help menu from File Explorer and does not prevent users from running Help.
+This policy setting only affects the Start menu. It doesn't remove the Help menu from File Explorer and doesn't prevent users from running Help.
 
 <!--/Description-->
 
@@ -1332,13 +1332,13 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to turn off user tracking.
 
-If you enable this policy setting, the system does not track the programs that the user runs, and does not display frequently used programs in the Start Menu.
+If you enable this policy setting, the system doesn't track the programs that the user runs, and doesn't display frequently used programs in the Start Menu.
 
-If you disable or do not configure this policy setting, the system tracks the programs that the user runs. The system uses this information to customize Windows features, such as showing frequently used programs in the Start Menu.
+If you disable or don't configure this policy setting, the system tracks the programs that the user runs. The system uses this information to customize Windows features, such as showing frequently used programs in the Start Menu.
 
 Also, see these related policy settings: "Remove frequent programs list from the Start Menu" and "Turn off personalized menus".
 
-This policy  setting does not prevent users from pinning programs to the Start Menu or Taskbar. See the "Remove pinned programs list from the Start Menu" and "Do not allow pinning programs to the Taskbar" policy settings.
+This policy  setting doesn't prevent users from pinning programs to the Start Menu or Taskbar. See the "Remove pinned programs list from the Start Menu" and "Do not allow pinning programs to the Taskbar" policy settings.
 
 <!--/Description-->
 
@@ -1383,13 +1383,13 @@ ADMX Info:
 <!--Description-->
 If you enable this setting, the Start Menu will either collapse or remove the all apps list from the Start menu.
 
-Selecting "Collapse" will not display the app list next to the pinned tiles in Start. An "All apps" button will be displayed on Start to open the all apps list. This is equivalent to setting the "Show app list in Start" in Settings to Off.
+Selecting "Collapse" won't display the app list next to the pinned tiles in Start. An "All apps" button will be displayed on Start to open the all apps list. This selection of collapse is equivalent to setting the "Show app list in Start" in Settings to Off.
 
-Selecting "Collapse and disable setting" will do the same as the collapse option and disable the "Show app list in Start menu" in Settings, so users cannot turn it to On.
+Selecting "Collapse and disable setting" will do the same as the collapse option and disable the "Show app list in Start menu" in Settings, so users can't turn it to On.
 
-Selecting "Remove and disable setting" will remove the all apps list from Start and disable the "Show app list in Start menu" in Settings, so users cannot turn it to On. Select this option for compatibility with earlier versions of Windows.
+Selecting "Remove and disable setting" will remove the all apps list from Start and disable the "Show app list in Start menu" in Settings, so users can't turn it to On. Select this option for compatibility with earlier versions of Windows.
 
-If you disable or do not configure this setting, the all apps list will be visible by default, and the user can change "Show app list in Start" in Settings.
+If you disable or don't configure this setting, the all apps list will be visible by default, and the user can change "Show app list in Start" in Settings.
 
 <!--/Description-->
 
@@ -1439,7 +1439,7 @@ Enabling this policy setting prevents the Network Connections folder from openin
 
 Network Connections still appears in Control Panel and in File Explorer, but if users try to start it, a message appears explaining that a setting prevents the action.
 
-If you disable or do not configure this policy setting, Network Connections is available from the Start Menu.
+If you disable or don't configure this policy setting, Network Connections is available from the Start Menu.
 
 Also, see the "Disable programs on Settings menu" and "Disable Control Panel" policy settings and the policy settings in the Network Connections folder (Computer Configuration and User Configuration\Administrative Templates\Network\Network Connections).
 
@@ -1483,11 +1483,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-If you enable this setting, the "Pinned Programs" list is removed from the Start menu. Users cannot pin programs to the Start menu.
+If you enable this setting, the "Pinned Programs" list is removed from the Start menu. Users can't pin programs to the Start menu.
 
 In Windows XP and Windows Vista, the Internet and email checkboxes are removed from the 'Customize Start Menu' dialog.
 
-If you disable this setting or do not configure it, the "Pinned Programs" list remains on the Start menu. Users can pin and unpin programs in the Start Menu.
+If you disable this setting or don't configure it, the "Pinned Programs" list remains on the Start menu. Users can pin and unpin programs in the Start Menu.
 
 <!--/Description-->
 
@@ -1533,18 +1533,18 @@ Removes the Recent Items menu from the Start menu.  Removes the Documents menu f
 
 The Recent Items menu contains links to the non-program files that users have most recently opened. It appears so that users can easily reopen their documents.
 
-If you enable this setting, the system saves document shortcuts but does not display the Recent Items menu in the Start Menu, and users cannot turn the menu on.
+If you enable this setting, the system saves document shortcuts but doesn't display the Recent Items menu in the Start Menu, and users can't turn on the menu.
 
 If you later disable the setting, so that the Recent Items menu appears in the Start Menu, the document shortcuts saved before the setting was enabled and while it was in effect appear in the Recent Items menu.
 
-When the setting is disabled, the Recent Items menu appears in the Start Menu, and users cannot remove it.
+When the setting is disabled, the Recent Items menu appears in the Start Menu, and users can't remove it.
 
-If the setting is not configured, users can turn the Recent Items menu on and off.
+If the setting isn't configured, users can turn the Recent Items menu on and off.
 
 > [!NOTE]
-> This setting does not prevent Windows programs from displaying shortcuts to recently opened documents. See the "Do not keep history of recently opened documents" setting.
+> This setting doesn't prevent Windows programs from displaying shortcuts to recently opened documents. See the "Do not keep history of recently opened documents" setting.
 
-This setting also does not hide document shortcuts displayed in the Open dialog box. See the "Hide the dropdown list of recent files" setting.
+This setting also doesn't hide document shortcuts displayed in the Open dialog box. See the "Hide the dropdown list of recent files" setting.
 
 <!--/Description-->
 
@@ -1588,12 +1588,12 @@ ADMX Info:
 <!--Description-->
 This policy setting prevents the system from conducting a comprehensive search of the target drive to resolve a shortcut.
 
-If you enable this policy setting, the system does not conduct the final drive search. It just displays a message explaining that the file is not found.
+If you enable this policy setting, the system doesn't conduct the final drive search. It just displays a message explaining that the file isn't found.
 
-If you disable or do not configure this policy setting, by default, when the system cannot find the target file for a shortcut (.lnk), it searches all paths associated with the shortcut. If the target file is located on an NTFS partition, the system then uses the target's file ID to find a path. If the resulting path is not correct, it conducts a comprehensive search of the target drive in an attempt to find the file.
+If you disable or don't configure this policy setting, by default, when the system can't find the target file for a shortcut (.lnk), it searches all paths associated with the shortcut. If the target file is located on an NTFS partition, the system then uses the target's file ID to find a path. If the resulting path isn't correct, it conducts a comprehensive search of the target drive in an attempt to find the file.
 
 > [!NOTE]
-> This policy setting only applies to target files on NTFS partitions. FAT partitions do not have this ID tracking and search capability.
+> This policy setting only applies to target files on NTFS partitions. FAT partitions don't have this ID tracking and search capability.
 
 Also, see the "Do not track Shell shortcuts during roaming" and the "Do not use the tracking-based method when resolving shell shortcuts" policy settings.
 
@@ -1639,12 +1639,12 @@ ADMX Info:
 <!--Description-->
 This policy setting prevents the system from using NTFS tracking features to resolve a shortcut.
 
-If you enable this policy setting, the system does not try to locate the file by using its file ID. It skips this step and begins a comprehensive search of the drive specified in the target path.
+If you enable this policy setting, the system doesn't try to locate the file by using its file ID. It skips this step and begins a comprehensive search of the drive specified in the target path.
 
-If you disable or do not configure this policy setting, by default, when the system cannot find the target file for a shortcut (.lnk), it searches all paths associated with the shortcut. If the target file is located on an NTFS partition, the system then uses the target's file ID to find a path. If the resulting path is not correct, it conducts a comprehensive search of the target drive in an attempt to find the file.
+If you disable or don't configure this policy setting, by default, when the system can't find the target file for a shortcut (.lnk), it searches all paths associated with the shortcut. If the target file is located on an NTFS partition, the system then uses the target's file ID to find a path. If the resulting path isn't correct, it conducts a comprehensive search of the target drive in an attempt to find the file.
 
 > [!NOTE]
-> This policy setting only applies to target files on NTFS partitions. FAT partitions do not have this ID tracking and search capability.
+> This policy setting only applies to target files on NTFS partitions. FAT partitions don't have this ID tracking and search capability.
 
 Also, see the "Do not track Shell shortcuts during roaming" and the "Do not use the search-based method when resolving shell shortcuts" policy settings.
 <!--/Description-->
@@ -1699,18 +1699,18 @@ If you enable this setting, the following changes occur:
 
     - A UNC path: `\\<server>\<share>`
 
-    - Accessing local drives:  e.g., C:
+    - Accessing local drives:  for example, C:
 
-    - Accessing local folders: e.g., `\<temp>`
+    - Accessing local folders: for example, `\<temp>`
 
 Also, users with extended keyboards will no longer be able to display the Run dialog box by pressing the Application key (the key with the Windows logo) + R.
 
-If you disable or do not configure this setting, users will be able to access the Run command in the Start menu and in Task Manager and use the Internet Explorer Address Bar.
+If you disable or don't configure this setting, users will be able to access the Run command in the Start menu and in Task Manager and use the Internet Explorer Address Bar.
 
 > [!NOTE]
-> This setting affects the specified interface only. It does not prevent users from using other methods to run programs.
+> This setting affects the specified interface only. It doesn't prevent users from using other methods to run programs.
 >
-> It is a requirement for third-party applications with Windows 2000 or later certification to adhere to this setting.
+> It's a requirement for third-party applications with Windows 2000 or later certification to adhere to this setting.
 
 <!--/Description-->
 
@@ -1758,10 +1758,10 @@ If you enable this policy setting, the Default Programs link is removed from the
 
 Clicking the Default Programs link from the Start menu opens the Default Programs control panel and provides administrators the ability to specify default programs for certain activities, such as Web browsing or sending e-mail, as well as which programs are accessible from the Start menu, desktop, and other locations.
 
-If you disable or do not configure this policy setting, the Default Programs link is available from the Start menu.
+If you disable or don't configure this policy setting, the Default Programs link is available from the Start menu.
 
 > [!NOTE]
-> This policy setting does not prevent the Set Default Programs for This Computer option from appearing in the Default Programs control panel.
+> This policy setting doesn't prevent the Set Default Programs for This Computer option from appearing in the Default Programs control panel.
 
 <!--/Description-->
 
@@ -1805,12 +1805,12 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to remove the Documents icon from the Start menu and its submenus.
 
-If you enable this policy setting, the Documents icon is removed from the Start menu and its submenus. Enabling this policy setting only removes the icon. It does not prevent the user from using other methods to gain access to the contents of the Documents folder.
+If you enable this policy setting, the Documents icon is removed from the Start menu and its submenus. Enabling this policy setting only removes the icon. It doesn't prevent the user from using other methods to gain access to the contents of the Documents folder.
 
 > [!NOTE]
 > To make changes to this policy setting effective, you must log off and then log on.
 
-If you disable or do not configure this policy setting, he Documents icon is available from the Start menu.
+If you disable or don't configure this policy setting, the Documents icon is available from the Start menu.
 
 Also, see the "Remove Documents icon on the desktop" policy setting.
 
@@ -1858,7 +1858,7 @@ This policy setting allows you to remove the Music icon from Start Menu.
 
 If you enable this policy setting, the Music icon is no longer available from Start Menu.
 
-If you disable or do not configure this policy setting, the Music icon is available from Start Menu.
+If you disable or don't configure this policy setting, the Music icon is available from Start Menu.
 
 <!--/Description-->
 
@@ -1904,7 +1904,7 @@ This policy setting allows you to remove the Network icon from Start Menu.
 
 If you enable this policy setting, the Network icon is no longer available from Start Menu.
 
-If you disable or do not configure this policy setting, the Network icon is available from Start Menu.
+If you disable or don't configure this policy setting, the Network icon is available from Start Menu.
 
 <!--/Description-->
 
@@ -1950,7 +1950,7 @@ This policy setting allows you to remove the Pictures icon from Start Menu.
 
 If you enable this policy setting, the Pictures icon is no longer available from Start Menu.
 
-If you disable or do not configure this policy setting, the Pictures icon is available from Start Menu.
+If you disable or don't configure this policy setting, the Pictures icon is available from Start Menu.
 
 <!--/Description-->
 
@@ -1992,9 +1992,9 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-If you enable this policy the start menu search box will not search for communications.
+If you enable this policy, the start menu search box won't search for communications.
 
-If you disable or do not configure this policy, the start menu will search for communications, unless the user chooses not to in the start menu control panel.
+If you disable or don't configure this policy, the start menu will search for communications, unless the user chooses not to in the start menu control panel.
 
 <!--/Description-->
 
@@ -2036,9 +2036,9 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-If you enable this policy, the "See all results" link will not be shown when the user performs a search in the start menu search box.
+If you enable this policy, the "See all results" link won't be shown when the user performs a search in the start menu search box.
 
-If you disable or do not configure this policy, the "See all results" link will be shown when the user performs a search in the start menu search box.
+If you disable or don't configure this policy, the "See all results" link will be shown when the user performs a search in the start menu search box.
 
 <!--/Description-->
 
@@ -2080,9 +2080,9 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-If you enable this policy, a "See more results" / "Search Everywhere" link will not be shown when the user performs a search in the start menu search box.
+If you enable this policy, a "See more results" / "Search Everywhere" link won't be shown when the user performs a search in the start menu search box.
 
-If you disable or do not configure this policy, a "See more results" link will be shown when the user performs a search in the start menu search box.  If a 3rd party protocol handler is installed, a "Search Everywhere" link will be shown instead of the "See more results" link.
+If you disable or don't configure this policy, a "See more results" link will be shown when the user performs a search in the start menu search box.  If a third-party protocol handler is installed, a "Search Everywhere" link will be shown instead of the "See more results" link.
 
 <!--/Description-->
 
@@ -2124,9 +2124,9 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-If you enable this policy setting the Start menu search box will not search for files.
+If you enable this policy setting, the Start menu search box won't search for files.
 
-If you disable or do not configure this policy setting, the Start menu will search for files, unless the user chooses not to do so directly in Control Panel. If you enable this policy, a "See more results" / "Search Everywhere" link will not be shown when the user performs a search in the start menu search box.
+If you disable or don't configure this policy setting, the Start menu will search for files, unless the user chooses not to do so directly in Control Panel. If you enable this policy, a "See more results" / "Search Everywhere" link won't be shown when the user performs a search in the start menu search box.
 
 <!--/Description-->
 
@@ -2168,9 +2168,9 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-If you enable this policy the start menu search box will not search for internet history or favorites.
+If you enable this policy, the start menu search box won't search for internet history or favorites.
 
-If you disable or do not configure this policy, the start menu will search for for internet history or favorites, unless the user chooses not to in the start menu control panel.
+If you disable or don't configure this policy, the start menu will search for internet history or favorites, unless the user chooses not to in the start menu control panel.
 
 <!--/Description-->
 
@@ -2212,9 +2212,9 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-If you enable this policy setting the Start menu search box will not search for programs or Control Panel items.
+If you enable this policy setting, the Start menu search box won't search for programs or Control Panel items.
 
-If you disable or do not configure this policy setting, the Start menu search box will search for programs and Control Panel items, unless the user chooses not to do so directly in Control Panel.
+If you disable or don't configure this policy setting, the Start menu search box will search for programs and Control Panel items, unless the user chooses not to do so directly in Control Panel.
 
 <!--/Description-->
 
@@ -2262,7 +2262,7 @@ If you enable this policy setting, the Control Panel, Printers, and Network and
 
 However, users can still start Control Panel items by using other methods, such as right-clicking the desktop to start Display or right-clicking Computer to start System.
 
-If you disable or do not configure this policy setting, the Control Panel, Printers, and Network and Connection folders from Settings are available on the Start menu, and from Computer and File Explorer.
+If you disable or don't configure this policy setting, the Control Panel, Printers, and Network and Connection folders from Settings are available on the Start menu, and from Computer and File Explorer.
 
 Also, see the "Disable Control Panel," "Disable Display in Control Panel," and "Remove Network Connections from Start Menu" policy settings.
 
@@ -2312,7 +2312,7 @@ If you enable this policy setting, The user will be prevented from opening the T
 
 If the user right-clicks the taskbar and then clicks Properties, a message appears explaining that a setting prevents the action.
 
-If you disable or do not configure this policy setting, the Taskbar and Start Menu items are available from Settings on the Start menu.
+If you disable or don't configure this policy setting, the Taskbar and Start Menu items are available from Settings on the Start menu.
 
 <!--/Description-->
 
@@ -2356,9 +2356,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to remove the Downloads link from the Start Menu.
 
-If you enable this policy setting, the Start Menu does not show a link to the Downloads folder.
+If you enable this policy setting, the Start Menu doesn't show a link to the Downloads folder.
 
-If you disable or do not configure this policy setting, the Downloads link is available from the Start Menu.
+If you disable or don't configure this policy setting, the Downloads link is available from the Start Menu.
 
 <!--/Description-->
 
@@ -2400,9 +2400,9 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-If you enable this policy the Start menu will not show a link to Homegroup. It also removes the homegroup item from the Start Menu options. As a result, users cannot add the homegroup link to the Start Menu.
+If you enable this policy, the Start menu won't show a link to Homegroup. It also removes the homegroup item from the Start Menu options. As a result, users can't add the homegroup link to the Start Menu.
 
-If you disable or do not configure this policy, users can use the Start Menu options to add or remove the homegroup link from the Start Menu.
+If you disable or don't configure this policy, users can use the Start Menu options to add or remove the homegroup link from the Start Menu.
 
 <!--/Description-->
 
@@ -2446,9 +2446,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to remove the Recorded TV link from the Start Menu.
 
-If you enable this policy setting, the Start Menu does not show a link to the Recorded TV library.
+If you enable this policy setting, the Start Menu doesn't show a link to the Recorded TV library.
 
-If you disable or do not configure this policy setting, the Recorded TV link is available from the Start Menu.
+If you disable or don't configure this policy setting, the Recorded TV link is available from the Start Menu.
 
 <!--/Description-->
 
@@ -2494,11 +2494,11 @@ Hides all folders on the user-specific (top) section of the Start menu. Other it
 
 This setting is designed for use with redirected folders. Redirected folders appear on the main (bottom) section of the Start menu. However, the original, user-specific version of the folder still appears on the top section of the Start menu. Because the appearance of two folders with the same name might confuse users, you can use this setting to hide user-specific folders.
 
-Note that this setting hides all user-specific folders, not just those associated with redirected folders.
+This setting hides all user-specific folders, not just those folders associated with redirected folders.
 
 If you enable this setting, no folders appear on the top section of the Start menu. If users add folders to the Start Menu directory in their user profiles, the folders appear in the directory but not on the Start menu.
 
-If you disable this setting or do not configured it, Windows 2000 Professional and Windows XP Professional display folders on both sections of the Start menu.
+If you disable this setting or don't configure it, Windows 2000 Professional and Windows XP Professional display folders on both sections of the Start menu.
 
 <!--/Description-->
 
@@ -2542,9 +2542,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to remove the Videos link from the Start Menu.
 
-If you enable this policy setting, the Start Menu does not show a link to the Videos library.
+If you enable this policy setting, the Start Menu doesn't show a link to the Videos library.
 
-If you disable or do not configure this policy setting, the Videos link is available from the Start Menu.
+If you disable or don't configure this policy setting, the Videos link is available from the Start Menu.
 
 <!--/Description-->
 
@@ -2594,7 +2594,7 @@ If you enable this setting, the Start menu displays the classic Start menu and d
 
 If you disable this setting, the Start menu only displays in the new style, meaning the desktop icons are now on the Start page.
 
-If you do not configure this setting, the default is the new style, and the user can change the view.
+If you don't configure this setting, the default is the new style, and the user can change the view.
 
 <!--/Description-->
 
@@ -2638,9 +2638,9 @@ ADMX Info:
 <!--Description-->
 Prevents the clock in the system notification area from being displayed.
 
-If you enable this setting, the clock will not be displayed in the system notification area.
+If you enable this setting, the clock won't be displayed in the system notification area.
 
-If you disable or do not configure this setting, the default behavior of the clock appearing in the notification area will occur.
+If you disable or don't configure this setting, the default behavior of the clock appearing in the notification area will occur.
 
 <!--/Description-->
 
@@ -2688,7 +2688,7 @@ Taskbar grouping consolidates similar applications when there is no room on the
 
 If you enable this setting, it prevents the taskbar from grouping items that share the same program name. By default, this setting is always enabled.
 
-If you disable or do not configure it, items on the taskbar that share the same program are grouped together. The users have the option to disable grouping if they choose.
+If you disable or don't configure it, items on the taskbar that share the same program are grouped together. The users have the option to disable grouping, if they choose.
 
 <!--/Description-->
 
@@ -2734,9 +2734,9 @@ This setting affects the taskbar.
 
 The taskbar includes the Start button, buttons for currently running tasks, custom toolbars, the notification area, and the system clock. Toolbars include Quick Launch, Address, Links, Desktop, and other custom toolbars created by the user or by an application.
 
-If this setting is enabled, the taskbar does not display any custom toolbars, and the user cannot add any custom toolbars to the taskbar. Moreover, the "Toolbars" menu command and submenu are removed from the context menu. The taskbar displays only the Start button, taskbar buttons, the notification area, and the system clock.
+If this setting is enabled, the taskbar doesn't display any custom toolbars, and the user can't add any custom toolbars to the taskbar. Moreover, the "Toolbars" menu command and submenu are removed from the context menu. The taskbar displays only the Start button, taskbar buttons, the notification area, and the system clock.
 
-If this setting is disabled or is not configured, the taskbar displays all toolbars. Users can add or remove custom toolbars, and the "Toolbars" command appears in the context menu.
+If this setting is disabled or isn't configured, the taskbar displays all toolbars. Users can add or remove custom toolbars, and the "Toolbars" command appears in the context menu.
 
 <!--/Description-->
 
@@ -2782,9 +2782,9 @@ This policy setting allows you to remove access to the context menus for the tas
 
 If you enable this policy setting, the menus that appear when you right-click the taskbar and items on the taskbar are hidden, such as the Start button, the clock, and the taskbar buttons.
 
-If you disable or do not configure this policy setting, the context menus for the taskbar are available.
+If you disable or don't configure this policy setting, the context menus for the taskbar are available.
 
-This policy setting does not prevent users from using other methods to issue the commands that appear on these menus.
+This policy setting doesn't prevent users from using other methods to issue the commands that appear on these menus.
 
 <!--/Description-->
 
@@ -2832,7 +2832,7 @@ The notification area is located at the far right end of the task bar and includ
 
 If this setting is enabled, the user’s entire notification area, including the notification icons, is hidden. The taskbar displays only the Start button, taskbar buttons, custom toolbars (if any), and the system clock.
 
-If this setting is disabled or is not configured, the notification area is shown in the user's taskbar.
+If this setting is disabled or isn't configured, the notification area is shown in the user's taskbar.
 
 > [!NOTE]
 > Enabling this setting overrides the "Turn off notification area cleanup" setting, because if the notification area is hidden, there is no need to clean up the icons.
@@ -2877,9 +2877,9 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-If you enable this setting, users cannot uninstall apps from Start.
+If you enable this setting, users can't uninstall apps from Start.
 
-If you disable this setting or do not configure it, users can access the uninstall command from Start.
+If you disable this setting or don't configure it, users can access the uninstall command from Start.
 
 <!--/Description-->
 
@@ -2921,9 +2921,9 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-If you enable this policy the start menu will not show a link to the user's storage folder.
+If you enable this policy, the start menu won't show a link to the user's storage folder.
 
-If you disable or do not configure this policy, the start menu will display a link, unless the user chooses to remove it in the start menu control panel.
+If you disable or don't configure this policy, the start menu will display a link, unless the user chooses to remove it in the start menu control panel.
 
 <!--/Description-->
 
@@ -2969,7 +2969,7 @@ This policy setting allows you to remove the user name label from the Start Menu
 
 If you enable this policy setting, the user name label is removed from the Start Menu.
 
-If you disable or do not configure this policy setting, the user name label appears on the Start Menu.
+If you disable or don't configure this policy setting, the user name label appears on the Start Menu.
 
 <!--/Description-->
 
@@ -3017,9 +3017,9 @@ If you enable this policy setting, users are prevented from connecting to the Wi
 
 Enabling this policy setting blocks user access to the Windows Update Web site at https://windowsupdate.microsoft.com. Also, the policy setting removes the Windows Update hyperlink from the Start menu and from the Tools menu in Internet Explorer.
 
-Windows Update, the online extension of Windows, offers software updates to keep a user’s system up-to-date. The Windows Update Product Catalog determines any system files, security fixes, and Microsoft updates that users need and shows the newest versions available for download.
+Windows Update, the online extension of Windows, offers software updates to keep a user’s system up-to-date. The Windows Update Product Catalog determines any system files, security fixes, and Microsoft updates that users need, newest versions of which are displayed for download.
 
-If you disable or do not configure this policy setting, the Windows Update hyperlink is available from the Start menu and from the Tools menu in Internet Explorer.
+If you disable or don't configure this policy setting, the Windows Update hyperlink is available from the Start menu and from the Tools menu in Internet Explorer.
 
 Also, see the "Hide the "Add programs from Microsoft" option" policy setting.
 
@@ -3067,9 +3067,9 @@ Set the default action of the power button on the Start menu.
 
 If you enable this setting, the Start Menu will set the power button to the chosen action, and not let the user change this action.
 
-If you set the button to either Sleep or Hibernate, and that state is not supported on a computer, then the button will fall back to Shut Down.
+If you set the button to either Sleep or Hibernate, and that state isn't supported on a computer, then the button will fall back to Shut Down.
 
-If you disable or do not configure this setting, the Start Menu power button will be set to Shut Down by default, and the user can change this setting to another action.
+If you disable or don't configure this setting, the Start Menu power button will be set to Shut Down by default, and the user can change this setting to another action.
 
 <!--/Description-->
 
@@ -3113,11 +3113,11 @@ ADMX Info:
 <!--Description-->
 This policy setting controls whether the QuickLaunch bar is displayed in the Taskbar.
 
-If you enable this policy setting, the QuickLaunch bar will be visible and cannot be turned off.
+If you enable this policy setting, the QuickLaunch bar will be visible and can't be turned off.
 
-If you disable this policy setting, the QuickLaunch bar will be hidden and cannot be turned on.
+If you disable this policy setting, the QuickLaunch bar will be hidden and can't be turned on.
 
-If you do not configure this policy setting, then users will be able to turn the QuickLaunch bar on and off.
+If you don't configure this policy setting, then users will be able to turn the QuickLaunch bar on and off.
 
 <!--/Description-->
 
@@ -3159,9 +3159,9 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-If you enable this setting, the "Undock PC" button is removed from the simple Start Menu, and your PC cannot be undocked.
+If you enable this setting, the "Undock PC" button is removed from the simple Start Menu, and your PC can't be undocked.
 
-If you disable this setting or do not configure it, the "Undock PC" button remains on the simple Start menu, and your PC can be undocked.
+If you disable this setting or don't configure it, the "Undock PC" button remains on the simple Start menu, and your PC can be undocked.
 
 <!--/Description-->
 
@@ -3251,12 +3251,12 @@ ADMX Info:
 <!--Description-->
 This policy setting shows or hides the "Run as different user" command on the Start application bar.
 
-If you enable this setting, users can access the "Run as different user" command from Start for applications which support this functionality.
+If you enable this setting, users can access the "Run as different user" command from Start for applications that support this functionality.
 
-If you disable this setting or do not configure it, users cannot access the "Run as different user" command from Start for any applications.
+If you disable this setting or don't configure it, users can't access the "Run as different user" command from Start for any applications.
 
 > [!NOTE]
-> This setting does not prevent users from using other methods, such as the shift right-click menu on application's jumplists in the taskbar to issue the "Run as different user" command.
+> This setting doesn't prevent users from using other methods, such as the shift right-click menu on application's jumplists in the taskbar to issue the "Run as different user" command.
 
 <!--/Description-->
 
@@ -3300,7 +3300,7 @@ ADMX Info:
 <!--Description-->
 If you enable this setting, the Run command is added to the Start menu.
 
-If you disable or do not configure this setting, the Run command is not visible on the Start menu by default, but it can be added from the Taskbar and Start menu properties.
+If you disable or don't configure this setting, the Run command isn't visible on the Start menu by default, but it can be added from the Taskbar and Start menu properties.
 
 If the Remove Run link from Start Menu policy is set, the Add the Run command to the Start menu policy has no effect.
 
@@ -3386,13 +3386,13 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to removes the "Log Off `<username>`" item from the Start menu and prevents users from restoring it.
+This policy setting allows you to remove the "Log Off `<username>`" item from the Start menu and prevents users from restoring it.
 
-If you enable this policy setting, the Log Off `<username>` item does not appear in the Start menu. This policy setting also removes the Display Logoff item from Start Menu Options. As a result, users cannot restore the Log Off `<username>` item to the Start Menu.
+If you enable this policy setting, the Log Off `<username>` item doesn't appear in the Start menu. This policy setting also removes the Display Logoff item from Start Menu Options. As a result, users can't restore the Log Off `<username>` item to the Start Menu.
 
-If you disable or do not configure this policy setting, users can use the Display Logoff item to add and remove the Log Off item.
+If you disable or don't configure this policy setting, users can use the Display Logoff item to add and remove the Log Off item.
 
-This policy setting affects the Start menu only. It does not affect the Log Off item on the Windows Security dialog box that appears when you press Ctrl+Alt+Del, and it does not prevent users from using other methods to log off.
+This policy setting affects the Start menu only. It doesn't affect the Log Off item on the Windows Security dialog box that appears when you press Ctrl+Alt+Del, and it doesn't prevent users from using other methods to sign out.
 
 > [!TIP]
 > To add or remove the Log Off item on a computer, click Start, click Settings, click Taskbar and Start Menu, click the Start Menu Options tab and, in the Start Menu Settings box, click Display Logoff.
@@ -3440,7 +3440,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows pinning apps to Start by default, when they are included by AppID on the list.
+This policy setting allows pinning apps to Start by default, when they're included by AppID on the list.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-tabletshell.md b/windows/client-management/mdm/policy-csp-admx-tabletshell.md
index 5de634f174..89216a67b0 100644
--- a/windows/client-management/mdm/policy-csp-admx-tabletshell.md
+++ b/windows/client-management/mdm/policy-csp-admx-tabletshell.md
@@ -66,9 +66,9 @@ manager: dansimp
 <!--Description-->
 Prevents start of InkBall game.  
 
-If you enable this policy, the InkBall game will not run.  
+If you enable this policy, the InkBall game won't run.  
 
-If you disable this policy, the InkBall game will run.  If you do not configure this policy, the InkBall game will run.
+If you disable this policy, the InkBall game will run.  If you don't configure this policy, the InkBall game will run.
 
 <!--/Description-->
 
@@ -113,9 +113,9 @@ ADMX Info:
 <!--Description-->
 Prevents printing to Journal Note Writer.  
 
-If you enable this policy, the Journal Note Writer printer driver will not allow printing to it. It will remain displayed in the list of available printers, but attempts to print to it will fail.  
+If you enable this policy, the Journal Note Writer printer driver won't allow printing to it. It will remain displayed in the list of available printers, but attempts to print to it will fail.  
 
-If you disable this policy, you will be able to use this feature to print to a Journal Note.  If you do not configure this policy, users will be able to use this feature to print to a Journal Note.
+If you disable this policy, you'll be able to use this feature to print to a Journal Note.  If you don't configure this policy, users will be able to use this feature to print to a Journal Note.
 
 
 <!--/Description-->
diff --git a/windows/client-management/mdm/policy-csp-admx-taskbar.md b/windows/client-management/mdm/policy-csp-admx-taskbar.md
index 2abbb2c51b..515570e609 100644
--- a/windows/client-management/mdm/policy-csp-admx-taskbar.md
+++ b/windows/client-management/mdm/policy-csp-admx-taskbar.md
@@ -128,9 +128,9 @@ This policy setting removes Notifications and Action Center from the notificatio
 
 The notification area is located at the far right end of the taskbar and includes icons for current notifications and the system clock.
 
-If this setting is enabled, Notifications and Action Center is not displayed in the notification area. The user will be able to read notifications when they appear, but they won’t be able to review any notifications they miss.
+If this setting is enabled, Notifications and Action Center isn't displayed in the notification area. The user will be able to read notifications when they appear, but they won’t be able to review any notifications they miss.
 
-If you disable or do not configure this policy setting, Notification and Security and Maintenance will be displayed on the taskbar.
+If you disable or don't configure this policy setting, Notification and Security and Maintenance will be displayed on the taskbar.
 
 A reboot is required for this policy setting to take effect.
 
@@ -224,9 +224,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to remove Security and Maintenance from the system control area.
 
-If you enable this policy setting, the Security and Maintenance icon is not displayed in the system notification area.
+If you enable this policy setting, the Security and Maintenance icon isn't displayed in the system notification area.
 
-If you disable or do not configure this policy setting, the Security and Maintenance icon is displayed in the system notification area.
+If you disable or don't configure this policy setting, the Security and Maintenance icon is displayed in the system notification area.
 
 <!--/Description-->
 
@@ -269,9 +269,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to remove the networking icon from the system control area.
 
-If you enable this policy setting, the networking icon is not displayed in the system notification area.
+If you enable this policy setting, the networking icon isn't displayed in the system notification area.
 
-If you disable or do not configure this policy setting, the networking icon is displayed in the system notification area.
+If you disable or don't configure this policy setting, the networking icon is displayed in the system notification area.
 
 <!--/Description-->
 
@@ -314,9 +314,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to remove the battery meter from the system control area.
 
-If you enable this policy setting, the battery meter is not displayed in the system notification area.
+If you enable this policy setting, the battery meter isn't displayed in the system notification area.
 
-If you disable or do not configure this policy setting, the battery meter is displayed in the system notification area.
+If you disable or don't configure this policy setting, the battery meter is displayed in the system notification area.
 
 <!--/Description-->
 
@@ -359,9 +359,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to remove the volume control icon from the system control area.
 
-If you enable this policy setting, the volume control icon is not displayed in the system notification area.
+If you enable this policy setting, the volume control icon isn't displayed in the system notification area.
 
-If you disable or do not configure this policy setting, the volume control icon is displayed in the system notification area.
+If you disable or don't configure this policy setting, the volume control icon is displayed in the system notification area.
 
 <!--/Description-->
 
@@ -404,9 +404,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to turn off feature advertisement balloon notifications.
 
-If you enable this policy setting, certain notification balloons that are marked as feature advertisements are not shown.
+If you enable this policy setting, certain notification balloons that are marked as feature advertisements aren't shown.
 
-If you disable do not configure this policy setting, feature advertisement balloons are shown.
+If you disable don't configure this policy setting, feature advertisement balloons are shown.
 
 <!--/Description-->
 
@@ -449,9 +449,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to control pinning the Store app to the Taskbar.
 
-If you enable this policy setting, users cannot pin the Store app to the Taskbar. If the Store app is already pinned to the Taskbar, it will be removed from the Taskbar on next login.
+If you enable this policy setting, users can't pin the Store app to the Taskbar. If the Store app is already pinned to the Taskbar, it will be removed from the Taskbar on next sign in.
 
-If you disable or do not configure this policy setting, users can pin the Store app to the Taskbar.
+If you disable or don't configure this policy setting, users can pin the Store app to the Taskbar.
 
 <!--/Description-->
 
@@ -494,9 +494,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to control pinning items in Jump Lists.
 
-If you enable this policy setting, users cannot pin files, folders, websites, or other items to their Jump Lists in the Start Menu and Taskbar. Users also cannot unpin existing items pinned to their Jump Lists. Existing items already pinned to their Jump Lists will continue to show.
+If you enable this policy setting, users can't pin files, folders, websites, or other items to their Jump Lists in the Start Menu and Taskbar. Users also can't unpin existing items pinned to their Jump Lists. Existing items already pinned to their Jump Lists will continue to show.
 
-If you disable or do not configure this policy setting, users can pin files, folders, websites, and other items to a program's Jump List so that the items is always present in this menu.
+If you disable or don't configure this policy setting, users can pin files, folders, websites, and other items to a program's Jump List so that the items are always present in this menu.
 
 <!--/Description-->
 
@@ -539,9 +539,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to control pinning programs to the Taskbar.
 
-If you enable this policy setting, users cannot change the programs currently pinned to the Taskbar. If any programs are already pinned to the Taskbar, these programs continue to show in the Taskbar. However, users cannot unpin these programs already pinned to the Taskbar, and they cannot pin new programs to the Taskbar.
+If you enable this policy setting, users can't change the programs currently pinned to the Taskbar. If any programs are already pinned to the Taskbar, these programs continue to show in the Taskbar. However, users can't unpin these programs already pinned to the Taskbar, and they can't pin new programs to the Taskbar.
 
-If you disable or do not configure this policy setting, users can change the programs currently pinned to the Taskbar.
+If you disable or don't configure this policy setting, users can change the programs currently pinned to the Taskbar.
 
 <!--/Description-->
 
@@ -585,11 +585,14 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to control displaying or tracking items in Jump Lists from remote locations.
 
-The Start Menu and Taskbar display Jump Lists off of programs. These menus include files, folders, websites and other relevant items for that program. This helps users more easily reopen their most important documents and other tasks.
+The Start Menu and Taskbar display Jump Lists off of programs. These menus include files, folders, websites, and other relevant items for that program. This customization helps users more easily reopen their most important documents and other tasks.
 
-If you enable this policy setting, the Start Menu and Taskbar only track the files that the user opens locally on this computer. Files that the user opens over the network from remote computers are not tracked or shown in the Jump Lists. Use this setting to reduce network traffic, particularly over slow network connections.
+If you enable this policy setting, the Start Menu and Taskbar only track the files that the user opens locally on this computer. Files that the user opens over the network from remote computers aren't tracked or shown in the Jump Lists. Use this setting to reduce network traffic, particularly over slow network connections.
 
-If you disable or do not configure this policy setting, all files that the user opens appear in the menus, including files located remotely on another computer.  Note: This setting does not prevent Windows from displaying remote files that the user has explicitly pinned to the Jump Lists. See the "Do not allow pinning items in Jump Lists" policy setting.
+If you disable or don't configure this policy setting, all files that the user opens appear in the menus, including files located remotely on another computer.  
+
+> [!NOTE]
+> This setting does not prevent Windows from displaying remote files that the user has explicitly pinned to the Jump Lists. See the "Do not allow pinning items in Jump Lists" policy setting.
 
 
 <!--/Description-->
@@ -634,9 +637,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to turn off automatic promotion of notification icons to the taskbar.
 
-If you enable this policy setting, newly added notification icons are not temporarily promoted to the Taskbar. Users can still configure icons to be shown or hidden in the Notification Control Panel.
+If you enable this policy setting, newly added notification icons aren't temporarily promoted to the Taskbar. Users can still configure icons to be shown or hidden in the Notification Control Panel.
 
-If you disable or do not configure this policy setting, newly added notification icons are temporarily promoted to the Taskbar.
+If you disable or don't configure this policy setting, newly added notification icons are temporarily promoted to the Taskbar.
 
 <!--/Description-->
 
@@ -729,9 +732,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to lock all taskbar settings.
 
-If you enable this policy setting, the user cannot access the taskbar control panel. The user is also unable to resize, move or rearrange toolbars on their taskbar.
+If you enable this policy setting, the user can't access the taskbar control panel. The user is also unable to resize, move or rearrange toolbars on their taskbar.
 
-If you disable or do not configure this policy setting, the user will be able to set any taskbar setting that is not prevented by another policy setting.
+If you disable or don't configure this policy setting, the user will be able to set any taskbar setting that isn't prevented by another policy setting.
 
 <!--/Description-->
 
@@ -776,9 +779,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to prevent users from adding or removing toolbars.
 
-If you enable this policy setting, the user is not allowed to add or remove any toolbars to the taskbar. Applications are not able to add toolbars either.
+If you enable this policy setting, the user isn't allowed to add or remove any toolbars to the taskbar. Applications aren't able to add toolbars either.
 
-If you disable or do not configure this policy setting, the users and applications are able to add toolbars to the taskbar.
+If you disable or don't configure this policy setting, the users and applications are able to add toolbars to the taskbar.
 
 <!--/Description-->
 <!--ADMXBacked-->
@@ -822,9 +825,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to prevent users from rearranging toolbars.
 
-If you enable this policy setting, users are not able to drag or drop toolbars to the taskbar.
+If you enable this policy setting, users aren't able to drag or drop toolbars to the taskbar.
 
-If you disable or do not configure this policy setting, users are able to rearrange the toolbars on the taskbar.
+If you disable or don't configure this policy setting, users are able to rearrange the toolbars on the taskbar.
 
 <!--/Description-->
 <!--ADMXBacked-->
@@ -867,9 +870,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to prevent taskbars from being displayed on more than one monitor.
 
-If you enable this policy setting, users are not able to show taskbars on more than one display. The multiple display section is not enabled in the taskbar properties dialog.
+If you enable this policy setting, users aren't able to show taskbars on more than one display. The multiple display section isn't enabled in the taskbar properties dialog.
 
-If you disable or do not configure this policy setting, users can show taskbars on more than one display.
+If you disable or don't configure this policy setting, users can show taskbars on more than one display.
 
 <!--/Description-->
 
@@ -916,7 +919,7 @@ This policy setting allows you to turn off all notification balloons.
 
 If you enable this policy setting, no notification balloons are shown to the user.
 
-If you disable or do not configure this policy setting, notification balloons are shown to the user.
+If you disable or don't configure this policy setting, notification balloons are shown to the user.
 
 <!--/Description-->
 
@@ -959,9 +962,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to remove pinned programs from the taskbar.
 
-If you enable this policy setting, pinned programs are prevented from being shown on the Taskbar. Users cannot pin programs to the Taskbar.
+If you enable this policy setting, pinned programs are prevented from being shown on the Taskbar. Users can't pin programs to the Taskbar.
 
-If you disable or do not configure this policy setting, users can pin programs so that the program shortcuts stay on the Taskbar.
+If you disable or don't configure this policy setting, users can pin programs so that the program shortcuts stay on the Taskbar.
 
 <!--/Description-->
 
@@ -1005,9 +1008,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to prevent users from moving taskbar to another screen dock location.
 
-If you enable this policy setting, users are not able to drag their taskbar to another area of the monitor(s).
+If you enable this policy setting, users aren't able to drag their taskbar to another area of the monitor(s).
 
-If you disable or do not configure this policy setting, users are able to drag their taskbar to another area of the monitor unless prevented by another policy setting.
+If you disable or don't configure this policy setting, users are able to drag their taskbar to another area of the monitor unless prevented by another policy setting.
 
 <!--/Description-->
 
@@ -1052,9 +1055,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to prevent users from resizing the taskbar.
 
-If you enable this policy setting, users are not be able to resize their taskbar.
+If you enable this policy setting, users aren't be able to resize their taskbar.
 
-If you disable or do not configure this policy setting, users are able to resize their taskbar unless prevented by another setting.
+If you disable or don't configure this policy setting, users are able to resize their taskbar unless prevented by another setting.
 
 <!--/Description-->
 
@@ -1098,9 +1101,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to turn off taskbar thumbnails.
 
-If you enable this policy setting, the taskbar thumbnails are not displayed and the system uses standard text for the tooltips.
+If you enable this policy setting, the taskbar thumbnails aren't displayed and the system uses standard text for the tooltips.
 
-If you disable or do not configure this policy setting, the taskbar thumbnails are displayed.
+If you disable or don't configure this policy setting, the taskbar thumbnails are displayed.
 
 <!--/Description-->
 

From a8697dba12a2644a15c4432280a9d34f39c2f823 Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Mon, 21 Mar 2022 14:49:52 +0530
Subject: [PATCH 032/123] updated the changes

---
 .../prerequisites-microsoft-store-for-business.md             | 4 ++--
 windows/configuration/guidelines-for-assigned-access-app.md   | 2 +-
 windows/configuration/wcd/wcd-firewallconfiguration.md        | 2 +-
 .../hello-for-business/hello-hybrid-aadj-sso-base.md          | 2 +-
 4 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/store-for-business/prerequisites-microsoft-store-for-business.md b/store-for-business/prerequisites-microsoft-store-for-business.md
index 31b44cada9..d210b79bee 100644
--- a/store-for-business/prerequisites-microsoft-store-for-business.md
+++ b/store-for-business/prerequisites-microsoft-store-for-business.md
@@ -67,8 +67,8 @@ If your organization restricts computers on your network from connecting to the
 - \*.wns.windows.com
 - \*.microsoft.com
 - \*.s-microsoft.com
-- www.msftncsi.com (prior to Windows 10, version 1607)
-- `www.msftconnecttest.com/connecttest.txt` (replaces www.msftncsi.com
+- `www.msftncsi.com` (prior to Windows 10, version 1607)
+- `www.msftconnecttest.com/connecttest.txt` (replaces `www.msftncsi.com`
   starting with Windows 10, version 1607)
  
 Store for Business requires Microsoft Windows HTTP Services (WinHTTP) to install, or update apps.
diff --git a/windows/configuration/guidelines-for-assigned-access-app.md b/windows/configuration/guidelines-for-assigned-access-app.md
index 312cbd0bc3..d3dde06e05 100644
--- a/windows/configuration/guidelines-for-assigned-access-app.md
+++ b/windows/configuration/guidelines-for-assigned-access-app.md
@@ -82,7 +82,7 @@ Restart on Idle Time | Specify when Kiosk Browser should restart in a fresh stat
 > 
 > 1. Create the provisioning package. When ready to export, close the project in Windows Configuration Designer.
 > 2. Open the customizations.xml file in the project folder (e.g C:\Users\name\Documents\Windows Imaging and Configuration Designer (WICD)\Project_18). 
-> 3. Insert the null character string in between each URL (e.g www.bing.com`&#xF000; www.contoso.com)`. 
+> 3. Insert the null character string in between each URL (e.g `www.bing.com,`&#xF000; `www.contoso.com`). 
 > 4. Save the XML file.
 > 5. Open the project again in Windows Configuration Designer.
 > 6. Export the package. Ensure you do not revisit the created policies under Kiosk Browser or else the null character will be removed.
diff --git a/windows/configuration/wcd/wcd-firewallconfiguration.md b/windows/configuration/wcd/wcd-firewallconfiguration.md
index 82dcdf2dce..ff43530b93 100644
--- a/windows/configuration/wcd/wcd-firewallconfiguration.md
+++ b/windows/configuration/wcd/wcd-firewallconfiguration.md
@@ -27,4 +27,4 @@ Set to **True** or **False**.
 
 ## Related topics
 
-- For more information, see [AllJoyn – Wikipedia](https://wikipedia.org/wiki/AllJoyn).
+- [AllJoyn – Wikipedia](https://wikipedia.org/wiki/AllJoyn)
diff --git a/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md b/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md
index 61233a88d4..9496bd8da6 100644
--- a/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md
+++ b/windows/security/identity-protection/hello-for-business/hello-hybrid-aadj-sso-base.md
@@ -193,7 +193,7 @@ The web server is ready to host the CRL distribution point.  Now, configure the
 1. On the issuing certificate authority, sign-in as a local administrator.  Start the **Certificate Authority** console from **Administrative Tools**. 
 2. In the navigation pane, right-click the name of the certificate authority and click **Properties**
 3. Click **Extensions**.  On the **Extensions** tab, select **CRL Distribution Point (CDP)** from the **Select extension** list.
-4. On the **Extensions** tab, click **Add**. Type <b>http://crl.[domainname]/cdp/</b> in **location**.  For example, `<http://crl.corp.contoso.com/cdp/>` or `<http://crl.contoso.com/cdp/> (do not forget the trailing forward slash). `
+4. On the **Extensions** tab, click **Add**. Type <b>http://crl.[domainname]/cdp/</b> in **location**.  For example, `<http://crl.corp.contoso.com/cdp/>` or `<http://crl.contoso.com/cdp/>` (do not forget the trailing forward slash). 
    ![CDP New Location dialog box.](images/aadj/cdp-extension-new-location.png)
 5. Select **\<CaName>** from the **Variable** list and click **Insert**.  Select **\<CRLNameSuffix>** from the **Variable** list and click **Insert**.  Select **\<DeltaCRLAllowed>** from the **Variable** list and click **Insert**.
 6. Type **.crl** at the end of the text in **Location**. Click **OK**.

From 398a685086d51aebf5cab8de154c0eebd292f6ac Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Mon, 21 Mar 2022 15:14:32 +0530
Subject: [PATCH 033/123] Improved the acrolinx score

---
 windows/deployment/windows-deployment-scenarios-and-tools.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/deployment/windows-deployment-scenarios-and-tools.md b/windows/deployment/windows-deployment-scenarios-and-tools.md
index bc8b85555a..f94539a9e2 100644
--- a/windows/deployment/windows-deployment-scenarios-and-tools.md
+++ b/windows/deployment/windows-deployment-scenarios-and-tools.md
@@ -18,7 +18,7 @@ ms.collection: highpri
 # Windows 10 deployment scenarios and tools
 
 
-To successfully deploy the Windows 10 operating system and applications for your organization, it is essential that you know about the available tools to help with the process. In this topic, you will learn about the most commonly used tools for Windows 10 deployment.
+To successfully deploy the Windows 10 operating system and applications for your organization, it's essential that you know about the available tools to help with the process. In this topic, you'll learn about the most commonly used tools for Windows 10 deployment.
 
 Microsoft provides many tools, services, and solutions. These tools include Windows Deployment Services (WDS), the Volume Activation Management Tool (VAMT), the User State Migration Tool (USMT), Windows System Image Manager (Windows SIM), Windows Preinstallation Environment (Windows PE), and Windows Recovery Environment (Windows RE). Keep in mind that these are just tools and not a complete solution on their own. It's when you combine these tools with solutions like [Microsoft Deployment Toolkit (MDT)](./deploy-windows-mdt/prepare-for-windows-deployment-with-mdt.md) or [Configuration Manager](deploy-windows-cm/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md) that you get the complete deployment solution.
 
@@ -61,7 +61,7 @@ For more information on DISM, see [DISM technical reference](/windows-hardware/m
 USMT is a backup and restore tool that allows you to migrate user state, data, and settings from one installation to another. Microsoft Deployment Toolkit (MDT) and System Center 2012 R2 Configuration Manager use USMT as part of the operating system deployment process.
 
 **Note**  
-Occasionally, we find that customers are wary of USMT because they believe it requires significant configuration, but, as you will learn below, using USMT is not difficult. If you use MDT and Lite Touch to deploy your machines, the USMT feature is automatically configured and extended so that it is easy to use. With MDT, you do nothing at all and USMT just works.
+Occasionally, we find that customers are wary of USMT because they believe it requires significant configuration, but, as you'll learn below, using USMT isn't difficult. If you use MDT and Lite Touch to deploy your machines, the USMT feature is automatically configured and extended so that it's easy to use. With MDT, you do nothing at all and USMT just works.
 
  
 

From 368182715e4a83c1bc1fa7dd47d85bbff9067910 Mon Sep 17 00:00:00 2001
From: Siddarth Mandalika <v-smandalika@microsoft.com>
Date: Mon, 21 Mar 2022 17:34:23 +0530
Subject: [PATCH 034/123] Acrolinx enhancement effort

---
 .../mdm/policy-csp-admx-terminalserver.md     | 396 +++++++++---------
 .../mdm/policy-csp-admx-touchinput.md         |  20 +-
 .../mdm/policy-csp-admx-tpm.md                |  48 +--
 .../mdm/policy-csp-admx-userprofiles.md       |  42 +-
 .../mdm/policy-csp-admx-w32time.md            |  24 +-
 5 files changed, 265 insertions(+), 265 deletions(-)

diff --git a/windows/client-management/mdm/policy-csp-admx-terminalserver.md b/windows/client-management/mdm/policy-csp-admx-terminalserver.md
index a1920a3b5e..9dedd54d73 100644
--- a/windows/client-management/mdm/policy-csp-admx-terminalserver.md
+++ b/windows/client-management/mdm/policy-csp-admx-terminalserver.md
@@ -331,7 +331,7 @@ This policy specifies whether to allow Remote Desktop Connection clients to auto
 
 By default, a maximum  of 20 reconnection attempts are made at five-second intervals.  If the status is set to Enabled, automatic reconnection is attempted for all clients running Remote Desktop Connection whenever their network connection is lost.
 
-If the status is set to Disabled, automatic reconnection of clients is prohibited.  If the status is set to Not Configured, automatic reconnection is not specified at the  Group Policy level. However, users can configure automatic reconnection using the "Reconnect if connection is dropped" checkbox on the Experience tab in Remote Desktop Connection.
+If the status is set to Disabled, automatic reconnection of clients is prohibited.  If the status is set to Not Configured, automatic reconnection isn't specified at the  Group Policy level. However, users can configure automatic reconnection using the "Reconnect if connection is dropped" checkbox on the Experience tab in Remote Desktop Connection.
 
 <!--/Description-->
 
@@ -376,9 +376,9 @@ ADMX Info:
 <!--Description-->
 This policy setting lets you control the redirection of video capture devices to the remote computer in a Remote Desktop Services session. By default, Remote Desktop Services allows redirection of video capture devices.  
 
-If you enable this policy setting, users cannot redirect their video capture devices to the remote computer.  
+If you enable this policy setting, users can't redirect their video capture devices to the remote computer.  
 
-If you disable or do not configure this policy setting, users can redirect their video capture devices to the remote computer. Users can use the More option on the Local Resources tab of Remote Desktop Connection to choose the video capture devices to redirect to the remote computer.
+If you disable or don't configure this policy setting, users can redirect their video capture devices to the remote computer. Users can use the More option on the Local Resources tab of Remote Desktop Connection to choose the video capture devices to redirect to the remote computer.
 
 <!--/Description-->
 
@@ -425,9 +425,9 @@ This policy setting allows you to specify the name of the certificate template t
 
 A certificate is needed to authenticate an RD Session Host server when TLS 1.0, 1.1 or 1.2 is used to secure communication between a client and an RD Session Host server during RDP connections.  
 
-If you enable this policy setting, you need to specify a certificate template name. Only certificates created by using the specified certificate template will be considered when a certificate to authenticate the RD Session Host server is automatically selected. Automatic certificate selection only occurs when a specific certificate has not been selected.  
+If you enable this policy setting, you need to specify a certificate template name. Only certificates created by using the specified certificate template will be considered when a certificate to authenticate the RD Session Host server is automatically selected. Automatic certificate selection only occurs when a specific certificate hasn't been selected.  
 
-If no certificate can be found that was created with the specified certificate template, the RD Session Host server will issue a certificate enrollment request and will use the current certificate until the request is completed. If more than one certificate is found that was created with the specified certificate template, the certificate that will expire latest and that matches the current name of the RD Session Host server will be selected.  If you disable or do not configure this policy, the certificate template name is not specified at the Group Policy level. By default, a self-signed certificate is used to authenticate the RD Session Host server.  
+If no certificate can be found that was created with the specified certificate template, the RD Session Host server will issue a certificate enrollment request and will use the current certificate until the request is completed. If more than one certificate is found that was created with the specified certificate template, the certificate that will expire latest and that matches the current name of the RD Session Host server will be selected.  If you disable or don't configure this policy, the certificate template name isn't specified at the Group Policy level. By default, a self-signed certificate is used to authenticate the RD Session Host server.  
 
 >[!NOTE]
 >If you select a specific certificate to be used to authenticate the RD Session Host server, that certificate will take precedence over this policy setting.
@@ -500,11 +500,11 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to specify whether users can run Remote Desktop Protocol (.rdp) files from a publisher that signed the file with a valid certificate. A valid certificate is one that is issued by an authority recognized by the client, such as the issuers in the client's Third-Party Root Certification Authorities certificate store.
 
-This policy setting also controls whether the user can start an RDP session by using default .rdp settings (for example, when a user directly opens the Remote Desktop Connection [RDC] client without specifying an .rdp file).  
+This policy setting also controls whether the user can start an RDP session by using default .rdp settings (for example, when a user directly opens the Remote Desktop Connection [RDC] client without specifying a .rdp file).  
 
-If you enable or do not configure this policy setting, users can run .rdp files that are signed with a valid certificate. Users can also start an RDP session with default .rdp settings by directly opening the RDC client. When a user starts an RDP session, the user is asked to confirm whether they want to connect.  
+If you enable or don't configure this policy setting, users can run .rdp files that are signed with a valid certificate. Users can also start an RDP session with default .rdp settings by directly opening the RDC client. When a user starts an RDP session, the user is asked to confirm whether they want to connect.  
 
-If you disable this policy setting, users cannot run .rdp files that are signed with a valid certificate. Additionally, users cannot start an RDP session by directly opening the RDC client and specifying the remote computer name. When a user tries to start an RDP session, the user receives a message that the publisher has been blocked.  
+If you disable this policy setting, users can't run .rdp files that are signed with a valid certificate. Additionally, users can't start an RDP session by directly opening the RDC client and specifying the remote computer name. When a user tries to start an RDP session, the user receives a message that the publisher has been blocked.  
 
 >[!NOTE]
 >You can define this policy setting in the Computer Configuration node or in the User Configuration node. If you configure this policy setting for the computer, all users on the computer are affected.
@@ -551,11 +551,11 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to specify whether users can run Remote Desktop Protocol (.rdp) files from a publisher that signed the file with a valid certificate. A valid certificate is one that is issued by an authority recognized by the client, such as the issuers in the client's Third-Party Root Certification Authorities certificate store. 
 
-This policy setting also controls whether the user can start an RDP session by using default .rdp settings (for example, when a user directly opens the Remote Desktop Connection [RDC] client without specifying an .rdp file).  
+This policy setting also controls whether the user can start an RDP session by using default .rdp settings (for example, when a user directly opens the Remote Desktop Connection [RDC] client without specifying a .rdp file).  
 
-If you enable or do not configure this policy setting, users can run .rdp files that are signed with a valid certificate. Users can also start an RDP session with default .rdp settings by directly opening the RDC client. When a user starts an RDP session, the user is asked to confirm whether they want to connect.  
+If you enable or don't configure this policy setting, users can run .rdp files that are signed with a valid certificate. Users can also start an RDP session with default .rdp settings by directly opening the RDC client. When a user starts an RDP session, the user is asked to confirm whether they want to connect.  
 
-If you disable this policy setting, users cannot run .rdp files that are signed with a valid certificate. Additionally, users cannot start an RDP session by directly opening the RDC client and specifying the remote computer name. When a user tries to start an RDP session, the user receives a message that the publisher has been blocked.  
+If you disable this policy setting, users can't run .rdp files that are signed with a valid certificate. Additionally, users can't start an RDP session by directly opening the RDC client and specifying the remote computer name. When a user tries to start an RDP session, the user receives a message that the publisher has been blocked.  
 
 >[!NOTE]
 >You can define this policy setting in the Computer Configuration node or in the User Configuration node. If you configure this policy setting for the computer, all users on the computer are affected.
@@ -603,9 +603,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to specify whether users can run unsigned Remote Desktop Protocol (.rdp) files and .rdp files from unknown publishers on the client computer.  
 
-If you enable or do not configure this policy setting, users can run unsigned .rdp files and .rdp files from unknown publishers on the client computer. Before a user starts an RDP session, the user receives a warning message and is asked to confirm whether they want to connect.  
+If you enable or don't configure this policy setting, users can run unsigned .rdp files and .rdp files from unknown publishers on the client computer. Before a user starts an RDP session, the user receives a warning message and is asked to confirm whether they want to connect.  
 
-If you disable this policy setting, users cannot run unsigned .rdp files and .rdp files from unknown publishers on the client computer. If the user tries to start an RDP session, the user receives a message that the publisher has been blocked.
+If you disable this policy setting, users can't run unsigned .rdp files and .rdp files from unknown publishers on the client computer. If the user tries to start an RDP session, the user receives a message that the publisher has been blocked.
 
 <!--/Description-->
 
@@ -650,9 +650,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to specify whether users can run unsigned Remote Desktop Protocol (.rdp) files and .rdp files from unknown publishers on the client computer.  
 
-If you enable or do not configure this policy setting, users can run unsigned .rdp files and .rdp files from unknown publishers on the client computer. Before a user starts an RDP session, the user receives a warning message and is asked to confirm whether they want to connect.  
+If you enable or don't configure this policy setting, users can run unsigned .rdp files and .rdp files from unknown publishers on the client computer. Before a user starts an RDP session, the user receives a warning message and is asked to confirm whether they want to connect.  
 
-If you disable this policy setting, users cannot run unsigned .rdp files and .rdp files from unknown publishers on the client computer. If the user tries to start an RDP session, the user receives a message that the publisher has been blocked.
+If you disable this policy setting, users can't run unsigned .rdp files and .rdp files from unknown publishers on the client computer. If the user tries to start an RDP session, the user receives a message that the publisher has been blocked.
 
 <!--/Description-->
 
@@ -699,11 +699,11 @@ This policy setting allows you to specify whether users can redirect the remote
 
 Users can specify where to play the remote computer's audio output by configuring the remote audio settings on the Local Resources tab in Remote Desktop Connection (RDC). Users can choose to play the remote audio on the remote computer or on the local computer. Users can also choose to not play the audio. Video playback can be configured by using the video playback setting in a Remote Desktop Protocol (.rdp) file. By default, video playback is enabled.  
 
-By default, audio and video playback redirection is not allowed when connecting to a computer running Windows Server 2008 R2, Windows Server 2008, or Windows Server 2003. Audio and video playback redirection is allowed by default when connecting to a computer running Windows 8, Windows Server 2012, Windows 7, Windows Vista, or Windows XP Professional.  
+By default, audio and video playback redirection isn't allowed when connecting to a computer running Windows Server 2008 R2, Windows Server 2008, or Windows Server 2003. Audio and video playback redirection is allowed by default when connecting to a computer running Windows 8, Windows Server 2012, Windows 7, Windows Vista, or Windows XP Professional.  
 
 If you enable this policy setting, audio and video playback redirection is allowed.  
 
-If you disable this policy setting, audio and video playback redirection is not allowed, even if audio playback redirection is specified in RDC, or video playback is specified in the .rdp file.  If you do not configure this policy setting audio and video playback redirection is not specified at the Group Policy level.
+If you disable this policy setting, audio and video playback redirection isn't allowed, even if audio playback redirection is specified in RDC, or video playback is specified in the .rdp file.  If you don't configure this policy setting, audio and video playback redirection isn't specified at the Group Policy level.
 
 <!--/Description-->
 
@@ -748,11 +748,11 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to specify whether users can record audio to the remote computer in a Remote Desktop Services session.  Users can specify whether to record audio to the remote computer by configuring the remote audio settings on the Local Resources tab in Remote Desktop Connection (RDC).
 
-Users can record audio by using an audio input device on the local computer, such as a built-in microphone.  By default, audio recording redirection is not allowed when connecting to a computer running Windows Server 2008 R2. Audio recording redirection is allowed by default when connecting to a computer running at least Windows 7, or Windows Server 2008 R2.  
+Users can record audio by using an audio input device on the local computer, such as a built-in microphone.  By default, audio recording redirection isn't allowed when connecting to a computer running Windows Server 2008 R2. Audio recording redirection is allowed by default when connecting to a computer running at least Windows 7, or Windows Server 2008 R2.  
 
 If you enable this policy setting, audio recording redirection is allowed.  
 
-If you disable this policy setting, audio recording redirection is not allowed, even if audio recording redirection is specified in RDC.  If you do not configure this policy setting, Audio recording redirection is not specified at the Group Policy level.
+If you disable this policy setting, audio recording redirection isn't allowed, even if audio recording redirection is specified in RDC.  If you don't configure this policy setting, Audio recording redirection isn't specified at the Group Policy level.
 
 <!--/Description-->
 
@@ -795,7 +795,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to limit the audio playback quality for a Remote Desktop Services session. Limiting the quality of audio playback can improve connection performance, particularly over slow links.  If you enable this policy setting, you must select one of the following:  High, Medium, or Dynamic. If you select High, the audio will be sent without any compression and with minimum latency. This requires a large amount of bandwidth. If you select Medium, the audio will be sent with some compression and with minimum latency as determined by the codec that is being used.
+This policy setting allows you to limit the audio playback quality for a Remote Desktop Services session. Limiting the quality of audio playback can improve connection performance, particularly over slow links.  If you enable this policy setting, you must select one of the following values: High, Medium, or Dynamic. If you select High, the audio will be sent without any compression and with minimum latency. This audio transmission requires a large amount of bandwidth. If you select Medium, the audio will be sent with some compression and with minimum latency as determined by the codec that is being used.
 
 If you select Dynamic, the audio will be sent with a level of compression that is determined by the bandwidth of the remote connection.  The audio playback quality that you specify on the remote computer by using this policy setting is the maximum quality that can be used for a Remote Desktop Services session, regardless of the audio playback quality configured on the client computer.  
 
@@ -803,7 +803,7 @@ For example, if the audio playback quality configured on the client computer is
 
 Audio playback quality can be configured on the client computer by using the audioqualitymode setting in a Remote Desktop Protocol (.rdp) file. By default, audio playback quality is set to Dynamic.  
 
-If you disable or do not configure this policy setting, audio playback quality will be set to Dynamic.
+If you disable or don't configure this policy setting, audio playback quality will be set to Dynamic.
 
 <!--/Description-->
 
@@ -850,11 +850,11 @@ This policy setting specifies whether to prevent the sharing of Clipboard conten
 
 You can use this setting to prevent users from redirecting Clipboard data to and from the remote computer and the local computer. By default, Remote Desktop Services allows Clipboard redirection.  
 
-If you enable this policy setting, users cannot redirect Clipboard data.  
+If you enable this policy setting, users can't redirect Clipboard data.  
 
 If you disable this policy setting, Remote Desktop Services always allows Clipboard redirection.  
 
-If you do not configure this policy setting, Clipboard redirection is not specified at the Group Policy level.
+If you don't configure this policy setting, Clipboard redirection isn't specified at the Group Policy level.
 
 <!--/Description-->
 
@@ -899,13 +899,13 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies whether to prevent the redirection of data to client COM ports from the remote computer in a Remote Desktop Services session.  
 
-You can use this setting to prevent users from redirecting data to COM port peripherals or mapping local COM ports while they are logged on to a Remote Desktop Services session. By default, Remote Desktop Services allows this COM port redirection.  
+You can use this setting to prevent users from redirecting data to COM port peripherals or mapping local COM ports while they're logged on to a Remote Desktop Services session. By default, Remote Desktop Services allows this COM port redirection.  
 
-If you enable this policy setting, users cannot redirect server data to the local COM port.  
+If you enable this policy setting, users can't redirect server data to the local COM port.  
 
 If you disable this policy setting, Remote Desktop Services always allows COM port redirection.  
 
-If you do not configure this policy setting, COM port redirection is not specified at the Group Policy level.
+If you don't configure this policy setting, COM port redirection isn't specified at the Group Policy level.
 
 <!--/Description-->
 
@@ -956,7 +956,7 @@ If you enable this policy setting, the default printer is the printer specified
 
 If you disable this policy setting, the RD Session Host server automatically maps the client default printer and sets it as the default printer upon connection.  
 
-If you do not configure this policy setting, the default printer is not specified at the Group Policy level.
+If you don't configure this policy setting, the default printer isn't specified at the Group Policy level.
 
 <!--/Description-->
 
@@ -1001,7 +1001,7 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies whether the Remote Desktop Connection can use hardware acceleration if supported hardware is available. 
 
-If you use this setting, the Remote Desktop Client will use only software decoding. For example, if you have a problem that you suspect may be related to hardware acceleration, use this setting to disable the acceleration; then, if the problem still occurs, you will know that there are additional issues to investigate. 
+If you use this setting, the Remote Desktop Client will use only software decoding. For example, if you've a problem that you suspect may be related to hardware acceleration, use this setting to disable the acceleration; then, if the problem still occurs, you'll know that there are more issues to investigate. 
 
 If you disable this setting or leave it not configured, the Remote Desktop client will use hardware accelerated decoding if supported hardware is available.
 
@@ -1048,7 +1048,7 @@ ADMX Info:
 <!--Description-->
 This policy specifies whether to allow Remote Desktop Connection Controls whether a user can save passwords using Remote Desktop Connection.  
 
-If you enable this setting the credential saving checkbox in Remote Desktop Connection will be disabled and users will no longer be able to save passwords. When a user opens an RDP file using Remote Desktop Connection and saves his settings, any password that previously existed in the RDP file will be deleted.  
+If you enable this setting, the credential saving checkbox in Remote Desktop Connection will be disabled and users will no longer be able to save passwords. When users open an RDP file using Remote Desktop Connection and save their settings, any password that previously existed in the RDP file will be deleted.
 
 If you disable this setting or leave it not configured, the user will be able to save passwords using Remote Desktop Connection
 
@@ -1095,9 +1095,9 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies whether to prevent the redirection of data to client LPT ports during a Remote Desktop Services session.  You can use this setting to prevent users from mapping local LPT ports and redirecting data from the remote computer to local LPT port peripherals. By default, Remote Desktop Services allows LPT port redirection.  
 
-If you enable this policy setting, users in a Remote Desktop Services session cannot redirect server data to the local LPT port.  
+If you enable this policy setting, users in a Remote Desktop Services session can't redirect server data to the local LPT port.  
 
-If you disable this policy setting, LPT port redirection is always allowed.  If you do not configure this policy setting, LPT port redirection is not specified at the Group Policy level.
+If you disable this policy setting, LPT port redirection is always allowed.  If you don't configure this policy setting, LPT port redirection isn't specified at the Group Policy level.
 
 <!--/Description-->
 
@@ -1140,11 +1140,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting lets you control the redirection of supported Plug and Play and RemoteFX USB devices, such as Windows Portable Devices, to the remote computer in a Remote Desktop Services session.  By default, Remote Desktop Services does not allow redirection of supported Plug and Play and RemoteFX USB devices.  
+This policy setting lets you control the redirection of supported Plug and Play and RemoteFX USB devices, such as Windows Portable Devices, to the remote computer in a Remote Desktop Services session.  By default, Remote Desktop Services doesn't allow redirection of supported Plug and Play and RemoteFX USB devices.  
 
 If you disable this policy setting, users can redirect their supported Plug and Play devices to the remote computer. Users can use the More option on the Local Resources tab of Remote Desktop Connection to choose the supported Plug and Play devices to redirect to the remote computer.  
 
-If you enable this policy setting, users cannot redirect their supported Plug and Play devices to the remote computer.If you do not configure this policy setting, users can redirect their supported Plug and Play devices to the remote computer only if it is running Windows Server 2012 R2 and earlier versions.  
+If you enable this policy setting, users can't redirect their supported Plug and Play devices to the remote computer. If you don't configure this policy setting, users can redirect their supported Plug and Play devices to the remote computer only if it's running Windows Server 2012 R2 and earlier versions.  
 
 >[!NOTE]
 >You can disable redirection of specific types of supported Plug and Play devices by using Computer Configuration\Administrative Templates\System\Device Installation\Device Installation Restrictions policy settings.
@@ -1192,11 +1192,11 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to specify whether to prevent the mapping of client printers in Remote Desktop Services sessions.  You can use this policy setting to prevent users from redirecting print jobs from the remote computer to a printer attached to their local (client) computer. By default, Remote Desktop Services allows this client printer mapping.  
 
-If you enable this policy setting, users cannot redirect print jobs from the remote computer to a local client printer in Remote Desktop Services sessions.  
+If you enable this policy setting, users can't redirect print jobs from the remote computer to a local client printer in Remote Desktop Services sessions.  
 
 If you disable this policy setting, users can redirect print jobs with client printer mapping.  
 
-If you do not configure this policy setting, client printer mapping is not specified at the Group Policy level.
+If you don't configure this policy setting, client printer mapping isn't specified at the Group Policy level.
 
 <!--/Description-->
 
@@ -1241,16 +1241,16 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to specify a list of Secure Hash Algorithm 1 (SHA1) certificate thumbprints that represent trusted Remote Desktop Protocol (.rdp) file publishers.  
 
-If you enable this policy setting, any certificate with an SHA1 thumbprint that matches a thumbprint on the list is trusted. If a user tries to start an .rdp file that is signed by a trusted certificate, the user does not receive any warning messages when they start the file. To obtain the thumbprint, view the certificate details, and then click the Thumbprint field.  
+If you enable this policy setting, any certificate with an SHA1 thumbprint that matches a thumbprint on the list is trusted. If a user tries to start an .rdp file that is signed by a trusted certificate, the user doesn't receive any warning messages when they start the file. To obtain the thumbprint, view the certificate details, and then click the Thumbprint field.  
 
-If you disable or do not configure this policy setting, no publisher is treated as a trusted .rdp publisher.  
+If you disable or don't configure this policy setting, no publisher is treated as a trusted .rdp publisher.  
 
 >[!NOTE]
 >You can define this policy setting in the Computer Configuration node or in the User Configuration node. 
 
 If you configure this policy setting for the computer, the list of certificate thumbprints trusted for a user is a combination of the list defined for the computer and the list defined for the user.  
 
-This policy setting overrides the behavior of the "Allow .rdp files from valid publishers and user's default .rdp settings" policy setting.  If the list contains a string that is not a certificate thumbprint, it is ignored.
+This policy setting overrides the behavior of the "Allow .rdp files from valid publishers and user's default .rdp settings" policy setting. If the list contains a string that isn't a certificate thumbprint, it's ignored.
 
 <!--/Description-->
 
@@ -1295,16 +1295,16 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to specify a list of Secure Hash Algorithm 1 (SHA1) certificate thumbprints that represent trusted Remote Desktop Protocol (.rdp) file publishers.  
 
-If you enable this policy setting, any certificate with an SHA1 thumbprint that matches a thumbprint on the list is trusted. If a user tries to start an .rdp file that is signed by a trusted certificate, the user does not receive any warning messages when they start the file. To obtain the thumbprint, view the certificate details, and then click the Thumbprint field.  
+If you enable this policy setting, any certificate with an SHA1 thumbprint that matches a thumbprint on the list is trusted. If a user tries to start an .rdp file that is signed by a trusted certificate, the user doesn't receive any warning messages when they start the file. To obtain the thumbprint, view the certificate details, and then click the Thumbprint field.  
 
-If you disable or do not configure this policy setting, no publisher is treated as a trusted .rdp publisher.  
+If you disable or don't configure this policy setting, no publisher is treated as a trusted .rdp publisher.  
 
 >[!NOTE]
 >You can define this policy setting in the Computer Configuration node or in the User Configuration node. 
 
 If you configure this policy setting for the computer, the list of certificate thumbprints trusted for a user is a combination of the list defined for the computer and the list defined for the user.  
 
-This policy setting overrides the behavior of the "Allow .rdp files from valid publishers and user's default .rdp settings" policy setting.  If the list contains a string that is not a certificate thumbprint, it is ignored.
+This policy setting overrides the behavior of the "Allow .rdp files from valid publishers and user's default .rdp settings" policy setting.  If the list contains a string that isn't a certificate thumbprint, it's ignored.
 
 <!--/Description-->
 
@@ -1351,7 +1351,7 @@ This policy setting specifies whether the UDP protocol will be used to access se
 
 If you enable this policy setting, Remote Desktop Protocol traffic will only use the TCP protocol.  
 
-If you disable or do not configure this policy setting, Remote Desktop Protocol traffic will attempt to use both TCP and UDP protocols.
+If you disable or don't configure this policy setting, Remote Desktop Protocol traffic will attempt to use both TCP and UDP protocols.
 
 <!--/Description-->
 
@@ -1398,15 +1398,15 @@ This policy setting allows you to specify the maximum color resolution (color de
 
 If you enable this policy setting, the color depth that you specify is the maximum color depth allowed for a user's RDP connection. The actual color depth for the connection is determined by the color support available on the client computer. If you select Client Compatible, the highest color depth supported by the client will be used.  
 
-If you disable or do not configure this policy setting, the color depth for connections is not specified at the Group Policy level.  
+If you disable or don't configure this policy setting, the color depth for connections isn't specified at the Group Policy level.  
 
 >[!NOTE]
 > 1.	Setting the color depth to 24 bits is only supported on Windows Server 2003 and Windows XP Professional.  
->2.	The value specified in this policy setting is not applied to connections from client computers that are using at least Remote Desktop Protocol 8.0 (computers running at least Windows 8 or Windows Server 2012). The 32-bit color depth format is always used for these connections.  
+>2.	The value specified in this policy setting isn't applied to connections from client computers that are using at least Remote Desktop Protocol 8.0 (computers running at least Windows 8 or Windows Server 2012). The 32-bit color depth format is always used for these connections.  
 >3.	For connections from client computers that are using Remote Desktop Protocol 7.1 or earlier versions that are connecting to computers running at least Windows 8 or Windows Server 2012, the minimum of the following values is used as the color depth format:  
 >    - a.	Value specified by this policy setting  
 >    - b.	Maximum color depth supported by the client  
->    - c.	Value requested by the client  If the client does not support at least 16 bits, the connection is terminated.
+>    - c.	Value requested by the client  If the client doesn't support at least 16 bits, the connection is terminated.
 
 <!--/Description-->
 
@@ -1456,9 +1456,9 @@ This policy setting allows you to limit the size of the entire roaming user prof
 
 If you enable this policy setting, you must specify a monitoring interval (in minutes) and a maximum size (in gigabytes) for the entire roaming user profile cache. The monitoring interval determines how often the size of the entire roaming user profile cache is checked.
 
-When the size of the entire roaming user profile cache exceeds the maximum size that you have specified, the oldest (least recently used) roaming user profiles will be deleted until the size of the entire roaming user profile cache is less than the maximum size specified.  
+When the size of the entire roaming user profile cache exceeds the maximum size that you've specified, the oldest (least recently used) roaming user profiles will be deleted until the size of the entire roaming user profile cache is less than the maximum size specified.  
 
-If you disable or do not configure this policy setting, no restriction is placed on the size of the entire roaming user profile cache on the local drive.  Note:  This policy setting is ignored if the "Prevent Roaming Profile changes from propagating to the server" policy setting located in Computer Configuration\Policies\Administrative Templates\System\User Profiles is enabled.
+If you disable or don't configure this policy setting, no restriction is placed on the size of the entire roaming user profile cache on the local drive.  Note:  This policy setting is ignored if the "Prevent Roaming Profile changes from propagating to the server" policy setting located in Computer Configuration\Policies\Administrative Templates\System\User Profiles is enabled.
 
 <!--/Description-->
 
@@ -1503,7 +1503,7 @@ ADMX Info:
 <!--Description-->
 This policy specifies whether desktop wallpaper is displayed to remote clients connecting via Remote Desktop Services.  
 
-You can use this setting to enforce the removal of wallpaper during a Remote Desktop Services session. By default, Windows XP Professional displays wallpaper to remote clients connecting through Remote Desktop, depending on the client configuration (see the Experience tab in the Remote Desktop Connection options for more information). Servers running Windows Server 2003 do not display wallpaper by default to Remote Desktop Services sessions.  
+You can use this setting to enforce the removal of wallpaper during a Remote Desktop Services session. By default, Windows XP Professional displays wallpaper to remote clients connecting through Remote Desktop, depending on the client configuration (see the Experience tab in the Remote Desktop Connection options for more information). Servers running Windows Server 2003 don't display wallpaper by default to Remote Desktop Services sessions.  
 
 If the status is set to Enabled, wallpaper never appears in a Remote Desktop Services session.  
 
@@ -1553,10 +1553,10 @@ This policy setting enables system administrators to change the graphics renderi
 
 If you disable this policy setting, all Remote Desktop Services sessions use the Microsoft Basic Render Driver as the default adapter.  
 
-If you do not configure this policy setting, Remote Desktop Services sessions on the RD Session Host server use the Microsoft Basic Render Driver as the default adapter. In all other cases, Remote Desktop Services sessions use the hardware graphics renderer by default.  
+If you don't configure this policy setting, Remote Desktop Services sessions on the RD Session Host server use the Microsoft Basic Render Driver as the default adapter. In all other cases, Remote Desktop Services sessions use the hardware graphics renderer by default.  
 
 >[!NOTE]
->The policy setting enables load-balancing of graphics processing units (GPU) on a computer with more than one GPU installed. The GPU configuration of the local session is not affected by this policy setting.
+>The policy setting enables load-balancing of graphics processing units (GPU) on a computer with more than one GPU installed. The GPU configuration of the local session isn't affected by this policy setting.
 
 <!--/Description-->
 
@@ -1601,9 +1601,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to specify whether the Remote Desktop Easy Print printer driver is used first to install all client printers.  
 
-If you enable or do not configure this policy setting, the RD Session Host server first tries to use the Remote Desktop Easy Print printer driver to install all client printers. If for any reason the Remote Desktop Easy Print printer driver cannot be used, a printer driver on the RD Session Host server that matches the client printer is used. If the RD Session Host server does not have a printer driver that matches the client printer, the client printer is not available for the Remote Desktop session.  
+If you enable or don't configure this policy setting, the RD Session Host server first tries to use the Remote Desktop Easy Print printer driver to install all client printers. If for any reason the Remote Desktop Easy Print printer driver can't be used, a printer driver on the RD Session Host server that matches the client printer is used. If the RD Session Host server doesn't have a printer driver that matches the client printer, the client printer isn't available for the Remote Desktop session.  
 
-If you disable this policy setting, the RD Session Host server tries to find a suitable printer driver to install the client printer. If the RD Session Host server does not have a printer driver that matches the client printer, the server tries to use the Remote Desktop Easy Print driver to install the client printer. If for any reason the Remote Desktop Easy Print printer driver cannot be used, the client printer is not available for the Remote Desktop Services session.  
+If you disable this policy setting, the RD Session Host server tries to find a suitable printer driver to install the client printer. If the RD Session Host server doesn't have a printer driver that matches the client printer, the server tries to use the Remote Desktop Easy Print driver to install the client printer. If for any reason the Remote Desktop Easy Print printer driver can't be used, the client printer isn't available for the Remote Desktop Services session.  
 
 >[!NOTE]
 >If the "Do not allow client printer redirection" policy setting is enabled, the "Use Remote Desktop Easy Print printer driver first" policy setting is ignored.
@@ -1651,9 +1651,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to specify whether the Remote Desktop Easy Print printer driver is used first to install all client printers.  
 
-If you enable or do not configure this policy setting, the RD Session Host server first tries to use the Remote Desktop Easy Print printer driver to install all client printers. If for any reason the Remote Desktop Easy Print printer driver cannot be used, a printer driver on the RD Session Host server that matches the client printer is used. If the RD Session Host server does not have a printer driver that matches the client printer, the client printer is not available for the Remote Desktop session.  
+If you enable or don't configure this policy setting, the RD Session Host server first tries to use the Remote Desktop Easy Print printer driver to install all client printers. If for any reason the Remote Desktop Easy Print printer driver can't be used, a printer driver on the RD Session Host server that matches the client printer is used. If the RD Session Host server doesn't have a printer driver that matches the client printer, the client printer isn't available for the Remote Desktop session.  
 
-If you disable this policy setting, the RD Session Host server tries to find a suitable printer driver to install the client printer. If the RD Session Host server does not have a printer driver that matches the client printer, the server tries to use the Remote Desktop Easy Print driver to install the client printer. If for any reason the Remote Desktop Easy Print printer driver cannot be used, the client printer is not available for the Remote Desktop Services session.  
+If you disable this policy setting, the RD Session Host server tries to find a suitable printer driver to install the client printer. If the RD Session Host server doesn't have a printer driver that matches the client printer, the server tries to use the Remote Desktop Easy Print driver to install the client printer. If for any reason the Remote Desktop Easy Print printer driver can't be used, the client printer isn't available for the Remote Desktop Services session.  
 
 >[!NOTE]
 >If the "Do not allow client printer redirection" policy setting is enabled, the "Use Remote Desktop Easy Print printer driver first" policy setting is ignored.
@@ -1707,7 +1707,7 @@ If you enable this policy setting, RemoteFX will be used to deliver a rich user
 
 If you disable this policy setting, RemoteFX will be disabled.  
 
-If you do not configure this policy setting, the default behavior will be used. By default, RemoteFX for RD Virtualization Host is enabled and RemoteFX for RD Session Host is disabled.
+If you don't configure this policy setting, the default behavior will be used. By default, RemoteFX for RD Virtualization Host is enabled and RemoteFX for RD Session Host is disabled.
 
 <!--/Description-->
 
@@ -1750,16 +1750,16 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to specify the RD Session Host server fallback printer driver behavior. By default, the RD Session Host server fallback printer driver is disabled. If the RD Session Host server does not have a printer driver that matches the client's printer, no printer will be available for the Remote Desktop Services session.  
+This policy setting allows you to specify the RD Session Host server fallback printer driver behavior. By default, the RD Session Host server fallback printer driver is disabled. If the RD Session Host server doesn't have a printer driver that matches the client's printer, no printer will be available for the Remote Desktop Services session.  
 
-If you enable this policy setting, the fallback printer driver is enabled, and the default behavior is for the RD Session Host server to find a suitable printer driver. If one is not found, the client's printer is not available. You can choose to change this default behavior. The available options are:  
+If you enable this policy setting, the fallback printer driver is enabled, and the default behavior is for the RD Session Host server to find a suitable printer driver. If one isn't found, the client's printer isn't available. You can choose to change this default behavior. The available options are:  
 
-- **Do nothing if one is not found** - If there is a printer driver mismatch, the server will attempt to find a suitable driver. If one is not found, the client's printer is not available. This is the default behavior.  
+- **Do nothing if one is not found** - If there's a printer driver mismatch, the server will attempt to find a suitable driver. If one isn't found, the client's printer isn't available. This behavior is the default behavior.  
 - **Default to PCL if one is not found** - If no suitable printer driver can be found, default to the Printer Control Language (PCL) fallback printer driver.  
 - **Default to PS if one is not found**- If no suitable printer driver can be found, default to the PostScript (PS) fallback printer driver. 
 - **Show both PCL and PS if one is not found**- If no suitable driver can be found, show both PS and PCL-based fallback printer drivers.  
 
-If you disable this policy setting, the RD Session Host server fallback driver is disabled and the RD Session Host server will not attempt to use the fallback printer driver.  If you do not configure this policy setting, the fallback printer driver behavior is off by default.  
+If you disable this policy setting, the RD Session Host server fallback driver is disabled and the RD Session Host server won't attempt to use the fallback printer driver.  If you don't configure this policy setting, the fallback printer driver behavior is off by default.  
 
 >[!NOTE]
 >If the **Do not allow client printer redirection** setting is enabled, this policy setting is ignored and the fallback printer driver is disabled.
@@ -1805,11 +1805,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting determines whether an administrator attempting to connect remotely to the console of a server can log off an administrator currently logged on to the console.  This policy is useful when the currently connected administrator does not want to be logged off by another administrator. If the connected administrator is logged off, any data not previously saved is lost.  
+This policy setting determines whether an administrator attempting to connect remotely to the console of a server can sign out an administrator currently signed in to the console.  This policy is useful when the currently connected administrator doesn't want to be signed out by another administrator. If the connected administrator is signed out, any data not previously saved is lost.  
 
-If you enable this policy setting, logging off the connected administrator is not allowed.  
+If you enable this policy setting, signing out the connected administrator isn't allowed.  
 
-If you disable or do not configure this policy setting, logging off the connected administrator is allowed.  
+If you disable or don't configure this policy setting, signing out the connected administrator is allowed.  
 
 >[!NOTE]
 >The console session is also known as Session 0. Console access can be obtained by using the /console switch from Remote Desktop Connection in the computer field name or from the command line.
@@ -1854,17 +1854,17 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-If you enable this policy setting, when Remote Desktop Connection cannot connect directly to a remote computer (an RD Session Host server or a computer with Remote Desktop enabled), the clients will attempt to connect to the remote computer through an RD Gateway server.
+If you enable this policy setting, when Remote Desktop Connection can't connect directly to a remote computer (an RD Session Host server or a computer with Remote Desktop enabled), the clients will attempt to connect to the remote computer through an RD Gateway server.
 
 In this case, the clients will attempt to connect to the RD Gateway server that is specified in the "Set RD Gateway server address" policy setting. You can enforce this policy setting or you can allow users to overwrite this setting.
 
-By default, when you enable this policy setting, it is enforced. When this policy setting is enforced, users cannot override this setting, even if they select the "Use these RD Gateway server settings" option on the client. To enforce this policy setting, you must also specify the address of the RD Gateway server by using the "Set RD Gateway server address" policy setting, or client connection attempts to any remote computer will fail, if the client cannot connect directly to the remote computer.
+By default, when you enable this policy setting, it's enforced. When this policy setting is enforced, users can't override this setting, even if they select the "Use these RD Gateway server settings" option on the client. To enforce this policy setting, you must also specify the address of the RD Gateway server by using the "Set RD Gateway server address" policy setting, or client connection attempts to any remote computer will fail, if the client can't connect directly to the remote computer.
 
-To enhance security, it is also highly recommended that you specify the authentication method by using the "Set RD Gateway authentication method" policy setting. If you do not specify an authentication method by using this policy setting, either the NTLM protocol that is enabled on the client or a smart card can be used. To allow users to overwrite this policy setting, select the "Allow users to change this setting" check box.
+To enhance security, it's also highly recommended that you specify the authentication method by using the "Set RD Gateway authentication method" policy setting. If you don't specify an authentication method by using this policy setting, either the NTLM protocol that is enabled on the client or a smart card can be used. To allow users to overwrite this policy setting, select the "Allow users to change this setting" check box.
 
-When you do this, users on the client can choose not to connect through the RD Gateway server by selecting the "Do not use an RD Gateway server" option. Users can specify a connection method by configuring settings on the client, using an RDP file, or using an HTML script. If users do not specify a connection method, the connection method that you specify in this policy setting is used by default.
+When you enable this setting, users on the client can choose not to connect through the RD Gateway server by selecting the "Do not use an RD Gateway server" option. Users can specify a connection method by configuring settings on the client, using an RDP file, or using an HTML script. If users don't specify a connection method, the connection method that you specify in this policy setting is used by default.
 
-If you disable or do not configure this policy setting, clients will not use the RD Gateway server address that is specified in the "Set RD Gateway server address" policy setting. If an RD Gateway server is specified by the user, a client connection attempt will be made through that RD Gateway server.
+If you disable or don't configure this policy setting, clients won't use the RD Gateway server address that is specified in the "Set RD Gateway server address" policy setting. If an RD Gateway server is specified by the user, a client connection attempt will be made through that RD Gateway server.
 
 <!--/Description-->
 
@@ -1908,11 +1908,11 @@ ADMX Info:
 <!--Description-->
 This policy specifies the authentication method that clients must use when attempting to connect to an RD Session Host server through an RD Gateway server. You can enforce this policy setting or you can allow users to overwrite this policy setting. 
 
-By default, when you enable this policy setting, it is enforced. When this policy setting is enforced, users cannot override this setting, even if they select the "Use these RD Gateway server settings" option on the client.  
+By default, when you enable this policy setting, it's enforced. When this policy setting is enforced, users can't override this setting, even if they select the "Use these RD Gateway server settings" option on the client.  
 
-To allow users to overwrite this policy setting, select the "Allow users to change this setting" check box. When you do this, users can specify an alternate authentication method by configuring settings on the client, using an RDP file, or using an HTML script. If users do not specify an alternate authentication method, the authentication method that you specify in this policy setting is used by default.  
+To allow users to overwrite this policy setting, select the "Allow users to change this setting" check box. When you enable this setting, users can specify an alternate authentication method by configuring settings on the client, using an RDP file, or using an HTML script. If users don't specify an alternate authentication method, the authentication method that you specify in this policy setting is used by default.  
 
-If you disable or do not configure this policy setting, the authentication method that is specified by the user is used, if one is specified. If an authentication method is not specified, the Negotiate protocol that is enabled on the client or a smart card can be used for authentication.
+If you disable or don't configure this policy setting, the authentication method that is specified by the user is used, if one is specified. If an authentication method isn't specified, the Negotiate protocol that is enabled on the client or a smart card can be used for authentication.
 
 
 <!--/Description-->
@@ -1957,17 +1957,17 @@ ADMX Info:
 <!--Description-->
 This policy specifies the address of the RD Gateway server that clients must use when attempting to connect to an RD Session Host server. You can enforce this policy setting or you can allow users to overwrite this policy setting. 
 
-By default, when you enable this policy setting, it is enforced. When this policy setting is enforced, users cannot override this setting, even if they select the "Use these RD Gateway server settings" option on the client.  
+By default, when you enable this policy setting, it's enforced. When this policy setting is enforced, users can't override this setting, even if they select the "Use these RD Gateway server settings" option on the client.  
 
 >[!NOTE]
->It is highly recommended that you also specify the authentication method by using the **Set RD Gateway authentication method** policy setting. If you do not specify an authentication method by using this setting, either the NTLM protocol that is enabled on the client or a smart card can be used.  
+>It's highly recommended that you also specify the authentication method by using the **Set RD Gateway authentication method** policy setting. If you don't specify an authentication method by using this setting, either the NTLM protocol that is enabled on the client or a smart card can be used.  
 
 To allow users to overwrite the **Set RD Gateway server address** policy setting and connect to another RD Gateway server, you must select the **Allow users to change this setting** check box and users will be allowed to specify an alternate RD Gateway server. 
 
-Users can specify an alternative RD Gateway server by configuring settings on the client, using an RDP file, or using an HTML script. If users do not specify an alternate RD Gateway server, the server that you specify in this policy setting is used by default.  
+Users can specify an alternative RD Gateway server by configuring settings on the client, using an RDP file, or using an HTML script. If users don't specify an alternate RD Gateway server, the server that you specify in this policy setting is used by default.  
 
 >[!NOTE]
->If you disable or do not configure this policy setting, but enable the **Enable connections through RD Gateway** policy setting, client connection attempts to any remote computer will fail, if the client cannot connect directly to the remote computer. If an RD Gateway server is specified by the user, a client connection attempt will be made through that RD Gateway server.
+>If you disable or don't configure this policy setting, but enable the **Enable connections through RD Gateway** policy setting, client connection attempts to any remote computer will fail, if the client can't connect directly to the remote computer. If an RD Gateway server is specified by the user, a client connection attempt will be made through that RD Gateway server.
 
 <!--/Description-->
 
@@ -2013,9 +2013,9 @@ This policy setting allows you to specify whether the RD Session Host server sho
 
 If the policy setting is enabled, the RD Session Host server joins the farm that is specified in the RD Connection Broker farm name policy setting. The farm exists on the RD Connection Broker server that is specified in the Configure RD Connection Broker server name policy setting.  
 
-If you disable this policy setting, the server does not join a farm in RD Connection Broker, and user session tracking is not performed. If the policy setting is disabled, you cannot use either the Remote Desktop Session Host Configuration tool or the Remote Desktop Services WMI Provider to join the server to RD Connection Broker.  
+If you disable this policy setting, the server doesn't join a farm in RD Connection Broker, and user session tracking isn't performed. If the policy setting is disabled, you can't use either the Remote Desktop Session Host Configuration tool or the Remote Desktop Services WMI Provider to join the server to RD Connection Broker.  
 
-If the policy setting is not configured, the policy setting is not specified at the Group Policy level.  
+If the policy setting isn't configured, the policy setting isn't specified at the Group Policy level.  
 
 >[!NOTE] 
 >1. If you enable this policy setting, you must also enable the Configure RD Connection Broker farm name and Configure RD Connection Broker server name policy settings.  
@@ -2064,11 +2064,11 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to enter a keep-alive interval to ensure that the session state on the RD Session Host server is consistent with the client state.  
 
-After an RD Session Host server client loses the connection to an RD Session Host server, the session on the RD Session Host server might remain active instead of changing to a disconnected state, even if the client is physically disconnected from the RD Session Host server. If the client logs on to the same RD Session Host server again, a new session might be established (if the RD Session Host server is configured to allow multiple sessions), and the original session might still be active.  
+After an RD Session Host server client loses the connection to an RD Session Host server, the session on the RD Session Host server might remain active instead of changing to a disconnected state, even if the client is physically disconnected from the RD Session Host server. If the client signs in to the same RD Session Host server again, a new session might be established (if the RD Session Host server is configured to allow multiple sessions), and the original session might still be active.  
 
 If you enable this policy setting, you must enter a keep-alive interval. The keep-alive interval determines how often, in minutes, the server checks the session state. The range of values you can enter is 1 to 999,999.  
 
-If you disable or do not configure this policy setting, a keep-alive interval is not set and the server will not check the session state.
+If you disable or don't configure this policy setting, a keep-alive interval isn't set and the server won't check the session state.
 
 <!--/Description-->
 
@@ -2117,7 +2117,7 @@ You can use this policy setting to control which RD Session Host servers are iss
 
 If you enable this policy setting and this policy setting is applied to a Remote Desktop license server, the license server will only respond to RDS CAL requests from RD Session Host servers whose computer accounts are a member of the RDS Endpoint Servers group on the license server. By default, the RDS Endpoint Servers group is empty.  
 
-If you disable or do not configure this policy setting, the Remote Desktop license server issues an RDS CAL to any RD Session Host server that requests one. The RDS Endpoint Servers group is not deleted or changed in any way by disabling or not configuring this policy setting.  
+If you disable or don't configure this policy setting, the Remote Desktop license server issues an RDS CAL to any RD Session Host server that requests one. The RDS Endpoint Servers group isn't deleted or changed in any way by disabling or not configuring this policy setting.  
 
 >[!NOTE]
 >You should only enable this policy setting when the license server is a member of a domain. You can only add computer accounts for RD Session Host servers to the RDS Endpoint Servers group when the license server is a member of a domain.
@@ -2165,13 +2165,13 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to specify the order in which an RD Session Host server attempts to locate Remote Desktop license servers.  
 
-If you enable this policy setting, an RD Session Host server first attempts to locate the specified license servers. If the specified license servers cannot be located, the RD Session Host server will attempt automatic license server discovery. 
+If you enable this policy setting, an RD Session Host server first attempts to locate the specified license servers. If the specified license servers can't be located, the RD Session Host server will attempt automatic license server discovery. 
 
 In the automatic license server discovery process, an RD Session Host server in a Windows Server-based domain attempts to contact a license server in the following order:  
 1. Remote Desktop license servers that are published in Active Directory Domain Services.  
 2. Remote Desktop license servers that are installed on domain controllers in the same domain as the RD Session Host server.  
  
-1If you disable or do not configure this policy setting, the RD Session Host server does not specify a license server at the Group Policy level.
+1If you disable or don't configure this policy setting, the RD Session Host server doesn't specify a license server at the Group Policy level.
 
 <!--/Description-->
 
@@ -2216,11 +2216,11 @@ ADMX Info:
 <!--Description-->
 This policy setting determines whether notifications are displayed on an RD Session Host server when there are problems with RD Licensing that affect the RD Session Host server.  
 
-By default, notifications are displayed on an RD Session Host server after you log on as a local administrator, if there are problems with RD Licensing that affect the RD Session Host server. If applicable, a notification will also be displayed that notes the number of days until the licensing grace period for the RD Session Host server will expire.  
+By default, notifications are displayed on an RD Session Host server after you sign in as a local administrator, if there are problems with RD Licensing that affect the RD Session Host server. If applicable, a notification will also be displayed that notes the number of days until the licensing grace period for the RD Session Host server will expire.  
 
-If you enable this policy setting, these notifications will not be displayed on the RD Session Host server.  
+If you enable this policy setting, these notifications won't be displayed on the RD Session Host server.  
 
-If you disable or do not configure this policy setting, these notifications will be displayed on the RD Session Host server after you log on as a local administrator.
+If you disable or don't configure this policy setting, these notifications will be displayed on the RD Session Host server after you sign in as a local administrator.
 
 <!--/Description-->
 
@@ -2265,14 +2265,14 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to specify the type of Remote Desktop Services client access license (RDS CAL) that is required to connect to this RD Session Host server.  
 
-You can use this policy setting to select one of three licensing modes: Per User , Per Device and AAD Per User .  
+You can use this policy setting to select one of three licensing modes: Per User, Per Device, and AAD Per User.  
 - Per User licensing mode requires that each user account connecting to this RD Session Host server have an RDS Per User CAL issued from an RD Licensing server.  
 - Per Device licensing mode requires that each device connecting to this RD Session Host server have an RDS Per Device CAL issued from an RD Licensing server.  
 - AAD Per User licensing mode requires that each user account connecting to this RD Session Host server have a service plan that supports RDS licenses assigned in AAD.    
 
 If you enable this policy setting, the Remote Desktop licensing mode that you specify is honored by the Remote Desktop license server and RD Session Host.  
 
-If you disable or do not configure this policy setting, the licensing mode is not specified at the Group Policy level.
+If you disable or don't configure this policy setting, the licensing mode isn't specified at the Group Policy level.
 
 <!--/Description-->
 
@@ -2315,7 +2315,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy specifies whether Remote Desktop Services limits the number of simultaneous connections to the server.  You can use this setting to restrict the number of Remote Desktop Services sessions that can be active on a server. If this number is exceeded, additional users who try to connect receive an error message telling them that the server is busy and to try again later. Restricting the number of sessions improves performance because fewer sessions are demanding system resources. 
+This policy specifies whether Remote Desktop Services limits the number of simultaneous connections to the server.  You can use this setting to restrict the number of Remote Desktop Services sessions that can be active on a server. If this number is exceeded, other users who try to connect receive an error message telling them that the server is busy and to try again later. Restricting the number of sessions improves performance because fewer sessions are demanding system resources. 
 
 By default, RD Session Host servers allow an unlimited number of Remote Desktop Services sessions, and Remote Desktop for Administration allows two Remote Desktop Services sessions.  
 
@@ -2323,7 +2323,7 @@ To use this setting, enter the number of connections you want to specify as the
 
 If the status is set to Enabled, the maximum number of connections is limited to the specified number consistent with the version of Windows and the mode of Remote Desktop Services running on the server.  
 
-If the status is set to Disabled or Not Configured, limits to the number of connections are not enforced at the Group Policy level.  
+If the status is set to Disabled or Not Configured, limits to the number of connections aren't enforced at the Group Policy level.  
 
 >[!NOTE] 
 >This setting is designed to be used on RD Session Host servers (that is, on servers running Windows with Remote Desktop Session Host role service installed).
@@ -2373,7 +2373,7 @@ This policy setting allows you to specify the maximum display resolution that ca
 
 If you enable this policy setting, you must specify a resolution width and height. The resolution specified will be the maximum resolution that can be used by each monitor used to display a Remote Desktop Services session.  
 
-If you disable or do not configure this policy setting, the maximum resolution that can be used by each monitor to display a Remote Desktop Services session will be determined by the values specified on the Display Settings tab in the Remote Desktop Session Host Configuration tool.
+If you disable or don't configure this policy setting, the maximum resolution that can be used by each monitor to display a Remote Desktop Services session will be determined by the values specified on the Display Settings tab in the Remote Desktop Session Host Configuration tool.
 
 <!--/Description-->
 
@@ -2420,7 +2420,7 @@ This policy setting allows you to limit the number of monitors that a user can u
 
 If you enable this policy setting, you can specify the number of monitors that can be used to display a Remote Desktop Services session. You can specify a number from 1 to 16.  
 
-If you disable or do not configure this policy setting, the number of monitors that can be used to display a Remote Desktop Services session is not specified at the Group Policy level.
+If you disable or don't configure this policy setting, the number of monitors that can be used to display a Remote Desktop Services session isn't specified at the Group Policy level.
 
 <!--/Description-->
 
@@ -2465,14 +2465,14 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to remove the "Disconnect" option from the Shut Down Windows dialog box in Remote Desktop Services sessions.  You can use this policy setting to prevent users from using this familiar method to disconnect their client from an RD Session Host server.  
 
-If you enable this policy setting, "Disconnect" does not appear as an option in the drop-down list in the Shut Down Windows dialog box.  
+If you enable this policy setting, "Disconnect" doesn't appear as an option in the drop-down list in the Shut Down Windows dialog box.  
 
-If you disable or do not configure this policy setting, "Disconnect" is not removed from the list in the Shut Down Windows dialog box.  
+If you disable or don't configure this policy setting, "Disconnect" isn't removed from the list in the Shut Down Windows dialog box.  
 
 >[!NOTE]
->This policy setting affects only the Shut Down Windows dialog box. It does not prevent users from using other methods to disconnect from a Remote Desktop Services session. 
+>This policy setting affects only the Shut Down Windows dialog box. It doesn't prevent users from using other methods to disconnect from a Remote Desktop Services session. 
 
-This policy setting also does not prevent disconnected sessions at the server. You can control how long a disconnected session remains active on the server by configuring the **Computer Configuration\Administrative Templates\Windows Components\Remote Desktop Services\RD Session Host\Session Time Limits\Set time limit for disconnected sessions** policy setting.
+This policy setting also doesn't prevent disconnected sessions at the server. You can control how long a disconnected session remains active on the server by configuring the **Computer Configuration\Administrative Templates\Windows Components\Remote Desktop Services\RD Session Host\Session Time Limits\Set time limit for disconnected sessions** policy setting.
 
 <!--/Description-->
 
@@ -2517,7 +2517,7 @@ ADMX Info:
 <!--Description-->
 This policy specifies whether to remove the Windows Security item from the Settings menu on Remote Desktop clients. You can use this setting to prevent inexperienced users from logging off from Remote Desktop Services inadvertently.  
 
-If the status is set to Enabled, Windows Security does not appear in Settings on the Start menu. As a result, users must type a security attention sequence, such as CTRL+ALT+END, to open the Windows Security dialog box on the client computer.  
+If the status is set to Enabled, Windows Security doesn't appear in Settings on the Start menu. As a result, users must type a security attention sequence, such as CTRL+ALT+END, to open the Windows Security dialog box on the client computer.  
 
 If the status is set to Disabled or Not Configured, Windows Security remains in the Settings menu.
 
@@ -2566,13 +2566,13 @@ This policy setting allows you to specify which version of Remote Desktop Servic
 
 A license server attempts to provide the most appropriate RDS or TS CAL for a connection. For example, a Windows Server 2008 license server will try to issue a Windows Server 2008 TS CAL for clients connecting to a terminal server running Windows Server 2008, and will try to issue a Windows Server 2003 TS CAL for clients connecting to a terminal server running Windows Server 2003.  
 
-By default, if the most appropriate RDS CAL is not available for a connection, a Windows Server 2008 license server will issue a Windows Server 2008 TS CAL, if available, to the following:  
+By default, if the most appropriate RDS CAL isn't available for a connection, a Windows Server 2008 license server will issue a Windows Server 2008 TS CAL, if available, to the following types of clients:  
 - A client connecting to a Windows Server 2003 terminal server 
 - A client connecting to a Windows 2000 terminal server  
 
-If you enable this policy setting, the license server will only issue a temporary RDS CAL to the client if an appropriate RDS CAL for the RD Session Host server is not available. If the client has already been issued a temporary RDS CAL and the temporary RDS CAL has expired, the client will not be able to connect to the RD Session Host server unless the RD Licensing grace period for the RD Session Host server has not expired.  
+If you enable this policy setting, the license server will only issue a temporary RDS CAL to the client if an appropriate RDS CAL for the RD Session Host server isn't available. If the client has already been issued a temporary RDS CAL and the temporary RDS CAL has expired, the client won't be able to connect to the RD Session Host server unless the RD Licensing grace period for the RD Session Host server hasn't expired.  
 
-If you disable or do not configure this policy setting, the license server will exhibit the default behavior noted earlier.
+If you disable or don't configure this policy setting, the license server will exhibit the default behavior noted earlier.
 
 <!--/Description-->
 
@@ -2617,14 +2617,14 @@ ADMX Info:
 <!--Description-->
 This policy setting determines whether a user will be prompted on the client computer to provide credentials for a remote connection to an RD Session Host server.  
 
-If you enable this policy setting, a user will be prompted on the client computer instead of on the RD Session Host server to provide credentials for a remote connection to an RD Session Host server. If saved credentials for the user are available on the client computer, the user will not be prompted to provide credentials.  
+If you enable this policy setting, a user will be prompted on the client computer instead of on the RD Session Host server to provide credentials for a remote connection to an RD Session Host server. If saved credentials for the user are available on the client computer, the user won't be prompted to provide credentials.  
 
 >[!NOTE] 
 >If you enable this policy setting in releases of Windows Server 2008 R2 with SP1 or Windows Server 2008 R2, and a user is prompted on both the client computer and on the RD Session Host server to provide credentials, clear the Always prompt for password check box on the Log on Settings tab in Remote Desktop Session Host Configuration.  
 
-If you disable or do not configure this policy setting, the version of the operating system on the RD Session Host server will determine when a user is prompted to provide credentials for a remote connection to an RD Session Host server.  
+If you disable or don't configure this policy setting, the version of the operating system on the RD Session Host server will determine when a user is prompted to provide credentials for a remote connection to an RD Session Host server.  
 
-For Windows Server 2003 and Windows 2000 Server a user will be prompted on the terminal server to provide credentials for a remote connection. For Windows Server 2008 and Windows Server 2008 R2, a user will be prompted on the client computer to provide credentials for a remote connection.
+For Windows Server 2003 and Windows 2000 Server, a user will be prompted on the terminal server to provide credentials for a remote connection. For Windows Server 2008 and Windows Server 2008 R2, a user will be prompted on the client computer to provide credentials for a remote connection.
 
 <!--/Description-->
 
@@ -2670,11 +2670,11 @@ ADMX Info:
 
 This policy setting specifies the default connection URL for RemoteApp and Desktop Connections. The default connection URL is a specific connection that can only be configured by using Group Policy. In addition to the capabilities that are common to all connections, the default connection URL allows document file types to be associated with RemoteApp programs.  The default connection URL must be configured in the form of [http://contoso.com/rdweb/Feed/webfeed.aspx](http://contoso.com/rdweb/Feed/webfeed.aspx).    
 
-- If you enable this policy setting, the specified URL is configured as the default connection URL for the user and replaces any existing connection URL. The user cannot change the default connection URL. The user's default logon credentials are used when setting up the default connection URL.  
+- If you enable this policy setting, the specified URL is configured as the default connection URL for the user and replaces any existing connection URL. The user can't change the default connection URL. The user's default sign-in credentials are used when setting up the default connection URL.  
 
-- If you disable or do not configure this policy setting, the user has no default connection URL.  
+- If you disable or don't configure this policy setting, the user has no default connection URL.  
 
-RemoteApp programs that are installed through RemoteApp and Desktop Connections from an un-trusted server can compromise the security of a user's account.
+RemoteApp programs that are installed through RemoteApp and Desktop Connections from an untrusted server can compromise the security of a user's account.
 
 
 <!--/Description-->
@@ -2720,9 +2720,9 @@ ADMX Info:
 
 This policy setting allows you to specify whether the app registration is completed before showing the Start screen to the user.  By default, when a new user signs in to a computer, the Start screen is shown and apps are registered in the background. However, some apps may not work until app registration is complete.  
 
-- If you enable this policy setting, user sign-in is blocked for up to 6 minutes to complete the app registration. You can use this policy setting when customizing the Start screen on Remote Desktop Session Host servers.  
+- If you enable this policy setting, user sign in is blocked for up to 6 minutes to complete the app registration. You can use this policy setting when customizing the Start screen on Remote Desktop Session Host servers.  
 
-- If you disable or do not configure this policy setting, the Start screen is shown and apps are registered in the background.
+- If you disable or don't configure this policy setting, the Start screen is shown and apps are registered in the background.
 
 
 <!--/Description-->
@@ -2861,11 +2861,11 @@ ADMX Info:
 This policy setting allows you to specify the visual experience that remote users will have in Remote Desktop Connection (RDC) connections that use RemoteFX. You can use this policy to balance the network bandwidth usage with the type of graphics experience that is delivered.  Depending on the requirements of your users, you can reduce network bandwidth usage by reducing the screen capture rate. 
 
 You can also reduce network bandwidth usage by reducing the image quality (increasing the amount of image compression that is performed).  
-If you have a higher than average bandwidth network, you can maximize the utilization of bandwidth by selecting the highest setting for screen capture rate and the highest setting for image quality. 
+If you've a higher than average bandwidth network, you can maximize the utilization of bandwidth by selecting the highest setting for screen capture rate and the highest setting for image quality. 
  
 By default, Remote Desktop Connection sessions that use RemoteFX are optimized for a balanced experience over LAN conditions. 
 
-If you disable or do not configure this policy setting, Remote Desktop Connection sessions that use RemoteFX will be the same as if the medium screen capture rate and the medium image compression settings were selected (the default behavior).
+If you disable or don't configure this policy setting, Remote Desktop Connection sessions that use RemoteFX will be the same as if the medium screen capture rate and the medium image compression settings were selected (the default behavior).
 
 <!--/Description-->
 
@@ -2909,14 +2909,14 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to specify the name of a farm to join in RD Connection Broker. RD Connection Broker uses the farm name to determine which RD Session Host servers are in the same RD Session Host server farm. 
 
-Therefore, you must use the same farm name for all RD Session Host servers in the same load-balanced farm. The farm name does not have to correspond to a name in Active Directory Domain Services. If you specify a new farm name, a new farm is created in RD Connection Broker. If you specify an existing farm name, the server joins that farm in RD Connection Broker.  
+Therefore, you must use the same farm name for all RD Session Host servers in the same load-balanced farm. The farm name doesn't have to correspond to a name in Active Directory Domain Services. If you specify a new farm name, a new farm is created in RD Connection Broker. If you specify an existing farm name, the server joins that farm in RD Connection Broker.  
 
 - If you enable this policy setting, you must specify the name of a farm in RD Connection Broker.  
 
-- If you disable or do not configure this policy setting, the farm name is not specified at the Group Policy level.  
+- If you disable or don't configure this policy setting, the farm name isn't specified at the Group Policy level.  
 
 > [!NOTE]
-> This policy setting is not effective unless both the Join RD Connection Broker and the Configure RD Connection Broker server name policy settings are enabled and configured by using Group Policy.
+> This policy setting isn't effective unless both the Join RD Connection Broker and the Configure RD Connection Broker server name policy settings are enabled and configured by using Group Policy.
 
 For Windows Server 2008, this policy setting is supported on at least Windows Server 2008 Standard.
 
@@ -2963,9 +2963,9 @@ This policy setting allows you to specify the redirection method to use when a c
 
 - If you enable this policy setting, a Remote Desktop Services client queries the RD Connection Broker server and is redirected to their existing session by using the IP address of the RD Session Host server where their session exists. To use this redirection method, client computers must be able to connect directly by IP address to RD Session Host servers in the farm.  
 
-- If you disable this policy setting, the IP address of the RD Session Host server is not sent to the client. Instead, the IP address is embedded in a token. When a client reconnects to the load balancer, the routing token is used to redirect the client to their existing session on the correct RD Session Host server in the farm. Only disable this setting when your network load-balancing solution supports the use of RD Connection Broker routing tokens and you do not want clients to directly connect by IP address to RD Session Host servers in the load-balanced farm. 
+- If you disable this policy setting, the IP address of the RD Session Host server isn't sent to the client. Instead, the IP address is embedded in a token. When a client reconnects to the load balancer, the routing token is used to redirect the client to their existing session on the correct RD Session Host server in the farm. Only disable this setting when your network load-balancing solution supports the use of RD Connection Broker routing tokens and you don't want clients to directly connect by IP address to RD Session Host servers in the load-balanced farm. 
 
-If you do not configure this policy setting, the Use IP address redirection policy setting is not enforced at the group Group policy Policy level and the default will be used. This setting is enabled by default.  
+If you don't configure this policy setting, the Use IP address redirection policy setting isn't enforced at the group Group policy Policy level and the default will be used. This setting is enabled by default.  
 
 > [!NOTE]
 > For Windows Server 2008, this policy setting is supported on at least Windows Server 2008 Standard.
@@ -3014,12 +3014,12 @@ The specified server must be running the Remote Desktop Connection Broker servic
 
 - If you enable this policy setting, you must specify the RD Connection Broker server by using its fully qualified domain name (FQDN). In Windows Server 2012, for a high availability setup with multiple RD Connection Broker servers, you must provide a semi-colon separated list of the FQDNs of all the RD Connection Broker servers.  
 
-- If you disable or do not configure this policy setting, the policy setting is not specified at the Group Policy level.
+- If you disable or don't configure this policy setting, the policy setting isn't specified at the Group Policy level.
 
 
 > [!NOTE]
 > For Windows Server 2008, this policy setting is supported on at least Windows Server 2008 Standard.
-> This policy setting is not effective unless the Join RD Connection Broker policy setting is enabled.
+> This policy setting isn't effective unless the Join RD Connection Broker policy setting is enabled.
 > To be an active member of an RD Session Host server farm, the computer account for each RD Session Host server in the farm must be a member of one of the following local groups on the RD Connection Broker server: Session Directory Computers, Session Broker Computers, or RDS Endpoint Servers.
 
 
@@ -3069,11 +3069,11 @@ This policy setting specifies whether to require the use of a specific security
 
 The following security methods are available:  
 
-- **Negotiate**: The Negotiate method enforces the most secure method that is supported by the client. If Transport Layer Security (TLS) version 1.0 is supported, it is used to authenticate the RD Session Host server. If TLS is not supported, native Remote Desktop Protocol (RDP) encryption is used to secure communications, but the RD Session Host server is not authenticated. Native RDP encryption (as opposed to SSL encryption) is not recommended.  
-- **RDP**: The RDP method uses native RDP encryption to secure communications between the client and RD Session Host server. If you select this setting, the RD Session Host server is not authenticated. Native RDP encryption (as opposed to SSL encryption) is not recommended.  
-- **SSL (TLS 1.0)**: The SSL method requires the use of TLS 1.0 to authenticate the RD Session Host server. If TLS is not supported, the connection fails. This is the recommended setting for this policy.  
+- **Negotiate**: The Negotiate method enforces the most secure method that is supported by the client. If Transport Layer Security (TLS) version 1.0 is supported, it's used to authenticate the RD Session Host server. If TLS isn't supported, native Remote Desktop Protocol (RDP) encryption is used to secure communications, but the RD Session Host server isn't authenticated. Native RDP encryption (as opposed to SSL encryption) isn't recommended.  
+- **RDP**: The RDP method uses native RDP encryption to secure communications between the client and RD Session Host server. If you select this setting, the RD Session Host server isn't authenticated. Native RDP encryption (as opposed to SSL encryption) isn't recommended.  
+- **SSL (TLS 1.0)**: The SSL method requires the use of TLS 1.0 to authenticate the RD Session Host server. If TLS isn't supported, the connection fails. This enablement is the recommended setting for this policy.  
 
-If you disable or do not configure this policy setting, the security method to be used for remote connections to RD Session Host servers is not specified at the Group Policy level.
+If you disable or don't configure this policy setting, the security method to be used for remote connections to RD Session Host servers isn't specified at the Group Policy level.
 
 <!--/Description-->
 
@@ -3118,13 +3118,13 @@ ADMX Info:
 This policy setting allows you to specify how the Remote Desktop Protocol will try to detect the network quality (bandwidth and latency).  
 You can choose to disable Connect Time Detect, Continuous Network Detect, or both Connect Time Detect and Continuous Network Detect.  
 
-- If you disable Connect Time Detect, Remote Desktop Protocol will not determine the network quality at the connect time, and it will assume that all traffic to this server originates from a low-speed connection.  
+- If you disable Connect Time Detect, Remote Desktop Protocol won't determine the network quality at the connect time, and it will assume that all traffic to this server originates from a low-speed connection.  
 
-- If you disable Continuous Network Detect, Remote Desktop Protocol will not try to adapt the remote user experience to varying network quality.  
+- If you disable Continuous Network Detect, Remote Desktop Protocol won't try to adapt the remote user experience to varying network quality.  
 
-- If you disable Connect Time Detect and Continuous Network Detect, Remote Desktop Protocol will not try to determine the network quality at the connect time; instead it will assume that all traffic to this server originates from a low-speed connection, and it will not try to adapt the user experience to varying network quality.  
+- If you disable Connect Time Detect and Continuous Network Detect, Remote Desktop Protocol won't try to determine the network quality at the connect time; instead it will assume that all traffic to this server originates from a low-speed connection, and it won't try to adapt the user experience to varying network quality.  
 
-- If you disable or do not configure this policy setting, Remote Desktop Protocol will spend up to a few seconds trying to determine the network quality prior to the connection, and it will continuously try to adapt the user experience to varying network quality.
+- If you disable or don't configure this policy setting, Remote Desktop Protocol will spend up to a few seconds trying to determine the network quality prior to the connection, and it will continuously try to adapt the user experience to varying network quality.
 
 <!--/Description-->
 
@@ -3171,9 +3171,9 @@ This policy setting allows you to specify which protocols can be used for Remote
 
 - If you enable this policy setting, you must specify if you would like RDP to use UDP.  You can select one of the following options: "Use both UDP and TCP", "Use only TCP" or "Use either UDP or TCP (default)"  
 
-If you select "Use either UDP or TCP" and the UDP connection is successful, most of the RDP traffic will use UDP.  If the UDP connection is not successful or if you select "Use only TCP," all of the RDP traffic will use TCP.  
+If you select "Use either UDP or TCP" and the UDP connection is successful, most of the RDP traffic will use UDP.  If the UDP connection isn't successful or if you select "Use only TCP," all of the RDP traffic will use TCP.  
 
-- If you disable or do not configure this policy setting, RDP will choose the optimal protocols for delivering the best user experience.
+- If you disable or don't configure this policy setting, RDP will choose the optimal protocols for delivering the best user experience.
 
 <!--/Description-->
 
@@ -3217,11 +3217,11 @@ ADMX Info:
 <!--/Scope-->
 <!--Description-->
 This policy setting allows you to enable RemoteApp programs to use advanced graphics, including support for transparency, live thumbnails, and seamless application moves. 
-This policy setting applies only to RemoteApp programs and does not apply to remote desktop sessions.  
+This policy setting applies only to RemoteApp programs and doesn't apply to remote desktop sessions.  
 
-- If you enable or do not configure this policy setting, RemoteApp programs published from this RD Session Host server will use these advanced graphics.  
+- If you enable or don't configure this policy setting, RemoteApp programs published from this RD Session Host server will use these advanced graphics.  
 
-- If you disable this policy setting, RemoteApp programs published from this RD Session Host server will not use these advanced graphics. You may want to choose this option if you discover that applications published as RemoteApp programs do not support these advanced graphics.
+- If you disable this policy setting, RemoteApp programs published from this RD Session Host server won't use these advanced graphics. You may want to choose this option if you discover that applications published as RemoteApp programs don't support these advanced graphics.
 
 <!--/Description-->
 
@@ -3264,17 +3264,17 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to specify whether the client will establish a connection to the RD Session Host server when the client cannot authenticate the RD Session Host server.  
+This policy setting allows you to specify whether the client will establish a connection to the RD Session Host server when the client can't authenticate the RD Session Host server.  
 
 - If you enable this policy setting, you must specify one of the following settings:  
 
-    - Always connect, even if authentication fails: The client connects to the RD Session Host server even if the client cannot authenticate the RD Session Host server.  
+    - Always connect, even if authentication fails: The client connects to the RD Session Host server even if the client can't authenticate the RD Session Host server.  
 
-    - Warn me if authentication fails: The client attempts to authenticate the RD Session Host server. If the RD Session Host server can be authenticated, the client establishes a connection to the RD Session Host server. If the RD Session Host server cannot be authenticated, the user is prompted to choose whether to connect to the RD Session Host server without authenticating the RD Session Host server. 
+    - Warn me if authentication fails: The client attempts to authenticate the RD Session Host server. If the RD Session Host server can be authenticated, the client establishes a connection to the RD Session Host server. If the RD Session Host server can't be authenticated, the user is prompted to choose whether to connect to the RD Session Host server without authenticating the RD Session Host server. 
 
-    - Do not connect if authentication fails: The client establishes a connection to the RD Session Host server only if the RD Session Host server can be authenticated.  
+    - don't connect if authentication fails: The client establishes a connection to the RD Session Host server only if the RD Session Host server can be authenticated.  
 
-- If you disable or do not configure this policy setting, the authentication setting that is specified in Remote Desktop Connection or in the .rdp file determines whether the client establishes a connection to the RD Session Host server when the client cannot authenticate the RD Session Host server.
+- If you disable or don't configure this policy setting, the authentication setting that is specified in Remote Desktop Connection or in the .rdp file determines whether the client establishes a connection to the RD Session Host server when the client can't authenticate the RD Session Host server.
 
 <!--/Description-->
 
@@ -3319,9 +3319,9 @@ ADMX Info:
 <!--Description-->
 This policy setting lets you enable H.264/AVC hardware encoding support for Remote Desktop Connections. 
 
-- When you enable hardware encoding, if an error occurs, we will attempt to use software encoding. 
+- When you enable hardware encoding, if an error occurs, we'll attempt to use software encoding. 
 
-- If you disable or do not configure this policy, we will always use software encoding.
+- If you disable or don't configure this policy, we'll always use software encoding.
 
 <!--/Description-->
 
@@ -3415,11 +3415,11 @@ This policy setting allows you to specify which Remote Desktop Protocol (RDP) co
 
 If you select the algorithm that is optimized to use less network bandwidth, this option uses less network bandwidth, but is more memory-intensive. Additionally, a third option is available that balances memory usage and network bandwidth. 
 
-In Windows  8 only the compression algorithm that balances memory usage and bandwidth is used.  You can also choose not to use an RDP compression algorithm. Choosing not to use an RDP compression algorithm will use more network bandwidth and is only recommended if you are using a hardware device that is designed to optimize network traffic. 
+In Windows  8 only the compression algorithm that balances memory usage and bandwidth is used.  You can also choose not to use an RDP compression algorithm. Choosing not to use an RDP compression algorithm will use more network bandwidth and is only recommended if you're using a hardware device that is designed to optimize network traffic. 
 
 Even if you choose not to use an RDP compression algorithm, some graphics data will still be compressed.  
 
-- If you disable or do not configure this policy setting, the default RDP compression algorithm will be used.
+- If you disable or don't configure this policy setting, the default RDP compression algorithm will be used.
 
 <!--/Description-->
 
@@ -3469,9 +3469,9 @@ This policy setting allows you to specify the visual quality for remote users wh
 
 - If you enable this policy setting and set quality to High, RemoteFX Adaptive Graphics uses an encoding mechanism that results in high quality images and consumes moderate network bandwidth.  
 
-- If you enable this policy setting and set quality to Lossless, RemoteFX Adaptive Graphics uses lossless encoding. In this mode, the color integrity of the graphics data is not impacted. However, this setting results in a significant increase in network bandwidth consumption. We recommend that you set this for very specific cases only.  
+- If you enable this policy setting and set quality to Lossless, RemoteFX Adaptive Graphics uses lossless encoding. In this mode, the color integrity of the graphics data isn't impacted. However, this setting results in a significant increase in network bandwidth consumption. We recommend that you enable this setting for specific cases only.  
 
-- If you disable or do not configure this policy setting, RemoteFX Adaptive Graphics uses an encoding mechanism that results in medium quality images.
+- If you disable or don't configure this policy setting, RemoteFX Adaptive Graphics uses an encoding mechanism that results in medium quality images.
 
 <!--/Description-->
 
@@ -3519,7 +3519,7 @@ When deployed on an RD Virtualization Host server, RemoteFX delivers a rich user
 
 - If you enable this policy setting, RemoteFX will be used to deliver a rich user experience over LAN connections and RDP 7.1.  
 
-- If you disable this policy setting, RemoteFX will be disabled.  If you do not configure this policy setting, the default behavior will be used. By default, RemoteFX for RD Virtualization Host is enabled and RemoteFX for RD Session Host is disabled.
+- If you disable this policy setting, RemoteFX will be disabled.  If you don't configure this policy setting, the default behavior will be used. By default, RemoteFX for RD Virtualization Host is enabled and RemoteFX for RD Session Host is disabled.
 
 <!--/Description-->
 
@@ -3567,7 +3567,7 @@ This policy setting allows the administrator to configure the RemoteFX experienc
 If you enable this policy setting, the RemoteFX experience could be set to one of the following options:  
 1. Let the system choose the experience for the network condition  
 2. Optimize for server scalability  
-3. Optimize for minimum bandwidth usage  If you disable or do not configure this policy setting, the RemoteFX experience will change dynamically based on the network condition."
+3. Optimize for minimum bandwidth usage. If you disable or don't configure this policy setting, the RemoteFX experience will change dynamically based on the network condition."
 
 <!--/Description-->
 
@@ -3614,7 +3614,7 @@ This policy setting allows you to specify the visual experience that remote user
 
 - If you enable this policy setting, you must select the visual experience for which you want to optimize Remote Desktop Services sessions. You can select either Rich multimedia or Text.  
 
-- If you disable or do not configure this policy setting, Remote Desktop Services sessions are optimized for rich multimedia.
+- If you disable or don't configure this policy setting, Remote Desktop Services sessions are optimized for rich multimedia.
 
 <!--/Description-->
 
@@ -3659,9 +3659,9 @@ ADMX Info:
 
 This policy setting lets you enable WDDM graphics display driver for Remote Desktop Connections.  
 
-- If you enable or do not configure this policy setting, Remote Desktop Connections will use WDDM graphics display driver.  
+- If you enable or don't configure this policy setting, Remote Desktop Connections will use WDDM graphics display driver.  
 
-- If you disable this policy setting, Remote Desktop Connections will NOT use WDDM graphics display driver. In this case, the Remote Desktop Connections will use XDDM graphics display driver.  For this change to take effect, you must restart Windows.
+- If you disable this policy setting, Remote Desktop Connections won't use WDDM graphics display driver. In this case, the Remote Desktop Connections will use XDDM graphics display driver.  For this change to take effect, you must restart Windows.
 
 <!--/Description-->
 
@@ -3710,11 +3710,11 @@ See the policy settings Set time limit for active Remote Desktop Services sessio
 
 - If you enable this policy setting, Remote Desktop Services ends any session that reaches its time-out limit.  
 
-- If you disable this policy setting, Remote Desktop Services always disconnects a timed-out session, even if specified otherwise by the server administrator. If you do not configure this policy setting, Remote Desktop Services disconnects a timed-out session, unless specified otherwise in local settings.  
+- If you disable this policy setting, Remote Desktop Services always disconnects a timed-out session, even if specified otherwise by the server administrator. If you don't configure this policy setting, Remote Desktop Services disconnects a timed-out session, unless specified otherwise in local settings.  
 
 This policy setting only applies to time-out limits that are explicitly set by the administrator. 
 
-This policy setting does not apply to time-out events that occur due to connectivity or network conditions. This setting appears in both Computer Configuration and User Configuration. If both settings are configured, the Computer Configuration setting takes precedence.
+This policy setting doesn't apply to time-out events that occur due to connectivity or network conditions. This setting appears in both Computer Configuration and User Configuration. If both settings are configured, the Computer Configuration setting takes precedence.
 
 <!--/Description-->
 
@@ -3763,11 +3763,11 @@ See the policy settings Set time limit for active Remote Desktop Services sessio
 
 - If you enable this policy setting, Remote Desktop Services ends any session that reaches its time-out limit.  
 
-- If you disable this policy setting, Remote Desktop Services always disconnects a timed-out session, even if specified otherwise by the server administrator. If you do not configure this policy setting, Remote Desktop Services disconnects a timed-out session, unless specified otherwise in local settings.  
+- If you disable this policy setting, Remote Desktop Services always disconnects a timed-out session, even if specified otherwise by the server administrator. If you don't configure this policy setting, Remote Desktop Services disconnects a timed-out session, unless specified otherwise in local settings.  
 
 This policy setting only applies to time-out limits that are explicitly set by the administrator. 
 
-This policy setting does not apply to time-out events that occur due to connectivity or network conditions. This setting appears in both Computer Configuration and User Configuration. If both settings are configured, the Computer Configuration setting takes precedence.
+This policy setting doesn't apply to time-out events that occur due to connectivity or network conditions. This setting appears in both Computer Configuration and User Configuration. If both settings are configured, the Computer Configuration setting takes precedence.
 
 <!--/Description-->
 
@@ -3813,9 +3813,9 @@ ADMX Info:
 This policy setting allows you to configure a time limit for disconnected Remote Desktop Services sessions.  You can use this policy setting to specify the maximum amount of time that a disconnected session remains active on the server. By default, Remote Desktop Services allows users to disconnect from a Remote Desktop Services session without logging off and ending the session.  
 When a session is in a disconnected state, running programs are kept active even though the user is no longer actively connected. By default, these disconnected sessions are maintained for an unlimited time on the server.  
 
-- If you enable this policy setting, disconnected sessions are deleted from the server after the specified amount of time. To enforce the default behavior that disconnected sessions are maintained for an unlimited time, select Never. If you have a console session, disconnected session time limits do not apply.  
+- If you enable this policy setting, disconnected sessions are deleted from the server after the specified amount of time. To enforce the default behavior that disconnected sessions are maintained for an unlimited time, select Never. If you've a console session, disconnected session time limits don't apply.  
 
-- If you disable or do not configure this policy setting, this policy setting is not specified at the Group Policy level. Be default, Remote Desktop Services disconnected sessions are maintained for an unlimited amount of time.  
+- If you disable or don't configure this policy setting, this policy setting isn't specified at the Group Policy level. Be default, Remote Desktop Services disconnected sessions are maintained for an unlimited amount of time.  
 
 >[!NOTE]
 > This policy setting appears in both Computer Configuration and User Configuration. If both policy settings are configured, the Computer Configuration policy setting takes precedence.
@@ -3864,9 +3864,9 @@ ADMX Info:
 This policy setting allows you to configure a time limit for disconnected Remote Desktop Services sessions.  You can use this policy setting to specify the maximum amount of time that a disconnected session remains active on the server. By default, Remote Desktop Services allows users to disconnect from a Remote Desktop Services session without logging off and ending the session.  
 When a session is in a disconnected state, running programs are kept active even though the user is no longer actively connected. By default, these disconnected sessions are maintained for an unlimited time on the server.  
 
-- If you enable this policy setting, disconnected sessions are deleted from the server after the specified amount of time. To enforce the default behavior that disconnected sessions are maintained for an unlimited time, select Never. If you have a console session, disconnected session time limits do not apply.  
+- If you enable this policy setting, disconnected sessions are deleted from the server after the specified amount of time. To enforce the default behavior that disconnected sessions are maintained for an unlimited time, select Never. If you've a console session, disconnected session time limits don't apply.  
 
-- If you disable or do not configure this policy setting, this policy setting is not specified at the Group Policy level. Be default, Remote Desktop Services disconnected sessions are maintained for an unlimited amount of time.  
+- If you disable or don't configure this policy setting, this policy setting isn't specified at the Group Policy level. Be default, Remote Desktop Services disconnected sessions are maintained for an unlimited amount of time.  
 
 >[!NOTE]
 > This policy setting appears in both Computer Configuration and User Configuration. If both policy settings are configured, the Computer Configuration policy setting takes precedence.
@@ -3912,11 +3912,11 @@ ADMX Info:
 <!--/Scope-->
 <!--Description-->
 
-This policy setting allows you to specify the maximum amount of time that an active Remote Desktop Services session can be idle (without user input) before it is automatically disconnected.  
+This policy setting allows you to specify the maximum amount of time that an active Remote Desktop Services session can be idle (without user input) before it's automatically disconnected.  
 
-- If you enable this policy setting, you must select the desired time limit in the Idle session limit list. Remote Desktop Services will automatically disconnect active but idle sessions after the specified amount of time. The user receives a warning two minutes before the session disconnects, which allows the user to press a key or move the mouse to keep the session active. If you have a console session, idle session time limits do not apply.  
+- If you enable this policy setting, you must select the desired time limit in the Idle session limit list. Remote Desktop Services will automatically disconnect active but idle sessions after the specified amount of time. The user receives a warning two minutes before the session disconnects, which allows the user to press a key or move the mouse to keep the session active. If you've a console session, idle session time limits don't apply.  
 
-- If you disable or do not configure this policy setting, the time limit is not specified at the Group Policy level. By default,  Remote Desktop Services allows sessions to remain active but idle for an unlimited amount of time.  
+- If you disable or don't configure this policy setting, the time limit isn't specified at the Group Policy level. By default,  Remote Desktop Services allows sessions to remain active but idle for an unlimited amount of time.  
 
 If you want Remote Desktop Services to end instead of disconnect a session when the time limit is reached, you can configure the policy setting Computer Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Session Time Limits\End session when time limits are reached.  
 
@@ -3964,11 +3964,11 @@ ADMX Info:
 <!--/Scope-->
 <!--Description-->
 
-This policy setting allows you to specify the maximum amount of time that an active Remote Desktop Services session can be idle (without user input) before it is automatically disconnected.  
+This policy setting allows you to specify the maximum amount of time that an active Remote Desktop Services session can be idle (without user input) before it's automatically disconnected.  
 
-- If you enable this policy setting, you must select the desired time limit in the Idle session limit list. Remote Desktop Services will automatically disconnect active but idle sessions after the specified amount of time. The user receives a warning two minutes before the session disconnects, which allows the user to press a key or move the mouse to keep the session active. If you have a console session, idle session time limits do not apply.  
+- If you enable this policy setting, you must select the desired time limit in the Idle session limit list. Remote Desktop Services will automatically disconnect active but idle sessions after the specified amount of time. The user receives a warning two minutes before the session disconnects, which allows the user to press a key or move the mouse to keep the session active. If you've a console session, idle session time limits don't apply.  
 
-- If you disable or do not configure this policy setting, the time limit is not specified at the Group Policy level. By default,  Remote Desktop Services allows sessions to remain active but idle for an unlimited amount of time.  
+- If you disable or don't configure this policy setting, the time limit isn't specified at the Group Policy level. By default,  Remote Desktop Services allows sessions to remain active but idle for an unlimited amount of time.  
 
 If you want Remote Desktop Services to end instead of disconnect a session when the time limit is reached, you can configure the policy setting Computer Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Session Time Limits\End session when time limits are reached.  
 
@@ -4016,11 +4016,11 @@ ADMX Info:
 <!--/Scope-->
 <!--Description-->
 
-This policy setting allows you to specify the maximum amount of time that a Remote Desktop Services session can be active before it is automatically disconnected.  
+This policy setting allows you to specify the maximum amount of time that a Remote Desktop Services session can be active before it's automatically disconnected.  
 
-- If you enable this policy setting, you must select the desired time limit in the Active session limit list. Remote Desktop Services will automatically disconnect active sessions after the specified amount of time. The user receives a warning two minutes before the Remote Desktop Services session disconnects, which allows the user to save open files and close programs. If you have a console session, active session time limits do not apply.  
+- If you enable this policy setting, you must select the desired time limit in the Active session limit list. Remote Desktop Services will automatically disconnect active sessions after the specified amount of time. The user receives a warning two minutes before the Remote Desktop Services session disconnects, which allows the user to save open files and close programs. If you've a console session, active session time limits don't apply.  
 
-- If you disable or do not configure this policy setting, this policy setting is not specified at the Group Policy level. By default, Remote Desktop Services allows sessions to remain active for an unlimited amount of time.  
+- If you disable or don't configure this policy setting, this policy setting isn't specified at the Group Policy level. By default, Remote Desktop Services allows sessions to remain active for an unlimited amount of time.  
 
 If you want Remote Desktop Services to end instead of disconnect a session when the time limit is reached, you can configure the policy setting Computer Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Session Time Limits\End session when time limits are reached.  
 
@@ -4069,11 +4069,11 @@ ADMX Info:
 <!--/Scope-->
 <!--Description-->
 
-This policy setting allows you to specify the maximum amount of time that a Remote Desktop Services session can be active before it is automatically disconnected.  
+This policy setting allows you to specify the maximum amount of time that a Remote Desktop Services session can be active before it's automatically disconnected.  
 
-- If you enable this policy setting, you must select the desired time limit in the Active session limit list. Remote Desktop Services will automatically disconnect active sessions after the specified amount of time. The user receives a warning two minutes before the Remote Desktop Services session disconnects, which allows the user to save open files and close programs. If you have a console session, active session time limits do not apply.  
+- If you enable this policy setting, you must select the desired time limit in the Active session limit list. Remote Desktop Services will automatically disconnect active sessions after the specified amount of time. The user receives a warning two minutes before the Remote Desktop Services session disconnects, which allows the user to save open files and close programs. If you've a console session, active session time limits don't apply.  
 
-- If you disable or do not configure this policy setting, this policy setting is not specified at the Group Policy level. By default, Remote Desktop Services allows sessions to remain active for an unlimited amount of time.  
+- If you disable or don't configure this policy setting, this policy setting isn't specified at the Group Policy level. By default, Remote Desktop Services allows sessions to remain active for an unlimited amount of time.  
 
 If you want Remote Desktop Services to end instead of disconnect a session when the time limit is reached, you can configure the policy setting Computer Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Session Time Limits\End session when time limits are reached.  
 
@@ -4122,11 +4122,11 @@ ADMX Info:
 <!--/Scope-->
 <!--Description-->
 
-This policy setting allows you to restrict users to a single Remote Desktop Services session.  If you enable this policy setting, users who log on remotely by using Remote Desktop Services will be restricted to a single session (either active or disconnected) on that server. 
+This policy setting allows you to restrict users to a single Remote Desktop Services session. If you enable this policy setting, users who sign in remotely by using Remote Desktop Services will be restricted to a single session (either active or disconnected) on that server. 
 
-If the user leaves the session in a disconnected state, the user automatically reconnects to that session at the next logon.  
+If the user leaves the session in a disconnected state, the user automatically reconnects to that session at the next sign in.  
 
-If you disable this policy setting, users are allowed to make unlimited simultaneous remote connections by using Remote Desktop Services.  If you do not configure this policy setting,  this policy setting is not specified at the Group Policy level.
+If you disable this policy setting, users are allowed to make unlimited simultaneous remote connections by using Remote Desktop Services.  If you don't configure this policy setting,  this policy setting isn't specified at the Group Policy level.
 
 
 <!--/Description-->
@@ -4172,9 +4172,9 @@ ADMX Info:
 
 This policy setting allows you to control the redirection of smart card devices in a Remote Desktop Services session.  
 
-- If you enable this policy setting, Remote Desktop Services users cannot use a smart card to log on to a Remote Desktop Services session.  
+- If you enable this policy setting, Remote Desktop Services users can't use a smart card to sign in to a Remote Desktop Services session.  
 
-- If you disable or do not configure this policy setting, smart card device redirection is allowed. By default, Remote Desktop Services automatically redirects smart card devices on connection.  
+- If you disable or don't configure this policy setting, smart card device redirection is allowed. By default, Remote Desktop Services automatically redirects smart card devices on connection.  
 
 >[!NOTE]
 > The client computer must be running at least Microsoft Windows 2000 Server or at least Microsoft Windows XP Professional and the target server must be joined to a domain.
@@ -4220,11 +4220,11 @@ ADMX Info:
 <!--/Scope-->
 <!--Description-->
 
-Configures Remote Desktop Services to run a specified program automatically upon connection.  You can use this setting to specify a program to run automatically when a user logs on to a remote computer. By default, Remote Desktop Services sessions provide access to the full Windows desktop, unless otherwise specified with this setting, by the server administrator, or by the user in configuring the client connection. Enabling this setting overrides the "Start Program" settings set by the server administrator or user. 
+Configures Remote Desktop Services to run a specified program automatically upon connection.  You can use this setting to specify a program to run automatically when a user signs in to a remote computer. By default, Remote Desktop Services sessions provide access to the full Windows desktop, unless otherwise specified with this setting, by the server administrator, or by the user in configuring the client connection. Enabling this setting overrides the "Start Program" settings set by the server administrator or user. 
 
-The Start menu and Windows Desktop are not displayed, and when the user exits the program the session is automatically logged off. To use this setting, in Program path and file name, type the fully qualified path and file name of the executable file to be run when the user logs on. If necessary, in Working Directory, type the fully qualified path to the starting directory for the program. 
+The Start menu and Windows Desktop aren't displayed, and when the user exits the program the session is automatically logged off. To use this setting, in Program path and file name, type the fully qualified path and file name of the executable file to be run when the user logs on. If necessary, in Working Directory, type the fully qualified path to the starting directory for the program. 
 
-If you leave Working Directory blank, the program runs with its default working directory. If the specified program path, file name, or working directory is not the name of a valid directory, the RD Session Host server connection fails with an error message. If the status is set to Enabled, Remote Desktop Services sessions automatically run the specified program and use the specified Working Directory (or the program default directory, if Working Directory is not specified) as the working directory for the program.  If the status is set to Disabled or Not Configured, Remote Desktop Services sessions start with the full desktop, unless the server administrator or user specify otherwise. (See "Computer Configuration\Administrative Templates\System\Logon\Run these programs at user logon" setting.)  
+If you leave Working Directory blank, the program runs with its default working directory. If the specified program path, file name, or working directory isn't the name of a valid directory, the RD Session Host server connection fails with an error message. If the status is set to Enabled, Remote Desktop Services sessions automatically run the specified program and use the specified Working Directory (or the program default directory, if Working Directory isn't specified) as the working directory for the program.  If the status is set to Disabled or Not Configured, Remote Desktop Services sessions start with the full desktop, unless the server administrator or user specify otherwise. (See "Computer Configuration\Administrative Templates\System\Logon\Run these programs at user logon" setting.)  
 
 >[!NOTE]
 > This setting appears in both Computer Configuration and User Configuration. If both settings are configured, the Computer Configuration setting overrides.
@@ -4270,11 +4270,11 @@ ADMX Info:
 <!--/Scope-->
 <!--Description-->
 
-Configures Remote Desktop Services to run a specified program automatically upon connection.  You can use this setting to specify a program to run automatically when a user logs on to a remote computer. By default, Remote Desktop Services sessions provide access to the full Windows desktop, unless otherwise specified with this setting, by the server administrator, or by the user in configuring the client connection. Enabling this setting overrides the "Start Program" settings set by the server administrator or user. 
+Configures Remote Desktop Services to run a specified program automatically upon connection. You can use this setting to specify a program to run automatically when a user signs in to a remote computer. By default, Remote Desktop Services sessions provide access to the full Windows desktop, unless otherwise specified with this setting, by the server administrator, or by the user in configuring the client connection. Enabling this setting overrides the "Start Program" settings set by the server administrator or user. 
 
-The Start menu and Windows Desktop are not displayed, and when the user exits the program the session is automatically logged off. To use this setting, in Program path and file name, type the fully qualified path and file name of the executable file to be run when the user logs on. If necessary, in Working Directory, type the fully qualified path to the starting directory for the program. 
+The Start menu and Windows Desktop aren't displayed, and when the user exits the program the session is automatically logged off. To use this setting, in Program path and file name, type the fully qualified path and file name of the executable file to be run when the user logs on. If necessary, in Working Directory, type the fully qualified path to the starting directory for the program. 
 
-If you leave Working Directory blank, the program runs with its default working directory. If the specified program path, file name, or working directory is not the name of a valid directory, the RD Session Host server connection fails with an error message. If the status is set to Enabled, Remote Desktop Services sessions automatically run the specified program and use the specified Working Directory (or the program default directory, if Working Directory is not specified) as the working directory for the program.  If the status is set to Disabled or Not Configured, Remote Desktop Services sessions start with the full desktop, unless the server administrator or user specify otherwise. (See "Computer Configuration\Administrative Templates\System\Logon\Run these programs at user logon" setting.)  
+If you leave Working Directory blank, the program runs with its default working directory. If the specified program path, file name, or working directory isn't the name of a valid directory, the RD Session Host server connection fails with an error message. If the status is set to Enabled, Remote Desktop Services sessions automatically run the specified program and use the specified Working Directory (or the program default directory, if Working Directory isn't specified) as the working directory for the program.  If the status is set to Disabled or Not Configured, Remote Desktop Services sessions start with the full desktop, unless the server administrator or user specify otherwise. (See "Computer Configuration\Administrative Templates\System\Logon\Run these programs at user logon" setting.)  
 
 >[!NOTE]
 > This setting appears in both Computer Configuration and User Configuration. If both settings are configured, the Computer Configuration setting overrides.
@@ -4320,14 +4320,14 @@ ADMX Info:
 <!--/Scope-->
 <!--Description-->
 
-This policy setting specifies whether Remote Desktop Services retains a user's per-session temporary folders at logoff.  You can use this setting to maintain a user's session-specific temporary folders on a remote computer, even if the user logs off from a session. By default, Remote Desktop Services deletes a user's temporary folders when the user logs off.  
+This policy setting specifies whether Remote Desktop Services retains a user's per-session temporary folders at sign out. You can use this setting to maintain a user's session-specific temporary folders on a remote computer, even if the user signs out from a session. By default, Remote Desktop Services deletes a user's temporary folders when the user signs out.  
 
-If you enable this policy setting, a user's per-session temporary folders are retained when the user logs off from a session.  
+If you enable this policy setting, a user's per-session temporary folders are retained when the user signs out from a session.  
 
-If you disable this policy setting, temporary folders are deleted when a user logs off, even if the server administrator specifies otherwise. If you do not configure this policy setting, Remote Desktop Services deletes the temporary folders from the remote computer at logoff, unless specified otherwise by the server administrator.  
+If you disable this policy setting, temporary folders are deleted when a user signs out, even if the server administrator specifies otherwise. If you don't configure this policy setting, Remote Desktop Services deletes the temporary folders from the remote computer at sign out, unless specified otherwise by the server administrator.  
   
 >[!NOTE]
-> This setting only takes effect if per-session temporary folders are in use on the server. If you enable the Do not use temporary folders per session policy setting, this policy setting has no effect.
+> This setting only takes effect if per-session temporary folders are in use on the server. If you enable the don't use temporary folders per session policy setting, this policy setting has no effect.
 
 <!--/Description-->
 
@@ -4372,11 +4372,11 @@ ADMX Info:
 
 This policy setting allows you to prevent Remote Desktop Services from creating session-specific temporary folders.  
 
-You can use this policy setting to disable the creation of separate temporary folders on a remote computer for each session. By default, Remote Desktop Services creates a separate temporary folder for each active session that a user maintains on a remote computer. These temporary folders are created on the remote computer in a Temp folder under the user's profile folder and are named with the sessionid.  
+You can use this policy setting to disable the creation of separate temporary folders on a remote computer for each session. By default, Remote Desktop Services creates a separate temporary folder for each active session that a user maintains on a remote computer. These temporary folders are created on the remote computer in a Temp folder under the user's profile folder and are named with the session ID.  
 
-- If you enable this policy setting, per-session temporary folders are not created. Instead, a user's temporary files for all sessions on the remote computer are stored in a common Temp folder under the user's profile folder on the remote computer.  
+- If you enable this policy setting, per-session temporary folders aren't created. Instead, a user's temporary files for all sessions on the remote computer are stored in a common Temp folder under the user's profile folder on the remote computer.  
 
-- If you disable this policy setting, per-session temporary folders are always created, even if the server administrator specifies otherwise. If you do not configure this policy setting, per-session temporary folders are created unless the server administrator specifies otherwise.
+- If you disable this policy setting, per-session temporary folders are always created, even if the server administrator specifies otherwise. If you don't configure this policy setting, per-session temporary folders are created unless the server administrator specifies otherwise.
 
 <!--/Description-->
 
@@ -4423,7 +4423,7 @@ This policy setting allows you to specify whether the client computer redirects
 
 - If you enable this policy setting, clients that are capable of time zone redirection send their time zone information to the server. The server base time is then used to calculate the current session time (current session time = server base time + client time zone).  
 
-- If you disable or do not configure this policy setting, the client computer does not redirect its time zone information and the session time zone is the same as the server time zone.  
+- If you disable or don't configure this policy setting, the client computer doesn't redirect its time zone information and the session time zone is the same as the server time zone.  
 
 >[!NOTE]
 > Time zone redirection is possible only when connecting to at least a Microsoft Windows Server 2003 terminal server with a client using RDP 5.1 or later.
@@ -4471,9 +4471,9 @@ ADMX Info:
 
 This policy setting specifies whether to disable the administrator rights to customize security permissions for the Remote Desktop Session Host server. You can use this setting to prevent administrators from making changes to the user groups allowed to connect remotely to the  RD Session Host server. By default, administrators are able to make such changes.  
 
-- If you enable this policy setting the default security descriptors for existing groups on the RD Session Host server cannot be changed. All the security descriptors are read-only.  
+- If you enable this policy setting, the default security descriptors for existing groups on the RD Session Host server can't be changed. All the security descriptors are read-only.  
 
-- If you disable or do not configure this policy setting, server administrators have full read/write permissions to the user security descriptors by using the Remote Desktop Session WMI Provider.  
+- If you disable or don't configure this policy setting, server administrators have full read/write permissions to the user security descriptors by using the Remote Desktop Session WMI Provider.  
 
 >[!NOTE]
 > The preferred method of managing user access is by adding a user to the Remote Desktop Users group.
@@ -4523,7 +4523,7 @@ This policy setting determines whether the desktop is always displayed after a c
 
 - If you enable this policy setting, the desktop is always displayed when a client connects to a remote computer. This policy setting overrides any initial program policy settings.  
 
-- If you disable or do not configure this policy setting, an initial program can be specified that runs on the remote computer after the client connects to the remote computer. If an initial program is not specified, the desktop is always displayed on the remote computer after the client connects to the remote computer.  
+- If you disable or don't configure this policy setting, an initial program can be specified that runs on the remote computer after the client connects to the remote computer. If an initial program isn't specified, the desktop is always displayed on the remote computer after the client connects to the remote computer.  
 
 >[!NOTE]
 > If this policy setting is enabled, then the "Start a program on connection" policy setting is ignored.
@@ -4571,11 +4571,11 @@ ADMX Info:
 
 This policy setting allows you to restrict users to a single Remote Desktop Services session.  
 
-If you enable this policy setting, users who log on remotely by using Remote Desktop Services will be restricted to a single session (either active or disconnected) on that server. If the user leaves the session in a disconnected state, the user automatically reconnects to that session at the next logon.  
+If you enable this policy setting, users who sign in remotely by using Remote Desktop Services will be restricted to a single session (either active or disconnected) on that server. If the user leaves the session in a disconnected state, the user automatically reconnects to that session at the next sign in.  
 
 - If you disable this policy setting, users are allowed to make unlimited simultaneous remote connections by using Remote Desktop Services.  
 
-- If you do not configure this policy setting,  this policy setting is not specified at the Group Policy level.
+- If you don't configure this policy setting,  this policy setting isn't specified at the Group Policy level.
 
 <!--/Description-->
 
@@ -4618,9 +4618,9 @@ ADMX Info:
 <!--/Scope-->
 <!--Description-->
 
-This policy setting allows you to permit RDP redirection of other supported RemoteFX USB devices from this computer. Redirected RemoteFX USB devices will not be available for local usage on this computer.  
+This policy setting allows you to permit RDP redirection of other supported RemoteFX USB devices from this computer. Redirected RemoteFX USB devices won't be available for local usage on this computer.  
 If you enable this policy setting, you can choose to give the ability to redirect other supported RemoteFX USB devices over RDP to all users or only to users who are in the Administrators group on the computer. 
-If you disable or do not configure this policy setting, other supported RemoteFX USB devices are not available for RDP redirection by using any user account. For this change to take effect, you must restart Windows.
+If you disable or don't configure this policy setting, other supported RemoteFX USB devices aren't available for RDP redirection by using any user account. For this change to take effect, you must restart Windows.
 
 <!--/Description-->
 
@@ -4667,7 +4667,7 @@ This policy setting enhances security by requiring that user authentication occu
 
 - If you enable this policy setting, only client computers that support Network Level Authentication can connect to the RD Session Host server. To determine whether a client computer supports Network Level Authentication, start Remote Desktop Connection on the client computer, click the icon in the upper-left corner of the Remote Desktop Connection dialog box, and then click About. In the About Remote Desktop Connection dialog box, look for the phrase Network Level Authentication supported.  
 
-- If you disable this policy setting, Network Level Authentication is not required for user authentication before allowing remote connections to the RD Session Host server. If you do not configure this policy setting, the local setting on the target computer will be enforced. On Windows Server 2012 and Windows 8, Network Level Authentication is enforced by default.  
+- If you disable this policy setting, Network Level Authentication isn't required for user authentication before allowing remote connections to the RD Session Host server. If you don't configure this policy setting, the local setting on the target computer will be enforced. On Windows Server 2012 and Windows 8, Network Level Authentication is enforced by default.  
 
 Disabling this policy setting provides less security because user authentication will occur later in the remote connection process.
 
@@ -4714,11 +4714,11 @@ ADMX Info:
 
 This policy setting allows you to specify the name of the certificate template that determines which certificate is automatically selected to authenticate an RD Session Host server. A certificate is needed to authenticate an RD Session Host server when TLS 1.0, 1.1 or 1.2 is used to secure communication between a client and an RD Session Host server during RDP connections.  
 
-- If you enable this policy setting, you need to specify a certificate template name. Only certificates created by using the specified certificate template will be considered when a certificate to authenticate the RD Session Host server is automatically selected. Automatic certificate selection only occurs when a specific certificate has not been selected. 
+- If you enable this policy setting, you need to specify a certificate template name. Only certificates created by using the specified certificate template will be considered when a certificate to authenticate the RD Session Host server is automatically selected. Automatic certificate selection only occurs when a specific certificate hasn't been selected. 
 
 If no certificate can be found that was created with the specified certificate template, the RD Session Host server will issue a certificate enrollment request and will use the current certificate until the request is completed. If more than one certificate is found that was created with the specified certificate template, the certificate that will expire latest and that matches the current name of the RD Session Host server will be selected.  
 
-- If you disable or do not configure this policy, the certificate template name is not specified at the Group Policy level. By default, a self-signed certificate is used to authenticate the RD Session Host server.  
+- If you disable or don't configure this policy, the certificate template name isn't specified at the Group Policy level. By default, a self-signed certificate is used to authenticate the RD Session Host server.  
 
 If you select a specific certificate to be used to authenticate the RD Session Host server, that certificate will take precedence over this policy setting.
 
@@ -4767,7 +4767,7 @@ This policy setting allows you to specify whether Remote Desktop Services uses a
 
 - If you enable this policy setting, Remote Desktop Services uses the path specified in the "Set path for Remote Desktop Services Roaming User Profile" policy setting as the root folder for the mandatory user profile. All users connecting remotely to the RD Session Host server use the same user profile.  
 
-- If you disable or do not configure this policy setting, mandatory user profiles are not used by users connecting remotely to the RD Session Host server.  
+- If you disable or don't configure this policy setting, mandatory user profiles aren't used by users connecting remotely to the RD Session Host server.  
 
 For this policy setting to take effect, you must also enable and configure the "Set path for Remote Desktop Services Roaming User Profile" policy setting.
 
@@ -4813,13 +4813,13 @@ ADMX Info:
 <!--/Scope-->
 <!--Description-->
 
-This policy setting allows you to specify the network path that Remote Desktop Services uses for roaming user profiles. By default, Remote Desktop Services stores all user profiles locally on the RD Session Host server. You can use this policy setting to specify a network share where user profiles can be centrally stored, allowing a user to access the same profile for sessions on all RD Session Host servers that are configured to use the network share for user profiles.  If you enable this policy setting, Remote Desktop Services uses the specified path as the root directory for all user profiles. The profiles are contained in subfolders named for the account name of each user.  
+This policy setting allows you to specify the network path that Remote Desktop Services uses for roaming user profiles. By default, Remote Desktop Services stores all user profiles locally on the RD Session Host server. You can use this policy setting to specify a network share where user profiles can be centrally stored, allowing a user to access the same profile for sessions on all RD Session Host servers that are configured to use the network share for user profiles. If you enable this policy setting, Remote Desktop Services uses the specified path as the root directory for all user profiles. The profiles are contained in subfolders named for the account name of each user.  
 
-To configure this policy setting, type the path to the network share in the form of \\Computername\Sharename. Do not specify a placeholder for the user account name, because Remote Desktop Services automatically adds this when the user logs on and the profile is created. 
+To configure this policy setting, type the path to the network share in the form of \\Computername\Sharename. Don't specify a placeholder for the user account name, because Remote Desktop Services automatically adds this location when the user signs in and the profile is created. 
 
-If the specified network share does not exist, Remote Desktop Services displays an error message on the RD Session Host server and will store the user profiles locally on the RD Session Host server.  
+If the specified network share doesn't exist, Remote Desktop Services displays an error message on the RD Session Host server and will store the user profiles locally on the RD Session Host server.  
 
-If you disable or do not configure this policy setting, user profiles are stored locally on the RD Session Host server. You can configure a user's profile path on the Remote Desktop Services Profile tab on the user's account Properties dialog box.  
+If you disable or don't configure this policy setting, user profiles are stored locally on the RD Session Host server. You can configure a user's profile path on the Remote Desktop Services Profile tab on the user's account Properties dialog box.  
 
 1. The roaming user profiles enabled by the policy setting apply only to Remote Desktop Services connections. A user might also have a Windows roaming user profile configured. The Remote Desktop Services roaming user profile always takes precedence in a Remote Desktop Services session.  
 2. To configure a mandatory Remote Desktop Services roaming user profile for all users connecting remotely to the RD Session Host server, use this policy setting together with the "Use mandatory profiles on the RD Session Host server" policy setting located in Computer Configuration\Administrative Templates\Windows Components\Remote Desktop Services\RD Session Host\Profiles. The path set in the "Set path for Remote Desktop Services Roaming User Profile" policy setting should contain the mandatory profile.
diff --git a/windows/client-management/mdm/policy-csp-admx-touchinput.md b/windows/client-management/mdm/policy-csp-admx-touchinput.md
index 288b99a963..4f7283a5a7 100644
--- a/windows/client-management/mdm/policy-csp-admx-touchinput.md
+++ b/windows/client-management/mdm/policy-csp-admx-touchinput.md
@@ -72,10 +72,10 @@ manager: dansimp
 <!--Description-->
 Turn off Tablet PC touch input Turns off touch input, which allows the user to interact with their computer using their finger.  
 
-- If you enable this setting, the user will not be able to produce input with touch. They will not be able to use touch input or touch gestures such as tap and double tap, the touch pointer, and other touch-specific features.  
+- If you enable this setting, the user won't be able to produce input with touch. They won't be able to use touch input or touch gestures such as tap and double tap, the touch pointer, and other touch-specific features.  
 - If you disable this setting, the user can produce input with touch, by using gestures, the touch pointer, and other-touch specific features.  
 
-If you do not configure this setting, touch input is on by default.  Note: Changes to this setting will not take effect until the user logs off.
+If you don't configure this setting, touch input is on by default.  Note: Changes to this setting won't take effect until the user signs out.
 
 <!--/Description-->
 
@@ -116,10 +116,10 @@ ADMX Info:
 <!--Description-->
 Turn off Tablet PC touch input Turns off touch input, which allows the user to interact with their computer using their finger.  
 
-- If you enable this setting, the user will not be able to produce input with touch. They will not be able to use touch input or touch gestures such as tap and double tap, the touch pointer, and other touch-specific features.  
+- If you enable this setting, the user won't be able to produce input with touch. They won't be able to use touch input or touch gestures such as tap and double tap, the touch pointer, and other touch-specific features.  
 - If you disable this setting, the user can produce input with touch, by using gestures, the touch pointer, and other-touch specific features.  
 
-If you do not configure this setting, touch input is on by default.  Note: Changes to this setting will not take effect until the user logs off.
+If you don't configure this setting, touch input is on by default.  Note: Changes to this setting won't take effect until the user signs out.
 
 <!--/Description-->
 
@@ -163,12 +163,12 @@ ADMX Info:
 <!--Description-->
 Turn off Panning  Turns off touch panning, which allows users pan inside windows by touch. On a compatible PC with a touch digitizer, by default users are able to scroll or pan inside a scrolling area by dragging up or down directly on the scrolling content.  
 
-- If you enable this setting, the user will not be able to pan windows by touch.  
+- If you enable this setting, the user won't be able to pan windows by touch.  
 
-- If you disable this setting, the user can pan windows by touch. If you do not configure this setting, Touch Panning is on by default.  
+- If you disable this setting, the user can pan windows by touch. If you don't configure this setting, Touch Panning is on by default.  
 
 > [!NOTE]
-> Changes to this setting will not take effect until the user logs off.
+> Changes to this setting won't take effect until the user logs off.
 
 <!--/Description-->
 
@@ -210,12 +210,12 @@ ADMX Info:
 <!--Description-->
 Turn off Panning  Turns off touch panning, which allows users pan inside windows by touch. On a compatible PC with a touch digitizer, by default users are able to scroll or pan inside a scrolling area by dragging up or down directly on the scrolling content.  
 
-- If you enable this setting, the user will not be able to pan windows by touch.  
+- If you enable this setting, the user won't be able to pan windows by touch.  
 
-- If you disable this setting, the user can pan windows by touch. If you do not configure this setting, Touch Panning is on by default.  
+- If you disable this setting, the user can pan windows by touch. If you don't configure this setting, Touch Panning is on by default.  
 
 > [!NOTE]
-> Changes to this setting will not take effect until the user logs off.
+> Changes to this setting won't take effect until the user logs off.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-tpm.md b/windows/client-management/mdm/policy-csp-admx-tpm.md
index 7f8cb02e07..cc8d6387aa 100644
--- a/windows/client-management/mdm/policy-csp-admx-tpm.md
+++ b/windows/client-management/mdm/policy-csp-admx-tpm.md
@@ -91,7 +91,7 @@ This policy setting allows you to manage the Policy list of Trusted Platform Mod
 
 If you enable this policy setting, Windows will block the specified commands from being sent to the TPM on the computer. TPM commands are referenced by a command number. For example, command number 129 is TPM_OwnerReadInternalPub, and command number 170 is TPM_FieldUpgrade. To find the command number associated with each TPM command with TPM 1.2, run "tpm.msc" and navigate to the "Command Management" section.
 
-If you disable or do not configure this policy setting, only those TPM commands specified through the default or local lists may be blocked by Windows. The default list of blocked TPM commands is pre-configured by Windows. You can view the default list by running "tpm.msc", navigating to the "Command Management" section, and making visible the "On Default Block List" column. The local list of blocked TPM commands is configured outside of Policy by running "tpm.msc" or through scripting against the Win32_Tpm interface. See related policy settings to enforce or ignore the default and local lists of blocked TPM commands.
+If you disable or don't configure this policy setting, only those TPM commands specified through the default or local lists may be blocked by Windows. The default list of blocked TPM commands is pre-configured by Windows. You can view the default list by running "tpm.msc", navigating to the "Command Management" section, and making visible the "On Default Block List" column. The local list of blocked TPM commands is configured outside of Policy by running "tpm.msc" or through scripting against the Win32_Tpm interface. See related policy settings to enforce or ignore the default and local lists of blocked TPM commands.
 
 <!--/Description-->
 
@@ -132,7 +132,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting configures the system to prompt the user to clear the TPM if the TPM is detected to be in any state other than Ready. This policy will take effect only if the system’s TPM is in a state other than Ready, including if the TPM is “Ready, with reduced functionality”. The prompt to clear the TPM will start occurring after the next reboot, upon user login only if the logged in user is part of the Administrators group for the system. The prompt can be dismissed, but will reappear after every reboot and login until the policy is disabled or until the TPM is in a Ready state.
+This policy setting configures the system to prompt the user to clear the TPM if the TPM is detected to be in any state other than Ready. This policy will take effect only if the system’s TPM is in a state other than Ready, including if the TPM is “Ready, with reduced functionality”. The prompt to clear the TPM will start occurring after the next reboot, upon user sign in only if the signed in user is part of the Administrators group for the system. The prompt can be dismissed, but will reappear after every reboot and sign in until the policy is disabled or until the TPM is in a Ready state.
 
 <!--/Description-->
 
@@ -179,7 +179,7 @@ If you enable this policy setting, Windows will ignore the computer's default li
 
 The default list of blocked TPM commands is pre-configured by Windows. You can view the default list by running "tpm.msc", navigating to the "Command Management" section, and making visible the "On Default Block List" column. The local list of blocked TPM commands is configured outside of Policy by running "tpm.msc" or through scripting against the Win32_Tpm interface. See the related policy setting to configure the Policy list of blocked TPM commands.
 
-If you disable or do not configure this policy setting, Windows will block the TPM commands in the default list, in addition to commands in the Policy and local lists of blocked TPM commands. 
+If you disable or don't configure this policy setting, Windows will block the TPM commands in the default list, in addition to commands in the Policy and local lists of blocked TPM commands. 
 
 <!--/Description-->
 
@@ -226,7 +226,7 @@ If you enable this policy setting, Windows will ignore the computer's local list
 
 The local list of blocked TPM commands is configured outside of Policy by running "tpm.msc" or through scripting against the Win32_Tpm interface. The default list of blocked TPM commands is pre-configured by Windows. See the related policy setting to configure the Policy list of blocked TPM commands.
 
-If you disable or do not configure this policy setting, Windows will block the TPM commands found in the local list, in addition to commands in the Policy and default lists of blocked TPM commands.
+If you disable or don't configure this policy setting, Windows will block the TPM commands found in the local list, in addition to commands in the Policy and default lists of blocked TPM commands.
 
 <!--/Description-->
 
@@ -267,13 +267,13 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting configures how much of the TPM owner authorization information is stored in the registry of the local computer. Depending on the amount of TPM owner authorization information stored locally, the operating system and TPM-based applications can perform certain TPM actions which require TPM owner authorization without requiring the user to enter the TPM owner password.
+This policy setting configures how much of the TPM owner authorization information is stored in the registry of the local computer. Depending on the amount of TPM owner authorization information stored locally, the operating system and TPM-based applications can perform certain TPM actions that require TPM owner authorization without requiring the user to enter the TPM owner password.
 
 You can choose to have the operating system store either the full TPM owner authorization value, the TPM administrative delegation blob plus the TPM user delegation blob, or none.
 
 If you enable this policy setting, Windows will store the TPM owner authorization in the registry of the local computer according to the operating system managed TPM authentication setting you choose.
 
-Choose the operating system managed TPM authentication setting of "Full" to store the full TPM owner authorization, the TPM administrative delegation blob and the TPM user delegation blob in the local registry. This setting allows use of the TPM without requiring remote or external storage of the TPM owner authorization value. This setting is appropriate for scenarios which do not depend on preventing reset of the TPM anti-hammering logic or changing the TPM owner authorization value. Some TPM-based applications may require this setting be changed before features which depend on the TPM anti-hammering logic can be used.
+Choose the operating system managed TPM authentication setting of "Full" to store the full TPM owner authorization, the TPM administrative delegation blob and the TPM user delegation blob in the local registry. This setting allows use of the TPM without requiring remote or external storage of the TPM owner authorization value. This setting is appropriate for scenarios that don't depend on preventing reset of the TPM anti-hammering logic or changing the TPM owner authorization value. Some TPM-based applications may require this setting to be changed before making the features that depend on the TPM anti-hammering logic usable.
 
 Choose the operating system managed TPM authentication setting of "Delegated" to store only the TPM administrative delegation blob and the TPM user delegation blob in the local registry. This setting is appropriate for use with TPM-based applications that depend on the TPM anti-hammering logic.
 
@@ -321,7 +321,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This Policy enables Device Health Attestation reporting (DHA-report) on supported devices. It enables supported devices to send Device Health Attestation related information (device boot logs, PCR values, TPM certificate, etc.) to Device Health Attestation Service (DHA-Service) every time a device starts. Device Health Attestation Service validates the security state and health of the devices, and makes the findings accessible to enterprise administrators via a cloud based reporting portal. This policy is independent of DHA reports that are initiated by device manageability solutions (like MDM or SCCM), and will not interfere with their workflows.
+This Policy enables Device Health Attestation reporting (DHA-report) on supported devices. It enables supported devices to send Device Health Attestation related information (device boot logs, PCR values, TPM certificate, etc.) to Device Health Attestation Service (DHA-Service) every time a device starts. Device Health Attestation Service validates the security state and health of the devices, and makes the findings accessible to enterprise administrators via a cloud based reporting portal. This policy is independent of DHA reports that are initiated by device manageability solutions (like MDM or SCCM), and won't interfere with their workflows.
 
 <!--/Description-->
 
@@ -370,15 +370,15 @@ An authorization failure occurs each time a standard user sends a command to the
 
 For each standard user two thresholds apply. Exceeding either threshold will prevent the standard user from sending a command to the TPM that requires authorization.
 
-The Standard User Lockout Threshold Individual value is the maximum number of authorization failures each standard user may have before the user is not allowed to send commands requiring authorization to the TPM.
+The Standard User Lockout Threshold Individual value is the maximum number of authorization failures each standard user may have before the user isn't allowed to send commands requiring authorization to the TPM.
 
-The Standard User Lockout Total Threshold value is the maximum total number of authorization failures all standard users may have before all standard users are not allowed to send commands requiring authorization to the TPM.
+The Standard User Lockout Total Threshold value is the maximum total number of authorization failures all standard users may have before all standard users aren't allowed to send commands requiring authorization to the TPM.
 
-The TPM is designed to protect itself against password guessing attacks by entering a hardware lockout mode when it receives too many commands with an incorrect authorization value. When the TPM enters a lockout mode it is global for all users including administrators and Windows features like BitLocker Drive Encryption. The number of authorization failures a TPM allows and how long it stays locked out vary by TPM manufacturer. Some TPMs may enter lockout mode for successively longer periods of time with fewer authorization failures depending on past failures. Some TPMs may require a system restart to exit the lockout mode. Other TPMs may require the system to be on so enough clock cycles elapse before the TPM exits the lockout mode.
+The TPM is designed to protect itself against password guessing attacks by entering a hardware lockout mode when it receives too many commands with an incorrect authorization value. When the TPM enters a lockout mode, it is global for all users including administrators and Windows features like BitLocker Drive Encryption. The number of authorization failures a TPM allows and how long it stays locked out vary by TPM manufacturer. Some TPMs may enter lockout mode for successively longer periods of time with fewer authorization failures depending on past failures. Some TPMs may require a system restart to exit the lockout mode. Other TPMs may require the system to be on so enough clock cycles elapse before the TPM exits the lockout mode.
 
 An administrator with the TPM owner password may fully reset the TPM's hardware lockout logic using the TPM Management Console (tpm.msc). Each time an administrator resets the TPM's hardware lockout logic all prior standard user TPM authorization failures are ignored; allowing standard users to use the TPM normally again immediately.
 
-If this value is not configured, a default value of 480 minutes (8 hours) is used.
+If this value isn't configured, a default value of 480 minutes (8 hours) is used.
 
 <!--/Description-->
 >
@@ -425,19 +425,19 @@ This setting helps administrators prevent the TPM hardware from entering a locko
 
 An authorization failure occurs each time a standard user sends a command to the TPM and receives an error response indicating an authorization failure occurred. Authorization failures older than the duration are ignored.
 
-For each standard user two thresholds apply. Exceeding either threshold will prevent the standard user from sending a command to the TPM that requires authorization.
+For each standard user, two thresholds apply. Exceeding either threshold will prevent the standard user from sending a command to the TPM that requires authorization.
 
-This value is the maximum number of authorization failures each standard user may have before the user is not allowed to send commands requiring authorization to the TPM.
+This value is the maximum number of authorization failures each standard user may have before the user isn't allowed to send commands requiring authorization to the TPM.
 
-The Standard User Lockout Total Threshold value is the maximum total number of authorization failures all standard users may have before all standard users are not allowed to send commands requiring authorization to the TPM.
+The Standard User Lockout Total Threshold value is the maximum total number of authorization failures all standard users may have before all standard users aren't allowed to send commands requiring authorization to the TPM.
 
-The TPM is designed to protect itself against password guessing attacks by entering a hardware lockout mode when it receives too many commands with an incorrect authorization value. When the TPM enters a lockout mode it is global for all users including administrators and Windows features like BitLocker Drive Encryption. The number of authorization failures a TPM allows and how long it stays locked out vary by TPM manufacturer. Some TPMs may enter lockout mode for successively longer periods of time with fewer authorization failures depending on past failures. Some TPMs may require a system restart to exit the lockout mode. Other TPMs may require the system to be on so enough clock cycles elapse before the TPM exits the lockout mode.
+The TPM is designed to protect itself against password guessing attacks by entering a hardware lockout mode when it receives too many commands with an incorrect authorization value. When the TPM enters a lockout mode, it's global for all users including administrators and Windows features like BitLocker Drive Encryption. The number of authorization failures a TPM allows and how long it stays locked out vary by TPM manufacturer. Some TPMs may enter lockout mode for successively longer periods of time with fewer authorization failures depending on past failures. Some TPMs may require a system restart to exit the lockout mode. Other TPMs may require the system to be on so enough clock cycles elapse before the TPM exits the lockout mode.
 
 An administrator with the TPM owner password may fully reset the TPM's hardware lockout logic using the TPM Management Console (tpm.msc). Each time an administrator resets the TPM's hardware lockout logic all prior standard user TPM authorization failures are ignored; allowing standard users to use the TPM normally again immediately.
 
-If this value is not configured, a default value of 4 is used.
+If this value isn't configured, a default value of 4 is used.
 
-A value of zero means the OS will not allow standard users to send commands to the TPM which may cause an authorization failure.
+A value of 0 means the OS won't allow standard users to send commands to the TPM, which may cause an authorization failure.
 
 <!--/Description-->
 
@@ -484,19 +484,19 @@ This setting helps administrators prevent the TPM hardware from entering a locko
 
 An authorization failure occurs each time a standard user sends a command to the TPM and receives an error response indicating an authorization failure occurred. Authorization failures older than the duration are ignored.
 
-For each standard user two thresholds apply. Exceeding either threshold will prevent the standard user from sending a command to the TPM that requires authorization.
+For each standard user, two thresholds apply. Exceeding either threshold will prevent the standard user from sending a command to the TPM that requires authorization.
 
-The Standard User Individual Lockout value is the maximum number of authorization failures each standard user may have before the user is not allowed to send commands requiring authorization to the TPM.
+The Standard User Individual Lockout value is the maximum number of authorization failures each standard user may have before the user isn't allowed to send commands requiring authorization to the TPM.
 
-This value is the maximum total number of authorization failures all standard users may have before all standard users are not allowed to send commands requiring authorization to the TPM.
+This value is the maximum total number of authorization failures all standard users may have before all standard users aren't allowed to send commands requiring authorization to the TPM.
 
-The TPM is designed to protect itself against password guessing attacks by entering a hardware lockout mode when it receives too many commands with an incorrect authorization value. When the TPM enters a lockout mode it is global for all users including administrators and Windows features like BitLocker Drive Encryption. The number of authorization failures a TPM allows and how long it stays locked out vary by TPM manufacturer. Some TPMs may enter lockout mode for successively longer periods of time with fewer authorization failures depending on past failures. Some TPMs may require a system restart to exit the lockout mode. Other TPMs may require the system to be on so enough clock cycles elapse before the TPM exits the lockout mode.
+The TPM is designed to protect itself against password guessing attacks by entering a hardware lockout mode when it receives too many commands with an incorrect authorization value. When the TPM enters a lockout mode, it's global for all users including administrators and Windows features like BitLocker Drive Encryption. The number of authorization failures a TPM allows and how long it stays locked out vary by TPM manufacturer. Some TPMs may enter lockout mode for successively longer periods of time with fewer authorization failures depending on past failures. Some TPMs may require a system restart to exit the lockout mode. Other TPMs may require the system to be on so enough clock cycles elapse before the TPM exits the lockout mode.
 
 An administrator with the TPM owner password may fully reset the TPM's hardware lockout logic using the TPM Management Console (tpm.msc). Each time an administrator resets the TPM's hardware lockout logic all prior standard user TPM authorization failures are ignored; allowing standard users to use the TPM normally again immediately.
 
-If this value is not configured, a default value of 9 is used.
+If this value isn't configured, a default value of 9 is used.
 
-A value of zero means the OS will not allow standard users to send commands to the TPM which may cause an authorization failure.
+A value of 0 means the OS won't allow standard users to send commands to the TPM, which may cause an authorization failure.
 
 <!--/Description-->
 
@@ -537,7 +537,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting configures the TPM to use the Dictionary Attack Prevention Parameters (lockout threshold and recovery time) to the values that were used for Windows 10 Version 1607 and below. Setting this policy will take effect only if a) the TPM was originally prepared using a version of Windows after Windows 10 Version 1607 and b) the System has a TPM 2.0. Note that enabling this policy will only take effect after the TPM maintenance task runs (which typically happens after a system restart). Once this policy has been enabled on a system and has taken effect (after a system restart), disabling it will have no impact and the system's TPM will remain configured using the legacy Dictionary Attack Prevention parameters, regardless of the value of this Policy. The only way for the disabled setting of this policy to take effect on a system where it was once enabled is to a) disable it from Policy and b)clear the TPM on the system.
+This policy setting configures the TPM to use the Dictionary Attack Prevention Parameters (lockout threshold and recovery time) to the values that were used for Windows 10 Version 1607 and below. Setting this policy will take effect only if a) the TPM was originally prepared using a version of Windows after Windows 10 Version 1607 and b) the System has a TPM 2.0. Enabling this policy will only take effect after the TPM maintenance task runs (which typically happens after a system restart). Once this policy has been enabled on a system and has taken effect (after a system restart), disabling it will have no impact and the system's TPM will remain configured using the legacy Dictionary Attack Prevention parameters, regardless of the value of this Policy. The only way for the disabled setting of this policy to take effect on a system where it was once enabled is to a) disable it from Policy and b) clear the TPM on the system.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-userprofiles.md b/windows/client-management/mdm/policy-csp-admx-userprofiles.md
index 72e9a3ea84..01ff1725af 100644
--- a/windows/client-management/mdm/policy-csp-admx-userprofiles.md
+++ b/windows/client-management/mdm/policy-csp-admx-userprofiles.md
@@ -81,14 +81,14 @@ manager: dansimp
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows an administrator to automatically delete user profiles on system restart that have not been used within a specified number of days.
+This policy setting allows an administrator to automatically delete user profiles on system restart that haven't been used within a specified number of days.
 
 > [!NOTE]
 > One day is interpreted as 24 hours after a specific user profile was accessed.
 
-If you enable this policy setting, the User Profile Service will automatically delete on the next system restart all user profiles on the computer that have not been used within the specified number of days. 
+If you enable this policy setting, the User Profile Service will automatically delete on the next system restart all user profiles on the computer that haven't been used within the specified number of days. 
 
-If you disable or do not configure this policy setting, User Profile Service will not automatically delete any profiles on the next system restart.
+If you disable or don't configure this policy setting, User Profile Service won't automatically delete any profiles on the next system restart.
 
 <!--/Description-->
 
@@ -129,14 +129,14 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting controls whether Windows forcefully unloads the user's registry at logoff, even if there are open handles to the per-user registry keys. 
+This policy setting controls whether Windows forcefully unloads the user's registry at sign out, even if there are open handles to the per-user registry keys. 
 
 > [!NOTE]
 > This policy setting should only be used for cases where you may be running into application compatibility issues due to this specific Windows behavior. It is not recommended to enable this policy by default as it may prevent users from getting an updated version of their roaming user profile.
 
-If you enable this policy setting, Windows will not forcefully unload the users registry at logoff, but will unload the registry when all open handles to the per-user registry keys are closed.
+If you enable this policy setting, Windows won't forcefully unload the user's registry at sign out, but will unload the registry when all open handles to the per-user registry keys are closed.
 
-If you disable or do not configure this policy setting, Windows will always unload the users registry at logoff, even if there are any open handles to the per-user registry keys at user logoff.
+If you disable or don't configure this policy setting, Windows will always unload the user's registry at sign out, even if there are any open handles to the per-user registry keys at user sign out.
 
 <!--/Description-->
 
@@ -179,11 +179,11 @@ ADMX Info:
 <!--Description-->
 This policy setting determines whether the system retains a roaming user's Windows Installer and Group Policy based software installation data on their profile deletion.
 
-By default Windows deletes all information related to a roaming user (which includes the user's settings, data, Windows Installer related data, and the like) when their profile is deleted. As a result, the next time a roaming user whose profile was previously deleted on that client logs on, they will need to reinstall all apps published via policy at logon increasing logon time. You can use this policy setting to change this behavior.
+By default Windows deletes all information related to a roaming user (which includes the user's settings, data, Windows Installer related data, and the like) when their profile is deleted. As a result, the next time roaming users whose profiles were previously deleted on that client sign in, they'll need to reinstall all apps published via policy at sign in, increasing sign-in time. You can use this policy setting to change this behavior.
 
-If you enable this policy setting, Windows will not delete Windows Installer or Group Policy software installation data for roaming users when profiles are deleted from the machine. This will improve the performance of Group Policy based Software Installation during user logon when a user profile is deleted and that user subsequently logs on to the machine.
+If you enable this policy setting, Windows won't delete Windows Installer or Group Policy software installation data for roaming users when profiles are deleted from the machine. This data retention will improve the performance of Group Policy-based Software Installation during user sign in when a user profile is deleted and that user later signs in to the machine.
 
-If you disable or do not configure this policy setting, Windows will delete the entire profile for roaming users, including the Windows Installer and Group Policy software installation data when those profiles are deleted.
+If you disable or don't configure this policy setting, Windows will delete the entire profile for roaming users, including the Windows Installer and Group Policy software installation data when those profiles are deleted.
 
 > [!NOTE]
 > If this policy setting is enabled for a machine, local administrator action is required to remove the Windows Installer or Group Policy software installation data stored in the registry and file system of roaming users' profiles on the machine.
@@ -229,7 +229,7 @@ ADMX Info:
 <!--Description-->
 This policy setting sets the maximum size of each user profile and determines the system's response when a user profile reaches the maximum size. This policy setting affects both local and roaming profiles.
 
-If you disable this policy setting or do not configure it, the system does not limit the size of user profiles.
+If you disable this policy setting or don't configure it, the system doesn't limit the size of user profiles.
 
 If you enable this policy setting, you can:
 
@@ -278,13 +278,13 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting will automatically log off a user when Windows cannot load their profile. 
+This policy setting will automatically sign out a user when Windows can't load their profile. 
 
-If Windows cannot access the user profile folder or the profile contains errors that prevent it from loading, Windows logs on the user with a temporary profile. This policy setting allows the administrator to disable this behavior, preventing Windows from logging on the user with a temporary profile.
+If Windows can't access the user profile folder or the profile contains errors that prevent it from loading, Windows logs on the user with a temporary profile. This policy setting allows the administrator to disable this behavior, preventing Windows from logging on the user with a temporary profile.
 
-If you enable this policy setting, Windows will not log on a user with a temporary profile. Windows logs the user off if their profile cannot be loaded.
+If you enable this policy setting, Windows won't sign in users with a temporary profile. Windows signs out the users if their profiles can't be loaded.
 
-If you disable this policy setting or do not configure it, Windows logs on the user with a temporary profile when Windows cannot load their user profile.
+If you disable this policy setting or don't configure it, Windows logs on the user with a temporary profile when Windows can't load their user profile.
 
 Also, see the "Delete cached copies of roaming profiles" policy setting.
 
@@ -335,7 +335,7 @@ This policy setting and related policy settings in this folder together define t
 
 If you enable this policy setting, you can change how long Windows waits for a response from the server before considering the connection to be slow.
 
-If you disable or do not configure this policy setting, Windows considers the network connection to be slow if the server returns less than 500 kilobits of data per second or take 120 milliseconds to respond.Consider increasing this value for clients using DHCP Service-assigned addresses or for computers accessing profiles across dial-up connections.Important: If the "Do not detect slow network connections" policy setting is enabled, this policy setting is ignored. Also, if the "Delete cached copies of roaming profiles" policy setting is enabled, there is no local copy of the roaming profile to load when the system detects a slow connection.
+If you disable or don't configure this policy setting, Windows considers the network connection to be slow if the server returns less than 500 kilobits of data per second or take 120 milliseconds to respond.Consider increasing this value for clients using DHCP Service-assigned addresses or for computers accessing profiles across dial-up connections.Important: If the "Do not detect slow network connections" policy setting is enabled, this policy setting is ignored. Also, if the "Delete cached copies of roaming profiles" policy setting is enabled, there's no local copy of the roaming profile to load when the system detects a slow connection.
 
 <!--/Description-->
 
@@ -376,18 +376,18 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to specify the location and root (file share or local path) of a user's home folder for a logon session.
+This policy setting allows you to specify the location and root (file share or local path) of a user's home folder for a sign-in session.
 
 If you enable this policy setting, the user's home folder is configured to the specified local or network location, creating a new folder for each user name.
 
 To use this policy setting, in the Location list, choose the location for the home folder. If you choose “On the network,” enter the path to a file share in the Path box (for example, \\\\ComputerName\ShareName), and then choose the drive letter to assign to the file share. If you choose “On the local computer,” enter a local path (for example, C:\HomeFolder) in the Path box.
 
-Do not specify environment variables or ellipses in the path. Also, do not specify a placeholder for the user name because the user name will be appended at logon.
+Don't specify environment variables or ellipses in the path. Also, don't specify a placeholder for the user name because the user name will be appended at sign in.
 
 > [!NOTE]
 > The Drive letter box is ignored if you choose “On the local computer” from the Location list. If you choose “On the local computer” and enter a file share, the user's home folder will be placed in the network location without mapping the file share to a drive letter.
 
-If you disable or do not configure this policy setting, the user's home folder is configured as specified in the user's Active Directory Domain Services account.
+If you disable or don't configure this policy setting, the user's home folder is configured as specified in the user's Active Directory Domain Services account.
 
 If the "Set Remote Desktop Services User Home Directory" policy setting is enabled, the “Set user home folder” policy setting has no effect.
 
@@ -434,11 +434,11 @@ This setting prevents users from managing the ability to allow apps to access th
 
 If you enable this policy setting, sharing of user name, picture and domain information may be controlled by setting one of the following options:
 
-- "Always on" - users will not be able to change this setting and the user's name and account picture will be shared with apps (not desktop apps). In addition apps (not desktop apps) that have the enterprise authentication capability will also be able to retrieve the user's UPN, SIP/URI, and DNS.
+- "Always on" - users won't be able to change this setting and the user's name and account picture will be shared with apps (not desktop apps). In addition apps (not desktop apps) that have the enterprise authentication capability will also be able to retrieve the user's UPN, SIP/URI, and DNS.
 
-- "Always off" - users will not be able to change this setting and the user's name and account picture will not be shared with apps (not desktop apps). In addition apps (not desktop apps) that have the enterprise authentication capability will not be able to retrieve the user's UPN, SIP/URI, and DNS. Selecting this option may have a negative impact on certain enterprise software and/or line of business apps that depend on the domain information protected by this setting to connect with network resources.
+- "Always off" - users won't be able to change this setting and the user's name and account picture won't be shared with apps (not desktop apps). In addition apps (not desktop apps) that have the enterprise authentication capability won't be able to retrieve the user's UPN, SIP/URI, and DNS. Selecting this option may have a negative impact on certain enterprise software and/or line of business apps that depend on the domain information protected by this setting to connect with network resources.
 
-If you do not configure or disable this policy the user will have full control over this setting and can turn it off and on. Selecting this option may have a negative impact on certain enterprise software and/or line of business apps that depend on the domain information protected by this setting to connect with network resources if users choose to turn the setting off.
+If you don't configure or disable this policy the user will have full control over this setting and can turn it off and on. Selecting this option may have a negative impact on certain enterprise software and/or line of business apps that depend on the domain information protected by this setting to connect with network resources if users choose to turn off the setting.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-w32time.md b/windows/client-management/mdm/policy-csp-admx-w32time.md
index f57fa5f258..880375abd7 100644
--- a/windows/client-management/mdm/policy-csp-admx-w32time.md
+++ b/windows/client-management/mdm/policy-csp-admx-w32time.md
@@ -71,9 +71,9 @@ manager: dansimp
 <!--Description-->
 This policy setting allows you to specify Clock discipline and General values for the Windows Time service (W32time) for domain controllers including RODCs.
 
-If this policy setting is enabled, W32time Service on target machines use the settings provided here. Otherwise, the service on target machines use locally configured settings values.
+If this policy setting is enabled, W32time Service on target machines use the settings provided here. Otherwise, the Service on target machines use locally configured settings values.
 
-For more details on individual parameters, combinations of parameter values as well as definitions of flags, see https://go.microsoft.com/fwlink/?linkid=847809.
+For more information on individual parameters, combinations of parameter values, and definitions of flags, see https://go.microsoft.com/fwlink/?linkid=847809.
 
 **FrequencyCorrectRate**
 This parameter controls the rate at which the W32time corrects the local clock's frequency. Lower values cause slower corrections; larger values cause more frequent corrections. Default: 4 (scalar).
@@ -117,7 +117,7 @@ This parameter controls special events that may be logged to the Event Viewer Sy
 This parameter indicates the maximum error in seconds that is reported by the NTP server to clients that are requesting a time sample. (Applies only when the NTP server is using the time of the local CMOS clock.) Default: 10 seconds.
 
 **MaxPollInterval**
-This parameter controls the maximum polling interval, which defines the maximum amount of time between polls of a peer. Default: 10 in log base-2, or 1024 seconds. (Should not be set higher than 15.)
+This parameter controls the maximum polling interval, which defines the maximum amount of time between polls of a peer. Default: 10 in log base-2, or 1024 seconds. (Shouldn't be set higher than 15.)
 
 **MinPollInterval**
 This parameter controls the minimum polling interval that defines the minimum amount of time between polls of a peer. Default: 6 in log base-2, or 64 seconds.
@@ -126,10 +126,10 @@ This parameter controls the minimum polling interval that defines the minimum am
 This parameter indicates the maximum number of seconds a system clock can nominally hold its accuracy without synchronizing with a time source. If this period of time passes without W32time obtaining new samples from any of its input providers, W32time initiates a rediscovery of time sources. Default: 7800 seconds.
 
 **RequireSecureTimeSyncRequests**
-This parameter controls whether or not the DC will respond to time sync requests that use older authentication protocols. If enabled (set to 1), the DC will not respond to requests using such protocols. Default: 0 Boolean.
+This parameter controls whether or not the DC will respond to time sync requests that use older authentication protocols. If enabled (set to 1), the DC won't respond to requests using such protocols. Default: 0 Boolean.
 
 **UtilizeSslTimeData**
-This parameter controls whether W32time will use time data computed from SSL traffic on the machine as an additional input for correcting the local clock.  Default: 1 (enabled) Boolean
+This parameter controls whether W32time will use time data computed from SSL traffic on the machine as an extra input for correcting the local clock.  Default: 1 (enabled) Boolean
 
 **ClockAdjustmentAuditLimit**
 This parameter specifies the smallest local clock adjustments that may be logged to the W32time service event log on the target machine. Default: 800 Parts per million (PPM).
@@ -143,10 +143,10 @@ This parameter specifies the maximum amount of time that an entry can remain in
 This parameter controls the maximum number of entries that are allowed in the chaining table. If the chaining table is full and no expired entries can be removed, any incoming requests are discarded. Default: 128 entries.
 
 **ChainMaxHostEntries**
-This parameter controls the maximum number of entries that are allowed in the chaining table for a particular host. Default: 4 entries.
+This parameter controls the maximum number of entries that are allowed in the chaining table for a particular host. Default: Four entries.
 
 **ChainDisable**
-This parameter controls whether or not the chaining mechanism is disabled. If chaining is disabled (set to 0), the RODC can synchronize with any domain controller, but hosts that do not have their passwords cached on the RODC will not be able to synchronize with the RODC. Default: 0 Boolean.
+This parameter controls whether or not the chaining mechanism is disabled. If chaining is disabled (set to 0), the RODC can synchronize with any domain controller, but hosts that don't have their passwords cached on the RODC won't be able to synchronize with the RODC. Default: 0 Boolean.
 
 **ChainLoggingRate**
 This parameter controls the frequency at which an event that indicates the number of successful and unsuccessful chaining attempts is logged to the System log in Event Viewer. Default: 30 minutes.
@@ -195,7 +195,7 @@ This policy setting specifies a set of parameters for controlling the Windows NT
 
 If you enable this policy setting, you can specify the following parameters for the Windows NTP Client.
 
-If you disable or do not configure this policy setting, the Windows NTP Client uses the defaults of each of the following parameters.
+If you disable or don't configure this policy setting, the Windows NTP Client uses the defaults of each of the following parameters.
 
 **NtpServer**
 The Domain Name System (DNS) name or IP address of an NTP time source. This value is in the form of ""dnsName,flags"" where ""flags"" is a hexadecimal bitmask of the flags for that host. For more information, see the NTP Client Group Policy Settings Associated with Windows Time section of the Windows Time Service Group Policy Settings.  The default value is ""time.windows.com,0x09"". 
@@ -204,7 +204,7 @@ The Domain Name System (DNS) name or IP address of an NTP time source. This valu
 This value controls the authentication that W32time uses. The default value is NT5DS.
 
 **CrossSiteSyncFlags**
-This value, expressed as a bitmask, controls how W32time chooses time sources outside its own site. The possible values are 0, 1, and 2. Setting this value to 0 (None) indicates that the time client should not attempt to synchronize time outside its site. Setting this value to 1 (PdcOnly) indicates that only the computers that function as primary domain controller (PDC) emulator operations masters in other domains can be used as synchronization partners when the client has to synchronize time with a partner outside its own site. Setting a value of 2 (All) indicates that any synchronization partner can be used. This value is ignored if the NT5DS value is not set. The default value is 2 decimal (0x02 hexadecimal).
+This value, expressed as a bitmask, controls how W32time chooses time sources outside its own site. The possible values are 0, 1, and 2. Setting this value to 0 (None) indicates that the time client shouldn't attempt to synchronize time outside its site. Setting this value to 1 (PdcOnly) indicates that only the computers that function as primary domain controller (PDC) emulator operations masters in other domains can be used as synchronization partners when the client has to synchronize time with a partner outside its own site. Setting a value of 2 (All) indicates that any synchronization partner can be used. This value is ignored if the NT5DS value isn't set. The default value is 2 decimal (0x02 hexadecimal).
 
 **ResolvePeerBackoffMinutes**
 This value, expressed in minutes, controls how long W32time waits before it attempts to resolve a DNS name when a previous attempt failed. The default value is 15 minutes.
@@ -216,7 +216,7 @@ This value controls how many times W32time attempts to resolve a DNS name before
 This NTP client value, expressed in seconds, controls how often a manually configured time source is polled when the time source is configured to use a special polling interval. If the SpecialInterval flag is enabled on the NTPServer setting, the client uses the value that is set as the SpecialPollInterval, instead of a variable interval between MinPollInterval and MaxPollInterval values, to determine how frequently to poll the time source. SpecialPollInterval must be in the range of [MinPollInterval, MaxPollInterval], else the nearest value of the range is picked. Default: 1024 seconds.
 
 **EventLogFlags**
-This value is a bitmask that controls events that may be logged to the System log in Event Viewer. Setting this value to 0x1 indicates that W32time will create an event whenever a time jump is detected. Setting this value to 0x2 indicates that W32time will create an event whenever a time source change is made. Because it is a bitmask value, setting 0x3 (the addition of 0x1 and 0x2) indicates that both time jumps and time source changes will be logged.
+This value is a bitmask that controls events that may be logged to the System log in Event Viewer. Setting this value to 0x1 indicates that W32time will create an event whenever a time jump is detected. Setting this value to 0x2 indicates that W32time will create an event whenever a time source change is made. Because it's a bitmask value, setting 0x3 (the addition of 0x1 and 0x2) indicates that both time jumps and time source changes will be logged.
 
 <!--/Description-->
 
@@ -264,7 +264,7 @@ Enabling the Windows NTP Client allows your computer to synchronize its computer
 
 If you enable this policy setting, you can set the local computer clock to synchronize time with NTP servers.
 
-If you disable or do not configure this policy setting, the local computer clock does not synchronize time with NTP servers.
+If you disable or don't configure this policy setting, the local computer clock doesn't synchronize time with NTP servers.
 
 <!--/Description-->
 
@@ -310,7 +310,7 @@ This policy setting allows you to specify whether the Windows NTP Server is enab
 
 If you enable this policy setting for the Windows NTP Server, your computer can service NTP requests from other computers.
 
-If you disable or do not configure this policy setting, your computer cannot service NTP requests from other computers.
+If you disable or don't configure this policy setting, your computer can't service NTP requests from other computers.
 
 <!--/Description-->
 

From 692f043f2a450c27674cf38920c1e34cbcfd1035 Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Tue, 22 Mar 2022 21:34:41 +0530
Subject: [PATCH 035/123] updated the links

---
 windows/client-management/mdm/passportforwork-csp.md          | 4 ++--
 .../client-management/mdm/policy-csp-admx-windowsexplorer.md  | 2 +-
 windows/client-management/mdm/policy-csp-connectivity.md      | 2 +-
 windows/client-management/mdm/policy-csp-internetexplorer.md  | 4 ++--
 windows/privacy/manage-windows-21h2-endpoints.md              | 2 +-
 .../smart-card-certificate-requirements-and-enumeration.md    | 2 +-
 6 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/windows/client-management/mdm/passportforwork-csp.md b/windows/client-management/mdm/passportforwork-csp.md
index 46e3bb3016..cfca84f83c 100644
--- a/windows/client-management/mdm/passportforwork-csp.md
+++ b/windows/client-management/mdm/passportforwork-csp.md
@@ -88,7 +88,7 @@ PassportForWork
 Root node for PassportForWork configuration service provider.
 
 <a href="" id="tenantid"></a>***TenantId***  
-A globally unique identifier (GUID), without curly braces ( { , } ), that is used as part of Windows Hello for Business provisioning and management. To get a GUID, use the PowerShell cmdlet [Get-AzureAccount](https://powershell/module/servicemanagement/azure.service/get-azureaccount). For more information, see [Get Windows Azure Active Directory Tenant ID in Windows PowerShell](https://devblogs.microsoft.com/scripting/get-windows-azure-active-directory-tenant-id-in-windows-powershell).
+A globally unique identifier (GUID), without curly braces ( { , } ), that is used as part of Windows Hello for Business provisioning and management. To get a GUID, use the PowerShell cmdlet [Get-AzureAccount](/powershell/module/servicemanagement/azure.service/get-azureaccount?view=azuresmps-4.0.0). For more information, see [Get Windows Azure Active Directory Tenant ID in Windows PowerShell](https://devblogs.microsoft.com/scripting/get-windows-azure-active-directory-tenant-id-in-windows-powershell).
 
 <a href="" id="tenantid-policies"></a>***TenantId*/Policies**  
 Node for defining the Windows Hello for Business policy settings.
@@ -553,4 +553,4 @@ Here's an example for setting Windows Hello for Business and setting the PIN pol
 
  
 
- 
\ No newline at end of file
+ [text](/powershell/module/servicemanagement/azure.service/get-azureaccount?view=azuresmps-4.0.0)
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-admx-windowsexplorer.md b/windows/client-management/mdm/policy-csp-admx-windowsexplorer.md
index 0d0d03dec5..f240939159 100644
--- a/windows/client-management/mdm/policy-csp-admx-windowsexplorer.md
+++ b/windows/client-management/mdm/policy-csp-admx-windowsexplorer.md
@@ -3686,7 +3686,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to add Internet or intranet sites to the "Search again" links located at the bottom of search results in File Explorer and the Start menu links. The "Search again" links at the bottom of the Search Results view allow the user to reconduct a search but in a different location. The Internet search site will be searched with the text in the search box. To add an Internet search site, specify the URL of the search site in OpenSearch format with {searchTerms} for the query string (for example, `http://www.example.com/results.aspx?q={searchTerms}`).
+This policy setting allows you to add Internet or intranet sites to the "Search again" links located at the bottom of search results in File Explorer and the Start menu links. The "Search again" links at the bottom of the Search Results view allow the user to reconduct a search but in a different location. The Internet search site will be searched with the text in the search box. To add an Internet search site, specify the URL of the search site in OpenSearch format with {searchTerms} for the query string (for example, `https://www.example.com/results.aspx?q={searchTerms}`).
 
 You can add up to five additional links to the "Search again" links at the bottom of results returned in File Explorer after a search is executed. These links will be shared between Internet search sites and Search Connectors/Libraries. Search Connector/Library links take precedence over Internet search links.
 
diff --git a/windows/client-management/mdm/policy-csp-connectivity.md b/windows/client-management/mdm/policy-csp-connectivity.md
index cd025e67f7..1f65c65cbc 100644
--- a/windows/client-management/mdm/policy-csp-connectivity.md
+++ b/windows/client-management/mdm/policy-csp-connectivity.md
@@ -649,7 +649,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Network Connection Status Indicator (NCSI) detects Internet connectivity and corporate network connectivity status. NCSI sends a DNS request and HTTP query to `<http://www.msftconnecttest.com/connecttest.txt>` to determine if the device can communicate with the Internet.  This policy disables the NCSI active probe, preventing network connectivity to www.msftconnecttest.com.
+Network Connection Status Indicator (NCSI) detects Internet connectivity and corporate network connectivity status. NCSI sends a DNS request and HTTP query to `<http://www.msftconnecttest.com/connecttest.txt>` to determine if the device can communicate with the Internet.  This policy disables the NCSI active probe, preventing network connectivity to `www.msftconnecttest.com`.
 
 Value type is integer.
 
diff --git a/windows/client-management/mdm/policy-csp-internetexplorer.md b/windows/client-management/mdm/policy-csp-internetexplorer.md
index 2775253a06..a4b2b54bee 100644
--- a/windows/client-management/mdm/policy-csp-internetexplorer.md
+++ b/windows/client-management/mdm/policy-csp-internetexplorer.md
@@ -1960,7 +1960,7 @@ Internet Explorer has 4 security zones, numbered 1-4, and these are used by this
 
 If you enable this policy setting, you can enter a list of sites and their related zone numbers. The association of a site with a zone will ensure that the security settings for the specified zone are applied to the site.  For each entry that you add to the list, enter the following information:
 
-Valuename – A host for an intranet site, or a fully qualified domain name for other sites. The valuename may also include a specific protocol. For example, if you enter `<http://www.contoso.com>` as the valuename, other protocols are not affected. If you enter just `www.contoso.com,` then all protocols are affected for that site, including http, https, ftp, and so on. The site may also be expressed as an IP address (e.g., 127.0.0.1) or range (e.g., 127.0.0.1-10). To avoid creating conflicting policies, do not include additional characters after the domain such as trailing slashes or URL path. For example, policy settings for www.contoso.com and www.contoso.com/mail would be treated as the same policy setting by Internet Explorer, and would therefore be in conflict.
+Valuename – A host for an intranet site, or a fully qualified domain name for other sites. The valuename may also include a specific protocol. For example, if you enter `<http://www.contoso.com>` as the valuename, other protocols are not affected. If you enter just `www.contoso.com,` then all protocols are affected for that site, including http, https, ftp, and so on. The site may also be expressed as an IP address (e.g., 127.0.0.1) or range (e.g., 127.0.0.1-10). To avoid creating conflicting policies, do not include additional characters after the domain such as trailing slashes or URL path. For example, policy settings for `www.contoso.com` and `www.contoso.com/mail` would be treated as the same policy setting by Internet Explorer, and would therefore be in conflict.
 
 Value - A number indicating the zone with which this site should be associated for security settings. The Internet Explorer zones described above are 1-4.
 
@@ -2002,7 +2002,7 @@ ADMX Info:
 ```
 
 Value and index pairs in the SyncML example:  
-- `http://adfs.contoso.org 1`
+- `https://adfs.contoso.org 1`
 - `https://microsoft.com 2`
 
 <!--/Example-->
diff --git a/windows/privacy/manage-windows-21h2-endpoints.md b/windows/privacy/manage-windows-21h2-endpoints.md
index f8bf449d07..1988d81396 100644
--- a/windows/privacy/manage-windows-21h2-endpoints.md
+++ b/windows/privacy/manage-windows-21h2-endpoints.md
@@ -93,7 +93,7 @@ The following methodology was used to derive these network endpoints:
 |||HTTP|share.microsoft.com|
 ||The following endpoint is used to get Microsoft Store analytics.|TLSv1.2/HTTPS/HTTP|manage.devcenter.microsoft.com|
 |Network Connection Status Indicator (NCSI)|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-ncsi)|
-||Network Connection Status Indicator (NCSI) detects Internet connectivity and corporate network connectivity status. NCSI sends a DNS request and HTTP query to this endpoint to determine if the device can communicate with the Internet. If you turn off traffic for this endpoint, NCSI won't be able to determine if the device is connected to the Internet and the network status tray icon will show a warning.|HTTPS|www.msftconnecttest.com*|
+||Network Connection Status Indicator (NCSI) detects Internet connectivity and corporate network connectivity status. NCSI sends a DNS request and HTTP query to this endpoint to determine if the device can communicate with the Internet. If you turn off traffic for this endpoint, NCSI won't be able to determine if the device is connected to the Internet and the network status tray icon will show a warning.|HTTPS|`www.msftconnecttest.com`|
 |Office|The following endpoints are used to connect to the Office 365 portal's shared infrastructure, including Office in a browser. For more info, see Office 365 URLs and IP address ranges. You can turn this off by removing all Microsoft Office apps and the Mail and Calendar apps. If you turn off traffic for these endpoints, users won't be able to save documents to the cloud or see their recently used documents.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#26-microsoft-store)|
 |||HTTPS|www.office.com|
 |||HTTPS|blobs.officehome.msocdn.com|
diff --git a/windows/security/identity-protection/smart-cards/smart-card-certificate-requirements-and-enumeration.md b/windows/security/identity-protection/smart-cards/smart-card-certificate-requirements-and-enumeration.md
index c1e4b2c2d4..eea206d53d 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-certificate-requirements-and-enumeration.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-certificate-requirements-and-enumeration.md
@@ -187,7 +187,7 @@ The smart card certificate has specific format requirements when it is used with
 
 |            **Component**             |                                                                **Requirements for Windows 8.1, Windows 8, Windows 7, Windows Vista, Windows 10, and Windows 11**                                                                 |                                                                                                **Requirements for Windows XP**                                                                                                 |
 |--------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-|   CRL distribution point location    |                                                                                               Not required                                                                                               |             The location must be specified, online, and available, for example:<br>\[1\]CRL Distribution Point<br>Distribution Point Name:<br>Full Name:<br>URL=`<http://server1.contoso.com/CertEnroll/caname.crl>`             |
+|   CRL distribution point location    |                                                                                               Not required                                                                                               |             The location must be specified, online, and available, for example:<br>\[1\]CRL Distribution Point<br>Distribution Point Name:<br>Full Name:<br>URL=`<https://server1.contoso.com/CertEnroll/caname.crl>`             |
 |              Key usage               |                                                                                            Digital signature                                                                                             |                                                                                                       Digital signature                                                                                                        |
 |          Basic constraints           |                                                                                               Not required                                                                                               |                                                                              \[Subject Type=End Entity, Path Length Constraint=None\] (Optional)                                                                               |
 |       Enhanced key usage (EKU)       | The smart card sign-in object identifier is not required.<br><br>**Note**&nbsp;&nbsp;If an EKU is present, it must contain the smart card sign-in EKU. Certificates with no EKU can be used for sign-in. |      -   Client Authentication (1.3.6.1.5.5.7.3.2)<br>The client authentication object identifier is required only if a certificate is used for SSL authentication.<br><br>- Smart Card Sign-in (1.3.6.1.4.1.311.20.2.2)       |

From a98e63d7a1155c0e847740b85af4ca3ab6cfef6d Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Wed, 23 Mar 2022 15:22:23 +0530
Subject: [PATCH 036/123] updated the broken links

---
 browsers/edge/microsoft-edge.yml                          | 8 ++------
 .../windows/deploy-windows-10-in-a-school-district.md     | 2 +-
 education/windows/get-minecraft-for-education.md          | 2 +-
 .../appv-deploying-microsoft-office-2013-with-appv.md     | 2 +-
 .../app-v/appv-performance-guidance.md                    | 2 --
 windows/application-management/app-v/appv-reporting.md    | 4 ++--
 .../app-v/appv-using-the-client-management-console.md     | 7 -------
 windows/client-management/mdm/policy-csp-browser.md       | 2 +-
 windows/client-management/mdm/policy-csp-system.md        | 2 +-
 windows/deployment/deploy-m365.md                         | 2 +-
 ...loyment-with-windows-pe-using-configuration-manager.md | 2 +-
 windows/deployment/deploy-windows-to-go.md                | 3 ---
 .../planning/windows-10-enterprise-faq-itpro.yml          | 2 +-
 windows/deployment/update/WIP4Biz-intro.md                | 2 +-
 windows/deployment/update/windows-update-errors.md        | 2 +-
 windows/deployment/upgrade/quick-fixes.md                 | 2 +-
 windows/deployment/upgrade/troubleshoot-upgrade-errors.md | 2 +-
 windows/deployment/windows-10-poc-mdt.md                  | 2 +-
 .../essential-services-and-connected-experiences.md       | 4 ++--
 .../identity-protection/enterprise-certificate-pinning.md | 4 ++--
 .../smart-cards/smart-card-architecture.md                | 2 +-
 .../smart-card-smart-cards-for-windows-service.md         | 2 +-
 .../secure-the-windows-10-boot-process.md                 | 4 +++-
 windows/whats-new/ltsc/whats-new-windows-10-2015.md       | 2 +-
 24 files changed, 27 insertions(+), 41 deletions(-)

diff --git a/browsers/edge/microsoft-edge.yml b/browsers/edge/microsoft-edge.yml
index 54276502a1..a6cf2c40ad 100644
--- a/browsers/edge/microsoft-edge.yml
+++ b/browsers/edge/microsoft-edge.yml
@@ -48,8 +48,6 @@ landingContent:
         links:
           - text: Test your site on Microsoft Edge for free on BrowserStack
             url: https://developer.microsoft.com/microsoft-edge/tools/remote/
-          - text: Use sonarwhal to improve your website
-            url: https://sonarwhal.com/
   
   # Card (optional)
   - title: Improve compatibility with Enterprise Mode
@@ -126,10 +124,8 @@ landingContent:
             url: ./edge-technical-demos.md
       - linkListType: how-to-guide
         links:
-          - text: Import bookmarks
-            url: https://microsoftedgetips.microsoft.com/2/39
-          - text: Password management
-            url: https://microsoftedgetips.microsoft.com/2/18
+          - text: Microsoft Edge features and tips
+            url: https://microsoftedgetips.microsoft.com
       
   # Card (optional)
   - title: Stay informed
diff --git a/education/windows/deploy-windows-10-in-a-school-district.md b/education/windows/deploy-windows-10-in-a-school-district.md
index 2c43aa28c6..cf3bd2376b 100644
--- a/education/windows/deploy-windows-10-in-a-school-district.md
+++ b/education/windows/deploy-windows-10-in-a-school-district.md
@@ -642,7 +642,7 @@ Several methods are available to bulk-import user accounts into AD DS domains. T
 |Method |Description and reason to select this method |
 |-------|---------------------------------------------|
 |Ldifde.exe|This command-line tool allows you to import and export objects (such as user accounts) from AD DS. Select this method if you aren't comfortable with Microsoft Visual Basic Scripting Edition (VBScript), Windows PowerShell, or other scripting languages. For more information about using Ldifde.exe, see [Step-by-Step Guide to Bulk Import and Export to Active Directory](/previous-versions/windows/it-pro/windows-2000-server/bb727091(v=technet.10)), [LDIFDE—Export/Import data from Active Directory—LDIFDE commands](https://support.microsoft.com/kb/555636), [Import or Export Directory Objects Using Ldifde](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc816781(v=ws.10)), and [LDIFDE](/previous-versions/orphan-topics/ws.10/cc755456(v=ws.10)).|
-|VBScript|This scripting language uses the Active Directory Services Interfaces (ADSI) Component Object Model interface to manage AD DS objects, including user and group objects. Select this method if you’re comfortable with VBScript. For more information about using VBScript and ADSI, see [Step-by-Step Guide to Bulk Import and Export to Active Directory](/previous-versions/windows/it-pro/windows-2000-server/bb727091(v=technet.10)) and [ADSI Scriptomatic](https://technet.microsoft.com/scriptcenter/dd939958.aspx).|
+|VBScript|This scripting language uses the Active Directory Services Interfaces (ADSI) Component Object Model interface to manage AD DS objects, including user and group objects. Select this method if you’re comfortable with VBScript. For more information about using VBScript, see [Step-by-Step Guide to Bulk Import and Export to Active Directory](/previous-versions/windows/it-pro/windows-2000-server/bb727091(v=technet.10)).|
 |Windows PowerShell|This scripting language natively supports cmdlets to manage AD DS objects, including user and group objects. Select this method if you’re comfortable with Windows PowerShell scripting. For more information about using Windows PowerShell, see [Import Bulk Users to Active Directory](/archive/blogs/technet/bettertogether/import-bulk-users-to-active-directory) and [PowerShell: Bulk create AD Users from CSV file](https://social.technet.microsoft.com/wiki/contents/articles/24541.powershell-bulk-create-ad-users-from-csv-file.aspx).|
 
 *Table 12. AD DS bulk-import account methods*
diff --git a/education/windows/get-minecraft-for-education.md b/education/windows/get-minecraft-for-education.md
index a89e29de02..2ce2c20be3 100644
--- a/education/windows/get-minecraft-for-education.md
+++ b/education/windows/get-minecraft-for-education.md
@@ -36,7 +36,7 @@ Teachers and IT administrators can now get early access to **Minecraft: Educatio
 - **Minecraft: Education Edition** requires Windows 10.
 - Trials or subscriptions of **Minecraft: Education Edition** are offered to education tenants that are managed by Azure Active Directory (Azure AD).
   - If your school doesn't have an Azure AD tenant, the [IT administrator can set one up](school-get-minecraft.md) as part of the process of getting **Minecraft: Education Edition**.
-  - Office 365 Education, which includes online versions of Office apps plus 1 TB online storage. [Sign up your school for Office 365 Education.](https://products.office.com/academic/office-365-education-plan)
+  - Office 365 Education, which includes online versions of Office apps plus 1 TB online storage. [Sign up your school for Office 365 Education.](https://www.microsoft.com/education/products/office)
   - If your school has an Office 365 Education subscription, it includes a free Azure AD subscription. [Register your free Azure AD subscription.](/windows/client-management/mdm/register-your-free-azure-active-directory-subscription)
 
 <!-- ![teacher.](images/teacher.png) --> 
diff --git a/windows/application-management/app-v/appv-deploying-microsoft-office-2013-with-appv.md b/windows/application-management/app-v/appv-deploying-microsoft-office-2013-with-appv.md
index 5906199b4c..9a88ecac4e 100644
--- a/windows/application-management/app-v/appv-deploying-microsoft-office-2013-with-appv.md
+++ b/windows/application-management/app-v/appv-deploying-microsoft-office-2013-with-appv.md
@@ -430,7 +430,7 @@ This section describes the requirements and options for deploying Visio 2013 and
 ### Additional resources for Connection Groups
 
 * [Managing Connection Groups](appv-managing-connection-groups.md)
-* [Connection groups on the App-V team blog](https://blogs.msdn.microsoft.com/gladiator/tag/connection-groups/)
+* [Connection groups on the App-V team blog](/archive/blogs/gladiator/app-v-5-more-on-connection-group)
 
 ### Additional resources for Dynamic Configuration
 
diff --git a/windows/application-management/app-v/appv-performance-guidance.md b/windows/application-management/app-v/appv-performance-guidance.md
index c071b97a75..7aa779a219 100644
--- a/windows/application-management/app-v/appv-performance-guidance.md
+++ b/windows/application-management/app-v/appv-performance-guidance.md
@@ -350,8 +350,6 @@ Server Performance Tuning Guidelines for
 
 **Windows Client (Guest OS) Performance Tuning Guidance**
 
--   [Microsoft Windows 7](https://download.microsoft.com/download/E/5/7/E5783D68-160B-4366-8387-114FC3E45EB4/Performance Tuning Guidelines for Windows 7 Desktop Virtualization v1.9.docx)
-
 -   [Optimization Script: (Provided by Microsoft Support)](/archive/blogs/jeff_stokes/the-microsoft-premier-field-engineer-pfe-view-on-virtual-desktop-vdi-density)
 
 -   [Microsoft Windows 8](https://download.microsoft.com/download/6/0/1/601D7797-A063-4FA7-A2E5-74519B57C2B4/Windows_8_VDI_Image_Client_Tuning_Guide.pdf)
diff --git a/windows/application-management/app-v/appv-reporting.md b/windows/application-management/app-v/appv-reporting.md
index ff8fff1d70..2f45c2a76c 100644
--- a/windows/application-management/app-v/appv-reporting.md
+++ b/windows/application-management/app-v/appv-reporting.md
@@ -28,9 +28,9 @@ The following list displays the end–to-end high-level workflow for reporting i
    * Windows Authentication role (under **IIS / Security**)
    * SQL Server installed and running with SQL Server Reporting Services (SSRS)
 
-     To confirm SQL Server Reporting Services is running, enter <https://localhost/Reports> in a web browser as administrator on the server that will host App-V Reporting. The SQL Server Reporting Services Home page should appear.
+     To confirm SQL Server Reporting Services is running, enter `https://localhost/Reports` in a web browser as administrator on the server that will host App-V Reporting. The SQL Server Reporting Services Home page should appear.4
 2. Install the App-V reporting server and associated database. For more information about installing the reporting server see [How to install the Reporting Server on a standalone computer and connect it to the database](appv-install-the-reporting-server-on-a-standalone-computer.md). Configure the time when the computer running the App-V client should send data to the reporting server.
-3. If you are not using an electronic software distribution system such as Configuration Manager to view reports then you can define reports in SQL Server Reporting Service. Download predefined appvshort Reports from the Download Center at [Application Virtualization SSRS Reports](https://www.microsoft.com/download/details.aspx?id=42630).
+3. If you are not using an electronic software distribution system such as Configuration Manager to view reports then you can define reports in SQL Server Reporting Service.
 
    > [!NOTE]
     >If you are using the Configuration Manager integration with App-V, most reports are generated from Configuration Manager rather than from App-V.
diff --git a/windows/application-management/app-v/appv-using-the-client-management-console.md b/windows/application-management/app-v/appv-using-the-client-management-console.md
index 0977cd8d6f..33d519b976 100644
--- a/windows/application-management/app-v/appv-using-the-client-management-console.md
+++ b/windows/application-management/app-v/appv-using-the-client-management-console.md
@@ -19,13 +19,6 @@ ms.author: aaroncz
 
 This topic provides information about using the Application Virtualization (App-V) client management console to manage packages on the computer running the App-V client.
 
-## Obtain the client management console
-
-The client management console is separate from the App-V client itself. You can download the client management console from the [Microsoft Download Center](https://www.microsoft.com/download/details.aspx?id=41186).
-
-> [!NOTE]
-> To perform all of the actions available using the client management console, you must have administrative access on the computer running the App-V client.
-
 ## Options for managing the App-V client
 
 The App-V client has associated settings that can be configured to determine how the client will run in your environment. You can manage these settings on the computer that runs the client, or you can use Windows PowerShell or Group Policy. For more information about configuring the client by using Windows PowerShell or Group Policy, see:
diff --git a/windows/client-management/mdm/policy-csp-browser.md b/windows/client-management/mdm/policy-csp-browser.md
index cbf9ef190b..2bd06a9345 100644
--- a/windows/client-management/mdm/policy-csp-browser.md
+++ b/windows/client-management/mdm/policy-csp-browser.md
@@ -2866,7 +2866,7 @@ Define a default list of favorites in Microsoft Edge. In this case, the Save a F
 To define a default list of favorites:
 1. In the upper-right corner of Microsoft Edge, click the ellipses (**...**) and select **Settings**.
 2. Click **Import from another browser**, click **Export to file** and save the file.
-3. In the **Options** section of the Group Policy Editor, provide the location that points the file with the list of favorites to provision. <p><p>Specify the URL as:<ul><li>HTTP location: "SiteList"=<http://localhost:8080/URLs.html></li><li>Local network: "SiteList"="\network\shares\URLs.html"</li><li>Local file: "SiteList"=file:///c:/Users/Documents/URLs.html</li></ul>
+3. In the **Options** section of the Group Policy Editor, provide the location that points the file with the list of favorites to provision. <p><p>Specify the URL as:<ul><li>HTTP location: "SiteList"=`<http://localhost:8080/URLs.html>`</li><li>Local network: "SiteList"="\network\shares\URLs.html"</li><li>Local file: "SiteList"=file:///c:/Users/Documents/URLs.html</li></ul>
 
 
 >[!IMPORTANT]
diff --git a/windows/client-management/mdm/policy-csp-system.md b/windows/client-management/mdm/policy-csp-system.md
index 9e31c3a67b..98a60f8914 100644
--- a/windows/client-management/mdm/policy-csp-system.md
+++ b/windows/client-management/mdm/policy-csp-system.md
@@ -529,7 +529,7 @@ The following list shows the supported values:
 
 This policy setting configures an Azure Active Directory joined device so that Microsoft is the processor of the Windows diagnostic data.
 
-For customers who enroll into the Microsoft Managed Desktop service, this policy will be enabled by default to allow Microsoft to process data for operational and analytic needs. For more information, see [Privacy and personal data](/microsoft-365/managed-desktop/service-description/privacy-personal-data.md).
+For customers who enroll into the Microsoft Managed Desktop service, this policy will be enabled by default to allow Microsoft to process data for operational and analytic needs. For more information, see [Privacy and personal data](/microsoft-365/managed-desktop/service-description/privacy-personal-data).
 
 This setting has no effect on devices unless they are properly enrolled in Microsoft Managed Desktop.
 
diff --git a/windows/deployment/deploy-m365.md b/windows/deployment/deploy-m365.md
index 2e301a1898..d5c45465ba 100644
--- a/windows/deployment/deploy-m365.md
+++ b/windows/deployment/deploy-m365.md
@@ -25,7 +25,7 @@ ms.custom: seo-marvel-apr2020
 
 This topic provides a brief overview of Microsoft 365 and describes how to use a free 90-day trial account to review some of the benefits of Microsoft 365.
 
-[Microsoft 365](https://www.microsoft.com/microsoft-365) is a new offering from Microsoft that combines [Windows 10](https://www.microsoft.com/windows/features) with [Office 365](https://products.office.com/business/explore-office-365-for-business), and [Enterprise Mobility and Security](https://www.microsoft.com/cloud-platform/enterprise-mobility-security) (EMS). See the [M365 Enterprise poster](#m365-enterprise-poster) for an overview.
+[Microsoft 365](https://www.microsoft.com/microsoft-365) is a new offering from Microsoft that combines [Windows 10](https://www.microsoft.com/windows/features) with [Office 365](https://www.microsoft.com/microsoft-365/office-365), and [Enterprise Mobility and Security](https://www.microsoft.com/cloud-platform/enterprise-mobility-security) (EMS). See the [M365 Enterprise poster](#m365-enterprise-poster) for an overview.
 
 For Windows 10 deployment, Microsoft 365 includes a fantastic deployment advisor that can walk you through the entire process of deploying Windows 10. The wizard supports multiple Windows 10 deployment methods, including:
 
diff --git a/windows/deployment/deploy-windows-cm/add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md b/windows/deployment/deploy-windows-cm/add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md
index 7197e67d4e..b007f111f0 100644
--- a/windows/deployment/deploy-windows-cm/add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md
+++ b/windows/deployment/deploy-windows-cm/add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md
@@ -61,7 +61,7 @@ On **CM01**:
 
 ## Add drivers for Windows 10
 
-This section illustrates how to add drivers for Windows 10 using the HP EliteBook 8560w as an example. For the HP EliteBook 8560w, you use HP SoftPaq Download Manager to get the drivers. The HP SoftPaq Download Manager can be accessed on the [HP Support site](https://go.microsoft.com/fwlink/p/?LinkId=619545).
+This section illustrates how to add drivers for Windows 10 using the HP EliteBook 8560w as an example. Use the HP Image Assistant from the [HP Client Management Solutions site](https://hp.com/go/clientmanagement).
 
 For the purposes of this section, we assume that you have downloaded the Windows 10 drivers for the HP EliteBook 8560w model and copied them to the **D:\Sources$\OSD\DriverSources\Windows 10 x64\Hewlett-Packard\HP EliteBook 8560w** folder on CM01.
 
diff --git a/windows/deployment/deploy-windows-to-go.md b/windows/deployment/deploy-windows-to-go.md
index d2fbd1fd5a..9846a41bcf 100644
--- a/windows/deployment/deploy-windows-to-go.md
+++ b/windows/deployment/deploy-windows-to-go.md
@@ -974,9 +974,6 @@ write-output "" "Provisioning script complete."
 
 ## Considerations when using different USB keyboard layouts with Windows To Go
 
-
-Before provisioning your Windows To Go drive you need to consider if your workspace will boot on a computer with a non-English USB keyboard attached. As described in [KB article 927824](https://go.microsoft.com/fwlink/p/?LinkId=619176) there is a known issue where the plug and play ID causes the keyboard to be incorrectly identified as an English 101 key keyboard. To avoid this problem, you can modify the provisioning script to set the override keyboard parameters.
-
 In the PowerShell provisioning script, after the image has been applied, you can add the following commands that will correctly set the keyboard settings. The following example uses the Japanese keyboard layout:
 
 ``` 
diff --git a/windows/deployment/planning/windows-10-enterprise-faq-itpro.yml b/windows/deployment/planning/windows-10-enterprise-faq-itpro.yml
index 2db0fd7296..57e27c5930 100644
--- a/windows/deployment/planning/windows-10-enterprise-faq-itpro.yml
+++ b/windows/deployment/planning/windows-10-enterprise-faq-itpro.yml
@@ -137,7 +137,7 @@ sections:
           The desktop experience in Windows 10 has been improved to provide a better experience for people that use a traditional mouse and keyboard. Key changes include:
           - Start menu is a launching point for access to apps.
           - Universal apps now open in windows instead of full screen.
-          - [Multitasking is improved with adjustable Snap](http://blogs.windows.com/bloggingwindows/2015/06/04/arrange-your-windows-in-a-snap/), which allows you to have more than two windows side-by-side on the same screen and to customize how those windows are arranged.
+          - [Multitasking is improved with adjustable Snap](https://blogs.windows.com/windows-insider/2015/06/04/arrange-your-windows-in-a-snap/), which allows you to have more than two windows side-by-side on the same screen and to customize how those windows are arranged.
           - Tablet Mode to simplify using Windows with a finger or pen by using touch input.
           
   - name: Help and support
diff --git a/windows/deployment/update/WIP4Biz-intro.md b/windows/deployment/update/WIP4Biz-intro.md
index 0344fbd385..18af595923 100644
--- a/windows/deployment/update/WIP4Biz-intro.md
+++ b/windows/deployment/update/WIP4Biz-intro.md
@@ -48,7 +48,7 @@ Windows 10 Insider Preview builds offer organizations a valuable and exciting op
 |Release channel  |**Fast Ring:** Insider Preview builds in the Fast Ring are released approximately once a week and contain the very latest features. This makes them ideal for feature exploration.|
 |Users    |    Because Fast Ring builds are released so early in the development cycle, we recommend limiting feature exploration in your organization to IT administrators and developers running Insider Preview builds on secondary devices.     |
 |Tasks   |  - Install and manage Insider Preview builds on devices (per device or centrally across multiple devices)<br>  - Explore new features in Windows designed for organizations, including new features related to current and planned line of business applications<br> - Before running an Insider Preview build, check our [Windows Insider blog](https://blogs.windows.com/windowsexperience/tag/windows-insider-program/#k3WWwxKCTWHCO82H.97) for a summary of current features.      |
-|Feedback   |  - Provide feedback via [Feedback Hub app](insiderhub://home/). This helps us make adjustments to features as quickly as possible.<br> - Encourage users to sign into the Feedback Hub using their AAD work accounts. This enables both you and Microsoft to track feedback submitted by users within your specific organization. (Note: This tracking is only visible to Microsoft and registered Insiders within your organization’s domain.)<br> - [Learn how to provide effective feedback in the Feedback Hub](https://insider.windows.com/how-to-feedback/)       |
+|Feedback   |  - This helps us make adjustments to features as quickly as possible.<br> - Encourage users to sign into the Feedback Hub using their AAD work accounts. This enables both you and Microsoft to track feedback submitted by users within your specific organization. (Note: This tracking is only visible to Microsoft and registered Insiders within your organization’s domain.)<br> - [Learn how to provide effective feedback in the Feedback Hub](https://insider.windows.com/how-to-feedback/)       |
 
 ## Validate Insider Preview builds 
 Along with exploring new features, you also have the option to validate your apps and infrastructure on Insider Preview builds. This activity can play an important role in your [Windows 10 deployment strategy](/windows/deployment/update/waas-windows-insider-for-business). Early validation has several benefits:
diff --git a/windows/deployment/update/windows-update-errors.md b/windows/deployment/update/windows-update-errors.md
index b500ca17a8..5b9ccf98bf 100644
--- a/windows/deployment/update/windows-update-errors.md
+++ b/windows/deployment/update/windows-update-errors.md
@@ -198,7 +198,7 @@ The following table provides information about common errors you might run into
 
 | Message | Description | Mitigation |
 |---------|-------------|------------|
-| WININET_E_TIMEOUT; The operation timed out | Unable to scan for updates due to a connectivity issue to Windows Update, Configuration Manager, or WSUS. | This error generally means that the Windows Update Agent was unable to connect to the update servers or your own source, such as WSUS, Configuration Manager, or Microsoft Endpoint Manager. <br> Check with your network team to ensure that the device can reach the update sources. For more info, see [Troubleshoot software update scan failures in Configuration Manager](/mem/configmgr/troubleshoot-software-update-scan-failures). <br> If you’re using the public Microsoft update servers, check that your device can access the following Windows Update endpoints: <br> `http://windowsupdate.microsoft.com` <br> https://.windowsupdate.microsoft.com <br> https://update.microsoft.com <br> https://*.update.microsoft.com <br> https://windowsupdate.com <br> https://*.windowsupdate.com <br> https://download.windowsupdate.com <br> https://*.download.windowsupdate.com <br> https://download.microsoft.com <br> https://*.download.windowsupdate.com <br> https://wustat.windows.com <br> https://*.wustat.windows.com <br> https://ntservicepack.microsoft.com |
+| WININET_E_TIMEOUT; The operation timed out | Unable to scan for updates due to a connectivity issue to Windows Update, Configuration Manager, or WSUS. | This error generally means that the Windows Update Agent was unable to connect to the update servers or your own source, such as WSUS, Configuration Manager, or Microsoft Endpoint Manager. <br> Check with your network team to ensure that the device can reach the update sources. For more info, see [Troubleshoot software update scan failures in Configuration Manager](/mem/configmgr/troubleshoot-software-update-scan-failures). <br> If you’re using the public Microsoft update servers, check that your device can access the following Windows Update endpoints: <br> `http://windowsupdate.microsoft.com` <br> `https://.windowsupdate.microsoft.com` <br> `https://update.microsoft.com` <br> `https://*.update.microsoft.com` <br> `https://windowsupdate.com` <br> `https://*.windowsupdate.com` <br> `4` <br> `https://*.download.windowsupdate.com` <br> `https://download.microsoft.com` <br> `https://*.download.windowsupdate.com` <br> `https://wustat.windows.com` <br> `https://*.wustat.windows.com` <br> `https://ntservicepack.microsoft.com` |
 
 ## 0x80240022
 
diff --git a/windows/deployment/upgrade/quick-fixes.md b/windows/deployment/upgrade/quick-fixes.md
index 3f582da318..87164563f3 100644
--- a/windows/deployment/upgrade/quick-fixes.md
+++ b/windows/deployment/upgrade/quick-fixes.md
@@ -243,7 +243,7 @@ When you run Disk Cleanup and enable the option to Clean up system files, you ca
 
 To launch an elevated command prompt, press the Windows key on your keyboard, type **cmd**, press Ctrl+Shift+Enter, and then click **Yes** to confirm the elevation prompt. Screenshots and other steps to open an elevated command prompt are [here](https://answers.microsoft.com/en-us/windows/forum/windows_7-security/command-prompt-admin-windows-7/6a188166-5e23-461f-b468-f325688ec8c7). 
 
-Note: When you open an elevated command prompt, you will usually start in the **C:\WINDOWS\system32** directory. To run a program that you recently downloaded, you must change to the directory where the program is located. Alternatively, you can move or copy the program to a location on the computer that is automatically searched. These directories are listed in the [PATH variable](https://answers.microsoft.com/windows/forum/windows_10-other_settings-winpc/adding-path-variable/97300613-20cb-4d85-8d0e-cc9d3549ba23).
+Note: When you open an elevated command prompt, you will usually start in the **C:\WINDOWS\system32** directory. To run a program that you recently downloaded, you must change to the directory where the program is located. Alternatively, you can move or copy the program to a location on the computer that is automatically searched. These directories are listed in the [PATH variable](https://answers.microsoft.com/windows/forum/all/adding-path-variable/97300613-20cb-4d85-8d0e-cc9d3549ba23).
 
 If this is too complicated for you, then use File Explorer to create a new folder under C: with a short name such as "new" then copy or move the programs you want to run (like SetupDiag) to this folder using File Explorer. When you open an elevated command prompt, change to this directory by typing "cd c:\new" and now you can run the programs in that folder.
 
diff --git a/windows/deployment/upgrade/troubleshoot-upgrade-errors.md b/windows/deployment/upgrade/troubleshoot-upgrade-errors.md
index f6a54dca56..736fd59813 100644
--- a/windows/deployment/upgrade/troubleshoot-upgrade-errors.md
+++ b/windows/deployment/upgrade/troubleshoot-upgrade-errors.md
@@ -95,6 +95,6 @@ WIM = Windows image (Microsoft)
 
 [Windows 10 FAQ for IT professionals](../planning/windows-10-enterprise-faq-itpro.yml)
 <br>[Windows 10 Enterprise system requirements](https://technet.microsoft.com/windows/dn798752.aspx)
-<br>[Windows 10 Specifications](https://www.microsoft.com/windows/Windows-/ifications)
+<br>[Windows 10 Specifications](https://www.microsoft.com/windows/windows-10-specifications)
 <br>[Windows 10 IT pro forums](https://social.technet.microsoft.com/Forums/en-US/home?category=Windows10ITPro)
 <br>[Fix Windows Update errors by using the DISM or System Update Readiness tool](/troubleshoot/windows-server/deployment/fix-windows-update-errors)
diff --git a/windows/deployment/windows-10-poc-mdt.md b/windows/deployment/windows-10-poc-mdt.md
index e5e014f594..8b61c8fdc5 100644
--- a/windows/deployment/windows-10-poc-mdt.md
+++ b/windows/deployment/windows-10-poc-mdt.md
@@ -394,7 +394,7 @@ This procedure will demonstrate how to deploy the reference image to the PoC env
 
 2. On the **Monitoring** tab, select the **Enable monitoring for this deployment share** checkbox, and then click **OK**.
 
-3. Verify the monitoring service is working as expected by opening the following link on SRV1 in Internet Explorer: [http://localhost:9800/MDTMonitorEvent/](http://localhost:9800/MDTMonitorEvent/). If you do not see "**You have created a service**" at the top of the page, see [Troubleshooting MDT 2012 Monitoring](/archive/blogs/mniehaus/troubleshooting-mdt-2012-monitoring).
+3. Verify the monitoring service is working as expected by opening the following link on SRV1 : `http://localhost:9800/MDTMonitorEvent/`. If you do not see "**You have created a service**" at the top of the page, see [Troubleshooting MDT 2012 Monitoring](/archive/blogs/mniehaus/troubleshooting-mdt-2012-monitoring).
 
 4. Close Internet Explorer.
 
diff --git a/windows/privacy/essential-services-and-connected-experiences.md b/windows/privacy/essential-services-and-connected-experiences.md
index b84bda7733..511e540cc5 100644
--- a/windows/privacy/essential-services-and-connected-experiences.md
+++ b/windows/privacy/essential-services-and-connected-experiences.md
@@ -99,8 +99,8 @@ Internet Explorer shares many of the Windows essential services listed above. Th
 ## Related links
 
 - [Manage connections from Windows operating system components to Microsoft services](manage-connections-from-windows-operating-system-components-to-microsoft-services.md)
-- [Connected Experiences in Office](/deployoffice/privacy/connected-experiences.md)
-- [Essential Services in Office](/deployoffice/privacy/essential-services.md)
+- [Connected Experiences in Office](/deployoffice/privacy/connected-experiences)
+- [Essential Services in Office](/deployoffice/privacy/essential-services)
 
 To view endpoints for Windows Enterprise, see:
 
diff --git a/windows/security/identity-protection/enterprise-certificate-pinning.md b/windows/security/identity-protection/enterprise-certificate-pinning.md
index 050b9e39c3..b41236db4a 100644
--- a/windows/security/identity-protection/enterprise-certificate-pinning.md
+++ b/windows/security/identity-protection/enterprise-certificate-pinning.md
@@ -245,8 +245,8 @@ Whenever an application verifies a TLS/SSL certificate chain that contains a ser
 The output file name consists of the leading eight ASCII hex digits of the root’s SHA1 thumbprint followed by the server name. 
 For example:
 
-- D4DE20D0_xsi.outlook.com.p7b
-- DE28F4A4_www.yammer.com.p7b
+- `D4DE20D0_xsi.outlook.com.p7b`
+- `DE28F4A4_www.yammer.com.p7b`
 
 If there's either an enterprise certificate pin rule or a Microsoft certificate pin rule mismatch, then Windows writes the .p7b file to the **MismatchPinRules** child folder. 
 If the pin rules have expired, then Windows writes the .p7b to the **ExpiredPinRules** child folder. 
diff --git a/windows/security/identity-protection/smart-cards/smart-card-architecture.md b/windows/security/identity-protection/smart-cards/smart-card-architecture.md
index bad0c616fe..3ce6180ae9 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-architecture.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-architecture.md
@@ -82,7 +82,7 @@ Credential providers must be registered on a computer running Windows, and they
 
 ## Smart card subsystem architecture
 
-Vendors provide smart cards and smart card readers, and in many cases the vendors are different for the smart card and the smart card reader. Drivers for smart card readers are written to the [Personal Computer/Smart Card (PC/SC) standard](https://www.pcscworkgroup.com/). Each smart card must have a Cryptographic Service Provider (CSP) that uses the CryptoAPI interfaces to enable cryptographic operations, and the WinSCard APIs to enable communications with smart card hardware.
+Vendors provide smart cards and smart card readers, and in many cases the vendors are different for the smart card and the smart card reader. Drivers for smart card readers are written to the [Personal Computer/Smart Card (PC/SC) standard](https://pcscworkgroup.com/). Each smart card must have a Cryptographic Service Provider (CSP) that uses the CryptoAPI interfaces to enable cryptographic operations, and the WinSCard APIs to enable communications with smart card hardware.
 
 ### Base CSP and smart card minidriver architecture
 
diff --git a/windows/security/identity-protection/smart-cards/smart-card-smart-cards-for-windows-service.md b/windows/security/identity-protection/smart-cards/smart-card-smart-cards-for-windows-service.md
index dd3d3ccddb..0d26cf1289 100644
--- a/windows/security/identity-protection/smart-cards/smart-card-smart-cards-for-windows-service.md
+++ b/windows/security/identity-protection/smart-cards/smart-card-smart-cards-for-windows-service.md
@@ -22,7 +22,7 @@ Applies To: Windows 10, Windows 11, Windows Server 2016 and above
 
 This topic for the IT professional and smart card developers describes how the Smart Cards for Windows service (formerly called Smart Card Resource Manager) manages readers and application interactions.
 
-The Smart Cards for Windows service provides the basic infrastructure for all other smart card components as it manages smart card readers and application interactions on the computer. It is fully compliant with the specifications set by the PC/SC Workgroup. For information about these specifications, see the [PC/SC Workgroup Specifications website](https://www.pcscworkgroup.com/).
+The Smart Cards for Windows service provides the basic infrastructure for all other smart card components as it manages smart card readers and application interactions on the computer. It is fully compliant with the specifications set by the PC/SC Workgroup. For information about these specifications, see the [PC/SC Workgroup Specifications website](https://pcscworkgroup.com/).
 
 The Smart Cards for Windows service runs in the context of a local service, and it is implemented as a shared service of the services host (svchost) process. The Smart Cards for Windows service, Scardsvr, has the following service description:
 
diff --git a/windows/security/information-protection/secure-the-windows-10-boot-process.md b/windows/security/information-protection/secure-the-windows-10-boot-process.md
index b316f1c2c3..c1316fbac4 100644
--- a/windows/security/information-protection/secure-the-windows-10-boot-process.md
+++ b/windows/security/information-protection/secure-the-windows-10-boot-process.md
@@ -124,7 +124,9 @@ Figure 2 illustrates the Measured Boot and remote attestation process.
 **Figure 2. Measured Boot proves the PC’s health to a remote server**
 
 
-Windows includes the application programming interfaces to support Measured Boot, but you’ll need non-Microsoft tools to implement a remote attestation client and trusted attestation server to take advantage of it. For an example of such a tool, download the [TPM Platform Crypto-Provider Toolkit](https://research.microsoft.com/en-us/downloads/74c45746-24ad-4cb7-ba4b-0c6df2f92d5d/) from Microsoft Research or Microsoft Enterprise Security MVP Dan Griffin’s [Measured Boot Tool](http://www.mbt.codeplex.com.urlcounters.com/).
+Windows includes the application programming interfaces to support Measured Boot, but you’ll need non-Microsoft tools to implement a remote attestation client and trusted attestation server to take advantage of it. For example, see the following tools from Microsoft Research:
+- [TPM Platform Crypto-Provider Toolkit](https://www.microsoft.com/download/details.aspx?id=52487)
+- [TSS.MSR](https://github.com/microsoft/TSS.MSR#tssmsr)
 
 Measured Boot uses the power of UEFI, TPM, and Windows to give you a way to confidently assess the trustworthiness of a client PC across the network.
 
diff --git a/windows/whats-new/ltsc/whats-new-windows-10-2015.md b/windows/whats-new/ltsc/whats-new-windows-10-2015.md
index 766f8e4345..cc5577ff86 100644
--- a/windows/whats-new/ltsc/whats-new-windows-10-2015.md
+++ b/windows/whats-new/ltsc/whats-new-windows-10-2015.md
@@ -36,7 +36,7 @@ With Windows 10, you can create provisioning packages that let you quickly and e
 
 ### AppLocker
 
-AppLocker was available for Windows 8.1, and is improved with Windows 10. See [Requirements to use AppLocker](/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-to-use-applocker.md) for a list of operating system requirements.
+AppLocker was available for Windows 8.1, and is improved with Windows 10. See [Requirements to use AppLocker](/windows/security/threat-protection/windows-defender-application-control/applocker/requirements-to-use-applocker) for a list of operating system requirements.
 
 Enhancements to AppLocker in Windows 10 include:
 

From e55a4ef1a68e6c481d35cfe0214d221df20675f7 Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Wed, 23 Mar 2022 15:40:41 +0530
Subject: [PATCH 037/123] updated the changes

---
 windows/client-management/mdm/passportforwork-csp.md | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/windows/client-management/mdm/passportforwork-csp.md b/windows/client-management/mdm/passportforwork-csp.md
index cfca84f83c..c7e0795fd5 100644
--- a/windows/client-management/mdm/passportforwork-csp.md
+++ b/windows/client-management/mdm/passportforwork-csp.md
@@ -88,7 +88,7 @@ PassportForWork
 Root node for PassportForWork configuration service provider.
 
 <a href="" id="tenantid"></a>***TenantId***  
-A globally unique identifier (GUID), without curly braces ( { , } ), that is used as part of Windows Hello for Business provisioning and management. To get a GUID, use the PowerShell cmdlet [Get-AzureAccount](/powershell/module/servicemanagement/azure.service/get-azureaccount?view=azuresmps-4.0.0). For more information, see [Get Windows Azure Active Directory Tenant ID in Windows PowerShell](https://devblogs.microsoft.com/scripting/get-windows-azure-active-directory-tenant-id-in-windows-powershell).
+A globally unique identifier (GUID), without curly braces ( { , } ), that is used as part of Windows Hello for Business provisioning and management. To get a GUID, use the PowerShell cmdlet [Get-AzureAccount](/powershell/module/servicemanagement/azure.service/get-azureaccount). For more information, see [Get Windows Azure Active Directory Tenant ID in Windows PowerShell](https://devblogs.microsoft.com/scripting/get-windows-azure-active-directory-tenant-id-in-windows-powershell).
 
 <a href="" id="tenantid-policies"></a>***TenantId*/Policies**  
 Node for defining the Windows Hello for Business policy settings.
@@ -550,7 +550,3 @@ Here's an example for setting Windows Hello for Business and setting the PIN pol
           </SyncBody>
         </SyncML>
 ```
-
- 
-
- [text](/powershell/module/servicemanagement/azure.service/get-azureaccount?view=azuresmps-4.0.0)
\ No newline at end of file

From fe6e8acca8fa0f435261f059c5dc4e627e9f7aaf Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Wed, 23 Mar 2022 21:58:37 +0530
Subject: [PATCH 038/123] updated the links

---
 .../install-ie11-using-microsoft-intune.md    |  2 +-
 .../problems-after-installing-ie11.md         |  2 +-
 ...tualization-and-compatibility-with-ie11.md |  2 +-
 .../ie11-faq/faq-for-it-pros-ie11.yml         |  2 +-
 .../customize-automatic-search-for-ie.md      |  2 +-
 .../iexpress-command-line-options.md          |  2 --
 ...requisites-microsoft-store-for-business.md | 18 ++++++-------
 .../client-management/mdm/policy-csp-audit.md |  2 +-
 .../mdm/windows-mdm-enterprise-settings.md    |  2 +-
 .../new-policies-for-windows-10.md            |  2 +-
 .../gathering-other-relevant-information.md   |  2 --
 ...y-that-network-traffic-is-authenticated.md |  3 ++-
 .../windows-platform-common-criteria.md       | 27 -------------------
 13 files changed, 19 insertions(+), 49 deletions(-)

diff --git a/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-microsoft-intune.md b/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-microsoft-intune.md
index 125703ca28..0ec2a15346 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-microsoft-intune.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/install-ie11-using-microsoft-intune.md
@@ -47,7 +47,7 @@ For more info about this, see [Deploy and configure apps](/mem/intune/).
 
 2.  Any employee in the assigned group can now install the package. 
 
-For more info about this, see [Update apps using Microsoft Intune](https://go.microsoft.com/fwlink/p/?LinkId=301808)
+For more info about this, see [Update apps using Microsoft Intune](/mem/intune/apps/apps-windows-10-app-deploy)
 
  
 
diff --git a/browsers/internet-explorer/ie11-deploy-guide/problems-after-installing-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/problems-after-installing-ie11.md
index fbcbcbadb9..f701d8ff8d 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/problems-after-installing-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/problems-after-installing-ie11.md
@@ -42,7 +42,7 @@ RIES does not:
 
 -   Affect the applied Administrative Template Group Policy settings.
 
-RIES turns off all custom toolbars, browser extensions, and customizations installed with IE11. If you change your mind, you can turn each of the customizations back on through the **Manage Add-ons** dialog box. For more information about resetting IE settings, see [How to Reset Internet Explorer Settings](https://go.microsoft.com/fwlink/p/?LinkId=214528).
+RIES turns off all custom toolbars, browser extensions, and customizations installed with IE11. If you change your mind, you can turn each of the customizations back on through the **Manage Add-ons** dialog box. For more information about resetting IE settings, see [How to Reset Internet Explorer Settings](https://support.microsoft.com/windows/change-or-reset-internet-explorer-settings-2d4bac50-5762-91c5-a057-a922533f77d5).
 
 ## IE is crashing or seems slow
 If you notice that CPU usage is running higher than normal, or that IE is frequently crashing or slowing down, you should check your browser add-ons and video card. By default, IE11 uses graphics processing unit (GPU) rendering mode. However, some outdated video cards and video drivers don't support GPU hardware acceleration. If IE11 determines that your current video card or video driver doesn't support GPU hardware acceleration, it'll use Software Rendering mode.
diff --git a/browsers/internet-explorer/ie11-deploy-guide/virtualization-and-compatibility-with-ie11.md b/browsers/internet-explorer/ie11-deploy-guide/virtualization-and-compatibility-with-ie11.md
index a216f90395..613d58863c 100644
--- a/browsers/internet-explorer/ie11-deploy-guide/virtualization-and-compatibility-with-ie11.md
+++ b/browsers/internet-explorer/ie11-deploy-guide/virtualization-and-compatibility-with-ie11.md
@@ -27,7 +27,7 @@ We strongly suggest that while you're using virtualization, you also update your
 
 The Microsoft-supported options for virtualizing web apps are:
 
--   **Microsoft Enterprise Desktop Virtualization (MED-V).** Uses Microsoft Virtual PC to provide an enterprise solution for desktop virtualization. With MED-V, you can easily create, deliver, and manage corporate Virtual PC images on any Windows®-based desktop. For more information, see [MED-V](https://go.microsoft.com/fwlink/p/?LinkId=271653).
+-   **Microsoft Enterprise Desktop Virtualization (MED-V).** Uses Microsoft Virtual PC to provide an enterprise solution for desktop virtualization. With MED-V, you can easily create, deliver, and manage corporate Virtual PC images on any Windows®-based desktop. For more information, see [MED-V](/microsoft-desktop-optimization-pack/medv-v2/).
 
 -   **Client Hyper-V.** Uses the same virtualization technology previously available in Windows Server, but now installed for Windows 8.1. For more information, see [Client Hyper-V](/previous-versions/windows/it-pro/windows-8.1-and-8/hh857623(v=ws.11)).<p>
 For more information about virtualization options, see [Microsoft Desktop Virtualization](https://go.microsoft.com/fwlink/p/?LinkId=271662).
diff --git a/browsers/internet-explorer/ie11-faq/faq-for-it-pros-ie11.yml b/browsers/internet-explorer/ie11-faq/faq-for-it-pros-ie11.yml
index 0a4a146634..96fce41e4b 100644
--- a/browsers/internet-explorer/ie11-faq/faq-for-it-pros-ie11.yml
+++ b/browsers/internet-explorer/ie11-faq/faq-for-it-pros-ie11.yml
@@ -83,7 +83,7 @@ sections:
       - question: |
           What test tools exist to test for potential application compatibility issues?
         answer: |
-          The Compat Inspector tool supports Windows Internet Explorer 9 through IE11. For more information, see [Compat Inspector User Guide](https://go.microsoft.com/fwlink/p/?LinkId=313189). In addition, you can use the new [F12 Developer Tools](/previous-versions/windows/internet-explorer/ie-developer/dev-guides/bg182632(v=vs.85)) that are included with IE11, or the [modern.ie](https://go.microsoft.com/fwlink/p/?linkid=308902) website for Microsoft Edge.
+          The Compat Inspector tool supports Windows Internet Explorer 9 through IE11. For more information, see [Compat Inspector User Guide](https://testdrive-archive.azurewebsites.net/html5/compatinspector/help/post.htm). In addition, you can use the new [F12 Developer Tools](/previous-versions/windows/internet-explorer/ie-developer/dev-guides/bg182632(v=vs.85)) that are included with IE11, or the [modern.ie](https://go.microsoft.com/fwlink/p/?linkid=308902) website for Microsoft Edge.
           
       - question: |
           Why am I having problems launching my legacy apps with Internet Explorer 11?
diff --git a/browsers/internet-explorer/ie11-ieak/customize-automatic-search-for-ie.md b/browsers/internet-explorer/ie11-ieak/customize-automatic-search-for-ie.md
index 9ed59cf64e..634e13f2fb 100644
--- a/browsers/internet-explorer/ie11-ieak/customize-automatic-search-for-ie.md
+++ b/browsers/internet-explorer/ie11-ieak/customize-automatic-search-for-ie.md
@@ -19,7 +19,7 @@ ms.date: 07/27/2017
 
 [!INCLUDE [Microsoft 365 workloads end of support for IE11](../includes/microsoft-365-ie-end-of-support.md)]
 
-Internet Explorer lets websites advertise any search provider that uses the open search standard described at the A9 website ( [OpenSearch 1.1 Draft 5](https://go.microsoft.com/fwlink/p/?LinkId=208582)). When IE detects new search providers, the **Search** box becomes active and adds the new providers to the drop-down list of providers.
+Internet Explorer lets websites advertise any search provider that uses the open search standard described at the A9 website ([OpenSearch 1.1 Draft 5](https://opensearch.org/docs/latest/opensearch/index/)). When IE detects new search providers, the **Search** box becomes active and adds the new providers to the drop-down list of providers.
 
 Using the **Administrative Templates** section of Group Policy, you can prevent the search box from appearing, you can add a list of acceptable search providers, or you can restrict your employee’s ability to add or remove search providers.
 
diff --git a/browsers/internet-explorer/ie11-ieak/iexpress-command-line-options.md b/browsers/internet-explorer/ie11-ieak/iexpress-command-line-options.md
index 57128dfefe..391784b8a4 100644
--- a/browsers/internet-explorer/ie11-ieak/iexpress-command-line-options.md
+++ b/browsers/internet-explorer/ie11-ieak/iexpress-command-line-options.md
@@ -39,8 +39,6 @@ These command-line options work with IExpress:<br>
 |`/r:a` |Always restarts the computer after installation. |
 |`/r:s` |Restarts the computer after installation without prompting the employee. |
 
-For more information, see [Command-line switches for IExpress software update packages](https://go.microsoft.com/fwlink/p/?LinkId=317973).
-
 ## Related topics
 - [IExpress Wizard for Windows Server 2008 R2 with SP1](iexpress-wizard-for-win-server.md)
 - [Internet Explorer Setup command-line options and return codes](ie-setup-command-line-options-and-return-codes.md)
diff --git a/store-for-business/prerequisites-microsoft-store-for-business.md b/store-for-business/prerequisites-microsoft-store-for-business.md
index d210b79bee..2b8ea7784d 100644
--- a/store-for-business/prerequisites-microsoft-store-for-business.md
+++ b/store-for-business/prerequisites-microsoft-store-for-business.md
@@ -59,17 +59,17 @@ While not required, you can use a management tool to distribute and manage apps.
 
 If your organization restricts computers on your network from connecting to the Internet, there is a set of URLs that need to be available for devices to use Microsoft Store. Some of the Microsoft Store features use Store services. Devices using Microsoft Store – either to acquire, install, or update apps – will need access to these URLs. If you use a proxy server to block traffic, your configuration needs to allow these URLs:
 
-- login.live.com
-- login.windows.net
-- account.live.com
-- clientconfig.passport.net
-- windowsphone.com
-- \*.wns.windows.com
-- \*.microsoft.com
-- \*.s-microsoft.com
+- `login.live.com`
+- `login.windows.net`
+- `account.live.com`
+- `clientconfig.passport.net`
+- `windowsphone.com`
+- `\*.wns.windows.com`
+- `\*.microsoft.com`
+- `\*.s-microsoft.com`
 - `www.msftncsi.com` (prior to Windows 10, version 1607)
 - `www.msftconnecttest.com/connecttest.txt` (replaces `www.msftncsi.com`
   starting with Windows 10, version 1607)
  
 Store for Business requires Microsoft Windows HTTP Services (WinHTTP) to install, or update apps.
-For more information about how to configure WinHTTP proxy settings to devices, see [Use Group Policy to apply WinHTTP proxy settings to Windows clients](https://support.microsoft.com/help/4494447/use-group-policy-to-apply-winhttp-proxy-settings-to-clients).
+
diff --git a/windows/client-management/mdm/policy-csp-audit.md b/windows/client-management/mdm/policy-csp-audit.md
index 30473c76c3..93066654b0 100644
--- a/windows/client-management/mdm/policy-csp-audit.md
+++ b/windows/client-management/mdm/policy-csp-audit.md
@@ -2862,7 +2862,7 @@ If you do not configure this policy setting, no audit event is generated when an
 > [!Note]
 > Only the System Access Control List (SACL) for SAM_SERVER can be modified.
 
-Volume: High on domain controllers. For information about reducing the amount of events generated in this subcategory, see [article 841001 in the Microsoft Knowledge Base](https://go.microsoft.com/fwlink/?LinkId=121698).
+Volume: High on domain controllers.
 
 <!--/Description-->
 <!--DbMapped-->
diff --git a/windows/client-management/mdm/windows-mdm-enterprise-settings.md b/windows/client-management/mdm/windows-mdm-enterprise-settings.md
index 579d50e4c2..673af65a7d 100644
--- a/windows/client-management/mdm/windows-mdm-enterprise-settings.md
+++ b/windows/client-management/mdm/windows-mdm-enterprise-settings.md
@@ -17,7 +17,7 @@ ms.date: 06/26/2017
 
 # Enterprise settings, policies, and app management
 
-The actual management interaction between the device and server is done via the DM client. The DM client communicates with the enterprise management server via DM v1.2 SyncML syntax. The full description of the OMA DM protocol v1.2 can be found at the [OMA website](https://go.microsoft.com/fwlink/p/?LinkId=267526).
+The actual management interaction between the device and server is done via the DM client. The DM client communicates with the enterprise management server via DM v1.2 SyncML syntax. The full description of the OMA DM protocol v1.2 can be found at the [OMA website](https://technical.openmobilealliance.org/).
 
 Windows currently supports one MDM server. The DM client that is configured via the enrollment process is granted access to enterprise related settings. Enterprise MDM settings are exposed via various configuration service providers to the DM client. For the list of available configuration service providers, see [Configuration service provider reference](configuration-service-provider-reference.md).
 
diff --git a/windows/client-management/new-policies-for-windows-10.md b/windows/client-management/new-policies-for-windows-10.md
index 35613face4..79a75c3f90 100644
--- a/windows/client-management/new-policies-for-windows-10.md
+++ b/windows/client-management/new-policies-for-windows-10.md
@@ -507,7 +507,7 @@ Mobile device management (MDM) for Windows 10 Pro, Windows 10 Enterprise, and Wi
 
 Windows 10, version 1703, adds a number of [ADMX-backed policies to MDM](./mdm/policy-configuration-service-provider.md).
 
-If you use Microsoft Intune for MDM, you can [configure custom policies](https://go.microsoft.com/fwlink/p/?LinkId=616316) to deploy Open Mobile Alliance Uniform Resource Identifier (OMA-URI) settings that can be used to control features on Windows 10. For a list of OMA-URI settings, see [Custom URI settings for Windows 10 devices](https://go.microsoft.com/fwlink/p/?LinkId=616317).
+If you use Microsoft Intune for MDM, you can [configure custom policies](/mem/intune/configuration/custom-settings-configure) to deploy Open Mobile Alliance Uniform Resource Identifier (OMA-URI) settings that can be used to control features on Windows 10. For a list of OMA-URI settings, see [Custom URI settings for Windows 10 devices](/mem/intune/configuration/custom-settings-windows-10).
 
 No new [Exchange ActiveSync policies](/exchange/mobile-device-mailbox-policies-exchange-2013-help). For more information, see the [ActiveSync configuration service provider](./mdm/activesync-csp.md) technical reference.
 
diff --git a/windows/security/threat-protection/windows-firewall/gathering-other-relevant-information.md b/windows/security/threat-protection/windows-firewall/gathering-other-relevant-information.md
index 3a143a59c5..89990012b7 100644
--- a/windows/security/threat-protection/windows-firewall/gathering-other-relevant-information.md
+++ b/windows/security/threat-protection/windows-firewall/gathering-other-relevant-information.md
@@ -62,8 +62,6 @@ In some cases, IPsec-secured traffic might have to pass through a router, perime
 
 In the case of a filtering router or a firewall, you must configure these devices to allow IPsec traffic to be forwarded. Configure the firewall to allow IPsec traffic on UDP source and destination port 500 (IKE), UDP source and destination port 4500 (IPsec NAT-T), and IP Protocol 50 (ESP). You might also have to configure the firewall to allow IPsec traffic on IP protocol 51 (AH) to allow troubleshooting by IPsec administrators and to allow the IPsec traffic to be inspected.
 
-For more info, see [How to Enable IPsec Traffic Through a Firewall](https://go.microsoft.com/fwlink/?LinkId=45085).
-
 ## Network load balancing and server clusters
 
 There are challenges implementing connection security for network traffic going to and from network load balancing (NLB) clusters and server clusters. NLB enables multiple servers to be clustered together to provide high availability for a service by providing automatic failover to other nodes in the cluster. Because IPsec matches a security association to a specific device, it prevents different devices from handling the same client connection. If a different node in the cluster responds to an IPsec connection that was originally established by another node, the traffic will be dropped by the client device as untrusted.
diff --git a/windows/security/threat-protection/windows-firewall/verify-that-network-traffic-is-authenticated.md b/windows/security/threat-protection/windows-firewall/verify-that-network-traffic-is-authenticated.md
index 61ffa9d578..7ae486d08d 100644
--- a/windows/security/threat-protection/windows-firewall/verify-that-network-traffic-is-authenticated.md
+++ b/windows/security/threat-protection/windows-firewall/verify-that-network-traffic-is-authenticated.md
@@ -35,7 +35,8 @@ In these procedures, you confirm that the rules you deployed are working correct
 
 -   **Encryption zone.** Similar to the main isolation zone, after you confirm that the network traffic to zone members is properly authenticated and encrypted, you must convert your zone rules from request mode to require mode.
 
->**Note:**  In addition to the steps shown in this procedure, you can also use network traffic capture tools such as Microsoft Network Monitor, which can be downloaded from <https://go.microsoft.com/fwlink/?linkid=94770>. Network Monitor and similar tools allow you to capture, parse, and display the network packets received by the network adapter on your device. Current versions of these tools include full support for IPsec. They can identify encrypted network packets, but they cannot decrypt them.
+> [!NOTE]
+> In addition to the steps shown in this procedure, you can also use network traffic capture tools such as [Microsoft Network Monitor](https://www.microsoft.com/download/4865). Network Monitor and similar tools allow you to capture, parse, and display the network packets received by the network adapter on your device. Current versions of these tools include full support for IPsec. They can identify encrypted network packets, but they cannot decrypt them.
 
 **Administrative credentials**
 
diff --git a/windows/security/threat-protection/windows-platform-common-criteria.md b/windows/security/threat-protection/windows-platform-common-criteria.md
index 23ab9c183a..281436db6f 100644
--- a/windows/security/threat-protection/windows-platform-common-criteria.md
+++ b/windows/security/threat-protection/windows-platform-common-criteria.md
@@ -234,33 +234,6 @@ Certified against the Protection Profile for General Purpose Operating Systems.
 - [Administrative Guide](https://www.microsoft.com/downloads/en/details.aspx?familyid=cb19538d-9e13-4ab6-af38-8f48abfdad08)
 - [Certification Report](http://www.commoncriteriaportal.org:80/files/epfiles/0570a_pdf.pdf) 
 
-### Windows XP and Windows Server 2003
-
-- [Security Target - Windows Server 2003 SP2 including R2, x64, and IA64; Windows XP Professional SP2 and x64 SP2; and Windows XP Embedded SP2](https://www.commoncriteriaportal.org/files/epfiles/st_vid10184-st.pdf)
-- [Identifying Windows XP and Windows Server 2003 Common Criteria Certified Requirements for the NIST Special Publication 800-53](https://download.microsoft.com/download/a/9/6/a96d1dfc-2bd4-408d-8d93-e0ede7529691/xpws03_ccto800-53.doc)
-- [Windows Server 2003 SP2 R2 Administrator Guide 3.0](https://www.microsoft.com/downloads/details.aspx?familyid=39598841-e693-4891-9234-cfd1550f3949)
-- [Windows Server 2003 SP2 R2 Configuration Guide 3.0](https://www.microsoft.com/downloads/details.aspx?familyid=4f7b6a93-0307-480f-a5af-a20268cbd7cc)
-- [Windows Server 2003 SP1 Administrator's Guide](https://www.microsoft.com/downloads/en/details.aspx?familyid=75736009-59e9-4a71-879e-cf581817b8cc)
-- [Windows Server 2003 SP1 Configuration Guide](https://www.microsoft.com/downloads/en/details.aspx?familyid=a0ad1856-beb7-4285-b47c-381e8a210c38)
-- [Windows Server 2003 with x64 Hardware Administrator's Guide](https://www.microsoft.com/downloads/details.aspx?familyid=8a26829f-c177-4b79-913a-4135fb7b96ef)
-- [Windows Server 2003 with x64 Hardware Configuration Guide](https://www.microsoft.com/downloads/details.aspx?familyid=3f9ecd0a-74dd-4d23-a4e5-d7b63fed70e8)
-- [Windows XP Administrator Guide 3.0](https://www.microsoft.com/downloads/details.aspx?familyid=9a7f0b16-72ce-4675-aec8-58785c4e37ee)
-- [Windows XP Configuration Guide 3.0](https://www.microsoft.com/downloads/details.aspx?familyid=165da57d-f066-4ddf-9462-cbecfcd68694)
-- [Windows XP User Guide 3.0](https://www.microsoft.com/downloads/details.aspx?familyid=7c1a4761-9b9e-429c-84eb-cd7b034c5779)
-- [Windows XP Professional with x64 Hardware Administrator's Guide](https://www.microsoft.com/downloads/details.aspx?familyid=346f041e-d641-4af7-bdea-c5a3246d0431)
-- [Windows XP Professional with x64 Hardware Configuration Guide](https://www.microsoft.com/downloads/details.aspx?familyid=a7075319-cc3d-4420-a00b-8c9a7068ad54)
-- [Windows XP Professional with x64 Hardware User’s Guide](https://www.microsoft.com/downloads/details.aspx?familyid=26c49cf5-6159-4197-97ce-bf1fdfc54569)
-- [Windows XP Professional Administrator's Guide](https://www.microsoft.com/downloads/en/details.aspx?familyid=9bcac470-a0b3-4d34-a561-fa8308c0ff60)
-- [Windows XP Professional Configuration Guide](https://www.microsoft.com/downloads/en/details.aspx?familyid=9f04915e-571a-422d-8ffa-5797051e81de)
-- [Windows XP Professional User's Guide](https://www.microsoft.com/downloads/en/details.aspx?familyid=d39d0028-7093-495c-80da-2b5b29a54bd8)
-- [Windows XP / Windows Server 2003 with x64 Hardware ETR](https://www.microsoft.com/downloads/details.aspx?familyid=6e8d98f9-25b9-4c85-9bd9-24d91ea3c9ef)
-- [Windows XP / Windows Server 2003 with x64 Hardware ETR, Part II](https://www.microsoft.com/downloads/details.aspx?familyid=0c35e7d8-9c56-4686-b902-d5ffb9915658)
-- [Windows Server 2003 SP2 including R2, Standard, Enterprise, Datacenter, x64, and Itanium Editions Validation Report](https://www.commoncriteriaportal.org/files/epfiles/20080303_st_vid10184-vr.pdf)
-- [Windows XP Professional SP2 and x64 SP2 Validation Report](https://www.commoncriteriaportal.org/files/epfiles/20080303_st_vid10184-vr.pdf)
-- [Windows XP Embedded SP2 Validation Report](https://www.commoncriteriaportal.org/files/epfiles/20080303_st_vid10184-vr.pdf)
-- [Windows XP and Windows Server 2003 ETR](https://www.microsoft.com/downloads/details.aspx?familyid=63cf2a1e-f578-4bb5-9245-d411f0f64265)
-- [Windows XP and Windows Server 2003 Validation Report](https://www.commoncriteriaportal.org/files/epfiles/st_vid9506-vr.pdf)
-
 ### Windows Server 2003 Certificate Server
 
 - [Security Target](https://www.commoncriteriaportal.org/files/epfiles/st_vid9507-st.pdf)

From cfa8417160e8583accd1508ef8262a1f798f6795 Mon Sep 17 00:00:00 2001
From: chrfox <chrfox@microsoft.com>
Date: Wed, 23 Mar 2022 11:20:18 -0700
Subject: [PATCH 039/123] Update itadmins.yml

purview updates
---
 education/itadmins.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/education/itadmins.yml b/education/itadmins.yml
index 2847e59b71..a69264f25f 100644
--- a/education/itadmins.yml
+++ b/education/itadmins.yml
@@ -81,7 +81,7 @@ productDirectory:
         - url: /cloud-app-security/getting-started-with-cloud-app-security
           text: Microsoft Defender for Cloud Apps
         - url: /microsoft-365/compliance/create-test-tune-dlp-policy
-          text: Office 365 data loss prevention
+          text: Microsoft Purview data loss prevention
         - url: /microsoft-365/compliance/
           text: Office 365 advanced compliance
         - url: https://social.technet.microsoft.com/wiki/contents/articles/35748.office-365-what-is-customer-lockbox-and-how-to-enable-it.aspx

From a2aa264a514d2b260c30e17ef8b0a3a9c15076fe Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Thu, 24 Mar 2022 11:50:52 +0530
Subject: [PATCH 040/123] sheshachary-5714481-part-2

Updating the broken links.
---
 browsers/edge/microsoft-edge.yml              |  2 +-
 .../windows/chromebook-migration-guide.md     |  8 +++---
 .../deploy-windows-10-in-a-school-district.md | 27 +++++++++----------
 .../windows/take-a-test-app-technical.md      |  2 --
 education/windows/take-a-test-multiple-pcs.md |  2 +-
 education/windows/take-a-test-single-pc.md    |  2 +-
 education/windows/take-tests-in-windows-10.md |  2 +-
 ...indows-editions-for-education-customers.md |  2 +-
 smb/cloud-mode-business-setup.md              |  2 +-
 ...ation-publishing-and-client-interaction.md |  2 +-
 .../appv-auto-clean-unpublished-packages.md   |  4 +--
 .../administrative-tools-in-windows-10.md     |  2 +-
 12 files changed, 26 insertions(+), 31 deletions(-)

diff --git a/browsers/edge/microsoft-edge.yml b/browsers/edge/microsoft-edge.yml
index 54276502a1..c9dd04c446 100644
--- a/browsers/edge/microsoft-edge.yml
+++ b/browsers/edge/microsoft-edge.yml
@@ -77,7 +77,7 @@ landingContent:
       - linkListType: download
         links:
           - text: NSS Labs web browser security reports
-            url: https://www.microsoft.com/download/details.aspx?id=54773
+            url: https://www.microsoft.com/download/details.aspx?id=58080
       - linkListType: overview
         links:
           - text: Microsoft Edge sandbox
diff --git a/education/windows/chromebook-migration-guide.md b/education/windows/chromebook-migration-guide.md
index 66569c4674..2e01f756fe 100644
--- a/education/windows/chromebook-migration-guide.md
+++ b/education/windows/chromebook-migration-guide.md
@@ -486,8 +486,8 @@ Table 9. Management systems and deployment resources
 |Windows provisioning packages| <li> [Build and apply a provisioning package](/windows/configuration/provisioning-packages/provisioning-create-package) <li>[Windows Imaging and Configuration Designer](/windows/configuration/provisioning-packages/provisioning-install-icd) <li> [Step-By-Step: Building Windows 10 Provisioning Packages](/archive/blogs/canitpro/step-by-step-building-windows-10-provisioning-packages)|
 |Group Policy|<li> [Core Network Companion Guide: Group Policy Deployment](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/jj899807(v=ws.11)) <li> [Deploying Group Policy](/previous-versions/windows/it-pro/windows-server-2003/cc737330(v=ws.10))"|
 |Configuration Manager| <li> [Site Administration for System Center 2012 Configuration Manager](/previous-versions/system-center/system-center-2012-R2/gg681983(v=technet.10)) <li> [Deploying Clients for System Center 2012 Configuration Manager](/previous-versions/system-center/system-center-2012-R2/gg699391(v=technet.10))|
-|Intune| <li> [Set up and manage devices with Microsoft Intune](https://go.microsoft.com/fwlink/p/?LinkId=690262) <li> [Smoother Management Of Office 365 Deployments with Windows Intune](https://go.microsoft.com/fwlink/p/?LinkId=690263) <li> [System Center 2012 R2 Configuration Manager &amp;amp; Windows Intune](/learn/?l=fCzIjVKy_6404984382)|
-|MDT| <li>[MDT documentation in the Microsoft Deployment Toolkit (MDT) 2013](https://go.microsoft.com/fwlink/p/?LinkId=690324) <li> [Step-By-Step: Installing Windows 8.1 From A USB Key](/archive/blogs/canitpro/step-by-step-installing-windows-8-1-from-a-usb-key)|
+|Intune| <li> [Set up and manage devices with Microsoft Intune](https://go.microsoft.com/fwlink/p/?LinkId=690262) <li> [System Center 2012 R2 Configuration Manager &amp;amp; Windows Intune](/learn/?l=fCzIjVKy_6404984382)|
+|MDT| <li> [Step-By-Step: Installing Windows 8.1 From A USB Key](/archive/blogs/canitpro/step-by-step-installing-windows-8-1-from-a-usb-key)|
 
 If you determined that no new management system or no remediation of existing systems is necessary, you can skip this section. If you use a management system from another vendor, refer to the vendor documentation on how to perform the necessary steps.
 
@@ -504,7 +504,7 @@ Table 10. Management systems and app deployment resources
 |--- |--- |
 |Group Policy| <li> [Editing an AppLocker Policy](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/ee791894(v=ws.10)) <li> [Group Policy Software Deployment Background](/previous-versions/windows/it-pro/windows-server-2003/cc739305(v=ws.10)) <li> [Assigning and Publishing Software](/previous-versions/windows/it-pro/windows-server-2003/cc783635(v=ws.10))|
 |Configuration Manager| <li> [How to Deploy Applications in Configuration Manager](/previous-versions/system-center/system-center-2012-R2/gg682082(v=technet.10)) <li> [Application Management in Configuration Manager](/previous-versions/system-center/system-center-2012-R2/gg699373(v=technet.10))|
-|Intune| <li> [Deploy apps to mobile devices in Microsoft Intune](https://go.microsoft.com/fwlink/p/?LinkId=733913) <li> [Manage apps with Microsoft Intune](/mem/intune/)|
+|Intune| <li> [Manage apps with Microsoft Intune](/mem/intune/)|
 
 If you determined that no deployment of apps is necessary, you can skip this section. If you use a management system from another vendor, refer to the vendor documentation on how to perform the necessary steps.
 
@@ -585,8 +585,6 @@ In some instances, you may receive the devices with Windows 10 already deployed
 
 -   [Build and apply a provisioning package](/windows/configuration/provisioning-packages/provisioning-create-package)
 
--   [MDT documentation in the Microsoft Deployment Toolkit (MDT) 2013](https://go.microsoft.com/fwlink/p/?LinkId=690324)
-
 -   [Step-By-Step: Installing Windows 8.1 From A USB Key](/archive/blogs/canitpro/step-by-step-installing-windows-8-1-from-a-usb-key)
 
 -   [Operating System Deployment in Configuration Manager](/previous-versions/system-center/system-center-2012-R2/gg682018(v=technet.10))
diff --git a/education/windows/deploy-windows-10-in-a-school-district.md b/education/windows/deploy-windows-10-in-a-school-district.md
index 2c43aa28c6..ea0316377b 100644
--- a/education/windows/deploy-windows-10-in-a-school-district.md
+++ b/education/windows/deploy-windows-10-in-a-school-district.md
@@ -587,7 +587,7 @@ In this synchronization model (illustrated in Figure 7), you run Azure AD Connec
 
 #### To deploy AD DS and Azure AD synchronization
 
-1. Configure your environment to meet the prerequisites for installing Azure AD Connect by performing the steps in [Prerequisites for Azure AD Connect](https://azure.microsoft.com/documentation/articles/active-directory-aadconnect-prerequisites/).
+1. Configure your environment to meet the prerequisites for installing Azure AD Connect by performing the steps in [Prerequisites for Azure AD Connect](/azure/active-directory/cloud-sync/how-to-prerequisites).
 
 2. In the VM or on the physical device that will run Azure AD Connect, sign in with a domain administrator account.
 
@@ -1096,13 +1096,13 @@ For more information about Intune, see [Microsoft Intune Documentation](/intune/
 
 #### To configure Intune settings
 
-1. Add Intune to your Office 365 subscription by completing the steps in [Manage Intune licenses](/intune/get-started/start-with-a-paid-subscription-to-microsoft-intune-step-4).
+1. Add Intune to your Office 365 subscription by completing the steps in [Manage Intune licenses](/mem/intune/fundamentals/licenses-assign).
 
-2. Enroll devices with Intune by completing the steps in [Get ready to enroll devices in Microsoft Intune](/intune/deploy-use/get-ready-to-enroll-devices-in-microsoft-intune).
+2. Enroll devices with Intune by completing the steps in [Get ready to enroll devices in Microsoft Intune](/mem/intune/enrollment/quickstart-enroll-windows-device).
 
-3. Configure the settings in Intune Windows 10 policies by completing the steps in [Manage settings and features on your devices with Microsoft Intune policies](/intune/deploy-use/manage-settings-and-features-on-your-devices-with-microsoft-intune-policies).
+3. Configure the settings in Intune Windows 10 policies by completing the steps in [Manage settings and features on your devices with Microsoft Intune policies](/mem/intune/configuration/device-profiles).
 
-4. Manage Windows 10 devices by completing the steps in [Manage Windows PCs with Microsoft Intune](/intune/deploy-use/manage-windows-pcs-with-microsoft-intune).
+4. Manage Windows 10 devices by completing the steps in [Manage Windows PCs with Microsoft Intune](/mem/intune/remote-actions/device-management).
 
 ### Deploy and manage apps by using Intune
 
@@ -1112,11 +1112,10 @@ You can use Intune to deploy Microsoft Store and Windows desktop apps. Intune pr
 
 For more information about how to configure Intune to manage your apps, see the following resources:
 
-- [Add apps with Microsoft Intune](/intune/deploy-use/add-apps)
-- [Deploy apps with Microsoft Intune](/intune/deploy-use/deploy-apps)
-- [Update apps using Microsoft Intune](/intune/deploy-use/update-apps-using-microsoft-intune)
-- [Protect apps and data with Microsoft Intune](/intune/deploy-use/protect-apps-and-data-with-microsoft-intune)
-- [Help protect your data with full or selective wipe using Microsoft Intune](/intune/deploy-use/use-remote-wipe-to-help-protect-data-using-microsoft-intune)
+- [Add apps with Microsoft Intune](/mem/intune/apps/apps-add)
+- [Deploy apps with Microsoft Intune](/mem/intune/apps/apps-windows-10-app-deploy)
+- [Protect apps and data with Microsoft Intune](/mem/intune/apps/app-protection-policy)
+- [Help protect your data with full or selective wipe using Microsoft Intune](/mem/intune/remote-actions/devices-wipe)
 
 ### Deploy and manage apps by using Microsoft Endpoint Configuration Manager
 
@@ -1142,8 +1141,8 @@ To help ensure that your users have the most current features and security prote
 
 For more information about how to configure Intune to manage updates and malware protection, see the following resources:
 
-- [Keep Windows PCs up to date with software updates in Microsoft Intune](/intune/deploy-use/keep-windows-pcs-up-to-date-with-software-updates-in-microsoft-intune)
-- [Help secure Windows PCs with Endpoint Protection for Microsoft Intune](/intune/deploy-use/help-secure-windows-pcs-with-endpoint-protection-for-microsoft-intune)
+- [Keep Windows PCs up to date with software updates in Microsoft Intune](/mem/intune/protect/windows-update-for-business-configure)
+- [Help secure Windows PCs with Endpoint Protection for Microsoft Intune](/mem/intune/protect/endpoint-protection-configure)
 
 ### Manage updates by using Microsoft Endpoint Configuration Manager
 
@@ -1252,8 +1251,8 @@ Table 19 lists the school and individual classroom maintenance tasks, the resour
 
 |Task and resources|Monthly|New semester or academic year|As required|
 |--- |--- |--- |--- |
-|Verify that Windows Update is active and current with operating system and software updates.<br>For more information about completing this task when you have:<li>Intune, see [Keep Windows PCs up to date with software updates in Microsoft Intune](/intune/deploy-use/keep-windows-pcs-up-to-date-with-software-updates-in-microsoft-intune)<li>Group Policy, see [Windows Update for Business](/windows/deployment/update/waas-manage-updates-wufb).<li>WSUS, see [Windows Server Update Services](/windows/deployment/deploy-whats-new).<br>Neither Intune, Group Policy, nor WSUS, see “Install, upgrade, & activate” in Windows 10 help.|✔️|✔️|✔️|
-|Verify that Windows Defender is active and current with malware Security intelligence.<br>For more information about completing this task, see [Turn Windows Defender on or off](https://support.microsoft.com/instantanswers/742778f2-6aad-4a8d-8f5d-db59cebc4f24/how-to-protect-your-windows-10-pc#v1h=tab02)and [Updating Windows Defender](https://support.microsoft.com/instantanswers/742778f2-6aad-4a8d-8f5d-db59cebc4f24/how-to-protect-your-windows-10-pc#v1h=tab03).|✔️|✔️|✔️|
+|Verify that Windows Update is active and current with operating system and software updates.<br>For more information about completing this task when you have:<li>Intune, see [Keep Windows PCs up to date with software updates in Microsoft Intune](/mem/intune/protect/windows-update-for-business-configure)<li>Group Policy, see [Windows Update for Business](/windows/deployment/update/waas-manage-updates-wufb).<li>WSUS, see [Windows Server Update Services](/windows/deployment/deploy-whats-new).<br>Neither Intune, Group Policy, nor WSUS, see “Install, upgrade, & activate” in Windows 10 help.|✔️|✔️|✔️|
+|Verify that Windows Defender is active and current with malware Security intelligence.<br>For more information about completing this task, see [Turn Windows Defender on or off](/mem/intune/user-help/turn-on-defender-windows)and [Updating Windows Defender](/mem/intune/user-help/turn-on-defender-windows).|✔️|✔️|✔️|
 |Verify that Windows Defender has run a scan in the past week and that no viruses or malware were found.<br>For more information about completing this task, see the “How do I find and remove a virus?” topic in [Protect my PC from viruses](https://support.microsoft.com/help/17228/windows-protect-my-pc-from-viruses).|✔️|✔️|✔️|
 |Download and approve updates for Windows 10, apps, device driver, and other software.<br>For more information, see:<li>[Manage updates by using Intune](#manage-updates-by-using-intune)<li>[Manage updates by using Microsoft Endpoint Configuration Manager](#manage-updates-by-using-microsoft-endpoint-configuration-manager)|✔️|✔️|✔️|
 |Verify that you’re using the appropriate Windows 10 servicing options for updates and upgrades (such as selecting whether you want to use Current Branch or Current Branch for Business).<br>For more information about Windows 10 servicing options for updates and upgrades, see [Windows 10 servicing options](/windows/deployment/update/).||✔️|✔️|
diff --git a/education/windows/take-a-test-app-technical.md b/education/windows/take-a-test-app-technical.md
index b20485075a..d1af5ba608 100644
--- a/education/windows/take-a-test-app-technical.md
+++ b/education/windows/take-a-test-app-technical.md
@@ -105,8 +105,6 @@ When running tests in this mode, keep the following in mind:
 - Permissive mode is not supported in kiosk mode (dedicated test account).
 - Permissive mode can be triggered from the web app running within Take a Test. Alternatively, you can create a link or shortcut without "#enforcelockdown" and it will launch in permissive mode.
 
-See [Secure Browser API Specification](https://github.com/SmarterApp/SB_BIRT/blob/master/irp/doc/req/SecureBrowserAPIspecification.md) for more info.
-
 ## Learn more
 
 [Take a Test API](/windows/uwp/apps-for-education/take-a-test-api)
\ No newline at end of file
diff --git a/education/windows/take-a-test-multiple-pcs.md b/education/windows/take-a-test-multiple-pcs.md
index 10e2d2f7e0..b32de08fcb 100644
--- a/education/windows/take-a-test-multiple-pcs.md
+++ b/education/windows/take-a-test-multiple-pcs.md
@@ -252,7 +252,7 @@ One of the ways you can present content in a locked down manner is by embedding
 
 3. To enable permissive mode, do not include `enforceLockdown` in the schema parameters.
 
-   See [Permissive mode](take-a-test-app-technical.md#permissive-mode) and [Secure Browser API Specification](https://github.com/SmarterApp/SB_BIRT/blob/master/irp/doc/req/SecureBrowserAPIspecification.md) for more info.
+   For more information, see [Permissive mode](take-a-test-app-technical.md#permissive-mode).
 
 ### Create a shortcut for the test link
 You can also distribute the test link by creating a shortcut. To do this, create the link to the test by either using the [web UI](https://aka.ms/create-a-take-a-test-link) or using [schema activation](#create-a-link-using-schema-activation). After you have the link, follow these steps:
diff --git a/education/windows/take-a-test-single-pc.md b/education/windows/take-a-test-single-pc.md
index 9d26301975..1ebd02e090 100644
--- a/education/windows/take-a-test-single-pc.md
+++ b/education/windows/take-a-test-single-pc.md
@@ -113,7 +113,7 @@ One of the ways you can present content in a locked down manner is by embedding
 
 3. To enable permissive mode, do not include `enforceLockdown` in the schema parameters.
 
-   See [Permissive mode](take-a-test-app-technical.md#permissive-mode) and [Secure Browser API Specification](https://github.com/SmarterApp/SB_BIRT/blob/master/irp/doc/req/SecureBrowserAPIspecification.md) for more info.
+   For more information, see [Permissive mode](take-a-test-app-technical.md#permissive-mode).
 
 
 ### Create a shortcut for the test link
diff --git a/education/windows/take-tests-in-windows-10.md b/education/windows/take-tests-in-windows-10.md
index f9ba6a9479..50853a9e67 100644
--- a/education/windows/take-tests-in-windows-10.md
+++ b/education/windows/take-tests-in-windows-10.md
@@ -74,5 +74,5 @@ To exit the Take a Test app at any time, press Ctrl+Alt+Delete.
 
 
 ## Get more info
-- Teachers can use Microsoft Forms to create tests. See [Create tests using Microsoft Forms](https://support.microsoft.com/help/4000711/windows-10-create-tests-using-microsoft-forms) to find out how.
+- Teachers can use Microsoft Forms to create tests. See [Create tests using Microsoft Forms](https://support.microsoft.com/office/create-a-quiz-with-microsoft-forms-a082a018-24a1-48c1-b176-4b3616cdc83d) to find out how.
 - To learn more about the policies and settings set by the Take a Test app, see [Take a Test app technical reference](take-a-test-app-technical.md).
diff --git a/education/windows/windows-editions-for-education-customers.md b/education/windows/windows-editions-for-education-customers.md
index f64a279787..6f271715c9 100644
--- a/education/windows/windows-editions-for-education-customers.md
+++ b/education/windows/windows-editions-for-education-customers.md
@@ -20,7 +20,7 @@ manager: dansimp
 -   Windows 10
 
 
-Windows 10, version 1607 (Anniversary Update) continues our commitment to productivity, security, and privacy for all customers. Windows 10 Pro and Windows 10 Enterprise offer the functionality and safety features demanded by business and education customers around the globe. Windows 10 is the most secure Windows we’ve ever built. All of our Windows commercial editions can be configured to support the needs of schools, through group policies, domain join, and more. To learn more about Microsoft’s commitment to security and privacy in Windows 10, see more on both [security](https://go.microsoft.com/fwlink/?LinkId=822619) and [privacy](https://go.microsoft.com/fwlink/?LinkId=822620).
+Windows 10, version 1607 (Anniversary Update) continues our commitment to productivity, security, and privacy for all customers. Windows 10 Pro and Windows 10 Enterprise offer the functionality and safety features demanded by business and education customers around the globe. Windows 10 is the most secure Windows we’ve ever built. All of our Windows commercial editions can be configured to support the needs of schools, through group policies, domain join, and more. To learn more about Microsoft’s commitment to security and privacy in Windows 10, see more on both [security](/windows/security/security-foundations) and [privacy](https://go.microsoft.com/fwlink/?LinkId=822620).
 
 Beginning with version 1607, Windows 10 offers a variety of new features and functionality, such as simplified provisioning with the [Set up School PCs app](./use-set-up-school-pcs-app.md) or [Windows Configuration Designer](./set-up-students-pcs-to-join-domain.md), easier delivery of digital assessments with [Take a Test](./take-tests-in-windows-10.md), and faster log in performance for shared devices than ever before. These features work with all Windows for desktop editions, excluding Windows 10 Home. You can find more information on [windows.com](https://www.windows.com/).
 
diff --git a/smb/cloud-mode-business-setup.md b/smb/cloud-mode-business-setup.md
index 67a2d8f5cb..7da2e85c29 100644
--- a/smb/cloud-mode-business-setup.md
+++ b/smb/cloud-mode-business-setup.md
@@ -447,7 +447,7 @@ In the [Microsoft Endpoint Manager admin center](https://go.microsoft.com/fwlink
    :::image type="content" alt-text="Check that the device appears in Intune." source="images/intune_groups_devices_list.png":::
 
 ## 3. Manage device settings and features
-You can use Microsoft Intune admin settings and policies to manage features on your organization's mobile devices and computers. For more info, see [Manage settings and features on your devices with Microsoft Intune policies](/intune/deploy-use/manage-settings-and-features-on-your-devices-with-microsoft-intune-policies).
+You can use Microsoft Intune admin settings and policies to manage features on your organization's mobile devices and computers. For more info, see [Manage settings and features on your devices with Microsoft Intune policies](/mem/intune/configuration/device-profiles).
 
 In this section, we'll show you how to reconfigure app deployment settings and add a new policy that will disable the camera for the Intune-managed devices and turn off Windows Hello and PINs during setup.
 
diff --git a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
index 4dbf952dd9..cbda9f3cbe 100644
--- a/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
+++ b/windows/application-management/app-v/appv-application-publishing-and-client-interaction.md
@@ -346,7 +346,7 @@ This process will recreate both the local and network locations for AppData and
 
 In an App-V Full Infrastructure, after applications are sequenced they are managed and published to users or computers through the App-V Management and Publishing servers. This section details the operations that occur during the common App-V application lifecycle operations (Add, publishing, launch, upgrade, and removal) and the file and registry locations that are changed and modified from the App-V Client perspective. The App-V Client operations are input as PowerShell commands on the computer running the App-V Client.
 
-This document focuses on App-V Full Infrastructure solutions. For specific information on App-V Integration with Configuration Manager 2012, see [Integrating Virtual Application Management with App-V 5 and Configuration Manager 2012 SP1](https://www.microsoft.com/download/details.aspx?id=38177).
+This document focuses on App-V Full Infrastructure solutions. For specific information on App-V Integration with Microsoft Endpoint Configuration Manager, see [Deploy App-V virtual applications with Configuration Manager](/mem/configmgr/apps/get-started/deploying-app-v-virtual-applications).
 
 The App-V application lifecycle tasks are triggered at user sign in (default), machine startup, or as background timed operations. The settings for the App-V Client operations, including Publishing Servers, refresh intervals, package script enablement, and others, are configured (after the client is enabled) with Windows PowerShell commands. See [App-V Client Configuration Settings: Windows PowerShell](appv-client-configuration-settings.md#app-v-client-configuration-settings-windows-powershell).
 
diff --git a/windows/application-management/app-v/appv-auto-clean-unpublished-packages.md b/windows/application-management/app-v/appv-auto-clean-unpublished-packages.md
index f574f36790..0edc5463b0 100644
--- a/windows/application-management/app-v/appv-auto-clean-unpublished-packages.md
+++ b/windows/application-management/app-v/appv-auto-clean-unpublished-packages.md
@@ -11,7 +11,7 @@ ms.reviewer:
 manager: dougeby
 ms.author: aaroncz
 ms.topic: article
----
+---        
 # Automatically clean up unpublished packages on the App-V client
 
 [!INCLUDE [Applies to Windows client versions](../includes/applies-to-windows-client-versions.md)]
@@ -62,5 +62,5 @@ Using Group Policy, you can turn on the **Enable automatic cleanup of unused App
 ## Related topics
 
 - [Download the Windows ADK](https://developer.microsoft.com/windows/hardware/windows-assessment-deployment-kit)
-- [Download the Microsoft Application Virtualization 5.0 Client UI Application](https://www.microsoft.com/download/details.aspx?id=41186)
+- [Deploying App-V for Windows client](appv-deploying-appv.md)
 - [Using the App-V Client Management Console](appv-using-the-client-management-console.md)
diff --git a/windows/client-management/administrative-tools-in-windows-10.md b/windows/client-management/administrative-tools-in-windows-10.md
index 9e0d1732bd..70524a90b4 100644
--- a/windows/client-management/administrative-tools-in-windows-10.md
+++ b/windows/client-management/administrative-tools-in-windows-10.md
@@ -49,7 +49,7 @@ These tools were included in previous versions of Windows. The associated docume
 -   [Registry Editor](/windows/win32/sysinfo/registry)
 -   [Resource Monitor](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd883276(v=ws.10))
 -   [Services](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc772408(v=ws.11))
--   [System Configuration](https://go.microsoft.com/fwlink/p/?LinkId=708499)
+-   [System Configuration](/troubleshoot/windows-client/performance/system-configuration-utility-troubleshoot-configuration-errors)
 -   [System Information]( https://go.microsoft.com/fwlink/p/?LinkId=708500)
 -   [Task Scheduler](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc766428(v=ws.11))
 -   [Windows Firewall with Advanced Security](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc754274(v=ws.11))

From d980fad6169dbda80449f0a185bb7d45bd53aeab Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Thu, 24 Mar 2022 13:18:47 +0530
Subject: [PATCH 041/123] updated the links

---
 ...client-to-receive-updates-from-the-publishing-server.md | 2 +-
 .../app-v/appv-deploy-appv-databases-with-sql-scripts.md   | 1 -
 .../appv-deploying-microsoft-office-2013-with-appv.md      | 7 -------
 .../appv-deploying-microsoft-office-2016-with-appv.md      | 2 +-
 .../app-v/appv-planning-for-using-appv-with-office.md      | 2 +-
 .../app-v/appv-release-notes-for-appv-for-windows.md       | 5 -----
 windows/deployment/add-store-apps-to-image.md              | 4 ++--
 .../deployment/planning/windows-10-deprecated-features.md  | 2 +-
 .../planning/windows-10-enterprise-faq-itpro.yml           | 2 +-
 windows/deployment/update/index.md                         | 4 ++--
 windows/deployment/update/waas-morenews.md                 | 3 +--
 windows/deployment/update/waas-overview.md                 | 2 +-
 .../update/waas-servicing-channels-windows-10-updates.md   | 2 +-
 windows/deployment/update/windows-as-a-service.md          | 6 ------
 14 files changed, 12 insertions(+), 32 deletions(-)

diff --git a/windows/application-management/app-v/appv-configure-the-client-to-receive-updates-from-the-publishing-server.md b/windows/application-management/app-v/appv-configure-the-client-to-receive-updates-from-the-publishing-server.md
index b047bdfd4b..6b86fc2b2e 100644
--- a/windows/application-management/app-v/appv-configure-the-client-to-receive-updates-from-the-publishing-server.md
+++ b/windows/application-management/app-v/appv-configure-the-client-to-receive-updates-from-the-publishing-server.md
@@ -26,7 +26,7 @@ This article will tell you how to configure the App-V client to receive updates
 ## Configure the App-V client to receive updates from the publishing server
 
 1. Deploy the App-V management and publishing servers, and add the required packages and connection groups. For more information about adding packages and connection groups, see [How to add or upgrade packages by using the Management Console](appv-add-or-upgrade-packages-with-the-management-console.md) and [How to create a connection group](appv-create-a-connection-group.md).
-2. To open the management console, open a web browser and enter the following URL: <https://MyMgmtSrv/AppvManagement/Console.html>. Import, publish, and entitle all packages and connection groups that your users will need.
+2. To open the management console, open a web browser and enter the following URL: `https://MyMgmtSrv/AppvManagement/Console.html`. Import, publish, and entitle all packages and connection groups that your users will need.
 3. On the computer running the App-V client, open an elevated Windows PowerShell command prompt, and run the following command:
 
     ```PowerShell
diff --git a/windows/application-management/app-v/appv-deploy-appv-databases-with-sql-scripts.md b/windows/application-management/app-v/appv-deploy-appv-databases-with-sql-scripts.md
index 0d2d26b0be..453435774b 100644
--- a/windows/application-management/app-v/appv-deploy-appv-databases-with-sql-scripts.md
+++ b/windows/application-management/app-v/appv-deploy-appv-databases-with-sql-scripts.md
@@ -48,7 +48,6 @@ Use the following instructions to use SQL scripts, rather than the Windows Insta
 
 >[!IMPORTANT]
 > The InsertVersionInfo.sql script is not required for versions of the App-V management database later than App-V 5.0 SP3.
-> The Permissions.sql script should be updated according to Step 2 in [KB article 3031340](https://support.microsoft.com/kb/3031340). Step 1 is not required for versions of App-V later than App-V 5.0 SP3.
 
 ### Updated management database README file content
 
diff --git a/windows/application-management/app-v/appv-deploying-microsoft-office-2013-with-appv.md b/windows/application-management/app-v/appv-deploying-microsoft-office-2013-with-appv.md
index 5906199b4c..7282d390f2 100644
--- a/windows/application-management/app-v/appv-deploying-microsoft-office-2013-with-appv.md
+++ b/windows/application-management/app-v/appv-deploying-microsoft-office-2013-with-appv.md
@@ -419,13 +419,6 @@ This section describes the requirements and options for deploying Visio 2013 and
 ### Additional resources for Office 2013 App-V Packages
 
 * [Office 2013 Deployment Tool for Click-to-Run](https://www.microsoft.com/download/details.aspx?id=36778)
-* [Supported scenarios for deploying Microsoft Office as a sequenced App-V Package](https://support.microsoft.com/kb/2772509)
-
-### Additional resources for Office 2010 App-V Packages
-
-* [Microsoft Office 2010 Sequencing Kit for Microsoft Application Virtualization 5.0](https://www.microsoft.com/download/details.aspx?id=38399)
-* [Known issues when you create or use an App-V 5.0 Office 2010 package](https://support.microsoft.com/kb/2828619)
-* [How To Sequence Microsoft Office 2010 in Microsoft Application Virtualization 5.0](https://support.microsoft.com/kb/2830069)
 
 ### Additional resources for Connection Groups
 
diff --git a/windows/application-management/app-v/appv-deploying-microsoft-office-2016-with-appv.md b/windows/application-management/app-v/appv-deploying-microsoft-office-2016-with-appv.md
index ccb835f3f9..b8a5d91571 100644
--- a/windows/application-management/app-v/appv-deploying-microsoft-office-2016-with-appv.md
+++ b/windows/application-management/app-v/appv-deploying-microsoft-office-2016-with-appv.md
@@ -120,7 +120,7 @@ The XML file included in the Office Deployment Tool specifies the product detail
       |--------------|----------------------------|----------------|
       | Add element  | Specifies which products and languages the package will include.     | N/A     |
       | **OfficeClientEdition** (attribute of **Add** element) | Specifies whether Office 2016 32-bit or 64-bit edition will be used. **OfficeClientEdition**  must be set to a valid value for the operation to succeed.     | `OfficeClientEdition="32"`<br>`OfficeClientEdition="64"`  |
-      | Product element   | Specifies the application. Project 2016 and Visio 2016 must be specified here as added products to include them in the applications.<br>For more information about Product IDs, see [Product IDs that are supported by the Office Deployment Tool for Click-to-Run](/office365/troubleshoot/installation).   | `Product ID ="O365ProPlusRetail"`<br>`Product ID ="VisioProRetail"`<br>`Product ID ="ProjectProRetail"` |
+      | Product element   | Specifies the application. Project 2016 and Visio 2016 must be specified here as added products to include them in the applications.<br>For more information about Product IDs, see [Product IDs that are supported by the Office Deployment Tool for Click-to-Run](/office365/troubleshoot/installation/product-ids-supported-office-deployment-click-to-run).   | `Product ID ="O365ProPlusRetail"`<br>`Product ID ="VisioProRetail"`<br>`Product ID ="ProjectProRetail"` |
       | Language element     | Specifies which language the applications support.    | `Language ID="en-us"`   |
       | Version (attribute of **Add** element) | Optional. Specifies which build the package will use.<br>Defaults to latest advertised build (as defined in v32.CAB at the Office source).   | `16.1.2.3`    |
       | SourcePath (attribute of **Add** element)   | Specifies the location the applications will be saved to.    | `Sourcepath = "\\Server\Office2016"`     |
diff --git a/windows/application-management/app-v/appv-planning-for-using-appv-with-office.md b/windows/application-management/app-v/appv-planning-for-using-appv-with-office.md
index 69fda5c278..72aa9df82d 100644
--- a/windows/application-management/app-v/appv-planning-for-using-appv-with-office.md
+++ b/windows/application-management/app-v/appv-planning-for-using-appv-with-office.md
@@ -70,7 +70,7 @@ The following table describes the integration level of each version of Office, a
 |Office 2013|Always integrated. Windows operating system integrations cannot be disabled.|
 |Office 2016|Always integrated. Windows operating system integrations cannot be disabled.|
 
-Microsoft recommends deploying Office coexistence with only one integrated Office instance. For example, if you’re using App-V to deploy Office 2010 and Office 2013, you should sequence Office 2010 in non-integrated mode. For more information about sequencing Office in non-integration (isolated) mode, see [How to sequence Microsoft Office 2010 in Microsoft Application Virtualization 5.0](https://support.microsoft.com/kb/2830069).
+Microsoft recommends deploying Office coexistence with only one integrated Office instance. For example, if you’re using App-V to deploy Office 2010 and Office 2013, you should sequence Office 2010 in non-integrated mode.
 
 ### Known limitations of Office coexistence scenarios
 
diff --git a/windows/application-management/app-v/appv-release-notes-for-appv-for-windows.md b/windows/application-management/app-v/appv-release-notes-for-appv-for-windows.md
index 3e593c4180..47bba9bde1 100644
--- a/windows/application-management/app-v/appv-release-notes-for-appv-for-windows.md
+++ b/windows/application-management/app-v/appv-release-notes-for-appv-for-windows.md
@@ -135,11 +135,6 @@ Icons in the Shortcuts and File Type Associations tab are not displayed correctl
 ## InsertVersionInfo.sql script no longer required for the Management Database
 The InsertVersionInfo.sql script is not required for versions of the App-V management database later than App-V 5.0 SP3.
 
-The Permissions.sql script should be updated according to **Step 2** in [KB article 3031340](https://support.microsoft.com/kb/3031340).
-
-> [!IMPORTANT]
-> **Step 1** of the KB article listed above isn't required for versions of App-V later than App-V 5.0 SP3.
-
 ## Microsoft Visual Studio 2012 not supported
 App-V doesn't support Visual Studio 2012.
 
diff --git a/windows/deployment/add-store-apps-to-image.md b/windows/deployment/add-store-apps-to-image.md
index 6ff2980e1d..a0a5a3c408 100644
--- a/windows/deployment/add-store-apps-to-image.md
+++ b/windows/deployment/add-store-apps-to-image.md
@@ -35,7 +35,7 @@ This topic describes the correct way to add Microsoft Store for Business applica
 * A Windows Image. For instructions on image creation, see [Create a Windows 10 reference image](deploy-windows-mdt/create-a-windows-10-reference-image.md).
 
 >[!NOTE]
-> If you'd like to add an internal LOB Microsoft Store application, please follow the instructions on **[Sideload LOB apps in Windows 10](/windows/application-management/sideload-apps-in-windows-10)**.
+> If you'd like to add an internal LOB Microsoft Store application, please follow the instructions on **[Sideload line of business (LOB) apps in Windows client devices](../application-management/sideload-apps-in-windows-10.md)**.
 
 ## Adding a Store application to your image
 
@@ -78,7 +78,7 @@ Now, on the machine where your image file is accessible:
 * [Customize and export Start layout](/windows/configuration/customize-and-export-start-layout)
 * [Export-StartLayout](/powershell/module/startlayout/export-startlayout)
 * [Import-StartLayout](/powershell/module/startlayout/import-startlayout)
-* [Sideload LOB apps in Windows 10](/windows/application-management/siddeploy-windows-cmws-10)
+* [Sideload line of business (LOB) apps in Windows client devices](../application-management/sideload-apps-in-windows-10.md)
 * [Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](deploy-windows-cm/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md)
 * [Deploy Windows 10 with the Microsoft Deployment Toolkit](./deploy-windows-mdt/prepare-for-windows-deployment-with-mdt.md)
 * [Windows Assessment and Deployment Kit (Windows ADK)](windows-adk-scenarios-for-it-pros.md)
diff --git a/windows/deployment/planning/windows-10-deprecated-features.md b/windows/deployment/planning/windows-10-deprecated-features.md
index 82c116b5b9..5643921704 100644
--- a/windows/deployment/planning/windows-10-deprecated-features.md
+++ b/windows/deployment/planning/windows-10-deprecated-features.md
@@ -46,7 +46,7 @@ The features described below are no longer being actively developed, and might b
 | Wi-Fi WEP and TKIP | Since the 1903 release, a warning message has appeared when connecting to Wi-Fi networks secured with WEP or TKIP (which are not as secure as those using WPA2 or WPA3). In a future release, any connection to a Wi-Fi network using these old ciphers will be disallowed. Wi-Fi routers should be updated to use AES ciphers, available with WPA2 or WPA3. | 1903 |
 | Windows To Go | Windows To Go is no longer being developed. <br><br>The feature does not support feature updates and therefore does not enable you to stay current. It also requires a specific type of USB that is no longer supported by many OEMs.|  1903 |
 | Print 3D app | Going forward, 3D Builder is the recommended 3D printing app. To 3D print objects on new Windows devices, customers must first install 3D Builder from the Store.| 1903 |
-|Companion device dynamic lock APIS|The companion device framework (CDF) APIs enable wearables and other devices to unlock a PC. In Windows 10, version 1709, we introduced [Dynamic Lock](/windows/security/identity-protection/hello-for-business/hello-features#dynamic-lock), including an inbox method using Bluetooth to detect whether a user is present and lock or unlock the PC. Because of this, and because non-Microsoft partners didn't adopt the CDF method, we're no longer developing CDF Dynamic Lock APIs.| 1809 |
+|Companion device dynamic lock APIS|The companion device framework (CDF) APIs enable wearables and other devices to unlock a PC. In Windows 10, version 1709, we introduced [Dynamic Lock](../../security/identity-protection/hello-for-business/hello-feature-dynamic-lock.md), including an inbox method using Bluetooth to detect whether a user is present and lock or unlock the PC. Because of this, and because non-Microsoft partners didn't adopt the CDF method, we're no longer developing CDF Dynamic Lock APIs.| 1809 |
 |OneSync service|The OneSync service synchronizes data for the Mail, Calendar, and People apps. We've added a sync engine to the Outlook app that provides the same synchronization.| 1809 |
 |Snipping Tool|The Snipping Tool is an application included in Windows 10 that is used to capture screenshots, either the full screen or a smaller, custom "snip" of the screen. In Windows 10, version 1809, we're [introducing a new universal app, Snip & Sketch](https://blogs.windows.com/windowsexperience/2018/05/03/announcing-windows-10-insider-preview-build-17661/#8xbvP8vMO0lF20AM.97), that provides the same screen snipping abilities, as well as additional features. You can launch Snip & Sketch directly and start a snip from there, or just press WIN + Shift + S. Snip & Sketch can also be launched from the “Screen snip” button in the Action Center. We're no longer developing the Snipping Tool as a separate app but are instead consolidating its functionality into Snip & Sketch.| 1809 |
 |[Software Restriction Policies](/windows-server/identity/software-restriction-policies/software-restriction-policies) in Group Policy|Instead of using the Software Restriction Policies through Group Policy, you can use [AppLocker](/windows/security/threat-protection/applocker/applocker-overview) or [Windows Defender Application Control](/windows/security/threat-protection/windows-defender-application-control) to control which apps users can access and what code can run in the kernel.| 1803 |
diff --git a/windows/deployment/planning/windows-10-enterprise-faq-itpro.yml b/windows/deployment/planning/windows-10-enterprise-faq-itpro.yml
index 2db0fd7296..117d670e45 100644
--- a/windows/deployment/planning/windows-10-enterprise-faq-itpro.yml
+++ b/windows/deployment/planning/windows-10-enterprise-faq-itpro.yml
@@ -147,6 +147,6 @@ sections:
         answer: |
           Use the following resources for additional information about Windows 10.
           - If you are an IT professional or if you have a question about administering, managing, or deploying Windows 10 in your organization or business, visit the [Windows 10 IT Professional forums](https://social.technet.microsoft.com/forums/home?category=windows10itpro) on TechNet.
-          - If you are an end user or if you have a question about using Windows 10, visit the [Windows 10 forums on Microsoft Community](https://answers.microsoft.com/windows/forum/windows_10).
+          - If you are an end user or if you have a question about using Windows 10, visit the [Windows 10 forums on Microsoft Community](https://answers.microsoft.com/windows/forum).
           - If you are a developer or if you have a question about making apps for Windows 10, visit the [Windows Desktop Development forums](https://social.msdn.microsoft.com/forums/en-us/home?category=windowsdesktopdev).
           - If you have a question about Internet Explorer, visit the [Internet Explorer forums](https://social.technet.microsoft.com/forums/ie/en-us/home).
diff --git a/windows/deployment/update/index.md b/windows/deployment/update/index.md
index 5bf7d676b6..cb16c3b261 100644
--- a/windows/deployment/update/index.md
+++ b/windows/deployment/update/index.md
@@ -32,7 +32,7 @@ Windows as a service provides a new way to think about building, deploying, and
 | [Quick guide to Windows as a service](waas-quick-start.md) | Provides a brief summary of the key points for the servicing model for Windows client. |
 | [Overview of Windows as a service](waas-overview.md) | Explains the differences in building, deploying, and servicing Windows client; introduces feature updates, quality updates, and the different servicing branches; compares servicing tools. |
 | [Prepare servicing strategy for Windows client updates](waas-servicing-strategy-windows-10-updates.md) | Explains the decisions you need to make in your servicing strategy.  |
-| [Assign devices to servicing branches for Windows client updates](/waas-servicing-channels-windows-10-updates.md) | Explains how to assign devices to the General Availability Channel for feature and quality updates, and how to enroll devices in Windows Insider. |
+| [Assign devices to servicing branches for Windows client updates](waas-servicing-channels-windows-10-updates.md) | Explains how to assign devices to the General Availability Channel for feature and quality updates, and how to enroll devices in Windows Insider. |
 | [Monitor Windows Updates with Update Compliance](update-compliance-monitor.md) | Explains how to use Update Compliance to monitor and manage Windows Updates on devices in your organization.  |
 | [Optimize update delivery](../do/waas-optimize-windows-10-updates.md) | Explains the benefits of using Delivery Optimization or BranchCache for update distribution.  |
 | [Deploy updates using Windows Update for Business](waas-manage-updates-wufb.md) | Explains how to use Windows Update for Business to manage when devices receive updates directly from Windows Update. Includes walkthroughs for configuring Windows Update for Business using Group Policy and Microsoft Intune.  |
@@ -40,7 +40,7 @@ Windows as a service provides a new way to think about building, deploying, and
 | [Deploy Windows client updates using Microsoft Endpoint Configuration Manager](/mem/configmgr/osd/deploy-use/manage-windows-as-a-service) | Explains how to use Configuration Manager to manage Windows client updates.  |
 | [Manage device restarts after updates](waas-restart.md) | Explains how to manage update related device restarts. |
 | [Manage additional Windows Update settings](waas-wu-settings.md) | Provides details about settings available to control and configure Windows Update |
-| [Windows Insider Program for Business](/windows-insider/at-work-pro/wip-4-biz-get-started) | Explains how the Windows Insider Program for Business works and how to become an insider. |
+| [Windows Insider Program for Business](/windows-insider/business/register) | Explains how the Windows Insider Program for Business works and how to become an insider. |
 
 >[!TIP]
 >For disaster recovery scenarios and bare-metal deployments of Windows client, you still can use traditional imaging software such as Microsoft Endpoint Manager or the Microsoft Deployment Toolkit. Using these tools to deploy Windows client images is similar to deploying previous versions of Windows.
diff --git a/windows/deployment/update/waas-morenews.md b/windows/deployment/update/waas-morenews.md
index 2239c8a19b..e9ce2f2e27 100644
--- a/windows/deployment/update/waas-morenews.md
+++ b/windows/deployment/update/waas-morenews.md
@@ -31,7 +31,6 @@ Here's more news about [Windows as a service](windows-as-a-service.md):
 <li><a href="https://blogs.windows.com/windowsexperience/2019/01/15/application-compatibility-in-the-windows-ecosystem/#A8urpp1QEp6DHzmP.97">Application compatibility in the Windows ecosystem</a> - January 15, 2019</li>
 <li><a href="https://blogs.windows.com/windowsexperience/2018/12/10/windows-monthly-security-and-quality-updates-overview/#UJJpisSpvyLokbHm.97">Windows monthly security and quality updates overview</a> - January 10, 2019</li>
 <li><a href="https://blogs.windows.com/windowsexperience/2018/12/19/driver-quality-in-the-windows-ecosystem/#ktuodfovWAMAkssM.97">Driver quality in the Windows ecosystem</a> - December 19, 2018</li>
-<li><a href="http://m365mdp.mpsn.libsynpro.com/001-windows-10-monthly-quality-updates">Modern Desktop Podcast - Episode 001 – Windows 10 Monthly Quality Updates</a> - December 18, 2018</li>
 <li><a href="https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Measuring-Delivery-Optimization-and-its-impact-to-your-network/ba-p/301809#M409">Measuring Delivery Optimization and its impact to your network</a> - December 13, 2018</li>
 <li><a href="https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/LTSC-What-is-it-and-when-should-it-be-used/ba-p/293181">LTSC: What is it, and when should it be used?</a> - November 29, 2018</li>
 <li><a href="https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Local-Experience-Packs-What-are-they-and-when-should-you-use/ba-p/286841">Local Experience Packs: What are they and when should you use them?</a> - November 14, 2018</li>
@@ -45,7 +44,7 @@ Here's more news about [Windows as a service](windows-as-a-service.md):
 <li><a href="https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-7-servicing-stack-updates-managing-change-and/ba-p/260434">Windows 7 Servicing Stack Updates: Managing Change and Appreciating Cumulative Updates</a> - September 21, 2018</li>
 <li><a href="https://www.microsoft.com/microsoft-365/blog/2018/09/06/helping-customers-shift-to-a-modern-desktop/">Helping customers shift to a modern desktop</a> - September 6, 2018</li>
 <li><a href="https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/What-s-next-for-Windows-10-and-Windows-Server-quality-updates/ba-p/229461">What&#39;s next for Windows 10 and Windows Server quality updates</a> - August 16, 2018</li>
-<li><a href="https://www.youtube-nocookie.com/watch/BwB10v55WSk">Windows 10 monthly updates</a> - August 1, 2018 (<strong>video</strong>)</li>
+<li><a href="https://www.youtube.com/watch?v=BwB10v55WSk">Windows 10 monthly updates</a> - August 1, 2018 (<strong>video</strong>)</li>
 <li><a href="https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376">Windows 10 update servicing cadence</a> - August 1, 2018</li>
 <li><a href="https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-quality-updates-explained-amp-the-end-of-delta/ba-p/214426">Windows 10 quality updates explained and the end of delta updates</a> - July 11, 2018</li>
 <li><a href="https://blogs.windows.com/windowsexperience/2018/06/14/ai-powers-windows-10-april-2018-update-rollout/#67LrSyWdwgTyciSG.97">AI Powers Windows 10 April 2018 Update Rollout</a> - June 14, 2018</li>
diff --git a/windows/deployment/update/waas-overview.md b/windows/deployment/update/waas-overview.md
index 5aa1bb9690..c30ca87c8b 100644
--- a/windows/deployment/update/waas-overview.md
+++ b/windows/deployment/update/waas-overview.md
@@ -122,7 +122,7 @@ The Long-term Servicing Channel is available only in the Windows 10 Enterprise L
 
 For many IT pros, gaining visibility into feature updates early--before they’re available to the General Availability Channel — can be both intriguing and valuable for future end user communications as well as provide the means to test for any issues on the next General Availability release. Windows Insiders can consume and deploy preproduction code to their test machines, gaining early visibility into the next build. Testing the early builds helps both Microsoft and its customers because they have the opportunity to discover possible issues before the update is ever publicly available and can report it to Microsoft.
 
-Microsoft recommends that all organizations have at least a few devices enrolled in the Windows Insider Program and provide feedback on any issues they encounter. For information about the Windows Insider Program for Business, go to [Windows Insider Program for Business](/windows-insider/at-work-pro/wip-4-biz-get-started).
+Microsoft recommends that all organizations have at least a few devices enrolled in the Windows Insider Program and provide feedback on any issues they encounter. For information about the Windows Insider Program for Business, go to [Windows Insider Program for Business](/windows-insider/business/register).
 
 
 
diff --git a/windows/deployment/update/waas-servicing-channels-windows-10-updates.md b/windows/deployment/update/waas-servicing-channels-windows-10-updates.md
index 2e47228c90..7bb54c0c01 100644
--- a/windows/deployment/update/waas-servicing-channels-windows-10-updates.md
+++ b/windows/deployment/update/waas-servicing-channels-windows-10-updates.md
@@ -63,7 +63,7 @@ The **Branch Readiness Level** settings allow you to choose between preview flig
 * Group Policy: **Computer Configuration/Administrative Templates/Windows Components/Windows Update/ Windows Update for Business** - *Select when Preview Builds and feature updates are received*
 * MDM: **Update/BranchReadinessLevel**
 
-For more information, see [Windows Insider Program for Business](/windows-insider/at-work-pro/wip-4-biz-get-started)
+For more information, see [Windows Insider Program for Business](/windows-insider/business/register)
 
 ## Block access to Windows Insider Program
 
diff --git a/windows/deployment/update/windows-as-a-service.md b/windows/deployment/update/windows-as-a-service.md
index a9a1751eac..a53cf59f90 100644
--- a/windows/deployment/update/windows-as-a-service.md
+++ b/windows/deployment/update/windows-as-a-service.md
@@ -107,9 +107,3 @@ Secure your organization's deployment investment.
 [Express update delivery](../do/waas-optimize-windows-10-updates.md#express-update-delivery)
 
 [Windows 10 deployment considerations](../planning/windows-10-deployment-considerations.md)
-
-
-## Microsoft Ignite 2018
-<img src="images/ignite-land.jpg" alt="Ignite" width="640" height="320"/>
-
-Looking to learn more? These informative session replays from Microsoft Ignite 2018 (complete with downloadable slide decks) can provide some great insights on Windows as a service. See [MyIgnite - Session catalog](https://myignite.techcommunity.microsoft.com/sessions).

From 5bbe6b2d58e11b2c1d5187474e219d7c87c933d3 Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Thu, 24 Mar 2022 14:37:12 +0530
Subject: [PATCH 042/123] improved the acrolinx score

---
 .../app-v/appv-release-notes-for-appv-for-windows.md      | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/windows/application-management/app-v/appv-release-notes-for-appv-for-windows.md b/windows/application-management/app-v/appv-release-notes-for-appv-for-windows.md
index 47bba9bde1..69755c157d 100644
--- a/windows/application-management/app-v/appv-release-notes-for-appv-for-windows.md
+++ b/windows/application-management/app-v/appv-release-notes-for-appv-for-windows.md
@@ -26,7 +26,7 @@ MSI packages that were generated using an App-V sequencer from previous versions
 
 1. Install the latest App-V sequencer, which you can get from the Windows Assessment and Deployment Kit (ADK) for Windows 10, version 1607. See [Download the Windows ADK](https://developer.microsoft.com/windows/hardware/windows-assessment-deployment-kit). For more information, see [Install the App-V Sequencer](appv-install-the-sequencer.md).
 
-2. Ensure that you have installed the **MSI Tools** included in the Windows 10 SDK, available as follows:
+2. Ensure that you've installed the **MSI Tools** included in the Windows 10 SDK, available as follows:
 
     - For the **Visual Studio Community 2015 with Update 3** client, which includes the latest Windows 10 SDK and developer tools, see [Downloads and tools for Windows 10](https://developer.microsoft.com/en-us/windows/downloads).
     
@@ -47,12 +47,12 @@ MSI packages that were generated using an App-V sequencer from previous versions
     where the path is to the new directory (**C:\MyMsiTools\ for this example**).
 
 ## Error occurs during publishing refresh between App-V 5.0 SP3 Management Server and App-V Client on Windows 10
-An error is generated during publishing refresh when synchronizing packages from the App-V 5.0 SP3 management server to an App-V client on Windows 10. This error occurs because the App-V 5.0 SP3 server does not understand the Windows 10 operating system that is specified in the publishing URL. The issue is fixed for App-V publishing server, but is not backported to versions of App-V 5.0 SP3 or earlier.
+An error is generated during publishing refresh when synchronizing packages from the App-V 5.0 SP3 management server to an App-V client on Windows 10. This error occurs because the App-V 5.0 SP3 server doesn't understand the Windows 10 operating system that is specified in the publishing URL. The issue is fixed for App-V publishing server, but isn't backported to versions of App-V 5.0 SP3 or earlier.
 
 **Workaround**: Upgrade the App-V 5.0 Management server to the App-V Management server for Windows 10 Clients.
 
-## Custom configurations do not get applied for packages that will be published globally if they are set using the App-V Server
-If you assign a package to an AD group that contains machine accounts and apply a custom configuration to that group using the App-V Server, the custom configuration will not be applied to those machines. The App-V Client will publish packages assigned to a machine account globally. However, it stores custom configuration files per user in each user’s profile. Globally published packages will not have access to this custom configuration.
+## Custom configurations don't get applied for packages that will be published globally if they're set using the App-V Server
+If you assign a package to an AD group that contains machine accounts and apply a custom configuration to that group using the App-V Server, the custom configuration won't not be applied to those machines. The App-V Client will publish packages assigned to a machine account globally. However, it stores custom configuration files per user in each user’s profile. Globally published packages won't have access to this custom configuration.
 
 **Workaround**: Do one of the following:
 

From 33515e87468b197c0eacea13ab67ca48a2820319 Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Thu, 24 Mar 2022 14:59:14 +0530
Subject: [PATCH 043/123] updated broken links

---
 windows/deployment/update/WIP4Biz-intro.md            | 2 +-
 windows/deployment/update/windows-update-errors.md    | 2 +-
 windows/deployment/upgrade/quick-fixes.md             | 6 ++----
 windows/deployment/upgrade/resolution-procedures.md   | 2 +-
 windows/deployment/usmt/usmt-best-practices.md        | 2 +-
 windows/deployment/usmt/usmt-resources.md             | 2 +-
 windows/deployment/windows-10-deployment-scenarios.md | 2 +-
 7 files changed, 8 insertions(+), 10 deletions(-)

diff --git a/windows/deployment/update/WIP4Biz-intro.md b/windows/deployment/update/WIP4Biz-intro.md
index 0344fbd385..3683bb0214 100644
--- a/windows/deployment/update/WIP4Biz-intro.md
+++ b/windows/deployment/update/WIP4Biz-intro.md
@@ -51,7 +51,7 @@ Windows 10 Insider Preview builds offer organizations a valuable and exciting op
 |Feedback   |  - Provide feedback via [Feedback Hub app](insiderhub://home/). This helps us make adjustments to features as quickly as possible.<br> - Encourage users to sign into the Feedback Hub using their AAD work accounts. This enables both you and Microsoft to track feedback submitted by users within your specific organization. (Note: This tracking is only visible to Microsoft and registered Insiders within your organization’s domain.)<br> - [Learn how to provide effective feedback in the Feedback Hub](https://insider.windows.com/how-to-feedback/)       |
 
 ## Validate Insider Preview builds 
-Along with exploring new features, you also have the option to validate your apps and infrastructure on Insider Preview builds. This activity can play an important role in your [Windows 10 deployment strategy](/windows/deployment/update/waas-windows-insider-for-business). Early validation has several benefits:
+Along with exploring new features, you also have the option to validate your apps and infrastructure on Insider Preview builds. Early validation has several benefits:
 
 - Get a head start on your Windows validation process.
 - Identify issues sooner to accelerate your Windows deployment.
diff --git a/windows/deployment/update/windows-update-errors.md b/windows/deployment/update/windows-update-errors.md
index b500ca17a8..b959392dc7 100644
--- a/windows/deployment/update/windows-update-errors.md
+++ b/windows/deployment/update/windows-update-errors.md
@@ -198,7 +198,7 @@ The following table provides information about common errors you might run into
 
 | Message | Description | Mitigation |
 |---------|-------------|------------|
-| WININET_E_TIMEOUT; The operation timed out | Unable to scan for updates due to a connectivity issue to Windows Update, Configuration Manager, or WSUS. | This error generally means that the Windows Update Agent was unable to connect to the update servers or your own source, such as WSUS, Configuration Manager, or Microsoft Endpoint Manager. <br> Check with your network team to ensure that the device can reach the update sources. For more info, see [Troubleshoot software update scan failures in Configuration Manager](/mem/configmgr/troubleshoot-software-update-scan-failures). <br> If you’re using the public Microsoft update servers, check that your device can access the following Windows Update endpoints: <br> `http://windowsupdate.microsoft.com` <br> https://.windowsupdate.microsoft.com <br> https://update.microsoft.com <br> https://*.update.microsoft.com <br> https://windowsupdate.com <br> https://*.windowsupdate.com <br> https://download.windowsupdate.com <br> https://*.download.windowsupdate.com <br> https://download.microsoft.com <br> https://*.download.windowsupdate.com <br> https://wustat.windows.com <br> https://*.wustat.windows.com <br> https://ntservicepack.microsoft.com |
+| WININET_E_TIMEOUT; The operation timed out | Unable to scan for updates due to a connectivity issue to Windows Update, Configuration Manager, or WSUS. | This error generally means that the Windows Update Agent was unable to connect to the update servers or your own source, such as WSUS, Configuration Manager, or Microsoft Endpoint Manager. <br> Check with your network team to ensure that the device can reach the update sources. For more info, see [Troubleshoot software update scan failures in Configuration Manager](/troubleshoot/mem/configmgr/troubleshoot-software-update-scan-failures). <br> If you’re using the public Microsoft update servers, check that your device can access the following Windows Update endpoints: <br> `http://windowsupdate.microsoft.com` <br> https://.windowsupdate.microsoft.com <br> https://update.microsoft.com <br> https://*.update.microsoft.com <br> https://windowsupdate.com <br> https://*.windowsupdate.com <br> https://download.windowsupdate.com <br> https://*.download.windowsupdate.com <br> https://download.microsoft.com <br> https://*.download.windowsupdate.com <br> https://wustat.windows.com <br> https://*.wustat.windows.com <br> https://ntservicepack.microsoft.com |
 
 ## 0x80240022
 
diff --git a/windows/deployment/upgrade/quick-fixes.md b/windows/deployment/upgrade/quick-fixes.md
index 3f582da318..e23f09f53f 100644
--- a/windows/deployment/upgrade/quick-fixes.md
+++ b/windows/deployment/upgrade/quick-fixes.md
@@ -117,9 +117,7 @@ To check and repair errors on the system drive:
 
 The Windows Update troubleshooter tool will automatically analyze and fix problems with Windows Update, such as a corrupted download. It will also tell you if there is a pending reboot that is preventing Windows from updating.
 
-For Windows 7 and 8.1, the tool is [here](https://aka.ms/diag_wu).
-
-For Windows 10, the tool is [here](https://aka.ms/wudiag).
+[Download the tool for Windows 10](https://aka.ms/wudiag).
 
 To run the tool, click the appropriate link above. Your web browser will prompt you to save or open the file. Select **open** and the tool will automatically start. The tool will walk you through analyzing and fixing some common problems.
 
@@ -204,7 +202,7 @@ To remove programs, use the same steps as are provided [above](#uninstall-non-mi
 
 Updating firmware (such as the BIOS) and installing hardware drivers is a somewhat advanced task.  Do not attempt to update BIOS if you aren't familiar with BIOS settings or are not sure how to restore the previous BIOS version if there are problems. Most BIOS updates are provided as a "flash" update. Your manufacturer might provide a tool to perform the update, or you might be required to enter the BIOS and update it manually. Be sure to save your working BIOS settings, since some updates can reset your configuration and make the computer fail to boot if (for example) a RAID configuration is changed.
 
-Most BIOS and other hardware updates can be obtained from a website maintained by your computer manufacturer. For example, Microsoft Surface device drivers can be obtained at: [Download the latest firmware and drivers for Surface devices](/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices).
+Most BIOS and other hardware updates can be obtained from a website maintained by your computer manufacturer. For example, Microsoft Surface device drivers can be obtained at: [Download the latest firmware and drivers for Surface devices](/surface/manage-surface-driver-and-firmware-updates).
 
 To obtain the proper firmware drivers, search for the most updated driver version provided by your computer manufacturer. Install these updates and reboot the computer after installation. Request assistance from the manufacturer if you have any questions.
 
diff --git a/windows/deployment/upgrade/resolution-procedures.md b/windows/deployment/upgrade/resolution-procedures.md
index 3ae929c837..56d0212208 100644
--- a/windows/deployment/upgrade/resolution-procedures.md
+++ b/windows/deployment/upgrade/resolution-procedures.md
@@ -82,7 +82,7 @@ See the following general troubleshooting procedures associated with a result co
 |0x80240017|The upgrade is unavailable for this edition of Windows.|Administrative policies enforced by your organization might be preventing the upgrade. Contact your IT administrator.|
 |0x80070020|The existing process cannot access the file because it is being used by another process.|Use the MSCONFIG tool to perform a clean boot on the machine and then try to perform the update again. For more information, see [How to perform a clean boot in Windows](https://support.microsoft.com/kb/929135).|
 |0x80070522|The user doesn’t have required privilege or credentials to upgrade.|Ensure that you have signed in as a local administrator or have local administrator privileges.|
-|0xC1900107|A cleanup operation from a previous installation attempt is still pending and a system reboot is required in order to continue the upgrade.|Restart the device and run setup again. If restarting the device does not resolve the issue, then use the Disk Cleanup utility and clean up the temporary files as well as the System files. For more information, see [Disk cleanup in Windows 10](https://support.microsoft.com/instantanswers/8fef4121-711b-4be1-996f-99e02c7301c2/disk-cleanup-in-windows-10).|
+|0xC1900107|A cleanup operation from a previous installation attempt is still pending and a system reboot is required in order to continue the upgrade.|Restart the device and run setup again. If restarting the device does not resolve the issue, then use the Disk Cleanup utility and clean up the temporary files as well as the System files. For more information, see [Disk cleanup in Windows 10](https://support.microsoft.com/windows/disk-cleanup-in-windows-8a96ff42-5751-39ad-23d6-434b4d5b9a68).|
 |0xC1900209|The user has chosen to cancel because the system does not pass the compatibility scan to install the update. Setup.exe will report this error when it can upgrade the machine with user data but cannot migrate installed applications.|Incompatible software is blocking the upgrade process. Uninstall the application and try the upgrade again. See [Windows 10 Pre-Upgrade Validation using SETUP.EXE](/archive/blogs/mniehaus/windows-10-pre-upgrade-validation-using-setup-exe) for more information.<p>You can also download the Windows Assessment and Deployment Kit (ADK) for Windows 10 and install Application Compatibility Tools.|
 |0x8007002|This error is specific to upgrades using System Center 2012 Configuration Manager R2 SP1 CU3 (5.00.8238.1403)|Analyze the SMSTS.log and verify that the upgrade is failing on "Apply Operating system" Phase: Error 80072efe DownloadFileWithRanges() failed. 80072efe. ApplyOperatingSystem (0x0760)<p>The error 80072efe means that the connection with the server was terminated abnormally.<p>To resolve this issue, try the OS Deployment test on a client in same VLAN as the Configuration Manager server. Check the network configuration for random client-server connection issues happening on the remote VLAN.|
 |0x80240FFF|Occurs when update synchronization fails. It can occur when you are using Windows Server Update Services on its own or when it is integrated with Microsoft Endpoint Configuration Manager. If you enable update synchronization before you install hotfix 3095113, WSUS doesn't recognize the Upgrades classification and instead treats the upgrade like a regular update.|You can prevent this by installing hotfix 3095113 before you enable update synchronization. However, if you have already run into this problem, do the following:<ol><li>Disable the Upgrades classification.<li>Install hotfix 3095113.<li>Delete previously synched updates.<li>Enable the Upgrades classification.<li>Perform a full synch.</ol><p>For detailed information on how to run these steps check out How to delete upgrades in WSUS.|
diff --git a/windows/deployment/usmt/usmt-best-practices.md b/windows/deployment/usmt/usmt-best-practices.md
index 9b42f69d51..c5c2dd15aa 100644
--- a/windows/deployment/usmt/usmt-best-practices.md
+++ b/windows/deployment/usmt/usmt-best-practices.md
@@ -62,7 +62,7 @@ As the authorized administrator, it is your responsibility to protect the privac
 
 -   **Encrypting File System (EFS)**
 
-    Take extreme caution when migrating encrypted files, because the end user does not need to be logged on to capture the user state. By default, USMT fails if an encrypted file is found. For more information about EFS best practices, see this article in the [Microsoft Knowledge Base](https://go.microsoft.com/fwlink/p/?linkid=163). For specific instructions about EFS best practices, see [Migrate EFS Files and Certificates](usmt-migrate-efs-files-and-certificates.md).
+    Take extreme caution when migrating encrypted files, because the end user does not need to be logged on to capture the user state. By default, USMT fails if an encrypted file is found. For specific instructions about EFS best practices, see [Migrate EFS Files and Certificates](usmt-migrate-efs-files-and-certificates.md).
 
     **Important**  
     If you migrate an encrypted file without also migrating the certificate, end users will not be able to access the file after the migration.
diff --git a/windows/deployment/usmt/usmt-resources.md b/windows/deployment/usmt/usmt-resources.md
index 616679ded8..bd33a0fe0c 100644
--- a/windows/deployment/usmt/usmt-resources.md
+++ b/windows/deployment/usmt/usmt-resources.md
@@ -28,7 +28,7 @@ ms.topic: article
 
         For more information about how to use the schema with your XML authoring environment, see the environment’s documentation.
 
--   [Ask the Directory Services Team blog](https://go.microsoft.com/fwlink/p/?LinkId=226365)
+-   [Ask the Directory Services Team blog](/archive/blogs/askds/)
 
 -   Forums:
 
diff --git a/windows/deployment/windows-10-deployment-scenarios.md b/windows/deployment/windows-10-deployment-scenarios.md
index e3d470f779..09bd64cb23 100644
--- a/windows/deployment/windows-10-deployment-scenarios.md
+++ b/windows/deployment/windows-10-deployment-scenarios.md
@@ -191,7 +191,7 @@ The deployment process for the replace scenario is as follows:
 
 - [Upgrade to Windows 10 with the Microsoft Deployment Toolkit](deploy-windows-mdt/upgrade-to-windows-10-with-the-microsoft-deployment-toolkit.md)
 - [Upgrade to Windows 10 with Microsoft Endpoint Configuration Manager](./deploy-windows-cm/upgrade-to-windows-10-with-configuration-manager.md)
-- [Deploy Windows 10 with System Center 2012 R2 Configuration Manager](https://go.microsoft.com/fwlink/p/?LinkId=620230)
+- [Deploy Windows 10 using PXE and Configuration Manager](deploy-windows-cm/deploy-windows-10-using-pxe-and-configuration-manager.md)
 - [Deploy Windows 10 with the Microsoft Deployment Toolkit](./deploy-windows-mdt/prepare-for-windows-deployment-with-mdt.md)
 - [Windows setup technical reference](/windows-hardware/manufacture/desktop/windows-setup-technical-reference)
 - [Windows Imaging and Configuration Designer](/windows/configuration/provisioning-packages/provisioning-install-icd)

From 18c6b1165643e0d6e72358485f6f2e02ae45cee0 Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Thu, 24 Mar 2022 15:14:35 +0530
Subject: [PATCH 044/123] updated the links

---
 windows/deployment/add-store-apps-to-image.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/add-store-apps-to-image.md b/windows/deployment/add-store-apps-to-image.md
index a0a5a3c408..e01fa1914b 100644
--- a/windows/deployment/add-store-apps-to-image.md
+++ b/windows/deployment/add-store-apps-to-image.md
@@ -35,7 +35,7 @@ This topic describes the correct way to add Microsoft Store for Business applica
 * A Windows Image. For instructions on image creation, see [Create a Windows 10 reference image](deploy-windows-mdt/create-a-windows-10-reference-image.md).
 
 >[!NOTE]
-> If you'd like to add an internal LOB Microsoft Store application, please follow the instructions on **[Sideload line of business (LOB) apps in Windows client devices](../application-management/sideload-apps-in-windows-10.md)**.
+> If you'd like to add an internal LOB Microsoft Store application, please follow the instructions on **[Sideload line of business (LOB) apps in Windows client devices](/windows/application-management/sideload-apps-in-windows-10.md)**.
 
 ## Adding a Store application to your image
 

From 07364ca2f7a3956ce1fc28a434a79865963e81c9 Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Thu, 24 Mar 2022 15:18:32 +0530
Subject: [PATCH 045/123] updated the warning

---
 windows/deployment/add-store-apps-to-image.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/add-store-apps-to-image.md b/windows/deployment/add-store-apps-to-image.md
index e01fa1914b..e8e2967811 100644
--- a/windows/deployment/add-store-apps-to-image.md
+++ b/windows/deployment/add-store-apps-to-image.md
@@ -78,7 +78,7 @@ Now, on the machine where your image file is accessible:
 * [Customize and export Start layout](/windows/configuration/customize-and-export-start-layout)
 * [Export-StartLayout](/powershell/module/startlayout/export-startlayout)
 * [Import-StartLayout](/powershell/module/startlayout/import-startlayout)
-* [Sideload line of business (LOB) apps in Windows client devices](../application-management/sideload-apps-in-windows-10.md)
+* [Sideload line of business (LOB) apps in Windows client devices](/windows/application-management/sideload-apps-in-windows-10.md)
 * [Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](deploy-windows-cm/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md)
 * [Deploy Windows 10 with the Microsoft Deployment Toolkit](./deploy-windows-mdt/prepare-for-windows-deployment-with-mdt.md)
 * [Windows Assessment and Deployment Kit (Windows ADK)](windows-adk-scenarios-for-it-pros.md)

From 781932aedec0439c8f14eb5008e1d45ce1596402 Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Thu, 24 Mar 2022 15:35:48 +0530
Subject: [PATCH 046/123] updated the warnings

---
 .../windows-10-deprecated-features.md         |  2 +-
 .../upgrade/resolution-procedures.md          | 32 +++++++++----------
 2 files changed, 17 insertions(+), 17 deletions(-)

diff --git a/windows/deployment/planning/windows-10-deprecated-features.md b/windows/deployment/planning/windows-10-deprecated-features.md
index 5643921704..96e006950e 100644
--- a/windows/deployment/planning/windows-10-deprecated-features.md
+++ b/windows/deployment/planning/windows-10-deprecated-features.md
@@ -46,7 +46,7 @@ The features described below are no longer being actively developed, and might b
 | Wi-Fi WEP and TKIP | Since the 1903 release, a warning message has appeared when connecting to Wi-Fi networks secured with WEP or TKIP (which are not as secure as those using WPA2 or WPA3). In a future release, any connection to a Wi-Fi network using these old ciphers will be disallowed. Wi-Fi routers should be updated to use AES ciphers, available with WPA2 or WPA3. | 1903 |
 | Windows To Go | Windows To Go is no longer being developed. <br><br>The feature does not support feature updates and therefore does not enable you to stay current. It also requires a specific type of USB that is no longer supported by many OEMs.|  1903 |
 | Print 3D app | Going forward, 3D Builder is the recommended 3D printing app. To 3D print objects on new Windows devices, customers must first install 3D Builder from the Store.| 1903 |
-|Companion device dynamic lock APIS|The companion device framework (CDF) APIs enable wearables and other devices to unlock a PC. In Windows 10, version 1709, we introduced [Dynamic Lock](../../security/identity-protection/hello-for-business/hello-feature-dynamic-lock.md), including an inbox method using Bluetooth to detect whether a user is present and lock or unlock the PC. Because of this, and because non-Microsoft partners didn't adopt the CDF method, we're no longer developing CDF Dynamic Lock APIs.| 1809 |
+|Companion device dynamic lock APIS|The companion device framework (CDF) APIs enable wearables and other devices to unlock a PC. In Windows 10, version 1709, we introduced [Dynamic Lock](/windows/security/identity-protection/hello-for-business/hello-feature-dynamic-lock.md), including an inbox method using Bluetooth to detect whether a user is present and lock or unlock the PC. Because of this, and because non-Microsoft partners didn't adopt the CDF method, we're no longer developing CDF Dynamic Lock APIs.| 1809 |
 |OneSync service|The OneSync service synchronizes data for the Mail, Calendar, and People apps. We've added a sync engine to the Outlook app that provides the same synchronization.| 1809 |
 |Snipping Tool|The Snipping Tool is an application included in Windows 10 that is used to capture screenshots, either the full screen or a smaller, custom "snip" of the screen. In Windows 10, version 1809, we're [introducing a new universal app, Snip & Sketch](https://blogs.windows.com/windowsexperience/2018/05/03/announcing-windows-10-insider-preview-build-17661/#8xbvP8vMO0lF20AM.97), that provides the same screen snipping abilities, as well as additional features. You can launch Snip & Sketch directly and start a snip from there, or just press WIN + Shift + S. Snip & Sketch can also be launched from the “Screen snip” button in the Action Center. We're no longer developing the Snipping Tool as a separate app but are instead consolidating its functionality into Snip & Sketch.| 1809 |
 |[Software Restriction Policies](/windows-server/identity/software-restriction-policies/software-restriction-policies) in Group Policy|Instead of using the Software Restriction Policies through Group Policy, you can use [AppLocker](/windows/security/threat-protection/applocker/applocker-overview) or [Windows Defender Application Control](/windows/security/threat-protection/windows-defender-application-control) to control which apps users can access and what code can run in the kernel.| 1803 |
diff --git a/windows/deployment/upgrade/resolution-procedures.md b/windows/deployment/upgrade/resolution-procedures.md
index 56d0212208..285c935ee6 100644
--- a/windows/deployment/upgrade/resolution-procedures.md
+++ b/windows/deployment/upgrade/resolution-procedures.md
@@ -34,7 +34,7 @@ A frequently observed [result code](upgrade-error-codes.md#result-codes) is 0xC1
 - Event logs: $Windows.~bt\Sources\Rollback\*.evtx
 - The device install log: $Windows.~bt\Sources\Rollback\setupapi\setupapi.dev.log
 
-The device install log is particularly helpful if rollback occurs during the sysprep operation (extend code 0x30018).  
+The device install log is helpful if rollback occurs during the sysprep operation (extend code 0x30018).  
 
 To resolve a rollback that was caused by driver conflicts, try running setup using a minimal set of drivers and startup programs by performing a [clean boot](https://support.microsoft.com/kb/929135) before initiating the upgrade process.
 
@@ -43,42 +43,42 @@ See the following general troubleshooting procedures associated with a result co
 
 | Code | Mitigation | Cause |
 | :---     |  :---  |  :--- |
-| 0xC1900101 - 0x20004   | Uninstall antivirus applications.<br>Remove all unused SATA devices. <br>Remove all unused devices and drivers. <br>Update drivers and BIOS.     | Windows Setup encountered an error during the SAFE_OS with the INSTALL_RECOVERY_ENVIRONMENT operation. <br>This is generally caused by out-of-date drivers.    |
-| 0xC1900101 - 0x2000c     | Disconnect all peripheral devices that are connected to the system, except for the mouse, keyboard and display.<br> Contact your hardware vendor to obtain updated device drivers.<br> Ensure that "Download and install updates (recommended)" is accepted at the start of the upgrade process.       | Windows Setup encountered an unspecified error during Wim apply in the WinPE phase.<br> This is generally caused by out-of-date drivers      |
-| 0xC1900101 - 0x20017 | Ensure that all that drivers are updated.<br>Open the Setuperr.log and Setupact.log files in the %windir%\Panther directory, and then locate the problem drivers.<br>For more information, see [Windows Vista, Windows 7, Windows Server 2008 R2, Windows 8.1, and Windows 10 setup log file locations](/troubleshoot/windows-client/deployment/windows-setup-log-file-locations).<br>Update or uninstall the problem drivers. | A driver has caused an illegal operation.<br>Windows was not able to migrate the driver, resulting in a rollback of the operating system.<br>This is a SafeOS boot failure, typically caused by drivers or non-Microsoft disk encryption software.<br>This can also be caused by a hardware failure. |
+| 0xC1900101 - 0x20004   | Uninstall antivirus applications.<br>Remove all unused SATA devices. <br>Remove all unused devices and drivers. <br>Update drivers and BIOS.     | Windows Setup encountered an error during the SAFE_OS with the INSTALL_RECOVERY_ENVIRONMENT operation. <br>This is caused by out-of-date drivers.    |
+| 0xC1900101 - 0x2000c     | Disconnect all peripheral devices that are connected to the system, except for the mouse, keyboard and display.<br> Contact your hardware vendor to obtain updated device drivers.<br> Ensure that "Download and install updates (recommended)" is accepted at the start of the upgrade process.       | Windows Setup encountered an unspecified error during Wim apply in the WinPE phase.<br> This is caused by out-of-date drivers      |
+| 0xC1900101 - 0x20017 | Ensure that all that drivers are updated.<br>Open the Setuperr.log and Setupact.log files in the %windir%\Panther directory, and then locate the problem drivers.<br>For more information, see [Windows Vista, Windows 7, Windows Server 2008 R2, Windows 8.1, and Windows 10 setup log file locations](/troubleshoot/windows-client/deployment/windows-setup-log-file-locations).<br>Update or uninstall the problem drivers. | A driver has caused an illegal operation.<br>Windows wasn't able to migrate the driver, resulting in a rollback of the operating system.<br>This is a SafeOS boot failure, typically caused by drivers or non-Microsoft disk encryption software.<br>This can also be caused by a hardware failure. |
 | 0xC1900101 - 0x30018 | Disconnect all peripheral devices that are connected to the system, except for the mouse, keyboard and display.<br>Contact your hardware vendor to obtain updated device drivers.<br>Ensure that &quot;Download and install updates (recommended)&quot; is accepted at the start of the upgrade process. | A device driver has stopped responding to setup.exe during the upgrade process. |
 | 0xC1900101 - 0x3000D | Disconnect all peripheral devices that are connected to the system, except for the mouse, keyboard and display.<br>Update or uninstall the display driver. | Installation failed during the FIRST_BOOT phase while attempting the MIGRATE_DATA operation.<br>This can occur due to a problem with a display driver. |
-| 0xC1900101 - 0x4000D | Check supplemental rollback logs for a setupmem.dmp file, or event logs for any unexpected reboots or errors.<br>Review the rollback log and determine the stop code.<br>The rollback log is located in the <strong>$Windows.~BT\Sources\Rollback</strong> folder.  An example analysis is shown below. This example is not representative of all cases:<br>&nbsp;<br>Info SP     Crash 0x0000007E detected<br>Info SP       Module name           :<br>Info SP       Bugcheck parameter 1  : 0xFFFFFFFFC0000005<br>Info SP       Bugcheck parameter 2  : 0xFFFFF8015BC0036A<br>Info SP       Bugcheck parameter 3  : 0xFFFFD000E5D23728<br>Info SP       Bugcheck parameter 4  : 0xFFFFD000E5D22F40<br>Info SP     Cannot recover the system.<br>Info SP     Rollback: Showing splash window with restoring text: Restoring your previous version of Windows.<br>&nbsp;<br>Typically, there is a dump file for the crash to analyze. If you are not equipped to debug the dump, then attempt the following basic troubleshooting procedures:<br>&nbsp;<br>1. Make sure you have enough disk space.<br>2. If a driver is identified in the bug check message, disable the driver or check with the manufacturer for driver updates.<br>3. Try changing video adapters.<br>4. Check with your hardware vendor for any BIOS updates.<br>5. Disable BIOS memory options such as caching or shadowing. | A rollback occurred due to a driver configuration issue.<br>Installation failed during the second boot phase while attempting the MIGRATE_DATA operation.<br>This can occur because of incompatible drivers. |
-| 0xC1900101 - 0x40017 | Clean boot into Windows, and then attempt the upgrade to Windows 10. For more information, see [How to perform a clean boot in Windows](https://support.microsoft.com/kb/929135).<br>Ensure that you select the option to "Download and install updates (recommended)."<br>&nbsp;<br><b>Computers that run Citrix VDA</b>  <br>You may see this message after you upgrade a computer from Windows 10, version 1511 to Windows 10, version 1607. After the second system restart, the system generates this error and then rolls back to the previous version. This problem has also been observed in upgrades to Windows 8.1 and Windows 8.  <br>&nbsp;<br>This problem occurs because the computer has Citrix Virtual Delivery Agent (VDA) installed. Citrix VDA installs device drivers and a file system filter driver (CtxMcsWbc). This Citrix filter driver prevents the upgrade from writing changes to the disk, so the upgrade cannot complete and the system rolls back.  <br>&nbsp;<br>**Resolution**<br>&nbsp;<br>To resolve this problem, install [Cumulative update for Windows 10 Version 1607 and Windows Server 2016: November 8, 2016](https://support.microsoft.com/help/3200970/cumulative-update-for-windows-10-version-1607-and-windows-server-2016).<br>&nbsp;<br>You can work around this problem in two ways:<br>&nbsp;<br>**Workaround 1**<br>&nbsp;<br>1. Use the VDA setup application (VDAWorkstationSetup_7.11) to uninstall Citrix VDA.<br>2. Run the Windows upgrade again.<br>3. Reinstall Citrix VDA.<br>&nbsp;<br>**Workaround 2**<br>&nbsp;<br>If you cannot uninstall Citrix VDA, follow these steps to work around this problem:  <br>&nbsp;<br>1. In Registry Editor, go to the following subkey:<br> **HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}\CtxMcsWbc**<br>2. Change the value of the **Start** entry from **0** to **4**. This change disables the Citrix MCS cache service.<br>3. Go to the following subkey:<br> **HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}**<br>4. Delete the **CtxMcsWbc** entry.<br>5. Restart the computer, and then try the upgrade again.<br>&nbsp;<br>**Non-Microsoft information disclaimer**  <br>The non-Microsoft products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products. | Windows 10 upgrade failed after the second reboot.<br>This is usually caused by a faulty driver. For example: antivirus filter drivers or encryption drivers. |
+| 0xC1900101 - 0x4000D | Check supplemental rollback logs for a setupmem.dmp file, or event logs for any unexpected reboots or errors.<br>Review the rollback log and determine the stop code.<br>The rollback log is located in the <strong>$Windows.~BT\Sources\Rollback</strong> folder.  An example analysis is shown below. This example isn't representative of all cases:<br>&nbsp;<br>Info SP     Crash 0x0000007E detected<br>Info SP       Module name           :<br>Info SP       Bugcheck parameter 1  : 0xFFFFFFFFC0000005<br>Info SP       Bugcheck parameter 2  : 0xFFFFF8015BC0036A<br>Info SP       Bugcheck parameter 3  : 0xFFFFD000E5D23728<br>Info SP       Bugcheck parameter 4  : 0xFFFFD000E5D22F40<br>Info SP     Can't recover the system.<br>Info SP     Rollback: Showing splash window with restoring text: Restoring your previous version of Windows.<br>&nbsp;<br>Typically, there's a dump file for the crash to analyze. If you aren't equipped to debug the dump, then attempt the following basic troubleshooting procedures:<br>&nbsp;<br>1. Make sure you have enough disk space.<br>2. If a driver is identified in the bug check message, disable the driver or check with the manufacturer for driver updates.<br>3. Try changing video adapters.<br>4. Check with your hardware vendor for any BIOS updates.<br>5. Disable BIOS memory options such as caching or shadowing. | A rollback occurred due to a driver configuration issue.<br>Installation failed during the second boot phase while attempting the MIGRATE_DATA operation.<br>This can occur because of incompatible drivers. |
+| 0xC1900101 - 0x40017 | Clean boot into Windows, and then attempt the upgrade to Windows 10. For more information, see [How to perform a clean boot in Windows](https://support.microsoft.com/kb/929135).<br>Ensure that you select the option to "Download and install updates (recommended)."<br>&nbsp;<br><b>Computers that run Citrix VDA</b>  <br>You may see this message after you upgrade a computer from Windows 10, version 1511 to Windows 10, version 1607. After the second system restart, the system generates this error and then rolls back to the previous version. This problem has also been observed in upgrades to Windows 8.1 and Windows 8.  <br>&nbsp;<br>This problem occurs because the computer has Citrix Virtual Delivery Agent (VDA) installed. Citrix VDA installs device drivers and a file system filter driver (CtxMcsWbc). This Citrix filter driver prevents the upgrade from writing changes to the disk, so the upgrade can't complete and the system rolls back.  <br>&nbsp;<br>**Resolution**<br>&nbsp;<br>To resolve this problem, install [Cumulative update for Windows 10 Version 1607 and Windows Server 2016: November 8, 2016](https://support.microsoft.com/help/3200970/cumulative-update-for-windows-10-version-1607-and-windows-server-2016).<br>&nbsp;<br>You can work around this problem in two ways:<br>&nbsp;<br>**Workaround 1**<br>&nbsp;<br>1. Use the VDA setup application (VDAWorkstationSetup_7.11) to uninstall Citrix VDA.<br>2. Run the Windows upgrade again.<br>3. Reinstall Citrix VDA.<br>&nbsp;<br>**Workaround 2**<br>&nbsp;<br>If you can't uninstall Citrix VDA, follow these steps to work around this problem:  <br>&nbsp;<br>1. In Registry Editor, go to the following subkey:<br> **HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}\CtxMcsWbc**<br>2. Change the value of the **Start** entry from **0** to **4**. This change disables the Citrix MCS cache service.<br>3. Go to the following subkey:<br> **HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}**<br>4. Delete the **CtxMcsWbc** entry.<br>5. Restart the computer, and then try the upgrade again.<br>&nbsp;<br>**Non-Microsoft information disclaimer**  <br>The non-Microsoft products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products. | Windows 10 upgrade failed after the second reboot.<br>This is caused by a faulty driver. For example: antivirus filter drivers or encryption drivers. |
 
 ## 0x800xxxxx
 
-Result codes that start with the digits 0x800 are also important to understand. These error codes indicate general operating system errors, and are not unique to the Windows upgrade process. Examples include timeouts, devices not functioning, and a process stopping unexpectedly.
+Result codes that start with the digits 0x800 are also important to understand. These error codes indicate general operating system errors, and aren't unique to the Windows upgrade process. Examples include timeouts, devices not functioning, and a process stopping unexpectedly.
 
 See the following general troubleshooting procedures associated with a result code of 0x800xxxxx:
 
 | Code | Mitigation | Cause |
 | :---     |  :---  |  :--- |
 | 80040005 - 0x20007     |  This error has more than one possible cause. Attempt [quick fixes](quick-fixes.md), and if not successful, [analyze log files](log-files.md#analyze-log-files) in order to determine the problem and solution.  |   An unspecified error occurred with a driver during the SafeOS phase.   |
-| 0x80073BC3 - 0x20009<br>0x80070002 - 0x20009<br>0x80073B92 - 0x20009     |  These errors occur during partition analysis and validation, and can be caused by the presence of multiple system partitions. For example, if you installed a new system drive but left the previous system drive connected, this can cause a conflict. To resolve the errors, disconnect or temporarily disable drives that contain the unused system partition. You can reconnect the drive after the upgrade has completed. Alternatively, you can delete the unused system partition.  |   The requested system device cannot be found, there is a sharing violation, or there are multiple devices matching the identification criteria.   |
+| 0x80073BC3 - 0x20009<br>0x80070002 - 0x20009<br>0x80073B92 - 0x20009     |  These errors occur during partition analysis and validation, and can be caused by the presence of multiple system partitions. For example, if you installed a new system drive but left the previous system drive connected, this can cause a conflict. To resolve the errors, disconnect or temporarily disable drives that contain the unused system partition. You can reconnect the drive after the upgrade has completed. Alternatively, you can delete the unused system partition.  |   The requested system device can't be found, there's a sharing violation, or there are multiple devices matching the identification criteria.   |
 | 800704B8 - 0x3001A   |  Disable or uninstall non-Microsoft antivirus applications, disconnect all unnecessary devices, and perform a [clean boot](https://support.microsoft.com/kb/929135).  |   An extended error has occurred during the first boot phase.   |
-| 8007042B - 0x4000D    |  [Analyze log files](log-files.md#analyze-log-files) in order to determine the file, application, or driver that is not able to be migrated. Disconnect, update, remove, or replace the device or object.  |   The installation failed during the second boot phase while attempting the MIGRATE_DATA operation.<br>This issue can occur due to file system, application, or driver issues.   |
-| 8007001F - 0x3000D    |  [Analyze log files](log-files.md#analyze-log-files) in order to determine the files or registry entries that are blocking data migration.<br>&nbsp;<br>This error can be due to a problem with user profiles. It can occur due to corrupt registry entries under **HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\ProfileList** or invalid files in the **\\Users** directory.<br>&nbsp;<br>**Note**: If a previous upgrade did not complete, invalid profiles might exist in the **Windows.old\\Users** directory.<br>&nbsp;<br>To repair this error, ensure that deleted accounts are not still present in the Windows registry and that files under the \\Users directory are valid. Delete the invalid files or user profiles that are causing this error. The specific files and profiles that are causing the error will be recorded in the Windows setup log files.|   The installation failed in the FIRST_BOOT phase with an error during MIGRATE_DATA operation.   |
-| 8007001F - 0x4000D     |  [Analyze log files](log-files.md#analyze-log-files) in order to determine the device that is not functioning properly. Disconnect, update, or replace the device.  |   General failure, a device attached to the system is not functioning.   |
+| 8007042B - 0x4000D    |  [Analyze log files](log-files.md#analyze-log-files) in order to determine the file, application, or driver that isn't able to be migrated. Disconnect, update, remove, or replace the device or object.  |   The installation failed during the second boot phase while attempting the MIGRATE_DATA operation.<br>This issue can occur due to file system, application, or driver issues.   |
+| 8007001F - 0x3000D    |  [Analyze log files](log-files.md#analyze-log-files) in order to determine the files or registry entries that are blocking data migration.<br>&nbsp;<br>This error can be due to a problem with user profiles. It can occur due to corrupt registry entries under **HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\ProfileList** or invalid files in the **\\Users** directory.<br>&nbsp;<br>**Note**: If a previous upgrade didn't complete, invalid profiles might exist in the **Windows.old\\Users** directory.<br>&nbsp;<br>To repair this error, ensure that deleted accounts aren't still present in the Windows registry and that files under the \\Users directory are valid. Delete the invalid files or user profiles that are causing this error. The specific files and profiles that are causing the error will be recorded in the Windows setup log files.|   The installation failed in the FIRST_BOOT phase with an error during MIGRATE_DATA operation.   |
+| 8007001F - 0x4000D     |  [Analyze log files](log-files.md#analyze-log-files) in order to determine the device that isn't functioning properly. Disconnect, update, or replace the device.  |   General failure, a device attached to the system isn't functioning.   |
 | 8007042B - 0x4001E   |  This error has more than one possible cause. Attempt [quick fixes](quick-fixes.md), and if not successful, [analyze log files](log-files.md#analyze-log-files) in order to determine the problem and solution.  |   The installation failed during the second boot phase while attempting the PRE_OOBE operation.   |
 
 ## Other result codes
 
 |Error code|Cause|Mitigation|
 |--- |--- |--- |
-|0xC1800118|WSUS has downloaded content that it cannot use due to a missing decryption key.|See [Steps to resolve error 0xC1800118](/archive/blogs/wsus/resolving-error-0xc1800118) for information.|
-|0xC1900200|Setup.exe has detected that the machine does not meet the minimum system requirements.|Ensure the system you are trying to upgrade meets the minimum system requirements. See [Windows 10 specifications](https://www.microsoft.com/windows/windows-10-specifications) for information.|
-|0x80090011|A device driver error occurred during user data migration.|Contact your hardware vendor and get all the device drivers updated. It is recommended to have an active internet connection during upgrade process.<p>Ensure that "Download and install updates (recommended)" is accepted at the start of the upgrade process.|
+|0xC1800118|WSUS has downloaded content that it can't use due to a missing decryption key.|See [Steps to resolve error 0xC1800118](/archive/blogs/wsus/resolving-error-0xc1800118) for information.|
+|0xC1900200|Setup.exe has detected that the machine doesn't meet the minimum system requirements.|Ensure the system you're trying to upgrade meets the minimum system requirements. See [Windows 10 specifications](https://www.microsoft.com/windows/windows-10-specifications) for information.|
+|0x80090011|A device driver error occurred during user data migration.|Contact your hardware vendor and get all the device drivers updated. It's recommended to have an active internet connection during upgrade process.<p>Ensure that "Download and install updates (recommended)" is accepted at the start of the upgrade process.|
 |0xC7700112|Failure to complete writing data to the system drive, possibly due to write access failure on the hard disk.|This issue is resolved in the latest version of Upgrade Assistant.<p>Ensure that "Download and install updates (recommended)" is accepted at the start of the upgrade process.|
 |0x80190001|An unexpected error was encountered while attempting to download files required for upgrade.|To resolve this issue, download and run the media creation tool. See [Download windows 10](https://www.microsoft.com/software-download/windows10).|
-|0x80246007|The update was not downloaded successfully.|Attempt other methods of upgrading the operating system.<p>Download and run the media creation tool. See [Download windows 10](https://www.microsoft.com/software-download/windows10).<p>Attempt to upgrade using .ISO or USB.<p> **Note:** Windows 10 Enterprise isn’t available in the media creation tool. For more information, go to the [Volume Licensing Service Center](https://www.microsoft.com/licensing/servicecenter/default.aspx).|
+|0x80246007|The update wasn't downloaded successfully.|Attempt other methods of upgrading the operating system.<p>Download and run the media creation tool. See [Download windows 10](https://www.microsoft.com/software-download/windows10).<p>Attempt to upgrade using .ISO or USB.<p> **Note:** Windows 10 Enterprise isn’t available in the media creation tool. For more information, go to the [Volume Licensing Service Center](https://www.microsoft.com/licensing/servicecenter/default.aspx).|
 |0x80244018|Your machine is connected through a proxy server.|Make sure Automatically Detect Settings is selected in internet options. (Control Panel > Internet Options > Connections > LAN Settings).|
-|0xC1900201|The system did not pass the minimum requirements to install the update.|Contact the hardware vendor to get the latest updates.|
+|0xC1900201|The system didn't pass the minimum requirements to install the update.|Contact the hardware vendor to get the latest updates.|
 |0x80240017|The upgrade is unavailable for this edition of Windows.|Administrative policies enforced by your organization might be preventing the upgrade. Contact your IT administrator.|
 |0x80070020|The existing process cannot access the file because it is being used by another process.|Use the MSCONFIG tool to perform a clean boot on the machine and then try to perform the update again. For more information, see [How to perform a clean boot in Windows](https://support.microsoft.com/kb/929135).|
 |0x80070522|The user doesn’t have required privilege or credentials to upgrade.|Ensure that you have signed in as a local administrator or have local administrator privileges.|

From 0e82aea2fd236f8897ac2925ee342662a1635d55 Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Thu, 24 Mar 2022 16:05:52 +0530
Subject: [PATCH 047/123] sheshachary-5714481-part-3

Updated the broken links
---
 browsers/internet-explorer/internet-explorer.yml     |  2 --
 .../deployment/windows-10-enterprise-e3-overview.md  |  2 +-
 .../windows-deployment-scenarios-and-tools.md        |  2 +-
 windows/whats-new/ltsc/whats-new-windows-10-2015.md  |  4 ++--
 windows/whats-new/ltsc/whats-new-windows-10-2016.md  | 12 ++++++------
 windows/whats-new/ltsc/whats-new-windows-10-2019.md  |  2 +-
 6 files changed, 11 insertions(+), 13 deletions(-)

diff --git a/browsers/internet-explorer/internet-explorer.yml b/browsers/internet-explorer/internet-explorer.yml
index 68b6be4505..27e231694f 100644
--- a/browsers/internet-explorer/internet-explorer.yml
+++ b/browsers/internet-explorer/internet-explorer.yml
@@ -46,8 +46,6 @@ landingContent:
             url: https://mva.microsoft.com/training-courses/getting-started-with-windows-10-for-it-professionals-10629?l=fCowqpy8_5905094681
           - text: 'Windows 10: Top Features for IT Pros'
             url: https://mva.microsoft.com/training-courses/windows-10-top-features-for-it-pros-16319?l=xBnT2ihhC_7306218965
-          - text: Manage and modernize Internet Explorer with Enterprise Mode
-            url: https://channel9.msdn.com/events/teched/newzealand/2014/pcit307
           - text: 'Virtual Lab: Enterprise Mode'
             url: https://www.microsoft.com/handsonlabs/SelfPacedLabs/?storyGuid=e4155067-2c7e-4b46-8496-eca38bedca02
 
diff --git a/windows/deployment/windows-10-enterprise-e3-overview.md b/windows/deployment/windows-10-enterprise-e3-overview.md
index 95e0124031..fca6734c29 100644
--- a/windows/deployment/windows-10-enterprise-e3-overview.md
+++ b/windows/deployment/windows-10-enterprise-e3-overview.md
@@ -132,7 +132,7 @@ Now that the devices have Windows 10/11 Enterprise, you can implement Device Gu
 
 For more information about implementing Device Guard, see:
 
-- [Planning and getting started on the Device Guard deployment process](https://technet.microsoft.com/itpro/windows/keep-secure/planning-and-getting-started-on-the-device-guard-deployment-process)
+- [Windows Defender Application Control and virtualization-based protection of code integrity](/windows/security/threat-protection/device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md)
 - [Device Guard deployment guide](/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide)
 
 ### AppLocker management
diff --git a/windows/deployment/windows-deployment-scenarios-and-tools.md b/windows/deployment/windows-deployment-scenarios-and-tools.md
index e38f173747..7f92f7c55f 100644
--- a/windows/deployment/windows-deployment-scenarios-and-tools.md
+++ b/windows/deployment/windows-deployment-scenarios-and-tools.md
@@ -201,7 +201,7 @@ For more information on MDT, see the [Microsoft Deployment Toolkit](/mem/configm
 ## Microsoft Security Compliance Manager 2013
 
 
-[Microsoft SCM](https://go.microsoft.com/fwlink/p/?LinkId=619246) is a free utility used to create baseline security settings for the Windows client and server environment. The baselines can be exported and then deployed via Group Policy, local policies, MDT, or Configuration Manager. The current version of Security Compliance Manager includes baselines for Windows 8.1 and several earlier versions of Windows, Windows Server, and Internet Explorer.
+[Microsoft SCM](https://www.microsoft.com/download/details.aspx?id=53353) is a free utility used to create baseline security settings for the Windows client and server environment. The baselines can be exported and then deployed via Group Policy, local policies, MDT, or Configuration Manager. The current version of Security Compliance Manager includes baselines for Windows 8.1 and several earlier versions of Windows, Windows Server, and Internet Explorer.
 
 ![The SCM console showing a baseline configuration for a fictional client's computer security compliance.](images/mdt-11-fig14.png)
 
diff --git a/windows/whats-new/ltsc/whats-new-windows-10-2015.md b/windows/whats-new/ltsc/whats-new-windows-10-2015.md
index 766f8e4345..2163c9e4fa 100644
--- a/windows/whats-new/ltsc/whats-new-windows-10-2015.md
+++ b/windows/whats-new/ltsc/whats-new-windows-10-2015.md
@@ -76,7 +76,7 @@ In Windows 10, security auditing has added some improvements:
 In Windows 10, two new audit subcategories were added to the Advanced Audit Policy Configuration to provide greater granularity in audit events:
 -   [Audit Group Membership](/windows/device-security/auditing/audit-group-membership) Found in the Logon/Logoff audit category, the Audit Group Membership subcategory allows you to audit the group membership information in a user's logon token. Events in this subcategory are generated when group memberships are enumerated or queried on the PC where the logon session was created. For an interactive logon, the security audit event is generated on the PC that the user logged on to. For a network logon, such as accessing a shared folder on the network, the security audit event is generated on the PC hosting the resource.
     When this setting is configured, one or more security audit events are generated for each successful logon. You must also enable the **Audit Logon** setting under **Advanced Audit Policy Configuration\\System Audit Policies\\Logon/Logoff**. Multiple events are generated if the group membership information cannot fit in a single security audit event.
--   [Audit PNP Activity](/windows/device-security/auditing/audit-pnp-activity) Found in the Detailed Tracking category, the Audit PNP Activity subcategory allows you to audit when plug and play detects an external device.
+-   [Audit PNP Activity](/windows/security/threat-protection/auditing/audit-pnp-activity.md) Found in the Detailed Tracking category, the Audit PNP Activity subcategory allows you to audit when plug and play detects an external device.
     Only Success audits are recorded for this category. If you do not configure this policy setting, no audit event is generated when an external device is detected by plug and play.
     A PnP audit event can be used to track down changes in system hardware and will be logged on the PC where the change took place. A list of hardware vendor IDs are included in the event.
 
@@ -165,7 +165,7 @@ Event ID 4826 has been added to track the following changes to the Boot Configur
 
 Event ID 6416 has been added to track when an external device is detected through Plug and Play. One important scenario is if an external device that contains malware is inserted into a high-value machine that doesn’t expect this type of action, such as a domain controller.
 
-[Learn how to manage your security audit policies within your organization](/windows/device-security/auditing/security-auditing-overview).
+[Learn how to manage your security audit policies within your organization](/windows/security/threat-protection/auditing/security-auditing-overview.md).
 
 ### Trusted Platform Module
 
diff --git a/windows/whats-new/ltsc/whats-new-windows-10-2016.md b/windows/whats-new/ltsc/whats-new-windows-10-2016.md
index 76b3dae302..354488f563 100644
--- a/windows/whats-new/ltsc/whats-new-windows-10-2016.md
+++ b/windows/whats-new/ltsc/whats-new-windows-10-2016.md
@@ -118,12 +118,12 @@ Windows Information Protection (WIP) helps to protect against this potential dat
 
 Several new features and management options have been added to Windows Defender in this version of Windows 10.
 
-- [Windows Defender Offline in Windows 10](/windows/threat-protection/microsoft-defender-antivirus/windows-defender-offline) can be run directly from within Windows, without having to create bootable media.
-- [Use PowerShell cmdlets for Windows Defender](/windows/threat-protection/microsoft-defender-antivirus/use-powershell-cmdlets-microsoft-defender-antivirus) to configure options and run scans.
-- [Enable the Block at First Sight feature in Windows 10](/windows/threat-protection/microsoft-defender-antivirus/configure-block-at-first-sight-microsoft-defender-antivirus) to leverage the Windows Defender cloud for near-instant protection against new malware.
-- [Configure enhanced notifications for Windows Defender in Windows 10](/windows/threat-protection/microsoft-defender-antivirus/configure-notifications-microsoft-defender-antivirus) to see more information about threat detections and removal.
-- [Run a Windows Defender scan from the command line](/windows/threat-protection/microsoft-defender-antivirus/command-line-arguments-microsoft-defender-antivirus).
-- [Detect and block Potentially Unwanted Applications with Windows Defender](/windows/threat-protection/microsoft-defender-antivirus/detect-block-potentially-unwanted-apps-microsoft-defender-antivirus) during download and install times.
+- [Windows Defender Offline in Windows 10](/microsoft-365/security/defender-endpoint/microsoft-defender-offline) can be run directly from within Windows, without having to create bootable media.
+- [Use PowerShell cmdlets for Windows Defender](/microsoft-365/security/defender-endpoint/use-powershell-cmdlets-microsoft-defender-antivirus) to configure options and run scans.
+- [Enable the Block at First Sight feature in Windows 10](/microsoft-365/security/defender-endpoint/configure-block-at-first-sight-microsoft-defender-antivirus) to leverage the Windows Defender cloud for near-instant protection against new malware.
+- [Configure enhanced notifications for Windows Defender in Windows 10](/microsoft-365/security/defender-endpoint/configure-notifications-microsoft-defender-antivirus) to see more information about threat detections and removal.
+- [Run a Windows Defender scan from the command line](/microsoft-365/security/defender-endpoint/command-line-arguments-microsoft-defender-antivirus).
+- [Detect and block Potentially Unwanted Applications with Windows Defender](/microsoft-365/security/defender-endpoint/detect-block-potentially-unwanted-apps-microsoft-defender-antivirus) during download and install times.
 
 ### Microsoft Defender for Endpoint
 
diff --git a/windows/whats-new/ltsc/whats-new-windows-10-2019.md b/windows/whats-new/ltsc/whats-new-windows-10-2019.md
index e906337f68..95920c2b66 100644
--- a/windows/whats-new/ltsc/whats-new-windows-10-2019.md
+++ b/windows/whats-new/ltsc/whats-new-windows-10-2019.md
@@ -200,7 +200,7 @@ New features in [Windows Hello for Business](/windows/security/identity-protecti
 
 - You can now reset a forgotten PIN without deleting company managed data or apps on devices managed by [Microsoft Intune](https://www.microsoft.com/cloud-platform/microsoft-intune).
 
-- For Windows desktops, users are able to reset a forgotten PIN through **Settings > Accounts > Sign-in options**. For more details, check out [What if I forget my PIN?](/windows/security/identity-protection/hello-for-business/hello-features#pin-reset).
+- For Windows desktops, users are able to reset a forgotten PIN through **Settings > Accounts > Sign-in options**. For more details, check out [What if I forget my PIN?](/windows/security/identity-protection/hello-for-business/hello-feature-pin-reset.md).
 
 [Windows Hello](/windows/security/identity-protection/hello-for-business/hello-features) now supports FIDO 2.0 authentication for Azure AD Joined Windows 10 devices and has enhanced support for shared devices, as described in [Kiosk configuration](#kiosk-configuration). 
 

From b3a19aad7971f307b6b7195916554473b94c8184 Mon Sep 17 00:00:00 2001
From: Robert Mazzoli <robmazz@microsoft.com>
Date: Thu, 24 Mar 2022 13:20:59 -0700
Subject: [PATCH 048/123] Purview rebranding updates

---
 education/windows/deploy-windows-10-in-a-school-district.md | 2 +-
 education/windows/deploy-windows-10-in-a-school.md          | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/education/windows/deploy-windows-10-in-a-school-district.md b/education/windows/deploy-windows-10-in-a-school-district.md
index 2c43aa28c6..263698f3e1 100644
--- a/education/windows/deploy-windows-10-in-a-school-district.md
+++ b/education/windows/deploy-windows-10-in-a-school-district.md
@@ -114,7 +114,7 @@ Office 365 Education allows:
 
 * Faculty to help prevent unauthorized users from accessing documents and email by using Microsoft Azure Rights Management.
 
-* Faculty to use advanced compliance tools on the unified eDiscovery pages in the Office 365 Compliance Center.
+* Faculty to use advanced compliance tools on the unified eDiscovery pages in the Microsoft Purview portal.
 
 * Faculty to host online classes, parent–teacher conferences, and other collaboration in Skype for Business.
 
diff --git a/education/windows/deploy-windows-10-in-a-school.md b/education/windows/deploy-windows-10-in-a-school.md
index c0e52a36d6..2f182e3c8f 100644
--- a/education/windows/deploy-windows-10-in-a-school.md
+++ b/education/windows/deploy-windows-10-in-a-school.md
@@ -74,7 +74,7 @@ Office 365 Education allows:
 - Students and faculty to use email and calendars, with mailboxes up to 50 GB per user.
 - Faculty to use advanced email features like email archiving and legal hold capabilities.
 - Faculty to help prevent unauthorized users from accessing documents and email by using Azure Rights Management.
-- Faculty to use advanced compliance tools on the unified eDiscovery pages in the Office 365 Compliance Center.
+- Faculty to use advanced compliance tools on the unified eDiscovery pages in the Microsoft Purview portal.
 - Faculty to host online classes, parent–teacher conferences, and other collaboration in Skype for Business or Skype.
 - Students and faculty to access up to 1 TB of personal cloud storage that users inside and outside the educational institution can share through OneDrive for Business.
 - Teachers to provide collaboration in the classroom through Microsoft SharePoint Online team sites.

From c038667431910c6ce22d6a4859ca0edaccc90ecc Mon Sep 17 00:00:00 2001
From: Siddarth Mandalika <v-smandalika@microsoft.com>
Date: Tue, 29 Mar 2022 17:18:17 +0530
Subject: [PATCH 049/123] Acrolinx enhancement effort

---
 .../mdm/policy-csp-admx-wcm.md                |  14 +-
 .../mdm/policy-csp-admx-wdi.md                |   8 +-
 .../mdm/policy-csp-admx-windowsexplorer.md    |  16 +-
 .../mdm/policy-csp-admx-windowsmediaplayer.md | 104 ++++++------
 .../mdm/policy-csp-admx-wininit.md            |  10 +-
 .../mdm/policy-csp-admx-winlogon.md           |  32 ++--
 .../mdm/policy-csp-admx-winsrv.md             |   4 +-
 .../mdm/policy-csp-admx-wlansvc.md            |   8 +-
 .../mdm/policy-csp-admx-workfoldersclient.md  |  10 +-
 .../mdm/policy-csp-admx-wpn.md                |  36 ++--
 .../mdm/policy-csp-applicationdefaults.md     |   2 +-
 .../mdm/policy-csp-applicationmanagement.md   |  24 +--
 .../mdm/policy-csp-appvirtualization.md       |  42 ++---
 .../mdm/policy-csp-attachmentmanager.md       |  14 +-
 .../client-management/mdm/policy-csp-audit.md | 156 +++++++++---------
 .../mdm/policy-csp-authentication.md          |  20 +--
 16 files changed, 250 insertions(+), 250 deletions(-)

diff --git a/windows/client-management/mdm/policy-csp-admx-wcm.md b/windows/client-management/mdm/policy-csp-admx-wcm.md
index a537a8e9f6..7af1124e31 100644
--- a/windows/client-management/mdm/policy-csp-admx-wcm.md
+++ b/windows/client-management/mdm/policy-csp-admx-wcm.md
@@ -68,9 +68,9 @@ manager: dansimp
 <!--Description-->
 This policy setting specifies that power management is disabled when the machine enters connected standby mode.
 
-If this policy setting is enabled, Windows Connection Manager does not manage adapter radios to reduce power consumption when the machine enters connected standby mode.
+If this policy setting is enabled, Windows Connection Manager doesn't manage adapter radios to reduce power consumption when the machine enters connected standby mode.
 
-If this policy setting is not configured or is disabled, power management is enabled when the machine enters connected standby mode.
+If this policy setting isn't configured or is disabled, power management is enabled when the machine enters connected standby mode.
 
 <!--/Description-->
 
@@ -121,9 +121,9 @@ When soft disconnect is enabled:
 
 - When Windows decides that the computer should no longer be connected to a network, it waits for traffic to settle on that network. The existing TCP session will continue uninterrupted.
 - Windows then checks the traffic level on the network periodically. If the traffic level is above a certain threshold, no further action is taken. The computer stays connected to the network and continues to use it. For example, if the network connection is currently being used to download files from the Internet, the files will continue to be downloaded using that network connection.
-- When the network traffic drops below this threshold, the computer will be disconnected from the network. Apps that keep a network connection active even when they’re not actively using it (for example, email apps) might lose their connection. If this happens, these apps should re-establish their connection over a different network.
+- When the network traffic drops below this threshold, the computer will be disconnected from the network. Apps that keep a network connection active even when they’re not actively using it (for example, email apps) might lose their connection. If this connection loss happens, these apps should re-establish their connection over a different network.
 
-This policy setting depends on other group policy settings. For example, if 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is disabled, Windows will not disconnect from any networks.
+This policy setting depends on other group policy settings. For example, if 'Minimize the number of simultaneous connections to the Internet or a Windows Domain' is disabled, Windows won't disconnect from any networks.
 
 <!--/Description-->
 
@@ -167,9 +167,9 @@ ADMX Info:
 <!--Description-->
 This policy setting determines if a computer can have multiple connections to the internet or to a Windows domain. If multiple connections are allowed, it then determines how network traffic will be routed.
 
-If this policy setting is set to 0, a computer can have simultaneous connections to the internet, to a Windows domain, or to both. Internet traffic can be routed over any connection - including a cellular connection and any metered network. This was previously the Disabled state for this policy setting. This option was first available in Windows 8.
-
-If this policy setting is set to 1, any new automatic internet connection is blocked when the computer has at least one active internet connection to a preferred type of network. Here's the order of preference (from most preferred to least preferred): Ethernet, WLAN, then cellular. Ethernet is always preferred when connected. Users can still manually connect to any network. This was previously the Enabled state for this policy setting. This option was first available in Windows 8.
+If this policy setting is set to 0, a computer can have simultaneous connections to the internet, to a Windows domain, or to both. Internet traffic can be routed over any connection - including a cellular connection and any metered network. This value of 0 was previously the "Disabled" state for this policy setting. This option was first available in Windows 8.
+    
+If this policy setting is set to 1, any new automatic internet connection is blocked when the computer has at least one active internet connection to a preferred type of network. Here's the order of preference (from most preferred to least preferred): Ethernet, WLAN, then cellular. Ethernet is always preferred when connected. Users can still manually connect to any network. This value of 1 was previously the "Enabled" state for this policy setting. This option was first available in Windows 8.
 
 If this policy setting is set to 2, the behavior is similar to 1. However, if a cellular data connection is available, it will always stay connected for services that require a cellular connection. When the user is connected to a WLAN or Ethernet connection, no internet traffic will be routed over the cellular connection. This option was first available in Windows 10 (Version 1703).
 
diff --git a/windows/client-management/mdm/policy-csp-admx-wdi.md b/windows/client-management/mdm/policy-csp-admx-wdi.md
index b5b0b84748..a4a59c9cbd 100644
--- a/windows/client-management/mdm/policy-csp-admx-wdi.md
+++ b/windows/client-management/mdm/policy-csp-admx-wdi.md
@@ -66,10 +66,10 @@ manager: dansimp
 <!--Description-->
 This policy setting determines the data retention limit for Diagnostic Policy Service (DPS) scenario data.  
 - If you enable this policy setting, you must enter the maximum size of scenario data that should be retained in megabytes. Detailed troubleshooting data related to scenarios will be retained until this limit is reached.  
-- If you disable or do not configure this policy setting, the DPS deletes scenario data once it exceeds 128 megabytes in size.  
+- If you disable or don't configure this policy setting, the DPS deletes scenario data once it exceeds 128 megabytes in size.  
 No reboots or service restarts are required for this policy setting to take effect: changes take effect immediately.  
 This policy setting will only take effect when the Diagnostic Policy Service is in the running state.  
-When the service is stopped or disabled, diagnostic scenario data will not be deleted.  
+When the service is stopped or disabled, diagnostic scenario data won't be deleted.  
 The DPS can be configured with the Services snap-in to the Microsoft Management Console.
 
 <!--/Description-->
@@ -117,9 +117,9 @@ This policy setting determines the execution level for Diagnostic Policy Service
 
 If you select problem detection and troubleshooting only, the DPS will detect problems and attempt to determine their root causes. These root causes will be logged to the event log when detected, but no corrective action will be taken. If you select detection, troubleshooting and resolution, the DPS will attempt to automatically fix problems it detects or indicate to the user that assisted resolution is available.  
 
-- If you disable this policy setting, Windows cannot detect, troubleshoot, or resolve any problems that are handled by the DPS. 
+- If you disable this policy setting, Windows can't detect, troubleshoot, or resolve any problems that are handled by the DPS. 
 
-If you do not configure this policy setting, the DPS enables all scenarios for resolution by default, unless you configure separate scenario-specific policy settings. This policy setting takes precedence over any scenario-specific policy settings when it is enabled or disabled.  Scenario-specific policy settings only take effect if this policy setting is not configured. No reboots or service restarts are required for this policy setting to take effect: changes take effect immediately.
+If you don't configure this policy setting, the DPS enables all scenarios for resolution by default, unless you configure separate scenario-specific policy settings. This policy setting takes precedence over any scenario-specific policy settings when it's enabled or disabled.  Scenario-specific policy settings only take effect if this policy setting isn't configured. No reboots or service restarts are required for this policy setting to take effect: changes take effect immediately.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-windowsexplorer.md b/windows/client-management/mdm/policy-csp-admx-windowsexplorer.md
index 3046a4d8ab..b47eb8adc5 100644
--- a/windows/client-management/mdm/policy-csp-admx-windowsexplorer.md
+++ b/windows/client-management/mdm/policy-csp-admx-windowsexplorer.md
@@ -274,7 +274,7 @@ manager: dansimp
 <!--Description-->
 This policy setting allows you to prevent data loss when you change the target location for Folder Redirection, and the new and old targets point to the same network share, but have different network paths.
 
-If you enable this policy setting, Folder Redirection creates a temporary file in the old location in order to verify that new and old locations point to the same network share. If both new and old locations point to the same share, the target path is updated and files are not copied or deleted. The temporary file is deleted.
+If you enable this policy setting, Folder Redirection creates a temporary file in the old location in order to verify that new and old locations point to the same network share. If both new and old locations point to the same share, the target path is updated and files aren't copied or deleted. The temporary file is deleted.
 
 If you disable or do not configure this policy setting, Folder Redirection does not create a temporary file and functions as if both new and old locations point to different shares when their network paths are different.
 
@@ -2106,7 +2106,7 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to turn off caching of thumbnail pictures.
 
-If you enable this policy setting, thumbnail views are not cached.
+If you enable this policy setting, thumbnail views aren't cached.
 
 If you disable or do not configure this policy setting, thumbnail views are cached.
 
@@ -2859,13 +2859,13 @@ ADMX Info:
 <!--Description-->
 Prevents users from submitting alternate logon credentials to install a program.
 
-This setting suppresses the "Install Program As Other User" dialog box for local and network installations. This dialog box, which prompts the current user for the user name and password of an administrator, appears when users who are not administrators try to install programs locally on their computers. This setting allows administrators who have logged on as regular users to install programs without logging off and logging on again using their administrator credentials.
+This setting suppresses the "Install Program As Other User" dialog box for local and network installations. This dialog box, which prompts the current user for the user name and password of an administrator, appears when users who aren't administrators try to install programs locally on their computers. This setting allows administrators who have logged on as regular users to install programs without logging off and logging on again using their administrator credentials.
 
 Many programs can be installed only by an administrator. If you enable this setting and a user does not have sufficient permissions to install a program, the installation continues with the current user's logon credentials. As a result, the installation might fail, or it might complete but not include all features. Or, it might appear to complete successfully, but the installed program might not operate correctly.
 
 If you disable this setting or do not configure it, the "Install Program As Other User" dialog box appears whenever users install programs locally on the computer.
 
-By default, users are not prompted for alternate logon credentials when installing programs from a network share. If enabled, this setting overrides the "Request credentials for network installations" setting.
+By default, users aren't prompted for alternate logon credentials when installing programs from a network share. If enabled, this setting overrides the "Request credentials for network installations" setting.
 
 <!--/Description-->
 
@@ -3350,10 +3350,10 @@ If you disable this setting or do not configure it, this dialog box appears only
 
 The "Install Program as Other User" dialog box prompts the current user for the user name and password of an administrator. This setting allows administrators who have logged on as regular users to install programs without logging off and logging on again using their administrator credentials.
 
-If the dialog box does not appear, the installation proceeds with the current user's permissions. If these permissions are not sufficient, the installation might fail, or it might complete but not include all features. Or, it might appear to complete successfully, but the installed program might not operate correctly.
+If the dialog box does not appear, the installation proceeds with the current user's permissions. If these permissions aren't sufficient, the installation might fail, or it might complete but not include all features. Or, it might appear to complete successfully, but the installed program might not operate correctly.
 
 > [!NOTE]
-> If it is enabled, the "Do not request alternate credentials" setting takes precedence over this setting. When that setting is enabled, users are not prompted for alternate logon credentials on any installation.
+> If it is enabled, the "Do not request alternate credentials" setting takes precedence over this setting. When that setting is enabled, users aren't prompted for alternate logon credentials on any installation.
 
 <!--/Description-->
 
@@ -3444,7 +3444,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to configure the amount of functionality that the shell protocol can have. When using the full functionality of this protocol, applications can open folders and launch files. The protected mode reduces the functionality of this protocol allowing applications to only open a limited set of folders. Applications are not able to open files with this protocol when it is in the protected mode. It is recommended to leave this protocol in the protected mode to increase the security of Windows.
+This policy setting allows you to configure the amount of functionality that the shell protocol can have. When using the full functionality of this protocol, applications can open folders and launch files. The protected mode reduces the functionality of this protocol allowing applications to only open a limited set of folders. Applications aren't able to open files with this protocol when it is in the protected mode. It is recommended to leave this protocol in the protected mode to increase the security of Windows.
 
 If you enable this policy setting the protocol is fully enabled, allowing the opening of folders and files.
 
@@ -3492,7 +3492,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to configure the amount of functionality that the shell protocol can have. When using the full functionality of this protocol, applications can open folders and launch files. The protected mode reduces the functionality of this protocol allowing applications to only open a limited set of folders. Applications are not able to open files with this protocol when it is in the protected mode. It is recommended to leave this protocol in the protected mode to increase the security of Windows.
+This policy setting allows you to configure the amount of functionality that the shell protocol can have. When using the full functionality of this protocol, applications can open folders and launch files. The protected mode reduces the functionality of this protocol allowing applications to only open a limited set of folders. Applications aren't able to open files with this protocol when it is in the protected mode. It is recommended to leave this protocol in the protected mode to increase the security of Windows.
 
 If you enable this policy setting the protocol is fully enabled, allowing the opening of folders and files.
 
diff --git a/windows/client-management/mdm/policy-csp-admx-windowsmediaplayer.md b/windows/client-management/mdm/policy-csp-admx-windowsmediaplayer.md
index 07a9a6b53d..c4325fa43a 100644
--- a/windows/client-management/mdm/policy-csp-admx-windowsmediaplayer.md
+++ b/windows/client-management/mdm/policy-csp-admx-windowsmediaplayer.md
@@ -130,13 +130,13 @@ If you enable this policy setting, select one of the following proxy types:
 
 If the Custom proxy type is selected, the rest of the options on the Setting tab must be specified because no default settings are used for the proxy. The options are ignored if Autodetect or Browser is selected.
 
-The Configure button on the Network tab in the Player is not available for the HTTP protocol and the proxy cannot be configured. If the "Hide network tab" policy setting is also enabled, the entire Network tab is hidden.
+The Configure button on the Network tab in the Player isn't available for the HTTP protocol and the proxy can't be configured. If the "Hide network tab" policy setting is also enabled, the entire Network tab is hidden.
 
-This policy is ignored if the "Streaming media protocols" policy setting is enabled and HTTP is not selected.
+This policy is ignored if the "Streaming media protocols" policy setting is enabled and HTTP isn't selected.
 
-If you disable this policy setting, the HTTP proxy server cannot be used and the user cannot configure the HTTP proxy.
+If you disable this policy setting, the HTTP proxy server can't be used and the user can't configure the HTTP proxy.
 
-If you do not configure this policy setting, users can configure the HTTP proxy settings.
+If you don't configure this policy setting, users can configure the HTTP proxy settings.
 
 <!--/Description-->
 
@@ -187,13 +187,13 @@ If you enable this policy setting, select one of the following proxy types:
 
 If the Custom proxy type is selected, the rest of the options on the Setting tab must be specified; otherwise, the default settings are used. The options are ignored if Autodetect is selected.
 
-The Configure button on the Network tab in the Player is not available and the protocol cannot be configured. If the "Hide network tab" policy setting is also enabled, the entire Network tab is hidden.
+The Configure button on the Network tab in the Player isn't available and the protocol can't be configured. If the "Hide network tab" policy setting is also enabled, the entire Network tab is hidden.
 
-This policy setting is ignored if the "Streaming media protocols" policy setting is enabled and Multicast is not selected.
+This policy setting is ignored if the "Streaming media protocols" policy setting is enabled and Multicast isn't selected.
 
-If you disable this policy setting, the MMS proxy server cannot be used and users cannot configure the MMS proxy settings.
+If you disable this policy setting, the MMS proxy server can't be used and users can't configure the MMS proxy settings.
 
-If you do not configure this policy setting, users can configure the MMS proxy settings.
+If you don't configure this policy setting, users can configure the MMS proxy settings.
 
 <!--/Description-->
 
@@ -244,11 +244,11 @@ If you enable this policy setting, select one of the following proxy types:
 
 If the Custom proxy type is selected, the rest of the options on the Setting tab must be specified; otherwise, the default settings are used. The options are ignored if Autodetect is selected.
 
-The Configure button on the Network tab in the Player is not available and the protocol cannot be configured. If the "Hide network tab" policy setting is also enabled, the entire Network tab is hidden.
+The Configure button on the Network tab in the Player isn't available and the protocol can't be configured. If the "Hide network tab" policy setting is also enabled, the entire Network tab is hidden.
 
-If you disable this policy setting, the RTSP proxy server cannot be used and users cannot change the RTSP proxy settings.
+If you disable this policy setting, the RTSP proxy server can't be used and users can't change the RTSP proxy settings.
 
-If you do not configure this policy setting, users can configure the RTSP proxy settings.
+If you don't configure this policy setting, users can configure the RTSP proxy settings.
 
 <!--/Description-->
 
@@ -294,9 +294,9 @@ This policy setting allows you to turn off do not show first use dialog boxes.
 
 If you enable this policy setting, the Privacy Options and Installation Options dialog boxes are prevented from being displayed the first time a user starts Windows Media Player.
 
-This policy setting prevents the dialog boxes which allow users to select privacy, file types, and other desktop options from being displayed when the Player is first started. Some of the options can be configured by using other Windows Media Player group policies.
+This policy setting prevents the dialog boxes that allow users to select privacy, file types, and other desktop options from being displayed when the Player is first started. Some of the options can be configured by using other Windows Media Player group policies.
 
-If you disable or do not configure this policy setting, the dialog boxes are displayed when the user starts the Player for the first time.
+If you disable or don't configure this policy setting, the dialog boxes are displayed when the user starts the Player for the first time.
 
 <!--/Description-->
 
@@ -342,7 +342,7 @@ This policy setting allows you to hide the Network tab.
 
 If you enable this policy setting, the Network tab in Windows Media Player is hidden. The default network settings are used unless the user has previously defined network settings for the Player.
 
-If you disable or do not configure this policy setting, the Network tab appears and users can use it to configure network settings.
+If you disable or don't configure this policy setting, the Network tab appears and users can use it to configure network settings.
 
 <!--/Description-->
 
@@ -386,11 +386,11 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to prevent the anchor window from being displayed when Windows Media Player is in skin mode.
 
-If you enable this policy setting, the anchor window is hidden when the Player is in skin mode. In addition, the option on the Player tab in the Player that enables users to choose whether the anchor window displays is not available.
+If you enable this policy setting, the anchor window is hidden when the Player is in skin mode. In addition, the option on the Player tab in the Player that enables users to choose whether the anchor window displays isn't available.
 
-If you disable or do not configure this policy setting, users can show or hide the anchor window when the Player is in skin mode by using the Player tab in the Player.
+If you disable or don't configure this policy setting, users can show or hide the anchor window when the Player is in skin mode by using the Player tab in the Player.
 
-If you do not configure this policy setting, and the "Set and lock skin" policy setting is enabled, some options in the anchor window are not available.
+If you don't configure this policy setting, and the "Set and lock skin" policy setting is enabled, some options in the anchor window aren't available.
 
 <!--/Description-->
 
@@ -434,11 +434,11 @@ ADMX Info:
 <!--Description-->
 This policy setting prevents the anchor window from being displayed when Windows Media Player is in skin mode.
 
-This policy hides the anchor window when the Player is in skin mode. In addition, the option on the Player tab in the Player that enables users to choose whether the anchor window displays is not available.
+This policy hides the anchor window when the Player is in skin mode. In addition, the option on the Player tab in the Player that enables users to choose whether the anchor window displays isn't available.
 
-When this policy is not configured or disabled, users can show or hide the anchor window when the Player is in skin mode by using the Player tab in the Player.
+When this policy isn't configured or disabled, users can show or hide the anchor window when the Player is in skin mode by using the Player tab in the Player.
 
-When this policy is not configured and the Set and Lock Skin policy is enabled, some options in the anchor window are not available.
+When this policy isn't configured and the Set and Lock Skin policy is enabled, some options in the anchor window aren't available.
 
 <!--/Description-->
 
@@ -482,11 +482,11 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to prevent video smoothing from occurring.
 
-If you enable this policy setting, video smoothing is prevented, which can improve video playback on computers with limited resources. In addition, the Use Video Smoothing check box in the Video Acceleration Settings dialog box in the Player is cleared and is not available.
+If you enable this policy setting, video smoothing is prevented, which can improve video playback on computers with limited resources. In addition, the Use Video Smoothing check box in the Video Acceleration Settings dialog box in the Player is cleared and isn't available.
 
-If you disable this policy setting, video smoothing occurs if necessary, and the Use Video Smoothing check box is selected and is not available.
+If you disable this policy setting, video smoothing occurs if necessary, and the Use Video Smoothing check box is selected and isn't available.
 
-If you do not configure this policy setting, video smoothing occurs if necessary. Users can change the setting for the Use Video Smoothing check box.
+If you don't configure this policy setting, video smoothing occurs if necessary. Users can change the setting for the Use Video Smoothing check box.
 
 Video smoothing is available only on the Windows XP Home Edition and Windows XP Professional operating systems.
 
@@ -532,11 +532,11 @@ ADMX Info:
 <!--Description-->
 This policy setting allows a screen saver to interrupt playback.
 
-If you enable this policy setting, a screen saver is displayed during playback of digital media according to the options selected on the Screen Saver tab in the Display Properties dialog box in Control Panel. The Allow screen saver during playback check box on the Player tab in the Player is selected and is not available.
+If you enable this policy setting, a screen saver is displayed during playback of digital media according to the options selected on the Screen Saver tab in the Display Properties dialog box in Control Panel. The Allow screen saver during playback check box on the Player tab in the Player is selected and isn't available.
 
-If you disable this policy setting, a screen saver does not interrupt playback even if users have selected a screen saver. The Allow screen saver during playback check box is cleared and is not available.
+If you disable this policy setting, a screen saver doesn't interrupt playback even if users have selected a screen saver. The Allow screen saver during playback check box is cleared and isn't available.
 
-If you do not configure this policy setting, users can change the setting for the Allow screen saver during playback check box.
+If you don't configure this policy setting, users can change the setting for the Allow screen saver during playback check box.
 
 <!--/Description-->
 
@@ -584,7 +584,7 @@ If you enable this policy setting, the "Update my music files (WMA and MP3 files
 
 The default privacy settings are used for the options on the Privacy tab unless the user changed the settings previously.
 
-If you disable or do not configure this policy setting, the Privacy tab is not hidden, and users can configure any privacy settings not configured by other polices.
+If you disable or don't configure this policy setting, the Privacy tab isn't hidden, and users can configure any privacy settings not configured by other policies.
 
 <!--/Description-->
 
@@ -630,7 +630,7 @@ This policy setting allows you to hide the Security tab in Windows Media Player.
 
 If you enable this policy setting, the default security settings for the options on the Security tab are used unless the user changed the settings previously. Users can still change security and zone settings by using Internet Explorer unless these settings have been hidden or disabled by Internet Explorer policies.
 
-If you disable or do not configure this policy setting, users can configure the security settings on the Security tab.
+If you disable or don't configure this policy setting, users can configure the security settings on the Security tab.
 
 <!--/Description-->
 
@@ -674,14 +674,14 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to specify whether network buffering uses the default or a specified number of seconds.
 
-If you enable this policy setting, select one of the following options to specify the number of seconds streaming media is buffered before it is played.
+If you enable this policy setting, select one of the following options to specify the number of seconds streaming media is buffered before it's played.
 
 - Custom: the number of seconds, up to 60, that streaming media is buffered.
 - Default: default network buffering is used and the number of seconds that is specified is ignored.
 
-The "Use default buffering" and "Buffer" options on the Performance tab in the Player are not available.
+The "Use default buffering" and "Buffer" options on the Performance tab in the Player aren't available.
 
-If you disable or do not configure this policy setting, users can change the buffering options on the Performance tab.
+If you disable or don't configure this policy setting, users can change the buffering options on the Performance tab.
 
 <!--/Description-->
 
@@ -725,11 +725,11 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to prevent Windows Media Player from downloading codecs.
 
-If you enable this policy setting, the Player is prevented from automatically downloading codecs to your computer. In addition, the Download codecs automatically check box on the Player tab in the Player is not available.
+If you enable this policy setting, the Player is prevented from automatically downloading codecs to your computer. In addition, the Download codecs automatically check box on the Player tab in the Player isn't available.
 
-If you disable this policy setting, codecs are automatically downloaded and the Download codecs automatically check box is not available.
+If you disable this policy setting, codecs are automatically downloaded and the Download codecs automatically check box isn't available.
 
-If you do not configure this policy setting, users can change the setting for the Download codecs automatically check box.
+If you don't configure this policy setting, users can change the setting for the Download codecs automatically check box.
 
 <!--/Description-->
 
@@ -773,9 +773,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to prevent media information for CDs and DVDs from being retrieved from the Internet.
 
-If you enable this policy setting, the Player is prevented from automatically obtaining media information from the Internet for CDs and DVDs played by users. In addition, the Retrieve media information for CDs and DVDs from the Internet check box on the Privacy Options tab in the first use dialog box and on the Privacy tab in the Player are not selected and are not available.
+If you enable this policy setting, the Player is prevented from automatically obtaining media information from the Internet for CDs and DVDs played by users. In addition, the Retrieve media information for CDs and DVDs from the Internet check box on the Privacy Options tab in the first use dialog box and on the Privacy tab in the Player aren't selected and aren't available.
 
-If you disable or do not configure this policy setting, users can change the setting of the Retrieve media information for CDs and DVDs from the Internet check box.
+If you disable or don't configure this policy setting, users can change the setting of the Retrieve media information for CDs and DVDs from the Internet check box.
 
 <!--/Description-->
 
@@ -821,7 +821,7 @@ This policy setting allows you to prevent media sharing from Windows Media Playe
 
 If you enable this policy setting, any user on this computer is prevented from sharing digital media content from Windows Media Player with other computers and devices that are on the same network. Media sharing is disabled from Windows Media Player or from programs that depend on the Player's media sharing feature.
 
-If you disable or do not configure this policy setting, anyone using Windows Media Player can turn media sharing on or off.
+If you disable or don't configure this policy setting, anyone using Windows Media Player can turn media sharing on or off.
 
 <!--/Description-->
 
@@ -865,9 +865,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to prevent media information for music files from being retrieved from the Internet.
 
-If you enable this policy setting, the Player is prevented from automatically obtaining media information for music files such as Windows Media Audio (WMA) and MP3 files from the Internet. In addition, the Update my music files (WMA and MP3 files) by retrieving missing media information from the Internet check box in the first use dialog box and on the Privacy and Media Library tabs in the Player are not selected and are not available.
+If you enable this policy setting, the Player is prevented from automatically obtaining media information for music files such as Windows Media Audio (WMA) and MP3 files from the Internet. In addition, the Update my music files (WMA and MP3 files) by retrieving missing media information from the Internet check box in the first use dialog box and on the Privacy and Media Library tabs in the Player aren't selected and aren't available.
 
-If you disable or do not configure this policy setting, users can change the setting of the Update my music files (WMA and MP3 files) by retrieving missing media information from the Internet check box.
+If you disable or don't configure this policy setting, users can change the setting of the Update my music files (WMA and MP3 files) by retrieving missing media information from the Internet check box.
 
 <!--/Description-->
 
@@ -911,9 +911,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to prevent a shortcut for the Player from being added to the Quick Launch bar.
 
-If you enable this policy setting, the user cannot add the shortcut for the Player to the Quick Launch bar.
+If you enable this policy setting, the user can't add the shortcut for the Player to the Quick Launch bar.
 
-If you disable or do not configure this policy setting, the user can choose whether to add the shortcut for the Player to the Quick Launch bar.
+If you disable or don't configure this policy setting, the user can choose whether to add the shortcut for the Player to the Quick Launch bar.
 
 <!--/Description-->
 
@@ -956,9 +956,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to prevent radio station presets from being retrieved from the Internet.
 
-If you enable this policy setting, the Player is prevented from automatically retrieving radio station presets from the Internet and displaying them in Media Library. In addition, presets that exist before the policy is configured are not be updated, and presets a user adds are not be displayed.
+If you enable this policy setting, the Player is prevented from automatically retrieving radio station presets from the Internet and displaying them in Media Library. In addition, presets that exist before the policy is configured aren't updated, and the presets that a user adds aren't displayed.
 
-If you disable or do not configure this policy setting, the Player automatically retrieves radio station presets from the Internet.
+If you disable or don't configure this policy setting, the Player automatically retrieves radio station presets from the Internet.
 
 <!--/Description-->
 
@@ -1002,9 +1002,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to prevent a shortcut icon for the Player from being added to the user's desktop.
 
-If you enable this policy setting, users cannot add the Player shortcut icon to their desktops.
+If you enable this policy setting, users can't add the Player shortcut icon to their desktops.
 
-If you disable or do not configure this policy setting, users can choose whether to add the Player shortcut icon to their desktops.
+If you disable or don't configure this policy setting, users can choose whether to add the Player shortcut icon to their desktops.
 
 <!--/Description-->
 
@@ -1050,11 +1050,11 @@ This policy setting allows you to set and lock Windows Media Player in skin mode
 
 If you enable this policy setting, the Player displays only in skin mode using the skin specified in the Skin box on the Setting tab.
 
-You must use the complete file name for the skin (for example, skin_name.wmz), and the skin must be installed in the %programfiles%\Windows Media Player\Skins Folder on a user's computer. If the skin is not installed on a user's computer, or if the Skin box is blank, the Player opens by using the Corporate skin. The only way to specify the Corporate skin is to leave the Skin box blank.
+You must use the complete file name for the skin (for example, skin_name.wmz), and the skin must be installed in the %programfiles%\Windows Media Player\Skins Folder on a user's computer. If the skin isn't installed on a user's computer, or if the Skin box is blank, the Player opens by using the Corporate skin. The only way to specify the Corporate skin is to leave the Skin box blank.
 
-A user has access only to the Player features that are available with the specified skin. Users cannot switch the Player to full mode and cannot choose a different skin.
+A user has access only to the Player features that are available with the specified skin. Users can't switch the Player to full mode and can't choose a different skin.
 
-If you disable or do not configure this policy setting, users can display the Player in full or skin mode and have access to all available features of the Player.
+If you disable or don't configure this policy setting, users can display the Player in full or skin mode and have access to all available features of the Player.
 
 <!--/Description-->
 
@@ -1098,13 +1098,13 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to specify that Windows Media Player can attempt to use selected protocols when receiving streaming media from a server running Windows Media Services.
 
-If you enable this policy setting, the protocols that are selected on the Network tab of the Player are used to receive a stream initiated through an MMS or RTSP URL from a Windows Media server. If the RSTP/UDP check box is selected, a user can specify UDP ports in the Use ports check box. If the user does not specify UDP ports, the Player uses default ports when using the UDP protocol. This policy setting also specifies that multicast streams can be received if the "Allow the Player to receive multicast streams" check box on the Network tab is selected.
+If you enable this policy setting, the protocols that are selected on the Network tab of the Player are used to receive a stream initiated through an MMS or RTSP URL from a Windows Media server. If the RSTP/UDP check box is selected, a user can specify UDP ports in the Use ports check box. If the user doesn't specify UDP ports, the Player uses default ports when using the UDP protocol. This policy setting also specifies that multicast streams can be received if the "Allow the Player to receive multicast streams" check box on the Network tab is selected.
 
-If you enable this policy setting, the administrator must also specify the protocols that are available to users on the Network tab. If the administrator does not specify any protocols, the Player cannot access an MMS or RTSP URL from a Windows Media server. If the "Hide network tab" policy setting is enabled, the entire Network tab is hidden.
+If you enable this policy setting, the administrator must also specify the protocols that are available to users on the Network tab. If the administrator doesn't specify any protocols, the Player can't access an MMS or RTSP URL from a Windows Media server. If the "Hide network tab" policy setting is enabled, the entire Network tab is hidden.
 
-If you do not configure this policy setting, users can select the protocols to use on the Network tab.
+If you don't configure this policy setting, users can select the protocols to use on the Network tab.
 
-If you disable this policy setting, the Protocols for MMS URLs and Multicast streams areas of the Network tab are not available and the Player cannot receive an MMS or RTSP stream from a Windows Media server.
+If you disable this policy setting, the Protocols for MMS URLs and Multicast streams areas of the Network tab aren't available and the Player can't receive an MMS or RTSP stream from a Windows Media server.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-wininit.md b/windows/client-management/mdm/policy-csp-admx-wininit.md
index c8dbb5219d..452cf045a2 100644
--- a/windows/client-management/mdm/policy-csp-admx-wininit.md
+++ b/windows/client-management/mdm/policy-csp-admx-wininit.md
@@ -68,11 +68,11 @@ manager: dansimp
 
 <!--/Scope-->
 <!--Description-->
-This policy setting controls the legacy remote shutdown interface (named pipe). The named pipe remote shutdown interface is needed in order to shutdown this system from a remote Windows XP or Windows Server 2003 system.
+This policy setting controls the legacy remote shutdown interface (named pipe). The named pipe remote shutdown interface is needed in order to shut down this system from a remote Windows XP or Windows Server 2003 system.
 
-If you enable this policy setting, the system does not create the named pipe remote shutdown interface.
+If you enable this policy setting, the system doesn't create the named pipe remote shutdown interface.
 
-If you disable or do not configure this policy setting, the system creates the named pipe remote shutdown interface.
+If you disable or don't configure this policy setting, the system creates the named pipe remote shutdown interface.
 
 <!--/Description-->
 
@@ -119,7 +119,7 @@ This policy setting controls the use of fast startup.
 
 If you enable this policy setting, the system requires hibernate to be enabled.
 
-If you disable or do not configure this policy setting, the local setting is used.
+If you disable or don't configure this policy setting, the local setting is used.
 
 <!--/Description-->
 
@@ -166,7 +166,7 @@ This policy setting configures the number of minutes the system waits for the hu
 
 If you enable this policy setting, the system waits for the hung logon sessions for the number of minutes specified.
 
-If you disable or do not configure this policy setting, the default timeout value is 3 minutes for workstations and 15 minutes for servers.
+If you disable or don't configure this policy setting, the default timeout value is 3 minutes for workstations and 15 minutes for servers.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-winlogon.md b/windows/client-management/mdm/policy-csp-admx-winlogon.md
index 629647238f..f21fb8b148 100644
--- a/windows/client-management/mdm/policy-csp-admx-winlogon.md
+++ b/windows/client-management/mdm/policy-csp-admx-winlogon.md
@@ -79,9 +79,9 @@ manager: dansimp
 <!--Description-->
 Specifies an alternate user interface.  The Explorer program (%windir%\explorer.exe) creates the familiar Windows interface, but you can use this setting to specify an alternate interface.
 
-If you enable this setting, the system starts the interface you specify instead of Explorer.exe.  To use this setting, copy your interface program to a network share or to your system drive. Then, enable this setting, and type the name of the interface program, including the file name extension, in the Shell name text box. If the interface program file is not located in a folder specified in the Path environment variable for your system, enter the fully qualified path to the file.
+If you enable this setting, the system starts the interface you specify instead of Explorer.exe.  To use this setting, copy your interface program to a network share or to your system drive. Then, enable this setting, and type the name of the interface program, including the file name extension, in the Shell name text box. If the interface program file isn't located in a folder specified in the Path environment variable for your system, enter the fully qualified path to the file.
 
-If you disable this setting or do not configure it, the setting is ignored and the system displays the Explorer interface.
+If you disable this setting or don't configure it, the setting is ignored and the system displays the Explorer interface.
 
 > [!TIP]
 > To find the folders indicated by the Path environment variable, click System Properties in Control Panel, click the Advanced tab, click the Environment Variables button, and then, in the System variables box, click Path.
@@ -127,13 +127,13 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting controls whether or not the system displays information about previous logons and logon failures to the user.
+This policy setting controls whether or not the system displays information about previous sign-ins and sign-in failures to the user.
 
-For local user accounts and domain user accounts in domains of at least a Windows Server 2008 functional level, if you enable this setting, a message appears after the user logs on that displays the date and time of the last successful logon by that user, the date and time of the last unsuccessful logon attempted with that user name, and the number of unsuccessful logons since the last successful logon by that user. This message must be acknowledged by the user before the user is presented with the Microsoft Windows desktop.
+For local user accounts and domain user accounts in domains of at least a Windows Server 2008 functional level, if you enable this setting, a message appears after the user logs on that displays the date and time of the last successful sign in by that user, the date and time of the last unsuccessful sign in attempted with that user name, and the number of unsuccessful logons since the last successful sign in by that user. This message must be acknowledged by the user before the user is presented with the Microsoft Windows desktop.
 
-For domain user accounts in Windows Server 2003, Windows 2000 native, or Windows 2000 mixed functional level domains, if you enable this setting, a warning message will appear that Windows could not retrieve the information and the user will not be able to log on. Therefore, you should not enable this policy setting if the domain is not at the Windows Server 2008 domain functional level.
+For domain user accounts in Windows Server 2003, Windows 2000 native, or Windows 2000 mixed functional level domains, if you enable this setting, a warning message will appear that Windows couldn't retrieve the information and the user won't be able to sign in. Therefore, you shouldn't enable this policy setting if the domain isn't at the Windows Server 2008 domain functional level.
 
-If you disable or do not configure this setting, messages about the previous logon or logon failures are not displayed.
+If you disable or don't configure this setting, messages about the previous sign in or sign-in failures aren't displayed.
 
 <!--/Description-->
 
@@ -177,11 +177,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy controls whether the logged on user should be notified when his logon hours are about to expire. By default, a user is notified before logon hours expire, if actions have been set to occur when the logon hours expire.
+This policy controls whether the signed-in user should be notified when their sign-in hours are about to expire. By default, a user is notified before sign-in hours expire, if actions have been set to occur when the sign-in hours expire.
 
-If you enable this setting, warnings are not displayed to the user before the logon hours expire.
+If you enable this setting, warnings aren't displayed to the user before the sign-in hours expire.
 
-If you disable or do not configure this setting, users receive warnings before the logon hours expire, if actions have been set to occur when the logon hours expire.
+If you disable or don't configure this setting, users receive warnings before the sign-in hours expire, if actions have been set to occur when the sign-in hours expire.
 
 > [!NOTE]
 > If you configure this setting, you might want to examine and appropriately configure the “Set action to take when logon hours expire” setting. If “Set action to take when logon hours expire” is disabled or not configured, the “Remove logon hours expiration warnings” setting will have no effect, and users receive no warnings about logon hour expiration
@@ -227,13 +227,13 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy controls which action will be taken when the logon hours expire for the logged on user. The actions include lock the workstation, disconnect the user, or log the user off completely.
+This policy controls which action will be taken when the sign-in hours expire for the logged on user. The actions include lock the workstation, disconnect the user, or log the user off completely.
 
-If you choose to lock or disconnect a session, the user cannot unlock the session or reconnect except during permitted logon hours.
+If you choose to lock or disconnect a session, the user can't unlock the session or reconnect except during permitted sign-in hours.
 
-If you choose to log off a user, the user cannot log on again except during permitted logon hours. If you choose to log off a user, the user might lose unsaved data.  If you enable this setting, the system will perform the action you specify when the user’s logon hours expire.
+If you choose to sign out a user, the user can't sign in again except during permitted sign-in hours. If you choose to sign out a user, the user might lose unsaved data.  If you enable this setting, the system will perform the action you specify when the user’s sign-in hours expire.
 
-If you disable or do not configure this setting, the system takes no action when the user’s logon hours expire. The user can continue the existing session, but cannot log on to a new session.
+If you disable or don't configure this setting, the system takes no action when the user’s sign-in hours expire. The user can continue the existing session, but can't sign in to a new session.
 
 > [!NOTE]
 > If you configure this setting, you might want to examine and appropriately configure the “Remove logon hours expiration warnings” setting.
@@ -280,7 +280,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy controls whether the logged on user should be notified if the logon server could not be contacted during logon and he has been logged on using previously stored account information.
+This policy controls whether the signed-in user should be notified if the sign-in server couldn't be contacted during sign in and if they've been signed in using previously stored account information.
 
 If enabled, a notification popup will be displayed to the user when the user logs on with cached credentials.
 
@@ -331,12 +331,12 @@ This policy setting controls whether or not software can simulate the Secure Att
 
 If you enable this policy setting, you have one of four options:  
 
-- If you set this policy setting to "None," user mode software cannot simulate the SAS.
+- If you set this policy setting to "None," user mode software can't simulate the SAS.
 - If you set this policy setting to "Services," services can simulate the SAS.
 - If you set this policy setting to "Ease of Access applications," Ease of Access applications can simulate the SAS.
 - If you set this policy setting to "Services and Ease of Access applications," both services and Ease of Access applications can simulate the SAS.
 
-If you disable or do not configure this setting, only Ease of Access applications running on the secure desktop can simulate the SAS.
+If you disable or don't configure this setting, only Ease of Access applications running on the secure desktop can simulate the SAS.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-winsrv.md b/windows/client-management/mdm/policy-csp-admx-winsrv.md
index bbe441caa0..1b02e8ef54 100644
--- a/windows/client-management/mdm/policy-csp-admx-winsrv.md
+++ b/windows/client-management/mdm/policy-csp-admx-winsrv.md
@@ -66,8 +66,8 @@ This policy setting specifies whether Windows will allow console applications an
 
 By default, such applications are automatically terminated if they attempt to cancel shutdown or block it indefinitely.
 
-- If you enable this setting, console applications or GUI applications without visible top-level windows that block or cancel shutdown will not be automatically terminated during shutdown.
-- If you disable or do not configure this setting, these applications will be automatically terminated during shutdown, helping to ensure that windows can shut down faster and more smoothly.
+- If you enable this setting, console applications or GUI applications without visible top-level windows that block or cancel shutdown won't be automatically terminated during shutdown.
+- If you disable or don't configure this setting, these applications will be automatically terminated during shutdown, helping to ensure that windows can shut down faster and more smoothly.
 
 > [!NOTE]
 > This policy setting applies to all sites in Trusted zones.
diff --git a/windows/client-management/mdm/policy-csp-admx-wlansvc.md b/windows/client-management/mdm/policy-csp-admx-wlansvc.md
index 017e045dda..588277efab 100644
--- a/windows/client-management/mdm/policy-csp-admx-wlansvc.md
+++ b/windows/client-management/mdm/policy-csp-admx-wlansvc.md
@@ -72,8 +72,8 @@ This policy setting configures the cost of Wireless LAN (WLAN) connections on th
 If this policy setting is enabled, a drop-down list box presenting possible cost values will be active. Selecting one of the following values from the list will set the cost of all WLAN connections on the local machine:
 
 - Unrestricted: Use of this connection is unlimited and not restricted by usage charges and capacity constraints.
-- Fixed: Use of this connection is not restricted by usage charges and capacity constraints up to a certain data limit.  
-- Variable: This connection is costed on a per byte basis.  If this policy setting is disabled or is not configured, the cost of Wireless LAN connections is Unrestricted by default.
+- Fixed: Use of this connection isn't restricted by usage charges and capacity constraints up to a certain data limit.  
+- Variable: This connection is costed on a per byte basis.  If this policy setting is disabled or isn't configured, the cost of Wireless LAN connections is Unrestricted by default.
 
 <!--/Description-->
 
@@ -119,7 +119,7 @@ This policy applies to Wireless Display connections. This policy means that the
 
 Conversely it means that Push Button is NOT allowed.
 
-If this policy setting is disabled or is not configured, by default Push Button pairing is allowed (but not necessarily preferred).
+If this policy setting is disabled or isn't configured, by default Push Button pairing is allowed (but not necessarily preferred).
 
 <!--/Description-->
 
@@ -165,7 +165,7 @@ This policy applies to Wireless Display connections. This policy changes the pre
 
 When enabled, it makes the connections to prefer a PIN for pairing to Wireless Display devices over the Push Button pairing method.
 
-If this policy setting is disabled or is not configured, by default Push Button pairing is preferred (if allowed by other policies).
+If this policy setting is disabled or isn't configured, by default Push Button pairing is preferred (if allowed by other policies).
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-workfoldersclient.md b/windows/client-management/mdm/policy-csp-admx-workfoldersclient.md
index 4b2031c3a7..2b291fdd5f 100644
--- a/windows/client-management/mdm/policy-csp-admx-workfoldersclient.md
+++ b/windows/client-management/mdm/policy-csp-admx-workfoldersclient.md
@@ -72,8 +72,8 @@ This policy setting specifies whether Work Folders should be set up automaticall
 
 - If you enable this policy setting, Work Folders will be set up automatically for all users of the affected computer. 
 
-This prevents users from choosing not to use Work Folders on the computer; it also prevents them from manually specifying the local folder in which Work Folders stores files. Work Folders will use the settings specified in the "Specify Work Folders settings" policy setting in User Configuration\Administrative Templates\Windows Components\WorkFolders. If the "Specify Work Folders settings" policy setting does not apply to a user, Work Folders is not automatically set up.    
-- If you disable or do not configure this policy setting, Work Folders uses the "Force automatic setup" option of the "Specify Work Folders settings" policy setting to determine whether to automatically set up Work Folders for a given user.
+This folder creation prevents users from choosing not to use Work Folders on the computer; it also prevents them from manually specifying the local folder in which Work Folders stores files. Work Folders will use the settings specified in the "Specify Work Folders settings" policy setting in User Configuration\Administrative Templates\Windows Components\WorkFolders. If the "Specify Work Folders settings" policy setting doesn't apply to a user, Work Folders isn't automatically set up.
+- If you disable or don't configure this policy setting, Work Folders uses the "Force automatic setup" option of the "Specify Work Folders settings" policy setting to determine whether to automatically set up Work Folders for a given user.
 
 <!--/Description-->
 
@@ -116,7 +116,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting specifies the Work Folders server for affected users, as well as whether or not users are allowed to change settings when setting up Work Folders on a domain-joined computer.  
+This policy setting specifies the Work Folders server for affected users, and whether or not users are allowed to change settings when setting up Work Folders on a domain-joined computer.  
 
 - If you enable this policy setting, affected users receive Work Folders settings when they sign in to a domain-joined PC. 
 
@@ -129,9 +129,9 @@ The “On-demand file access preference” option controls whether to enable on-
 
 - If you disable this policy setting, on-demand file access is disabled, and enough storage space to store all the user’s files is required on each of their PCs.  
 
-If you specify User choice or do not configure this policy setting, the user decides whether to enable on-demand file access. However, if the Force automatic setup policy setting is enabled, Work Folders is set up automatically with on-demand file access enabled. 
+If you specify User choice or don't configure this policy setting, the user decides whether to enable on-demand file access. However, if the Force automatic setup policy setting is enabled, Work Folders is set up automatically with on-demand file access enabled. 
 
-The "Force automatic setup" option specifies that Work Folders should be set up automatically without prompting users. This prevents users from choosing not to use Work Folders on the computer; it also prevents them from manually specifying the local folder in which Work Folders stores files. By default, Work Folders is stored in the "%USERPROFILE%\Work Folders" folder. If this option is not specified, users must use the Work Folders Control Panel item on their computers to set up Work Folders.
+The "Force automatic setup" option specifies that Work Folders should be set up automatically without prompting users. This automatic setup prevents users from choosing not to use Work Folders on the computer; it also prevents them from manually specifying the local folder in which Work Folders stores files. By default, Work Folders is stored in the "%USERPROFILE%\Work Folders" folder. If this option isn't specified, users must use the Work Folders Control Panel item on their computers to set up Work Folders.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-admx-wpn.md b/windows/client-management/mdm/policy-csp-admx-wpn.md
index de3ef506c6..3cfe80c0cc 100644
--- a/windows/client-management/mdm/policy-csp-admx-wpn.md
+++ b/windows/client-management/mdm/policy-csp-admx-wpn.md
@@ -79,11 +79,11 @@ manager: dansimp
 <!--Description-->
 This policy setting blocks voice and video calls during Quiet Hours.
 
-If you enable this policy setting, voice and video calls will be blocked during the designated Quiet Hours time window each day, and users will not be able to customize any other Quiet Hours settings.
+If you enable this policy setting, voice and video calls will be blocked during the designated Quiet Hours time window each day, and users won't be able to customize any other Quiet Hours settings.
 
-If you disable this policy setting, voice and video calls will be allowed during Quiet Hours, and users will not be able to customize this or any other Quiet Hours settings.
+If you disable this policy setting, voice and video calls will be allowed during Quiet Hours, and users won't be able to customize this or any other Quiet Hours settings.
 
-If you do not configure this policy setting, voice and video calls will be allowed during Quiet Hours by default. Administrators and users will be able to modify this setting.
+If you don't configure this policy setting, voice and video calls will be allowed during Quiet Hours by default. Administrators and users will be able to modify this setting.
 
 <!--/Description-->
 
@@ -128,9 +128,9 @@ ADMX Info:
 <!--Description-->
 This policy setting turns off toast notifications on the lock screen.
 
-If you enable this policy setting, applications will not be able to raise toast notifications on the lock screen.
+If you enable this policy setting, applications won't be able to raise toast notifications on the lock screen.
 
-If you disable or do not configure this policy setting, toast notifications on the lock screen are enabled and can be turned off by the administrator or user.
+If you disable or don't configure this policy setting, toast notifications on the lock screen are enabled and can be turned off by the administrator or user.
 
 No reboots or service restarts are required for this policy setting to take effect.
 
@@ -177,11 +177,11 @@ ADMX Info:
 <!--Description-->
 This policy setting turns off Quiet Hours functionality.
 
-If you enable this policy setting, toast notifications will not be suppressed and some background tasks will not be deferred during the designated Quiet Hours time window each day.
+If you enable this policy setting, toast notifications won't be suppressed and some background tasks won't be deferred during the designated Quiet Hours time window each day.
 
-If you disable this policy setting, toast notifications will be suppressed and some background task deferred during the designated Quiet Hours time window. Users will not be able to change this or any other Quiet Hours settings.
+If you disable this policy setting, toast notifications will be suppressed and some background task deferred during the designated Quiet Hours time window. Users won't be able to change this or any other Quiet Hours settings.
 
-If you do not configure this policy setting, Quiet Hours are enabled by default but can be turned off or by the administrator or user.
+If you don't configure this policy setting, Quiet Hours are enabled by default but can be turned off or by the administrator or user.
 
 <!--/Description-->
 
@@ -226,13 +226,13 @@ ADMX Info:
 <!--Description-->
 This policy setting turns off toast notifications for applications.
 
-If you enable this policy setting, applications will not be able to raise toast notifications.
+If you enable this policy setting, applications won't be able to raise toast notifications.
 
-Note that this policy does not affect taskbar notification balloons.
+This policy doesn't affect taskbar notification balloons.
 
-Note that Windows system features are not affected by this policy.  You must enable/disable system features individually to stop their ability to raise toast notifications.
+Windows system features aren't affected by this policy.  You must enable/disable system features individually to stop their ability to raise toast notifications.
 
-If you disable or do not configure this policy setting, toast notifications are enabled and can be turned off by the administrator or user.
+If you disable or don't configure this policy setting, toast notifications are enabled and can be turned off by the administrator or user.
 
 No reboots or service restarts are required for this policy setting to take effect.
 
@@ -279,11 +279,11 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies the number of minutes after midnight (local time) that Quiet Hours is to begin each day.
 
-If you enable this policy setting, the specified time will be used, and users will not be able to customize any Quiet Hours settings.
+If you enable this policy setting, the specified time will be used, and users won't be able to customize any Quiet Hours settings.
 
-If you disable this policy setting, a default value will be used, and users will not be able to change it or any other Quiet Hours setting.
+If you disable this policy setting, a default value will be used, and users won't be able to change it or any other Quiet Hours setting.
 
-If you do not configure this policy setting, a default value will be used, which administrators and users will be able to modify.
+If you don't configure this policy setting, a default value will be used, which administrators and users will be able to modify.
 
 <!--/Description-->
 
@@ -328,11 +328,11 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies the number of minutes after midnight (local time) that Quiet Hours is to end each day.
 
-If you enable this policy setting, the specified time will be used, and users will not be able to customize any Quiet Hours settings.
+If you enable this policy setting, the specified time will be used, and users won't be able to customize any Quiet Hours settings.
 
-If you disable this policy setting, a default value will be used, and users will not be able to change it or any other Quiet Hours setting.
+If you disable this policy setting, a default value will be used, and users won't be able to change it or any other Quiet Hours setting.
 
-If you do not configure this policy setting, a default value will be used, which administrators and users will be able to modify.
+If you don't configure this policy setting, a default value will be used, which administrators and users will be able to modify.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-applicationdefaults.md b/windows/client-management/mdm/policy-csp-applicationdefaults.md
index b27d78e274..5cebcba3b5 100644
--- a/windows/client-management/mdm/policy-csp-applicationdefaults.md
+++ b/windows/client-management/mdm/policy-csp-applicationdefaults.md
@@ -159,7 +159,7 @@ Here's the SyncMl example:
 <!--Description-->
 This policy setting determines whether Windows supports web-to-app linking with app URI handlers.
 
-Enabling this policy setting enables web-to-app linking so that apps can be launched with a http(s) URI.
+Enabling this policy setting enables web-to-app linking so that apps can be launched with an http(s) URI.
 
 Disabling this policy disables web-to-app linking and http(s) URIs will be opened in the default browser instead of launching the associated app.
 
diff --git a/windows/client-management/mdm/policy-csp-applicationmanagement.md b/windows/client-management/mdm/policy-csp-applicationmanagement.md
index 3b6a634365..1bddb1ae40 100644
--- a/windows/client-management/mdm/policy-csp-applicationmanagement.md
+++ b/windows/client-management/mdm/policy-csp-applicationmanagement.md
@@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ApplicationManagement
-description: Learn about various Policy configuration service provider (CSP) - ApplicationManagement, including SyncML, for Windows 10.
+description: Learn about various Policy configuration service providers (CSP) - ApplicationManagement, including SyncML, for Windows 10.
 ms.author: dansimp
 ms.topic: article
 ms.prod: w10
@@ -101,9 +101,9 @@ This policy setting controls whether the system can archive infrequently used ap
 
 - If you enable this policy setting, then the system will periodically check for and archive infrequently used apps.
 
-- If you disable this policy setting, then the system will not archive any apps.
+- If you disable this policy setting, then the system won't archive any apps.
 
-If you do not configure this policy setting (default), then the system will follow default behavior, which is to periodically check for and archive infrequently used apps, and the user will be able to configure this setting themselves.
+If you don't configure this policy setting (default), then the system will follow default behavior, which is to periodically check for and archive infrequently used apps, and the user will be able to configure this setting themselves.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -203,7 +203,7 @@ The following list shows the supported values:
 
 <!--/Scope-->
 <!--Description-->
-Specifies whether automatic update of apps from Microsoft Store are allowed.
+Specifies whether automatic update of apps from Microsoft Store is allowed.
 
 
 Most restricted value is 0.
@@ -308,7 +308,7 @@ The following list shows the supported values:
 > [!NOTE]
 > The policy is only enforced in Windows 10 for desktop.
 
-Specifies whether DVR and broadcasting is allowed.
+Specifies whether DVR and broadcasting are allowed.
 
 Most restricted value is 0.
 
@@ -414,7 +414,7 @@ Manages non-administrator users' ability to install Windows app packages.
 
 If you enable this policy, non-administrators will be unable to initiate installation of Windows app packages. Administrators who wish to install an app will need to do so from an Administrator context (for example, an Administrator PowerShell window). All users will still be able to install Windows app packages via the Microsoft Store, if permitted by other policies.
 
-If you disable or do not configure this policy, all users will be able to initiate installation of Windows app packages.
+If you disable or don't configure this policy, all users will be able to initiate installation of Windows app packages.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -428,7 +428,7 @@ ADMX Info:
 <!--SupportedValues-->
 The following list shows the supported values:  
 - 0 (default) - Disabled. All users will be able to initiate installation of Windows app packages.
-- 1 - Enabled. Non-administrator users will not be able to initiate installation of Windows app packages.
+- 1 - Enabled. Non-administrator users won't be able to initiate installation of Windows app packages.
 <!--/SupportedValues-->
 <!--Example-->
 
@@ -514,9 +514,9 @@ The following list shows the supported values:
 
 <!--/Scope-->
 <!--Description-->
-List of semi-colon delimited Package Family Names of Windows apps. Listed Windows apps are launched after logon. This policy allows the IT admin to specify a list of applications that users can run after logging on to the device.
+List of semi-colon delimited Package Family Names of Windows apps. Listed Windows apps are launched after a sign in. This policy allows the IT admin to specify a list of applications that users can run after logging on to the device.
 
-For this policy to work, the Windows apps need to declare in their manifest that they will use the start up task. Example of the declaration here: 
+For this policy to work, the Windows apps need to declare in their manifest that they'll use the startup task. Example of the declaration here: 
 
 ```xml
 <desktop:Extension Category="windows.startupTask"> 
@@ -571,7 +571,7 @@ Added in Windows 10, version 1803. This policy setting permits users to change i
 
 If you enable this policy setting, some of the security features of Windows Installer are bypassed. It permits installations to complete that otherwise would be halted due to a security violation.
 
-If you disable or do not configure this policy setting, the security features of Windows Installer prevent users from changing installation options typically reserved for system administrators, such as specifying the directory to which files are installed.
+If you disable or don't configure this policy setting, the security features of Windows Installer prevent users from changing installation options typically reserved for system administrators, such as specifying the directory to which files are installed.
 
 If Windows Installer detects that an installation package has permitted the user to change a protected option, it stops the installation and displays a message. These security features operate only when the installation program is running in a privileged security context in which it has access to directories denied to the user.
 
@@ -623,9 +623,9 @@ This setting supports a range of values between 0 and 1.
 <!--Description-->
 Added in Windows 10, version 1803. This policy setting directs Windows Installer to use elevated permissions when it installs any program on the system.
 
-If you enable this policy setting, privileges are extended to all programs. These privileges are usually reserved for programs that have been assigned to the user (offered on the desktop), assigned to the computer (installed automatically), or made available in Add or Remove Programs in Control Panel. This profile setting lets users install programs that require access to directories that the user might not have permission to view or change, including directories on highly restricted computers.
+If you enable this policy setting, privileges are extended to all programs. These privileges are reserved for programs that have been assigned to the user (offered on the desktop), assigned to the computer (installed automatically), or made available in Add or Remove Programs in Control Panel. This profile setting lets users install programs that require access to directories that the user might not have permission to view or change, including directories on highly restricted computers.
 
-If you disable or do not configure this policy setting, the system applies the current user's permissions when it installs programs that a system administrator does not distribute or offer.
+If you disable or don't configure this policy setting, the system applies the current user's permissions when it installs programs that a system administrator doesn't distribute or offer.
 
 > [!NOTE]
 > This policy setting appears both in the Computer Configuration and User Configuration folders. To make this policy setting effective, you must enable it in both folders.
diff --git a/windows/client-management/mdm/policy-csp-appvirtualization.md b/windows/client-management/mdm/policy-csp-appvirtualization.md
index 70bb648c9b..24c9070487 100644
--- a/windows/client-management/mdm/policy-csp-appvirtualization.md
+++ b/windows/client-management/mdm/policy-csp-appvirtualization.md
@@ -361,15 +361,15 @@ ADMX Info:
 <!--Description-->
 Reporting Server URL: Displays the URL of reporting server.
 
-Reporting Time: When the client data should be reported to the server. Acceptable range is 0~23, corresponding to the 24 hours in a day. A good practice is, don't set this time to a busy hour, e.g. 9AM.
+Reporting Time: When the client data should be reported to the server. Acceptable range is 0~23, corresponding to the 24 hours in a day. A good practice is, don't set this time to a busy hour, for example, 9AM.
 
 Delay reporting for the random minutes: The maximum minutes of random delay on top of the reporting time. For a busy system, the random delay will help reduce the server load.
 
 Repeat reporting for every (days): The periodical interval in days for sending the reporting data.
 
-Data Cache Limit: This value specifies the maximum size in megabytes (MB) of the XML cache for storing reporting information. The default value is 20 MB. The size applies to the cache in memory. When the limit is reached, the log file will roll over. When a new record is to be added (bottom of the list), one or more of the oldest records (top of the list) will be deleted to make room. A warning will be logged to the Client log and the event log the first time this occurs, and will not be logged again until after the cache has been successfully cleared on transmission and the log has filled up again.
+Data Cache Limit: This value specifies the maximum size in megabytes (MB) of the XML cache for storing reporting information. The default value is 20 MB. The size applies to the cache in memory. When the limit is reached, the log file will roll over. When a new record is to be added (bottom of the list), one or more of the oldest records (top of the list) will be deleted to make room. A warning will be logged to the Client log and the event log the first time this deletion occurs, and won't be logged again until after the cache has been successfully cleared on transmission and the log has filled up again.
 
-Data Block Size: This value specifies the maximum size in bytes to transmit to the server at once on a reporting upload, to avoid permanent transmission failures when the log has reached a significant size. The  default value is 65536. When transmitting report data to the server, one block at a time of application records that is less than or equal to the block size in bytes of XML data will be removed from the cache and sent to the server. Each block will have the general Client data and global package list data prepended, and these will not factor into the block size calculations; the potential exists for an extremely large package list to result in transmission failures over low bandwidth or unreliable connections.
+Data Block Size: This value specifies the maximum size in bytes to transmit to the server at once on a reporting upload, to avoid permanent transmission failures when the log has reached a significant size. The  default value is 65536. When report data is being transmitted to the server, one block at a time of application records that is less than or equal to the block size in bytes of XML data will be removed from the cache and sent to the server. Each block will have the general Client data and global package list data prepended, and these components won't factor into the block size calculations; the potential exists for a large package list to result in transmission failures over low bandwidth or unreliable connections.
 
 <!--/Description-->
 
@@ -412,7 +412,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Specifies the file paths relative to %userprofile% that do not roam with a user's profile. Example usage: /FILEEXCLUSIONLIST='desktop;my pictures'.
+Specifies the file paths relative to %userprofile% that don't roam with a user's profile. Example usage: /FILEEXCLUSIONLIST='desktop;my pictures'.
 
 <!--/Description-->
 
@@ -455,7 +455,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Specifies the registry paths that do not roam with a user profile. Example usage: /REGISTRYEXCLUSIONLIST=software\classes;software\clients.
+Specifies the registry paths that don't roam with a user profile. Example usage: /REGISTRYEXCLUSIONLIST=software\classes;software\clients.
 
 <!--/Description-->
 
@@ -541,7 +541,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Migration mode allows the App-V client to modify shortcuts and FTA's for packages created using a previous version of App-V.
+Migration mode allows the App-V client to modify shortcuts and FTAs for packages created using a previous version of App-V.
 
 <!--/Description-->
 
@@ -584,7 +584,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Specifies the location where symbolic links are created to the current version of a per-user published package. Shortcuts, file type associations, etc. are created pointing to this path. If empty, symbolic links are not used during publishing. Example: %localappdata%\Microsoft\AppV\Client\Integration.
+Specifies the location where symbolic links are created to the current version of a per-user published package. Shortcuts, file type associations, etc. are created pointing to this path. If empty, symbolic links aren't used during publishing. Example: %localappdata%\Microsoft\AppV\Client\Integration.
 
 <!--/Description-->
 
@@ -627,7 +627,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Specifies the location where symbolic links are created to the current version of a globally published package. Shortcuts, file type associations, etc. are created pointing to this path. If empty, symbolic links are not used during publishing. Example: %allusersprofile%\Microsoft\AppV\Client\Integration.
+Specifies the location where symbolic links are created to the current version of a globally published package. Shortcuts, file type associations, etc. are created pointing to this path. If empty, symbolic links aren't used during publishing. Example: %allusersprofile%\Microsoft\AppV\Client\Integration.
 
 <!--/Description-->
 
@@ -676,7 +676,7 @@ Publishing Server URL: Displays the URL of publishing server.
 
 Global Publishing Refresh: Enables global publishing refresh (Boolean).
 
-Global Publishing Refresh On Logon: Triggers a global publishing refresh on logon (Boolean).
+Global Publishing Refresh On Logon: Triggers a global publishing refresh on a sign in(Boolean).
 
 Global Publishing Refresh Interval: Specifies the publishing refresh interval using the GlobalRefreshIntervalUnit. To disable package refresh, select 0.
 
@@ -684,7 +684,7 @@ Global Publishing Refresh Interval Unit: Specifies the interval unit (Hour 0-23,
 
 User Publishing Refresh: Enables user publishing refresh (Boolean).
 
-User Publishing Refresh On Logon: Triggers a user publishing refresh on logon (Boolean).
+User Publishing Refresh On Logon: Triggers a user publishing refresh on a sign in (Boolean).
 
 User Publishing Refresh Interval: Specifies the publishing refresh interval using the UserRefreshIntervalUnit. To disable package refresh, select 0.
 
@@ -737,7 +737,7 @@ Publishing Server URL: Displays the URL of publishing server.
 
 Global Publishing Refresh: Enables global publishing refresh (Boolean).
 
-Global Publishing Refresh On Logon: Triggers a global publishing refresh on logon (Boolean).
+Global Publishing Refresh On Logon: Triggers a global publishing refresh on a sign in (Boolean).
 
 Global Publishing Refresh Interval: Specifies the publishing refresh interval using the GlobalRefreshIntervalUnit. To disable package refresh, select 0.
 
@@ -745,7 +745,7 @@ Global Publishing Refresh Interval Unit: Specifies the interval unit (Hour 0-23,
 
 User Publishing Refresh: Enables user publishing refresh (Boolean).
 
-User Publishing Refresh On Logon: Triggers a user publishing refresh on logon (Boolean).
+User Publishing Refresh On Logon: Triggers a user publishing refresh on la sign in (Boolean).
 
 User Publishing Refresh Interval: Specifies the publishing refresh interval using the UserRefreshIntervalUnit. To disable package refresh, select 0.
 
@@ -798,7 +798,7 @@ Publishing Server URL: Displays the URL of publishing server.
 
 Global Publishing Refresh: Enables global publishing refresh (Boolean).
 
-Global Publishing Refresh On Logon: Triggers a global publishing refresh on logon (Boolean).
+Global Publishing Refresh On Logon: Triggers a global publishing refresh on a sign in (Boolean).
 
 Global Publishing Refresh Interval: Specifies the publishing refresh interval using the GlobalRefreshIntervalUnit. To disable package refresh, select 0.
 
@@ -806,7 +806,7 @@ Global Publishing Refresh Interval Unit: Specifies the interval unit (Hour 0-23,
 
 User Publishing Refresh: Enables user publishing refresh (Boolean).
 
-User Publishing Refresh On Logon: Triggers a user publishing refresh on logon (Boolean).
+User Publishing Refresh On Logon: Triggers a user publishing refresh on a sign in (Boolean).
 
 User Publishing Refresh Interval: Specifies the publishing refresh interval using the UserRefreshIntervalUnit. To disable package refresh, select 0.
 
@@ -859,7 +859,7 @@ Publishing Server URL: Displays the URL of publishing server.
 
 Global Publishing Refresh: Enables global publishing refresh (Boolean).
 
-Global Publishing Refresh On Logon: Triggers a global publishing refresh on logon (Boolean).
+Global Publishing Refresh On Logon: Triggers a global publishing refresh on a sign in (Boolean).
 
 Global Publishing Refresh Interval: Specifies the publishing refresh interval using the GlobalRefreshIntervalUnit. To disable package refresh, select 0.
 
@@ -867,7 +867,7 @@ Global Publishing Refresh Interval Unit: Specifies the interval unit (Hour 0-23,
 
 User Publishing Refresh: Enables user publishing refresh (Boolean).
 
-User Publishing Refresh On Logon: Triggers a user publishing refresh on logon (Boolean).
+User Publishing Refresh On Logon: Triggers a user publishing refresh on a sign in (Boolean).
 
 User Publishing Refresh Interval: Specifies the publishing refresh interval using the UserRefreshIntervalUnit. To disable package refresh, select 0.
 
@@ -920,7 +920,7 @@ Publishing Server URL: Displays the URL of publishing server.
 
 Global Publishing Refresh: Enables global publishing refresh (Boolean).
 
-Global Publishing Refresh On Logon: Triggers a global publishing refresh on logon (Boolean).
+Global Publishing Refresh On Logon: Triggers a global publishing refresh on a sign in (Boolean).
 
 Global Publishing Refresh Interval: Specifies the publishing refresh interval using the GlobalRefreshIntervalUnit. To disable package refresh, select 0.
 
@@ -928,7 +928,7 @@ Global Publishing Refresh Interval Unit: Specifies the interval unit (Hour 0-23,
 
 User Publishing Refresh: Enables user publishing refresh (Boolean).
 
-User Publishing Refresh On Logon: Triggers a user publishing refresh on logon (Boolean).
+User Publishing Refresh On Logon: Triggers a user publishing refresh on a sign in (Boolean).
 
 User Publishing Refresh Interval: Specifies the publishing refresh interval using the UserRefreshIntervalUnit. To disable package refresh, select 0.
 
@@ -1018,7 +1018,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This setting controls whether virtualized applications are launched on Windows 8 machines connected via a metered network connection (e.g. 4G).
+This setting controls whether virtualized applications are launched on Windows 8 machines connected via a metered network connection (for example, 4G).
 
 <!--/Description-->
 
@@ -1276,7 +1276,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Specifies that streamed package contents will be not be saved to the local hard disk.
+Specifies that streamed package contents won't be saved to the local hard disk.
 
 <!--/Description-->
 
@@ -1319,7 +1319,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-If enabled, the App-V client will support BrancheCache compatible HTTP streaming. If BranchCache support is not desired, this should be disabled. The client can then apply HTTP optimizations which are incompatible with BranchCache
+If enabled, the App-V client will support BrancheCache compatible HTTP streaming. If BranchCache support isn't desired, this setting should be disabled. The client can then apply HTTP optimizations that are incompatible with BranchCache.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-attachmentmanager.md b/windows/client-management/mdm/policy-csp-attachmentmanager.md
index b839ee8d78..b182ba287e 100644
--- a/windows/client-management/mdm/policy-csp-attachmentmanager.md
+++ b/windows/client-management/mdm/policy-csp-attachmentmanager.md
@@ -70,13 +70,13 @@ manager: dansimp
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to manage whether Windows marks file attachments with information about their zone of origin (such as restricted, Internet, intranet, local). This requires NTFS in order to function correctly, and will fail without notice on FAT32. By not preserving the zone information, Windows cannot make proper risk assessments.
+This policy setting allows you to manage whether Windows marks file attachments with information about their zone of origin (such as restricted, Internet, intranet, local). This feature requires NTFS in order to function correctly, and will fail without notice on FAT32. If the zone information is not preserved, Windows can't make proper risk assessments.
 
-If you enable this policy setting, Windows does not mark file attachments with their zone information.
+If you enable this policy setting, Windows doesn't mark file attachments with their zone information.
 
 If you disable this policy setting, Windows marks file attachments with their zone information.
 
-If you do not configure this policy setting, Windows marks file attachments with their zone information.
+If you don't configure this policy setting, Windows marks file attachments with their zone information.
 
 <!--/Description-->
 
@@ -126,7 +126,7 @@ If you enable this policy setting, Windows hides the check box and Unblock butto
 
 If you disable this policy setting, Windows shows the check box and Unblock button.
 
-If you do not configure this policy setting, Windows hides the check box and Unblock button.
+If you don't configure this policy setting, Windows hides the check box and Unblock button.
 
 <!--/Description-->
 
@@ -170,13 +170,13 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to manage the behavior for notifying registered antivirus programs. If multiple programs are registered, they will all be notified. If the registered antivirus program already performs on-access checks or scans files as they arrive on the computer's email server, additional calls would be redundant. 
+This policy setting allows you to manage the behavior for notifying registered antivirus programs. If multiple programs are registered, they'll all be notified. If the registered antivirus program already performs on-access checks or scans files as they arrive on the computer's email server, the subsequent calls would be redundant.
 
 If you enable this policy setting, Windows tells the registered antivirus program to scan the file when a user opens a file attachment. If the antivirus program fails, the attachment is blocked from being opened.
 
-If you disable this policy setting, Windows does not call the registered antivirus programs when file attachments are opened.
+If you disable this policy setting, Windows doesn't call the registered antivirus programs when file attachments are opened.
 
-If you do not configure this policy setting, Windows does not call the registered antivirus programs when file attachments are opened.
+If you don't configure this policy setting, Windows doesn't call the registered antivirus programs when file attachments are opened.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-audit.md b/windows/client-management/mdm/policy-csp-audit.md
index 30473c76c3..6960e68f36 100644
--- a/windows/client-management/mdm/policy-csp-audit.md
+++ b/windows/client-management/mdm/policy-csp-audit.md
@@ -231,7 +231,7 @@ This policy setting allows you to audit events generated by a failed attempt to
 
 If you configure this policy setting, an audit event is generated when an account can't sign in to a computer because the account is locked out. Success audits record successful attempts and Failure audits record unsuccessful attempts.
 
-Sign in events are essential for understanding user activity and to detect potential attacks.
+Sign-in events are essential for understanding user activity and to detect potential attacks.
 
 Volume: Low.
 
@@ -287,7 +287,7 @@ The following are the supported values:
 
 <!--/Scope-->
 <!--Description-->
-This policy allows you to audit the group membership information in the user's sign in token. Events in this subcategory are generated on the computer on which a sign in session is created. For an interactive sign in, the security audit event is generated on the computer that the user logged on to. For a network sign in, such as accessing a shared folder on the network, the security audit event is generated on the computer hosting the resource.
+This policy allows you to audit the group membership information in the user's sign-in token. Events in this subcategory are generated on the computer on which a sign-in session is created. For an interactive sign in, the security audit event is generated on the computer that the user logged on to. For a network sign in, such as accessing a shared folder on the network, the security audit event is generated on the computer hosting the resource.
 
 When this setting is configured, one or more security audit events are generated for each successful sign in. Enable the Audit Logon setting under Advanced Audit Policy Configuration\System Audit Policies\Logon/Logoff. Multiple events are generated if the group membership information can't fit in a single security audit event.
 
@@ -347,7 +347,7 @@ The following are the supported values:
 This policy setting allows you to audit events generated by Internet Key Exchange protocol (IKE) and Authenticated Internet Protocol (AuthIP) during Extended Mode negotiations.
 
 If you configure this policy setting, an audit event is generated during an IPsec Extended Mode negotiation. Success audits record successful attempts and Failure audits record unsuccessful attempts.
-If you do not configure this policy setting, no audit event is generated during an IPsec Extended Mode negotiation.
+If you don't configure this policy setting, no audit event is generated during an IPsec Extended Mode negotiation.
 
 Volume: High.
 
@@ -518,10 +518,10 @@ The following are the supported values:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to audit events generated by the closing of a sign in session. These events occur on the computer that was accessed. For an interactive sign out the security audit event is generated on the computer that the user account logged on to.
+This policy setting allows you to audit events generated by the closing of a sign-in session. These events occur on the computer that was accessed. For an interactive sign out the security audit event is generated on the computer that the user account logged on to.
 
-If you configure this policy setting, an audit event is generated when a sign in session is closed. Success audits record successful attempts to close sessions and Failure audits record unsuccessful attempts to close sessions.
-If you don't configure this policy setting, no audit event is generated when a sign in session is closed.
+If you configure this policy setting, an audit event is generated when a sign-in session is closed. Success audits record successful attempts to close sessions and Failure audits record unsuccessful attempts to close sessions.
+If you don't configure this policy setting, no audit event is generated when a sign-in session is closed.
 
 Volume: Low.
 <!--/Description-->
@@ -576,12 +576,12 @@ The following are the supported values:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to audit events generated by user account sign in attempts on the computer.
-Events in this subcategory are related to the creation of sign in sessions and occur on the computer that was accessed. For an interactive sign in, the security audit event is generated on the computer that the user account logged on to. For a network sign in, such as accessing a shared folder on the network, the security audit event is generated on the computer hosting the resource. 
+This policy setting allows you to audit events generated by user account sign-in attempts on the computer.
+Events in this subcategory are related to the creation of sign in sessions and occur on the computer that was accessed. For an interactive sign in, the security audit event is generated on the computer that the user account signed in to. For a network sign in, such as accessing a shared folder on the network, the security audit event is generated on the computer hosting the resource. 
 The following events are included:  
 - Successful sign in attempts.
 - Failed sign in attempts.
-- sign in attempts using explicit credentials. This event is generated when a process attempts to sign in an account by explicitly specifying that account’s credentials. This most commonly occurs in batch sign in configurations, such as scheduled tasks or when using the RUNAS command.
+- Sign-in attempts using explicit credentials. This event is generated when a process attempts to sign in an account by explicitly specifying that account’s credentials. This process most commonly occurs in batch sign-in configurations, such as scheduled tasks or when using the RUNAS command.
 - Security identifiers (SIDs) were filtered and not allowed to sign in.
 
 Volume: Low on a client computer. Medium on a domain controller or a network server.
@@ -639,7 +639,7 @@ The following are the supported values:
 <!--Description-->
 This policy setting allows you to audit events generated by RADIUS (IAS) and Network Access Protection (NAP) user access requests. These requests can be Grant, Deny, Discard, Quarantine, Lock, and Unlock.
 If you configure this policy setting, an audit event is generated for each IAS and NAP user access request. Success audits record successful user access requests and Failure audits record unsuccessful attempts.
-If you do not configure this policy settings, IAS and NAP user access requests are not audited.
+If you don't configure this policy settings, IAS and NAP user access requests aren't audited.
 
 Volume: Medium or High on NPS and IAS server. No volume on other computers.
 <!--/Description-->
@@ -713,7 +713,7 @@ GP Info:
 
 <!--/DbMapped-->
 <!--SupportedValues-->
-The following are the supported values:  
+The following values are the supported values:  
 - 0 (default)—Off/None
 - 1—Success
 - 2—Failure
@@ -757,7 +757,7 @@ The following are the supported values:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to audit events generated by special logons, such as the following:  
+This policy setting allows you to audit events generated by special sign ins, such as:  
 - The use of a special sign in, which is a sign in that has administrator-equivalent privileges and can be used to elevate a process to a higher level.
 - A sign in by a member of a Special Group. Special Groups enable you to audit events generated when a member of a certain group has logged on to your network. You can configure a list of group security identifiers (SIDs) in the registry. If any of those SIDs are added to a token during sign in and the subcategory is enabled, an event is logged. For more information about this feature, see [Audit Special Logon](/windows/security/threat-protection/auditing/audit-special-logon).
 
@@ -814,11 +814,11 @@ The following are the supported values:
 
 <!--/Scope-->
 <!--Description-->
-This policy allows you to audit user and device claims information in the user's sign in token. Events in this subcategory are generated on the computer on which a sign in session is created. For an interactive sign in, the security audit event is generated on the computer that the user logged on to. For a network sign in, such as accessing a shared folder on the network, the security audit event is generated on the computer hosting the resource.
+This policy allows you to audit user and device claims information in the user's sign-in token. Events in this subcategory are generated on the computer on which a sign-in session is created. For an interactive sign in, the security audit event is generated on the computer that the user signed in to. For a network sign in, such as accessing a shared folder on the network, the security audit event is generated on the computer hosting the resource.
 
-User claims are added to a sign in token when claims are included with a user's account attributes in Active Directory. Device claims are added to the sign in token when claims are included with a device's computer account attributes in Active Directory. In addition, compound identity must be enabled for the domain and on the computer where the user logged on.
+User claims are added to a sign-in token when claims are included with a user's account attributes in Active Directory. Device claims are added to the sign-in token when claims are included with a device's computer account attributes in Active Directory. In addition, compound identity must be enabled for the domain and on the computer where the user logged on.
 
-When this setting is configured, one or more security audit events are generated for each successful sign in. You must also enable the Audit Logon setting under Advanced Audit Policy Configuration\System Audit Policies\Logon/Logoff. Multiple events are generated if the user and device claims information cannot fit in a single security audit event.
+When this setting is configured, one or more security audit events are generated for each successful sign in. You must also enable the Audit Logon setting under Advanced Audit Policy Configuration\System Audit Policies\Logon/Logoff. Multiple events are generated if the user and device claims information can't fit in a single security audit event.
 
 Volume: Low on a client computer. Medium on a domain controller or a network server.
 <!--/Description-->
@@ -873,7 +873,7 @@ The following are the supported values:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to audit events generated by validation tests on user account sign in credentials.
+This policy setting allows you to audit events generated by validation tests on user account sign-in credentials.
 
 Events in this subcategory occur only on the computer that is authoritative for those credentials. For domain accounts, the domain controller is authoritative. For local accounts, the local computer is authoritative.
 
@@ -933,7 +933,7 @@ The following are the supported values:
 This policy setting allows you to audit events generated by Kerberos authentication ticket-granting ticket (TGT) requests.
 
 If you configure this policy setting, an audit event is generated after a Kerberos authentication TGT request. Success audits record successful requests and Failure audits record unsuccessful requests.
-If you do not configure this policy setting, no audit event is generated after a Kerberos authentication TGT request.
+If you don't configure this policy setting, no audit event is generated after a Kerberos authentication TGT request.
 
 Volume: High on Kerberos Key Distribution Center servers.
 <!--/Description-->
@@ -991,7 +991,7 @@ The following are the supported values:
 This policy setting allows you to audit events generated by Kerberos authentication ticket-granting ticket (TGT) requests submitted for user accounts.
 
 If you configure this policy setting, an audit event is generated after a Kerberos authentication TGT is requested for a user account. Success audits record successful requests and Failure audits record unsuccessful requests.
-If you do not configure this policy setting, no audit event is generated after a Kerberos authentication TGT is request for a user account.
+If you don't configure this policy setting, no audit event is generated after a Kerberos authentication TGT is request for a user account.
 
 Volume: Low.
 <!--/Description-->
@@ -1046,7 +1046,7 @@ The following are the supported values:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to audit events generated by responses to credential requests submitted for a user account sign in that are not credential validation or Kerberos tickets.
+This policy setting allows you to audit events generated by responses to credential requests submitted for a user account sign in that aren't credential validation or Kerberos tickets.
 
 Currently, there are no events in this subcategory.
 
@@ -1107,7 +1107,7 @@ This policy setting allows you to audit events generated by changes to applicati
 - Member is added or removed from an application group.
 
 If you configure this policy setting, an audit event is generated when an attempt to change an application group is made. Success audits record successful attempts and Failure audits record unsuccessful attempts.
-If you do not configure this policy setting, no audit event is generated when an application group changes.
+If you don't configure this policy setting, no audit event is generated when an application group changes.
 
 Volume: Low.
 <!--/Description-->
@@ -1165,7 +1165,7 @@ The following are the supported values:
 This policy setting allows you to audit events generated by changes to computer accounts such as when a computer account is created, changed, or deleted.
 
 If you configure this policy setting, an audit event is generated when an attempt to change a computer account is made. Success audits record successful attempts and Failure audits record unsuccessful attempts.
-If you do not configure this policy setting, no audit event is generated when a computer account changes.
+If you don't configure this policy setting, no audit event is generated when a computer account changes.
 
 Volume: Low.
 <!--/Description-->
@@ -1226,7 +1226,7 @@ This policy setting allows you to audit events generated by changes to distribut
 - Distribution group type is changed.
 
 If you configure this policy setting, an audit event is generated when an attempt to change a distribution group is made. Success audits record successful attempts and Failure audits record unsuccessful attempts.
-If you do not configure this policy setting, no audit event is generated when a distribution group changes.
+If you don't configure this policy setting, no audit event is generated when a distribution group changes.
 
 > [!Note]
 > Events in this subcategory are logged only on domain controllers.
@@ -1284,15 +1284,15 @@ The following are the supported values:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to audit events generated by other user account changes that are not covered in this category as follows:  
-- The password hash of a user account was accessed. This typically happens during an Active Directory Management Tool password migration.
+This policy setting allows you to audit events generated by other user account changes that aren't covered in this category, such as:  
+- The password hash of a user account was accessed. This change happens during an Active Directory Management Tool password migration.
 - The Password Policy Checking API was called. Calls to this function can be part of an attack when a malicious application tests the policy to reduce the number of attempts during a password dictionary attack.
 - Changes to the Default Domain Group Policy under the following Group Policy paths:
 Computer Configuration\Windows Settings\Security Settings\Account Policies\Password Policy
 Computer Configuration\Windows Settings\Security Settings\Account Policies\Account Lockout Policy.
 
 > [!Note]
-> The security audit event is logged when the policy setting is applied. It does not occur at the time when the settings are modified.
+> The security audit event is logged when the policy setting is applied. It doesn't occur at the time when the settings are modified.
 
 Volume: Low.
 <!--/Description-->
@@ -1347,13 +1347,13 @@ The following are the supported values:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to audit events generated by changes to security groups, such as the following:  
+This policy setting allows you to audit events generated by changes to security groups, such as:  
 - Security group is created, changed, or deleted.
 - Member is added or removed from a security group.
 - Group type is changed.
 
 If you configure this policy setting, an audit event is generated when an attempt to change a security group is made. Success audits record successful attempts and Failure audits record unsuccessful attempts.
-If you do not configure this policy setting, no audit event is generated when a security group changes.
+If you don't configure this policy setting, no audit event is generated when a security group changes.
 
 Volume: Low.
 <!--/Description-->
@@ -1418,7 +1418,7 @@ The events included are as follows:
 - Credential Manager credentials are backed up or restored.
 
 If you configure this policy setting, an audit event is generated when an attempt to change a user account is made. Success audits record successful attempts and Failure audits record unsuccessful attempts. 
-If you do not configure this policy setting, no audit event is generated when a user account changes.
+If you don't configure this policy setting, no audit event is generated when a user account changes.
 
 Volume: Low.
 <!--/Description-->
@@ -1595,10 +1595,10 @@ When possible, events logged in this subcategory indicate the old and new values
 Events in this subcategory are logged only on domain controllers, and only objects in AD DS with a matching system access control list (SACL) are logged.
 
 > [!Note]
-> Actions on some objects and properties do not cause audit events to be generated due to settings on the object class in the schema.
+> Actions on some objects and properties don't cause audit events to be generated due to settings on the object class in the schema.
 
 If you configure this policy setting, an audit event is generated when an attempt to change an object in AD DS is made. Success audits record successful attempts, however unsuccessful attempts are NOT recorded.
-If you do not configure this policy setting, no audit event is generated when an attempt to change an object in AD DS object is made.
+If you don't configure this policy setting, no audit event is generated when an attempt to change an object in AD DS object is made.
 
 Volume: High on domain controllers only.
 <!--/Description-->
@@ -1656,7 +1656,7 @@ The following are the supported values:
 This policy setting allows you to audit replication between two Active Directory Domain Services (AD DS) domain controllers.
 
 If you configure this policy setting, an audit event is generated during AD DS replication. Success audits record successful replication and Failure audits record unsuccessful replication.
-If you do not configure this policy setting, no audit event is generated during AD DS replication.
+If you don't configure this policy setting, no audit event is generated during AD DS replication.
 
 >[!Note]
 > Events in this subcategory are logged only on domain controllers.
@@ -1717,7 +1717,7 @@ The following are the supported values:
 This policy setting allows you to audit events generated when encryption or decryption requests are made to the Data Protection application interface (DPAPI). DPAPI is used to protect secret information such as stored password and key information. For more information about DPAPI, see https://go.microsoft.com/fwlink/?LinkId=121720.
 
 If you configure this policy setting, an audit event is generated when an encryption or decryption request is made to DPAPI. Success audits record successful requests and Failure audits record unsuccessful requests.
-If you do not configure this policy setting, no audit event is generated when an encryption or decryption request is made to DPAPI.
+If you don't configure this policy setting, no audit event is generated when an encryption or decryption request is made to DPAPI.
 
 Volume: Low.
 <!--/Description-->
@@ -1774,7 +1774,7 @@ The following are the supported values:
 This policy setting allows you to audit when plug and play detects an external device.
 
 If you configure this policy setting, an audit event is generated whenever plug and play detects an external device. Only Success audits are recorded for this category.
-If you do not configure this policy setting, no audit event is generated when an external device is detected by plug and play.
+If you don't configure this policy setting, no audit event is generated when an external device is detected by plug and play.
 
 Volume: Low.
 <!--/Description-->
@@ -1831,7 +1831,7 @@ The following are the supported values:
 This policy setting allows you to audit events generated when a process is created or starts. The name of the application or user that created the process is also audited.
 
 If you configure this policy setting, an audit event is generated when a process is created. Success audits record successful attempts and Failure audits record unsuccessful attempts.
-If you do not configure this policy setting, no audit event is generated when a process is created.
+If you don't configure this policy setting, no audit event is generated when a process is created.
 
 Volume: Depends on how the computer is used.
 <!--/Description-->
@@ -1888,7 +1888,7 @@ The following are the supported values:
 This policy setting allows you to audit events generated when a process ends. 
 
 If you configure this policy setting, an audit event is generated when a process ends. Success audits record successful attempts and Failure audits record unsuccessful attempts.
-If you do not configure this policy setting, no audit event is generated when a process ends.
+If you don't configure this policy setting, no audit event is generated when a process ends.
 
 Volume: Depends on how the computer is used.
 <!--/Description-->
@@ -1945,7 +1945,7 @@ The following are the supported values:
 This policy setting allows you to audit inbound remote procedure call (RPC) connections.
 
 If you configure this policy setting, an audit event is generated when a remote RPC connection is attempted. Success audits record successful attempts and Failure audits record unsuccessful attempts.
-If you do not configure this policy setting, no audit event is generated when a remote RPC connection is attempted.
+If you don't configure this policy setting, no audit event is generated when a remote RPC connection is attempted.
 
 Volume: High on RPC servers.
 <!--/Description-->
@@ -2115,11 +2115,11 @@ The following are the supported values:
 <!--Description-->
 This policy setting allows you to audit access requests where the permission granted or denied by a proposed policy differs from the current central access policy on an object.
 
-If you configure this policy setting, an audit event is generated each time a user accesses an object and the permission granted by the current central access policy on the object differs from that granted by the proposed policy. The resulting audit event will be generated as follows:  
+If you configure this policy setting, an audit event is generated each time a user accesses an object and the permission granted by the current central access policy on the object differs from that of the permission granted by the proposed policy. The resulting audit event will be generated as follows:  
 1. Success audits, when configured, records access attempts when the current central access policy grants access but the proposed policy denies access.
 2. Failure audits when configured records access attempts when:  
-   - The current central access policy does not grant access but the proposed policy grants access.
-   - A principal requests the maximum access rights they are allowed and the access rights granted by the current central access policy are different than the access rights granted by the proposed policy.
+   - The current central access policy doesn't grant access but the proposed policy grants access.
+   - A principal requests the maximum access rights they're allowed and the access rights granted by the current central access policy are different than the access rights granted by the proposed policy.
 
 Volume: Potentially high on a file server when the proposed policy differs significantly from the current central access policy.
 
@@ -2176,7 +2176,7 @@ The following are the supported values:
 <!--/Scope-->
 <!--Description-->
 This policy setting allows you to audit Active Directory Certificate Services (AD CS) operations.
-AD CS operations include the following:  
+AD CS operations include:  
 
 - AD CS startup/shutdown/backup/restore.
 - Changes to the certificate revocation list (CRL).
@@ -2368,7 +2368,7 @@ The following are the supported values:
 This policy setting allows you to audit user attempts to access file system objects. A security audit event is generated only for objects that have system access control lists (SACL) specified, and only if the type of access requested, such as Write, Read, or Modify and the account making the request match the settings in the SACL. For more information about enabling object access auditing, see [Apply a basic audit policy on a file or folder](/windows/security/threat-protection/auditing/apply-a-basic-audit-policy-on-a-file-or-folder).
 
 If you configure this policy setting, an audit event is generated each time an account accesses a file system object with a matching SACL. Success audits record successful attempts and Failure audits record unsuccessful attempts.
-If you do not configure this policy setting, no audit event is generated when an account accesses a file system object with a matching SACL.
+If you don't configure this policy setting, no audit event is generated when an account accesses a file system object with a matching SACL.
 
 > [!Note]
 > You can set a SACL on a file system object using the Security tab in that object's Properties dialog box.
@@ -2439,7 +2439,7 @@ The following events are included:
 
 If you configure this policy setting, an audit event is generated when connections are allowed or blocked by the WFP. Success audits record events generated when connections are allowed and Failure audits record events generated when connections are blocked.
 
-If you do not configure this policy setting, no audit event is generated when connected are allowed or blocked by the WFP.
+If you don't configure this policy setting, no audit event is generated when connected are allowed or blocked by the WFP.
 
 Volume: High.
 <!--/Description-->
@@ -2551,10 +2551,10 @@ The following are the supported values:
 This policy setting allows you to audit events generated when a handle to an object is opened or closed. Only objects with a matching system access control list (SACL) generate security audit events.
 
 If you configure this policy setting, an audit event is generated when a handle is manipulated. Success audits record successful attempts and Failure audits record unsuccessful attempts.
-If you do not configure this policy setting, no audit event is generated when a handle is manipulated.
+If you don't configure this policy setting, no audit event is generated when a handle is manipulated.
 
 > [!Note]
-> Events in this subcategory generate events only for object types where the corresponding Object Access subcategory is enabled. For example, if File system object access is enabled, handle manipulation security audit events are generated. If Registry object access is not enabled, handle manipulation security audit events will not be generated.
+> Events in this subcategory generate events only for object types where the corresponding Object Access subcategory is enabled. For example, if File system object access is enabled, handle manipulation security audit events are generated. If Registry object access isn't enabled, handle manipulation security audit events will not be generated.
 
 Volume: Depends on how SACLs are configured.
 <!--/Description-->
@@ -2734,7 +2734,7 @@ The following are the supported values:
 This policy setting allows you to audit attempts to access registry objects. A security audit event is generated only for objects that have system access control lists (SACLs) specified, and only if the type of access requested, such as Read, Write, or Modify, and the account making the request match the settings in the SACL.
 
 If you configure this policy setting, an audit event is generated each time an account accesses a registry object with a matching SACL. Success audits record successful attempts and Failure audits record unsuccessful attempts.
-If you do not configure this policy setting, no audit event is generated when an account accesses a registry object with a matching SACL.
+If you don't configure this policy setting, no audit event is generated when an account accesses a registry object with a matching SACL.
 
 > [!Note]
 > You can set a SACL on a registry object using the Permissions dialog box.
@@ -2795,7 +2795,7 @@ This policy setting allows you to audit user attempts to access file system obje
 
 If you configure this policy setting, an audit event is generated each time an account accesses a file system object on a removable storage. Success audits record successful attempts and Failure audits record unsuccessful attempts.
 
-If you do not configure this policy setting, no audit event is generated when an account accesses a file system object on a removable storage.
+If you don't configure this policy setting, no audit event is generated when an account accesses a file system object on a removable storage.
 
 <!--/Description-->
 <!--DbMapped-->
@@ -2849,20 +2849,20 @@ The following are the supported values:
 <!--/Scope-->
 <!--Description-->
 This policy setting allows you to audit events generated by attempts to access to Security Accounts Manager (SAM) objects.
-SAM objects include the following:  
+SAM objects include:  
 - SAM_ALIAS -- A local group.
-- SAM_GROUP -- A group that is not a local group.
+- SAM_GROUP -- A group that isn't a local group.
 - SAM_USER – A user account.
 - SAM_DOMAIN – A domain.
 - SAM_SERVER – A computer account.
 
 If you configure this policy setting, an audit event is generated when an attempt to access a kernel object is made. Success audits record successful attempts and Failure audits record unsuccessful attempts.
-If you do not configure this policy setting, no audit event is generated when an attempt to access a kernel object is made.
+If you don't configure this policy setting, no audit event is generated when an attempt to access a kernel object is made.
 
 > [!Note]
 > Only the System Access Control List (SACL) for SAM_SERVER can be modified.
 
-Volume: High on domain controllers. For information about reducing the amount of events generated in this subcategory, see [article 841001 in the Microsoft Knowledge Base](https://go.microsoft.com/fwlink/?LinkId=121698).
+Volume: High on domain controllers. For information about reducing the number of events generated in this subcategory, see [article 841001 in the Microsoft Knowledge Base](https://go.microsoft.com/fwlink/?LinkId=121698).
 
 <!--/Description-->
 <!--DbMapped-->
@@ -2915,7 +2915,7 @@ The following are the supported values:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to audit events generated by changes to the authentication policy, such as the following:  
+This policy setting allows you to audit events generated by changes to the authentication policy, such as:  
 - Creation of forest and domain trusts.
 - Modification of forest and domain trusts.
 - Removal of forest and domain trusts.
@@ -2929,10 +2929,10 @@ This policy setting allows you to audit events generated by changes to the authe
 - Namespace collision. For example, when a new trust has the same name as an existing namespace name.
 
 If you configure this policy setting, an audit event is generated when an attempt to change the authentication policy is made. Success audits record successful attempts and Failure audits record unsuccessful attempts.
-If you do not configure this policy setting, no audit event is generated when the authentication policy is changed.
+If you don't configure this policy setting, no audit event is generated when the authentication policy is changed.
 
 > [!Note]
-> The security audit event is logged when the group policy is applied. It does not occur at the time when the settings are modified.
+> The security audit event is logged when the group policy is applied. It doesn't occur at the time when the settings are modified.
 
 Volume: Low.
 <!--/Description-->
@@ -2987,15 +2987,15 @@ The following are the supported values:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to audit events generated by changes to the authorization policy, such as the following:  
-- Assignment of user rights (privileges), such as SeCreateTokenPrivilege, that are not audited through the “Authentication Policy Change” subcategory.
-- Removal of user rights (privileges), such as SeCreateTokenPrivilege, that are not audited through the “Authentication Policy Change” subcategory.
+This policy setting allows you to audit events generated by changes to the authorization policy, such as:  
+- Assignment of user rights (privileges), such as SeCreateTokenPrivilege, that aren't audited through the “Authentication Policy Change” subcategory.
+- Removal of user rights (privileges), such as SeCreateTokenPrivilege, that aren't audited through the “Authentication Policy Change” subcategory.
 - Changes in the Encrypted File System (EFS) policy.
 - Changes to the Resource attributes of an object.
 - Changes to the Central Access Policy (CAP) applied to an object.
 
 If you configure this policy setting, an audit event is generated when an attempt to change the authorization policy is made. Success audits record successful attempts and Failure audits record unsuccessful attempts.
-If you do not configure this policy setting, no audit event is generated when the authorization policy changes.
+If you don't configure this policy setting, no audit event is generated when the authorization policy changes.
 
 Volume: Low.
 <!--/Description-->
@@ -3050,14 +3050,14 @@ The following are the supported values:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to audit events generated by changes to the Windows Filtering Platform (WFP), such as the following: 
+This policy setting allows you to audit events generated by changes to the Windows Filtering Platform (WFP), such as: 
 - IPsec services status.
 - Changes to IPsec policy settings.
 - Changes to Windows Firewall policy settings.
 - Changes to WFP providers and engine.
 
 If you configure this policy setting, an audit event is generated when a change to the WFP is attempted. Success audits record successful attempts and Failure audits record unsuccessful attempts.
-If you do not configure this policy setting, no audit event is generated when a change occurs to the WFP.
+If you don't configure this policy setting, no audit event is generated when a change occurs to the WFP.
 
 Volume: Low.
 <!--/Description-->
@@ -3113,7 +3113,7 @@ The following are the supported values:
 <!--/Scope-->
 <!--Description-->
 This policy setting allows you to audit events generated by changes in policy rules used by the Microsoft Protection Service (MPSSVC). This service is used by Windows Firewall. 
-Events include the following:  
+Events include:  
 - Reporting of active policies when Windows Firewall service starts.
 - Changes to Windows Firewall rules.
 - Changes to Windows Firewall exception list.
@@ -3122,7 +3122,7 @@ Events include the following:
 - Changes to Windows Firewall Group Policy settings.
 
 If you configure this policy setting, an audit event is generated by attempts to change policy rules used by the MPSSVC. Success audits record successful attempts and Failure audits record unsuccessful attempts.
-If you do not configure this policy setting, no audit event is generated by changes in policy rules used by the MPSSVC.
+If you don't configure this policy setting, no audit event is generated by changes in policy rules used by the MPSSVC.
 
 Volume: Low.
 <!--/Description-->
@@ -3177,7 +3177,7 @@ The following are the supported values:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to audit events generated by other security policy changes that are not audited in the policy change category, such as the following:  
+This policy setting allows you to audit events generated by other security policy changes that aren't audited in the policy change category, such as:  
 - Trusted Platform Module (TPM) configuration changes.
 - Kernel-mode cryptographic self tests.
 - Cryptographic provider operations.
@@ -3238,7 +3238,7 @@ The following are the supported values:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to audit changes in the security audit policy settings, such as the following:  
+This policy setting allows you to audit changes in the security audit policy settings, such as:  
 - Settings permissions and audit settings on the Audit Policy object.
 - Changes to the system audit policy.
 - Registration of security event sources.
@@ -3310,8 +3310,8 @@ The following privileges are non-sensitive:
 - Access this computer from the network.
 - Add workstations to domain.
 - Adjust memory quotas for a process.
-- Allow log on locally.
-- Allow log on through Terminal Services.
+- Allow Logon Locally.
+- Allow Logon Through Terminal Services.
 - Bypass traverse checking.
 - Change the system time.
 - Create a pagefile.
@@ -3338,7 +3338,7 @@ The following privileges are non-sensitive:
 - Synchronize directory service data.
 
 If you configure this policy setting, an audit event is generated when a non-sensitive privilege is called. Success audits record successful calls and Failure audits record unsuccessful calls.
-If you do not configure this policy setting, no audit event is generated when a non-sensitive privilege is called.
+If you don't configure this policy setting, no audit event is generated when a non-sensitive privilege is called.
 
 Volume: Very High.
 <!--/Description-->
@@ -3445,9 +3445,9 @@ The following are the supported values:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to audit events generated when sensitive privileges (user rights) are used, such as the following:  
+This policy setting allows you to audit events generated when sensitive privileges (user rights) are used, such as:  
 - A privileged service is called.
-- One of the following privileges are called:  
+- One of the following privileges is called:  
     - Act as part of the operating system.
     - Back up files and directories.
     - Create a token object.
@@ -3463,7 +3463,7 @@ This policy setting allows you to audit events generated when sensitive privileg
     - Take ownership of files or other objects.
 
 If you configure this policy setting, an audit event is generated when sensitive privilege requests are made. Success audits record successful requests and Failure audits record unsuccessful requests.
-If you do not configure this policy setting, no audit event is generated when sensitive privilege requests are made.
+If you don't configure this policy setting, no audit event is generated when sensitive privilege requests are made.
 
 Volume: High.
 <!--/Description-->
@@ -3517,16 +3517,16 @@ The following are the supported values:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to audit events generated by the IPsec filter driver, such as the following:  
+This policy setting allows you to audit events generated by the IPsec filter driver, such as:  
 - Startup and shutdown of the IPsec services.
 - Network packets dropped due to integrity check failure.
 - Network packets dropped due to replay check failure.
 - Network packets dropped due to being in plaintext.
-- Network packets received with incorrect Security Parameter Index (SPI). This may indicate that either the network card is not working correctly or the driver needs to be updated.
+- Network packets received with incorrect Security Parameter Index (SPI). This incorrect value may indicate that either the network card isn't working correctly or the driver needs to be updated.
 - Inability to process IPsec filters.
 
 If you configure this policy setting, an audit event is generated on an IPsec filter driver operation. Success audits record successful attempts and Failure audits record unsuccessful attempts.
-If you do not configure this policy setting, no audit event is generated on an IPSec filter driver operation.
+If you don't configure this policy setting, no audit event is generated on an IPSec filter driver operation.
 
 Volume: Low.
 <!--/Description-->
@@ -3698,11 +3698,11 @@ The following are the supported values:
 <!--/Scope-->
 <!--Description-->
 This policy setting allows you to audit events related to security system extensions or services, such as the following:  
-- A security system extension, such as an authentication, notification, or security package is loaded and is registered with the Local Security Authority (LSA). It is used to authenticate logon attempts, submit logon requests, and any account or password changes. Examples of security system extensions are Kerberos and NTLM.
+- A security system extension, such as an authentication, notification, or security package is loaded and is registered with the Local Security Authority (LSA). It's used to authenticate sign-in attempts, submit sign-in requests, and any account or password changes. Examples of security system extensions are Kerberos and NTLM.
 - A service is installed and registered with the Service Control Manager. The audit log contains information about the service name, binary, type, start type, and service account.
 
 If you configure this policy setting, an audit event is generated when an attempt is made to load a security system extension. Success audits record successful attempts and Failure audits record unsuccessful attempts.
-If you do not configure this policy setting, no audit event is generated when an attempt is made to load a security system extension.
+If you don't configure this policy setting, no audit event is generated when an attempt is made to load a security system extension.
 
 Volume: Low. Security system extension events are generated more often on a domain controller than on client computers or member servers.
 <!--/Description-->
@@ -3757,11 +3757,11 @@ The following are the supported values:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to audit events that violate the integrity of the security subsystem, such as the following:  
-- Events that could not be written to the event log because of a problem with the auditing system.
-- A process that uses a local procedure call (LPC) port that is not valid in an attempt to impersonate a client by replying, reading, or writing to or from a client address space.
+This policy setting allows you to audit events that violate the integrity of the security subsystem, such as:  
+- Events that couldn't be written to the event log because of a problem with the auditing system.
+- A process that uses a local procedure call (LPC) port that isn't valid in an attempt to impersonate a client by replying, reading, or writing to or from a client address space.
 - The detection of a Remote Procedure Call (RPC) that compromises system integrity.
-- The detection of a hash value of an executable file that is not valid as determined by Code Integrity.
+- The detection of a hash value of an executable file that isn't valid as determined by Code Integrity.
 - Cryptographic operations that compromise system integrity.
 
 Volume: Low.
diff --git a/windows/client-management/mdm/policy-csp-authentication.md b/windows/client-management/mdm/policy-csp-authentication.md
index 0073243468..f1263416b4 100644
--- a/windows/client-management/mdm/policy-csp-authentication.md
+++ b/windows/client-management/mdm/policy-csp-authentication.md
@@ -1,6 +1,6 @@
 ---
 title: Policy CSP - Authentication
-description: The Policy CSP - Authentication setting allows the Azure AD tenant administrators to enable self service password reset feature on the Windows sign in screen.
+description: The Policy CSP - Authentication setting allows the Azure AD tenant administrators to enable self service password reset feature on the Windows sign-in screen.
 ms.author: dansimp
 ms.topic: article
 ms.prod: w10
@@ -83,7 +83,7 @@ manager: dansimp
 
 <!--/Scope-->
 <!--Description-->
-Specifies whether password reset is enabled for Azure Active Directory accounts. This policy allows the Azure AD tenant administrators to enable self service password reset feature on the windows logon screen.
+Specifies whether password reset is enabled for Azure Active Directory accounts. This policy allows the Azure AD tenant administrators to enable self service password reset feature on the Windows logon screen.
 
 <!--/Description-->
 <!--SupportedValues-->
@@ -212,14 +212,14 @@ Supported in the next release. Specifies whether Fast Identity Online (FIDO) dev
 
 Value type is integer.
 
-Here is an example scenario: At Contoso, there are a lot of shared devices and kiosks that employees throughout the day using as many as 20 different devices. To minimize the loss in productivity when employees have to login with username and password every time they pick up a device, the IT admin deploys SharePC CSP and Authentication/AllowFidoDeviceSignon policy to shared devices. The IT admin provisions and distributes FIDO 2.0 devices to employees, which allows them to authenticate to various shared devices and PCs.
+Here's an example scenario: At Contoso, there are many shared devices and kiosks that employees use throughout the day, for example, employees use as many as 20 different devices. To minimize the loss in productivity when employees have to sign in with username and password every time they pick up a device, the IT admin deploys SharePC CSP and Authentication/AllowFidoDeviceSignon policy to shared devices. The IT admin provisions and distributes FIDO 2.0 devices to employees, which allows them to authenticate to various shared devices and PCs.
 
 <!--/Description-->
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 - Do not allow. The FIDO device credential provider disabled. 
--   1 - Allow. The FIDO device credential provider is enabled and allows usage of FIDO devices to sign into an Windows.
+-   0 - Don't allow. The FIDO device credential provider disabled.
+-   1 - Allow. The FIDO device credential provider is enabled and allows usage of FIDO devices to sign in to Windows.
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -257,7 +257,7 @@ Allows secondary authentication devices to work with Windows.
 
 The default for this policy must be on for consumer devices (defined as local or Microsoft account connected device) and off for enterprise devices (such as cloud domain-joined, cloud domain-joined in an on-premises only environment, cloud domain-joined in a hybrid environment, and BYOD).
 
-In the next major release of Windows 10, the default for this policy for consumer devices will be changed to off. This will only affect users that have not already set up a secondary authentication device.
+In the next major release of Windows 10, the default for this policy for consumer devices will be changed to off. This change will only affect users that have not already set up a secondary authentication device.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -412,7 +412,7 @@ Value type is integer. Supported values:
 
 - 0 - (default) The feature defaults to the existing SKU and device capabilities.
 - 1 - Enabled. Auto connect new non-admin Azure AD accounts to pre-configured candidate local accounts
-- 2 - Disabled. Do not auto connect new non-admin Azure AD accounts to pre-configured local accounts
+- 2 - Disabled. Don't auto connect new non-admin Azure AD accounts to pre-configured local accounts
 
 <!--/Description-->
 <!--SupportedValues-->
@@ -466,8 +466,8 @@ Value type is integer. Supported values:
 Value type is integer. Supported values:
 
 - 0 - (default) The feature defaults to the existing SKU and device capabilities.
-- 1 - Enabled. Web Credential Provider will be enabled for Sign In
-- 2 - Disabled. Web Credential Provider will not be enabled for Sign In
+- 1 - Enabled. Web Credential Provider will be enabled for a sign in.
+- 2 - Disabled. Web Credential Provider won't be enabled for a sign in.
 
 <!--/Description-->
 <!--SupportedValues-->
@@ -512,7 +512,7 @@ Value type is integer. Supported values:
 <!--Description-->
 Specifies the preferred domain among available domains in the Azure AD tenant.
 
-Example: If your organization is using the "@contoso.com" tenant domain name, the policy value should be "contoso.com". For the user "abby@constoso.com", she would then be able to sign in using "abby" in the username field instead of "abby@contoso.com".
+Example: If your organization is using the "@contoso.com" tenant domain name, the policy value should be "contoso.com". For the user "abby@constoso.com", a sign in is done using "abby" in the username field instead of "abby@contoso.com".
 
 
 Value type is string.

From 9c8783f1def14b0c92d03cde78646d19e55755a2 Mon Sep 17 00:00:00 2001
From: Siddarth Mandalika <v-smandalika@microsoft.com>
Date: Wed, 30 Mar 2022 12:14:37 +0530
Subject: [PATCH 050/123] Acrolinx enhancement effort

---
 .../mdm/policy-csp-autoplay.md                | 14 ++---
 .../mdm/policy-csp-bitlocker.md               |  8 +--
 .../client-management/mdm/policy-csp-bits.md  | 30 +++++-----
 .../mdm/policy-csp-bluetooth.md               | 18 +++---
 .../mdm/policy-csp-browser.md                 | 50 ++++++++--------
 .../mdm/policy-csp-cellular.md                |  8 +--
 .../mdm/policy-csp-connectivity.md            | 60 +++++++++----------
 .../mdm/policy-csp-controlpolicyconflict.md   |  4 +-
 .../mdm/policy-csp-credentialsdelegation.md   |  4 +-
 .../mdm/policy-csp-credentialsui.md           |  6 +-
 10 files changed, 101 insertions(+), 101 deletions(-)

diff --git a/windows/client-management/mdm/policy-csp-autoplay.md b/windows/client-management/mdm/policy-csp-autoplay.md
index 9efb1181a2..365d7cf732 100644
--- a/windows/client-management/mdm/policy-csp-autoplay.md
+++ b/windows/client-management/mdm/policy-csp-autoplay.md
@@ -72,9 +72,9 @@ manager: dansimp
 <!--Description-->
 This policy setting disallows AutoPlay for MTP devices like cameras or phones.
 
-If you enable this policy setting, AutoPlay is not allowed for MTP devices like cameras or phones.
+If you enable this policy setting, AutoPlay isn't allowed for MTP devices like cameras or phones.
 
-If you disable or do not configure this policy setting, AutoPlay is enabled for non-volume devices.
+If you disable or don't configure this policy setting, AutoPlay is enabled for non-volume devices.
 
 <!--/Description-->
 
@@ -121,11 +121,11 @@ ADMX Info:
 <!--Description-->
 This policy setting sets the default behavior for Autorun commands.
 
-Autorun commands are generally stored in autorun.inf files. They often launch the installation program or other routines.
+Autorun commands are stored in autorun.inf files. They often launch the installation program or other routines.
 
 Prior to Windows Vista, when media containing an autorun command is inserted, the system will automatically execute the program without user intervention.
 
-This creates a major security concern as code may be executed without user's knowledge. The default behavior starting with Windows Vista is to prompt the user whether autorun command is to be run. The autorun command is represented as a handler in the Autoplay dialog.
+This automatic execution creates a major security concern as code may be executed without user's knowledge. The default behavior starting with Windows Vista is to prompt the user whether autorun command is to be run. The autorun command is represented as a handler in the Autoplay dialog.
 
 If you enable this policy setting, an Administrator can change the default Windows Vista or later behavior for autorun to:
 
@@ -183,13 +183,13 @@ Autoplay begins reading from a drive as soon as you insert media in the drive. A
 
 Prior to Windows XP SP2, Autoplay is disabled by default on removable drives, such as the floppy disk drive (but not the CD-ROM drive), and on network drives.
 
-Starting with Windows XP SP2, Autoplay is enabled for removable drives as well, including Zip drives and some USB mass storage devices.
+With Windows XP SP2 onward, Autoplay is enabled for removable drives as well, including Zip drives and some USB mass storage devices.
 
 If you enable this policy setting, Autoplay is disabled on CD-ROM and removable media drives, or disabled on all drives.
 
-This policy setting disables Autoplay on additional types of drives. You cannot use this setting to enable Autoplay on drives on which it is disabled by default.
+This policy setting disables Autoplay on other types of drives. You can't use this setting to enable Autoplay on drives on which it's disabled by default.
 
-If you disable or do not configure this policy setting, AutoPlay is enabled.
+If you disable or don't configure this policy setting, AutoPlay is enabled.
 
 Note: This policy setting appears in both the Computer Configuration and User Configuration folders. If the policy settings conflict, the policy setting in Computer Configuration takes precedence over the policy setting in User Configuration.
 
diff --git a/windows/client-management/mdm/policy-csp-bitlocker.md b/windows/client-management/mdm/policy-csp-bitlocker.md
index 283f6421fa..add5331983 100644
--- a/windows/client-management/mdm/policy-csp-bitlocker.md
+++ b/windows/client-management/mdm/policy-csp-bitlocker.md
@@ -1,6 +1,6 @@
 ---
-title: Policy CSP - Bitlocker
-description: Use the Policy configuration service provider (CSP) - Bitlocker to manage encryption of PCs and devices.
+title: Policy CSP - BitLocker
+description: Use the Policy configuration service provider (CSP) - BitLocker to manage encryption of PCs and devices.
 ms.author: dansimp
 ms.topic: article
 ms.prod: w10
@@ -12,7 +12,7 @@ ms.reviewer:
 manager: dansimp
 ---
 
-# Policy CSP - Bitlocker
+# Policy CSP - BitLocker
 
 
 
@@ -22,7 +22,7 @@ manager: dansimp
 <hr/>
 
 <!--Policies-->
-## Bitlocker policies  
+## BitLocker policies  
 
 <dl>
   <dd>
diff --git a/windows/client-management/mdm/policy-csp-bits.md b/windows/client-management/mdm/policy-csp-bits.md
index 81ec70c880..7b7b384396 100644
--- a/windows/client-management/mdm/policy-csp-bits.md
+++ b/windows/client-management/mdm/policy-csp-bits.md
@@ -78,7 +78,7 @@ If BITS/BandwidthThrottlingStartTime or BITS/BandwidthThrottlingEndTime are NOT
 
 <!--/Scope-->
 <!--Description-->
-This policy specifies the bandwidth throttling **end time** that Background Intelligent Transfer Service (BITS) uses for background transfers. This policy setting does not affect foreground transfers. This policy is based on the 24-hour clock.
+This policy specifies the bandwidth throttling **end time** that Background Intelligent Transfer Service (BITS) uses for background transfers. This policy setting doesn't affect foreground transfers. This policy is based on the 24-hour clock.
 
 Value type is integer. Default value is 17 (5 PM).
 
@@ -88,10 +88,10 @@ You can specify a limit to use during a specific time interval and at all other
 
 Using the three policies together (BandwidthThrottlingStartTime, BandwidthThrottlingEndTime, BandwidthThrottlingTransferRate), BITS will limit its bandwidth usage to the specified values. You can specify the limit in kilobits per second (Kbps). If you specify a value less than 2 kilobits, BITS will continue to use approximately 2 kilobits. To prevent BITS transfers from occurring, specify a limit of 0.
 
-If you disable or do not configure this policy setting, BITS uses all available unused bandwidth.
+If you disable or don't configure this policy setting, BITS uses all available unused bandwidth.
 
 > [!NOTE]
-> You should base the limit on the speed of the network link, not the computer's network interface card (NIC). This policy setting does not affect peer caching transfers between peer computers (it does affect transfers from the origin server); the "Limit the maximum network bandwidth used for Peercaching" policy setting should be used for that purpose.
+> You should base the limit on the speed of the network link, not the computer's network interface card (NIC). This policy setting doesn't affect peer caching transfers between peer computers (it does affect transfers from the origin server); the "Limit the maximum network bandwidth used for Peercaching" policy setting should be used for that purpose.
 
 Consider using this setting to prevent BITS transfers from competing for network bandwidth when the client computer has a fast network card (10Mbs), but is connected to the network via a slow link (56Kbs).
 
@@ -144,7 +144,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy specifies the bandwidth throttling **start time** that Background Intelligent Transfer Service (BITS) uses for background transfers. This policy setting does not affect foreground transfers. This policy is based on the 24-hour clock.
+This policy specifies the bandwidth throttling **start time** that Background Intelligent Transfer Service (BITS) uses for background transfers. This policy setting doesn't affect foreground transfers. This policy is based on the 24-hour clock.
 
 Value type is integer. Default value is 8 (8 am).
 
@@ -152,12 +152,12 @@ Supported value range: 0 - 23
 
 You can specify a limit to use during a specific time interval and at all other times. For example, limit the use of network bandwidth to 10 Kbps from 8:00 A.M. to 5:00 P.M., and use all available unused bandwidth the rest of the day's hours.
 
-Using the three policies together (BandwidthThrottlingStartTime, BandwidthThrottlingEndTime, BandwidthThrottlingTransferRate), BITS will limit its bandwidth usage to the specified values. You can specify the limit in kilobits per second (Kbps). If you specify a value less than 2 kilobits, BITS will continue to use approximately 2 kilobits. To prevent BITS transfers from occurring, specify a limit of 0.
+BITS, by using the three policies together (BandwidthThrottlingStartTime, BandwidthThrottlingEndTime, BandwidthThrottlingTransferRate), will limit its bandwidth usage to the specified values. You can specify the limit in kilobits per second (Kbps). If you specify a value less than 2 kilobits, BITS will continue to use approximately 2 kilobits. To prevent BITS transfers from occurring, specify a limit of 0.
 
-If you disable or do not configure this policy setting, BITS uses all available unused bandwidth.
+If you disable or don't configure this policy setting, BITS uses all available unused bandwidth.
 
 > [!NOTE]
-> You should base the limit on the speed of the network link, not the computer's network interface card (NIC). This policy setting does not affect peer caching transfers between peer computers (it does affect transfers from the origin server); the "Limit the maximum network bandwidth used for Peercaching" policy setting should be used for that purpose.
+> You should base the limit on the speed of the network link, not the computer's network interface card (NIC). This policy setting doesn't affect peer caching transfers between peer computers (it does affect transfers from the origin server); the "Limit the maximum network bandwidth used for Peercaching" policy setting should be used for that purpose.
 
 Consider using this setting to prevent BITS transfers from competing for network bandwidth when the client computer has a fast network card (10Mbs), but is connected to the network via a slow link (56Kbs).
 
@@ -210,7 +210,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy specifies the bandwidth throttling **transfer rate** in kilobits per second (Kbps) that Background Intelligent Transfer Service (BITS) uses for background transfers. This policy setting does not affect foreground transfers.
+This policy specifies the bandwidth throttling **transfer rate** in kilobits per second (Kbps) that Background Intelligent Transfer Service (BITS) uses for background transfers. This policy setting doesn't affect foreground transfers.
 
 Value type is integer. Default value is 1000.
 
@@ -218,12 +218,12 @@ Supported value range: 0 - 4294967200
 
 You can specify a limit to use during a specific time interval and at all other times. For example, limit the use of network bandwidth to 10 Kbps from 8:00 A.M. to 5:00 P.M., and use all available unused bandwidth the rest of the day's hours.
 
-Using the three policies together (BandwidthThrottlingStartTime, BandwidthThrottlingEndTime, BandwidthThrottlingTransferRate), BITS will limit its bandwidth usage to the specified values. You can specify the limit in kilobits per second (Kbps). If you specify a value less than 2 kilobits, BITS will continue to use approximately 2 kilobits. To prevent BITS transfers from occurring, specify a limit of 0.
+BITS, by using the three policies together (BandwidthThrottlingStartTime, BandwidthThrottlingEndTime, BandwidthThrottlingTransferRate), will limit its bandwidth usage to the specified values. You can specify the limit in kilobits per second (Kbps). If you specify a value less than 2 kilobits, BITS will continue to use approximately 2 kilobits. To prevent BITS transfers from occurring, specify a limit of 0.
 
-If you disable or do not configure this policy setting, BITS uses all available unused bandwidth.
+If you disable or don't configure this policy setting, BITS uses all available unused bandwidth.
 
 > [!NOTE]
-> You should base the limit on the speed of the network link, not the computer's network interface card (NIC). This policy setting does not affect peer caching transfers between peer computers (it does affect transfers from the origin server); the "Limit the maximum network bandwidth used for Peercaching" policy setting should be used for that purpose.
+> You should base the limit on the speed of the network link, not the computer's network interface card (NIC). This policy setting doesn't affect peer caching transfers between peer computers (it does affect transfers from the origin server); the "Limit the maximum network bandwidth used for Peercaching" policy setting should be used for that purpose.
 
 Consider using this setting to prevent BITS transfers from competing for network bandwidth when the client computer has a fast network card (10Mbs), but is connected to the network via a slow link (56Kbs).
 
@@ -278,7 +278,7 @@ ADMX Info:
 <!--Description-->
 This policy setting defines the default behavior that the Background Intelligent Transfer Service (BITS) uses for background transfers when the system is connected to a costed network (3G, etc.). Download behavior policies further limit the network usage of background transfers.
 
-If you enable this policy setting, you can define a default download policy for each BITS job priority. This setting does not override a download policy explicitly configured by the application that created the BITS job, but does apply to jobs that are created by specifying only a priority.
+If you enable this policy setting, you can define a default download policy for each BITS job priority. This setting doesn't override a download policy explicitly configured by the application that created the BITS job, but does apply to jobs that are created by specifying only a priority.
 
 For example, you can specify that background jobs are by default to transfer only when on uncosted network connections, but foreground jobs should proceed only when not roaming. The values that can be assigned are:
 -  1 -    Always transfer
@@ -338,7 +338,7 @@ ADMX Info:
 <!--Description-->
 This policy setting defines the default behavior that the foreground Intelligent Transfer Service (BITS) uses for foreground transfers when the system is connected to a costed network (3G, etc.). Download behavior policies further limit the network usage of foreground transfers.
 
-If you enable this policy setting, you can define a default download policy for each BITS job priority. This setting does not override a download policy explicitly configured by the application that created the BITS job, but does apply to jobs that are created by specifying only a priority.
+If you enable this policy setting, you can define a default download policy for each BITS job priority. This setting doesn't override a download policy explicitly configured by the application that created the BITS job, but does apply to jobs that are created by specifying only a priority.
 
 For example, you can specify that foreground jobs are by default to transfer only when on uncosted network connections, but foreground jobs should proceed only when not roaming. The values that can be assigned are:
 -  1 -    Always transfer
@@ -406,9 +406,9 @@ Value type is integer. Default is 90 days.
 Supported values range: 0 - 999
 
 Consider increasing the timeout value if computers tend to stay offline for a long period of time and still have pending jobs. 
-Consider decreasing this value if you are concerned about orphaned jobs occupying disk space.
+Consider decreasing this value if you're concerned about orphaned jobs occupying disk space.
 
-If you disable or do not configure this policy setting, the default value of 90 (days) will be used for the inactive job timeout.
+If you disable or don't configure this policy setting, the default value of 90 (days) will be used for the inactive job timeout.
 
 <!--/Description-->
 <!--ADMXMapped-->
diff --git a/windows/client-management/mdm/policy-csp-bluetooth.md b/windows/client-management/mdm/policy-csp-bluetooth.md
index 025122b10d..a27b8b0f61 100644
--- a/windows/client-management/mdm/policy-csp-bluetooth.md
+++ b/windows/client-management/mdm/policy-csp-bluetooth.md
@@ -75,7 +75,7 @@ manager: dansimp
 <!--Description-->
 Specifies whether the device can send out Bluetooth advertisements.
 
-If this is not set or it is deleted, the default value of 1 (Allow) is used.
+If this policy isn't set or is deleted, the default value of 1 (Allow) is used.
 
 Most restricted value is 0.
 
@@ -83,7 +83,7 @@ Most restricted value is 0.
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 – Not allowed. When set to 0, the device will not send out advertisements. To verify, use any Bluetooth LE app and enable it to do advertising. Then, verify that the advertisement is not received by the peripheral.
+-   0 – Not allowed. When set to 0, the device won't send out advertisements. To verify, use any Bluetooth LE app and enable it to do advertising. Then, verify that the advertisement isn't received by the peripheral.
 -   1 (default) – Allowed. When set to 1, the device will send out advertisements. To verify, use any Bluetooth LE app and enable it to do advertising. Then, verify that the advertisement is received by the peripheral.
 
 <!--/SupportedValues-->
@@ -120,7 +120,7 @@ The following list shows the supported values:
 <!--Description-->
 Specifies whether other Bluetooth-enabled devices can discover the device.
 
-If this is not set or it is deleted, the default value of 1 (Allow) is used.
+If this policy isn't set or is deleted, the default value of 1 (Allow) is used.
 
 Most restricted value is 0.
 
@@ -128,7 +128,7 @@ Most restricted value is 0.
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 – Not allowed. When set to 0, other devices will not be able to detect the device. To verify, open the Bluetooth control panel on the device. Then, go to another Bluetooth-enabled device, open the Bluetooth control panel, and verify that you cannot see the name of the device.
+-   0 – Not allowed. When set to 0, other devices won't be able to detect the device. To verify, open the Bluetooth control panel on the device. Then, go to another Bluetooth-enabled device, open the Bluetooth control panel, and verify that you can't see the name of the device.
 -   1 (default) – Allowed. When set to 1, other devices will be able to detect the device. To verify, open the Bluetooth control panel on the device. Then, go to another Bluetooth-enabled device, open the Bluetooth control panel and verify that you can discover it.
 
 <!--/SupportedValues-->
@@ -247,9 +247,9 @@ The following list shows the supported values:
 <!--Description-->
 Sets the local Bluetooth device name.
 
-If this is set, the value that it is set to will be used as the Bluetooth device name. To verify the policy is set, open the Bluetooth control panel on the device. Then, go to another Bluetooth-enabled device, open the Bluetooth control panel, and verify that the value that was specified.
+If this name is set, the value that it's set to will be used as the Bluetooth device name. To verify the policy is set, open the Bluetooth control panel on the device. Then, go to another Bluetooth-enabled device, open the Bluetooth control panel, and verify that the value that was specified.
 
-If this policy is not set or it is deleted, the default local radio name is used.
+If this policy isn't set or is deleted, the default local radio name is used.
 
 <!--/Description-->
 <!--/Policy-->
@@ -327,7 +327,7 @@ The following list shows the supported values:
 - 0 (default) - All Bluetooth traffic is allowed.
 - N - A number from 1 through 16 representing the bytes that must be used in the encryption process. Currently, 16 is the largest allowed value for N and 16 bytes is the largest key size that Bluetooth supports. If you want to enforce Windows to always use Bluetooth encryption, ignoring the precise encryption key strength, use 1 as the value for N.
 
-For more information on allowed key sizes, refer to Bluetooth Core Specification v5.1.
+For more information on allowed key sizes, see Bluetooth Core Specification v5.1.
 
 <!--/SupportedValues-->
 <!--Example-->
@@ -346,7 +346,7 @@ For more information on allowed key sizes, refer to Bluetooth Core Specification
 
 ## ServicesAllowedList usage guide
 
-When the Bluetooth/ServicesAllowedList policy is provisioned, it will only allow pairing and connections of Windows PCs and phones to explicitly defined Bluetooth profiles and services. It is an allowed list, enabling admins to still allow custom Bluetooth profiles that are not defined by the Bluetooth Special Interests Group (SIG).
+When the Bluetooth/ServicesAllowedList policy is provisioned, it will only allow pairing and connections of Windows PCs and phones to explicitly defined Bluetooth profiles and services. It's an allowed list, enabling admins to still allow custom Bluetooth profiles that aren't defined by the Bluetooth Special Interests Group (SIG).
 
 - Disabling a service shall block incoming and outgoing connections for such services
 - Disabling a service shall not publish an SDP record containing the service being blocked
@@ -381,7 +381,7 @@ Hands Free Profile UUID = base UUID + 0x111E to the beginning = 0000**111E**-000
 |Headset Service Class|For older voice-enabled headsets|0x1108|
 |PnP Information|Used to identify devices occasionally|0x1200|
 
-This means that if you only want Bluetooth headsets, the UUIDs to include are:
+If you only want Bluetooth headsets, the UUIDs to include are:
 
 {0000111E-0000-1000-8000-00805F9B34FB};{00001203-0000-1000-8000-00805F9B34FB};{00001108-0000-1000-8000-00805F9B34FB};{00001200-0000-1000-8000-00805F9B34FB}
 
diff --git a/windows/client-management/mdm/policy-csp-browser.md b/windows/client-management/mdm/policy-csp-browser.md
index cbf9ef190b..97bb3385de 100644
--- a/windows/client-management/mdm/policy-csp-browser.md
+++ b/windows/client-management/mdm/policy-csp-browser.md
@@ -304,7 +304,7 @@ To verify AllowAutofill is set to 0 (not allowed):
 
 1.  Open Microsoft Edge.
 2.  In the upper-right corner of the browser, click **…**.
-3.  Click **Settings** in the drop down list, and select **View Advanced Settings**.
+3.  Click **Settings** in the dropdown list, and select **View Advanced Settings**.
 4.  Verify the setting **Save form entries** is grayed out.
 
 <!--/Validation-->
@@ -418,7 +418,7 @@ To verify AllowCookies is set to 0 (not allowed):
 
 1.  Open Microsoft Edge.
 2.  In the upper-right corner of the browser, click **…**.
-3.  Click **Settings** in the drop down list, and select **View Advanced Settings**.
+3.  Click **Settings** in the dropdown list, and select **View Advanced Settings**.
 4.  Verify the setting **Cookies** is disabled.
 
 <!--/Validation-->
@@ -520,7 +520,7 @@ ADMX Info:
 <!--SupportedValues-->
 Supported values:
 
-- Blank (default) - Do not send tracking information but let users choose to send tracking information to sites they visit.
+- Blank (default) - Don't send tracking information but let users choose to send tracking information to sites they visit.
 - 0 - Never send tracking information.
 - 1 - Send tracking information.
 
@@ -531,7 +531,7 @@ To verify AllowDoNotTrack is set to 0 (not allowed):
 
 1.  Open Microsoft Edge.
 2.  In the upper-right corner of the browser, click **…**.
-3.  Click **Settings** in the drop down list, and select **View Advanced Settings**.
+3.  Click **Settings** in the dropdown list, and select **View Advanced Settings**.
 4.  Verify the setting **Send Do Not Track requests** is grayed out.
 
 <!--/Validation-->
@@ -689,7 +689,7 @@ ADMX Info:
 Supported values:
 
 -   0 – Load and run Adobe Flash content automatically.
--   1 (default) – Does not load or run Adobe Flash content automatically. Requires action from the user.
+-   1 (default) – Doesn't load or run Adobe Flash content automatically. Requires action from the user.
 
 Most restricted value: 1
 
@@ -981,7 +981,7 @@ Most restricted value: 1
 To verify AllowPopups is set to 0 (not allowed):
 
 1. Click or tap **More** (…) and select **Settings** > **View Advanced settings**.
-2.  Verify the setting **Block pop-ups** is disabled.
+2.  Verify whether the setting **Block pop-ups** is disabled.
 
 <!--/Validation-->
 <!--/Policy-->
@@ -1324,7 +1324,7 @@ ADMX Info:
 <!--SupportedValues-->
 Supported values:
 
-- 0 - Prevented/not allowed. Disabling does not prevent sideloading of extensions using Add-AppxPackage via PowerShell. To prevent this, set the **ApplicationManagement/AllowDeveloperUnlock** policy to 1 (enabled).
+- 0 - Prevented/not allowed. Disabling doesn't prevent sideloading of extensions using Add-AppxPackage via PowerShell. To prevent this sideloading, set the **ApplicationManagement/AllowDeveloperUnlock** policy to 1 (enabled).
 - 1 (default) - Allowed.
 
 Most restricted value: 0
@@ -1383,7 +1383,7 @@ ADMX Info:
 Supported values:
 
 - Blank - Users can choose to use Windows Defender SmartScreen.
-- 0 – Turned off. Do not protect users from potential threats and prevent users from turning it on.
+- 0 – Turned off. Don't protect users from potential threats and prevent users from turning it on.
 - 1 (default) – Turned on. Protect users from potential threats and prevent users from turning it off.
 
 Most restricted value: 1
@@ -1624,12 +1624,12 @@ Most restricted value: 1
 
 <!--/SupportedValues-->
 <!--Validation-->
-To verify that browsing data is cleared on exit (ClearBrowsingDataOnExit is set to 1): 
+To verify whether browsing data is cleared on exit (ClearBrowsingDataOnExit is set to 1): 
 
 1. Open Microsoft Edge and browse to websites.
 2. Close the Microsoft Edge window.
 3. Open Microsoft Edge and start typing the same URL in address bar. 
-4. Verify that it does not auto-complete from history.
+4. Verify that it doesn't auto-complete from history.
 
 <!--/Validation-->
 <!--/Policy-->
@@ -1686,7 +1686,7 @@ ADMX Info:
 Supported values:
 
 -   0 (default) – Prevented/not allowed. Microsoft Edge uses the search engine specified in App settings.<p><p>If you enabled this policy and now want to disable it, disabling removes all previously configured search engines.
--   1 – Allowed. Add up to five additional search engines and set any one of them as the default.<p><p>For each search engine added you must specify a link to the OpenSearch XML file that contains, at a minimum, the short name and URL template (HTTPS) of the search engine. For more information about creating the OpenSearch XML file, see [Search provider discovery](/microsoft-edge/dev-guide/browser/search-provider-discovery).
+-   1 – Allowed. Add up to five more search engines and set any one of them as the default.<p><p>For each search engine added, you must specify a link to the OpenSearch XML file that contains, at a minimum, the short name and URL template (HTTPS) of the search engine. For more information about creating the OpenSearch XML file, see [Search provider discovery](/microsoft-edge/dev-guide/browser/search-provider-discovery).
 
 Most restricted value: 0
 <!--/SupportedValues-->
@@ -1871,7 +1871,7 @@ Supported values:
 - If it’s one of many apps, Microsoft Edge runs as normal.
 
 **1**: 
-- If it’s a single app, it runs a limited multi-tab version of InPrivate and is the only app available for public browsing. Users can’t minimize, close, or open windows or customize Microsoft Edge, but can clear browsing data and downloads and restart by clicking “End session.” You can configure Microsoft Edge to restart after a period of inactivity by using the “Configure kiosk reset after idle timeout” policy. _**For single-app public browsing:**_ If you do not configure the Configure kiosk reset after idle timeout policy and you enable this policy, Microsoft Edge kiosk resets after 5 minutes of idle time.
+- If it’s a single app, it runs a limited multi-tab version of InPrivate and is the only app available for public browsing. Users can’t minimize, close, or open windows or customize Microsoft Edge, but can clear browsing data and downloads and restart by clicking “End session.” You can configure Microsoft Edge to restart after a period of inactivity by using the “Configure kiosk reset after idle timeout” policy. _**For single-app public browsing:**_ If you don't configure the Configure kiosk reset after idle timeout policy and you enable this policy, Microsoft Edge kiosk resets after 5 minutes of idle time.
 - If it’s one of many apps, it runs in a limited multi-tab version of InPrivate for public browsing with other apps. Users can minimize, close, and open multiple InPrivate windows, but they can’t customize Microsoft Edge.
 
 <!--/SupportedValues-->
@@ -2113,7 +2113,7 @@ Most restricted value: 0
 [!INCLUDE [disable-lockdown-of-start-pages-shortdesc](../includes/disable-lockdown-of-start-pages-shortdesc.md)]
   
 > [!NOTE]
-> This policy has no effect when the Browser/HomePages policy is not configured. 
+> This policy has no effect when the Browser/HomePages policy isn't configured. 
  
 > [!IMPORTANT]
 > This setting can be used only with domain-joined or MDM-enrolled devices. For more information, see the [Microsoft browser extension policy](/legal/windows/agreements/microsoft-browser-extension-policy).
@@ -2235,7 +2235,7 @@ ADMX Info:
 <!--SupportedValues-->
 Supported values:
 
--   0 (default) - Turned off. Microsoft Edge does not check the Enterprise Mode Site List, and in this case, users might experience problems while using legacy apps.
+-   0 (default) - Turned off. Microsoft Edge doesn't check the Enterprise Mode Site List, and in this case, users might experience problems while using legacy apps.
 -   1 - Turned on. Microsoft Edge checks the Enterprise Mode Site List if configured. If an XML file exists in the cache container, IE11 waits 65 seconds and then checks the local cache for a new version from the server. If the server has a different version, Microsoft Edge uses the server file and stores it in the cache container. If you already use a site list, Enterprise Mode continues to work during the 65 second, but uses the existing file. To add the location to your site list, enter it in the {URI} box.<p>For details on how to configure the Enterprise Mode Site List, see [Interoperability and enterprise guidance](/microsoft-edge/deploy/group-policies/interoperability-enterprise-guidance-gp).
 
 
@@ -2312,13 +2312,13 @@ Supported values:
 [!INCLUDE [configure-start-pages-shortdesc](../includes/configure-start-pages-shortdesc.md)]
 
 **Version 1607**<br>
-Starting with this version, the HomePages policy enforces that users cannot change the Start pages settings.
+From this version, the HomePages policy enforces that users can't change the Start pages settings.
 
 **Version 1703**<br>
 If you don't want to send traffic to Microsoft, use the \<about:blank\> value, which honors both domain and non-domain-joined devices when it's the only configured URL. 
 
 **Version 1809**<br>
-When you enable the Configure Open Microsoft Edge With policy and select an option, and you enter the URLs of the pages your want to load as the Start pages in this policy, the Configure Open Microsoft Edge With policy takes precedence, ignoring the HomePages policy. 
+When you enable the Configure Open Microsoft Edge With policy and select an option, and you enter the URLs of the pages you want to load as the Start pages in this policy, the Configure Open Microsoft Edge With policy takes precedence, ignoring the HomePages policy. 
 
 
 > [!NOTE]
@@ -2763,7 +2763,7 @@ Supported values:
 
 - Blank (default) - Allowed. Users can uninstall extensions. If you previously enabled this policy and you decide to disable it, the list of extension PFNs defined in this policy get ignored.
 
-- String - Provide a semi-colon delimited list of extension PFNs. For example, adding the following OneNote Web Clipper extension prevents users from turning it off:<p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;_Microsoft.OneNoteWebClipper8wekyb3d8bbwe_<p>After defining the list of extensions, you deploy them through any available enterprise deployment channel, such as Microsoft Intune. <p>Removing extensions from the list does not uninstall the extension from the user’s computer automatically. To uninstall the extension, use any available enterprise deployment channel. If you enable the Allow Developer Tools policy, then this policy does not prevent users from debugging and altering the logic on an extension.
+- String - Provide a semi-colon delimited list of extension PFNs. For example, adding the following OneNote Web Clipper extension prevents users from turning it off:<p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;_Microsoft.OneNoteWebClipper8wekyb3d8bbwe_<p>After defining the list of extensions, you deploy them through any available enterprise deployment channel, such as Microsoft Intune. <p>Removing extensions from the list doesn't uninstall the extension from the user’s computer automatically. To uninstall the extension, use any available enterprise deployment channel. If you enable the Allow Developer Tools policy, then this policy doesn't prevent users from debugging and altering the logic on an extension.
 
 <!--/SupportedValues-->
 <!--Example-->
@@ -2933,7 +2933,7 @@ ADMX Info:
 Supported values:
 
 - 0 (default) - All sites, including intranet sites, open in Microsoft Edge automatically.
-- 1 - Only intranet sites open in Internet Explorer 11 automatically.<p><p>Enabling this policy automatically opens all intranet sites in IE11, even if the users have Microsoft Edge as their default browser.<ol><li>In Group Policy Editor, navigate to:<br><br>**Computer Configuration\\Administrative Templates\\Windows Components\\File Explorer\\Set a default associations configuration file** and click **Enable**.<p></li><li>Refresh the policy and then view the affected sites in Microsoft Edge.<p><p>A message displays saying that the page needs to open in IE. At the same time, the page opens in IE11 automatically; in a new frame if it is not yet running, or in a new tab.</li></ol>
+- 1 - Only intranet sites open in Internet Explorer 11 automatically.<p><p>Enabling this policy automatically opens all intranet sites in IE11, even if the users have Microsoft Edge as their default browser.<ol><li>In Group Policy Editor, navigate to:<br><br>**Computer Configuration\\Administrative Templates\\Windows Components\\File Explorer\\Set a default associations configuration file** and click **Enable**.<p></li><li>Refresh the policy and then view the affected sites in Microsoft Edge.<p><p>A message displays saying that the page needs to open in IE. At the same time, the page opens in IE11 automatically; in a new frame if it isn't yet running, or in a new tab.</li></ol>
 
 Most restricted value: 0
 
@@ -2993,9 +2993,9 @@ ADMX Info:
 <!--SupportedValues-->
 Supported values:
 
-- Blank (default) - Microsoft Edge uses the default search engine specified in App settings. If you don't configure this policy and disable the [AllowSearchEngineCustomization](#browser-allowsearchenginecustomization) policy, users cannot make changes.
+- Blank (default) - Microsoft Edge uses the default search engine specified in App settings. If you don't configure this policy and disable the [AllowSearchEngineCustomization](#browser-allowsearchenginecustomization) policy, users can't make changes.
 - 0 - Microsoft Edge removes the policy-set search engine and uses the Microsoft Edge specified engine for the market.
-- 1 - Microsoft Edge uses the policy-set search engine specified in the OpenSearch XML file. Users cannot change the default search engine.<p><p>Specify a link to the OpenSearch XML file that contains, at a minimum, the short name and the URL template (HTTPS) of the search engine. For more information about creating the OpenSearch XML file, see [Search provider discovery](/microsoft-edge/dev-guide/browser/search-provider-discovery). Use this format to specify the link you want to add.<p><p>If you want users to use the default Microsoft Edge settings for each market, set the string to **EDGEDEFAULT**.<p><p>If you want users to use Microsoft Bing as the default search engine, then set the string to **EDGEBING**.
+- 1 - Microsoft Edge uses the policy-set search engine specified in the OpenSearch XML file. Users can't change the default search engine.<p><p>Specify a link to the OpenSearch XML file that contains, at a minimum, the short name and the URL template (HTTPS) of the search engine. For more information about creating the OpenSearch XML file, see [Search provider discovery](/microsoft-edge/dev-guide/browser/search-provider-discovery). Use this format to specify the link you want to add.<p><p>If you want users to use the default Microsoft Edge settings for each market, set the string to **EDGEDEFAULT**.<p><p>If you want users to use Microsoft Bing as the default search engine, then set the string to **EDGEBING**.
 
 Most restricted value: 1
 <!--/SupportedValues-->
@@ -3160,9 +3160,9 @@ ADMX Info:
 <!--SupportedValues-->
 Supported values:
 
--   0 (default) – No additional message displays.
--   1 – Show an additional message stating that a site has opened in IE11.
--   2 - Show an additional message with a "Keep going in Microsoft Edge" link.
+-   0 (default) – No other message displays.
+-   1 – Show another message stating that a site has opened in IE11.
+-   2 - Show another message with a "Keep going in Microsoft Edge" link.
 
 Most restricted value: 0
 <!--/SupportedValues-->
@@ -3198,8 +3198,8 @@ Most restricted value: 0
 
 <!--/Scope-->
 <!--Description-->
-This policy allows Enterprise Admins to turn off the notification for company devices that the Edge Legacy browser is no longer supported after 3/9/2021 to avoid confusion for their enterprise users and reduce help desk calls. 
-By default, a notification will be presented to the user informing them of this upon application startup.
+This policy allows Enterprise Admins to turn off the notification for company devices that the Edge Legacy browser is no longer supported after March 9, 2021, to avoid confusion for their enterprise users and reduce help desk calls. 
+By default, a notification will be presented to the user informing them of this update upon application startup.
 With this policy, you can either allow (default) or suppress this notification.
 
 <!--/Description-->
diff --git a/windows/client-management/mdm/policy-csp-cellular.md b/windows/client-management/mdm/policy-csp-cellular.md
index a88970a383..48876d706e 100644
--- a/windows/client-management/mdm/policy-csp-cellular.md
+++ b/windows/client-management/mdm/policy-csp-cellular.md
@@ -82,11 +82,11 @@ You can specify either a default setting for all apps or a per-app setting by sp
 
 If you choose the "User is in control" option, employees in your organization can decide whether Windows apps can access cellular data by using Settings > Network - Internet > Cellular on the device.
 
-If you choose the "Force Allow" option, Windows apps are allowed to access cellular data and employees in your organization cannot change it.
+If you choose the "Force Allow" option, Windows apps are allowed to access cellular data and employees in your organization can't change it.
 
-If you choose the "Force Deny" option, Windows apps are not allowed to access cellular data and employees in your organization cannot change it.
+If you choose the "Force Deny" option, Windows apps aren't allowed to access cellular data and employees in your organization can't change it.
 
-If you disable or do not configure this policy setting, employees in your organization can decide whether Windows apps can access cellular data by using Settings > Network - Internet > Cellular on the device.
+If you disable or don't configure this policy setting, employees in your organization can decide whether Windows apps can access cellular data by using Settings > Network - Internet > Cellular on the device.
 
 If an app is open when this Group Policy object is applied on a device, employees must restart the app or device for the policy changes to be applied to the app.”
 
@@ -271,7 +271,7 @@ ADMX Info:
 This policy setting configures the visibility of the link to the per-application cellular access control page in the cellular setting UX.
 
 If this policy setting is enabled, a drop-down list box presenting possible values will be active.  Select "Hide" or "Show" to hide or show the link to the per-application cellular access control page.
-If this policy setting is disabled or is not configured, the link to the per-application cellular access control page is showed by default.
+If this policy setting is disabled or isn't configured, the link to the per-application cellular access control page is shown by default.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-connectivity.md b/windows/client-management/mdm/policy-csp-connectivity.md
index a4eb170e5c..d5df4315c1 100644
--- a/windows/client-management/mdm/policy-csp-connectivity.md
+++ b/windows/client-management/mdm/policy-csp-connectivity.md
@@ -105,9 +105,9 @@ manager: dansimp
 Allows the user to enable Bluetooth or restrict access.
 
 > [!NOTE]
->  This value is not supported in Windows 10.
+>  This value isn't supported in Windows 10.
 
-If this is not set or it is deleted, the default value of 2 (Allow) is used.
+If this policy isn't set or is deleted, the default value of 2 (Allow) is used.
 
 Most restricted value is 0.
 
@@ -115,9 +115,9 @@ Most restricted value is 0.
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 – Disallow Bluetooth. If this is set to 0, the radio in the Bluetooth control panel will be grayed out and the user will not be able to turn Bluetooth on.
--   1 – Reserved. If this is set to 1, the radio in the Bluetooth control panel will be functional and the user will be able to turn Bluetooth on.
--   2 (default) – Allow Bluetooth. If this is set to 2, the radio in the Bluetooth control panel will be functional and the user will be able to turn Bluetooth on.
+-   0 – Disallow Bluetooth. If the value is set to 0, the radio in the Bluetooth control panel will be grayed out and the user won't be able to turn on Bluetooth.
+-   1 – Reserved. If the value is set to 1, the radio in the Bluetooth control panel will be functional and the user will be able to turn on Bluetooth.
+-   2 (default) – Allow Bluetooth. If the value is set to 2, the radio in the Bluetooth control panel will be functional and the user will be able to turn on Bluetooth.
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -151,15 +151,15 @@ The following list shows the supported values:
 
 <!--/Scope-->
 <!--Description-->
-Allows the cellular data channel on the device. Device reboot is not required to enforce the policy.
+Allows the cellular data channel on the device. Device reboot isn't required to enforce the policy.
 
 <!--/Description-->
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 – Do not allow the cellular data channel. The user cannot turn it on. This value is not supported in Windows 10, version 1511.
+-   0 – Don't allow the cellular data channel. The user can't turn it on. This value isn't supported in Windows 10, version 1511.
 -   1 (default) – Allow the cellular data channel. The user can turn it off.
--   2 - Allow the cellular data channel. The user cannot turn it off.
+-   2 - Allow the cellular data channel. The user can't turn it off.
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -193,7 +193,7 @@ The following list shows the supported values:
 
 <!--/Scope-->
 <!--Description-->
-Allows or disallows cellular data roaming on the device. Device reboot is not required to enforce the policy.
+Allows or disallows cellular data roaming on the device. Device reboot isn't required to enforce the policy.
 
 Most restricted value is 0.
 
@@ -209,15 +209,15 @@ ADMX Info:
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 – Do not allow cellular data roaming. The user cannot turn it on. This value is not supported in Windows 10, version 1511.
+-   0 – Don't allow cellular data roaming. The user can't turn it on. This value isn't supported in Windows 10, version 1511.
 -   1 (default) – Allow cellular data roaming.
--   2 - Allow cellular data roaming on. The user cannot turn it off.
+-   2 - Allow cellular data roaming on. The user can't turn it off.
 
 <!--/SupportedValues-->
 <!--Validation-->
 To validate, the enterprise can confirm by observing the roaming enable switch in the UX. It will be inactive if the roaming policy is being enforced by the enterprise policy.
 
-To validate on devices, do the following:
+To validate on devices, perform the following steps:
 
 1.  Go to Cellular & SIM.
 2.  Click on the SIM (next to the signal strength icon) and select **Properties**.
@@ -301,8 +301,8 @@ The following list shows the supported values:
 <!--Description-->
 This policy allows IT admins to turn off the ability to Link a Phone with a PC to continue tasks, such as reading, email, and other tasks that require linking between Phone and PC.
 
-If you enable this policy setting, the Windows device will be able to enroll in Phone-PC linking functionality and participate in 'Continue on PC experiences'. If you disable this policy setting, the Windows device is not allowed to be linked to phones, will remove itself from the device list of any linked Phones, and cannot participate in 'Continue on PC experiences'.
-If you do not configure this policy setting, the default behavior depends on the Windows edition. Changes to this policy take effect on reboot.
+If you enable this policy setting, the Windows device will be able to enroll in Phone-PC linking functionality and participate in 'Continue on PC experiences'. If you disable this policy setting, the Windows device isn't allowed to be linked to phones, will remove itself from the device list of any linked Phones, and can't participate in 'Continue on PC experiences'.
+If you don't configure this policy setting, the default behavior depends on the Windows edition. Changes to this policy take effect on reboot.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -314,14 +314,14 @@ ADMX Info:
 <!--SupportedValues-->
 This setting supports a range of values between 0 and 1.
 
-- 0 - Do not link
+- 0 - Don't link
 - 1 (default) - Allow phone-PC linking
 
 <!--/SupportedValues-->
 <!--Validation-->
 Validation:
 
-If the Connectivity/AllowPhonePCLinking policy is configured to value 0, the add a phone button in the Phones section in settings will be grayed out and clicking it will not launch the window for a user to enter their phone number.
+If the Connectivity/AllowPhonePCLinking policy is configured to value 0, the add a phone button in the Phones section in settings will be grayed out and clicking it won't launch the window for a user to enter their phone number.
 
 Device that has previously opt-in to MMX will also stop showing on the device list.
 
@@ -360,7 +360,7 @@ Device that has previously opt-in to MMX will also stop showing on the device li
 > [!NOTE]
 > Currently, this policy is supported only in HoloLens 2, Hololens (1st gen) Commercial Suite, and HoloLens (1st gen) Development Edition.
 
-Enables USB connection between the device and a computer to sync files with the device or to use developer tools to deploy or debug applications. Changing this policy does not affect USB charging.
+Enables USB connection between the device and a computer to sync files with the device or to use developer tools to deploy or debug applications. Changing this policy doesn't affect USB charging.
 
 Both Media Transfer Protocol (MTP) and IP over USB are disabled when this policy is enforced.
 
@@ -413,7 +413,7 @@ Most restricted value is 0.
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 – VPN is not allowed over cellular.
+-   0 – VPN isn't allowed over cellular.
 -   1 (default) – VPN can use any connection, including cellular.
 
 <!--/SupportedValues-->
@@ -493,13 +493,13 @@ The following list shows the supported values:
 <!--Description-->
 This policy setting specifies whether to allow printing over HTTP from this client.
 
-Printing over HTTP allows a client to print to printers on the intranet as well as the Internet.
+Printing over HTTP allows a client to print to printers on the intranet and the Internet.
 
-Note: This policy setting affects the client side of Internet printing only. It does not prevent this computer from acting as an Internet Printing server and making its shared printers available via HTTP.
+Note: This policy setting affects the client side of Internet printing only. It doesn't prevent this computer from acting as an Internet Printing server and making its shared printers available via HTTP.
 
 If you enable this policy setting, it prevents this client from printing to Internet printers over HTTP.
 
-If you disable or do not configure this policy setting, users can choose to print to Internet printers over HTTP.
+If you disable or don't configure this policy setting, users can choose to print to Internet printers over HTTP.
 
 Also, see the "Web-based printing" policy setting in Computer Configuration/Administrative Templates/Printers.
 
@@ -549,11 +549,11 @@ This policy setting specifies whether to allow this client to download print dri
 
 To set up HTTP printing, non-inbox drivers need to be downloaded over HTTP.
 
-Note: This policy setting does not prevent the client from printing to printers on the Intranet or the Internet over HTTP.  It only prohibits downloading drivers that are not already installed locally.
+Note: This policy setting doesn't prevent the client from printing to printers on the Intranet or the Internet over HTTP.  It only prohibits downloading drivers that aren't already installed locally.
 
-If you enable this policy setting, print drivers cannot be downloaded over HTTP.
+If you enable this policy setting, print drivers can't be downloaded over HTTP.
 
-If you disable or do not configure this policy setting, users can download print drivers over HTTP.
+If you disable or don't configure this policy setting, users can download print drivers over HTTP.
 
 <!--/Description-->
 
@@ -601,11 +601,11 @@ This policy setting specifies whether Windows should download a list of provider
 
 These wizards allow users to select from a list of companies that provide services such as online storage and photographic printing. By default, Windows displays providers downloaded from a Windows website in addition to providers specified in the registry.
 
-If you enable this policy setting, Windows does not download providers, and only the service providers that are cached in the local registry are displayed.
+If you enable this policy setting, Windows doesn't download providers, and only the service providers that are cached in the local registry are displayed.
 
-If you disable or do not configure this policy setting, a list of providers are downloaded when the user uses the web publishing or online ordering wizards.
+If you disable or don't configure this policy setting, a list of providers is downloaded when the user uses the web publishing or online ordering wizards.
 
-See the documentation for the web publishing and online ordering wizards for more information, including details on specifying service providers in the registry.
+For more information, including details on specifying service providers in the registry, see the documentation for the web publishing and online ordering wizards.
 
 <!--/Description-->
 
@@ -695,7 +695,7 @@ ADMX Info:
 <!--Description-->
 This policy setting configures secure access to UNC paths.
 
-If you enable this policy, Windows only allows access to the specified UNC paths after fulfilling additional security requirements.
+If you enable this policy, Windows only allows access to the specified UNC paths after fulfilling other security requirements.
 
 <!--/Description-->
 
@@ -741,11 +741,11 @@ ADMX Info:
 <!--Description-->
 Determines whether a user can install and configure the Network Bridge.
 
-Important: This settings is location aware. It only applies when a computer is connected to the same DNS domain network it was connected to when the setting was refreshed on that computer. If a computer is connected to a DNS domain network other than the one it was connected to when the setting was refreshed, this setting does not apply.
+Important: This setting is location aware. It only applies when a computer is connected to the same DNS domain network it was connected to when the setting was refreshed on that computer. If a computer is connected to a DNS domain network other than the one it was connected to when the setting was refreshed, this setting doesn't apply.
 
 The Network Bridge allows users to create a layer 2 MAC bridge, enabling them to connect two or more network segments together. This connection appears in the Network Connections folder.
 
-If you disable this setting or do not configure it, the user will be able to create and modify the configuration of a Network Bridge. Enabling this setting does not remove an existing Network Bridge from the user's computer.
+If you disable this setting or don't configure it, the user will be able to create and modify the configuration of a Network Bridge. Enabling this setting doesn't remove an existing Network Bridge from the user's computer.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-controlpolicyconflict.md b/windows/client-management/mdm/policy-csp-controlpolicyconflict.md
index 12fbbf04b0..e66ffbee8b 100644
--- a/windows/client-management/mdm/policy-csp-controlpolicyconflict.md
+++ b/windows/client-management/mdm/policy-csp-controlpolicyconflict.md
@@ -71,9 +71,9 @@ The following list shows the supported values:
 - 0 (default)
 - 1 - The MDM policy is used and the GP policy is blocked.
 
-The policy should be set at every sync to ensure the device removes any settings that conflict with MDM just as it does on the very first set of the policy. This ensures that:
+The policy should be set at every sync to ensure the device removes any settings that conflict with MDM just as it does on the first set of the policy. This activation ensures that:
 
--  GP settings that correspond to MDM applied settings are not conflicting 
+-  GP settings that correspond to MDM applied settings aren't conflicting 
 -  The current Policy Manager policies are refreshed from what MDM has set 
 -  Any values set by scripts/user outside of GP that conflict with MDM are removed
 
diff --git a/windows/client-management/mdm/policy-csp-credentialsdelegation.md b/windows/client-management/mdm/policy-csp-credentialsdelegation.md
index 87b03eb667..da8c5cd222 100644
--- a/windows/client-management/mdm/policy-csp-credentialsdelegation.md
+++ b/windows/client-management/mdm/policy-csp-credentialsdelegation.md
@@ -65,11 +65,11 @@ manager: dansimp
 <!--Description-->
 Remote host allows delegation of non-exportable credentials
 
-When using credential delegation, devices provide an exportable version of credentials to the remote host. This exposes users to the risk of credential theft from attackers on the remote host.
+When credential delegation is being used, devices provide an exportable version of credentials to the remote host. This version exposes users to the risk of credential theft from attackers on the remote host.
 
 If you enable this policy setting, the host supports Restricted Admin or Remote Credential Guard mode.
 
-If you disable or do not configure this policy setting, Restricted Administration and Remote Credential Guard mode are not supported. User will always need to pass their credentials to the host.
+If you disable or don't configure this policy setting, Restricted Administration and Remote Credential Guard mode aren't supported. User will always need to pass their credentials to the host.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-credentialsui.md b/windows/client-management/mdm/policy-csp-credentialsui.md
index 2b0be6c478..f242322253 100644
--- a/windows/client-management/mdm/policy-csp-credentialsui.md
+++ b/windows/client-management/mdm/policy-csp-credentialsui.md
@@ -68,9 +68,9 @@ manager: dansimp
 <!--Description-->
 This policy setting allows you to configure the display of the password reveal button in password entry user experiences.
 
-If you enable this policy setting, the password reveal button will not be displayed after a user types a password in the password entry text box.
+If you enable this policy setting, the password reveal button won't be displayed after a user types a password in the password entry text box.
 
-If you disable or do not configure this policy setting, the password reveal button will be displayed after a user types a password in the password entry text box.
+If you disable or don't configure this policy setting, the password reveal button will be displayed after a user types a password in the password entry text box.
 
 By default, the password reveal button is displayed after a user types a password in the password entry text box. To display the password, click the password reveal button.
 
@@ -118,7 +118,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting controls whether administrator accounts are displayed when a user attempts to elevate a running application. By default, administrator accounts are not displayed when the user attempts to elevate a running application.
+This policy setting controls whether administrator accounts are displayed when a user attempts to elevate a running application. By default, administrator accounts aren't displayed when the user attempts to elevate a running application.
 
 If you enable this policy setting, all local administrator accounts on the PC will be displayed so the user can choose one and enter the correct password.
 

From 164f674c97a731ffad8c20161017e8083f403469 Mon Sep 17 00:00:00 2001
From: Noah Myers <81661816+nonotnoah@users.noreply.github.com>
Date: Wed, 30 Mar 2022 10:37:26 -0700
Subject: [PATCH 051/123] fix redundant acronym

ATM machine is a redundant acronym. This fix is in line with other uses of ATM in this document such as here: https://docs.microsoft.com/en-us/windows/deployment/update/get-started-updates-channels-tools#long-term-servicing-channel
---
 windows/deployment/update/waas-quick-start.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/update/waas-quick-start.md b/windows/deployment/update/waas-quick-start.md
index 3c6ac3426f..9f6c9e6c7b 100644
--- a/windows/deployment/update/waas-quick-start.md
+++ b/windows/deployment/update/waas-quick-start.md
@@ -31,7 +31,7 @@ Some new terms have been introduced as part of Windows as a service, so you shou
 - **Insider Preview** builds are made available during the development of the features that will be shipped in the next feature update, enabling organizations to validate new features and confirm compatibility with existing apps and infrastructure, providing feedback to Microsoft on any issues encountered.
 - **Servicing channels** allow organizations to choose when to deploy new features. 
   - The **General Availability Channel** receives feature updates annually.
-  - The **Long-Term Servicing Channel**, which meant only for specialized devices (which typically don't run Office) such as those that control medical equipment or ATM machines, receives new feature releases every two to three years.
+  - The **Long-Term Servicing Channel**, which meant only for specialized devices (which typically don't run Office) such as those that control medical equipment or ATMs, receives new feature releases every two to three years.
 - **Deployment rings** are groups of devices used to initially pilot, and then to broadly deploy, each feature update in an organization. 
 
 See [Overview of Windows as a service](waas-overview.md) for more information.

From 43604a9b868d9e0031f763d760bb26cc56a610cf Mon Sep 17 00:00:00 2001
From: Noah Myers <81661816+nonotnoah@users.noreply.github.com>
Date: Fri, 1 Apr 2022 09:24:30 -0700
Subject: [PATCH 052/123] Update windows/deployment/update/waas-quick-start.md

Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>
---
 windows/deployment/update/waas-quick-start.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/update/waas-quick-start.md b/windows/deployment/update/waas-quick-start.md
index 9f6c9e6c7b..57fcb750ea 100644
--- a/windows/deployment/update/waas-quick-start.md
+++ b/windows/deployment/update/waas-quick-start.md
@@ -31,7 +31,7 @@ Some new terms have been introduced as part of Windows as a service, so you shou
 - **Insider Preview** builds are made available during the development of the features that will be shipped in the next feature update, enabling organizations to validate new features and confirm compatibility with existing apps and infrastructure, providing feedback to Microsoft on any issues encountered.
 - **Servicing channels** allow organizations to choose when to deploy new features. 
   - The **General Availability Channel** receives feature updates annually.
-  - The **Long-Term Servicing Channel**, which meant only for specialized devices (which typically don't run Office) such as those that control medical equipment or ATMs, receives new feature releases every two to three years.
+  - The **Long-Term Servicing Channel**, which is meant only for specialized devices (which typically don't run Office) such as those that control medical equipment or ATMs, receives new feature releases every two to three years.
 - **Deployment rings** are groups of devices used to initially pilot, and then to broadly deploy, each feature update in an organization. 
 
 See [Overview of Windows as a service](waas-overview.md) for more information.

From 1cbafc45b679aae61de8b2a92d945a358fe0fcf2 Mon Sep 17 00:00:00 2001
From: cathyethoca <39312769+cathyethoca@users.noreply.github.com>
Date: Fri, 1 Apr 2022 14:10:05 -0400
Subject: [PATCH 053/123] Fixing Markdown errors that hid wildcards

0x80072EE2 has a list of URLs that includes wildcard (*) characters. Markdown was treating them as italics instead of displaying them.
---
 windows/deployment/update/windows-update-errors.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/update/windows-update-errors.md b/windows/deployment/update/windows-update-errors.md
index b500ca17a8..c3688b1dda 100644
--- a/windows/deployment/update/windows-update-errors.md
+++ b/windows/deployment/update/windows-update-errors.md
@@ -198,7 +198,7 @@ The following table provides information about common errors you might run into
 
 | Message | Description | Mitigation |
 |---------|-------------|------------|
-| WININET_E_TIMEOUT; The operation timed out | Unable to scan for updates due to a connectivity issue to Windows Update, Configuration Manager, or WSUS. | This error generally means that the Windows Update Agent was unable to connect to the update servers or your own source, such as WSUS, Configuration Manager, or Microsoft Endpoint Manager. <br> Check with your network team to ensure that the device can reach the update sources. For more info, see [Troubleshoot software update scan failures in Configuration Manager](/mem/configmgr/troubleshoot-software-update-scan-failures). <br> If you’re using the public Microsoft update servers, check that your device can access the following Windows Update endpoints: <br> `http://windowsupdate.microsoft.com` <br> https://.windowsupdate.microsoft.com <br> https://update.microsoft.com <br> https://*.update.microsoft.com <br> https://windowsupdate.com <br> https://*.windowsupdate.com <br> https://download.windowsupdate.com <br> https://*.download.windowsupdate.com <br> https://download.microsoft.com <br> https://*.download.windowsupdate.com <br> https://wustat.windows.com <br> https://*.wustat.windows.com <br> https://ntservicepack.microsoft.com |
+| WININET_E_TIMEOUT; The operation timed out | Unable to scan for updates due to a connectivity issue to Windows Update, Configuration Manager, or WSUS. | This error generally means that the Windows Update Agent was unable to connect to the update servers or your own source, such as WSUS, Configuration Manager, or Microsoft Endpoint Manager. <br> Check with your network team to ensure that the device can reach the update sources. For more info, see [Troubleshoot software update scan failures in Configuration Manager](/mem/configmgr/troubleshoot-software-update-scan-failures). <br> If you’re using the public Microsoft update servers, check that your device can access the following Windows Update endpoints: <br> `http://windowsupdate.microsoft.com` <br> `https://*.windowsupdate.microsoft.com` <br> `https://update.microsoft.com` <br> `https://*.update.microsoft.com` <br> `https://windowsupdate.com` <br> `https://*.windowsupdate.com` <br> `https://download.windowsupdate.com` <br> `https://*.download.windowsupdate.com` <br> `https://download.microsoft.com` <br> `https://*.download.windowsupdate.com` <br> `https://wustat.windows.com` <br> `https://*.wustat.windows.com` <br> `https://ntservicepack.microsoft.com` |
 
 ## 0x80240022
 

From 3892da1238d2e18bf0f172b9dac4954ec35e3383 Mon Sep 17 00:00:00 2001
From: Robert Mazzoli <robmazz@microsoft.com>
Date: Tue, 5 Apr 2022 13:55:30 -0700
Subject: [PATCH 054/123] Updated Microsoft Purview portal to Microsoft Purview
 compliance portal

---
 education/windows/deploy-windows-10-in-a-school-district.md | 2 +-
 education/windows/deploy-windows-10-in-a-school.md          | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/education/windows/deploy-windows-10-in-a-school-district.md b/education/windows/deploy-windows-10-in-a-school-district.md
index 263698f3e1..78197c768a 100644
--- a/education/windows/deploy-windows-10-in-a-school-district.md
+++ b/education/windows/deploy-windows-10-in-a-school-district.md
@@ -114,7 +114,7 @@ Office 365 Education allows:
 
 * Faculty to help prevent unauthorized users from accessing documents and email by using Microsoft Azure Rights Management.
 
-* Faculty to use advanced compliance tools on the unified eDiscovery pages in the Microsoft Purview portal.
+* Faculty to use advanced compliance tools on the unified eDiscovery pages in the Microsoft Purview compliance portal.
 
 * Faculty to host online classes, parent–teacher conferences, and other collaboration in Skype for Business.
 
diff --git a/education/windows/deploy-windows-10-in-a-school.md b/education/windows/deploy-windows-10-in-a-school.md
index 2f182e3c8f..fa698dfbff 100644
--- a/education/windows/deploy-windows-10-in-a-school.md
+++ b/education/windows/deploy-windows-10-in-a-school.md
@@ -74,7 +74,7 @@ Office 365 Education allows:
 - Students and faculty to use email and calendars, with mailboxes up to 50 GB per user.
 - Faculty to use advanced email features like email archiving and legal hold capabilities.
 - Faculty to help prevent unauthorized users from accessing documents and email by using Azure Rights Management.
-- Faculty to use advanced compliance tools on the unified eDiscovery pages in the Microsoft Purview portal.
+- Faculty to use advanced compliance tools on the unified eDiscovery pages in the Microsoft Purview compliance portal.
 - Faculty to host online classes, parent–teacher conferences, and other collaboration in Skype for Business or Skype.
 - Students and faculty to access up to 1 TB of personal cloud storage that users inside and outside the educational institution can share through OneDrive for Business.
 - Teachers to provide collaboration in the classroom through Microsoft SharePoint Online team sites.

From 5312b88e239c44299d2fc82b8f35cab5cad25e2d Mon Sep 17 00:00:00 2001
From: Maurice Daly <maurice.daly@outlook.com>
Date: Wed, 6 Apr 2022 01:15:00 +0100
Subject: [PATCH 055/123] Missing Event ID's 8028 - 8040

Added event id's and descriptions from XML provider.
---
 .../applocker/using-event-viewer-with-applocker.md | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md
index aa10905181..a2ac228302 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md
@@ -69,6 +69,20 @@ The following table contains information about the events that you can use to de
 | 8024 | Information| Packaged app installation audited.| Added in Windows Server 2012 and Windows 8.| 
 | 8025 | Warning| Packaged app installation disabled.| Added in Windows Server 2012 and Windows 8.| 
 | 8027 | Warning| No Packaged app rule configured.| Added in Windows Server 2012 and Windows 8.| 
+| 8028 | Warning | * was allowed to run but would have been prevented if the Config CI policy were enforced.| Added in Windows Server 2016 and Windows 10.|
+| 8029 | Error | * was prevented from running due to Config CI policy.| Added in Windows Server 2016 and Windows 10.|
+| 8030 | Information | ManagedInstaller check SUCCEEDED during Appid verification of * | Added in Windows Server 2016 and Windows 10.|
+| 8031 | Information | SmartlockerFilter detected file * being written by process * | Added in Windows Server 2016 and Windows 10.|
+| 8032 | Error | ManagedInstaller check FAILED during Appid verification of * | Added in Windows Server 2016 and Windows 10.|
+| 8033 | Warning | ManagedInstaller check FAILED during Appid verification of * . Allowed to run due to Audit Applocker Policy. | Added in Windows Server 2016 and Windows 10.|
+| 8034 | Information | ManagedInstaller Script check FAILED during Appid verification of * | Added in Windows Server 2016 and Windows 10.|
+| 8035 | Error | ManagedInstaller Script check SUCCEEDED during Appid verification of * | Added in Windows Server 2016 and Windows 10.|
+| 8036 | Error | * was prevented from running due to Config CI policy | Added in Windows Server 2016 and Windows 10.|
+| 8037 | Information | * passed Config CI policy and was allowed to run | Added in Windows Server 2016 and Windows 10.|
+| 8038 | Information | Publisher info: Subject: * Issuer: * Signature index * (* total) | Added in Windows Server 2016 and Windows 10.|
+| 8039 | Warning | * passed Config CI policy and was allowed to run | Added in Windows Server 2016 and Windows 10.|
+| 8040 | Error | Package family name * version * was prevented from installing or updating due to Config CI policy | Added in Windows Server 2016 and Windows 10.|
+
  
 ## Related topics
 

From 6a10d9c4aadc7f0405928478abc7e357cc16effc Mon Sep 17 00:00:00 2001
From: Hiroyuki Ito <102932563+hirit1@users.noreply.github.com>
Date: Fri, 8 Apr 2022 18:19:52 +0900
Subject: [PATCH 056/123] does not exist the policy

I would like to delete it because it is a description of a policy that does not exist.
---
 .../wdsc-device-security.md                        | 14 --------------
 1 file changed, 14 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-security-center/wdsc-device-security.md b/windows/security/threat-protection/windows-defender-security-center/wdsc-device-security.md
index 547b17ac29..4a34381192 100644
--- a/windows/security/threat-protection/windows-defender-security-center/wdsc-device-security.md
+++ b/windows/security/threat-protection/windows-defender-security-center/wdsc-device-security.md
@@ -78,17 +78,3 @@ If you don't want users to see the recommendation to update TPM firmware, you ca
 
 5. [Deploy the updated GPO as you normally do](/windows/win32/srvnodes/group-policy). 
 
-## Disable Memory integrity switch
-If you don't want users to be able to change the Hypervisor Control Integrity (HVCI), or memory integrity, setting on their computers, you can disable the **Memory integrity** switch.
-> [!IMPORTANT]
-> You must have Windows 10, version 1803 or later. The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings. 
-
-1.  On your Group Policy management computer, open the [Group Policy Management Console](/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc731212(v=ws.11)), right-click the Group Policy Object you want to configure and click **Edit**.
-
-2.  In the **Group Policy Management Editor** go to **Computer configuration** and then select **Administrative templates**.
-
-3.  Expand the tree to **Windows components** > **Windows Security** > **Device security**.
-
-4.  Open the **Disable Memory integrity switch** setting and set it to **Enabled**. Select **OK**.
-
-5. [Deploy the updated GPO as you normally do](/windows/win32/srvnodes/group-policy).

From 28ec7f0381a5ae4fd12082700c57b42eab4c1745 Mon Sep 17 00:00:00 2001
From: Meghana Athavale <v-mathavale@microsoft.com>
Date: Fri, 8 Apr 2022 15:08:53 +0530
Subject: [PATCH 057/123] changes as per 5916892

---
 .../auditing/monitor-the-use-of-removable-storage-devices.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/windows/security/threat-protection/auditing/monitor-the-use-of-removable-storage-devices.md b/windows/security/threat-protection/auditing/monitor-the-use-of-removable-storage-devices.md
index ac76e18a1a..2e7159f3d2 100644
--- a/windows/security/threat-protection/auditing/monitor-the-use-of-removable-storage-devices.md
+++ b/windows/security/threat-protection/auditing/monitor-the-use-of-removable-storage-devices.md
@@ -56,9 +56,14 @@ After you configure the settings to monitor removable storage devices, use the f
 4.  In Server Manager, click **Tools**, and then click **Event Viewer**.
 5.  Expand **Windows Logs**, and then click **Security**.
 6.  Look for event 4663, which logs successful attempts to write to or read from a removable storage device. Failures will log event 4656. Both events include **Task Category = Removable Storage device**.
+   
+    For more information, see [Audit Removable Storage](audit-removable-storage.md)
 
     Key information to look for includes the name and account domain of the user who attempted to access the file, the object that the user is attempting to access, resource attributes of the resource, and the type of access that was attempted.
 
+    > [!NOTE]
+    > Even after configuring settings to monitor removable storage devices, some versions of Windows 10 may require registry key **HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Storage\HotPlugSecureOpen** to be set to **1** to start logging the removable storage audit events.
+
     > [!NOTE]
     > We do not recommend that you enable this category on a file server that hosts file shares on a removable storage device. When Removable Storage Auditing is configured, any attempt to access the removable storage device will generate an audit event.
      

From 3065e76df2cc325d8b14b244d1925084257c877a Mon Sep 17 00:00:00 2001
From: Diana Hanson <v-dihans@microsoft.com>
Date: Mon, 11 Apr 2022 12:46:13 -0600
Subject: [PATCH 058/123] Update windows-update-errors.md

Fix Acro
Sync PR https://github.com/MicrosoftDocs/windows-docs-pr/pull/6454
---
 windows/deployment/update/windows-update-errors.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/deployment/update/windows-update-errors.md b/windows/deployment/update/windows-update-errors.md
index c3688b1dda..3442f06f82 100644
--- a/windows/deployment/update/windows-update-errors.md
+++ b/windows/deployment/update/windows-update-errors.md
@@ -118,7 +118,7 @@ The following table provides information about common errors you might run into
 
 | Message | Description | Mitigation |
 |---------|-------------|------------|
-| CBS_E_ABORT; client abort, IDABORT returned by ICbsUIHandler method except Error() | CBS   transaction timeout exceeded. | A servicing operation is taking a long time to complete. The servicing stack watchdog timer expires. Extending the timeout will mitigate the issue. Increase the resources on the device. If a virtual machine, increase virtual CPU and memory to speed up operations. Make sure the has installed the update in KB4493473 or later.|
+| CBS_E_ABORT; client abort, IDABORT returned by ICbsUIHandler method except Error() | CBS   transaction timeout exceeded. | A servicing operation is taking a long time to complete. The servicing stack watchdog timer expires. Extending the timeout will mitigate the issue. Increase the resources on the device. If a virtual machine, increase virtual CPU and memory to speed up operations. Make sure the device has installed the update in KB4493473 or later.|
 
 ## 0x800f0825
 
@@ -148,7 +148,7 @@ The following table provides information about common errors you might run into
 
 | Message | Description | Mitigation |
 |---------|-------------|------------|
-| E_ACCESSDENIED; General access denied error | File system or registry key permissions have been changed and the servicing stack doesn't have the required level of access. | This error generally means an access was denied.<br> Go to %Windir%\logs\CBS, open the last CBS.log and search for “, error” and match with the timestamp. After finding the error, scroll up and try to determine what caused the access denial. It could be acess denied to a file, registry key. Determine what object needs the right permissions and change the permissions as needed. |
+| E_ACCESSDENIED; General access denied error | File system or registry key permissions have been changed and the servicing stack doesn't have the required level of access. | This error generally means an access was denied.<br> Go to %Windir%\logs\CBS, open the last CBS.log and search for “, error” and match with the timestamp. After finding the error, scroll up and try to determine what caused the access denial. It could be access denied to a file, registry key. Determine what object needs the right permissions and change the permissions as needed. |
 
 ## 0x80070570
 

From edc9cc851a0badc648f4418f36be3de96e0314f4 Mon Sep 17 00:00:00 2001
From: Naim Ayat <naayat@microsoft.com>
Date: Mon, 11 Apr 2022 18:51:40 -0700
Subject: [PATCH 059/123] Update windows-sandbox-overview.md

Adds information around reboot persistence and ARM64 support.
---
 .../windows-sandbox/windows-sandbox-overview.md               | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md b/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md
index bb68f8ea94..e87b90d712 100644
--- a/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md
+++ b/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md
@@ -18,7 +18,7 @@ ms.technology: windows-sec
 
 Windows Sandbox provides a lightweight desktop environment to safely run applications in isolation. Software installed inside the Windows Sandbox environment remains "sandboxed" and runs separately from the host machine.
 
-A sandbox is temporary. When it's closed, all the software and files and the state are deleted. You get a brand-new instance of the sandbox every time you open the application.
+A sandbox is temporary. When it's closed, all the software and files and the state are deleted. You get a brand-new instance of the sandbox every time you open the application. Note, however, that as of [Windows 11 Build 22509](https://blogs.windows.com/windows-insider/2021/12/01/announcing-windows-11-insider-preview-build-22509/), your data will persist through a restart initiated from inside the virtualized environment – useful for installing applications that require the OS to reboot.
 
 Software and applications installed on the host aren't directly available in the sandbox. If you need specific applications available inside the Windows Sandbox environment, they must be explicitly installed within the environment.
 
@@ -40,7 +40,7 @@ The following video provides an overview of Windows Sandbox.
 ## Prerequisites
  
 - Windows 10 Pro, Enterprise or Education build 18305 or Windows 11 (*Windows Sandbox is currently not supported on Windows Home edition*)
-- AMD64 architecture
+- AMD64 or (as of [Windows 11 Build 22483](https://blogs.windows.com/windows-insider/2021/10/20/announcing-windows-11-insider-preview-build-22483/)) ARM64 architecture
 - Virtualization capabilities enabled in BIOS
 - At least 4 GB of RAM (8 GB recommended)
 - At least 1 GB of free disk space (SSD recommended)

From 92bac3c3f6b6c64748477baf7fb0838e3ba51a93 Mon Sep 17 00:00:00 2001
From: Naim Ayat <naayat@microsoft.com>
Date: Mon, 11 Apr 2022 23:59:17 -0700
Subject: [PATCH 060/123] Update
 windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md

Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>
---
 .../windows-sandbox/windows-sandbox-overview.md                 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md b/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md
index e87b90d712..cc27dd13d3 100644
--- a/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md
+++ b/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md
@@ -18,7 +18,7 @@ ms.technology: windows-sec
 
 Windows Sandbox provides a lightweight desktop environment to safely run applications in isolation. Software installed inside the Windows Sandbox environment remains "sandboxed" and runs separately from the host machine.
 
-A sandbox is temporary. When it's closed, all the software and files and the state are deleted. You get a brand-new instance of the sandbox every time you open the application. Note, however, that as of [Windows 11 Build 22509](https://blogs.windows.com/windows-insider/2021/12/01/announcing-windows-11-insider-preview-build-22509/), your data will persist through a restart initiated from inside the virtualized environment – useful for installing applications that require the OS to reboot.
+A sandbox is temporary. When it's closed, all the software and files and the state are deleted. You get a brand-new instance of the sandbox every time you open the application. Note, however, that as of [Windows 11 Build 22509](https://blogs.windows.com/windows-insider/2021/12/01/announcing-windows-11-insider-preview-build-22509/), your data will persist through a restart initiated from inside the virtualized environment–useful for installing applications that require the OS to reboot.
 
 Software and applications installed on the host aren't directly available in the sandbox. If you need specific applications available inside the Windows Sandbox environment, they must be explicitly installed within the environment.
 

From 12b1a4a0385c910b72bfbc5373252a6f06b24094 Mon Sep 17 00:00:00 2001
From: Naim Ayat <naayat@microsoft.com>
Date: Tue, 12 Apr 2022 00:02:48 -0700
Subject: [PATCH 061/123] Update windows-sandbox-overview.md

---
 .../windows-sandbox/windows-sandbox-overview.md                 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md b/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md
index cc27dd13d3..29b2f22f62 100644
--- a/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md
+++ b/windows/security/threat-protection/windows-sandbox/windows-sandbox-overview.md
@@ -18,7 +18,7 @@ ms.technology: windows-sec
 
 Windows Sandbox provides a lightweight desktop environment to safely run applications in isolation. Software installed inside the Windows Sandbox environment remains "sandboxed" and runs separately from the host machine.
 
-A sandbox is temporary. When it's closed, all the software and files and the state are deleted. You get a brand-new instance of the sandbox every time you open the application. Note, however, that as of [Windows 11 Build 22509](https://blogs.windows.com/windows-insider/2021/12/01/announcing-windows-11-insider-preview-build-22509/), your data will persist through a restart initiated from inside the virtualized environment–useful for installing applications that require the OS to reboot.
+A sandbox is temporary. When it's closed, all the software and files and the state are deleted. You get a brand-new instance of the sandbox every time you open the application. Note, however, that as of [Windows 11 Build 22509](https://blogs.windows.com/windows-insider/2021/12/01/announcing-windows-11-insider-preview-build-22509/), your data will persist through a restart initiated from inside the virtualized environment—useful for installing applications that require the OS to reboot.
 
 Software and applications installed on the host aren't directly available in the sandbox. If you need specific applications available inside the Windows Sandbox environment, they must be explicitly installed within the environment.
 

From 43b78167007a616c21e39afef1fa0dc80e259eed Mon Sep 17 00:00:00 2001
From: Ansemler <45408203+Ansemler@users.noreply.github.com>
Date: Tue, 12 Apr 2022 14:56:41 -0700
Subject: [PATCH 062/123] Update manage connections for new search binary

In Windows 11 the search binary is now searchhost.exe so I have updated the documentation for creating a firewall rule for cortana/search
---
 ...indows-operating-system-components-to-microsoft-services.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 39f281139e..dcda65933f 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -306,6 +306,7 @@ You can also apply the Group Policies using the following registry keys:
 3. On the **Rule Type** page, click **Program**, and then click **Next**.
 
 4. On the **Program** page, click **This program path**, type **%windir%\\systemapps\\Microsoft.Windows.Cortana\_cw5n1h2txyewy\\SearchUI.exe**, and then click **Next**.
+   - On Windows 11 instead type **"%windir%\\SystemApps\\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\\SearchHost.exe"**
 
 5. On the **Action** page, click **Block the connection**, and then click **Next**.
 
@@ -327,6 +328,8 @@ You can also apply the Group Policies using the following registry keys:
 
 - Create a new REG_SZ registry setting named **{0DE40C8E-C126-4A27-9371-A27DAB1039F7}** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\FirewallRules** and set it to a value of **v2.25|Action=Block|Active=TRUE|Dir=Out|Protocol=6|App=%windir%\\SystemApps\\Microsoft.Windows.Cortana_cw5n1h2txyewy\\searchUI.exe|Name=Block outbound Cortana|**
 
+- On Windows 11 instead follow the previous section and use the Group Policy editor
+
 If your organization tests network traffic, do not use a network proxy as Windows Firewall does not block proxy traffic. Instead, use a network traffic analyzer. Based on your needs, there are many network traffic analyzers available at no cost.
 
 

From 3d40b5802897b98e919713282c2757e1b8104abb Mon Sep 17 00:00:00 2001
From: Siddarth Mandalika <v-smandalika@microsoft.com>
Date: Wed, 13 Apr 2022 13:46:34 +0530
Subject: [PATCH 063/123] Acrolinx  enhancement

---
 .../mdm/policy-csp-defender.md                | 54 ++++++++---------
 .../mdm/policy-csp-deliveryoptimization.md    | 34 +++++------
 .../mdm/policy-csp-devicehealthmonitoring.md  | 10 ++--
 .../mdm/policy-csp-deviceinstallation.md      | 60 +++++++++----------
 .../mdm/policy-csp-devicelock.md              | 30 +++++-----
 .../mdm/policy-csp-display.md                 | 26 ++++----
 .../mdm/policy-csp-dmaguard.md                |  8 +--
 .../mdm/policy-csp-education.md               |  4 +-
 .../mdm/policy-csp-errorreporting.md          | 28 ++++-----
 .../mdm/policy-csp-eventlogservice.md         | 18 +++---
 .../mdm/policy-csp-experience.md              | 42 ++++++-------
 .../mdm/policy-csp-handwriting.md             |  6 +-
 12 files changed, 160 insertions(+), 160 deletions(-)

diff --git a/windows/client-management/mdm/policy-csp-defender.md b/windows/client-management/mdm/policy-csp-defender.md
index 4e05320c00..7a37cafe94 100644
--- a/windows/client-management/mdm/policy-csp-defender.md
+++ b/windows/client-management/mdm/policy-csp-defender.md
@@ -610,7 +610,7 @@ The following list shows the supported values:
 > This policy is only enforced in Windows 10 for desktop.
 
 
-Allows or disallows Windows Defender Realtime Monitoring functionality.
+Allows or disallows Windows Defender real-time Monitoring functionality.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -761,7 +761,7 @@ The following list shows the supported values:
 > This policy is only enforced in Windows 10 for desktop.
 
 
-Allows or disallows user access to the Windows Defender UI. If disallowed, all Windows Defender notifications will also be suppressed.
+Allows or disallows user access to the Windows Defender UI. I disallowed, all Windows Defender notifications will also be suppressed.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -863,7 +863,7 @@ ADMX Info:
 > This policy is only enforced in Windows 10 for desktop.
 
 
-This policy setting enables setting the state (Block/Audit/Off) for each Attack surface reduction (ASR) rule. Each ASR rule listed can be set to one of the following states (Block/Audit/Off). The ASR rule ID and state should be added under the Options for this setting. Each entry must be listed as a name value pair. The name defines a valid ASR rule ID, while the value contains the status ID indicating the status of the rule.
+This policy setting enables setting the state (Block/Audit/Off) for each Attack surface reduction (Azure Site Recovery) rule. Each ASR rule listed can be set to one of the following states (Block/Audit/Off). The ASR rule ID and state should be added under the Options for this setting. Each entry must be listed as a name value pair. The name defines a valid ASR rule ID, while the value contains the status ID indicating the status of the rule.
 
 For more information about ASR rule ID and status ID, see [Enable Attack Surface Reduction](/windows/threat-protection/windows-defender-exploit-guard/enable-attack-surface-reduction).
 
@@ -966,11 +966,11 @@ Valid values: 0–100
 <!--Description-->
 This policy setting allows you to manage whether a check for new virus and spyware definitions will occur before running a scan. 
 
-This setting applies to scheduled scans as well as the command line "mpcmdrun -SigUpdate", but it has no effect on scans initiated manually from the user interface.
+This setting applies to scheduled scans and the command line "mpcmdrun -SigUpdate", but it has no effect on scans initiated manually from the user interface.
 
 If you enable this setting, a check for new definitions will occur before running a scan.
 
-If you disable this setting or do not configure this setting, the scan will start using the existing definitions.
+If you disable this setting or don't configure this setting, the scan will start using the existing definitions.
 
 Supported values:
 
@@ -1057,7 +1057,7 @@ The following list shows the supported values:
 
 - 0x0 - Default windows defender blocking level
 - 0x2 - High blocking level - aggressively block unknowns while optimizing client performance (greater chance of false positives)       
-- 0x4 - High+ blocking level – aggressively block unknowns and apply additional protection measures (may impact  client performance)
+- 0x4 - High+ blocking level – aggressively block unknowns and apply more protection measures (may impact  client performance)
 - 0x6 - Zero tolerance blocking level – block all unknown executables
 
 <!--/SupportedValues-->
@@ -1097,7 +1097,7 @@ The following list shows the supported values:
 
 This feature allows Microsoft Defender Antivirus to block a suspicious file for up to 60 seconds, and scan it in the cloud to make sure it's safe. Value type is integer, range is 0 - 50.
 
-The typical cloud check timeout is 10 seconds. To enable the extended cloud check feature, specify the extended time in seconds, up to an additional 50 seconds. 
+The typical cloud check timeout is 10 seconds. To enable the extended cloud check feature, specify the extended time in seconds, up to an extra 50 seconds. 
 
 For example, if the desired timeout is 60 seconds, specify 50 seconds in this setting, which will enable the extended cloud check feature, and will raise the total time to 60 seconds. 
 
@@ -1148,7 +1148,7 @@ ADMX Info:
 > [!NOTE]
 > This policy is only enforced in Windows 10 for desktop. The previous name was GuardedFoldersAllowedApplications and changed to ControlledFolderAccessAllowedApplications.
 
-Added in Windows 10, version 1709. This policy setting allows user-specified applications to the controlled folder access feature. Adding an allowed application means the controlled folder access feature will allow the application to modify or delete content in certain folders such as My Documents. In most cases it will not be necessary to add entries. Microsoft Defender Antivirus will automatically detect and dynamically add applications that are friendly. Value type is string. Use the | as the substring separator.
+Added in Windows 10, version 1709. This policy setting allows user-specified applications to the controlled folder access feature. Adding an allowed application means the controlled folder access feature will allow the application to modify or delete content in certain folders such as My Documents. In most cases it won't be necessary to add entries. Microsoft Defender Antivirus will automatically detect and dynamically add applications that are friendly. Value type is string. Use the | as the substring separator.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -1194,7 +1194,7 @@ ADMX Info:
 > [!NOTE]
 > This policy is only enforced in Windows 10 for desktop. The previous name was GuardedFoldersList and changed to ControlledFolderAccessProtectedFolders.
 
-This policy settings allows adding user-specified folder locations to the controlled folder access feature. These folders will complement the system defined folders such as My Documents and My Pictures. The list of system folders will be displayed in the user interface and can not be changed. Value type is string. Use the | as the substring separator.
+This policy setting allows adding user-specified folder locations to the controlled folder access feature. These folders will complement the system defined folders such as My Documents and My Pictures. The list of system folders will be displayed in the user interface and can't be changed. Value type is string. Use the | as the substring separator.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -1244,7 +1244,7 @@ ADMX Info:
 Time period (in days) that quarantine items will be stored on the system.
 
 
-The default value is 0, which keeps items in quarantine, and does not automatically remove them.
+The default value is 0, which keeps items in quarantine, and doesn't automatically remove them.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -1293,9 +1293,9 @@ Valid values: 0–90
 <!--Description-->
 This policy setting allows you to configure catch-up scans for scheduled full scans. A catch-up scan is a scan that is initiated because a regularly scheduled scan was missed.  Usually these scheduled scans are missed because the computer was turned off at the scheduled time. 
 
-If you enable this setting, catch-up scans for scheduled full scans will be turned on. If a computer is offline for two consecutive scheduled scans, a catch-up scan is started the next time someone logs on to the computer.  If there is no scheduled scan configured, there will be no catch-up scan run. 
+If you enable this setting, catch-up scans for scheduled full scans will be turned on. If a computer is offline for two consecutive scheduled scans, a catch-up scan is started the next time someone signs in to the computer.  If there's no scheduled scan configured, there will be no catch-up scan run. 
 
-If you disable or do not configure this setting, catch-up scans for scheduled full scans will be turned off.
+If you disable or don't configure this setting, catch-up scans for scheduled full scans will be turned off.
 
 Supported values:
 
@@ -1356,9 +1356,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to configure catch-up scans for scheduled quick scans. A catch-up scan is a scan that is initiated because a regularly scheduled scan was missed. Usually these scheduled scans are missed because the computer was turned off at the scheduled time. 
 
-If you enable this setting, catch-up scans for scheduled quick scans will be turned on. If a computer is offline for two consecutive scheduled scans, a catch-up scan is started the next time someone logs on to the computer. If there is no scheduled scan configured, there will be no catch-up scan run.
+If you enable this setting, catch-up scans for scheduled quick scans will be turned on. If a computer is offline for two consecutive scheduled scans, a catch-up scan is started the next time someone signs in to the computer. If there's no scheduled scan configured, there will be no catch-up scan run.
 
-If you disable or do not configure this setting, catch-up scans for scheduled quick scans will be turned off.
+If you disable or don't configure this setting, catch-up scans for scheduled quick scans will be turned off.
 
 Supported values:
 
@@ -1475,7 +1475,7 @@ This policy setting allows you to enable or disable low CPU priority for schedul
 
 If you enable this setting, low CPU priority will be used during scheduled scans.
 
-If you disable or do not configure this setting, not changes will be made to CPU priority for scheduled scans.
+If you disable or don't configure this setting, not changes will be made to CPU priority for scheduled scans.
 
 Supported values:
 
@@ -1535,13 +1535,13 @@ ADMX Info:
 > [!NOTE]
 > This policy is only enforced in Windows 10 for desktop.
 
-This policy allows you to turn network protection on (block/audit) or off. Network protection protects employees using any app from accessing phishing scams, exploit-hosting sites, and malicious content on the Internet. This includes preventing third-party browsers from connecting to dangerous sites. Value type is integer.
+This policy allows you to turn on network protection (block/audit) or off. Network protection protects employees using any app from accessing phishing scams, exploit-hosting sites, and malicious content on the Internet. This protection includes preventing third-party browsers from connecting to dangerous sites. Value type is integer.
 
 If you enable this setting, network protection is turned on and employees can't turn it off. Its behavior can be controlled by the following options: Block and Audit.
-If you enable this policy with the ""Block"" option, users/apps will be blocked from connecting to dangerous domains. You will be able to see this activity in Windows Defender Security Center.
-If you enable this policy with the ""Audit"" option, users/apps will not be blocked from connecting to dangerous domains. However, you will still see this activity in Windows Defender Security Center.
-If you disable this policy, users/apps will not be blocked from connecting to dangerous domains. You will not see any network activity in Windows Defender Security Center.
-If you do not configure this policy, network blocking will be disabled by default.
+If you enable this policy with the ""Block"" option, users/apps will be blocked from connecting to dangerous domains. You'll be able to see this activity in Windows Defender Security Center.
+If you enable this policy with the ""Audit"" option, users/apps won't be blocked from connecting to dangerous domains. However, you'll still see this activity in Windows Defender Security Center.
+If you disable this policy, users/apps won't be blocked from connecting to dangerous domains. You'll not see any network activity in Windows Defender Security Center.
+If you don't configure this policy, network blocking will be disabled by default.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -1761,8 +1761,8 @@ ADMX Info:
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 (default) – PUA Protection off. Windows Defender will not protect against potentially unwanted applications.
--   1 – PUA Protection on. Detected items are blocked. They will show in history along with other threats.
+-   0 (default) – PUA Protection off. Windows Defender won't protect against potentially unwanted applications.
+-   1 – PUA Protection on. Detected items are blocked. They'll show in history along with other threats.
 -   2 – Audit mode. Windows Defender will detect potentially unwanted applications, but take no action. You can review information about the applications Windows Defender would have taken action against by searching for events created by Windows Defender in the Event Viewer.
 
 <!--/SupportedValues-->
@@ -2095,7 +2095,7 @@ Valid values: 0–1380.
 <!--Description-->
 This policy setting allows you to define the security intelligence location for VDI-configured computers. 
 
-​If you disable or do not configure this setting, security intelligence will be referred from the default local source.
+​If you disable or don't configure this setting, security intelligence will be referred from the default local source.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -2155,9 +2155,9 @@ Possible values are:
 
 For example: InternalDefinitionUpdateServer | MicrosoftUpdateServer | MMPC 
 
-If you enable this setting, definition update sources will be contacted in the order specified. Once definition updates have been successfully downloaded from one specified source, the remaining sources in the list will not be contacted.
+If you enable this setting, definition update sources will be contacted in the order specified. Once definition updates have been successfully downloaded from one specified source, the remaining sources in the list won't be contacted.
 
-If you disable or do not configure this setting, definition update sources will be contacted in a default order.
+If you disable or don't configure this setting, definition update sources will be contacted in a default order.
 
 OMA-URI Path: ./Vendor/MSFT/Policy/Config/Defender/SignatureUpdateFallbackOrder
 
@@ -2217,9 +2217,9 @@ For example: \\unc1\Signatures | \\unc2\Signatures
 
 The list is empty by default.
 
-If you enable this setting, the specified sources will be contacted for definition updates. Once definition updates have been successfully downloaded from one specified source, the remaining sources in the list will not be contacted.
+If you enable this setting, the specified sources will be contacted for definition updates. Once definition updates have been successfully downloaded from one specified source, the remaining sources in the list won't be contacted.
 
-If you disable or do not configure this setting, the list will remain empty by default and no sources will be contacted.
+If you disable or don't configure this setting, the list will remain empty by default and no sources will be contacted.
 
 OMA-URI Path: ./Vendor/MSFT/Policy/Config/Defender/SignatureUpdateFileSharesSources
 
diff --git a/windows/client-management/mdm/policy-csp-deliveryoptimization.md b/windows/client-management/mdm/policy-csp-deliveryoptimization.md
index 43ad826d3d..ba4c441b84 100644
--- a/windows/client-management/mdm/policy-csp-deliveryoptimization.md
+++ b/windows/client-management/mdm/policy-csp-deliveryoptimization.md
@@ -204,7 +204,7 @@ ADMX Info:
 > This policy is only enforced in Windows 10 Pro, Enterprise, and Education editions.
 
 
-Specifies whether the device is allowed to participate in Peer Caching while connected via VPN to the domain network. This means the device can download from or upload to other domain network devices, either on VPN or on the corporate domain network.
+Specifies whether the device is allowed to participate in Peer Caching while connected via VPN to the domain network. This policy means the device can download from or upload to other domain network devices, either on VPN or on the corporate domain network.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -310,7 +310,7 @@ ADMX Info:
 <!--/Scope-->
 <!--Description-->
 
-This policy allows you to configure one or more Delivery Optimization in Network Cache servers through a custom DHCP Option. One or more values can be added as either fully qualified domain names (FQDN) or IP addresses.  To add multiple values, separate each FQDN or IP address by commas.
+This policy allows you to configure one or more Delivery Optimizations in Network Cache servers through a custom DHCP Option. One or more values can be added as either fully qualified domain names (FQDN) or IP addresses.  To add multiple values, separate each FQDN or IP address by commas.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -374,7 +374,7 @@ When DHCP Option ID Force (2) is set, the client will query DHCP Option ID 235 a
 <!--Description-->
 This policy allows you to delay the use of an HTTP source in a background download that is allowed to use peer-to-peer.
 
-After the max delay is reached, the download will resume using HTTP, either downloading the entire payload or complementing the bytes that could not be downloaded from peers. Note that a download that is waiting for peer sources, will appear to be stuck for the end user. The recommended value is 1 hour (3600).
+After the max delay is reached, the download will resume using HTTP, either downloading the entire payload or complementing the bytes that couldn't be downloaded from peers. A download that is waiting for peer sources will appear to be stuck for the end user. The recommended value is 1 hour (3600).
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -529,9 +529,9 @@ Supported values: 0 - one month (in seconds)
 <!--Description-->
 This policy allows you to delay the use of an HTTP source in a foreground (interactive) download that is allowed to use peer-to-peer.
 
-After the max delay has reached, the download will resume using HTTP, either downloading the entire payload or complementing the bytes that could not be downloaded from Peers.
+After the max delay has reached, the download will resume using HTTP, either downloading the entire payload or complementing the bytes that couldn't be downloaded from Peers.
 
-Note that a download that is waiting for peer sources, will appear to be stuck for the end user.
+A download that is waiting for peer sources, will appear to be stuck for the end user.
 
 The recommended value is 1 minute (60).
 
@@ -550,7 +550,7 @@ The following list shows the supported values as number of seconds:
 
 -   0 to 86400 (1 day)
 -   0 - managed by the cloud service
--   Default is not configured.
+-   Default isn't configured.
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -607,8 +607,8 @@ The following list shows the supported values:
 -   1 (default) – HTTP blended with peering behind the same NAT.
 -   2 – HTTP blended with peering across a private group. Peering occurs on devices in the same Active Directory Site (if it exists) or the same domain by default. When this option is selected, peering will cross NATs. To create a custom group use Group ID in combination with Mode 2.
 -   3 – HTTP blended with Internet peering.
--   99 - Simple download mode with no peering. Delivery Optimization downloads using HTTP only and does not attempt to contact the Delivery Optimization cloud services. Added in Windows 10, version 1607.
--   100 - Bypass mode. Do not use Delivery Optimization and use BITS instead. Added in Windows 10, version 1607. Note that this value is deprecated and will be removed in a future release.
+-   99 - Simple download mode with no peering. Delivery Optimization downloads using HTTP only and doesn't attempt to contact the Delivery Optimization cloud services. Added in Windows 10, version 1607.
+-   100 - Bypass mode. Don't use Delivery Optimization and use BITS instead. Added in Windows 10, version 1607. This value is deprecated and will be removed in a future release.
 <!--/SupportedValues-->
 <!--/Policy-->
 
@@ -645,7 +645,7 @@ The following list shows the supported values:
 > This policy is only enforced in Windows 10 Pro, Enterprise, and Education editions.
 
 
-This Policy specifies an arbitrary group ID that the device belongs to. Use this if you need to create a single group for Local Network Peering for branches that are on different domains or are not on the same LAN. Note that this is a best effort optimization and should not be relied on for an authentication of identity.
+This policy specifies an arbitrary group ID that the device belongs to. Use this ID if you need to create a single group for Local Network Peering for branches that are on different domains or aren't on the same LAN. This approach is a best effort optimization and shouldn't be relied on for an authentication of identity.
 
 > [!NOTE]
 > You must use a GUID as the group ID.
@@ -701,7 +701,7 @@ The options set in this policy only apply to Group (2) download mode. If Group (
 
 For option 3 - DHCP Option ID, the client will query DHCP Option ID 234 and use the returned GUID value as the Group ID.
 
-Starting with Windows 10, version 1903, you can use the Azure Active Directory (Azure AD) Tenant ID as a means to define groups. To do this, set the value of DOGroupIdSource to 5.
+Starting with Windows 10, version 1903, you can use the Azure Active Directory (Azure AD) Tenant ID as a means to define groups. To do this task, set the value of DOGroupIdSource to 5.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -802,7 +802,7 @@ ADMX Info:
 > This policy is only enforced in Windows 10 Pro, Enterprise, and Education editions.
 
 
-Specifies the maximum time in seconds that each file is held in the Delivery Optimization cache after downloading successfully. The value 0 (zero) means "unlimited"; Delivery Optimization will hold the files in the cache longer and make the files available for uploads to other devices, as long as the cache size has not exceeded. The value 0 is new in Windows 10, version 1607.
+Specifies the maximum time in seconds that each file is held in the Delivery Optimization cache after downloading successfully. The value 0 (zero) means "unlimited"; Delivery Optimization will hold the files in the cache longer and make the files available for uploads to other devices, as long as the cache size hasn't exceeded. The value 0 is new in Windows 10, version 1607.
 
 The default value is 259200 seconds (3 days).
 
@@ -947,7 +947,7 @@ ADMX Info:
 <!--/Scope-->
 <!--Description-->
 
-This policy is deprecated because it only applies to uploads to Internet peers (only allowed when DownloadMode is set to 3) which is not used in commercial deployments. There is no alternate policy to use.
+This policy is deprecated because it only applies to uploads to Internet peers (only allowed when DownloadMode is set to 3) which isn't used in commercial deployments. There's no alternate policy to use.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -1332,7 +1332,7 @@ ADMX Info:
 <!--Description-->
 Specifies the maximum background download bandwidth that Delivery Optimization uses across all concurrent download activities as a percentage of available download bandwidth. The default value 0 (zero) means that Delivery Optimization dynamically adjusts to use the available bandwidth for background downloads.
 
-Note that downloads from LAN peers will not be throttled even when this policy is set.
+Downloads from LAN peers won't be throttled even when this policy is set.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -1390,12 +1390,12 @@ This policy is deprecated. Use [DOPercentageMaxForegroundBandwidth](#deliveryopt
 <!--Description-->
 Specifies the maximum foreground download bandwidth that Delivery Optimization uses across all concurrent download activities as a percentage of available download bandwidth. The default value 0 (zero) means that Delivery Optimization dynamically adjusts to use the available bandwidth for foreground downloads.
 
-Note that downloads from LAN peers will not be throttled even when this policy is set.
+Downloads from LAN peers won't be throttled even when this policy is set.
 
 <!--/Description-->
 <!--ADMXMapped-->
 ADMX Info:  
--   GP Friendly namee: *Maximum Foreground Download Bandwidth (percentage)*
+-   GP Friendly name: *Maximum Foreground Download Bandwidth (percentage)*
 -   GP name: *PercentageMaxForegroundBandwidth*
 -   GP element: *PercentageMaxForegroundBandwidth*
 -   GP path: *Windows Components/Delivery Optimization*
@@ -1499,7 +1499,7 @@ ADMX Info:
 
 <!--/ADMXBacked-->
 <!--SupportedValues-->
-This policy allows an IT Admin to define the following:
+This policy allows an IT Admin to define the following details:
 
 -  Business hours range (for example 06:00 to 18:00)
 -  % of throttle for background traffic during business hours
@@ -1551,7 +1551,7 @@ ADMX Info:
 
 <!--/ADMXBacked-->
 <!--SupportedValues-->
-This policy allows an IT Admin to define the following:
+This policy allows an IT Admin to define the following details:
 
 -  Business hours range (for example 06:00 to 18:00)
 -  % of throttle for foreground traffic during business hours
diff --git a/windows/client-management/mdm/policy-csp-devicehealthmonitoring.md b/windows/client-management/mdm/policy-csp-devicehealthmonitoring.md
index 94bb5c7ab0..7a2f5f914a 100644
--- a/windows/client-management/mdm/policy-csp-devicehealthmonitoring.md
+++ b/windows/client-management/mdm/policy-csp-devicehealthmonitoring.md
@@ -63,14 +63,14 @@ manager: dansimp
 
 <!--/Scope-->
 <!--Description-->
-DeviceHealthMonitoring is an opt-in health monitoring connection between the device and Microsoft. You should enable this policy only if your organization is using a Microsoft device monitoring service which requires it.
+DeviceHealthMonitoring is an opt-in health monitoring connection between the device and Microsoft. You should enable this policy only if your organization is using a Microsoft device monitoring service that requires it.
 
 <!--/Description-->
 <!--SupportedValues-->
 The following list shows the supported values:  
 
-- 1 — The DeviceHealthMonitoring connection is enabled.
-- 0 (default) — The DeviceHealthMonitoring connection is disabled.
+- 1—The DeviceHealthMonitoring connection is enabled.
+- 0 (default)—The DeviceHealthMonitoring connection is disabled.
 
 <!--/SupportedValues-->
 <!--Example-->
@@ -112,7 +112,7 @@ The following list shows the supported values:
 <!--Description-->
 This policy is applicable only if the [AllowDeviceHealthMonitoring](#devicehealthmonitoring-allowdevicehealthmonitoring) policy has been set to 1 (Enabled) on the device. 
 This policy modifies which health events are sent to Microsoft on the DeviceHealthMonitoring connection.
-IT Pros do not need to set this policy. Instead, Microsoft Intune is expected to dynamically manage this value in coordination with the Microsoft device health monitoring service.
+IT Pros don't need to set this policy. Instead, Microsoft Intune is expected to dynamically manage this value in coordination with the Microsoft device health monitoring service.
 
 
 <!--/Description-->
@@ -158,7 +158,7 @@ IT Pros do not need to set this policy. Instead, Microsoft Intune is expected to
 <!--Description-->
 This policy is applicable only if the [AllowDeviceHealthMonitoring](#devicehealthmonitoring-allowdevicehealthmonitoring) policy has been set to 1 (Enabled) on the device. 
 The value of this policy constrains the DeviceHealthMonitoring connection to certain destinations in order to support regional and sovereign cloud scenarios.
-In most cases, an IT Pro does not need to define this policy. Instead, it is expected that this value is dynamically managed by Microsoft Intune to align with the region or cloud to which the device's tenant is already linked. Only configure this policy manually if explicitly instructed to do so by a Microsoft device monitoring service.
+In most cases, an IT Pro doesn't need to define this policy. Instead, it's expected that this value is dynamically managed by Microsoft Intune to align with the region or cloud to which the device's tenant is already linked. Only configure this policy manually if explicitly instructed to do so by a Microsoft device monitoring service.
 
 
 <!--/Description-->
diff --git a/windows/client-management/mdm/policy-csp-deviceinstallation.md b/windows/client-management/mdm/policy-csp-deviceinstallation.md
index 5f1a7bd17d..0cc81579bc 100644
--- a/windows/client-management/mdm/policy-csp-deviceinstallation.md
+++ b/windows/client-management/mdm/policy-csp-deviceinstallation.md
@@ -96,15 +96,15 @@ When this policy setting is enabled together with the "Apply layered order of ev
 - Prevent installation of devices that match these device IDs
 - Prevent installation of devices that match any of these device instance IDs
 
-If the "Apply layered order of evaluation for Allow and Prevent device installation policies across all device match criteria" policy setting is not enabled with this policy setting, then any other policy settings specifically preventing installation will take precedence.
+If the "Apply layered order of evaluation for Allow and Prevent device installation policies across all device match criteria" policy setting isn't enabled with this policy setting, then any other policy settings specifically preventing installation will take precedence.
 > [!NOTE]
-> The "Prevent installation of devices not described by other policy settings" policy setting has been replaced by the "Apply layered order of evaluation for Allow and Prevent device installation policies across all device match criteria" policy setting for supported target Windows 10 versions. It is recommended that you use the "Apply layered order of evaluation for Allow and Prevent device installation policies across all device match criteria" policy setting when possible.
+> The "Prevent installation of devices not described by other policy settings" policy setting has been replaced by the "Apply layered order of evaluation for Allow and Prevent device installation policies across all device match criteria" policy setting for supported target Windows 10 versions. It's recommended that you use the "Apply layered order of evaluation for Allow and Prevent device installation policies across all device match criteria" policy setting when possible.
 
 Alternatively, if this policy setting is enabled together with the "Prevent installation of devices not described by other policy settings" policy setting, Windows is allowed to install or update driver packages whose device setup class GUIDs appear in the list you create, unless another policy setting specifically prevents installation (for example, the "Prevent installation of devices that match these device IDs" policy setting, the "Prevent installation of devices for these device classes" policy setting, the "Prevent installation of devices that match any of these device instance IDs" policy setting, or the "Prevent installation of removable devices" policy setting).
 
 If you enable this policy setting on a remote desktop server, the policy setting affects redirection of the specified devices from a remote desktop client to the remote desktop server.
 
-If you disable or do not configure this policy setting, and no other policy setting describes the device, the "Prevent installation of devices not described by other policy settings" policy setting determines whether the device can be installed.
+If you disable or don't configure this policy setting, and no other policy setting describes the device, the "Prevent installation of devices not described by other policy settings" policy setting determines whether the device can be installed.
 
 Peripherals can be specified by their [hardware identity](/windows-hardware/drivers/install/device-identification-strings). For a list of common identifier structures, see [Device Identifier Formats](/windows-hardware/drivers/install/device-identifier-formats). Test the configuration prior to rolling it out to ensure it allows the devices expected. Ideally test various instances of the hardware. For example, test multiple USB keys rather than only one.
 
@@ -146,7 +146,7 @@ To enable this policy, use the following SyncML. This example allows Windows to
 </SyncML>
 ```
 
-To verify that the policy is applied, check C:\windows\INF\setupapi.dev.log and see if the following is listed near the end of the log:
+To verify that the policy is applied, check C:\windows\INF\setupapi.dev.log and see if the following details are listed near the end of the log:
 
 ```txt
 >>>  [Device Installation Restrictions Policy Check]
@@ -197,16 +197,16 @@ This policy setting allows you to specify a list of Plug and Play device instanc
 When this policy setting is enabled together with the "Apply layered order of evaluation for Allow and Prevent device installation policies across all device match criteria" policy setting, Windows is allowed to install or update any device whose Plug and Play device instance ID appears in the list you create, unless another policy setting at the same or higher layer in the hierarchy specifically prevents that installation, such as the following policy settings:
 - Prevent installation of devices that match any of these device instance IDs
  
-If the "Apply layered order of evaluation for Allow and Prevent device installation policies across all device match criteria" policy setting is not enabled with this policy setting, then any other policy settings specifically preventing installation will take precedence.
+If the "Apply layered order of evaluation for Allow and Prevent device installation policies across all device match criteria" policy setting isn't enabled with this policy setting, then any other policy settings specifically preventing installation will take precedence.
 
 > [!NOTE]
-> The "Prevent installation of devices not described by other policy settings" policy setting has been replaced by the "Apply layered order of evaluation for Allow and Prevent device installation policies across all device match criteria" policy setting for supported target Windows 10 versions. It is recommended that you use the "Apply layered order of evaluation for Allow and Prevent device installation policies across all device match criteria" policy setting when possible.
+> The "Prevent installation of devices not described by other policy settings" policy setting has been replaced by the "Apply layered order of evaluation for Allow and Prevent device installation policies across all device match criteria" policy setting for supported target Windows 10 versions. It's recommended that you use the "Apply layered order of evaluation for Allow and Prevent device installation policies across all device match criteria" policy setting when possible.
 
 Alternatively, if this policy setting is enabled together with the "Prevent installation of devices not described by other policy settings" policy setting, Windows is allowed to install or update any device whose Plug and Play device instance ID appears in the list you create, unless another policy setting specifically prevents that installation (for example, the "Prevent installation of devices that match any of these device IDs" policy setting, the "Prevent installation of devices for these device classes" policy setting, the "Prevent installation of devices that match any of these device instance IDs" policy setting, or the "Prevent installation of removable devices" policy setting).
 
 If you enable this policy setting on a remote desktop server, the policy setting affects redirection of the specified devices from a remote desktop client to the remote desktop server.
 
-If you disable or do not configure this policy setting, and no other policy setting describes the device, the "Prevent installation of devices not described by other policy settings" policy setting determines whether the device can be installed.
+If you disable or don't configure this policy setting, and no other policy setting describes the device, the "Prevent installation of devices not described by other policy settings" policy setting determines whether the device can be installed.
 
 
 Peripherals can be specified by their [device instance ID](/windows-hardware/drivers/install/device-instance-ids). Test the configuration prior to rolling it out to ensure it allows the devices expected. Ideally test various instances of the hardware. For example, test multiple USB keys rather than only one.
@@ -246,7 +246,7 @@ To enable this policy, use the following SyncML.
     </SyncBody>
 </SyncML>
 ```
-To verify the policy is applied, check C:\windows\INF\setupapi.dev.log and see if the following is listed near the end of the log:
+To verify the policy is applied, check C:\windows\INF\setupapi.dev.log and see if the following details are listed near the end of the log:
 ``` txt
 >>>  [Device Installation Restrictions Policy Check]
 >>>  Section start 2018/11/15 12:26:41.659
@@ -299,16 +299,16 @@ When this policy setting is enabled together with the "Apply layered order of ev
 - Prevent installation of devices that match these device IDs
 - Prevent installation of devices that match any of these device instance IDs
 
-If the "Apply layered order of evaluation for Allow and Prevent device installation policies across all device match criteria" policy setting is not enabled with this policy setting, then any other policy settings specifically preventing installation will take precedence.
+If the "Apply layered order of evaluation for Allow and Prevent device installation policies across all device match criteria" policy setting isn't enabled with this policy setting, then any other policy settings specifically preventing installation will take precedence.
 
 > [!NOTE]
-> The "Prevent installation of devices not described by other policy settings" policy setting has been replaced by the "Apply layered order of evaluation for Allow and Prevent device installation policies across all device match criteria" policy setting for supported target Windows 10 versions. It is recommended that you use the "Apply layered order of evaluation for Allow and Prevent device installation policies across all device match criteria" policy setting when possible.
+> The "Prevent installation of devices not described by other policy settings" policy setting has been replaced by the "Apply layered order of evaluation for Allow and Prevent device installation policies across all device match criteria" policy setting for supported target Windows 10 versions. It's recommended that you use the "Apply layered order of evaluation for Allow and Prevent device installation policies across all device match criteria" policy setting when possible.
 
 Alternatively, if this policy setting is enabled together with the "Prevent installation of devices not described by other policy settings" policy setting, Windows is allowed to install or update driver packages whose device setup class GUIDs appear in the list you create, unless another policy setting specifically prevents installation (for example, the "Prevent installation of devices that match these device IDs" policy setting, the "Prevent installation of devices for these device classes" policy setting, the "Prevent installation of devices that match any of these device instance IDs" policy setting, or the "Prevent installation of removable devices" policy setting).
 
 If you enable this policy setting on a remote desktop server, the policy setting affects redirection of the specified devices from a remote desktop client to the remote desktop server.
 
-If you disable or do not configure this policy setting, and no other policy setting describes the device, the "Prevent installation of devices not described by other policy settings" policy setting determines whether the device can be installed.
+If you disable or don't configure this policy setting, and no other policy setting describes the device, the "Prevent installation of devices not described by other policy settings" policy setting determines whether the device can be installed.
 
 Peripherals can be specified by their [hardware identity](/windows-hardware/drivers/install/device-identification-strings). For a list of common identifier structures, see [Device Identifier Formats](/windows-hardware/drivers/install/device-identifier-formats). Test the configuration prior to rolling it out to ensure it allows the devices expected. Ideally test various instances of the hardware. For example, test multiple USB keys rather than only one.
 
@@ -355,7 +355,7 @@ Enclose the class GUID within curly brackets {}. To configure multiple classes,
 </SyncML>
 ```
 
-To verify that the policy is applied, check C:\windows\INF\setupapi.dev.log and see if the following is listed near the end of the log:
+To verify that the policy is applied, check C:\windows\INF\setupapi.dev.log and see if the following details are listed near the end of the log:
 
 
 ```txt
@@ -421,7 +421,7 @@ Device instance IDs > Device IDs > Device setup class > Removable devices
 > [!NOTE]
 > This policy setting provides more granular control than the "Prevent installation of devices not described by other policy settings" policy setting. If these conflicting policy settings are enabled at the same time, the "Apply layered order of evaluation for Allow and Prevent device installation policies across all device match criteria" policy setting will be enabled and the other policy setting will be ignored.
 
-If you disable or do not configure this policy setting, the default evaluation is used. By default, all "Prevent installation..." policy settings have precedence over any other policy setting that allows Windows to install a device.
+If you disable or don't configure this policy setting, the default evaluation is used. By default, all "Prevent installation..." policy settings have precedence over any other policy setting that allows Windows to install a device.
 
 <!--/Description-->
 
@@ -457,7 +457,7 @@ ADMX Info:
 </SyncML>
 ```
 
-To verify that the policy is applied, check C:\windows\INF\setupapi.dev.log and see if the following is listed near the end of the log:
+To verify that the policy is applied, check C:\windows\INF\setupapi.dev.log and see if the following details are listed near the end of the log:
 
 
 ```txt
@@ -468,7 +468,7 @@ To verify that the policy is applied, check C:\windows\INF\setupapi.dev.log and
 ```
 You can also change the evaluation order of device installation policy settings by using a custom profile in Intune.
 
-:::image type="content" source="images/edit-row.png" alt-text="This is a edit row image.":::
+:::image type="content" source="images/edit-row.png" alt-text="This image is an edit row image.":::
 
 <!--/Example-->
 <!--Validation-->
@@ -506,9 +506,9 @@ You can also change the evaluation order of device installation policy settings
 <!--Description-->
 This policy setting allows you to prevent Windows from retrieving device metadata from the Internet.
 
-If you enable this policy setting, Windows does not retrieve device metadata for installed devices from the Internet. This policy setting overrides the setting in the Device Installation Settings dialog box (Control Panel > System and Security > System > Advanced System Settings > Hardware tab).
+If you enable this policy setting, Windows doesn't retrieve device metadata for installed devices from the Internet. This policy setting overrides the setting in the Device Installation Settings dialog box (Control Panel > System and Security > System > Advanced System Settings > Hardware tab).
 
-If you disable or do not configure this policy setting, the setting in the Device Installation Settings dialog box controls whether Windows retrieves device metadata from the Internet.
+If you disable or don't configure this policy setting, the setting in the Device Installation Settings dialog box controls whether Windows retrieves device metadata from the Internet.
 
 <!--/Description-->
 
@@ -561,14 +561,14 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to prevent the installation of devices that are not specifically described by any other policy setting.
+This policy setting allows you to prevent the installation of devices that aren't  described by any other policy setting.
 
 > [!NOTE]
-> This policy setting has been replaced by the "Apply layered order of evaluation for Allow and Prevent device installation policies across all device match criteria" policy setting to provide more granular control. It is recommended that you use the "Apply layered order of evaluation for Allow and Prevent device installation policies across all device match criteria" policy setting instead of this policy setting.
+> This policy setting has been replaced by the "Apply layered order of evaluation for Allow and Prevent device installation policies across all device match criteria" policy setting to provide more granular control. It's recommended that you use the "Apply layered order of evaluation for Allow and Prevent device installation policies across all device match criteria" policy setting instead of this policy setting.
 
-If you enable this policy setting, Windows is prevented from installing or updating the driver package for any device that is not described by either the "Allow installation of devices that match any of these device IDs", the "Allow installation of devices for these device classes", or the "Allow installation of devices that match any of these device instance IDs" policy setting.
+If you enable this policy setting, Windows is prevented from installing or updating the driver package for any device that isn't described by either the "Allow installation of devices that match any of these device IDs", the "Allow installation of devices for these device classes", or the "Allow installation of devices that match any of these device instance IDs" policy setting.
 
-If you disable or do not configure this policy setting, Windows is allowed to install or update the driver package for any device that is not described by the "Prevent installation of devices that match any of these device IDs", "Prevent installation of devices for these device classes" policy setting, "Prevent installation of devices that match any of these device instance IDs", or "Prevent installation of removable devices" policy setting.
+If you disable or don't configure this policy setting, Windows is allowed to install or update the driver package for any device that isn't described by the "Prevent installation of devices that match any of these device IDs", "Prevent installation of devices for these device classes" policy setting, "Prevent installation of devices that match any of these device instance IDs", or "Prevent installation of removable devices" policy setting.
 
 <!--/Description-->
 
@@ -585,7 +585,7 @@ ADMX Info:
 
 <!--/SupportedValues-->
 <!--Example-->
-To enable this policy, use the following SyncML. This example prevents Windows from installing devices that are not specifically described by any other policy setting. 
+To enable this policy, use the following SyncML. This example prevents Windows from installing devices that aren't described by any other policy setting. 
 
 
 ```xml
@@ -607,7 +607,7 @@ To enable this policy, use the following SyncML. This example prevents Windows f
 </SyncML>
 ```
 
-To verify the policy is applied, check C:\windows\INF\setupapi.dev.log and see if the following is listed near the end of the log:
+To verify the policy is applied, check C:\windows\INF\setupapi.dev.log and see if the following details are listed near the end of the log:
 
 ```txt
 >>>  [Device Installation Restrictions Policy Check]
@@ -661,7 +661,7 @@ This policy setting allows you to specify a list of Plug and Play hardware IDs a
 
 If you enable this policy setting, Windows is prevented from installing a device whose hardware ID or compatible ID appears in the list you create. If you enable this policy setting on a remote desktop server, the policy setting affects redirection of the specified devices from a remote desktop client to the remote desktop server.
 
-If you disable or do not configure this policy setting, devices can be installed and updated as allowed or prevented by other policy settings.
+If you disable or don't configure this policy setting, devices can be installed and updated as allowed or prevented by other policy settings.
 
 Peripherals can be specified by their [hardware identity](/windows-hardware/drivers/install/device-identification-strings). For a list of common identifier structures, see [Device Identifier Formats](/windows-hardware/drivers/install/device-identifier-formats). Test the configuration prior to rolling it out to ensure it blocks the devices expected. Ideally test various instances of the hardware. For example, test multiple USB keys rather than only one.
 
@@ -703,7 +703,7 @@ To enable this policy, use the following SyncML. This example prevents Windows f
 </SyncML>
 ```
 
-To verify the policy is applied, check C:\windows\INF\setupapi.dev.log and see if the following is listed near the end of the log:
+To verify the policy is applied, check C:\windows\INF\setupapi.dev.log and see if the following details are listed near the end of the log:
 
 ```txt
 >>>  [Device Installation Restrictions Policy Check]
@@ -756,7 +756,7 @@ This policy setting allows you to specify a list of Plug and Play device instanc
 
 If you enable this policy setting, Windows is prevented from installing a device whose device instance ID appears in the list you create. If you enable this policy setting on a remote desktop server, the policy setting affects redirection of the specified devices from a remote desktop client to the remote desktop server.
 
-If you disable or do not configure this policy setting, devices can be installed and updated as allowed or prevented by other policy settings.
+If you disable or don't configure this policy setting, devices can be installed and updated as allowed or prevented by other policy settings.
 
 Peripherals can be specified by their [device instance ID](/windows-hardware/drivers/install/device-instance-ids). Test the configuration prior to rolling it out to ensure it allows the devices expected. Ideally test various instances of the hardware. For example, test multiple USB keys rather than only one.
 
@@ -795,7 +795,7 @@ To enable this policy, use the following SyncML. This example prevents Windows f
     </SyncBody>
 </SyncML>
 ```
-To verify the policy is applied, check C:\windows\INF\setupapi.dev.log and see if the following is listed near the end of the log:  
+To verify the policy is applied, check C:\windows\INF\setupapi.dev.log and see if the following details are listed near the end of the log:  
 
 ``` txt
 >>>  [Device Installation Restrictions Policy Check]
@@ -819,7 +819,7 @@ Replace
 with  
 ```USBSTOR\DISK&amp;VEN_SAMSUNG&amp;PROD_FLASH_DRIVE&amp;REV_1100\0376319020002347&amp;0```
     > [!Note]
-    > Do not use spaces in the value.
+    > don't use spaces in the value.
 3. Replace the device instance IDs with `&amp;` into the sample SyncML. Add the SyncML into the Intune custom device configuration profile.
 
 <!--/Example-->
@@ -864,7 +864,7 @@ This policy setting allows you to specify a list of device setup class globally
 
 If you enable this policy setting, Windows is prevented from installing or updating driver packages whose device setup class GUIDs appear in the list you create. If you enable this policy setting on a remote desktop server, the policy setting affects redirection of the specified devices from a remote desktop client to the remote desktop server.
 
-If you disable or do not configure this policy setting, Windows can install and update devices as allowed or prevented by other policy settings.
+If you disable or don't configure this policy setting, Windows can install and update devices as allowed or prevented by other policy settings.
 
 Peripherals can be specified by their [hardware identity](/windows-hardware/drivers/install/device-identification-strings). For a list of common identifier structures, see [Device Identifier Formats](/windows-hardware/drivers/install/device-identifier-formats). Test the configuration prior to rolling it out to ensure it blocks the devices expected. Ideally test various instances of the hardware. For example, test multiple USB keys rather than only one.
 
@@ -911,7 +911,7 @@ Enclose the class GUID within curly brackets {}. To configure multiple classes,
 </SyncML>
 ```
 
-To verify the policy is applied, check C:\windows\INF\setupapi.dev.log and see if the following is listed near the end of the log:
+To verify the policy is applied, check C:\windows\INF\setupapi.dev.log and see if the following details are listed near the end of the log:
 
 ```txt
 >>>  [Device Installation Restrictions Policy Check]
diff --git a/windows/client-management/mdm/policy-csp-devicelock.md b/windows/client-management/mdm/policy-csp-devicelock.md
index 2168317903..750efe50ed 100644
--- a/windows/client-management/mdm/policy-csp-devicelock.md
+++ b/windows/client-management/mdm/policy-csp-devicelock.md
@@ -152,7 +152,7 @@ Specifies whether PINs or passwords such as "1111" or "1234" are allowed. For th
 > This policy must be wrapped in an Atomic command.
 
 
-For additional information about this policy, see [Exchange ActiveSync Policy Engine Overview](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/dn282287(v=ws.11)).
+For more information about this policy, see [Exchange ActiveSync Policy Engine Overview](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/dn282287(v=ws.11)).
 
 <!--/Description-->
 <!--SupportedValues-->
@@ -377,16 +377,16 @@ Specifies when the password expires (in days).
 
 
 
-If all policy values = 0 then 0; otherwise, Min policy value is the most secure value.
+If all policy values = 0, then 0; otherwise, Min policy value is the most secure value.
 
-For additional information about this policy, see [Exchange ActiveSync Policy Engine Overview](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/dn282287(v=ws.11)).
+For more information about this policy, see [Exchange ActiveSync Policy Engine Overview](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/dn282287(v=ws.11)).
 
 <!--/Description-->
 <!--SupportedValues-->
 The following list shows the supported values:
 
 -   An integer X where 0 &lt;= X &lt;= 730.
--   0 (default) - Passwords do not expire.
+-   0 (default) - Passwords don't expire.
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -425,11 +425,11 @@ Specifies how many passwords can be stored in the history that can’t be used.
 > [!NOTE]
 > This policy must be wrapped in an Atomic command.
 
-The value includes the user's current password. This means that with a setting of 1 the user cannot reuse their current password when choosing a new password, while a setting of 5 means that a user cannot set their new password to their current password or any of their previous four passwords.
+The value includes the user's current password. This value denotes that with a setting of 1, the user can't reuse their current password when choosing a new password, while a setting of 5 means that a user can't set their new password to their current password or any of their previous four passwords.
 
 Max policy value is the most restricted.
 
-For additional information about this policy, see [Exchange ActiveSync Policy Engine Overview](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/dn282287(v=ws.11)).
+For more information about this policy, see [Exchange ActiveSync Policy Engine Overview](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/dn282287(v=ws.11)).
 
 <!--/Description-->
 <!--SupportedValues-->
@@ -470,7 +470,7 @@ The following list shows the supported values:
 
 <!--/Scope-->
 <!--Description-->
-Specifies the default lock screen and logon image shown when no user is signed in. It also sets the specified image for all users, which replaces the default image. The same image is used for both the lock and logon screens. Users will not be able to change this image.
+Specifies the default lock screen and sign-in image shown when no user is signed in. It also sets the specified image for all users, which replaces the default image. The same image is used for both the lock and sign-in screens. Users won't be able to change this image.
 
 > [!NOTE]
 > This policy is only enforced in Windows 10 Enterprise and Education editions and not supported in Windows 10 Home and Pro.
@@ -516,14 +516,14 @@ The number of authentication failures allowed before the device will be wiped. A
 > This policy must be wrapped in an Atomic command.
 
 
-On a client device, when the user reaches the value set by this policy, it is not wiped. Instead, the desktop is put on BitLocker recovery mode, which makes the data inaccessible but recoverable. If BitLocker is not enabled, then the policy cannot be enforced.
+On a client device, when the user reaches the value set by this policy, it isn't wiped. Instead, the desktop is put on BitLocker recovery mode, which makes the data inaccessible but recoverable. If BitLocker isn't enabled, then the policy can't be enforced.
 
   Prior to reaching the failed attempts limit, the user is sent to the lock screen and warned that more failed attempts will lock their computer. When the user reaches the limit, the device automatically reboots and shows the BitLocker recovery page. This page prompts the user for the BitLocker recovery key.
 
 
 Most secure value is 0 if all policy values = 0; otherwise, Min policy value is the most secure value.
 
-For additional information about this policy, see [Exchange ActiveSync Policy Engine Overview](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/dn282287(v=ws.11)).
+For more information about this policy, see [Exchange ActiveSync Policy Engine Overview](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/dn282287(v=ws.11)).
 
 <!--/Description-->
 <!--SupportedValues-->
@@ -573,7 +573,7 @@ On HoloLens, this timeout is controlled by the device's system sleep timeout, re
 
 
 
-For additional information about this policy, see [Exchange ActiveSync Policy Engine Overview](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/dn282287(v=ws.11)).
+For more information about this policy, see [Exchange ActiveSync Policy Engine Overview](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/dn282287(v=ws.11)).
 
 <!--/Description-->
 <!--SupportedValues-->
@@ -651,9 +651,9 @@ Enforced values for Local and Microsoft Accounts:
         -   Base 10 digits (0 through 9)
         -   Special characters (!, $, \#, %, etc.)
 
-The enforcement of policies for Microsoft accounts happen on the server, and the server requires a password length of 8 and a complexity of 2. A complexity value of 3 or 4 is unsupported and setting this value on the server makes Microsoft accounts non-compliant.
+The enforcement of policies for Microsoft accounts happens on the server, and the server requires a password length of 8 and a complexity of 2. A complexity value of 3 or 4 is unsupported and setting this value on the server makes Microsoft accounts non-compliant.
 
-For additional information about this policy, see [Exchange ActiveSync Policy Engine Overview](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/dn282287(v=ws.11)) and [KB article](https://support.office.com/article/This-device-doesn-t-meet-the-security-requirements-set-by-your-email-administrator-87132fc7-2c7f-4a71-9de0-779ff81c86ca).
+For more information about this policy, see [Exchange ActiveSync Policy Engine Overview](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/dn282287(v=ws.11)) and [KB article](https://support.office.com/article/This-device-doesn-t-meet-the-security-requirements-set-by-your-email-administrator-87132fc7-2c7f-4a71-9de0-779ff81c86ca).
 
 <!--/Description-->
 <!--/Policy-->
@@ -698,7 +698,7 @@ Specifies the minimum number or characters required in the PIN or password.
 
 Max policy value is the most restricted.
 
-For additional information about this policy, see [Exchange ActiveSync Policy Engine Overview](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/dn282287(v=ws.11)) and [KB article](https://support.office.com/article/This-device-doesn-t-meet-the-security-requirements-set-by-your-email-administrator-87132fc7-2c7f-4a71-9de0-779ff81c86ca).
+For more information about this policy, see [Exchange ActiveSync Policy Engine Overview](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/dn282287(v=ws.11)) and [KB article](https://support.office.com/article/This-device-doesn-t-meet-the-security-requirements-set-by-your-email-administrator-87132fc7-2c7f-4a71-9de0-779ff81c86ca).
 
 <!--/Description-->
 <!--SupportedValues-->
@@ -767,7 +767,7 @@ This security setting determines the period of time (in days) that a password mu
 
 The minimum password age must be less than the Maximum password age, unless the maximum password age is set to 0, indicating that passwords will never expire. If the maximum password age is set to 0, the minimum password age can be set to any value between 0 and 998.
 
-Configure the minimum password age to be more than 0 if you want Enforce password history to be effective. Without a minimum password age, users can cycle through passwords repeatedly until they get to an old favorite. The default setting does not follow this recommendation, so that an administrator can specify a password for a user and then require the user to change the administrator-defined password when the user logs on. If the password history is set to 0, the user does not have to choose a new password. For this reason, Enforce password history is set to 1 by default.
+Configure the minimum password age to be more than 0 if you want Enforce password history to be effective. Without a minimum password age, users can cycle through passwords repeatedly until they get to an old favorite. The default setting doesn't follow this recommendation, so that an administrator can specify a password for a user and then require the user to change the administrator-defined password when the user logs on. If the password history is set to 0, the user doesn't have to choose a new password. For this reason, Enforce password history is set to 1 by default.
 
 <!--/Description-->
 <!--DbMapped-->
@@ -811,7 +811,7 @@ Disables the lock screen camera toggle switch in PC Settings and prevents a came
 
 By default, users can enable invocation of an available camera on the lock screen.
 
-If you enable this setting, users will no longer be able to enable or disable lock screen camera access in PC Settings, and the camera cannot be invoked on the lock screen.
+If you enable this setting, users will no longer be able to enable or disable lock screen camera access in PC Settings, and the camera can't be invoked on the lock screen.
 
 <!--/Description-->
 > [!TIP]
diff --git a/windows/client-management/mdm/policy-csp-display.md b/windows/client-management/mdm/policy-csp-display.md
index 5fcf63a361..f3f60dd44f 100644
--- a/windows/client-management/mdm/policy-csp-display.md
+++ b/windows/client-management/mdm/policy-csp-display.md
@@ -113,19 +113,19 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Per Process System DPI is an application compatibility feature for desktop applications that do not render properly after a display-scale factor (DPI) change. When the display scale factor of the primary display changes (which can happen when you connect or disconnect a display that has a different display scale factor (DPI), connect remotely from a device with a different display scale factor, or manually change the display scale factor), many desktop applications can display blurry. Desktop applications that have not been updated to display properly in this scenario will be blurry until you log out and back in to Windows. 
+Per Process System DPI is an application compatibility feature for desktop applications that don't render properly after a display-scale factor (DPI) change. When the display scale factor of the primary display changes (which can happen when you connect or disconnect a display that has a different display scale factor (DPI), connect remotely from a device with a different display scale factor, or manually change the display scale factor), many desktop applications can display blurry. Desktop applications that haven't been updated to display properly in this scenario will be blurry until you sign out and back in to Windows. 
 
-When you enable this policy some blurry applications will be crisp after they are restarted, without requiring the user to log out and back in to Windows. 
+When you enable this policy some blurry applications will be crisp after they're restarted, without requiring the user to sign out and back in to Windows. 
 
-Be aware of the following:
+Be aware of the following points:
 
-Per Process System DPI will only improve the rendering of desktop applications that are positioned on the primary display (or any other display that has the same scale factor as that of the primary display). Some desktop applications can still be blurry on secondary displays that have different display scale factors. 
+Per Process System DPI will only improve the rendering of desktop applications that are positioned on the primary display (or any other display having the same scale factor as that of the primary display). Some desktop applications can still be blurry on secondary displays that have different display scale factors. 
 
-Per Process System DPI will not work for all applications as some older desktop applications will always be blurry on high DPI displays. 
+Per Process System DPI won't work for all applications as some older desktop applications will always be blurry on high DPI displays. 
 
 In some cases, you may see some unexpected behavior in some desktop applications that have Per-Process System DPI applied. If that happens, Per Process System DPI should be disabled.
 
-Enabling this setting lets you specify the system-wide default for desktop applications and per-application overrides. If you disable or do not configure this setting. Per Process System DPI will not apply to any processes on the system.
+Enabling this setting lets you specify the system-wide default for desktop applications and per-application overrides. If you disable or don't configure this setting, Per Process System DPI won't apply to any processes on the system.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -218,13 +218,13 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-GDI DPI Scaling enables applications that are not DPI aware to become per monitor DPI aware.
+GDI DPI Scaling enables applications that aren't DPI aware to become per monitor DPI aware.
 
 This policy setting lets you specify legacy applications that have GDI DPI Scaling turned off.
 
-If you enable this policy setting, GDI DPI Scaling is turned off for all applications in the list, even if they are enabled by using ApplicationCompatibility database, ApplicationCompatibility UI System (Enhanced) setting, or an application manifest.
+If you enable this policy setting, GDI DPI Scaling is turned off for all applications in the list, even if they're enabled by using ApplicationCompatibility database, ApplicationCompatibility UI System (Enhanced) setting, or an application manifest.
 
-If you disable or do not configure this policy setting, GDI DPI Scaling might still be turned on for legacy applications.
+If you disable or don't configure this policy setting, GDI DPI Scaling might still be turned on for legacy applications.
 
 If GDI DPI Scaling is configured to both turn off and turn on an application, the application will be turned off.
 
@@ -239,7 +239,7 @@ ADMX Info:
 
 <!--/ADMXMapped-->
 <!--Validation-->
-To validate on Desktop, do the following:
+To validate on Desktop, do the following tasks:
 
 1.   Configure the setting for an app, which has GDI DPI scaling enabled via MDM or any other supported mechanisms.
 2.   Run the app and observe blurry text.
@@ -276,13 +276,13 @@ To validate on Desktop, do the following:
 
 <!--/Scope-->
 <!--Description-->
-GDI DPI Scaling enables applications that are not DPI aware to become per monitor DPI aware.
+GDI DPI Scaling enables applications that aren't DPI aware to become per monitor DPI aware.
 
 This policy setting lets you specify legacy applications that have GDI DPI Scaling turned on.
 
 If you enable this policy setting, GDI DPI Scaling is turned on for all legacy applications in the list.
 
-If you disable or do not configure this policy setting, GDI DPI Scaling will not be enabled for an application except when an application is enabled by using ApplicationCompatibility database, ApplicationCompatibility UI System (Enhanced) setting, or an application manifest.
+If you disable or don't configure this policy setting, GDI DPI Scaling won't be enabled for an application except when an application is enabled by using ApplicationCompatibility database, ApplicationCompatibility UI System (Enhanced) setting, or an application manifest.
 
 If GDI DPI Scaling is configured to both turn off and turn on an application, the application will be turned off.
 
@@ -297,7 +297,7 @@ ADMX Info:
 
 <!--/ADMXMapped-->
 <!--Validation-->
-To validate on Desktop, do the following:
+To validate on Desktop, do the following tasks:
 
 1.   Configure the setting for an app, which uses GDI.
 2.   Run the app and observe crisp text.
diff --git a/windows/client-management/mdm/policy-csp-dmaguard.md b/windows/client-management/mdm/policy-csp-dmaguard.md
index 336c23a5cb..1258127e5e 100644
--- a/windows/client-management/mdm/policy-csp-dmaguard.md
+++ b/windows/client-management/mdm/policy-csp-dmaguard.md
@@ -1,6 +1,6 @@
 ---
 title: Policy CSP - DmaGuard
-description: Learn how to use the Policy CSP - DmaGuard setting to provide additional security against external DMA capable devices.
+description: Learn how to use the Policy CSP - DmaGuard setting to provide more security against external DMA capable devices.
 ms.author: dansimp
 ms.topic: article
 ms.prod: w10
@@ -56,11 +56,11 @@ manager: dansimp
 
 <!--/Scope-->
 <!--Description-->
-This policy is intended to provide additional security against external DMA capable devices. It allows for more control over the enumeration of external DMA capable devices incompatible with [DMA Remapping](/windows-hardware/drivers/pci/enabling-dma-remapping-for-device-drivers)/device memory isolation and sandboxing. 
+This policy is intended to provide more security against external DMA capable devices. It allows for more control over the enumeration of external DMA capable devices incompatible with [DMA Remapping](/windows-hardware/drivers/pci/enabling-dma-remapping-for-device-drivers)/device memory isolation and sandboxing. 
 
-Device memory sandboxing allows the OS to leverage the I/O Memory Management Unit (IOMMU) of a device to block unallowed I/O, or memory access, by the peripheral. In other words, the OS assigns a certain memory range to the peripheral. If the peripheral attempts to read/write to memory outside of the assigned range, the OS blocks it.
+Device memory sandboxing allows the OS to use the I/O Memory Management Unit (IOMMU) of a device to block unallowed I/O, or memory access, by the peripheral. In other words, the OS assigns a certain memory range to the peripheral. If the peripheral attempts to read/write to memory outside of the assigned range, the OS blocks it.
 
-This policy only takes effect when Kernel DMA Protection is supported and enabled by the system firmware. Kernel DMA Protection is a platform feature that cannot be controlled via policy or by end user. It has to be supported by the system at the time of manufacturing. To check if the system supports Kernel DMA Protection, please check the Kernel DMA Protection field in the Summary page of MSINFO32.exe.
+This policy only takes effect when Kernel DMA Protection is supported and enabled by the system firmware. Kernel DMA Protection is a platform feature that can't be controlled via policy or by end user. It has to be supported by the system at the time of manufacturing. To check if the system supports Kernel DMA Protection, check the Kernel DMA Protection field in the Summary page of MSINFO32.exe.
 
 > [!NOTE]
 > This policy does not apply to 1394/Firewire, PCMCIA, CardBus, or ExpressCard devices.
diff --git a/windows/client-management/mdm/policy-csp-education.md b/windows/client-management/mdm/policy-csp-education.md
index 4bd0742e0b..efa4201d3f 100644
--- a/windows/client-management/mdm/policy-csp-education.md
+++ b/windows/client-management/mdm/policy-csp-education.md
@@ -65,7 +65,7 @@ manager: dansimp
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to control whether graphing functionality is available in the Windows Calculator app. If you disable this policy setting, graphing functionality will not be accessible in the Windows Calculator app. If you enable or don't configure this policy setting, you will be able to access graphing functionality.
+This policy setting allows you to control whether graphing functionality is available in the Windows Calculator app. If you disable this policy setting, graphing functionality won't be accessible in the Windows Calculator app. If you enable or don't configure this policy setting, you'll be able to access graphing functionality.
 <!--/Description-->
 <!--ADMXMapped-->
 ADMX Info:  
@@ -147,7 +147,7 @@ The policy value is expected to be the name (network host name) of an installed
 
 <!--/Scope-->
 <!--Description-->
-Allows IT Admins to prevent user installation of additional printers from the printers settings.
+Allows IT Admins to prevent user installation of more printers from the printers settings.
 
 <!--/Description-->
 <!--ADMXMapped-->
diff --git a/windows/client-management/mdm/policy-csp-errorreporting.md b/windows/client-management/mdm/policy-csp-errorreporting.md
index 4e5f16f246..37d4c94e64 100644
--- a/windows/client-management/mdm/policy-csp-errorreporting.md
+++ b/windows/client-management/mdm/policy-csp-errorreporting.md
@@ -75,19 +75,19 @@ manager: dansimp
 <!--Description-->
 This policy setting determines the consent behavior of Windows Error Reporting for specific event types.
 
-If you enable this policy setting, you can add specific event types to a list by clicking Show, and typing event types in the Value Name column of the Show Contents dialog box. Event types are those for generic, non-fatal errors: crash, no response, and kernel fault errors. For each specified event type, you can set a consent level of 0, 1, 2, 3, or 4.
+If you enable this policy setting, you can add specific event types to a list by clicking Show, and typing event types in the Value Name column of the Show Contents dialog box. Event types are those even types for generic, non-fatal errors: crash, no response, and kernel fault errors. For each specified event type, you can set a consent level of 0, 1, 2, 3, or 4.
 
 - 0 (Disable): Windows Error Reporting sends no data to Microsoft for this event type.
 
 - 1 (Always ask before sending data): Windows prompts the user for consent to send reports.
 
-- 2 (Send parameters): Windows Error Reporting automatically sends the minimum data required to check for an existing solution, and Windows prompts the user for consent to send any additional data requested by Microsoft.
+- 2 (Send parameters): Windows Error Reporting automatically sends the minimum data required to check for an existing solution, and Windows prompts the user for consent to send any extra data requested by Microsoft.
 
-- 3 (Send parameters and safe additional data): Windows Error Reporting automatically sends the minimum data required to check for an existing solution, as well as data which Windows has determined (within a high probability) does not contain personally identifiable data, and prompts the user for consent to send any additional data requested by Microsoft.
+- 3 (Send parameters and safe extra data): Windows Error Reporting automatically sends the minimum data required to check for an existing solution, and data which Windows has determined (within a high probability) doesn't contain personally identifiable data, and prompts the user for consent to send any extra data requested by Microsoft.
 
 - 4 (Send all data): Any data requested by Microsoft is sent automatically.
 
-If you disable or do not configure this policy setting, then the default consent settings that are applied are those specified by the user in Control Panel, or in the Configure Default Consent policy setting.
+If you disable or don't configure this policy setting, then the default consent settings that are applied are those settings specified by the user in Control Panel, or in the Configure Default Consent policy setting.
 
 <!--/Description-->
 
@@ -129,11 +129,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting turns off Windows Error Reporting, so that reports are not collected or sent to either Microsoft or internal servers within your organization when software unexpectedly stops working or fails.
+This policy setting turns off Windows Error Reporting, so that reports aren't collected or sent to either Microsoft or internal servers within your organization when software unexpectedly stops working or fails.
 
-If you enable this policy setting, Windows Error Reporting does not send any problem information to Microsoft. Additionally, solution information is not available in Security and Maintenance in Control Panel.
+If you enable this policy setting, Windows Error Reporting doesn't send any problem information to Microsoft. Additionally, solution information isn't available in Security and Maintenance in Control Panel.
 
-If you disable or do not configure this policy setting, the Turn off Windows Error Reporting policy setting in Computer Configuration/Administrative Templates/System/Internet Communication Management/Internet Communication settings takes precedence. If Turn off Windows Error Reporting is also either disabled or not configured, user settings in Control Panel for Windows Error Reporting are applied.
+If you disable or don't configure this policy setting, the Turn off Windows Error Reporting policy setting in Computer Configuration/Administrative Templates/System/Internet Communication Management/Internet Communication settings takes precedence. If Turn off Windows Error Reporting is also either disabled or not configured, user settings in Control Panel for Windows Error Reporting are applied.
 
 <!--/Description-->
 
@@ -179,9 +179,9 @@ This policy setting controls whether users are shown an error dialog box that le
 
 If you enable this policy setting, users are notified in a dialog box that an error has occurred, and can display more details about the error. If the Configure Error Reporting policy setting is also enabled, the user can also report the error.
 
-If you disable this policy setting, users are not notified that errors have occurred. If the Configure Error Reporting policy setting is also enabled, errors are reported, but users receive no notification. Disabling this policy setting is useful for servers that do not have interactive users.
+If you disable this policy setting, users aren't notified that errors have occurred. If the Configure Error Reporting policy setting is also enabled, errors are reported, but users receive no notification. Disabling this policy setting is useful for servers that don't have interactive users.
 
-If you do not configure this policy setting, users can change this setting in Control Panel, which is set to enable notification by default on computers that are running Windows XP Personal Edition and Windows XP Professional Edition, and disable notification by default on computers that are running Windows Server.
+If you don't configure this policy setting, users can change this setting in Control Panel, which is set to enable notification by default on computers that are running Windows XP Personal Edition and Windows XP Professional Edition, and disable notification by default on computers that are running Windows Server.
 
 See also the Configure Error Reporting policy setting.
 
@@ -225,11 +225,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting controls whether additional data in support of error reports can be sent to Microsoft automatically.
+This policy setting controls whether extra data in support of error reports can be sent to Microsoft automatically.
 
-If you enable this policy setting, any additional data requests from Microsoft in response to a Windows Error Reporting report are automatically declined, without notification to the user.
+If you enable this policy setting, any extra data requests from Microsoft in response to a Windows Error Reporting report are automatically declined, without notification to the user.
 
-If you disable or do not configure this policy setting, then consent policy settings in Computer Configuration/Administrative Templates/Windows Components/Windows Error Reporting/Consent take precedence.
+If you disable or don't configure this policy setting, then consent policy settings in Computer Configuration/Administrative Templates/Windows Components/Windows Error Reporting/Consent take precedence.
 
 <!--/Description-->
 
@@ -273,9 +273,9 @@ ADMX Info:
 <!--Description-->
 This policy setting prevents the display of the user interface for critical errors.
 
-If you enable this policy setting, Windows Error Reporting does not display any GUI-based error messages or dialog boxes for critical errors.
+If you enable this policy setting, Windows Error Reporting doesn't display any GUI-based error messages or dialog boxes for critical errors.
 
-If you disable or do not configure this policy setting, Windows Error Reporting displays the user interface for critical errors.
+If you disable or don't configure this policy setting, Windows Error Reporting displays the user interface for critical errors.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-eventlogservice.md b/windows/client-management/mdm/policy-csp-eventlogservice.md
index 9e1e22c296..ced6ab68a9 100644
--- a/windows/client-management/mdm/policy-csp-eventlogservice.md
+++ b/windows/client-management/mdm/policy-csp-eventlogservice.md
@@ -1,6 +1,6 @@
 ---
 title: Policy CSP - EventLogService
-description: Learn how to use the Policy CSP - EventLogService settting to control Event Log behavior when the log file reaches its maximum size.
+description: Learn how to use the Policy CSP - EventLogService setting to control Event Log behavior when the log file reaches its maximum size.
 ms.author: dansimp
 ms.topic: article
 ms.prod: w10
@@ -67,9 +67,9 @@ manager: dansimp
 <!--Description-->
 This policy setting controls Event Log behavior when the log file reaches its maximum size.
 
-If you enable this policy setting and a log file reaches its maximum size, new events are not written to the log and are lost.
+If you enable this policy setting and a log file reaches its maximum size, new events aren't written to the log and are lost.
 
-If you disable or do not configure this policy setting and a log file reaches its maximum size, new events overwrite old events.
+If you disable or don't configure this policy setting and a log file reaches its maximum size, new events overwrite old events.
 
 Note: Old events may or may not be retained according to the "Backup log automatically when full" policy setting.
 
@@ -115,9 +115,9 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies the maximum size of the log file in kilobytes.
 
-If you enable this policy setting, you can configure the maximum log file size to be between 1 megabyte (1024 kilobytes) and 2 terabytes (2147483647 kilobytes) in kilobyte increments.
+If you enable this policy setting, you can configure the maximum log file size to be between 1 megabyte (1024 kilobytes) and 2 terabytes (2,147,483,647 kilobytes) in kilobyte increments.
 
-If you disable or do not configure this policy setting, the maximum size of the log file will be set to the locally configured value. This value can be changed by the local administrator using the Log Properties dialog and it defaults to 20 megabytes.
+If you disable or don't configure this policy setting, the maximum size of the log file will be set to the locally configured value. This value can be changed by the local administrator using the Log Properties dialog and it defaults to 20 megabytes.
 
 <!--/Description-->
 
@@ -161,9 +161,9 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies the maximum size of the log file in kilobytes.
 
-If you enable this policy setting, you can configure the maximum log file size to be between 1 megabyte (1024 kilobytes) and 2 terabytes (2147483647 kilobytes) in kilobyte increments.
+If you enable this policy setting, you can configure the maximum log file size to be between 1 megabyte (1024 kilobytes) and 2 terabytes (2,147,483,647 kilobytes) in kilobyte increments.
 
-If you disable or do not configure this policy setting, the maximum size of the log file will be set to the locally configured value. This value can be changed by the local administrator using the Log Properties dialog and it defaults to 20 megabytes.
+If you disable or don't configure this policy setting, the maximum size of the log file will be set to the locally configured value. This value can be changed by the local administrator using the Log Properties dialog and it defaults to 20 megabytes.
 
 <!--/Description-->
 
@@ -207,9 +207,9 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies the maximum size of the log file in kilobytes.
 
-If you enable this policy setting, you can configure the maximum log file size to be between 1 megabyte (1024 kilobytes) and 2 terabytes (2147483647 kilobytes) in kilobyte increments.
+If you enable this policy setting, you can configure the maximum log file size to be between 1 megabyte (1024 kilobytes) and 2 terabytes (2,147,483,647 kilobytes) in kilobyte increments.
 
-If you disable or do not configure this policy setting, the maximum size of the log file will be set to the locally configured value. This value can be changed by the local administrator using the Log Properties dialog and it defaults to 20 megabytes.
+If you disable or don't configure this policy setting, the maximum size of the log file will be set to the locally configured value. This value can be changed by the local administrator using the Log Properties dialog and it defaults to 20 megabytes.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-experience.md b/windows/client-management/mdm/policy-csp-experience.md
index cb785576ec..b115b5df8c 100644
--- a/windows/client-management/mdm/policy-csp-experience.md
+++ b/windows/client-management/mdm/policy-csp-experience.md
@@ -155,7 +155,7 @@ ADMX Info:
 1. Configure Experiences/AllowClipboardHistory to 0.
 1. Open Notepad (or any editor app), select a text, and copy it to the clipboard.
 1. Press Win+V to open the clipboard history UI.
-1. You should not see any clipboard item including current item you copied.
+1. You shouldn't see any clipboard item including current item you copied.
 1. The setting under Settings App->System->Clipboard should be grayed out with policy warning.
 
 <!--/Validation-->
@@ -241,7 +241,7 @@ The following list shows the supported values:
 <!--Description-->
 Allows users to turn on/off device discovery UX.
 
-When set to 0, the projection pane is disabled. The Win+P and Win+K shortcut keys will not work on.
+When set to 0, the projection pane is disabled. The Win+P and Win+K shortcut keys won't work on.
 
 Most restricted value is 0.
 
@@ -287,7 +287,7 @@ This policy turns on Find My Device.
 
 When Find My Device is on, the device and its location are registered in the cloud so that the device can be located when the user initiates a Find command from account.microsoft.com. In Windows 10, version 1709 devices that are compatible with active digitizers, enabling Find My Device will also allow the user to view the last location of use of their active digitizer on their device; this location is stored locally on the user's device after each use of their active digitizer.
 
-When Find My Device is off, the device and its location are not registered and the Find My Device feature will not work. In Windows 10, version 1709 the user will not be able to view the location of the last use of their active digitizer on their device.
+When Find My Device is off, the device and its location aren't registered and the Find My Device feature won't work. In Windows 10, version 1709 the user won't be able to view the location of the last use of their active digitizer on their device.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -335,7 +335,7 @@ The following list shows the supported values:
 
 <!--/Scope-->
 <!--Description-->
-Specifies whether to allow the user to delete the workplace account using the workplace control panel. If the device is Azure Active Directory joined and MDM enrolled (e.g., auto-enrolled), then disabling the MDM unenrollment has no effect.
+Specifies whether to allow the user to delete the workplace account using the workplace control panel. If the device is Azure Active Directory joined and MDM enrolled (for example, auto-enrolled), then disabling the MDM unenrollment has no effect.
 
 > [!NOTE]
 > The MDM server can always remotely delete the account.
@@ -398,7 +398,7 @@ This policy is deprecated.
 
 <!--/Description-->
 <!--SupportedValues-->
-Describe what value are supported in by this policy and meaning of each value is default value.
+Describe what values are supported in by this policy and meaning of each value is default value.
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -443,7 +443,7 @@ This policy is deprecated.
 
 <!--/Description-->
 <!--SupportedValues-->
-Describes what value are supported in by this policy and meaning of each value is default value.
+Describes what values are supported in by this policy and meaning of each value is default value.
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -482,7 +482,7 @@ Allows or disallows all Windows sync settings on the device. For information abo
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 – Sync settings are not allowed.
+-   0 – Sync settings aren't allowed.
 -   1 (default) – Sync settings allowed.
 
 <!--/SupportedValues-->
@@ -517,12 +517,12 @@ The following list shows the supported values:
 <!--/Scope-->
 <!--Description-->
 
-This policy allows you to prevent Windows from using diagnostic data to provide customized experiences to the user. If you enable this policy setting, Windows will not use diagnostic data from this device to customize content shown on the lock screen, Windows tips, Microsoft consumer features, or other related features. If these features are enabled, users will still see recommendations, tips and offers, but they may be less relevant. If you disable or do not configure this policy setting, Microsoft will use diagnostic data to provide personalized recommendations, tips, and offers to tailor Windows for the user's needs and make it work better for them.
+This policy allows you to prevent Windows from using diagnostic data to provide customized experiences to the user. If you enable this policy setting, Windows won't use diagnostic data from this device to customize content shown on the lock screen, Windows tips, Microsoft consumer features, or other related features. If these features are enabled, users will still see recommendations, tips and offers, but they may be less relevant. If you disable or don't configure this policy setting, Microsoft will use diagnostic data to provide personalized recommendations, tips, and offers to tailor Windows for the user's needs and make it work better for them.
 
 Diagnostic data can include browser, app and feature usage, depending on the "Diagnostic and usage data" setting value.
 
 > [!NOTE]
-> This setting does not control Cortana cutomized experiences because there are separate policies to configure it.
+> This setting doesn't control Cortana cutomized experiences because there are separate policies to configure it.
 
 Most restricted value is 0.
 
@@ -682,7 +682,7 @@ The following list shows the supported values:
 > This policy is only available for Windows 10 Enterprise and Windows 10 Education.
 
 
-Specifies whether to turn off all Windows spotlight features at once. If you enable this policy setting, Windows spotlight on lock screen, Windows Tips, Microsoft consumer features and other related features will be turned off. You should enable this policy setting if your goal is to minimize network traffic from target devices. If you disable or do not configure this policy setting, Windows spotlight features are allowed and may be controlled individually using their corresponding policy settings.
+Specifies whether to turn off all Windows spotlight features at once. If you enable this policy setting, Windows spotlight on lock screen, Windows Tips, Microsoft consumer features and other related features will be turned off. You should enable this policy setting if your goal is to minimize network traffic from target devices. If you disable or don't configure this policy setting, Windows spotlight features are allowed and may be controlled individually using their corresponding policy settings.
 
 Most restricted value is 0.
 
@@ -733,7 +733,7 @@ The following list shows the supported values:
 <!--/Scope-->
 <!--Description-->
 
-This policy allows administrators to prevent Windows spotlight notifications from being displayed in the Action Center. If you enable this policy, Windows spotlight notifications will no longer be displayed in the Action Center. If you disable or do not configure this policy, Microsoft may display notifications in the Action Center that will suggest apps or features to help users be more productive on Windows.
+This policy allows administrators to prevent Windows spotlight notifications from being displayed in the Action Center. If you enable this policy, Windows spotlight notifications will no longer be displayed in the Action Center. If you disable or don't configure this policy, Microsoft may display notifications in the Action Center that will suggest apps or features to help users be more productive on Windows.
 
 Most restricted value is 0.
 
@@ -837,7 +837,7 @@ The following list shows the supported values:
 <!--Description-->
 
 This policy setting lets you turn off the Windows spotlight Windows welcome experience feature.
-The Windows welcome experience feature introduces onboard users to Windows; for example, launching Microsoft Edge with a webpage that highlights new features. If you enable this policy, the Windows welcome experience will no longer be displayed when there are updates and changes to Windows and its apps. If you disable or do not configure this policy, the Windows welcome experience will be launched to inform onboard users about what's new, changed, and suggested.
+The Windows welcome experience feature introduces onboard users to Windows; for example, launching Microsoft Edge with a webpage that highlights new features. If you enable this policy, the Windows welcome experience will no longer be displayed when there are updates and changes to Windows and its apps. If you disable or don't configure this policy, the Windows welcome experience will be launched to inform onboard users about what's new, changed, and suggested.
 
 Most restricted value is 0.
 
@@ -942,7 +942,7 @@ The values for this policy are 0, 1, 2, and 3. This policy defaults to 0 if not
 -   0 - Not Configured: The Chat icon will be configured according to the defaults for your Windows edition.
 -   1 - Show: The Chat icon will be displayed on the taskbar by default. Users can show or hide it in Settings.
 -   2 - Hide: The Chat icon will be hidden by default. Users can show or hide it in Settings.
--   3 - Disabled: The Chat icon will not be displayed, and users cannot show or hide it in Settings.
+-   3 - Disabled: The Chat icon won't be displayed, and users can't show or hide it in Settings.
 
 > [!NOTE]
 > Option 1 (Show) and Option 2 (Hide) only work on the first sign-in attempt. Option 3 (Disabled) works on all attempts.
@@ -982,7 +982,7 @@ The values for this policy are 0, 1, 2, and 3. This policy defaults to 0 if not
 > This policy is only available for Windows 10 Enterprise and Windows 10 Education.
 
 
-Allows IT admins to specify whether spotlight should be used on the user's lock screen. If your organization does not have an Enterprise spotlight content service, then this policy will behave the same as a setting of 1.
+Allows IT admins to specify whether spotlight should be used on the user's lock screen. If your organization doesn't have an Enterprise spotlight content service, then this policy will behave the same as a setting of 1.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -1033,7 +1033,7 @@ This policy setting lets you turn off cloud optimized content in all Windows exp
 
 If you enable this policy setting, Windows experiences that use the cloud optimized content client component will present the default fallback content.
 
-If you disable or do not configure this policy setting, Windows experiences will be able to use cloud optimized content.
+If you disable or don't configure this policy setting, Windows experiences will be able to use cloud optimized content.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -1083,9 +1083,9 @@ The following list shows the supported values:
 <!--Description-->
 Prevents devices from showing feedback questions from Microsoft.
 
-If you enable this policy setting, users will no longer see feedback notifications through the Feedback hub app. If you disable or do not configure this policy setting, users may see notifications through the Feedback hub app asking users for feedback.
+If you enable this policy setting, users will no longer see feedback notifications through the Feedback hub app. If you disable or don't configure this policy setting, users may see notifications through the Feedback hub app asking users for feedback.
 
-If you disable or do not configure this policy setting, users can control how often they receive feedback questions.
+If you disable or don't configure this policy setting, users can control how often they receive feedback questions.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -1099,7 +1099,7 @@ ADMX Info:
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 (default) – Feedback notifications are not disabled. The actual state of feedback notifications on the device will then depend on what GP has configured or what the user has configured locally.
+-   0 (default) – Feedback notifications aren't disabled. The actual state of feedback notifications on the device will then depend on what GP has configured or what the user has configured locally.
 -   1 – Feedback notifications are disabled.
 
 <!--/SupportedValues-->
@@ -1151,7 +1151,7 @@ ADMX Info:
 Supported values:
 
 -  0 (default) - Allowed/turned on. The "browser" group synchronizes automatically between users' devices and lets users make changes.
--  2 - Prevented/turned off. The "browser" group does not use the _Sync your Settings_ option.
+-  2 - Prevented/turned off. The "browser" group doesn't use the _Sync your Settings_ option.
 
 
 _**Sync the browser settings automatically**_
@@ -1291,7 +1291,7 @@ If you enable this policy setting, the lock option is shown in the User Tile men
 
 If you disable this policy setting, the lock option is never shown in the User Tile menu.
 
-If you do not configure this policy setting, the lock option is shown in the User Tile menu. Users can choose if they want to show the lock in the user tile menu from the Power Options control panel.
+If you don't configure this policy setting, the lock option is shown in the User Tile menu. Users can choose if they want to show the lock in the user tile menu from the Power Options control panel.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -1304,7 +1304,7 @@ ADMX Info:
 <!--/ADMXMapped-->
 <!--SupportedValues-->
 Supported values:  
-- false - The lock option is not displayed in the User Tile menu.
+- false - The lock option isn't displayed in the User Tile menu.
 - true (default) - The lock option is displayed in the User Tile menu.
 
 <!--/SupportedValues-->
diff --git a/windows/client-management/mdm/policy-csp-handwriting.md b/windows/client-management/mdm/policy-csp-handwriting.md
index 4c736050b2..c2b205ad92 100644
--- a/windows/client-management/mdm/policy-csp-handwriting.md
+++ b/windows/client-management/mdm/policy-csp-handwriting.md
@@ -58,11 +58,11 @@ manager: dansimp
 <!--Description-->
 This policy allows an enterprise to configure the default mode for the handwriting panel.
 
-The handwriting panel has 2 modes - floats near the text box, or docked to the bottom of the screen. The default configuration to is floating near text box. If you want the panel to be fixed or docked, use this policy to fix it to the bottom of the screen.
+The handwriting panel has two modes - floats near the text box, or docked to the bottom of the screen. The default configuration is the one floating near text box. If you want the panel to be fixed or docked, use this policy to fix it to the bottom of the screen.
 
-In floating mode, the content is hidden behind a flying-in panel and results in end-user dissatisfaction. The end-user will need to drag the flying-in panel to see the rest of the content. In the fixed mode, the flying-in panel is fixed to the bottom of the screen and does not require any user interaction.
+In floating mode, the content is hidden behind a flying-in panel and results in end-user dissatisfaction. The end-user will need to drag the flying-in panel to see the rest of the content. In the fixed mode, the flying-in panel is fixed to the bottom of the screen and doesn't require any user interaction.
 
-The docked mode is especially useful in Kiosk mode where you do not expect the end-user to drag the flying-in panel out of the way.
+The docked mode is especially useful in Kiosk mode where you don't expect the end-user to drag the flying-in panel out of the way.
 
 <!--/Description-->
 <!--ADMXMapped-->

From 284eee2b1cb1366d80077694d7faa69ed0aec358 Mon Sep 17 00:00:00 2001
From: Siddarth Mandalika <v-smandalika@microsoft.com>
Date: Wed, 13 Apr 2022 13:51:53 +0530
Subject: [PATCH 064/123] Update policy-csp-education.md

---
 windows/client-management/mdm/policy-csp-education.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/client-management/mdm/policy-csp-education.md b/windows/client-management/mdm/policy-csp-education.md
index efa4201d3f..f846573eda 100644
--- a/windows/client-management/mdm/policy-csp-education.md
+++ b/windows/client-management/mdm/policy-csp-education.md
@@ -1,6 +1,6 @@
 ---
 title: Policy CSP - Education
-description: Learn how to use the Policy CSP - Education setting to control graphing functionality in the Windows Calculator app. 
+description: Learn how to use the Policy CSP - Education setting to control the graphing functionality in the Windows Calculator app. 
 ms.author: dansimp
 ms.topic: article
 ms.prod: w10

From 99036d88ba8eb71f196ca1dc036d52ea14bda2c1 Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Wed, 13 Apr 2022 19:00:22 +0530
Subject: [PATCH 065/123] improved the acrolinx score

---
 .../app-v/appv-release-notes-for-appv-for-windows.md          | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/application-management/app-v/appv-release-notes-for-appv-for-windows.md b/windows/application-management/app-v/appv-release-notes-for-appv-for-windows.md
index 69755c157d..e61a81852c 100644
--- a/windows/application-management/app-v/appv-release-notes-for-appv-for-windows.md
+++ b/windows/application-management/app-v/appv-release-notes-for-appv-for-windows.md
@@ -52,7 +52,7 @@ An error is generated during publishing refresh when synchronizing packages from
 **Workaround**: Upgrade the App-V 5.0 Management server to the App-V Management server for Windows 10 Clients.
 
 ## Custom configurations don't get applied for packages that will be published globally if they're set using the App-V Server
-If you assign a package to an AD group that contains machine accounts and apply a custom configuration to that group using the App-V Server, the custom configuration won't not be applied to those machines. The App-V Client will publish packages assigned to a machine account globally. However, it stores custom configuration files per user in each user’s profile. Globally published packages won't have access to this custom configuration.
+If you assign a package to an AD group that contains machine accounts and apply a custom configuration to that group using the App-V Server, the custom configuration won't be applied to those machines. The App-V Client will publish packages assigned to a machine account globally. However, it stores custom configuration files per user in each user’s profile. Globally published packages won't have access to this custom configuration.
 
 **Workaround**: Do one of the following:
 
@@ -64,7 +64,7 @@ If you assign a package to an AD group that contains machine accounts and apply
 
 ## Server files not deleted after new App-V Server installation
 
-If you uninstall the App-V 5.0 SP1 Server and then install the App-V Server, the installation fails, the wrong version of the Management server is installed, and an error message is returned. The issue occurs because the Server files are not being deleted when you uninstall App-V 5.0 SP1, so the installation process does an upgrade instead of a new installation.
+If you uninstall the App-V 5.0 SP1 Server and then install the App-V Server, the installation fails, the wrong version of the Management server is installed, and an error message is returned. The issue occurs because the Server files aren't being deleted when you uninstall App-V 5.0 SP1, so the installation process does an upgrade instead of a new installation.
 
 **Workaround**: Delete this registry key before you start installing App-V:
 

From 00f9502b5cfe28ec9cb76f43c2579b291d4372d9 Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Wed, 13 Apr 2022 19:05:23 +0530
Subject: [PATCH 066/123] improved acrolinx scores

---
 .../app-v/appv-release-notes-for-appv-for-windows.md        | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/application-management/app-v/appv-release-notes-for-appv-for-windows.md b/windows/application-management/app-v/appv-release-notes-for-appv-for-windows.md
index e61a81852c..61513db3b9 100644
--- a/windows/application-management/app-v/appv-release-notes-for-appv-for-windows.md
+++ b/windows/application-management/app-v/appv-release-notes-for-appv-for-windows.md
@@ -72,19 +72,19 @@ Under HKEY\_LOCAL\_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVe
 
 ## File type associations added manually are not saved correctly
 
-File type associations added to an application package manually using the Shortcuts and FTAs tab at the end of the application upgrade wizard are not saved correctly. They will not be available to the App-V Client or to the Sequencer when updating the saved package again.
+File type associations added to an application package manually using the Shortcuts and FTAs tab at the end of the application upgrade wizard aren't saved correctly. They won't be available to the App-V Client or to the Sequencer when updating the saved package again.
 
 **Workaround**: To add a file type association, open the package for modification and run the update wizard. During the Installation step, add the new file type association through the operating system. The sequencer will detect the new association in the system registry and add it to the package’s virtual registry, where it will be available to the client.
 
 ## When streaming packages in Shared Content Store (SCS) mode to a client that is also managed with AppLocker, additional data is written to the local disk.
 
-To decrease the amount of data written to a client’s local disk, you can enable SCS mode on the App-V Client to stream the contents of a package on demand. However, if AppLocker manages an application within the package, some data might be written to the client’s local disk that would not otherwise be written.
+To decrease the amount of data written to a client’s local disk, you can enable SCS mode on the App-V Client to stream the contents of a package on demand. However, if AppLocker manages an application within the package, some data might be written to the client’s local disk that wouldn't otherwise be written.
 
 **Workaround**: None
 
 ## In the Management Console Add Package dialog box, the Browse button is not available when using Chrome or Firefox
 
-On the Packages page of the Management Console, if you click **Add or Upgrade** in the lower-right corner, the **Add Package** dialog box appears. If you are accessing the Management Console using Chrome or Firefox as your browser, you will not be able to browse to the location of the package.
+On the Packages page of the Management Console, if you click **Add or Upgrade** in the lower-right corner, the **Add Package** dialog box appears. If you're accessing the Management Console using Chrome or Firefox as your browser, you will not be able to browse to the location of the package.
 
 **Workaround**: Type or copy and paste the path to the package into the **Add Package** input field. If the Management Console has access to this path, you will be able to add the package. If the package is on a network share, you can browse to the location using File Explorer by doing these steps:
 

From b6f5a59ba742185a007fc51cfd9d6b12ebd620cd Mon Sep 17 00:00:00 2001
From: Ansemler <45408203+Ansemler@users.noreply.github.com>
Date: Wed, 13 Apr 2022 09:42:13 -0700
Subject: [PATCH 067/123] Update
 windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md

Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>
---
 ...windows-operating-system-components-to-microsoft-services.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index dcda65933f..ac146a44e8 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -328,7 +328,7 @@ You can also apply the Group Policies using the following registry keys:
 
 - Create a new REG_SZ registry setting named **{0DE40C8E-C126-4A27-9371-A27DAB1039F7}** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\FirewallRules** and set it to a value of **v2.25|Action=Block|Active=TRUE|Dir=Out|Protocol=6|App=%windir%\\SystemApps\\Microsoft.Windows.Cortana_cw5n1h2txyewy\\searchUI.exe|Name=Block outbound Cortana|**
 
-- On Windows 11 instead follow the previous section and use the Group Policy editor
+- On Windows 11, follow the previous section instead and use the Group Policy editor.
 
 If your organization tests network traffic, do not use a network proxy as Windows Firewall does not block proxy traffic. Instead, use a network traffic analyzer. Based on your needs, there are many network traffic analyzers available at no cost.
 

From c975c785f4721dcd6faa9a9fce2a9996afed6c60 Mon Sep 17 00:00:00 2001
From: Ansemler <45408203+Ansemler@users.noreply.github.com>
Date: Wed, 13 Apr 2022 09:42:19 -0700
Subject: [PATCH 068/123] Update
 windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md

Co-authored-by: JohanFreelancer9 <48568725+JohanFreelancer9@users.noreply.github.com>
---
 ...indows-operating-system-components-to-microsoft-services.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index ac146a44e8..d3a03542fc 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -306,7 +306,8 @@ You can also apply the Group Policies using the following registry keys:
 3. On the **Rule Type** page, click **Program**, and then click **Next**.
 
 4. On the **Program** page, click **This program path**, type **%windir%\\systemapps\\Microsoft.Windows.Cortana\_cw5n1h2txyewy\\SearchUI.exe**, and then click **Next**.
-   - On Windows 11 instead type **"%windir%\\SystemApps\\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\\SearchHost.exe"**
+
+   - On Windows 11, type **"%windir%\\SystemApps\\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\\SearchHost.exe"** instead.
 
 5. On the **Action** page, click **Block the connection**, and then click **Next**.
 

From 8b64394f0319dc72ccefd3bc392653977a805167 Mon Sep 17 00:00:00 2001
From: chrfox <chrfox@microsoft.com>
Date: Wed, 13 Apr 2022 11:20:38 -0700
Subject: [PATCH 069/123] Update protect-enterprise-data-using-wip.md

one purview update made
---
 .../protect-enterprise-data-using-wip.md                        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip.md b/windows/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip.md
index f9a0db9b78..aabc6b7080 100644
--- a/windows/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip.md
+++ b/windows/security/information-protection/windows-information-protection/protect-enterprise-data-using-wip.md
@@ -57,7 +57,7 @@ To help address this security insufficiency, companies developed data loss preve
 
 - **A way to scan company data to see whether it matches any of your defined rules.** Currently, Microsoft Exchange Server and Exchange Online provide this service for email in transit, while Microsoft SharePoint and SharePoint Online provide this service for content stored in document libraries.
 
-- **The ability to specify what happens when data matches a rule, including whether employees can bypass enforcement.** For example, in Microsoft SharePoint and SharePoint Online, the Microsoft data loss prevention system lets you warn your employees that shared data includes sensitive info, and to share it anyway (with an optional audit log entry).
+- **The ability to specify what happens when data matches a rule, including whether employees can bypass enforcement.** For example, in Microsoft SharePoint and SharePoint Online, the Microsoft Purview data loss prevention system lets you warn your employees that shared data includes sensitive info, and to share it anyway (with an optional audit log entry).
 
 Unfortunately, data loss prevention systems have their own problems. For example, the less detailed the rule set, the more false positives are created, leading employees to believe that the rules slow down their work and need to be bypassed in order to remain productive, potentially leading to data being incorrectly blocked or improperly released. Another major problem is that data loss prevention systems must be widely implemented to be effective. For example, if your company uses a data loss prevention system for email, but not for file shares or document storage, you might find that your data leaks through the unprotected channels. But perhaps the biggest problem with data loss prevention systems is that it provides a jarring experience that interrupts the employees’ natural workflow by stopping some operations (such as sending a message with an attachment that the system tags as sensitive) while allowing others, often according to subtle rules that the employee doesn’t see and can’t understand.
 

From 4e0f1add65a8d4ca4962b14fa21e86262ded2ea5 Mon Sep 17 00:00:00 2001
From: Siddarth Mandalika <v-smandalika@microsoft.com>
Date: Thu, 14 Apr 2022 17:17:40 +0530
Subject: [PATCH 070/123] Acrolinx enhancement

---
 .../mdm/policy-csp-kerberos.md                |  44 ++---
 .../mdm/policy-csp-kioskbrowser.md            |   8 +-
 .../mdm/policy-csp-lanmanworkstation.md       |  10 +-
 ...policy-csp-localpoliciessecurityoptions.md | 150 +++++++++---------
 .../mdm/policy-csp-messaging.md               |   6 +-
 5 files changed, 109 insertions(+), 109 deletions(-)

diff --git a/windows/client-management/mdm/policy-csp-kerberos.md b/windows/client-management/mdm/policy-csp-kerberos.md
index 95b4864abc..f8ed8cecde 100644
--- a/windows/client-management/mdm/policy-csp-kerberos.md
+++ b/windows/client-management/mdm/policy-csp-kerberos.md
@@ -85,9 +85,9 @@ manager: dansimp
 <!--Description-->
 This policy setting defines the list of trusting forests that the Kerberos client searches when attempting to resolve two-part service principal names (SPNs).
 
-If you enable this policy setting, the Kerberos client searches the forests in this list, if it is unable to resolve a two-part SPN. If a match is found, the Kerberos client requests a referral ticket to the appropriate domain.
+If you enable this policy setting, the Kerberos client searches the forests in this list, if it's unable to resolve a two-part SPN. If a match is found, the Kerberos client requests a referral ticket to the appropriate domain.
 
-If you disable or do not configure this policy setting, the Kerberos client does not search the listed forests to resolve the SPN. If the Kerberos client is unable to resolve the SPN because the name is not found, NTLM authentication might be used.
+If you disable or don't configure this policy setting, the Kerberos client doesn't search the listed forests to resolve the SPN. If the Kerberos client is unable to resolve the SPN because the name isn't found, NTLM authentication might be used.
 
 <!--/Description-->
 
@@ -129,11 +129,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy allows retrieving the cloud Kerberos ticket during the logon.
+This policy allows retrieving the cloud Kerberos ticket during the sign in.
 
-- If you disable (0) or do not configure this policy setting, the cloud Kerberos ticket is not retrieved during the logon.
+- If you disable (0) or don't configure this policy setting, the cloud Kerberos ticket isn't retrieved during the sign in.
 
-- If you enable (1) this policy, the cloud Kerberos ticket is retrieved during the logon.
+- If you enable (1) this policy, the cloud Kerberos ticket is retrieved during the sign in.
 <!--/Description-->
 
 <!--SupportedValues-->
@@ -182,9 +182,9 @@ ADMX Info:
 <!--/Scope-->
 <!--Description-->
 This policy setting controls whether a device will request claims and compound authentication for Dynamic Access Control and Kerberos armoring using Kerberos authentication with domains that support these features. 
-If you enable this policy setting, the client computers will request claims, provide information required to create compounded authentication and armor Kerberos messages in domains which support claims and compound authentication for Dynamic Access Control and Kerberos armoring.
+If you enable this policy setting, the client computers will request claims, provide information required to create compounded authentication and armor Kerberos messages in domains that support claims and compound authentication for Dynamic Access Control and Kerberos armoring.
 
-If you disable or do not configure this policy setting, the client devices will not request claims, provide information required to create compounded authentication and armor Kerberos messages. Services hosted on the device will not be able to retrieve claims for clients using Kerberos protocol transition.
+If you disable or don't configure this policy setting, the client devices won't request claims, provide information required to create compounded authentication and armor Kerberos messages. Services hosted on the device won't be able to retrieve claims for clients using Kerberos protocol transition.
 
 <!--/Description-->
 
@@ -229,14 +229,14 @@ ADMX Info:
 
 This policy setting controls hash or checksum algorithms used by the Kerberos client when performing certificate authentication.
 
-If you enable this policy, you will be able to configure one of four states for each algorithm:
+If you enable this policy, you'll be able to configure one of four states for each algorithm:
 
-* **Default**: This sets the algorithm to the recommended state.
-* **Supported**: This enables usage of the algorithm. Enabling algorithms that have been disabled by default may reduce your security.
-* **Audited**: This enables usage of the algorithm and reports an event (ID 205) every time it is used. This state is intended to verify that the algorithm is not being used and can be safely disabled.
-* **Not Supported**: This disables usage of the algorithm. This state is intended for algorithms that are deemed to be insecure.
+* **Default**: This state sets the algorithm to the recommended state.
+* **Supported**: This state enables usage of the algorithm. Enabling algorithms that have been disabled by default may reduce your security.
+* **Audited**: This state enables usage of the algorithm and reports an event (ID 205) every time it's used. This state is intended to verify that the algorithm isn't being used and can be safely disabled.
+* **Not Supported**: This state disables usage of the algorithm. This state is intended for algorithms that are deemed to be insecure.
 
-If you disable or do not configure this policy, each algorithm will assume the **Default** state.
+If you disable or don't configure this policy, each algorithm will assume the **Default** state.
 
 More information about the hash and checksum algorithms supported by the Windows Kerberos client and their default states can be found https://go.microsoft.com/fwlink/?linkid=2169037.
 
@@ -282,14 +282,14 @@ ADMX Info:
 <!--Description-->
 This policy setting controls whether a computer requires that Kerberos message exchanges be armored when communicating with a domain controller.
 
-Warning: When a domain does not support Kerberos armoring by enabling "Support Dynamic Access Control and Kerberos armoring", then all authentication for all its users will fail from computers with this policy setting enabled.
+Warning: When a domain doesn't support Kerberos armoring by enabling "Support Dynamic Access Control and Kerberos armoring", then all authentication for all its users will fail from computers with this policy setting enabled.
 
 If you enable this policy setting, the client computers in the domain enforce the use of Kerberos armoring in only authentication service (AS) and ticket-granting service (TGS) message exchanges with the domain controllers. 
 
 > [!NOTE]
 > The Kerberos Group Policy "Kerberos client support for claims, compound authentication and Kerberos armoring" must also be enabled to support Kerberos armoring. 
 
-If you disable or do not configure this policy setting, the client computers in the domain enforce the use of Kerberos armoring when possible as supported by the target domain.
+If you disable or don't configure this policy setting, the client computers in the domain enforce the use of Kerberos armoring when possible as supported by the target domain.
 
 <!--/Description-->
 
@@ -333,9 +333,9 @@ ADMX Info:
 <!--Description-->
 This policy setting controls the Kerberos client's behavior in validating the KDC certificate for smart card and system certificate logon.  
 
-If you enable this policy setting, the Kerberos client requires that the KDC's X.509 certificate contains the KDC key purpose object identifier in the Extended Key Usage (EKU) extensions, and that the KDC's X.509 certificate contains a dNSName subjectAltName (SAN) extension that matches the DNS name of the domain. If the computer is joined to a domain, the Kerberos client requires that the KDC's X.509 certificate must be signed by a Certificate Authority (CA) in the NTAuth store. If the computer is not joined to a domain, the Kerberos client allows the root CA certificate on the smart card to be used in the path validation of the KDC's X.509 certificate.
+If you enable this policy setting, the Kerberos client requires that the KDC's X.509 certificate contains the KDC key purpose object identifier in the Extended Key Usage (EKU) extensions, and that the KDC's X.509 certificate contains a dNSName subjectAltName (SAN) extension that matches the DNS name of the domain. If the computer is joined to a domain, the Kerberos client requires that the KDC's X.509 certificate must be signed by a Certificate Authority (CA) in the NTAuth store. If the computer isn't joined to a domain, the Kerberos client allows the root CA certificate on the smart card to be used in the path validation of the KDC's X.509 certificate.
 
-If you disable or do not configure this policy setting, the Kerberos client requires only that the KDC certificate contain the Server Authentication purpose object identifier in the EKU extensions which can be issued to any server.
+If you disable or don't configure this policy setting, the Kerberos client requires only that the KDC certificate contain the Server Authentication purpose object identifier in the EKU extensions that can be issued to any server.
 
 <!--/Description-->
 
@@ -377,16 +377,16 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to set the value returned to applications which request the maximum size of the SSPI context token buffer size.
+This policy setting allows you to set the value returned to applications that request the maximum size of the SSPI context token buffer size.
 
 The size of the context token buffer determines the maximum size of SSPI context tokens an application expects and allocates. Depending upon authentication request processing and group memberships, the buffer might be smaller than the actual size of the SSPI context token. 
 
 If you enable this policy setting, the Kerberos client or server uses the configured value, or the locally allowed maximum value, whichever is smaller.
 
-If you disable or do not configure this policy setting, the Kerberos client or server uses the locally configured value or the default value. 
+If you disable or don't configure this policy setting, the Kerberos client or server uses the locally configured value or the default value. 
 
 > [!NOTE]
-> This policy setting configures the existing MaxTokenSize registry value in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters, which was added in Windows XP and Windows Server 2003, with a default value of 12,000 bytes. Beginning with Windows 8 the default is 48,000 bytes. Due to HTTP's base64 encoding of authentication context tokens, it is not advised to set this value more than 48,000 bytes.
+> This policy setting configures the existing MaxTokenSize registry value in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters, which was added in Windows XP and Windows Server 2003, with a default value of 12,000 bytes. Beginning with Windows 8 the default is 48,000 bytes. Due to HTTP's base64 encoding of authentication context tokens, it's not advised to set this value more than 48,000 bytes.
 
 <!--/Description-->
 
@@ -428,9 +428,9 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Adds a list of domains that an Azure Active Directory joined device can attempt to contact when it cannot resolve a UPN to a principal.
+Adds a list of domains that an Azure Active Directory joined device can attempt to contact when it can't resolve a UPN to a principal.
 
-Devices joined to Azure Active Directory in a hybrid environment need to interact with Active Directory Domain Controllers, but they lack the built-in ability to find a Domain Controller that a domain-joined device has. This can cause failures when such a device needs to resolve an Azure Active Directory UPN into an Active Directory Principal. You can use this policy to avoid those failures.
+Devices joined to Azure Active Directory in a hybrid environment need to interact with Active Directory Domain Controllers, but they lack the built-in ability to find a Domain Controller that a domain-joined device has. This limitation can cause failures when such a device needs to resolve an Azure Active Directory UPN into an Active Directory Principal. You can use this policy to avoid those failures.
 
 <!--/Description-->
 <!--SupportedValues-->
diff --git a/windows/client-management/mdm/policy-csp-kioskbrowser.md b/windows/client-management/mdm/policy-csp-kioskbrowser.md
index 4dfe60a594..ec353dc9aa 100644
--- a/windows/client-management/mdm/policy-csp-kioskbrowser.md
+++ b/windows/client-management/mdm/policy-csp-kioskbrowser.md
@@ -77,7 +77,7 @@ These policies currently only apply to Kiosk Browser app. Kiosk Browser is a Mic
 
 <!--/Scope-->
 <!--Description-->
-List of exceptions to the blocked website URLs (with wildcard support). This is used to configure URLs kiosk browsers are allowed to navigate to, which are a subset of the blocked URLs.
+List of exceptions to the blocked website URLs (with wildcard support). This policy is used to configure URLs kiosk browsers are allowed to navigate to, which are a subset of the blocked URLs.
 
 > [!NOTE]
 > This policy only applies to the Kiosk Browser app in Microsoft Store.
@@ -113,7 +113,7 @@ List of exceptions to the blocked website URLs (with wildcard support). This is
 
 <!--/Scope-->
 <!--Description-->
-List of blocked website URLs (with wildcard support). This is used to configure blocked URLs kiosk browsers cannot navigate to.
+List of blocked website URLs (with wildcard support). This policy is used to configure blocked URLs kiosk browsers can't navigate to.
 
 > [!NOTE]
 > This policy only applies to the Kiosk Browser app in Microsoft Store.
@@ -185,7 +185,7 @@ Configures the default URL kiosk browsers to navigate on launch and restart.
 
 <!--/Scope-->
 <!--Description-->
-Shows the Kiosk Browser's end session button. When the policy is enabled, the Kiosk Browser app shows a button to reset the browser. When the user clicks on the button, the app will prompt the user for confirmation to end the session. When the user confirms, the Kiosk browser will clear all browsing data (cache, cookies, etc.) and navigate back to the default URL.
+Shows the Kiosk Browser's end session button. When the policy is enabled, the Kiosk Browser app shows a button to reset the browser. When the user selects the button, the app will prompt the user for confirmation to end the session. When the user confirms, the Kiosk browser will clear all browsing data (cache, cookies, etc.) and navigate back to the default URL.
 
 <!--/Description-->
 <!--/Policy-->
@@ -292,7 +292,7 @@ Enable/disable kiosk browser's navigation buttons (forward/back).
 <!--Description-->
 Amount of time in minutes the session is idle until the kiosk browser restarts in a fresh state.  
 
-The value is an int 1-1440 that specifies the amount of minutes the session is idle until the kiosk browser restarts in a fresh state. The default value is empty which means there is no idle timeout within the kiosk browser.
+The value is an int 1-1440 that specifies the number of minutes the session is idle until the kiosk browser restarts in a fresh state. The default value is empty, which means there's no idle timeout within the kiosk browser.
 
 > [!NOTE]
 > This policy only applies to the Kiosk Browser app in Microsoft Store.
diff --git a/windows/client-management/mdm/policy-csp-lanmanworkstation.md b/windows/client-management/mdm/policy-csp-lanmanworkstation.md
index 0165674799..abd1293e59 100644
--- a/windows/client-management/mdm/policy-csp-lanmanworkstation.md
+++ b/windows/client-management/mdm/policy-csp-lanmanworkstation.md
@@ -1,6 +1,6 @@
 ---
 title: Policy CSP - LanmanWorkstation
-description: Use the Policy CSP - LanmanWorkstation setting to determine if the SMB client will allow insecure guest logons to an SMB server.
+description: Use the Policy CSP - LanmanWorkstation setting to determine if the SMB client will allow insecure guest sign ins to an SMB server.
 ms.author: dansimp
 ms.topic: article
 ms.prod: w10
@@ -56,13 +56,13 @@ manager: dansimp
 
 <!--/Scope-->
 <!--Description-->
-This policy setting determines if the SMB client will allow insecure guest logons to an SMB server.
+This policy setting determines if the SMB client will allow insecure guest sign ins to an SMB server.
 
-If you enable this policy setting or if you do not configure this policy setting, the SMB client will allow insecure guest logons.
+If you enable this policy setting or if you don't configure this policy setting, the SMB client will allow insecure guest sign ins.
 
-If you disable this policy setting, the SMB client will reject insecure guest logons.
+If you disable this policy setting, the SMB client will reject insecure guest sign ins.
 
-Insecure guest logons are used by file servers to allow unauthenticated access to shared folders. While uncommon in an enterprise environment, insecure guest logons are frequently used by consumer Network Attached Storage (NAS) appliances acting as file servers. Windows file servers require authentication and do not use insecure guest logons by default. Since insecure guest logons are unauthenticated, important security features such as SMB Signing and SMB Encryption are disabled. As a result, clients that allow insecure guest logons are vulnerable to a variety of man-in-the-middle attacks that can result in data loss, data corruption, and exposure to malware. Additionally, any data written to a file server using an insecure guest logon is potentially accessible to anyone on the network. Microsoft recommends disabling insecure guest logons and configuring file servers to require authenticated access.
+Insecure guest sign ins are used by file servers to allow unauthenticated access to shared folders. While uncommon in an enterprise environment, insecure guest sign ins are frequently used by consumer Network Attached Storage (NAS) appliances acting as file servers. Windows file servers require authentication and don't use insecure guest sign ins by default. Since insecure guest sign ins are unauthenticated, important security features such as SMB Signing and SMB Encryption are disabled. As a result, clients that allow insecure guest sign ins are vulnerable to various man-in-the-middle attacks that can result in data loss, data corruption, and exposure to malware. Additionally, any data written to a file server using an insecure guest sign in is potentially accessible to anyone on the network. Microsoft recommends disabling insecure guest sign ins and configuring file servers to require authenticated access.
 
 <!--/Description-->
 <!--ADMXMapped-->
diff --git a/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md b/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md
index 056c7c95d6..affd8a51ea 100644
--- a/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md
+++ b/windows/client-management/mdm/policy-csp-localpoliciessecurityoptions.md
@@ -201,11 +201,11 @@ manager: dansimp
 <!--Description-->
 This policy setting prevents users from adding new Microsoft accounts on this computer.
 
-If you select the "Users cannot add Microsoft accounts" option, users will not be able to create new Microsoft accounts on this computer, switch a local account to a Microsoft account, or connect a domain account to a Microsoft account. This is the preferred option if you need to limit the use of Microsoft accounts in your enterprise.
+If you select the "Users cannot add Microsoft accounts" option, users won't be able to create new Microsoft accounts on this computer, switch a local account to a Microsoft account, or connect a domain account to a Microsoft account. This option is the preferred option if you need to limit the use of Microsoft accounts in your enterprise.
 
-If you select the "Users cannot add or log on with Microsoft accounts" option, existing Microsoft account users will not be able to log on to Windows. Selecting this option might make it impossible for an existing administrator on this computer to log on and manage the system.
+If you select the "Users cannot add or log on with Microsoft accounts" option, existing Microsoft account users won't be able to sign in to Windows. Selecting this option might make it impossible for an existing administrator on this computer to sign in and manage the system.
 
-If you disable or do not configure this policy (recommended), users will be able to use Microsoft accounts with Windows.
+If you disable or don't configure this policy (recommended), users will be able to use Microsoft accounts with Windows.
 
 Value type is integer. Supported operations are Add, Get, Replace, and Delete.
 
@@ -220,7 +220,7 @@ GP Info:
 The following list shows the supported values:
 
 -   0 - disabled (users will be able to use Microsoft accounts with Windows).
--   1 - enabled (users cannot add Microsoft accounts).
+-   1 - enabled (users can't add Microsoft accounts).
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -350,16 +350,16 @@ The following list shows the supported values:
 <!--Description-->
 Accounts: Limit local account use of blank passwords to console logon only
 
-This security setting determines whether local accounts that are not password protected can be used to log on from locations other than the physical computer console. If enabled, local accounts that are not password protected will only be able to log on at the computer's keyboard.
+This security setting determines whether local accounts that aren't password protected can be used to sign in from locations other than the physical computer console. If enabled, local accounts that aren't password protected will only be able to sign in at the computer's keyboard.
 
 Default: Enabled.
 
 > [!WARNING]
-> Computers that are not in physically secure locations should always enforce strong password policies for all local user accounts. Otherwise, anyone with physical access to the computer can log on by using a user account that does not have a password. This is especially important for portable computers.
-If you apply this security policy to the Everyone group, no one will be able to log on through Remote Desktop Services.
+> Computers that aren't in physically secure locations should always enforce strong password policies for all local user accounts. Otherwise, anyone with physical access to the computer can sign in by using a user account that doesn't have a password. This is especially important for portable computers.
+If you apply this security policy to the Everyone group, no one will be able to sign in through Remote Desktop Services.
 
-This setting does not affect logons that use domain accounts.
-It is possible for applications that use remote interactive logons to bypass this setting.
+This setting doesn't affect sign ins that use domain accounts.
+It's possible for applications that use remote interactive sign ins to bypass this setting.
 
 Value type is integer. Supported operations are Add, Get, Replace, and Delete.
 
@@ -372,8 +372,8 @@ GP Info:
 <!--/RegistryMapped-->
 <!--SupportedValues-->
 Valid values:  
-- 0 -  disabled - local accounts that are not password protected can be used to log on from locations other than the physical computer console
-- 1 -  enabled - local accounts that are not password protected will only be able to log on at the computer's keyboard
+- 0 -  disabled - local accounts that aren't password protected can be used to sign in from locations other than the physical computer console
+- 1 -  enabled - local accounts that aren't password protected will only be able to sign in at the computer's keyboard
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -496,9 +496,9 @@ GP Info:
 
 <!--/Scope-->
 <!--Description-->
-Devices: Allow undock without having to log on. 
+Devices: Allow undock without having to sign in. 
 
-This security setting determines whether a portable computer can be undocked without having to log on. If this policy is enabled, logon is not required and an external hardware eject button can be used to undock the computer. If disabled, a user must log on and have the Remove computer from docking station privilege to undock the computer.
+This security setting determines whether a portable computer can be undocked without having to sign in. If this policy is enabled, sign in isn't required and an external hardware eject button can be used to undock the computer. If disabled, a user must sign in and have the Remove computer from docking station privilege to undock the computer.
 Default: Enabled.
 
 > [!CAUTION]
@@ -548,7 +548,7 @@ This security setting determines who is allowed to format and eject removable NT
 - Administrators
 - Administrators and Interactive Users
 
-Default: This policy is not defined and only Administrators have this ability.
+Default: This policy isn't defined, and only Administrators have this ability.
 
 <!--/Description-->
 <!--RegistryMapped-->
@@ -595,7 +595,7 @@ Default on servers: Enabled.
 Default on workstations: Disabled
 
 >[!NOTE]
->This setting does not affect the ability to add a local printer. This setting does not affect Administrators.
+>This setting doesn't affect the ability to add a local printer. This setting doesn't affect Administrators.
 
 <!--/Description-->
 <!--RegistryMapped-->
@@ -640,7 +640,7 @@ This security setting determines whether a CD-ROM is accessible to both local an
 
 If this policy is enabled, it allows only the interactively logged-on user to access removable CD-ROM media. If this policy is enabled and no one is logged on interactively, the CD-ROM can be accessed over the network.
 
-Default: This policy is not defined and CD-ROM access is not restricted to the locally logged-on user.
+Default: This policy isn't defined and CD-ROM access isn't restricted to the locally logged-on user.
 
 <!--/Description-->
 <!--RegistryMapped-->
@@ -679,7 +679,7 @@ GP Info:
 
 <!--/Scope-->
 <!--Description-->
-Interactive Logon:Display user information when the session is locked  
+Interactive Logon: Display user information when the session is locked  
 
 
 Value type is integer. Supported operations are Add, Get, Replace, and Delete.
@@ -695,7 +695,7 @@ GP Info:
 Valid values:
 - 1 - User display name, domain and user names
 - 2 - User display name only
-- 3 - Do not display user information
+- 3 - Don't display user information
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -731,7 +731,7 @@ Valid values:
 Interactive logon: Don't display last signed-in
 
 This security setting determines whether the Windows sign-in screen will show the username of the last person who signed in on this PC.
-If this policy is enabled, the username will not be shown.
+If this policy is enabled, the username won't be shown.
 
 If this policy is disabled, the username will be shown.
 
@@ -749,7 +749,7 @@ GP Info:
 <!--SupportedValues-->
 Valid values:  
 - 0 - disabled (username will be shown)
-- 1 - enabled (username will not be shown)
+- 1 - enabled (username won't be shown)
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -786,7 +786,7 @@ Interactive logon: Don't display username at sign-in
 
 This security setting determines whether the username of the person signing in to this PC appears at Windows sign-in, after credentials are entered, and before the PC desktop is shown.
 
-If this policy is enabled, the username will not be shown.
+If this policy is enabled, the username won't be shown.
 
 If this policy is disabled, the username will be shown.
 
@@ -804,7 +804,7 @@ GP Info:
 <!--SupportedValues-->
 Valid values:  
 - 0 - disabled (username will be shown)
-- 1 - enabled (username will not be shown)
+- 1 - enabled (username won't be shown)
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -837,11 +837,11 @@ Valid values:
 
 <!--/Scope-->
 <!--Description-->
-Interactive logon: Do not require CTRL+ALT+DEL
+Interactive logon: Don't require CTRL+ALT+DEL
 
-This security setting determines whether pressing CTRL+ALT+DEL is required before a user can log on.
+This security setting determines whether pressing CTRL+ALT+DEL is required before a user can sign in.
 
-If this policy is enabled on a computer, a user is not required to press CTRL+ALT+DEL to log on. Not having to press CTRL+ALT+DEL leaves users susceptible to attacks that attempt to intercept the users' passwords. Requiring CTRL+ALT+DEL before users log on ensures that users are communicating by means of a trusted path when entering their passwords.
+If this policy is enabled on a computer, a user isn't required to press CTRL+ALT+DEL to sign in. Not having to press CTRL+ALT+DEL leaves users susceptible to attacks that attempt to intercept the users' passwords. Requiring CTRL+ALT+DEL before users sign in ensures that users are communicating through a trusted path when entering their passwords.
 
 If this policy is disabled, any user is required to press CTRL+ALT+DEL before logging on to Windows.
 
@@ -860,7 +860,7 @@ GP Info:
 <!--SupportedValues-->
 Valid values:  
 - 0 - disabled
-- 1 - enabled (a user is not required to press CTRL+ALT+DEL to log on)
+- 1 - enabled (a user isn't required to press CTRL+ALT+DEL to sign in)
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -895,7 +895,7 @@ Valid values:
 <!--Description-->
 Interactive logon: Machine inactivity limit.
 
-Windows notices inactivity of a logon session, and if the amount of inactive time exceeds the inactivity limit, then the screen saver will run, locking the session.
+Windows notices inactivity of a sign-in session, and if the amount of inactive time exceeds the inactivity limit, then the screen saver will run, locking the session.
 
 Default: not enforced.
 
@@ -909,7 +909,7 @@ GP Info:
 
 <!--/RegistryMapped-->
 <!--SupportedValues-->
-Valid values: From 0 to 599940, where the value is the amount of inactivity time (in seconds) after which the session will be locked. If it is set to zero (0), the setting is disabled.
+Valid values: From 0 to 599940, where the value is the amount of inactivity time (in seconds) after which the session will be locked. If it's set to zero (0), the setting is disabled.
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -942,9 +942,9 @@ Valid values: From 0 to 599940, where the value is the amount of inactivity time
 
 <!--/Scope-->
 <!--Description-->
-Interactive logon: Message text for users attempting to log on
+Interactive logon: Message text for users attempting to sign in
 
-This security setting specifies a text message that is displayed to users when they log on.
+This security setting specifies a text message that is displayed to users when they sign in.
 
 This text is often used for legal reasons, for example, to warn users about the ramifications of misusing company information or to warn them that their actions may be audited.
 
@@ -989,9 +989,9 @@ GP Info:
 
 <!--/Scope-->
 <!--Description-->
-Interactive logon: Message title for users attempting to log on
+Interactive logon: Message title for users attempting to sign in
 
-This security setting allows the specification of a title to appear in the title bar of the window that contains the Interactive logon: Message text for users attempting to log on.
+This security setting allows the specification of a title to appear in the title bar of the window that contains the Interactive logon: Message text for users attempting to sign in.
 
 Default: No message.
 
@@ -1047,14 +1047,14 @@ The options are:
 
 If you click Lock Workstation in the Properties dialog box for this policy, the workstation is locked when the smart card is removed, allowing users to leave the area, take their smart card with them, and still maintain a protected session.
 
-If you click Force Logoff in the Properties dialog box for this policy, the user is automatically logged off when the smart card is removed.
+If you click Force Logoff in the Properties dialog box for this policy, the user is automatically signed off when the smart card is removed.
 
-If you click Disconnect if a Remote Desktop Services session, removal of the smart card disconnects the session without logging the user off. This allows the user to insert the smart card and resume the session later, or at another smart card reader-equipped computer, without having to log on again. If the session is local, this policy functions identically to Lock Workstation.
+If you click Disconnect if a Remote Desktop Services session, removal of the smart card disconnects the session without logging off the user. This policy allows the user to insert the smart card and resume the session later, or at another smart card reader-equipped computer, without having to sign in again. If the session is local, this policy functions identically to Lock Workstation.
 
 > [!NOTE]
 > Remote Desktop Services was called Terminal Services in previous versions of Windows Server.
 
-Default: This policy is not defined, which means that the system treats it as No action.
+Default: This policy isn't defined, which means that the system treats it as No action.
 
 On Windows Vista and above: For this setting to work, the Smart Card Removal Policy service must be started.
 
@@ -1098,7 +1098,7 @@ Microsoft network client: Digitally sign communications (always)
 
 This security setting determines whether packet signing is required by the SMB client component.  The server message block (SMB) protocol provides the basis for Microsoft file and print sharing and many other networking operations, such as remote Windows administration. To prevent man-in-the-middle attacks that modify SMB packets in transit, the SMB protocol supports the digital signing of SMB packets. This policy setting determines whether SMB packet signing must be negotiated before further communication with an SMB server is permitted.  
 
-If this setting is enabled, the Microsoft network client will not communicate with a Microsoft network server unless that server agrees to perform SMB packet signing. If this policy is disabled, SMB packet signing is negotiated between the client and server. 
+If this setting is enabled, the Microsoft network client won't communicate with a Microsoft network server unless that server agrees to perform SMB packet signing. If this policy is disabled, SMB packet signing is negotiated between the client and server. 
  
 Default: Disabled.   
 
@@ -1208,7 +1208,7 @@ GP Info:
 <!--Description-->
 Microsoft network client: Send unencrypted password to connect to third-party SMB servers
 
-If this security setting is enabled, the Server Message Block (SMB) redirector is allowed to send plaintext passwords to non-Microsoft SMB servers that do not support password encryption during authentication.
+If this security setting is enabled, the Server Message Block (SMB) redirector is allowed to send plaintext passwords to non-Microsoft SMB servers that don't support password encryption during authentication.
 
 Sending unencrypted passwords is a security risk.
 
@@ -1263,7 +1263,7 @@ Administrators can use this policy to control when a computer suspends an inacti
 
 For this policy setting, a value of 0 means to disconnect an idle session as quickly as is reasonably possible. The maximum value is 99999, which is 208 days; in effect, this value disables the policy.
 
-Default:This policy is not defined, which means that the system treats it as 15 minutes for servers and undefined for workstations.
+Default: This policy isn't defined, which means that the system treats it as 15 minutes for servers and undefined for workstations.
 
 <!--/Description-->
 <!--RegistryMapped-->
@@ -1317,7 +1317,7 @@ This security setting determines whether packet signing is required by the SMB s
 
 The server message block (SMB) protocol provides the basis for Microsoft file and print sharing and many other networking operations, such as remote Windows administration. To prevent man-in-the-middle attacks that modify SMB packets in transit, the SMB protocol supports the digital signing of SMB packets. This policy setting determines whether SMB packet signing must be negotiated before further communication with an SMB client is permitted.
 
-If this setting is enabled, the Microsoft network server will not communicate with a Microsoft network client unless that client agrees to perform SMB packet signing. If this setting is disabled, SMB packet signing is negotiated between the client and server.
+If this setting is enabled, the Microsoft network server won't communicate with a Microsoft network client unless that client agrees to perform SMB packet signing. If this setting is disabled, SMB packet signing is negotiated between the client and server.
 
 Default: Disabled for member servers. Enabled for domain controllers.
 
@@ -1328,7 +1328,7 @@ Default: Disabled for member servers. Enabled for domain controllers.
 > - Microsoft network server: Digitally sign communications (always) - Controls whether or not the server-side SMB component requires packet signing.
 > - Microsoft network server: Digitally sign communications (if client agrees) - Controls whether or not the server-side SMB component has packet signing enabled.
 >
-> Similarly, if client-side SMB signing is required, that client will not be able to establish a session with servers that do not have packet signing enabled. By default, server-side SMB signing is enabled only on domain controllers.
+> Similarly, if client-side SMB signing is required, that client won't be able to establish a session with servers that don't have packet signing enabled. By default, server-side SMB signing is enabled only on domain controllers.
 > If server-side SMB signing is enabled, SMB packet signing will be negotiated with clients that have client-side SMB signing enabled.
 > SMB packet signing can significantly degrade SMB performance, depending on dialect version, OS version, file sizes, processor offloading capabilities, and application IO behaviors. For more information, reference: [Reduced performance after SMB Encryption or SMB Signing is enabled - Windows Server | Microsoft Docs](/troubleshoot/windows-server/networking/reduced-performance-after-smb-encryption-signing).
 
@@ -1427,19 +1427,19 @@ GP Info:
 
 <!--/Scope-->
 <!--Description-->
-Network access: Do not allow anonymous enumeration of SAM accounts
+Network access: Don't allow anonymous enumeration of SAM accounts
 
-This security setting determines what additional permissions will be granted for anonymous connections to the computer.
+This security setting determines what other permissions will be granted for anonymous connections to the computer.
 
-Windows allows anonymous users to perform certain activities, such as enumerating the names of domain accounts and network shares. This is convenient, for example, when an administrator wants to grant access to users in a trusted domain that does not maintain a reciprocal trust.
+Windows allows anonymous users to perform certain activities, such as enumerating the names of domain accounts and network shares. This feature is convenient, for example, when an administrator wants to grant access to users in a trusted domain that doesn't maintain a reciprocal trust.
 
-This security option allows additional restrictions to be placed on anonymous connections as follows:
+This security option allows more restrictions to be placed on anonymous connections as follows:
 
-Enabled: Do not allow enumeration of SAM accounts. This option replaces Everyone with Authenticated Users in the security permissions for resources.
-Disabled: No additional restrictions. Rely on default permissions.
+Enabled: Don't allow enumeration of SAM accounts. This option replaces Everyone with Authenticated Users in the security permissions for resources.
+Disabled: No extra restrictions. Rely on default permissions.
 
 Default on workstations: Enabled.
-Default on server:Enabled.
+Default on server: Enabled.
 
 > [!IMPORTANT]
 > This policy has no impact on domain controllers.
@@ -1481,11 +1481,11 @@ GP Info:
 
 <!--/Scope-->
 <!--Description-->
-Network access: Do not allow anonymous enumeration of SAM accounts and shares
+Network access: Don't allow anonymous enumeration of SAM accounts and shares
 
 This security setting determines whether anonymous enumeration of SAM accounts and shares is allowed.
 
-Windows allows anonymous users to perform certain activities, such as enumerating the names of domain accounts and network shares. This is convenient, for example, when an administrator wants to grant access to users in a trusted domain that does not maintain a reciprocal trust. If you do not want to allow anonymous enumeration of SAM accounts and shares, then enable this policy.
+Windows allows anonymous users to perform certain activities, such as enumerating the names of domain accounts and network shares. This feature is convenient, for example, when an administrator wants to grant access to users in a trusted domain that doesn't maintain a reciprocal trust. If you don't want to allow anonymous enumeration of SAM accounts and shares, then enable this policy.
 
 Default: Disabled.
 
@@ -1667,7 +1667,7 @@ Valid values:
 <!--Description-->
 Network security: Allow PKU2U authentication requests to this computer to use online identities.
 
-This policy will be turned off by default on domain joined machines. This would prevent online identities from authenticating to the domain joined machine.
+This policy will be turned off by default on domain joined machines. This disablement would prevent online identities from authenticating to the domain joined machine.
 
 
 Value type is integer. Supported operations are Add, Get, Replace, and Delete.
@@ -1715,9 +1715,9 @@ Valid values:
 
 <!--/Scope-->
 <!--Description-->
-Network security: Do not store LAN Manager hash value on next password change
+Network security: Don't store LAN Manager hash value on next password change
 
-This security setting determines if, at the next password change, the LAN Manager (LM) hash value for the new password is stored. The LM hash is relatively weak and prone to attack, as compared with the cryptographically stronger Windows NT hash. Since the LM hash is stored on the local computer in the security database the passwords can be compromised if the security database is attacked.
+This security setting determines if, at the next password change, the LAN Manager (LM) hash value for the new password is stored. The LM hash is relatively weak and prone to attack, as compared with the cryptographically stronger Windows NT hash. Since the LM hash is stored on the local computer in the security database, the passwords can be compromised if the security database is attacked.
 
 
 Default on Windows Vista and above: Enabled
@@ -1825,8 +1825,8 @@ Network security: Minimum session security for NTLM SSP based (including secure
 
 This security setting allows a client device to require the negotiation of 128-bit encryption and/or NTLMv2 session security. These values are dependent on the LAN Manager Authentication Level security setting value. The options are:
 
-- Require NTLMv2 session security: The connection will fail if message integrity is not negotiated.
-- Require 128-bit encryption: The connection will fail if strong encryption (128-bit) is not negotiated.
+- Require NTLMv2 session security: The connection will fail if message integrity isn't negotiated.
+- Require 128-bit encryption: The connection will fail if strong encryption (128-bit) isn't negotiated.
 
 Default:
 
@@ -1875,8 +1875,8 @@ Network security: Minimum session security for NTLM SSP based (including secure
 
 This security setting allows a server to require the negotiation of 128-bit encryption and/or NTLMv2 session security. These values are dependent on the LAN Manager Authentication Level security setting value. The options are:
 
-Require NTLMv2 session security: The connection will fail if message integrity is not negotiated.
-Require 128-bit encryption. The connection will fail if strong encryption (128-bit) is not negotiated.
+Require NTLMv2 session security: The connection will fail if message integrity isn't negotiated.
+Require 128-bit encryption. The connection will fail if strong encryption (128-bit) isn't negotiated.
 
 Default:
 
@@ -1927,9 +1927,9 @@ This policy setting allows you to create an exception list of remote servers to
 
 If you configure this policy setting, you can define a list of remote servers to which clients are allowed to use NTLM authentication.
 
-If you do not configure this policy setting, no exceptions will be applied.
+If you don't configure this policy setting, no exceptions will be applied.
 
-The naming format for servers on this exception list is the fully qualified domain name (FQDN) or NetBIOS server name used by the application, listed one per line. To ensure exceptions the name used by all applications needs to be in the list, and to ensure an exception is accurate, the server name should be listed in both naming formats . A single asterisk (*) can be used anywhere in the string as a wildcard character.
+The naming format for servers on this exception list is the fully qualified domain name (FQDN) or NetBIOS server name used by the application, listed one per line. To ensure exceptions the name used by all applications needs to be in the list, and to ensure an exception is accurate, the server name should be listed in both naming formats. A single asterisk (*) can be used anywhere in the string as a wildcard character.
 
 <!--/Description-->
 <!--RegistryMapped-->
@@ -1981,7 +1981,7 @@ Network security: Restrict NTLM: Audit Incoming NTLM Traffic
 
 This policy setting allows you to audit incoming NTLM traffic.
 
-If you select "Disable", or do not configure this policy setting, the server will not log events for incoming NTLM traffic.
+If you select "Disable", or don't configure this policy setting, the server won't log events for incoming NTLM traffic.
 
 If you select "Enable auditing for domain accounts", the server will log events for NTLM pass-through authentication requests that would be blocked when the "Network Security: Restrict NTLM: Incoming NTLM traffic" policy setting is set to the "Deny all domain accounts" option.
 
@@ -2042,9 +2042,9 @@ Network security: Restrict NTLM: Incoming NTLM traffic
 
 This policy setting allows you to deny or allow incoming NTLM traffic.
 
-If you select "Allow all" or do not configure this policy setting, the server will allow all NTLM authentication requests.
+If you select "Allow all" or don't configure this policy setting, the server will allow all NTLM authentication requests.
 
-If you select "Deny all domain accounts," the server will deny NTLM authentication requests for domain logon and display an NTLM blocked error, but allow local account logon.
+If you select "Deny all domain accounts," the server will deny NTLM authentication requests for domain sign in and display an NTLM blocked error, but allow local account sign in.
 
 If you select "Deny all accounts," the server will deny NTLM authentication requests from incoming traffic and display an NTLM blocked error.
 
@@ -2103,11 +2103,11 @@ Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers
 
 This policy setting allows you to deny or audit outgoing NTLM traffic from this Windows 7 or this Windows Server 2008 R2 computer to any Windows remote server.
 
-If you select "Allow all" or do not configure this policy setting, the client computer can authenticate identities to a remote server by using NTLM authentication.
+If you select "Allow all" or don't configure this policy setting, the client computer can authenticate identities to a remote server by using NTLM authentication.
 
-If you select "Audit all," the client computer logs an event for each NTLM authentication request to a remote server. This allows you to identify those servers receiving NTLM authentication requests from the client computer.
+If you select "Audit all," the client computer logs an event for each NTLM authentication request to a remote server. This logging allows you to identify those servers receiving NTLM authentication requests from the client computer.
 
-If you select "Deny all," the client computer cannot authenticate identities to a remote server by using NTLM authentication. You can use the "Network security: Restrict NTLM: Add remote server exceptions for NTLM authentication" policy setting to define a list of remote servers to which clients are allowed to use NTLM authentication.
+If you select "Deny all," the client computer can't authenticate identities to a remote server by using NTLM authentication. You can use the "Network security: Restrict NTLM: Add remote server exceptions for NTLM authentication" policy setting to define a list of remote servers to which clients are allowed to use NTLM authentication.
 
 This policy is supported on at least Windows 7 or Windows Server 2008 R2.
 
@@ -2160,13 +2160,13 @@ GP Info:
 
 <!--/Scope-->
 <!--Description-->
-Shutdown: Allow system to be shut down without having to log on
+Shutdown: Allow system to be shut down without having to sign in
 
-This security setting determines whether a computer can be shut down without having to log on to Windows.
+This security setting determines whether a computer can be shut down without having to sign in to Windows.
 
 When this policy is enabled, the Shut Down command is available on the Windows logon screen.
 
-When this policy is disabled, the option to shut down the computer does not appear on the Windows logon screen. In this case, users must be able to log on to the computer successfully and have the Shut down the system user right before they can perform a system shutdown.
+When this policy is disabled, the option to shut down the computer doesn't appear on the Windows logon screen. In this case, users must be able to sign in to the computer successfully and have the Shut down the system user right before they can perform a system shutdown.
 
 Default on workstations: Enabled.
 Default on servers: Disabled.
@@ -2183,7 +2183,7 @@ GP Info:
 <!--SupportedValues-->
 Valid values:  
 - 0 - disabled
-- 1 - enabled (allow system to be shut down without having to log on)
+- 1 - enabled (allow system to be shut down without having to sign in)
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -2220,7 +2220,7 @@ Shutdown: Clear virtual memory pagefile
 
 This security setting determines whether the virtual memory pagefile is cleared when the system is shut down.
 
-Virtual memory support uses a system pagefile to swap pages of memory to disk when they are not used. On a running system, this pagefile is opened exclusively by the operating system, and it is well protected. However, systems that are configured to allow booting to other operating systems might have to make sure that the system pagefile is wiped clean when this system shuts down. This ensures that sensitive information from process memory that might go into the pagefile is not available to an unauthorized user who manages to directly access the pagefile.
+Virtual memory support uses a system pagefile to swap pages of memory to disk when they aren't used. On a running system, this pagefile is opened exclusively by the operating system, and it's well protected. However, systems that are configured to allow booting to other operating systems might have to ensure that the system pagefile is wiped clean when this system shuts down. This cleaning ensures that sensitive information from process memory that might go into the pagefile isn't available to an unauthorized user who manages to directly access the pagefile.
 
 When this policy is enabled, it causes the system pagefile to be cleared upon clean shutdown. If you enable this security option, the hibernation file (hiberfil.sys) is also zeroed out when hibernation is disabled.
 
@@ -2267,7 +2267,7 @@ User Account Control: Allow UIAccess applications to prompt for elevation withou
 
 This policy setting controls whether User Interface Accessibility (UIAccess or UIA) programs can automatically disable the secure desktop for elevation prompts used by a standard user.
 
-Enabled: UIA programs, including Windows Remote Assistance, automatically disable the secure desktop for elevation prompts. If you do not disable the "User Account Control: Switch to the secure desktop when prompting for elevation" policy setting, the prompts appear on the interactive user's desktop instead of the secure desktop.
+Enabled: UIA programs, including Windows Remote Assistance, automatically disable the secure desktop for elevation prompts. If you don't disable the "User Account Control: Switch to the secure desktop when prompting for elevation" policy setting, the prompts appear on the interactive user's desktop instead of the secure desktop.
 
 Disabled: (Default)  
 
@@ -2437,7 +2437,7 @@ The options are:
 
 Enabled: (Default) When an application installation package is detected that requires elevation of privilege, the user is prompted to enter an administrative user name and password. If the user enters valid credentials, the operation continues with the applicable privilege.
 
-Disabled: Application installation packages are not detected and prompted for elevation. Enterprises that are running standard user desktops and use delegated installation technologies such as Group Policy Software Installation or Systems Management Server (SMS) should disable this policy setting. In this case, installer detection is unnecessary.
+Disabled: Application installation packages aren't detected and prompted for elevation. Enterprises that are running standard user desktops and use delegated installation technologies such as Group Policy Software Installation or Systems Management Server (SMS) should disable this policy setting. In this case, installer detection is unnecessary.
 
 <!--/Description-->
 <!--RegistryMapped-->
@@ -2481,8 +2481,8 @@ User Account Control: Only elevate executable files that are signed and validate
 This policy setting enforces public key infrastructure (PKI) signature checks for any interactive applications that request elevation of privilege. Enterprise administrators can control which applications are allowed to run by adding certificates to the Trusted Publishers certificate store on local computers.
 
 The options are:
-- 0 - Disabled: (Default) Does not enforce PKI certification path validation before a given executable file is permitted to run.
-- 1 - Enabled: Enforces the PKI certification path validation for a given executable file before it is permitted to run.
+- 0 - Disabled: (Default) Doesn't enforce PKI certification path validation before a given executable file is permitted to run.
+- 1 - Enabled: Enforces the PKI certification path validation for a given executable file before it's permitted to run.
 
 Value type is integer. Supported operations are Add, Get, Replace, and Delete.
 
@@ -2525,7 +2525,7 @@ GP Info:
 <!--Description-->
 User Account Control: Only elevate UIAccess applications that are installed in secure locations
 
-This policy setting controls whether applications that request to run with a User Interface Accessibility (UIAccess) integrity level must reside in a secure location in the file system. Secure locations are limited to the following:
+This policy setting controls whether applications that request to run with a User Interface Accessibility (UIAccess) integrity level must reside in a secure location in the file system. Secure locations are limited to the following locations:
 
 - .\Program Files\, including subfolders
 - .\Windows\system32\
@@ -2535,7 +2535,7 @@ This policy setting controls whether applications that request to run with a Use
 > Windows enforces a public key infrastructure (PKI) signature check on any interactive application that requests to run with a UIAccess integrity level regardless of the state of this security setting.
 
 The options are:  
-- 0 - Disabled: An application runs with UIAccess integrity even if it does not reside in a secure location in the file system.
+- 0 - Disabled: An application runs with UIAccess integrity even if it doesn't reside in a secure location in the file system.
 - 1 - Enabled: (Default) If an application resides in a secure location in the file system, it runs only with UIAccess integrity.
 
 Value type is integer. Supported operations are Add, Get, Replace, and Delete.
diff --git a/windows/client-management/mdm/policy-csp-messaging.md b/windows/client-management/mdm/policy-csp-messaging.md
index d27b02b6fd..7c01fe7a99 100644
--- a/windows/client-management/mdm/policy-csp-messaging.md
+++ b/windows/client-management/mdm/policy-csp-messaging.md
@@ -1,6 +1,6 @@
 ---
 title: Policy CSP - Messaging
-description: Enable, and disable, text message back up and restore as well as Messaging Everywhere by using the Policy CSP for messaging.
+description: Enable, and disable, text message backup and restore as well as Messaging Everywhere by using the Policy CSP for messaging.
 ms.author: dansimp
 ms.topic: article
 ms.prod: w10
@@ -56,7 +56,7 @@ manager: dansimp
 
 <!--/Scope-->
 <!--Description-->
-Enables text message back up and restore and Messaging Everywhere. This policy allows an organization to disable these features to avoid information being stored on servers outside of their control.
+Enables text message backup and restore and Messaging Everywhere. This policy allows an organization to disable these features to avoid information being stored on servers outside of their control.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -70,7 +70,7 @@ ADMX Info:
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 - message sync is not allowed and cannot be changed by the user.
+-   0 - message sync isn't allowed and can't be changed by the user.
 -   1 - message sync is allowed. The user can change this setting.
 
 <!--/SupportedValues-->

From a502f8aef1262c920ce53c5a048676f16fa67d4a Mon Sep 17 00:00:00 2001
From: Nathan McNulty <6653432+nathanmcnulty@users.noreply.github.com>
Date: Thu, 14 Apr 2022 09:55:41 -0700
Subject: [PATCH 071/123] Fix typo

Changed sand to and
---
 .../hello-for-business/hello-feature-dynamic-lock.md            | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/identity-protection/hello-for-business/hello-feature-dynamic-lock.md b/windows/security/identity-protection/hello-for-business/hello-feature-dynamic-lock.md
index 7d4e7d36ed..7025fb4173 100644
--- a/windows/security/identity-protection/hello-for-business/hello-feature-dynamic-lock.md
+++ b/windows/security/identity-protection/hello-for-business/hello-feature-dynamic-lock.md
@@ -38,7 +38,7 @@ The Group Policy Editor, when the policy is enabled, creates a default signal ru
 >[!IMPORTANT]
 >Microsoft recommends using the default values for this policy settings.  Measurements are relative based on the varying conditions of each environment.  Therefore, the same values may produce different results. Test policy settings in each environment prior to broadly deploying the setting.
 
-For this policy setting, the **type** and **scenario** attribute values are static and cannot change.  The **classofDevice** is configurable but Phone is the only currently supported configuration. The attribute defaults to Phones sand uses the values from the following table:
+For this policy setting, the **type** and **scenario** attribute values are static and cannot change.  The **classofDevice** is configurable but Phone is the only currently supported configuration. The attribute defaults to Phones and uses the values from the following table:
 
 |Description|Value|
 |:-------------|:-------:|

From 4fb72638b112d5d71999a92c924552b338200f75 Mon Sep 17 00:00:00 2001
From: Aaron Czechowski <aczechowski@users.noreply.github.com>
Date: Thu, 14 Apr 2022 16:30:00 -0700
Subject: [PATCH 072/123] update windows breadcrumb sections

---
 windows/hub/breadcrumb/toc.yml | 114 ++++++++++++++++++---------------
 1 file changed, 61 insertions(+), 53 deletions(-)

diff --git a/windows/hub/breadcrumb/toc.yml b/windows/hub/breadcrumb/toc.yml
index e2971f2d84..c13f6d1edb 100644
--- a/windows/hub/breadcrumb/toc.yml
+++ b/windows/hub/breadcrumb/toc.yml
@@ -1,53 +1,61 @@
-- name: Docs
-  tocHref: /
-  topicHref: /
-  items:
-    - name: Windows
-      tocHref: /windows
-      topicHref: /windows/windows-10
-      items:
-        - name: What's new
-          tocHref: /windows/whats-new/
-          topicHref: /windows/whats-new/index
-        - name: Configuration
-          tocHref: /windows/configuration/
-          topicHref: /windows/configuration/index
-        - name: Deployment
-          tocHref: /windows/deployment/
-          topicHref: /windows/deployment/index
-        - name: Application management
-          tocHref: /windows/application-management/
-          topicHref: /windows/application-management/index
-        - name: Client management
-          tocHref: /windows/client-management/
-          topicHref: /windows/client-management/index
-          items:
-            - name: Mobile Device Management
-              tocHref: /windows/client-management/mdm/
-              topicHref: /windows/client-management/mdm/index
-        - name: Release information
-          tocHref: /windows/release-information/
-          topicHref: /windows/release-health/release-information
-        - name: Privacy
-          tocHref: /windows/privacy/
-          topicHref: /windows/privacy/index
-        - name: Security
-          tocHref: /windows/security/
-          topicHref: /windows/security/index
-          items:
-            - name: Identity and access protection
-              tocHref: /windows/security/identity-protection/
-              topicHref: /windows/security/identity-protection/index
-              items:
-                - name: Windows Hello for Business
-                  tocHref: /windows/security/identity-protection/hello-for-business
-                  topicHref: /windows/security/identity-protection/hello-for-business/hello-identity-verification
-            - name: Threat protection
-              tocHref: /windows/security/threat-protection/
-              topicHref: /windows/security/threat-protection/index
-            - name: Information protection
-              tocHref: /windows/security/information-protection/
-              topicHref: /windows/security/information-protection/index
-            - name: Hardware-based protection
-              tocHref: /windows/security/hardware-protection/
-              topicHref: /windows/security/hardware-protection/index
+items:
+  - name: Docs
+    tocHref: /
+    topicHref: /
+    items:
+      - name: Windows
+        tocHref: /windows/
+        topicHref: /windows/resources/
+        items:
+          - name: What's new
+            tocHref: /windows/whats-new/
+            topicHref: /windows/whats-new/
+          - name: Configuration
+            tocHref: /windows/configuration/
+            topicHref: /windows/configuration/
+          - name: Deployment
+            tocHref: /windows/deployment/
+            topicHref: /windows/deployment/
+          - name: Application management
+            tocHref: /windows/application-management/
+            topicHref: /windows/application-management/
+          - name: Client management
+            tocHref: /windows/client-management/
+            topicHref: /windows/client-management/
+            items:
+              - name: Mobile Device Management
+                tocHref: /windows/client-management/mdm/
+                topicHref: /windows/client-management/mdm/
+          - name: Privacy
+            tocHref: /windows/privacy/
+            topicHref: /windows/privacy/
+          - name: Security
+            tocHref: /windows/security/
+            topicHref: /windows/security/
+            items:
+              - name: Identity and access protection
+                tocHref: /windows/security/identity-protection/
+                topicHref: /windows/security/identity-protection/
+                items:
+                  - name: Windows Hello for Business
+                    tocHref: /windows/security/identity-protection/hello-for-business/
+                    topicHref: /windows/security/identity-protection/hello-for-business/
+              - name: Threat protection
+                tocHref: /windows/security/threat-protection/
+                topicHref: /windows/security/threat-protection/
+                items:
+                  - name: Security auditing
+                    tocHref: /windows/security/threat-protection/auditing/
+                    topicHref: /windows/security/threat-protection/auditing/
+                  - name: Microsoft Defender Application Guard
+                    tocHref: /windows/security/threat-protection/microsoft-defender-application-guard/
+                    topicHref: /windows/security/threat-protection/microsoft-defender-application-guard/
+                  - name: Security policy settings
+                    tocHref: /windows/security/threat-protection/security-policy-settings/
+                    topicHref: /windows/security/threat-protection/security-policy-settings/security-policy-settings
+                  - name: Application Control for Windows
+                    tocHref: /windows/security/threat-protection/windows-defender-application-control/
+                    topicHref: /windows/security/threat-protection/windows-defender-application-control/
+                  - name: Windows Defender Firewall
+                    tocHref: /windows/security/threat-protection/windows-firewall/
+                    topicHref: /windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security

From 5ec94a8d6c59f3fe3e1133fa409f6266e960ed8f Mon Sep 17 00:00:00 2001
From: Thomas Raya <v-thraya@microsoft.com>
Date: Thu, 14 Apr 2022 16:42:32 -0700
Subject: [PATCH 073/123] replace spelling with correctness

---
 .acrolinx-config.edn | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.acrolinx-config.edn b/.acrolinx-config.edn
index 9f8eac523b..0ffbb03551 100644
--- a/.acrolinx-config.edn
+++ b/.acrolinx-config.edn
@@ -47,12 +47,12 @@ For more information about the exception criteria and exception process, see [Mi
  
 Click the scorecard links for each article to review the Acrolinx feedback on grammar, spelling, punctuation, writing style, and terminology:
 
-| Article | Score | Issues | Spelling<br>issues | Scorecard | Processed |
+| Article | Score | Issues | Correctness<br>issues | Scorecard | Processed |
 | ------- | ----- | ------ | ------ | --------- | --------- |
 "
 
  :template-change
- "| ${s/file} | ${acrolinx/qualityscore} | ${acrolinx/flags/issues} | ${acrolinx/flags/spelling} | [link](${acrolinx/scorecard}) | ${s/status} |
+ "| ${s/file} | ${acrolinx/qualityscore} | ${acrolinx/flags/issues} | ${acrolinx/flags/correctness} | [link](${acrolinx/scorecard}) | ${s/status} |
 "
  
  :template-footer

From 3cd3534cc63bb58045709c66fab56c26f4c7da3c Mon Sep 17 00:00:00 2001
From: Aaron Czechowski <aczechowski@users.noreply.github.com>
Date: Thu, 14 Apr 2022 16:54:26 -0700
Subject: [PATCH 074/123] update path to windows breadcrumb

---
 windows/application-management/docfx.json | 2 +-
 windows/client-management/docfx.json      | 2 +-
 windows/configuration/docfx.json          | 2 +-
 windows/deployment/docfx.json             | 2 +-
 windows/docfx.json                        | 2 +-
 windows/hub/docfx.json                    | 2 +-
 windows/privacy/docfx.json                | 2 +-
 windows/security/docfx.json               | 2 +-
 windows/whats-new/docfx.json              | 2 +-
 9 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/windows/application-management/docfx.json b/windows/application-management/docfx.json
index b5298397b7..88a99ecd24 100644
--- a/windows/application-management/docfx.json
+++ b/windows/application-management/docfx.json
@@ -33,7 +33,7 @@
     "externalReference": [],
     "globalMetadata": {
       "recommendations": true,
-      "breadcrumb_path": "/windows/windows-10/breadcrumb/toc.json",
+      "breadcrumb_path": "/windows/resources/breadcrumb/toc.json",
       "uhfHeaderId": "MSDocsHeader-M365-IT",
       "ms.technology": "windows",
       "audience": "ITPro",
diff --git a/windows/client-management/docfx.json b/windows/client-management/docfx.json
index 450357dfba..85c108b97e 100644
--- a/windows/client-management/docfx.json
+++ b/windows/client-management/docfx.json
@@ -33,7 +33,7 @@
     "externalReference": [],
     "globalMetadata": {
       "recommendations": true,
-      "breadcrumb_path": "/windows/windows-10/breadcrumb/toc.json",
+      "breadcrumb_path": "/windows/resources/breadcrumb/toc.json",
       "uhfHeaderId": "MSDocsHeader-M365-IT",
       "ms.technology": "windows",
       "audience": "ITPro",
diff --git a/windows/configuration/docfx.json b/windows/configuration/docfx.json
index d93337be79..18a8bd0b88 100644
--- a/windows/configuration/docfx.json
+++ b/windows/configuration/docfx.json
@@ -33,7 +33,7 @@
     "externalReference": [],
     "globalMetadata": {
       "recommendations": true,
-      "breadcrumb_path": "/windows/windows-10/breadcrumb/toc.json",
+      "breadcrumb_path": "/windows/resources/breadcrumb/toc.json",
       "uhfHeaderId": "MSDocsHeader-M365-IT",
       "ms.technology": "windows",
       "audience": "ITPro",
diff --git a/windows/deployment/docfx.json b/windows/deployment/docfx.json
index e608df08a8..2af5bf6390 100644
--- a/windows/deployment/docfx.json
+++ b/windows/deployment/docfx.json
@@ -35,7 +35,7 @@
     "externalReference": [],
     "globalMetadata": {
       "recommendations": true,
-      "breadcrumb_path": "/windows/windows-10/breadcrumb/toc.json",
+      "breadcrumb_path": "/windows/resources/breadcrumb/toc.json",
       "uhfHeaderId": "MSDocsHeader-M365-IT",
       "ms.technology": "windows",
       "audience": "ITPro",
diff --git a/windows/docfx.json b/windows/docfx.json
index 30f4698e66..81d24652df 100644
--- a/windows/docfx.json
+++ b/windows/docfx.json
@@ -17,7 +17,7 @@
       "recommendations": true,
         "ROBOTS": "INDEX, FOLLOW",
         "audience": "ITPro",
-        "breadcrumb_path": "/itpro/windows/breadcrumb/toc.json",
+        "breadcrumb_path": "/windows/resources/breadcrumb/toc.json",
         "uhfHeaderId": "MSDocsHeader-M365-IT",
     		"_op_documentIdPathDepotMapping": {
     			"./": {
diff --git a/windows/hub/docfx.json b/windows/hub/docfx.json
index a31a3e8da4..228d687717 100644
--- a/windows/hub/docfx.json
+++ b/windows/hub/docfx.json
@@ -36,7 +36,7 @@
     "globalMetadata": {
       "recommendations": true,
       "audience": "ITPro",
-      "breadcrumb_path": "/windows/windows-10/breadcrumb/toc.json",
+      "breadcrumb_path": "/windows/resources/breadcrumb/toc.json",
       "uhfHeaderId": "MSDocsHeader-M365-IT",
       "ms.technology": "windows",
       "ms.topic": "article",
diff --git a/windows/privacy/docfx.json b/windows/privacy/docfx.json
index 13d72f2e30..48c27d274d 100644
--- a/windows/privacy/docfx.json
+++ b/windows/privacy/docfx.json
@@ -33,7 +33,7 @@
     "externalReference": [],
     "globalMetadata": {
       "recommendations": true,
-      "breadcrumb_path": "/windows/windows-10/breadcrumb/toc.json",
+      "breadcrumb_path": "/windows/resources/breadcrumb/toc.json",
       "uhfHeaderId": "MSDocsHeader-M365-IT",
       "ms.technology": "windows",
       "audience": "ITPro",
diff --git a/windows/security/docfx.json b/windows/security/docfx.json
index d1a625e8bd..730a2a9252 100644
--- a/windows/security/docfx.json
+++ b/windows/security/docfx.json
@@ -34,7 +34,7 @@
     "externalReference": [],
     "globalMetadata": {
       "recommendations": true,
-      "breadcrumb_path": "/windows/windows-10/breadcrumb/toc.json",
+      "breadcrumb_path": "/windows/resources/breadcrumb/toc.json",
       "uhfHeaderId": "MSDocsHeader-M365-IT",
       "ms.topic": "article",
       "manager": "dansimp",
diff --git a/windows/whats-new/docfx.json b/windows/whats-new/docfx.json
index e8a0332615..051b32e193 100644
--- a/windows/whats-new/docfx.json
+++ b/windows/whats-new/docfx.json
@@ -33,7 +33,7 @@
     "externalReference": [],
     "globalMetadata": {
       "recommendations": true,
-      "breadcrumb_path": "/windows/windows-10/breadcrumb/toc.json",
+      "breadcrumb_path": "/windows/resources/breadcrumb/toc.json",
       "uhfHeaderId": "MSDocsHeader-M365-IT",
       "ms.topic": "article",
       "audience": "ITPro",

From 17689ccdc0237af3d63c80dbe919d2c9e1ba9f16 Mon Sep 17 00:00:00 2001
From: Aaron Czechowski <aczechowski@users.noreply.github.com>
Date: Thu, 14 Apr 2022 17:22:59 -0700
Subject: [PATCH 075/123] fix link, test level change

---
 windows/hub/breadcrumb/toc.yml | 12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

diff --git a/windows/hub/breadcrumb/toc.yml b/windows/hub/breadcrumb/toc.yml
index c13f6d1edb..0ffc2efca7 100644
--- a/windows/hub/breadcrumb/toc.yml
+++ b/windows/hub/breadcrumb/toc.yml
@@ -33,20 +33,16 @@ items:
             tocHref: /windows/security/
             topicHref: /windows/security/
             items:
-              - name: Identity and access protection
-                tocHref: /windows/security/identity-protection/
-                topicHref: /windows/security/identity-protection/
-                items:
-                  - name: Windows Hello for Business
-                    tocHref: /windows/security/identity-protection/hello-for-business/
-                    topicHref: /windows/security/identity-protection/hello-for-business/
+              - name: Windows Hello for Business
+                tocHref: /windows/security/identity-protection/hello-for-business/
+                topicHref: /windows/security/identity-protection/hello-for-business/
               - name: Threat protection
                 tocHref: /windows/security/threat-protection/
                 topicHref: /windows/security/threat-protection/
                 items:
                   - name: Security auditing
                     tocHref: /windows/security/threat-protection/auditing/
-                    topicHref: /windows/security/threat-protection/auditing/
+                    topicHref: /windows/security/threat-protection/auditing/security-auditing-overview
                   - name: Microsoft Defender Application Guard
                     tocHref: /windows/security/threat-protection/microsoft-defender-application-guard/
                     topicHref: /windows/security/threat-protection/microsoft-defender-application-guard/

From 5c091c1ce98c6d92993adddcc3305e4ec6e0909d Mon Sep 17 00:00:00 2001
From: Aaron Czechowski <aczechowski@users.noreply.github.com>
Date: Thu, 14 Apr 2022 17:51:20 -0700
Subject: [PATCH 076/123] add do, remove extra level

---
 windows/hub/breadcrumb/toc.yml | 38 +++++++++++++++++-----------------
 1 file changed, 19 insertions(+), 19 deletions(-)

diff --git a/windows/hub/breadcrumb/toc.yml b/windows/hub/breadcrumb/toc.yml
index 0ffc2efca7..4b7d13efad 100644
--- a/windows/hub/breadcrumb/toc.yml
+++ b/windows/hub/breadcrumb/toc.yml
@@ -16,6 +16,10 @@ items:
           - name: Deployment
             tocHref: /windows/deployment/
             topicHref: /windows/deployment/
+            items:
+              - name: Delivery Optimization
+                tocHref: /windows/deployment/do/
+                topicHref: /windows/deployment/do/
           - name: Application management
             tocHref: /windows/application-management/
             topicHref: /windows/application-management/
@@ -36,22 +40,18 @@ items:
               - name: Windows Hello for Business
                 tocHref: /windows/security/identity-protection/hello-for-business/
                 topicHref: /windows/security/identity-protection/hello-for-business/
-              - name: Threat protection
-                tocHref: /windows/security/threat-protection/
-                topicHref: /windows/security/threat-protection/
-                items:
-                  - name: Security auditing
-                    tocHref: /windows/security/threat-protection/auditing/
-                    topicHref: /windows/security/threat-protection/auditing/security-auditing-overview
-                  - name: Microsoft Defender Application Guard
-                    tocHref: /windows/security/threat-protection/microsoft-defender-application-guard/
-                    topicHref: /windows/security/threat-protection/microsoft-defender-application-guard/
-                  - name: Security policy settings
-                    tocHref: /windows/security/threat-protection/security-policy-settings/
-                    topicHref: /windows/security/threat-protection/security-policy-settings/security-policy-settings
-                  - name: Application Control for Windows
-                    tocHref: /windows/security/threat-protection/windows-defender-application-control/
-                    topicHref: /windows/security/threat-protection/windows-defender-application-control/
-                  - name: Windows Defender Firewall
-                    tocHref: /windows/security/threat-protection/windows-firewall/
-                    topicHref: /windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security
+              - name: Security auditing
+                tocHref: /windows/security/threat-protection/auditing/
+                topicHref: /windows/security/threat-protection/auditing/security-auditing-overview
+              - name: Microsoft Defender Application Guard
+                tocHref: /windows/security/threat-protection/microsoft-defender-application-guard/
+                topicHref: /windows/security/threat-protection/microsoft-defender-application-guard/
+              - name: Security policy settings
+                tocHref: /windows/security/threat-protection/security-policy-settings/
+                topicHref: /windows/security/threat-protection/security-policy-settings/security-policy-settings
+              - name: Application Control for Windows
+                tocHref: /windows/security/threat-protection/windows-defender-application-control/
+                topicHref: /windows/security/threat-protection/windows-defender-application-control/
+              - name: Windows Defender Firewall
+                tocHref: /windows/security/threat-protection/windows-firewall/
+                topicHref: /windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security

From 141b6c3a52ea09093490427fffe0ed9b4cb835e7 Mon Sep 17 00:00:00 2001
From: Max Stein <mastein@microsoft.com>
Date: Fri, 15 Apr 2022 15:12:56 -0700
Subject: [PATCH 077/123] Update create-windows-firewall-rules-in-intune.md

Updating Microsoft Endpoint Manager admin center UI changes and screenshot refresh.
---
 .../create-windows-firewall-rules-in-intune.md             | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/windows/security/threat-protection/windows-firewall/create-windows-firewall-rules-in-intune.md b/windows/security/threat-protection/windows-firewall/create-windows-firewall-rules-in-intune.md
index e8872fb1a3..33d369d823 100644
--- a/windows/security/threat-protection/windows-firewall/create-windows-firewall-rules-in-intune.md
+++ b/windows/security/threat-protection/windows-firewall/create-windows-firewall-rules-in-intune.md
@@ -27,10 +27,9 @@ ms.technology: windows-sec
 >[!IMPORTANT]
 >This information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
 
-To get started, open Device Configuration in Intune, then create a new profile. 
-Choose Windows 10 or Windows 11 as the platform, and Endpoint Protection as the profile type. 
+To get started, Open the [Microsoft Endpoint Manager admin center](https://go.microsoft.com/fwlink/?linkid=2109431), and then go to **Devices** > **Windows** > **Configuration profiles** > **Create profile** > Choose **Windows 10 and later** as the platform, Choose **Templates**, then **Endpoint protection** as the profile type. 
 Select Windows Defender Firewall.
-![Windows Defender Firewall in Intune.](images/windows-firewall-intune.png)
+:::image type="content" source="images/windows-firewall-intune.png" alt-text="Example of a Windows Defender Firewall policy in Microsoft Endpoint Manager.":::
 
 >[!IMPORTANT]
 >A single Endpoint Protection profile may contain up to a maximum of 150 firewall rules. If a client device requires more than 150 rules, then multiple profiles must be assigned to it.
@@ -115,4 +114,4 @@ Specifies the list of authorized local users for this rule. A list of authorized
 
 ## Configuring firewall rules programmatically
 
-Coming soon.
\ No newline at end of file
+Coming soon.

From f71eb1595bb7d67e7d8960633e8789f1d58fa2f7 Mon Sep 17 00:00:00 2001
From: Max Stein <mastein@microsoft.com>
Date: Fri, 15 Apr 2022 15:14:36 -0700
Subject: [PATCH 078/123] Update create-windows-firewall-rules-in-intune.md

Updating Microsoft Endpoint Manager admin center UI changes and screenshot refresh.
---
 .../images/windows-firewall-intune.png        | Bin 623018 -> 143308 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)

diff --git a/windows/security/threat-protection/windows-firewall/images/windows-firewall-intune.png b/windows/security/threat-protection/windows-firewall/images/windows-firewall-intune.png
index 796a030a6e5235e08cd53bf4e4726de57da72941..bda6e08768be6a512b2e0063b52d132cc2cb36b0 100644
GIT binary patch
literal 143308
zcmd?Qby$?^_cw|t1_)T-MnqHu9CFhQ7AiHw&@~E-AT@LkBMK@lEieO04UKd&O3Kh3
z0}LI~oip=37~j2r=bY>O@m_D7;JOfRc%C~}eAfD`b&tOq_z5lbHEIe93R;Dyk2EMK
zPMcCtP<frD1b*{W)5`+*al%pK$pebq_UjA4;FS4&mHQMF`JpsN&#8d%IlHHNjuaG(
z?8o0H6g2LvQBaUm6&~H!bTeKeo^#XEN?4^&oLj&gmc!-9-j#&XL-Oi~_i8=Svl3si
zQ>}qa{ZxEiE%QoC!Pg{3ySoDHjGweYFwkwq`-&G&a-G(EFaGwD@Xd!G-vr%PJ9+lO
z$J#5iw}Kv@o**V{;`N5iR~^CN@XOzCC3b8g=*;t~cZRKor92UOp6I938O3LB`CfSN
z`yZ6xKmYeNp|)lFXV@#rF!K1HXVaaz%7Xv%p0C=XrXBM?6MgQ_7#ICBDKJM4<eSYu
zQ~By+UgQ6n>TEHXs`TPNPg|n@pR;hypoioBM4Zsv&ULBHuT7PdmHK6**>Yz#Mpn)C
z4zv`%_HypIM`iN|9)wcdU_KmM>H0wHna<;_>WlHwHsskQ*SW2XRiEm++`{n9bI#!q
z^A1|RQP#mewJz2_(t{<w#;f#KU(O6c92)g<OCoD#Tgyp>JEw1p^A3A-C;8WQ&>MUz
zmmqzx?y7`pCldKygg2<&r@W}q0)?Nr7N;pFQVN+3==8#TI32Sh=iHw)S4TiCuTQk!
zJJlmM2hSc{-A)bKlg)X=<b>l>M&A1)dcllwmx!6SO^r!8oF^|T%gBzn@5L7y-$~@(
zX^-hMuaPPx*T)i+$ChuGdX17+b`VV+={LDN$Bu~P1wUHbfppkAQ5Naqna+$5)6$Bs
zUnsX{ISo(+tHFasmac8CbL}y!nJ?$BC+#GcDnpUhtLs8SV%O=HsK2j9qNQBDk22YO
z&ZYqe?MJOAO+=>VwYGz-oRDQ@6;svA74|HW?k=qXJe!MuOhZKL+cHOsge;-aE1<fm
zW8`3`<lgm{z$|m^Xt~W%iTJls&O+ZQ9a8Bk^=DPJSY*&?kdpPUAjIxsiEGK3+hX9h
z<wy~ETsQ-AZ1%E`(FqAmtE6rN2~L(kn%)dC6Jq401M3~&K0%_Z9S}VDRi!_Ix|V$`
zD4tM2tTG5uOW$hJ(C2&CcVCQrix?{sL={{CnJLD6gp`mUIVqI+!uQ62tyMQAd*-|W
zj>V4>Jcl{|+c)&{09{8HN^{XC4l{e+5|CbO8VibG)O`GIrZ)I#1Z{8BQUIEOl4eoS
zn{UAwfbZ&IzisVp$&`E|>3CN4ZIOFum>YA&s}2X54DKr@9^_si<HL}fBNcOUGM`2g
zGJ+k~ruE1}5Y9=#3-{Os&AILgvb91#eC6Xr&Qul6zhclHcHRoYt%PP&RYQ#tfV%l=
zBZPKOqY3~OYO~1XTtFOeUM^44;Yd^XB-eO<9p>aY#R-niG<Mhqr$xypteRNRP=)oO
z*v{h=S#!9wEquCM{6u){mG%ZTZiBaV@Vy$+(5>RA0J40aSitxyc=-ujU7=4Xr(8=S
zv+-geeI~Q6uhRzVg+|&)s4FOovFQ?1#rP|RThC}RgAL`5c3LG^oI~?Gj20K|*pv7J
zHkU>ae6OK$H%e9Pdn1f6TJc;6<aIJ!?ddyk0!#Up+RG!Vd3X;rh#=wGb1sXv@8}G7
z=v^wU?_1kV*|#D$J6ye!6$`hR2Us=k+GSKoSDv*D3lErjf+e;`&5!bD89AmuS-AU|
z|HoM71+74NPxt2gfm0qatUAmZKOlQFf7P)3fi)Z@RcSmASy%m`1)}S2MF*#SV8~Fs
zJ;NauG1p>=xR`-1$mgbe_byNL$OVIUpDucwQ=)|FS1+xpwwdyQFit)(9nh+*_KOg%
z@4H}h>x7~A50!e@%~u*~qE)o4(WPIGwiyR!rn%+{S-KLh1f|ZY8#(spETtKO;64xf
zP!gDl>Y8~T$(SSwwue*uzUyb&vM}fB#V}ZA4ZH>j6^5(B^xn&7lXj{oj|ZodAex`p
znLlg_DvBlEC1@q{`-pjs2FW`Y+PM~dpvY`>#b%eBU6__=OSz*JlKCC4(?Yszo_$vF
zTM|gch{s2if%L)|rcR&VxDmts$rqt&bAZ`5KJt};GM#O$b+pM;9J_$Lb$26ChefZN
zbNG~ZZ%iu_+z|O?$uHHo+N(*-=RA$hJ9@9GmVWB3DOGJ593}eUoSn!o(QYTyGW_i&
z^#}7KS*UHr^lY=!*Pkb<y5P+s78XOx&z3}E-^RcZ-h;tLXx_;s3iA^dr>yGqslcRz
zK{V@9S;e!KwT3e~OGl6E;I0*`CV9i#-0LqMyc|E+Z=d(NjkX|?;H<F~22W^Fh46u{
z`FlD(kOBF^X@~T%Wg}z=DIn?eG#sgJW3DQ6u^DPfV=vfI8%xz3d7FyUybVQMF<h9v
z4CqcJDkDhmQ{nls{eoehn3J6CB>OS%nf-+!;{?C<Bu7x3kl>YlywDtnx3lIgMLSrI
zmA3ny=3$q?mCX!2&$gAWxx<;hfHZBj_~G7!hnyYyedVX>+TW|aNQkdgjb*Bw{30^n
z1q2Q<8@xR-a6vIlxxGcL^)n5fFJY~iDX`zKcJ$>++U3O^#Nm9e%nKW7A#*}lTzc}v
zQpwh)AzUN(L3Xv~OX@^*`w<C~+%HtHcRXr2`&0H^rcgt-ukG_`X8L-)!qIVh)y+j7
zs%;xAghBc@T%O4>EYvBpnd*L8%SM|XuvJx;#ijnO+(yHTzKUWgPS}9IJ(G1#Au{Qe
z^<0<U!8I*o7@(X5yU*jhSt&IxYT~2CSkhadXEJ3ub7T&h2fD1(ShPm9JfkA1v-YU>
zxn?Ib-lZqr4XMQ6WpQ@U3c(ea;T4ozmdD^ZEbKZG-j$+gNEv0O$5H8jatyuXW0Y+S
zfUX9HNY@p5Tl10u!0mflY>a7bqu2PpnfSOV=|p+Y%P*Phg*2{mi1ZU*2#~VH4k?@5
zcd%w!|2eqAv(A**_YaOzUAmNMopH6NxSm+Jtv=qSR~<s!ez9XC>89A1+I3j+BVEQm
zW!4%_(3I^f`C&LA8Q7kB!Q9M3ll%==0sWw<U~_F0aIC|+pz7R<bt->5j|zySn#tXZ
ztz}ZDV@2!FUE>*LL~FXuRyytnR&h8Apxq;tbDOX9F!VFs3vbiaEZaF<5wV3e9$Lz5
zPf63cKBFd*(e_haJD1Y$j$Ritz!fJm^hcQx)`g752op&|k;+z7WOYk)uV}23^ZnjQ
zr|zLP^*)d-($%v-)LFt_WOle0i72;tuuzty_ttNFFm3DID^zmzqQxk>o<Gadx#3*a
zqDR5vCUhmBhCII_N}_hc>RXAJ`s9X|E2%2ZUCDjrgZ~ptKWD4kRW>`A%5Mfy<C5x>
z#O7)xpd}@d%$28GZ;GiQ$ES=$AMAAOt+k-rgBw*?b7hn6q4k;Ud^nh+@z+#$k(#j8
zJN*DAov`}~eJXU(=CtCnP9wVD)#nRqY$*E|4_&d=q(HzuUiPre@19lO(OxQdoFf=|
z59*yWpiiXh4V8+?slW2w|AFD>)&|EjZ}FoI!kc&fj=-^^nCw8$y50Wa;-j`I8Yj*k
zTGNtD!^Gvi7jt1foT^W*qBfco<T^Bdq+~~kXSIOTPU!^u6yS?Zb3UnX2Z|ClU^o3L
zs<2bU4NK>fTJKfPUFkmn4Lj{LPEotcKkZj&y?owD9-;HTHtN0Tu`xTa2<i>xWS%VS
z))Zz?o3KQ))~GMECoK*)ge_4Q$K_ubxJNolairF{r(^afht*5_Wva7Gv5ucr;yow(
zH%fO4YuTn>6;Hg)hFB6D&)>C^<W%Cc)_5xV!v)isM!VWDwAv0zwEc?mzTI4KOQaWs
zcN>qaIh?5qx;OKY()&@swZb}Q#?*|quRf%YBo}qF7TrOQ#jXC5(Wazet5iD9`4C!7
zrLs{YWmvbo(p{Z<flO|7101BmAbFe9mdY}AlR8g~9BD*WO7ma7*%pP}>{z%1Q$fy8
z5828)3pJ$NyEyVfa4E>AAf<Env9-S1LUq>Nt(obCRi3P40rdtfw1;O$+-X(*WT>)0
ze`09ilCeKW)(<n?)8XibkYhpUTtK!ufy1(2{mF|89s?N}x3qSVYk_rtXf@N^i%8$5
zT%U_&%mt^@e8kzA<Mbt0WW=$Q95E?DIYWmzyw!IsEn{}Ua$#54%$T2@33~gbo5}PH
zSJRa>Hp5`hJHC+S*%J#uj1xV1=D_p--vF~-C>d8(E;)r+f_njp)&4iS`26{TYv}^6
zOF(LJrhUjfZ=7l}C3em!ydX`7AtQ<BVuVzGz_=(@f`|sQM60|!e<$IArN{P+<6L{*
z7-aK%@8}L&PBc?$8fAsxTc{+R(~=qb&hr<PGnR_Tv){onYl^~p3r^=2Wlf`IV?6wj
zV7+l3(*ND*oeI5QXkI7Gc?yB4Lyb<dt(niQ6uL`3k8g~$wy@-%K`Rt(goStKt{p`(
zH(K+Kdex?l4N{sdaE6=sTAy5c)pbEz(sapp=h4?tyEjMof{7~2idq07&B*<2J)`?A
z3JfINqX901N!C7Mvv+ofKdGotPd~cVOwC~HdbLM6`U>@+KzHY01<5ikbl|#{_efTa
z#-~Qg#rLt<AS0CUCJL<4zx5p1RGn%eZ-*W+)>lsR&0&qUvLGLZTZ)S$Qs!(MG1b{v
z&N!H#E6o5sf3anBi@MZ7BvtN|*{Ux`)g_gk7wciy;C#;?uuBDsMDzvumA&3GO>+z|
zqk8n)6e2~ABltvqQv7zZ&x&h}*i_2epvd2puKe(X_fX0a&`@V@uyX`&Bb>XY(hl+!
ztoX|W-o1l<qq&O~aCzW)d;E#GsZ!!jL?lOF!Vk3xZDF#HVkb7+GiKLy@V0ied7pm(
zYY4|s0Lijvz*J6V=!$uL!+9+IUmvWl6q?>C{aUrJLW-vC{aD<v4k5^_t@8zrQ!oB9
z4Z%8ft!ZyIEe*sleI_;c>&5Bj=qxdIYvLC}?mgPhdyAEQ#WfPdQAqyoCzXlYzWCnA
zzlDJ0+Rvao4uA+jA<c{7#5f-!_<cnZxfDdH=)!2Fn8ie6PqmJ%MYV&%87}<J64m<e
zmW`URU*{eko_?D%0|zXkj?FGuX<3*35Fl089IQ}sUhCf&q_ADPW)FLi?SwK**WQGl
zahI8uIH*eY!D^kTtc)iiH(8x+9AJ;uFV{HDSJ1^1WsWO1&=qrE{nOjb9C6*sj}!$S
zl-QTuCcF1t^rYweY)C!fj9WR_1WWz>S?1yn+Y*CL{!Aw*YW|Q-Y_5#}$98f$F{Uoa
zsa?;IkOJa+`^K~NT-tornk%!ePv6Wgml7!Y^7D``Pq*`Mu{ETRDnY~c^-^$gPD%Az
z%X6ibfqF)cB~S%QrC!jprjM-=mn=bIrs~waA8okWk9aw2#7ufZn{0$kds#W#q%jeZ
zo0uzt>siU@vEeknB7iPP;_T%A?oii_AgU}iarg3SH79y4$BOtA+=*}$HHv8=y2Whk
zPUsW7SU=N|M@HuH$)T!*!p-*stRs50HkOJXnT|0#=O;FSJhksm7`s+)zF~>zzfpW(
zKU=I-%)5*c=lAmX<fRjAG~V29qLZG*)XeaRVRC8q{{plobi3N(?5+0WYfT5%&KjC_
z$s4FjI(~azw|eCv1l^l<jY>_UQ0#`7P%W)L5w*X9GMMH@KT5eWWEbrlW_@;9<7~3s
zvK9*P+QCq@1oX^=+S8edirv+tGnPkKvhQ4qxTa<5RC^M&0F>ud2(is<wXfC=9Igcb
zIJtc1i8{*(sk&o9jxg7dm;wQRO^7SrjUR^k2xnTg=Y~{k&Hb|6@G)Y+fwfol%gsU-
z!l{5yVB4m*_V$-bydN+CSu;v_<ltP#UwjYBR8-ChC9jf>z1G*c!<TDrci(<{6SJR?
z$o!Q-Vn{EN2`St>ns;8O)kF3Fgy2KEUH#j;SSC)trrdK+#{cli&o!|k=2)rH!@*cF
zS*h%`UO+NdK$M|JOIsQDm72F}Es=McW1Y1}`5RXat1*pwHx3G1R!e;(RJJ*8r+#k)
z;!IridKvAPsAC#-`Ta8okgs~#4i~r<r!WsYavKpve;<3?n-OC}ethf1lds5eBC8gt
zMr##t;3&=OyJ8UveMz`{VJ(Kt4=)!(_mf4sn99u`^u0ZaX`SrSvt~N{Lg^BuAoFc(
ztq)VkpK2GJG2y}z%ooj>Atoz}P`wF0aL*M3Da116?~Nyz8Ve)bUv~NU%I~T2Tf1Sa
zhMk4_>b^yo_c>NntyUK?gQa7gy2F&{^)wXC+s5Epr9S;Jy)KSoXmO^+Bg=!lo!)8h
zDsI34s+AN!#@;KB8)U7ehWh{b5UQMGa1y+)1IiAhHfpcXe8(&O3?dkTW;YZH*YCNe
z1GwDb))Im-;owR$_50s-pSxC9Mjq!pZdSg~JK{kUT7{X3IbZz4H6QRk_-4~<=?igD
zKQ1MSHfp~<<k(uw`V)CCRD7qlP1a^Z70gCkZfD7eK>Ar0MP3d767QY`SkdSuhs4#R
zMsm{KKOD=KujVyAz3(h0yL`q{TzUM=<v;bOTfMh`?nE5cmV<S-9c4~r8Pi4#^HLx=
zc1*9B>Rd0O8vm0w-s&v?p8d}*9{m5J4Cs7=q5uV?4~X4SSM!bp8OPby3<#!%xPy<2
zi-Xtf&(`~2ZVF|Ub6FbfN`6wE4wQV4zdl??3BJlcgE{|ec#~~B@`Ra;IPBMug6Rb2
z{LRI0pp(DG-_HVn(W3`5{TkkT{1tTayN4a__tS!uV5WQhZy=|CjXzuj{!(xQCHQOj
zD(DsD^oMO=fnQ^@Q~$G<enrbHdR@w;6)%o7CNNCe{Im2~VCm@gx3tVRyw>i|MJ@!2
z+W+Sebig43(~RSl|9Sj)r_oB1qOrhve{KG!BzPl*Z3KNF{nQfnKPnTEUy_OQyp^Ho
z_1C|i`P2-|Q1qy~w7Fj16=!VZvBvr~8(Li1h~N2qZ&~9Myb`uKa}|0e1kr=HxS~Dw
z9b$zh<y8d$RW9(+kNM^vf_s?Y{T6#%obk(FGxDA}-pE<-ko?4SbHvF+_X<!=Xw)vi
zd`T|DH+q&=ZOQoi>Z?oG^P^wf78Ur%*dO(9)Bb$-(+nW}&Ibwvo;py=O_eRgrRd#C
z$2mD;N6iWHmY4i~?y2I)<!8}9mGhPTBp`$qc9p{O7@k7mhFt~qF&G}ZUwMBKDdBD2
z7VBu-$$sj^FEcQ_c6>~WZh@A9c97K0vMUg%;hU3<z;Vb9Uk3)Nj3vyc)*WRJzhB}Z
zXl)w1ZzEYM?swJ5Ic(x|4_aKk9EtG;<jI9%q>P;rS<mxiAQC7fiMcdPv=|4ZWuKLi
z%N%wt5@>M~8QxWxh(zzN7_I<CZidt)8A<2R>V$pO4xK7(m+xLh9j=dUiaB2_ZR-T8
z;f@1Dhl`ivWUnilFt(FdC$=nOtaDGE5AR*jV}RFmVc$c}XjK)Y@NqKJp?+u=)wyH@
z1Pt6Dw#V!NSvyiBALo#CGBLh#6@OaN<Kr)nuse4w#qNv&o)$igb<1anPF2-H-kIFP
zw&~FbtnAK4_#3jMR}WOW+GV=?VLL;?snuAu?K&|oIbHYZ=2%a%OXmUkFg2JpN8*6+
z&gKZ<?gtwYt|d<r^zle-bd1x%QaJ&PpVGJ?3`e#na^-qCZ?>~xs{f+>Y+s{FjZp?_
z)XMJt7#l8A+!!FnTga~aQS&;Nvq*rXxn5J7JRaPAVmpRRYCkJ=u<XjxWE-``z7)BT
z?&G+V!9iY*YBSZou1zZ~VzpZ6xH~kqVI%@5-)~tXYHX){2YYR;IBPR+=g}^gh{(H{
z=^fY7#Vh#_nJIp2+Dz)${l5ZkgMx5u$ta-<fTn{tU=YvBb0dICM8h5nQp|!lCxy+w
z&=4wJyc2DY5Aj}%6}gO+Jh-Zw7q!*!fDY-nb0Ajg4X;m=DV8Jc?Og36f7HqMdKdG4
z&p~HvNws}s(MIgU<2~67v>@3yD}c4SIHzJZds)VH<%nB}j`YsF##oohXb-!#S$80d
zY&nPLwoZzz-IiI3)MJS4dT}cRD1VhO7pLxWR*nWH2K3BDjFR{LXqo9z-LoIMiAXuO
z>b7B_kY1F`RH8$)=x@z_=mV_SOosOxC{Vgs)DPuoX57(9b;i2q`NTuTU3?n*URPX&
zH9Sj}2<WY9r47ecTobP5HP<=hl_i_F<N|4}2a*kE?&0<1(h?T<-qzizuRbRc-aS_9
zN%CVZh?LdHjPJnO#8%oSo0$CduNmZ{+P4=2lP~tKl6Mjl^474gGCUyffrE@kvZLP2
zek|IVmz&knm6u@DPB^0P@Upo)q8V{))$Dk|%^nnOj_^;%eieP}tNlHfPzB_*)&ZbF
zvX6i1NvZM4MPhCq&7U=j0?8e!qRJ;{RE`PSux<eB$H}7Iy;vkm&BC`yBX2h4E)?X&
zjR-=5<A!RL<poaF1h1Xg6Q)gO*5Dy?sha)xx&B~dm!||R1|Kg;;)@MidGXEB@<R@7
ziOt2QZ9|J=*{wigtg=ll4x7CrD=6ae>?1%2Xi>Gz1(vHXW{)yV0AF~A&Dgxne4mZ$
zUvTtc+pG&8(`*vA$_5~CT~{keh^BcW^aZEK7q@|4=O)Uy(tTgg#lI2P=JrnEn7_iW
zaJ3VpOTmdgBZ|=enmEaq%U#$TW$ngakF1|K4Wl1e>wE<%A&mR*ax&0$V|VBAN8!~7
zkmz-B=bpiNRraHqS9ynC1)c=I4aQ$VNdL;QMXNGOz<^StqBv%$v$;^`s&zTsBueEY
zHK%SKqy)$n0Rs)Q*3f$RvS=!zHlMocW=7^-AZDN)Z&-R>@8fbG258PCSHIeyZmlN8
zaGwOnGRO@DSZ6XWYh8y+NyO77cvx)YVy~|`SE?J(p)3Zc1+9O@#IjRA18Bi_P+@U?
zcn)N?mU$vFc7Rd$d$zrB!@9!k&mI&YJ*3F^qI$j#zn_+$K^*Tb$;=MUN-O}N2Sh@q
z6Y2X2OltsKF7V~WqrvzDk~2Z$Q$$U{^s{O{V~Rg33IAD12+27ChmvAGGjo|(^#wi_
zhXJjrRXMBG-=KA1JKq9uCDGoRXCLWQoV+ec!kTJ`EA&D;BtU$t<a9-mXFfZgkv^H}
z5{@e!St02Us+Kpqj>yZOwolG29X3@3bXXyoHG!BZ;PmYT138NQOr4xwMu66~@&1ol
z^b@e>{kaaE0Ti#kdwmV7q<g<s+@3{SmoJ1I?xXT6b%;6tM=cL-kzw<10VS`9MYyU0
zMfDZ{0`T1N#S*+bY(bCNP=fiJ-xpkxOO6_Ptl*yJhd^VcYI}de$~f<+sS_@n_GuyH
zSA?t}2$$KnYDcZ`pYb9Bn)0SO2Gb?@nVgs_Dp~>-V<fVq)5E#phT-$^JUgrj`xT3a
zQb$=ie&~W^g177387WP#D1DgDYt^>lL!jR??7T9vuiiojqL)BscIp)^<}Y}Xyw^N*
z5)YEJ)eMx4T$SIYpDo2!%1mq({XJ;*(^>66KF2wbSqy~3g+*o)sFjm-jOBp__i^ki
zO=9tR2@Q6{)dM}+MLDZHrE(xp;Yt#>I-(WZVxV4KkD8irR&v}RB5+uK&zDoCJ-gPD
zAKi@Osl6BR_(&~z?Gi2C%<FI{FMwHA@QJy1)ysc9$0+yyjHl1hU0@=RsFSL2@gix8
zx>eiLB6&K;S}iVZ3uHdihR^#^P%Xq2Qp#M+K9TG3(j)bkmlRz;PUI2-SN^1KKSTci
zXVS#~?hN&_JGx-Bk1!_kg9hP&r|3NYPsZr`!U^Z1gFFnSSM?tu=E@4RP{h&ylL>bk
zf`@|o&XDrqy&OUdl@F>A6d%<8$)g_>io=AoS@*J_!J#9>6(|Yd>$FEdTdA#ruVyL!
zN!QKBK%00o^b^}k&ynW{ljsw|tbptM`eM3O2Og4A%53F0BufkLhp21GG_r^StF`h#
zuJemhm{I<-p$`g}r3`<Du)$0-<ZkD5uIbL`cK^i66kTP9RMQfqOkPcS^)Ctw!GBF|
z3Lc7(jbAc{FYU`ue6#gCgH(6ByR(4M*(1mZHz$E=T+KWpX+s{}c885cC(6i=-VU>s
z_pDNRrG4ff0`WZvGHYFcJXp?_8XI(+8+;?jFYRXjd`XB@xx*DAPkQ*URS?K|&Hg1>
z02`J`dl?c?^2~ZSpDCRaljqF?rf7acf#naZN9z#&r~?4&o}T_^5sS>@MaV~P3oNE|
zDf|ua4|;C_H$0Cj@EDZZ4=d5}CTy)uzcIE5oG|MP_oqsJj1?=K{CJfzC+H1S#T)7L
zE#1F`K4JU8Pq~hpblt%${kWf?(m(4@Ra%|D$_Zbx>coT;)ZtT~M~i$1Wf?<I1BFvF
z5|Veq9p#%wzBMd{cvjXYtQ(msXvNUBEZfB<6)hY+vY%mEw!bA2<J!S5^{h+AvY)$+
z&L&BrWT8_i&kYe=dUD*P2k6|tiD1ojPS#kA>KnUwH7I&15^V$>Y|sM7s6){kwV(U!
ztij}+Vqzf?ZeAqLdG&acpQ5_lFiX(HI2+jkEG-vyW*ZS45mNk!4{2EvV|%IF701On
zTjKv{*r|m(PF-ITTjXYD+k|?Wf-u(0(PMPP9n8|Mj5zDs3)g<h4IsGKDJ+cBvD^Uh
z#6tBYL3xf_AC4SW-*1YvY)C%3&Emm$#cK6v^2k;)=^;rG&i}Q63X^?9zW_4Z5$`m?
zeTGjo3%c(7s)Sy3Y|-y0f%+={c^y1N*aaG#GrI|g8?)-3ako=HIYq_+yE6gnIiMgV
zh3Qszx}V$WjRfW8$jdm~wt45?sM87xbh-g~89&!C5J_vB^#SD>XsEWGGV(MfXU?xL
za>j`1rBr9)3s`T$qLIe34W*&79qz|xb}3lXtjzL8{|@euQ`>!_(=y#{QFP!$4YG}f
z`=j>RW0BdZH-8NvO*X!k5o25mLBw?vS6C8H3t)IkZ%U?ef0{gj{(&mM39vBah?5!=
z)J4TP!z0YK^;$uT`b8oo7n5Ir<x<DsAsy8CYtADF;9&jd`PD2mVncMHxZNVTiR)so
zXjEvNa4X2PXT9@x;*j6kK1El9hrThGvX-Zg?&3*nBppVv7C|ixopvrtU}E2U^sw}`
z*rEQj=ZkIK&A8?cf-3^gjVE*?YdO4r<`1s|m0zF=SVKm(>vUX2CVQl0X}i4+1+V2m
zKF431eP3=W6JQ!<IRM(s=i!e#5QK9pTHERmtaqKXrqjP&!MI#BNO3iSaXvEGLVcB^
z)EblRt|u`ff=h+&FzOC!Ymtw|LJ@N+)*eS9_GQxLX%Z_lZV{@ddd5wpVCOJ}QLE4O
zkQOJ#Bl}K*^|(P&zdcSkwpARa6FlhN_nswqZ!1LgjWD`E6Am?A$mt}gVX{3e32XQm
z3V_TOczgv}vBR2vvFcYG5lomR<lO2WVINOS#O~Y8DHUcNX*|6dA`2{fQw6hhlvdlW
zpuM&FcP%yvc@kByc_tva<*+Gdp1$+-S5Ou(qqc_2Z&b4o1U6o?J6X~K9r18q>Z$24
z)GL-sP{F&NnVhe5^}3d_7>SmHO4K|7-|0>>FzyPPmkMuSbCjB`C+5Q5pbOOEQiTGj
z6XwIDy3m)$O~U&CZGq@3lSevCZWv0q*H5`RS8y=8wW*A<vdRK@v8;&8$n1l>C6iY8
z1`IUBT-@hlccZO?S)y<t1DV=o%fq$l>ijQ-XNU^L*qPjl6b*<`xrySpp6b<#&BkG2
z_)>SZD_I?)t;24VE(5D(-_Q%OF*+g%Ra>gA*GYNqB9VIEeb!k&>K6Oug!<B&xzFDq
z-lFs)ueDbm27fG&Z0@*thim-X%&OdFqdMbYDW~V@CLIZx2Of`|&K*_STCTDT=Jpu5
z5=r~?mrEa*(qw5o>gb+%$H?2?Nfn`^jn3S4WoW;VWw<xd*|eIO<D<*JE#~y5ATljJ
zErKszTCvYKenPix*TZ9Ly00?aHBZ?H`qM;m-U13Io6h&Q7^eq$(*+}H)FjxZBmM7P
zM|d=0?jL|-(@9ldprv#+PLBXlBW%a^Hs;~F{oQ9V%1g1(&fT3B$0}i|Svo#0`s%53
zcIss*sDeVR)DGtinhZ$gO0o{;=1IETyJdv8#QVjS<eY8Hwdu&^j{;?ZH0xPLyGPSl
z75AO-0D)@h2)@s`<yLEvxJUc&4-l8k$(%#Wwq$W5@;fFiQk6&|#ARpj#~t@QQZVrn
z(aALZRV9bqq*eBlw0e>6`2o#uRx^teFD)F5nd+QsO?i9;czD-S3JXf#aixWZ_vT4z
zNx;;0>(RVidE&7yI66M&!w-ef%jrhDw<5SzJ;I1)(+9^lE-5Uu%o;(5dC1`nD7i>t
z=jE`WM#5JRO??-}RhmNBN9jArpz0vXx6TbxiJ80eao@pmW=-mi0MT-H%fPh98K+$z
zEB<_RU-7os#Pkn!P#X*8(L1rPAOnG!iF!sYW!IYGF)2mi7)W%5Pwo*(gkF`7lxFXB
zLPrx^mS+pukb-IT9Hu%jqbbc_T0D1c+e2^-fYSKtblwGHQbZx>xNjh-Vvj8&&~P=_
ze`928k>+^QpNhi(2TXixO$vP|y0DpOl6WAy+=5P!nXQ}LldGOO@#$RAJq%CzTTlL1
zeV4?-v1vxV7t8W>CR(?(`kF$Pb>%kE-u8UDF}ts^)|IZ0QKimpMygmL)9wB@O_}rn
ztgU;KKQw&6fhw2V`PAzc560>^`3;TA#o~O}A#a;HW)?JbCs-EjODs3wMA0GoRpe}S
zY)jP<f2_uu6Ux7TC2ZjY=N%hNE7x3H<!M#J8*TV890TxXTT0~%wG1K2_5{ha^G|7@
z>4BY#b<{LL86?;9ru8CfF??OK@3l4p^0F>zI~<ZWCzqqkDCrREe)j^!F+AgLCD@sX
zix9@jG}M~cQDikAm2;Zu8){F7?e`TDZ@Myc8O~Juf|qq=GtG@mi;>>;RXOfl7DA(g
zR`ZW^=mR;im)bt-piaX;sSs@jc&ITFO5Qc+%NzWBC6kL0e1jqVh|qr4C6B}Sx4(n}
z{(_XVcmpL9?lY%xIN+|_c)!3xPoXm2ZI4TONTff>ABNVS+|^!*yRh56lfl4$;FS(&
z&v&+7vyJJ>994<~F2yDENMb8wI)6qMK7(6rV!qq-VkZml+=lRj`Z?I`jE7%E(6!jq
zP0dB6E=MXD8K13TDBG?(L|lB!cW$=2W?ympvc;!U?rQ8;4@Xh=nEj+0=~=H8ju>=g
zc{peA7Pz<|CTyJTSG@R0u<pMwqKJ=^#cg+AUMZR69bjC(5vwudC)s|0sTvjgwwon{
z(Wb+W(!_*U1ys7OPy4N7R4^n+eMZ8%XDRmq*ZL3B&k;8aH(uwxBZ!*7yml?Sx2cXT
zuJc-R5M)QJL;I-hYrs6_<+BD(=+fGf0IQGq!B)tbR~&ZdBw**D=dw|DrGXdVr&;26
zoksIN4;kOUXk#7XrKF1?jB)f@Ed!<qzGj*lp1sZJqnTnz){{N!Pi}JD2n>(K>w59x
zY4@uWK;)%UIfwfKiOvoWZ994sc=`L|Po{S^FectAMkqd0?phAbpt9Bx;`1*>+l)KC
z8=u>)Dp%`H?W-xwZn^sJwU(7pa(JH;yQSiY<05;-;G>EhPkXpkMc`8w7fsgoOtBDA
zF0RRgA!oU&or6X1d7FB*Q}PfqIP>vAZ#o|1f!rCLqrM&}x$l)Ta(k;{aBd(%R&_j*
zYI6SWsvCs`C2uFFk{tV5J^8Yw@z;d+%*~wZl-gL07>5z%BnH{Q33{RMy|dS}4!v?U
z!FrX`Em`~K(xcjQj5fqCl~P9~DWs71h0>1?M{A4Ff~l*1jTd!%isfu|pS(a9OoR4l
z)An3~TyZOhUj*;-HtZv?iLpiO9f|tVz3hEE6R|!cy*j#B)|h9CaTBY&`z_U9#Z^lP
z%4B$bN}2*VmQYubvu4FFe1hcdrgGnK*AlnwEbw$TQeo`z`Ck#&LRN4pQU&1Xj*h#B
zMew7mhiSRP%pYorT~3j|P|rf1{Gsb|a%Ndf;1p}~VI3<MSp4DL#}!z_5Y`r*chg=Q
zY_xEsjds+!w4rr>RLa)g{V5)#G+Vg0+1UynS|+j5o*fsn3cvcdf{>QV%FN^zHId_0
z;u|64qKRl(#gR8m-@$(mLYE7T4tM$?r-v$RL7*M?0;XlNE7sF1b~UCrLPTbMBQzS&
z$jMiM-`Q6q_ow!rY>>+T&hRebH^T7jy+~&zmm4k|F)6LhCMTx2TL7tSXiqCxkBd3g
zo@#5Y^fh^=|I{7pv!Msni*lm8eH@c{zM3x2KfW#bBo~5JtjmjQoXDF#Ed^T;6*yM^
zy+wet9XC=U9%rvnUbefBD$tA=J_XiOekl&i;8caRf+}lTj7C>;RUgjk-KMper=YdD
zkGzhI+KEGLWdCMeOecR$LgRa8NM!%>u*I#?+bWn=vd6PgNtk`0V=8$EwgIau7zAx%
zPsMqkkU47k3j8h={!Ki&rdGR3t8|0N*2ApEbOv+i@$$!8y3S6<ttNki>%7EL{wd?z
zfIN;jYjO8y^(D(0HyNT*<DrR4WN_j>0+RAjj`qSeiHoE@0wi}HDzaWPTz4{W6&3-B
zuD!DnuSR?KQ&WC7$=O~bcYgJ79k*8Du+7j<xIE0cVC}C^`T31-5!KXWJvro200Yt0
z%MGh^ixk5e=YaTGWheswEHY>>MmFqUZT1dZv!3xiG(>$dm~h4AR>?K%n?@mXH_InA
z#49}>q3wHYEeaS)+S9&B7Xaa8){mXDdQBY6x5K3ClXyWT%d{TNzP@VuSVFWAYE-nA
zhweAf#U@8)^PKZ{oFA4EWM97eH}ml8b$e}Wcl)ws;s{OdUsHvkrh4Aw{*>R*Q0w(^
zt)|Er!_)3lQ9y)q>QG&eE^N}S>TZyK&o!@IF99RK@vwT_Cl-6lo_C>phT&gT&(z0S
z3`k2qhkS1n_q1yctdSnseO}el-3pE+xAhz_wx~WeJjtFry+`SCPPtq$&$Qm%MrUk)
za`MfsLY~eG4`ckOA;{-bf<2^CR&5S}mXI7TcztWxL9Sa1A*|xO(Z_U=9lnI?XH@}w
zE!xmdEFLHsWkcqk=d`nHrg80WD2Lb5@sIrOQ~lQDe`rSv*Ea2Jym&bMo;U%UKky#Z
z!o7P#O4~>)f35EGE>X>AxzZ^k-a|VS!a-d7tizEv_W4Q(3qId__M`E@;qF_E6k1;<
zGm!rQo^_1e>M5k7eWQ26lUt|5YjvUWM;euUa8S;eeX(#M#KrFMXy%$tURBNRAiDuQ
zmnk<#jm{5)T^Xux*R&C1ePp6vKBYEmw&Bjicp2qe&i>T7NYL2UyTxdS9z9!kxBAEi
zhWxkb2OjIwI+NFKub;{iruO`iMVXjq#?mOIq}gwlZ+m$w2%LN4;y|Y&+3%cCOjC%A
zZn;CF?_9FP`5RGSBF1tC2n0=f)dPe9GBGyGR7TpPd-sqqlUKBs^8G)t_ySN~$i`4f
z!ZKz`mEt7B<qSmjOT951DL}l1D{hwZdj`9)w`ZUG5%=ygzgdaZ*ti=#yMINH?nPst
ztXOoxX44DOXBRkX()*SGl|Aj&$l5D|E1l@PY&s_01xeUkM`EViVvXiDH0#vnuyi+<
zbzfv;j$ziRgsxmBELPwz-cOzCFU>&C+=)3{2tIFPvrD7<xDC_KmcP5Mf4tEJS3i{5
zjC>EKq|PE5y-{>U%VEU;N;J{z84)L<X!+vE)5iX~f!r;H8_JSi4tou)cY%)*$U`Z%
zs*C1(?_!h}IE$%}d!15Qbzl`4s`K`C6KgBy92U3g-Zk>jV?XLW@$i!=yR)sABs4sh
z_q5lzNgGR$l7Cowh&YmpSO3wbQJv$pquWsLZSTl@vSK#(8{|^eN6_!0)ivs$O^9K1
z!Cz-|z&Ey)^Q5Xla&lFL0HF~Y@N858$eKlGegIQ)LU~?9IrG3sFLC`U2T!*0^a(17
zVyo@xE+T71rBY5t*B^>v?v1WRSa@TUfkSOZd5>1QF{&OKtQ-)zH!n$X-?}8+IrIjw
zs<p%6-rUvh#f7d29nS61YqOE^5}w%(6Yn0fVzUl;iwmg$US&ip33G>SKpV2z+G-PI
z$~<tMl1es-{>9s))d}r7o?2+dp^>H%zEIIEBeA}?Ot~t^naoQr>=`}1dWx8+hGSkw
zov>mQ^E~zPGD>Iw^M&qr!}#~XfievbJ5by8?#|ag#!w0hKBi+lyMZd;cm>g>|Bc|C
znLo?$cDOhSupZFp`H6h@vM7Jyx)r53Y#V4W{(L`&`q(hfV6xBs<k!D?twmh_V<!Dy
z((dmBN>IBkN{4*tZM&hRATQbcs$Qk56xW_EI^t@s6BnWMs1iKha(gL3bZr28gP2;%
z(2=mvg_s#*{3!v7l(coQ9wD_*kelC#!s6!D0np(_FqHGlOWYG~VT%_HhRifUH?~{1
z8a<47YeA5Um&Dcb1wE?52CH!5e+recN$cR)HYy>Rs@~nvtE9$?4cK93idcV)!CrbE
z_REE<O%1!<)#8ye^0$qeR@X}|eZiy~+z~8m#aE;+F%h(4d50H(GSajJOaQ_&-cVl^
z|3T|Yu!Nn*l4Oemh9}O)E@R3jLl;G35)Eqv1vYN!pZU4@Pkr4f5->z`>v^voqia_;
z8a?1kq9sWq4;~|k4Pg+%4N?imb%F^;vbEiv5LAnl3vO8~H>F@Wuv6F$cQdej5DtBd
z$QtcQ^p{Xr-%*(yG7p}(EeXrDP^YBREPCZ_)jD@xl>0xYyd43D*3_)Dhz&ep5y03p
zYa2|5S;>`Nn2RhI2QvyW9oMm*dB4mM&iETS_^M`9vdG`#1<L_AbL+MUQ2+jJ!dC)e
z6be1MT;GazXB)rVkOX@X(kJhPOTvUOsjdXF*?*_{&iT8*b1%)}2TCvkA?JM%S^Feg
zZ>3faUz%ms#BpeAPhCSAX#;J(Q;N101PXb^of(p9#%^%%o$wwwIQVM!)1RlC=RRmc
zT}y1fgjNzcXnCc21wK??jnG@{s^>s6-6u4aD*5}eq?ctFJ9`^`=cI18+QdK1A9!k|
zU?Sajaiif<>rJJXbdBit#K@R}-P2Z)AAA_NW156|u-302j4D-h{P6YSt2(8my$O#^
zx~iwS>_2sKZ?<_5RUnsRXfm<sVpIG<r$2XZb}5#?pEx)9R3#q5=zvR#oGT4|l-s%+
zs>=*q1Tho1Itrp06j))e7nkB0dm4b(T0HDcyRZrU!I42FDznNl{%!w!hVChT@2^=K
zD3+MMbY_^qn;|O{gi#u&C4Y7%h0md??=PNbouh$z*7ox6!|&9st0aGSb`Mz&$ZK>{
z;*)(~C~6XRM)oo*>(5QzJbYONndR_{on6k9_V|JCdk1`|VsvOuhfnK!BilRKOvBYs
zHov(@3HJq#Tjda!8V?QIJKdtl)Kd2v52N+*kr18fN6@ya?1w8~1PK~1L>4(_X2#sy
zt)cOBGMiSreUdOw#ZAvf;~%Z%RhyUP7enyI>Wh&qp&Vlq1-e1_Lq?tuD93VZLU$OV
zvLv*cA#<zJ?{*3<e&%z5hrM^Gg|9w8PxOnq!CMkKTi@f=_52~H*A2aZB<VxIHJKNA
z^~%>f4EzflDdSJHJl;cOeL2bCVn=DK$@5z80ZF>P_DQIB9Sd`ti;*^BNa;-xx}Ye0
z8v|6FkJvXDni9>Qpx!auTp7G+uXQz;Y0k?}5IRs0ZGH16i2{m|6acCodl06w^jIq1
ziETZzp3GQD;;5@<jfA@6PAi0aw$g$F3n|%IBOwSVR8euQ%dx2ZATHkK>b;U1FMQ>B
zb5P8VG#v6e!rb09jzIZuV&B12qR{KnyQknL?<qx-Ks3WvwMc0{JfK|j<feyVmk7c2
zS^MSGVz_f7s=!BHe%E-+*-qV`E>T^0e8*zgy~Q&5I)6*0z>|f!5T1}Ux#YWf2F$5l
zrd0-yd9}u>q_<Y^#mMFaA>+>d%_#ZZgKm`O2T#*@x@G)iq)#H_c;vnz19n2gyyp}V
zEq;|_x@(Uv$kkEWD_UhRKVZ^v#moQ6@)xn1tyq&9Q`5`E4>%R?&sQ}ApXz(r7_jiv
z_%_tN&KWji30QyD^(WohXU*BvvV5w4!DtL+uq)2H(5(^97!|blLkMqJ=2<D4tS@ak
z750#E(6w2a|8K_Jj)DGcafi&=wNjCTn%Pco1pipY*zLhv%}-|{(frKgjyT1}r~}Th
zDCwk=XX@#AI$Hc6o#s$x`=KH4;Bm!fyTtj~!sUR`(t0IsAOsK7=`KMp<P@y+13iUr
z74y4s1>bC@AQz~YF8EI~vVLj1;(j?_x*q%ZnrBzHd85BjKJd{w+}9^ccDNCqFMG{;
z#i#YY>nh+uo8>~zr%=gXU{i9LqV)OvT_0DRPQbaNHG}TtLav_!KF#qi>hI0RTXs+{
zsQ)Eh&6?_S?cEd@9{pu!PQ@W==i-a1Xb5BLubBFk{oWM1;2k44#+YbXZUfFVgx~7^
z5~W1ni{i=2bh-s*8{i2AvikYMxQB;H;Gt;el9q0T$6T1~iWE37O?_!*43mL7N$iG|
zf4Sy5hkhH%TlOK>Y@{>S`6Jwm?cVv=<P}|&43kn8#_M@_uhJWr7u({`&V4ROSGv<(
zDE@(f+dX=6qUb!P)zPu$yxYUs2HzNzDjpQrpga-Dz83WeB|n4aj!T>QR@izemB*y1
zAAZuWeX+%nm*fSo`J=lTO4IoG?@5XSAewS(kijh!EvtXQuP&|Kx#NKQ4Il;wJsAgH
zn~VHS@FOmyRxFLe`abSQM<zB$VryCKfYkR5aX?z1&9lh^nk^a<uy|^z$G4s3knU+7
zqen@vpPxK%Ssd&#2yfktveagD3g#2&Pjg&-9lq^-l51yn%5z<Iupr$rs<c&fX}P6y
z-w5@QEqb0)JQ*}64V4;EPAGlk{{F4g^~-j1x?QZVj}P0L(RJUGT@-HR^gTjxp-cCD
z449JnZd}@C)TK832L9pg=ywZ>O{?f?fzhLaM=8So(zW&vBou_nEoT8@%dWT(*?<sh
z9k%iXz@5vT`%b3rld|St#?5!`+G^xXdt&$5>MF}v3E1)Rst-tA!0}>^k0%a`nvxu-
zo+v98-z^w4*;k#O3k}R&))M3y(~*Q2$%3$}IbHI*_${7X=g%g5TF<og2SGFdkroCo
zHJt*=aX*?3#Oa@}@&F0$DGMfWte*b!7LFH9r`ph`#bNg!a-yE`6m<0X%fBylyCP`!
ziEx#hmAGhrx*seMSl~H4Uvd79Ynj)hj!UcN?r&q{@ID$+CeAb9i+9z<XUbBt6O4TC
z^ce?YIZO#gl3g4Z))|;%CdA2nileHp-^Tw+)5gO;0nIX^Bd0=gjebJNX+G}ay}Fi|
z$H4U~_!eT@N9I8G`P4Q1OlrJu3V5hL>4rpD$(xqeWG-gZ<#LC6dZTb{4up<<N3VC6
z-@1%BmkcJ`K>gV>U5T{h(r7(gDgPljxE-3s51){ZoP#p?_YyN-Jy}W-hp9cGvBya_
z;pDWq0@~cDE4XOwalUix4Sx|~gFXI%7X}&FXQ}tAQ*^zc+EzpkHWvE3aSy5z8Q5m|
zm?o_E)`K$d`dspZ?5qY)cI4EW#sjsE+87zC#^TrfLlusC@%@)rLw;wwF*gB>T0w7z
zZ4GC_HeGEqbX57#rt8oHll2KWRzlNJgP^laNM1#btwk+wbgMjg0Q8Ym)CoKJsZG*{
zFICs8!=A?6Ch%kr4x6>>WFD$0TqLr*Dq*ue6`KHITrm7HCTe<}e>vuI^MXwvX&`cE
z;BgWI(eWVq(OhL;%(2DBSp|%%7FIms+-9NbH2F_woCgEspt}pmXybhcg@v8A?H|qZ
zLcFBT85+6)FUPg`h=Upj0w023zqI>jn3;{7VQl5+jpAUKrC*G}%kG?pmA-Z$yf)1j
z6L6H=<>yi_V)7%}E)ABJ#+PbEyXwu=uqEfoM7Q&Uys}NfDUK5yQhaR^Fc}ZS{(M4N
zxbBUOWTk}toct-6`!YkfzyMePh%NCBy1Ok=piPcTGtbTKLs9ehPc}YL)fbe_TV#;g
zIL(p3ekO<UKW7L6fFT>txvHef`!OuUTMk*#K!)fobau=t9oRybDyIR<`3TW|($2tA
zxzo<C&*;66sj$|yeK%h~3==Kg;XSIVD6rMalSzH!C}n)n;IZ7?Mu^O&Qc1<`wH`;@
z=@>LYKYT!@<Px%d2JLw@a%j>bWGafi?g#iHar9LM<UIiP{u?*xA{n+;u1mp=^N@gn
zfiHkV{jO6`P<%go9HTbo@?)c7_$Y({QvS=mUmfp#DI`fi3`-ntTm48Kw`Y{$zCd~J
z<i9Q@1Fuqi^7})aDE_zKJO1y!Q1buk+t&ZXP7SD&4mBcbzg*}}gA_*8o#j7E!3Tit
zFN>gHI=(tk6%3aVT=49kg4AHG4c4zhy#!#mNFC;e6om*J4p-$AUt3W1G{ve547cjo
z%ME*K%+YN_JwqinTeP58)r3FwUHZRHSky;FU$e`f*1f%&XISo_dwFlGN445%F*U6S
zdgoHJf|*b8Jxq3*G%MzO9MgZXPV2ga4pxstf=39EmF>lB!rspN2g26~Lw7^2``<|5
z=!<Y*+nt@Aoj(5&Iz=U+KMBzK7yr6&FZ@!T{HDn@CriJ?nXC^#e4wW1W|gwIhb#Cd
z5th)<XZ(y;9M;M8FLPIM!0}N6K|B6xi6GYIPU+sOt4l!XA?MP+wguc!!54Ch-q0^O
z+&c}g+y}Atm$-20xs#&8+NZcozZDC&g0lFShf1vuMZ@MZ&0}0wjFwchJnZii@cbR?
zE)0=<dJeEI$Dq7yV-#VEdKo*l@XqnJ#7V^|!l|5CxtpBFl%r+^^n=m=d`L$_Lig)2
zBPl~h8OP}Yx^gz$$aLBCoD7n5FII|cE}$L3*%-s3FYsSQjvFmZAQx?#_K@d3GE|pd
zKQO_U*v!n#SY2y~fqIw2S{V69H6v$c9yxHjmuU2gR0?88M1ufB=wq*TydC4*mZ*7r
zbH&WdIF$Q`iFU|p7=Z30*mN`RmkU9)-eQ(naDQ|C22{ZqqH>3S$dQBb0(z8jL97WL
z)fXvy(SJn$ufl@YV7<12D!Q<z?ZM?#`H&be*ZiSx=@>F|^TyqU_{%SQc(J;bvoTj_
zSM2vUn`Q1<!2Wd=sZk2nGZ3;QGyy$SKGH#WSFArc+JRXoMXv_8q|3uLODq)#AUtH`
zp*mqxr9}|0w8Yc>+`cj-hPF(w+r>B5K^?<0_BpWKHgJnC!$3HvA|+4bFZhm56~M)-
z99DQ0|7PWxao<%Ank}`+T7Ewvcs}P}UIrke_5FsuGX&xs@O>5GU2WBzYgE}7!g6Sv
z{Fj7-nY_GTjIBndlE;%to%K+CO$j1`Up8$uvM-YE?<THkF|Ck=zx=mos#Nqu|Gu=K
zeWkF*1U&S$Oq09GIb@HgYCg}g-=<Llme1oCtrHk_P$dxaH|8DT$;ou8e=eX2kAd*s
zcEsL|E_gc`(To$|R23nMAKkMDNU3XP$6cCAC0ad9wu2=$M51fvtH*ghF1(((S`=*v
z->K-cN?bcTu&?<6Drd3~yuy~j`$v^PKQ_*d)0121DPk^%$DJpd!0j;|%#XhePruLo
zfAAX`1?w?wlMx(@*076wv>zvvI(5*%INPzX=M`J7s^0Wt_=G&LD5d^Yso<P>I9yvY
zGtjfY-8GOTi6NsqKS27~yRu@o6U7wU+PiBxJsw>>>R9+#dcO3$^zXVR1%=>)5+H~4
zL*EWNL-T-7!+tEscKPV76zoRd;$!X?;IV@F$NTT+DTzL%HxYN7aP0%F3+9**u%qL?
z|E0OehD)o92Hn{q2knc=9!5UhtqK^6POg82J;0g!m*PvG;mfo<%{}mKPhJyZw%)gi
zEE<-9O1ho`S6=pWx&}C_b)-z^sB55lPfReajIxW8HFwCkuVa9)M5h3o`XYwp4e6Z=
zhN|XlR9kpombC4p{ug2Zh>8O)0W9~f5^aC%Cd75w&V@NsgSfd5i`02^zkKahe*BV*
zO4-aYvGOfuVLar;ZJ`U$@-j&@-cf_~MMt(aw<U;*q4*kr#jzx<iplD#SqlwtFwo79
zO2`2l$bh6#Gxdvh*F1bT{+bBDGeB~uJk$TSshDACd(UAkD2rXa+>k%5fp+cKyAk8M
zO9w(n61EGTwqJhPCikYF;$L_5svx4<SvsD`y*z|0;8W4sRfP^SxaTV4J*sls-7593
zP*3k<2wX8>Yc-ZvCV;X){7a+7b+CNrcD}{VZU5R0anCG|(Uhu@9UGHMM?P%66(Nj0
zDj_tw7gVV5+#cJ&#6BPCFSAJlu$&7@M*efNDmmFQcNW~Ov>E$vTzc74V}-S!Y2`fm
zuUm>1Rge;kI^U5}^8Nsvyy=*Dl;U+bl7}UEOw{@bU2DK3dRKUCTmGz4{tM$279(@U
zYR0E#*rMTl>m?_~P5zam#7#$@xTo~5tDFF?{BONdI|LMg<eV+W8pWV`TP;m#M=b~>
zX%Sk(+J&j%el#(>*zks?W%dn5cGMv$W%8r!_9zY2t2FzAt%YTLX-rHEzwVc3v#qf`
z7}bIQywHE<zmfNzK}~jD*r=kQf`El0AfO_>DV-oi5fPByyGZXKgepXoq9CBsdkrNt
z=^YeAdhfjnB!PgG(36~v&-;God1ua?ne+SbkAX?<d+)W@Ugf&3?RP<dOp?@qVb8nc
ztS76lDgv>*q`LXW-a8F^v;uFNIslg1SSfNv%nD|pnMq0jZ)A)=h{MRY(d*oRjJvE!
zxm7sROxqA#X&eMM@7-0$=_-`wJoT%3D*1<v=IKzG`L{h!BHxXX_%S73IqR9TuP2vz
zGt5`eS)iUjq@I_!kr<*{om{ioTXg<C56|B(Joh{jJam7uxZ7BvK7**!i~aawK$X4S
zruBxOiVuop_^gjqADBw-m)-p@V0#}=iz718gAA$9ZGX1iS>2)(dzBAAocnT4jd^{n
zC`roi7@=L@?zaE#YnE7O{vo7`?41(rF^L6@4^@Q-a(AHc?*{Atju!4?69hQXOU+4D
z>@Nf1EQ~7v`q5b$a@d<B>N}0fIDFJ)x-%epr+gqQz4CEd$STR%c%YLe*8%L!g;ibI
zHv9Mlct&~W=_@Nb8M`Xy`MD1vUad?k-U`1pf||}J1Thg8ksm)YI(IfKNG){fqDY-d
zz)x9pW>e`cNNc{STY38Z)Gkl2{OTRLx(jEkFpAKg^JpC`ReX%{ns&+m*OKyG{kv;A
zVwR}WAxjyuss_z6{K_S^(-dhnlow~!)uzLxFhl2Bc(z4db&6zmc_7S=lbFAVCbF1J
z^2Y3J*2%%N$<acITO^aXhPwL0ol#wB)6yq#k+k`8nd?4%$&=0v+sB);^^NIDMAY&@
z8iQIg{K%nKy@|r*R=pbSyHyMk5!$4R?bE?ZK}wa*4s#9OOFuty>lW`-Ej}6a*%a|<
z8co|#h+;z>jft%FBnU#$T9QbEz?^i7NB*aWBW}^|_fk~YNAoKu3y(U*bYvteeWoXS
zSZCItWTW9iQ0YK202KxVnw^xg<y?xR*<$y-&9&xo^J*p&x(D6Si5SJGFC|UKxGG%;
zwC*SeuqPQIUIWv!LS-YI-1%ZO-x`xirKLCIhGZA3=Vv7{xUT)+hcC-HilLJ=bKZPC
z`F;Td8&JVys`?RZmVV|uI==rj?pM6%yn7KLDZ~de-%OYc=(j1i?mq!bwA5z*#bLS%
zlUq%As?R8C7ftJ~kiL|s#+68lBsPAMEam3|91d9QUX@>-FTX*>bKmfl?l@nG8yQqo
z^7-D=wpq<Yrv67OfFDRWU6Z!AvH0_Q_Qvx;(bGJ0j;V1|7{)Qg#(n+);3W9&J3u2t
zLrMAbI`e=Cn6a0}0SELh2AW;7C{!ws3UKR+=Df-FVxrPMj&|g#P=TQ3GY#~~Z#mbl
zy=2=17uh&R1%=KCMu~=5TXW)uivZ2Jm5FaI2P9NU@15*wmegl^N3->w>wMPaW_eiM
zA_KStf;J0~A}cxm8fNTPw6J?n8GEiNiqRW?8gO%($d{qcV6sEk6t^7-X*}KeFmB4s
zD|w7$!4x;4GfWyO813ShJvd!eZxGh!u4n^ZN?#aN78;3)Fpuh!(u9~a1gA6AyDYv_
z5uLZ#j4?f!^>v0qD{1*<wY0ToCo98l5Du3k-QgTh>EcBkrz*!y1Xp`S4f~SWR(^-|
zOEd4yxcM(@t9rdBh&_kKOljC&L9Xtia?_;n6I(jPJO}SyAp`KeqI0+Qm(*tC8q(vh
zr$5QJ>0~l1r#F;lU9@LBpZg-)MK=1~Jt22qYU9WBWp+YvbJ|~O^)FH%d3VS1ntX~4
z<?G+sc}-5_IN`1EHPczlz4NK>Gr>Lbb`af!zH3S+NW+?Dsqfw$qv1W8Qkc!^c@51z
zlo<NSq^+*Lz1_~dE>-@j4eS}+WiibJR>oW&nZ_e=mxb?z`sIl>%&_e?T4w*l#hF?+
zjK7q1-|g8sIoUN?V*wR?w3IWHX?;r_w8X-ZyQ|Tt^FvclV1}a@?SkFa-tKgL63&he
z;TWmE{@x7;tKbxPJ00_c^2K5O&0KWDSFllZAJRt}{7`3JjKhZ^lqlWioqgf>HwMqS
ze}mXf>1C4R%dW*c=`qwq$u|o_Z-^_H8U?<Mj);3T6|ZEu+p&3w!bGtvPnBCo8mtXu
z$fofcia1P!(WU*?*4OtoTr*_#+kR(ozs>=isLhC#C{;G!$NE9^>a>YF%wE@YU8(Xi
zk5bB%l6H1>;7V~m44tJYrhG{?c-BZm_?}*aS1Hp<wNr0mToz+5<f_x%k!ew(yy5wr
ziEI2Znr!rgqPMwq3e~jjvy049NtjGH0>7ai@p}8qqnY5-Vb5Z0MO?FdqnQ9dDXsbC
z526$&-~qh{1ZMrUXv?3;LyL9r6Wx~syI;}zLU~Mlbh(9dQYA@inQ~!5cXr-=9UhQ!
zR!L~45Z*DUaajyu_Md1;d%#b}=OPM#H61<%O`7`?(XcBu#v1r{X+g#hY^N9Ns3G!k
zKx&bjQ`p(l2T-QW#uQ?YuPa;c{?I(%%AEm<v;*Q7@Ktyclg<%XYD+?H>Z8|>=idC}
ztbec&EiUxRsNSQf`pa$KbX80+2P1sdF*_i9Ca}rt@uX}y#e2ic*nRSH5l|5e%!%Gc
zn1q)?Q_zXpjwL3IQ`6_~YANx~a4OAajihMw<X;&;GF8F|_(*BIUS);-c=5-Z>>~4N
zQ&x>~6PFtvI~qIt3kV>_7lDo6zxqP?nZPgzD{B}S{g7t}!_-=<O2YG7mwSH_Z~pqP
z1+_H$h}UiS2c?N=Gd}3HDulIBTn7ip^88BnNW(4Eb&sxCK4YI&?D!E(NPZOi<I)yk
zhjvyd+nMm*1DEDAL^#c$=i?{r49YVP7JKNLLJ1|CCk^{JqS?aMv1i(&eGPYIH!x59
zKn(gd_E?R<?--Q}G5W}n52B<g)fQWdY2${NhyCcFO=|Ppf#XYE8S-P|7o*=lEVgR%
z&eqRYdTufC3td5vc6W7YDT$oN?5EAp=)LSqaIzzo+~mmN(xJxhPcQedxy*%|qA91~
zs(uI4qIQ;XAL``sO8ls;QpU|G(KpfGWR!GjjPj$9u9z`Hr_#{@t=rg4X^PM$#r#G{
z+vmIQjYS0|I{DWtiZA1(ate!0n>Rb9Pal7@iMyc%(=6HbI3X?0qAJE0LMooXJ=nDy
z(Z$C89w8Crp6ZMRY-+L-3b<agn1wjI{LIW2L<_%fQ|XQYU1frQFf_kO(kXd#aaOX9
zU%$*^CtCrZ9jI|DHEj#+{rzpO@aJ-4T9WV-jjPqCTfsKB*Mry|qd0_}S;!rJgZNkB
z)Ba1sV}pZ}^T^HNuAt-!>}Vx!E<*1fh*aEsd}DlaYIXtD{UaYlo=-RVokRn2;j8_P
z$wl2MZ9PLuB?a3@wf;CC<I8hRUeP&Ahl8_29-Lpq-ByvGNJny=76Lknj;D1^Oz>d;
z^aH86bv9;dHBAf4>CTAC`YDgRUxx}iCB}^SwdT;FhyAua?q_EBwPu7FK;f&JhCON0
zrnBFj;{7R@r5-uYJ<?sXw6sK6Ove<m#W2h5kJk?Ah84_G7k7}+@@Z+>4ObRIbu+AE
z`lU{KRB|sfh&X(^{6tm2<AW3NW}_fh)px;FKA$;wK69uwQpN7NmId^NZm5r{W0ol~
zq+<N)bz>tDH_d=!9$wzY4+Qe`d-vDX5zK`8Ijn(I_@;V+Zi$Ynnqz^^Xi7`TUXEM)
zH++^V^hUk#6~DpCjke3;ngPnP%7wWSEA1KswAJp3OD9_niVYcb-{$h7xHuhiIwIS&
z-cgLc4K2A?RQw9%%~6Jsqh31BW!Ckb^Y|o_4%H=$vJ(a9$iQw3N8w+<b~@RMzj4)9
z^FJf2btF+^E#R4Z_GrJZqOS2c8+tMVvxte%*cBPNlj1`&cBSY-9@?G1l17(OowcB7
zbcts88<jiDkS9DV>y-G#;0q6yp~WiBiuL74=`mrX<G4q+MI-my&5BKYG8-g|Kv_{{
z!LIR`$GI*a9d;ZUQ#WTq`+NY`rs}0!TgG0n%k~cr4vctTLM0y^HG4}e^$L{te{u}b
zC8pUq=nji!qHnENudq{qNo^5E{Q`&)RPxJcaCRH(RPAMbyeZspz;BUrDG0VTV6u!k
z+EoGq6{EST&en!V{s8hVM@`3!hu=unnvr7|@Q6ccjoWf^S@Pi;VMupK{x3pnaAS?v
z;63uKn1b(V(`2%tE2qj%m1QGg(FybwdCkvE5pPEI%og=VV`vjEOAb)tm+!O*l`sEd
zD6Za`_4m(ZsE|;#^YU+6Iz5z6>CuduV-i(CF-yMwozI@8Wmr*v%%xzu*?5rZIp=NI
zo>;#8h+j^JdwMa{d!4r$8FoXr?09KP)Fs+1;J89LuHbrWh^a3|`1sXqe+w@Ih$5D2
zuOk*`02j8lJ|txmgpiy!Tx(s;^H0k5idZ-qiMg)F7?|FNzC3t}jObzz$nNgnRKw_Z
z4W;eu5b?d2Rb{8dL%_kNpHS-KX6!yaR@4=<Z?NAJqVdM}r+QJ{6DVd!P);o?4}QFl
zGVe=-=l>D5Z_;=}Eg!Ji@<Ol`5?3rmRxQ?*p^~c{7oE!Ai_)ZkLNMBuC%7iEx2b)a
zry2o@i^&2R?7q(O_o5?~yckes{gXawWAjA(98A!RvN8clMRcdOYOIfyahb)(Ck`c>
zzNF(Ol6>}Y8pBz+A~>ByB5WW+cJFC%uAZEr^io!&)KtA^2`%UTUdc6y?nGhxy>Cp<
z+anQ{vvp7(pRv24g?AIeoiU4g$ZW`$F8EWSYp-Qp8Av$P(jWr@g&7@zS8ndjE=9-1
z)n7LC!^Z5_8PndXv?^;dGk;VcI_%m74(dR(GBgkIZ8L*QyH%X~hZ+lly0CAQgZ_2R
zA*Y?d0}5SH%@VZ_OB^|JI@SZIndd!IDlG7!Aq^$BwovNObj_OakfIAc@egH#MsK}v
zbuZB=L;EY5+SX+eIe$e5r#F(0m~aPu9lg7s+dQYae%Ed|M;XDLVn11CiT+#{j^tG8
z*HYAZNNpo&nj}Khz>$qqKg;d>S&LjH6@~Nd+;6&Rh1>DhGf0eZYnkV7-5P`Kjbw{?
z?5dL+hKY@TH&8|y23-;fGLV-WxC?T7ovZ@=(amChPJPxqO>S3vr^*zH(ngfUcb_a3
zgr>cqod1aSh*|WzAuWClg1V<h?hs3!^kdnF)OmtF)7yHOquFa2_CMwqD|KCGMy)Rr
z6}`oa)iJ;h7ejP(Np<^1?`=NiU8|y#QBFSQqrcM@UXkG^WhPm0q!o@}ovtuUL-fsu
zY597nBPae8B%;GN#~)BV?)|-Wmorge(EVPJ;fo9hq)STQ<P!Qmn#;B-WrwFBT<9CV
za8LUp^tG`RSG_SKB#X4^^@<|3vi|Eh1+<BET>JpvXexo<zsz1y9$vhg1DYEEE(^lM
zqg;m{v7QZnmCa5^zxTLjcP!XdnZ3PsU}U$KMm~sJid2Z;d_(qOOwv++%tgWK?5OG(
zG}wH3wovtXvhyZ86Kum%Rq`l%HX_K*klKD8%B`E&*QVF(KN|@fL4j&1kg(=4-{d#D
zb-dEeAL&Bzg}xi^eOEy;w+FYs($I@lm5ibn%6$PF=?zrGHNQdJ!~M{#n1;;Py=r^S
zaKm}NsS#9L)W}a<xK1He1aQa!Q+q~uUz(`JhbL!lob=3MkjO*f`|eb&n{{>CeEv1z
z&%#}UEb^&z4`l9YEGL&S6gR8%BSpAw`rOfMcjGOV&)l5d+F>siiYb$RitK;$owK|z
z|0mYV`eVWRJ`AnUb_CtLaLIgjf)Q@ByB0TvTTJns)A?|m%f$bRlbFs_EBkV!)bR&H
zE)}R#e^#t$itYttdkU<}2~N%0r!I<wsUzBrn1rjBD5Wt*B^Vl8-5##_!QM&E5I8J_
zs{$&|jGtn3br-gCDl9j==zp?Gl%65?@=o+M-yBuRLD|2DzND5*xB--SQr6DvWnsG}
zX4D+Mo=kzeo*-x)K`7PcASOPBjjAXY%4<VO2%oNEY1#&N3$WL4=ZD-7OolNzas#O7
zhXf>_%*zQ|WIYoO_c1y)_W0)DHI=q)2A9}~*EYuLv?*xsU!UlTxuRRcUT;x%9tZEx
zJP`gwRo(S$k36IMC&^vBa(JEN@PLhcO8fjJEn^+qE{(E8Eq|kwup+~1lDdQ@8%<Z>
z&Xv*9iJQLyBC>DWS*%$3qCQ#0qJ~pueJUmDu@;u2a@VE`+<Qb7)<&L$a6~kB0vkTu
z%B(A|rQ&<k>7#Ydn7{nh{rcml%RbRgWN2PK$|)^IG>v0Yu(ml`A{fiex{}rkZ?<V`
zYh$e(X1Y-Q;d_q3W6?{{_ZF~a_mV%-l!j@pB=V5I=XXvNvzcw36X%{qCWFI5xU?hU
z^;gM)^*`USdfM9Xr>6w7^v2L-=`WWrk_cpxJ;pZs`_0;w%SYT+7jf88M~C5-G8H{=
zyfO<Vh|RQw#<1XZeQ0L4B5Wgh1>r=4l=BFma2$iYCBzmuWl>m-7AvzBTfHWJG5f;f
zg6FJ)V|Kd=W|Y&2#9f?&80N2W4cj^7(G{Je;Snc$j`}HFrx$s{&9h^qZ7`=eWdyd}
zIv)Mpcuo25D6#Z<)+SqBIZ`#zNzcb=xY4jWiDoI9)d-yAu?lm)j&@<mZnAgEOvCkZ
zU%Yobn2w__t&VKeiCyv@?4j6Y>)|}XWJT6Bzw>u5ANw}*3USxO*D*VI`wHPsg64h;
zS-<H|c{`Rih^0sp50(pmUf3o@pn#9_k38SoB%jrdyXK&+G;ZSC+baq!{D6yrrjGo)
za+BwsUim6_TP-%$aK`N!L?wYvw9i&xBtk@@(=zL^$|Ok6H7hE8!j7{EGVuIpT<*=j
zCuK6U)_ZyC_@Bl)wEPCy%AV2El$)Y5QIf(<+Io47SL*9V8~837Q<$i2&}nV^9^k{<
zJlV;GiboyOhj<1ycpY=176TifjOyu$jj=*O1LdwPiT&=9iH(nga#d((ntO6taB=3+
zM44q+s+8lx8f<Ow*J~dys5$6vcNt$l#zM#lJo`=`)NXRGe1AESI*1){!e!hO(eIS5
zyXm8d|I<nt6>i?T+!Ki0;Im{fuW>DujceXjcIXi04HwnmKi7E-q$<jOVaY2KN!0NN
zUt*r8OXp>b&P>bl3+5Cn5Y9bIF~gr8*(uh4XB6oJEjN1NqpV5&nQO*$nh;X;8o6s-
z8GV&~qESycIT+*0$fIUV&&$I0sM}x1_vHscp)km5^pUEcYc0}~AzTiJYv&pZ_a!g*
zHR5@7U3&3L(R_8~&spAk-)tMXaiyhg)%ZI@oo}(vQnYf%tk9>I336r=@QkE#Ujbdp
zk-MB_MXk_jt!ds*8Jafb6%`{pFE4hzy3dpDXdq(r_;y#YKo*UydUfwP&f|vH1);BT
zMhB`f_uhM|7iegQRR%%6iHs(0!j`qtj(w?~YmUDwzFc2A;YnaMhndWdW{_wIPD<v^
zS(Sx7&)4@J&5x#Ig{zKlhHl&&QR?AP8t2q}cmbw-s`vPmv3_pJYkHf5(er%hA7O3h
z6yL|;f05F*M=JVd^G$n6mJyLUl%!9|@;)~EaSExd@03fNIz#g*ptPw1D^aI$CTMR$
zi9>9t{;etaA5cJIky(+*vD>%&xqp(+_G<ciEC^oN>W2Kmj>~hWtfl&Tv<8#g2{^a6
z-I;VYt-E3w(SzTIPwF8a5}0cr9Lsuvgz#{dPd41fKlJEvU(`-64aJLg&T?hKC+UnZ
zWIlVATV=BFO|h<TGV8o8mfr<X^5a=V^IpqXc_#0PIl4V&q|t-so4-RH0zxPl>((}z
zrmj9Zsx@z?rM4AxiT?6npkLS2&r*^=J6o6EU;i=cm4<6+%gruhBR-tWGTNQ=#W1JR
z7qfy1ml8GY!>B|F>xg23px;t|-ZC8$QCiRj@BD7=u@scp+t_@*eT_f*tVE#y;3Pmz
zP3?0IMEg{f;{w9q7_`7DZC!~#!|0cC-F8+po6n9%mZ@-Q>P9PpHQnXlX@RwAis;<{
zrX@9V;$I2DPN~z?&ivfm!zPya{!;D!LWcX?Dlb1AuEd$5Imn&eN8~Eh<U*Sk*;A_d
z83sii{wz!ls-@(;9?@>V=wWP6vq-fXk8qq{GTEq?=*NR6?f3~F0}XUA>(5?|Ed~5|
zk<Ku2m)>;Jq;-DylMKLHl{Uqm3yT7Ft&%MZszvl`dJpslf)IvxVb$2<a3g<JO&9rT
z-cd^(K~8w7mp9}N8#tVwR@sU$!?8O&HmDJPoE|`wBqHBK2$A}P4@OWX$y$5f7`Fx{
z4;B2c$xG<8RVd4jC#pDJnabh%VQPH7@Fv7PjKW&LrCpFH0N<16oVUpH<6N<vL7$_b
z47xrKQae6to}DT`3EDi`=uxe!IPCVkY){0&e%ta^p54=Nb?K80K}^}DTV}nEvn(lA
zLydiYx`~R4DMpe;NV@M%ZJaYQ>lG%Mca3x@qc+&K{?Pt>o-1~*&GgOU)~{y}=$s9J
zvh~h+ox+1IX&@`%my`qkycJ<qe2{(d?H;iCGtdLc3}0@^!LQjS>G^GiJ5Tf!d&5$g
zSY%Zayb8Yk=_@uyAP{@T2b*TCCL;sKpcdIb-G%uOa0hJEwDWH?<*m)~eByZYcfy<o
zvG^^}i#x7gXQFp6_h9i(dBXl$K1hB2MT$V1iL}-WocO_s0PR=bucyf%rTWp#0ra@w
z%WX=LVE%&J+fU0ov_jr*wG&=&yi#DMyJ(eSGfZF?ylrzgU}WS)sQG^QgCx!Y55Ad6
zQG6E9Q@wNv5wqgJ#ObkpJJ8($WfMGgY!`2OM0qt$C0o<tI>(a*4i>X?X6&!BGB|oM
zlx5Zh2W5Wqr%95?fUX{Q+Ba^(VCyEB5*jM??V}a&hdFo1--L+TRNhuF<tn$nA7w?>
zH<!5RVr64Xozbs+qQ>87C*sFsQ&aC;pm`6p2sJ2;FbYDCDsvy_5wErD9Dmz>D~Y@`
z)sf*sxKPl_loKQ=#2&UvIexgCHAUS{bf2MmLZ2wI%J*PX`@@d3_l^ZT|3^}27W+$I
zCl#G!nHtFVW9&M{%wQ382b%OQG*kJtsy3?VFCPahn|uhr^KRl>R~YSj9&2S-qJ8wr
zn_Vhl6!Z5y;!(T4_bwM(F5tQ@yT1=q2=aY-C-Gih_VM0vGG+PwA@NEzQm$y&H}<_3
zmd;04jQjASr2LOKeYAkIm1BcQv3vsRCPwD25dPpE+!OR6Zsyr7Qc?=3y%e0(zbdE0
zuB#C$2>QO^t<<I|Kd}k!0xxHKph+V~*F6eVERurvRT2c`4jvjSKdB|{55+F?$KiWW
zR0ub$#k9Rm$<jp?s>^%UzeqE8r{osfi*V6PubOK{d}*Op`gTc$*Zt;9;m6Y;jV7&Z
zdos^3L-RO%eKdzsvMxS9`<d2CQnQ2ix4vsicQ#X_R0JpKu(>+(F*&oHmHEx_b(&z}
zrV9IjBV4~B^Tl&xVv)7ZH46wxr+CzUBL3D8<h(;c{gh5~zX7us8g<OyblFrBHR7FR
zo2^*|#9h-GtC#0ZW>1^#sPXuPc8P3LSOd#7rbE1QiGxX%q^;?tw?1b+vaK0H<P<l2
z;U?Z`+H6adgEDy{_7ydZ9d5Nf{Pg`B(NGVY4NUONv8E5Ea-2uM?B|irs=OFks~YPx
z|4X|=N3vhsYNGazQ_u0pFD#P2bJ7+a3*YbAoF91x`b=uEQ^tOypw@2~AX91#JI>7~
z;a%h3Tfm?A<Fw5Ej`uvm%!2aun(?bikeql;EBrg*C=nb?pf!MIDRKJ2diw^$L6=E-
z8x*s*i35!5lV7mtpvz?L?QA_Uq$g@6CU)BjZEc$$xm?oS>NRTQ_9;q4E>MI?=%DQX
zo(~T`mE|S_(L8ez!R|SSO4gp!0&I{g>V%9BID^P6XZe+n0UlKJq{mSL?hGS>I-3_L
zZQ@A3E)mj_E?_w%Ptcsb(@s2K$d}!emi@lC-gY==5~*VRygxcX{7ys+w=Nq{f+J9G
z^iT=AE?k*VD<d7}+%tZE=|EDsW%&h8JxS8HDm5Nw71+0#nuNJNDa|Iz^JsuN#`}a*
zl+iz+K5%(ypWIN?fQ7U&g8Afb&>tlsgom*_=+a<~vpxi#+5f}`j)kTxWS;N2?OoRs
zXzmfs-f{VGeKR1y2Hn}^v0wsD5lu3fHCehCSAE&G>kj;Y?;LHZe7@^woYpBZ8I6}D
zXRru0a!YV=U*Pm_c7qs;pBJ_~3;CT+roYgm1(oB?GGAv|jnWj@FF?Mitko%l6h}$W
zh2;iUO(x1YR?V2xc`oAVMLShhHiY3KAu8@q1TC=oXW}D%+O<XF@-|mMazk6%e+i)#
zQ*JYO4@wzFcS2TB@LlBQE7}O-JLuxjt!7P5*Kx{WTejUP_i}9uzlYr~jz)NmKb9C)
zt1$M=Yine6|1iFuU)n%y#c`tkSW9T!S+21y|KR_&>(gX`@Gq(H<({)&G?mo}-o7z?
zsB&6s9pdls$6);O)3E#G;#Gcj!ETjQsU`o5f<b?$D4(v1TOvwZT1uT%^u^wVccug_
z%Cr2!t4dCmui>orkXD#yJI8Jk79B4M20NT;w^_e#X!nwRhdPh#X2oI^IlXL!FCM&}
z;Vx-#=ub4$65o%=m>0cXWe~foxJS32-4Z}^!$q$L{(3*0cMuCK(x1@hpY|h-T=3Ir
zH*}J_n$*3KRj&Bd+hs0R;=zIk9Xi&(x<fzw3dq~qrW7v7(_Og`m0{SG<lK<ap(7VY
z%R6*nVgHAY5BD}KcbN0RLYaPg{pL{TH^V9iFnXtXoOi>-$2MM?Q@ZQOtzWXB@k+^x
zm7Hopm$hcG6Jr6@Mt=3ji9=;%n70Y5Le2x^4}<re7VFWqE>J;91j*bvjdzMVs_3zS
zE^jdvyFK<7344)(Sh=KtOP=Hc7cPAK(^~f|H6X+`WJOcHw%q6?pU%9R_vqf0OCpFD
z<oh>t;?%sJjB~0*;m>~(hLaPUyGllXfW+IY!LO~yCwO)hvWM_$$wP8!z_{5xh4(J#
zDi3_5>YZ-7WmL!nZyuo!XRnwo>aXz`wmNi5pW2^)SV*{-*z<^3bmX6ijOkXJ|5IJ~
z?Xb8%JL>$pRq=FoU!+=ys+T1y0zqM<uATuY8Sl7!;9;rV$+xF$3AyHbp7$k<o{*;p
zce*2*bhPM>AElgJea)Fc7W4!8*Xs}XF#Lt<qn+P!)DH$$Zhk2IIV;KDYo&3|j-D~I
z$r|^wZ2M>}4S+H3EJ{k#)!m+<2HlaQzIYzzMSnwQ*NtORi|+(l)4-B^q4fq=p-#>d
z+(x6RZW_MsSZl$}k>kGpq2}&BCnG>o<b0+Ek~dKjt<7&yd*1__mA1{}RL&p*oH^kn
zodN25zYd{YR6m^0BUA0A(bie^+J!J`H%AIz*F3{EBT;+Nue3^We2$)2ZP3jnCE#@G
z4=?nZ<$Dqt?0z|>eK4&4-XA-(h!~$C$H_f%M}9Vt@An24Loc$?mL(sNr!-x1doC7P
z&2I`UM3ND`WhtQA#cXreKTa{vmAYNra`gx2&&t`kM&BNyC?ZTjyom0ThwLv72R=!!
zwPkn2yh1d1{6Lqoxuk29CwgzzTJ!2Y5x)8DbB|ra-9cwlDG*2ZziJ(FfV?{rJ&z+Q
z)bPhtehGCj9`TMt+_b(}pv0XITCHWu!pXt|z@W{PtvJ$1M_8+R4@_|owX^msdn+PM
znu6X!VUjS<6{R>sn2rlAcUdGlsL1ZK65iD@%Lp=h5PgX}VWgx16P#rp^F%i7)O~vV
zIsb$B!Cqy`LMIt}{!e+Z<D|}SUs9hn<8uv1(EyLJ=f2L?ht!j-RY`%2I=v6(wOg)h
z44;`f{GsNmQ6g1L_LFeSvA-98$<Ok|<gT=6ff1wx<{v;Y?mZi?hWlx(_5?nLEx3$k
zG8qV3d4(mP4U#(j(;8T=tJROV79KcyzJe}~&QRML09W$uHF%fMM#!gjv{=$<s<C>i
zcJe@;rxV`fWbPjCu>s#F6s)g&`av{U_%tB3&?LJ|&s1@3q=j^)+Di+ACzGcg2i;tH
z$Xp)}ZGrqG4=;gPCnUjU*M6Q;X)VG`yQq7fpxIVeOl=LIQn4!O0WC@BR!9ks-R2yY
z9J52f4VB{O;#EirlTb2@#l0X;LHncg%-YAw5GQC*q8RbAvdm0FS@}NTzL(aMBQSg8
zYW>vmc7*DFm5dw2b`y?MB_t;pky86{zJkVBkLjx}rN<4zc?Ghq8?O&EvwhUG+K!$5
zp2U5Gt>*iD-~#omR@!-I-H!zcM%_71Y_g)(D~d1<<9;giUC;y8JPw%2c^3D+{vNu`
zq)BIPhS^3M;+#GoI?`6U&W$xa4II}3nYtK2Z()-vJ$n~5O&KAh$bR;<rReiQF#v1x
zG<39UNK00iL+}~fF{ayhtFb+N8Y(*e(vSs{AZXQ-Dp{bKHrITDadvK8p(%eLgbY=|
z`*<vz9>LFS|G0&WFqeUg=1j|*!srqHm=rw#5QS-DKW%WBzep8QsNVTM(~;O&%$nzF
z^WN7R>KgRl*R%6=IqjTwR&!4-#F?S=_+x^zQjeAfG7#0@lA)Qo53Td^Go2b1eNHwB
zgBsel|2WgvCcO_p)!R-COD+*q7oyC1vYh_7N-V{G9=IUK1sY|2jbBWs&|>8sMNBk6
zyD0m~+RovlrduwBe!R)X@l>O$(MK{5aqT=Ar<o2bwwTwjN-z13`aO`!uly{_Esz!0
zdSTfb^Tba(iL^rOEblM3AC^=5_3SEh@im1QL1gV(p_A~?w-;y`V;ve(Z?zBhn?izx
z@^HS=w8QA=9D(#+Fy%GUfMgjjbfqeq6~u5xq_Xe^k$o(JFEMS=2SyB)k{b&?pLn0c
zM2CIjQ1TQtI4M$u2*N)@Drg1xd>S(^VDbPpkA{wpl`r-dqBL_K?W$itVnXj{JM1jS
zsTPT#U$u>E0ta{BjXmj{Fo4b==2|VY?2e8W$lA(JYjNa@*El&|FM-zJD<<oC=~dA@
zin%p46Tz_JSK53reU^Hz(J+ZPsL1HY9oykc(H#JMK`s90xnDr-A3s^){PVTw`wyI4
zc}yC-o?sH!5eoMD!gY|~h_YB^<EXB9*zMxOv4cVkRk69SfEK~s@B5P863soHfl2Z)
z_=VYL`NUl}B651TBh;*27+X`gL4M@+hAQ)(y-a~iiUH{C!kq#7cf4(><$z-}rub>4
zZ43Jg$p|!;&Wc{Io-e$~T#ukmIVkMpd9^ZU>Efm_o`keIuHFxz%~Y+`3s7ORgqWrl
zYH!f2tJ~t#pFJ1DJ#Ni&VZWKE^Q?BTte-nYhEa^`yNhc6NKs{XFA3Z4I~3iz@v4%x
z<~1cFBs)}Nsqan2NfEVL9zvUjF|U>P9rb`CSG65+5XW`x4`{_Wgoc_BM!QebXoEL^
zY<?}s;D;$Zn91K^@k#fmlc?;z^eN3*168t$bR2UeB&k{VGHdZO*A>Ot7s17kg~vj+
z%WX#OLRUA@wq@MG)#}V#HMoGPb%W}smNEy1^$@BXd{FdK_AagTqHv5=is(Bwam&d5
zsp{hal=~if>1L!V<XCT8-A`(}^Gk+X1VxIUR@wnABfc}~BrWmH28xs1a3e>YgL(4d
zTG`AJiK^cDnhuLFO}05grs?-nMN`O_5<DQDeJT6LE^;tyW`-_<l!x2U$1`$MByS9(
zU41fb2eO}-2!5{P75>bKkIxoBC19eXlS5i<4o%Xjfq9h}hYl2szsI~140eC%y4`Na
zSlO~(66rzmGYWRt3aZE+r}_`4PE$<HgqR#4mh;A3owvxien0X(iGI-Y<ILWj9e(3k
z#41*F3vW7`n;5+Z$PTKfg!AzOQKXj)KKzC;Rhpd5_=c51_5SIWANmB$>s$82@tYK2
z8j8J`Pta7g8~$20ckjlkBC`Jo%pNyn;Mb(okV}5PGh%|-On!S`fWssEVPceH?IYAN
z(H{AcjVFB)o9ZU_A90zbr?rLA)Cxfpev{K_Xj321swc??U#;3el{=?NomEDS-u3-y
z(yxDaDDjhPlG>GI@Hf1y-#8ZNSMQv<Ewu7D$;#PQ5O<ZE65&zs%x^G9n$y_EPHbI}
zR4bR%XoL2aBwBb$-DDdY9f7T4_`u`_I;;e8`^azIas1Wnx*>Qy8xHuxn6PD2jG-vE
zTcSfrs{IAR!-A%wM#vW?ZOqf-5tg!M!CUm9$Oyz!s&<m^0m&EDNcYoPTbPb{pXO?Q
zU<!&!?<*c5TD}+_g2_{rI(jPVVr&ZeS^St<M*+2=bDK5u;kWvJBOX4N`GL_z=Eaaw
z(Lo`vVNdP!a0pRRY#m#SXwb=)FQjWqWf5`$>I`0nz9hAamYkot$+U#Z8TL@pKff^{
znTc6H<@igO|GLWkVW~j3zCFWT#nEBn+v6;Kc>4Jy{JH$;b)^;|em>e7`Ftj!%ch@C
zMX^FA+SK`jSjm*L*@PdWW%OdPk7H)Vb({1+40VlPe(4OR8(vt>&E6H6Nt|3ZLif#S
zwN4pwG{~!@8>*pM1H-beDB=|B(J651P0TOdQj~bzPX|pH{&aMm6v?N+olYPfr7p6$
zQi6>221jJTNy8t4<@U0{F!rM7dbvuCc{@cI>KiKWco%`#fA@;Rm2rh%E7VG0&lq;z
zakYeY<TJ$>mAjqgGnhxrLrc|!)6?C4UgyqZ$N%GaD*ti3-kJKH@2HqdDx)VyJ1xte
zkrEDdgp^iQ8r>wL^fRVe*^e(`ulcqnII97@t*b8M@y&crW}wHauK;AYGhMCpvm6ET
z;)45l?7JMwHeQ)xc8(Tv@7ah?EV=p*m&=(&?iA=0?L=OQ$`A{kM1~xaJu72hh<$$~
zMPJ}M&HGiU%sKlPiSugv<6pL=l3ZX#kHpBKl4Z0>#qkc>!q200yl8{S6rz&L=6h#!
z{TKG)PE^NF#9u9bte=;fVOjkkCw<fJ05A-DIJ<e{O%1q|xq6sI(w%{NVP>j+NK+I#
zp^DVSHp*BfA-;OMm&!htI6FSv7j<K3ZJ3vRNPof9mA+a;Keo(kFcY+#SNxC88{DaD
zlLXo3eDf{tFYx|-%(Qi1vbg<NVK{^6F}vLH*>y7!ueh3M0pjpTCE-^Zx!?NlOcxY3
zd_?Q#SfyF~)SHSPrXWq4X9syS{<OU`2Ghn=eD?u$0NB|)?THGkY0JGat(7(zi62|6
zpMyj%4J(OW0h$l}hH|a0=?#D80BAmUJ~{SKy7L@ua3PSG25G(KDSb}VlF+LwFq_+~
z)a{$#rUJ_M<0rEZ74CxZKmQ!O157-hMbcL~uInV7FYadzqn%cY-n?{iAyd$Ku7Qq~
zbyNGD>?KMmLhhr=K`@%N#U0Z~?vIgs1Mu#!IgfFjJ7%hq{+iQtmGapwu+wm{PNqFW
zDu6jFKp>7mFJ9>0kf|(x9<kd;Y&g|zh`SBI+oiqPQ6PK6RvT>-AW53b^Zg5pJX?D#
zW*K#lr6RSS!{{YQy(A6FoZIFEx%X3x4|d_Is;4_eviWEH*Pkl-(L1O6UpiurR_54b
z3RoCY1eOo;Wp_oIj=C~Ur9@Ut9byxtu;B7A@P<rAdLqn^u&CIZ;Pt^3$R<eEaKjtx
z!RsaK{^R_PMSPuv3q&r1rL3LV0Fbq+Q=@6FoFt-L{g_{aY;_MceAX7{=QsWK@&|w&
zV;725&u)L>AM0Nbc}KGXM1E>Dg!OfFbU>9C@VV#_4uChU$1TE@a-7Ag93}-o2yY9c
zEeYEO08>Q&hw!Gf;J2$;a#)UJfe<tdiyo~Lk^+m=*u*>;nB#_;m0Qdl2DGj(s1vDa
zKS-Wr#^>4GkUnYrZp(XVW<zd})!jDie^=iLB#F*AXJ4w0xEqz#8*9?HFmY?h4?tt&
zfR7`L+|6#4vg0FQqcKaL6y|7UIEKjiRY@)bIYsrxVlNk`cJ55hwy#_sTi#=Z{C(@T
zC9r?=h#RFR(Pe)nAuyk$Nz=tUOmeTL2c>sg4`v4Wo$Qsapr;Ax#vn<(=r41Q4??fo
zus_uSmd%Q35+hy9>)i3VH%Y`YNZEsPFf+N#xZa~TRnqWi@PQ!}Ep1#(45~k^nt|`e
z=;-KX9BUx`b6Fii=;{E_hjrsIsu_so>gVHTPKOSG1z1F##A2jCQ_%g7o9=_(M?=fT
z?MxexeVGlxLYta@INxiYG|=#;brA>tVMVXsL?%C1S;Nb*?kXu+Q|$v0em|v5tG`^h
zj+=0Q)dDM(=I4NTn}a+^*Q~01enpONJyEpjex2CVr_6@Uxt_{IOK-+|UnnHWLbKL$
zsMkF0vx*D~fPkxKL_}8_m9a+AUk=(=3x+$g|6+%MG{i3#W2gazFs}4U?3X{hw0WzX
z5HVrhvSm`I@E=))WC6F{x!v9+h>6HT*YoM?>X8L+o=!i{cK)~(w+EP8_hv(T%)>mp
zUhzY#`nd~EY!?jdx^|)$z6+!+>*$a0-as)bd8xWa%8)GipHSb~{nz*BKrF*NQ$HfO
z_UM?UEc!~*BE(%zl1^a9t9Yb!=6{|+J8rKC+QrrG{^{v)n=-?2=>>btH|3xdmM=33
zl{%9FOGfinK#ZA(pB*2rBJV(NAfFVxn)jw;e_~=iS^R)T`_<<kL0~HP4>|J=3uq{;
zOG4*c7<0`b<u85rh7Tn9PHQLSC7PSI#>Nj&!&LZ9;HX+ElQ}JUk~Akr-Fg*)6Q#bH
zQO!OyNuo5Bzh0Aw8TM{Pw>4d26lJO6zH1!zs(DaXywbECN%`7j&fG<PvhS(FISZ<P
z(H(_y9lDxStJAL7Jmz>xFSd@1l;6S)A{&o|f|`B*iht;c^Fh=L#rBV_gr+Jlgl2Y!
z5Lfigl%kP41e)5iKRV95Fd$h={@kl>qIl+A%}?bO-(+5$@?3YLW~RY3q7Kwy13^;x
zZO^}MH#!SMLYDI*<iZdA3{P0M57={<oAO_(+MUUb<ZIFxdNyNT_J@ZSJ&pC^i<ein
zmG;#Zgxu^k?4JK4VL7UKLgKGFe0`c4NH$+NBa`(eH(1Vz$hiHBBm@RR#sn)%a6y1A
zn&5A?PF{jh;pLyb4~S-naVji%VSO{8fWCZ;yCV$8xdB^Id{zOqKVt9)ys_;e|EigI
z$K#JhPBcI*`E}JZm|6PP$W+YWxy1ATT06iZoH{m_<BrVEZ)!U!@q>;Fm*~I`_x>J%
z1%7L;8fN%!{<WBCjy&b+cROMXh#Uu(5TryTB@Na1Gp2!hw<eg5?uhdGKt`jpE#a1{
zO2Q3;SXyP|ubFoWCJ<cR+H`#)po9H>s+yuJ#8PGdO#R1A$=B?^9I64utQh$PxZ1vy
zm8*ZX$d_b)_#*Sb#g5wmLj2Fq8QWL?{jFN$^AlZ!Mt4}^|1i~K|D^Pyp;0?M@|r)p
zoj0aDEfg%1b+uDr@cj{Ru^|9dt2gF|l~}iTyJcRfv@LP(O0KN3_6H<a$4C!o52KM5
zlOYG@jk34dRxu-A7^bFBcATBG(dDfbkXrn&NgLhC-B<~d$EPhyfCnHwM}F~t{>B4)
zj3so<ry7`O0g)=e)xATs{`}qu{co)Q*(ba`u8~oh4BMqN#V?J){9FtCOmI6@1txQ=
zl!Ljn)aU3gtI!F3c>DgXn*HbTlfP0P=w%{tOa2~d_sM~-Zj(PkFON4v5iE07jy3-;
z|L@FKu)kikBA+dj{-6K)=lNxxf$yg~_wRcF{(np}KN}H2{w~bhu@KRF?+X6{3e5g*
z{^5W0+5TC(bN?T2Gz$bFpItR2sd00<v%v1upaK=`p=>}$Yoh_~S|*BlH}nyH>0CHi
z{(nCHZ?xn#(Rb^g9#wD5>Tli0sR~Bg>xvo8Qx`Wb{z))}F(^@<qX!rK{C6*HzH08f
z9*KgB9MDpmp9yXqpUkJIDaLbKF7=DiQ0PKR_s*q1{MQ)(9*8*x<~D8^l1Wc{@(C3Q
zlET}?TcqQ2E;av8Pm^@G(rHS?w4viQKsYi|aDTyc_TiPHw~O6hq0Y;g|1Wcu?Tz<N
zU+E=#==Y{a5|R)$$`B<|W-;7zF(cH^p$l(+{VS4zU>QzW`pM|LNr^<|55}Ba2w)4c
zcfO;h0iJm%>mQbVC--jEd4scCrvCY%%TQ36oC!_L&C!w<7T%{Dj)xD<H(d=`umA5O
z!R3JXe@A0&t+@DwRnY~Gw@SDE71}_y@ali*^y*vW>7)M}!yD_DymHljotY{{_iNjm
z4wByJ)we7jYk4(yhO{gyvd5axJ8*5>Mj2G>o*u;<IkMEYU21swcI@i^?#lj-xoAU`
zMEbmPXz>j5Wg*Vf>L>~lB3AfKr4s+HkjkPIMV(ZbW%h1Om!1o6_s+eC%tim9+kbot
z*z6sQMh(S%AEq_InNDZqfj_KU`cVsF5}%jH5yp><=EOR8v@j_;&ewe7&+{`0jqdn5
z5?+S?d0U4W>vn&!*9VmHo1y+q^e4A#*S{>~Y0~^_4@Z^sO;qlCezi7|GcM=e1p?6k
zkV(9}3z>^Ie2`z^?r*!@F>^+TZ<MQyFzDfA(9?3?S~0#v8v|5LQqI(_z%3E7a{|tz
z<vZ6I?};;>gmVur!lOu!=MouGT1W=o{fl=DDwJP*5>tySh<$!ts26;*ykCA$_g*Vl
z-J1R2))*C@MxQ(&CeTj!Ww}S(bC$6daR5&I4b<wJQVwCa<CUlP{LGu#7sM^UR9&Ds
zfsx;-+t)8b>7?dPTsSgT?qK^DO&e5nqTLZD!mo1Op&P?{13z(Rp5YmEkXR%A*L>kQ
zAY;4lPfb9Q#f#&V)?bvwYmPaqEQmhL8no*@`z8MY9^ShPPUdH((=&*YhvS8QOwLA6
zXaEQFAA|gS9oTVW(_ROmZyw)lI<-mY!MUV)1hr!GT`=S!+$nlKoZ@Q9hN8kfS+8HT
zKhHKz(Y9KTmLunve&|_fILLG$`N)#Ts&s`n%)dxqe?Yj-Uq7j@kxX&SJpM7wTTKsF
zPR;~>05f_6cwBQHWY7GTG1cv7w8MRAn`*mJF8;lDZa>P@jg9^08xJDhV6~kkl8$~y
zb)M0%)~$MH*C`kwdoJ@*?=KP5MQ`%wVb%YkRcY_eiJZMc1;v>o8od4uqnO4^hdA!~
zIW-gd2j^?90@o#srXBpVD_U9+>$er&8P@i=b-n8jZJQ~bV=aANy7m4h#IlK2yk9F$
zwQI}Qo`H2P$J+HJ5xtDkg<Kw%_<|k4lI%+q?j}?Gxg-|`hUGD!tPKLqv>c|LDSH;@
z8hl+fDOs*+T9ZEx;w<l1ljw?e-&Kx$wDYIJc6j7R!*knVq=V2qvV~|==vgNkeFIF8
zu<sH>#ulPMF}V)NcZVzdb+u0WVB{XlV^XNN|H?@3A1g3mKU2oI^B=B$X2C{#zS!2-
z^WS4r)tp(ux)I9c1%KlVP+s80ZKav&$b;)JOm~M)Hxi~w9PbZ7-`s)7bQ6IW5tDxY
zem9C;)hA;c5Rs|dx1ue{w6(Q8Jun)2Vmge!o{U)Ms3Z&#^4T@x+U#=HaLqnA>|oAX
z8etgJI=u~_g2-rVE)L&K4qsgcnx25J*#N*^lvuRzt3#L3T-vFtfGycm=8vmuXFi$j
zig9iJ;&xYk)bG!a6TlVS1O=$C)%SDjRyZb@QBpOusj_Tm=`@o1Z@`gR&jvxU-IQ_5
zq$1aMaFeN2^+d{R^DYLB4-i>y!5S}4G5kFUzTPx$kZw4qA3b4I-WQbgilH=)!!7kg
zc>`BF$CHq$qgUW47^;2Q==e*_WQw2t>#{OL0*3#DGmj?EbDKP8z!8VgJgZ%Md>L%h
zJ0L%&ZNyd)k46e~bCaAE_Z8DygkNt0z+KrOCmH3*sA{Tz9jwt(0V$e4e%892^WCal
zJYJ9GH{A@%`4QyK%=cDP#I@z(=wgHSZXLk$AP`8(aiN>N=xAa4C2XeeIB1AEfl;A(
z`=`P1ZnE%<Ug=2YX2)p}=aUvdKmoQp0I~h5De`7<k&s+HxtC_w?C$Fv2Yip<Hb(=F
zlD~(Jk|Gc?sKIueZt$S#KUOf(2$pB6=(jT+c-R0X4>8DcVfLTW2uNA$LfMq8ql$hc
zQyg?dwD>-R+fl>cUAruqsj?s`X2p1{cB^A)B2ZYOVJ!H9O}-IAW%7M<9|p7qhK0JR
zl)pefRL{EfXnR|Ie`~S(o+|Ut{K0yhsKsTKgi_C~RDcCX59b~Xve@#7(k*Me?$WZu
z(!^L2@VJASSr)8sy>hmGZ=scPg9#14!QK|*lxo6GCvm*h#GQXxvWbBUQkr5eS<q`3
zcKgQ3C;#~w>?{(72x<M-9t+%Izu|qaR6Qp{&9xsX5jR-b?vPSeG`g~U>=9Ai#cVq)
zCF(o`nGdL3k9OqkT=%cl2>)#~SL^wB^1O5Py=aO)jF+4{$c4c@9A(0tw&xA5f^E-9
zp2v2ZW}C+*DCcxwf4vBB(`HkN|Fg^tovLxos?MSb;&=n5_o2(4aX0F&YHLgE246)1
zKc0g3mzuW&lCr^KXkqC=EU#f#SM1#O@U-uK!~7#Q;U&=OPCad9cB;Wc7+;^LI&t&d
zX5i=p6WkDTpaZBCcrXv^9}=Qqd?e<x$KlJV@$u0tfitDeLw}HJGrM<tIqdYVhJZY0
z<$N~U4%iBQso*B)r0s4p&Bo-s{z@29>Pl+4Y1OKoW#`cG`G?LM#(Im+8(6#P6#<vu
z9beRmi9@pl_ff;XvvoDXeN?9MvxI_^3P8Sb1B1}TWJ5W9VUMFpM$Oz8>cNh2`XOIc
z_H@k5PM9kg023Rd*Z~Osbsk6hmX>fg^$S}Vgn>JaAHp3_6*aCXs-8Bb!FIB^Q;H|6
z+vQ-$?{+ehz0Tt#b^0~qLG_=@y$a<Dt%$U(tv)YF=x6B_Yf&R^hH*x>Qc8Kvk6qV%
zeAa;nZGPN-?D`yNdiVP+oR`ydo%8oic2YF?bZ!6HF5pJR_9c2ESi4iJ8CkB~%DW`I
z4Wg!zvO#SjKe^u`@#rtmlyZ!-Q%L!t=m`!HDr&!UgO<Od?lwW7F!$XaeouH{vpi2Z
zg(RG!BnGLm|2~S@%vJPV<Y3a^f}KkpR(#sIFF1CwiI!8N?ny6d?(X%aNC?+a@MOcc
zNNYhf1I;hWo>o#Xno!Wm<Ov^w4HiweGsE^Kt<%E!x#+=yiBnjyzDR;#+ojRjSv-uD
zDX;7XQUM)a(7H#j!DjHA8GjYwas4G&itoZ(>)+0^b)$2~$&YNm%6S1?ZeQELXA@uH
z1{fGmq-?*ZoNHdrt>&iOH_7&C>xx-{U;(K7&C$yB&~#<iJa-?gkJ_a^FwhD}5@k)5
zS-1N&9bpYv&5*6^rB~Bh`X(^H3YDTmOG_nQcAd|GlWOU#nGSl}YyJF;4;E|*_gT7S
z<^WGK)mMdBw`!h?X9F1X8Fh@F+hYpp-QIANgZ=|pjOwI-tO7i{`i7R{iCeJ)hv1k{
zacYd2n+CWBiZBwTXj;U=%3V2dmnE3e(_{!}R%lb6e?OXBmYGR8B8Q{SJa%RL6|*^M
zed!E*z_$xgV=epiQAU)^fosZlt7*ONvx?AW5l|o6lAJE+;L6cX+2;~OI6}{1hK!d0
zL0#94LwKcEI27FX5sjHF&jl<N<8A~q*SkJs8d=WG{1&K*cG<l=9y<znp%bb(@l>nO
zv;_Zo)%{V50XvW(#oP*z*~M!GAfCk>B%Hqx-FXH8GvOZpa|*E1^f{jty2@KrQy+;R
zMh==<c>%-(G&*KeloG2k$Mg4An+m40^ydL#VP2|w(K&5)fzaSMLxCX;S=U@lX~$gt
zn*b>Txe5bT`gbM>zzBAXwd`WMDH1rAH+}oF@8)JHjNtD)f3&;rlR|Qem>5x+1R=ry
zG)twQ;tktkKM}`HQT5CYz#W0jb7KQa0De%w4;F9!#lcU|K-C<`0IW3Xdv8)!lv{Wd
zyUIi{7+RfmVx0><%7#!#?sT-`H3Cgp1<gB5V*_gvx2u+~Y@|q7_o+G)KEnD&R+W?7
z=RgMHD40y%P3ZVil4#GSRSck|-qz!MRXcGh_g;4KMBpx?08zm~&?w|MQ&~8?J86iZ
zX)>p&DwVI)`XqV^NGp^y?gQ3a(@>7~2QJKZyMMLg`k2LPgqd**^-qxtBn9G@TqVs<
zJTOzEjVH!VM2RsfgJ8#5M8j3|8G&{HVdmG_rW-h3toxi*=z!YC45p=t6o%E&Tn`ut
zT<H?G)PbHcfSWI&b)rNqo{L4{i}MTzKmb_X3OT>pm$Hs-HX+K1zkYcJ#9Kh%(~XJ^
zm}`WYS6}8HZ#<aGS~@Jx_Gj?ApjDJrpx5TA{I}pNIxA1T;g|5o30Ojj^;o?sN<L_?
zecPob`@hNSfA((5xJ4yF?fMPi{5{diYz~(li$g(t_P7!rTYtI{ks{$4Jj>eLonGYy
z05deh`y}5w{H5i{X+>58g9_fB>|=&k4>L29oY6HN7=!6`Yt#^&{`dOubg|rBpyXf&
zZp5wf1}!MxC>7xa&oGrVDM^5`%uRix;ir+b=)jRC-H2l+J*YA-)ZZNiA`RwlOB+;?
z();yMl@xJmm3gmC{JjJFVhSl7ebT#Y6S07Fy?yey#XoF#^{0Li(8cv1`Vm<d(wtF*
zVg}^yW{adgY8$84Enfo^(IwI(hZVN<qk8?9!)1&rcj*>M$nW#<M7VWrgt|0kx3*~C
zp002=iW6*MD`95L#9y=VQ)*X8qA7mFt=pC4NPp!5?vO>VmPj`bJN>7-98H40y18+d
zSq~_l)#hk$SL@MU-CHMm23$BoCS3t!W0#|&L7~G2s?MSt<SqP;xi12H%X+3PT7n0x
znDgifVm6-{#F@i+XPk!XTQ<LjqkApIfX2ykByJOM-8hJ+8NM@5s^I~xr5D5~Tv!Ah
z(Ae=DcHF@Il<@aCIfIJm^S;{#V521e6>FfOcD8(+Y;Hl_U$4P>10S|`jqM7IchcSV
zuPqP!zgT<gsH(Rw4p2cvB~&D(L`9^#OH!meq~p@vjUpl4-Q6JFTm`91cY{cGcg?xz
zTkrj5%~~_FX1@Qt^$_ko-*fia=j{FY?9VQr*RVtFN>{nxjae?>g%lqZQHYMnp2F#1
z{=$tcAVS~!!3Ie<G;O5tZkH^HDAzB7hbYzNT5$xxYL959Oztrdud-iDcszT(@axAH
ziYD2Okqti8M?JM#FGFi~l}cD5dM*dE1^^eacsWXP9213X`@M@rQ=V?C^9`+Rie_!u
zB`CHK>*GEt3|1gOQMzs^dWJsCEuA9=9VDHu?COj3WL!X4Vkn$DC!4^VZ+Zlu+M>_E
za7UO8G&QVuYilnqoi74bhm2qJ!_D>{1rj{M2C5=_1)0oj5Pl>p{kV=oi8lysKY{<X
z$W>qIYMSE8_!jq@6#>D|OJ?yqYCNXzTM1~Zv_j>9-`t4_xJbZn-IXAjnV0k~vY+S4
z=g5Rk^72kiAZ0S*!0BDYhy9)U19q>E?6z#Z;>SCH<@Fg=IaP(I(;D}|*ax!-a#}m$
zD&YhLk?+DEzV>9vZg?%7G$2r~?)v7WIC;ok_YC_4Gw6!N!UH+r`vEU(9w0^v^Vd4}
zF>tQeN3vhuJ1=^gTk18?>~|s4zT4-Dnwnu-NEvS|P%ArYI`rUPbc{zH*Xr{%aI4Jq
z^qeR+I08k5F$G?gNreb<N>uP!Qp*QNJmRP5ca%V-6{e%F(q_i+6qg?uR`O9h-xqn`
z>obTx+Ufgc_g63ITHge|L@xBg^zBaKWaXOC2ii&{P5b_McR3VE09g;TLhjaw)vzu!
zw_IDQV1)Op(G73d+Mm!Q^yr9j*ODiqwT{Vfj8374(IH|R5(T-HID8z1`(Z$j2B&is
zUK_>FGamA9#3F9sjAl9N>~tsj(KulsEH(aGwyQ4jb%BNnk5b&VIrccJI1#E=$&+&&
zz5}Hs?|T?HpV_Y0g4}J<jsZnl=|GgMzfp+IikF3ihK{o@4a|z{H;IvO>#T-}?D@yT
zSbN~CxXxPjdRe1JT4=Tru`O!lbwL52kBa-ZDl?-Ckq;TWiZA9X<0?A^9UpK5+?Dty
zcL;2oY3D9#^WK0s^6UA!xd&{7su7f}=S$j@BoidY{az*(4=YcBuTL7$sS3Es;uQeh
zYVNkQxF1D>C45#zgz%aPClF}w%z;9MZL;S*tPiQ)V!ud4ThhdeHB}4~iM@-$MA`lb
zLnF6K{G~&xga-=#OLP-8sCVR(a$Ssg&h`7oC`ufR&Ikq-(OVkz2uWD4)r^eUNSE?k
z=Xwwl6u0IfRj93~w(JMLE?dE!x{lXszC^?9;|Qs0PPeyjA1MO+<J8{E;~FdTYyCR~
z@3OQKEU>Weiz}EgKosys^=lj^j+U&WzR||15}HfT+`Tk_cP99xh;XZRln>Y<7-t?I
z=;XY7`!95%`oNWsol?hs?@+rJc!!Y<;J#Q@GF~rzi@d-)Zcvqw0WurB>h!``E~|>R
z4TSf$Uwii09e07Y6S2tYRE+s-+=GM%{7ZJx5)2seC=@ebhHZhtyNB>@=Qpc8#+tjq
z_dG8%9?8$Au!vV+!{>C^-aJ0wL_Aa4xw5@>y+{VOv|5;`Qm&8G>r!@HjWY8&|B-@7
z%qg*@JRi^1p_~boiCT<4L-(hHn_pjA#F-2}#tj?<n9p1;2Tug7lZ;L)K7qI&Z>rE7
zfWP}1uMlKH@)=lIBAd3SY%G^kSpwU#wD{8KEFm^Wo^yQg5zf&58Y?B@hzawvT#gyz
zeIHbrsakeh4y76w<g({&j|!SHu^%sL+GXiRd74r9PRi4(3q?gyE38E-Y<P{<U-G7D
zRc^s&n7j=AVU1lh<;?^<f1et4TM2C#JC>hVrvH-5t7@;@2X>vuq>on<R{H?=uJKoT
zi>8U~^#W^RM=hY)k>Ykd0nW>T4B@zi(0<WfVg{SGK)|<I0@S{?EpRhx>%ow1Q}f(`
zo+M-J?TkEt4)w6k0OPd?!OwXBie#>7>+DcYpKAw*ju*y(+D5n(+j=Cqh9Q?CBlpft
zRHN40wPB7V2ChSIoM~&Lw$F&jpa`-^9q~RFw}<=M=0rI>`bar<pJYfx8#w?$#pF%u
z3?Xl$Iy)_;>iIIhMJ`n_HAWpiSRaCe)@dgNnaK;lECkVPi$|(LWTxz@prXuO-VU=j
zf<Yk1v1|G2`KZA(XZi9ww7$L@kg!o1h{UTboWrj0ylm2h&T$Q!jDN!!IVbkG470|f
zGe?-A`j+<_uH1m7Sy{v}=GWGE6n*YzZ#Gk>z|Ch@pr^o?pW=IQEb|o_%c;wY;k?s$
z(haWrjaQ&b<MTQeV3V%_Q;MR*;#({586jzjLmd-;QSfl0-XWweD4iUC{c^MiURJ)2
zMG;B!D8PQTKh4+qNcLAjNkh8-U=D?ZLQWw?i+}1g&&hN-jVFc-bcBRP>ET5<ou)YQ
z$7i{vk<WxsG;c+TEjz(U9(wdE65{10unH&~6#Wu$PxGg8<TxPwJ*9<(g-RvJ%pGIJ
zn%C*7aI)8nEm1?#2b`IJ_W8VEBedSdHig|LTf&xsN3*nfi+M^&Vsk4%Mxl}sVC0ge
zDa^wwfM$k1BKe-789PeaqSRq7(z<L6qewrpP;QKd7e6@#>NND`h?_S2F+}{9jEN~n
z&U@y|Tc`=`Z55A2+XCo1DBR@<|Mux&LL0)BVsO%!@jEOw;Q0`d(Y+qa3vq+68X`Ur
z`N2a7)GH04>N29q{Vc`7GW!?-B-8=BEuU(wo;hev!!~QG(ZvC%4#}g5fCyJp>$hHN
zg11W&sLu^d5+a1t(W-$`(p07S3`aSw-Es9CQ8h?_yc;1efXxG|94Z9_w`X-0UIj|I
z>5)!jWq>tiFNYN5HN%-W;`R1M44ZcQ<aA+_Dc@@vnMj&dy7II>4jO$Zl#tH>yjazP
zd{xHytEXzk7{{anS>=cdGIfqIw3<zju4qe5B)C5l1B$4h3g5Sgfd62BwShHk31;q^
zgMYbm=U4OJmAYF2+5q4Fs0<zc+dxJ%74j#kbSKpAR+kT84%E;7B-1|?0`L#stPRmH
z?k|+0M+nz6di-z3|Nj$A1YpVAG2D*m&Wl(74B*fI<Nf~%&xLB|m=0vi_4RSM&vA~t
zano!#i>!WpCmxg%{Q0_1fuZy{o8R|#l2hy&HdK*mUGf-Kq!NnpDmR)=3OtVZj@)*H
zt{AqCe&2nU{omZa9ZWKrquPBZu2f9&TK_Wa<_dP)A!j0SzO5fEbXDe%k7cm8EI0Ky
z=_vT#C)EF>&;h8;&3kaFzC%#A)YC|)Id{-FKXo0lGRm1i^(#{7$b6XgV&q~3>P*Yg
zwYe99SB<C_2(;pgZkyBHF?4f$^|FHke8|j+WaZp*l((yq-iuiXcO<ewn`htaA;^O?
zF@aeHH2CXTei#aroM^NlZaPU?_eueahzG!165G3r>La(WAH&qM6nRw=Q$5GLZFyql
zyESAxRwIBt2>Lkz{pj01K(KpDuQ-?0qE#D)rWzt^yaMbWev<QfQg>&+*ckp9pTy#q
ztzp+&OJ)wi+_-~xFF;${LeSMmd~DC9VJ3)VK~hEH?3>t#WF7cZ^8brJEygX~3TAyg
zO~3r<#3&!ls8B9il@3}loU@<AJiFZ%dd3bx)0g`IO?E3Ebcf9*YWn|*B=Ms8)KKso
z{{6qgvuhK}c7n$3H#ROfpiQ*%2D(XQ4S|y%sX@coY${u7m@t&w#m1dHTu3qw=h2;s
zJ7cu)Kdj)7?;@{vJ*|?=IJSS@$U09Z83#m9Z`;BfqSv_Jo@H2rpjAB-ea`vHq~5~O
z%%QpOVz#eP4*RGf-6VR8yk}=3E$HR4+U%L%Zy4jOd4{uuRq|F)#oBcJw+4<`@`6hD
zd>ov^#;bjTtvb+>=GSk#_Qoq=s<7bFnXp7kj{7e`lckZEPS74+XHBVu(mCB`Gn9qU
z89UNNC?sh{syh8=Kr!K4%2l|=>%d!fCEIPz(m@oQ_A#u-y_M=_lR&=pBaS1UUEif=
z(@bH<z=N}{^p)VgOqm3QmV6x(yNPc^1E%c^%bXO62M#>zps%_ZLQ!4bH=EbtoOwUY
z(9qyo#_@>7x1Cu*mTZ>XMSs2YhS6f-Ca#)1?V8kM<K_SsT%a)#w|kJb_r5`XFxx%H
zR10WM*DXu=7i%hBx~{<4bsl*(!N$=`c3=NARZn|BD)gnk%4m*{<gQDuma9fP=r}_a
z7FO#YYGV;ro(=E6o+tMDd0K|#5Kl?rD3#c+Nbc|$2VHpo8BD02+T1Fh1$7{)a-%tr
zvt9)a&KExU4GfF&&P8YqR3ehP+1R#S{$8y!h1rL6rIbiqJE~~7BsH>Bx71Ns5DG`S
zxWGH42kS!@z95zAMol$cy%B1x0gbqu8tc(xWmaa+f<+?_;BaPGliY%M>Hbr*SL}%E
zlXv3LfM@v6@&oz(v$*yW%JGryrKE>Py!(`h<=u&ss2}M~_w{L`D*V_XcN1rxB`ie_
zWf&GzyIs3VtUYT|kz|HADYZFi==5ba`9HOIEVLqZwlLhih9l96nwlh}{wfUpOV{tj
zlz&>gU&{mFWst-|W#(y=F30<qW(P{n3Fa?V8IHv_pC-&MnF;T`fsKHk@A$RWpBUE!
zms~jNl@{0YDAXlG_O1sVGgl%<uwV~}u)3Wf^F?7IeL5)$aJ-f7sUaLBOlALdetTRf
zihvF<A1F;YnwoO9b_oYhe0NY?HI8Lvb4*W7EHE)K4G*_TBZ&Yu0(z8h7`w&A%CXS(
zUgjlFR`=?D<a*JYvj0}j@H^2uD;XUkh4G0p3=Ee7u@#xBAsDXMp2)@Mg~0|<|6N#p
zP+F^mi0z_!!~tPGKo&$RIpOzFk}v{XvxV5x-69!UT8p@*R!PDY)se7lImMVx+#_}f
z_75fAu6^s5NhqvNs<)c4?`*yw-L_{g3I%%O$iW_COGSuE4HaAd+Ec}jMlQb&Zh{?P
zlaJ#Z`T~e=az3ZbupdTv;(`PkU|9~Xfc#n`rd;?a2gF^+UaFgg;aQI6D)aYPDE19Z
zdwR3zEj<c(m9!EQV$x=7C!3Dn$=l#0u31U{>Xbkr{ajZ#x&rT#uClLuh}D;PE5%*l
z!pj&f$*<%0J^=f0!1$rFhD@`h$~Own_ue+{schB7hHx@ccyYu1IFJhb-_7-`Br>_i
zd9l~S$!Y`IR71UcHs@=$#|fbga-Bgf^D@-h$%;*U!wEs;ZwGCWJ+l?M`PT{EGWK4w
zLu8EYqp^9Os;cqkWSr0#P$f-=UE|p&!yG913;CNF2XsI`_tuqs_nhu&dR1>~mZhM|
zOIlpu^7{!aui)v+ca(7C>{!5{zR7ME%By)cr<sfDdR+~gV;md|aVt^%1khB&qU<1M
z4%IPe@$xI-6Fn>0ED@~q)b8i+iXiHUl=ZDH%7cg|x44Hn-Eci`jBdXyO?3=v*>Dxz
zS+NZIFSLPklLc8+v^i^%agD0a-4@E6Wob;#G(p?5|Jq<gA_Kh<q{psg=bF}I5~JV4
zjlNWl#krdk8C`HD8_+^kJL-3urlxIR-6_VLbmsKeb{U+M{0-cgolY-%)%~fz&;3yS
zWh$p_`)a`ddK-rfe<^Zl(QVs|^t&o_uBBSv!_KNtL<=PIqit?N9<muP9}a!EqAZ(u
zjKefdj<UkF-fu@Bm+x5~ed7&hGyTT_j*vg=>*Kn<QgT>Con0LBz^j|!D!bX64$skW
zZx^R8bp}cGZwD)LZYS!r6{%W#zfX}C1%4)$efPi4%1W7nsRJWkF@dG*r1snrCXumm
zxW-Etel;}lx#a4GxNugiMH2_e$>OTM=(Y$_2;NBxWtrLc*B9*5;9^jszvRuE(8{5z
zinFoc>%1IHw<6s``dVh-8q!tol0*5AYIvnwrOq4m#j;|j1u>mU8Cj+>%@E`nwNhBR
zOGexlM~#Tz`xEqyDGOOs0|_VK7b|t4Rs)C%{^-@m8)I3YB~`)`l>owRG?#`576*<W
z|HnbxPb`bb>E&iT8s~*p91&mF>=EBLtLVE?+lWM(tv{3^wi$x`1brqN`d@?heli=s
z2X=V6{vXY8%vc*C(9)$VU-v!IR@xsRu8At%KH<35DPk1q4Mf31W4uJw*N_5R+qKpM
z{o@zF*Il8^ISxpoS=m2bGZpTEH8<JiY)o3HO|SLtkW&MV^*Z-Bz)WjTb`natI8K?6
z<0!KjQx1!2IF2^Wr|$V&c9|S)n$RnSS;RTJYX=Ko;;Jf!R)54(gX`@6&x<i=>rY_4
zs=C=K#~Qr3nDD=uLrDNCKNki~t1RiZKNEzOzt-03K5q;m<WwZlZ3_f)XaPtX;usSG
z{aQMbcwnxy{`VvG6B(@bhig|1h@k5uNgmvmSDL)#*D1zHW$^2uK{k<UwRSl>L<gug
z1Lak^1o2_cgiVCca?uadEi}ubZ;;@M{{LE^UN<>o8x_yl0{z9c^RK#_)5~n=^KaYl
zEw&XpI^|X_X+Qc5h|F?czx0%gzMD>Y4!2+AoXy{|vJ6)s3w-uFfVN=^JMg@1$|7U~
zU^pPJXAbI`G**#TJRuo%b>~ekJA`NJ1+&NA=}7huA<GwLC6|Cc@sKrQ;Q60Bz^6NS
zpw%kQl++0o$K?)^!g=CRWi`bFSno%V9)T)Kfg6fzQc}`M0!DpQNtLQ{17Yof%ilmE
zU-puK49>E{`=J)KQ{89{08$O<mjK`$29Z9d+#dC7)kKD)P&n8CAdN-^Wj0VIbhNSI
zu1U&Vte?m+<2v*zgp12;lF5#aR(6t!13xJBEU`?ACvLOk$<UD0$yioSBXDQ%XF_Z_
z>2~75Nrp~v(>oR1^CCAtzibDr8TnVuZ{1C5dZ5YZ_hdirbSS!|2{gP&<AIvU#{@W{
zKR|GTwt{>G;_&|y#i8!u+(e}qP*SwRMUhE~<A8{Qz)xHqyC5$4<Ypb@Z4;6`uBEDP
z7Fk9F00{u7+<q3LBW#{9<cS|4uRoqN(Qur1QX&hdH~^_YjX-Rms|_FQyLhGmx#;IE
z&xY^}?(_?OjDios>dKCH6Ts<==FxElaKI<Yyor2*^7A8T(LoWwKHdYJ_^7BTSi>BF
z46oDq+VxR1Y1&+-Ml}FcKuzTe;7F)8xz^&u-=8;SA_gpiJWPs!>Y3kvBNUN{01#EZ
z(>LOljDzh*0PQybXp7*ncKyNZLG1sW-nC|ZXi6r49}_O$0FpmH$Qh5fXNCY`0~UtI
zdGRZbJXlT~q`y%i6ZmML;_D}u?P&|$h;g{u$2ot=U>?n`1o`dtkoQ_92jl{rIgMq$
zHXHQBXR*0EtVN86D`@_t6;=2f+_TPQs-F{Z+6Okq7@z}@)&EEEIK065Kk)cX@m$&$
z<o6*&5LzLMu$&9ttnzUh%J}A_3U+tbFkV5?<+oYK3G(UyXn|?E+BE}px7nGD`ayZg
zeNE>NPI8XTrZvX$L1=gk<NhVOpfECB!>nHIelP($Lw@QzE88|8o?D`dQ{5K#dn5P4
z!!8A0n_@mw$DC+W@V20hhPPf9q?Tacwiq^~2mNL#s7!&L3rHE4so$05gnXt6D;$WL
z2U4x@vQX3wH8?mPrRBT2`T20GXe36HD6LqBBwAG=-VRZH|2B2yF(8psHEh2#YetXs
zkHOqV#6>^I<;W8ymiZY>qS-n1S9+7+cA-T=?WWYh?Qk;Q<mRG9r1%|MrW>RT;c_v5
z1w_v`%lq1Ju!4w~MT2z0EH+#>D)Qt!0LI7x8<d$M*RL-qfw}$q42p57G%5^19tspL
z%m8)=x8<)-r1f?iiY^;AAS;JG56~Cocpac=Iq3q>^ah}`+j|N`ist~KAqv@rR<==R
z31*#i4#Ym1F83b@^=D(qbHHC4aiu3A2Y{3;D#mx!dVqu#5Up2PNs?DHO`zxkG?&pl
zENG!=-qO!U;dJ=RvgA)8E&jY95BKS=)D6%@1gh~m5?Xj2_zZgeHhp=&V8^Q7-e7y=
zP4(@_>$XbbbMFB8czHrl9r8+48{|8Ixhi_*n|bs`p+VZ>+eXS63R^128gj0sxbqH2
zIAqIYRXJHY$WfT;{Id}>fOsif-<(~hoI))sHNT&PLlGiVll20?iUqm=WD45YT}~pm
znvz#kAfpJ#zXAfTc5Pt8aDWQ^t=2y+;zdBJ1SDMqw#BAE-(3WjxU?SBcu4PKS&3j=
zp3CHVm(4lo+?2z0LlfoVmeqoMX<ky<(Z<*n5MWIvJQZ(FL6TksO#_yIru%YFg26Uu
zOIc6?XN9bc;Vvy{QV^aHt)8a8Bs664x7z>taLVqmBMjK(g&DII$lSrzv^4#9O+xfh
z&j7}y#5ilu^|{ezrTc7ci#IPf_nSm1NRTC+6gBftp&GR8gR;be<@kqD8vx>&1uF1G
zhDJGt0QKqRd={X~%g+I5NmHm}X+U{UVqrh~@Fp_mWH>@<eem0pEEXqgTeIu`6V$8d
zP)rAdih{r?`rClT*<MIAmCEnl^yu}81NVei`d1QBS}u0O-*9}Fd3N8$q|C^ax;M6J
zHo2Yw&Vp?Mpb(VRy7-LrfihvUXW;k)&kG4~td<c4WzlNqP{m2;>-AF|aPn*miA|C6
zoatGE&nN|0)VKP@YN285l17$6oypld*zCKAk=nYF$~FF=2Lz89C_n}2_F$mgUD@ak
zl(o+RvFH!zdhPT92Pjg`-M70AhBxd0DPrEE#fbHYNmK)Yvr8~*4{Ib%MqTXy1_09K
zoUL%|QLm_lRGvDYzy+UPg>drlU5pL$1_0-Oqf)i#>rW)I6+B5|osi;SD<nj;_AYA#
zjk*)&g~w`bg;D5%SCA(MOvKCwEgA&t`k{n8t~G$GFhT;C2i~Ug-%QcLej(lW_b@X8
znYhp+!&A3B4hYQkQ9^frabPUOz5V^jDZs7V=Sos~P&k1*R$b<;l(XOe=?5pxl_RED
z4P_vlzQTtA*8#OEkT{D27)ipm-VPa@ag-x|CfH;AG!TIOGl!JC02RFeula#Kj`Edc
z9J^vwa!joxg_iO*6~LQ)KX*uC_b~j@Oczs5jg#nHrwg@l`AnZiB^i(PGLoLT2ZfgF
z=6oX~3G@JPaEa3YPL9G_$62qLPr!&4rOFy$39cBh5zxcJw~<X=mbW5#nU(ZN=;<&w
z@VI$^99TzE^*e#m<@<9K(>ED@f08fnSZ?1M5X<7MHA;Z81piP^*{6as+cnwh-Wa!P
zCt<K<-o4buoKPVV_7~{xwL}*KisxitI@C>%PT;qQ%;S|ec7?pW!S7%_i;)wHv@TtJ
zlG-MrNS0#Z-sNeL^~1$c*xx}bOQ3&c2o&=O?l;>F0#H6z>MvaRHOt8N^{eS%_lmJO
z%lVGzQs6Mwl4jd+QasFQeLo7Rv;uiW!~1b8@MZITOgvj<mO#-X@tVtNe-W^E)-%CX
zpbAcUyx4)V=G7>B+d&>H>wfOhV_Lcmw(oSv!p%BaY=qopcdT}8T+b&C0*Hj>Y<HDf
zvHQ*ezcXLp=CbV8u5BY#jbX?4A0)gXM~~xlDE1(s(EWo-iUI<b+_7yTKft7-EI~K#
z-RGL}dI{PA6l&34_l(;@oRfODXIUy$Ogr6a2Ok&+{HY=qc-{R8={$+yAiQCQ9swD!
z3>s%flxpKNwF~(H8BsqdS!X-#n~E+)WU(fY@9ECQE(UZ1fNRx_HN{ct_r$|@!>JN?
zxigUOhi_8Dx4>Xk`m)v|73Afa41;4|Uf_gVyw&E^2Uk7#`A;s#b1Q3Utf}qLX%R3U
zuQrcVPM|&X`hW4nHAaVRH8+Q$0D?z*C7Re(xx=c!DF#BR9zGlk)IHl@Vpa2)0Un+y
zKvbf?{=@<S#UBa0)tM4f-E;H^IN(|wjkO3|XE%p!;m6ALNs|&Q<jF%;145r#Ey+0M
zy18}H4sc|EI~z}y4M0l9=M`I8TZy5^lOoXie1`jz1CKUfe>-o6zWL{+)U}%JyFsIi
z$M6%v9pz1>+?(jO(E(y^WBKMae(fPaD$OP}11D}EodOq~2aptJ-5S3RAaij1jHcuK
zUm#Fbo`0!mtmK2Ce4Z^h&j#0)6VAD>YYHAMN#iN*UGd81(Sj=8{QQ0Q-!Bq_0HMVG
z;w<U&Wx<I%hewl}6u?exi@~gxBdma4B8y<N%M8^ZDq!V@g8N6y&9iih4$yPSILPh?
z2&5f)2_S6!tN6N(`1I9c$nc8y7}6*>o)2ePL7j4Apy&$1tmRT(UH|jaA@_j?k{~l}
z&(%ReX?KTiMLi=E-}M}{gbhE@opmh-*0RL2`+f041kc50`5)B{hMZSvM!$LWmILvC
zS_jNyEej|C!)Y4hlqvjpHV>O_W?e*oLLI;=f)jfU#3W9Dz$SG1>&pos$f<tE5M7M~
z)v;o6#0+}7o=7NwM*Q2mO_zBHXyHxN9feC44UxA9XgdC&j?pJzvrGk;(Im6h_aUGe
z+?&k30XS%THx&?2gS7&vTa|!52N)pr)*3)(9WbM%Rn$~77b4?W7kdl*2WN47(Hj9#
z?;5cv{dE*SS((4JpYlRo59Vvr_wQ51UI!MU!T~oSIlH{*$Q6SW!dy|y_kJzDkLLg>
z65-(2F!yz%zy*NHBW^0y2(!>LUKZQ{v5B+#x$99)-@7JM-{JzP>Ta{dcNoCU?cL}X
zx#*`Dlk|Y@ET5W?|EgPDMvEawJeNH>D(YzcNDJJ%2LA!YSnS@W8NJ*L1&4a|4Id|=
zHBeIkvUL@Hl5H!LiZzX*yMXei^vvZ#M_ys88>prO#FN~U2V8sYR)6tXXa;^0A{|x*
zO73v7v>dEcL#!fRrc6@3{?gRZ{Tk4`hEEzqcp~YuoB+#IPCV;!kr))QU2)(rYO_>0
z046z5TNY_X$Ohy9&XSQ&6qdl)kkJVq5a;?k*WJj$V$;bZuKfWYFHZVGGKoRRTR{&?
zZL5GMHTl<8uu3lcSbOvMdDW#FIC}=NwvbvWzJVK^Xi;Vz;75U_$=g^54RqmN;|@H-
ze2XT1TK=?w1OLfK68N5jqe)E2YEbx3Zo9R0IR8&<4eG++Q+of#<M^7p(BEY4nfuBb
zPoGnYdtZIZHm{_^K|^ETT9t$IPE=+2*q|*_U3e7kaOLn%$IfQK20_yF@BT8o!PUPo
z(Ncwx#4(v=1|07S3B7B5jVtrYQ%PE0nos8L4-}GgpM#_WCDefUh|Z#S%ZC?EZC}ds
zg@c|mud}rG<;M$}eQu|H3ZBMKxa6;_T>>MY%BcR@6B7gv?F(Vp*J+|x5W!(=$4d<G
zO9Loh!x&yxw~OFCtwbV%!hh)yK_@e?V~bu^`2X!k<t~Mlea0_V(NAQgM4Pmfpp5w%
z?*~5K7=_E-@9WpEt4PE9B5{zmT3#9`*UtB?QL@M{gB8|(xp82m=~dqsV!$tb)p%Fr
zAKAlcsfuq%7}+9%Clm00I~2xOkm{7-WuE-2{q8Rn2~gvV=h3nXoZI$WJ?&L}U<N9E
z@P%Npv9Z&vM(>&7lN0uyky^IuM0=}ZaFUPJ<c4>^JND4`XpC{2XCQkd?_A>I4rR%-
z%g%3F_+Nt=6BifX3a!Y9hmWu$Bkmcwn7d&>SWtrkXGWpD>3UM}fD+vi)XiyWRxZx`
z;Iw*jzS_7&v{Gh=O1$3nqRG`<G?R+4TeeS(+vlF3LA0@)pN3vwBt1QSrNCgY@k{s<
zqR*dMcxklNEvt%Yx+4%LdoeVU|CmMn{e9>mgPFY9)=4d?91X9l$wqBr!P16%4U@zB
zV3stzFb3$Vz}lLKpOuW9o91zua)awL{|eN;o~*@CdcHpB^FsvP%s@ZCJi>5$`DgIA
zcVc?>5`x5Bg%5i(25qFw`1T0znshrJ)x2JPtMRv`&`1XO0t?bbJIMw%+WAPxX*EM-
zXBdM?HjADTF7HpBy+?hc_fujr6aye4T(2O9mvpjiKYtFRf8flAuk%-~_=jO-)9<T9
zCK{~qiaMbOzlizmU3$cStl)>3;pyXWf4o^(>SMViaLv$n+>--?sU+Rw!48me^<z0r
zq>~lyQ+*#C2_GqVYM+9CA0wJ_Z?*oNG`U%)*-+?yX}dgX+O=!pQo>H7tEfrEtGKVF
z(VSOZl;`b0L_kZ$`bt*u3GcX0T)ajR+Nk0RsdD?_s#jpNBzK$gv;E=7$?zV5&2puc
zHy^L+rpg=}2YC&J^u1Zs<*cwt9jB5vDj>VZC}JIMsS*f9p~$s+au-wn4^+)6A;SaB
z_QzQbuUb>z$h5USiSq~M{pXR3JrKSrp)_*{a?{Xo$*eopk=SBAF}|UvXkoaVN{XrE
z?3t~~?iFJr4P!W}jtVPV&ln}bF6kHe$kxqcxJLhm<Hs>gx!2niNnHPY7rc1x4y@<U
zi4zF1$t91TNN~!;9143gg92NTRs!+zS|&t9N_l=Ih+w8D&h7_;3yC{l%6V&2RKJoC
zO*GbqL8+s!c{%jmmf%CtE)9QYC*MM`DyS?qM{Wx74qFCGE7<S1PZ)W(U!;0rUQnG0
zN^~C6vEtSuVhn^L7L(lNSoo&@({&P6(&gyVXlo}!Q4+QKG8c-=#5UVOsWL)1X*T4s
zH6Ft-cHwr2)kmhHj^j~Aw_n}abhBe!gQWZ}Sn-&@W0Y^u=@*7#CKPD{Ad*-0b6+Ph
zfcN?HWYdw!-e<0?G*YN?obcSAlsGXtAU0YM>K)l{=6oEw_~r77N6Do{IpP(BW5???
zj&Ve)v&Yxg--Hey@G+6_eR8MzH~DCEeJ1@EUj#rpd=Olzl()=EPf3Sw)Db#R56T=>
zNagiu^+X!XYgyVvRQS|*FOm#he}_+^{AUc*vZK!>f+LNzOV-66^370d><AX5G)C4p
zCJyK*AETzBvpPd2HJGsV@y#fqQi;_1iYacwbN5`t`<zJ7Ee=b1{fPE4U|YkyFF4pk
z?lKzN0EhACiEE~Q1z};Asj3dA9^u7NIWg65j5KqxiH%O1HR;_n4J)HL=8q>Jw|V<>
z4XE1{cSr_4S~qan@yMZn7~F~x2lvc>ZL5MpcGSjh{_=~%#}sMF@>h_`k%@Wk;qp+d
z`Y(xGYI(Ykt=WH;)3iFNQt{QBRlC(XpO@K0Zm)G^3&GYSH__KTI}<8b#Qi1_{(W;p
zr_9ZeE?QN%w@za!n!e8_2s1Vz&h&LuX%L>=IiZl)wQ<yjCUbW{)`$}d(5B>bq*^ce
zIxz_AF~^{vS<lCyHa$j}-CfT7_+?IoS0*udA04Ki%iwEg2Ev^H@ROL-A(6GmZsvZ#
zgPdp1&do7Mf~{UjI^}9sN>fX2%E+V2ai+X*GLce0jYG^mGG>ubC0(1-?Vv}t(`nUN
zmBa8X-IYUyN~0+ug&WW4Es3^wN;NeGPKh;JNaTbE(~yZClYfwAjGAnMkz1ZezyH09
z@{~@i2pM4y9M<|<zx|J`S?-9$9ScNgkgPp6MI`l2|8l=!(>oAbEN6SxU3+iBPD;+0
zuecqlQ@iPyK!f)21AiV<*BSR#znUj0L{-%R6QaB2=DnjUmPF(Nr1rjt)s4+_8%uee
zSe2w}+U~O@<0kV*Whb$@i_JdfwyzkF|D9&b1Q8WVX3WKx`*;4ejP#<HkOK@!yqAzJ
z*~6U&CKiE_VaUKq|1)o9803@<2fsYTMd<`#boUo33ATd681}XP{e<R4k%`{IjST4Z
z8gI~)&Vz^#&5q(iMAQzP;PmFg{rCIn7-bb5S3Z+4jY=EeBy@q3_Ho<4yMJ<>8(ap=
z!B78K8UqseOY@L_Ee|;3#baD@69dCpkhBYa&JIc=`0+>X0m71NwFlJG6Tz%TNV=my
zox=bEF>2}iV7))<?sma*V*KQG7sP>a!|xYywf#Q4gggWo1k(pw)f!uawW?!dJ{Ra0
z=OB+XT|<J0Oa9OMb7B1*!!vbiszZFv;}M!9-wSlrQrEM5g;JTYFk<whAGoNZL{dSK
zSU5O+DXg^YP9-d+zEM}p2}e&gsoIduF#mYBmA_XR{b*33^O%SU6cs%MX-R<sW8E$4
zK>Dd_vj{%$DQU`>!9s>D_R8-I$wy=UzP$6(zwge7G)ckcxL+f6DJmvbDTAi<cbz)q
zz{LbUIgG79^X7Uu<6=G#)vQKa@)g8z7wFEwY~p7$cUY``=S)nH9kFJA$lQcQQG%~W
zK}B61J*rH$fL3bpjRRS?N&<TyYyIBX;=X>vOw{@xpsI@Zd_m?dak(zv`M8>sii)YJ
zc*<;}bjL3~L<cfbZQmb`4}G;WMKOlKtkk-{4*xlTIuiN>|5~HQl7!8%tnj0}o*t-r
z(tDze9sPCbr46*nt=eMB=TbS8hs6QZPJR7Ko9Tl%>*BD`hQ`dyJjrys{OMKTA{aKM
zn^}0&?+hlAXlKWx#ND!;yj?^Ew2q9W&v0qF8uef5Vq^^26c_(FY_6^;COVnr3Be$r
zs?lyi7Pw!cS&crSSmeJoR6hm=i-Lke`Z)Do;Lq23<4tDx`g}#Ot}aOah6vuM&e52r
zgGZyP;7=T1MuyDi6gEaiYhaRn&QCYTO9|z|kl9OLbbHUdAtQ4c$_{$#I#HI@9!%K9
zVTEwfw<H#WPQ>-~`T0di3l*-Wnp$9bqA=|D0;}6^R&4JVD-BLIrROL`ihe)&6cm5}
zbU8f(lkI4l07%w6T)1*M*;fo>s6dSN-ixJR{z=sk6Lh=tCZGMWys}XNN~C+@K$5kP
z+<^}4Qo{pp#SQQ}fXGILcSrR{oz@S{n?W*OUd=WUTchsSfok)p4qP^eZGwF&^|E^j
zQf--8S<x|3od#@)VFN`QCLmM^<r@ntgBM|4thN9)T>dV>x(_!WPii=0wp6<YNkpgt
zFb#{Qvo=5$*9*MYAU`b%0H;BtOz}Ac<)n^|2UqLF<Io!^?z#;DUkuJ6S}Pk@SFo-}
zJ<3PBX~uYeR?z<YKP&i}DARogw3hoIpGGf`NyW>1Q{u5!4y2(j#QQo<d-nDi-VS69
z56k0WjvK?*ntobohFM=)S~}H(XW&UXL#W6^y3l;^0I7Vo=3J8xUO+$qFD?TcJqh1^
zRXlPz6AE+#J*~yPh4#JL{Cs0kkp~z&9rB;?>h0VlsGpJ^ZZElQPqX8_z8#ja2k>0A
z+`_PrQos4YmyNc^<`eM*hRjtME5J8}>-908Kv)?dJFf0@%Wf+u2IDb)oXM#&83VP3
z4YZ3(o$^QvOIcbBUyDFP;hxM)b>Iecg+2cI5*6=VR1ykAd7{cKu&=;x0OiJ~F5WCZ
zG(L2%GUYXc@kXS^rqfFBJC@SZGkl=`d3UM$J#rK8oq`Z`C1H3V^z>;Z+27!($k#rB
z)4+ar@q>chW3qKTeqEm*>S&j_S$cBx**;}!?Mey?LV~V)`B#wR`FRvp^Xbso(Ej=u
z2Vgy)uqKishf6Fp^#ssDh<RzGICX@bUX9Zu$Iz;WJArX94vT8Wlf2Ak3#O%^iRU2A
zOt@NkpjfP?eJXM1?;Zs18NLU*F%uRR=3Ebg<Z>j9S~z_AW3?@JW*a4U$Riw5@-Bw$
znV*oW;^UlLe>y4FX!P&P%gcMa4w5Y4yVxRBd23+|pJ#r7`o4E)W;<+CP-0!_53aqP
zozbY0Yr3lbAS`QHi0hZWx78Me-vzytb+0cchnBv(JudaI|IS4ATMCN(vngbdsb^^r
zLs5GV138U@<pc|+!(;|#jdU@varLA-P#T6CO(~;km0BN>H`InPSOG((*A><c`lckp
z9$ZS%n3!mKrP|`fB`^sSiNoAKyFAPF6UPDrrU<!vybh8{EYD~D96$^>e|^7PDqcjm
zz1_z7B-p%1P@ac|-Jptw6_Y%IF9+(jc2ND;-``&^P%sAY%y-t8u8jRC<STT}tRpk@
z^YSn3I^GDwzDc{i&0n8y`PCV*C}ea(L5YZnh#DohyaT<_==puvORK`!Vw2}%%=DbR
zCBCh-XzlD+_1qyYDmps&;-}Qo-OYjy@|1Z?VV|Ldqdy1pB>LacmH!!?M<c#0Fp~ns
z)|Wy;!stXyyWps5cl%8yh4B0(#BvFSl>&9^2j`t4m1c6Blb(T2`rLS_&-eafb<T^U
zEx@Nw93T$i_i4ey(@yDY_dIkc1wfoOO=M!3h33bP##&n6Gy8a2)Fc8Uu`n@HpXbs&
z;<bJ2wj8*2&hbkC90;M`WOEm@CGdUEPggClTPA}}PCUS=%<XavS~ng5CJ`<<Uomjf
z0l^whyTABq$%?`9gx27WI-JF5!Un;9#)Yh>H2pMApXp}<&J{Ru#5e4Xts%GXo4fVT
z2{;Cj(x&V6g2%q+4aPS{9d~ycFTg6c2NMakh~5W>Mr2G>Yg^k3Mt%4sqF{Sr;h0qW
z_^BVCL@uqY>`auu=eIb;Cx(8&LK%;Yi+c|a{)oH|zsuMHV2Gxx3I#d}gxOLF(J?Uv
zP%#vRcxIdXZ%7c!(wcqhSFCMp+Al72*JB5W=Ng>kgn>Ytu&}T#n0x(8(6p5<8!3$8
zds+I+S27~i#U*DKA)KI#G?2zW3@dxadqaSW`w2-~xZ(!PQYn7dA9s{~{Nv9a3!IK@
z;NJTF8F7;C)&~q6{M~$k)5BFos^FYx3XRD@yA7J3a)VpitrP1Y1TO_{6Vf;7f6vX8
zzqcGbJJ-%m7Xi;NaHkOGwAi0^C=}3K51s8<u^?8fwHE5)yWL^KcPkV!sjjXgewjd>
zSFZNgYx5oU-Q#Sx#t=`E4TrvV$OlHsv^$&)X7#P~#c1M(;v9Qi^st_%2)?*=66+7T
zLn22m6*;%gOG=Upti?&jJg%1VqJzG6H~)LN1HW^16@Ne%m$~N+H9q^=@%n%7k9C93
z1q=(jCVWeh-Nu(t2N6{{uCzvq-hVWI$$$tf{m+w4$1Xd1aoIwXv*W-{x~376=#peZ
z!D%3tzv?;|eeLQ`n@z$1KREySbw*kH^Z5l{{h2FW#WP~5@j+sDnu~=#hzFa7u~_@-
znX{Gw&Kvu~<G!edqQDNO|BR_yL`8I>#DmQle{GJz;)dkl7)n?Rks`f0j>t?XA*jj;
z#IHA3Fgkc5QvlBi-9CDc7+*my#0qYX+J7s#Q(cb{hx%6>UfE^N5!dO9tsUF$t|y24
zPI5^oVC?9Yp8kw6{Nfx35*Ho%26A6DQ2*!KC$fB*p;Ay|F=Q08wNKQI4bbn&#SMx2
zQh709y)!1;v|0?Z!o%<++Mh>UdmsPGR}cG&W@&Kem}F^6*7_RyTC*an5y#Xhg!<^_
z+CRD;+-zSNKl#u6u!F=?TcgKB#0hPEnDq^NXR>`#bym_!=rzvun`DUwXQi$g__&z=
z69C2%kbh}4FmI|@sGv5h&N0ggy*5(q6`QiYHZnQ(+|;4gJYeFMRZL1SJaSoq(4yF`
z)4!o8=TEqU<(u*4{y3Ra<1`3R%jNMkl|=Yj=ikmL(YcAZhMAe#X?WTNRx2txKyx$d
z%D!@-{^#Y~Gg0-E>dpooCT=R07J1D&&r=f0uZ?U*LHndVsXel0$(ep@CRMptkO?st
z<%R}<QPLb@Q7NfF^z{`odfK<+n;Ve5bzVjuyolpg?}jgFse07P`n0cK7<P0ohPN|h
zSFw=66h{}?RIddd4&1%Ea$I?CC-T25azzGpbE{w8YS7f+R;t{xKgwNbwa8RkZP=K`
zzt|ThqCVe_HoJ7e@nGNE^<xoWWTKaiHajX)Ue=rB9aF;Oy*I&vY4~OL1!F~dR@b2E
z#iybtVk>X)o=nWYrL53Uq4+9190t7HKejaV5`vST(iEe4wO&i{VH7{a+QTVds@$I_
zFYmyg*r=RY0a!Yc)fH9rw&K;Zm~^em>Q;<!kYw`jX3rOQ$t-mLTBN1!5s>A3M3+*N
z84ULee;&EmXXN#}T|>MnjdM$fS2Q`M9-Jw4H!;)5wNS1BvcMmXasE(Z4OhpTPK(LQ
zAd~f>m=X2?0gbXoAkzQN)_S)5g_3^kmbz}Q^42`P3&}ZW?=L?43MsP1)nVGV&YI>(
z7H>0x|C^6`LSBEfSbc3kc@t|_Z8NHVHRm;`X;YA#SmNvn#Wz>L&;GqL-AqyRwN2qQ
zvNF||g$>`b&BapDEBv2CN_u3%NJr(!wQa9Es6ZYsA#JaUH5gB}m^)FCb~;-rEaC}P
z|D58enEONTNs)AP@Bh5#6Y>PNvuonu*|X}5>Mf6*+&&MewA1yx?g!mIrPY0|iv*49
z0!2~XvKaeP<x7m@tB+aP=hC?`Sz_|REV)W$oc9hyF1vW@_twOc?!SV>hcAZqqRk8o
zA1400>HSBAVdnC@PD{Hz9-OX2Yje+{LV9^~f6V#pUmpE5D@qlfaQ7P=gh)C!j`?tR
zRM=N5*KN%H)ZD@A?3V6+xwF~lS0>bh+NZ>`KqaeqV<k2v*0T=XPs#oAPjm;e7ezsl
zJuvEvt27g|tk`Cl%?YuPT0ULiSWXfvu`z@>or7_Ds!M0jxt-Ql$aO!>tLE#IDay`<
z^Y<&DodQD<?a||pVOk!A4D99%`zImwuOspqTby51pVX}0bJ}L0r(sI<7?z1!e=Qr0
zr|&Wmrzfd_qeE$8C-9jieFdD0{}@gMi|puD|47VGaYF<2-9^3T3Hz2PG{wJn<^szD
zZ6W1q#sktZpi@-%<}EuW;o?xs@hDwD>jstu^xJ8-^FUGfAsz3IQp0A1<}uN;D79RV
z*|L|c1M6ez2^UKaKKF`5XdGWeBnrYr(N(Tyom40{2%))dNN7Cu9}d<2GvkUvFzcPG
zbJ|Xv8_13jj)&56Ol>TMM}SA(favS=<$t1g_`LZ?y4loTrZ@n%_WEKj+Fi0nac4<a
zaG2`fy`8QQR)&;g-cWIMC^jWkxxcf2P+fuHmwWbaDnh8>C8TAL_IfBfqDboPd&;n{
z@&8FofRq^a@xh2BelUCH0=n*NW;UWFLsATxgZ~|JZwxPi1Ko~CA?IMc7luF4Wqy>1
zU=JMcxP8LNKVkvwA^6k3)BX3(^M8{NvEc+{x3I9M@CaYOdllyIZvj2i&kgAtDcHW6
zdNcl*^VEMDM4{`Eq2T@n;t7^uOfyp#qm3*jdHKNS?AEROOOuxP0EN{8F<g0BS;hQ{
z!B}yUvQ;4ukJu}%KyhOO!W@Z7&!(gu1x0rjD;?$Wm739x;b<e+@gQwAB10iU)ph;V
z1-KY?q#`>uwS$z$zyUb@Z(|2FhwW*QuQ~D+a09s(mBG*-U%=HpL&BWdG{akw(pe7N
z5I;yr6crW*2B;1VAc&890|4F6?)}WSFGji>E&i@N9z6RZWRG05kky_dxm|q!{s|;G
z2r5i;3XQ?gjalEVgPUH;Y0ylWla0;A7PYE#xrp!Rv`C!x5ozbLq~vUuNE~0gQAAa$
z#mfHvJ`@>=LH53n!tM6zVEpG|i4t$6X>HwCJ-0qoujF{z3?e%tqdah-zAu#=84*zg
zF|LF+>*D>@h(5aqBGMFRTVi(WpCDwYC_PGIx4CbY#ZN{^Q1wFbJ#lNzM`d^jK4#U3
z)fEHoXS<-{9b9T#dY?QaB*ew-zdABkw%Vi^*RF64vQn#C%M>ti&J-_dl2ubHl-R~S
z42xu09~m1Sc0HMi2IMEB7JG>a4=%r^q@KaZt&#X8jv32khC+VT_n?r93-9>s(j_Wt
z(sIgVn||b)8Qd(5QGk8Jqg?UN`r@LKM>#|@N>rM`qeE>~p8<)e;cOY7@UrchUnCk4
z(>Dj&9T0q*6`~(kXNg4z60jr8G-o@cCue{l7}xom#M+RKf#qh_9B60@?)x)!P4;ZB
z1n@_2+p`iRIV!T>!#)yZ8nT{?h}yUuNxb&`l4dr=@n&#fb!vi2VnU-xrFaO<fTo3_
z;z(lvTlGg}w&|<J;}Vjm01O060EhSVA03+Yx2RN7U{mJ>8RM^tHcn=hs|v!hB@&)v
zAD=mTc(mi+13?xKE`wuF{D@%%d~~nm2m8O6S!JRw8j0pmFGMa3N{|tL6o&0i91@0y
zG4xlLtHhTzek@l5p?(SZlt{^yiHIOT8^NxILy?t4lXNuZJ>Rs6L7ixNknx?5Y^0=+
z!}g3iJ2$k4#Ika73YHRf-LNhgxX*)Jlj6x(y|+(qI5KWlSK91}*K2h)fiVQt14I36
z=nY$B2u9Pn@dzMH_Fu@lVRd_FX{j(g@aYXa90ftc7$9w9$S=cSu<`L&o<<k#ffhI4
zH52m}l%BSmt1^-BT%eg}64RKY$Ia$u#JNBFaacdP^6yV4v#l61l6rcABQ3u9QPKjK
zo*yt+1xuZrYKL+p1SA80s>R~iMW^4nuy?(D<K&%4A@QbmoMyE$Jv>$@i&~WhpT#SU
z8%uuhoA4u;$3YM4Fv@18`4?m~L8H@vKHM*R!D2DX%`hTfcQvymB$Q_J*#;xpys$<Q
z5mkvK49^cDC`F@}m#*>($8QIuquy=N!Q-X#(^MbHi(}9Z>B-Yj2~B0?x4a5z`BwAI
zND3cZzrPU1#=-HR)7xD>b?iiR*qLp8Bk*c?c(@}L?7XKfZloauPxq%O<57set%$Jn
z@7NhP>V>~zDzp26z<#g)4QQA*@`lOPHkE0@lHv;VMpgEA58ULHoLU6R=k*ccdX%Z-
zfO)Jl_2GUfq9FD<tG%hD<ncZ&RK5Vwkls#E>lg%DR10XR?daAzUHM2KT8q_c)9u-*
zWIQbM>;*2gC_89!s$zg~ObS85-_p>?ngu`s=^(TykN2V0B?waqPFmj3D6!4t5oilj
z$)qfDA^PP1F6TH;G=@=hq-qn>h30`G(rX~R{VhoPxjpKp(RfQGK@WQbm1-Sk5H^=n
zI0u?eK#5u{0&<MA;B#HT)Xm?oX>!lA8%V(hy8hk3qv(if3tuIp1~aQ+U@?=ve*HoV
zp~=@UZqt&F?_rK)k}(YZ4o$Jz=_fvwSKXW@%Yi-`I3OKzduG*gyQ)Gm3#0l2-f6!4
z9niXdQ7s4L<=`><nAM^FKn%$8(Ob-_x$-GFq<=uhaQo8tMpBUMX1r8)b>-I-Z=05e
zDdC|PtJ&n&l8e&-@Gk1jYO7?q#V@L|x$gOg%QR8x{JKD#bv-~EQQ|`$c`{+OS#-29
z<uF;1=Zl_Iz@z*(HR^V#4Qp~!X5t`H4m;Wy#dGH5SG@O-bYW-ZU?pRJlIdc>_m$6u
z`Ba@kov?B3Io4g<2LnR_OQ3mQFljo&)2Eu#1%;8#@NoKxx^!otF(@QQR)}ZYlUo$L
zuC%gReV*2v%g&IB05YeMRSr8E;zDtT3M$bXTb_s{8$Tb~;(&-)7>(XSTRYA40rT?Z
z*?}Z$V}Nv+`;5%zS{r>`%Zn<rw`d7O%<s))4BE3Yo)uK>50Z*W&woLFd>%x&@h5E~
z9lz1o(X>0c&>o^2Sb-(_-9H0DCyYd^CjU?l;`@ULgRpV1wY=@t*uUp%tNQx%a=4vW
zOlD+;mkS6$q|nim1AhSWNh<ny#<yT&;^_C`r8cuoZmL0iXE^)&yLer)_&8?F){76Q
zQ1E4}bq4ao%QVVl2-2JeI&$w*d`bUiKQ5pb9*}`Jg>nXZ@Af3p6Gq&LvaP#etLl^{
zCf<yjM=8o*_P7#D0UNRN1&RXlgKKxTVeDk-f-hCgFZJw)?+VT1hB={q>pwwm$dP<L
zPTxPA8zLU%Z#MnyZa@Uq&mZ2X;44DH?FCG<Vp?A7y<@4kKZ*Cg6f@nzU_xl5_kLMX
z7$2;CZafxOFCx*H>zI`wwg7tl5xshu2Iu)?o?d?Pf=|862~AtZJpz<`QA2xEgewfR
z__9aFF^rpt_hbDTZ5&Ve3A&8M(wL4kpGvStq~`Chzf<D@KJ+M{Wr+uvcQNf-72f+x
zzZf4mxLt+Y(I;XbQhqgM+ggxrbzgOyH_Y|vD7pEN7#|-G+|Z)wXe8nH*3yTkpWcKY
zyk^kyFwETpXns8WYG3V38vwj_xT|K&win7Ob*hq2a5Re=&UkYN$WCfYpUa<fb$o+#
zVY?~aO(H$ilPAMIROfT;df)fnPW=us-B%TP15`qJx5&GPNqC_`s~%Mt-l+>5`rU>{
zH(Rk4HY<`>Gsw<mFUv3wfA`mSbrm?^giL#oRVs9ilzin%$^EV7EX#JzkAaI3Oo@(R
z5`h(_$uA-<(w{w{B>MZ4a`DC%LPy4qtmg(#k>yj0@PuT&nJh~`mq)gO10HhtGv91g
zR4Sm8@5X7yIaVou+hn)^mCXq<cU^^80fyA~{*on+G-`^&H|c_Sxcvvey;_SfMibc3
zwu<%V=y)MQs#L6&#`4yf)27YVHhe%q*!`->7whpO)StL^YQMDPtJBpwx`s|F`jR-u
z>SL-WpGimNM-}3<b-e!4=wb$y$b0;?LqaNuh_FoP@H2_!v`1o<pL<Lj-{BbaFsz6Q
zW#s+6clM5z937wBP+j81g^Dc0WBTrom1wrlrrVPdBnY^<0)IxKD@{LqFQ~*G7dV^G
zgv%glbxO6RKdvqP0NrLn19!N(JdN-5y}UURtVMA#F$D)L?IIlNM@p1SI<+0kHELs=
zQGo+C)0V;Q=ps~YyEk`5<rMk0tb<*=lT9C74HDu{^gj<az!-V{!T@99>nBriSkBi7
zKkLkHFa3hbz`1PamK+H;q2WiO%e+Uc!BAr<8@=4L%WD5?9j`_t&e}xEOv@b3PZfRy
zZ_o%6a>?H0T@hFcg$5viI|n7WlrJ9d5<b;L+w%?&E5nvcx@$I$SG&_)%1Zh;cz%kD
zN37ixsNtPo*!GJ#fkRXNMvz17l=4gJ&c|QnBwqJcc{6-V@_mDeqdg&=FL2js1Nu+C
zn$I<HZ)QA3OM6GIsQFAtQ83zb_QAQNSPWIzY#yp;-}`eTxEJIrJ%1OKJfz4!L!d+u
z@Gj=D8wr)Xvl{RvrMe~&Tk&P;ckBcd)PFK3^2-%4GrZ$PYh=dUIP?*8BS1qHYlrFB
z<X+_5G4a1nW~v!F9@r5A=eSQ*6sf3m>HtM2dd7}6hxgz&nZ@HLVG$A3Tc(EGm?jVS
z341$MXS!6)AIV`n!^q@5I5@aDkKwUi2^hA&xn?S?<WbDsQQ!Emq;QHDpg1M+CQqN0
z4Y;iHvsHck^Fd%Pvc#2w^EEe2lW(lQgfP`_ruf)J&b%w?1&K+kCy@2z4AYl+bQnBZ
zPq115alzpAVN{sCO+y}b0^&uWm)9W}#}jdDE=PRN?)<3udbk0w6fV@vOM5PqA}Yhc
zabxnEHjbkh0T^m~Bfk`j*LAm=F7$^e`th6O4~LYh3JTzu6zuVI!%caHVW0b!abIk)
zfPCeH3Qmg=U(qiBQiilSaJizQG7HME`EF!bbbMkC?})+N)<L#(Gli{(T>RWo)Gd(!
zDNAFTTSTGBk3n`+^c2J5w8ZHBe$wo26k#SKi$kv|Q<H8xYQG8p+`}0}yvSaRYuJm`
zdhA%7E4)Kvy>Pn7Ph9zrspJiW@5|Jr1<;Uc)dqj)$s(gnkM`usC!?y4?R=)^<3Io9
z<5O3bdtWfgr~4-*l?bGR54FPBsi`Zab~L!R`f$M=sdH0ef(BQR-G_+kV<%nPQ|!#q
zjyp4Uhxh|~(T{LHDq!fxbo*rKHjw1JR*4=~>!Cc9*s3tgdd{Gfp%9LGj(?cQub&sr
zQmAXlE&sur<z5>uHuZ<)aQFJ@GtX!MRbv-?33_|+&dRE^Z;nU0{lPvw1l$<iX>P#*
z^*RU_cVIGGUy$-dVa^{Y+4-T)ALQjh&Km7#?}O;1_fSS)Ox1{zEGao`4cltkgJ9}s
zzq2g*|H0c^hE=_7aiby%BBgYrbR*p$-QAr_T0%Niq&uX$Q@R_ZyGuYyIz-Avy>q$u
zIeVY`ez?#5a`}ip{A<oJ#~8mD09F%0ouD7D=UIFQ@_|Bx#ce>})~x5?QP<F@GapMY
z?3YR%+zi*LdLbv$gF^jiTvK9k#KE_Nu8?E0JYu+n;1OvmNz20-L6@@~O~W$i*;ISZ
z*2G=$FgR*5X7VSfy{q@}_mF5hcioZXKZR^<npt<Bb2L4r(QxEF!uC)oC}w05$JdaL
z(Ru7`{e*}kM~KAv@<^X2zd~~Deb+95FC_}KWD?d9l%LieB}G&M;W5Jc*Ji-o6qOo^
zHbqrT<Mns1Ji212WON=%nWB97G#XHKUeyFpSiZBV`f!ZCbLUZCF}7{k;ug&XxHHk(
ze~N{x-T^?IkdEv+nGP0K^&p5KW{Wz8Lcd_OZOPUP!&b+fJ==3Unb#x?kB4G}qndVc
zjdvoYkygE`4VpQmBn99KU<-uo@|`V6hoC%r&YA%syPA(OP_r<5Ea{EMopa?7DrN1K
zp=nMUTk67pFAPqHMQe`NWzz)snH&@zG}u95VdDg9k^(AbTD&3WgnXRj8<LEM#Eqsy
zme)Hei<V0=9A;l6N+|Gi*>Uws+p^A;;$BksW+HkT-TT;fI#(&AMm0a2>+KmxWA3L_
z)JYTYd;>synqOBxH|SD7$cLfcf+`W@Al~OQ#iD_ezBfM+4;~bIpM}14YPGLxaXC!B
zQ4j%0&*l+{r7o^y;1uKfpOEm^x;U@LMG{Tf_~vu;t+DalHULFZz`|>A+zJVs>y{bd
zy8}Q=_W`J=B_oKEK$@rhjFo$NCXaRU6t$MHw@^~)yu{SvnU_7kHIf?MjD%`nAoJJg
zP%8aeIt}&w#-Sc_5HvnyrN75WCZx5VrQ^1>>e*GR?a3>Y7^5iWcoab}jq0m>01na#
z3&;8wj_X(-F#W|$^G@=`2B({z;5UMiN}y}-9qaHc?#s58XrooX{s8WQqF=EmG?nT3
zD+!kerC6uUZH{YvidI&1qlFC>0p5b7p|L+fKep^|jAj_?)GR)ftD^sYp6l!^<gSRt
zyANfvxor<6vwD+E1&0uGV?H`|DM1a1#*joRPS{@WQ<hMG!ed^Nh~?aX{*V`I@CXxB
z4i}`&H+R>^6ZERLMBR?(^p4*<;LZ&g;S0(>HSq{`_-}!lMMOY4*9g;Qp#@(+x71R#
z4mtB}z@G)7l%{3dFbcW8&aJ4l|0dl&{S%H%pnFo8zF^sTV#nZ9owFALYF?IHQpp4z
z$Fwkqg~fU2xCd08IaNai{Te~0e_)_@a4<AJckwFhLiuw7_FVgvJoNt0cV71pcGt%D
zICf-H$oc2{Lc3*Fn$5LnH1O$<YDS_-Hy{SKYQzgO4!MOR;lJ*~cBj<esL7$>B+;1#
zM#GCO$}jJd=d$kYOqEAu2`dFXwb>o`85;Z9V*rbSilR`%>d29Bxd;X2{1L9AVci?-
zX{PN4%^jY!;)p5`?A5HFBq8%*P)UEoB(D@d`3+3e`Wd#9@>8i%_sOQEcy@UN@85pc
z5|xsd?_mi|{?7YxL*a3Cu01Z_>#1_RD;y_)E!yab-hy;dC*V)ISe^(g_6clPS{emb
zeXI=~Sr=6abu(HxrF;pW5D3v);_}*^Zdij&{kr{0EBX03aT+CVbQQT|M5ba%B(hOT
z_EIJZC!7=E9XK=hu&?_YVaX*z-yPmlVbX!|)px=gV&^qkg@sQ9;$Qk9?q2f*s85v#
zwS0De3(x%9#fH+|;qw$1bZ9KqIA^CGnF<tBnq&;&Z*gBQqu74bu-ak55O+4IHTE0;
zST!M!<0ok4!!Y4XbpL%r8CxSQUf#W(iQW1tgB;IjFNsT)T5KIEK_AQuIM@f4MpU<L
z2;lzGW-{M*mSSKO*jYEFIr+M2hhBq$^!S+hxr!R$@9nXa%Z0DORS-DBCn?hH4(LmU
z;^m8y?G|(U{%pBzotT&y6x@?L6EAhemNRIGE;A&S#C){|!Z`!{P3F3kGk?Ss2EHCi
z0CnuTqz8u6lu#Fy5b+D-t`~Fx-tYy_)qUdvVi5ox>vit3eaA|JgDC5JtZW|=&34`Z
zeKkh{G=q-yaSQ0uh`sbvwDeM)qQ)Uxrvg^{Z}t|4pdo;|P3fM~-lVQk9$b>?!qY8i
z^xdhLcd()j)Dd_q1p$rYFH{RY4X3i`-{vCVd}2*t($6+AAK!7GtY8um!uWNuyF4`R
zfe^v*Xu+O)V=Zd#{wNT3?t|_$H>bnO)G-o<XhI?BKbfDcN*gom><3NL9r#RHp6R~r
zl5&kK(e(Iuf<Mi<7q`Yv=uw>~^w&_n2^3<f4?fR%g+R2&`Owb#B#}aZ(n|vAbm$hO
zcAaEs#4;Jcwis|Pu6I{<Kr<xBps(W+@nE?b*F6eT|LwGP`;)%AM6tA2a{$r?()a*;
zU~x`}jUP;D#p7fquBJ#>;b$ydIRD}H8iInSA>U5+{w+4|8$9y%qsU&p8k!peNZyo2
zj3D7)1_+v^9H%+mIme%kweRjWa!)PXoirxeV{m!6nn2#jRuin|1CHgy$Ber*#7ffa
z$t{y4=Y8MpSB>Yr5@lE4#inywh4PY9+eAc46051=#Ygn&fu0+ED1TuYRs?7C@-XZm
zA*e3DgIcSZx>(S>NjOKn_G-IJ5}Q+xK`UOgM-{e&q86La_o1Ya5OLAm`Bb_&IG!4O
zh7<5A_4ncGZps`zMad6~9`CJ)6pU-7;p9YkY?4#RF~hug?s2Ff)Ag48b0<z;<uiQz
zmjbqPl7VX2eD6fM(9V8srBn6Y7EEwPGnUNa{#MS{;jk$Jor|xPr9VO<41!1KJfCoq
z>bwEMXR8E_ihENg1`kl+$6!hh0xH-!^4{{0XP29Asi2Ige>bj9rKOsU>>?x0tCQ|5
zK`q=`ZfrD!+r9pfLiz6vWv*0Iy}e&wEP>>e#bERecf`YoRGB?$^c=2@;YVr+3S6mc
zEuR=84!;;?3;!uh6vkRZri!3Br4wvOGOr<IZCYW2xw*MJl6$gXR3_)37!TAmYvNa~
zvHmCH+?sS=Mm|R!(MB&6w_|<LVcDmyt?&)poGjO?eh)z-kb0w1b3-J_{9cGc4StKg
z#uShfIbc{>ec*9JSX|O$#^ChVQueQS;di>p*Oo2{GVb)xUyrx!IIUR=P-P9VILq`G
zr4sGFd7lMO`-&O*3arc@J%;#?<WvMGJIDa<EX(ds$&}@nkdaZ&3<vs;fNe7VQdnR@
zvB9}SY&A)EO~KQ;r$-!+BL<3%Ti?iKd?{~9FAdtW3<V{0mhSp`ks|Q3Gjq}bL<lNb
zv79X2Px{lA^l+!<<{4t7c&POIZG5yyWiM5g4}j)P$+pM~Fz4#uF2_iJ_h^2w_r?NK
zZn<3uRe*jMVgGnlSxFkJ5W~YGV=N<5#zbhsahjHyJ~TW$de7K<;&Q0}O1bOV_XejL
z_@-zKSJB5OYfE-*(M$fxRk&GZ2Y9S}F4zaJs?c|~9hE6}Gm9q)K2Dwys*P1d;&ZmX
zrY9a5KD#6h#1<nCKq0Ad+<JPeA!<mxaXu3jScbxv?qheqSE4R1E)M-`4T5ex+E)LH
zzy4#su*K$%^9f}G13^$sPYXNu5W^zh*Pj(lU<mhxx*F0@&m<UCSY-E$)aS|=G=`M~
zF$BHtZ!fJPSv$fCNd|>=ENTtfee~O36ye3!dM|OR;nCAj<ESTF)dQB1`zof+13tyP
zBcr+Uhz%yXC7onVtI%HI-xh12p+BGy6r(ISs9ZMvZA&BvWHuWCeqd1ia59f*9S0hz
z^A69<SM{i2)HF~3siJ_K;q#<Nr1ll2{EPSns`#|%lY5u+2jTN+L<w6^eoHM}W4z$u
zQ<av0l_x)H0$y-Uu1hKJKP(1^;sbUk8x!xjQf<a|!w*IC`Fr9%7FL^PFxse2*k6k-
zbcg@@5;Zv_T_&CVTXTXTG?*V>;Ro1g#H#m<pUSp*z2Fr@Da5FFo%hs8m-(0;yYiEf
z?N$8UMt5%k&E0^N2t_fH4Fkv)Xkb5Xa+OW`7|rU@c5-W0bjt`Aur%JV0pf2Up!)wo
zgsKNptRKR|54Vnd3gX2|9RTdA+agKV+mZ+JAkh*qJe9atTW-Gje_SXAKpddWc@K!S
zpbZ^C%vWbQ)eCa=*UXo|GC~K9?DPpOEiH(|Q<EwVxum>tBm}%AfZ0n%PHz8j&N1;5
zxFv&%SX1;%LOvIOV?-QtY(z+ki4o)c&7@NNXnQ%rwGa5cv6t%TZpX`jxwGRdoDsw?
zYG7~_7xm2D)f0dKj}Z`Vt~SuQ1Fd66fF?+Q8SwZT;z8rCwWURmFt3{!FqU{3V#y(t
z9PNiiZWx};Z??*k54R$j)d_ux!-BwQm;WMu!(nlhn*4V=j^`!Y#cHRcCD6L*;rdC8
zX!3t?A9QkU47XxG{66n8i}BdJtGYn*gNWJwn~?$FeDz;Tk_kQ&*{0^CF2cNiXPHBm
zx!3pCXSbN>B-Yx&{WkyLon5I?+NaCOqdcGM;=<J?ep5^?3%yyG3U<s*G+8=c{^oJw
z_7gqN_pbQ6VS+wEW3Af~{>4hL9AI<)2dD%>4R3wD^FUMAsJp`*TiwAHh^%CkjKS}L
zc)^iY-CvvanYk(P_}gc@DWy-#f~e?u2<(VAmNzIv)8>YbQIK?^^~MiOg82W%O$P!D
zoOg$v^!QvhyL~3PzPDNZ@okb#cjbXmUmmBo#kw7(zmy9&JK~xn5wtozHWloTxY#ud
zjX-_!G(1R_JMJ0obAoAfQwCAa1Pk{d1OESc+=UB5bRXY}lS{;>hJs2)ve)H*F=>1Q
z;~aTTMHZ?u22qSzr9aQehsOPd&>NhF@>#d|maf})oe4?|?)3bxOa+_2bl1J`yX*C-
zZ-UqJUBe55iaY@+_xmbB+RO1W#FB_*j<5Yuccg5iGyK2h>3cr!9h{KhFt1*T*d_*H
z{p;H*<f62->Rs%uwA_Don~ld9ebM@dS0jY&1MOv2OebkL``)g@j7J8^sl&GZ)vS^H
z-MsS5P(Ks3$$r|Z5+#_qv_I^`djVko!E<jpJ@sPR$SkB>mvWMUo`6J9cp@-kIYpz&
zJ*dY77)gssw?y_}XmBZnFcz0_6A`m_XjE+Fk@y%RHKNz-a^@vXz=>`?wlXL`LtmWz
zw1|=P0fdPEa7J)w{dT?qhbSMw(i^%fV5GLSe1|jHQo4^$YCWdOB&2e2pPo|EWp-b+
zIr%{rs-)^yd>N?4u;P$VBdmGwvMlrc%Pi<N3#pmT>dz`S_v<n#DWSOZHs%#8-_@k!
zH;johU!}Cq-jrPO`Ah`w(oh)t8=_;euo}>3v-9*1O%71g!EKSsM4<oj=4tV97qf+B
z_y4&!umO~REw!vm0tQ-gvgXf;XluKJ=5brQqYhGJoFAWEcz!*IJreqTcukM)`Gx7`
zm*!(%J)hqhWK0)2swalHdWpU#5gMOlFQhc2JZd?2LKt%)yBN`BsEcam0nQF?j+o@0
zS`0o&d37IvjK#*aaQ7IqWQBAcQu*kx4)%ga=6sk_<SIQ&Z)K-v|KSbz1M%51cI4{l
z_14TgbubvncK~qX0C(TY%q#Mp`u$p{*HGBId)F)f(sjcqjr-Epy3${#L)bHlHB|&g
zk!Jq0k!FxZQ%&b-)%c4jjU8kBiV_8Mmfq2Wkagw4W6mWnz{m7I;QG2(mBXvc@Xp4)
z7~S7PyTyy^Bv{r1?VlSFw<d=K(pmGGYwoEIE+>C0rjCK8wwCwaFO9k0cdv(n&B~ck
zJWO{7>8PKhPzg9&NSE+woE#w5t;KGv+a`*}5V;16@ci8(xe1yuQ$^2WOPB5Q8Y)5W
z-4oA;7yOIa$T8HOo(n5VKdhHiwI}12R)ggJ#s34;hUTC9Q(TJi_iJvuq>%~5?QBe|
zLiZ;ulM#F~(4SY=&Bu24*F25zZLJrgo!!2Pmk0h3DSub%8j-ZY;5`$dr4sZ+Y>yDs
zQ^%d8i-F?<<R_?!?ScEl81>rX(8-PbMPKQTp(T&F305oWe|A5N+%X=CT~5?yDOGMB
zpX#gRcXs*96*V^MZm5a={uMJ9MWYxgm8jK0UDd}19~@a%>-<>K2Nnz}KTdaL4;fAC
zq>}7JTItMmT2Z1|nfH}#rN}9nooO1$xCqowSwF1=Ek6B+PzMt--E9=yd+a1nosFDd
zQ`7kzUYJH3^8-$v;q7Jh7~xwQ(Y=<NDvh_Ij@dTt96T@RmfTFWO{1$8_s){)T!VN(
zF{G(fbsK(nu{wJ;x#~(~x6jp5Fl@b7z0{X!<P7*+l4=p&nRnOM$ei=p_UDe6wfO%8
zl!;R*ZIhq3t9g1*{XIxudrkzdq+#3A`1Ji11O!kjY5IEO86M?Z+qDvfTX>P2S;|~e
znV`@osC#orISl0cZ=bw_CT{x4S-Xbz3@zC`{vo5difeb?sV9&w@IpI{5np7Ml3cXw
zX*<cShzJ598Dyo6+|%haSf-+th>>UXPNRy%I7vlp;LU16pf*rb8K%YKacokC&P`L@
zYEUch|BDe5FFE+omkFA%?2eizblh%+morIPukUreFCuDnmUovN@^KSeSahYb^(jh=
z!B4;!!l*C*zA&N-G%Y8YFL;2NDE76N0rMq#kOEUFX+Paa7{OFGiSz!nua(yky!kOL
zeQCb|?({vSXa14T>{mT?F=qw6sL0_6X;G0`o^Mcz={Nt{A4B92c(fnwH5+I5iw^mX
zzMlD;mf{VdJ!mgR{NR5-a7JCKjl*P!Jvku8BK}Ljq(ee`O>=&8e|2F|U>C`GY1h77
zP)qjh2{~l?!~Z__k$^|b?Rpu6x}1Z)Ou#c|=L2EeZhAE9UI*-s_O8%!^L!fF=}a8B
zG5`F;>Qd{CJ7~`_oooh!t9Vud&I<7#VHGh^n_>aQF>phe3;->Ue%rN=5ktIw5RyO1
z9W2vOM!ejbqzM=RG*Ny8ru~KnYxqqEaG5`H?B~w*&qKRw6+w?{^SPVDB}~-?V~v0e
zhTA8Jij3^^RZD~CEAWdyQf)C}qINmJKz7G7_$C0m{vUZ(Hd=&XKDanP3iHvwuiM8w
z1^zBc0In-c<^{|A!h#C@HWDmB)JE?PZAJvY_#^I~h66<RJ11__xlu6+uZ~R44+c^<
ztn%QVjQ@R4ym2ip-+I=NB_j!*WAIxlH((<HI4?Re7m|&O@_*e|Rh>(D)oFDwW_OpM
zWVcC0cDBiMe>BjF#TC7M+ARO(M|75;V7bd~3&56b85Ur!Q%miJ!onXozY+aR;fx^R
zFfljzxJJc_@<scWgQ`rct+cpUhESF{4EJWJX6@5EK<NSMvh~+fRIYg3dkzQ9*Sl#!
zL5m=#`Oiy8qRsXDWRNNt{zs~o-O_S%Ec~G?GHxI&K)i5z)Vmr0$7f#GWdQQ@xmpVZ
zyap>%U2{Nbf^rb>TYRry_3{%?N;weJA)?jAdW(v8?0dMVZaWW0<^M=ghp0`7FdtW<
zx=n5<iyZ*|Jli`1mXGjjjJb@t*C?ouA+Q|(8}a|%O^waMq$w{C&w_;tqhuP6<e(DP
z)3_LP5`J#C@z=NOA)%qQUWa6yRBu4JbF|W0f|>%?>RO7Wfm#w9R|71-lVBXPBg}S<
zw(NZ?<2B$y^u@sT)s0zGy!haximG1Vz#|>_g(z)sXQIet5ExYm)_hh=!x0-?yno_2
zjYFMU2TLTQsT=LrM3C=>aH@?YY&$3=2LA{JVe3hiz144eT`DP^*1tweUVh}`W8>;K
zBTg-*c^u=OeKN)~HEWA7y#5lrIa}TOL8GCXAKLx#mYo>Dv-BbL73paIc)-3<*hYV>
zwl>_x?QfJH$a#&?Rh@na01iMSyZ~Mrl#5!;f87$RMGmF{jE5A|9~*Z4)oxyrl#^a7
zU^wwHn^iXxi^`AAzxN98+6aj=Mi(xxB_@N+qnpcRL@2N}4K5b`co!<Atpij?Clt1?
zshOGQc6D#IhtqqO1`TLN!sFJI21f;X+{QbAY$|o77U>9|*7~1IW|E#w1d67RFvPyX
ze`9Il^Y8c2u=7HiOVL@L*iX;m*VUE$&eY&g;|acLjU}o*gP2EkV`Jm~T-iS0zD<^V
zjTcBx!vBj{2HtuAdVl7Kl5XgNa{u8{J&@@QOoFn8&;69b1!>>~_O*TCA>$$qrv6cJ
zAUX>!g1U;n#jx|um4olSgH}|F@(wW8Qi&)oYl&^nGN?Drl}mnml)5m_rp{)9-3u5S
z6IzhXPRC!Tjs=P-ph>t1cuL{n;YFpTUn#V|6w}4**)%80f+D|LN=^i!7Rri**bg)h
zd64ls3$4;-t9l$U92|dL(1)>r=go6je2>OzievlU-~nS$+;XcY7ih`4=o7gvJ~EGH
zCDH>$9e{cK$#MUXvM3vVtUqzwTz8{oVya@&8ZU5Vmg_R~(x66++SoeX8WOra!&DIN
z_nUgY_kIdDpI2awo5ZBbN&6E}yMT2M(-);FMq&Qm3d`z8Qey2-=1tGh%ShdNRHEQv
z=v})9W~(IPZdvevSUQqL5BoT)p7p*t=xSu<)m>&CQb~VBtt`(mDeZk}#bHZCX@55}
zCFcRN3LrfLZz<6g^rc|>6(Z8e(G`&r>?ILaZV1hzaioK}`r{f)RdiyR1d{x)gF6qd
zGrWmgnE6eAH2L@fJp)5rQ6jN-7XY9FnQMws{w96Mi9c2f2X*dzvnw-QooU|%?aP;1
zZyg+d0*R*+TJ#Bw4Fi~jq2tu|s*y)9z&U$d`y5E6K-Yst#wxT)T(bP@7l>g4CSZUM
zM?5VL5A8O$?EQIn2S_-Xnhf|A-+)NRh?rX828%wzgN%(pY2|Hz`s+Y<Aa!i@bT@^t
zoC9{v{EYq>C1uWPgt+N><$C{n8?7S&Pa0HrP{>D-z8j#3^ZUZ8^ZFwsV);q}*ynZa
zwwm%`Vx~%rNAcKyZ0CH<{2pvLdz!T~FreZLNU{K%P?Bn(vrs{@|2^A#UfJ(K>0EY9
zE<b<($03*9>Cr%o2UA1>*ykHYog%6ihkuwWX1xro<*Cg8!(2xpk0cy|bKVSM?ASj0
zWXk>3UTXcjx@_Mndf;NV{+`$5SE-~mqAloVse*?EOA)7FCK^yQ2HXwHiHRL4e1zDw
zpPS=$R)H26Al&|SKy}Y~!(@RTCVRbz(vyac#I)Ur!*0JPDe)hjX-<&xd0vEZ9)x8*
zdrkdJ7I0O`I|&?KGAkO60=R2@Ltbv2j5(3GS}H-ScXMm&?wr}1g4OwaZw5xoVTG@f
zMp2lR@^uX^y#vGWW+o@tB=7Y?ViqGVFB8(=iJnEXGRPhgtFCcs)9}u-(wH?u)gSEE
zl;qoo>2mPm?t!hHiJnTENXbbhu{wqrCT3auHbT}$4FuUlal%a8*F$8GtFU*-7rirv
zzKovDL}7bQpJHDFHY=~sO#{lq3*Sb}!|5Vb*8GXvg`S@(8X6bDtMh;-wQpEL{h<sd
z?TLy_Z9a2<yG)1Ac|d+XU%P=MX-HWRm`gNT{CqR2PmfjIXjvV>5~rJI@O)t5C;P`K
z@=>?FVURnJbURm+LX26Ba)<r?uq(!yO@MAUch2nUQ1-Wg%<d1K@Hlk=FFbyCm9My=
z>W0Wbc`J!>>AXBQiA$DSUv&JFH>U9{Z4;cQd(8>+-{9adD{$uN0g~uvHH?PZlb$L6
zWn<o98EmQYC-ru#@xrf>Xe3Yj9rLtotJn(hG=wv5dLz_lV*N)G1@(P33F1rERiDOJ
z0q_y5G}(f=%8b<=y+m<R+VO5)6M59<(ow`lK)`r)(C}4)gG<GQl|D4O3RfnS95S!$
zdQ{`zO`(u0gw+3AQoJ;-+4VT$&P~lmE)0dUNvN6I0EkUt{Mm?D`%`z{4$o81<V0e`
z=DTl{<tLhm&3|57QQ2D5SMyYRHS+#7TE@&wG&;Wxp5lqvcP1hqH!L4*)2FJPo4*0+
z6$<L(Aqu&R*^E`2^<(|L|DHEHc&}7uJti^VEeglHO`noV@|x`nP*eGx242`W68opt
z2ZWa(NbA=7;F7e#=%d~T%s-VWO<iV`v7jWhKjdX)dl+`$P2<<s$z}ql&0|^mGs|0K
zRNAIBd_9v@X&woT0Un%8>T`LzdU2YA$p;Va&!okK)hdv*3txT<&>l}wFBes*u!8zD
zWWnCumC=(M+N!LH`?-MqeqI^-PKV%ds~rIds`%imm}6SctQu|=1nyWwL`5_dlm<<0
zT0S~fqZY3fB2wlBES}lT+xK`jPQES<E$r+_5SM+Zj)Fp+mkWbo`_l+&qFV-3;ut6f
z1^SN|>4(m$__?%aKo?`moh2PJ+ilo46~yp_(z+X@gTh39kTRrLxPK=#dQMTfDb#87
zQD}*qabti6k3l#&C3LzWWf)|CU~7`{<qo<JNJ2-)LPr4RA?A&{1EcUz&VMR%Ot@nC
zn?_<?cg&Wp8Z$Xr&%o<NEGXrJg90C4$f~y7Fa4DZUEd<FzX;0t1RHx!hY@h@kwCd*
z1ZO<ePJaNWfJ%IPGOMdgA!p{4QZ5698;0-ossCiM6n?+o3^<x$q&cbq2MWG2+UTl)
z2wXX<45_4z!<zqj)K?NzAHp0Q93_4S=;{gM<T3|>OgdOlYj*Gz{;PkbA6?>z1JBkc
zTnENm!1h2vzhd_{Z6B?yr&XV9=aT~z9gfa};v5<x&)kQ6z40R{6V;!;<eSz3DkbW&
z+QW!iXPMP%XEO_lwRIjDc7|kJzX-;u9X%ihcLNls)HXV_{U8q8on6`CpfOlr0i4nf
zxBJ+0&r|#PyL@}wOtjt?)ptFLn?H5%X}gb_e3qNq@AAd~r2a}eBBwa;OL|*e0*Xk^
zb#>^*<7+x99&hNW-%G!(-%bTv`<k6UKjma>72k%31h|oo7IK#tV{D$p1?Kn@9n-<z
ztykX>&Fl;;>`EVt7^L4oKX8H=O@fH~1S!6jRSqF6&i$_ngcnHBYSYiYrn*F-yd?2X
zKnW+stw&&MYV#Y8{_`%9Vq=$q!X2v1IBwm8r;a)Ng*QZGmAuCQZt+vo<*^inREB(h
zHg(utg&<wQww7)IQS+roz#FXJzkl!C@Og9HL!I|?SuOCLFGDPxnB21();KmFR>NfU
zJm=_5CKNKNLW1KKW}QVf({UY0cM->8TwqEeT@_F3L>RvoJvrpX@iO|;PY;}l0MVni
zpqdMM3AE=w!f<{&@_$6pBVs;n678k{6+ZO2bU|OJ4>pk^H&k2c6!eyFk3GA<Ibt7H
zf<e(ijE|p%=3Z1i_`dzBR7jG;!!iENM8;VKFVL&|e6~BICOdV)V6cWHqTtc~`m1L1
z8ZrkVR|kg{ewQ6UqSm&0sr-x8Jc2#|_MY^$4*F}Yc&nYEgR@k$va*r|liG(DWc~kr
zOXA7^Q*;6JTz7PHvqy-E5`7rUvZ9<x$|B-BT-iVR!?Y(SRicGG=D=DSw7fK6Vb6&&
z5Qq;|=X0VV9ujBEW;qvlx4=G?FF!KOUj?eFxT(0t2vVUHAUakewG=2F1seWSOt=8~
z01TxF!EfJdwpX!++VyxT-6m_T>jEXxVqPtzE>zbTdl=UUsvyj>Rpu0P*}}QF9bAC2
zqwZ#i+2Q^7?>#SX08Pc=ec^+sjpq~_=isddNOR|*c=^7+3uH|rVTP*P^RMB(i9T1^
z<|RtZkWb|X)UnU+F{k&++k0P<wvC6>zUEYWK>vmHJF_6+sPY%Z(Lxl#oM9k+$dpS(
zr1HMd26Wc8iHx8f@%KzB^xgkteK4iMt{m^--+6hn*%kx>-sDbX7Gmg~fs&DtL~rEY
z3St2fvcuxi@W==%3d(Ckv>qQosL9SI8_u)(xS%enyyKaR*X}k!R)l>gA?D?<Kg-x>
z!-`Px3qXn}m&CvrgG|s1C~W6_Uky~&DR4};;s(4?tAGdCTPlEn&n_x07+hUdFkDP+
zs|335ZY_7(WHRdV^CcuWc{Kr0ab`I+?$m#>rbOx#vxS4#;nCAmhJUisocIX^0Dk&F
z`AhX-%60+^>~L!hUjdKlpau@Z67G*3-@l{<Ct|f*<~-e=2<?uON_rGlF|`*-esF<=
z#8(k$%8wRUq$;AYwP|!eN5y6T2){wlz}^W4Sy2HMiBcNA*gkL_IC^Ro0Ui43_Unhd
zD7g^_;EqyL*MMY`n`=+;Jzy(FY}3q9o5$gkwj)`8D&h{z&Cma_z0KwH5^(eWWDvEg
zxux0AU`Q`dE=1_FWe(5^@2r7_$Fu`TtC*hFgUX!D{^R}niNBQUM{46|<Sf!dV$66x
zNpErV<^VetM&)fR2QC_g@asLxeo3UX&6hPW3#=LFy>X*pi3k}aEkVeW8Ra<)rOHMt
ztf@Hz%KDp&t$|X8ZpJrf*=q^AZyGhVc~(|^J3qcEaP0uNhw~#?BZQ3{l3;Cx8#jm6
zRFoHKH}@9Ua(RG`RdC$Pt#38Uo`%Y|W_O)@u^00ziK2gKL!kcx`XKUwp*kv)U%)x!
z1FMIDK1#U{)&T*|Z}GR*hfy)+#;l*;V9nn2{dT95qbl0o>$+FtI%Pu`3epJ#eeORk
z7JVscX(V*R#Q1oR;X7o)tgLDvRbgah6=|IVrT*Vfi%ILLqr30BghyVTN7#<aa98Fl
z5*!lElkblB);doqZ5ZhBU{FAEIXlk|CG&C60hLc@={)ZAz!2Zw*LT-~$*o;W`;_gU
z$ZVsML;ri}{-L2X3=Fd4<zv8*0|G2Cd<`yv4Gf6{u-;eLgHWr)L%;97w~j>AD|1IL
zI+<vGEY*I|{!wlD{*)PhjQ=X~*Dr*(4HpaPF~D-K6g}41OT4xuBM?(V)-S;3qC<C5
zhme+D=EPbdx0GVyxKU!TxSAZ8{b2uJ&8T-|5Lr8cJ<rPG<DNio<`)82)+@K|KUVIC
zetSxJkE)ZU6?t8V%%*K0mu$17Tz$O%1{~>hLN2PcTDB>sQS;4l1y=cf(X*QRL77Kp
z1LP(brL=Wf%pvp<5{Rfltc?Q(f3PxV`+v2deuxd?=y}fXJGqyuN<mh5AS(-bQpc$+
ze$#CGE@PPWzer}Uce9Vn`PJ$_uT^u_Nwby_?+aGNxRHiZ4sT{^NQTEHRaa4_1UmKC
zzB7e&r=9H$nZk=f+YSLV=K4q0sv<(0IbW0X0c=k1r(b<!!i!et1FFf4$d#*iKf;Ab
zX?-wv3&?T@lM8fad7*~g2Q4?J31E9*5_C!}yaUJyA`GEYMs$6_$U*7O><81plRUt6
z(wlW~m<t%#_#^rKt{h2PesQ&C6?u#t-9$?F+C$)Wa38VUiO=3$W>lUrW3&anUOiVX
zhBNE=C>iin!|b~8XfgYsuzXt@+&D(k&u=wEVyLF;NHbXONo{uGk>@LA@_}>a%eoDa
zZeI==EFLHa($^q;cXaXmT0pX|oMf_T^;{{d#J4@O0TcV29I{BKx!n_pQt^51JjCt{
zNf*f~Y%A~XWs0-4e*5P=GF9xx6j5lq$xsBZ6jE~2OsQ&gBbh~zw>KlK(JR&Ql&hjj
z=U`YP)~D`92YG(3f2oaONLJv6jJ4JuyN6J=vTr%{>!{3R4t#)AO6I4Ra1%*+i&!aC
zHnX^Yy7a`PZHm7CS7#NU>X!}p!bS`JeEL(ThO(_!I)goP7y4JL*Qa-`tSU$Q1C6+J
zX)Q9tHBt+IdgFP`hECaswGgD|qQDbOV7j^H;N|D>SE~u$*%&s*9I_Q?6+Ou!=rigA
zIL$v#NpQ<j7Q2gAY>yo;_OfllkPb~N!$RW|^0)SKctZBYrEU!gOqNr_Fk-lL16!tZ
z5PJdC@~+h9R%HDmui!Wo*&UG*C0K~)_*%uc#I`JUL-6o}&f`OkPG(?+6vZ*T<msr#
zx>v!>)UV-l-yqAn{EW6l3hhM1JNw`;7<$!aQX&mcZygyIj`WlOGvS)y^bO(exxz9I
z(y^WHn*H?{vRZ<f=`fL9Xb<zEfs{wOEvIO1DYS5AX<r-Zg0mC)yBF6ApJ26=8SfvU
z!B{63rE4_)#$g*jSBN70PISFUh$0m#D|1x2bXhxaetX%2OZobuZ!00;R!zgLekF96
z;7w4RI)KwEozO<SGEqf45p<1cv>$TSMTPWOo843|g_FP>-x%N)&la;c8*ax;_-oN)
z{9bjZHf74^RC8^85Yr5;m@_1W{}}V>1w*z^?(jNx%$Hf^X10>R^TMYn5J~6Rxj}G9
z?>>+J%@F29`=z~SGS7!!IW+Dw#g&PX-_c!Z-(vfy#;joPdV&(Om{v>+lYV{I%s>X2
zVqx;gPqZoz(_*%=wEcP>DSijJj~X@`OItnvg0TSbo#w5!@7wG$KC<Y{RU(nmFmZf6
z<U2%@=yNpM)m-;8&}X8GcF2cLwLV5&O=zN*Q~Fj)+t~wn1-3RBDCO0S<48@Cz}Ez-
ziJ&hDS<}V9GsJhE!?TRdiwX(;Tzp87(TWt!N`6bmD#{qo^t^ZV!*Hr!&unB|(f2fY
zVLj5&JjGNWY@2E)4I!FcJX%5(W<2WXS`WC+CfHR969k@|GrZ1ce@1Iv!NQ^QcrX3P
ziI}!zB~pHolCDoM({yYj<;DK=!N}g)KiCHhq};-;!%NDYA6y*b7@MrXu)PUs()E6N
zJR7!RP}*gdmS8wb#jbt}su$1lJq!0UmQ3E>%dLbT`F0Tz$(Zc9k@Xi=WggM2bJbkH
z#BiMK;2eFy&g;$iuIFIQOG58b`3)1CzW%t%PtX$W3cjy|&SxGATnvKMQik;i09DL(
zbBUyPMDLN5{Dkn^&9j~S*xcGGcleHnV)-YFj4owsDfRSrFXw(J;Bfp0^954$x~7`}
zPyfgj`qJq3oG){F9%m`JBiM<#;eCdyq=WYxH^9D4br(RswN=SqrE`bv{BOfG&sFO_
zxe*{2VcGoJH}mcGmJ(A-y-hPz_5;p~jXIxN@6M0ItK8e7SyT36&YWMi)n%q9xHfp$
zRDXc!iIFjH4654ueXZ1{n;zMOZaz_aA6>=y^&e^k06O{f&o|3)Np3ifKit`MEhpdX
z6-cR;-<l*sNAvdsUg4{Z&76}U+sNHkDEl9#8TJ-1pA#Sz0f3P~|HqEOcXi!oc8<Bj
zTV$zo?Y!Q5zknemouesBx#qH+2PZ8M=>OO{7;%sfk8AXTs@y|)BnH#}WpfAw?~e`J
zR`<`A4GM-lm+l9*7yQwg?oO|ES_!({ypA$#Jp~qg4ZR!|6d|N`Q|X<088f8`6@*<9
z*hr=f0S$5jUqtC5?8@ug_u3YstD+b8t5Yq^o?k4Wo{xprLEP$sw()4E44@j9CCL%=
z)}*RJF7dA>PueN~cv_h9Qbpskm!;W*LycJ`R@m4#r#->LScn{Q{=fJalln}HbIVuD
z!Nz-<suOVgx%KU>#XdhUNL|uh?}idl-#sA&jb;yR24>XCw+eMau1Q4gWM5tN^ojDL
zqe29NHfDsT1?^6oo*lb>{Fv;jh>uWtMUs^=HFYUY-CzCToV_Y&4|A4;ro7p(=CE`4
z>=U-n%CS~i9cidqsKu(3wsOlceVcQ5(zC58>HF#wG<x7pRKln=w_4Z5wh^n`)z%Q@
z+T!<62~MAlq;^pz2|qF%yLIG({80db25D_=@Eo5`3WZ%A8c->idE+RW<(2}H$bXzz
z00z4-yMFCE*l;1y%hA_Pk4%R^Lhr)sJYSizc*D4f$5~v)C>@Em!+acG-!k3p8OCuZ
zw(M;c9-t<}meYH-W0q2_djG!RAmk&0sFZWq^CZNDiS7er-y+{{+O~QEUvQOmb<+}z
zKBN3WKSvpyu`jBuhd=;u(d&pJVO}T>?ImL6U}~NgG{DoGmCh}#t0QCUQj~$Ya~z3@
ze<*theN#GWux8Dir+Pori04vj>}>2fjc2!z52Jnnc1~tHFnO$k{u3j_0X~YUfaSWJ
zv1)ryDXqUR_@dQ&rwUq1%KZCS$fp=vSnSOoJw5Ct{4v{XO-aAsOaH|vMLn2&ZkixA
z{p5e%kanbg!M&}gi~gV`bo-3(v(9rdGlc*BA7@GH30%Z;DqhQhy@HpEN$>6_Fw36&
zj~@`g+fhPD)kvGQ7tZ2_wwZz#|BcnE15}6i;Xi-$KTb=3eW-q{|AL)=ej)e&&p#J#
z@I}Q#w<ZgNde(rGGwkPWn!RuzM8CNsmioVb*VCPA*G@90D`4O?pbP;d4~J=|p_EPQ
zzj)N&DWpjv$o>0GzyF;-!it4I7TU^)xRu;`*B}cNBl+<Eiol9Zcm5n=2ZEQtHBd7B
z>EXh@{oeO02(X#%?><>S`VS5UyY9a-<Nv<H|4)GN=yJOpE-tQO66@BIU3*Wh1mTv^
z<<WA657bgv7*245pvLXzdN~lGQq>wjAY0oRzHMd$7;&ZHR<egJ4cmnP%w4Rpq<TwB
zmW}&wz;zpxZNCB6-Pkz8RMjenUz}bO)$<wvsceAdy*E>`NK*}LI?*qQalnuwaWNy{
za&dfdO#K}0j7>6}D42z{=sZ~k4l_x`*Ct_jn0%h;zX0(r`~J|`oT2Y+u-|gCt95J!
zB9TL9XXhA;iUwei0*eb5Wc}J->*+bO0Oj}&Y{sbB+0Q_yf1U+49m#x@$k*5R;7cr(
z{2~~OmUVu@NXf`(I~YgX|6YF!jO%05djhOSE1h;Hkua&k2)URT7!JDpkrzM3Tgj9?
zSWN>`+B}o~Mx)M;y7g}@rwB^aMd?8SkNy04rOz$&f+rSp;$7!|z$uUc;jk})u4Xvs
zTLV#7R(B*89-e)9l}gIDh;iv_Po+#r0CY53&5v!Y&(>JxqEP1CfUs^Y^H|PI=5{QV
zXA1Oea2TFk15-2LFHsaunf60sa6C^@QBf#g6=qTKR?gV?Wz&wWYZ&`iP<#Mm%VZ8~
zaFeyhR%~U!#<|JK@^o{6`{pOUE<Y6&jJ7?m$;QUk4&9^o^}X-!m%@(k(u}LMo>NGC
z1^B-0;v_dc=D>Jp!2b6s<ly4nkKx}dXfSl2wH889hHYf7TV*C~Wb{1%l`!h?WUV_<
zoLKOS^_EATJw?E$PrzSP`VHABApQN_DI|yF(=aj;Uj~zUTmu0$P#sB2Hv{K87}fWT
ztcGYz5dh1stG3$hK53jcT{{)@ZvkQf4EhpxcH-i&Y#Wx7Fla-=gYj>F7J~l2Rrh8l
zK#*Z$6RtMjoo-5FS6V3oTR#e~UtV@Op2AY9^+vL5*S%GcArn*6wBECyBWBkZhj4Ik
z?(XiaKLDnP2XwIA6a!IlaqPen?vGGeCPl!rZt?K=TO%8oyjEC9BNxL`wyi}Uw$R|P
z5l5?<O2QmIJ9sWLuwJTRt*-vr7Ca$0><K{=LK{8f#d2Y#K3(!rbM+kHZ%mV2(E(rS
z{j%^-LVgP)`uppqa3jA_;9dtacR4}M>Hg9X99^X`y5dn*{`xOeeO`sJS@Gm?r<8WJ
z(K0}#NhhZn=T$&26s+s35>&nppQ{1tjDGq2tL!R|^S$x$ahYY?MF78`At5bP7{d#i
z)_0D^#>Z2|ew{7TrB+P;cGgUrB4SA200eh94p%3}`0V!jB@&uXl>`we?Ipz0L3BcY
z^Cs8E;Af8JnEK0b`ogyR+@Ed>jZ2pvzQ0V5&xNeI!K1*sykcg&Hk$3-2w)U(puU5|
z;2H1L+LUl2Hf?M}FPN4S8WMuTsIz%|EM(mENxej4&89rxC%fA1r->fgD<s`*u%%Mi
zEiok4%kQw2i-*C__wPmp%AB7i3G4d0>TDLs9-DkQJ3GtGrNE75)hh;lN<qMHaM<Y0
z8kJ38YIWEM;4BjyhLkr;46<X<Omy7b+-z=|O~XO5Ibg8Ver8x_SXNdRz~EyH8!R5d
zcdzSlHLGeh13Ohf5FV@ob`=Hk6$y1NhdN2@kioc`8g_Rr#qS?|&UTc~tr*R?9o9d|
zbx{g(a5#gZN?L{;h_@}pqkx41eE17r%5>ndhnhXGd0Z1bW7R|P8kO0gB}iS>I%HBQ
zpWz{Xt~w;96TI{8uC5b#Q9_sZj%umM3sLS{gP);<<GEe$(ZR%>+0{Kt6lF%$9qY&Q
z`C1F7r;h*m9DcxNcYa2*+#ozY0Yz+68rDRn67uG$-<e}FCjpIzyR3bqg*{BombUrB
zTDQw+YsexEnbmU;GtkTGod#lzy9Jwol7MjQb(1@28iO{JyupAI==j+t>;G{G9tMm6
z?^;=NGoV>4^tgH^K-Tw4OhY3+q}s?-`qh)x1keyn#8sV<GV5qLon-&)1KlkEur>_$
zb2!|x1R?X|7VmAl^#OVcr|k`3EBNpCV`AeM-3!^5203?rgn6j!0TbLA!i7rao<2L3
zcLM|i6bF`oD{!j7Md9`OUVc^gK>=#EA;;^IA6r`r8Jwv2QML`o6(Fil=Gf~wxGy31
z=15OeTs#b;G;+`?^f{!s|BEVNd>Dl&D@-jJzuxZ<E4@F^0z~h?;J1N|WkNhxZc+Yp
zgIUlt46KeC_|rlP2*K01R!Siu-?4N78q_iYSb))=SY$<DGZ|wMdo=#g0&yW<%doF3
zr?AJEtHU7t4FLY@K_3;xuIz2$>tUMD3AxEV=OpV+^?g?ok*t@Hx4AZ8bS9t%$tfrZ
zf_^**tiTwR8oe`X;hm!+Sh^pNZov-t1IptuGvnT$O(_DF7>gtDQvUGa1I?q~>Pg7B
zOk&EDt*#XAYPoVx)yiFBPDa2KN&>)O88UG_zr2(b0MU4AYD)QjAeP#&{b;lEBUtt?
z;bnAdt+1a8IjleW0ttBN@WfP`Uc-o5C*mO_9PGCm+oifOq5B&UfN9{cXPLX4$?@=T
zwwo3xBh$YXVd3BeBxicin1c~1fbww+M(~J;h>Tm%AZ|=B0FRY8HjFPDcz!YD<m4>O
ztVWX`;1OR*8x;5t8+xB(4}MkK6jnIbU?{4du@Xl%Iy57umP^d^g`)T2_710T9Rs1U
z<V%{pYG6W&r>!~-7b;rae^B^RLzuG=Zq(93&Urfy4kz$Ja=?OKo7wU;7Ck-|gKKXX
zK6k6poJh)du`>CJ?(E7|r6A64yb-lsb-Im?Ta$URU}F_#2hM|d5@LokS8L@2jH>;I
z(*>67TdBy#V0;g@djSXrgXj6MUw_IdA3{`&;d-rG{TyyHHPyC7PEcXqiGO5t)oioZ
z?^CcMz3(pIcrh##ZEc9z9sg?iwt*c3mK`EG2~3uqG;?X0<P9uVU{DKMFYtl>%M0Zz
zm!&A)V<K|M#_er%dyCw42D~?SQA5KO=uNlZHzcv;=a@ABK#}*=U&hRJmo&)k58uj2
z1?@fG&7x7S2Mi&Yz7gO(T2HBru`9?rJ7X)cN(mgl=wOHboKL{fDND2lpm!qjuWb8L
zG%DlgKurN_=WZGL1Z%${m)V~^=NK;J4M*h&@|k%MegfQlU-3N^hIz6~%YUQ-GWLy$
zL<^N7q&noL)k35<U&*4(ZT0kkBDmLkT@!f3>b@7a2c9Kr++JDgb<2R%0#i()3b32a
zn`tcou0f7mT-Ygqp9sOJ3Y3x@z(MyWu?YxgHdg_%?>-Tu;JE?(Xhginl|aHE{-YF=
z+J2tkshIT{@SkDvunX-{_N9GhTLt;`17>Q2IY6*`DdE1m0<>mgw#qg(HYmv!w@uEI
zJnT_D#!Ff3wGoN9wJPZ3%`{53R1{uO>K0Du4oyp39&wGeAfFK|LML`y*#3!|K|SMJ
z;O691bH|AvOg3;wJFeN62)2V|cWrG_QWDryK-%78PCIq-Ea}6hax|+~;w$5aqw%ay
z`d@io*wpHY<|2`^fY>8__{sI)*wcz;+C+<p8)QrjS`J7UaIB`oU@uGyC;@LD0wEuM
z7Ycl*<tGS$$oeHkpP7dTn8YN(6<FN#+>zqq24ZV|t~tJtE+(3uU0o$D;ONVlsT=_g
z<SZ(8eqwv2V}2;Wxm%LFpBIcq8cF40BO?>hr;2(B(#dZP4psT{a7y*yKrG7Ju-b7G
zeq{M<rcQ*;Xw_H<2?=Q;@EC$PZm0BNE1M`TU(f>cfFQX<TW?y1%6P0Vd+YNJumQdS
z6EG{XfLVHUr*j#BJ}v&&HeQGIuNU|JsAN`%ApfWUeuqSMM4`;y(_3fW(p)4wjSU(a
zb7wl2-M;#9o2^HPUbDRz%Cc*OjBWiuXz8&tlWBfee2YfxbalQA@AcBB-dD&gP~#Ty
z>>b#jt(;6~8NgQ#0RdqrhwW(_{eBKf7mErffF`}UJDw@9qCAWjG-&`6jS19Aha*H(
z2(OA7YHHMG5PKQG;Q&Zg<!9?)_G*bB^6tc%^(`=ykd>2)ihl1cxA>?8mdK(I*8wj#
zJX&H-TvQXSg#Eel9HLqrV3Q750NQmnMPUwl4jq#dxsyoIhuM+iaI=r)vj`A>SIVEe
zgF_SMlu>m^gwL6@F_=vW|B#9u3($h(n)J%Kd~$)E1GFMPeS^dV&#(3Id1P3a(s>_6
z*aR1I^6d!MY80Vj6eA}U0$)KJeT4ocz{AsAb|DS{yr!ZkfQJb1(0P0UMkP*63_&S`
z>G5+CvT8gR&pFAYX6v`PDBkBz%XWr8HaDdzu$Pe2?7bP_!8ueIIRv`H4LIC_<gm&E
zh_ZG!`532OpGx`Y8FqDd6C2jHS<f-m>IDlMiJMJ=ECKcMhmp1x+3AY{P8rE|ZetoH
zG6)Fb)hHqc1_rNRzrRBu)s{r+<yd@z5YWSsw{Q-Q-}U3;jJP<nCu{?<r6{g1vmV9y
zam4uZdIz>nuR3687=xU};lfnxO<(>5*Di30?~5d5M)hysgZv6%|5$1X($yKOG!APG
zX=%TDO=O~Lz-^UCt2O4UIsE-=yRz8_$mqZrguW_`as$SK#|PM2lDNW@=fWvQbK`m=
z>)9Gr+SJpLLIzDvNXVa?AM4K*PkfFMHtT)?+&G@QV*r+<mNhvf7TLG)WT^U>=sgRa
zip#oitF+1b3Q>7aGda3p!=<$(S}a6|G5%$WzPB>X0{>T&$~RV`jLy?_saM-4_gf1S
z$8OF9vE%)kFC7uD)<>n1w8vv4*<gj>Z>xk+U^K2Vkq5l#y9J@+<0HCYp@<<?RaL1y
z>3FdE8P(yLeOTNGU>mL0M@KV}LA0R2J05T&S4&D>;;@)Bl!rhXs5)^$Rdcojo5ui3
zK~w==q}~xgXNt%TuPX7ldgXSS3y4=-PV<0j%Lj%m03q4cLAEf_oVa2>*_t1L({tKx
z7Zx$y*97Lk*ME|`-|ord^~@(v5;NBw5TNn_;UDEU8mfYkkU%7v<ObXT&a>W$n3&FJ
z*m@)<lwFN(j!FPNKwPu>gkN+&iN#eUm>A9|J}wm`5Uy+Zz%Z(0{@RiTlafm()3}5K
zf*!4n(%ibABS*MZ2TT^;9b_PbVF{w!dR-E9HXqP;I!e+ThfUh^dY>Sx;Db@hlz@%I
ztSQJR=oC<7)i_@TmBJLX2rWh5%48qNDKJcZg=L{7*<mg^FY<JvJg06Ns+Qyt(8Du}
zh%)j8_|{`%VzPmn_xtznfPVO0hhZZxrb-VUi%HhOM$5t?W*P*xhY3ESY5r~6Cv!iw
zMZD>S6%<CzGrWHs1GT_FOeiih!58EZtbM0t?9^H+xx^Qty&{zsecmWTpQ$k`tw530
zgCv<^L@mqmt&s|aF?b9wNB*6(Aw2`GEZ0{Y2P$BK4N<k4*^wD|ahl_wq9s7)2u5uE
ziElSd0yn>sJn6JtfCVnzL8>b4?pHr^W*Y2_qk+5fHR;tf%avn&9Y$0~;$f@Dije@<
zkObT<+VLc_++jV7VPKzeeRhP6hxcM49{YTiI&YH3v;Pg~HUyBgeJl##eqzQWHi)83
zh`&pwf&fm1J?+a(G7pHVhzRiCUt>Rm*UAA2U}<=$XdTG4_W)H?&0wUNg02`gsRVjO
zL3yYmz>5V~^C1!)Diu3`<VCAD+y9IUu4of@)K_9QSv>1=rlqGBRb-`Obp(s&RD}%~
zf5|yEt<&fw6KAl{x}8#-U$8%RUm-n7=ReFIW6ss8#e%=3vbKP*%z!};f+fqM87S6S
zJLb3nEYMc*?`*x?qhz5`MFDxTlVjQaEzlHTqdDYA$T&Wpu9CSgASOuY;yJyl)J72(
zz*;N!cE3?_Fgqvb(6wNOJd%tTM5qi&K|X{huhbdmp4D~+0;|L~W@Z-1UviE<v)Px%
zWWDa@eFze39~@e-H_>BE1f3lf+<nmZSqrEYc81L^@++mJcz86f&eD{?ye^kfx1gb+
zAuHf<(lk^m$@H7#s?5Vca~&OmI^5Z}12L3)%JKrK`qT=k^W#m()71R@dV4>v^r(&a
z^O^LUYVz}Yf4Zx89DSI52X$j;JIRz&GXPI$F{L*-CqwsMqFc(gidYBU_M^#Pp@(Ju
z5siF%IYx9JjN@3#slvHC*gZ;p?33szRJ8+k`SvI^{q!p4<-UGR&8vmoAN~U`E|ol*
z;<IlVaE^J9oc(qe#BI;+he>c~>7~;5aO3(bw3dqc!%+9y*>wr646i~!^{(4L%%7cZ
zAxgSpcQ79oMp`Q<p9Yk~NGJo#T&y`HZB~CBjc=ah;7Ra~kWW+s%8JpHVgHcm2ZiIc
zkCT&=0GS7)TsZjHoxm^^t#VM%wCmskO3(zD2|xzsLAIXNGaKVBHk~&E@dMzA*FpEo
zD;czNB*-DKtWUo}&wXef_yypBvfg8}KROswNF2e8%}hh7;c1$Y3ZK}Zo>=tB0*kMi
z*{3?+ot+HZ>8UX$6jQ)Ex(2%3#gEQ<{N6>(@<w6&h6@%S0xsenreM&r*=VCQaSzsj
zMFG%?&0hR&zd#R#A@=cY%fgN_-TLA!f^1+_X=C4#GVr*M4*w~8DLMEWJLb_MX7Lh)
zU?DW*vwMmH`^-{}lADff{+b=U6ATq;?<jGH+p|1=W2?gIajv0GKSW~R0p+)0tizA5
z45HK11$}PZx^<8(qrhNF>+aD^!L_xuDqag0c0mnc-`FY!4?xqtVn81QC7f<ka@!KS
zf13uL*c86cwMsD^S90SQ^&EOiM@L60`Q)#canIc;{yukbi%IT(ZnKI)MVAA!w&`X<
zhXt3@ZVgMD>r&gO{1|849t=@{4{crV;%WT(>$MhxaoI94a3iVW{CG41-Y$l)79sB3
zxV(xzFn;O2KF4;VmIx=JRZOL&QSA{-4M0I5Py6u!=&FG|hH^<m0|#pB5UH61RB8l_
zI604I&1)$|*$TUJi)-OC?DVMx=`is1?PmCrQ5K8%K%X6aN3(dKT`p{+zgPm3D#+oh
zjK_CFOr6JbEwsE=zMV`Z?9~gO|Mtf!i8pzXB3H*J^O`3@k;<ge3Yn9#9T~ddZ!GtY
z9I_Jvd^{^mGmBrcmahefO_N%`w4H~2RGUFit`0Q`4t~?;lN<!aY2aNWiph}A^<jO+
ztZ!0l`V=ebnY+?=&~Qb4Y$BAz3JD1@Sks!7v{hIz{8A23A?qq`_uKeaSV7KeLl{@3
zpiF!ktxaGHYojDj9(Xhm?aw)Z0lufBK15i`%F0kK=)Q40Sj~!s_lpb=@Yw>S``bZM
z{{H=YHgg+l-9M+qCR<%v)9q73lDfCcA+=GBuL|4QO7t$Xx!@b$4enBir@sSDxL9F#
z*OU<6tkZc?@L4H@6hihBW~@+=kyS4_a)QT|=B=RdHUgq$r@wwpP+3USVjaB1BhUIG
z0qZr2IXYI|8OxEKg5d>!j)@m_4SVQ)GWYfe5mW7g=0_{Or%S7`3U>*Q!BY4??7ekV
zm2KE3iis$QiXx4qBGM@-(o)h5(v39IC<01%BS?3bq=JNWcZeX;NW&)fT-$ix@B3zE
z%~~^OowL?iv;V_jKhK?4{KE7XJkJcsdE*2W2J2XKJ`C;4iQ42W+hPFAZrp$7D#Eb=
zL1J%%nTCv(2OnsUwW>r4VZHLYo4YY~;Q0yg^7Dp7_!RSWr&&Xb!J=$C^d4^l-}cSS
zdTUYv>_@mAlehZw>+>JNFLB>8)?1mDpmH1q;NdMgy~QFbsx{EWQ0FqIClG2d4dN%b
zvoS7uQNJm9;MPpKzw7&OuVd+%#X|RG*(7bTVpE!nZP{lP@9BU~h!5u+SZowIKv2;J
z_{x@$8MatWQi-A4mw?UkKA$g%UmJPWeMDa?@A|L=p<*Rj8Wvmv#k_=5g8H~kmK%tB
zwvO;G@uwHDfAl1^x(BTd8Mld?C5M^>l;MOJh@;P$*MJ~2l*uediv*rbRNI^B>r*}v
zbk8&(z}tc<LW+;d6J1^MCrwK64{aBqsLCj^rzkjh@kcBajDrX{u3q7FJzz8(Yw+M_
z);HpAxUFv3N*;oBw-W5j@h_W0=&Zr<>ZOjgbbOm|nmMGrIyyQt9!TD(S5iO6jFPgG
zmOf)#Uh!r!W|eGaAFs03la$1adXvp*BqAhqaCGFcJER<Q9;zwfIE6Yl;;u)wCi`vS
zEkD@ldUaxSg4oU4zOC*0axDEdl|<Bebo34ll`cSTrtrxXGc+9E*d|yPkneR?%2iC9
zFQzHBGiT`Z4+Gi8x7ACe(?YvNoI|Ihq%DBM!IquX;DG8Scm%zlD%#cy?nj21bg-(?
zj<Em-BK6roa-!nJUlobo1(mF0KF<I$a+yX{L4r)~BH?qTT~7C-nV?CVxN4-zj&`04
z`;Rg{$%|L7lfGrWrKB%%P`_#b9usB*B++Swmk9dn!cQy=6P*vv3zH7J;oSGD6#fuo
zDwyIvpKB?AB7UD(P^E@24Zp56nz|3L5|kN(B=!+`VC?2Dh5S(K%J<VV7~|13fHU~=
z{vQ94LZLFk*StG_#wE8+sti%5S9rnDy|pLKxXp7sO%xq-X)}z@_j@{t;Mo+G6?bcT
zmQKDce2h+fa&G$-^)M2uT+b)cQunfu-M(RheFEoJhkl|E0UwfkhXbUpd>q3aDNFcT
zo1frKy;3Nwsi#C#koyC0K8-hQ%F!+ie)kB8zqVlXoW3v`eQ<`uT!W*kO!2puM2LZy
zB<p>pV4V?DvxCQQsnUu!XugvX^5CPR8>)UL00Iu#D%f$3Lph@;F?5dS>pDld4k75J
z^Yg}2wI~_bJy{CTjMa&|@*r6m-Ah={s@L-M>z9~KFi=VU_|aP_*Uya;3m;EJ7Y8Ns
z`~5EE>Z8of$C?cn%GIj%zd+&Bo*4Hbs3+d{R1~}rlJWX=vehk`iNuK4)$et)*qt5E
z&5+*VFMYEN_AnF0dNui8p`kB%nta^sR-)GKiNq%x^zs2qiJ4{lQbvj@qz>G1()QQ{
zrq@n#-V-TYlqyEmOU9sHLZz!2a%L>#(~{ptzi@rXnJdlXQV9pyd5z;$RZt&Y^0Gr5
zKVD9b()CPeEByA<+uIw2pA{m7yj;PTtj2fzmCtc{diosSrXcZCoO$%T+vB3zXLz$Q
zabMn&6c_*Cep3DZBUDKq>3WYwlpGcX4*$|ETGDkZRtEuEbZ$=tyxkFGMaIfm;)&8e
zULixK)xAIx1Iv8ql*kYzHwEKxS16~F5wdPUp%1K)22jOye|ni%5MFvu7);M=lk$Tf
z8fO6km~W>z=>|SB^}x9kMX%|Xa(r@<ue9QQ<u;?Da3N7Ddliq)-6Up%%lAF~W(8ec
zYyAl=tQNg}e8{&!`J?!O;7cHmz4RAhWPDIS(^UY!^8=h4$p#^0l$81)s)a}`%*qmr
zyDBdm`}5~d$P2Q=@8Z^hidQF9q(+t1`)cf~-pTi3DZ4CV`g#|h8RO=etEt7Ady9ut
zyX{XoQc+QX_I4u&bP=t;390U+2>XLT8#xPCdruGc)vGPq__c0FdvHvpSroe&b;WsC
zG>b%MpWU4)GYOv;AhxpTM|xn+FD#@?F>*(d;NW<zrArxSXAHLYQX9LLd9inO+vjT(
z-jrT~BsmIcLqXotgxckI<*3~YTq&2lR{NFRs}I{};|q@!bdfHl$_s%<!HGy`X_kk<
z5f?6CVoYTc9^M&11Vy7L+kkN~Jo=W;m-qnmCc5lrvf}WdlT}$SuPmlprtPSXzv-=Z
zRq$&DBCFiDxnEDx?$z1_Qw-S(s=YV;ByL%N8!M@0rM%y_XIVbqr8J|wY*;qJ&)T_f
zkaRD$kL%+Ve~huhdf8i)0Rpm#KCheaPOu0CZ;J#0?fX7DZlJ8z#)0riB>#N6kz#&Z
zli118REdPSEth{pmq2sb6YAIdl|y=lh*D?sz4G!UPKyh&fznehc1-3$7uk5_hM%dk
zG0EZ9jV)`A+{B<gE|RSkX&JG2;d1(LbCW`Qc-&UoH7oy<i%Kwi-KRB+Ti00i4Q<|@
zOxWAYvX^-86|1xePpEV9R?<t3@%^NWg{rKe%<4*EJ;Exh2W%lzeIbMJ)T%x`V&%*H
z4YtNy?3`<Y{%~rw)9B^jvg#;8Wt*oBduwaQ>L@Fi6X5e0-)X_#-TVU4d9d3vy@x)S
zM55pi)dO119cv?%47h25`88Og(@GhEHqWv?LL4e{e9Xcpk%r03mG?kNH77Bo=v>XU
zmQ<rEP$5M1E_nVTzg?Wz+q@ETK4eH^Jd6xa<udPm>V>DY2GkxEh6vBHUQ^-Bv+|)K
zQp}tMRb*S<7Yu%bz*R4pM^A~1mt1ZPAx*oANM9t&<a>G{YaY0=D%Vv9;HrIQDj3Rq
z@3+oUMw5oX%a=fEsUCf#40iQLM-<y&VWp?)b5{KtjTdB(*(`p-QlJB6Ir_*?O#`?&
zK!OP)-Bsp4zOQj}v5Z%9gN)f<rxG1XQ|dtA-eTlb13frUG5zsve(zNi{&VPdB78aC
z{zeLbstwIPDgRoW>~SIg&7}c!)ymFGQNRIHtrl8DHhth?$@Aw+Gw==NeSq6=9z%zf
zPR>Voh<0AU`Au~5%7FgT^PvvyM3Xi1CFUQhJD1(?)t^#-eD{I!(`^Hb7sEZ-ibxNW
z!Up<?R65~!S#>|YAU!>7HT%9st3BZn+A}2jYBlN)^lmIy`&?aH085pIzMO%~6cPb7
z-c`B`?4BXEYydX-Oyrn^GEca9BQmn4pPO|jPpR3CZ>d+mCK;|Y0()NnblZqk!9di-
zqIt>%F|RVJ!8&$j1xR#m&ijqpfXd*a1de=<?NWa_G*LPzhUT-1iWn&=g-+%D-tgQ2
zGJKvC*hPao56$||4Y|T&zLOk2tcUKUL!X#`gqA!#3GP?O^u^ONa@bP|-e5nf1uYLL
zHwV$kHm&gs65%|E<DsKs$&D(+Mmo*t)9CkHyn`Jioi??fW{OWMu0=Wrl-(%^=KGqi
zuO|Df%7S>!Ur8XrXmw~?sy7bat>mF;Z-%bpHN&vc*t)W6&eVQf8Ey7SrCp8?s~a=}
zQ$cq@G9*{A^v4E{GDD8ab1A~-R+$zCdE!U9X{+AefzY+MaeHIyZpzhH+8JNAzpk{t
z<8^r~D5!qO&J_H5#YRZzGpOY|^$>@m&!J%UL^RyCrCSZYYo{_SI3cIojc&-W1Z2%%
zM}tJoR?Q&oUPH9#$?>Z9C%SK}U~|*W;BvE*Oyg{YQ~5JdusYgZH!msu(WmvXu;)2)
zH6rT6Gsib;*ZC$^>b|k~+u7UZ@kd#>l*UAu=lblM>amqob&9DIb=EIl(-Xrsr*cu1
zY4a4U!KdI3!Y}(6UKW=B<mwq}lNO&j?LA@EkHUj_?<;Z|UJ9L*TMfskk<e`!Bh4{w
zmPX1pFOH12S3Msr{QcTg&v#@j4m3}N1_gfpi-(EDhj&Z;hU8#a;+LLz-@lT}T%D$c
zn5uVGZ_8WX=p5*owi|H0dWIMyXwickMLZQ`ZG9)|az{34=5&l<{4^*BA+B}VP+2pq
zp8oUc)fWsKKdW2uh*yFQ96QCvz9O(+Jf;8_?l7DjV)Mey92eO*I)jxa@1TTo#S<*b
z<wEb$mccD!nNs#^JtbZD_P?`Df9;;gc^@_b7P$<`5fRW`R%j^JGwP1%CTxGh#rGei
z8(?TNpDP^CC1@fU4Qlvw^eqi`k<*TwNsd2Gx7T@g9YwmOEGi6bFUfIU6xHB!%dRVI
zKUH<PQ7Ua16HO+!V1Vg5n&h9i|CpAp;bfB+479Pb+5(#cwA2#1RjovC)7b7ZK8sGT
z@T+n~l&sU~Nx$OuX$vY{45pWhA`WV?e$%Syx9yP7@o?f>T$FsFmipL;7_ZEI^R=h^
za!MmbeyiAf75&3%Cyz`MUk#~Xo8-0-PCBUr0%?twojL=`UEoCvW$J=J;6McYD>Kmv
zIQj1kY)FgYZY1rC2_&0S{Ar<NSAO29_FE(5NVhGbVL%4AW6;nPjO;78+%lrKIS?)v
zs5;^+R{L-mPR!coc@cm|$1M!077L$BuR6t*z^2oXL*i!kpXc|V4LrpvZJ3tuA7i_L
z0tOnXXO!OV962e<a4wE^6VrnfR(Y!DY}@i+ouLFPgPfAvr7KK4HY%a!F5f-kMcS9k
zBYCN_kcv;&EKcBCM)P*r)jpZ3pBomwv1VqmM4EWl%VA3p%idz>g;&j+2osLPat;(u
z?LUF2aL5fJ8wTx=<ZH-;gDK=g>)iDXN5WuU|D4r(_mG+SV?L~F2W%ELEUZ)jyX*+o
zns%pM4L(})uSD48ke+6BU)|8@V0uW8kAEZeq<SAaHpky}?Djlwe`TwLV9E^(nJd(V
zr42l}HEgBpzVEQG&y9Q0L`m}vAGqzIW9~PL%Ixmu9-TQeqwJa=AHIf7LM`;38BD9?
zr1e6XZxZqMEBy>9dZDg}O(hg8C=8NA{ASb3sY(;=wR5-W6sOFIx8&+_Os$C+W{d|d
zY&A+Oth@Xp$UI)<6KI_njpyo^^+&rkJ?=YCE!wV8rf6SbJ{)3Skqx)L^Uf6veDgOE
zPDeqjeIWbviQUC!Qh!2Z;6y*uE#J-6O}qcHxJ*Dvxnf<FX)4w_s~q({<=&;KfR?w?
zy(G>Sztn&J6G$x|=*OpW+lZ7w<j?&LOcO79NoofTnv<k>clNaG*cS6Z6M(am+@use
zaGKDvGbn!X%cJf?(X{5{^731;*WG!wN~AUh87TP*tKH`%a21|flhbEu-&N0uc0TZ?
zn&<Q9#iuZMYIBdv_+!VOuo{>B{@xY;o?%O!j-V@e<Q<P63TCvJ%)Q?f!&lHRyn^39
zrG*9hTzYw%cXu46#uRQ-iw15+8MxH-^BW7>ye!CJ_x?h*cWcvG*fIju3cAm%e15l*
z!z2@>WHY%eGA*BB<YJ^su|bVPKYsZaYP5($DDzZ)&X#mg`-(~DV^-y-9%ChPG8W8(
z-x(w;u9j9txy`h(9%mR)V6F4WDIMM6R%>_tjVL`rAvd$Uj%-YBYSVy6&ODQqYHPD5
z;ho?C;KnGMwIi8ywvpG1RFRH?=Qa!1qAiiZyP}vTYlpZEr2+3aj#5K?M(TKFu)L*`
zm_DQPo(E+ZA>zrGz>=J=!;Av<loJ|CzXtU?sZqZ(b_S7(WI%Qyb}SZdS;VnSFiayh
zay<q!-7)T#o6K9@zhS{(WP8l?@&|}~iL|$2LZZS?+&x;(avdaJvZU^$D1F>tVu%(I
zesI-D_t(c}<@FV=CjEC^ulFMYRpSqlL^Vq@!Bejr!Z|oj-80xS3y>aqS5NhJ1P+g)
zH-gM?+UnXmzE+zxoF6A+lmmU5a%tes0jVriH1HC}yRv(eey_3dK8s2A1IG#VaiWL)
z$mrY^>ao8may;Zi$U?KW>Y*Nmn5i#IXB$&4FCKhvAPRDHnq&+gWMous>v~*wM=mB%
z*E;7-p}rw@40<MqmPq#t7o?n1$(e&usxXZQ1fQty)6<izb3dTB#9~ip&v9#hKF$fO
zyu`N{KJjggRffAGF<>Xl%*PGo3HZG0N)W@(LvDucWt+%tN$^cXdo_$R+S^erT?e_O
zKKH_pE4L;#Zs|Le<%9kYg@K`2kJ#8yt}+<2@)UxRvXvPSd(B1&jtj3yUWPY?Zas=`
z3!nM7lKv6DoV!#fOlsgiHKHh~8g=7jmN`-qQr5)OI4}`yKAnFoN<&)#c#cx=8Fm<l
z<32KSXeVp}#T@>69tl3O<5t80)<jOsw6xD^`IA0T{zC4{{1Ji7TdTbkS^_I1<g56&
zCyaf;K;=PCEU$lM<geil&HU?^4p2rA4?)K!IDoF)zgV1WJ)qOsI7mYV+)y8wszGW_
z|A>cO0hnzduET0JENRY+AN*Kf>*FwFvnU)Nr2B%6zF>5<i^~$(P*r6N8jvbNP>NHl
zFsG@g(Km*6>@W;EJWX~Yd$Lz22rB?55k6ZF{-9hXWx<HRv3nIlcmUdQJFKdJ1rCUl
zu<8H2<CeAxLh2|4hJ$eyPb?l055AXCcS2~kkC>`pY;hpe4xw)`3f(xvPbJ++{J~vD
zZzA6F{fohfjdeOt1xS}lxb(oaJn~uWd?mfgPmpP-bJ<TxSX_*3D}tEpmXw)aU#bXa
zoufJE6AfG<U`ChzIf7!5!H4GxY`tG1I;-R5r9UQ~6N9xAVL?8at6@UhkR0%324Iv1
zBv5ZZL6|5|t#teJswggw0CSnbAkfgk714i<#x@U|-A=BbK7hx5`Q}9`<X^Y(qP(`Y
zH`qRy^z`&mOj3QX#PALK{>v9b#$^j#(Ua}N?LN=(do@s=yw$@6#^W{7``)!Yv6LYK
z!mVJ3E5cF}^hXjROwa8<^gkaQLSo@Z{3xRlss@PNwOm~zslG|EG2mwY0doK2b#KP|
zmdhe27!(Os`|J8hlXe+y%Zn!oTxcZdTIG@(e(F|a0NMCMsH>VAySZOz)};YdBZq+C
z294Q0IiFBhncsSrPWRy#qvWmf@5*L=KCk!8SouV33`CrXz~WrRP4%vHayFG0pWFhM
zZR^{J^z@9*MB*H*MSuZZ!Fcz1rvAUI>)qZb0AoXG1RD;DjKT9MZ{~rI8Ykb=?9AW@
zwzx6-w9eguXtTL*KgaS=$k|^!`>UmG*w>BE*)v{@W%B>K9e=wIpw!F9Q3lR{R0bPf
zDhmaRH7Jz$U>%7ymjZ0*A~r#mhj_zFKDlAzg}l5xSmzyIz6|>ilWR{@SlS~*kl<VX
zeT2QsFG2uhiePU7kK3Z^4Aj?!*)uufer>nwP8a`-LdLxZ4~Rg03jF*mW-8XeH;UWA
z9QpZq9yoLX`tp$?0E(f`v;@GVHm?Tl2U-aUwaQO=McWCw0+?mDK;VXjB^afD9p8EF
z5D1QO;9m|!H##I(c0By$O*M(~Y|)kFWRAh3@%pY!pLm03X}mmlyyzT8cvmd11R>~-
zp?00npIz5!13v4Zk>&i`gbkd@Y-St1HLLd{&Ws=avR|u$cXlb4_yM4ze2ov^0Q11C
zNJ?{VB(`{HZ$oAUQgrD0l>pPYg=x!MDmJ8O4rHNYG;{3k-xY1te`c8m(q5)r%Y`Uq
zvC0LrrY-}#Nw{mmzj0X1+eZIB8^`|WK!vITDCD-cI_lqYe)6zBc$`M_Dg3t%*{|m&
z-_rQ=;B6XkT!Jt8d?ka7p#dA>^bdI{`2QWI!LJkH|09;e|NZXYGJ3zp;a_G++qsCS
zC=%FEP%i<XuRktb9KXjY=qZz%x`41%yZ;J9L1Pu}oL`=1{F3mWs}iKi^1si|=V{ik
z-@k7PGzkC<+^3=WWJ2`A0mZ<+UQVT9YyG`>_qMW*hQGCNi#@)wkp*+zi$5#&`t=Xl
zlarG%F)?s#XjNGW5DLSR?jbDbsN$L<2&64%_tQezasPhe$v(*Qp>dB-0k)&dF;;;s
zkpv@V7BO0Q|NfIJ-JQ^CK}mIy7E?Oc@BQGvG_AhXlJg2#duL;&i^nMT)924S<kUo`
zoETpfJaNuSUm3?}ysB)fQD{BXQm#%Y%z*aixDgVvJfHa;o(&k~vV_zrKgjls4>zJT
zn0KOL;ZH-XY(COF=2jh@%?UK)@G@Yy`tSeK2b?Kp_;p@U)#irU;+&7YOok8&GE*kp
zv#RcuCfa+3U+{Gt&57%u|FNzMAYFj-4_|zfHRa}59VVm7%*4dTG;8-V+{XctmEU|T
zVdH^|0Ei9D@1giFHdg@O-PhO0X#(;ygY~_0Y<6C#ry`KLui`_?Sul6Z)_MEPpDQ=z
zwh~z5$@sE3tVs$rqGOukWC{AceLKsb>FlXl;{XN;B`GP70jw<!;#m-|VZvkov}DdO
zOrK$>i-<yg?ZcVyu*&PmIry*`ofDU7i#^G%@3Ox1^}BDDz6yf4=>>J^4Qb+KCP|G}
zYqsc~`M-=DrvNzh9gp^D@7?S5Ny6D#*HB39qfg1~=jf<wZwI6#=9MF&);LKE4=8Z@
zgZ&Q(C{VuWPqCs!IX3;0PaqZtXbm)S%g>nVaVl7UtOx&1zF7Np-Ly`r%_)70xZ07M
zxHGu|U=yu+(j$B5ldZGlNWy!#1`p@6NzAj>U5DJM9Jj4>pRzx7@9f)JB^(Nfs4K#_
zd+lL3TERk92B=QH|Fa%r8+-Es(t-j(gP6qVDPeIPh#iG4#i##PNCZv|ZiC6(qAZ02
zH8q|kdDGXpA#J^WzwaGzos<<1GQm!W;)p0Ge3;IlUa=D+EiKJn5T+KS1lSDXW)eD%
z9hcZnsrzz!^GnbBVq1nS1=7sBdK?Rt1`pho_3>sbmwL2s-BcWYmR@A)BTh^Q@hhMB
z2?2G%f@^t0>mN}{!^>`!%T^*S;8H}eJU0NUGQc1ir&EEBlITLU>iEFlIJ&^J=_(@)
zj3?v{Fso>A<U_}L9Ic%9VS1%(UQXY@9SQ^DUeuDdbB5=FdP1K2*4Ms)32YMV=@**(
z<rhMk_3M!<1EK2vSaTC}ho7|>3Y~3E_X=TT8Bq_1k$HXXwVb-Y8JD)x?B9DRwy_v&
zv3`Z4022TfNot@eC=1x@7sRJerKM+7T@A-@brEFOANE;tf>0IDW2=N0>MG7h+oX8T
zwUQZkLA1hxSMv}?iC;4x;p_ClG>2QHy~r3St<2PJjbDVi?^k8awbLhkq4>iHWAPra
z90Cl&jO%tFxX2neSp<ZZ1a;b%mIcGqfFcfDc4f0%cypXv`btV4UwH6&jR}~~)Sp1n
z6g46vq0A41r|R8Y9Oe2UsMKETcLGR0v^{dT-)xdGFgPO0Odx`m$S^b{k(D>t14IkN
z>!2Zc^9IO;jA(!Pibn%Fa3Kcx%<|lD<mfK0GsnJDNHhQ0vXUv0L&|$dcYGwrHpC>i
zH)5|GtW{cfhm`PAtCG`D_;VR0F)JzNjtU(5M#TYn%UhFfI|tcx{HG)}rxGKJw0OZO
zQ6%&=PRLE1qcm+&q(erU^K1Hb>d>l&yHh+?OFFxH>hI8l-xVAl77U(|D5I+i`n-zy
ziCb0Z%Sme%|Bal@=HPV1*Eqc*88vZ(H{8~@&8k;3OK^l6lHbKp$~dRI%gWEYX<E*)
zak>%BS3@HgC%qhSaT4eg?`a{zlW+X;xn6Ye8*plCT&aVBQ2a|N|E6?}qN=JYAa$a^
z&MhgFjDy1w5YCI-U2$yk)3We)_=JQ5pn<p~^?vTPg-%k9K)(TWJFpD}WI+l`5t~%E
z_QAK`vWVf!Zfj$uqPG^Sw}(pzbd|@-Oj37d08K{3^TNtVm%QCXHx0AAx%N}|-AK?!
zacugXTTyQ~hu>!T{^JJ{6zzsvn#D<8nt~#der*G??#WtZB~}9N1r>(8DcGJJzr1pb
zOWLjxaCKPilV0_O(qtcLaHELO);?*b(vx8|_A?70io*$-bf)4~Qx9^^hN<p?>Zm_d
z`GU^MrUQHC8(svar`L|LA@#Cn+_Poae_XZ;n3q{sZ3-avetll1|Ds)yGN+qA610L|
zsH>u1$H9@8OL42qaOgEo!)&!5{jm)WAlA6eXZWBCn~-Xi5r!Faa&l&)E1pBSu@_{I
z{F-oosKok>fdpMMhDE<o5~zX&-LSgf^uEqiF)u+AE0p<zApY)Hy#+LATcHs&_qw*%
zwE5u^=BMg&HOCWV*<$#7=U1y$RZr$y>RL~RwId<R8+)C|(UJR(#~m^8g>Z<lg!V?y
z6s_CA`P;MSqDfAhYA0VpBG!@9R<mukJ2&I-t|1r`ksQzG=2G(Q%fQS!5@9#vjo#+d
zVDuzM_RP(&C?wj26qTDn;wsm0m1R%P`$sv+#=^CrOlw*Y!SC0TJ!yZ+*PiXPHSvwq
zyrc0(v9SW0*~_s8KKDwO)mwt|5>fR2k1#$|THI=hfi~`wb$$^HWYuCyfDo2!k8f~U
zWFvu&u=LFnaxxxP6Ip{mQ?B_B`zr(5rtbi=%_m+rLONo1dN#x8pYyQQ@)iL*I3}YD
zUIgl<-Zi&0kn59<XTNnq&RR83^NVgb15kX)u}bWdBrrN&FLYFIuuSAz(Dk%<eYO9O
zEl%m`Xt5ix7S6xZzYb;%Od|F@V3}Nb<->Yyd9qKxhhP$xCZDA6J6Jaa%r8PNV?2C}
z1LLh`2q?yvFV8GXVFA`yG}6%5=LwdV*Im7zz^+qS0URy%r5I0QIh(VFqT49fSwi4F
zrZ9@1RWwdVkp+@)*n)#+UT5Q_TD}icY-*>6d}K#26gYwIh#eEj$6yj$K5R^HVzet=
zEfU{slGa)M>=U?&8I+2M77D#w<dLYvZ%+9MsY^ixG2b&%lxo^ejYjG}I;JWV<rq65
z_@&0@b~Jz~bEzhf{gH)?^itun`@s!yVoPxIy*2s@EF#=kk<d6nEFOXk?O#7l{XG<3
zYmCVqcn_Rc68SwyynJAdB{N4e@Vb1$>K5Z{Dx1LS*h#uQk6&E_XSZ7#rdPa;dC#+q
zA>RF*;D{4jh11xu<>l4}I-Z>eCEG{o(b5y5-I8@wdPGf<KCBeG!whUP{`bukc%-RR
zi7pS$_<1+KKZa}ihRx$ca5Hm?BBIZA()EAz<qmG(<*Y2+u=*!+H!KxE!-4@W)vBFq
zci$Qcw?9Q!q@pxQXkWg2rl#x-33a-*`x~~zik@NSdpKA}YhNzM`mySoSvw8k0PN}R
ztiCRP_Gta(Z~tB*KQAOgTb4zreO*zhrS*9~dL&?~d)fT_)l(7D#@nMYF`(F(s~*c}
z0*(9oRSSbqxtbyUsioUk`U1T@^kdWmT@YElKk2m&6hu-wm1|1!dPlr8BZ-x`gV$F4
z3y9kzvY*1Sc#ZKri0;X`U|tn(HU{J%-zH)12CuF#95nR1{BSTtrF)>!0sHP}@=Fj(
z9WM%6Nuhk2UifhM%9O%x)`N@RTewbgFidbB?8EUne(y+ZCsxsbzydcjl-Vuz9wXqd
z%1c)@5tbhwT%V9wvyozQ9=w#fAG9VZX+<C)xB!>oI2y0=_KzNAbn5bR4;L{T+_Jkn
zIoDA&4StNTYH#&45~Z=`Lqs7|)ZK#=onhYOgo^CF$HPjH(Snm3Z0B!oHtX6S2s$|(
zzL~A>;yTV|JDrl$bBzA7qyHx2#C<8<w$glGrHkMA%FH5#frm`>;m<yKw-;hz^Rl1V
zS{cL1$h`PUGGs&xlpabqetVh@)AmcP(!X>$#eVBDvX;ByNwbD%`|!J}BM1X>gNBYG
zdy2U&d0q_GW-=6exTjum5uZywHO0Jf|7{MrZBn`N^Jx#)@{|mhyfqB@$b%h&8ma`z
z`Mg*D7YbIlVtH<$Vqt6}Q<RKqwPNA&Iv>hWF_4fwS)9u2^ZT8?aNw?BA1yWku713T
zxLRw`ldP0|^(&y`7w-TxeuzKrF466mU4EyL%kS{<xSn_AlR1O|hS7u1qh3w)<vXp^
z(2~Z+MqopsEIo(wjj$uY+|+87H-+_W9wa1=AY83*N9KOvdNs3^W<;ldyWXublk#%F
z3ZkrB^>?v4`or0+6DYYqPS?4__dk$3Bbe6N+sbG4)pOY|wU0>eRS8+#kRrs4n7_6%
z#9!U>Z!8xN!nW~(G%QAE?Jh$N4Nw7Z{Q`(s40li#?PH2k&8wV&xuV_P3Fz}>cajX2
zw(v{2sqL@6uYh=wn^G_h)8yNFm~Zeq+)1}V-aS7)IqIYaZcUmog|N24*c)q6^r+cN
zY&cn2Lk~uGb?IUx$$l?>Z+oP*p^Mi_osSz!FIzDLfuf!m<xS0mmvJ{xf?l-ob-+H8
zsof1sU8~xC&q_0MO;oTEP^#m1Ap-gaRsFWLS;;PxP;upxDbJ9|Nbli+j4_>nS(5Xy
z&Ar>9l*E+BL%|VRxD_b+7Qlm{#DZHb4%SdP$knP#k4W5tyM=$`e_)F^jVBAb7?bw+
zagcrvU;_ZIq@bdb6<E%aSNKGZK#2wJ1wbfH)tMcU4uVnjAg+Cs6PCtp@7-oKLax}7
zk{DSxzSW;$E&%K=6ET;Rl#gqEdL~vFH~-ntQyo=-dCYe_;?p9Ti?owMfE`TiYzI2F
z*VlpQwa(p5?@h$^{WgL8?tacL2amc5K+tl&ux^3dz3ubcq@3{lxz#&A&N#Wtdq{_%
z1VC-9`v&-f#V!26UQo~`;CGY@*~!$0{fT>W4%?@5d}e{cTIA(2X{(=7GxZ!NpUQ_~
zma>*z5=@gMoegU_gaiz0?3NF!#S9${viH`S{qy@e0uZIid>e@VCj-qeW;GA}{<A59
zxr1XSZ-k4NYbyYo{X9bKa)tM0Kb-;dDa6!M(j+KNsh{kQ*l0)2kv|e{Cs?axtMmcV
zMMvplXXEp&ruSm}OjAdIrQv95nxjVXF%6`iIg30RDgwBm^w@@FcY|24eACGmP*0AB
zHT0KPa<LUKz%u&Pma2zKB6&Cg2*Ft53SQ91RV~wf6M?_(dCtu{KI{E{1n}#c#OgC)
z90^Y*Vpry_%zdxT!5RVmd8uqfX2W+SdHa%~B&>)lPEMS(B%D@gNxMJJI~5H4+@UIG
zsqbqb4jT|t-5;gB;7H2rx?{JU{p1#n?a7XT+`1dS9VQEYKZH5UYnndu-<CSIa_;hN
zjxdcr#mfbndD$^~aMCGmq-;h8`Inp}3WNKMcTINozPVI0gCM;MabConre4_mVXuTi
z@ae<*+WaJkz&}s=%z<d&{F@}E^c8vQ5j~lHGWTLzc0k9)VyyN9RK_XaeXF|k6bi`P
za5m@&o^Z@N=J}BGc0#HEs7V(n5oWBna`Xw?x$4VduN)m7AA%w_4FdzXA<p#H9DlNx
z?a#EoP7{7hnc>GUybV><M1&!eLUNy&s<|X4uAguRCE1DT?V5yC=uLbm6)ZoK=tFKm
z_9^^eBAWO!u)22{mQpJ+_{liKwp9RP(^@IMFgCMaC|walEb8cbOzqT6`PJ?^KK?8i
z%+HgVojg2~NswUm6n|P^kLbb%9h047tfUNJYsHr9juhEssO0t_pT51?V77E1;xRAe
zjz5QI$V};UreU`HBn%h%beU6p8gRNoC6S@bs-HioH{=K(&!zasj+k%6DweuBR^OOm
zt5{xt*JKo6eVt~7#O1rGaNud+DT4A7UuO!EsW<z`lGhdL)aIG5!`~(-T1mA=YVw7P
z{%x;Z9+|pt6(A@+DT=H=&iL3O2U5DxieD@)6+lD4VLDD-aP=WLlQHhh09l90d{i`O
z=&1sBDd>`{ZXY5zW>Wo8-T`h8dSp#amm&O{EOpt35Ruz0x&aR09TQEV_Oy{4kLLPU
z;xH3Tl8tRJPwCNrM|~`mLKOJp7O2~v$5#pmZajUf;*N)p<Iw~5`Arz)H;PX7S<7E?
z;dyl~kB}`Mash7^=+988aItyJSldSm7neOrc;_AT@&sw?K}igZPpcD^7EKT0=YUDu
zIxCceni~05w{N%Wd*h(T(yC_lQ~zY+2SGQ+*3sSNA9m@T0Kr|RePm(kF(vUWcAOqI
zj^L9Hk2}izkRnTsI+dm%zRYD-kj71hXokL6*IH`2>yu=s;qr}sp;}?@9$zN&;j3`E
z18n;Swzp2QXWJjzeV>gDGgbI#eFOJ(^O8pn%w35`P&>c<fWzZQu``JULe*NTw&jhu
z*Az+vrmW}I87hW&Y|5W3KULa2ucsl@9zvPoyCe8Xu+w{}=l<z;-6e|bp<}O#?3k6-
zv+A*JUQrLKj^2cp?1^*6jyilFSJN1<W`>GT=-<urnAFI+-2`t1LKgsi5*?g+f?e92
z^IQ6X>T<JGa*A}0?>C=3%9PlWK$?yg1<%(V{GM&KrywctSW?k|ya!_6{42PeQK^eA
zF<Je<DpD-MtRd&}Tcnr%UH!jz&7(o3mh+)gp_@`X5Jv-u9_oUhFmM&LtLQIBj-cn9
zzaL=AF~}w?ua_^A#J9$YL8V872+>aM(#`UGulxWs&*w!8@p8S&Tc|(Yxcf_Ywb8xH
zHI*OA7w4saDmQS9hd`Z?Jbr+%Yw^QJY9ML%U(8zjf^nubnd}Q$Hh(b2!>pmD9YD*m
z7)b(^nIp|xX$9Q%cA<8Vl9EzbujVa}e$^r&(E6<Gd#hI4$G^l0Fr~S(&KY7{#_Vi6
z=xcr$BDr5f)iMzj(<$Y{7_QU5`(#4qMXnfrn9T7m#K#SM6~t^Z?@mF(&QRdwQO`!S
zR(q|Iw>W1JfiuA->21x)7)@EN-SbW%>n8|1$8|R+=1tOt?@%YOToRn1eDQN}>7@ji
zPPr>pDv7j*JZ-9T+LvW+FLXbi=re1O9GBOPp?dNBOQ1_|y7OUrF!ctVz#&YA7}O}<
z3ly#2JKP+Yv7Gie9xAS}p(VNj;qATB`O~?!067IHzBq_+297#Vb88F`o-m782BPGD
zd{-!;nPv2*l+%X5_tm#=DbPFV-4;Ni*Cj(FmDK)4_Jm4wQGiaXObj7$KzMz#88|rl
zVFSWhkaE;O8kXmCPd+216Y6vH8daVmR%$_vJB*ujWQ>ex%}-)5YQFV#O4<?h*?<1_
z$8)j#mFM@C=KN0zPU^8&=>5X@@>j(0#YPm|_tDtO=v9*6d3?5hY1&4a$F24iXp+q0
zRj3<_$fen{>t$oQ`c+QGxj7EdkiA9$E)^1>PSVrEp-}ZU%HxCGlb>m@1fa%7DamfM
z_rM~C%LhmRx}u<)ndOEm_CZlCMp6bYaTw{b;2VriDvc&W-FK_v=Hj4oCI45;h=V+o
z8Q^Rl)@@#uF8h2nvjuOVWHp?3>b#S6-P)|4{n&&0qT`z6=d=SU!ox`e(eUu_QtLSp
z3(q&>#4{^BgTp36#ao#TLph{W&$iOiroUsOzM=pt#P_deljS^wu@pW>)i0uv{uFF%
zyFl*XM0o~GN}>v{jrk~OLBiJtPFJ%2h_B+m!3DDDpxw|k(f;OLG+2P4!uyTrw_oxG
zpPvk+v=f}5UP!Vr`y8r{`jx9&yUz9c-|93+SX>-Rz!~*c0ukdgk+@+0(eASHv>S{e
z4%a%s{lrJTGb{B=S65(AP>Z-aRM+=*6W5h5#m1<GLqT_8`gGS$oXz3>A=AsF20pi~
zoyw`&_nkO66(tFRRu@|BiIi>eDgW{A;i?A%#+vXjsE6z?O-UeeLKrUPxkI(3;n2_x
z>~!>6gDl3&tU=jedTmC=UB^@F9)!uW!Ow2+iY{($bu(uSXQB>4sHGW{@A;pB2tmne
zU-n=>9d1I&ccE6*Pj#3--Xa>Yw(#Tu#>}ri_VNMbi9z@*)zHfZosY))oIp37uOY`k
zHfwV8{ZfbnCaWl)Mxee6#!E89z}h%Hm<t|9yIx)c<9X1{Oii630?K8}?<GE#$1}hJ
z_&a{&HWZw6t)D+Ls)+2k!b(C;g-Q4XF`*2XZb)BUj;6m*Fka;_cewy7JoB$pk<h%B
zm7x}x2*C}cU3NG0Emz#hA@-~NDCj?Y<!5M{laG~@WH4`>4Gu?>zQ9TLwJbUD&Z<><
z%PxVkh0hnQd;j)O{<K*R&0?S#LyS|<S0%SSrO$BZpKgWaeGU!|&`z3b2@HsaE{{D?
z75&_DfElaD(pK}I0^$F(HI#sDcmo<k*#C>hkdr6GO{j^Rspo~S0!BI{tVv*sDP(~?
zqM_krebTImH=?T%T5iTtm-Xj%`Q0%7rJnp-YwXt_gwp)qzeWuNN>uv)iD8j#1u5U%
zj&xZt=tA|J;4{gEa`&osczIXmpZU-7YT91{m=&}FexY(c(4ml4Mn!*|IABgd#jRe0
zpqUZS4xz0d4Tx_$!v4DYXMX{zl3v%kY7gwY-te6L-}LYLKUa@a%K#DX%qILA2Ws-!
za~I1ogbe>jK4BXF(*~A4$$!AS{@Fr<O#f)TfdT`2j^3M@GHW>P!IlP-BUHx<8vaZs
z&07Yjp;IAevHQp{06UwA%|>5X*qi-W<2^xECseh|b;x0qz?kaqN!WSw!i5U}#_%mj
z#Z18hhzUwA;6BzqaRrznchTZ!$%3>JF*J?($PM7s2Mek~&6*t0(@F!Z6ZGFe<I2!@
zJ$ebqNAxP!hC!hMrQ^-{Vhac_Wf%*;#5}Xu{!#W9X_uU3m0JM+3TQ_`J-Wj3#PZu`
znLdL=ZX@;$cAMpYjkwMZUH{$rc?%E^eL+Kun5?0=T?54LFc1?8?;zFx%QS6VKOD5Q
zP$C4>TwGM?imfQ%kdS^gFb9%p)38{fxbV&6=|6TP;7i>IGI1EB`k3PnX-r0vob8~7
z_9lR=E-&u^>zz1R!u1z$o&FEpxA1RKm9n06uu9Ke$shLg!~pUS^8(zHAbED`dg=<A
zXBmvNa?}F!_FLval?1UtJD?<iIEHW6<tQ>1!%qR@MG`30vp<sxS-0H9@87?}JzEgy
zKj0&tIVXy;9((-iuE{wrSRc|e-}oU=m{t-oG(kk0JiMKrkzv~80NDUP9y3tJRS4P7
zq26_VtQQ-x*z{fsJ4!qTvVSI!DgD>DE$#+Qc)bQ>gnX%=`XY&c!^c*jmZi#K1g>YI
zC7)ojfVA=H1*I$FWTU2*5-uSj%hx(b=xKd`yGmF@M1j{eODY#zorTYR0GeH)I3An$
zdW@%_XZY;dBS=Bab-%oI?vCfUO~HiWh1GQ_M?F41-v2lYBy^IXC8jGXrw6sd8lxVP
zywpx|*&;~7i1^(nXFQ0Qcb2BE<lfn@6??hG&LQ4!8FXT_8ueQ#3wtZspy<KPH{aV8
z{({`vJX=8Kgl13w3!3qlrGX3`o+o(g+^e5^_|0(Qp2=3(1CES6S>7}gYw->X3elyO
zxul(eZKS^g<`rOYL|D<p^u~?EqkI;jL3Eo_%sT6vXQVi%S@s-3D?tz^kt6e^0vU~}
zdhjo36UWBLJe$C-{6IS>Oi^yuhG=Bj?xi1;X&pcvj0T;Nje$X#&g}hATvAeSJKV%V
zLJN<T7gMo)>-Q}^nuNP#ZU3{~f?tMEyL2Mg?n3-?BB)SU)Voh{+3|6-wvuu?JTRE4
z2WDPB|M?y4K9&Sxg8RX{IyWwYd?AJWcPt^`*%j%vI&``$K6M6r@*C64S-;Ro?55=?
z3f<?DA|X4P?-&nuV*3*Lpx~k(HC_Ioc{kuj2>6OIQc=z)CqkvGEr5OpxH2d~M_}Yt
zmoLubG*Zb`SU34tCmrY*$S#amappzTmSZ(9%<DfNFS~y0(K+2^l*ox70l5J*gP~`U
zg|QHMD_Xe$IJsfZVsl0zwE`4}KTlsDZK%#t7!?4r$91lQPGJ_=Fb8DSS^0IV)cCxn
zuLoROp#{zvm`rB-^}L6LXO?~3sR4m6W_|Wdy_-5=ML5pQpeq(Ct<Baiy`)KaLYvsx
z*)xt-rmWV(D7pd1=k_hE^s=G$>Gx=rYpDJ?WMOWAAcN>m8uUzPa6|3Cou}u$r~OW`
z^^<>sP1xpd*D$%b2Um>H63|1=7<`L(!vrzQ_0T0smAyT64~Ody%mn^}?Fi~{;*wL6
zm$zkQ!QtioU;^0Vn7&2)C%!mE7-*!w3-2{x%Wgk+(K!aPH0`20nBHx5&lYRA>fU}q
zixi0Ly*}h)X4aR!I#4q*R$5U{+pb-H9~U}W2JaD9i~RAa?yy1C0pxnx6jUAU<onzr
znX-Po@bJiHx%k~3H}Ar*Ff$sWzruL@<vHeieXO_W&qH&hJTUOBfTJ2x$wu`;K*VY3
z{KyXhA8_E??ZtnB$23_9eV7bggW{f!9~s8KOT9w*13L@@v{4Kr=tZw*&!>;{T9cs@
zcPlJAC`*oiu+8L3ej2A1vVwEl@bi+ehhOgi>C$6Ue}gah81sr|TZ`2XB#<lj+M?p(
z{I)Sr=gT0j26~4YF7-JO4fti1iS337W$_-+)<7y;?+2V*de7Ud(-9#du#mE!h1-md
zh0BAMOFu<dd;8<(+o+cLYoGt%n$>!1Uf3ijtp9M5h_u0SO$}pKM?aP2Nu?6$Lbz(k
zpkOi>d;s!rp3qCEy~q^Yx^6IM*+6mMa;848@Q$^$+2CVu)|yG0ITa>OtFMn5>fNXu
zDlAr%%Crm@t_zY$4gNw|BBAqpN+KM&k3?$AF}%r|{Hpv&Cql~C4gD>3(4{kD`;R`p
zCdRmP9gmDT`2l_k#`!Z|LN?g(ZPzZ2MPQa(n6r=7KA4@`r`p(?Y|W9rOLie`{Kwp~
zf36v~{qkVHo0fudP<RB{eQX9Av(?(7aOn}>&p+L`BJCb8nGd-{E+|DH8tq|ogi`qU
z_Gr%~Es4+$<(y1>D@&HPIBM`+US19&PP(FTag9J&?jqU?v7Kf%6P1ijMCbAjKXLrA
zlOdkCDggz}Ib9jvYhfkB5^)g*hCzzxTcd7ZM6&Pl7NAqBQ@KXInJf!E@kdF><5tUi
zIFVm{&DITQ!ZI#$g#;FN8zo<JIZPB+lyQ@`x1I`4i_>77%r6hL=jg?6s3~wS_s>oE
zD3=}1Y&QL9n3_G97eS}NR2<UHwYMxG^X|CdVru}2+hQ--{(QNi>FPs+Kq>=*FShO1
zA{RVjPphg%8$>%t@#igPci0@XM#&x4(X||+mb4v%R@|PExQvNg2z&Qv<M7$q?_P?~
zV^B|Az|_8&e=Up|?PC+p)ebeBaEw217@YRt#_%n>#JaRuS<kp?SkZOzyJ$ap;>{W;
z<uK}8cJoFXX13T`NoG>BXZft;hMzyU*Cz8|W79*)>G)L2H0J~1*!-(mON;(MEJ}l6
zoeJ@ms4b88_%W^8vU<E0@tLvWv5QanA%|NXE9K%z?As_T1YOrJEgY@&TP0&GMwAzM
z;N5U+Ted41uA|<Lo{kO+eE^1dFxHYk`KpAo)~I-;({{$^!wn21LT*D|qbe^ejlVA9
zXKZe+FMU8{q&D@F!^Dcmq;hdAuJ~n-#oE!(up>#q^@$oMtb|oW?&4<>aaGDZ+C?rG
z@ut+Y!2|HCS{&Vcs9phnI>!{$qVjA;dQ+N74jM|s@h?ebFOJStU%4_eztHW7ecjCF
zlT{`AQp?4#l7PK64Gn|UO3l5mWa5btW1WE~i2n5m3}wl);<2{7%Zgo-3B>bRZY9%g
zJlF3px1IcmzI)L<lPPYDR}{lI9o}ttNN^<NBa;b7+@Z%a4jN=_R(`(Q+ED#VZEb{I
z!3SHOUGEM*o4YQL4myVtW@}m!(pE|&&Wq!tebuqmQKi*mCZmziqcnK58X6&-A}k)u
z_CojT{@qm-j;-->Gq<CiJ<@=+8tb`M0k4aQ;1bIK2Q%5ei;7<wygD<tMhfU$DOlvq
zMtI@|-X%@_J83e!heD?={`Q_@3i$>T6&5`%9t1Mm`en}@mj}fOZ+Zyltd*oog!A>y
zoCw!iHGh_AUtM5Jy?h`eXO`ji-C*pwA^YKvoAt=k9774`RQ#XM;*bVvw|&KN?k>zr
z_FkB58O6aMbdgli`{CU^>}2}`A+v+s`(dGbbMQ8OAgm_rgodER4-Q6I#r!y{{CzV<
zx79r~t5a}qKOc&fM(xk@55T2LlA6-MBp?m*4X?ehSi4#wyuGuJhYPLCKuaJ<dF1AB
z#Z_7f1g}r6nQV>|Q&G7vk5>|Mtgm^YH}qm6_UoGc`HxmBeTOCN?RU2mxwG|D_YQx=
zRX^80Oc8e4V?0HxG00ONp(n+?b+XryuGh*(Pydd^sAAWAtw(iPyKdx3rNzWTfAQcI
zwaSWgad1&)s67<PaNZETPiqlg9%wd#TU}qk_I3WthN&qi1^ZpjyZ4lq%|A{|YSz8~
zRzb{x_}I}#;XD541^1t+r=^q)iPwCi$<rt{m+L;*XlRJTyILG$KHRzVR_D%TIs|k6
zIju||O~I=~oQ#G$#);g4RJAnS{-9R1w>D7YSojV^uHR-XPfmj4uf*lctCIWSCDaTW
zFSnI*<sYJeRn%h_glO+GFfh>4qV$*TRC}8R(w9o~ZVh-#Z>xkAWRvD;7j8Q*1mMTz
zL>mrJ?`(_&r(vS~G|uuLY>$x?YwyPs$G_&XJR1^GuH_%b95`7t>-Da%Hm~~~SJ^<O
z)GldE`qZYqqN3q~iv3Ntrd+q9JgvHAK>x8T9_3~%Oh$YOFHg?6x;P_~s1B&PM^lO1
z-ri<|+~v3GA`>-L57YO`!SeoT$i}Oj>gs9^W|pbvjD+e>!$}^{$j>bveZI@>u(LR=
zX>b*vN32e_(xJ~`ZKgp+zI>=7ioOnf!CnY+5%~MDS2=WaC2mxzhl`KRHu;JM;T3G{
z_QwnQUOl{JOkLjNgFPHf#8+nAgm|=*{0U&2CUTp@bjRyA`b?Limu!D@8yFcaJspWH
zNlSiYWT*RBY<WASVlPgbwPt+r6{CH71RO-FK?`>c!VryA4vNLw%EEMQUG@!ywa(xD
z3it{5P3PZ$6rfo^feAEptDhRDT^@{Ycs`v+>)BOEuzXfm{%CJWQ=?XKgjLZ8#`hY<
z-&GvO%wrxEp?NxobE20I<CRi-fx;KN%bms6dirr4_4k00WRdZ@mygO0n6c0v#mzSH
z28KqQDHfIU@ufQnW3~nCFGXbJ9)QA$_@_q;Cp?GeI#|)rOnk8S{~USvBo%g2?Vh4O
z3<GFrY507T1HYz}(%{9YSi7gvxBu>+vxhM!NB-BZyNG5%q@8gFO^n60Dw8RU`OY4k
zugQV`-It-2S<^<*nHU?3VWOdV#tgJp^G)KM6XX7UTAg`Bs9aoFyILyO$c%>8@5$G@
zTU>y>|CzD>Dr%Wg8ld&=EgkLn8Axp1{;~P385X)$t?o%bIv10wGwLQrEl&7&iiP|d
zgo~&j9#O)3jKbfdez<ev&o`ldxQ6lPK~X=vfdll{SD=0ndWAYd;37nQ$OV4g4fwx)
z2)*<F%dZ))_jCIWGxJ3|q4n3OzS#8Jl^|V2sK~f}q#*vireKm2>Sdzcl*W5|L-1g5
zi_@{~-12au(*K=t^<r}jCKxIcLDCh3l?>*cwZBtgp>g`H_A@scS_tlemCT>}31+-C
z+63krlXU&}xebGEJokUFyj){1qTT8GIs2~V&$N3ELR5M(6xt5^dMTZQKvMFB!hik!
zxD4ak9y7HcJR01go+1^1*d0M25U*YxUzITmAYd!m^Cg|e=de6Ib{Y?U`^ES}(#i^{
z0}Bbi`|<aNohsMElIgos`4*pnM&xX_Q7}&J<8h)G?GIckQ+<&m2Z&NId#*)}kB<Xs
z<kl^VUILs{k`Hllw*K3=K}39Zy4?rDPFHsN39(GmsHqH{4^HQ`Gwfd}C=w50Yz>CX
z0FIxpR<Iz_j%y`ty41)~7Z1&|B{bsisHfP2eh?NRA6_rAk|eQCYi$CG0zH(}m2rCt
zaIy2t^=YYBJ$qSg<g&jGexgV?=uh{Q*u_<8hlYlDR}FW<OMY5faPuAIv4%WRSe-$x
zvJg*uc<jR4C?J1g%F3E$Ns;KuDb?C{w9N`SZj9qsy_NJL<WngW&sCy-4tqJkEk<p}
zz<H=WvU&?3a@?*vryvyF<cl?c`F1vj6BPF0F8#jH&F^~f^DWL@l4-J$C$O147byM>
zRD`<@4nZ%8dnDg1y0+FEuI9ZpTJ4$&Mx#cQhCQ{R>3ewolR44}c8l>CJn02c`~nQg
z79+xNIkY>8WB&&N@!1MtD$On0Ez=%XI14^PwMchBwCWy&4k+sG<;4zU%J}mL!kOF-
zQRcX`Qq{fZ0>gx{GafU>ZmcFS3(ZbfaGJ0O&QTiRuT3bf&LrXO)}V{Ek2kv0Xp|bx
zznOL1n3lq<RQ#{c{<up;uH?s<5m(lgoMDLo3$``?rGd=!^<j`Hi-jb@1+P*$t07am
zyn6WU?9NbvL(rrbl|hspPfI~n0RSwX^958m7hQA`+l!1&5Bkyx>SJv2hSHe)taMWC
zh`pr~C5OFafpgC%515$t>fwn<j@&=M?Pj@t?0daiBnVEu{xAFzPk`!|glEi7mvRB;
z9L>KAgj|O>t=#NN>Pf7M?G2(`y(H%?3`kh+(3sVuzfp_JUZXU?!oq?GjU+oy5)&z{
z*GK`^#k*aRg{D(1Ly2(awNxk)?LbJ8d}pTNUNaL-=|DIt40zM^jyKmf6KP_&YQS2G
z+xP12Y{cJ~fYKm8ll{T{@oV*N6p~%)aJfy5WWIBKj9jj38KsQ&9QDc_nv#o+>+(<~
zS~&Ya{d1B4@z=EXG8Sv)7e0KLs&?q(K{$3qL8w-fxoPjXeiOG~>9D<n-5s35l}J}M
zKIrb+To@i1F}qG{3awx$(*=5a&C->0JLm;k?JV{gB`qa;Y%nBR!RB}`crlk|u#EuI
z{LQp>gZtD1D_2ZIK~8&j_wr9WpP`@H$fE{=!e%qmZmC$F!^7@G^IB5_gB%}%xrV{+
zSwqZ-WD$ApEVdir9y1Ia&!-2YDJQt{zkhy<QxR442yNCO7t6F}GAgGGDxrZ2Zh1a?
zTemr2M8m122WhWOu8!7gdTW5H<c7N4wH()mcP}ricsGgrd1z#RxO{nw(EU(&?xZff
zuRd`)fqQ>KaI;CYq?x>cZ(rghus{|91`1Kkk#EjRfgb0p5A72q<GF;*`o^Ofv@>#J
zyLu&$+B>Kh0%R~>*r8Fn`5|GMlkQm<V27aW?JLvtgVi3nurST;Q*U9f-jo_2buYef
zj$mRb3{h4-_XDm_5JZoZ#_vjPlC$saOUWLOuP_ClD{(!uO2q(tUc_K_IIVKt)9>XN
zaXAm!8lp;K13g+kP-Mp5rqye;g|MzXp51Axx*X`IeI=*Yub{mt2Z`P#isV?GSi^zN
zu7EGE(;obaNir>Y;K<1qjA7Ang+zj|BS2D6uxVA5WhfY--x>s+AvbXQaGz?taAj~c
z&Q!DfOZbc%@?>c5s0&U`h+>v~vU>^-n@I-dxL&9|C2oXH@}j&d($vR)#_e{{i=5ot
zA%BpdNb)Ff+Ic=3#}?PMU^iE;wY$%!(x9dOzRu%V8>v?B8q4JinO#ws;vj6Z)_Oj}
z-j8Q0-c)B0zv~_?v)1cpyjLq6mU7)4!~-c<Sb76YUq)-KI?Og+s2lMyHdLOK;Xg@(
z&^qTmVwAlUSEHulDL6WIo6}`EDO8>u?VE%l>fl_`o!cegShpyDyPFVRVVjI!{t`~F
zp%zmR>}lxbf&3wx*%WI(&vEVcZZYK1@s(CD5fi4BI!!*+?Y<YBkK7whAXz&(1^4Ri
z^NNzf*#zVCfg@T^i^uiX2!;fX?j@XwjE;6(+iE<Fi~Ia@qxA=5UqgI!yqB5_Gjl!5
zBd_w);f-EfyV{kknM$1IG^lZSxG^@c&YB7QPQP0PZmd60t<2E8xLo40!3N~X^P%D8
zIU96Et*(_PPv?w%O&x1o9$K8jUMvj8*Hlx>v02Tku&8_-rzbo8Y6_Ys7kS1<EFF(v
z--~1N5W#xOW*gKUmroT5thHZ>k}9FLL3dcDwlHrPEvdiBUH4@`NmLki^Y#|5bR4Jb
ztzHSE*yU&MKXCKz_7ie1obyd^@aq<;bU5KoMm{%*W_xAWn?Nuq$KJ5n!)X?^pq<C6
zICB1|xvnN>F>txJc+PhH%>}fymxewDbb<e@F;S2JAMTLjzt1#z$v$atsif^omRU|g
z^ofBa?R;RTBoYJhvbN=bm`8SBhP1N)2T$cQ^X=XJ!Ie^`poPiG!pSM}_j=FzQflGE
z7#SKGi}~osDhNx-y-*#!2i1plDKB&`Wp9bL^Oxgj^c5C%H#yyY3mRbC2tbTu6_ae$
zez48oF!czRof@&S*>A$;&uU$7nW@^;L%N?tF=!j=HLeli>G7_8EHtAdw%V^T87QMT
zb}}{XuG`V&u!z9Acpm27EIR6RFY`nr;*JA$vP!P0At9#xN;cL>WR8XAgP7`*@b!{M
zycQ%4`N#NW&m0`0NbexJM+QgzI$`V8I5_EybPG}6Qu%M}y=PQZTbDM9qGFB*R1i>6
z5D<{8ARs0rOO~u4u_!>vu|yOOBA`UcNY1gyp^z*&=O{VnSX9-WC7$DX-|il_?~nU^
zKf3+r7!>T<Ywx+{eA4=SfJe~;eWlln=Z2w8A#w)t%P7&?xIZ3aBO@+jG9IAWVU&=x
zUF=>^=l7x454wYGsIMq3Uw$qcIEc_pQefHF_5ArJcTe=$LAHI2mbPY6s(u93uCic}
zxJlTJEEf7+m@q`ClNlYth*_$ySQT{VPg4q;89K7)$a&-pG(2x;jdb_(n+{*xxz=G5
zhkPY+ljO2MvTCkkz~&#C>$I2u242E;9>I3;vN*ZDI4XKG6xxy#)EwOu==*Ax+GR&P
zVZAaOV`mQ>qG+j~Vef5P2#OBGvA%l#2x{>qF4KF%s&8$h1q!TAnF~u=y9XJ)17@jc
zO)D47v%%4ZNh>_o(V3ar)st$A11)di-FyuoOrL2NPO3rI(qYk*pR7thsk|Y6UZvQ!
zBVL9s#VRG}zz>#CLD-lNZ6u6tZd95eu~%kb{Vj}p<*QXXf|wbziD-v<xMmV7Q}1)<
zQ<kR>%^0k1A;+5{HXUocRU+a`KU54oOR~2HN3@+4v<~kPol_32J4*8M2R6igXf89h
zU3GJE9d+{I;C_Gd+Wa5fX@_t;CQ?3P)|dm)-P4j`Ikst)76(_`_}pvaqyn{atqwLS
zE+@Urws6XBv7<hedWI`*BA3E+my^|gjLRl-t~a04UNU|5YXb?%69)hH4bX?N&t-_h
z_9uCqm+CL5lA6>zQ*kH1#IZg8v&X@!Rkm6?mrh`ky9_z=un39U-_Bs189JNHLrY7q
z+D75SY#n$mL<~4Uu-SSGexnaHJCvpg9j#-)?ewd&$Q^F0v}l3yB?|7I!-_UwgUXl*
z=w&go71AGm1B@eH@skKus$n>vMe9-N<sk<M%j*G4r1#tX^Ed5+yl3rP`|<-D;#Klb
zq9XDuj=n-1S+c|aU>j_1CWa3n11!Zvzte=e@pyIX8ctN0axnE=KkrXR+)fvRjZnc?
zO#i;=&E3Wve8Q=k05oHTR#qrZQt_bsaB*V!k^7m?qO|87tO+V~O<~+})gOg0QCis)
zxZn%MF8=g744$+mS%5umeg7W#DKs>O*$;yaYKx{kz8LTZidKdwQ=62k9WCq7(7Pp@
zF}6t5I{wKN8_U-9?z>Lf_bkjfpUI)8v|>=@T?bTUh7TVgiFS>Cq3llclH#7M|E~!I
zAy7zqb*V0tWY&uOk1^U~8Je5j$DLUHEzYE9PwdsA@MdBydT7$0a&cb(tNP4lS66|>
zymvsZDRu)DPY<xsj(TV5hvaj4HmmeWIc$|_Y&aIf%rntNMg0ry`gsIXTSBf!gJ|u3
zMlYEo8@?GZXe0<j11)5`HkJ3vq_D&)FSNX2>xK`9Oeltc$6h~pu*qs6+F@)V??|rU
z7taUO9-ZdBtz8=P2&)pV9=zzWQ|)aN%YC)s!gVLt9ZP519!)r}&xSk1KG2=$hJl0T
z?p9@hCe6Z7S~xRP`qkxG?L}Hi+0JgWT1xR+u1ut0+)egf>?tQ+WWV+1f_m;h?y9;E
zjil_vkhkvcS);I0_K1S~i^+_;bk$YSx0U4`w^|LEk6v;jd4oQ4_}?Mu4YT}c=^BoW
z2SueOHufW_LC?;&6l8l2eLH7CkiDkk#DKb!7>9e^EMP8SIp05RrA*44N%lM@&w%-I
z(IZKoxAAf*soDN~nsQMc`PCzFTNeY65#$SD$gwPJBD&bPn6Ip(&f>3%K!sh8QA|`o
z+-g?SdY_kl;K2U3OFv>48bblHOvLvdJ>jCt&8YCqy&veYl=(0{!gI105n()DLyGw0
z<mBYNlKAqPOUKSwE)LE&p24yN|GG^W7sOoL+YPmxs+pnIXd_LVp1DBIv!r2F-kEN9
zM*D_`O5_pOTo!4Qf_aSXrz?#MWb+5QLg@XL9FIK7XbZlJTo*Lh#?!xRqC<U7QcByH
z*%livh^AAk&S(DSDS#!-tdi2;eXvzyu<}v{`|iO#_3XJc+G{TRNDQjWGDAX+z%XVk
z`45=%0>Grw9<jhq@muZeW;K;H`Jc@;gSm0Nb9eFqwoIKngEg`+zg(ZD>zmKL)6d=W
z*1j!VKXUhjhJ3__^+mVzaQ$s{#gv+XTh~<{hR)o}^S@85!3Sgn0$9{{`skBYrZ+vZ
zTZt`r<A{iJpJtTY2*Af}tcQoxwHyoxmYfI*CC9u_(gyugPsMj0qBi4%NU@KSPotRa
zo!*pcsxd_Q8OWQRXMUDcp!bCPG5JDEF`RG^zJZ-ZEOc9^JKuUL9bBFLaf`D%tDCg&
zdkCKeN0b9UYVlG+a{C1(-`ZE37X$A(SQ-t{bYprWy}bq03yVxA>It|<Z%uKkLB0tq
z$|f(v4zolabw!N>41cGnxW!OMmR@KGwSZUc@gDCj`u>mG&pkye<cT>lvRb40@Va!+
zZFW<2KD&)%sb@-W#}^MC++Ntt<}18dCL-m-;LhzHzH4Z<GNhX9%wl?AKS^u-G76W}
zMld(}2T<)$$H3_R(7~aY@7+%O+)&yOWE6Lx26NNw8?cK>nuehgfHlnaj+aMX#gaEw
zS5^{NFgc07mmij2R>^X*Q5xKkO<nE!(G#zrvvFm4B&&<lSf8r$u)_|2V?(z>w?>|-
z9M#h<+PS489-yc|EdZn(uoylJm{}|36gV0!T=xbucHaMDor~?}%=UC#c>E2Ip*_@C
z?NsN_cIWLKhaL0H01bJ`{wSQs&Z^;2KO#7;^3>v~q<l~<`eM6YC+pObc~vbrvpjEc
zXPRm*iXb>Eo>VGrIhW3@3*1;&?|O0heE&;M;`<}C|M1-TjQhJZB~6R-?wGt1>+vy(
zbaFUoz>rg&VW_rU<EcQloFiNWR-9~FEsWP{0pMf(+#R8#j&J^2^#i(x=jcNZx>JlN
zoTLakPI<eu>O4iNjJDweH5n%1@u|!0o^6T<anki8bDE)AiTNltJ?(W916g{Qnlgv#
z&0Q6>|Dq(6(JJA-Zj{1>k5fi|EqTUrNtLCowd@x9#3i9B;ui47vx=NLY8Aemp^Lmy
zaYf9+lZ|AvU9-Cls(JTRzxK%QL*@lvnf~mv^HN4<4HCU9ay(I!p@3)HZJ{N>ABO>b
z=%2XxNnmImu_PFeRD@ib^_+>(=<G8gG^|g}Ec7$pREzo?6m2tD+nAcX+j{m>v^sY}
z5>y3?4?Eg3Z+hgaxV>hF-E7?)Pd_gf6RLTdQu1@6l|?-p|9FYro`82yN!VD2IHME}
z?Z;klcuTa{1~xn>F3&n?CgEVmBlPF&?5@{llYNH_dlKYgLj)~qEfO6(jAceWp3kwX
zK0u-TF^jD+;sE1kXK&88VHbmWXHQE?6iT};K<de%wMD)6(t&q-jF03)elN&!BD-L8
zBd*uIA^v6<o7;K9?%HVe=jAHAJxUAq%91MyC(ilMN!B)o2_UfI%&j?d{o4tc$RwrI
zc)(xUYtHnhR&;-YuB}14X=O8e?ecNr9;8Zt%b8N_M7)3QK=jV+a7LjkNP6PtW$6&D
z@TP#=Y2tj$L5r7(I2MOIz(n!{4au@y<~6gM3VrBzTs5`VyXqGX7?k)i`%BhdgtK7W
z?3l`L(g$;!*=lXQ_;3vl7{))x*=D<7u(G@f?>5D?-ZE551+>Q@hqu^?bvA10>P$xb
zL?Wg$@|bU<`#rj?0RB)xzCUoBtka+A64(@(Anq3VId<l41m^;rqnY?D?-B_~*<Uya
zksH}}?;ec0zgdRT1|3T9E(Fk%n+*IgX0ngp;uyHPqo!J7-vj+8j*4j?iN4%FK~ilP
z5LjweZ@u1Xp5x^_KgrULkZrUExNu-}TYpKX;L%)3do*f@l;jQ1+uz7ONwnoZ@qe1U
z%DFScb>^$n4^pCEHf1%L$9H3d*pHID$#MP1htRL=1Es!#){4z!q{LwySTla>CHIS*
zv3h6|C17I05Qj+aQB}Cw{p7xhh<oqt5{bB{a%RS@6>b~-IKWI_>ghRbkH2sTxlT_?
z(oDbn4>Xp?^WTXElIE&q9ZHfnT;>1vJ4s1C>HhOBP~~d%c)Pf`Q~(nH=N*US*>VB)
zH|Phy(0TMLa(Jl)nXlg@CAoZJid20MfTsHmK!=w|r#;KLhI&N<v;iFYTFKnW<`8kt
zCx-Wbd4T^<tj4`QplR$YGp}#EuM+Pgkuk_{oF?9Kw^P>9bbs?dZJX1XO=47(lxNF<
zd&yaIO7*fR`-^P9xJL$Efk)&ra!OmBcEN35H1*$~t<ww%uqFd)VE_Mr)WCo5VN6*w
zbHMSBRyBkRNsCBn$!AgDHjNP3TmW;p^l_nh0Xxf6v^;Zh;f}3#3fkcCPEt%oi?T=V
zAehlCZX?wrkk*%zV+kPTqeoQcSHwPkc!D_D$TKdD*HH<VQ&14WZq9D*!TgUc2L9|H
zuM5z`i+feu9VI3C@%9&bCL&95C3_6Ae<vD3`%)0+*QY=x@fjwTlNw_<0#8h8>Vk=h
zj?l9U%RPEA*K``gc^C_A*9`%6pm{9Y8RVQLY0wg2K)qXlCj#_E9XTj%E6WgwE(f#|
zHUU~e`z^pTWz>1EiU66eFZf#$Ax}w3xw1MWN2cI_|JC@roS+44P(@p}DM(pUGyKb9
zhT+zD0QVwB6VBbd;D}Du$mf8b2>KIxm#8*fpG*qwttjb)vJSfg7S`6T-$n(BXcGa(
z2J$_LSb}D(06r2Z!gbiglnk5KE{xi4BRL<Swlv%SO@(GYiH9ID7W)#jxF#X2#C+fd
zJB*E&1I{8hRo#1VXn9It=Vq1F?$#>{x{g4J<05el^g1ktOClJnGKBr!AC5996^R92
zen_x*sJ4-YOMlpdN{GH{P*1WwGHY~XK25jaC#-HC+KwDK8$=13ifA8{zi)^TN|3$T
zNaf)%`a`l;f0GtJ08^pn7X+7wakie8Z=4nZ54bZCey&&=UA2xn;GNk{gBv`OwtS}D
zDSB=nnu}46Kjf}Wq)GT7^on>Bl@zxhe!e{yC5Z}#3f-o#j{G(P7v}~?kg~h}w+d6B
zNq*5{nVoX8EUE?OQ=h)&8V`tl+=&7bYN)2Z9%YhYq1@pmtG5o0L4d&@96Dt?^PQpn
zD+}vjVpZ<8x+^gQAU}UKe6c^FyzSzmRM3Sj6w7=p;HSr@2z_#?^MU#Rxv(Z?;pZWP
zkq6lyf403z{yKM@o$?~DLEiADhx(Gd)np?K?n(6@FSZR-x%e=4nAMJb50XQ)9Kz3{
z2wj~&(gt>lN2KyjmVwD0Bvr6m#3=zj9Gn=nHVX%fM|Gwy+eS%dJ*o(jN3_^s1Vy}P
zaPz$S<m8)^V*2{}U$|cV0Prk3wIY5<*#XQz>97*>f3WZ)XZ}DYScZ7WG-Na56yoB)
z%nX}kVq&0qp%|O!U7cH7^k<<RD70#tKPK5>s}Rxq6dCp-u8^^Fa4bwxrFf!UxcZAH
z*F0s4jGV=vGxxGZ6TJMZPCA<^&<@{vQgCO)ne%Dp;1rj+vh2)`(Bt2@InUR`83Knb
zVn&zei8i*5;`mc{@;weBNRpZ5MvckV`1#;JZuhPaQs2_59)luCJaO7eK%N?%#;qXo
zKBZS9N431`glb`mR{c~9kbr9WTJM?CB%9?M61KB_8;s;LgTGNbZCH`2jTF$&)*3N5
z4l}V>auu9=@i(CU`S^bgs1w0X!<gh`UZ4W}*IYPStR<<r4ab@`M-Qz>xtzSX`$DE=
z%WCkB_0qBR27eay#FEb5?Dvjj3eJlksp5KIUsr_w-TBbTr%IBz@7PCpTj&<%=5DSZ
zM;`LyH16+Xdg!2?<Wle+ptbP3+v<{;f|HetCH!DtKPsbxu7O!b+^)ys%wj;$u+>8r
zeptasrqx%kGAQJ&WCreg0LyR6nOBm#^8qHVPXKV|%s$Z>-?cFV&0W$1afdE=0QJ2)
zWA5W|iztLPselIgZM)8TXdmJOk}B6_Gkz*m45WB9RKW}S6j=j+wUMyjG+(i!!_BDr
zhENn7w}R!wPxP6f?D(u(Rd<tHDA>I3rab9Oq6p)$sLk;b>YPBB8Fc`R4q$p$|5Xo#
zn+DDZdkc$frii16T*D$fi(1y>jvR-K%e<TG>`~(4;@s1?O(jJ5A>(5!G0*IL?071d
zKSiG8D=_~kfR!MlM(4D$M~M_35_LdxSzb7hxbxgqxV7QPr4S}%vS?;ue)GnV9(+PT
z0ba32dznNuP({I_vn7eyOME9eA-LzV$2^;AXWXo}O35#Ej&2(_gAhTWuzy;=OElWA
zw<Yx=SFo;S00;jx;8=;D74{X+$?EFqBatapFLgaT#7&HHcU&{3v~F*#vm4LvSluHG
zwXz}(G(_Ctj*l^N9M$AXRyNOWZ%OqM3jXH#fMx5uCpA-N>Y-!jZ$8b^Pvk$-uBC`9
zmZ9dev}ZMK-AAI868J({{I_OodR7o<8f7*_S7WH#$jkP+*To#`QEM^<w(Cq?lkFPa
zImqCGXG4y5kDV1GZ1rb$`;NaJt@3g{bOPNha*QHXd32NK5nTtS<4N7kc9wRP4<C4*
znd&CL#L%6mp>q^z&vXW$LDs7)_K+dfVLJJYUr2j|Zs%8>MN*vVa<#rxA+8~%#;PQ?
zN>LAHg`~kkgc+udD!$2czE3^)&(2658#>Omg5`ak`i>kr{Ngy%^(y2?Tx;h*oPUAV
z$b^FA4sM-$y|nzhd&AtKqQV0|8&J<>XJ_-!U#{#8?$0_K7WbX++0-zhc?%{PU@Ugi
z<DV=B-&MJ0e_^Xbzv0E{!I08#5u#4sFv~BC6)HG4BoMTJ0^_rkk)6bOfj>IMEokWS
z*+I>He14f(S-WNxP&*rEwI7ptS{}>kmkhOR-Co`5;yckR)dGtK7<q5%QsvV{?keuL
z)M%C3SW0AJ@VB7rrpnF7RcbMZl@zGwJG0%Xk0{30J$n=$&36pVf<JSZ<OwMtxE<r_
zniJ>Bubevlw<J><cNLJ_ObtblU0E!4Oy-Kl=HzT-D`9sox?;0qql~}2fBFj_zkKlA
zY!S@WGsWvdq_3R)=B&obv?~_>RN=Ll@nu|4JSL+FUXRIS)8KE?vF#0t0US?xm)*JX
zUjVH2yu^ODNJdmS8+Q@|B2<TD$=bR)WOHYvSnu<Dc`fK*bk^?TV?$Ko^;_(_B2FLP
z2P-Y&#v1iF*$ATzZXkOj_3(d-*;q=vo_?%sl}nk7`@N?CwG)ph5xu@#PAOE`a&@G<
zH0?3sr1R3m7TJSxHq4mB1zLPZN=k-l17)#^6pq%NOscm1W1$s+!Zo3Xdn)&t8Rf$=
zEb~3it?xn7BA!94cSW)BN=-_0iw1_vrJ`1gc)HyIjr340vM&w8N{rL{w5y}x6-n4m
zIe4k#8xRveXg4}<JGrNaVlCfHt56GmhJm0v%Fc>FL~zOK$|mXqLoaM}M?=3u?-K0s
z7lY}!4_*zNnx>Fpd(FMP;VffS08tF3PbAWg4_WB!(j*t35;0L}-f`_*mSf{$AF;}b
zuz1zMA|Kv>X}S-Oz^_-JiSkm?8y4~}!hPH}D}_5%pxv7yYSFybf8O;fp4#{mY5#_0
zlby}?OQi2TigX_&n~93D9qi9f4R(M7-Yr^id|PGQXqES>^?u>R$G_v+dg%aNh&_+l
zb4-#L(^CSy3*pA^=RV%F_!I{1>yKQ~|9p?SBF&{?7iyTb+3rqv`x5GK-`y;|hW4+m
zAv;18r$T()QpfJxIR_88c}(VGeMe{gTSb`t?Ho=^?FL5Pwe|W#3&0R>2&$D}jwsR=
zuT{nFxN}*S67g}BTKbC}4GqsFM`$;As)Wi0>Qtl&F48YmTSf)sL3=COnx6dV6vwg4
zzuKvUNm1EOF-x+C+Co$3Ji3TsJPFy{Q=83~X20}=ifst?542vuo>9{deW2QWT_=@u
z`klB`0V}G9KFfLOIA0{OQly;(7IzBJb2xbM<!HIW(M@Zg!ThMv)&B~+R!uOBOli)U
za>yh0Bl7?)g4ae~3ixRs!MdS$h$)kV42rCk;N)j{Hr$M+b>3~=CC$9IfIirW)_~nX
z@#iy5E(j}FTg&E!Ye|q}2oB^rICB{<hMXYdKVIgyIjb#4cqbaz-X3BHcrL)YMRuF1
z^xPO>t_x5-3<FKqOt_|7uIY@BR<V7XXp!al9&c=X2yqm3zV8c2kSdnvGlsMicbD9Z
zm~D$(kCF_J9C@dc;`R^Hli~=L${k-GY)_8e#A2j?|Lo^PYi{?nr6v1JcyntrdJTN>
z-{}faeA0^7)26<^Db76FmHvJ1^7L_{jE1S-;#IlAN_F?5v=2V9MRAfh4R^dYMV`Cm
z1DeH_Hr4C8AAgPs#&SML@$;H8o?h(%O57v+i{H@8%CZxwC(N66j~;HinJB9*syvg;
zo3D4hsEU3zVu#m~^fQ+Y`bpkroL|nwt;0%#Y0@*aRK1kJa)jzgKiC_MK$Xi@+$~9l
zA>NK_@MM{PGnl($EJ8_GkKsS&?Z0U9cK(mOr)uhIThb)6Q&Cf@f9iog=Z!4$s6#CW
zI~z_5zBUi+sN~r_XU#C}_B>#@+Af}igof!@9UP_zvrZv5d*G*ETB-IIpm`DC4iaR8
zUU+(V5vAWch5PDER%kK*LugAGcf%nQ^u!ishO)xKC0Nq8ok%Je5l{rIX0UL-`juXt
zAXHCljFam#M0DqmqoTb8v^Q?8!nSUwsB0mIeM6Nc*T|<w`1v8b!?`jFxbV<Kv4zKH
zN0nMBucXU7cGnjs<eXVA<*tG|`zmzM^u2;dWaNq7dKOhdu~)O<@2DDvWVMm{<Gjil
zrp|qiYhGm4x+l%E6k>oHXh)d5ZW7D0mFyf@!wKm(KfBRC)^e3e#Bc2sDJmxA&hfI~
zbMamR51ZJ8Rb^x|;}8Mo8$-5PrVNPHQ;}XLvRsg#e>TPFyP>1=6KmALZqhBB$O=D9
z5|n%|O`m%UfNcAWs2}a^>58EPeT*PBkz7A7^Boi{YlM=x5CJ<yy+Gz~c!Y4ZAOCc6
zqwyjB*SqRQ=TD?mq9QR(L6t&h(08^MSvmt(tWS}HeZUg57DStb>c!t1*3gP*?Nu2~
z&9swW1-ZevPz+qw`pA0PAVR_sZ|5i?gS%l-+OAZunir8c6F*V^JupHlfG@stI@36K
z2Ti)O$;`qc0Erv`frC6~nNSe2&cnR|uy}*%((w7ws^WPoTb~V~l%}3s>BW_m6_`V4
z9k+z(i0x)}(#b@(+7{amH;X!+K<Wd!)}Sm|oorB$N$mwTA`94DdTB=`AaYvYI*A?P
z5qp1=@x~T7!ICj4CB{9I;RyQ|Bb3PGoHAIvBWp>d<RzvfZzsA6DDC_)M|gwaq~Z<F
zUoS*#v!|jnLMl7Qzqc5nL=>WM_N$*)_#Pv_Pcl_tJ<QK^Jt)~Zl^j^T#O^z0x_ue|
z_N%>r=IxDMCPnHy<6oS9Hcd)<Xr$ptyGYzusaEKSK>}VTC4j61(9SeY!)%7|3@ylb
zZeCdZDw;X?XB)yZ7+2>h)+vVUn)>t%eWU5>bZPW2sR}+uB74P4boA%T)SpP|-ffvr
z`oOgTAPvc&+bw<(&Kpo4Et-3;D`h3@?=|IpFnpNHY4oYNupBl|WxBXlEyp~ewtbr$
zA8G|n>B>VC$rk5r6yE+HR)Ylohq4sp+0g~>&zZeW=1*kpY-f~{3cEY9K+QQLlAr|V
z5oE(|YACgy&B0l1DBQ(uF^~hgK9$bc$fL))+6l|LH|9g(eGt&JQRa*f>F?iOaC`2J
zCNL_csX@CZ=l+rM&JP%5DWi%pAj2zhutmHCbfbNCH6YvA@Wb5YTjjr`-5#ytCMT)+
zqF0dKJf;AH&xopQt^f-^BGx&OAH|aG(W=N+(~v#H8_I9R%Fi!;%uu|;*ieA`vuXl&
z!t6H}=45R<*j}M9%>$h4CiDH>>?mvl#iO;->g-2&^E_SCk`mGK;Oj~DYrkn26Fp#|
zAX+ywRIx-GqhU8AfY{%GkfLt?0?I9z#ao}GsF>hOY_bM;y5W@_DZgCQ3j4yf^gAOv
zQ)hF{Cgb4AZo6wpuwszB>oDWXza9kT@v3*UM0Gh(3yAW)<#jtk(*VvlV;H)7*_cFP
zh+3)9irAR~E{9(E;OM9pY8HBXi4T|~IdUK*4W`t1C_vGnw%(;;e!V^Q6xUlGGtkZP
z`OA}0U*Y?NelT!+gs!>!mA-hwSZ-z(Gc(5gJeQxcT2V(MTj)Um5eka#Zag?ha{ByV
z_`|v>s1DgNuKx1c13Y(ciPy^Bt)tbi`xoF^Znqs^+-mo~!Q`GO5!sC?bvX78&@#rb
z@l$9W`#|F}SUMVjBYXz;k&)a}E&Utxook_Ew5u@xbe<gfv?-8E;<Oz6uwdvSNI}DZ
zcdo?a++;{d&;q{|<}?D{nIaRew2n8JnVD~@tr7%=@)JK$)t*)Y2wQm4T4S)x0bA=e
zK<K0A)Rkz`A4&xQqd?bjfXV;-*Nd!CE4Iys4ie<MCBRxy&$wmW>tE90dk-pID1zw8
z1uJVlIw+xaY^PQq-Uk4@`tR%B1Hk_SSpDDBHTQ#>9T2v&AWy$MvG!B$PV!ssUZpU{
z%!W<&O^0jdiXf`3iJ<q#zd-NPa=9i$_?ai;VFQIk{V+ZKW$OPof&5CFw9pA!9;2qP
z0k@Gqchxirjd`yiilI%|?*h3hU<r=fYyv?;4};_+6I~>aizI^W;78GW&<cfq;dGQ4
z++V!**qJgx)Gd%Gh`;-KPf#yRBP*+@q_mlvn<-iwsqmj`g(vlF;UlHmdxH9&QH%9j
zKaeb`7u#~P?|!)(9epzt{W;nQ1ZK&+92i1L3+ZDY&^Bs@<lbT@3j2r8T>Xht&n@#g
z?rzngreAHZj8`ma-<R!-&iUj!&&(!H?Gp&Ge+Zt25TZbxWGQ}6e!gM-*|)M%Te=o*
zHSm6SWt9Uj;6tn4iG<yDygTb5;plvX_+_;AzRaWhC!T3&2)?dZ0y7ujtn3cG?W(!P
zJ=d~LEi5bm)RMFX5E4oh82!4ekHv+7pmsAz&_QL(MuReH8Svlav^2JxYHa}2`bD+M
z$BIeSug#|QzN)NL1*b>K>owT)K1ycZ0_B()G=%a8y;HA$@-;B)Ol4`W@4cZa-nzow
z2LdC|o0-7m&!P`_*ix(e06ICT$ioVekW$P8uo$<mVut-T2elE8^OXK>L1Ha8s74Ur
zN%pxKnVHf?N!<887%=)JS1An`ePr5wtQ*TClu_!y*Irj!YlH$Zd}0cPsD$xjZnTV(
z|8ex!LBK2FNx<+MMCPcl6}LRsy1xp~U+@=BLH6N<ggXIijQA{FsmUCoF=F`4p5r2U
zz1;=A!(3-}9qi0N7cpaZS3ziC8T^Ib&v(vdBk&}caZ(cbY==vo06W<P;vUX}kVAkj
z==E$T3xGrEdQHYGTZ<?{-zmh$_mal|kZugjdR=*x{59<CJw3{xRgqU$N3L>lan*-$
zuY%})>t*#xzbM0a4!|{<nYh-8=b`MuR4nlhNcRI<j9xS8+Sm<HU-y9%s`4dct&qbG
zdLlVKK2KAEDBXJi-e!wg#nxzvz7<gKfqj~32B04zZdsLa!m5EAM4g2SVkSU{Cn)3{
zU@FZqUcUNWZuHqetYm2B{HPa^0=^#K;Ch0}5NYhLZw4;UzLDwU2x(RK#0*R1i`AqS
z_~rcKg+}0?QjG9CeIo3RSye1gHJEq`A^zvMwee8Eg(ZDm7VisiKS`E;x>hy`Ajp^p
zF}qCEV^+<Q`q$TGd{pRlgnIfw&KqnFH>?4Gz0W6jwr9nU1p|tcnmD7c)t-hi>>3-B
zsHwG;<A34|MoPsi=P}sE*bll3urRqpc!~;ra-xS1lpRX0w*pr3K0P56Y|Hr$H8<Zf
z_)!6lI~67dLl3Z6AuU9GGGTw!EV6E?nkr?!QDbElqimL6QLEb=F|&9!o}`bD{0Bu#
z2qh<AP^>~nD{O+kHC?RCQK93GJ5=7$JlM_(-#s#V4v1P1j}`-Rq!iJM>}_X+vcEV`
zsHYvo1x#i%B$y6na~iyj4a^#<m-y-2vHoe+!J<G8sB6&D-BsNW(n+oMMey0taG91u
ztn#_?O)C5C6&==>2D-BTpe1(RJohLeK7I;jH^5-IHRM)@ROe(b09Q`M_cA?($N&2F
zx2IpkZJ;G+&#pTLm_|;tbkI#r0(j*51~Otg612{<sx@PyMFVLWKlGh0KJ|wVmndg<
zL0Oq9U{G*MuD|qgf`+O%1JZ0)zp4MXoDY{8${(Ek*xfr5)X9n7Ou9ZFJAdfvdjhk8
zexgNO(o(v;Qm1?kf(3dCm71WHs|T-w5MkTPJy0=4ZQFPA8pr1AGoqY6nfD5=`JbNF
zJf^=3v+`9Y_tbu*nyB&>6CFLFq5L)=@^Md-zpnt{-I*(GBK{|On5aN}=gY--?4^eB
zgEb8^7f#{Aa^`g3sDq>@E`$wrB0ADH9X)lE6NwYOa&w5Gei(SvY!`Eb?P3Pk_kp)S
z>XH!AJNb{w_efF+Dj$rqpw-vH7v-PWB+Lyb`Z06IX0Fs}qs+nVSs2H7Y3;y)GJ26?
zmUCPExkF(YZ(<`Z3(26X9oc%um@1Ac7wNa8zj$Cq|1m8oNnB#fLH5H63w1Ey!#vv%
zphkq8`MWa#YL^V<c;p%`$uTlkcYd&7X*WkB$)(tYgAtKQ85H+ORC!TDfEi9z;p$)X
zB+P2^wHV>)xi>;GtH5bEc1P#u4gO`^MYn$eRkx{^BOyKh#?oxv8+z@V;->q*ezaFp
zGxFMO6|Akb<y@M5qPgnB(XkDbCHP>&?r6J+o5G_Y6)rdc!zDZhH`v&6^|t%0lk8W0
zGRwFTWeqx**yA_Hfw&RJ&5C2+>$VnC#Jh-55rOvgb)Fke>oXqWwM<M*WtbA91Tea0
z=`}t%ZVe(h*tjN5H21?rdi`?LrRbgba$##!E@Mu41%D1l>PagU)>1M6kO4q@6g;2+
z&V{6V`p3APS)ip(QgSupccR5WV7jzI8=kj_kdcku1fm9ppFjab>;OgA%k3XwKhhF+
zP<#<FqCG89A{~^DW(K720wiDDFMbCW_+|CRylD8;5Ip!B)i;oF(WzBXq<a|`CO-w4
z!Qg{GZaeDDfptnGJS31s415O9ha2|9c$QFX;DxQwDt+BPXZQjnG#81qY<oEaBO(So
zrPDw)n)K!^!+||OU#?QH!pm2vbHlJ3Tqc~oxsZ^z@wry4AsuY9K#-|%>1H$%9k1WO
zAHiMXVRh4p@{ZP4^A%?yR#wF$K`8)*I}~Fs+W`HLk>)iG^$N-}1{c5B&EAl}ts>C|
zWfau?FtdMuuai*63t&W-iaaw+UIqrTvD*sCK?oSj4L^aj{sN(q-^S*coKOoUMl_H|
zEVy%I`lBDSqCQJ6n@R#<QZQJ~1Hw)8wX^Ba{9Il*JQ^%t#)pbui3VPO#binps{~O#
zC6we^FYAT-_0~6_(~53l8zeS)1*leGci>iSr2>I1yfE^6twMH~iV-L~z=*UWCoQ;a
zKPd%znPT&4S*>1N-)G3AfY`d|1h5lLHw^KbD3<riXA|%^EcBVi`SoBBGb$P_i-jwK
z+70~TBXIP9QIugKFAao-Wo6v3)){<7dsf(iZ)-p(7-j=6h9x~n;U9Bjs2eG_fzGUm
z_h-<Fq)P{7&xh70*$R;13@FzA?*WVZyg6D_EEjgo?-3kT+<8_9M9)cw^Xae$8c1<N
zaSjL#)v<dCAPleZ?vzRBU|zI@xxa(Df?wbr#nq&GCG3VWNTT5+7bC;fl>f|xOuQ3b
zr}vDLNVUsGhFLcm&6-xcnxPWgnJ;Rn^k(*@wJQAA;+IK3;;-0yyufIcmv>DER(CUe
zoc1f|fUwNrZZCFs5Rwh~V32!!k~RpZI|03@Ehu@?ggwl?q==@@rKvr8A{-cSmC;Ok
zZ4*^`;fUQs6%fV~l;~fy-v$(V-b52Ry`t}v0sG(+Kdr4`2}O+dTFWXbSge&gkpjy3
z*n_fXhpHBwAK^kK3s9)!=YD1&4YWe#4j{CS2Ah<K))RjL3G&w~jZ~wOt`!p(2TPS3
zY@KNu`Q8^gj`nuLMs?!i-5MIZp;f;CuoSKj5%9c3UnB`hFBoWl+GC0T`Je4Ng&XjH
z+^UPztSng}uk#;cYaIP4Tq&}y-1+HaWe^<x?D>~zlt*eP4#Y%AqEi`URo$&*1%jPN
z>h}EZL?d!l%CnqzUtlalfAz9($YVJ4$@1^dvZ7vT{GbLM{;}V)>VM&e{*QLm|DGo0
zr|9b6X3hx^0BBMt5S3*bwo%_I4h+Bg4+d<aOzYKP+2?XssrrkU8zxThlfoYD(G?P<
zqvikR#LdhhidrZIjk@6|qjTj3BCbPF!$9&q1lT;$!ulgc6<*2$yRODk$(NM<OW$lI
zRkB~(Jb3Ux>*mt!-R~HQ+50jI7V_smKsONyv1{<2L6;7;S!=D=!NlPW-YPnev~H3&
zhyTT{cy0a1TnAL{UzkV`FMBnqC^lMxOhcx{rTU96XyHD=R<$|ATVN>}1Y;?DrHWfi
zx6xB|YtXD%kOx611M7sF3?@tbgYJ{#)fIu9dSQ$GjJ#HOK#8P7ZtuxtNZ#cA!-87I
z_oOa>4bHFWhQbYC)y85MTa-f~NQP66)T#LRg2-Tzme8GJ&{kD(>;AuaHA%ht!8clf
z2LtUd+vqP9Otp1a+#jjRoG?wo=jmPgn84!vgaNV-m6UG$XQGm;{lbQzhY&zaz!qsT
zP~dl=<8_K?Et)n?I-H^~ScK-{d<3Wfz2p_aXB@{q@)=AFO}2DCL(hM_f(;S6!$rV!
z$WBmN125~Au_<s*))G`P>iy<!;>U$v!&C@i2x&>mTNL>@#I%9d@6cz1bT;A<SoS)v
zs@!4^Is1>?7g7Ev&~$*xWph4P?`$~>KsrnR`A~S56*>;{f!j7K4?$pa?C6SxjkLs{
zda}9!9PpJ(>0%whYKIG^^;edNeH3&@=wJWH%nRMUFp=W4LbJGZQ^_VJ4Mz~NfDt0o
zpzSetc7v`VA`NmCI<5u3*fWNnhekUXW@e%!h`3$I#2sY>(F;D^zZGL^QfYX`V_DNf
zpiKm83u9C20ly-<F4it~Dawxbc8zfVQC6)L(2#eN_U_s>b}*bWe?_V@<8g>vc2T_`
zZbC)&X#|Uc697k>i*;=-UF{)eN#LU<hOw#iZU?}IWVzTIcwwo(gpGZ;rC#M4JIP&@
z-|`Wu$i&1bw<F)ZIn*~`+<pw16YhTSvbn!`kKoBdT@*c|v>k9e1r1g#uqqqL4*!VV
z1UMmARIAGe^mLBv9ZE#>@UG>RRx+R1L##TM<3}{#8qMc?fEju=u@I(Xs}~uwX2X<I
znl?t_+*NqvH_SyD$C71E5Us8Cmy#^o=s|<M0UU@*r+PmL$*Z_j;{DgO*=Cc(M`XtQ
z=0%>=UVS0Jj&Y85VS#3|H^~8kK(LU=N+-{)HhEF=Z{V>>9a%fTdRwK5fOdjU#rP0T
zHBZ;W|22-cAu7<yXlM`&d0=qN{!;HaoUrbgsqN~&1NnE<mG6&H=nEOfz!u!`o~T`>
z7i|^UeRf1;hKSoottWy&en>DiYD%f}h`C(K3a4Iu`Vb2-5hlX+BhUIi?@Vx8lyDk{
z@Q5hLcFD&We8i4Nr9e7(?kSqx`vWTLu68h<v%_;o><-ojGl<Sa$!0FIjo?7HeZwub
zZ=xk8eH$s&_rc~qovF)@?f)Km@z<mtD#90Rj&BU)R8@+D&ea0a_r`$D1f*xWcl=;z
z93L$KlqrQt{)>C_LTBI>DC6~cLW99e2{dq;DBlZ<_bp=cKVpfZjn1n%$*Bxb-<s-F
z<J<aEukaNrxJHSfj&1eFNU#;(!Kb07vlvZ}6gXfv;El`6o*mkULx~smzpqSflBCxG
zHGYzNmLT59<&X2vBs(7E?TK`sx+`a|KelMT&S(1V07*sAdkAC1Nq<P6+o$!<pr5N?
zz;u5GHfvmyBo%Ms`;KVrhF@Xunf6`~$Ag_NFEv%l8E}_bU`N}po4xp?jpHSswbj9g
zA8xizS^Hr%)Dsb(mQ)gg8*Gz}Yu|1Gu?2M8qUt^1E_IM1@2mgkJl}=NX|#c671rEf
z3A#*BH*_QWauQYzsC1H6`)XAl<7Pwv(fV8gVKD;FU~nlAoHDY=FA8;7c-hi(K5u{b
zk(kd=&~n(Fo-s)T6oT$Zowtlv+eP|WhI>5-!B}3)ZUbKNPN?bEETsNmE^}D(@h+1=
z;nA+-<tW~au}1E<>fyl>wSzVFX!9ohLo6NL2RmW*Zi$`oS%U`*>0X$(kEHd%O#0ln
z-#05k^C8hDijbxKUJT$~#(0!hGV=vphg-AL)5UxiaF4P?1!pk^F2KoKfWa2Th}l_2
zvU|dWaKfNgm$VOr(SUG8Rj8pLfN_OxejEh!dHBRE#H5rGuhPEYm%GL@Faasd*-Lsz
zaxi_f5T?D%D3{WYq>gknsP=49*3(GZz%Etg?7Uzgde9gc%STsAMFUfp3XG?cGeT+_
z1^JcdD9@Jc{|z^EN1#d={MM4W;7*R6kZx5Tf{}Ft^6K+gzc{Msc`aFW?JK;=<?pME
zgv1+tab)5Y4#GIq==7x;Ojw4ulxPqXEI*DKtn5!pQrjwU0NpOlKw+Uf6{v5yD4-^H
zPNVpEwpZ(K{nmb7OJ<1m?99NnUzeM`9y<`{BCxUE1$q<*>^x@u=kCbg)h3swpw6)=
z0f*uafmuOO#2lCg$M6RF?Vb=jW!~<ecZhjp^v4f)klGu}EV69&Qww2&6Gfe}`|5@Y
zz=h|;r`p%MyQ8EjVmw%6;Pa9Ei<Y?0Kl03$^6r|-(ic#GL8PX!5!{P|LdtUvTSuSA
zjevigMR>JoGuk`MFBa^2a$WcAT(nzPaFXdeTLEWKX9@)`9l;f=U=9R}i1%C@)wD@w
zw4C3?oExe-z>3(&>}<n~%;u!juqpz;{vSin68N9|2S45=I8$@J_da}aFJ{y8e%i&^
zmF^TLsCeXyIY4-mAqv7y|Ay_k$@`*m44Qdn`e^c0V;<?}g}cUy^y>>9Ss)UvC_w3X
zoohXw_-3fm?_S`~77QD0vC*eUD1bxA6rX=!ku>}_YuI*QfVCQQA)+u1fg?S~V6+PQ
zi2|QWsgNh$nM=wBKScz17K6W31jH3TT3B;|%IC-aq?Ph6r0QqQlO&fzxBfjN?CK*j
zQI;Y==?GtYe-O%+;mxsI!bq;<<AVh(^#Hu25OTAW{F!=2w(T7&RZ=DPw5g|~foa&$
zRY#td_W>MgwAB?LsBo`uK?ujttY|yBlO#Gj*QBYULa7nDGqMxwO<YiY{Tf@k)e2hv
zCaqJGQpb0tw7Ief$=8Qvz-|?r)Ew(UrD>bd2QUWrcPamNOi8=N_e1b@o1dB5!ulK_
zmEGNGRbNvH^aZ|v$kpt(2~RaB$jm=GM;V#qDoI{=v+yDS>xJ&#TsBS$KfP~3e|g_T
zXiro8d(_)57sI_2KD$l{!U8Fl-FJ4nXPyS{^OYJyP;?+j*W^!XAgUp)<>?hXX`Dl6
zu{p2HJ7rDwr)8iA7=q}uf&yhtm28Djq|3eWU!WYp4Zm;Zo8fH#xo_xJD2D>$0&6NJ
z`_+H^A=*RKl>}k<sEdIE7?6%sc?moxY*HiDpUCV9IE4oPwa1*pE&5<Q0}DlN=JmSJ
zn<JR%ubk-Um(ma;mM5fX*I!6rX0#*06mo4F4-{~l*9@0lvx~%F>AX`UYUNj=-OiB`
z$X{*DDXZU5J3<kA{*ST3S(lEUh6vR9Am$CPjZ?O6Pcb%EC|67SCtJV4W(?!Y%YS(s
zrd2`yH@j^h^`#(cMh*nW=){>RNP@}C91H;sXjfZSYJ%>Cy~MQJ#N#p4iPgBp^YGeG
z`&WhBP7D5&@*aqAIpzLgPEVNj{Q0Ip&b}Q-CQI;K2ch=7YCeM-Iw;GmUkXTyE=<&8
z&o2UY{zI>z!%my=_u(9Qq7#!C7nW0y$H<h18d5FV%4#~BYoeC_ItG-}DvuyKjYrcX
z!Wan*aR1|J$q4a~tBh?<JKuKJXWSb@*vpOats4*uqjXU4o-94H(#>FBPCRxIWtV9!
zOW^|tbqlZ`zk4!8x^@g?5R2H1%+zZIVdmC++7OMvCouo+=&px4|2~WFt;hM?)z!wc
z#C;T1Kr35tc&<;WL|-OsK$P-JwEM@@LwMR+BOO^?XO+qbCsHHw0vckklFFHSpwM`V
z!;h$Wy}w7PJL5aBr3de>A5`>fv9o&7Wnr?*zc@C|GUkRSS<;JOmHh{o4yLd&X|uBS
zM2Ojy_Y!w#hmH@(5?Qky0fG6qKt6*Ut6fK-3jwxr?B-&d)RDCzbk+v2JvPwUAYLf%
zrKlypTqg&WJGjSWkM-^Xan%+pCF3+xbREa<^%}Rc4*ZphB3vCDhjOf4GR7bVAkj{y
zoz2-e!50z1hJH=ZL!RYo`e$YvFj<`t|MwSS<U0tPo`sv-HJ!*E-++Kq5W+SqoASXu
zSH<a+zi+}tUi);%v8At%s5;4vS=)wzq~uDlo~1w_hhMpY@hV?iI180IHG}>|f?KPr
z4u*0quO-N_(w{5t8h_GtI<)Lpkek+9k=3cAoH{EnLr3@M@3{qCz}Z^Y4CIjBjXlIP
zHED|AYp|vd2gvuBZ{ao_mgd9wM_Z8mP}rQmR~$b2?CekCu)t*?qEep}umU;#4fAXt
z$*28)Pb0_o%}l)KPem%Ls}H~gMtVvPamHfh{5Z>nJNEkU%0g<>3^$`*(IM{4jCW_O
zegEdbm4}bG0YT09d+0xXx-fcf&m*8DBlG!!<5S>k1!a{DP}r4<<xwZq`Zv{ovbC|S
zfWd?+Fz`QP#gFe>7OR~T7XPJTJ{$E0T^=w!(dMcm`aKNH22V3kD6KyLkvjF;CUXEi
z4zu#)2l6`5SldNsu5{ys9B$cnr-Ssi7lYE&I(eCT8OUu=$bdBw`o!5FqJ-vej$AXq
zy#hRJ|D@VaH~af=P{$K)GG64gH3#hjaGq|)>V-FJ8j80DtoS~jGb5RXufhm2HzLq4
zV5O<#GB=mZhPj*Ul~wT)aIb5>v*rHR^7TJ1VebD1)(3y{f7Ac|Z$4@J%}FG}1tr;v
zML!x+0o^qiWw+TR$SetvDl84vo^@0C8Zb(6BjqkSU@#?CGvDgioNsfCi~t(JKkHk+
zL>Xn7=|obpIl>9(iZ2(i#Ar6INr36WV81&x%9OG!L$4#6%QgLk_%Z#_Jvi3=oz4qT
z_!FZPh<<rHdiwrN644&*q7#w`dtXuIRu+ek!Ka9yIQ26();sgbv&<}`>DE)7X(+&z
zMytIT==()v{r7_z4Df37UySa}9_8%U<9iuW^q>qP=Fg!YzoyN$gcI{VeRC!jNT{~}
zBR#d6^pupnLphBBDuxRn$eJ_dU|m71)&O@p-MyTz&TsWIGEk1Y379XQ_)yh7r5BUt
z`!)OVaiU5zjz>W)dv<pAJe!JdONlx(Kui~()EXiXA|8}?jJlh_MBV*`gj&e;Bz0?|
z!hI;v=xxyQNJ$_@{1<w%_@|#V*aHZ-Ie21b2qYepfUqQ{m?GU9o})Lw;0EDts+^ls
zgE${*el7wiYes56Q}G&)O=2LA?|eg)VsGX+tlh$O$oPbn%i3dHD2|-JGwq<z(Lz*N
zfG?!CGkiu*+HeWL6e4usu8#+c&)PzV+1#u)gfONgfFxl7Fkomj8tX6p+?X=7!IuGY
zg@xYn_p998if`?o$*+MKk{GL;(FpfPCeTtOSaBJE7swjs1!6k0Nl57q05BHTeB~*R
zlC_9u?%k+SlCd>laf+_b6jGP~v?fRXjp7<~gG|cf2o?}q$ObN?7LawfM$>VdwMHlB
zS<iw~Bk5Vg9T0gS7s0n~ey#5=M79x`@*40u)85^B-!b37%hBPT8bTxt)hW{wI>l5f
z<{62P3iu;`ayVB<7<3HlL8MJ&hX6v^mcvCS!+fV9pm_&{FFNr7K%oW8^rfpnEnCAA
z$U0;IM#+#Pql68`4d@t&<1U>QM3ulv0^2Oyst_i&o{{i+W$XxfrqQ%4l>y=+kI@ud
z9`yS<tNI?Sj9Jm5<ZW+xxFwR>#9)0VyoITs@V%SEks2jjqYmU^T&25<ut7%j)>i4y
zHwm_Vg#fsuVB}}bMxcEGn%XqGmz^@CPy7ze5`Vo{-qhl?V|!_1z32ovkVy5*2VnKb
zV4wi%YWxS)udG1;Ii6Mh;rZbvrJ2<y^%8rV?)0zz4|-0hDZXuppe}%S1~8Gr-MVh;
zfY=@t$Sq7c+IKvX+pySnnk2pN8&J6C+PpKOjUZpkv|#PIDwC)Py<{y&J9320qBCXb
zQp$2Hi;dWBtK5PB4<Sa#ym$|Mc<*K6)!x1J>yE$p?kQgT5?&wpcEW@ihs&D@d+FHH
zxMdl&jaDNF@c45(JzgJ-lF;+oYHDbNalY6ELT)`R=8^w1Ws+#>0KfHE_YQlI{QQEo
z*950k)-<%~B}4L}BZk2e3u2M6NwpVz)_^X9$-x+0U4-o>l=<!J^k^7mJtcyC56a#}
z(I7s7NWjS33<N2JJ33&4p6iPPepWzSY-8$6?q}kaFOmFJh_3TH%Es!3aOzoNFeOAm
z?7anT(FVY1Jl{iViL9OQDi;MgNEqATvCrtsym=X$9$%x|mI>>YOH1Q2JNnE&8nrGs
zZNwyYP!KEO3gR>nE$0G!eD)k=93LSo`XM6saB@LGZ&^0kU~3hRP>64j%WeE!r-$`N
zywXyNHx{DZdIyPeVvS;^CElM*W<=nx%X`>b^PQ$f;prz7b^|H2nGf#aw6L^yixw-_
zJwD9QCwRHLuRoTXFG+`Be8>q>RaH$|zH_chHGLhLSBNd}8I)6$kr}~r-1`tMkp|cq
zd=ohkb~|aZ@jR|>g0LV(r@dIsH1<<PF=yy?{26vA#hdZiAwnw1oAH)$gg9~HHU0CF
zM3IFsNJD+W&SkZNB&wjl+L3ZvHYNJz%+ZIBESUozLuh4tJ0Ky3(YUhZrIB*VMH(Ly
zGoFnQ4qibE+1T<37@#4t%1P+hryw!K0q`s*lutXsHc<n}lVS}(jq?-SaS)`$Rvo9F
z15RG#3Q>^}MO?dxp5He|wA}?bVxaTKCIt;w0b>QaVv->FxcCm_q9Bn!zVA>dz2}Vm
z@Zp0nDOnN!G=X>-0503XhUI7k^0fiL$eljb;WuJBjq75iYS$ju^>WrgIAKXfx<vIy
z+D8dxi8%v}8>Om2<}V?2GbKJ=|G_ZZSqK=ig95ty+Wb>t!FPZaH!txLFHZjq@s+^S
ziYosBa+5K@`9UT}tewv`UecKim4t?d`hmOz47-4pYYmmGyc!)`=vegwj;rsu|BAlL
z=8&cXX!1b3#G}Efp990ha8(V|2}(}==F;FzLS#&fAP!J}KcYbi%5K;0#yfmZmTrNj
z98aLH!Bf`?m@r5U0;Cm)fmQN(ieHg|0P)jG33U6@Q}=*s<L3F<y+D}6L{BJT<6uuq
zlpu5k^xAW`0CE5p)Eq!xxxSlR{rQFds;Zx_GG<jUeS$O=8yGc-if|tw?+ifu%*{Qy
zdn2)=qy%Ua@G=M4ZY{l_GO#l0asF=f(S9#&^_Y;Kgx$t$Vj^J5<dNCOFW!w$POirg
zlJ1BG?g<F9;D(FTfEkvNXY5-J*WDFBuoDW+s;}Pf5aKj5g6#Jg@qpdvIZem~O?88$
zlU$2g3WaX^pL?JCo}$!6i0T*xGZPar*#M%Xf3C%o+9ka#ZLH;Hmk{wsFW=v*up`pr
zAS8!P@8s@T3gS=yl_=fX4I&e%`tLokxdK~6cFHkBUq%D=ZtyQ=iwCe?pCJD9o2g%a
zk;`(qa1s3f2$V!AO*dh)As7XX6LGczA;BO2ljEz2cj>2kk{Dh9|Nakm{qCXvk`|4R
z3kSi!8DLYX8pT0hE=lv9?Avlt!#LtVe?!zqfqJXax1w8Q{6!k>7sC#$HAD~h0MZ81
zAP_e%Lx2Eme#Xc=9?iv+Gh9{l0$Rv8Nt#2LP!uGS>h<Trxj)lcRk4C!Cg#{s#V8u+
zqku4EV(N{Mwxo(WW~9&|qyC(zOMzqe)&#rv(=6JYAlWk8Q&8Vj0qajMg!KahHT$W1
zwxh(M1h*lf^*YIbmPIXn7!<bMg;pjuHZ~AURqz1G^1Ss5m%|PhvT!Dr^d|d;7y8QT
zL}SO@PN$YL-G_K9WQM?Bgn)iv=7kt%R-yv4QbGB>G-!Wq9qOl$w5a}8N33&7@uOtU
zi%40DZhO0)1w6#OduP7MX`?^oJk$tVH5}6r96dMEq9ETTE5yieHt{i42oRA|kWKNU
z!tFnP1t!BPVh%*{XMiC9NxR9|lLdk^c&lMo0=SHWT`no%SUZp;$X#*FbsgvzUcd$Z
z3{Sw(K_J3Zv_~6FJ0$ScLGxT6Cctcwnrk>-3(8koIJ5?|ZG0Dq3DTC9io|YugiqeQ
z^x6bM%zFNFR^!Vt(ZD|YxSSjw_I%`$kFRTcR0+6Jgzy<iU_abOut8?K(dRIsQLQ03
zI2Mh5;1#<<o^Hcl;~#v%(OxR#HalvtA2J+Z*)_$RW<@j~klfq3@>Ab_^Q>VNs1Ar%
z44K-7#TDJI!w~6hKDVVtg*jj9O;qPX^y__C9<5}NYNApcRLDCknzj#VB<>Q^=MrZi
zMdVyL2A`;Y`og(b=PUi<7*I4ocL$jp{6zJ8hwoA^onGko8lOzElZ-SMg+vVuyb1#6
z%nzfHW}e~Ztw9xu><vAdDat0T)aSv!@l!Q`Y@xXRSU~X9=#wWYF_Y_2X;(-t<MzrE
z#gTREjz#stoMv3__!Sv4Yyw00pO0jDz~Tx6haF_;?uM@dxn>7mY$_i6h{p&=vI%zC
z>!kTrqzpP*m{^Hk4$=2rG<RktynUw~#>lRT25!w?@|&1T>rCcFdUN!_DLWOWax@Mn
z_K{4x{tW1cPz)*xa^!_yK^~8}@3W{WD)Q_J_t#p3K@@O4HQ$p6h{E|7u!j%>FaYMt
zrM=bL<*-@AP@H`1{FX{u@%G*s6@F=F!4PgYQGZeBQ>&~Kt6T)#3x_RGqa%CsWUl80
z!T<(GzL?MUK1!m2L@Uiz63`2KI^eR!ZriTuYn3^4s+qjhh1jdIv}bv!NXuqQJ2=0l
zGye5n&U0n9w_*H!uJ5lOkpG(Sg5>D3ef<?eQ*N|mzyS~)G*>3YvP2m-+;t*UDvEQE
z*xTuJ`{$?Qy`5NI%R2&dm`~QNJV0!%TYq{8s$9E_8)7_CQd2GM?!aUT2NEv^v{%Ty
zOilqPRmNvcWlymnufQKEp{;P%s<fN4Orbp5P5MK_sj-JSvuO}Yfl4e>7~S1oP4y-c
zQOSGlG(h)#cR?(oKF`5jMieSa?7^W(8h*Mtt29H_;+D_aS#GHI{P|4L7lvaH6l{4k
zUJ|r$=gv_I@yiFz-`?c2-%9WN;gvDUU=ZA2WV0H6{d&%M`8kMyM=u&3$~ae{$OoMT
zxWI`0AJQ|vvj5`OO2RsZfEXp+Kj}Hq9%jLu`GI&45cO-7DAenGOF67QTlba8jezC8
z9_mP*@9mu$X2>K|uF-bQMl9+~^Oj^VkBe8iZfe&xf%r0XMCTM{j*reMai*9b>n&Dr
zUX3n~PUJ+=gaRG5@OGtvzIRSA;$p+;?$i8L`^kb2q&g*vw)*t?C9g|C$~F=rVIeQN
z<kqzb{oR@9{n@e@j^15hHV&P*6fxTGPfos|Nu>ih3C3Z%jxIalCmj)g!ilXpPhmoH
zloQW$;rmLA-8d#StT$TlyaWP%{hC9ZpUT?Xg31Kxj-CVTn#%6wK9b9iiEU;Z?;~*Z
z6O(jcKqQLTOR)4Epw34PsyUE%2AEhp1j!Fkt)S^S5URhyf`Yg$Vv>gx9#o3$Y^}T|
z9xa)@{4+;DGxSI^dp#{yV|Rg{C1!Cdl{voHKxn_hccvl5mO>?Ii@Rz<!o`PY1N$Nl
z@SUAefg@BLR>rJ|l8R~<kD@(&LVTetG2Sn`WDW5EGGQ)E8C-yeT|N^Z%4?O%6#m7M
zFzE^&iopzrLJRSJTil7yAX`b)i?4;Igh3^W$p@%%kVq@$*$Pw2v-RpKauXQ}CJ(C3
zoQd|`nKuclk$g!LLBizE;BW#l@OE~{`z0u5Tf_{q@tq;cy=RVE&ab>RjMpJPqx@wa
z+nX3dsCidX0*+;6yD#-9I6>r`!{@rcwxVYh%sLb;PNu0-^W+9}yq9}_>gS0#Q;sMH
z7_$&eEbB7nsBugpZ4!H@B9kyxs(;G`g>Ky^GS?-uNgs>Uz?nNz%c`S)1k+B%Bihhu
zdi7uMaH4V^T`dz>HjeXqo4uyjUxE%h(b@9`GK$}2p5ePAN>y7Pza2zb+*Q!usGv$@
zfM;8!(08&8l|=hk`xsvsYH(*JeyxqafeiIL9qjvKt{LCD8yKh^Cm9+k8YxCE;8=!i
z#b^pq2ihDvpBI#5mdaYt@SNF#;ZHm@oaNBoiuCLiOG>X)AR~`4tMEV3EM~WEU#ZSz
z{yaWGfi~EXyl<sNL?sj%A;sDdL092<1Hqf^a`KL3>+vATl&_YZ%0}<E=8atA`MWDN
zvUSr}*8fgLw<wyf*d?Y|45$=n7|cavCX_6BX1UrY90)y@DrRUozaQnX&tv{z9~xe3
zv&s4lXE_FK(9_ODDRgHhNIx)09!S=idtyly88A3yyV9pH?nM@yQWHvVYp^)=5}hE(
ztlZ(~P_JL;59t@#HI`x@l6(q-67uJk-|rme2Okd4H)^BJ1;SJL@K?RhP#+zN62ls{
zkDsvT+e-P`v-bb6_vYbLuW#S5vdb<-J4q3m5R#N3WU7!kGs_e*EG&{Kb1F?j+dPwb
zmT8%-$`nFomML?VDPft{de1NI`*+{Z{r>YD&wJd@@!rpK9Q%*Gccrzi@AW;e^ZJ~h
zp*^YDm-w`z>xO^#y=8DrzGz;q(hx0Px1!q<^XzKfs?>^1MR#s@lvG3V058Rpb)=_J
zG3o;0Ok*{7g&onqUC0T?aM8-ciHl!tq)xzc<kyZXe+?Ehup%(DLsj8+f*@V$<-2Ym
z<yoUeZg66{W5=H^ogIIcupiBX3P1X0<nLp8zGMq-%~vA#0X%dh_vXmK6_bXnQjvc&
zzxa%pTM?Xy0s`Kpehmw_LVWq^CX)$H#ZfrC?Xb2)?bCB~!w>VbTLf!K$3KHegsyYJ
zE@biv%8syeKB{3+M?N7dQsYhf7hAUiOvz`SHGaY$nTr$7ZujT0`BvT~&x(wST)I>`
zx7Y&{A?!XqeAa{}`aOiMF)K3|Cg%n*UnK;jl2+5@JAEc_`qqD-RI)lXx<4JP<AO^&
zSIKS70knErdRul};nZ577-n6szn^iul{)q<7+Mp4rL0X`Tj?t_?RkZNVm`#x)ZK(t
zFtt&WM9<iHU-?FRM}ux>V4~mHy|y^#5UYgTK&?cw({aS0e4rVth7-Et{IQ~?{fJ1t
zV{*Snw>*QZJL}IHT8ST)_Ai55TSz;bJfK^uPdCYY%{an*^$|cjRB!93dTf0tWqg0|
zm+YiS;bJL|n*5dQEh!S^FjD=<g&`E{)}DB?M3u8AtN-(?lIOktQ$~*)eA}4w&s_XT
z-luHp{^@Y9ZpQUy_SfPL@G_R()()k$iS=eowG^^G?Q(IT9OREo<E%EBK||tmMwCpZ
zY+F=ujD?{0WS-B+QyyFVE1&7skOqC?Nfxl>*B$_SY8r404dCaA-b7*a7}p&i<``dx
zc9LpmHk09G`uiv#2fikex}8+CCAJ>qe^x)U?VKs-?0HW$3V28DX+fS>!92$wX+u0E
zI(x5qMuK|v{(|3QlN+Zi7B3G*7kE9bmYc2eYzD&p8}Il45ov-_S+&n9YBlfZ8*;JX
zB4z9!s^KzX9@=6~+uK)y{~*|9{dB+3qkZU(k5;x3U4vk4k4fxdmj<7ah7aPQdU?2W
zTs^dz9&&nePSkdA**47IJcr6~<0Rz4#QQdtv&k>dmVVyE^0I&w)uWWApS!wj{q}ds
zs;S7;u~(gIZ)?B!!5Ne7{IbGZz9@xYt^14v!%DscOi5NtJ-sB~{YqMmG^cPb;UV&!
z%K3WNzXA%96HA$sW<q(c3kb2f28JJ^KgR%8jdI7U#PbKrpfGETBWXFr!dnuARozL0
z?f04$o)3cc3#s4*(eSi!vZvhXV{fC$3e-!2eWZkaom&rE5LGy^bh=MQ^vK{8;^obu
z8oDOhWL|K17Q%Tn>Kvs$^f+%f=~VdIWp*z-JoooVtIxsq<e!ZLr&{Jv87au-V0$4p
z%A9um^K^hE5BRwUt?)()Vi~d@GM9@yp-WoGN>Bf=GdzKgNQ5e7BY0@;-V!Y~xk1e|
zd*Wl+A|ZPXHU#6!+AGW1m6`8&DW2>#K+O>d<FcE&rc*|jIqKQXj~40HN9nUD&w3oD
z`orpyPpVdEQI)ex8hzZ@Sw&CJ52tJqOq+l82bf`2A`NhwT|S7`PLS+IuWpGmua{pY
zws=A2jFpEw>krke>q%GqXP0&IG|Bjcb)(s0o6=eOOH#}02JH6ChnR|NpNvSC94{LF
z*~~Lpc+}py{bp{oaY=+O>xFxKRrXAYYd#BMroL1t(U}*1P5CU@=HM7m2|09xVyh`U
z-WvPZf#`QoGhkMSu~_ZCVuaQN_LAg~(`tVgPtoB&P~C>8L35gHgK<g+d~=VPfJ-wY
zE+ZJ5qgfMXRUj|;%=?+4T2y~#$SER}63s{LFWMtMX3m=_=*GJOYXkq<su2hX)(%B<
z^QZ1n=?&Sq1X#v_N(Ge1fiOO<d2zIxFX55?mZfxV5Z0ha-k8vN#h~CKFsGpufC99A
zvb|n!U^CQ_mz!&b1vbK{;Gv?p(4_F;K6%QS&~;2M5uui7-kx`WC`%U$Ewz6c#Tzuu
zy}yq=ucTJDpW%-sZqxab;w(jnZ2h)d^34pM{ZQ%%?oG!xRFmAmG0hIQBUD_89|`U6
zSS3^q2#}iXoQ)FV5|0NNhIie`?Az5@#nls^(zB4d;5F7I<9o{FH+i$v-Z&SUY3ebp
zxP<vH(F*Qlt&N&;W=J;Hck3={a^o@=z}R_h*s@#ev?pyN*zGAlPzcYKhYSzh7ECvC
zY!zkltZO-AuaJPSapVpPoFWJ{3arN1?vwLn^+ixRp7&Jx^n3`XPp?S@)(d#lM1a7=
zo3zYodx`SNiX=Fg##P@73MuZW+M-pH+c7Pg@@`%eH8&Y4oaZiH_dGuCozq+3Lskx#
zJQUU7*({_b<V{bcA30bj-&g6XKGt(KaHquk3Feia-%wjI08m?Ghqahk$-3>M?OT$L
zV;3=OM*(oOx%YB~I8XjS!ivqO3vWq3<Kp<nKB{#Xh>0f;qzhaYD>{7Q!~_Rp*SJ?J
zoleCY&AbW_{ndKl3PrI&*uar4xq+TcV+8?Sw&+jt3g_yks8A}>2d27Ct+F60z3g=t
zVhCGH0;zE4u95>jF9r~WufQHj|4JZOF<4kKSj$3vefjlkJ}?Nyz*83C22g%14#W}I
zOBA%57jfialJc#RT!T3lG3$X77P1{;$Hl#(Z0NXUd8_h6H-)^SB%^2XUc|Y6IJ`1g
zhyO_l-6~QgzQuv(J$ebz`?H7<$lE+K?`=c#!|bw$`0IBrwT;9`!gg8DG}AEF)KiKL
zFS%!t8|4TzKJCb`T<t}5R*ii=Zg1o*!5Ug_?N;f-q(qTn^7|r;!JE#j(iI0#^*t%D
zUr%|*3p!tB3oUBVjM~yr%Td#h<$s2geM<}>YD-Jk0euMqWn>0ySu<eP*dhA@+n(Eo
zB~Yy&DLw#$JAQDn^HjXJqqF2|Z8;MmMrc>Nxu(99eDpk{Db;%cJA#Ue=c1aAm5{(V
zxa1X|WTK^b#rx0L1NT*aX@#zWIyK)YAblWjO%69Xux7I+J-8Trifru(HY1|}F+<f8
z^7l4~&+agV{N&Q-Xwp$(ACyMF#k`u0$WVH-K+bOlTt1_7)~n)#4xA?h0bQ4N_KhHH
z5aA^0Tu@I|b(s5)z$AkYpl<Fi><$yOz`Y`zv<!a8?VAzg!xCQhnCz;C*A-dR5bD0V
zJ<e=&e?C*QW1$@V>yp~Q3-4#<LlSzKja&jf!bdD^mf60!k#dFPxMw=^-yiSV>8ZCe
z_s_SQt-?2G4hs%?TLo=4-u5QPW~^t~PC3iL6`deB`)9j-$3*|%j)Bhu<JqC_$eAm1
z_X)KME*_N|&|kK$<cU7DDk|EwljbtBDdE&~La30-oWoB^!1-g}A(MIYlJ$O#{HD^v
z-N&7NjKOAOZo9j#N$k5Ek_UjC9++PVhyUzS58x-wHYZ0P`@VR9dr+Vt$<s<&z?D(3
z$JT^rJYeEy`S!CGn)?HxN{2&iG>|7P%$bYy5T<1j*rM`s5mC`*=NRWOL0sxoj5*eT
z_%Z%{ZmaX?QSw2Fv--E&m3vRSjDGe7^ua)KkPq#fcH_?+*XZS$3_BALseapc($bJZ
z@(eOVP0MqEQzK0VkxW8HnkT8>!m6#dPojXTXPxYnSI^7YpVS(?vs9cs@+&86v07wn
zw-`XIL;7Zs*Odg%%)B{NZD>N?9N3k#h?y8U*bZP@;y*3kIZdBPl1pfgdWv~9!dC&_
zO>WeA#CcOPkKF~z=qbBbVt=_hU!dKfDG3rQ<(i?}nOAv>PFvrS4o0MjhZKUhq%}$;
zqtipx2Bl3j8YKf2*y6$H767z`Kzd6>P?6IwNE{P6`@tDbndo0@1$m80Uxv3DU!hV#
zh8VC9*$2AQ-{wo}p9_r~I%5huf#|@23)<HsW>{=B31p|RcbWJo?}Zp)xWihwYZW~!
zir$WOpCBduFxXnpQm!&6zqNU^8W`2hoKZJLZ30WT=#<vi(FID|o$}MZ$|)b^oh)ZA
zKU5f6j#JBv;)RxTQdXRLXgfZzKc40TJsNJ|`R|)wW#QyIrEgpK$DZx66)^_tCK-Rk
z#J8_MP0HJ0|I752(>GkDv(%F|N|a_UaB^5YwN44kEopqlb+&T63lH~O8vXD&=mX=E
zR|Jq2LsQe8hi_wTHjX|eQa%2Ke{r-<bLoZto=NBQb*ku-yfBGw{=@5jv_`@MQ`uKQ
z`s>o>fM6`oYMBd8S8*ke^WF8M2&t)vg&;Y>^F!M`Tq_C-C%K%2ZcMU(qe`E~Ms85Y
zgjBjg<k)6{bslc(a)X_@)gcPY<~@u+cq<nSedSkIS2syHG`9g{2E;0hW&^Cct%toO
zU}tXDY+B`>7TI3n9o%wBWZMbLqj^@&pKCF;Cij-TEH^>^11`$W`#l-50qSwf%3zYh
zGEBDvm+VAkRb+Gt9+-hU>35un+M{cI{wc~R0yu^UJI_U&{GB7K-`i}#H0JWv@d;Ww
zQwMxm1ZDOkTPj^4N%`;kKBFFO(<`Wuv<3MNtpZX|6Du^_nBpmIi<-s1&<1e-&G}{J
zx?0j*lK=9OP?^ykC+ectnqGiE6u&}ULyM*dS@F9kR}u0)Aq9O6&57%MAcleKeNW6U
zFc&3!k2?RsSs=B%0k6}Ngh!29(TRTDJ)KbcJ1Ux{KvzZ$VqHMGPO>|$uH7i|(zZcB
zCS^mki{VE7{tCm-q8jAP3p?PFZ2JOaY-sN78pVM`kpa7_n77hQAWi>}l>XtN|KToW
zdp$y)$g1-Wj8$LyYs$FmPu~Jtu+>NE@yrmR@Kw~s3uS0%EA(ZrR1vcW3|sQ94W*)0
zs(=I9YF5$(s6vlz@r64TDm;al0YR6$q9UZ?5Um|><P=P6J>fLBLyzbSqU|17Eo(+`
z#gshsarSSv%pL+7J<B&-Jhm>UweHiHT>$3Qz=2WED)-)8m^SkdfHFg1IM-Yx5J<Ti
zeq~x#Gj7p0)At80lzw!QbJyP*GBTBf3lpO;@Iyt!!4Y9Tp~Gk5cve@MF?2d%_Ob;z
z&GYvTow4zu&%lbf;Wnn2q6yS{l}_H%sUT87fLv9FPXhxZ!473A|B_p^3uk8`d=GyB
z-%<O8YV*j^u6|;|mgS!csN3!B>GD=o{SJcu^l_VK741F0js4DB7BsX76VJ9@AWMX0
zzJJ6hdSf4i#3ECwO)t4!uc&HYm9LHM4EC#MRyu@+z@s91_FcMb_e_Vjl~PCV&TsMG
z?7@pWVRi<8uJIU+#2Lib!mYiX3pl0(_cC)P0AWQQZ=x2%&jO3JxwTczLUOgsWraz|
zYen=p*WltE;ol(#spyJS<;XGZ;oY4(0h~<2@#OVxi~F}V3Pg^mv#VeQGTXZ-+s{Q6
zh2B|?zv+4_Rz@HjvjwS&U5tX7byp0F?sj9Frl)Z(<Ml_QFJ`RyrQ7-lws%3~TZVR$
zxrWLx&Y@P7O*6qgqZdSy`kHDDawY*I-9u&SI;HiQY4e)6tb$((e&;S$Iu}1He;8Jg
zvEOYOW_a_hep6?p!9Ml{Pws7Ls<+IPBsI>=2eG%cQKrBczwPN`dilewKWYXhn$SDp
zCA&vqTGM4gT#MRlWL(s)@%nM%#?S2}PiTPwUSBThGIAo!Bbg*k`AG^d-_V?Lag-wz
zCgtYZf&)k9v)O|$k+b!p2P#&=+pr-sGkMi&9+YQm1KTh?hpa*E4Y!$=_qSgT{zac~
zKvOI<>36OJmAAAOU(PHrgfxsX2?jd)=-eT&wLrI_)Tn=a&sbA-_ICLEGJW3K+Au4J
zQFb!RR|tc*q<Sx}wZYX;tftV*t;C|SZ<Lt>6cth8n9O<WSn-7}h0Oe_?~J2Oq1-TC
z=kK1sqxUVj`Wk<aZLXOO_UGSp)n5kQ%moTtI)N)pFzM;Fdj+a!lsp-KA0VZ4xAO0n
zdKwl69hl@vlT0%7UzoQ*AWE(?$Y)<I7V)r@OK6SiXZhOONB1eH=iXf09WvGu-70m-
z-+)zP6f#pknD=ThYcCi-#XoG3gV`aU^lmSnH8X&%W(*2R$?{wCM(d!O7;MkR&X`m~
z(yOYs$6@1HU-i%@$uo!46ryGlcnXuVx7RE-m}tBxBq4?f$z4wo^DMNRn^~vmcp)aw
zxkegEQhfVnzg&Nfq}oYQP`I-a#F|GQ{-mS``aO@U>Zh~>T6bbq%O8@_iQKMx<lgTR
zhp$3nF)gK>Zl%tVd5Qn{XJUU0Y(t|6F0UG(VTXYgqFfuwN^>idi*Gq{wi?_Az^-j!
zKs)#P4itOyuMuE3VE{Gk%J<j8=WnSIuf7YZ^A%SFu=HK<^>Z^Lc@y8MC@vyPz#^wB
z(q27K>DmcQwk``V0_nm8!UZC)x>3x$2S+I22F>d(!c7Jd<os%`DSyGiF8eZh4jdN!
z{J`fS)&vG2hE<Q)_?l`y(Nf$6FZchW0+s*gC(@`zpj-p#`c5LR&p-ZN$p4`DZyGrb
z-|YW&W`8^S7aY$2$i#2h!fkH{CY$=z9>RQsk3{x?XiyNS>|jH}$#*!XXLAR!SmCGI
zqd#~bm)Ke9{ApaXYsp0bD-j6P!2nwf-~Kuh|K!i$YxEtUj|Nw_*Q2uM4drx!>j6Bx
zD~6R2DQpC~e&Cz(?{R*%f<GkNKqw8^G~&5=?TkT=jQuhP{%^B)?|zLs2`ng(9S#Df
zd|^2EF`Jpll7tS<3o0zI2w$tx`eUt^r<4#&%;?&5*;gR52B(aJdml2e8D{t0m9Krw
zzag^WZ;!%4a!_U0_&nl?K(DbtM!Dc40;22J`Acc@c=#)zU6$zW<&Y8M0x`fuy+7+q
zn$!9SRd)S-{)Kzd;DG~+`8&|PfBYKQGC?C_X|9vnzZ=h4qTiAH6`YjDA-1uwu#m+w
zcjet6ScL&a4r&o(Slr52XmUJo3B<pDs!8wCZnsbGO?8Q-=@=@SA0sgzzM5QX8JvjW
zOuoD8Dg#um4Hc?R)g_pm?v2P1!t1`Bt$7Ibp$V*=*izZo`FO{j(1oB!v!2kX!p!^q
z1p;_Dg7IeeQ#T01>m~C&1v4}3S)mf>fr&M3FuvQY1HS6On_{Vwusx#cJvJbdqUEHd
z623kGt`hKQfIJs9JW}Dp`!6o7`sCh#d=P=#k-2w9)HLYWn7XtOLBciH0<E;ezqzzt
zTNOkNrIWm<<Tpszl*ie>+f#FN^7VZ|!jh#}B5d^>;By_iDsVybF1de$v-7pCmR2eO
z&EtknixFk;SdVJ$N383GGCV?s`8cNQ{h0(Coz1`&jweeF1ub9jSC|TQZ$OXndi0(7
z!hx)5D5Cs@EqgrR+vsGn+U<;D${9@zX5KoF2u#XI;A`qwThdxd;7^6>Lcid3BfD5J
zUT_uimjvZ(ys9*WLi6SkuljNIMFu9stFDLz*-Qkspb)VuR>SNy*OaV071=X_3t$RI
z{4qSlCM$BB-vWqlaIDh6U@s3?t=10#kzDZ63X20jQ4;_#o5ac6(A>kJF|EMsyaja}
zs`eGV@)giuk-F6o&v+kfi017)kX37HG8dmlqI6{wTHf(<a$gzV1lu$?a#SNBk&Gtf
zbi!>nfD6^r6x)q$Of}3wv=)<>kuL>Y%)51)8{k0}=UVN+p_j*%)Y6Wsf6J1i)G5Eb
zJOT`{7g)fh1_W`KFCA<!r~joHVu<pq-+KMFNf)N6lOZ8<`8Vn@0mKZH4o`x=T1A<r
z!VOOKNK^$OAu3%Qg#}HRHjI!n9<4UfZym}BEweLng=-C9FjfF+6uW>+6#}S~Mj5bK
z+mks-B1O<SJ8~N9I1ry=va_CH!maZmMA+r~$9*|M*B!D?N;uEyfbZTL&2x-J$CDEi
zZ*i-c4Yu3%M;7PAh`K2I{?HjJvQIi}pEK<xYLg=bUVH;}ZvA}mZa8={6smhHj=3c@
z>a;(b`L6{<D5`Oo`DB1QGcsV1ko^`7FclDi93;?1D-R%v6G$lqe86opbjy#HDWCo^
zTgr9m%i7}PMp-op_|jgLiKh+stN{J{gD-O~2Q%y4;VuUUTK_}e+C>2esR;f8GT+6H
zuop&NjgePLV9=C>vHQ>L;@N_K&o1T>1m-v>^h-}33;&XSpzDcMeISYCq8)$<F#l<H
z9t3k_QJ?~X1Rr(yv~m-W_`D!Mi)fe~Yw#gunV-Yr*4gbxMLa`BZcABt)sHIFin|S$
z)o&@m)VzOA_c{|bYjh!l<JT3!#v7agaKDxH2=E%EDs>*jpW6C+4y>mK+k?o%V+gz~
zeWfQGSPYzLG;zS&lgJAJi8XR1Xv(j;pOYpvKL#Y7(j4U~BUs=k>AQ%#*9E!$@opWR
zlg5hdExXo^K;ZrHl&PV9TJhA#&t_i6qLqp9F_UPnFv*RjU<d?U3C_DpHfLp8nWoK?
z&i-0Y`ojm~*IZZ2HC1pf2ca*8&Go&RV~7%b*6IsMdF2yz`AfF5Hawo*WdF2rLD_EV
z1`JjhVtn+UnilyWyxcQfF(C*3a85z2&~t%AdeBqLLL%lGfWv6YSpwmB%^LUjkw*G&
z6NVp5Ys?JmQQbp>7TrYdB*G-Fq%Q|(H5D*m?0NyIH-q!yn%yn`mR*hsO5$4>=C`f_
z@+<Xr1plfR!YNF=wbz~LB{<VOH*=$dukQ1h?K`L-P_aWV&2TObCHpt{pH+~XJLn{G
z3*LPu_b2t)YzpytNU#b6&mOW;TH*u>!SxC$;MXrIHSK>N;lEONH6DY$pBaA?LZxBx
z@|1dTVWhsPf%8^BAz)-jFE<8QWC#nFIB?yKwbk=2+ciD$%^$#&*2>n&rQ_lo70)Uo
zyWch)$7JQ4)-2UBR-XieDI^Ee6K?$Tf7#h~<DUa9K7Rytun%iF^|M)pL%N$LyS*1#
znR@yKoPNHXo+8ua`OlqcD%LMxzA%j|(cxw0IB8!_p)A^t+xgax%{nmmN(t{4^dH`{
zZ2x=e6(1B6{Tpi^y#Z@D_s^cv(!Rq+(5(ZF?ZY1zKaL$#(Aj?2pmX=HSGV>T_R|#u
z35rSBq?Aitt-u1P+oU5XUx`yXgMD9;1x^ffeAM9i1qU!*v7)_ke*y44vayifG6x=K
zJMXSa-`)sC+X&`p>#faQXV&)-$Ndp6A^vXl$KdvlMQ`oM-|lP#;2|MCeZ8%j&!UAt
zatUJyA*SaV$g8}u<F7ZO!b1*ZVlL#w&PTN8Duyhm4&Vbta<2K*)SN7$REaj<7kO}=
z_bPbOYU&Ye&s*Cl<UAN)=yCHYzDw9`ckcM^(Vwulb1=rb6MT{D=vz;SUH}3wynIe#
z7TL#`QQqH1TQeiq@$PfH5>+3toIxn!3WhL(n#65BM(QJ*exiaM*P^Z>U$??~4qlV0
zc8v;Nggw5X+OZxp;;p&q;OY6D&rlgw)7@OlbUtIXdOMs296p)0HX|UZ+;BCnf>%yR
zR^t&IGq6Hk?$$E&wts({=}Z%K_E>;}rQOxdd-(pu#K;eZ`vXB^`yK?KBps|s;FK&-
z#xNJL6n_*(t=RmEdL$!r_U*9F1LvhNX=Z=CEEt9iEwTG!GKSjCXDm8^HM7V7+y5-r
z-u<eW^JJLQW_&<<{eupjf(yh6_BE<Y#RS-^Ozz5&OsvW(K`%~_Y~*Htj_%-8e>C-X
z5|R~V?Y_SznUn-&*uqaomIK&L{zcCxcS++xQqhI^(;;O`{>5o**Fai<E#>&R?wVC*
zCK3=jcm5oFwOmchZ}gA7hevdZ4Mg>tPI|e8_hHwK)z!-X<ez>`;v_z0zJ3Lx*kn@i
zarB(k281AG6~Qv$%~5Coi;w^ni2@tMsznTUc}D6|#u_zzqhs`Y2tS^&xQtBoM^X@f
ze>)4nzTh1j{#sZ#tT{q#%{%iXX&@ZvfbUJnUQBeqzns=fFzqbAQ*T0zJClQFU14ys
zNjBp*4%>QO81(O0=r`@?;{aWT)^A5sLt7gTL;Vh%XBm22Mi1MVthmVY^lNMDqxWyS
zE1@WmOzUj0h@`<ui(7(I-E44qMj((Y_154)ywSTeTbrlI%3`ux3KiEr@GvYW9NG3V
z)$XYHQz_V83X>Rii1m7=Gce(KS^AuPJB#daVo4{XCG2ts&Vwgw2&lS2PqS0y0Z2`6
z!&{o?`ot36?k~=_V{+=~CzFSHVKF2%kltH8EhKra?PE}^>IK<s13k+;;G9DODjQ4`
z!D*qJyky}5O*Ya*CWFr`u%_Sl&h;09mB%R6mC==p=)0qBsSt&RGpqx))D~n80YVBS
zZXsYIdI`IuVngI$M{n_EfNEnBN)qBwOQKu_Gs2z-(DiS+7?imMoE9qw^BVzj(9@?#
zUX5Sb)?8F@$jpQY1aRRJx;<us*zgZAUO=)9O*p;1(h$|oW(GY-I~L?l%gD|Th~P8b
z1VfCTQ@GfytgK>g@WZS28WQ>4oZO-wx6!sr0dHHzMdy@}WW<8Bz(<CtTTFSq?`{c$
zhIh^_|5QdR9#n6sy<OI)9L_sAsv1R7*DJ{+0wonqY1KnGJ79~!^NjJ%icPh`LFBp6
zR!-J9))7ea@Rq7Gfq|7uj<GkLWDv{q|5!8UR6YmArd3MFuY>&#D5%O14e!C@*Iga2
zhJ=RtL+A@gaH_zm-OE68k|mUFcUk|6fJy>Bq&)8dX%lf-&_4@x<lspm!4BAV&e7mI
z=xVYqUg5y?Gl6?c{orU?5L%(QD$^LD&*mbD)B=M!4?AL#6}zzD>0Ok6vZ=HsBU2>v
z+Nz<FDm1++Tsfx=)Yz@qsNeG!q88zrBOvgt6#%><dQdhzFar$k3s0^U=v*FvpJ7yT
zi>j)RK^d6*g7Y4e``t)>2i_m$`QVEYmsgp+l-U^47;J6Tx*;1b2s{uYr*B;~FKGwv
z8h9YZrs_Uz;B_K(CsYilLy)Exi*=N;&BeB3HFC6Frj<=l%R$!;&HejU`=Z%h36V_5
zvyKqialITQqa4_~=S*`|dhSoyy9pb6_r}|(-v&Q(!&L*gw3&QsYq`jsR_K<VDidoj
z!SAHVK_<S?zjtT??HSPm0k8jf4MtK=p{eT*+}s}0ZXlQ1Z;<|mfJyrT72#KqKX}J)
z4@UX^H?)}W-yKYQH%jE!DE@Z}J$FCA{{m3)f5DI6o5u=5B^SZU7=$70FH9%@r4GQ{
zYajwgmqgTZHZX|wm%EPt2<I$#ctbz|R6m4m{Vh)E$hf#b^FPMuSK+CA`|Z!ZBd24I
zXoLE=p^8G;2oDWKr*TYK-qBNT`Zp*enr6H<T>|nAGr@cJKO-ZSVtYpw>Eh+<i~^5p
zfokstz(oO^8{pJb3s)>8>GQgnhe!uWSM3_yin=-Y2vQm8Af;`CG!IGvz7o_*7zG9I
z2e~^^8eA74m!<0E-yyo9*5P7L$M19x1DOG$chq~y=XUqE<m{f#lvoM@jD{`Irz{V)
zWJ@2X<Y8!iThs}-CrDw3K0PzK2rR0Tlj-bW{s2L_tAvdvSQ@&T#&;oX-HFMHwu9^T
z0Cm9ii{k|=<A9M;&wu*)Z#_M~0uB^)It(p{{1r7k;r!RjU6)hev;g6Q=1Fb(%gdR`
ziu8t9#~FY=)kl8ZQ47-mk(L1)1e{g=9k~I$l1Wz$h=bvJ0;YnLCV|Ow_NoIg?!^fk
zN7g-vDr*#0zZ-S>z*BmK!w^pdkZlogL7@5HhD#pUmm_9Z?C2LsvVkBh0~2O1@0mZC
zZy}oHqi~VSkYc_GckR=_3ypVn2B#80nh?7<VV;B~qg-*3KYyFP{la7bAxMyuvw3~L
zfa*CT&(&@a9cX@m;c|{Ec?YDd>w1`h*=a|sj^AM$p@`uw+`AdQHtN`4x4tSUxW;{t
zw+cBCUZZg&6jVbXwCHJNMFVCZ)yfWz8KWr-6&Vi%0{r=`e1H~q!${rqnby;utm8mT
z-)Rdvp3}}=W}t3lL<XaBd@`hX`D^>Y?KV|0E?WSv1~OtNsWd(Lv>f?Pjc6o~S{V~9
zYa_cZryD$<Co<c2*Pbe#nPYPewmX0qHVmNey|+W>FleD9^5Ey$7Mttof7t{%2g_{o
zcB>Dt+|2_OG#KSCB4$?uc&+KFRtN}*^OwuFPR_@66Skc)>X1uHom0dC;sxZDIE8HE
zF3O9X?)qJoN-xZ!x;7&egV@cuu5-^Sxu`_49dHM+CwMFo5iwoj1cw<&JD9<;7`kYK
zgbRD2IX^*kk#j635pXL&2w@<&1CI3c>)^33CWV6}w!3D42=)C-Omgz(%vq4Abb<&F
z>0FM0D7hn3K;=!^mn<#lLHgsRtjYIxHbK+*JGY%U&)wGA%6Q$ai0hk<nz{F}1lTSJ
z+=9`xD1JfR&M#o`c^$NzIyo9s?tTp3%Pm5JtAk|@nZ|(&LvT!`A5}fXH4Qg3(A^4j
zYn>=Pl=c3-F_0P;#7iL}A<)xP5imLNofW#!_;_+$Pl|}nb<`p7hylRni^+w7H=q-=
z_A5f;C3ysZ1C2o<RJ`>*Eh?a410OD$H;ebqwQ7stGgt;*w4OQ!E2-8KLoB&19V&O^
zWuLv8e&s48Dt0q+$y#^0F<jC49&i#9C3r6<8Ke44FDc`%t`kw2&!l91d$KOv@ypV5
z`k1ampD4vG1zy@k=QZnN{|bxkKgX5f;?LiM^-?p}?9S}IwySmfM|{n~Tm10N2gM5)
zUN>GuBR0N85MnnNtBa_~p@ITt3S^59l``AV`73~LC_D?J3Zl2r8D=rJ6<C+SAsNIX
zuj2UxJS(`tz-3j?@|<sTCVU@@a@@+8wvp%L`PZ=I{)_@0IE731f$HzvtY@<BbuROT
zLR9T%n($|LfdUhqT23L2ygp!M1m<5}m1CW50JG}Xnj)3eYs(I31X_~<=~|itn?lC@
z{^mV+k=~P6bglw$6Kg4`IZzF%Q=VU7ugPzzsfh;pl2O&8y5g_265BtWG(%f;nY!en
zg0Fw7lfib`MORv-G^g=9*e_|#ADHK4qPyD^)k%sfg3%PT$(!dg+5+e#j0y$2*sW_Y
ziZGl9g5;Ql?INhttKjx_<w;?ZMs&i_e7>+6P^UE!Qm=v3;HLSCWzLtOs5H-sg)ZyX
zTy!?ZKrNMTFL|X#)|*_xj94T{Uf<=ch@S)8B}GP=F${e*GeU8{TqN-q$a}r|D@GMA
zOCH)b{|3fNfPQ+Fre3f>0<)siJe+Am^agJomf$QrzWuNkW_0|HU+!y{P+(r+UeS*w
z9-9W5J|Mfwu_4SNj$cwYv+<+xDp61jLFi1ya8sB#t5LD9NozhFLLHnLt{LuS%3R61
z=4{smknienCgT@;P)AQ0PeIBc>daPt=2l%|e24&U2l{&A;>6((<9C)XzF1r?yjzjd
zYGybEyBWk~Y08m_)&U1=<RUY}!P&257+Br`i~?#eN1$pBNu^|#pN=ZDX0+C$x0H+I
zI&;?mFqkLiyL|I1t)PMi<@qyzHm|UMj!?Y(>@i`DL$aS6`aJhn5$pTjz>|SZ!DjLK
z@fxL~-+gDB5nFX>*^nkgsFs{?A4UspBi=Durn;e)l!XPuMVo&Zp498J*#|BLhYyWB
zGuIpH!_Th;0-(?jb2#Qj@f*UA$XcZ!mw`aPA2o@Idn)YcQ=}mvG9c1`g?9z78q8kx
z*e(cV66roC^JZa6-=B$1#&e>Y;nXskACUDceNm87be@d1HW@eY+Yl|^n9oZI>S^e+
zKVEvEP2%xoDo5WfUhV98UTu{mECDc&p-gAUv~EeDRK!^07_l#$_USt~E16=l+^m92
zJXZdu!P9exWyR9b!3KF^{yP)oUy#hTS9`a(bZr=ELP@D$T{^9Bc>k!zSx!3ga5@0`
zq_$bG9Ds=F&TS}!!Vo(TAk{p+tPn!XV4SLz4{-b$YQ#RXjFscyA3@i+Yjf%jy`{~o
z0*`d?UVs|-V9+}#oZLXAHtpzjPWir*Y}H6gTwaFi?K1aRjp`_AGP_{6X`5|f=H`GU
zgi^hKlkpjDUci^}2KKo?Y?hU&!hw40D!eSXC&os1l2BYTT1=wK*@_Jkk2P+0Bl7;&
z9by1+6n*dJqD#l|SW0}~fik)O+EEC|MB=JpINII*gAprSk(#fiCgybNCQuy_f5qF3
zur7O2Z7?{eDaQJm{oU|jjN^cRe`jU#S24S0FOg}9?;|X&lM+i!CNw36)STOw$M*t2
zQXf-jsd0T%5wV%Qd^?|y{X_R?G1F0SjmUsw2OOcI*q(ri0sff#105Xzf8^}+3kFgL
zd5_JX)+17W1>|abBt3Kc#9H=iO@Vh)miF{x5<`kbPGB}F5{5wF{@GQarJpLnVYz?W
z+%O83iyZ1U^ENBs!{YX@mQ>UiIXLljF!_Cj`B)!-S@Q|-xI~QR7IWp1Es*n|feg~4
z`f71=fKDN&OHL8KD@D{UDL$w`u<mn#GP#ov4<#Z}Rjoy_>9S=6XosdeKmkac<4F2N
zDcrT^fFfLC$ZQJU8!OZKr7g6gQ5SyR@#YrXF6DR6M8Sv3$JyOOp)%LBFl6nNYQQ#*
zEbiL~s9&dT>}V_oSf!f))dQI2n{7V}eo?Bd{$f*dxa_>L=38udmXlg2)i>JKiR)7e
zs>Q||qu>ztBOdhSMOU_)@5R?S`{abdIwAJF9WNlsMb9b)8DOFM$lVzDjvZKfmu<Zx
z4C{r+H<NVO8;bSxq_^xy(3}c|c_Jq-ulJs!@z~>6)lF-x97v)HxC-(t<Y_NbmLVk=
zpw<H{30|YswUT$?#+Q(p8FZKvn0>eL_0M~4|9TC>x93|p2{9w}P6%pnZVnRjG8_mh
zq5&SXE9hsFz3=k@uS;bX$*BNX2r&9Jz%7>iI&Ma(PgdYgaEk1sWfpm$s?otOJCKz_
zB+EY$a~B8u)nMq6Cm1{NpX{zka0X8m;fDIm+BW2y0_e0;muOkK5qZ6jXR?r0A|7A6
z&vcbG4UHuGu7dx4uJtjVQn%GiKv?Xm|DIuuY3Ub`8_?PwA7Rw;I~E3YFhP13ta%v>
zV9i;4@>j3s9%ybxB|<g;JVmKOXx`$0c3f;M5*r7k!iBsNkgyz>nrfBsSpNyU8va!1
zM}Virn6XjZ1zkKyaI-+3>C;zdL4Qy6_2|fQ0(3*bTF5;PPRl7)l@Q7Rer!w%O+~6Z
zTdM=*PR+3U_{q?>Z$F=eNg47&2wKQVeFBe!(2S01gx7=u)gn09VDR8BSzLM;5Q7PY
zxgHLI5HgddDcg@?$mszLhx=2VkX+}Ps(7#sN11~OU}n(CGjPL!9>OR2GE9U}9e62G
zB*xpvL!N0N4b_4sQ#X=y(o}-Culf5sQU&6*vL0^Ton-`PM0hmzFJr9IFUbEJSTjHm
zBWO{OrG7Mc9JL9!F${VJHlm_x)3>4q_m<U2Kp3DUVl@p{ao}#k1pn(jj922dB{;8L
zg;DZC-;%JqepOOU26!^UNU`WH*lYs|<UacOK<G@Kc0(V0Ntl%)BG)VH-}2Ymf`VWm
zi<WZN-|5xVBpo%{m-!LeR?4N|0KL#bSQh$35g2-oRC^ALSoz)6S3`gZq)U&oBmst^
zuTz@35a_*6{TU<rfR$j&oCHM{mWY2ks2`o_UE{}uNizR=TTGS>29*Nn1B?m|gxT5f
z6DM?Lm7+x^Va$s!msCsb4U`~R7J{`?c%(2Ez~#CJ$L}^JHxftkJ>AzEa;m2;nwf0f
zWy)IWNk+^a%F&ebc9$&);L?ss79Fl$jXPt3MuYcgxgwj)&XrZ9HKA<4S!t>j$R53`
zgWR^J_RgFmd`=MCyTDs@>J{PV)!)-@N;Klv^W?XA%rSKl%idg`7(u7QYg;!ptfqfo
zOsQ`n4tf+%WcFU~7vPS&Ytf7#IOGkML`?$&G0X2yJ}&nnRp2*4W;e{?zb82(d$kpr
zHAyO5+&q3)^fw5FeD!08_7DK%-~XFtS6KcHG-n)i%7}Z`5e^5iVgT2%TMp%);57Fp
z>Si2GEs@-^%qpI@+Q+0Q(IU+9+r3N)jLv$)YA<aAGP#rw>-Tf|&MwT?AOAdso)9_k
zKOir04WS_!@8D7b&hiRJN;EH;8S}_DflbzqjJdg7Ba1=Q@uZHBSa!6B4J`Jy@NX!D
z!x&wc{`UnWDb5<q0iY17%X%U~O+Y(|j2Z>U^d5klL2i%4`(Px*(8^oM!C!)}wJ&ud
za*6GQirSww8tM*L;P$xNO0u3q2p><1et+2UN2G060Xvg~)4SA>qL>tV$g@*CLf*`B
z-h?qD;vWFojoNhc$18G?H0|KdQ}rAE&|s2LJJ|!aFS6!RQY3J#Lb=t9Q{LNQ)z$}2
z83o0=usx8=T_0%~z>B`+Nb|05`s>j!Y7VnUK$xMAhAy0$;<c)h>xvx0vUovrx)KoH
z+J^(bfA-!P$gl$@3YK>fQ1lqj-kxM(D4s{+1?Z4?fyn5X>%NfaMO=k@i2n2U8Bwwh
zcn!K!=*BN#?E+EJ(R=1N0E<ilUf{J;-f|WyJ^Ep)sSRWWP;Qcm)Zd`7RQ%dlW<M@t
zf@fvU$OdnxwPNeu<28o04@uh_a58GWWIJ$R)w^;=k%|ZvHZ!@YcN+z_#CXD=DvCt>
z9qL?HvL}6FB0sszp~aIC1tJIVGevUVn^?g{6MBKO!iWFh6B&Z0l+Si>ATvmeYXNbc
zfqe90VA%nJtx3lNo;~3^GSo#8aD1We1Vgh7bM8~s^UB@#%y!+gV!!WYjjA2$G0DU!
z9nUHwg8fJPaFrX}Wjf@kvt0l!B2_ypq}*TuoC6Sb{%A}_=1RA=5!#zA745fsO<4y(
z2<v0qGUDQ&^Mz6N!jQrNs{t6~wb~H@vOzC_xmRy@H=E4R$Z!8A>t~$K{&INi!d0xR
z<6j^I--3ABb(n(Mc|8KF5%NIAnmKo-sP{*b*y4H3<^508Ui|S^=Au1+`X5SH+5hDG
z^yP8nlM4)Xj}M&{ioHSDK7Kaou2*|VV*9=mj^`5&y*=>sk4q=6Uid^UtC1)ja6EEx
zI7_87txf#lLsTD6n|js<UO>mH$^$jG)U(_vivSDnGW3WI4vD?QS1Eh6*`${&#!l^8
z@GeJ4I$GOsW86bocO<w#npXVAFTD$1We<%#mT_d#){9s%$68;8Ieam9x7=TnEJ7h#
zHM14Yo}d*FU4EM<Gv5BWQ-wEPd?zgrM{>hfoLy*hU)boMkP9A*`zq)pQ2Kc3wnXJN
z6|Gp2<!Yv8$>5{qkDbaq;&}|z?T>9@u8wlFiLKd$Fxf^hW(kcrnvx8${Om4+URy<a
zwvhs}t(F#_wl|h^uT)z;;ER}T0aK(z^RB?8jvM+9Nk6?ACB*B~N|NUqIpVjQ!l|TH
z5+#;08Uk_GSi?&HpcVfqxdQ26+xOv`-Tob3Ig^;qVWANZhq*q!jaNLbbNN49HCjhJ
zSm%$NzE;YAX!h@ytfczhmza@iv9P3_AI8JC-s-IoWhE*-phL-cRCG+t`&S9h|8`>A
zhIHWO(&_QO8w8=io5!7UPYGQK^zTrWt!C}G!4O=~Yv|6y1wndOl#VFO@R0a2?H!2D
z18Ylo=FvM#xYBUa7H+ZJ+R&r#l)uFGC@qs<w)fV2NrS#%`Hf~IgJh}Q#Ky?gOdTIo
zP`EvQX0_vam}#`_xTD>jmULFxx*wBi2PqN)E}GqQUplI!=Dfe|Pu6pn{rp2~ADm;O
zUNRHcvwOo!y#3;cA^6at{Hta}Jy1&WOyi>79#yQO&R_NHsv@z^!S&61e6|KWlcK99
z!V~j5tOm8|*tZ|R<E|v)t<lYY)#luA?MU8Qs1nk%lRtV=@6|FC2W}PL&u=W^IDL8Z
zf39>kQ^h%3k<MB$2CJp#yLD%p#17Z8HmfX_CarL)UFp<Q3!9RoSI4b)`nBI}o~h({
z78Ex9MxtBP7AHpjVpq8&qj5?3vpijkZLA<q%1gep)3jvsB~6#Ss!c0LCwTN|f%473
z=@^H)QhR`BFB8ul%(=08dDWrr4L!P;ckMRg^i9;}_nkF(=)Wu^wtBnrk99AUO<UCI
zqKv`apnWuK1O219c((cV8-`1Fe18xlnq?LTN_a7^1#tpnpBFv0#yqTsD;BG_suXb1
zT3e6Mx0>^nO6*0PJo>J;trN0!U06EXtN|E(vAf)C>T1p=t0%)WPX+siT%M5A)t{V>
zCmW!>?!nu0Q(s|>6zMemb^B29iG6okib|#l$ZjwG7Tq<!-FHzSf`g%vpqXVd4p%Z$
zVc$Ed@@2R2;-eho?e>?f^;T9ljg&en1{Ppz#NmpHpwF`N@YLbF=XZOmja>J4aDjDR
zS?crw|7JcXLP%Vo3Oi35eFyPoL75Z2$b=eg$2h(6X%YGIw4qZnlZ^%h!e1<p6+3SG
zZP3ffGH-a@9gpEK<E{Mpd7}mwNvry+i97nmk<&3(j0!NbJvUUvgR_!(dvkd?xC|36
z+9rD()GeZWcG7#l>Mv45uCWEJ68+{s%d;K5zh}%wmV$zypmwmBVPx>48HfH`2hPiW
zzK2Z<-Ua!tn;Tw+&6K<@o*~X|W<d*@#hx6r0K>rY^Gnhc`E2uCIV7v4u?t`6x#Wgg
z1C`XC)oHMuXbXyqXtq$GA97i&+6YPPddzu3foWOiBI8^0<se#k=G?z-rd%Sdg@x4V
zcF;NZ>N_~uG)|xNJ+Ty$+B)eb+Do;F1A1D-fE^B0dJ+NMCzd8?@7Le(UhG(`UTzi5
zk2#pUF7+$OJJCejFLA&=_)gn2+^n3xnpp@Mt<$?m<C$ccSG_JBMeB!e&!rrf6$rF_
zWt!w0w<EXtXnyliVqCn4f46C%IAb&4XYIF443tc4SMKSj_MM`PRuP#UPnmHIJC>Di
zzcltzM*s0AIHBb2`Y9<AQjxs_mwweF&9{pAbnl+~+{YI_<W2Teje9({1X0`dDQ(U|
zt9+c?>{4Z8#1s1_jPIa}Cw1L|%VSxilMm`m(PWq()|HoK%g+z_KJi{9NN@_>49E)k
z-Us8F&GqZA=j)u`$Pbtn_jRB8DPY|L+qyn$g!hK`IspIbhR)AvUJkd?i@o)lGEkB@
z9>snoWy5-7IWS|VVj(Kr^X=0M-id+Yo0dJ<qDdt+IM?Bo83}`;AD<dnJXhx4ThIp=
zgn4q?@*YK>5gq$Xt(B`Exteg6EkcgqFvB&yw=zF0W(?(%qHg7C8}^?#3hLGYRq~jh
zj7;&VtZ2J(KGr^Q!>F+C4rb8@U%uygxPGJNt$c?$K#>4f9As&Te<j6!E@(0>_;yYA
z((5W!4lDCnr4;`vX-ev;wl<45DSw`|N;OF79?Q;6lHc1fOLo{{jhhON7eqQADeKyN
z<)A7)6I{gCcEgR1LxiB8S%fdlT4D(I+IQV~=h5irb*7uQUe>6qh;=_2QyV;2$NJ!v
z_cYW#mXB|nYFb&M+ISV_*90wiI9G4#LfMRQYl#xr=*mey*8NM$+EwGyFm1{?f7^+Q
zfV1^PCL>lXth-HBMYVoKbxiu?fz9r*x*7J@z9%B<$j3QUqE4`KwUG3xtTZ$G8x%Sp
zg>*1iSamNWC)}LB-uZ!j6q2!WO$o${W*9bKGb1t2yRa=RBQJ-X==8s6`yxX<t=7l>
zF+M2B_a^6E`9(6<3oS8i?Q9*spGE3hH(s-|ok)4bA)q5K^u|I?SlVupv$<rA4Kvg7
z;^?e<HHL@u6zXYC#OvfyE+>K4;);<s(QxLmf?<~(v$7$&8kJQNZcJa&@VfQpcor{i
z`;mUrm}sTiR!WIm=pAkMRAIgwby=)x7H{NqJw9F-LB2Ut!t^<@ocS82oj?!dO@LhI
z%;^Jf+D_G+qLNYH@MOBpSTdHW*=FR?{^jQM{CEml7&{Z-?+vHfRuZeB;ifLMqgL`z
zEg&aTh;OQn^-{Kc^Mm&foR(A86~ZnzavV!xZMbaC#(BDIlaTdmWZ$c%nN>a4)OY8f
z3~P1Xek!p!I$39=FsH=t)oZXUU#7{z_W-s?VeKu)jP;sVyN40(*Q6A8oGUwKMgiXu
zy>c*X{RDJpErL!vPmS&5bhkt4pJnRALV@Pa+qTzV((#-aeVJ6lx4yI%!8MV{(H^fB
zblf`=X+P>1{5{6~g$k4ms-nc)wfObk+Km;GVH?F!{`%F-yEq)n%wm9v45@QnR`*zG
zmqnheN1~dV^TgJB{^WL)V+FtCl0*#IZK2F2Wk%bNVftC8x>2ryk#dM_v|3cy(>f-*
zQsb{?Nz40QN44WIB}1r6q0Pr=Q~*ZAsa&W-VQ2guv#4`&6$M3CNb(UY-s&FtCgp=X
z!M;H*Bc5w-?8gu8)O_@=+FIz&(yGHrRGSPs(Q(wnrpcrm*&r{)IM`Nir1FLP8~*Au
zRh`G`rPZCQGg?r97A^!@I5>Y^#)|RdH@wNDMc(T5f10?e78X>#i8NpKp}JS+v_%vg
z*+m3l%W){KH#)S5F|lo)*#VBt)|jn|(`FF%j8s$I6{s<{X?fn*M?klxAmeE<JXlu6
zX4d`-BsYmn?UCsc4)t&0g}=vQFv(m!6_sTwX`%!3oew`gQAM|$!2?PKYyGxU+Rjw_
z?e?U^x>R<USI^nY5fTzn%o{m>)%`^ckC0h{)MQD1!IUaPHFm;2ahY1;=xJE~sajnV
zNwAS(e0hhO>@i<#Kl(<lUv=?i$GiGz&tHukNy?1n>o@F~P7EBew;6n#!a94Iu-gon
zgp4h0lGbn~k0zUBS-jStO<Avwf4t#z#B}hcYia-Eg<nCc`AgbE-j2n*;i)D0Jj3;Q
zl?9w`YE7#Y6zR;n%``_yNbC_5JGIz6=n|SH<erg??}zBT>b`N2=539-?@BCq#m=jU
zZ#?kG56s(Kf}AYcy4YZ@=W3RkC?)4buW{mlooM04?Ke<;L|~D&Pq3kBP)ouMYPIiH
zZYm76HHYyqIrRVVNsDDP8!TnrA=NSXUB~XO`}VxeaHVja%97OBc<sZ`Yk%vsR50#r
zKoJ_*a2|Ie@m1R2&ydKd3HMqHN<W5?Y4cvI7%|(TVRkD?8n513U?#OJo7jmMh%;wf
z!odvZ^K1{gGqKo4J$$`_1dg1p)WNwpFSzZwp3o$?9(OnLSn};kDg9>OKHec)?D1{4
z*L9;oGnQNDmWkA#qj}Be`s2NHdsUIpoo7fBM~W+s+k8A9;Fh?uuhZ_bzV{BUmb}tI
z1W$-i>ce&cTkGS2re9wcxpDWa@+vjw&$}|E&1nK=b<aBJT6)!b;w8?c*gBrgW?$+~
zKSH6B2biA)n774shkrN@c?kfcTdAnYYz+)}Ou8-|u=4P!TIo=@aHaA-eCB=;cx%7}
z5BVKD*#;FvIEbo=gsgrMqkFKKs!Rq;$9Q38C+UB8w+2IHx_1bkY22<7h3g#WGkkCe
zfE1E!yN46vw4VNa_s79Sog(yIh}66sa=T7A4j)x)*ZN!osK-#*fOqsn{=ejh&XH|_
zA^9=?OSQsJ-wXeL_{50H=f7laJ>{B6Mb<A9FTMHaAK5F&gL3%a{mlN$R$y19^#Api
z<+#Zi4YbV}FjD<7qJj=S9)979ytAu#@KWI7Mn!Z<%r)0SHP_cZ{-Z4iVXkL+9eI!G
zqC;9D_&o7EC3A4=(n~v9JNe4*S7c2A@`tvB^TK{Hr+hwM!+jZYWQiAH8;j=4^}}D`
z*NDHTA5zNS-^6z<dhSNZsR<iMt9#;n{`YTrLfR={!+*7?=1)<S-H4GF9E8_Z^zYp_
z(^5{YXNrx<7GBWUy?3$bBB%9o&{1%P{-(V5N~6F~#<lSU6MRmNy_c9rt_ffHpynv3
zhv;@|!P_wC&I}7i;ho3BxB)393edyz_CJKTd>#-%c;B;zKkW>JiIrORx3=0;{SSX&
z(JwB<>2g`7QOxAS(>GUw4mpI|{P;rjW)b{~iL?G*6<u)D=>+RJJrS7{$?3<TLh)kn
zTFEnEP8Ch=@tZ%Z>T{p9iFbRt$0{t>0ON5UV8UXT4mLC0(~lcHnI!UrjqG@;7OZy;
z`frx_vzjpxF3E8I^RsSpiaP!XrgSiO8PUV25u;t=J!ga0h~78yi+0w-reqJmcLKVk
z)#63Drd+Q?>*M{O0-Rg|ZC{urv6A9#n8dnoAV1+_{P2dFy<M?fzk)X=4iYISC_<37
zRk=L*@|nRKb`Jyn9kn}?=c+toTgWUP&NIXscQ()oezZqwsOah7f(0hgxKge#D*fUI
zE)4|NBo&Emul#4sOstXib+7t59#`~7%qU>z?Q9mdciu|*bE2>JoQNOxux{+$xLIto
zk;!IfCR#(nC`>Dz63CAHc61&8ird!Xp@H#YeFg1WT64YY5ECc%>W>)JUY@?bxz=g6
z)*v3{B((&GN_lNH?0Ac?yEx`D^ZG**(h>8l<hel$@xEWih34xM-@{hjH-$=62EDFg
zHrqxVHAyW-!#1|~G7_&|6t%RTAtBS*L&4eYpIxL}pFEe;T_SKR-RpX^u69_6e>9(i
zqp4|#D-#&vm%29=Q<}Pd6HZENjkGstYL@wmsdUS>mPd))Y-B9+LSLvN{2emyHI`{!
z+H<$`N?8#%FVju8c5Jq961!O}(^P;>Hq9A9=cY<wb;gY$O@%kb+zdO7VF9X~--Hb(
zAF4Sw%>}H+^M{w<BIoD-4vF3BFzT#{q7t7Q{N?qgp0PnNu0JML!0En<?DAi&2FoMp
zg@woD!N$eh#qAZz!lj32!$c(v$XnSh<N5{4P>FXpuuB1(SuDBG-s}2)ria6WEAr&a
z6NC}FZ^a7E&SpjfC*Qu}sY%OQ_@Wll>g3RBZL_h_Q$HLp6h<{vhRxa}ne_^xN^Nx=
zqO>_V2Z(;=Uj$61mJQl_J_QK42;y0<ZuVA0GX;c&%zHb_Cw*q4ombqt)qsti3Za)j
z#~EF@k?q9!=j@w$c{yD{*}3nV(?%*Uz0v5*cP$sTItp1QUs^PK&+2bWF85uEtNw$6
z!fkg`$psZWI(^fP#9A1U#myOwWhZAe+4S^{${8PJni9-3*qoKoDV}GjVe<bv6!EBN
zEzGc2CpQ0zK))F0z+)E&Tl}a_4kvSmcUMgXqqVF;lSr?koyIB0`MgfLga)aYEC0Mg
zwsN|r=lk?pIJnoylfQK4<3f}M+beAr=eR3ZB}6@@Qw>_W=ld_jEN)NsPd!=Gk2kaO
z2ky(i`<N?zriF?z8(#=xj@jE{W-m=MFB7bEr)+Jy`Zj*1<lp?T6k~2G(_h;s@MB>r
z?i&whv&hxeNVVEx_r}tCV%O*P5q08pO0Q>*YT6RTRIx+&&XNP|*D?M64nD2}A`Mv~
zK?N;oH$T`ZEb}$SMjP_7ne}&u<eU-rkaB)pQ%&2d#H0>$5ekYbq+y8-v0GV8T?5r_
zmpf^GcuU^Q%+2u8+J&U?^r@PNnfB)8DRO?<g(CT;H@pJYBK7cs&-Ja>4raBX#YOPA
zkuMdUHA(T|H>9zSZ{>Yjm$<}&3L2x^4B}<dm)ocH*vzOzN-9@-)m-g|nEFQz?6|Ep
zJgi4_4KRYBZl|F50iqnJpgrd~MN6@fYG#2l*s!q=%U<~ya#KeBx7GUm7q)W!@0}bN
zneX!65WT#m>0_&6MDxWW#aDv2Eb-gjc9IhARA-;l@HVDDtgQwq{7BI}Dc8>#Y-AL3
zg|HQ0^my~p2-VQ9JX^CZW^XHT&wl#^;ljC2p4krd$d-RSo8XY*yG=AsxfO*QkMb85
z56nLHT1Zstf7Gi{pt`&ecU++1=A#>zxZ%}+4P|K6<6T?nWPq83^%Ft&y!>>%Cz(st
z*lk>vvYfFWhZ*YG>9?bvkQ)BzPV18DW>2)4ITgA;c3cz1ZWgWL`u$mr#M5t~A+f&{
z-Hgd;qC$%^Bbv(!WZZaN2`T7v9&e8Lx9o2lKPaQyhPq-Rh>b?mykD%$<#ZkFu#<N}
z%vqtMBqFCCd}{e7XyENuzy9S<Nwp&3`C$2g#f9j+LkhGC>|62Z2M=o6MC~NWubZPB
z!mbSk7u<d+A~Y;yb<b3RSYBl8A5Z;5=zeXH1v!SRc1BBCiHV9<X_`^o!q%Zf*D85~
zvs!R0=+O14p&JW9Q<M?UWW-8&+FHe_?BD$Jh1}$t*j=OzjvC1IPt3c_5g03Qo^A=t
zo#0dV03Fo_^{J&hH?<&)R^nM?)#_zY=VpbBmT?0$&?Y^>{{9NeO`l0Q%?oi6CK)n@
z&XXb1ZHqT==5ssd#`X7g+kIT=9x^<wrQF0Q;zj=6#Vs4to-Oesrd^$!G>~`rd8>B#
z*E6C;f2AK~aa(Qcbv`pk90(s^iF{O-J~d3*X+6bfOYpwq>o_>grX2FmDUgTk5b}0>
z|GjBB-H=`qddEkImY+5Mi1*e?m5X=`d7zhuY&pe2HTAWX%SDN=IsVh2xV^%(ySKH?
z8%iS&@hs;Uh2<4!FWiy#!m~a2ns`z<n;D0}|9bn7#3rX39saM*COD)$C^@@D;eW21
z;Sl5$_5AW3;9@iGBLC7$_UM98(-jvXJ5DnZ`AN2e!vAW8lx@@mP3u?CC4=WLTXWkB
zk0sWoH1-6xuQ#l1@5E>;GzO>{zaI6MYW=s)2<hN_K^`41{@^DxT_J-1&om1y?TUS-
z_0-q&&rF>k+}S8P8917CdlIOO`2g-f?UNY1-6kqG!5f|1|B0`<URZIU<O;9_%D~|1
L>gTe~DWM4fDV>Z#

literal 623018
zcmY&<by!nj|GtWXk``Smf^>H(Dcw1`yGEygfV4<&q~z%Cfrx-~4j8Z@AT>&28_jR;
zKfm|=ey;0Wd(L*QbI$cV&;5z}{wz*QLy3fthVb6KdnC#q<#q1e!&kj`@6pZU2e@zg
z_|N%pANPSeO0xHAC+K!@Cl4JysDHS3uOWr#+UgPR{E6pBW8l4e^s)ar?x$=X+ugf&
zSE?-kK`+33A4<?}Fwk;0DI_8?O{H!<N2NPg5yy;K6vCL>)GcahzpQ^lf1fQf^6|%`
zS5PMP-H)+A(((dq_x1r4D}FZ_wr~tJoi-ikd5sOcJq>MLhBqx#x7d&G`_~wcA<M@x
z&O}2K&H_WVDEnlnzIrfLWFJydwP;}hSkPOYTG3kgJ#Dl)H8*8+2c4?#t#vB*64YCO
ziOdUn&KZgv)Cubw<WyFvU2%Z1`XH<x$lp-d&>&kaBWb?VL@Bfe+EZKFGa;WgV^vw@
z0)aFw%!wryBTaNyO=pdW(m-V+mzPU1otH6}HzXuiC|a!NoY0|M?(3?a(oUo^9SIkV
zq^z=R38naj7VNCPddw?sZUI=;x}i_$j4|1@R6m`kIUN+A^>ap5^`kSyHY!Nxg{Eo_
zRw94Aa&dI6aC5J4E7H{`!Ne;DE2OnF4%_Y+_x3`<3Od|VAYm4|W?bVcp?&<s1o5He
zcmf6s9hE4vm`5~wE+7mn+iyYSpxR@_Y*ou?$8>ek+2N%NYtrIfQ|Qjg{n$POQqF$r
znx4VG1p$R*vJK8=HC43}6I#3?AodNqm)Y!z3hL_ZWqo=GJu|zpcnbThX*Uv*B)Kp6
zB>%M}j}Nnkycts=Pfbirstu|T?*8I=+*zZBvag<=#}F?Z-qcXnsxZk|Iy(yX_cr7g
z_suQNvHz3!-cW{Y9ulS5L(zg<XvILzV3f0(5Zx8H3Jd1IfUz`6K;Mkv?%rtwizCO1
zCZRbnEegCx3sO-6hC-t+mx6F>xJWFm?%PtvPAc~?RL(|D-Nr^iZq_{cvMfI6udpCY
zIQw;NL{FdT?3|ulS{aSFb*0N~a_sb8j5rey7Lj~87_)?*Fg>(ohTh^rk1x~ERMDVv
zNrawl6iyi_Ft@$>RNaG|H*(l|uX$+>v#k;|#)wcuqh{u`rdR6QI(kNIOJYE~j|noJ
zs+Ag!d<5qJ&U*+Uk_nKa>aaC=qC%9Dq1-Hk9G{Q7qjL+;CMtEyx#G$k!v_mZ3(Xe#
zmLo{I*vimSdW!vfcSD-ZG{@_j*Httzy{MHGRCe=>lu0R}QYhkb>FH_g@F(^9^3)%&
zsVUKB$GNHh+Brq@R-1~b=&+qIn7Mz`Q`D3@Yxw|k5favWcVyR&(HGK#2{zt(xH>zz
z3VLPJfI(o^5XS$^3_Gpb6)lZANfH+ciNVH-<6Ff<62-Em&aIo4E!;k@b8DOzS}JmK
zb#!v&&HDV{g<Y`~UR!Qyzx!JRh=vxoP|P%PS~jz{inBd4+D^7@J>QHLzGwlJzkgVr
zn_4vWxJ)MarJjUl-da6)59@p{2c6Wa4h$|1bkRM<lqr7xIb!=#C1Zs@y$&lhj}Jy2
zsH0=@eR@Itb2<pupQ1kH9St*M)AhX_MGO*C&vp}thy2B9Oi(nYz9bXkYSVfii3+Dk
z#TP?8gDh$e^-@3POy`TY7ZU$rNfY5(t8+#GX=0}I^JbQJs!C4PNm1HYVb{Ie_ko>O
z*%e6G7b`G^)&z#1h_``r0rMA$_kU*Z*euRwtCse-I6BgaH;Z%pcY~88c?>Pg0Jfgv
z_BSU*!ni$9JkPytdE@w8^)Y^wo8O#~m>;a!bHA1kxDOFNfVfvLt{Ry+IJ-LY2?5ku
z1eAbjkkXu=SXrC2j#@}Z&#<kNbEAlmm}+dE>LE3HMd&dNSk3-5uTV>T8b+~b*!uFQ
zRT1b60`1zdRZXj`I6Bwz<#4DDh3Nw6xk%VNUF?kBIMzA|3$;$ADxUg_&2H-S-{mM>
zNGPS1c1X{y{BaS6iGck@+FV`S;nOSKtL=Xae=ujPtUqtO^i+*%$~nxgCSh?2Z7M~&
zx;qMU%29&AE+%SpzB_7^pYi2dK$~5;Yn+P39aaZ7>RjY30<qb@EnTt=cfhJDGshkc
zgCYgsdIu>b7sjOi-!a}){Y$QIr$z{}R>5~zF`RpU7Gx_V6qGFx(?@-b-v*ghhwu0@
z*^vpxxHFHYch(gZd3~Hl6$<{3k;?8ht`)9iZgMQT3U?t6y*nfsQWo||(k*S<{a|o0
z%$%_pX5Ls70|Q}Uph{=877}~iCfJH~ESZvO6MRW_jZwB~d}Ut{9I{pR$;;jEXU)LM
zqP08k#CRq}8e-|ME1#HZqgtt)C0k1i?Kprem`KPTl;sF=8@C4l6FT5CmaTKyTvtgz
z)u@$7u3yZ?BwSoVgI14)bbMEjuQT{pcMIcSwoSs|YA$_)QTGi;xQCE&wYvL8;SW2P
z(2NiG4NuU-r^3J~q7B|0z%PDpOGa^<#fW^G8-Cl+A%Pm=1Zo9WYpQY-#|t5vj2O2y
zr^Rayua`YA8Vd<pGe=>#+Td%uV&qddI-k$|zco$Nl1igwm8VuWF7AAUNpqacix&n%
zDvB%@$4#ux%noUIb8ydQ9cTWJGmfM9KU?*~USrWiNb0Z5mWRq7!}#2F3mjc-?^$0u
zH<kAdH`Mh_Xir;iR8+U=&4a7<#?a~%zy#>PdcBeBplUJ~1$clxq?gRKMk!&|n$!ry
zWT5-Y8Dqj_U)9p*?o{8Fy>B1e|97kKJ#=8nc8${wK&L3T;R$R7<;_#XwhS1EbLIj#
zCuXc%_?~|xp#bE0wF+k(iho8Tty=-0{dpSFssY<Cw-ZXrX-7dnR@@;#qbj<2sNb@=
z+?(&<8%$ZYm)4&d6StMd1EJrXzRb@m;_Z^Qyp0lj(vxQpb;ORu^1CO!%(os&!;k6k
zPgxRb%FsXL2N5%co>Z<Rku%3P`*JCC_M{2ZE%WBhDjp53EK_P0^y#XRw{`@CyzBOL
z1N-F`T&*z_!RiUH8CL-z2@aEe{dB%!ttBu5ztl?qKNCuLtVZ)cMzHZiKk9&E@xV_E
z@8UsLNt-R!fb}I|Y`+`38bdOBT7pgQ@US+*w$8nAUf766ZJr{b-x+9J<F~<qHURf4
zu3i0fbZHUNZEQJr9oOD)JQk~FiLDuQs_`{Z(`cGS?0bnw<Z*Es0E!2YjtxQpSD#U*
zmVm$YE$yxp<>S`dp3T44N@lE&b7~lx#@$;*Xh{yxp6^ZLW_BIDK5X$e(y-WyxwZ&%
zfT(smk3vGo7Qb3AZ#N$alLAVomFC=&m({2@9Fu7;sRXZHdoCBkmC|(j?Te8!zduB%
zCe#dAw}9O=NE2YuY${Tb^S`%3hwxAa0Ar9__M?qO7r?knOaHv}u_u+Euucq1)F2fE
zuj>v=3T_#&YM_aI{Zq8qN?92%u`u;sQyW#+;Xao->4xbH%EFh5#rb$~?7oZYCuGh+
znY}}3Qxwpqsj3m)QjlDnU2))w5glUyeQCwbbS&}u_y6$*f}}Ae4WEi1ZX1f$D@yZ*
zTLy7Fk86hTUx`+ZGbGbAfs0$=#>=jCZuNq~%bW(~<A<$qx^HXVOY}7ldI=n@8^mZ_
zF)U!1i%Z<%_>-;yk2VoedUB26mf88g{K01Sy`$@%OQ0fGFX3j<F$1}Z1!ofPMb0oV
z%&kp)s!t0~C1KRbt3S4jOE^3Mp+C|h2%uLN4sLoqy;V>9aB!_84z}Mc<hkg!HG?<`
z!_BwbICpT%sCgg!Yji6`@n~yib`7)D8Dd@NtWD@KHKGkZZqPO0=;(H0L@UZ#Xq$kr
zYVA_@lZk~Nwk(-+rKl*nqq^vy&iZE!?DWuINzl}j88|mAo4C3Q_z8^d#Re*0*+&iD
zLihVU3o}$n0lU2TwLVljDzWfBD?YKLCPy@n1eH%Ol=;`^BHb7*Ltt7LWEe5^7b4KH
zH#TAa@<*bYa0>junXlUU%uG&h<EiXQM$CV0uuqh?YLmUsOjZo4kTkTBN^Ds1d7gOT
zmZI0T-PxoYZNRAH)&vYM9++EqZs^G4E?9oy*##ZkOL9+{+$gov*Uwnk8@J_8N=oA5
z;);|1Y2EOpJIbnMx%<9D=&7(p`|uu-pm2MX^k)5|&<|;_hW^9qFN#oZ)!$1yL|1s@
zTP6urJ#gbA!T?j`SDvpm9%uI6l|_BK=;&1ICgaEty{mfy;Oa8`*wJU`_B7=CnOzdW
zmTWL*l3xmJ11N5)G1qDgCGi!md-t5=og{bL<eq02K+-%mmZ+^M#B=x=DS=p9vmkh!
zC2Q2`<8d%ODXsm_$e9n7q6r;#sVo$fFMvc>=cb2hZ{nVU2jU=jef6{3l>!Sw#$d#K
zGL~kO1C6dBH(<v>@~24;|KL~uu5v%rG4BgUo2q}v8rbs^%66OZ93<EE#ncZ|H;Ud+
zGzq0?Ts|=G8hRaE?CLJzMsHpYvlB1|cgR1?8W&cxTK{JLSu($3i1tkM*)GP&)Etm7
zi?nQ65blDmeMe-tIu3Hb?&^n48M!qGi<uder-j{MBZTU|O>Xy{r}MqEON%S=uz$d;
zd$D9PIN;EB)!*P6HGFuiw9kFH+0+qw_`W?=TQ1gT<`B)VXs_CoorTx>?^ou__GS}+
zr7B6*8=4QqglAKashg&<zc3gAfiHv-wO{=y&gZu^uUlQ&Q65N#p@yt`<Qs>#tFbw>
z*IYu}X#%?*K7uWxV@YWBILn{f9z+sR(kTUf3W~f`=~fDF<%WN?hM|X)reg$v3^eYc
zOxeVO5itax`6Y4bfQW!YiC7lP3*FJ^=>XFE=*EIaud)D7ftkAxBgRCyBjB#dip9;*
z_k^-Dr>N?f+M0h^^D#MCHoeXhP#5jj)pK@smZdf-qI&qRDBpqN7L7(feXp6t_G`l{
zj2`DZre18l*HbCgc`2{SKK+5}CjrY&jHurC=hCJ>zXsVVTU4YcJ33z1@oshg&z8TF
z`2jkneO-k&|LuW6R;0I->I9y@M*}N9r_-{YaPS`evjiS1%r8_;k9b1c0J(SU^Kpu{
zfkUs38^xes8v>#M-C=bNoaNN2SQN^6zVnmNX+&c$eidSibcqQv_`Y#^al+<Fm+8o1
zVrPHS#8i(~<-iLc33@g#Gi-5g{fSuaGcer2{kWa$utKB+rPi>O`I+Zyn^>rMFV9Q#
zBRNF}N$%dEXF!Q>et=&G>i9q7ECru`xx9H+FuU#CAQ95{c{I&a+`7+lelJNFKu-Zk
zfX}>q+^~ZAPF3YWJapH=U20hEnWR|UVDwNR!<z%2x07?9x#pFSDa-RGUm75sTacm0
z8s*DJBo`~snuho4m7=C|-#rH^Ko3jGnH?d{wNA}qk`cB)3e<n;38uTdHa>jLrYZRM
zR01!5>q`~i7N0`5AJyf0v<k3dDaSpI)!$TMhR_bXk92AQtlZZWWgvR@rblaP(?9sZ
znfRZRKpY18H!u&O5g)T@$`@=}T15dS*TTV58)r7zpOzU(-tc9!gAi<*@_|evhvQ48
z+T|ioiLZ3vR6zWzbe8y3!U6tLQX04vry^s&RX^#R7GuJ@n>Dp2DY`EZ3d3JpNg_re
z5dp}xlp~L3-h_~~c8RBcmysm)Rq(_3a)Idp;#;bzHC}IJYlre#(s0)&+aKS4)^A{L
zEabF{rc-OuA)NW$Xcb=aE=}3T=Ajc{Yok8+XP>EPwuh@9yj$BtrA0msV_Gft%#-r8
zN477GSYg&HYc`9x)YX^kL#zmOlCp68#CP%+0B$lmgOSq1u546Hw#NhiCb+AdTz^mK
zRs4Xpbb%6(Mu$vpBKu{`%X<QZH*AZpiiAQLD${n#s$Ov{j}<7g=H#AK#L^1Q;XV9N
zFl;+Ty`i<m{YX$rOFU1}3UrU~fjewr;dF6U$(1#4{hNTAR{lE>z>yS?gY>zt^2yZs
z&+5#~8?py>>GD$U_u1Dp2~=$y{<4XVdL;ex5K4;~TzxdFDEI$u<8Is0j3Fdr*&5Bx
zYS=htd%&iu@oJZgsbAlQWM1M8i(v_pqQc!zUr3CGGoQlnhbww9S2{&x=d`Jrl!~sq
z=hGyaMEge@Len?+$#0Ha{#`oJHw1v74L65IEgXMTOY}wEZS@~e$BMNtF!1G=PH4$8
z11s|%d9&|N#)6_S_L@KTH6B^Bzcd82F6Z^E*T$P9%%Vsn4!AdH^}{SgU;ggcXRCX+
z;W@C+-8;JNe{MS1mB?8S?X!3Jaj1g7G4eu3eZElYX^QPhk<ZB5aVM0abDa$TI^ro!
zr<8Qo(1B+s1bY$1P_S_5X?!4DK8hD%i{&+Y`<y7Ycrik?SH`iaCG1ndgN!1r&s|gx
z*}<bOK$h!gn+a@b@AUVcEIyB`(3uZdO4I5qarUxZ>2ZCN=6?z03hRY$dj(a0s1w^1
zV1|x|#ZtE(wpX4~xQW5O=@lF~!OdKhOHYZx4N^6>`WCD^XP4C)u>)&=)vyQdS+HI2
znFOsxM$(R(`?3Ac&{sAQ?*(^GFU*A7pu>l*-jCGsKXcUj%{|1<@rf%maX25JL#=ve
zw|R-z(Uv4#vk~<5#KKQLM;avtWi8j|5A9_&jvsi`6VM`dwanqggKLQtFI2?(;hu`6
z8B5UKVO#80IzO`A)r(inZnXdYt#B;;Rn~<KaN<M%qV~B62vk_4AehOkV^eA{rORXo
zMm!;4)utt7@L+vrsNr8ZyaoI`v%Dw8ffa-?TW4B_0h^AR5G27hTzzUk_mT#qoE(ao
z*T_n&k25nVx)2i~$?1NE$GPdxLu%mE%Jb>@Al^qgiv&zLYTlW#<0eaKkJ>_{HJPJL
zxs`GrM7BR-{PjWY{s%!PcVX$L6iJG&dF{2|$}&G>?T6d)4>MF*H)Ly+s|GGo307=-
zcNE4tyh+97-GZ??-+UZ3r0fV!{>i1#=;=_9Li7mfb2Z9!2;+R{qy-^WRmJ8Hr!!e{
z*W&V@YIWF+W`<s2;z+;O`*5WVPZ1jY`;6zm_C!T-=D#!wZshogW5`2(?_j2t_&$-2
zR;_K)uz0$HxT>~6p<)<2gG0^I;Pc;toz}hv;l)h0=mGk^^Z|PJ=1wlZf`0mc7yS{I
za{<fTPYEya)+`?@Hd>Z7e2mO{EJ1bq{x@Z^ME_ytA9u~h+Iee4cX4Tv0z7gg)kioQ
zyZoG6m-pCC-yWz?JMv6GK~}$Z>xNrZ4PtNM6>L{BUu_;3`U@|`7is9?cWzpgzDnEL
zbv>aa`Yfr!@;&qV2<7kgP^)m!brJ%z`vnqoB+RGC3U7QpJ2}Uxp@N=s#ol2e1DH5o
zvZrM3Z+RQYM?vc3x1y|`)CuKj5L4clrvbZm@+h&`pGIudq)L2+e_K_aNCm~P71O1D
zRO7ekD@-Nu2{xlJEFQMQ4CyBry45MWL*m@4(T9x+TOPG5S{o354uBE-!N|I*RpxsZ
z%M_*k<7}Drq*(fk`j)3&wr~23BxnB)oA5g)=#yl39_DX%wuN`Cb|zVLB9ON18zhR=
z8YzhJKfm6@`S5}~ujKOYQG9vy#_P~~SS)jdB0fI<mr7Kue&licyL?PZI#0Q<!KFBw
zVcGXjv)k3pM8(OwlT_EiEk1rbbBo9Gi}#}}@AJLPTKpV!p(UIuk^Y6XWg&l2Yr~|g
z&2F4wwlkCq;6k_OCn6Y}2KHM(-klTCucFMf5w8A9-{Zb7Q=%`k<@tyiG;Kv~LK<XT
z2mXACd6hb*<8;QGub4Z#3GBF$?S}_Ef=&3!XTMLG$lZu@<^9^UXwwrg@qC0d{~XS7
z^RA}asg)HLzO>DQ&Es`I*sHSsJz?&TXkM_M94el+{GlI2smU)r=DgK3ZZ7~HSM%kj
z_TZLcunD)|&q<F9<y|SIqy={5>cq3WB#i!vIapq(0knnPT#|DbRGYL^wzg8R{Yx*`
zeh&zYNzEU(cgh~NeOo8b9Irje`T3oAVda2zYLXsAFMjJyYETzqk$@mca&gxOB;d9t
z7i#>*ZI`sBva&Lh)3`D4bW0s9e6ZBwGMdTtr7%UK`~`pZR6NbEBI2z2$PQl9?ttSw
ze<Zv&JiJ|7PE*0*m9y5@&#$u1){m~`9siGoFc}SJQZ^Na7*Dw2U^BpD*@rBfU=VKg
zf<Is}{Dn$bzK)|XtQg*E=!)d_V11fMBSvcDuk-dfp;G@K3+4Qp%X~Gpkh5NBXlR3x
zEkd>Q_Z3ZKkx?-mY%o&b63;RD%@@EBTzgaz*9DfW<hE?1H2qNO9EFPJCOQlX8f!G0
zxLFew!niJFY9V6By3rBtsy&`5`HiKk1Wh#b9}-p%)Y~JKQ$*H%gCe;##sBC^d(3Yr
zw}-C1e~U_q$tx=4dfG^!oBuhUB3+=elPo{%%BD`;tOo|tO19;DI(a4M)oBmB{10%F
zOQ8|0b`#U`!ucZvKc8?*A+_G-KF0rUt~s?q`tUl{lXaqWlGdB1EAMB6BRhktTt650
z%?C|h7c^yeemV`GFJhbw3tdaa-d<{@sNP|=^vQff?S6Di7YnPKE$ypSwCf}xmj<<x
zxM=-tXCeY#(KQd6qMx*hk&~1*j!+nqmR^ppgv}B~S?mb-{fy*sraf4k-AFMqlWszc
z!)fEA*LN*B^@FH+-^9*RdIv;thi8v`6wHZdi83!}0JG3NDd9hq@1rry_6NGHC$~Zw
z9I?o<%1;tCoPFs6G%XiW!v0n2k*RM9@V(mc3}UmQ`0e}Vs4PZmKhCEbhQ8zK+KNjS
zkvZKm<LLn&C73a~uA+yNp~Cx4Nd4{o>7$L*4f`uuMH&_hy&^4^m*YPe-FcrV=o--)
z4^l{qr;SZ}agQ5p(0cyU+)m&5VfObjl8;?Xw=5>;%O<zV&#8k1eA&P*5o-NPWLDr-
zo|mD_lFJCLLe$BNsp(vU+@D==2bP^iWXH!4g@L8$j}@XK0wnV_$^!%FND0#BcYWNK
znw@U1FUZNsCErHNMyPZlxVuVwNSfD;|HM6S92proM0DM4@`Q_>jtOW=95gefNS@5;
zYSIh4QfU^J{IL8@{Wz36Yoj5(8RQxoNj~%XeS;c{90!9Sz{!QG?Oxm0M#t$lum2Ep
zuv;;cSTP%miGO+Qv0G~QTL<#ezaZ>#x8VBkJBJL<L23unfVF6|P9I23jlxqIisn-C
zb=E?v%O7-CKj<C}rZC=ht=`lEw<o?qW$D^jnFeh6Un{7wlW2o!+@1a}wv_7mGt@Fa
zwK#NGmb9n<_>7Vs7&A4^31K`tHrUg(kpa`|NkWT>GDrvX=iK~y5lh#cIQg_`N6F`L
z18=4S1P9|q3MM^P+W!M)tAUBg%xEb(g_(t?$#2zLja1lzyQM2uT>SM`F_zeE@rfn#
za@UK*4k{nk7SGtL6)=85&}P?$K~B{R=kifEm6CmGSkcwz;QWwYWYGg^J2JK=8LKA&
zrhH1G+X;WIQ*DJa_29YjLwb_#B?|itz5Uy#zrOdWz5c3y#igzK@zF`;(GGK)^t2sn
z1lsaUe@`6{>J`pPtqD;>impSx%cPezc@hmZt{LSw4HeXj;YILbGgc|%6u%A23ulbk
z%|wT2l<EdLhaj~?Uuymmm;+`#*bZQ^N&u}y7xL5vkpldN^Q0`O>rbLO^!q6c{ivH-
z_jY_mWNxO>Da84$-N;nE`Sj&)4X}a8Rv#9p?ior$<8Z$9<Z~%f&5#1A-hr~iAe$AT
z$=+Vitc5h);Yh-VHmr=wTWQARldR#Q8z)Lq5hXI;R5tYl^&cw&bJ@yI;v4(v3#*D|
zCVD>dzZm9lP%&N~0U2B&P;nECGFO;Iv#rQ?Rh4;GM5ph-!)zHN?3ah0v91$emnlgU
zfJRRe2EIi*ey57JuctzDdsGh;U|3;Jf6KR5mTPbRJUN=Yus-khy?Mud5rA2OSNUHE
zjF21T*Y{01rx<fR(@hh3&hu74QT=Ux6kaBoV&iV^&$)ltN4gQ7gfxoxJAQj#t!vp6
z4O+gIqEaRz;AWFpd6u=XNRNMCjrG^;2rZX<dZo|1f&=M|ONW^8m0d?|RLiqvo}N2s
zpv8Q2di?kIvdj;9^cLv}g93@OXVhHFXW5i<@+AB*D45GkiE>6p2He$Py5wxj?A24p
zJUBs-7VCM4^u(@D(DnJTp{duv#dg8n4?HrpTv4z2YU7(rbnxl8NEVL;X*h$V|89%Y
z;)A6i7201<-`1TUzm*$gPX8y*NI3T|U73aG0fTscU+@tWyP0KCTUSSEuo6iw$Qw&#
zz`H$G>ZqZ~w(Tv}1W$}nqVtk(b4ReKW%CA|?JRrr-e7z0Zn}<o66h@#7Z)GPUH;6W
zd8tTX<P}$w$!!)iA+~*XuuN&7chY3tVlu78@AZks<n`YB-Tz^IaYMU$%WFltfP@Sd
z%cQ_piOuu(<7)Vq0@4O!$MV*ynbN(K8j(iQPbUdph_&&chz8$G+j8b74;fp&d)^Sh
z?_S+t?AzpwsJD{K;x;p)ZK|*r;@0WK&pcTBeDaHss|X*sXqy6gUEtb<F4EizWjJQj
ze}>i{On|bub^Z0wb$4rP99^W(P_}a@s+}vl{Ku7o2`L?lyrHl=VK<b$Xk!2F{fr#r
zu+pdYwp8y;xvXidUXkTrr9@&4_JR0ZKz_P4*P$9)ug=Y2O%G<RO~(A6o%-A#I<=|*
z6=ogw9PQy|70(>KhLVQ<FHJmO<5=P$iP~iht$pt~)3{#}u|J!{MKdklOf_4Gwu1ie
zssK*<q_@nIc2DJB+?p-{^gfgZB^!k!HsoZCo#5p9R|%C05H4w$!$`6VBdvG%l{QdX
zB#<yh+8{ZkuOPl;HY|gz!c?$8<DytWa22JOf&ol<&2_qQ!@lue(k8#vW=qxXbL?ZB
z_`JcMZ=fj6QEq+4S~XLVE_{gp2JSfX@$&P7wL+P%A9eKjO6l0_CRr0@!V~s-vSQmp
zf!AeAJ|EdU%%kh?2`aLvDr~Sn=lS&%WRR0PLQZn^*(Pvbj%3rduU_+2F^xB>^jT9~
zXwmkW+c?RiO}$F~Le9Z=$fVbg?UGX9N`ENy;fX&JBeY0wadiSFtKq$v>*1L^eXS9T
z$3KzhMr$Fw-xLVFoi@ozAw^v2D+(eb&Fa&8)n3A^8zb~%muc|~2fk$%sJ83c<XM@T
zFWKoqHa-Vp{=}xuqw!XFUKtvY5cbTZz~^2}%$#I+O`svBtWoW3A(we2#!$hq>vO4K
zOv&u7Y|$$+&Al<{$19Z(NNSxa!hbcC(#&Uir309u!;%)K!k~&`HXfY)nB?m9UG4sK
zY5B5NRQXGq#}7(H7&mqNVzre&<V&-+d8~%*mS*)_qN*hP_CJMJoM}sTC{PAytl<Mw
znXlPAi5_$z!p4Oba)S>$t}q81&s79F4qBHdq_6g)i6}Ffe~tr!bf2^6edl%6cG?=t
zc~=l}vRBtj`hoYit>L%j?{ROJQWZXY^O_1@K8lJNT(A`VAK^6VE_~w$>^_Ie{k?I1
zqkcl8zYJf5NB!nCO&Wa9t6OwsmRnl*ToX6|YC`R@6PCXilND@sZ6*6t<5^~pjo7Kj
zx0|X>*1mkgWxn0VgS5Cu54Y8*SvQ!nmztVq_C8DN6|SB8=9}Ndy>~fm3NEc^y?9_>
zDjw2~irJ=+f!iFB@Te`48ziY1r-SN4j>c2a=Ert(H2MW$3<XWd+2^A{gvU$u;rg3M
zyJi3CDo4|fj=+=Zae*!OB{RFz0iq&TzH9++!15kKH`Ddj@+4lmn6h?}o{HCLHnc88
z(0i??2J;<SvBIYB6whhWwU@R#DxK3BG7W-elx2&QVnE$hJ=LZiEtP#4vYHkqZk3Mt
zJpnBOxpA9GW-=rctMg{Q5*Q(&<>J0}lZ%1;j)aBr>??R<1{h-~@-S-6ls!k|oy|ph
z8aD^*Ce2Nxl~yRUsZPwrHXZa_JD9CN$kl5WmJ<GNVrUQaeI!?q-(t_?jjmycu>00r
z^r$qh`{gL*t+k4qQ!+NUd-v~h7Xm#oRz&2laqa3*BeJbl5uf?%8;MXsNT)aIC)&aw
z(A10kH=B|gmyv$2RaUqI6o_t(S3aFjF1Q-#lp=Nb^^u`;R*~g5y&f0?ALKE;>#LrW
zG4A%57~I+Lm<UB3z(@U=S5(A^oP&Y37?c!avW2MsKyrMUBWu<3k#p;%dBTPDmJFOS
z&1KXPcsrvm!7+BLB@X(n^oBZI2aW^EPtcwPwU`~Cf~7`MQ8VeG#e2vk$Mxy_oEzky
zLL)n5ZV-{bON2dK+_PwR9r~-871mHQ0~SQiub3ZEOE|!?a|*aj^*dJe&gAv&iv8D?
zxT@L?+b&O>N<n73Ez2N750BagMLA`14R#0KHlNUe<e*-mlCi_FvV)c;$}nlCiKX3y
z)<b9FWmUp`Z@Xpm)%6xepxoWx`Y&>}hVt5Nr&6V@w=g$C_DvDtt|R-p7W=!dBwGm_
zId5ZK^_+ss<SihVhL(2IYdyjV7YzH>K4ml-apFp>E*t{OH4E~2ZnR}Zb^oMB;6FI$
z0kpavu5{plNrgMUJY&M_!{tI>JvC~y9WMM3^|jsaz{JF^2`*do14mp4dLX;Cixr_4
zTi}hsB)O+;AQ0#hy@#!`xIv}sY6R}pwBck%{*Lq&kW6@3ojEjsSHuI!NzIC4-uqP?
zFYVWLv*c0-{S!%4Syk0Bdh~!^{?abXEXH6CXNh!TjU631{DnujclvONOOmZxoMG%s
zn4RgU7%Gwn<+I8uxSVyh#l^5BSW@jFlX{H&Zi11r+{RJy-;)2)?ry{H&ljyeHm3gw
z|LB-8wN&<S*x`whe_Q6vt}qtO0QcLe9$g~o*zZ`&8**O;^ZIS-1u$iPeET$^biL!j
z-pyxrmc{|Sw*^nGx(5r)Y#xnT=l>kZ;K0p~sNKlRx`ojZV~Ux7rDG=II|=2Xil?UY
z)QKWLAS2(pdJ)-J7Ck)$eK+$1m5SJ4jZmwpdF-~rVVK**B04!Vkf|T$Hn+}kc-UO@
zbK$808G13qw<}JluTW{g(0GFkDst0FdL%6qa7iS!-FzT;yrmQ*dFH*!l{8T%&!C-L
z9dv=%6_J|WyCuCj3~E?_@{k0b94NQRoE|SS&x7h4w_qT4U(Kr&?n^+dU+56xI^?d3
zF}%$Un?r<ATmaelL+88PdbMfk9#!cCZ&WVN4V159{wz-RR1?0$n_Ki=KwwAyLH0yo
zC6`GiS07_jB+l~ZTW1N{r2n0?D+9kB%fCL<HKxE!$iH^wu8;;gb2~{`Uy6IM8tF}c
zjbBXTlWE&FEI&Gc{u#bMx?sS(AJ|f8j(~;Ura@z%C$|;g<#5m0grmADf6()sKnnvT
z%;|SvN~llY3r4AV;Q1%G>O$~bH)uWWh&!-i@2pFl47%UYRuJxg{JRuQKAp=}w}f5t
z8jsRF47ZuuD;|`dKi%Lc*uU~z5EBp%h!i7NVXd<m&)$IE!O3dF&&L7z2i`7SeJMWX
zK+UVk0#vKl<zR^!1ioD3FD-L>EJESSa0Z8wp~HG6zmt<I;D2YSz0`#J!}>!RgMlCG
zv;|~x>%BMJ0U8j~*9Bh&qNZ2Om2MHc<RU&s!eMFO7h0<;{eHQ5!M^Dd`7_sr*;@7<
z?~M<CXRcGM@iD*s_inOVy!?)!N}TN6F;L-!_fYK<nH86HsiTm9yJe=MfaA1nB(mAN
zZE1JR41GRJ)+=Qj{@z$c;s^;g^BUozCr~q6crJ9}9z50nu%Hq2aXQG&yG=dq4JjS{
z8e9-?lj(;yaR+FlyyB+1Gj0JuI&rNnd)tO>;Ew8%h(eK}gU*v<vV}uuHOhpB?)cJ1
zNWBE(Y329h`<x66!-~<eukCqo{YLfn<Dh)0;AC2nS{(jV87gOVPf09qPeu1vI!;eU
zd5-35z^g|*F9|*UGH=za1ZgrTsSxhiC^G4QC8u(!tNo@rC}t^vrw7L(7dox>+>nT@
zcw!O$7XAp|m1sHcEV*2`>)}$%UfjF<05r_-4rSOYzV`Wrqcwkyum^Ib)or=p?s~gC
zKZu<qmYDj@<OYs#D!?TJF0~z7Jy(ZaCnFrV-(@s&MN@<1Pc6UW$vibRsWEW8J<00b
zM|5SWY8e{(50D#9edY#s1RPt>WlIGM+f{3GQVb>2UllXn>_D-|sNtDX)k)EfL>!G(
zB<WwYJ6$}aE`m7w&6IMDt_z3md`~bBMe7TeOH&bBi*#D>e~VG%P)W)9uVfc9h`l$e
z`M#*T`YY(#&`}^n4m}tD<J=71W-n-db28UA3P7C<YS6jhgfa#GhRB9-mfHB^kk>CJ
z9HLY<jpiHu9x<dSNt>L_sPfbpHAD*e8E3y;)cXLb*P+f(7b}KjmW;r}1vGo4(GY(M
zcPs>|jGkV)!D2yzZh)`}2H)XgMyQn4P+9iUO9Qtq&5)f<G87`Zti7{pXhPK@SC{<X
zmA*Sf0oO@*CXl~>vGo@XY<t@#Sjkr9=I={&emHl5rfwOk>r6HQ8eVDQPcF7uhkLFu
zEdOTCz(U2hs`rAEO#d`;piAWti-#MejI|)cHGq9QmkX=L(sSrp+!{}K_bpK!N-_|B
zaFm$6pjEAp5-1NUT%FUso4?)tpz9y4?`uku*K{z<y<xDgu5P;7y)iH?HFRX$+19=@
z`memIvh6^KAj(SrOI5R6sk4nTz|8<ERdpFzKE%25VLL-*AfrZw`U!c<e7XBx*Ur4Z
z{Smq%PZ+&mXn0+7H{U=DHV}SiKljFG6VD8}x<`~V<Gg|bb#+zm@RoV+h7Gm8w{|gU
zDKH8guWA}{)o@F$h$gu(RN8Mpi|d=k?0aaVj@v3Vdc$TC`W-^IJge)skole1r7Q>N
z^;%3G*AoZ58l!Uaz1D*ytic4_7H;`ua+y8^n0+xRqUo^^zS`3cYMH$BESS!dUXj=Z
zwse|@HvgJ$T|g;y@)+v@T(v5fOD=V5k4~<CuyIt<`ATobL$uiUFmNCwpuv&&NJ*7*
zTT=9HEuY*Y$q0##;$uwCX|M;_=qirGGoaV0R?tBYw~zLFK-5h}DiK3Y;LwX%>DBxO
z3cWNPM$Ux%yYuvS(&w&4Exc{q0*(;}W#xu`bf#V7<w4`QS05+63fxmnnw*P`5qF1;
zGAj#pr$bf#T^Z#SF%u@?p+nlbn5su4sG8}jRVq<8WXzTw8kMA+VJLkw3@BbWIw|*i
zIEO$8-=RyRT~G&O+afHky(h!3_xy!y2``Ma6&iDFe;KMh6o{*^waT81mi=J9jyL!A
zd7KevtM}%}f<<`fO1qbuZw_+xG3dwk>7<Md&Np10?J`Y1PPsQp75#qq>JZ<e^bm(e
zVYj7jTsm@vJ>n@XdEwD>u@y~eetvs(1Rl39@i{`?;0Q6Zo)EELFIdz*h0RrHkB^Vz
z0`SfpWVSB+X0O3!h$3OYcW++12j?92P^f^FpKG3WcAIW(2>dEB;FkQGRA?|(`ri*c
z+|?Gl56+GQR`$>*t}{w=!I!(`JiXT^Y`SIt{!V~J>fDxFMOH&jOO(@|swl;f(g*cD
zqD*9z$*)xoA{{BX*>}LhC;rs`T_NG?a;=#}fNaXvyF8!g(8Zq6U|(PKpT4L%Ty4W`
z*7>_f_&wu*3Jp!<H`@Qzb<P<q`9?c@wY4MlRDy__owO^(i$EEm7AYXcOlp;`V_rwE
z)u->-lh4-EuH8mz?8zaO*~5cP7axVe_V>p|3KV!;3^Ti`4C}&BkaDBt(JJM8J)6Xa
z(q(!Y1J?OQ$Skc&w(p(c-52q(vExfQ%V2Fyl01KpN#(BR&i=AyC+A-Xg1O;OwNG7$
za2%BO<eCefn4L;RaPUDV1~#B?zCk2cm4}MqE-;_A`rWQxHkf^kDG;kW40f5Tsl%*f
z>A8TK7Nk#aRihU66DmN7$3Jb%44^l|nJ)Qscf;|HzB=ga=Hu%tB&cUxB|OzAO}Fbi
zYC1oG0mbLhqCdV!*@M|kWvq!ih^u-6m?NJ|>TQ^9mq4D|LRE$S!iey;TN!!%yL3tN
z4E;}h=`Cm){hDUaovFk{ZAM=FP>VJlt7+Ww;ae%u+opz<%Sd{U489E7zA0)hHYNx9
zvgw!4&2F?I{$a-AKhX$6*JCuQF1a+1k}E6Im+}mcxX}6GM+pMbcQeLXU@p|WMnczk
zy`DmbGNi*7MTR8{^e+n5eeae4kzx}HQs0T$RvN3VhD<<WC62mphbN^GHp_L1(<{$)
zQZQyfz|b)mBz3<uCb8;z8K^5`uGJu8)ou8(PDZ3kz@0V})}-6xS#>*VuzKQGz_#23
zfL1;OQ|jIAmVqsDd0qTpb{r+HhELz%Nt-kxa)nNeBhm@Wo7S>>zbbE?jL>O&q$~yO
zlgrfx*-wY&Ne7&liirE}UJWN^pp}Ij47WyxVz4>&rF{8Ss#QfCa+Ffyn-^`A?v-C?
zgR8wOkBIM}9v-w^TuoJ$KJ_0U8gd*<eij{YYBN1VfYMN^)H?&qH9nUWN*NK<N!B3Z
zV(>FuB5LOj6-$&K5)RktT1wTa8pCO1LfiTZ21$r-(4FIH`k3&BfiyUSHWrNtRv((o
zgmrMKK=}f(cADX57x`Ny{5><|>@RKNJf&Yu+UpQ#Y{~ByYrm{WAC?Tp>~9x@hatNI
z({pA9b<te)a93Ipcgdsf)2+z@vIa?y#x@R<OF9Wb$zWWzu=-4ijxY4mN104tPjAI{
z!R%nUt**9qi`$!)hK9T6-1@WZpVJG!BP7?=n`t-H9HjSR+#`mJal%ejbu>u?8E|)l
zU4X%!RN=H%M9As5Zkbxd%n?=>PpTT9gyvUix5h_GR?$3-&#g|gTb+BgUHgrr$&x3(
zbv4B7a3rE^)Y8UKiVSuI_)ar_%&x)cFY&U)^*SXE`|pQwjwa7*klF)^ra-fXOiE!_
zaEu_X+3dTbo7(~I)sw7GvZyz=Wz|ZG{@0FEB4DhAuSO5NlS<m&gTLq`^+gInGTjr*
zZr&F}qzMP4JO4XJJPQ|O7^XgYS1GGwH_M)(Sx%%JKDC(p^IJwKe<B5^(NwWgib4WK
z!{c&>S8{|;OLQ*+j3AMO@;43E-@bDd+q)5)-TqecNU1{7=wZ>Ii^W1QK=EL5emOyC
z7<O6JpldGO4b|$vqG4uDM5%8hFEtZB$>qW6L2PRj!sDUS)-8pN@GlRsQWZa~<Sumn
zh8iHFG`smJK^xL>ab@H0!yw}8(kfi%Oz5mR^U>S4p!;Z$(w@}#&oYDFBx&}|$|ve8
z>q>UBW;Q#6O7T)@gn4(@Y_rpH6yOF`yWjv7Zp08JprqOS<gTJaw-?<*e6I^jlgQc7
z>sJZOB-w56s)fa1z^F{*@lr`SJ|}f+iF*nl(3?G7SUR9URk5idQ}6ZscfG8OE#R^`
zSl4bpV$>m#MAoU)FJ|ttq_b#Yg~Oa)_k}KFn2Fc1ZUORqDL%PB(~r7qJuYG|KPdd>
z;NU7ua$CUvgZ`sAw>*kozE<}-O(DBEf+|-BDe?W*g>7jGTeKYXowSta;D!{XDXjG_
zH&nmH811>ul>%+3;V;G5>vW~XNG+2fJSSb!4CV#9wCs15D1*4KW}IwOQK}s!V&o_!
zx62agwKY)9*P{I|7At-Ix3H96alic(=EXy1?qwJYS&+V&uFi`vvqBGkIS`SN@m7wW
z?fW;70juLz$S~Xu5nnr{Eta+%oZ!gM$F4Q*8>sgDL_wT=Kr8T=W>A|5df{CRw&1*!
zE#E^8LS~516KK7DHd#H<e!RYh{2KIqC|TeLxBkHeGXD;nM+^2Yudf8^g4c_|1s9(4
zt%&8D>FrDILn(MOPi?10ZTroEX7IRM=O#Mth^w+{xC+xR?Sh>Kl^V3*B<{<(IUXA`
zmctNq8hu?zBesrbV*hM-!tFx~M-2mm9&p^nh2j7^v$;@q*mc(Ntct^x&kk3X)ai+)
zjcq4&j3j0t04LL|`Ds489*@1vJAIsR?7018ejY1yC5tmO_LkOaETGh&+Q@5+Z%7R+
zoYeTYbtDDv>;4QbI|#-Fx_KCExF$!yfg$j3YB^5TO4F1MlzW21=cLyV{ZMIl!0$j<
zrM_G&>A_S{Kg`hL2AAhMUYu;QcHrW<z=UWN&B$>89etT*0kTXTj4Sq1!mpNBE5iTv
z5!AJ>$KznXiMwS)%HMr?{Z0%{9iR(6o4&ci-t82pd=0q0*bc|#2^A09aIK_|o$bf6
z@ADPfpZpyjVhq2=5hJe_o1JEH)Wv+0!=xpzk+E^$VaN7QRO_;P*JdW*YcS3k75C$`
zu8v^r;Yq7#zvBO;_3v2UCMiUea<DGc|9jcoAS#uw#htBF)%x%-)ceoBVcKpdaxRLS
zXBM0cBk%P2N>7|9Q0&@c%*Heh0E_N#^vpO-&$!v~84<4kg5$t*x2_{%##xLqskA6r
z%W~X8ueEz=*MO|MW2dOrf*6q6elQLRrPw!T6y)b;nm<3<Yjr-S5%M%YxnS56(W~&(
z5Q>>gi}G7NLrJ<ku9@pLi|*|a+)YKkz&r##D;?8Dmja-|m{WjxxJRCdh;RAPAZc;A
z8;2_yB$T>Ez`ew~Q?sW1ViPV$87mwN!$Yt@C2hm>)eaK25{V79VP$jsH3I;PY+mo^
z4*oJEUCZfOo8hEUUH)!E@5U6$R~TmX7bEiSAg|Y=B{*C;g$>YpkwiRAsUZ{)y<15c
zgG3KzbKA_<LI{fz1uU;42CSFBoNsq0T$)gtq252+%|`UK)|yWgP9wgj>VkC&WXf;8
zypuN4rq%D4MgVPM2U5@oq{m6-Z~-`<zVSFCb-6rT+k=qyD$#FgF6yWnCHmdE0ASo$
zx%}5m#2<8V`K~KSeHDvbsWBU@+mQ+kzH<V!UOnJ0W!P&z#FSGUCQ#9~@AxXnB2EX#
zg2huTOs40ub$GC5E47n4hx6<$9N-$gL2NHWsK=;4zi=%{g~&Fi_)UYua*D~S*V)AV
zCJYJKP$<NGwmk!bN^b}}s7VD+LW@Tm3BdriaOC;vmz?i}(NMT;;_LDagi@&AG1CT%
zD{l{!+>kv}KegI<xGI|bcyBpO)N@AIMW@9U_8V5jv6M_J80OZ(wXf?OC3gB7yj&Y}
z-4q7Qlgor*Ks~O%8oBzn_Vb$??LAmOrgSDR1>Nm&#MG!sN?W=u43kSRRc<WuSQK=6
z1Z8v<FIVRm7#xmQWKf`geo0#B6+WGCC$hK=0Bkp0)dsj<CNQ<u_*e04pl&0s>QLQ&
z%5D#v{PTOT>wZkq%iF)|^JkuMZno{nvZSpkTRtf734(kbwdL>dT>I&c=nTaHYfg9g
z7q^TIL9yT_496f&N*qbT!#1&3HVss+Ym@!5fXD6KM?F^)xKN7|BR<Z%_C-D_&+}XA
zCzFv3y*x{izI4PD1-PE7oAZs7*SNnx2{=rI{D~lN$5j#xQbFD5c|aR7$OSCy_V?5X
z*RT5@%>V~SwhntADn9F94MPmexEg{?=Gt?Au>p6(2=dL!O7<POqOS<|*z%W$ING6U
zQX0?$oV@5GVC+6$PY`ik{9*U%X*QqDAaj=KPdp9EKZ#3eEb8LBC24;s;^Z^A0GR*C
z=?;_mk{d7>OtAakPa*<RI#Ju-U;k4Y{r#PKW{qQEzp<8Zm2prj|Nkb){|q)5<=GPS
z3x7N}GU(IMRisT3$sVb&RO2$8_C9)nCrx)3EtKuBN&n^Y#j$5ZY3R~oWco1MhQ0z*
zhqk5h-f@7DeeVrsnTV46Gf#q1=2`CAZ{|@G!p5HQEhj=Ua@~<M!_3^&s~xGL%iD$d
z6`0pR3s0iSOt$q6qHu0T9361P!?4qHdW;Ol*L3E)Nc2$#>PZPX_Ulh3x%h4AD72Ir
zAWpZs%P-ZC2g!xD^+wf+6%P25y_@K;E*<9&ZtFZL*duX>vxScSRw9Y1kP1}Vey`=A
zEb-<Il<9l^q0C-qITFw#vTxuV{wu&@(m;>r%-q)^7BVZ+xu@$q81ql6ZY;>bXx7G~
zwxE#(ZmK7j6^zVoue*tLVMK`s2D-Jf6t@y2$?NND*EB-{GlrMV8BS!6;_?#-OB3Bp
zE5DABH<on=*%*vFX(rw{sy6Tyhdd%@4UG<U(Su6b%?f!W<(Z}N4(MUm5^9|#yfEAw
zc4L`|OFIUD?vY%b!)8K?Im(Q<Sfu$(*q@leLhsEvK=HiUYS_L58l{?YOi6`}(UVhw
z$?Ms$G>ztkT%v`@dfF@A7zskETh5edmod5ivrTe_23;oJsPWepEA#Hx-3TkeI^Dt1
zQ1CVC#GxE<y;RN2RXMt!f$fp7Hg2j^gB)<{uW2Xo>2DfxDQu+3CYxJ#qI3E<IL6IO
zWfd}5S@8v_PHdk~e?K;Ss8_(J>Jeo1GZH$Iud6*MUPr}7fM-J8xpv%lq`87p;qcc^
zGJDaD8h)0Rwf{IB>32Qz?cgN!B8NdJ0ZZ$_X_8*4UeQ_KSe8U$@Eg?r^P(*|p@6pY
zv`?C2u*O$t6ZUm8vs~I}!F_B3jH~0mo9hqi9Z?5+>`QiB$zsdeD?dWuT`<_BX1LR@
zEbxl6lB^W3<tlj{C%}~6y3nGaXK&q)v37BTn0=FzK0@}j&DdnF+8lp-^YQ^Mb~~jo
zNNr8zjWX+sn_N=pze%<H7S1GFq*d}c0*_#%l}*|5e&CytuOzw>{)Z*R<JHDZ+_(bW
z9~l_yK&Y~67(SK?w6WQEp(*J#%$zk=AX9Lu#~v+>tHNh+;W+Wv*47pgPj@}e8~le)
z;4{b*_r07gxNXMqnx4C97ZLA2shnYhpu@I0jt{xB_Kt@bdofEcn;vX${3mk7aJ(Z*
zU{aE)U~v0nOkk2u#N9M*<;PT!T#6KC@fnli4^K1-=8)$*kIVU$ZfecC{v%ArG6elT
z!ZKxbU61_Ui+`niDVwuTG&{xG?<xJik$#n66ZSdvkiE36q%2W5uA7iKW4v72%(-Lp
zHcW1)rY$;y14KM18z(>Z+tW^uZ<HqcZkwMykB4T|*I*jwmW*+EQ|nn7xr>uQ>tH;F
zqu!pIYYwQ8kyy&a3A9nzKnNO6oO{B$)#GB#jeX(J4Td0>%Y2<Oh%y8b20M=8qLdUx
z^N^{7I#~86**=49F5cmf^_C%Gxsug-3R{IM%Y$lmcr6Fr6GTeCubEaeS1}w4ZzV4T
z9jI4?dZDKzUN8m)Z>^Zcjg%~{b0r!B{P#xtHM@%T-f@JEt8lGQc3ccw9VIWdE<k9C
zM_%eLgXW|TSbCN`2K=h{9p(&xYYifUtCxSjOhg$R_*G^`(g?O4B1Ig`JS`@-uR@p7
zh4`hr@KC3j=aiUSeYW)8rvAcKkCb`^z0Qh6^$(B$ewv2Oxj&m*qvC3`4b0GY)u8o}
zOaoPH_G<1wI7uB@xYJo9DzV|p37&bmY)*GKZS5azcHpQX^fzfNoylb-o<rYCfAY*|
zrsvL~CoxqF)CN0MTMfjqZ%y6&$XxxhYUeM-p2Su789}Y5-?KVvt4X&}vuj(CMccIf
z21v{pLBRnUKI?ofJDE4Bff8{tRM3NM!dP%5Xyf`MHstywwhPM)%T5{>={^aICF?cq
zu_)>gaOhSuSu+@?)@L-tV{z>{PCaztP{+9f>dh2Lw@$Qm<JU=+=McvazO=#zTiY@w
z=6U`Udd=DD_KCg79X@{3S{KGc0ml{b@TDowYnn;&6jGFctHCQfpL&)O#jz)nbAjW3
z;Jy;jk=%Zj0h1Kxf3#N%)zmFP7Fz@U3#QnaM2FQoYhYR>N#!s&#J}fsmzhU1!0W6m
zzHn*&o5zCxAbp)W$f&3?{c;8}SW|Cycl~REsn<5KvI*4?AyMZl<8W-AB?l2Hck4NW
zV+{^l@#7VPMoS4JWHX(NCI2YM<`XbH?_KT11-rf|f=Q5&s_<KWD6`z#0?4KCZ>D;y
z{+LnjuKmlsI*UfzxY5m%ASmxceSLjgB+gOWs_i-yzd4%?^efRfGei78!rn5V%C74g
zrMr=o?rxOs2I)>|BqXJzyUUG)bcZM<A>ECX(%p){29$=g_I<z4`#s+|KaT%UfeWs+
z<{ER%F~$Pt?AswqA26iWcBD&<`93Pg({JW~Sh}D0_O*@<A;#1l=<ct+e-09~8z((J
zUhkro2D`r9xjl{i3f6~Dc`A1SOZ4*ZG99txN?nya9WS0NwdPgtWqA^_M!$1AuEL$;
z?odPx@jtqGPD@3<fs*F|Y;=KV&rrg9mX?f1U6vZjggqF1N|QAt?;9uV!h;_l?qM?x
z@F7Hz$|z^rLVK<8eu+Cg3Wddw`oFENC-6opkTkOz76XhWA;K!*igw{ITVuVY&6mIb
zKt+PJuIoohk_X<!(#6jvxIZ~#b8_BM*^M83n%w678^{FTwRa4NP$={Y=p)#6k2X07
zB>9H#iP;#@n-Oz$%r~`ZiJu<jEK_H#IPH*p-^|gIcVV;qR&~jAEb`cytln04X)hY?
zHd67C^(fGzyJgvek|L?f)Htw7{JhzKS#sT4CUVhCx2|2~E8ovUDthYQGjHQpxAlL9
zFIt#i8m<qmlk*4kkgN_(`qux7zVs#ynCLrsVgAZht!k<E#@B8&@LN()(d?;KLsvk}
zNmvslbJyIPp1EDlPwlBIizg$U3!Xb!2I9gtqa;+N<b;k7lT#g^lREyUnirECeZpn6
zm#$e|KRbQev6lPwG!dVlD!}t}+ZEfarL%`nCp3l6`?;<5qTBF0Jy{a{ht1<-+`qYx
zqo|k`$C3}F=6zH_HQ&TP<C60PpC^UX4Y200U%hke-f;<TEg$-DKZs4i-*&m9=khl3
z=l!&=fdHi%o0FXQtc(A0Gt=TdTc+mw5^^!8vG2Iveu1Y)IQK&rRN}wFU$OfqW-dIz
z$(G4tUe@s6X{{5TI4)pAf-KpcOWyyzQWOcQuVkYdu6%JjhxnUm{j9&+CyG1p?M^RF
z`2On6U4Jzd*{x0U?pT$stZ~O5=%}Y_VDqn2?r8PZsr&FO%Jp0ks~-v+A<Az98!w_z
z%`LvZF)$?)9+FbC&BPvTYM0^5vI}X$ru6(?yh?I((Q=M#7spoRFf(k;wK^X#aqo&l
z)gS`l^FDoH>e8{*BSHPb6n}(eFSEM9ds#R7!Rd9d`>D=q)E_eOz>Nisw^-TF9Dk~4
zi0pG#1U~z-v_aI>@%PWX!pCH`UDe7re-@WTlEts{@=my)XVEGAaJ^{feq3sL#Qyvu
zIH3Dy65^iEvFNX}+gl&f#(?J8t22Y;%O7T!z5U<3O?Zbzbqvh^s9g$*s-@<fRppqJ
z_D0&M6EXB5`#u{zZz?Rb{Pm-z=Vgk@V(37YU*6+Sm;P}0XthH`bAiP+pA*=gEtkAM
zjAQ@gyPIy17x;Hk5w!AoZ;#1Dy*VHN2#bOe;B&MfO@^OiKbdnKEqS*&%KrK2M~%sP
zXQ1etpBJFj54_&Zh<Upe%RDLai{q;O?re-w#7pS$?i?WZQ(TFw5d9GwkAtbg+OTWD
z!&g^V`@sPS5ZsH-466)a0&u+6ackzY%9x*}`1}yfb`nqm*r3^HkBh_Lf_HRXsD&4N
z_}kniC@ARHu?ArJJ?xnQ8sK+csMV0T-uYSm`Sons1VH@-ri~8M--7<~FZLlX1NFKp
zSL;rW=j7pH1GCJ!|F0S_vy`RJku98>_fC1`Ksu@TUjTpmwxB)xr4a_sNBqWDYE@As
z(C6?5->W96kExnR_w`0|4c6q?@+Kktrfg&6LUu>fT8lr*9tnFdX>8K#JjXuA4VEX>
zv*qeu%SjLL{p`a}zejOhZ5*OD7=7>fmuPjf-T2Gut@DZBz5VO;r41$W&u!Pg0>4{7
zbN(q2<eg?`^rc!Wkf-D4_Mu7Dgv55dMypgwfj>_EQt*+GCmpeN)sJF{+nH6@onG&g
z3o1dMo|QME5_zrOR}fAoZxmyz(R4k*XI~CH4L;-AOWY2={rs2oab!GK)G_^evFR)N
zTYXE<K!HH5$K-vkb>sa}n+oU?z0dgUw^$!6EaM6-)hZo7oZq9rGY|BcQtenjc@{8J
z?&K{f#8=tQ*Ys?9)lF)5X3fogaR2*fERzf0^~&EjNpGR6_-1R={8oGQM7JD*mfPta
zXbKa|TZ>1poh<kE%Pu8y7B+JwzIBLRtd4kgE;I~1jo*VTwST_uGx{*dy=Lo(4$5qG
zk|^hhdwlaHbwi8Jda`K8ZBGh%gT(UJ2G$J>lDR4T4|bf+Ys*Kcm4=$7m%=ML83unS
zp+>gWOHZ{@8<$L~6*Sgw{JUb!qSUGQ-u%h=wtAAdD(I}ROV!3JBRYPKKg-^RW4hM*
zZDIZ<K+NGH?Ms_;XVDq)+}VqX4#}&zCuqI|buD%2$>w_=*S>WxZPd~hSHc88ps1U7
z1mx2f#R;ds7{H8$SdKHktwv2S;kBOTa^>k0GwvK)_nYdS5H-W*+;kg3_|a&rhfgZv
zwEHw%(dVal<MLbUA$8+sm*(dXExaS=3w0BtKQnL7C6}L~%O$RcOjv&RIlD24;(nZ|
z>?KPdtz<H=>phEOUdz2a6`hsLZnrz9(n!Y5_-5i-H!v4ua1(x=7|49mn}A*#HEAIn
z^gUzwZx+I)oT=?LTNbbPD(}mh*qTSh9gkME!?)%TU?~KXHW(3h1kP?SVgsG_FVGXu
zfR6g>SCQyGUZ8*lsCv|fFH%O$5b<^MTfo$b`(LzxBmGm$7KZUe4hRhKfEwx<7+n6E
zKY_9FU?>i2maPX99`0{7@+HhXTmW7GBHyUT+mkNtYoX+!2Is~4A*#19RM7?Wfh}z|
zBLr-_oBJFxAP(hZtpm0TSKE9%V|#P@Hc$Iw2}QjQYOMw^xSSjv{r?{M0nM)@w4bm6
zv;|=NsLI^|HZ-08*EhfPAtl;pwgQTTUQ+LXJn8*fA{l>KQ<FYqC&88l=G<iwCj9S1
zKN!j7{ro=4<mY<_d9OWnL5~+fgH2nnyOvHg+TLY7rf!bz=+SEHQmjAk8z5gOkK@&g
zA&H+3ptWp2&D5%laD1f?g^X4@vn)ddC1y&+@bwN2zPRsB$j>Nvj1cJjjgqP7%2FTL
zs@PPmzUR_A(RH_0rutSIuvp~ip+G<IB&R*rl;%|c(&*9XkHz1ex*YntlbUslh3)v(
zk6JR7n(D&ERU;&?PyJ28gf)7v_+wJrF^aObc+C4fBXxPI(?%B<ZQ3~(Al}G{zm2Bl
zh~;@An8`7A&XRlw$+#oVOG|LY<0=v)%S>_7<A}~iiCK@KJM6uK<wNbrdMAmp99Yx+
zN;qT#ADOGi@ojw+ojaw>1oSgvkn8K(M{Vo<9`?CNjaub;7rLTe<Ch+x+n!aU_!KRY
zT=vhV%5Z(sp3XUogh;Ac;NizsIv5g}qT6Ct>FV#svl;N5Nt5;*X=H};z7-(RA0^k{
z3&GgI7Dq7JMI(>qEHS=&6>o8!rXU{uJXHMr*jFe=wZzgE%aO?>W{jE+De2|Mne=Cj
znG~^dTxqK0et89KOBjAmD+_^xjD0&wRU-Kq=^m<v-FPY{Sm~3C1Z24MzqPzSV5F-}
zv=?_JMO6Le5nv-8DJS$ZUVP{1={cIGwTMt{89wttOHX<`SH-?NQ~hsBeRLKXo4zJC
z{&xzU!yJ`;&o6~aW<pdL(`m{RHfOeHsYOu6Pr>R@m{Y$!(lBir7Ttta=H_<5`1!TZ
zPPODSau#Xtx60TX=y3|gIMIk!pXXKk&VuS}_>?`%XS2q39k$p*5$*~zICY<Wz#cW^
zU}`IMNJ2Ztu#HWG@^WMkcdGWgkG*cDe}a&z9!Qs30hGDzL?P%omnZAV`YS~oA0}C5
zDW)OYrIK8srXpz4m7bwzJ}obC7MmX>z*5HL(fco@oWKKbqws!@k9x~Py5ySpPS_Ar
zj@yg;S=W>Mwek-}8xP4?8SazS0dhpbod!|t<#AeiSnrcU*lu)bKh_V(#JY%R-?*j6
zG4W$Bwwn>16_R=>Y|&SlLY-ec`y!d;>Ru@zSe2qTA~UCyOFDu-r*&Pz)<4T?&90@+
zxP2Wmv8`;EI3W>>CD_^+SBf#{b6gqAsK<~F0JVlzx_X6_3i1p}Vw??xIXiwY?ZJj7
zhu6GqY*$aLCTv=UCNH@p(V6^y%r-8loZrRyiR%7YrOnzx!h5zXR5L7vk)lF<u{gZ+
z=N!>hc{7T$_XGMW5MCvMN<)E^I8p6NsYXaM-ve5)C3%vm%)oi1oEX)M-9!_wXBiwN
z#mZiovtP7-qQ0gm?SfBH-z9|VO62P-QdHUX3A@Sx$BVoyJ#D()qOJg$26)9q(rM!~
z76VrD+viFYh0ZHaF$Wt4^V<dH*!5Igiz3w+^3~t}bs4}Q70l&U>Ey^A8S-dNV0*G%
zhlV{(*oM^5!|@J@3)xon+LTQ>5Tlv_GuDR7kfWnm<&t1Q?BpBcYHP%NCbGQ0jeyno
zR%v)AsrZB<M&!&`6_1MF(Xru-@3f#UPrZRcCli?}(`=oy6CJ?-#@sBAJ%j$#Xoeo`
zLk1@keW#EovS=T>&M-@`jPUt&ZQcG+e#Rz3y#;Ho`qLj=;!o-WV?F3nPjBz3l9>r&
zAq@sn1R8jnS#0;bLmuiXY@VfE5yqVm6W#Y?w*JE@bhe=faGJ^l+Ea4HT9#-9xET)$
zHp0w|A%0mXkXg^U+W?7$qNb9;(V0+zP!y#XM)25)CkRXl|1GDIjCvL*xw_ywndf6K
z*va1t{la_uR=viwcI=Ra#g&gtqa0_UPwy`JuN#prZ4HJNeY0)A>_|-<?MShl_<))m
z5r3VwLcB@PHl{w=?x;;W+k3&a4+5;)6sHxC43z5<jOdQo9OlnqWJDO%G91P#9<0`F
zI=$)R{)Sh@iXxR;&;TvQUUw6rtr3#x9;NJ(nQ3R<935!p8PeJJPG>!!72DscY*!(9
zQtq&Hf*aA2t6U|gTdKp+oZy=5K52V4qNHg{5Y->RMs+q|rC_eSWLH06I<v4~v-6H_
zvuHg(G0HNF?;*fuDKE}%_Amtc!=5XHmHfoXZYI)8cULCTO4~#4T9+$5!T(%3d0N;x
zO@F|YEyIUtCe&-KmejFAMks^NLu1tU7Y{@!f*?<B(8=ao92=GXq0nPFeQJ(JUw;8F
zK^m(b8X2_|I}*RJy_j{P%|vRBAf(Pl7fyDt{#bYNv#wZ1GHO_!n;3CIX|MYTft_%@
zU%C=6TwRXJ%eVll4-B)d6?M^=tvxS6!C|-F*z$|wd+iKW;oH$l#_*eA%YNBH7Dgwq
z_EDt-8^<dq>7{ir@6U-S#1T23Of@oV<FBbYtpU7Q8j7AHnqn>`nsFCgo9D<@tn`FK
zS{ycUkzQP?Z$_z=Ba5=smXrtwwFjHN5M+E5)w)o)4pt{h>-i`NNhEKr6F39ph}Jb}
zF2CB}Z&GxYJ9sACDn{iVKg)BV!aQV8l7|ZSdkVFw@;{emIiy|x+%}@gQY)K%H8~Z-
zK`tX(ngb>W_H3_u&4%FwdCH@h(wqo2W!Yn-o%EFHUX*aWaA1GimhzM<(2Lr?GBiYm
zhQdKLYp*^zL6r@eC7is5gq%E>L{0erI_0qjeOf*u>k;auOK-c9i$JOpE66pvGZL6)
zW38P0<KI+`l4$!8J?4>dZ4>_C_!>WIA~2)(+M0ya>96x4%bqT+<~R+1L7Y21p_cBn
zl|)&QpDaoBXtZw6a9(W*SJVpI&leR>GSEwBjPzm#&U>Upw3oQ8ooTm*nFtqaEoO-8
ziq1$d@age&R8m>eM~M*0h}2m%R0PZPbS8b_lbQxE2R$R*dKThrcD@?7IqzucjxIFI
z3EpcoQ9)UnHi$1@<#3V4?KiYqq5LjlBha`F&+?5BB}>PtHk2#Xu1et}AVYauOg52t
zxm|0|mCfB-$iSYVInomMR3S=F*?uJW%TJwpMwePsWkDRTzg05*FEhEOpR|&(u$bsy
z^LY&@CAx<PA*+avv@aIX+uup6YII)IeSvt`#;s`&ZI{ybT=j~j>c^@{xCVH0E@ppc
zLlRD)v?NQ1Nt<F)MdV@w3R6bDzGHReO65mk8$4y8ugt`VNbIUK^v~r<=PDsYxlG#&
z@zf?N9&lD8%Rk^_!`4r5GH3LN)J<ZgCz@lnf_fcp|Me<^d{wd2>G9=D6Xe>QY#bqO
zAYCXZXG>Kf=2Q5@$!f>n6d|wjS(V9Vizwl<@AX-$?z2?horm-8aLp?=YsQ!i0&Q*e
z^4YXkZ1W)j=rtq`2L7o$<cWYA(qwrOKTwhCPrJc2@hWX>chsc1BJ~pW5l61tLnVIC
zRy>ip!Z3nA-Bd=0*kCeV%Sc@pV9zn1SL(}ro>JFNg5>0n?3qgcO$a}dE(vYX22U=S
zZjZA#X@5se(4ee)z+pnD^lEG*8XP9vX<*Z_`R;V&?dWnNIsH}YI=|qVtgQ97r01?S
zGb^PT-xB8JB@$B%Y3((bIV070G7@a96pWem#|JT{otKJ=h<B5T>5#ipJK3r#G;Ht5
zh|sImC{P%G47dp$p=an%Z^|vDswkwzI`cW&SX#N;oBPENIB-zKMa^V+@#ZHpY3JE6
zWe-QrfH6Z-PMl4{p)Oy3LODXud#fIM22H-w%f$oV!G(|MlQ900<7jLUfsJwkHSkpz
zw6wyv5iha&rD<f^U`Ae?LKUM+yVdYxD<}eNWSm!&?(zJ`XnRFoUx$N7Oli}G6}Aq2
zIr7v8&V&tE$dmUI1C17CSpA6AOZ!F&B&jFtbOwLD<>7nwCh|PXkRvaFL3>13M0LKQ
z)#lmBxLr*vggZm2q6JD+XDaeu&BQvZ%5X48g^ZhbPbbogBPB*?M%h3*GHwv(^GktW
zN~}I&C&LvlwFdYXeOV3?hr$#-(UY(T3XTnHmel9@&g81^cn+cnx{B;ilwcYXWC!5$
zS$~6!lB7_Ta1V~<7OM4H?=WM=`R!=^(41UoEhFGnBjIMUW=mJ%|J)m^_U!#+G+!&v
zD$DN$J`c~VT9p<IUJY8}38n;bqZpk5Q-+N{atU5~g_*qC24p_GzhCSS7OIJ4$JsV$
zr6=>*WjRYg1pZD$78mNSq<%x`T}()&9^dt_<mP8KBR9p;yD>GX4N;@dKmR7zdEsI4
zwQ-S+IDP~(q~=nEWj}D#i1Q$^Mza)K)8cKYR(BtxFn5bI{lqKe79xyDmGds5x$X#+
zW01OI>@J~+TB%48Ml)%{$HPr1%ep0p%_cl{%!7dkEUa`J-K(E>yBuPoa^R76+sMh+
z@zr?#?}F$8!C=sSaBEND=vcGEu29Gr+i{E=G+Wd)<TD*efYzJOENJ&zef_dKKlRVb
z70J>=rw=6rD_#HEV{{==XS`aM4Z`iOa>9(Fdnhln&C`TM%VQsqC9!-{dG6M8b&&=Q
zENhqi<V>{-wf9t}N7Uo#EWmkQ{EFedhqlXs7SCU-0fN{4(-I%-@m-H(v<FdWtrZCr
z*RI~{i+z~b=Pz~9h`Mk)EWW}|Ppq<;Tp;@X^@KHRwBbE2WQ~2Cg?`LHw^7D-nkTt1
zCbb@M#EZ#prThyt8inu`5x|=>zMhi{q_#@Rg{jbMt^}z*xx>+lXn8(rZW-nLhN$mT
zY)%2ZtG>`QePsrsqG`7}2j?~AQoc$XhKvRl>jsnYDSZh;+jjk*dZW6Uf5jZ#()oYR
zj?4_@srZ-04=AzWPsnM@-@H0X<cnf`P2t5xFz{8uytqXF@Q(r$oC4RCho7s2)1Cad
z48BX6LR7qaJcGxyVPlGNg<8|b1apT1E~&*XHqVFpR4g;aWCSzip#+Uh(Rj8HCdLk3
z3~QSN*PK#%uJrmUt9YoRBQ1{o;J~mHnZ>P2AD<&BO}fTcy~%}(Xypp@eeDq&&C=Ba
zcut!+S$!3ZK{{l5Gkdi(84+!pGg8(*XU)il!V>5guHx;%qicJqGznCu4@hZjY0epQ
zCEBccB+bi|kNNqX2)lb}9z{g^i03-CQYl;=`79Yc<2HO#;fRNo(b_a49F^s?^+?)?
z1*u~mrQe1KZFX95boG2y$c&~5MrCj(9ch1U<T*M7&}W+cziQ;pOp@B@hmjqb)Ub(n
zP{sI48Ln&`h3z~qHpc*T3H$aVyLNGXm4<+IECV*{o%poD%az1H0pS6*rHbbS_zD=T
znk-S)slIIHDjw4L28YgNDOlA?bHhTBdLJA6MnFc&raFs#??OUx+K80|%q*^z8=+TJ
zv32OoX0~LDaO+H)#~Fn=7(JOdk65WuLSLySMy?gx0`1^<4;?f~%hJ9<PKxxE*k`o~
z95m=V@Fu1+sM|<l3@lBEO?4X`pd0-4y0peP)r~icH_Z&1qhhnED?s41D97e>_q|t_
z>jPW=f$QMaV4zr9{DAg|05(DCJo<SlMAw|m0-2wHv(!f8YYGR$44dAtz2`I}wTiX0
zHDOM=(F>Ahv*;}HPI;H_tTm{M&EJDHSmX&;f5J{7pDy-J+@9KGsxrwL8NG%>$tj+e
zz~9*coq>ot%5O?M?hFl)N@5vdDBEKui3>~_F^bl)zCx}6-RyP_PVJ7Qf}Oo~JADPA
z#dRH{Edmkb)VCVsrqeSE@R<n=MWaM|R69?(`R%L*bXijSybFuYh~ge}naE;EWO%nR
zEe35^_%LYoPRY^R!fNm?ZMP49j9X{-e7oky3XrhH(vvHtVB0=tCOqv$V&uQp6G0Qs
z9ZIS55_^YEq${RBPJT#yk*wG|*vYv)Yc=qMt!#F%x^(bSW%b&g?%jyejG~8lonZq1
zJ8g^+o0(sw9~7|dHAfA|+bR;!jX271ub#%QgvFZ9XtHgiw*O_Jvss4BL7<6;&q&`}
zIG5nzM9X6@7BMdJItEDO?`*elblnY`^%pYF6c&chyys89o-uj1!p6KBVL19v&13$5
z)jWbqU$%GZc9_rvC@K;mu;A~|SL%x8s@Qoh&NL?qC3wMA|Ij`=cpIwc-Lvouv0V4i
z^d{h4-Nl|HaW{p6aVggJDzE<JKzrTqIMLD<YABJ@<5x#|=6_|$1WSvF7`3G<>kY><
zB*>UfbUlo!Hd&Op&EEf%C&RHG(=78E&SQ)y5qhcZ&)cBer}a}Uwo@<Yn&rDko2l&L
zRPJlYC?mu*<KyVG@%pG{%j5IK;Pv~s#*!wuK)$FnmX#_Z?1a&x)Du<Z6Jw)5<kp)d
zcPVtzgibcd$0g(7kjTdmQIAiJt>vw^$%|w8DvYIYqgYp$atW%nPlTQZo8tdg{hc5i
zRotJ$YIlUgpP8=5mPmf7a?MqNFP)LtRjSOmPvB|YM$%}-fHU3n-EJ^A%3*tVWX7fc
zJxYDL?mq<hc0SIveN@2V$&Sj4rVH;@h~R(thlfK4!WX++Su%7cI~1z>W6^VCJ`;>x
zDXj1R{(6F|R)2Rw(|fDXxF&&C(~K+g3ph@G*gf(!#tH8@5IyEjFCAG#>GPr%{`o8I
z&=H7d>`EQ+V;Owd^iPL5_^7Ou8QGV1-z3$v+qCxMKQT*J_Qi>kX)M&8ZaLvHJnz$F
zSn`q>8m4uVJcUxxhjgG3(DIc|(XI8cf4&y%OW*(JTSZgUY<2M)f4Co;V%wwnKhG6D
z<$nu4{P$a2b;UV9i|+$rYmqY+Xt4^#hcndQL1gy7f36G)UdX@bJ08t8Bl`Zf%5itW
zz^tolt<fi#68TvFyWohH(Xyf5vZjuSMfHD##L(XrRaI%8FJ8P*RaLdNrr(W<LTUX!
z|Ei(*p^VtX_Qm~i+`Zlx>_271NeT_$ojsokm<X}Rx@}B5H)VF=#{BHW|M#~Dds@-r
zFN<ARHC8yn#sk6jjn8f~3iZbS@82TqC$IVE5um{Y!0YWPD~pI6-6w4ccvdhh@i6$$
zbYnX|>6vh;Sg2e4>Mo}IY^iITef%Ivn=o~N+x%5f>wnt)!DiXc4#r@Y_o`j%>vMB}
zG}-y|zyBsl>B5Kn-O5Mr`!mDbJe#HzgTeisL`g%#n@{bKT^2Lq*x8uxouUb!!-5I_
z_dWmhQE+MqCNmzO@Mw&CoOE#c%Pm`-`9Ck?KWhejX!7qed}M$?lfwpd+0wzps1*>z
zDa}tzTtU$Gzklu;rlau2ojs3hs_KMR7H5t*7rPmeg*_~YF4kNAvwE($XvRUzV-D+E
zvAnNezk<NA*3$odP2ffN((Rt3ULIFBF6PP?)rF-Frky{h`rnfcVUZx12O|=}=lnY0
z*@uZ;531zy&dxO(zAs>j_rCbwUnq6dq}zYeSMI_cUT9Jx<!=7RPa@Rs@J@;0F6a>?
z`W<<T&J(1J82#^Oo)id5zrpj0QvIL5*~XK#Z~5QtCf&$XffE)Gr22pU4u|Z&{xh|l
zQ`k?M1FZiz-Uey^zYl_5`d^=rQuu-oAM>h%==QJBk$x%0fXt_Whxh+^8reRn|NpP|
z-#?hp6IWJ@W(R?6H6~WPef-~AO69XFbXD;KRw%jJPbxOK((zQuuv;1J8y3fnw&Wdv
z$C(mGkp^#rz=~8QVVH3^0C^OxG~EFK8<{JVMOOA_BnYo^-_vePs}JE@DN#V8#LD)J
z3T8`BlM$neHoPc|QVmyU9iP0GdcZ?ul~v2qPgRn;!D-pSvQJG~vV9GQIUA>P5Sh+X
zj-rVd3m5NRMnI0?MWLCZdW`YtCd6?k&$WU!^=e?X-ju7A9eZpeP2~W$k-+v)$%ulb
zc{hNDH>7Mur$7A-9wuf5MEMO(|73{1$Na&gK`wG**m>yt3?`)~tbCU$K3HF9_q2uF
zVi5oXV=bdVxG6gig6Uf2ym&}U+zOs#_feBiV(BlU%|YH`ID~N=Bm5j&O>IJxhyPg_
zTCk$>I{iD!?kjp0Nn5F}taL0ipLGA-xjXY8@^ylqjjcsnn2p}eoK<6vcK!CqAg3)G
zKdEY=x(<ybARjgV+zgg*YpanE1y;<XkyH^2iX1hK_Q8B;9s*h^3r&*jU6N2XpTmGz
zOZu-$d{NC1$$%DBY<pHrvSy*a28sx!L?w>r91Wb$`}3@{;dAgAYC2KK_-HOP!#olp
zmht=P<dZ@YT8OPk#!pJ-r2^;>e|oo-maR}al=vAbOW7_a#=Yo#q4Cd|n;0zGZy&on
zfVf2gHG;FhOzbw>I_!^*^C?b?TAyE!6;=4EBnQ9AdQ6&UiXl6y%{?womE6yqhRV`*
z<=WRJ)`!gASkAnQ>@AE_u(p4$ocLtaOoYd)fO*D+<`3SiH*lwEh(Y_)4a|kXoQcm<
zL@jv(j=BZj5e^#{>5q&BiU_0>%$RHq(Q%?>6?7ABec<42to%bA!an}^g(#yi{n*`t
z9XY1mkDwh)GsQrGqk|_sBU&g&OuS)A=S(Sa1^H9xqlvIYmrXudL}lYq279TmQOlZv
zYegKyYS79?T^!EZ1M9plf-eR;9QKNo5nj6OpQ#)kEjtE5TXA>+0eHxCqT+6M65JA(
zMQ6Ly{HK$y$IkDL^3NURMni2v{A1k_L#6yA0<dG)n`Qh)w0mk+@DJ;!Xu^inMsx6A
zOaOh_8gRdW0GbXE>?Fo#^?W*?|H4b!ANzn0=>jv5XL9~Y6xLyFx+=y(4j0;U8hRzq
zQC$@@E<7FCkY3v+Qv_c6j2XNp^>R;;VFku%k3eAiAv?Q-UhFI!1^Xv(&1P5x#ga3k
z{8QLaKpqFb*MTM-+o*5c**CrogADSZ-<3Pfl-WSq_j<XhMlHNJmHO{lR=z3dk^2~B
zSPQTo!uV|+Pe~xS5P9rBQ&aSn`$rzF{rTEu$q?FZtvC~5yj~+XMga>?Wo?wX_-dj&
zH1Vk_xV<8DJk)vr;+@aXWK?$C9c@Etdf6x)>r6BhhEu%O+Q{%LQR8U~=#`WgaXe)O
z5t5-tUlcYh>}NmMr|I>oN@9vuH-`m3T64;k&&9tNSX?#Bni5Rn`-pk&jRUElS{7gA
zz{7!SPmBBZU;-IT1hCl`olGu>5v<~Qw|)7?CuUpC6FS+iP91c$Nn#NoO=df)Y7mQh
zdbrgI9a93D{Am!OB3C+me{23n^Jr5By%EWw)oLIPIH4YZNny3|6`>%3azTaH1{j_G
z0{&_+Z+zx^`m$k>!vvUw@bKITEWM5v+<|MVF%ak;f=<J!Dct+<7jn5?vO2tc^U^EK
zfeZdmjUMAv4h!m(99o4OUW^<acgMv{@cn!+<=dk=)eJ5o|7lH{i{32v-Vjv2^48_w
z@3ZU43N6L@d!-OK;GPRev+N@d#qRay`&Sl9VI#)~%hFtcQ+>PvCY^q``DIvU*5(at
z6oH$OBxo&JTuP0`H43+g50-zs<<O;~>m}gCh5IZH&^Iz?pRan&@(xj)1HI+NX&>&%
zRAKn+;S+M<;-~xJ`&bkXT>c(hi_1zRDui`A^TyIl1r3@q8dyt}I^{5T6--tMgcFhG
z32@i}a5kuC__A8E9djVPsmL4!Gu9!}p^_VsDTke%J=V&?Z#Nw*y=$P|wk8(?MiB6f
zzk#Rw@_5zfWDOge@G1<G%K?ZrSj%$|#B(f%<>YgQk=5X0KgfUkEIn6dVI>u!zgv*i
zsUxMQhB^^?Pw>_ws>K<;l`%Im*%YIM6YB*Np|}+i%p02c^!d#DC@?98>C}S%HsoWI
z@yRv*gX8ejaz*|CY05zLDDIcB-82icpmW?iOXf6KX3cTiiG-=F(|3an62qmqvF!jB
zep5GDjhwJrdH9u~$y`xpwanAOr>=MmA;5C#d2@02=FJ-!#5%bgAvAZcgMeE7lpc)F
zp|d@Do8@kmQ`Ac6iE@ftQ8*VqF)2KV5cHSwHoe!~ArX9zeZ=IJNf3`#EH3z57iVXN
zD<+kr@6{xh4CcvG4&5Q}7w*ul0i5XKkBH7=+AOLTnhK7ZdE}uBp&<`D!1waAq8O-K
z-klxHYGPE#5o+omEnhfu{tG+qsNp`v$+P!JfiRvSunWA87Dm<)#10{>I&NV=f75dO
z_19e~<)Xmj&>iJwiW~w*sgZ57)BJ0&-8|x1R58+!w>Vz=fF*pn9{dQDcd<h)cg6u8
zwf(_<QJ7z15J$1lp9H}ax*MpH1^h)K%?w90oqm58?Tw-ves%&QKG4Q7BK0dMsFnh~
zP^&c%;u>__d_P)jKxZ-!fDXU{^MG8479R`xehTh@H|LJ9T8<f^h|$sEDpC4r0Tl?^
zN_@Qg_9%z9x$!8XWGm%Yu-XF2tfbI|N2^s3mI*@%tk@h^dMidHawfQ~`i}3N2Og76
zzsr7(r#i3<Byqtzz3hOkPnc~;11S92fo$P-^ZHto%ZCNcn=p=XZ5-aQEwnw&0%w<=
zv)!@J?Pn@ij|Ym9UqQABESA6vgsPO4MQsq_5G21(RFh5^*W`N~g;EoA*`bEuSCFI^
z?7)YYn|ff{zKndW3wsqTZg<cj*Y(a^rqUlM*kKXOw$svBTxub1DITo^Mk(pPSm9oE
z`U5pOcgK^bqfhR)sUKr_;b(Xcff31JOg0H0NA!q?<=3xYmW%;#TXHU51tC=|Ot*g`
z;9LsJJ2@y@>26*^Ucs#hsgk^;>p&SNmMhT9LKiq4dYH>#^-IbFDsBHBv>+h3k{LO9
z!c<ys(G|3-{13hjU5AHBs(-r%k8zi@$X|cipZ{_s4kAGn4LyDs*>6(rP`|qpMDZ{P
ziePmsOFO3>bBo2v*=?potpjxwI6hY0`mm9-2-Y^{uI?pwAv)$DmT=<3^Ngi0A{IGl
zW_t;fSKJ~=f^N^ZhAOYKt9;oH=_yM#Lm$whw%{Xc<`B6^I1HsK;+Dmy5_=UXSZZFP
z*=M?ysd);izF>cYZi)f3kpchJOxxpC@}tn*X&<_AlF(L6ags>f>pUPM|0Z^>=HkM6
z(+w}Nr6+A9E2P9-LM6qz4`iy!3{q|yi7X1CQ3Cjfb209<-<uB?jsJz)S3ZdO16h%d
zAVmWGjq|go_&Af$r}!9=E%D*j_gDLpk4EpCeZK~Guj4bvR1;}@1!`CvN)a*e{el0(
zbhN86)Z^m--(OJaK@QxldGP%kkQ7I*`<}9H<7I607N<O<8-wm?+uh#tF4{Ai8M>uz
z?Uh|(TJ^xdd*D@3_L3o$#slFP&$JNf`B1<CB3#GR421C>$`mqPz)I8VxgRGVa@SS_
z>B7c?^l?kMg*!+Ueo?7}9X8C8*CU`VH-I>d>DoUEBL#SUa%s}GvdYx01Km@UqXb4C
z?~gu|FuX#O#W;ZDMb0v})x>3=OsGB>VN7YOP3Nm&*fR(DJ6ZO5%3{&BlVBJ+t1kNc
zVpfBBLjtI1rt?*f{I(OHt7i+KTg7tA%lWbKXmyq$HfO5o7IDI}Si|RoM<+m<pPSRw
z*QX*ak4r<?T=92@dud2Kv_PBMnZer1SjK`_{r>Rq4E%;}`=}pIVUc;DNDla0=(J$H
zk|*TFk;)k-?lw~(+qIq3loBY^CjDg8u%{7xLzpXm+_J4Mv>5@@8P9h;2x5j{a<yz6
zmgj$}u4b>}r5YgPxBF<(Wqw72DVx5JJ5%abn}+%q(|>$`(O#E8kcQ>FFm1AzEGk51
zQDu(*v%}k3G)tC(a4W7QzS6^ai^m&-Jg>qWVNa%p$clTAb;9!NBdph>l}Mr<1ZgQ-
z+TiqIdt75$GYv9kXJdQa@#hElF+Oxx-)*ZAUK<gg(AZ82Y{CwJBDiiukTY-sYMC%t
z8;qSdhZ@2DXCut<_Cv@Uhc?mmzSM`JRQ(PCa52g+*=?bUyJLJfuNk{JA{2@U1fBr5
zbTBYPKFos?9_)TOU2JwVp?H3_WkSd*MNP@?c`Ut71`4`%i27>q<2|rV!@NK+L_qy`
zH8k@J6ybHNIy7F{*pn#QKz#hIu-5(#ZLTr-EMR5ABY4>X_9!h5BQApwX|Tor0pgn?
zx#}ysK*?Qlb|Pge#`_IqwAhEy8CeHe1V{hkXuI;@i>KKESo+ocCrWmAu7On@8po~n
zfNNMbTPG-F1mW;<+mVq9Zngcg(D!sSZnUqZ?m*Bldile)<U=@|s<)D|5HbK}{%d~w
z_%UcqFR~e+@8rxrJa;V{!3Dqvc(w@i)0*%QgwU`<Xb}g^IF!C2LkbJa1)lIZ(jfN2
zw}4xkG{=+(X><MdvX+}%-nC89BTzU?J0laK?Pz1vvMp;ys6<s`Wur+O)p?L?X#OB{
zQzj`<3)P1cw6Stotl#a$<h~ox2ny4i|7`J1fYBc$Jle<MWj`MKbcr6-_VMgZJYQE6
zmw7eZzr~RygfwyyW^cs8md-B+0wMG6W_RZ*bxNZaQD{P*X2)ZX*-4u?zC<Qe2sKyj
z+DKkG%i+32n<AFdV9%=8#>Kv~oOGLt2fowDO}ukDnO@uD_lKJ_$ZiGL0}h%hCh!ze
zzXl9$ILyB4)>nXo2<Lpl`Pum}5Xw3M&IOpwr=}<uW_%9OidbVzM+9c^sU&~0PLZ(D
z0{G|f_T_r3{5;OwzEt<=)05ts71poxBC=6J-HZk0GBhdvC}9@ZH*Y{~pQZe%l?-p|
zU%N*p=6f1i_75+G_igy|F?ef9?*c)Bm)qxEiw*3j&l+8pflKBy%wX5b@o0KJJKB1b
zS(4WvL}R*NcsJAj&$@&TkeuIYti0*Nem>0H=jh}FMXuJbAs6=-pmcV0EGlPuhklbL
zc};C@h{3}B$JRi#^nin^i6b>{OUD7N6wi(8e1{7ggpxgsSv(Nbh<G2dyv7Wdr4PlP
zs4O9(s1?pw*;13O<aT$I&jKNy!Rk37I=8<p9*uFL^*@`716wZGsPl5k3G{2G#*_!_
zn^<y<A)N)1=`tv&i)S2toZaP~B-3yMaAt%zuCona{`KcWPf#S{8@@XRf~Swhp^PK!
z{}rnvN~%e~yivJ7o^_tlbr<=CvtReY`T-}3Ky%Z@HZ-9t2%zzpkB0v7LU8u|;tyBb
zuI<pMzRd!K7<?7qkO#V$^B#i7U9wLea)wRn`;)l<qbONL!U7C`O*?~tfe0p$ezav|
zpDVvvnqkiN==3x&Q`obt@#l}4r*`Q#Ksed3sAl3%t4!7}`0SaLmk9S>IH^>3=>=vn
zPn_+!^bypzfFWd?zz7H_rKW%f`f|}eUrVQn-d2bvW>`7oa5M`OMcIqSo55TTDK|Zn
z+i+>kwPBG|a>t`uEC)?qeE0yFP7~z?9N{MbOk#8{<UU2{z}c2WodX4=y5zlAV+W8|
z!|($_GhYu-VN?6<;3KrbP!IsxM4~jv?lY8*2&Jw{g(%+JT<Hj-z^vuG-q~@4Os^)F
z1<0`MMs3I*+39tF7xq&Xd*t2v<==yv3n_dk(iCRJ3Qsn$P+Qr%5d<usojuV?j+}-^
zez+Qve7`<Dz%+wo#UhVdmyShOpp%)(+K+{ATVQEQin;Xui7TZL&FDw7w!c7Y`mhM}
z*Bjxud@-oTh_B(?!BsT(wjV3;1sTqPR+RAsr5MGh_0N}>tj>a(fF6S=a9!Rk9HXrP
zO?ofkOZYvwEgN%myndD#1U}+ggwtrwrd{GNIX!qmm>3=G_L!3_0vSmV@fP*~1CJCu
zFS|qg|LJml*{|XEeZGJ;!*@YC93|Fdz1@#L=?{>9rv_hb?l<1ezQ`gs4HtS1<;b}X
z+)H>XVnfCif&)rYU+$(9)CnAKN1)At(yYjkT`wxyU$C~39&ZJ^i$G$T+%;OB7D8GO
zG{aqcQ#Tt*KEO$|=yDC9oeqU=9n-$6c!JqYf#@*^ZemQj0|@NxoR*^apE(^Mb06}w
zG#pMr@Wk-tb&n@_79$!Z+;pE^*b*V!jJ6PT*|v^<3QM*styzhDD*hFu?eHQPw)@r{
zU@e0iV~Ut~V?wwJ;4BgQ81NCCg+Y`16CfJl304Rib__Wl4T5;8OxI{lr`ES0Y5!8{
zT|~AS5o2#bf|p_fsWgM8_r*Gj0}#```Tb>nt9U>XY?q`+{sJjaRyaE1>#8f@>xItE
zoq#461b>0#9>P>oqzDW-k|Ksw^iLLYm?~lqPan^)NVZBtp3D_7!@T#?$wB=yUxECW
z>7BAoU0N{MpuuPF^6wrlyO>326<Pth?!4N<M0YYAu@3CTJpKe?v{V;@E~XVhageCK
z06`tnvYEX!mXYt&MGiqP&N!FinsyHY$8IKEgJuCD`QkJm$1#_JpjK-KB5?tB;6o^e
zt?_S?k9TQ|szA96rGA7`gS}c*qTBD76Z;()7co6!k|iH}jXTaKML~a%77|PIv8ZSZ
z*cD1FLHnsyKp{ApC;s7zbazu@gV8#i6%RW<!`vVJwlCkL517J0{!7f=0m%i-UeqoD
z2My(AvG<41L;}Rb8gB5FEJDlKa<-I}92y`U=vjFXR?5nlwDii5JLvxc52E$qq{YJ-
z2}ir_7;!JSTcWC}$Vu+>@sGu0B&&m}?+_W^P1v7}1VK#`^V#m<3MeSrHRc`Jp$bTM
zmNSL2(cs7_1zR|xRxV$RAm$d<se^Nmr^PEGs7FOto;|z$_P7m5vyTB@4EL*3v$bV(
z7rxPH_1INm(ZbzR!}<zKfqMj9jZHuI*MlOU!FC4R5MH-F#~moj{IYn@U#|!Wb%9h!
zHO?ExP0@k|g5=(mhW66oop$gWJB&nHkz&ALG_woI%;AH`@VuHS0e;QX1pdj5I_8-`
zfZPuRWmy|C_9{fY4yJ&y0_iCqh0lun&=qvsNX#u`G2V!WMkga31*MQ+n%{1`<!4oO
zCd%BoQoLT4?m`6mU(nIc&^xw#0puNkkNg6p*#2|YG~hHEyE%u9^hKuap18qW=P(C3
zSQLp?^&!)+lMil-Wei!Sx_Le5X|xa^djNJiM^yC##;ldzRmkIaMT&P2s6!*?+vl&{
z_fYRN?ONOvz{$S`s&6!6;MHa{^rYtbgMC7@l}D`A6_cs3dW1t98b-5>TP!n?iYb-*
zJPb5#5w8q^PZD*UW65a~QiP|x1J6t4e?U8|4lHRco8Im{XW79V#J7Myad$Z*ss$$Z
zoR`U((KHb)?`cq9)PCsOJXmdeetZ={s7})jQ_+K%>28({YTB#p!ksjJDvBC3V~~|c
zuEyzujzaoGj3$qgS*d&j&aEc`70GTcW;wk!6fK42_+!Il5s59e%4hV@m`En|oMFar
zE?z{fbpUf=E*MKZG?+DyB^L29DevF8#iMr&38L@5fkoh(i-T!`(~Yi9{4>{}mZrr9
z`*qOOf$P?`=34%A+)-W-kcVo%I(dfN-nCO}SV!=t_LLdTGB;inB>z=^%+P9~&>y+U
zRmJBlc#ygq<2SAMeP4nFa_3cVz<Mlyyv~2T21sKT{^#N5)<C>bbHhV0NCiU0B87vm
zOGUErifV!F;_tBS(#vgf_zrsxl;hm&J{(bJ5C$}}IXI}W#fDG@ll5B<B`H$AnFE1B
zJ&ZIhv=^ye3aldtJi!kER@}WDh47G9w;<%BXbliW^&sC=jp+w-y|hR`fiT!>AX(r5
zhMSd`KavSJ;9>CmEdWGVuMNOp1XmvMezMMTJc<kbYDG~dpvj9!#_Iw${|Y&iE7<-3
zS}*`w`9fLY7lDVFH0dltikdY>{~|{7>0W=T+<U(61=FY;eM71y9=T;;oK$7+Rovo%
z6h6Qjm>x1pX|B*R=ibkil^{j2qrV^%|3Ui-)Gd0^lMShZfJNJk>C;T>Bw>&^Kof%4
z!&3JV3s0PJsz0s22ShVJ-+sH3s)(WSRUv`B557cEE)MuI*nQyXF~wbIVcD-_icz0)
z)FOgFk>SbMEI28GvzCS&onJHP0+LIkl6Ea!a+W4bA}Wdz!)Lb#Z<<dPhKfHHH;fmJ
zj;a)<D&nZvvGyD80h;Y))e2}eetdpVXB>>+f9DM>SZ5M6GP@I+$DfS9{A}INvqsS2
zCgZ~J!e&)-9z3Wl&+AQ)TjpSxGHoR1wL&695nTzo{XOo7uWMlu3<>}pjIBQN{gx}5
zfp6oG`EH!}2Rcvr=9hVM_A!F1^V#mRsGz!?6mioza5zv}*&#O={5!@PWw|wVXM_t*
z9NV7%U@`sS_19M;X^eL%TZc4#KJnH!<PPi)$mA@n)b&^-1cwOt_(^bGAv%Ul&SdFe
z02<~+IL~@~n5N3*2NGK}gf@}HI3yeZr`;I&G)V3avl9`O^C9CUBt>^;W(W`osKK21
zoxQ(eF$e3mP8ci&Y=-d=(Ba@AIp|_;8Xf+B(iRfBu`WkBuZqL_v0CQAp|tkfJ7eeW
zGKx=1H`er~&9V=roxdLhV`hL`4j(+?>*&>FTvm<&h4d<H?5U6&P26TG;0WC|P60oH
zn}I<{r-nuMo<br($Q@^bv2Vbkmn^)Xq1}m<RZ=aHy$d8#yLaMA8BGSMtVe!W`5)Ti
zIYLH%7Sa6}ch|UzJ{_^x-19J#tu8~!2Y?0!MpSk$|2Va{rkbF*Y|@x`!o@p5EWeC}
zQKE8IyP_AhsG3|W3TDTwxDwuTe{)klpdsV3G%+w>79E87=D<Lpm~0vax|Istd^5_-
zg(JO@n6NYs1ac7+akHg%zjII=6+>X>j?`g|$WLIw<Af*P%(zJDh5{~uRyPb6|2xPE
z6$02D?0|KTG0qe%*o=X&z8mkhXb`Y$>Q|8kqQ@=PATeXM?8ProJ_2IVO}(b&!38a$
zoTDeJZI@f|+)Q)ywe;g*q^oG~+~5>vgSqvg+e50<z!@mp%Y=|SU96~D6rJh|>b@2c
z@|2215ekea0=HsFDF@eScLm*-h{EE80IeA_0-gp6Y66#WV+@>ew$gLkgn`;!EE3-4
zc1*Zh=AyBNP0$H4{0xhNGlN7(cF6vKrG9zoZoT))flHlKD4quQ;}DEXhb&gQf_C^u
zEl-T>w$BoffJirU^nn2WW8u-#co#%%82;_#y@jQSQ{Qc%UZmm&19PN80%_><=qnC7
z>%F@1Igms0Rf<u;7wn3uXt)cob*xwzrMf`Q;d7TI28{vO_+_`!2BYWQ7#IT2(BCLQ
zlmj>hjcQ-^fQ|rr5ysd!s~o8xz%I>E7PHoCQ7+)%kE_rX8SoT*^HbNk&GCCxscHrR
z;mOh$RfY3qKGR*6oLK)+*76naWf$EuH(q95%9+D?a7K53T&}kr11M#L5&sU%lwJ%^
z<`k+`a4yP13hTj+<+1TL16-biO!AaBn6!{myjF9@zXv3YRTl7HW}wHWWyT1HldJWD
zQZ!~&H<f~#6Z&#QD@ZjpN~90QEka#DD%=*O%{L)rG5X1v{MP}EciR-rZj})hIfa|$
zPxIN4!v_o=ed*J4aCfP=g1)0uod#YZQ0xLYUHOX06OVzXdmtzH;o2(&4$B@oB>8~9
zA12Dg1}tB_V;e?N0OQ4w?M-}`Z*nmaLrZ<ysURYc8rya{FvVfgH17P2Fb}_EYs@Vb
z%zr`$!Hr+}Ps?d>j$v>IEJ;{z=qVQs>c6G=LY`YM`s&v=^o`wxgoT@)=vr=`^;wkG
zMKwY<+PGM=;Qiw~#&BHADnt-pIS8$Qf=n9v@-v_WeS`1#u+in++OC`e0{z<IEW`U{
zK(qtv$)=2D475E$%8LDUAV{SeM-`I1n3ByT$0Tgd@!g7TWE7*(4Z$)ZXpGSu9VT!Y
zyILy!7l_k_w3G+SNBwfjut4+~i1i%gN5D@EW<D+wd%e;E&W9+P2&piCG?m|2-`GKS
zsJnv^vGLEDOP8)09u^Uc6baxUqp1)W0uXbXb4W9|_gO|$Do`MTi&VdZ+I>r1S|gxd
z{;t*;+?EkxDyIaJ@whJ=03n=q3yapxIAzZE1Cjm}q37Gll9Q#DO=@-^BctC%m!JjG
z#XpLstRDvV8uY*^h3HN6D0B+6-6Gow{5B+5O#a|ZN3Vq|B!!Z(Nq<uU12<&8Ogt^+
z4S5LtW1LbBDmFwe2q^$SOb#;%&}7Gk?&SZOdW4;it6+RfpMeyQmjiZBCc^FP`%w>^
zNT!Nt_`|YsL|PX67EQQ;5(09vH>|kS5;?~O+8}i#GZk2r(b80l%#XOynT9hp`XO`R
zud`M9L&1D<#)%C)B_>(fhFUU}?*=>@xQ<7lSFsYQzrKHVp%ugc7={aWgK>k5CfY7o
z{u31MY(p5*DkMR!sb%DorO8a*?dM(B*p#%Vwy$V!irGHyQ0szfR1dlg8FYIpdH;*s
z^~WGk$m)mULQT4YI(EtdpTnHB0eArwIt@01Po^Wf84n0iWdX!eG;Kd)jI^R?t=okN
zV_;52q+b;mE@WI(0{{?G+>>2`B&1V;9x@}j!30+NWiUbmEfc0Va<(iMd$0dqg3T5R
zE)_?y0wnnU&wMe8j@FSf<H`XyE`kPzPBwXrpW%ik6+-v7&?B{WFu}1QVfeA(-fd<0
zKN^t-2{$Q%Pp7kNuacIQmhAHb|CW7t?GK8lYuoQ<IhA+TxHw7=-?2$KRl5}tgI*07
zc}iT6aq+mWi6O`Zz#o@YR>o!nJyxj67BbANeTVbn;WSzj4}If{?eddC930H~aCVLp
z)-}K=g4&7A8}yDwg^hJeF(GQbhe_yO`5n{dfLrz%x5yOUH#|-l{MX%@Kv!i5KmfTe
z1MG#epwSv=wKl(71xG{@jSNYqj`BjtQvXnqSb-Ge4EVOu#bdE!eo+NoS)!;ugc5SA
z#SGB!;Z?|;gSq?NMY$y7S1H0x8pGO`@Oi0B4%$B)xB6p&=^Pi`_#oa{pl^(@OvW4V
zU!P2x)lsrD_d#n@uG5bNDnp?{R9;xW?!OhQ5E_j1_z8<7%q@mMaN2Zk81mr%bQcT^
z>+ObOw<DLEUB8hVwJ4t<;eFDS^-N_?F+tt3$lD|+cz&PyM(8031nlnyZXof>$>54#
z;AMcA33A#<z(s-ZDl{FmrWn$KV9*w#aRW-`f?L%BKW!3=LMR0;^5xd7hGcptzAwIc
z_dY0288zCUK6l=|0QM}3^Yi@2oZ4`$!ZfKDbi#{5hzy)EHh)2T+I<bkV9rp?CMJP)
z&^yQcu5cI0O~43Dg}&rL`w(Ln1dX=<O;hABdKlPp33$H&{&#%!s!+k>`FuLuGAeaI
ziaISaa!WhtxSG-*tgOq`b2X!;96|OLxZbMsvqbkG8HLdAlDjWhB(!#VdPHBz=1|8o
z4LSa<y*;5t+sjP#0~!V{zw(p&%k>Oy?ZT2A#;(5pwBXLcGgzwbHR#4T^IOtld7XZ6
zaHvtE8)n&GAX_~t?%Gd(Am0nTT#cp~Ox;M{^ZE(mgh{@@Uw}~#7DXnan&~Sp!VN&w
zF{TP+^CUBFC<M2-$G-;PGmhL(CpjB*-^w0pRv0(1Xc5=|eWj+lT2^oCZLb##ECd`d
zGHQ9)TAB4RQq^b97T}638)mX!ASoPNJz+;#5T*5wgtwEkPafL_^o-;(ypeO(=2Yq&
zZh(j9%c#JgeiDWKH0m{0Kj1jBN&z<@Gy$W_oQGEdr+x<-m9Kl*PE>&xT0hZeUk%(r
zls%^9NqWfGp;EEw2MB_Iys>xFf<u^l056V%*xG0SQQj*EkR8ANQC|(NM_*aAhnMhQ
zne7f`!NE!PetQG@59p!USFh9*g&;|HDO-bHR}OXTn0ZiFcLP|~wRhS<yKaihwLQX|
z56K-{M~QJ~@tpw^iKiOShWz`FpeJHfM>*I4r6d4QNV(w1+|seJ5at5SxN=N)I)_DP
zjtUlCS>G(a(B^vVBFI6$f$gch{;3w%j}fdf{T0&9V7jGrAaBwe1v}hFpT2H^{}Asm
z3HzG;BY7U9tfxEmId5gI>lbaETKnIe8Nuan+arVkVFeE)jSq2{T+Ejz^@B}IKU!KG
z-JGy5?mW<0&@l02@>quXo&xu{OrJo?B{4jO&~`A$XvCmkhZ6O1rn|joQDutNeGmPj
z`man#77m>VCon4hr7Q)PRK>@wS2EWCQTl=b@-8>?(r<6#X|PJhLF%L2^AMp}GCVd9
zWRFWJiXtqM`b{JAL;xTS(pcsA<>Z0p0T4ZO?jryL9>~(*`GTDnbWu!Q_rRRZz}EsG
z7i}k)r7)J$^w7bNYN&!3h$zG8HUKqAAtYdk3GS#UEOeUr4Mv=Gd(3XM4>Snj`=Do0
zec}O9Eu~nku}pYx*gv<+q$pN2`u}kZn*(*Ch-%_<*MmQJd;K#=-9~@I@K0t)gb3@T
z)iei$q)$QcwYzf5IS8pDWWc{SRA~XS0*CJ%Z+%8uIE@<*l7sK)c`0b;0UQ-`+vo;_
z*P?Ti&8u%(!jr|KeB(2_9#Ovle97=4N^w&mM_7bLaBwKxhaqEXUd7NSwLCuDTD<-J
z1w>nvC?-=yH0+WP{gb`-GC2kymW(DtYfztN+@%zg0Hzm_Cjq{B<)h*7|A(r#j>{^I
z)`q21I;9(=L+K6?q>&J$kr1Uz8j+IjZX_j@5a|vnK|v8oNhPJ@ThGin^Sx*OoZk%3
z-uJ#&UF%xcnt*_YNH)<#O#S{&*Ws%s=-^^Zl=t*lSoNg_i9?`<L<`&KT|z)ULP(#v
z3QfRi#PXN0>&uyppu8QbyAE-@;S6Y7=IlcE#L5M%dh&XpzHxjK819KBlW&Cyn^O(8
z%?6~av|;fGR**=xBy_|#aO#~A8aZqlZ)%`Sk9gV+25DNVKzF81)}s=-sO0_S1_%Uz
zB9OF7!86!4VjDy6fa%IwbaAS#N4_6i!fcNL%D+Dl>+m4a*Kl{gvt+9%>5BDzNaqH>
zDqi1S5C&}%lu(Gej~{P@L-i=7P5NZv<y2nOzZ6Vg@?Fc(YHLtCc-uH1Ne+8S(u>}O
zbDs1{!QVT*AEp$3N?JTJR%bjJXKHsE@rz6PYnTf@`573Ku@ucN6cj|X3mZUDMV&$s
zVsPlyS*Wqfbb5D4?t|rnz-y=}uaaVxsrTIELvcG}8=rkAd!Z0TBd)i9ugAg5WOGl?
z>lxN<s}@P;+kX9AH!zr!HJ9=g7D2LT`+<b(^h5nt;OZ#L&JDyffy(;JgJ6nEgIeTQ
z!;3d#a#Z)4LmmJ_iT`XN2CJKbrf(h4CAM!#5=kMwLiwW4le}<w@896KJ!rNl6mWh1
zlL<3_TnArL7Ehv#TJQ<(9aP-?4>!z5Am-fUd?2e3<H}|nAD~~TbmaG1VImIsQ*m8X
z^<(>g$g|YQ3kf20XSn2fSTc-PB;o4_xEokH-9AIK-U<t^CZZooROs7dDi2WwhM)wa
z>iXXV*jN94klu3(6&dD32vN}s3jn4wETv0$@5h1#0&3_8nc4WbhTQ$&D5e+@3#iHA
z!XPSGwKO?n79{LiWGe+y1!V-#0}O~7yuScNC5SWu)C%m8hcMG5!xe$<{rS_Adf5m~
z<T4iv%y2ct)d#?68+r*T0aeD$F2x~SkW?jUR*s~n;f_k5bmD6!%iMb*X4Y}T>Jriy
z1%4iAq-yJatFy)l5}=U{1KpS@CX$zI&gKz`ger{Twy{Hns&tvDJ30gX929R1Hd?g8
zQ@rVsbVR#*9TG!u#5z=Pk?B)-KOvT0Jc7G@$CibX=Qfr>S${)Mr!K8d7j%SPg=%(1
z(rZW+i2+0vuUfn<oe-^lsC!kL6eI#^U@Yh5Eb9j)hp^BnfmFz!>C9WL!f*UlsAAs*
z#6ErY!Oeq3kkEL!2n4goIy&;gNLFd7F~j6#(65IkUc-bRvay5m&Bd~h=Yy1LaXe*x
zAdidkwD31b+OrFah2%JOvu2gCC9!q%<_KiRF;<X#K|#P+D4vi<>L*`mGh`>j5TiFT
z*dL22XQq%HQL2Rhcz5n8F8>F9Ev!Q=Qa%iS2xW!bha_o>2BAT}_Ms5t7aR9v<$G&j
zIc}|+K)A?YUCGc5ofqW|fHG0j@P-93o<nBYb=LCd1CBtS;>a)x&%q`jF%y(L;O1di
z-2WQzr)${HvG960S1L&YPd!Cs5y8A_PLd87)!^hoA7F{2vv(HD!gmhENo8m$AExVf
zfSOP<w#Dst#?z{xoCS=B%}FnU<!9A!LGPEum)IGZmTrfaQiyss1dEt{zCA#?w(O#t
zhzGxgFb&oT;s_LwFzU<k$~R96-}DFG*P<{iA`#`!6G{!RDi9^4_b0|@kwxn$WN_P<
zEbc;DNK%wniWEf3++O?u@b{`?FG1sgG>&;#1TkBrFk58zpg&Z0A$hw!q$;jR=H2(%
zvO^l6P)^K4JIAGyGB$2_fa364mRbEJ7J6qrah#@-5l;l8tva)eQ94Q>vP-;T@f2p8
zM;U^7knfBcsJe9FIOw$4vNvEYFoZ+K)nV$nIdxwS`J%E&U~_8=cps+_m&}2<wbZl9
zBd1s;vx(o6Kj3s96IlU8^fLxBvK*ycSVeVPM&8P(_ztva6YvTr|9&;qIP7?I2_Q9-
z1mhFNFG&wVqB=o#MZ-&>+wSw5`!|D_I@uR{L6p7GbH{{Vjf)Hi71>Xf&Qk<D|7zjm
zC-sINK7_}*y1L2%<~-MO-yvMNF=@vO58r)0$9|1>UxBk)k_ZS}k`dO3eGrB@uzX>_
zm?0@?n>6SLK=uH*O6Ncme;xfA5WEP3IC?t(by1yq`s<7$WmGIUcs3j%143xBf&E5d
z#-3=%*>{99>WXoi9|rj}!2{9ce_f@N@f?qgBe4eg*5{a|J;+2Ageu?-pkrkUD$yuM
z-cZh@FM-ATf*GabM%@agj|=#arGG~C-Kj4Jc)18os)$8`AI+{d@BHBQL;O&vjBP+9
zot>Pl7D8A;b~rY;JZE_(BGi9oYMBTbewa2nF*v-{+XAIpc^gWR(~<NjFitZU;CBcT
z7*ATWqC8d#IQa;<L==vVm>l0H!H%e4ENaYGtLJ)dk!=I(W-?O*RLF!O3ZsB;odOM}
zBdbSmU!Bp@nryHL?PtnjLK<*~_l)<QhSoLX?9iVBy#vUD#Pa#v9!dv*gB-6<$V-j>
zg?dHx+jBr-VNXU!4Wb`br@0&>{zs;mMKxu>pJx;B@=xq}L>es;;vkpLbW@Qo#RRmr
zc@x*56LV5`sK=|J)8f%*>ZRcNFE9V(oPe%pXRR<+N`+Y%5_JDbXZyJ>rto7&JG;gH
zi-OlYOKc<<Y*%P99PPDE1oyfPFE$X|FM$)}y&Q1NBtelq_&+i2R^7y`T_sJ>d9jF{
zt-Mko<wDNge{Fh!d>ymamAdF^e&vCM${iwU@T4c4u${**5V=I-oqhc*rbBp6M0mI_
z=2$7=4=0=Ui&fq|Tkyw3LNgeD`S2Jh8K|jieg`6<?56FqjVwG6l8ch9G1C5WgNVOw
zJ=PnGZN*Vm3gUT)y>>ff#}Vcr*+q2UXE4tfS~tqlztSwB2VxMTHSr99I-;GwTVL^|
zIsby(zEZ$#Hs8Nt<ov-GpKrzAw$^2F>U!G_n!>zoCyaaCiy;)o>qy!Qrg}~PPY?_j
zm+GP9i4V3(O2VTTdIV@NfFm*esm~-ACy!sV50t<{gxQz5ejqK*;S}LmEDGiscviir
z`LURN0%eJ1Kwgl?W+aUvJr$uyiUGk07*QA&<QsQegA)c4ZiFju!HyJ>v-LuVuMUmh
zxt}SvLS<Vc6^2sTgbFh{O`DM6u?HlnpySIU`fhxPMgau{1FL4CC?TvaX^G?fpygO=
zfUu5&bi`s4=w-@Tu#+SRxAT15m9zL<=d3_^8Y&!w$E1+QDoP(LxQ<ni>81{xc??=F
znY#gm1^M$(QXtH`i>XV&LUUGx)skZ*z7AMFuBxV)h$b`EFa;}N80B!{OIOiuci76r
zckk6pK3U2)U1-Jls=!gcBuC<Twum66-G6iV=SOCld_Pi8V5qg9)i1)T!F~bE^Cpss
z)wuYUo;IPP9Aw|%PI|_bEz<Yz-|yc)hnhpSZI-vYld_(`FvsJYU4l~)1Cme@?s$;s
zqci0JPM>kicq~dng_2Py0T4t{h>Y^6VwO(1WBrCv_yJluIbCrL(3CAPwII6@?N;RQ
zu-O=-=_zfpWT_FAH*K12A^n%o-;LHyX((ZI{vyFm3PA~4^%6P{lz*W+q;eZ6-K-oB
zq3lgx49pKV+egs-a6f~_oT8Z@v@9h7!h7H~07Okia@Z#|4b8e3<ajsla{8DF*+r-h
z!#^#KJ@5hVkZ)yCBWLM0uJdh^_Y-0e>7sh!9+Ac&^q?NQ46+m|Mc?i>_rg9sC1vZa
z=5!uLw8^lDS(OdYdp_NlmB6v_zYvA4M(PdytHm(7{b7v|Cs?96aPIdLbAmWlKH&O5
z`Z`hbUYE)S>mQA)T5PHPS31UQc{(CGa~N>}VTo@|KvrL@D&1&GM&9fG0Md8p0*}Ge
zIT@eFw!tiIjN_7aWh7lYRQ^uY0T;`3b}V<A?i%o;!jQ_%GSsDbw54(9aIanI)T?hJ
zYQ@srH;w)j7(mh%A*`7bu6R{@6PHGeB<!DdGZ2pRc`1TaiWVqYfEE11bFW=a!fui|
zyevz=I`WXDJ?h|c5kDaO)n2n(q7&V-=H5yfAqoE1X{o_(aW4)@46S{CYyUG?v`irL
zafM;jDME8p#CQNxkc`Jzd3U_l^4>?bMk`)If>_@B5zwQM-XCBBTP^S%4iCj7ZALEa
zyzXH*!~5DPvyAW}Js9nmza3-6HrXu@b%<(O*JHVK;K}8-Kv#o#%ZU*-tmJxhF`{By
zWW!>g@m<KBQ}w$8FCspGGdzPU1?u4#m6+lyWSv7A{`<sTT)`3+g_`UN2J(S&Q`%RU
zoRblc&yIIu1wsVa(fOZIo<mqhq6v=+k7U+o5gW-A*0^fM4|Z8W1sp+X#SMHyE`&c@
z5l8^#s5jGPN}T}>$c2v6;dAJ_>JAy`J$y)5Iw6iubu-=tXqR2-X7QRv^Cin<FI2`k
zupPd=+koaSqX%<Q;#Y1gjQCz#b)cyO6F~7<8o^?xrkhy`fr7R-Fu;ac??ki~(Fa+I
zI#`pe<npY(R=>f?fQh4nKy+c|#F!Q<0*zx>As8RM8CDrk6oSchTGV!^u}@q>BOo64
zD<GKGCPy2e*PtEU!3u=%IAPQ>Hk0jd?>UnwenV~z+a5S9BRN)DQPzidys*cSkm-ZX
zcv_}k9RG=yvZ$>N!g#PLDmaHAxrre-EdbUhyqF@mxtbu_ck4!ugq;9;pgE~*rE61?
zA%^6L&*8c=BAQ~D`24<eU$%g1D9MIZD2uQ&D+uL>1OOm0oR?Uxo0Npewr_+Aqnf>_
zp`pTX))CS?lx2n91|hC8yR>Kr!uvTaf$*I%592>xxnoo@JrqlRX(3l-+MaWZ4>VvA
zlo9Zt6ntiZxE~NmJNiPH=Xjnh$U;iCCtf7Da<qR~GL)Ik2H_b1j}c=wP@AS?;T^iX
zX4TFMrSlyM<LZ8Rv;j3~l3x!h7OIvPu{|cy(C8Mx6KR4rG21L9`vsGxbcpgX0=JCt
zYoH~|etZZ?Rfx%gZBc#T4W)rySSsN`DO8f>68VuHA5#M1NT`t!@|pX1T-4M#G!|1#
zsKw|xn2;Y4SHWBgr?WkBlza_mr^alrjv4)s$M+BJoQsSTUGT9u770B0(d4S3)SP4N
zjJkNqK156#jtttknHTkZPZ*vjG1J5|v>6rL8hwD`O_yk!*f7u=CDdOI&}7_pGCGF6
zyBU)5Le)R%C*YoS!oiA5fM>YC3LIQYffc9@X-vC7X>ZTd+G%jp1&TBvI`cf;h1O9V
zsn{P<;d>$7r!5$KtAQ$`hy_;g84bsljD}S$pD${db6S^GR#Y${BN(J;?AQ9u*A2Mj
z>xi@pMb&LI044-rP3VNdh*}3!c&w+DMD$i0pG#tk{P}`<Ou))he=Dwzahm-BKbDaJ
zamlETIfOj$#wuu!(szhKYC8Ng@loS*8YbouI^W$+Xb9rdN>Jp~xnhG42#{q_LVkPK
zVTS%X^nRRzjQl%c-;-TPn@pr+-C;X7=v$`l;#s(L%qd8x8oOWx-SPzB5cl+}a*fqs
z0=#)P51q%1c{`M((Bz3OTcpE9kEoy!U6K<Di!#tW+WZOW^1cT{oC0gMB5G(C-uQ5X
zFC+I8HWZC+8_0D*7&R_dff}}(0PDo@_GPgXmOSM;I3d&d@)p2qF_$&{4}N`m@H8sw
z*5NGy68RozzoJlL59hX_8^k^*x-68I8xz~A{A%J8-GCs6uR*mRZ~nvN?CHIblKqk%
zL@xuEaT3XXn6?q}z$$8tYLHmg6$ACu^erZ(DA@O`2kv_Hj=U3sfP0TILpk1vD4f`p
z>G@C+$1X^Zb1d(J<NHkh0Cg6+ysLDU_@hoVC(6pP>pK~Do?6w@nv0Povc0|FQci@g
zG0f&j2R#&+WFp)JkROlNFYGn)T#ZpP>E{PmMI8t>h78}*`rs*~MXX8pT(Nvbc}+f^
z9DR4RNg*;4#HywE>tqDrJP!Japbci7Aw?ed4_Ue>)}zI}{8%@-99Sxe@=|>j$Qk$e
z9bpz4*maaWh-rvr&2IT1<Vwc0ix>Ea;nlvcflMjK+w9AlC)3G%@<awny@gusko`g_
z6Y(?Y)*j6b6;Yk;(>Uv<Av{c&Cn1M4Askh;iJ^-YnU?y}bxhI|P~!zwfM_zHeqK!7
zAoRqNfP~^f@J(vUnEM}UEc@|J%UO9)p7)?M>HAV5@oV)%#k|CI$xS{N7a}QQVLSq$
z43;th0}ocj{!WrvFDNN`>jV=}ORDFtQ_4;aXC{EqtOizLME%#Q$Epfbuq7M5uPZpI
zC4MA71z|1xOv_eoqXuPVk74dcKHs^5oR*#^kQAK#*zxb@M!xMF3>i^f_hXaRkOf5H
zc0rIDNeFQCnoF}&OcYJ0@FI2<rNC^d;)v2a6qZY<oSr&g4yW?w3OmwvlE(NibOaG;
zF=dQupRnQmJBr<REzX=BEKUUsE5!bK*n3fP))#vWjvg8|y}y?*kkA6@E&$ZZ%YOsl
zp~xL9_g&|v<?7R>>*>|SJZrR1E<O_liam-=s?O_yzq(QcY@7=N4PIH_NeW@Vu9yoj
z3Vl6b32?K*;}GM@c_31m+{Z|{o{q7Ncz*_6jP8tUC`95~*(UD~u)9Io)?X}raL<e(
z`APjLAa(S=ngH&C&-ge-U}F@reqjHj%4H>U>JNome1<ShFnC`G(Fvi}Q@D+4gc^XT
zK#*>l8_$wJr<%p~B?W=cVEa`N!WS#6SL)+6JbLtKB^D(ZQ0=q_thZm~88trF4*0Al
zJeZ4q<9XvbX#Xl9b@jvA0m5JVgW4m(c=?*)SCeGce6KIQmqjtwegj{v6otlD$lS|p
zH*gBrMW@OL6+4SkYN$dwRGAV0V&>l)a`ZpQ{0aQ3o;-FZ$cG1xgcqe@<j+>~3HZzK
zH`;X!ZUlG+_^%l9e#36Vr%H+YF!A(dW(JeR1?xT*HdY?XeGCklkZ%?Gyj?1x4^6z|
z;%@;V#F9CKDV}gK!3H-OG5Yf^IlvZ;Z;d~ZncNDu!gm6NDa-$C1GQ(IAUgn%@$kF^
z6Z(RSkQ*B`9jv9ytJ4+wpP8ZpXVX=+1I##O=D5zkB8JxtFK!6+Baf^^6id%AyP^{c
z&`DiixayG{hMVNEq1((COam~j(Y=2#Vr6#5KtqKX1rb=EI#56qxM}eivUgLp?t9)K
z^M_%k)fTqE&`OQGX5bY!bJ;XueqMcS=B+wGpm&Blv=eacBg9b2yOoCsE)4Cht5edc
z7dfxjSl)G|yA1L=&BhYwCJj%ewuWB3bNP3u2<bxqG|Uf71Toxzz|DRV+92(6WMNT-
zXE2W!nL^!k`)`w$H@U{`#g~OW(o26=Oh;{Bbr(l{M%2}O4l{gM72xp$16Fv1yr_N0
zA?wmuV4f`oe;hg>tF4>11fe62nLLn`Q1EY>Cm3zxoXcwmS~ju*?zVkM%zNF5wv#<`
z^B-1Bx7AVoNW%RJroqh{J%lMI<Ee>qj9me|7e*Q>h0Xm|{Xh}qeAowd)0D%H*`b4r
z2%Y+bhDTl-3p!^_Pb|=lrOm0XNNzDAWz_5Dm5lQdGyh4bBl&k+|LS+gq6(7Dnv;kD
zH#9UZm_U{>s9J`y<`<eAlj(+Y%MYU6q(pQ`i}#;))K1oX98y9>3y!W!EfQT70Lgrv
zINK29jO%Kb>uky@$Z&~qvtf{q>m%S9%=~0Bc1uL>w!b&-&_I_J?uM!R^usjTw>{KZ
z`RR9`-CD$4MB9sF2WA*TH5Zm)B0$88Xl77Skv>~zO1Xp#Wfm4<4@Y1zgV`mOZUG%f
z3dXvsz{$W+l34cWb!_W#VD$&(<Ll<@*7KI{ZjXNyR6T>megs?wTDmpniUeq7w;9>P
z3nqPbxDV&$ci5GygF=jnF!>|w(&{3LGUbM^{YKaLj^~*380n33jycbNtcf3hYX6Am
zleUAXHR_rueQ3j^NqwkRzn9*+0qWmd(-p_#^7xV<NDK=(?Lord^UvJiFRauR6y(@k
zwh1T_d{HVFZy0`~jHMF(1IS3;Aox>88nsCdaZn&f^gkroGgZr<Pn8mW=lu}Qb*5rZ
zTcXir`J`mvP2wl&QA<!0j)dxkPF(j^7y8q#5Uij6=WomVFqa>;mh@{3!GNOCd;7oO
zA?rM?ToJ<)(Xea?WYTp}o3Kv;Wsk~=K4X!%W%}m~08eUu|4Llv<Ut`Vq$bd-nhd)J
zma|rPOw6y8{$q%WTO+DuPIfaj=7)U#aLl^s8$vF?06GM}JbnQv*#_L+wT*G5TiUHJ
z+(T6~H3>9=2rD9L{V!iM3~XzHt4Htvq~XwDVxS{WEYj8r1~eU#_Hx}K*O4NKbmVG$
z`Y>a08`B&2_4GC4flSb7I}wbu3oIhS(s9KT!DruuGBi4&Ge04AZHqy9^ykNG{5$qj
zW=?wLx)E0}TqX5#Ez_}WadF5TyFe#j4lN^=hO{I-%D&;7gmL*g>~BQIw~=OL4XssM
zyMU>UF4n^MY{`_eS54Nyq!E(f;fe9?TyPxELt=^~xn1lC)9z}Ifot+LAn7h{H=m3+
zL5eBrF}4}Y*N4Nr8<p4d)cDLFh*=igQB)R(%7>F1cfG|IE#lXHbKu)y{;e}wnC@sR
zhE22%q$aRG0<qH-QjI4%Ap(vgAt9(l-a3fc=Iy*Gr#V*gpzkOccs2JIipN@V^l@AA
zfK}BD1eY@v`V5Li(r%AG;OEw?`&$w&@qLDYH(r-YC18cw!kg_R>*Xb~@o|4fdSMVq
zp5r4UBR!)C<#+_^Ddf>i)@~m#iOpqXZhRL^?qzW&H(@{-d-Yi5?W6ZIahfTgGQU@>
z+a@gCdHTgldKWO*U3F$O4OoLcQjryDs|*=mZHH>&uVqq4^CPPD-R&9u8U}NpH)B7Z
zwv2IRhJI#%u@m(3Qlsb1ud*pV!Tg1vfk9dYjWOM=P;-htG~{Z*-yXilfC2AWunZUb
zc(D14u`7@7SS4$cu{^)bSL!keKzo)lQ%cYNYL4ixcUWESqI*=vWWc+5)88Sg(dO+1
zpJlao75=!WQYq(4y3u8VcyGSWjFYCOIJ4a4!h%^<QCu%;D5tg78*<EVm*U9FLUBe`
z+A|sJ)Yvs~Nl85q=@`2)h-wRSV+t_!r^6lDeb0Y4I^@9R8UBSXUWD@=6Und2!P&_~
zx>ezK-b>t$TWEG7`kMvx5kdz)udjs9wz+Df0;PVlsH$~vy{{nC-u-MjeEyx%Ycx63
zwO2UuGZjTr@JHlL*uCl9JjviC*KNn)^IT<-NKAJH{RaA8nA?RuwjqVSkyGfS8hKTu
z&a$%pce1*?gLOw41G<rh?}Lp{hlYNqrBS$)J$fG}m%CN3itOiNM~=NRsUII7FGNkZ
zPU%t{`sw7v>!yRTd$b&eVe1fSwT$5*x{*`Wrnl2&Wk2ePlIe!7vipRR#PzRC$Ca92
z4EnnyyK-cI7P;kLW2g}xQ?KGGt`q!a>uW9!=gJGbHKweVM?b3h9{uGDibgDHw+3Y~
znk6|Bvv)h+8}Tu$f;fw9F<Uo34D;c36L2MPwR3g72y%JdG0mNZSya<kr?<5^&(y)l
z#r(ASiMO;gn{m0mniJlZd!8_wBj+<JFOIlysUggd9EVrQf*-%?8vn`f&Wsl(as0l!
z>oh<7ade$A@}<ci89{HPz5QvbbnTCYWh8#{`}^3tVfwVw@xz&_=cpKe7ST6EqGYNh
zP(NfZC1lf=2Ge?62PLuvcmHYDq%r*XbG1C@R<)eTx<jtAuHatQm*!8n3n<*hT>9>X
zC^$*QSQ2_urRpf5{)ILx^*L?&Kj3Bfcu2hVHvSIzs5nZt)_8r6FZE<Z-eq0&3yWb?
z({569%Aj>+<8U^*m0s-8+EYd%epQ^cJ-@&1%98EL*%kZc{OJ`Q`R_#)jI!97N8X8k
z(VhGszbb|F<we~x^y2mFv|N}?npquZ#9ApB(dop~OyQ1cxW#gpdfTNGPc~T_8|_Ti
zhiR6#7KQlRvPz#ugUIuM?qr%GU!`9|+?mqW$?H}sr_vPpDNFeJ*OBb1j|~b_g}9U_
z@?%M4a$K#Y*@g$~-;1{eP5w<_JjcblLp`jbj~}PZDN$}x`dDdKVYJj9^*zlsM``*?
zlyY?xl3^m1LvHk94Mj0kWVi8t;Z$TdEv)OkAQE3QqVoRndrtP46nngi?jrXIC*wEx
zqu5o+WS*f4yOiEin+!6Vvvf1Z7|X_!l))}kT{a|>IpSbH$4pCTE19_;bi1Z(IwYnG
zvoR2@It9ZmtMNpG^YG)1diE{nQcSX%2L(^b7jiTN;K(mhEK*d)eIn8Hp0?;ca%^+t
zU2JDftU%K<G&U?~&S@m(u^BpW*>B5HcHSXzjKR+yxUs`whixKeFHnt(wQyY}t4W1~
zmOee*n#Zr)dd2JMj(N9O{+@TD<O0^+iLd9wl=nLDMqB){hZ(grf`U(Ymjekk5-&0e
zZ|1xRjMVJ28Ct^P7^OFyViccIKw^4PuNtJi9*1YZsf9Dn$aUgLG8$;r4R@o7U_r9C
zW$>9kby3z;wxVq0Zo$gmup7m%FV>ATs(t2*zTHjoN=%V4LTl~J-YxulWzS~pKr&-R
zU;1#WG@I;MpPlwQAE%sgoU7lSnfQ&-dDXK$HNuS9Mv<w{(NdCew(rExKFKem%}>3I
zRacQQ{L7J3@?v7418H)#zDg$Y_9SLr;$=3*(9o^k!O57&r*+5j&j!9#mAQY@x}SSj
zh0+*>#cA5(CfZq0#qDDHjfJzwZ;!t=yV>_37ms5!+B_svlmGmTe{l8o*!wltQDtHz
zy2EfZKbGOqn|Y7Rm3!^l&MQ;I6$-IkWSK%ptfF*qkQ-lMr!k^g<wnLyu4?3@d~l9k
zc)!N+S{BQAPwz-}C<(b(q>)g0CDKyGxj0L}EY59LLl--^-n1Z<T5LDLG4I28$zzqh
zqt)wog!NH3uZ<sP2m5-A>Bgy&RwbEJgm&6*j9$hYR{gmB$-ayPwNXl3`74fU<D<sr
zO+V*(^`;w7y#}@(`XldP`Z`qy673-8VZPPt{)>zpdGM=vaKPBxT9ZJ{q-p!1SAcoS
zmyK3dzi0TRs^<h&T=aQNcd}$}1_kSuv?&G|p~?h(Xi7*<NLZS;xDvm)%NuMx%~{0S
zh=emxPU2+J%6%sXr&OL#nJ1+=*?D6j;wfG!4@uF>J0#2~(}Pk?j8z{0e1E6$^LXJ@
zlP@o>_sLwHhH*w)mAp|lr~5L$a`<qcvO90Z&gcAj&(qo3*7`n~Ygje?_U_FfqgMO>
ziB{@Py_TpAc*Ywd5=!HDm8tNEevk#}mAT&6!ugwv(LCLNJLSJUKvEjsenV`8@l~I_
z{PNi=1<Fp=W*4QS$G@-M?4r^b#<jULPx5>%mXP)cVQ-1FZFxTE5|Ou5Rf~Ks!S(*p
z(A<zlWChhja=a!&AaXxc;9&@)PC*;zNvvpRo0(A8_gL3{(A?G=yyao#Uih@_ObywC
zPqj*02E%)lt64(j#}b3Ukchl&<siML_?;nvZh5AVCEedUcRf}ZGWInak=3@rWc2=u
z;pnoZyRFr8ITh0*KdcxlL#FXoX2ct&I}N0%VlQoqL;H(`9IeR8KX{(4Cy6N*#OQ+i
zG~>c}LLrZ_4C!IwpB*-iP0Cc|$V6H71jhRPencRt{9tUT{2sGj*S`77Qbb3xf{UT_
z`zw^jKfM@_+?x|d|9;GN+W3KlSr>J~N>qPZ=AlaA%3WTj;`J|=!ragQ*4-G{yhN_U
zdKcp_qh=)FRus#MY;Qc#*|dq)Kt{sQyH(czW?lhveVHg?Zivq6sB}|f+=pNwxgu%0
zI{{Chv_FaKhEys25Ye2JrjqfRNPkV)oA_SRHNu*WM~k<Vc^WaF3v*_YuuT-&Q$Y4Y
zj{b4^P)y!~m!oxOPPHC&Wq(M1d=Cv7Xf7%wqRD7s;?FeW{u~l!aq<0$xpf%xW?Q4|
zI4jqwjMrGGN)3MjYX0UfDH!d}JI@MkAo(CkI$2WoO+WjWyn#)WnC_*r`=9Sg!TsB}
zSU%<AJh{xgZ)AmmWL%JV8Lyw<zR-n|e8<?`5S}B{JPXHbIwfMhce~rm??4IC^6N|B
zTOksewr%Z!48(sz5$fERbwJER^JP5?=kVvJ!`yZ^tAQ#!8X8?^MTW80;@8N>xx*?<
z!v=A6c$scrTpRKt8F#96*U4;F@HxPWx{ykCUH2RuE*lysifl@QRUVU12o^11H7``}
zaQ~jYUomYvWPWVOjW86xQNkBEsiDUL%^qFW|Ni*A$QqlmK=BwI!<OauKW3QkPM1@D
zXS*b`58ReGHQ)Ihw|wc2zB7@yw!LxhZvdGK>9D{sDUj-NgnwdORUGBM+QMLWeVMs)
zxs<unSAl<(F(5`aWlra$T9W<4QtF={Rp~ZrdT{9fRlQHW37!G*7$|GYo=r2~H~7M7
za=4h{*4uNL6zMdF_WU<ujfgmk6*jW4x7TeW>dM!-&SJ~D5`Rh-Rm-$R81J+brTxB4
z-S@pOO?)Pc{B~Dbz_tDEYF_je-EbHG*Pz>_g~9<$S9SlKtPRb4uXTYwpT77aBAVfL
zi%4h15?2)@UK`VhOIT$SG*@`IZ(kpBw@=y#6=gkHOZ^SQuvn2zKbgfji;9bz1N4<|
zcG8J%NZl<at`eNdpA^HQ(9I3>!LH(rvz{xaZ>qBzB%U&6%-SPoyNURL6OLVM9^%&O
zzjePZpR*bNa|bBaG7f;?{Cl1c)UR$)Qby!u(>=U*@1Bi~P5r4W#zRq2(Y?Jr2UL6-
zv7#~8>|fsl*tg8s85xl&hc$t!+fHEbIj^LsxM7s&67fsZ(aWpp#Tbp(rQ2K?S!>aw
z-Q3V|HeFesh@x?yff;GvlbXoV^dcYC>oM~bq2j`de-2^|bL{F3mzP@N)Bm0+`oOts
z)lpDL$PMIm%F4>bLcYPWEuc|C1yQL%yZY<bDD2FJHQ0c*n}B{1C{_3`jTPHiTSF<z
zC?K%E?f(L2<*v`?nVA{jU?3K6|C!X%RaYN{S_U1LVjO1ifxGgiq$IZ!Z`%D14P*VQ
zSFZ*K2Vv3nkM~bgueE5#!rQQMaKzz}wbzA6OH78AG<0>7UM%2_e*5QZoiuyJmJG@8
z+Wz<X9O3ivFl0iFgrKo@cX$6yFML>`cjx(>*GL-w*$sVPUti!4eyMt#86U5ushNlG
zB&(;F(yw5s%)r4>rj~gZ1CM%OWW-ANekAWX`OELyYCs03A|M!tz5r;rEK-PTU6{7{
zp2E^j9c^tQVq%}ao1_#J>un<^uATIfc|1!IJ$-%9vI<iv%V?;mW@LhCYU*bH%QL78
z9T~>j41Fv}6#_tx$ql(qz3Bpf;NN?<<)vOSBv<|9|9O)G;wtK$_VtpTLs?~IWl)9z
z;I``1T+#i+d0;EUaJaRV)ymr1Jq3ls?O8zy2?=p=aUr311LxKq@+Nq+5>4I*zW`3j
zPft!RCa#4V6crsE7>v1d@G!sUTaChGot>S5Xm|=F&UPqQKPJX0%N}Le+1WYp6B851
zGl+>j%8h&k(@W5XOJ)gkS0|yOY5`;$22jvZQKP7Yc?1O$-74QZ{`7~ZV>j~vkP#%o
z)HF2K$OvqapY<OA^rv%IKp-L5jjL5naP}8E2F7Q`tO-$)JCoFBHULL^$+@nx9NKYY
zTIQX=k-~KEfRd<`l>b<cBtJht#l4`gw79rH6!^tAs@@sviQ%`DoDy!81(QT--g!7K
zxU$J%78e<}aWnS#A4|Frk|@!!&VNh7t2aOJp97;sIIuq_N{wJeaJe2gI2ZyRYhp4F
z?IaWw6d3%har`ND8x+%YpvWaAB3fEnf@UchHFZ`-#s_G@0P`glG+q#-3JiQD(>Dk~
z2-vlZhC>FIY8e_d(>6`YKcN!=<X-mCWJcH!Ju*0$KLu@){IOsL&-HOQ%UkKj;SmuG
z&M@dQLkElLMpu6QniR~j|F~wHo}Rw3u>likR8qc8G2L)G;l?dU@x6!72ZLso^))q`
z?>k`aGhfVFQWx<zImYKe#<BxcsOiUBBjN3V1)v85Uq13XAeK~;FWjKn0!O)iXPHS{
zoa%U8Z2Pk!;7^+~wad^u2(}gjt4=zCpJ{;+$3r7+?aA_o72`XT#W-IP!x6W|w_#|j
zfDcH&&@i$@b##yNBFk+;I0|F26TDIt^Z%Sg`oST$VuL3UHa0dH_ah<D?>ad-fkVQh
zy2~Xhn!XiD$~g`|-!~8=ERzHSgBd+wj9HE~!l~-LeMBSTbVF^(V`I`9Fth=9c%%9!
zYD!8<Dk?)Dw}vn+m<=W;2mPl;@HI-{60NPBe*>%U%fK0Qe`idWIsgfy5`IoiLJ}ek
zY`4PAxVSj*M4_)<nMePyvA4H3F)>kBSJ%>tKcGg2Z;em;z<mJGo8Y%Zr@f7n4-+4{
zArDA%#zJYtl}OWW!)U;R2M*sGe#2?oeuHUcxciMTO1bR|2p33GO~%@wp`vmb)C5Z9
z55TFx7`aT<wppToM<WsnIsjEUcbAMFJ-YR!3090b!5c~R1Cp@<5WObTvvlbIsaR4Q
z3rkBofj&V&!7zNfc|bAY?LLgf)c#hwu9S901c@e+U0RLgAd||EJ-<T`bvhsJ@`Y25
zzukPm7Tn6Y_JC_RW(4#I^FF7ir?1I*O`x5{0j)NJHeYXZb8};3W3XHJp;__-apxrk
zqFMSkMMd<`mU979MM6T-($YdhLtCeRXFq)#V6$LYFK$6x_Mxt>4nY&Zeuj{wfY<Bl
z?gsB3jdHLyRzh;8;3L?HHViPvr==-#e4K7h@F-SPR1`wm4N;jbO1MI>`_cti;0!b1
zL;s#@u0Ox&^|9CzOiD9N%1`WlsnT4>08rbfz6&)&UneO#Cg#uQ5)E71(nxUEEg<D{
zmcn?m2WennfI`4(09d0=SQzU;Fn?rG4qoeQ+dx@4Jm$1U<|hOpU+62r$P6W5jtG6k
zgT#b{^<6m5axz&`iYXL1&4PbIn>5<khOQy#*8F#Aqh0;GUX>LjwtH5gklcn*fn6|g
zFrTy4R8v^+tfZg-9a&FU15eEQV5ZU0)ZCn*rNgB4g>!Esct60nd6}4)fY5*Ywmq=r
zpp_%(v>+oR6DXyQ29^vgh484TsXa=4qQAsuz<bJotF{k<4{bnM0^(QoqxbfJjs^t<
z0SS*1uI^P05}X4qyf3tb+r0LcR#vS3-pFyXc2psbBj<h;B9#*dzWm8y8Nal2t_K{e
zD~uCu8{5U;{TPpkj(!aC2_TL6GC0_F8!qh30*`T%6L^`kJ_`eb88~fVMp6(F3BdS8
zPfri<ku3RGS)ah+oh7Bm<nD&CMp5u1zhs_tT>nf!YYgY`Mk81Kxtv@V^c6R#50AHJ
zKf@tVziAb6g}Vb5RFr<mceCfF{a#L{_c#x=L)bG!q9~1nIOiFx)PGLB&-)kT%e57p
zBBxBo1KS6s&M*rOs-Cy_%w!-2gGsu$?1Sin^yv!m<e*~WAvhyMaAE{l5@^5L@yBUg
z%*;j5P6IBRdFD*DX?s!<3GT1e)n_oAx4X~@|G*svuO{ZSaATwV>B;UQnDsqZ@S;F*
zM>H3P4CjA_mJGl^!r{TLZjbw7*DIi27&g1G+&wrrn8yF+xpYI(Nt~NI+URZ>I6Bi7
z4{ia(%5P&o)%f6TTRS;;T|2_eN99`+g&5dwy&%B^Ig2`W#>B(~aPGQt$Hz5a1RlMJ
z_HH{+o`p}l9Oy#^HvmGdF~k^fByg!yxeVpnX(YUyfG)|YS1B{!;>nAR5cJ~WnyWFF
zhkGL@hdlaOrhNF*Cq)~u=QDe@Z282!&%etF=d}JkOlh?F9P5IwjoD6=|Ae_L;nDs^
z5*%#oxi8$jys=vdOc+39d<s5#Ny+RFr7xiK2|dqwc=Z`HIR^&^h_vt-yW5;VOasPq
zte+}(mX?-+;AmJ#NX@-%7;}aTlq>?07+?wT(3uS|R@@BcXfQB3Iu8>W(DeA*+d4Hh
z1%$v#u-p$fF)?i?3VOji3JM5l<_Oy0se|7>+W8p(8DVpC^FF1G+n<+w-_Lc9&lV^m
zPNFQ6q9Y>mCm|WrLcNo{&ce!iwDr{yIu_tSAS7%}m3@ZJ|9v{JW(dn*%bKsl!`HvO
z&Ggs9eF{FJ<T1t6G4|dkSCzF(5sK*vA>2(mC2H8EtTsF{Vhnu=urw!Hnr*k8c|W*A
z0~E694Q7;-h@A3p5sU!579ky7Y>c#*I;qG`i|{{Am8}Ek-GlA_b+HnzIqFS^SX|@6
z81iy*pjC7iOa_ecIXq1YujxE|e!$Y5GIMitb8@6$0Jf&4W_x@4)MSQ<R?624LKs{=
z;0jRLL!wM8;Z?H@8Q0PJ1QQQWRZR^a3yU>m5U?qhR`AJ#Tq!>Y5DQX|?m(0UuHAaL
z{pwIMa2xRP@Sbdy$rppa$=?Mw@rM4)#8*R70kLf<@Whhtn^Pkr4`_S_@B5DP`j(*}
zsU314#7LkSxP)R4H{Y<<0<9U+ZCOJ$+q42N1qIZN#l=N%ILms{jnx{K@#>Ey@WvZS
zgdOK0yHP>0Yl^9WUVbBty|{1B)LJ48a<lj+JgK1ng_m!k9VTQ=?`*+%5aWrD#m1I4
zXZ3ty8=EXT5rHWxH^!u}ctS7oYsG)JlWw#hOFw<x#}#cpw-Ook`F$?2``|+(;&v3p
zyk0-x$y6k1QUebFLh~9LV<RJO=(C!AJw4Q7ZpzY6UkPYpr)yiw9q=coq=eFpSSWl~
z8=KWOjC+NLrz1}9wDl|<gQO-sG4UmegFU3+yI=wM!(QQRE<~j<B&fcHq$eGutJ~WS
z+RCZ2fK>}LO9)KA&eO9@+-xew(v5uJ4jBS;4-~Kkc$#C94H5B{&mT)H_jYsx_Qy8w
z<$A1IVxE8gZItV$YLBko=hX__a|!F;*S#A<JHBX&pn<CU>d;&5Kx0SIpR~0#HF1(G
z5g*X%B*-*^?&gg)b*DbYUM<j249p`5;8XmN)#IQ3@PvGdl3IUoy(N;M=^<I~<xR1t
zm|`9K8Y^UXu5a-_eAD=E`fBXe4Pd~+N2kAa4gcpM6iHc*T<5NATZ><xFiWd^*HTFz
zlEyApf2lF}T6<<#TYqCyWiAIB`;3`4>GtPuWir3--Kl-@Z^U!f8_#SM`uJ?{{r~>S
zgFeK2<>1d8h$bz4Uq1~J)O>_)70FKMTV|q*6EWIElx%d%@W#)}*!(f2{GHoNdUU^t
z%D*mh{t9cntKn`uk;;W1Z~etojl)*V(5Yf6*eGZ__mAnTe>}epTC1yS_tRA4s{ayj
z|C4F;CR8J_v5nztsZM8h)svsM$$gKd*B1Kp>qrE&zr_$~ywVsPF4JDgmu|bQarOPx
z<YKvYm(e?1-`Qdjzm(k{REPs|PT6g>Q0+9z`9FU<S)(bhr*G61*=@fD%eQRa&GYq0
z%7paSMedbO&z&&!B={S<9Le9x&$Kl@Y3LGbAKi<%dW&LZ{MV5w_~I*f+>#3tj?|!P
zgt2DiF3Ue2c5isM)lfD6xbD9@E$sj4=c3rnVo#rKLcd84^`@q2N`jiq!&|!ye#PhS
zR2SbK1xP(c6IdPQc{TEZG2#9cH#^!#o(o=I){iHg^euIx!NbU@>(l%BB*uz2UmCB9
zMwH79gx9Hm#{c)zyGihZxVBN+*LVN@CY}F#;wk}QSLRL3zU&`fo_@45^h2ChBu$F4
z#p?KHQiC{3Lp=}IK8vfGX&yZ;l;N;Su8MKXU3q1s-&35#-uo;<yI2R|=ekA6z2;Y~
z^U3)gcU|4P6eA`B*!JdWj;{~?g?P*_eij?c%E~@^^bLeEX5C52$P#*_9(e!rWE6dr
zP9r;>O%Pfnd3bn4MGc$VlZbnB1S^OF+T?l0yuZ{gE#I3RC#B=wzhanSfRNR%vD9*`
zz4Qgr*25axn%cb|SuE;V7o~|iS5sb6SFVqSUWJA#y@-g3QHOjkGE&TIcL93h<d**c
zPUcx0P?$PYw4MH<S^*aePBAPjjB_iMn4FY~oHSq`U-T}ISZKRr;b2tc)!og^8RaX+
zWr+aHqS8Ebid3#Wlkk(KI+^$`<YK;YKHS0w1}rlpwl{+Shk*R2sEGOJC2#0^WwUh7
zzV?GIm4~d4`qkx|AwySCP#CcL6F(cm5NGi}PlB|KIZGZI7FPcj@r?7pMhE^rB*CUf
zhV-HB>yEwwKb2lwSuhnI9{(1;P&~U<^toFKWzu8~nVsDkwAM+D7zrM#K#!R{8n4rk
z-GIkH#z4v7LEQWDEN%%KyNL<R8EL0SjQ&wBl$4a90`U#zgveZ7U0+8=x<H0>a1iiM
z`VW8@W`j0l?Avv1Fjxs8;OLRVw;B4gx&VG}X_ECFj2%;d6It`;vRcnOC#c7M);f&+
z+~fL5=VG2y{m-cw8XC^d&i1^Jnd=vD?>SfPZ*u_et-Z3kTB}Fm&B4XBlJfYb50&W=
zFZ%Kfs@0d$m6esIrY2x#eL0SQtId2xu^Izv1{oP=Kd&!;Lc=@y`k3}_OUeJ-kuk*<
z4!M5IdAbz~aSAFbDmuEI;VWxuUa8I)wSY4gZ;e+|-Is(rrdrO<`N!2A=V4AG4IZJ+
zWrgloLGFXsYmG@yDMGbwaT9XgN}!n^sSg~>BDWtL7&rl{5U{3_USMm(8No|jn8NIj
zg++lsUu9{jGL^tTo*H*~#O!BZj!GtHgVEWeINqI9=fjiQf@QY3pA(ij?UrKmle2mN
zclbN+;m@~ARQvYSOWwg<)((9i?!K`;QFx`rGMt2HXo;XzQk@Ny>|C*3ES+og1l0HZ
zMkq@I^@fFoWuvKF$SRw5tdT@VN5|6AvU%c#zNTiN-RVF1Z>af&@yG8CmS-oDa!;Q8
zYBcekZKvqcIqrWGEj^fXU3)#X);yO^9?Ukz7o~bjG2!g%!K)P3ooWeiZAr55QZ6n6
znUrJ%<41khrCX`p1x1A(Tw5W-o*56x#QMZ;uJVQDTshN;M*g(<YWZ(`QjMegC~f8p
zNh4(S#7cdAeP;rrw0}ZW*&dzgMDDy(4S=u1h29@aeBXs-i78<YGP#S>gA(|~tYDax
zu6*?VHa~y7qWseVV62Y)@h1Ed<1KB`dk1pj4+$F4JJefKNtQdkn@9hAbHC&4%9ele
z!cga164$czT<?-Csy$W)2#<mhloEt48{)!105m)=YqI1XtA6So^DZXq;<<&1v-1(8
z`y}KxG?F<fsir;8^4IRQxVYRu2$DA5;}aJC`a>m-?c@P&<!@H{wUreT60`ZwjM!HW
zVF3d3qq{QPGVa0O_9ESKbG{OzZRRnyfn!sTmSWGx8hr;dlfwYL04zg8OG`^l{n6+6
zc@@kiVPav;!YczFpe#GH!NSfSPEvQ{P8{+^U<N9*i<Q#8W=uTKU=rMeQH#5fAVRM9
zo6PI`{<qcWky{1F)t+{ziXu#qLBbVi#Var6hr!P~caonzdGbU>B~r@i493yHY0xLq
z($J`>czE2cJ4P{~{V$)y-OH*>dexx4eLeaYOMlOK3@i0o!;xie?Fm`#fP{aR(PUzM
zT|EwVWXy}Xfw8f%PoH{O(kD`r4><%;=ji{qkB*~W93QJ`Id9PX9y_|8GQ-w=FN40y
zxPbD!MMreCoP>RXFG?qWaCBs8D2X8$YF4P)g6o9(vGAM8NJ#i50^O`d4U`V?b8CzE
z=mr&|87GBsmn{?$v$1$6(|(NXK`A?yB`PQ`{=GgpD`Z-pcb&*_UeJfIMf-})81T0N
zfPFD5wFXWCrNJX}aBzT+0x;URSuyBwN=#$Ne_%a9gSB<R+ax)uhKRM5kgd|S7fS)z
zPT9M@FDgzj_wjrCv0um1a7&rEz1!^>tmat4x>_I=pjCm!xD>(r%@NgR2g1LD97ioG
z%x@%Li+|Gz^0VLjQzgk?ALZ%}(eowma^(keifcCWFHY89*6)gli16|40$%umbjV%o
zDh}$)A1CI-<9t^;okdUD9D(u!^)FOnZMwWgFX!9an0aj)@R|^BH2}57>({R>IrkAv
z)Bb)Y$8Ybz`9&px1>I9r1W0xLXZaD$bMOC>K*5k_hUqm2OsQL<5{pYaUVF|vP<u%R
zuwh5W`d!O^!SDB{=a%H&2&>$AeNg{8mW+&!Lqc!;G$!9Hv*a`9W^!)eh`-i^qrbnD
zzS}#7k-xzY&J5=!a<I3TL(e`nhjH1c$S^Jh?iSw)b;cGdNz)ujEhs1e<PX5;=<#?3
z;g`(Hp9QNw_7CB$Vq51&$f{|>-PN8eO1Z%-P>s+-1f``0{z{6u56MVKXaRog&gaC=
z#TOb)0AtRiSUq{dsN-XAzX>+-=$$P;sHj*&$p!V-6KiX&5aXR#H}9JNO$`5eS6iHc
zzgbyMTGgWs>Q|Vl$FV}USFdp-OCHUJy~f#B?@=Hvxoi>Pe!H-H{O7>%q+9AC?UJ^Y
zmDP(EAL>@#3RzlM%qY~cDKvMSGZ`1<_R>5{H^V-k3Z@FAUuIr1^7r@8A-`bI9}1+m
z>VfOqDX~;e8t7g0b8!+&A8Rf|Zk+2gx9xn8nppQq`%Ro)C`f_yo*f_GnRHzILiF`H
zlK#+jh-&Wi8AJvExa#Zb5VaZLKBBI_00?&loT2j3RL;_+Gf#s7fZ1&a-2Z{<mNO~I
z5&sxuFBbVX)Ux@pXQx-b{YL$<)Pq-2Y&;)M&fhJ`hsA7TXPldF`7tT|dOojxAuq+V
z5r<iA#m39)2>T9h-Vy?d(Zs9ldrKyMft-MWR|5Q6-`f*VedaB;=%PtD9psuPv_3$$
zs0u-bWc}jNn(+g`H#`Vi0K#NSR1`bF4C1Un(*H$H9Oov}|8zNkJwMQlqOTXH-ef(c
zIFP#&{vaUJt}ZUVpRbs?Fkf7s{b@~Vx{PSjo?2IL0+h}mWAgLoS=mo%{4b-2K+{dj
z0FYCt+yS77Q3w37B~_RAERyj*IEJ#Tq4EKE>+6!zo$VYaLTfUw>sf`X{nq`7CE{MT
z7!o?}+foUpS>8<|g7qR^j(u6D%eg+HZ@vaDy{EdS@u%m-ch|7OsY`^m37{80FaLOc
zHFo_31*2>0^}7NIo8c3nX6jYwMZaaf8kVmcU5aUVppsS~*6<ComXpv%XzXBNVL2Gi
zwj_iLjKbM)KB4I2Fq3nhHY9bu*Dh4eH?GDw*_?u9_=sSrr^Je)?;0y@s*)7y>C8J%
z$*Rq)^4(?RA|e8wYz1<z26XjONkd3xW3vGbKJa6vtuO9iZzDm%1nr$~fEEE#2TA6e
z;^N|x5;j)WO)s4P-!GdR>9KxOsl67z$7X!m+uIB&foGTdMfe)quYduL7?G17A5SZ!
zPHgX0Xpns=P5#oh);89Hc0@z5_tQMbG)r15D>u<+JA6$CfuTlc-fg~!lukX5by3T>
zbMwdX&y!A5kLP$&2-I3B`WEEXwsnuKer}YVeav-Qw1U0^)Z4%UMT8~*&EJ76Ie=FP
zY;Gayg0Rg3f-~|j5`9*YuZ%l8PHMSQkKuHd9a)nyw=tpoPH|(keDZ{K&&t5S0IGZ9
zIQFEbuYLka5SYn1Mx3j}K3IHleLcbm?TAn~1bF?#Q6bM#<p|-O^w#jlWkhVo@F9rV
z)B!nXGa@|FsubmtWp@G;(Hev;;DHXoGZw#jb9OxgJ^TLwoERL2hZKxBjsn)!!S)u1
zICw^Rct$0)wolb3_87;o^wstD0(L$<u5<JJK1L>`<tp17_C?p%$|n1b_&xPA2C3qv
zf%D5g$jGo`y<$FK<CysVO)ig>xG*fi^VF-F+F$-c=`FgEPC27-E_DfE733u>l$9~>
z5OuP$vi9}&^BUG!LFx_O`=H5r+W^o5J-si`U1&;Z0a1Bq4oqtMsWXd+ctNug8j^1o
zY1>;f^=0U-0SW_z_S5L-o64nUcZ&}*-R9IY3=k(y7jUr$>M{rdYyeCPfxCqd#=`-2
zTCC)EH~L3q<N{Ifi}yk%iJ{ILU6DNx6JL2Z0(u6WAb=`L6>v)j8CQdYk&jnb;s3n}
zfDa&(3Li<Vf)Q$Wrlyl0m*Hn1C3h8MVtSdDXg2LPe82w-X8Eg%C!p&6wL*n|U?{NT
zAr4OOdkf6Syx0t>SJ(o0LSc+n&MaRkOPcEQK7`oovJG${TR(oyzWO0tJ<&3d{w2vo
z`!JG$W^|}?ZAZ9uTc8pzviu9g{Eo+yAgYTz<7ijYN!|`ha~dZ$WAJ~#d52Xtt8nK4
zwRR4ygg)e5s><8j_YGp80|QFaCP}}IBL7X}ZIH%jYapqc{1Z2@25ur>ElXd<U{!Ku
zNKz}y)OYD5qF~7qtv7w6*N&q%K0Yio#^C%L)ze(x=a(oNRen_-+m*$=*Q0w$`OHBx
z6T}7_VlP%cHB#yNZO7XMxhiSoINeKDaV6(w7x90$eo`AyQsM`K$_PD0$k9sq+1b~j
znFbGK4;pVE2G*dGd>fj{a)^%cFOV`n>lubQTf|71klkd+55A8uCk^Sj^jT32%e0=L
zq-3k&YcjAZe-JbTajr#Bj3%^9RNt*6h@S_kL8`gagEf#oX@G%6gf0$TcSM^MT0o#d
z-VW$I#m2YyfJhn@S4!!VyfxvD)}P?xc`VdykkKTttRB!+Ow2;$e%MU{4|^2HAYV{e
zh{a_11(OS6kObOCTWpl0`uh3^egI|-&VbO~3=1`874E%P4Ks2}Lasz9Cz*>NmF3kB
z*5g`eH=<)7_4T}`@9phv&~3!w<gR0KR2$`2oTtR7Kawyo{hlTu3qP-68HKx-zBnN<
zF<Vtv#rgEcCeni-?GDRcJ|1+6swk)NaYZxQ%Sz%ZqDE;#L|}aV16e$5U_kju-2pu<
zuu>E#v_<kU;o+D#II0gG6k#@s%_IL84(0z1hu>(34zhj_S1l1w8ToE2ICn-Y(VZOl
z+U+S!L@=?%kdv)hlU$4Mh5h(`_xMlkQ8#|!2M_UG^Y7C)f1dhZ9xY`t<shT=w_aZ@
z@%x2tMV~o7{8+7`X{)T~Z?al`EN!&)Dlcxql1;+&Ub$)e6=GEVy8|aUz*A7}0_@TS
znkaxzA_kRrV0#JBWqqMhb_L=_=b-IT3sh-<f7y;9+_%A$==i-H$aA5w28(cp03-!Z
zHOX!2yQdg^>kbTKB3c8`6?j;tT?}#z4hC3+LA2d(UYlXHi@U8O_8}n@sMRur()rAh
zk)FxPAuxXD9ng7uvz;gVa%Q67fv~o5ei_2-E5Pgv28$#5Cf&}6dCG$DVxZ<rZw9J^
zOKzVW5>rTG#>d-LI<%dewLm9_d23WOwAIyBQ5t$B_cMyaYOVH@<zIEE=`5;r6O0oN
zdtSWasAB&tvti>CpD}WqT<tklQJHQAz0SL?=CJn{7rs-*+*YD~LeBD1;(R<BKrl*u
zMnNuttN#SUcAb&0Jm4*H6^uN_r20U3=YW2(1B0?TN?cafHql<BVra#&?Qq!t@z){Q
zbj|Q->9hY5^NjJ@)Aaf~Ped&Fjxl_Vpo@$p*)-L=SUk^K->p$}#pix(@G-!2uYvm~
zuZfG0z?XxKw{$UN*P6P%hdtom8%YA#2LhUpo;LpQTMKezboM;kHf+>yD)fGROxo54
z<N<u?3nwcpX4%KKw(RERw{22q+5@g3FR6aqlJaRCu=LxyrMsa0Tc4gJH=M$aP%ebb
zuAX=`WecV}gYPsH0cPF?lRfY~DsE#s!*T?jw~y{vJn<+lA`o_Ys2hQ|0f|?sel=X0
z)?;9^BY=LGOa%=E)>>dXKp>T|oi3jS0{y$`H<i2YPdR*N0boElZXA;O2W-X>5fLmF
zGQx(iX84Jf6+IAaj-dkqH*d&=;B}n>#NQfB2Pho?hi715AhFso8^S<Eb=#bZuxoK$
zQzt6cXhld;L1P%YqN@*db*BIis+B(jZ{QZCI4u%|T=m4pW(S&B#=p*C%)%hxo$ZY+
z^psUW9K2p<^x>vRe`8~64``JS^s<!q$!9U(F!l5m5o2PYp)FG65RZMv)@D~sM4<dI
zn>{CgQ&<-#hYRA~booPwdrTR6DQ9G8*vP^3;FYi`svZb~^`DSxG#ySjz7Z8T$oLNR
ztIPcmScB6*aAuaOJwW;&0vlSx%}MOxzhdvHyyAMK(G*@3DG_GuF#EB6(4Dd5#K6N@
z>-ipjzr>occkk&>@{$1kET1M3mV6QJ_afq74<_CgEcf1v@lo%O@v)b1*<Rmr-_kAh
zI&RzL`x8r^>jjF&(0pqLp@q5Uu+<Qj`MA|6{(oG(2RM*@+dp2iNo1ys$R0^5qwGz#
z%xsa$rV^1zMn+adWbe>0N=at+s+5Km(o&Qa|IgL^-uLf)|IhIp$MYP=^VH3CeXsL-
zo}YD^Yu0KyNqdbqW7XSX>=A&)d>Zc@P3_g~-)bjfL0MG4b@E8h%F<V~x~&}E*r<3v
z^N8RHP^7)`ez@#|5%fc>VnZ`r<2L*WZaUYu^^5RLN&9@%Em5=(ux4szl6ws$3}HFM
zsX#ecOvlv#p$udbal2%GAWW-?UkLr-wDu$Ir6@A}>2uMm_4k>KfWfewpfD3N=&I#H
zY6is}-*-&Ab`c@-cP#E+u__SWo%i`O-Y+N-kUCcNzO!I(<2A0atNCi(SO(F(zZ-4v
z^IdUQuiEj^Qd6hP`Uxj*KiHe45DZO-Y*9MGOBpj-Tp;wBnR$3=C`TC67=#c~E<L-V
zh*O4Mp=@{2$?m6CuS40R8!?>`ER5%va!G;F;oW?4ayPA&-|xi=COBkGs?f^;p*cJE
z;^-6MT7>f-J9z9m?m96<Ou_*o-SLUwZ&D=Pi!DnT%k4NEli?0xE-=VlwhXK-c|W86
zy-eChb6-p}$rX|PbW*+y=KC&|Gm5tXbS1<oVG9cjWo4qrXg^9uQ>C|8RaJrW`K<V;
z(CUAI8UHlRC(oY4@u@sMb7V}`C~&-Xx^gaJe7tOYVn>U{Hr8nY){7e|UP|tUCv4vR
zZo4RL9setHn#){NR9OC4;G^uKrK0K8$XeB8jaZJLQl&p{L`JLjxBJAXjXw~xDpgo-
zF5UaY8x<T63P~W0VLtalXDXaKQvfRc!nVT&+yMwp&n1jeRa^`l_R}~Fn)iygNn*;~
zzV#gvo=M|Bg@uNOws8eN!ZSN9ZJ28Z)dmsGf=l22ClZT`O-otiOr$_tG8K>{8~H(M
zWathvDPHsY^V1wW`pWaTg6jIAvqF?`DZ0zB>Y?!cveQ2nPg=Cs+FMsAop16h@euNM
zw$V{P54w}s(1>Ol39H3f!TcBZ@EpJIW(o-ovAaUGgPQ)YVk7tkg?80fqD#cfZ_Xe6
z3M)1u=X57$W?Vm6Vt7MVtYEkqDDo8yQXo>}_`O7vbK+A{_zw}vfdpO+2Lafak|50i
zbE;2PM@IH0>|v2T#ZeY&x0lN%@CwP+zAe<}8s#M~U}0|(tJ-IQO1rxDvv<1tX2cdL
zd$htt95nO;(6oWYd;-TmzLUEl6R&W%A=nZ?EA$1Fx+QjZu!z6lQfy>wJfjq4Z_OlO
zou-|AJNkQRmghbzpr01huQa?mIXCH(Mv5wxQRVq`F0lUJVsj?{p4^@#nN<PnFvIX$
zxPiQeJ8*$T$I+|ub9HM8KVK2wD>l8fO(QyvQ|8L2{-#i_zOK%WBmT{dk$(*0ZG9Ig
zgF&hPU1;Im(cSS}yld6|bza9d)1XQ;^hhHNLh{=yi|w1`QCq;vW=Pm8V<ZBQiYo+X
z#jr_17row>6f5^xBr@$B%*fbP0fMv+ASKn6ksHGAF2Iist-<y9_&!j(L;wp9PiS|c
zf7NOAMf<I!i<fCE;Nq7CL5nfY@D~9Xneu3To}QYTH9qdtfH*%~I<KmoqoewU1-XmN
zba)Rut99yMb2vG^k}F_cq{WCCz3}MG0uP~!P!H+W1EG_Q7Wx61Ni6#T?I-ub`E^vG
zI3pA`yEr-Jy(cwKxF0*lVj7GXDfB$=A-e$72>xDCu@NYBze_nAgk!g|Ke{y^$&4O*
zH`$R`sGFu-E4;C<-CI?t`)pu*DYOZY0dectmXZePe#S~fB!CuDyC>hec~i$nqLaO4
z{BqCtv1cdg)GK8`@VZB44evH-v%CklGsd5R45*cS?eIB3#C4*4(53s{=;nOIQ*?kD
z#RJ(Y-lh2}Wq9tJ->f8H-DT|00FbauZ6>~nI@|hz`K0Xsf5iT$S{Up-Jhn{Bn(%?D
zm+wif^uwj4v2jPCHtK=sXz#<e#-cqkUU}I|s_Hg+Hug$N3}lBXtgMgZ$1!opjV%{A
zK-J|@J9cH`-Ohla)lTcRDQD+HCx@0+=I)?>Um+5sn6#xM`jEI_sz;CJ?i;3>WV>W5
zhbLAZ4SwzMyYDG;-Qgx*M}S=&%IlqgeQ(C0F*)Sg$1N`}FDm-Eq_l#kfbVV4owm}c
zRf<kUg?=($R(lsz*H6QxZTHbl;xo$q1xlILyK@n;idFP6gi`T=dH&3qiciA>nr#x|
z78hSorN(y|Nu2*Ni4?5bXS@Z%7P?0=c^F)-x5w~va!R@O0Rw73j+BV#X9)GkQ-E3y
z>6oN)T~i?;n~qWO7-ZP*vwz!nHfQSg38{5%IPNmlR5mI^YE<h+#i2N}D%n&M0KEA_
z2b5Xy^Q2}-|G*YB@6(7iJB$0Ixz#+o6)vn@R?xVl*J^xecQPcP0*hDk=?j51UU;kM
zcAlBmmqLYs&pf9CM$EPiymmK+T=7iLDn)zJ$(`rA*;>^$Jxd<h%wA9VWSq(@>i3(g
zA=!?iikiB*ds0nxo^-Vg@$SP^exZKq>Hi-B_KzR{;2Xc4=A`M)$v;yQ)pSih`y<XZ
z&Z<eZ8fv38W)6jq>#+eFM5+Igs$g4neuDor%STpEeB!a|{Gae~h?`Z6ZrOG?JGkf}
zCO86SLPoT@>q}r;#QVkjT7hJBJ`kfmv&b>1S86WKUipR1$A4_Gq6<ovx?wZc_va?A
zAqi)<hzLz)EQcI0!pE5GN#l(R^*CT@Pyc-M$d@12Q&S6#ny)oC;2BgH=C&e;?mcEr
z42QCyK)#$N&cKWEQW5{Arl!$4Ht~LOkHVBozO)n9)uuJN7%CJ3n(|BK)9wSI#Jk16
z55A`n>N5CD?*y(46X3|Z9sZ#b=Xx?^FtG5Fs+~b^33ZUuR;5Jec(SlE)P5uM1%0XW
zQ=O@3HtkBnE?6oM9UvARr|yJk%c1!yO5Ln$q$(+iV+BNG0B&NgUE>>XX$Muiik1Q0
zfbVxVXhB7}g<BkyeHKcW1!>u(Tv6kPTEtE*BEG<PDLE}oYx=|f6pW@tNo6SW{b5*2
zv#{XnyJ^*1g=I+LUeC>Cg~DHxD;gtuPbI|Z*%EbkDaLm-uA|Fxxw7AAJZ!G(|G~t~
zcPT_^{#N)BnN9)g4@YWqc5UdZs=aEn9qUlwIGx!@w*H91Uad`^>6UbX!Uki-=07Vh
zOIOvK*SE9?L@ko3bAQ|u5{Nx#ZZP6r)qD<<GLiHQB^zGB6Nq#PGGnNyA1C`H$J1$`
z0@%RD_AAk~x@wORns76-GV|O144<JrevCINO9Ghi4WR-|z|FsgMFs(ANg=(;p^PsV
zGds;=ka7`>DvwPN(Io;6!9X%jZV0+W8C@Kvh(Vxb_#3eDQN3l>=hJlt{j3x+iz{A2
z&(_ADk4`^llKVrIs^=!Te}CGsu2FowP%>Zmxe-AKb|Cme?@;f21q&)qLIMqvk||@q
ziyq38l#0dX);KN&`zF$}63sbE%(YSw{h^{Tq`N(B-b&gh8SZ7Krmjx@3s+jh=@H5E
z(djR5Oh-qoqzYcWmdwV)BxTnaLWpn~_2YAMbG6WJvK?}_M$fXiYE7)agLrZM&uT(d
z9r_gf7f>I`RxJ0RpM<z;&~O0O`@PXJk_NmhqBnpANrhRu@|HF{w$}3LTd?&XlInOz
z)^TjlL{sR#Vy(jY$VQVDW`$>dC;tDiG4P<Gk7Ze&9DC(I{*f~r-=@RqsCs8@b~O5l
zV~a*yX8T@o^h9ejRX2)ew%Xp=*nQ~EQkZ~2UQyu!Rqve#z+YQiT4o!s7G1v)|HT0#
z;_h9MxH?v5cT`ASJCeU^OU_h$Jbe^*Ziqh7fk>0hQVVS=zyQy@b7!e=pQ?d%R2RAF
zTV+aZ%{5Sr#GHs_<?{RdA#!EM^T2;#;gv7cZK^{>#Y~s(Ie6m*hD&XoxZZMfUqx5j
zV3w!WHJKjj2e8#+oB)~_R<~=%4y~tB-+CM8YKp+P9Bzq<w%{WnAwj8#^<t8cckRo@
zZo<l2^xi#KkmBr)52}-y7nE2TCx*^j(q25w_DWe**Rw*l2@>+~ACn!FK#%6o*rEAb
zOjfrmj}J*SIf9HcWv~1)NN*tllugE(3mP)7kg2PufK*?h-GTNaJ~=r&5e3;HNL_6I
ze(0>yzP8O;=%bH)UE}e@rI&LOVb0?l5K#lYQm5`Qn8m9WIGV1SI5;@CZI`s-2=23q
zVJtIBC=Tsu7UdvWKT@W5FouSrbr0Hod4?O2|21dDjUWPEEhm(|-EG({b7bs?Mc+$?
z<v~`qw*n8B<c<YSHqVESPpGxDF~pwlc^{i4{c-u{F4yxLl?LbX1n*Ra<R~yPbIN>_
ziBcAmle4nr-Ja*EL#h4n>TgLj)Um=eBY$2<a<9HO3X|wPJ3&D<678VPqWN@(nb7L-
z2gUeKkey(LTL_r`uNPJx#HuXP3gDA`H|^A#ZgEN%>qix8JXe;z;?<F}oI@6sul09u
z?~*t2CEMr-l^pcJBSta3iMvm7FX|x?aNe~2kGRdF8#6C2g!oAD@Hika_3s4FLUh=e
zo>9gJ3Y8)cp&*2=12isxRKEM(J*gA>PQdtZ>ZsBAnV#~Z%y>Vv=7>5q$Ms3#eCYJ6
z5Au`+&c`n8J4JH9jjSE?to-mSubI@PPzd}ppyieo6~gD-ft5vidId572bkfxRQqaJ
zEPCpX($+M!y)e%J+#+J7DZa}H2oU}IgFfBB*xwgje4xp6t*~iezi;xbH?e<z{mO3%
zO}sMF);-TSrQ{Eg5d&JUzGo)Gf3NO;4e=&EFZ64Rp8jE;`&RoqF5pP8?6mCi*)`QP
z0qd5wSk|?8+rTCtCR5)9&9O+w<(9Unt2zupi)(vd1%xUec&nXVD@Vy&q0%Z}bMH9y
zSEd*q(y$c?R@a^7qGJbhDnu(S_-JEeV{IM>$|&((;@kNW0}<;M$E*N8<9Mq@x088}
zklCbLSZ3e2T&OTMa8H>(^W@F=ctYX|kqywt3Ry>o`ux1SB5rbMS^9U^PqOscFY=oE
z2?>H^1!R{~u+3_0yHL^Y3omkVc*^Q}?K`~DsoZCL2x!LXd~knUOIT=+eF=Z~rv)X6
z0ShkQ5H*Hb&u9Uu6w9LH6kqQp2%1;dhljJfRAz_M=nIB^=$W(VIw>E0-Ka7<&b8lg
zD7GwLE8=Y41)B5q3?njKV*m4O?`|SK2j~Bu>EF-cFW~*Rz%A?DA00{gX4kn|m|MZ9
zad_Gmum>xboMqr=%HN>LZmo5tt~Q#vKbZdQ_2WmdpzPN_bdFFqR5itfJ__aO?LC;Q
zrSeJ;)vivE!TLi)<HaNi{q8*p{32#GpCS%_QwX^llCG@e^i-WmP%Wv5-t6WH(uy17
zEEdOA7c_HpcgG7FQ`Ra`*OX)?N$&2H5O=<D+4?~FjlG2%DLgf<Mye}x#dVI(5jS6_
zU->{Sd7jF`Z_b;{Pv*c;CsLQu5z!;TLTVM3szOwuzTTM@-kBU@WyP|6W9d#~vG>e#
zYpcgMhw2*AlT}o(WTd_kw9|f3>oyOk%I>$O5nJ-DoY<a-$7mhhbxohNAUQ~<|F80B
z!srtCZ&#6gqFz|Yk0~E-GhcTBW4g4iw@bz*aMIPQKVh6VyhV+yMPo^1fzvx#e(c9u
zRpDVH)#en_BwKUqj5U>G9}@z34jxQjXW$hZPcgW5rb7N3x9>YrQg0_frssD~Ub5>|
zOCGJB_8mI~9yv#&zI}F6o%>*!pkbZ3`yQQs{vNyT@N8i<YR|dyC$xE|i32#)#af|T
zgwnoQsAylmpeB#;b|sfX5GZt=bvi0bnwG4~W7ci^w9M>FNx0Uv5VCGpr$d=ablG=!
z1QVN>gQoXzPh4@5s%xPrQCH-8dVqAt5Q}2G=xV#DbGxORqO5qTNcU4yQ6C*K*H6Z$
zL$+0LyCp%*I(3jlO>ibd;O+7WHde|QEplPkKpu(f{~0y@_w#~cz&pa4b6K<Mn~znP
zvj%m8i`DYGIfh<=y5}qX;@`G)&F#02@VQIXE*W>Or!JQB_i4}hjB7k&X(aoln4<^8
zw=a5;b4N3gHXYX9y~=f|ZprvPC&`o%by8?hj?$Q4-%qQ<dxXty7dyr1Xw+1P6g;UG
zO^PJ?)9|zwQ^pjFpO`~+4{cZ-mExo3uT3G#oUqH15tJLsi5k_Sw=hSapm<bWFn=U7
zH8pkWj{qgjBd(Yx{#mwEvYHs_ZGN@<7N%RCC;d3v>ytipL^_wdkA7J(D(T2v=-J^P
zB^NGMM2oOg#$|t1&YJ2>YtgUS?%h&06jHC*%q^)FQtieq+b(#4Ip|cC)3aJdJ6*|;
z16TO=yMI9|dE2O<VRi2%_hN^9>1zt7udn%7#Ei19_;{7Zxz8S>nr1S~d=P2ra{M0)
z2dm_x`<<#c8Nbktyvw-kA(XOcR>r|#_MR$5j{N6T7Q4&ktKF=hc3hbcrb%IE;Undt
zqk{hgEo4QLqFuwlYd`+z>yVF_^;vE{ZD-C0e?vv0L;23K?Jo0=n$n01IDYI;UBi&^
z2e~%c15bWXu`*XReTsiqp0}dES(bl8=oWl-xw=9zOK1P|hEKO0_%;c7Z&{|X$;lHZ
z3NAL$_l$e)BZQU{8BJgFb?;rWS7|!+2O0{nrx`-c(xe8eM~Fm!_!@kDrD{Y~^X}SI
z1u|F(Y3`$)*nUZ9+iA-i>#}C{79p5JV!0IL#l*UO#{GWWm=e9kS~s|@Tn4U0J2i(+
z-|xE1kkWcTvNb!VFc4{}e*f9e4f+)Jvbe}w)Et`gY);e`SzbrBOm1p%Zrj-ZYZ~tD
z(o=FX&#M0Nd)7<eSHu|!`e%Yfb+d5v_EStRF%)%Y$RtWscFn}8LRi8OIQW<e+9_oA
zy#TlN?N09C^}8fA38ddPzus3uwArwj)ntU0D-a@L(-X{}zeA|#TjB>s6=Z18?CYSS
z5-Hz`o+m>G&<V52{E0MAD>5>rkUasraPGEgy1Me+IeX8^as5@M);7))R;MP-ziQ#u
z@XMieH6ID!6*3NJj>2}6$~PMbYI4&Leu5+*KjiloD}vdhIJW8gdXhC3KAwV3;>pJP
z1z&S1-<XNm{EISQttoGoDPR%A5@OYkA$xy?DR9|w?fHA7Arftc0k-l&*^@b|ux@%?
z9v$S`f1WF1`u$?x^n-=NNsD(4<}v3VDTncL`ct>ebl=A5K!(vfhX;0f#Qs$`vr4^=
zNc!tiuH9r<lrIrc>j-oJU^9T<bwm|X3c-u@2wf%yI-<+e^u7&EDs5K~MRbTG8oRqL
zy?WZ(168_DWmY)^&Nki0LJt_Zw5Kid=QABM(-DmmJ;i))!>3jye>8F9HC@KXE!Ny-
zC&T5KSNJk}90xUuB%(d|M&(#*RgPp2yT$%P`LwEC`W8~c6ma`)!Ur)ALicUWO&?JC
zq4vfcARyK2ghLFdJYYURAIM(Hfp-z+gzY2OUD;asNahsNDplbk;M>37xRAx=msbu~
zxL>3gqs|~+HnEz~?~9Q6Z^t#HVz}Fr$%?#R-P<xyf}7ht;SzZz>z+9&fuob&En}mj
zqd;rbG&DM6y@O?6-Il|EMg8bWWzqVPvjRzUD_J5B-vQH>Y+Lm>owcsoOWZK%QvWj!
zv2v4YTOTh|-ISb=ptPVg^o%);N!g-FB{b<7ej~|Bk|gf7Xm1PgduILfEju!5GC044
zOFV=#jCh1Drp`G&6@%YTUDP3rQsta_x<8e5FuD5*w)1p;K?2!6h^2(GsDnl$8ypP`
z43dRSvBs*)(cnd|0}eK^MjJi;?6J($%$jXR^Wx{>!Y6p*TO>8?ivRNgx#}Nd|DO*?
zhtZyHA8R$;BiyVjchpuY@qZz&JXV?2Ul^>NaXssJkt^0c!}EiFa>}ew(N^v7*6Fn{
zooQ7|b%q%Rj#XzD7h)H33#%=W7UfYtTY%)WX#&Fl`awh^zc}_{1e7(g{S-5xnE;9U
zjCNFKXhnq&UgsJ%mEFhJ3tDURW5AQ?qD6L^08SI(Lq<kMwIyZjKo7jJE*V?zUk5pL
zS-eQt!Qyo7i;!9Qs(DXWR}z_jh4rwFux#Lx#8xdmz1XOz@#p1p!ze(IJ3D5L`^pPB
zw#J-%_h=c@Zu}zmq(p5nt5Jme(A?+RTV6q($=XvgEJKOyY=*@@zu!^$n+cV_<<4u#
z{!^)k{?pATMLtlp9+9lFT>)PA1nGQuQO{S;m+c>eJFLS5VCPq!xkf%|=_LSp^*~g!
zuvY-eRGdvLNGt*nK!^hnxcU&goqQj_X$<mz;oEx!ykK%;16xhi7yGtasUL3pfq9pP
zhUR6Ng%8jHyvCi~IG&44v+yG2F)=Z53-({i1T#iDpzqhjw^5}c7D5XSmCdQ9#Hw!x
zqiIo+Bk%_)*r<2yhyaV9kcCJ?WTDN_>e*4><g3qAU5@d(|5j-Wyg);{4k%?umVOO9
zD&+Q%DJ;{65XrP!T&g*fHk0|EslQO!io1e!getY?3MjwY?v9RS#I+&J?j<ZhU|Y`S
zB;C6882CkYb~b8`B^w*tIqU?}%aYF&^<9V*!`+-cMJb$rCzjXXJMgY=0I?+>YE{&2
ztlqrhzN&fQ=Z_zg*JB&$_57N`3rf=iOjEaPB+qT!mS_~Q)Q%>$DiNzOq@~R@Oawts
z5Nnr-)uSM>rv&VFw3}*sdsoXP8c|%2KJd0g+#uS7+B4Z|O=;xjw>f{m(AY`ql)n}4
z$u1%z;bqOc{zrlTHaWSZuSvX|JDV@g@<@+4I7S@cc+Bm&la0+BG#-)jzh}=Lydhp*
z6^j+o?dh`N{WWwETXz;zE8aZ&`PDr3MiDuGKrEo6@SQ#ip{8#$K2N1_)O|t&U+t_j
z<hpxnS9dpTLh527BBc-kV2PJ2+?P-R>||h2;!!X9V<KP;ZSIP%sewTssvMTK*dSgV
z=n4=SO=m+&?Dn9f%x;Bz9Hngvp!bkw@VIVw`T>MfL}3XTZ3IH__hH+>&^pqZiH(#C
zim*Q}bT@-qBf|4#e^S%YwRWJSoxzq|*xpbLR<1JeIyg9dr#Ljpmf33DmIlA<Ko(q)
z86d473MqQ|)5lXr=3c7a5@2G2QCd;DUnDU6kEQ6M%)5zVNzV&Z|7tJ<8P8m*t#<yQ
zFedBRvrNVMn1z|y-oUB>l@#pETNwQzocp@v7_7oCD3ZeDzuv>$Lad&}{sKHVHZ2{U
zxq<vnIQZ8P8rcADBksb}AzX`9x(u>8%Hh-qaZ`sbuuh(cG(?&|lr?}@bn-*O!M`G1
zuNc)6H$#(j!GqHy$_mg8XM8+cYlo>BU)m@*SK=0Z2QZbGqhn&4`M=~ao*F7bp2Rk=
zYDDZk(&z><%F4>n8muE?do^xjDGtp4#Cc4(crGzIPnNM+7>j=Zxo6|0!>HFpq|Xsq
z(V4YJ5gramhsbLNCh(%fRD?D~#4I*|2)np7me5bizKZQ~hp{cAXc4Cvzr8d)J9`w#
znWvIu#F8CkhL1g7{R+rCzi@|*;Mc^zZN-vvrJ4|9P3nJ;rDQ+LRS~O#=!r0z@62&N
z4Ym(;^z<rBijiozxPANfS3gmVjW0ayur<}!)it4+cLTUg5Y~{D8;A%Cr-R4Fj)Vv}
zEjbGJZHEjR2mldPk9{36@@w~TMDPlTdmlz><=E(GL}Sn4`T1byDrEUN^c)<33crE7
zLk74!4A*mrZ2pbkdwkQEBg0gz7C6X6)ad1H@<ePyUS8gZ4<A4y%;dV@gWxH}p*GJ|
z`)mz&ULrwjK;Ddhfu#lT)Aj``9<MWVa#r}i#TmwH+a+WY#oi4Oq<l}d;!neM>|ytP
zw)K#1rfjn1D|)<!kYm1cFSa_5?u31v+01$#NDO{}{w_exhB~;d-d$Wh^IFsP8t0J}
z{EP*2f;*X*?ji25s7NqfMGX^{EdTz${ch^B=!cM%j!*rU8{(WJMsM~&7gFnY9=mQ)
zP2+*TdN;Q3#IvR*tb(k7P9$DCIr-+zhcG%5lrGeFcZ>^r5CdF(XNZ8|ab^LLiwX)h
zb|5Kn`E~@S5sSZO7%==}#YWCJyZFU@o8gRn3;XP!rKB6s{UROr#a$PD{}h<vSMqN3
zysj-b%q35TBh~vt31h{hM~{}4mWUODuVI7DrBECO7E1Z*2}&YbGL>R5gQKVx#9~B9
zq!W^o!jxg=>`WG^@tROi8`t(b^w!rH_#AZu)={M&fH3XNIqG`^>WlMmL`X{2_F41!
zpgmh@Ad$y?WsWn&!^1N={ef*Wk^Wy5`4QjR49n~L4lUHx8PBZwihldT?t)8W@1@_T
zF<d+U>rMaX(&(mQ-6>ZgYxHyivCN}be~o`AT&`U`J^bPIptpvxz>YYaU_$B%3Ebxq
zV-u5m*b@Z39MTDxSXgj}Z~Q^<?b1ZtK4qoMBb#LrFWU(}J*2~-moF1_49$I(Z{{wb
zG<F;KgfHUm@%_xq%6iDYDa_*TiTfu9KVm^^?rB8Rj=1Oer+Wxp2eN7F4X5s1Q0wqf
zE$Tyt3BuZwjhEPhhbZA=s3hP~m#{i+f{^uWyYcB=gPe___L2C61O^rs|DWB5CN}lN
z=LElqr+a!4f+4pB@@rpSl<!>p;cLQx55Gcpm}#Tac3s)5PfajhXWR70kB=7ybZXvT
zl#9FmRB4NdNs%W`II-5?zH9S`2YStazjtYo?^nba&oG}`e*HfNboDe>n&xCN#?}1j
ziT&2=S!~o>w?d+}nuQ(<a=6R~eb><%LiJymmnY@%4m{cq^nkoUAX3m50?9XWcNf3e
zgzeC|P|>dFGR}O68Kq_xj^R?c_4pOq_^ge!X=nwJNHL~BjZb3cFjlpqx(+^3Si)vK
z`zPq^fhX<+LXRqLhOY|EnqeRg7DDlN(zRQi?IFtp*aa)_9|8%*Ms-f)vjRxgEC=m{
z-*^>|@~Q_YYwTzb0;CKDTczLJu^`QI#C8yC?CX#U;IsqGAFmol4;C)2Ua{;E=oWyG
zr^!D(ZD;p^_)NfzRuAb~9tT|@Y+BOX($cT%O^nB%|9lBN{ag>Pj94Gp5fg_G=@C}U
z`@V+$cJz*|f{cp(z<#M02fF{Z>9(QMz9pjnF}w?ZAMap`S5tUuJ#LK;3+TWwH!cxt
zXmMBU`9x2>(EXHfPa#p;9IU4e=FFei`pJIqG+Qhz2*<(Wz>we3)6?^NJtpZ_G(skx
zV43B|o=lx_{62k1Nhy1Ii()%Gcf>jgVC+}Kf&RY1*M1PG*4nt{;bNbG#-|>_K!~yo
z39I_iLvM%BK>W)7YU|PLVp=G&(>U{?X}P5zP~j!)Sh$Q9%yF~J_e4wA>?9;p;EN!q
z+qHz%aA$xkn-r=LQ8^z7nAy*=@YZ>pSi;(*p{_pgv-T`PwV^x9w5~29>n0BR`sz1*
zEv*r(=pdK#`=l!VJirKmG?<?N$Pv*dEZnZdDT9v=<($}L>A#gjb|@$yny2E;KXFie
z-#_hTY{>q%v6?W!V_nRVK~vRs;LxGeC{OlI#CZg-zIl%)(t1qaLOR>{Hrga2@*h8<
z$~y!yfs&R3>rC?PTkgwJvu}|Cw;-Mlm)blA#R9Rnujcef(-+*xXa!nPHb7P$F%ksv
zjh+yX@&VFK+&sXwVQ*@jF3XWx9CxI|5Q}zjW2KnAJbv~#z6>lnF54?JE|b3y{R6kU
zs)mM%PKxL<LeOKJCy^TS2Q3srLpFK4xs`Czs#Rvoe;zJ<N!*#Z8+SWyy~)79U}kfE
z3YA8<bLC_uQGTvKb7$ZNS{fYhQJirt4GjTfY&~(s!-M1%CVWCQh`t4fb|1;YDO+?6
z4<Yq}!28zq>mYAa30l*DJ{9l&8zjF0dk-E=sW|qn<IrD!+{N9GRytMhSpM5<Ni(Bs
zZE!_6;n`xfin+U%gxCgE(l%c^dE~Ck9jL#-`nD38K1fr5<mk;}=3~rX8_T`HoH(==
zIJ6)e`R1THQrv+32-1E;sR%wo%S$|xV4NQ_umD(xAp<tExmopK0u8Hpo+ipSu0JDV
zV?+&ofAfC*0aB9g`GN~Zd4Dt>CDNy_shKS;i|g(@sESe6-4GPl4lsY#CWJdradiQp
z!W6dt_3RUZT>@Wt3&TpTQNFem=^=y0UQ`+=!9r}Djo;t{AY^k)k<rmQ+S)l>2*bUA
z%KjMc3;+^^(kF`Zp_e0`H;V7IOjM08IovI8Deip#3D%Uz(ug!Uj(jU{Z&Q<#eJtvY
zL~FUR{(j@a%<TwQn)Pq6e1N}!Mhxwzxk{SNz$NyHE2XiY{^`5ID;tCu8$AEddA{FF
z^>T-gyk707MoujRE#qhX{eR&r#B02WfrMb{twl^r7KmE|MG#y2&LUb%mQei?u^zIq
zTKf82kl}1SH2VGK`?ZhQ<XdiC_X9%Wci0q)5<bV~id%}<ExCc^%MdqwA$CG8VT%5a
zm~K2|-S@J(X!jr<MRoAS#)U^{l+7Q4Mie4Qxr~eq%-3_T1P>fAJy4%p5fc-Gq>>pG
zBmE<bL->gPE-26%KFP85=>~D3>mQz1#SumG9Qp&KzllE-N2BYAovz2r#G|G;Jx~J?
zPLX-lII+$1{?)5j*VfjE)BoU&JDTXpenh8D;{tI(48)LQ$QGj5<2fVIW;6TE<m5%<
zVq@9B*Z=8@iKZ_kBn0)N1|l}3o=EvX*5XTYTvgo6&Ej!jo$fyOnXP9%PyEwTJoS+^
zW%-Zb2)IW!9?+lRDPug8^9BQO7=98QCqzzQ?}6z?{5Z<M<;#}`2L^^T4~9Zr05Rjh
z8AC&cih<Wqw$km8%nROFN2`O|hn{?~)Cg}LkK7guCe`T;XecTBwsj$>&iF8{z{7_F
z;g3R7$B=>(3?dB?Qi>eE4FaK2M6u#MF5obvb4^Q2>+@0QXP}(w#CYM5ky=|TUEO!v
z-y750>u!7-$3OOFJ%LDJbkzEh^42kgk02Gq6<RJZocnAH3>3E+n4uBGQ{TzKaopTo
z)5<j=fFEQV%KNKk$+)!GaqUDj=*1~Hz0U|`W+WkM1JjS=0)*uj|Iu_is(8w4n>KAM
zXsIfhY$dCY<s`(z#4bwAgR)^fCPA=n=*~9&B|&0r=^lnl_OG}7t9H=~2dtr!;W;Z3
z;nFChFy_t0`n;#-MZ~QI6|)i^IKtj?$|D}oi<nfO{rK^tJ)b+f@dbT+-GH|dTmybK
z{A6kQa;~9W`~m{g)6-m-S50U3TgZ-J*i+Kf((2!9gjKM&vqcLdw^=J`90wBm>8y53
zb91|CP!kP>?@&1UDWXqpJVW)JBBGdvBh$!`ArgSb9*2wqdxN*3N||m6SF0B~lo>aZ
zQ3u2XY}=ZfljADQ`40C69%kPmal=;j){X)5glf_FBLBZOpLv?GBUb#c<7dwF+<f`(
zud1E>x1ax<DjtdmO3v9)4Hp&VLW%9QxbtVSpWja8$mEiF#UJW)x<pR!W@_s6z%1)>
zTsD*Dk>&m0#ry9kFjbpax7m2&aZ=?8MwfODdsxo0+>~x)wq|kf3}(+KFR>Y(iit+L
zkBkcQWc`G|jy;B%Ay8LFh{_tr8a}`{6uk6|i(mIfqgau;cfM$<VownfL2J+UWS331
zbIu{TZ>Jh!|E)Ox2bz%VkwsI1H8j0Y?%qd(jEpXmJ2rpz1~2R2)ARp2T1;VPVzLKn
zHvDw}>v<ow89V<?in4aCWSM=EP2+Bnt!dvdFq}Gee57{xF9^LUI^@OX_YG$mHU%Av
zES0lT>@$1cLv4~La^G=8uU1^<oDDt~LR|QbSl@-!qfo0u^wEkBn3aKHtTj!(s725#
z7uf_rKYcE_Y%^zp8}0aA!i6cm%lwRaQpj*e@YH;T%EqbP!d|Cfg*&6CFx4?U5~}w!
z>D)1c25WFA1AKe;?uCmJQ#J}IxY}j31&h}-pYAOEKG~b`_l<h#+3O$UCu%_}8D;6#
zgwRkj?lMgsoz7pp09C?ZIm}l?4`0EWLZ-+~hGc;Y6}aPM--O<McrxJtAbG#YCfA9P
zRrj?I3G;$G0v}ZcYW?$|9A70SN7}sj=dTWT(Ckp%iW7;C{3dX4hrM9YDQRhuLp6q(
z!xt{d?Ml&&*AuxD+hr@!+@d7s6&9X)8*=x8d7c>kOL)>;Vlq9CCw&hY?WFQ8nObhF
zdVi<=jf&LYM|AD?xe{8U^NgX{nzMz4kChj(1w;-O6s@FH1j34m3xRP|r&1yF!v4jI
zJuuUrY@%)q-Go~t3&4<((e)Qw`{<@m-^Ov48>?5HS9rCZHhkd8!pFB_Z~RAychMsj
zFqWcjCG;2HRldxuwV6nd1Gog8C6Z?1p&+V-!k^Is0~XKpPDm8KUuLD!4MtoPnLX}!
z-1Tc{2rZ-*N`J0rl`K!8m&4tc`b{oEfeZgk!LiNrOMf=hwvdw|;`1Ikb<Ohw#H~4D
z{Xr&En5H3=IK%iAkL@8V3cG}WD;y)B6fc7J3N#=AP~<uZdPZ@ES5?xr&SZ86?3`cW
zwns^Xl-Zoc+sEg=wC52k*QaA80XQB;VTBW%^p`{I+qiuMieqS}t|uc05)2RVi;~?M
zEUxZ*cq8>MQ0sLm+b@z#L)pfLvuX~RT#1Q^$J;;U&<Y@N<zy32<G~Z4IAD8m*!gTA
zVd4+P*HM`z3#EeEe@Cs>JG2+7CHs$kTFdgBeR4;3G?tEQG?;eqmT9$r>1T4jO>Rqx
znVHuz&@g0W-SM?ZQCes?`Pi0(Pw%64F*IlkRRH7ZckX<HezPM{K*YPCmge?iR%m}-
zcFD7{N8Yhy<mAW*<m2H{&aX9^#hj6V>niDL_45Gg4Ao2_kHspc_UF&N?;A(Gi!Tdc
zSolLzy|$_(B-mbHzsA+L^>l@97>Arc(bu7AOQ)<4ZGBYX{`kU)XtPTrd7@>PZgO`?
zAC(;%O?tWK$HxmFQv6hem?l|h&W+#U)g+y!O4m;K8S2YSLF(3A>k}!m-;!*KO~^zw
zYCDIvR~=u*{1ZO2l@gK+=iehF3saFInhfq*Lj%<9KddFmlfQ1Gt`6~Hsx@ucLqeiC
zDA7Y5BiMT5N}7}UTQD&eeCIaYq^PIdcCB3RVX}x<IuZ7-g=fvJQb2@}(AYV(`QK7_
z#>~Z~fXqq!p<wL!Mfc$bZ40h6sFf~4G5_e%;gZhY-nK)TQgyEf8#G@$P088&E9zco
zBkj@GY9FH5Emj&hnQEU?&dUBIDR~Ig0J9n!D{CQBRCb8-0s}BG%{*@L<={^lRxv1)
zQ?N?WQc@c5(0Q8Xm1}Q4`dN^sQa|M(nYY&M{Kj$-${Rcj`8>PmwNpb9WqEV$W;p^Q
zt)A6h?IZ1vv3s7e9;P!R3a^1)b!Q7nO;S_#2}Ysk14Am=Nlc{FY)U)gk6#-Y6P~a>
zp7LEkRVaRo5&fR$R()b>wLH8M_x~(vZGL}^)!ljU{h_x3pX4If@~Eq?t~nbQti9Y}
zn6q0{zN~>wDMga3F1fels)!_6xY4E^&U`$ScTAs2(@12nozA`;-uQ};F7mktQw#H4
zruF`J23Q)lLq&Y8ee!I3?3ch>o`%OgJv}i3SJZzhNyRP?bO#r(^pF$F(lBsgBhgQk
zGEcV^C&tIKcMU^5r4AfmR*JAzq%Bw~Cq*Yi07<GPNy^!~WjCI8b;ZQRWy$#P%js5A
zPW#%CF3={+S`?m^aDJWyQlqxl1y^_s#@H*|js}H>QRIf%CJ2%!yzx>KSp2HXtr?#n
z?NFYQp}NAi`$^O^Cyzyb4y(&&lqhvky5Lu#A^x0?vu`BG=8Bhmzx9g`F0yMgRIIY?
zGpk&q5)?|t1I!E+*^D=|XAJhLncV4{{PFhO?W@`erm`<LSPsl;W{FbK8A**?I$yru
z*LO5Mn}10q$LuY|^AL_5)559o$<exl@mkZ`TZ*rWh!nmM+4VvDTDJSkoag0Mzddyq
z9Sq#t*=x2pPAC;uZ1N4;J1lW=AFTj6r>pC33EzJ&Ux-DHAS}U<*X*H+|LN(UVbSM=
zgoQt$VJEP)SDyf*XTCu<3~?;6rKKK&Q(Mdql}#zre<V`xbai;JZ?{bdZ#-roATOnq
z6~G;SC9j~M+C$Wk<*1Q?an5UTr>&`inxfN>e_d^4z8ker^c(dS@L}xZl&g>5L^~L(
zZ94UJ(5A?1SfDdL|8j)h2v><QTO`SI>*Uy{ARCbG7Yskm|H$_)%wa?e&vhMOIXv$n
znpArrCYtivnWIMhp?bA!KhwR|f9k!o{+2)=dSWYyNQlO>3%|N)9a>L%#q<9%ebFsx
zl<|3+ThrNZ6klbeHrJ8V44f6>TR2WlUGE(Es^0IEr>BIwM6Mry_-84ynmq$N!Djn%
zjOzVNH@R6F#lH>S-6u@#w7goZYQVsqsn)@~kiL*<E~MtEBb!|B>ppe(-0%^>PKk>$
zv;x<Bwu+IqzPaPq<k$MYgqgP><0~R$d~y$duI;D*Rdxh(0+7A>;Ct$#vS@#ybOXRI
zgy`A#MX6WCMMOlz#Ex>cUl-W^J>yk!QF4)P;qjjI61zFgX!@j_35oFzi2k)><KhZM
zLt~>1cvE?rFPTI*ld8on^kVC*A8@zN@1JlP=K(VNpdJt)D`$GxE9+IxPPCSqh5n<)
z;3R_Fqb)1rlwov}EH{v?{V=$A(C`n`y#SiO6V5$Qe9$twqfrM?4)ztnt$Cgtye`fZ
z9#GSC@mHkBb=`-g=Mq0%{*6<*>IJR1*I}e#pr@BW8Xt(6FC%v&mIZ^bL&0%}^KjE)
zP(&~K_q&zJWQQB3bnvJ>U(eRfk(y$Y6e@`piEJwUTAXQJQNbPgkLi8r329+Vm@3or
zu!AMyDCsU~qR{*pW2(-Ae+0_ZYJ+WdNAr_3heZQ?`6EXQ3JL(crQRA6Q|tRJ9FUzf
zFdrfMX+X>j#2kI&Ts4Kq?!PtX@Wh*cJ7)2tL~r!K=ru>Rqg?ObAQj+Y7vKP)iudFe
z5QqrTzS)m2VAOZ;=xOu*$%BXogn<<9Mn#}pwl)t=@0fM<J`PI|$S61bQG^?Mqr*GO
zGj`0=6Se*_AlRSiX`f)IhscHhapsW={-6oqH5<e@is^<3+m5fs!vblR&9vJBjl_F^
zkofX&Bo1R;<<KH}(wQVTT<jhVi!Z)i{QVGkZ8aeNEbRXTlT-N}U)EjI<SgrvMG$BU
z*av+MejB$JWdOT0G6(zXk?Adk3`C$wVWY4WQN<D_JQPdrTj1^TRVM2KHtnFC#WB=k
zmdXQQj2vv$C!jm;VJsPdtU#!U=l@l+x|omBylWay@{1CMG8KVI&kV-uPF}WwF4s38
z{PFYp&@O4Cdn^0q3{S}Lm}wjw*lbiO8m#TJVtu=$s#xZ$&Jn6o@w+#tqF?{<nWDP2
zg{0;&?Os>6`601Z9YIQ_7k6yA=;<q=q;+@B5?RS^$zu9^cYQ(y7>LOBcLRx{$9(x~
zzWNl?eKPX<>a|H|wBENvnfl6nr@i#P5G56wOZKPV8xg%IvUyGZ*9C%rg!AJixf(!s
zO3d!8<Ibd)8@s%^%NQx=m~M%!j+i(qw~WG(__J4G12``b;!?bAf{Ft=?05aX-P2IW
z)k}cN5O5SyjUi~(eG14B<_scG32%&89I3^%&!HI~(!xy(tfzbiu>FejuL9C*fXs<f
z3ZbxVASmN=V84mo^~iC+Qe<CX!-N$I%_#)t-7F>)PC!Q*u(6wP4xH#_UmMaIMaSnw
zP6NG6;}RAS_QP8OaKN*Huv$PYU(ZD5_6UT>^VGfXak%gz4QEjd@Yj^1i;vfd_%3~p
zeqn!uk~T7C5H9rwDcX=@!~Y6CaeFstg4gY5V8L@e2iS48_3r)4haht0CowxpTF^SH
zUt7y^UctE|=3~@r5VUapJ}WO^_8;{%7&*LmQuqi$k`ZYR03s}N#fa05gyS>!IqD0?
zg#`r#7cNFo(|jF@EWLR}k>Lg7?*>OD9-4Id(LAQ~G<cl?@TmYJg8)U-M7$;Q0-gI*
zTmX4(3%|OjIz^ySuFb%(n4-Ib1JCpJBBB2GblHz^l7V9ak=7EL97qFP`Fxn!*!<Vt
ztGd@}uQ{i9v8Yd7Cvl<@+S$4{Vyu~MurcxUzqCy%{pSuM9|Hols?1(S@iJso6WJg5
zwpbR06Ry%+auqvxkccw?_s{S2X|(Pq$ichVpXSj&j)*%vEi4O^5EDCt70erpwj0C9
z0w0Kc2=PV~L(X$Ncd$K~K`RS}TeNOd$54=y6D9_{XZBwWtx>Gv)=Q~aHjNXe!GEq4
zsFO$Vs+E6-xeAv)hONa2g|*$>+##b79WY@XY#LA?(LoQyER<N@|Ab3|N$N$h@iaDj
z!&zVPxZ*}e#wdUi0CaHBZf|?Fm2f?S6LD}6RVbdpGCLq<m&eZs1zr|)qNJwIS%R`-
z9p%Izf$j&9jE)pp{OUpIQsLk87|5eKDs3fq4hp~}G-P!AqA$TBeq6^fyULYG@-uZ5
z=2P6m6*GX8?_QDcDUK$yhpF;-y|2A^;?<ym$Rk>W5iT(Bun(8<Ic1(26mn4#v|b3K
zGUwN+)3xUoArh>CySKS~%BQ|h**B@p3^eM7gOZBR{CG>(R{;9)$(TSAV2&E_3Mnxp
zCtYS_V0cQM8%}c9L_-@vBaaPPX;@FuERL(->MEr#-Ql*f&RbV>JG;a%`_T6=(E##8
zvVNbWF8n$jaO+^s<(kQWwO_JV==|(=oT^n7?-t;o<C52{c*i|?ov(%=EC$RT&Immj
zZf^D3e_MKM;s4drV@FO%tt$p*=;1wHRqh_67a~&X=x>c;*)sq(fh%R;i-1f63)63h
z|9AkTpV240r4ziJ>pxIxklt1z@4SiaHWlH00ITj~(5I+;?7<VW<9@@S1>%{xw!a`4
z`MKBkO9Rh=U&2~<1w$c8C4Rl_g2XyatSa7Y$U_kM+_K{2{DK6kiq}57i>C{`7qLHe
zK_ERWaOQ&w<_$r;1R(jQMFwMV<2YMIE6iXGcl3$J7$utDjE1@~d=7z`asYc0fZ)#n
zBF|Ps$CbC-&a}G<tUskx#5vRM&B8|>>OYt0QAp=b*N*v;<=qr6nMijj4d||7kkoZm
z{_38>8_tl^*&@c4(I2U^gjYb;&kfzi39MyDB>XU#bx;&lJqEm;(T`hn8*~Z#e?q8I
z6vR|f;grUhB0<3a9QyKSQpoJ12j+K>_<)ZTXTXv;eH0zc5IyXbC<S&UJk~cR`!GH$
z2z@-!NAR--gM5k(2iS^sz0$qN&9XW4vOJIrKAlG?QS<SZeY<HQATEk#2yE3#*9yS>
zp~KU<===$d6FE8gz%TSRfOaVk5X6#sw>d3wMFX7&kxnGEh+f7Nos;W(C48HCu762^
z%J*xH8P18;?8?JSG5dX)8lIbq$k?T6goN;q9S-Fb@7o>F{NYxy{hFYzi#i>*<_QBL
z>SMnmi&OmV{|NUd?EkCwVBwaop`WU1Gv3j0v=8{yL%B$HFJInCdJ&-iR(rODX_N_D
z#A9F+DLLVTdQoIJ0m^6z`<EdNioA36D|(K_Ua$!NaO_)Bkmyx%tX$Tqo!%*^;PNTd
zOkxqY2X?k2cgH9*U1iN5t8B0Bk}=xn3B?<+02{`(sVErQ51o1uQ<-QJfRq>8b7N#d
zLnN7a6iIt+Z?(r$#@ALs;{u!`%>R|fCC^kAA`C`qGX<qVsY$VNLf|+3Pj=TTT1}Z;
zC0{5OdaHIO9Y-sK1A+9(Zo<Neh7e3BdbhZ^IE@b}s^0Gd=EQjHGtNG}dnWGM#+DiS
zu>437$JGVM7G<MRW6|5V%rJ&-SHBV#27ET*F~l$6)6sefVt)qm+`-9|Z3j8(`~wpH
zs@I^I<Ageznn*Q>fM;`awo(fJzGjM;N{2wmgSw8Mmiz`wm>07Wo$*UtHs<t{mT4`*
zwIFH5D6@G#BSI58OEhC!$x>*J$!L!Wzksn@e|RV~LU1pX2FPG<M>7lu<Dp+TFn#v(
zP9u4{aYm4U!`w*%8SKt!ke@_Q6a)n0-%*vZ4+TN*2s%-cihT+Z)mAo%kOQQ5P<^^`
z!h$$1_M4a7kaVW*Hk&hNn-x#7kg^CwmmTA^5*1*fHjPqpE|&ibTIgwnna}F7=m&9L
z<LnbI{7J^ib88dHIk}18+b(C=6v#fxZ6QDG(Y;@GOxSDH*nnY&6YZOSquuY2|Al+B
z|IT<{!b-EVL(HQqk3M;p|ABr%Nw}#H<Vidy+*M_!Kqb*kZYSM7#88sZc`M$N?x?bH
zsNgQ7JNV%Dg!7I_nI3WnGYMPPpser@_Fv77*6=o&AdkvHr#j>cRJ3`}grHec*{`6$
z6^zrFug^t)#sTX-KN7+Pqyfxd;~`pX_z5+Wy74ial$dB`vDiNg7&bLySY+5<Y7;=a
zjF1=j`}pY?jclMBLUY8;Kg5zozW|UH04nEgxvH!=3hq?J%#cUu1FS(@2Q}%)s7vTh
zOQ9)%0tc^wUy(1RHJkcYOB>7*Ea^1t!|6hWGGjkjZv>!~CUWARP6P2Isz~E=brupv
zfBf7Q@3@W<YnaghL7#ZJYXPz4lW66NqOBavj$Mc2n#X|uEsE3)XV{jAH5iU0{CoCf
z^E=xea9nqALSK(VKNz8C!G#qTh6OzAJlpzJ?c7S;#F$`51Jm>hq2uNJb~vO<kfX(G
znGJ(65Zwz>>-}AqZ7qIuJ(fq0W1B&r10`D_lh-;tp;!uVRdiLh({U<KRL2#n1efmg
zd}9SmRTdgvNt)`OiTHj5*yp)9_uJGX1Eu(tiPelqiX<qWB?<ZLx}a5mQ;p%WB77@;
zbRmJ{Ml*+MY&PpBGM!%ex^<$>?w&-L6cgX6$^Q-w-)0;d`&{)3|A^18dfrg68aVp;
zE`Y;>X79MN(l}R(ax*^f#Q@NZ#Hs+ggkcn__qAS*%0k{=Mgm8Rb|>b1Tio=p8C}!?
zNSMC=Kq6FA^~HLc1EKn)2NRLZMNF5GBSrfVo)O{+Mv%A&0X<CKH`HwaXGeOQUy|Ay
z6Ulk(IS)iB5S$=jTLeuVG}S(va1l&5gP~)_xmtXF=&dYq=hQ{bTwMVe#PHb#2@|_f
zU&_JwzJBTu&&fTt^_$0+#L%Ey;hfauk=|&0e?rWJy}3!JAl4WmPkaLf7L<69TaSa~
zEc{J;h}CbHAGZ1WXQkR_=-*hiKEQgTNp?(IS67r_%SxR8_T2{$`r}~}Cf~R?7aIvJ
zp%&`KKw4VbUHcqJ6E$0qM^Kc=J&Dd>>n`bdAzhYa7>!r(pacS)w-QSa$dNi1!N8IR
zgWw#kpnw3yP45s9IuC@hASIS9=?%t2c3EG+7Fcl0mAkz7SD_0K(7lmelyct{41AY6
zk4?(`*}=m7xiHIBqkDw5tlAvwg5+>tDza@n^qXtFp0lw%1Z!p%`tCFt%l+C%26Z{-
z0k@>sh9bQ-C($5FJ0ZP_bwf3y8LpKmQ@ZnzAEKdosWB{}nMJ!pk~GLYfvDLe)$C0<
z8m#@KmKuj(gtI(;iNoQdY~sg3g|eKPpQILFzhC=0T(6z;dDGi`&iyf2l$Vb_BUh5-
z{q<57V#)u6D6|B{aeAnI_-j1J8*J%qVp6hnb%oSc-Vy;q{!yxD!;G3OiJ6EHD}q@?
zXdt5~gFJ(_DZBx=oIyD9Iq_8R76IRP;MJkt?1C5xZEfnY_n>~?mYVJT%$UG~thhEQ
z3QBe=IjUt}>lS`<c~8E8M-ViFhm7uWzYDbl?hazeFJ_{^H%R#FArQIIElBO#56$WY
z2muk>5f{IW3w@*s0zxuUmBy#B?(G|{%r|vD0{z@i#k%V-L!V^Nj5+#=M{xK&%jzo(
zfyAK$LYX6$*C$)TO{e-%dlX2yM-X!r+91`N)O5x9=&#NV-~s}k=7B=k9OXu5Ms=MJ
zMt%yB?FhNijRK_NrKTaY()u2RfltGG1Ak~Lj^2>C#H`q+f+C`uK_r35+nqtng=R)i
zU*Cn_J5$nG8%1khD4nUXs<8(u9Porbr8u{t-LY#<96PanVNUnf@6xLXo%n|nj`Thf
zp|7Tv#B<~LJ=cC9sJI@B*{2hro$YSAiJiSt8a9{?F(+D#c*a$ebYkXZm-gf?eX;wS
zhhM)@OnkmbpIf>Ng!)165=;7<uR)6DRmyk|@mjT6+Z;J^WnYK)mN~YgP)bvQ`LWv!
zH+=pj>HQ}M_E@Si>?(+!*%cs!{}o%OoP{BNCP(+8xs8(2PR5ivZs5q?F73vB$Hd&L
z$hD<#q#Up8CS_Nk{EscCdJ0(WuN{!%&GH&8t104~o?x0G_K@QnCN_T&G(6fCLS{LC
zLp~(ilQNi4S0JL`7lxp~PmocZ8;``WABfVAd`N4Alc5%g5c+@sKq!FiRcc$vQ_Ij|
z4wYH_#6Wd!X)J<>K9dhxiP!rOp}R@lQ*G$^J8x8d2n_!~xR@PM34oxsAD1aIdwwIP
zC>Z^GE#v^h6IH2%a0^-nGixt3R30ISK+M*5Gv#feVwmO0xC5C8&IB-{%Z|t^>GMz?
z>`;v)<OMJ9aP1Qi61>Y>cn<%h<Z%aOrSFdbM<C(Kp#)c;>fOWK=?9Tgfii%<A^HKt
z+X?hTE!W-^PF~Q}lZc6qmDI1j!H-m}t=<*sBzdTJ7g1*L^hfLUsh$Ej^GnL*!Qm*v
zb~rf^k!YFldAvw;URX?DC0VJ8Eh82#_A|NJ+%ggp@kZ(8uH$>!wLV!w(_r<`{7kKL
zvN_POnh*w#dc#LZD1q-*wcs=&Fi@)INmnrh;`;!RD|;)RY^aI(Xb?RuP1%;EM&*d0
z&tVY}iFBf@gmy;pD?k^aq7;69{_CNVlI5Jx<l&YcI({!RrCJyqd|^QWvC)i6fm6Zx
znrJ%j-C8MhyD1LUcDRg1D}4`KYmxkc?#uUi>rN+(zblUgoV`@kByzM*>iPRWxV4wF
zUgIR20*89+*^94gnEpz;B*eA;7Y+zd4)ukr!O-pQ$2z7Qx$z^)N}+sz8n>>`kW!~L
za9!fM&9rYC>a?qwSHB|Gwu2`K_2i$$PET=qMkyFoO-z{7+C#B)hD3touoGF4Vl?t)
z0GZqk-ni&a^#ur&O};jB(*$~Y;&xEf<FeZHX@CegB7Fv_(vrUI*tW-p2YYE`n+K#^
z@J0c_BG#TeQ`aY?2!E(tRy$X8-5|=`#PE>YN(N=-mcvYw04%m=0?MgIr6lIX6SGyo
z1Eo&C`i>ARkCzo3X9|sK_|!e)W<}-qK9la1u&s4tsg%lG52Mjkx)zeK<Eb#iu3cTH
zjn;}TGxO`A(a?HX#X3hUKmkUjs$_&-3ER%HlP^)8hpGkIAA#?xbTl-BZM8Ql(b}M!
zjVhG?HXpB-xrw)3cM?<Z_TNSao*q<}_5a*n?pqXo{+gn=h3H<(5j02e0LUY30Ym;G
z{dY#^l347Vu{m~vg>RvlDa(S9zC9<ujOt!^D5|#OZhVQxkm@0BJEJf-9tH*Vn#zxr
zd#-m5sIsWh3&xiE8X}YZ1f&BkB;ovj)S<zbKit3S;frLJ1|XSG#XX~VA;ofpr3Q-9
z;xUQno#MB5Ajk*39*fpmVed(KSt*~6>wM>OY<LVig=QEoUnsaTpDR(hLneefjrrMs
zh%xj3Jt@dLxc|+Bnp@;Z?`pIdWj%A4`pVVB3c=N^&zokYHebE3dG@J*``w5nTH&0#
zdz2-E?39l3wj$N#1(ch*Ql*=$vg)`~>rM6w85P`dIyT#5%ADtKL9RBWU3lDF(f@0L
z$mQm$ulsoyVgfdKVCW+vb5U6^uR%YE#6Eu<hBG*-(Br)7d&py*|81`hzIM89R^WF0
zi*XmPbW#z~D1En|VchS_!e@zraPg)wqT9Iqez1<Gl|zbx;2t7~rp7#X2>m946%hW`
z*5y0^HWw$z7s+b)bBLrj)7I7w3|xbE0*WC;hH_f(ZDv&ks@nD}r_i$E{XfTb!OO$b
z?mfdMh#3uHqE{N5xjbV^3j#5c^`IvrQeUCWL%|ife|of*A?+i?P07L#zeV?!9VV=o
z5W2bR-#UCAg|19^=J%I3W-fnzMDaBM^jp|MBi9Oe6bU0YAi4L<j|OO%r!GQS=XDWq
z9R4Nh&epay!@k@xjpzEbKVT6P<k6Mjnsob;6AUOjf=o$aFcG(?^nPSG$;KZ*sy;(6
z>`pqId|Q>2wvlOi_38-`Z{G3-E8hI({|6jW|DWN#f`&f5caabuLa7Yw^X<s7v~xNc
zDn(7f8a<ph6qDF)#GivCF6`>*sl~z7#=AddP05jE7fq*rz$}HoqN|(h4=ro9Zlh-4
zO^Di%sex4tjEv8uIyyVS4)=C+cnQ2#bg;Bc@2TF`bOue%ue8-X$QdMO;fI`<n5et1
ztmG@v^gKkgtx>KwP(EAz%Z#y5YeN5TGyk>`O2L`CW&_Q&Lw{uu-w|d#ab1qSO;pI*
zP(GQXKAba~$~-aD$W;fq#J9?98tPGzP<URAV5!B$0fAQ<j6vG{eq|e!5Sf@n?F?xY
zi^QBVq$c#}dJyN<>Q#M`J>!Rm4TWm*j8j5qW=OL>#T$Mo;bZmOzGr7E7AaD&D=W-}
z&C$k_?QmN7f9ivO#?h!R?DJG|4|JBpXs$kn(AoFRnHq-mVwb>f@$iLSq1P%8>#uH)
zw2Q2Xl!&|#xih)Nbj&@isLbBlccwYaqA@wr6DgnWonaQdGy_lh&EAq&d}WdA%7v%(
z(5WJ+_p93;xv{$?i2hjrmGXqadD;EZL7{LGX=A$Jqq?^{m=6q(cYaqEn_Ll)4HC_I
zPFKSuWPkKI8$|mVpZVUb4ld24dS17p&YAt}xMNSECQAdUt1yG$xZ7E{wm%POjU6L9
zFMh*FHtAQh#6{|u9Z#1wuhORe6*;x$ll(Jo-=@KD_bV*=fe*Z7Cn5Vm{TcD`*2!8*
zKThp&+b8xxe_?TKTSTZY^0QsoSa-^9wx{-V4%<lT_533!Xxx{~ti8sUNcLO%mFP7$
zLm%yl`Pu0uPhq*7dmOWE&CLs6-n<OjH+XYm^A55NCd<jhHP1*++l{kcRD7R~9QDyY
zbxVCjLN8pM&Q<rnXaDzSGn{<3xLsi^XZf@6Yy<)zAm{U=ys2+{S7%JbzvufMk~EFW
z3Tp56QhT+S8c^fMQ)Qu@$hkb$jbP3RTdd}MmRzqKsnk=>zt=dovXb6H`hbv~0S=XV
zVyRKPsaIjHs+(^O-}gf^+l1(%I$Z=F`bO#4nr<PnFlv?j>Xl5VY3r=>s=s__t$(`G
zd=%XZ)<#BUWM+O@7EP%cOZwrq+(<I3=TDy8E~YlaHT{68c0BKi&~%(4OS}BF#3a3a
zF<GH!ozD05t=!kE?P2>@D<G{xl;s?z3R1Dpuf*p)gz9Vc-sT+fO4Ix@dP%_ftGDSx
zpRUw^Pt$Xq2V<fk+o?#86g`SWjByt2ZRd<M+ceXBE~!R{3Ni$B)aU!>bBi#TG<SqD
zNlh*5hZ(u$s`x+prLA0F9awTP{wl}DetuG;49OblR%-pVUa|Di&_UMfiH9;HQt!Jv
z-fUM>oXwwi&LUxwSj=_1;wAhjw`<E5s{f{-zr?$%NQ?h9g9wf{d>5MXvt!?ZCGniL
zR(r>lD#R$1LE)+O(C7Uht+k+d9p~{uRE@ts@(ujR8!0&-DU)PAHW)umjm@sM-Y2rE
zJ$<ZNL9jhha=E|Gf?dWyIpWQBAp@SOd(WI-&uiJNc~Ir^O<oAL)~()R>})BLV57WQ
zQ>dRxc<SN&xX0%BOGa+7!727@qEac1`*r^dm`<hpr`|m{mAXWgO0#^=C)s-G)JCYB
zzJ~3C@e&Hv;ji{5JL&WUul2^;Tc2JlV-%;TNpE6GCA;)^dtJ_lp*@$Gq>`-}yu*#O
zRZ@QD={i}c@5+;Ylzf5irS%uOLT))G)reB3_|Wf6(u;ut(R{Hy?eGMBy+_mDBq~Cy
zsTBFj*Hn|6LFv9U*=-}|&~%@hRuy3TDs05IVJGw&6PsS>(=Gpv1I3Mh#{q|j1+Tst
zt*7u@%2Ga%Zeea-WLsfasxu+xMK@OGYW(%#Z=T<~YA=Om%%dC+NTD2O>YwboEA{7x
zZTg1L{w5)A1HZ@}6gE3KN6RbHEA`%&jw{s^Hg&%r3~7ohSr*~`a3y%db1t|j&sTB%
z|6}XF<FWq#_kWzzI&CK>PJ55j$d;MC_X?rxmF!9)TgGW+3!P?GLSz)#JG)X(m04&Z
zl}dbX=j;9X{rCI3OUijZ9{2lg9LM#*(jA3GdWHUDF8zED`SqnT_Ba}v-*}(?8*UPD
zWx@HnQ=$ZuAa+F3I=j5Q*{STtqI8F4b`d=8CpubCut3(i7M%Bs*UR}}*(_cT4i&5r
zbni~Ta*p6Mi|X(DSz=7ul#_{thhdXZ-;>y;nKCrNDg4;XZ;@QE$NNqS*;Q=E-_!3s
znmuBbDSy9}HlY4?8I#yarMBm+BTsr0$xhGZwLM*6-hv<^QaqJ{?n&LX)6>4RXt5fk
zY<Z)KU7P}2xFL_$3BEWdCr)DH^9Oa~kr6>-+GyO9hVIIym;w&6=7U6Zs8FLgXWfpL
zs%=?wXjZ%!HM(#*%$8|o6!2@$8`t*}!$Y^qaoKg@KghA+CCM!3vXh|J%M1MzNvfF(
z6H|uq{E(We1g>tu4Pz0MAjzMl_{N3{qxnfCG535$5jLsfiZW+x8pymNap9h?ShV;{
zny)f$w)p4u{h4DHEJPnpjOeHo=;pn}=m2FS+%r*Eeuq<8I2)Vph<5&R5}~%|BwvQr
z>Y01s9Qu#Ov;GCXK&-HFG<MgHs$3Mcm)pZ2@9V-GuJA7w``SvSrtZxP6Rm(dqV_da
zKDx|;leK}xZzA;(j@K-0v_3wYMo^7gFD7U@zBA5{SQzLgZPTY>5q!cQulpl81{?R?
zKRqm8*itI~mB4$F8vT!oys9=0_Od&>GM>QPxT|12gf83gW>d1M?$X`0R$(cPX2hQ1
zI_=ZTb*mStdBat=Q(>7cadxb?m^(PjJh*1b{$RL+)iT&5w<OhzGgre|$V3b4JU=X?
z8T`_-+qBx%+4qRs0vnOHx%>NISZeEk>Qjalaihz0K`_$AgAxz=xpLlX&{D1-2I-`p
z;1;zF@>8Y$lRhK%_+C6Ta<HLNggme*!_+HZqztA|;QK4;MVfa7qp$D3`0{Rv3vTxw
zA!%Ml%M4i7rCl+U_>%C+Krx-M)G_k)h~T7|vGKZb&)MhpEI#NuOR8vh?(^4z`smSn
zalE&~?YZj4rarSU^Ev3PvY37GvLa`ULx*>%h_ud1mSx47Y&Y^S7>>n(ZrIOVx8oCw
zp%&9I(>x!SRw@;{(cxzPE=91Trq+U8he-}^X-FJ<pz2*@ySc1>a6i|z)#NF}8$*U|
z9`!#uk~pe(BXzVXmP>R*^oIp;w<OyXFI%2nC9~#zH{&Y?*X(0Nx73D_+mt=rVQ<gG
zHD*d{(&nAUa=kL431B7qt8>*MxVhjbg>*az=3@hzlrd!DMa{{)a$&!?z3Ln(t}2#e
zhOX{m)Y)4FS4~h_P7!%(j;{}c+DOY*m10O=TDq#KCLrtL0?GWBDM%v|c3bqdqH=FK
z*VLnZ9*}yvz235BuxUQC;APVpue+x3d1@ioj^jl?EOsoCS(h-&)#B+F<a1>BlNh(V
zRX2G5#>X%3$5<~{_%lva@*L-vp%%J(;<rByzkK#P)-=R17@_|(Yw6MMpC^)Dc3SDS
zN&QWyy0zBUzFmPgf*B1%Uba-lCFY6-Uv=ycHZwG|)bg7wiP0cBspF5C8n3ID)C}1|
z?BLN<{ELzVTU43sYHG7Q1KFQAC(q~94@!lSWn343luzZ0oJ0eyFf))#v`hEUu3n=E
zG4ZZ8F9Qwo*7qCOB<>!L(f`v9Bhndz#G8kupiU%!&tNzPDi)tets<~fgH$fNoBe)V
zpBU4n$8OHHN6A5s5U~u{&T@6>C+wYGAa|u6wi}ho48pF9D;58+m5tW5tdMx=NcOQk
z<BicKl_=BAmJ>!nlUyfO>D+iSA6-l13ao#CP^u<ahTayZKdXKAnVUIv*af3?Er$ld
zm6S<pU8g<kK;?;Q&r8Wf>lj<6`Bzv`vAWdAr&(A3eL|{M2+L|xXKjPtweY&kYdJ|=
zDv1RR9Nl`i(f%Pk)%;1}c~&;3<Lr9b`%IU&HyWBMELb|XbE&t(8qszGcGn_Ek$It4
zG{U#DN%0c!fCkP}1coI02;ObRC)CQw7Mu8nrr#7ZuMrj4Q2Q~-Q<H6i+EMk@gL9oZ
z&Kk3e6D76BdhMLG44RY2>%X0}!}FoF@E2Ef#+=@ebSmjTG1OhH9~m9J^OamAwJR;2
z^f1TBe(X*P{gPpU1g}lOZgvexv%a&oFc<y2mT+Ns)W)O^IN0WG$V)4n1XVq?@+*x#
z){$^UXiIemUSFl3`IJhcu%7TKESW)XB{JUYaN<QiT1@Yfg&AGM)Q#gDB7bV^X2T2g
zeg5OMm&KvMcMA$?DH3t<a_P9nU6x?3q}(pzUAL{!^r7vpz_B;rVzSgH_cRk_=1bDr
zP7|neskW&ir`$n*G*&6gg;Y*^8|v<Aywt`;lJb}<7fx>^M!qE(5r>ca=X{}7OfbnK
z^g!5Ec6+K&yGvHi@tVYfmWdaf#bd3ZO9^cN$*3eCd|Rsn!}WX%4`1ACqd7rvBf4WX
z`A4uxnp$saURGf3QF~No0ih-Z-+7{Mq~H|VHpTF!SjK-gUHPW0`?}%ix;OQDI<{2!
z^P)N8SMGOi(H!NOH!u6%Ns^1@RXs{Y1x`rDJ*~VL;Le$V^iQEe=o{uav-`2LviFVI
zP^mj-P?R?jHvXWhE-ZYPAYt}&<+VHU!-#ixKJyXBp|6nOY_z`pzhe|lSD1`U3BI$M
z^ql4iyV8@pERGv#UJYGJ=3NfzUJO|s<@`4Fi2zjdCp<9cUL+yxEA)+paXG6JN|qbO
z$Nlk@d0-ENl`28h1(FFM9S_0eJ92MTYml<Zip6GphBuDNf=-0_dfZL#6aNOX(%W^|
zz6Hr~8Esa_e*E$MAizqx;Pw97xt3T|R0QKR8wG*U*FHpkG*^~e)?mc~a-`B}cdAFC
zCbV64>Dkyb&M(0IdJE7Z7@mekd9<L(b1Q5x3lUkM7mp!p&kuu(^O`i379Kl2pz|n~
zcyfcgmF{VTzH`0R88_p9Iw-E@eK9*JnK2j$z>hwLfjn#%?xKT9D4l)W7u8XxGZj?7
zH2)bH8u|i|W+=h@TJJ}Ctg%#1Qm2r0Y^_ZDGMn^w%JS}f5755df^89DllA$1O++1W
z!s`3n6BSK8(W6gwpSrwU=Q>YPn}5fKM7F_l2=p$4;?@{F*!bLq4Qa1dbEjh;i9tnt
zJo~>d)KOEDlkTB1E&1A~*(rFD8OdPrPPR}Gwy12djEUAs;308Ka+Q9hp6)%-<#+mj
z&3zc6B1J;V|9<_qcb2+MK*U5dB#0+M)Gf{FYORUSXPFDa=A|j7PY8M&KAmKI!haEU
zm;D6JP5gKD+{6<kj2inuo(J2rA3|k`xB7)Ez5%#&1?b%>8M=`=v#bK5M`sykjeyKj
z`ziZ|r?C%drSlt}ASd;_@z6Z;`znVZhJgO>KUhyVS2hDz0J4e`Uy(a*uRbCbyZRj!
z{NIhn6H-5_!yj{OjYxbZzaAC(It%GF!w|Dou{=>OUOmK4c+OMpxB<<N0dLxOU~p6l
zMk)0V@<RA5xpCXgC~{?TPrj;A=7f{{c<WNLfd|jny-XZxt4jYdT0S<7dOb>({B1u^
zd$v$qAe*>f4A4N3fVjIC=<Xuc`XRfLwYWecJJWN+w&ii*|J4jdKfKnRgv|#hS6?5U
ze0#npr8SlFlBYIHm4Ln&gKhwkdR9>MCwN!M_TNc@UmdKs_Vw0V0~9=;SGwiqGk^Zm
zRKrVWasRq-aJ7z9zIEuqAjUJ=onK5WO%rvQR1Vbez`dOV5u4Vh6o0ged&YTzyx60(
z9tP<xG~K;pGlh@jol3%Hai)7&(Nv)()zyZ{x(a-Pf}8pF7unP!+trqgv|thiJLNxv
z)KU=V5%LM6;BO1+$)Ta48|`3(JOKCO*5fduI0Jpj@SM&>3jKuUgMu<b0R28#6TM*$
z<)6;^Q=;eHa@OdiQ6yurcMnSie$J&+bdEIKldXF8g>o!b-O*Lz1xT*I3=I-2F^k8r
za0Jxo@oEA+@T!cOxeJ={EH(Fz1IuXKGx{Pw0JT2)rz7G7HpR}`Or5=7Z}zL_)uV%P
zXa%ZS8S^uLv<pykS`hIvB%VyF-XxLtV>PyI<}4nWMf0eqMn6dH>+gEmWzfagSf~?{
zQD86g4%P_md2VW;yHW9hi8dJV)?w~1nk4K&QtHuM>`#X1j^uO>(QoUgpsLi@I*dar
zICgg3Hr24CQZOa#6W&~Y=(T4P1w+)B-&2>0d~s}OPvZh&Hfq5Jk$S}I7hlVjR+&q-
z=Z+z8NZx3PIoe%OAM4e<rA4qa9+F(Fh(%3?>eWj4H+OP5=o4@FBd{t>R%gB^q4+oG
z^6ZAMf4f3GYITjQ-b#*cZb=~9zS@$tEi?q@e4|nEPKp{73*g3Y4|-qTG?LExy$cMu
zrdr9xj}oTCt8SJlu!~a1W*!@vnR)fW2Ia@{T7mFocZ5RakZ(mZNc_!BTFa@ghK%4Z
z7&A9tT?L^Afy19>$+g<OfZEPRf3q*o$^WF1v5wB6p%IjS;o(08QW?xblNGxf%r&0?
zkYB{Sv@Y_W>fGxAB{~nPZR>>>HNJ?p75tYOrX^5$%rZMFmfhy{A~l_F6cSrclRKn;
zzPVGC8jU6L>UPf-FCheGfL#=(*mX|3?#%fd7`HbKE-RrK>FKIq!)<$0shfvQ;%&jv
zM<kJmnHW@j{+5ss?;FqE$XMoB@~}RRD=qh;u$b5XmGSaoT?Z*_lK-ozlE{NNUy9B>
zSs;YpF4y=b>^{+G9G9?vpvO7@gc&h9t(T9vUja2@5mtt27YW;|{{H?fjgupI5BRQG
zBiEkI+|fSNb{)!JjawIVw@jC9iy0?|Z5uC+00|3G`UB9Zb~*uTa}$%QUQ$Nu^W%KK
z>TFeF`^x#_^SXr)Yb?cwj6n!ThOP!DY?#UMPlB}<p5jy-PEe0-woLU`?cG2zz<h%W
zBCl@sDeM-`zKf`uxdhmZLm3Ls=Iz)<>Nuwrk{zYJYcPWanA%v^ie=umgk@rQ0|}d8
zuWm|Rw)F^cobxF%m%o{(Mc_Hed)|UBNcRqmcm)K%g3|}a+Fzf3p8*Hn0~kcA(S_HQ
z8R&#`n`t4`F6_$KIzNROJ}ibbAU^<9IJ&uL_2?}GnGqkqoh^++w#NxQ3LVqHkDW_2
z00jWV5iLp$ka$^Tn_jgJ!=8|D;owr?iuw2H(#|HRd7D6qB>xEZoIr%FIOFf8J%11U
zPP-SoE8^R^##(A6@UvFDTx>DpBec6Oc=IyT3`fNeg;Wi5LSe<kcHvLc96VrfAoRdi
zWV}mfmin;EMUrj-t4&Wrn*)Q6yNX{xgT4Ip#-nmpNpLesD8SCV#A$ln$=A1zyFF&i
zm`F_Twz%Y=?Cg9;lJ1K-r!<dyZPgxZd2~t=;pt=n#^h&{$^2)S@Ii6>m_oCdjU_#~
zZasV}vzRRg7P-yt_kPzcI-K?#^Kngy{ynR8MWh#gL0kb`Qx*C>$Jf<|zPpzYHr^7J
zD-D!+2SL<BsoVl&v)v<XVuQBOB!a5>OLDuI<f4)Pq0zhZRmo%@N$PmQM`{R%<MXrc
zZNp%ZdKEY{V8qgynUaY#QhXsws#VFUNvrj5=P5tRi<=m6*%mY)-m~Qo!Y$l_Lf(ug
z>~+?=tv=b`?Rvviy(;-hjoFHG38eaiiLfudt4HZ*R(tcUT_*84KnW0L{x>ot1SUgQ
znY;L7J=z4i@=tB6B|eIf-AJKfoG=c@PvA7WO{0we-`%z0m~e02op5nEBfDOZ#}(3j
z!@d-KH-7R^Y_G|9G;8fsll4&>?M7vMv`KNxZPa)l-`CDN$Dy8S;!eW;-Aa8m;|n`G
zk8+9Wt=!@AX$Dr@dJV{V(ckFFxzr-0Wo50ci0zq|`YdHfm^D^8+{#U{h2iU@o`?09
zL6{24&oMCiBPw{ck{;1qm=k)El80W(Gtb!OU9F&EY!-D`kfe%8?~6CJ?tgtqaU0~7
z)^K{mmL@En&I_cFdR-9!q@dwcVn}f4k8pQi2aP}I&;)*on=gDcmYVn1d$U3nNn(Rc
z8|WHAQ#r%dix8<50vimKbJ?@J_GLqu@N<h7V>ZxyQ!&!P>2$qmB@Nfqak4I2lc2`}
zjrSXX?EJ|<v+L!+YJ_2!AUg)9$yUJ|yE(fr^ks7(;{`I$dbhk^+2M;d<c!5G*~BiD
zmgHgi6yo&&Ph=O!>;9Z?Qn^nWuJ9o2${2;a`44H=+tw`vTQBgF)EqfKu#9aow>{lr
z5pdqZTyrk?WH&ALl1u`xgW74l`S0&Nr))EMJBH#wEnc!&zX$?S&$h0`V~j2@<Nyrv
zCva&>XJY#)N~+d2JN{_=OFnnvYS2mdt4Mm`S<ETCQiMbzvCIxQ--<-~fWQ;@gOZnG
zhDfES1~ywPZ~41k?pK#`w5L0T3W=hEX)ZgvVDWjUl9t)*^R|x1y4M_e*(~vT%~#pp
zSzPL2$0`684-icG^}FS$s}%yO?5;xozbLqHs})gTQJ0+6d+&19HBka59YQ#Kpr4fv
z*%q2h!25F-d^heDjM=>5?=QCa0Nw>4pf^kM+SixxtA+gPGTCU`BW1vl3j$hRuArzJ
zoMjFikW|1;h<=cG<*$}w(kwA|dXU(dtK}lXCORIw1Cc<W%LehdKGkzwin}MYTGu-8
znnBw}Sk}5%F{o?MT`d+PpGvUR!M+Wzq;F`Ya%I3sKRz;Fmt_|=Sn6PJn{m3abzzd(
zB6#`-34*MKcbsgZ+U99u{LNa~uR&BDvN`b~6>B%uYUbo#Sh~soZ}9(2rOBkp@Fa+H
zqRHwp6<}AZS}c9v2LD~Yl*z)=yzD921O3Z#-;_szZ6Z811h5($SWEjE?lc2u-s_=t
zFM}4A1MCbC)sRXVVl<Dq#dvFV4<wFI&?*8X444~ZBO?`>E81${IZ*u^1G-RXZYTlh
z1}HtakbSEq=Fx!+42&6s2roePh;ph$WD_(~BH~yq$YRVuz8~owVWP$Pt}}?IvwHCr
zh!RL|fd^#;@>;aHjOX(SK@evHIV<qoj9(72x{&!$>_>+C@;2Z30rCosW6;B@?P<b~
z+9&2>Z2kS~*=ZR|2nRQ}IX%$r1Vuz_=HbBh<%(ldi8u$$fP4g*_u<FEBx<+<K=&Nb
z_6J@zP|-3`N0tl+9VOp`$A(S8AN>;D0az+f9x+Y@^!1LaUHb0nI<Mc68SY<A(b6yJ
zl3^wR!fxYxY<x<j7DiIw((D4b4LnBGIx4|rL4ChJfH8yq{gPe_WRjH!!5ST?h-U-{
zwXf>60MHEZL~iqOpUH9%V3Ib(n0^H<(n@d*Zw5bgCqN?!^`3ruj9L~%WPgPT-=btY
zdj~<$0<S5JboW5Mn`U}ME&SPws<C2_&0DHUU)a9#kF!X{Mw&6A7IcvF38R@}Tc|~k
z!>ki6izSRAPA8ddM&KsZO|$vNYSR+=)ccwQQ!hD3$q^25E_+6DJ1Rq~CZ^jlOP_17
z?(Vtho^rBttEa#ya%^?i+tthH>sd?Yfc<mhHRAYBoZiC#RbneR0-HFywv?9@7fEc0
zVdvb?igg;XP8De5Y~Zs4@$dK5t{QuSS?Th_-U6|r2S=v=`3aaUl4Jn49I{};a{FpH
z_6z1~5~L%E9vyN!+755%=hmB%)Vru0C74PorD}wuZ2Gx4iS%1E?H7BYXc#&H-bJ-$
zkaP=nhGy`_Q+8R;aZri)W~yZCmP`F<qEri134<t)Lusm_8vo;NSkc}*+>Vn?AiaFp
zkO^^2^K8JsNucPwYOdvBv^lZBcc}4ClYgc~{%zQ-`tlf0E#JF^&KdT=74UL^<QT8?
z$GF<1h+X5BTCQz6=32YAb@n@tWlIHdZZ8c8tb(R4IVs6cbHTpJn-JIf{+Y(8Owzd#
zKh-%EA1ViPM-e~dqr1wLx}(Q(z~2H&p6?MYw_1@<(wRy;y3Wv|_}zc7cnwP<D*vqn
z4pb<j<Vwf2wHj5TM=$_Xs5)0QIoZGGA$#&M=EMi8kQ>9M7s~~748tg-#|1pl6{fw;
z_38KV%&{z1Sf+dCc%|n{m&xkl_b1wh!bA#vZnO6;Rp?NJ?zsKQ73qWU3dwKP+YD*V
z_@UFIF^$UU(8=H$mB>4O+c9VK!wf509Yzt%YjPeDp#7y`mW<TYSd8+P7l^xh*SuD8
zlAr5zM<~j51<1IhS0R6%iCO-Pd{owbbji4y*Lgwx`2USm`1(Uh?>Lr4<o|uiD|MmG
zP**eV>a-H=?)1X{UDJ*+Vx@?oyW*FVUS>avZ}R&$aH1DHSYvp{HCEhwY;24vSsg%v
zi9!uzWFsDQ)+vh@!P)}ysus|JUtb9^0J{ZpVUus4L*^$uRxiQA1+NbyD~P|mU~C{z
z>AGQPOAwD96T<F+4+N?KGtDGK9F-UI;lf4E{ttkhv4kH291+ILpf*JQGd#0423{@w
zr*Wo7S~#=PWGwuvNP~NkyY(OqB?ziq^O5&_G;0WOCeU%7f=QA<eT2j_MJtw(I77R9
z>w?wWJ(0h@ni1*nyX-?_8U>*Va2)dW3rrVW0Fgg%_0Ft(xCSy|P_Vv*{2EJ8!O62P
zfQKlJP_Uf^y*z*%>%PTXp}ti1$|pJ$iuQnkt3ACOUO}=7R+Zu3ONK68`yiTp2V%oR
zk|$R}39lA733+`ZfGB5)8c?Q>Z-4+<zaLOoTk)nhkIK4S2Y(pwVRZM4N{oVng?66+
zYl;B8EVG;oR`-n`f^eg1AR-PoiY@fsyk0KVdz+-){Fx1ynp9N2pZ+~P(cu1LBGs!~
zXVe>^ooGS75d$A`$T!g0*^5pk;Pr46+*J7oo`BhM>&cNIE2hDaFAx|&!%P<V*HGr@
zBk8T)#-FyMDKJ5pk2_4Giwxx>5aa?@wOPzxNKuPC+^)!acQos>?$huWP<U1!3M4x6
z*5MEpPKfI-a;o%IX@PsV%Ya_G(y&^ObO<w60}a75(9!|RL9m^W+7*)UJ09V`ZChta
zY>~aw4=39(5OYKl!XVuz99@-k|2L4szJO9x$o<tu1kh!+eae*%KuSZPM%{voONIRE
zs$f>~;|-49Ux2cLG$REy#EbNOxV9He)L6MmHwsXOU*N1Id{qy7cE!kvHZokxXVyY&
z3eI^p&jWlyL=IV;+K?g!9n<u8;AN4$jUON!dz2#^RbzW;e8&7bWvG#%k$Z5bgFz<!
zT|b*Q@oX7!7OGtJ${4M(QILQDG;T?^s+5`!f~^+WWO`*lg%%*o4Zpo!kPV7!M!;i4
zCk{0@PSClIWpEgX$g#7j9g1{b@PyVW8tfgkJm)yQ)YcpcC%go$q}rI0M>5@gG`$QU
zvv>=Nljy@y>az^&a02!ku*elw)CqX2a2D6AfFOqZY?cS~2Q(t(4?m!!Z6m1Q|5z1N
zU&1UUCN{Z+7;=S6mZkxsS@%!>Jv$u(fy)p*yct?7(Sz9p>eP0a{<-gE=0IqyQL3>m
z5RXn7dTNNddPp)vX(J(Ufdte%2K+YV%*i4OUX$q0E&LM{&&eWF#a-fr%fQR(6y@z#
zDG6G55tHZ<r{v-poHza*Koya2XI8EeOjZj(EIoDA@>VaE@gS#C!f)I>p9&~SSw)Ar
zt{4BMvCI#tIS1|-y)k@&W9UgC){HUEO-gAU4y%x;3WtdgZWpfPhfo%mP&Y{uC{)Gl
zDqOWzd4o>eDrU7BJ5<vLyKe2SyTF24n1AG&y(;qP?nmuekJ87|bU$b>|4HM1IoZ!S
zOtGT>48A}dQ%5GH$+LMsTZ4OZ9>`sb2X*ncM$aZ^a~FpY56X!#^`atb)hxLy2`3^!
zA(E#Fpy7bxWhoa@5oeX&N|yd0f4&O>OCtKur>8xqnq8S!Vs75I`}~8FGNm&l02+_s
zh~ZAa3i4eCD-)rCg)~-Kgras1SZcs-QtXW2paH4mEl|jl)~qyGB|0U_0EBMIybyKe
zj!AGIKr!9#gI4tzo^S$NR5waH;F0S9f}cTKshc*jYIquQS%xD>#ftcY!TH&6;-PBC
zAji~=vSM;z++*q<03n#yfPxqnYed1OYtt2{<?d%J39gO%Vx%s^H>vVv%u((;U}%&|
zbW1c+6Nq<XH+LCshLVn;4!l*{O2tb-%N`DN?nP!y_1Lz`x;i@CAvq}V+R{6)_Jg#Q
z(L}su7&*HIN68plKqVUohe?x3f4zX9iX<=ZDjcywila^ej2(>Se2ckDdLhQY?*;G2
zrqJ9_$$7`aHDvhsS7X?Cd&$gwwD(T%dM~V^q~i(EJBJS7%2qkgQ&QCmW{?lRcQ=^P
zYgkY^$48Vu-dox>ePaj?$ljAr&rUvp7?=~FaTdj6#t}wLASv6s0!qwr`6$Q<DiY#`
zd3{#Q_q*?<k(B3e=)+8@>eLTif}_x<CjJhZ{0aW^QufW99{C@ev$E$*g}G-IIXxFB
zk9IiIJPJfhE^Kq|j{FAWWqA(nwi<h~_=YD4w`nlDBWQu_ll#{yxjyin%tb}w6xXHw
zZP7eDSs!)Zs8NrS|Bw|FJKtpZkqH|O#9e|ZLj4h($4xGfvueurd>zzm1gE%)-^gt^
zVIb>SV<{J*z!^sgb3-A01bsA&{#F+FYd4`X+Is-{<8TGJN>Ju@opm2ZmTy1}{|^2-
zbX}PudO>osH~15O5$uK7Wte1_L+0{E!TH7>827k9BiWw$dLW>NUtdWtd!ohzo6aGh
zh8p+vNj!ymM5H5oO2A`U&T#t$bc#Q|y}#E7CBoYTLko+sPLR20&1~*ilq%(%sigk}
zS(zV7mBR=SXX&Sa`<ZF-3|@Bt$$W&T1Z(>?%$+J!0>L#^<OqU8PjeaBLP@7lSwp8H
zrR6a+OCXfgAnoP1QRrJ!yi&1-u3p3_Li4rKrfW$(o7Cz8N`CR?F88Eg;-wd^U^wIp
z45pWBn+b?S5D#w3e&UH(jRO_Cw3;vLl^d`Yarjfj1xL$*)Ri^Lz(?%97uNV@)6cn0
z%aH}2g8-m)8WL_EuBlBgqB;L$ncQEnuCcyfq2nmr#3EXd1o3A)vyLjk$#l9*3ToBj
z1QPE{mAvAR`zmYh4YIUsiXgQ2dA?RQZ0r87qHug`0?Oq=<td`t;-!O1R$<kuoSbQf
z8eR*wqVaHvDKwemRcIl`<vpWasrFW|Q#4*pp;M8ARi1TwMVK$s1Y3Vx+wK+TKX1R?
z8f#3vaoaKZ%+B<A7WL2@T5~M5xZ3Jk#hrePca!_=-y?e`&~R_>!kk#PiY+l*$tJb+
z5FTSWDa<Gw9fSmRjnm^Wat`|RI9;lTg3crC;vX9y_Dzbe^C31!MPLwnwO0DA_OF9c
zw`1v7m>!&rcOo}cnQ5ooNS)Q!vXNhHA=li_<fU@6&1Q;>lXMUy31GU%F~XMj|4^>0
zi6$XvL@Sm3&qHA5J^33&!Eo76#{xZ&@0zem#f2bQ_`&lZGdU9`*aWXlq)*cgR=hSt
ztp{Mw(7n?TKbJS2xJS;G@`W;_HJOu{`3EqwfeV_{gT$p4Zch?mrEODZbnZFCN8mJb
zq{$!7jTM8p0`(ZRH%B!n$j>HLIW{hIteMN;1#hgZ-Z~URl=rWmAxR8Alz!sWY^#gY
zT`^IyVyn0cE=j6wLM8DzI^-KnJNZ?tb%ZU-aUReIT4Az0bpMjt{&6PyM?kwX(R+{v
zrT!63G1Wth*z*-<#sQJka34yvdH%p1c^bxG#+Rc|y%wRoU?~?TG0G&#uSUoU2%k%K
zjJI1tqElZuwfk0xkS+85(Z<JpW#{CCQRvx4&D~0;*kSPC$Hz4A^4s+js;1H`_1|Xt
zB_P%R2ard%Y)pAkcBCKHF8IG{Bc|hu7<t+G8}N5`G~MSRVUR!({s#GYu(<V1%RT~z
z{Mx{p1*o`Be|A3GFN$zb<84C4Fuo>0db<)Ef#5xiZkv>)hFre~7Aft4Z~wp@AxCeU
zMS>xjA@=6AI@9~-Va&gDih-_3C}Y6~^e{(1E2l<I*xir+3rP3Y9;Au42_@a1l}rVg
z1l|WKDT5S~|8DSCf0y8fHw}&!x}dAvi6)x|d2Eb{!=%3j5&7rqEFtDyhn#4Xt^G;w
zrAE(;E&$0MgE>JecCI_@BXBL|ua2wPsGkd1;Ddu<fmmo&(8fZf9J)%k{-Re(o4+3e
z?-)2W`M1NTK+}xrRLQFKBRDr={=JHsuL-aEfMm+fEQ9*s?YI)8#m+$acG$FY3YX2r
zt1s*X?=WI81oUlrW+htso3ARuTcKV45dh{=J4^DFe#2#;Mp%1rcS|TtzXtn=jKI=w
zB&;OeN05}1d}I_rF()t2(U;|JE4L=S-M!U4Ctv2j@B0;UvH|NRusEyco?LM56DfN5
z#;902bC!M>DFwk7XgH@e3)YiS^jCl=y9^Lj>E{6zUBR3Gdrtlu5FBd1`yqesXr51a
z{qFrG3WSGqB;4vhUhB|$FJ%|s4QHK#P*0jp+vlreb_I0m;Y*k`3EAn(wcJ=WVYZ5k
zq{(ULf{@d)qZkuW0IrkVeYd!bFAO9&f8WhEhc@2F+L(%$V;@aKPX<5(*`(1<r_h5^
zwds97FHF6CR$s!!Ok+;(uv+!Z{a=`VFb`?g>ZwgarI(XjrAhU@Y~E1vkmP|kzHNDu
zf_xe}7hi#@GN+5s{Co+L(G%|)5%1O&$9TYbFZDf1PiH8ZT(-12c?gP;raFv0Kep+D
zd<&RhR}hl!>vC>84&~I`Z3{goo)rW{_aRRx=A(oGm>l?BzHu3^F$dnheH)14TTf@?
zbAC|0lwk5_UCq~j7~(cqCB>w!P%c1%yY2h`Lplh}5rFZ+KTQZb6V9I}Q<h!nPhmW@
z-V1aL2E{^0Y8g!!zCp-m{oJ6QE-cPPg!x)vYfb0@V6olg5HF3p47Vj#uVvue9nCt}
z@j(|aSoR;-<5M)P)>PtX<8GgOsrz|=IVFxj3WPP*#wN5M1Rx7ktK#Vwg-3;x@F|&T
zDJi@S75=YGz;Y)FOA`W-6*S^DIpFyf$cNDPb%!!hO806YxZLq&yXS{+dt6EY`a(0R
zc?udXZi|$Z>W8_AcssGl$w}?oiU%zz0WXwc1i^bu{o_Q9A>=KLahE1E&+b;q>*lX8
zW^9!A;Yg?|Q*2Y;r8e$#0vM|v+JK1vYD`$yM=MS>Zhj=bWH*1fW<u+N`rKPtiLbP+
zN#*TLJT(8-Yh-U(g5Cipu~iNWQjm`r!AEIis4y~oc=6ZGuVtXrXZSbAN_u!4Gj?_M
z>*vqY0o|%Y$|B!CD1dSDad={oG6bJYCut<JW?V{pxy%%E=j-r~{98gX0DzN7&NXGC
z5fw<8CL&||2m1R3P9JU&!W!r2&!38lico^<U67dAxtB9CzD&WfpeQPebUSyvr_&yM
z?OHM;<-W!U<te-r1m1PB6L}uDi;D{c%rmceSI2X^Q=U!9mXBjLcFO>LLnUe<lT&%&
z<;w!|kn@BMBH(UZ(_l*)e?usa@iVVU^HKGPn?AMtTQJy`wUzFD_cEPFvO#)B#vhmp
z5ONJ=q_$*(O%*+T-#t}sb98d5Vs#N94<o4;<y4Q9kFF@`?*0v~39K7CJ}Ez+xpINb
zUHS>{J8<%zJB7Vm@H3zu5r>WA4Wz$Fj(}M|d4B9<rIM^3c>`iDVVI3EF_(^(H={`*
z(f<$ZVDAP7DqsUsJv|HBcWL>9aLQqt%BYJ}d`3_!4<F_RbH~d(1ZNs$s{8$#8op<0
zWD^g<TOmA_1)(#lDMv!!aCPJ8`je-_KJZ;BHi7=1Exj3rnFqoT$7fSq9dOtoEvHSN
zi{K$knV2Yg?Ehl&?c1^jIPn47e;r~DH*2o9KngtzU4a&tH<HEmsG6!=f<iwr#7!rg
zP26KF-ktiw(+HVfxi}OJ-&!n<?1YyAVmaHZ0|uG49=rUrP=(<+VI-RjlMz<=N+bq6
z_uxumGe+MpX!Xe0puGO+Wk#F_v-CO*sTl8fYN@CFO}Y1oW7{`T7(XkUbAd_HxC>xX
zoVPEij*ZT8JR5ToCBuF&9w4a0jzYy{6YPR#;EhcGutae87xJeTWnRg4e162@BfcVi
zZmPJ$h}->*dm<dqd>X1BL5BvGnq>c`bP#Z~Y|iIhDV9W?2Zxcq6iZ3!JsI}Qf5lg)
zJw5e50X+KAG75JgAVtBU{PRLxmAY68#@+gJ>ht0?)1aPyw5&?ro{13?c}_37(cRO=
z#={q9yM9?h+~N11KM-E=goTBriCw~!Qo|wO4J<eS5$t)^`{r*55GnRprrnSmrn#3|
zJbx1G?c)(M8hbz^z|;ln#&JUC0sA2512$i(*S}yw^ql)l;~nAZ@Cq~gSoQS(oW~N#
zg^g0Pm5nC%TFrJ)XJ88etA3r^nNGY0yw;hfrG@RtSC>ZLqt*s(UYLJ8axEw*=%PYb
zCO>=jEW)v(qGCJY{1GK#G6h9uNKi1d=;lfmMH>vupiTJu`}Y8`6xn-{m^&AI>qZPl
z{7_j*k0ZwCa>q0VZuGkp-sgbHbmsTu+o><t_cmrF99oFZI`O-M19|Y*Xp<6V{pYGX
z-z?z0Dm0@1$d@le!ubxewPIkc9$fk}G=ay!(pCsqZh>(PImN|tb|P8VBab39+uo<W
zx-}#6PDj!L!$tV$LyDe5G^g1J8lII#>zYY`byzZag;c(|+m~f7xnfByx6TpfKI$=c
zB{zlqM6B{o;Brd^R0KDFejc#VHg|5q<9QF6@6rCfr*?z!5;dZ0&3cgYHZAdJCRaMi
zdl1;PkH!$DNAq-@xmt(&`xTGDih0!Ag*OxuNKdT3Q;1}JnZ3<z2RT^=7i7D-6#SQ5
z-^gUbCH50;X7bkn?1G$`IGz;xn6*K&5{Nd^PPKzBF|EJ)>h6-3%~LO2auVV7lRQyW
z+rPyF=s~C|78rUl3W=VUtErjLLk~8hVSAofJN*;tp(=@&%P`oT5m}@Z*bvh(Vm&G~
z)h6}E*SpWHNr)p%WX~W1VF^J9$xgR_NSxz4bv(SLas4Z29xe!mlfkJ;MB*}A1WAdv
zuvitU$D&A@SasaP(xLnVPIyN7qIxJDMq2aTn)@)p!qnqBS1dUlmP`@{J}N(H4757K
zrHLdS86%tZocg~3n8+dPnW8jZi42Q%I)HKH;FdRU$=RSx=@u_KS59wi=V2z>4&+#)
zAhLD1yqyc+2O!Z20oFBIOEu5y%`?DJ;mRbIft{iqYs5GD;efnUZCE#pMwIC;aS6n%
zCcJ=q=g;6)?rVe&DP#bd!7zypYuv&oFoW<}+D^G)$hueYK%yD!P8fGKCnqOU_$mm_
z`$zWU0s+ez@3!J(d$N6JV53?50=gjvVqQo$Env=wa7acC9KjkcKv?1wzAu&mplM!&
zuLeLj^Hhy(Ytkfo<T6iUjb6YMiG$-Vv;r~=)87e)@d#2#h^Cly?)7`mPacRz$Bqhp
zeSHDcFiq0aBIl|nT1>WT>Fo4LCZM|xQ>YxcH~JZjm3SX@bo_wj;RsEfq+Q#Xdkt7+
z$Wt=2i+|5m>QUp2nBGh#(~q~%<gk&*7QYrRl3rO5ghVQxRuMcei|aT5#F<C!&-ZA0
zFF~EqDrcidg}M_GwNq2rLez<AfrMe?gqki<xSJ>&*-w=wb&w)}Mn;-5Jg&}EPGwN|
z^H38Vq|hpo7CarUUcOeu0W5EjvACX>K5W-E)6b@fZcUr#LU_}uYH%bO@mCoJd@DMH
zO2g;HqXjQLSE}Nhvb|f^<9Kvy<>i<>+%?~5L*fk;O~l+GS@cWfq_y6&0N5jSxO;2k
zj;nD9D)+Pci5&^^41ENG_<f5pq{K3)30f%@Q2L`spWm6%oL8SR{!B@+lgFnoMMGC@
zJVt`_wt@o-D===k`~UB};*Lia8sfTQY3PWWgTPe{(FWGXY9gmmw6wRVXB7KDz7-WB
z6Rfn)53vh-|AKphr}k;9#pLDDV+q<fHlblxS2{i@XH^{B7@4o+GcY~A4byR^U#VhG
zLr|1F+#=`If~yIdtY+3`vJPad&R>u@O)!aq(qqW0M9zn<kHW6{NEwWVLm30TYnxOS
zzgZ)WnL^GHN3AAr=&pf*H`pWiI|E6K(bIasv4PQX^~ajV#;~yx%?9r@5D41BcdV8A
zc_<j|)6D(izqXIO9?GYsqbrc+q^TdY@GzZ#0c$<nKn@AF)=nWuWP;-&`!>p+pu(S%
z6YWYm)JvmCCpvPC@PY;A$SbdM<_;O7PdhuQou?47wsEscHfj01$(E$vvGufjz@C#b
zo#ML_m?5(X+uOf_H6jgch?q2H<n(p8!mBTRhOL2LsRJ~dYJ?N1Gqt^rT>OLBu7`C>
zvAI&l(a$={n&l_}IN+3C;suTf&<vUkoB|Sw>@RL_Z5;@N>+lvl;?MqmRc*>JY3lum
z+(z0Lqm*y{l;BD&8N6psTnvHi`!ItUxFmG1s7SO!URUkr&A)Jpto9GxfPw#oMC$Vl
zu5R*!4NH|CK;mjJVs(WXCA>)^UwqhSfxyFfu>1w`fxN;!D`ov;gnO#UY~oY@L9>>@
zqj8Z%4>&UK{(Uj|E@Dw0_42UhhQz4k9Jj(9?)j1D&uP8bEJ<@ea>7%dGJ;_*dUS1$
zj*|Egmk!#Ts9mIGirgv0Tlvqfy4nesM?InPLglx5%cjpWkR(X&Tc$<9adz(Cp^alV
zGAmm80xStZbukhp-6r??CvX&sl0sQho-UC2xTUbc#*X9~&0{*MVv{D>pA6opPE$Yf
z5Ky!Wo9p9Is+vI1g6nWbk``_$@hA688Lwe5Z9|%=S|y5C#H{#iU6(w6bw&M_)rZ*o
z9K%fh*lFl8w=*e6+ugcldhMH?9UIR}-f%3ka&^Y@Nj*x6&axY&8)7iDg*D-sJUO9d
zQBabJ@`-(*Owha3<mGRK)m441DQydrsO_YVi7T$IysEgp&GUDELv`z26Y$?-vp_wf
z;ZeE(x|D$hd^-G;*4Y++hH}OwPuWG3&QMVw>?1mLyRtL#t|XcjIf^C4?igJEY_$ov
zx$(@g$T)fzJlAMk>a?hTG5uH;4=V@a0635nMKT`C`b9sdhhW%-<5p+i==59k2I%S>
z{w+YMo_~v%*HT-6$EMA{g`@QC+qbWqw=(qni36Z`h4F5Xw?ulpQ6}VsP>esu;w2GP
zPgeNFax*egUdP)u4Zucf+=Ax$7Cky;-z%1(3Q7?gq1@u=qSq-hsMN0*30Wf9mwh<i
zj$jW4w(!qY4=n#ARXmnM7g~;yke$~`&GwsM_Y`#up=sw{TYyT4U_{;)rBg=agnF(&
zt=8+pNpYSCt$aro9$Cd!JvGewm_U(q+7kK0Kg6$^(>`v9M+ja!0w)cw7iBu@O!_RJ
z_*atV4<A01I`<K3s}Oo#ecNN=m2!HsdwG?G(4(wxu6j=;Fdrz3HS943TLlk6bBH@l
zB@5x6xu=oEVFQtQAWH})uMtpViVAHdFBmYXhXbh6I=z=W<~Zb7JQBr9)=BDvx#SW>
zkFIdeW3;FE(OpyeZmk7AGEhwP!6H)WXE<%#(Y+%-rBNtw;i6`1&cl$-=H7v&Z!Y8t
z$z51u8#KNEUC2<HktVBe+~z?)s$XZw9m;oIfv)Gpa`yqNb9CDmG6}i==LFWtg&t%1
zzyCO<HePt>cn&E)jo9a}bnk~3SM6Y2poq&w*Go;FNJpgsVpIAmMd{S*aUJ(}Ouj1>
zSdVPaVQVkH?NJEidpln$GcuuD2Cc6q3C4ij{!kkO=y|}?=!{DC4rP4U=6C4_a3j%%
z#?NIBr3v?IEzpxpw|P!5>i&aiW6OU)iW)f`_84>X?y_PUkoJay@XP1Vo3CYfONrTO
z0VhN4YNRAm(#I#X&e!1CqGn@K?j_#mX~}s4ZE{;<qc}n?p0J4|b@V(heOrcXNJIwN
zUnD!s*yiT@=I+U+P&}7huhkQ1?VrAfo4pq9h_zaKvycWE*`INI8*R{?^msI+Ki|)7
zjeV+^G+z#@TbPE)eyt<Iv-*X!ODnMT=V`KjP^1BQmC3h}jc5m=ggFLbxbS?=^D^ee
zCWDJT0`6!Qsf)O_I@nK=>wCuSe4}?4-G=5f9{>w!^Zn3(!)y%#oj%Ca*XgP8k^A1J
z0rIEkOK{6CNVyp5Y}Ug#@b>$YTcZ8G!LDM1&=1#GT8}e0UAWK(^N}`|BG;uhzEZUt
z)<?X`szgrNdp<LAJkVUIzCPocNd%Mr#Nlc>PNg{*0aDh(3X|flNqhS5J%GH0P@k31
zq#Sg064sdV2fl0`5&1T(7W5tc6afA~m=JeM&VJLJ9rRpvc6OGQc*1iztyti4oJ&e?
z(p%G?{IT&DKI`<S%t;NK4noat=YB1_RZ51~Gj~{5bjH)w6wsoEfYryb+R>0Qwh>z+
zVtxu;V=UlMapw;h(akUJ_MPXi_KMm%AInk=B4zIivr;A0nvIQ3PTG~kJLhU2?ttzj
zl@G6sSj3v~GRU}&9Lr#6B&^>oV3UdvcR><z+f60x1C2b;{|RHTUJo8cCSM2Lx}j>X
z<S=T>C@2(;8RoFPEupPHfik*-%;8mnQ3?w;G@HU-0NV9Lyh^~G_s;Z1>p;LCjJ`{8
z#5kKd-paygktgwx(PRp>O5P-ke^F<ZKq*i)6hwQ?wWIBQB|!jm)H>uVU$~X}wOzJV
zeug1+qe|%sCt|9q@U!7y2JxM@%&zJa+Yxj9$5>R`;v}zZ$04%te}@j76=Raw0t{FK
z;TaQptwicynwdXBO%1~7zA81sEJKN-x@%D>yDR;Ovg-+hO}fW-h|Q#dj}rPr7-<cv
zA|mbv_Y?QK1&4-eyKW9g54!aW4UJ_g{F{&Fw0fEj+RfB4YA>kwkN^GK%2U4bMn38p
zEZ!jMjO`v(45iFoD-=)Kk{8eL52T$3aKk-?%jbc{Lzs;m`*8B{@Z5v$<r*PqhRP>p
z=PR7u`GcTX1c(9~>o#1+H7t#H5FpXny?Nut8t>Xnh3xYjo;550b7DY+L<k$3<tMHl
z!NSs-Gmx)S>0QKij8^=)*hg&+J54+3f0aVNJv+Sx*Hdsa15x98`GDoc_a5lr>ktP-
zt9GUIMpMQ`*b_4qV(to1b|90(G7Sx<Hv7jQC<u+PjF-CIs2sf74<<xj2bg5<N$zKi
z>@a>ARvzB3q7umB(YOUy@7xC8P#SkfEFIlPIP3Q&P?#qGqPYpJ2#f)R64C`D9{HwG
zi)m35E&c!z6hS&!s%e^NGHvVjQ?6{!3WSES)EOhv3MD{}IDkU<{w3oglf!g1rC!Ls
zsz`^QRZ?6G^JHU$5PIEC_E)e$v0o92$x6=&B5?$PEZN?4HpQyoOg4k%cp{+{0A-b=
zN5&s_iqF46WF~h}6e0Ae4o==_T0bPQDJBW52X7`P)Aso-?qhNX^lo{Zz*x1Ip2j9+
z$K==`lXD;zmx&YhfM1)Y1lWoJ1My_IAB6d@A>bDoDP`EnAKEptn9I69(ozG!=fN-H
zY)kaOfVpgR9g@qh15}f>>S3wHB*c%<ccs-gJGuy>pvI0>toRm47`&7iILNSWydVOR
zywOkfF=NCU_MI%OJ*%BI;|OIy#pKC4S+e*EH9+H9Pl$5tYf%$wqAt>r`gTi}vY33%
zW@Os)3opI?OBQrNp280(o?FRxATHGEs%bXz0Nxik=Y%^_65qC5fiL&9LtO?ix6Vnc
z1n^FirVwhYewj0{JYHs-nu`Ld)pq>)=9Y}m`C%w>K7an~5N`Swx<r1F;;@f10Qr>@
zFIrxv_^?@g>$76}AdZIr2~)2eGb;5~u?J&%wdCaj8D?>)BWbM&Lq2cS4TNjg&0m4S
z98(mp@dHR%e7af8R`!()$6@lRqqaXqzt5aGQ$z<0Q&QC`f#GQjZz;Cei|~!rTtaK9
zu}E-SfO7;=kYY1U$00`TK0s313f(n-jxq{3GiHvRZ0g;zu$YBh*(N9v+D2shpa4YK
zNK;L#yjI5y#Ksam4j=ZAeA3fnjbUR;jc&06eY#+5O2_L)$8HI#g8Sn`w-#Vm0n6r=
zl%lJjD@|{jn3y;!9FuC!7Sv$HFDZIbwbB$v1jyokz^(6jhWNJvUqb4#KZgAS$#)(~
ztgdaX3^{SQh`%fgw71hf$&AMRZ+w&?YWI9{{(Gz<PdE<@9&chfSV<;pGqPcb{<v1-
zq1JDJv-l3Gc)7Jr7n2*NWB6%Y<mP0zRk$^!$BYvLj&NLIxG(lu!C)=>zj|o}@&C%D
zLk8WhTl9xYpmuz!mHDIeLr7N0<9+EJ_Om3jY!B~<t#JG9y@b<8nQLM0)hpKbBpO<O
zeS%X$=tYMwZLwq}{ReoXG!v;yt=+f&shA@=pc{>7I1=n)i3ouaDnXoi!d#1fNU4$g
zfsiTH$8=GsSs-v1@;~-{@B{Z<0Fr5*f+J0Wf)vu~3pzR!%K6SPoqGqxg`O=fu0Y8g
zoT5;(>)5CXtuVVG&gu@z3>lsC`;(9y59v|^dqBQE%I&(bG^obMr==#|({GZ<q1L@M
zhs#a9h+&##JImO~vbZKQ>47SucImnHh04OVY7IVxMCSgQ(x5*-X~VP=e|`TxBzxq2
zV2^FBe)2@M+!N*#A<0~voY~5vqK2h9Xp|4lstO#ug>eZS(QCU^QZvfjPZ;{CGK#Ju
zV+~$Cy%Fa5xTU544dd0pkdfD;D80)m*nx~;I$$65k27q1k|kbWUvFs`M(r)2G}Zc{
zR-7w600@*s44iOq5Ud^(LjOQc=_Xn%HZ8hhl7iZRG-TWnY^be)t;l%*r}iV3qC^Hz
zdpPxJWyaGmu^r~84(pD{rX-euvnhuONlQK)4o|<VyeVe71EhRxNG0h-U$D*5`3m-J
zY;F$QqGwCBiXqw}H<vi6$mw$|E!57FG-x{53nY<SJb}>&ZXVnmmX3&FhB?(mBW`p&
z<rNfTbo#@<1;}99xC+ReG?^rCxV{dmIbPNZcq7{&W0ah)SozS9S+gDrQRy~Q#pxMK
z_hwMyvd29M-&z0iCF36(>a$c+@GHm5rU8x!+&D}gA2c<A_$tAUO_q&!v>hf2@R1L}
z^mG(?6DVGg4t}ro@*JLcx>c}NCp5NJ_E(V{^zS<Fp*CTDJVy{P?R)iD1InDdNl>aw
zhPn7Rl<A{Ovew&E>~XQJ`ecfnhlCth8qWU6xhVs}nsh{Z;@~4dp|XS~%KMS-I?0&i
zCSJu-*y*_S)C;$mw~CzC#{9-GC7DJ@WUU7%$p#g#75y<;ycZ(<^9mJ<oE&fylWj%E
z5pJD1?_`8`r^vOFzn~Z0G(QW|3&Lvmk<|PM7yzf6$^my35aO;baGi<C`tdNxr&~5)
zALP{J{DF~C_KB#^4DVVZC6j~j;b51C(a*DiNeSfMh;*_I-vOzB@xY;BkIU-?-Lw`>
z8ID9Y@xpDV(($I!G=pgO8<Q>W;=>>8HP6%j<@OlPtGXUYtgn*;b-8qK9hN?dFE*Tl
z2@<8q(ZyCaDwPJ)(2RzzrD_EP1SHe*%$!RW0`bu&+)DnsPk#PL;E+^`g!mE6G6&aS
z0!R%53@eXT0p_V}qxg`b9#d`kABTr|^C0>dMN1eJU^;N9pLquD4zEPV+dU)YCW<?!
zc_Q7Y-OF2~TBE8jxz*5?W>V1B?${ta$Ct&6vP~tu)Bo3@jr}8YqP@$g%IIg6v-4}~
zm!&Sef0;2dfy$NRiU^!f;T=oe>tor%)q9@T*Hcbf^t*_-(FQTj?xn=$$EC-^ISj!p
zgwEybJ(y`f9pmdzqUk!bp0-h!qLY*!`uo7EmCmk<N50UI^xOnoGQ3R2zI)g3_YI<4
z13}Lq&RGqW5j8Qk1G<8m>qWp!<f~AUt48}vWo08)=+)${NZH1Hzw!tO^7~z68e7@k
z-iB9GuuzP+6JCswN6c(^14E@J-Q77keXtvnqz`tZMb2e@m1gfKi4aY{xMyTxVL+oh
z=zPII$@Vaw3S&8VgGSzELrwrwfA1bonelbc7806~sXL6qlvJ`8Ehq8F)ha#CZB%`W
z@|~`p9_{J4iynyf*GVjvvQ*<kqE%&z#FeIVI8&zKAtU`;?cP1^I`xbjQ+VVY(pZ<-
z!=1_(b19LJMBLhz$&a{=(uba&ULrZanzMC2et$5wT|1goIAKeVOv3cly44~zRxL>~
zDVXUQyWSk#V;Tmk$#&B53B!4TSk2lDj2J|S0-0-}RJbT_1ktK{b{pZ=qOq9p7$%|Z
z?wUKc-s~$F-W{Z@Bb_X*FI+4d$AsdVQOCAuDvxL>%?zVD+#in2ieE@;)(e@`<5rT(
zG#m`b`K`}<!A9@;wzl$vu9||p4>&UM^!+5s=vHqwo8ej(H;@*n1LN(0h?0#x(en--
z^)gmNliG>}FYtX0?3vPWvHSU}!gd516P${WyKCH2ur)C!fTLlOExLOb$|f3xoH#oR
z$whL*F#StT2i5Yd%<ZYh2BIcm0YWc{97z1u$Ss<vEL18>tz0kgOJW23l5+GIBde7e
zWgX;EVL9&V68-E0PuJGg+7=X~`T0dmx2YHBJB05Rk$sv+eb=fLohx82GuHn}Rs5wc
zwVy~phj+@%G^2gR|8j=8mvQz&y{U&M%cuFWIsy4SUX90<tebJqwng!mB=im1^ZOXM
z1KrPJ2YkV3Mk@DM#!Ri2R480Gtd>o2sa=PtHX}elwzJr8nL@|Udsw1~^@Lv#Z%kUH
z{AY4um4&H7>Uo)&E4v}n(e<;@k4+uQl*7pRQ18Y+o#hot!?y*bdg>Y~@k+alXNsv(
zY6?&(2yct#>e>)?Mai|gzPa~Mo+Yg$(n*-@%H98XR|pHEjq-T2)JrP2oDDm8%m@RM
zBlX~9Voq<;H?7^<N1+_mKWF&N3}5GLZ}Vja^F>>IeKwH#tm~r<XJ?^KQ@2w|XKhHI
z9yQyY%De7h?$Clsm{Pd$t2cEkg9b-a_;snZ)0KlESI${?fi$<pTYpzkyh9I2xi(qs
z(>|0K+$UyV5lIc#B-ag*t&J4$k(7#c2)i6aJYBE7y583+tcbY$m1)k|24y5rMY?9v
z&K>KJOJSAXXrpFv30#T{yji}2cu6iR@s|wLHfMxZ_?6A%-C{T0np1Tt)oPUSRF)1=
zy0QB7!MtwNj`ROwbaEMl-5DH=Snsg#Abf|DlF8k%r2KaC&x1<h*WG;?tkUV3@Rl5o
zp0OnTI3#b9=3QGffY3~wX~tjc9kkSxHct#uOgc#j*lCLH=mmDX<I_}#U<pF9^`JYG
zk>oYuW?@$6FYqa28N~g{5TaO8P#O~i-LNfk+TT-PXTv@aSmrkkp(}B{kbJcr^wWR<
zjqcv@xQ3|D|2<v%3Myz2rIQ!;8PsM_N4K`7w4oQ$56>8fh<8{!aE_Ry(F-l=c-&I0
z6FX-?G;NfASp=UbhPr6;NU54ZX4~b_3rW$L^X=k2ziB(el0UF`c|A?EuDWkfOmx^>
zZ=sXY;e;=a4}HBID=aA#T%eXjl;6SlMz$$9K~jJ5f}f_XOs!#MTwhvf?R?>_9Ov=j
zRm4F_BED<g^gc`>g7SChzoor};A6Nprp;mk@BFu3Tg56I6*5B<SHV|v302=!I`Wr!
zPL(rIrVmbhoL_48?+IHsPc~ik!5TQ(DJVWGe>OjGB42)JOnQ^hDxYj+yTpHqSF69~
zF2i-vICklsay4ar_&$R{*B-_2Mc>M+x1~!z5Z}Hf!-MVYqUw55!h}>8TK|r$$-7Km
zle%e@p~kk)2|+S*hcL4{5$4pm6$RZ30p>ljR*@R8<vILs4zu8VG#9iGWZ`ew7<Zn5
zmyvcN_fDZO!q;$(#OZm4Rw%DoJ7X*PVK81QwU$z-m-V9&WjQy^M7D8O3u2inJMM0M
zeU7A>(T@33GpZcj9wymsBR=WYvpw|-T(n-kbqLSIZc(AmS{8jW6h@hE5oxF=_<V|4
zMpV!uZF8EU=Vjm;Hr~i!R8jcc-u=W2ywgc?Tb`>%l(aR&OXJIFP9eU2Nwbv19fyX=
zed8oMwk7=r$&?5g<Z8j0RUPt@^$(TVk3F~38C#jzVkhTv-C2-{8lCP;4f4U_VvFY!
z<LF~4liEibYG3LL=$Iy7XeGBJdYl(5E<c#@0nK0WQWdZ4sV#7@=u8^R7d5`ffbgFn
zInc{6d#)!%#Iq*x|FQKIY*lVuyR>w-AdPgZluEb6qElK*Ql%6SSTwlk5D<`%5=2sw
z?vgNQq(K2G6{OBsd%y2@edjvo4{SH<nRCoB?s3PX2<$l<^L@{6Y2KfrZ#;>+OI<=k
z^_)0GpcAm<h=_=ut}f^VAPi{l?Z;a%NdIYWZg#@GIi$=dt*mYHD*EXpN}gj6HzdbK
zo5r69JkSpyzTz>E>r>irSVc<7IcVmdfCcV;HmUUsiihNsBM(%qG%)VNqky@e+;Qg}
zN0Dndb!romG6261Kc0unj*ua{u6~?@D{Iw;i=;?K3~Rr;gz8YGTkENDCAnU{yuv2Y
zD9UU)>8l$)4>du*oKCI+VxRHGGy;pCF{wadk3reoy+4W=QE)S~@Rz1}f3k*;34u<$
zN<g}i*wxiEJ{~SIR=gyNerKK!v7sTuFV+|p-N*2Wl1o&_sI7T4tV!QE((a4t<lWQ4
zyv+nQ41jh10_G+JK$AErg}~kiTE=Vcvq!M3%?giF^1+BN&YMMOUimeqUABR11I&9{
zbyh7_?ka-f<#rrw19p22lvoyV(Z4OvlU_mdcsJd=4J$N0y@TP#oNc{&=q(cywL?E1
zPF??>wf)&+O+D+H&dLZmj8BT{Vj*#(-`M(uv<5a8lulTpZfix<FZF-RR8y2hsbt(b
z5(BgZ>ITp@%0M4=G!8Vx_V>kf_!x&P*FHuPm)8H%k80{0?cTP<#+NX{>SLw76%v;g
zNq-XShMMa@@%76I$3)5V$ji(c=clh>u)PT(*HtUAcc+L@U`39)CZR4Rm88is)lybQ
z%W+b8YSNrxHPK)tlIX@}b>mJ9Tw|0wPqV_I&u_G5#3bfY6ugyRtmY*r5QF-ffr2(M
z%^$0}Fe={*Ps~40$-6KV`;<#3!k{n2uR7_gQj$$-GoG2Aw$CQ%TKDHmwwPkOPl>Va
z@V*gj=tklk3gsYjQK-DlSJ60%_%TFrE(pzh6}<JOJJ$SlW{UVuulCZ3u@teD3=-q1
zuiY`YV33JVHIbVLHQioag|E~I({vD|)l~F?8e(d4GW*t(EN*f&{)|4qF_f%UxZr4<
zQS-#ohapJ#9D$`qAyaPFunm}{Z2b5!1CR!MWEkpQM2*xj@6?KZwl8+A)a?{hBp44O
zQdJPBD`cd?Y?$7N8ZIJVZ2H`l7p@IH-$*ul^01}4hC{CVu|6Vu;?v~j>TJANPBGQR
zjYZ@(;gq_FY!!@ndK@ErR3v3So4y4FVW#r5nsdl)`*EeWmzmY^`dkz!E7Q2E`Ltik
z6Dv@~UmfjYRW!4}T^TF;COn{k;WMy$os%>CZalDB7dkp@VGvGH6U+p8G90SiuqB(n
zubVNtW4*ci1n-2T<Po7{LsA`S6E9(Im@Rh-E;$cBly$NW(FoU~%v2+O@t>0!>884`
zDfm7aqN1Q$lQMHX)qfSz{K!Hy$3i25d=@G*?{i8^*;xvqgrn@WJC9C2wt6HdPP9(y
z{kEv3NmRNomZGSLXO2%*Hi}f>rO<T#ND<|#<nQTO{n$AOI79%e0X+aeSCBkdJs_RC
z<IcHq&YGDMMlZc;g1HMXW}kZQ+5^5Ng2vPr<oo2T;te6P!`+v{-cl!xHEVcL7qKzi
zVP@2bh@eiwBuB-_bCSi?pA4tJjA{ACi>0fOm6R0vg^?<M(TMY@Nd+5m(f#PW)E-Q+
zej=w>wJ3SK`ofjfDJu6x;p=SJc~^A^7&yaI`?%dGq7x*x!*jg}ZE*YK6nz#6xI*G&
zSvv)BY;RK2k?xyZ8b+4btHnkRp^OfSkRg<J^f#6FZA}<m>TH<^i|!&)C`Sy`6-%+I
z3uv9Vb`zWJb;FJ1v^0EJ52!{_-Wf!fq?O%R#q`w_&DxbVc&`fAh1A>fAoAYWHa8+e
z3<65Xb=k8J+5-xm&D`3`d-CH)M}8c_ROWi&J5ES?ZUws%hy;i9BlP|kXe8p`i~(jM
z79vl0a@HiM%@Zk-H8l7)jm4>1$;`W6rkMvQT^Wbv1h_C5D>#NwBJkCmvG#x)0i=l+
zhcjWBArTmQY$_Pip~Nzs*=7&EhO_BZmW~Av<4h9<yL5MS$iIt-i%<}dIArgjzkG3>
ztJYjn4*TY6NHe}}vnolo80kk39Wp%yDlrkv72bTBy4fUEzW!01dIh;$gCkA;MY;S!
z##fZ6^mZ&0o$!+EICZAw+N<3W1p;-m<1g{;T<*E?aPZitpi~t$l<BiXL|<L=KHdJT
zTvkoMYagX5btn9)KgYtt8mEL<RY+e5#una+4XFfk?1b)!fF*SMkfQ;}VHk=Ut1+<#
z%#LUKn;q(XG@p%X3i>M{$r`GcXi=A<A~|PigU92!*>5A%t;#SO$fIP@h?fMH0$$>x
z9ivESK)5EHZ!)aOtQA$$lcEXq*eQb<$?%Bm{tpp!A40x>?nAQuSe6>7SKA^PyYo|7
z<-82pda76z2@H?$mR{kLtS<2~9A~lmBbbc)LhN~{KYNPQ))z`jA+X|mBKKbEZoHvf
z&H9R?#i<+;5%CF&UV)$w!&!*jvQHP^r=RFm=v6bPLr>OcC*ch$O`}eWc$iw%*mcyQ
z=JcTjmy_${$Kp$k#Hc$88%0t^>(b~_ujwiitY&3L6?(lSzxAnr2)T02D0GRE@EhKq
z;0Mogl7_ZdLmnU6^oiL!)Y$Uw=I669I#Xix73%uARL~ps>#`5H<hTUrY5ST{$q_8E
zUB^-re3?h#x{S+DP(*<F;knu6!A;|?mozz8rC8ISLa!K!?KOV>G{%{qEo(nIT1D;6
zf0&|%H%hCn#79CsE*v_RO?;TOgO$}u(t4KWE!R3ap;69W70*%0qa*ReC*J%B;|>Kv
z8fjur`*74C3KvdGSz~ISu2b0!v8UMf_TM;E6y*abu;iK^u-(T*U{YXzC{)Fh=H^z}
zKYDS9d&9<$sMaRc+==Ju^H&&38A~{fEO+Sh<vA%7S^Z7tvIvJn?<|<hJ(GCaw2MQp
z@u@^9IZ{@F{n;V@XiBpR2YID3vk8H@JEkGV$O>;EA>&Kt;F;HVh~oxgNH8VFb0jcl
zlS-7_xjH3Avxp>~Af*_7-;d^rRtxbi9mfzo-DGA|66Cwan`-^{%N2%9wF<07?z-K4
zqvv=E*nPTDZDO>iw_M6F_bG=8WE$0<C3$OBt~^!a@*n2*CfY!nEAh=&)pCX1Eag&E
z%p2SA6KQWt#b=N#<_YTy`Iq@3%WAEPRdcW#*jptilZxIMrQnbBXWP}yg&hd;`cEmk
zN9v+mVcsY0$1r#0huFuNZ+WZ-?OoD+Mj0Pst{s__ud5w{z`dzWfi%G6rD#y{5tNYQ
zCMDp2f1Db*^jeJ{h?NRiu1u^wWNaMTSrVKaq;cF@UQufHYW<3e=DeK3Yg{^P3=-qq
zB!;sJybY313&)iXhRF>%$ND60QC6e85&LQ;k0tsw6$k3p<o?o#vSOq-S*0Bn6eQve
zAg%s>Ho(wz`GQT(%7&8?wlpG=7j7WUE+|BwVq&$dCCG({bs0w`Exi^S-Xt|*yn&B_
zRA8Oup_>^em($9n7K^8;v^T=|OF7bwq=@g+RNVI_3eSjBAtO;iC4_K`Kd!w}Wau>_
zM`hw(XC$@}LeSr$7(I(MEcrmS(uvSXQ>sFuG~|m+R|-)cuQvCb9=lr;GNU;qwm5|N
ztpUzUecrEYm1?gZUh>iSrhY{~SwWbH<Y71gR~u(+VjOq%XMvZPj0l(R=Fz-s$k~no
zCEG29Pi)9Ai9{=M^&^gFDcGCTQIis5QCu%KaqsbBl4}ZM7<Hh`#<H5f#K?9QKD<;&
z=>9-M#ZN)b9K*bn(g<TM1yxXt&zncEYD*ZhlI4Igd<~m0^9u)gZo#!mHDrc?Ytd86
zMuK}|j5PK*Md4<RiG=2NOphis#F5u$bq8X?OrF<H&lc0vB}Jy<t84I6<?CIUjL9~L
zRx2FURf{lqTSjYEAeE$+n<7*@CP13iNkz(zfk;%<-Y8|~s540H(5J`RAFnfzSNS<D
z$lE|Jr=yWeJX^aqirufz&%jK^NIyWyw%o^Ly+yD3pJ5EsO?6tBqBR7}8FzMeUbkZ3
zfMa<2!)vK48n_3}Rn4B&nBEU~DHI;90|Zy?5Ec-{VSxq+7Hp<fH01Q^(8qS8v6pB1
zkw@oQjOW<Pt}F_<kvy}C+Y^T#l+;-6>RjP`4I$<fC&GP-<|v21bVT$ns*76-wj1`G
zeuANxV!p~=f00c%u|-`@qe+qzr3P~e?1V5CZd!jp)zGR<k$c`nv;Bb2`GFgqs0kpq
zJ#4MtKtR!WBvzE*<nM(%bj)dr2V`MF4+KkkuvcmW{#?=L4`CSzL2m@l*!v->f_JLf
zUpy1mMS99t#P$(IioH)FwMM|op_+jDMcV9ZlQ#+{_uP)TQim*$ndwLiMeM`I(SPh|
zdApS^dra9wG_|((rpj1-;N=ybZm;d1!4aB`Y$1KD4V2Cb8HI&~0uy$X`&}>`v-^wT
z_h+JrL$t(vN&hOC3g#+XX>Q`HS@Clg^$W%<(8#nINfZ!KvpsXMC6uG%QgC^=an!45
z)F7ak)&u4kH{2#euF^w>1~W4=I9+SfQ&CY}xpD;rlE<hJ5?CJ7zQJ9=MDp_TZXi`&
zMW_^l537Al)|_}02?fSCr>mTtqYoi*y@M5li(Rm;Q29Q5qXiV#$1PlY6W&m?-Wt?R
zl#5I2HAhv)@Yg~kW{O?_?Ri`Zl#k{q`|{5w=nuW}%+7t(%M={b^AUXG`psbrZQsn+
zGY2a|t^p1ltghuF;|F%{QhW1OjAUBRaobcMeC^OuWB>Sw%_JZoAZzny+I(fQXax>s
zPpBZ4Q@*qufuWgiYb3i1`ty#`a`S2~gP#Tj8^*-OiW{EmxL&j<KEjwHtW_R%_Z-~$
z^9O@rGJP^3X6H`*Y8v$vXA!yBBQ-X_tK_lYrtl63y@3rKn02lR<|(;w1rL&K2sZd)
zIV%t<8kM8l+2y+=ze6eY3@ZOwYwd`})X&Yd$;X=^2wG0>QwVw8m6{{?_+a85%PLg?
z=mCKyy0pbcvr6fQRh#sdrOqt-hmO3A^mweK8>J(qjMHd_evq+tPXji$r%K{XrsgxQ
zf+#hBs--#C*ol%q&CNXl*AsvYEAG%@1%?{D2{jQWBZ`a3{36*AyV4-+LO7OKsngQ!
zuao~Ps%}%yog&U0@st{CiumD1<4<cdF-wO`wOoclvUepV>p;f_v;NXhtu;Z0%y$hH
zb*;OBe0OSpl`A)%i~YkeAQPP=(op)pE?}5nbfGumbcWsH5Vzs>tv+xGEzUfj?u6hU
z5OBu(@ULP#tz-T40_$u%?e!i?nYps->sMc(+rSnr#c5ruOwB{@G;Kx(r&7u79c^$@
z!uXxw2IGK~7KtTFwmP^7%X+rq`~m`6w6_LT)56HBJ+Bb5mZ`-~)*Prw1-&kYoQD`5
z<@`_cGEs@Rl-$;X;4dqOF+_xkWRH_G+Z^>;Xx~p<&~4)SC|vsd`3wxJl2V@L5)Q#9
zzG6=9$CzhCttBx2Mm(rgZG;kI9QGkkiQ4c7dM%j{7*}xr&-FgNnB^=c+KYO8x;)i{
zN08S6Vaii5qNNF#Dma2b7Le(2ic3c0U={^pgCKz2UcY`l%U+hEX(bj+Sevw7A5sk|
z?uEUuRJ!Id{}?znM}GUlZTmHymQoB8xbqxtV~n#wp)?;tc$DE@M*VXy*>BY_L7OPp
z4TFDV08NxR=_qOS)#{a18-(dMgEtqa_oWBcxO1??5D9MV*bH49H2p<J0CizDoW_aW
z1|t8kX{a6XMBS@Hk7!St4?aih`RKpUFY5naSmO0ruhzGUcPM{_vJA#L6%b7a1rBW)
z0=!XlZZBA9F+vm^2*>ssSv5g;d&6TMekRD^Xk3-!Nl42!jgLE*-Q`oCo1KLpDD;5a
z>M)w>stSZOIn&f5*!Q^I;Zp}UU>6tPMSF}N#~*U(iHLFArDNoO%3o$7yPug{W3{4r
z0LK|oAn$HkNQSGlwv?ya>~&q5;31~i7IAQ=xWzbgaj`IkqPxS-56sHLP-Ci4rF}}D
zA7P7~TD^eCYFOJrma78CH{WD4jsJdNCHfkxe@^g)OEq0eQ~?wNz@WXJ>D6w}<4I|F
zSu9ugMQ?k=dM<W&)y76e9jzqmSotj?(Sb&jZ^Am+dnaH)oDL!wNRFDHpWp8w4eh_H
z%B~abISSu+NpWpu<y!|}&}G22IzK;8>ATvd%hF59IFhaKxIw!oD@Tu0Qj*^H4CDx~
z`@iYGU-;~q4urxQDmaTB{8Vs)qt~m5B~&9cnKL^(i%yolawTYxZ<KaK5%bZNLrNO8
zvDiBiADqStl!2#X`$rQ}^kNjEI~H77iN!FQ94^B;Y6&hd2$Gd3L$crXRzkh<N%Aij
z40bmagIzW{%<p!MmKm!dM$P+u8KFCBHht4$|GcaJuHgTWWcO=?GZjg`_A*)N`t5tG
z6Zi3xCt#~c6&M)kABu6l$qn&3A7D9YWMl*?4&}nun|fSqWlMQXt$Jb*nq;q}-S0E`
zIaifOC|FHR4d}ffd_AkK78yX^uiq4oN=(F0m)nn0jcFn$ThMWTDnUJx^)gC2iNc-H
zXDATBQ*c-sL+1)vYJoo{wGb@BpL!NAZeR6=%6${{nUg<C*$Y%kz|{b+qxmK50Y;lk
z)=v_nqoS<6K<J<1?K~LD^#Rs$Ncci44mSttG1kE*QcNyXqb9TM_Vw#V(=LMyefvt+
z30koCQF=n=JarJSB9U%34R?q#G5rof6!G{nu-M>rkOl|`9pEVCZ4ZH(R#sNrW$ajp
zDU#YXxmdaOY@s|@i3qSujh=JK1%%68H`imyP4OxBvI1%gP=_INhV>?*U=Pl9aO9BO
zeV6`Poc(87TFRwK$NgQjjG5uH1CO~C3GGwWb2|Y2sn(ob6t@V*?2xBtFZ%}-L4$N~
zxIMmU8L^`u{`d*DtMw;W7AZx^+oq;6`4U1<z^}Xq+xl#5sb5QdU{n~dFK}xT23560
zhAdbxE<Yz>mQLva`s<+hUEpODd;`x9FtnTn+mz-7sLz)!T@tov+(oBdLcSP~@Kh3*
z)O~<$0_ozcl<UrW-n?k%>?jHj0Hba^KH3GYU^E@c0oo_fthVp-=Z8SaYAl9k1{^L_
zAWFGIk=0&~bO`}XL>&kyp%~V?ekBzJdMzY7i3Bv%)iHyUDpXEz>0PPTE~nI4@tr%D
zejr<os^j1fr8(@S5W@Vi1JV{S2{41U%TzaIR5w&f-~+Hm{earT-En~xo6}PG9v)x|
zr$?#a)$6S(>^Er8u5^W1v`)9;!TnMVf(8s>%lZWHREf_ZHq0^>wsfiklPZYjy{8j)
z_2e_q7|;w!;6buVedpxj8Z(;F!5}GW@*I_>JSTttDy}$>aIX(zicDDnwk#<MW{fUe
zx`1S)$NNI%M&LW)TECvMh)ih3bF9-c?spx$BtqsuD*l1%)}Ww1wb=fUoO^y`2#Zs{
zniRk}$Y8#XhlATWa#{F_I1~T>`zF28^=N^^LYbymm0%tu)@W^U53m!Rp#VdW(q6CU
zu@&&VK*x-Z`~|0nBRg^*gd5ZXpnU^I<6&bn1{wj7dg|w<rA4?#Hhcj>DA@j-f<aGP
z<`(Fo<>cDnTmxrn51kgjIk66M&*lf4l<xPDgft_$H)Ee)m9@06*kF7yF+RQzv^>~z
z`U3MY0mak~NshZv4-@D`ZGm$IY`*XC27r7B{(ra@uS@A9Q~1)c{!Zjj1#{v_a5#aJ
z3ucU+gM&noX=^|lQu_@2OE^1vSfcAE?;o;%&0l6i`n3w+Ag)KsM0?6N1FJCoZqU@w
z5aiU~dLQtM57}`KIt1YlhvQ%f5k91LKcGduL(WaCaDP$_Qh;V~%X4M9_C2XCr;J|Z
z<}NNSCgft+dpBioKY`I$Uh_Q>RlihD7kQYFE|d-FS{AKAPrlsp&#LCCImqK~C}7N{
z&`~O?d_YY{r%K3kiM*?~SCha^S(b#70|P(qw3?=pmo01;A3HfCgPzm(;Y0Y7gf7G6
z{vaTB7@p=qlxdg5m)xAVn3$xgzVT$@gG>W<)9C@*?+68et;@su3Hm%W^Z(Z^K57UN
zH;qP3u<@33w%+b|2yB%Z4vWIRPQ5x1eL)a9O^`9%cQc?T(bKC5Hh}S`8>oOGgfoUE
zDsXLQXC6$Kfcw|zg#`vFhoBJvru)wNdSpohFpgmV6b!k+sIf1DgR$Pt?Qr#hzB?|%
z)#!f|gyxm&=6Ar&m$LF!int22#+&OucXxNe8mQK7in4z4lBnZIHYl)|n3?yo+1iAa
z`@UKQlDK<I(^Mg1J(1zz;HOstv;+8u<rg4b@LNovpC6ia2n{Yo{@#Pp2&SJ{1k;Xl
zV1xDw+~z`SRrXYp7#cPTp~v6MAIq6i&kn@MKztd{GNpZYhFlyR)Y&RLm7ZU7t%s1g
zeaeTnRMsywH8hgQ$+!vyPQmp7W)V*~|88_!k-PWQdwO~l+BAAEb1Aab!T*WFQ`be#
zzqXeNu05?($59L-h+(sVr}P9Hhz$~5feR4825%&sP8w?J6x#r7A_h(gZkubt!NK(7
z!l#&L2%gz+D`^GhF`_nxYZT9iH9{RQXeN6(F(TDcP+x~)iyJ5V`te|O#3E!`6YgC~
z10`yfM&vBRSWDYfvSI^m=?A1e1V2(s>I=S)iKEONlO|vztsBTm4VR98p+j*~&sTv4
zGU9)qf!Kd4`2)3qP2JP%lgo=s-(oqlofH)mzJIN{eQ$(G$@{?rxYEdylB;(l_tC2Z
zu=-L13|nNX<w@XjPduHVS@=qA=vH4M2bzr!hlO+oYV)m=E%AhW-I!kdE^&we=B&^)
zB7|~x3btG5qBXA$a&g>y+bk$d)%Aw?03xFdqIRo*%_8`8uB7O|;KHWHDiJoC1FY;t
zux0>5n)*lr5Y=Zu=?5io|KX3XI#+H&p?TgXK=N}S8Y*8T^%izvP3R=kxnu{feJSK0
z7sG@Lk0w|^e}Q~bzojmMMPS^gLAPBa-WFs2h=x{xf2_M3dG-{2dQ;v;O3KIpQSom#
z-QB`RFu_pHU{$#Ke<$=Xn7?*@dhqf7{rjs;BGurtVI*N#;gA91W`hAB3I9Vl_A_e8
z$zi^eXTxGAgH9UcGAuJdTcp4{6HdG(1y&}&-F;U(_aX4cNkn`+$@3K``OZhcNgopt
z5^{&ylzdeug6w@}I0l#<EPwwVBd<%v4MoTyu${DngsA$X1Zdpg=D;_lJ7<Lq$vI-8
zyq{2EK@B?xAHzRFQ>(;7MtX-fL-Vvt(<*Hje#}f1NJ@*F>4;69kBXF=jww8b|2VYH
zd;Gy0qip&AyVbgQ<jKuX;hnP7_~<UX1y@T^6lY(UD|A+d&8qHDE6;%xd<p!~VmpsP
zS6&ZBKz3}0jXB_4@e0&<P=F<IfMq>CJ9`>Nb}M8XI@5`X3D7~ty}hc<YN?B*I5G@<
zjkdNnGzHy0YqXe>492f?<xj`aO7kmk@ca=3W;U5{7+m2&W6DE2bD1+4_}MB>LbJOJ
z5~%L>2%4@WEGd)a#w9uS%ddso-rsuooqGLY^C+;Bmkgz)rI&ignbvGEoq4oy{_}=g
z)1Yd|)l3~OewxQ1Kx&Z$i!XSf(J7g5rt0eJ9j6d2Hk}dR$sFdOc1u*$3sOBnqwK~E
z8Y}x`n@zA8ob2p`OukTsM`XXVLE$9|sBEk!#GNL34~8PQUt7NSbT_UrdHQ_7_TKRX
zvljHp!7F_fP7qPRuA_jSTHptV`Ml^Ql()xV<pfGFbMS4P(FO?^(#@$)kzWIRX5e*H
z1j~x2&>F!ElfCT<GlK*y=>DSZ`3lvOp=V_TKe;SsE&X7)YCy$SVBQyZ9P$H$gelKa
zx}t)YFE<m0FOj<4h2Bl+9O%w=myWbDMDk(m;x~S6uc}~OUk6VbgWxxgp=<hsCL5!B
ztzn-9ZzpPvz-zJ}b`JWmq{OnN)+eBG0>9Lc0DM6owPioCzJej4(3YLz+%JgyYaW9h
zQ~tq4E@=OIW_mVJR5M}Zi|l~TBupSx2PnwfryD#zG8o^wNyW(c7xXO<QD`2>bq`iw
zcwsi+B_{b4?r-PiuICSZd^+iV9UKH+oc-Cu))N;LBso7qWfp&B8Ku5j4;6iX3s3c)
z><sL4{R09JGJweeA)CA;i%&`}EF>fZbUN@HT$Pcz+<<mBoPKG;R0<Wt(a|yDD(~U6
zsRikms86lI!Ty?wL5W85^y61JH)k4zy_XhLl$F~r+;jRKZuqISi*crYKD<zA<isP%
za~?13hxkpW7Wg;e#Po|BL62&$j8+sFt-up;9c)ld3#&Wo&Y?S4Irt8c6r3vPgKC>a
zx)bCHH?RgERklC<TM;=a>Wz5yyOUo(dLuZ<Jn(RF-?+Z{z}f>0Jdh<%L4tdq@$X6g
zJhzGB`1DOO?p$yUMay4EnPZ}(pI*L<HGgXW9LlsI{uUf9z}Rsz839r~NI<>fM$!5C
za~)JPQc}|0UaT$pSDg{jkz}h-SU{bozU{iVwZ3bUJk~OQ&2RS`oKtTi9cpxh><sBD
zTt%oYU<qj~%F$qJKKv;|TMTdwVQW3{&#US#?cle2T!aTxVXAXag`Lq`ROSJ?^8vy6
z%4ah<^UU8XHeBX74b=aUt~Oq^KCr7A*2g_A%R^nzS-KhZoW+<m1%<t_$lBO^qTUqu
zQrGESOoaMtTXN}bu`dG|-#6#f;(IQ{H(7j6?iKS`J;q~fzkp`x#qs@eQN43g$>dc0
ze`eqZFax)!HllFo_CVYDv-yBDi0+=ntVs4daAS@M_B;FgaHRdwqelP<N~lB1(w6!A
zNB1pmEfS0>i`90UcH49wr1-oIp%S?{Jv|MUyKQrGmV|(poP$H*w*{bdzz_2qh@Iw;
z#QVF(#?7rlvZpZzLOs!y4RS`Ig?y!~)_gY`ZCDa}4_~s5_I8Cg_0H7W5+oAYd@1~Z
zKyh*;Q~c7pzLiDIn>U#^1Fr|j>(G#Rh#pxsw8COdz@FwU)S%{Irp2Vs!|v!a3a<iK
zz(kmTVI7S5^$@i3v>tF7(Dyzq?K&8kg6r#DZ~<oYAI$iGjCX?9VP(&Fv8|)fl^}aj
z4_ge-2rw`JV>_EmsCx>$IB;Pj7vU1D8g*>ItNa5(%uo7(96p6yDdh>l0QNchpmNqH
zAfSM~k=;fP!29+xW;?WH@=wn*7U7RC5V4Pd8oUDvAwvMc;6!a*p5}1e4S#l;PaN*+
z?VTh@p_s1+VCf}d`ViH#)%3gY3q)2H!@+F)?53n9l+@SC0M3i6V25Id%_&UyeI_B{
zJ+A4eLb0N!6&zm%VJ<}brNN+;E9n)Qghnf`60L(P7b>;8%TYNwpO#ci(6q2d`G4Bf
zgg~t8(-NuaW!_?jjtLsVx|>L(MJ6s%>KK==q<VwhW43+YhmgoyQr`aU;E&BSwfNg{
z$5MPZX8cwiE*}(^SF?Vkm;R<2LBt-E(&W_UB(IBlO(^#3aHr5elkbM*>bz-I`s@7*
z)XZ)EYdcr?VsCcR4<`9LWk2m{$}A^*Yv7(XFkr;s&-YT-;Z>-BA%=3lD#wUDmqG%9
z>8m8Ox9y1xhs6UrdiqJ22jFK|ya(hsRb^$%mdF0EH8`?sEZ#q+*Dm)9@GA)l3YrD(
z^KFn5`uXmE;2Y_c43vBW!=udOBM~miaKF_3F`;*D54(_^G%K@O1igJwkr4?m)K$>~
z6Z^!a=G`60Y}JFMFYL2BC+6mue^QtHfhv52O7VQ)KAP7Kq@0hY)VGdM@G^itHsh!b
zqvUV&)m(^`&YUHbOi5-h1E>+M5Lie+QIB?60KYYW#)W<WS=_<HLx(MomfQRAo<*Bw
zLlc}@qAmv7KdHDU7hwIa(rydd#C34p>0nGR^4(ifHrj&_TOJQ6S~%`2gGT%5w3x29
zL3@6eQS2Q&uS|EK%i^}wCF1u_;+K`p9(I9f1B5o8Oh1@OSquF%>GwgTJY$vtK1%(T
zAk@|^Xys%z@RE{~OSCdOTGqF>hXrM{pkoG=eRoF*A;D(OT+iU(4|I6T_4|w(Yy_c;
zL>&1@B<=|T)?0aW2((d3=RN3vx3p_*BSFtAoRgis`vN!;@AJxlvM=HL;K3G5C4c}W
zVot%ag~7%Wy6*>FNrjh4nXF$Xle2NvwDy}gU58O{CzPN^%dzLW%cqU_8}rsZ`)@~{
z1;OWn5ulCJKFQVmsf3L;0;^B${G&?aIaYX>h!W+$i=<$p-J25z+GPVH2AfTMMRG;2
zI;gWhcZ6=8c3?537vLM)U~-kQrj}(ZF!?tB?vT+W5+_Oxnych532E;W?XIU!aEo}A
zH|n=aw?@N**H5p(vr-blViaT;yF?V1BPvmP_u|AstYvfH!}2F;y7P1kT;vpP&xT=|
zXa|=#YLI$y;Q9`pR3;yXX3=U{twO3}oTtslNX`yqZ&Ykw(`$gUz?8`eh8}2(BNQQE
zxD$S1@Y&a~!ocxM{qp4t3_9tNmEb9m3j-WX&EHbhMevRMp6#|f!>)-#%kBRCJ>oHi
z4K!!`*fp-u&sQ#cX1Vv-?SmolpDicukXJqy00!VNFA9v5`MquI8W|Z8=`!xBR946u
zWcd}j4k{e*`rC#nG5Tff$0mqj2PF}xwC`t7tLoWPU66NrKkjx`s)o0*4W<9y?;B8M
z+82ref_w~|+I<lu)2Mvn*w5T4c(zS;OV}+?{h`v2k37*Uv7ZY%RL(LU^RmCwKnWXO
zbTzm<WxD|0;{B-P$Ff(}w#cB(E+$y52-toqVA@w0@*%2d8n7q-QAAnD^XHd`oP`=F
zy%}L-d9DKO*-&W?I3XZ;xrbidW=XV<?HojEogALPxNup*38NEIYRrCZjD;x_Dhxw7
z73i5B{P-d$C6&p%1!#qXozfkA6b`AIE>P;b#niC4PA(ggv-}HVgBrn}&i3d2@82px
z^{QrQloo!Fnz{i;WFnX_JrqO;zhtfde1o0&4}MMdu_(0oGE_+mtHxITNOcg5jMGoN
z(5Du`UcF?zUqNKbm~`=$;<dT^Pn>apl@I@wUY-l`NCad~nevGn7iD#rtM`<*QLpd~
z4H-`r^G}!*Q5x7(@Wp)`)Epchc64odYtUx&`mXQdK>y&d@X+8jJnj9OI32202Wm@P
zN}aBWRr`Cy_cIGD3!8BHR9km`r#=rZ*=+qG))L$oCw?;<`S!PYcsaT2tJ4ZN<tpxa
z)B@{^0TD!=l%QVv4Bs5)l=~hYknS}KhY-*P%}{-e3o7(<2F^E_Q#^|y@8Kv2n%Ao_
zX{?k$;<h447mH$J2jPr<d2Km3r56}{sr3-L8^0&8_=Aa~;QH_(lKBw%8MyFhQgHxC
z7dhQ4)6>%%eU1W;I-z`o=D&Q2Uajq6uR4GQNh7>*umCkaNxnyqia0{;Z_$?+QRv7d
za9mAT1s5biK|wDkiio$8SC>I=G&wbehDE?X5TK2o6Ql`xGuWP>G%&#KP<q}<A=Knh
z<p(p~Zt^uOBdYRwYY|xpSV8N0ZQi|mhZd`&l}&XihCO1n)zzrTvK1K%5H+RzJcke-
zHELq9fW&(WXg>+U#9b&&dwYAk3=o5`I=!G{|K8d%7`zGHINSt4JbDiLEeAUrAL|#+
zqj^usm)U}06xT1-V$-?1#kOBSJM$H!!I11SWYig<NK>|W+?lpbS_G!hW2O36>sciT
z2?)Hry<tzleRAdTq?ME3?=92)Pc@h|VQ+eC!t$#gThA{nu*9$MTf=45#kz5$0bqL&
ziP`~}Y8xzCwdDwC1BY53t;k2fu7+a#0BSk5{1POG41o`4*Z=kkCPTlt-LHQYzq9-+
zm!I^=E_YHN7t<}Qh|RCj(5}!>uTe8{TrDjVk*Db?4aG@KHp<93yZ74S?47x>m9{(S
z>x#{#dsJ07>Nfb)^pO^u#gedS9neQ+AJu48#e?B@Q`c7T_kw;wt@HkL(E^9KQpOUi
zmc7qP(VnGPjvObN+O)4D2L`SwcWUWXKi*cf{0HFrmZwsgO)B-~4ECIx=?DA?wy>K!
z9Tu~ws;!lf8XSlv$Uf^+l*^5$32@QBlb1aq@>rtOi4wX=W@bT5fo3s!!lK#nSP>jb
z;m-ANdIoDO9|G&KM5U~6&kSk_Nl32MixOxFSBGBtm=<9xeKbla<`qGKC>$r<m>nM-
z9CU?5j>cl}Yy)dmZ!fPmb#>hiXsEh3;BP3N9N7&y{-+{i`O6E~(be$Eh9=?D5oJG=
zk1otR`fkne8gj*9wF6x^4VLK`%osp+gRF7sx>+#wT1>g_F+U44L4SY$^z=KpQ-F08
z#3Xn=L%Wm0=OcrJFaRuT^hT9rb!j(Y$>aRPsRJ$(D9SojFgu}TdAK#{)fR#YXEJ;d
zqHEZm1%PEyA&ehjkwLT06aj_k+Ue?tO_;&1IgO&dN>-+Fpbr@XB|qp=+tGc9yDrda
zoPmetMh)d(sE*RZtjW7bHUn=M?$b=I^8t96e-nSZ+|FVH|02?BBSla-SIl*$ej9M2
z2vF9oy#=LeM&1Z431Hglw!&eN2HndXG#lQK?HA`f9T>OfAW+*(%IwQ5R&?CN*_rg`
z_wQRlr;@Shzxo7k_f89!x)Fs;snMV^)g#JIXcqqtj{bvb`>D0<q}v5-MQ)qDZ%ox>
zGMK%w?BK0;P!s>tYW1{~U#E3vI@K6;SC{(EXsCs^x*PwXq*{}I&)`w0^V5NT!zrnr
zXBC^9mTGSe93uv_^)sD)(;Qz7Ra`t<zs)~9a_!D-QUiE;-ShVb#Di>GLXva$WGtkH
zK3XiNpK1LRVq7Q_oQ`qFyjMfn4$F2abjyfdNh=SGX^UZXeQQonOY0H6!OI(Mmn-`#
z<n5)rLW_|gCjU~(#Z?n66)K%iiAG6d3EdcED67I~ITv2)h~32~t%wK&)<$=iaHN?%
zxo9{6Nn)fofi~tH%IL?56xW=uFf$J~JpvRSaH1Eo{$iVO5^mnSStLkY<hqG<3rhpN
zPnI_-5|B&#$fDY4VydvYzTN<4cK&kF3K}N*AS8iwEDqOgD4M|0uLqcZ0m1=b*#d>?
zJ-k}g22=i=tUEt`3=+cII092L=OoED?sEFx=htKaqJp{!puTDg89p3e!jAw#q3al&
z&7{_+QS@7{z?BN0kWhi+H{l~n5aB&&FGAX=sr3PRFMPKJ_9goc0eg>}2e$zP+;D<L
zHoTq8pksi6*xuN_R}!GLI<*?`L4=kA{r6qJo@NGiKLGWOark%9{soL>2u5*$x!h#>
z7#JD(Xu~iti?uSvV08iL+1Piu2m2*bIHMThV{We%d*_f^g4~>g@eVw(SqjIdEA>aR
zDQ1X`rzt3#C;#!0YrJ7?KF)4YIIYZ<PP-^3UFeV8XJ)rM|7aocwd(!D)ypiyOBuaf
zRV)Kx;$i_!#Tv^*Hb`QtG`^v4d;${Zm`_7Hv~Hd)Ogv7_?Uc7Hx;JN<^>X}<@bNjt
z$6!QOmFFG8%otpz@;HzFwen_*<zhXQzEg~6<}KFrk2u#TGF~sBPY|0b?|%=_c$K8J
z{YDmX3y&>^Mq&0ciy@PLk#3k|j6J6X*S_n;P#_Wc^8`u$P8P=PQXxWR;^PKeNv9N%
zLW?CQgE7Lse510)Yc(SB8aN^=M&i^B-SOO(`W?=+WK^osl9DE*d)=8Bj2h<hdZnby
z7mR&L=?~lAoh&y{Hz8Hr?QCs14+R3FLU8$UYWk~-Q1^a-t*X7~K-mon+WQfV!FlQm
zKi?GJeoFYkO@2ImH}OO0HK9FscV`|kIS%tk?j%}Csy5(yFtQWeZ~Dycj<`%q>*(MB
z+;qvwabYf0JId^l$h$l#q?!-|NkM`U&pYfyc^ul<_Df<LdL-&7h76|*J5P`b;AVu2
zO=ZN?&}U9g2iROkXlqy%v-_{{v2ysYRi396pf{DX9N&U_%1@mP$*TyH35mS=-X6r?
z6}s_6;@#*`?--%h-Mo*+yiGksH%i-%CXqpN>9H>;2;{x@G+knx`yB%4;>uC_C7amm
zrp3Y!R;h9MfBkrE!5v1Iu@vW<L@UN~#MmHmyl(YsNdDQ)&`oDqQ&F1uMKEVmSmub5
zwCXvc<F@Hwyx{Ek$rAf7n$eF2$rflAlREixmI}vYO1t9vbd^=J|GuJm7VB-lY-H9i
zMc=FC$`z7iE_e%<VR%or+h0+?OyXw(-yS9As@(n|@TsEY8Ch6_ndA@%N+F?&jVLQ6
zO8@T~(p<`X9Hr_Q{ZVsjtAWyH1YP5Vd5kDo<O57rDm57BF0ND`syRHZP62$Ji=i*?
zYdyY`{e7&{d(Itv6W2*h2a~?e3#a8#S`&?DxyCXEP()KZ$zbPcgeMA3y2M1jX`~?-
zBhr|P%Cm2H`mFYIz*9Ud9UYzQ^|m&->njkV4U5(5Zj-v_^hk{JS}qP=t;sJaQ}=Gh
z-EbOS)No`<M4<xr)3Bw>rEW@|95nGE83w>*3150aO)m1MwvITXZQ2cIC9^FgZpHN4
zzl>z*9STXVaDE!KtSVa{14OaLN0D>q?k$03BGt`fzH7!sYp)K63jVy^mt^tsdObGL
zdi&bBw|5NpRZ(1m#tirjEc&N{F1jd>zkPb7m()4pdHV`Ve7R^`7mk&aDUVM%CT1U}
zx}83!?zxY|nh1<CEo(az$R7{`Yoz3K37zwe_5bI~VJ%JfAE#=;TA5*m;-is;Dq>cg
zu$v?-&fu}0S0@ItdR#kV3G5;HF%&TvP?QNNW<HM<%%WYg<LV-^dijU;FzUEdoOamB
z`*}Y-5T&{3<u6u>Dx!HJFK{y{#%0A>JD1vdQ?HPcz6rot53KSK10$-~rDq%#3d9Vo
z9F_Khu7l#-+!3F9DPN`;!o(i#9c}+cc2U1sLkx&-g}aF@_LiNh*KszAINZCHBX93W
zGf*HxRn72AC8^$xQez&H@-IfP`;9;gvSk|zwyZG4ul&4SoH4(`uJ|kp^HO5CcT;Nf
zE`=aZ$=zdPOn2M|k*~~r`?LsBY_-&JYd=>2@y{|+z`U5DJnpVlF_$$TqR*h!VW)p6
z+yugVbG>hNJmg2!DdmNbTi=~J2hCU06n7pQ8AB&4haP+QOwP+!Q#Y|+cF3}JN63jO
zKMclGUYd_6_<o6)m_g19FCk6<uaxg~%c(Z}{l@KV+=$ZWyi+%VhNCr%q`Z1sGn@|f
z^d;@QDnu>qCsidez4pZ{dp?f**j#u~oRLe2Ko%dc1ad4VxiaP49p9hAr{_?KPmy;B
zPLK6=_t0qy-)BiHre%!xe1>R#df0K>_YAXva^m)vo!^Jgn&#fuD*5l$vJ)A`A>JJG
zNi7_iu$8<&b<^)F7b%fj6}LNPSRP3B@ML%)DX_?SY31wjqrQ(XPFcO_j{pclW8!;(
z)-vp$NxuWL#RSj=U0qblLJi%UXJ;H<JF`-!>#zg@`3yjgF(sx3C5pYRG&SEbPcRyo
ztXEc+0r3z@%*xV`+G(cUKuuqqVQ?_1+29{UN_HsII4130mt(n}4*uqX_(|@62W3(Q
zw}0kG%`wC8`Qg&{J{?@XuJhl%bw8Q@^Lye+6_+r1FmMxI)9be*3{s8%@oi_ApZP+=
z{$3$+W$iROe|&G=qp*~!o%d?k+u(P(kJwlb3hsVS{o#BoC^P+ZU-mSmyjA*%V$=N4
zBNFwAsuS;=*31XjILB^tPMv8KmMm25V3xXLX145ow@s0zD$|a5^+MqjftbyA1HZ9f
zin@z`+K~+<z3wY4BtsYLMJC_;UX79dVPBPgsGmdHGC{NiH&Fg>@AO>mxoAURdK%Bi
zMY)Hv2xc<lg}Wd3@zvD@b$iIXR=L+#IWyQTkp8V_Pr4V_Em}`JQd=(__rFa2XOGz%
zhAmi+JL!)$82ib1<%-aI)Ml-FxSwe8@FoksK_{tS4&}_aE-)W^TPd?mOpZc6KP7sR
zlQWFfKQtr@5g-Gp{L4#AlMJlM-B?pUb7Et>eTkh52zEzR8%LiKt7yRjShg)o4H>bb
z-aq)(5}1zv{N^{qWFw!c6lT!|WB&IC9}4QvtCGd&w=O#UV|*o3yF2&}Eaqda|E|-n
zIhGG8&?J==SAO`?;Q$(}_hyq7u69iYihsD~hUgyNxI12SlJ$G;M&0+8mrbj$)2_>8
zL6+y4i%r9s@9WCH4;x+^)jyw}uKfP3@tyLYqT$M~*T1)vzS(a15;nKsdsM0y{1XrR
z$t^~|5A&=S0bw4VPedekJM+I@j^A^Z_>EW=O?OwnoUrdAGX3L4dXVJMhk4IGfhk{D
zzR!C`1unPy2FPnA-(K_A{NLY0XIXFkGV$LQo7T!Zfr5+@fj^3NC*78>*gYn$9X%?c
zh=G=f=?<a6E#Fq(q?4P#NHjXd^6vO|rwBaGa^4{B^)C|>KCp>TOiWyg@~V!+=)3*-
zZP=MU8!g5wUUyk%y&QO$G^homXTGhi)dMgN(X_*Rm$oP+c=s#}Qr_FCQ6cDSuCOfO
z)2Srpq)13fna*1k&wlFjV^1NLqc0Vt=-3|7`?PgMQJVdZ_>(YQ!V7Axj<gUcD0p!%
zhup+Yujf_Z_v6>##XMWa=4nodBp%AMNX;xp5E;l7cxN0gix0PK-kSdGFpdne(<Z+B
z#BJymhXseqg{0q5<}JIM0dafY3_nblKHJT9Cshf{9{zB*yxA)G)oyESJ~_xUYd3k&
z_zLZ^@FT|H?TI(-hBHijC!2|gN}bfdr_K2}CHXlG`Ew46k^B+b>BP(*8KrY29>_j%
zozDGH5^NptzSviE+q34u`w55X908wu&dy5TcQ5vuxz28W2ogTCbN?eGXqszhDD$&?
zI-vihAot_x;9S>T;msZr?yLMait<EykM7+fO4+O8OA@`+nL3>M;)VH=`pzHL){sK)
zZ~uM@Kk~MO!lJgBnZU2FE%)^VcZH{7V`RQV!6L5~l6>8#cL~*7*V}#@E(7f5p~34@
z<W6M&O|C7;mHY2?03NaQXLgHVhChNGxHUC3T?s2ldIoZpeNbZo>F(ku9%sc4lk)Hm
zmq_VvFQpK|{U=?wk?dX`ih94o!eP$dUQU#=66Ok9+JDBjlBqX~MHNlT987}CC(O^m
zL8N*}SM>Me$(xpm0+K7Z^Lu<ER%c8lLC4Bxe`8~!^%qk(d0KH+U*x%`Jiz5XKTj>Z
z>$|C8bgu6IRo|zoxa^1j_s3;_c}*)xbp=~m3_b@K(?qiHz0WQm{b8GVC7t-@W8x2w
zHUI4KPjptfkuB6T6cyz(y*@t}pSkuS*4dv9)}^<_*Ka4L`5p&Dbp838M-3&xL)-I3
zTmyD%e#d)P(sOI2em`iS5yY!{^i1%ZFTdid<66-=-I{v1W`}tbUzJ>u&nlgLx*yzv
zjeo3MWkXOCjY^G^6T6lm0bYh}jYnuzl}8={>;c-_+c7V6aWX@)+y)tAzQZ`y5Xzz9
z<mBY%=VxzkucV}8VnWYVk%Hd50!S7Zp?PIt(fXxoqlR2Sz`F<G+}(C8Q7MS6s@j2M
zdBj7R7{57DG~r!ISveYUSd_UZEZf61KA!+rfFO=SuD+t8B0M~NX;D@{j_rH$Q@N8r
z>_A<l+&7SaH}G*lmruL&{DADkeJSUI?oWA-Y0|644-A6bt!&(l+=HwF^8eQ9cGH$|
zPOJ}kw2mMC@Ms!0R0-9H5>ksr^suH^Ap(Pq?v$MBwoHtBr_BsbKk@LCy<hDsK4~c;
z>Bo@$gjgu3C>vWt26r|o&HM0%<nhG;B5c?&Z2NOy#(CY3Xa2OB7bfp#CT_1i`Z-Ry
z%De12H+p7^biaCKvu5wis(j?Ez&1X)o>gacje2bjK=Bp+Wy8FE!kPmj{e7b33%791
z5scGY|Dz+i%eRwSeXZ%;JBUv72BsQ-ao{sQ1N$^M-s+B^iYQFE-~h?QZ=fMm!qf=M
zc;F_fnj+j|LDz6(9J<=ZhoZrRsrjmF_z*O;wsv-_)*OLRN*EflbTq5~=#nG4ff)Cb
z>D+(zV*_=apK2MwtYg+WYi%I{iJM3s(DZ@%-?C&CYULesmN?z|rBr>AQrF<DO)fBi
z=t*oO@2dF&d-^XG6$Q^E#ay{wD)!!$x5*t)Lo}I|Huc<2lJuS;^T-T-bG%fwWx;E}
z*qWA{7iZ;S(W22O(lU}Uh^MvrqS@2y*P&2hu@0js`(6`nX{Ls<Jw0r*&9lEtZhoT5
zxi0JeaEn0o<9DGJkg*L&<D`0#-uSWSWBNSA`+Cr7<(a$spsA&>>yxt==|(kV6&vJ!
zKgahIf_DnkqaUNI&$heHMaIkrP0h64fz}w!F1wr9x!y-D?hC{2(R`db-K&lcuPU-b
zPqVS~{rK;$qBj<ftK~||hSsO9dkv@LgE~IZC>Hskqa)@||Kc&^Z7rPVbmqx!GQj5s
zd;)Ns-)Pixw-Gqbuo0KNc@wmnsv7;bDPIA@ETN_lNJC0bgsIS)6ZkerUG_<K*w@1D
zle^_{#3mVbO{S;$QqwD*e~fWN9yfAW*iu|K-R9p1{yQu}pUe2VD`06SLN;3;EL_pP
zG?(}O+c(`*3<&rOyE{B$`f4~PLql4hl-gTItJDHzV#-+P`;<QR_m3%9p325C%cPYu
z0I(v6Gfnh-+T;iHrn(s=`(o<);)VqXj`a5})6TQgZ*NRBjRSG9gfB`TcdQH*nnC=_
zHA`besBdU+u<4ACr;q=bZ|K<PYp|IE9knB4RY8*5gzKHsV#-GbxOZ9xuHT|VI6cU`
zlUeZN_H4`%eN_k6Yo^o}y$+`Yynx5Qo5@7-73p#%cDzVpN=<)B80Vo!vo;!jcs;_R
zXaC|I;XdI7$MJ`ET4b}`rP=hUF9yEQB%5TIyppvuED^nJ=<#+ZQE1_|?W*OJP+o;0
zs$J|=ieXfyrJw(ER`KVT8}6=FV()Y~(3s5gWt4}e-o^d#gQoKJWpSe(K0ET^wE#Fb
zHDB6SD-;HNOfSjlx378Qy0TE2TH_8{PtYLd#cG=!8u!E!QyW^W=GPb{c7;`aezfg>
zQ9k82|7%!}|9bXjt@j^P3~jqggeO(*O6BQ*+26FfW=D;)0W+MGI(&)ZS+nDmx_u$n
zZHMLxq37;T!fWDazSb4Q8qIm6ZC`P5yyEudW}dC@Ld@KgApzm%rWX7jOGZ6n)wPCl
z&iuE->Z&&1Iacpov-*;PbNUtBKJso1Sf}*TkroeDH6yD`eaA!g*KQ2@l3kDC!!rMy
zZ|5b>DCovul^<w;8|&%jP*Kz3C{fj4R>-{_M{=<?D52G06_=8K67PNeYnj=VpgHHc
zCQh2PDoRuO3f>8E3;&+oG~N!wLt^8YbK-yeJ4D+sKg}9URba@_pqjIHFG?GgWd!7+
z9WOz}&H2W|?kW$~0G-jY^+_2~ERLK)iEF~y_X?v$?1=*K*)13qyHZU)1FIn$m}E>$
zz<sQ&tOW3P4vhJOgD-&T0)gqC{E3Oc5=JK|4yFr#Jr}tPuR{IyK(PSo&$m8!1OzP_
zN56cbUEAH9DESDi<^Gw;NsvmboJ6p<h3;q2u-j;e@-u9cyoXuBpIx13pl>i~lr@4U
z)EcEOxZg&i3I7B2;F|!ko2Fo{>-JO&YYa=znSWRrgFY#;=}X<l()#*8c@rr)IhMeT
z2g7CtCME$1iIn<omS-SfN|v47FkaFauPR2;KdlF=I|SC#Lp40^4smGTKCK%S;-;wO
z$6<Zp{#-2i&JHKe2NtVfy^6WqiAs2dj8@aM!lBKbZp(lFsUuQItslG6m04QLT3VDV
zj!L9Smn38T+~|*#j4+b(txJY1t^r+H2UF_vqJ1%ML$l(6KK&-Gk{P|ODxA^ooV&%^
z2k}G$hn}h$HZ}olR8lVtvn_Ow%EemvGZT|5d4`5>s5FWl`1oj%Juh1IEH7AIIxw&?
zQwdN}VbmP%5*NNIbCcs{6YCA^7QRY3hZ><c!eSc7d(_<2)PPH5B~zesE~i!!n#@~#
za=drXv54X2P<1z{lhdhmz4}O~!WZiIOrb6gjLafNbKaRe=YNQlr(R7Q_{0&(mbdYI
z-?aYh+)?V1Q*ZpnOWcQ0LNc7e%_FV;y|d$GCr3Knk>4r|?*kuA%?mg%8}@J)G@sQG
z{!ZtcIyR{OCG0_EFnzskbZ*Z2hqLFd@XXbD>lfD5(WSE-<JMj+DZ_gjBkn~4kB8hk
z_@%n&-$gLK3uk!OV^BR@zGPs%!T4M4MaIB~s>{+ZUTslYjB&k-)70W!#}6A`jUi2E
z`AMN$_uiw3)aK))!%de&lkV^9grvs9*>l4d7Q;+)12dMq9zV=`_RM&%zCa{=C3%F2
z_nbWJjvwzywb;lFVxy}hLM42}lKL$R3}G+J+owNU2hM-<YqEI8y8J#!$XN4Fll#W1
ztDN`X-C?)4EIw+&bMsXN$EjJ`#^uwNufBU0W$8c2+(~r2o*1FsQdEh>_lr<;(o%&Z
z?93rdoGDb}SB${K)i2-n#ed&0nG>1BOZ7^SFi}aVkLUTxWHR61ntjK~|3|gP@28)$
zJ<_iIsdS>!8{=+@Q`X|WeBrHq?ywa`LVGJh=-yz)3*mdK=JO**_$CbRcM)rwMbhi^
zW*3N;sxDmb`HLzUR-fYyKF6EkdE3H^_x^bU>A=~0jTu~qEd_qbBcq*wyz_5oB`@R2
zn2H&FBQ2tZpMR+nvqIwbSl13*uS~d&xlM;!5UUsbhZ*pXbYj$tXa!$sATj!2T#<Z{
zvW-07M{B|20s>rfL81jbK~pocN1Nkly&6E=u<-#n9{&NbN#JqXxN(2_5LkI2j}RF=
z{OZDmk&>21OHIvb^sPE0H`m?vE{=i8y9cFVVPO!xpvv;ZUW6X<A3s1-@B95zw03?Z
z@W}8)M;X=lqc1t@UG2(KElu4exsw!p;`&T(Nv45bBUc6%omP-*Fp3|jpu<n_lz_n!
zgMhLdyx;_3809Ui<srK-g%b>Uim(`Tg?LsY_Js;l@%>3v`!KS@l{azRcvz7U5gJxR
zm)S&yMA2bOYa=<&lR{bCC0Ot4-NEOfaByZXE=F<B7GO<}Dcjo@c9n2G!qeGIuTN2<
zsRZ-LKj7_fVHHk<AB;)Tlp4)8r-y$}Fz%INB%Zz>xA0w>m34-T?4^*Vbk|Jb$?b<6
z$Y^7y81_W5<r*SGZTDPT701=Z?6h$9gbVSYSO9BS`FXU21hj5Me2aT4DYI}?Sv@(F
zt@JzOP@+3rn_ul7m3p6m+Mw|p-b^=~3Wi5iFDHu~Y_l$Sbgcu-1Z8duGP|T&pmK^3
z2Zm*$0lf)yl?IaUEwzJAtB#KsO~0>OEQ?!anhKO}%{F6AytH-7eKG8q+{<2css671
z>_FEH&lS4v;`tbX{RQ&v^Ly4A*$RaN>Z*0wSOy|0jnZ0@hD8%Q`;T@UEEGr*67k-X
zhs_NW)}PaCy-t5~aAR_z(Ky}mRXg{z^@)#ZFTZ2L4$W58sI%1b=Xmeiyw5!71CHs#
zR7b|}p8JJ8)KX4=zPdFxl$~I->Hn@qQP=rEMDYYeeCCDg;T@5TOUB+qeia@z3^SAa
z+WB~c2N91J((A}1GA=O)aKu539&y^e@~L-UYkxhdb+xY>Y5i2IS^k~evi%rwY_-mJ
zc+<S)>oKC<n0W10MEyE(n(@Fd!q=l$3*sg|;>~!5J@K2m(vBAyi#J1sSN=1;^q|}O
zLsjOl4_2=mSip5w6YuKJaqK69Bm|(^6n&s`{egD5`-?q9>q_r-Rf>ymo?H5dRly)W
z*G=<bsoxaquMl%*#I!*UTkiBMbKZyIhr|++7UGBaB9fLjtnUwOD-tIhUbd+|Zc0&P
zFKr)~u?{S)xbLTYvH`tq#7=sdWQ2iNRJr|g!x6ao`ku%0HwOMBNc><h>h7*8IQxu9
z`%1F*H7?W?H?4k%&!f~uy1cCZ_GM`n(FZcR(<3F1pZy=U-U6r!wQu{~7NC@ffV6-}
zgVMc}?rxCo?hcibkVPX>BE9Ht5Tv^n-L>ehMSeH?`QCG$Iq#X-GtO*dK-XQ@|GIvc
zUe9?yBb=&RpWJi%*X$re7xy8FcfK=^g5S``3EGvIbc>z$^xAmFj)|#GjAW~<w+gp(
z=FOk4lMh#N?=y}6ame!8ej)iH!NcmH>&czEB&5Tn6_uFCV?OlSzoi7Y<=)}04r-WV
z6F&U~0a2#=8dAU}c3>FJ0*5n&G!l$&xQ(8a2G0I&2V_&Qut8VweO9JWuQ`?M=K2~`
zt-fX`Qjgzc0cu~4bVHCfYb=@*jz%9-I(ek^C3?t*Z)+59zesQcPztadg12R40(XQn
zg#qJHX4hLSG$+j2R<)N8x~_pe*BAJRF)%xq!Cbfh$NQD61l=t#y8{NX$3)cE!wjsf
zN?!8M@!rgfKtG`G`j~#ja6X*pcoIdZM#+<>#{3-lz(>*=he}^Hq(<_oy_*{ds^9L5
z)@-Pc(VU*2n_YsdcS?5&Fks&sU%4HGcCZhb&cNhbUbMzhRc(C%Z;7=d;wTI#eJ^<E
z`?{IF^{O|o=gpolwzs21Wj)iNKb-17{4^XnR-|~#)4OkKY-lRyDd#ICX6k4edT3C@
zkFTX`@KMe{4uubAkArdeaN_z}uUu(lB%@rJO2w734U)rfCxRDeS0LMSLEZeidm}jM
z64BE?*gMeve5%9k#VHy=!knzXY-|g2fkptsuVmTW7S74VRilz-bNeR6Y<X**1Y>`f
zA1$+u;c#eHy&aeHr1CI-$xoNBn&%~<XTGLbML`i>nCnGxB#-F%f+6EvRZ`F-RUM&J
zvShUm&hf=q)ogXG_IU$UFWtQ1mF1PQ1hUG5{Moe*qX<P)tOqDpPAHwqLAr?EvpTJ5
zidlU;<w85TCkdIX5ja^S52g7~;vCU9HBgBdZTWd$R~ilmjGUFCY;P#JzR%kA;}l#q
zae?>o6vQ%lH(&~|B;B4EYw*;sN^x!m4HiL6*VL<aZ=a=9`>?|ijgk}6E`qk^z7@$?
z;+kP$@Z`T_yLfgl2RXAVoY)I`Fwr<qjySn>z*?hUV90b_5Mj%4_II%)>}2;hs%Sa1
zv_RyW%0bi}Bl1>BjMo><Hnxm5UYNg=|5aZ$@DZi67iDG}Wt$k!>sqIqx~{=VM-!1d
zBJfD6ewNnkJU`JTI(@ftg!I$GE0?A{<NcnqJ(IdCbyqod4TEb`)>gQS-%ZQa|Fx3*
zOBz_f{vQmpJ^$apf*1BUGO7HvAWH-64Kdnzp!-=yPHug*6A6t5=xpF?ZUj9`;B(AD
zdL1eky5SA{wdCaFA^YYmPaVA(=bwD21^`-bU>938kR!s!4=OuZURnaK@~0sy;FA3r
zjER9TAiJ#aJSQhd`5|@mYiM<~o4)=p5nXWp{ke>#l5uusf8pujAq%pnz&-~A1c={l
zL)TkHnjdKZLMe6h0*~_kRtv~kK>fPp^*Sr)@?S2YTtOg!sU`zN85Nk9II%jx^A{lG
zQbD?g1eo30BB|fJ0ksA%uqa=xZFHGaVi4|nFb9YO$$Sg6jnI6PozQs1Axc;AIi!oR
z%%Vl)IWciqJFwMD3%iHDn<V%DivV@X;os2YV}QFByci(v(uyb%FrXyK0I>r!6WvE1
z%FCTxU4cvQ21G}&$oK)En@+68M8@U1_pn5yrl!BUADo9>%92x3PsDS}36xnD!kg?@
zf|B&Qc$(23o3>m>XZar0@S1f`v!x1l{J>`jWM8-_uqrylMVd$FAN}GGL_QIy#h6NV
zay)2aD~C^6J=H7XZCIk&cdvRIm#Y0EGAb$Y`@mZ@S}<b$*l?j8n$2q@pM3)6qGeh2
zLuC;O;W*4I+M!?83aF%}0*DHji5cfG1-|y4N91iBNo(d4uNCSn5IJq$(2;SFLgVZZ
z$2IWc;#2uT>owDjn&s2OPAmDwBMtKN9@i!)xA@Pg*<5{Go&HTT;m%*ISUf1bdcBjV
zf+M{-p}XBjDbQFOzuzjs<<Rq|MPt1ai;nY)&K--Z2KG;BS7J2=-j5E^jSumR47D$S
zYKi%*U2l5c`GSp?Hs<7(8_^o`l-0?qx>I`=L3<8enk|9_zirHUw*T?}UfnYOSAW~2
zqzSxFfB#+^<gm6CwB1!St3mwnnL@YC#ew8yms8EB*dG@<a4}5R5c9gnm7_6?3e4-1
znUzFvYAn#st%SB93tE<F{BJD$=i*p74YKNJi0ZP4cmoIvzDm_z#5y(^mmF|8*Xxd-
zX~A_LsCv$_m!q?o#i(@iWC`s*N5cSjT`w`BK06}D-x!<@D8Ul`y?Fi^!7U>bL%WuF
zRXM385W$n+okPS}?+r`5jo*@DQkt|2CY_Pj@%YEuv<U&IeRnZg-hU;=XmK1LQ?7Nj
zc}RxY-<Vv>+R-hSx8T;^S2=Bh%x?U|i!hk1KwW*k+s4omh;zzt`Pf;3WeQ?Q>wxab
zbeIQBcp#1r^3p}Xm3tqWfcQ2*p-_CLhc9?3WLY142R3`)IcWkbIW{&H43<HKHn8_T
z#{wT?z%`-5e7^wvB{tU9_r><WH3$4?{NU|5|LD;pkUE7X-&g4lfw(B}?Y`o))^G%!
z5ke2e;oz~%qFI&+ynJZ0;Km9AUZl0<<s;yVZvxH5z-?^{hrz*t7u5-e<Mn`hsPH)8
zW`dV?*YgqJ^KS>n>1O1566i-{)UJ|AMa#ffmLLGGO(7MzztddhZ)JYm_nN_8lf5^5
zEHL5?9Q&C->}8)VGYN}{!BuL!z1&s+XCSGebs2~k^6~Ncw;X`Zt0+Q#_mWo&pnT>K
zxb+UfU!h?U2m^s6$xC#J5^P*>7k_5R4*XE0u8V4^XdtloT1#6~b66TEnS3r=;A!x*
zXA}KPDT2Hq>zgYEvo&E9c)!afaqfad9&qE_2VFj45V50`Q*p|!c5{>RKE@Ue$o~M&
z*;<|snrfw$vhs<Y1HzN`aY8HC{@D_jzFAe}c-!;PK7AxLL*;HTy4sCc!E6<zcSALw
zq(~@$xvytnt*2W~nLb^CIy09a-&p2L=%6y8COysHS7|*xSsw14x5sab_+RP%DpT>)
z@|6*jbCvRxQ?gXkQe(EQm6T`v-I#T;A7MX*N@y)C*~{zklTv4belj4oI+V@^Pc>aW
zpylxA;pqnkh%gs~t+&?>qn>|2weXw5U+8M{Fk68N?!LO02)u$vv)%UaadE+6>Q?{z
zy|wz(d}|zqs_n|2@dq4Ufr8U)9Yah5`Y9TPW*T^?=ddbqD@->(yX)_rUb?v>D?(X<
z1ijb?i~@gVhGr%fNo-5xnQambF8Fh!ZC1-4EvJz@SDd<aq(iR`<y6l<{{}OR(`e`2
z$6-)~YpIqG<XOik^>a4W3CjdB`$DH@bBBAIJ@uOD1#akhkgBEV-ecp<o^IIXob`+e
zLDt}F$7*lla@D(Pf1unrrmhPc2zVvD&6dT7gcv5M^b6Mh94%J$3P`9D&}%|W(ffR2
zIOSF!@2D>j)fdgr6en@Qn4>C@uhmWHIXz%BacZoHv-1dM05^%kogM9t>4gi-GFvXp
zIhI$9a)br^7_MAB+;3y6<lj$H6Oj)%y0X<Ix0b+n=BzN!Jl!tN8SG%+A^DzE0_6L?
zw;qUGsdb7qYkynf*emz{?#{fz_@8qZ)E@-IxjOgu^^x$oT7!?h>0oLjXc`Ayz`)PU
z`1<u{dN;T8P&@`LZSCH4dmy~uS80Mkijxd^vKC0ffd<oemSefVXpa4_htbnM(jB+$
z<SS1&>2=V3qdHhyVBmpc>#PWRT<-DpK>&0R51l&S7+wLr@gRqq49-~4|8WMYLa|A>
z-%(Rjzkh!SvWAiR&u{K~E`ew9-YE<6IvZ#huih<!oAex5!eHTc%ct<hv2BA$B6!~3
zf@lEM5~wu-!aiXtVC>(Qc7d$jz1J}|4ZOmE=C7oz{I|9Bc@VQX`VF|RF0ZT*qQ~rX
za1Vn}9Y}wTSKH|+KL1nrA0EFyo4@ETsJmkYVPf{vgM-iicmca|(w-U^LD<gm5)dSS
zQsJlH7fFbSqzu4%7QDS!0Xra|Rj&hA9T37bh#3qXU{r!0DEHqJz@5DIpa^V_jx!))
z2a?z=-oQ)`TzENdz?BQq6H0;Zu||#etsLMd0Rlo(Q?m~S4D>tLlsW)00j!#Vf9B_#
zz%8gNEjjsm1q$&6DKB8y6ng_oHZmL6NF_;m$u7{;e~Z-6zW0S`nPkDjyTX(0@Y70n
z>MfBUp+55u!p>5N*`0RP^RbcF;DbMXl98~x7&6n`d|*{{$)QYbn%DQxXd?vu(+F#H
zoK%lu$otwv3QZ(exr$6xPoE-ksw1bq>=<4&DtU%m)emu}R?2%Eml#XVVvrxc^EEbn
zC%kV*htb6<AispRm3pF?snvwQy5yW?d)0Q`{mUM`MsPxPIExLQcE|fZeU~huVg>(p
z_{bcydMUS_S#0ODgo|39|7MRv9{t=w&QDTieiN6IDKcq-U|8k*t(0K|y{jOyX7{^z
zp$}~4N~N-1VZ3#2XnbEWVbu&ZAa2`pLo!GB=A1x|KZnSh)ZDy$c*v!>Wyv^CFrnuR
zopF?*E>_skVq1@FpY$--AFAm#=r}i^Uc#^4eVLpXXf?&WC(qldT7I2neRaUPD@>ml
ztXdwLYlx$m=k%d+AR*uFJlD{pN~U@xXdtIoTi1PTe%k>RN>eBgnYQTt;U5yLta3Fa
zjwu_=jy&or=(YUwK-En~#ARC=I)kdVw`XVWGd$E%{`-{L9~tuOj3&P}Id6GGYk151
z$uR>|L!5spT4U<{@8mf!M>`y;>SUPI%ll?sg^+T&D=mO0!XlbDyzVYV7HWPzDpub{
zD30GYq=(hFu)bvK;kganq(5~7v(X=kyHLD-?0CESYq}&+Vk&r%yQ<s4x#|q5@AUem
zkt^5{><FW-yf*FV?!EZ`qCaNMx^TY5QYjyzC2W5G+x*pwY$-aYnmq{Z24trBL95w)
zMi7wbH9<nrZNbM4bm4(<Cm6-do^1>Z8}b4%J8-dnzbRuEtg3r@1R#7#W6<*Pc>!by
zfN@c<zb)$cqX`_^B$S&`(f3z)%dvYCv&sVqq!}#!Dv)*rfT~E7#3uLq<Rb`k^q7^K
z&x2Ii{reUmSVTn|@54V02dyCfwk8UZ%R(Ck9#sGr0G|8%RRiwpN59F(g&oab#SyZZ
zI&Y0_0(1TBSFk&PYsW1xEjtoFe?A0;hG2aG(!kIbSV91a_Pf5mo<A?Zvg>v1Yg$^g
zWo*F<ePFW%Ng5(xPX%A&g5RAFFtol54+{h7c6f}upk&;TllkpN29%MJu}H6(SxqPk
zY%cffA6WHQ@fAUaWT?_gomQ4<?CTSBT~NIph)&SMX839qm~Rg%s;hID0O>js%rN8i
zaan18yff{4Wep%EoJ^Nh9>=DA_pZsKiklU)8ZfRzY;1fZy#(A13kx2XEfvNpusz>1
zQ{H`$cvcA^$rBD<d=O#(zPVhb#g9@)^GQt?4;?*UkwU+wTjgL|2ElJUKI;!fmyV;|
zwto?1wein&f5nqFEb^NUU?;RHQp`DLt>)>mJ;NP2W;+gdC@PrEjQ#p@+$>zFnKlD;
z!1T*g$1+v1FVoxcaEpx&I_(A_8CAxsi?N*(MiK|3ndI5)f@EutrP5V2f~re5(VCiv
zm{?6FDJ-w3bWY4kHRmZyE7popj{gxh8?^Lk?cXVa7;YcuwuekylIS=o@5(dH66WCR
zD9EA&^N%iF;F7vEZIoOSpI;X$ZZ#V0L0$Mhjkab8A;@7fHyQ)p_33MMTj2Vy^(o)f
zw?Sr`!w#F9AMslYw}_YdJIvUtOW&h!=myn)4q4V%q`rZxHcnSoacaW0{V0pi?p?*a
zV%^-Zc)=k5lJo8RE8Ms`ayIX}Vwo#)`oudG_>suk9z<=+wa$_&?I-?3TB)<&$Z`&B
z4l8!IW~N|U9$ql0QqHTDJ~~csQ{7};Z*<*~i}?|@y<-#yA-_q!+3CQIfFRt<q;k?=
zE_{bS`lmuaHL*-=+N<`ak(CN+&dpbb!b3vmBGh+0f5Y0R#0v)0--9K4s*@;ZyVfVK
zS~6#6TAtH@JanA%EzozVDVsA8t|!G~l2<Q1p_@C@$t${I;3I+Q`}7T++2=8n1q~!%
zd}1MH)ajkvFWRVRth*_t*@ebkIk&{jA*@3gXYuprx2kij^O@r6YSgNm6$j3Aq5Eld
z|49-3D`j>11OXk3{3oC#{g!(T7A%0S01g$nr=EZ}Cy2$p1DPxE$Ubp!bGrwB1cUgW
z-`)YJpu4{afV@<BSy?<_D}ehpXk69@%l#hSz-A@~;$mqY>xtlHst6K3E7)B|zrdm%
zhpD39#%5+^eFA_lz(}~cPp{fWTX-HTQhrQLO$C-B?HYRnkYITIEj+x92$Uu%f;|Tu
z)D(XNGmplio0}nh;69;QsKxOz3fd(7D_9pSeE6@AkDgKhcYrVW62au37}y|zx&8h!
zqu=t7ot29V8x4&cbgAF(cCI@c2t?-xp)}h|eSSjYj8*VmjDgnVRIt;qf7t~&Byg<|
z)tdyZ7+=@HMMF&Gr@d{54!Gjz)jCpFYkbfc#xVqi(;p4Z0OG(9Y!s1f92^|<^gZL_
zRe%Rz_?Xb=9mx8E>ptKYoPkkYg-LiO$sc?}&j5Y!e$XIGq)YgRa2cehLQC(r8UIr+
z9A;J!`L_pgXJ=<;N5?I@hmS%XKmh@5!i11`_$y#ENpH@|&EO`xMoXZVVCmzCFCjO9
zUB8Lzo&HgEBz10Z<y(_CNkAEU>3M~WZ_FWWPQ)!7OC~kzLzQ1}61+f=tVoAB)b`A=
zIQ}g%>b=;HHPbgHLI3lrn)T+iE#G46;`Eyhs;^F&;c?TWy+gvSAJ8ps>+Jy9rjqY{
z>hoMHuB6x9qci&xnKJmqQtLzl&WyjsYbqH2EV@?~90wi&{o49bUx87N=G%lSncQ)N
zy8me<Sns{g=LLpKx^vg|g{gd1qOg?aH!Md_XK>S-CiCVUF7iybIb1yLG?xoGQS-1-
zbliV$V?$kTZY{2aQ{qL>=M%Oo*ai(nZ><^yEL~>~vwL-C_PwhEVE!SN7Zh+0k4rCQ
z-=gv3=$4+wf|a-)fugwTW)0ZY5&_D-RsHI8B$eeKLAayXvXg)gdFk}0zqWcek`qkh
znOK6^ByMjSActdA<1_Sbx0{4kP<*||RaaYL3CMJ{{ODb-T-#o!?QlWu%IzL4=HSbs
zkg2Qk%lDf7yisF5<9YHOwpQHh3ODc7Q!CvHXB`Gt#!-pn4mZnl^bZW+9+KX{`_aU*
z&%CT6?RF_{ztf0tCcZcvc$a3DBBx%>k31`3=r=`j{#-wu{!mTenTE7)ZO4+P+~G9V
zD(ESMFjr|+<3hFet@-C>e4SjOq%b5`>3%o{%+{;QIrtM^;dtZwBaNK>WfWU=0d<-R
z<W`PsRG_q-aTA-ho@~8vT%mkI<r%#Z!foc;Y^U^p7oYv-pdS^+UFsPah*$Xbm=PQ;
zdKqGvNb8t?WQP#oksiy(%PVzZ0dkul>bV2*!QD_owso*rE6d6(LF@^*&8|*1h3^Mh
zwEBh$4`=7*EPO$PlyP*ThefyHqKgU&WV}RvGufv-1%NYhaj*me?ZCzi+JLbh1A@WR
zRv=i90lNpl>j1zfB^xC;`_2lh=U*^@g%7(AhJY+303i^D{2U$zLBcK2i23s6V}Z9e
zBbkx_cn120L;vi~R9BalQUIDwGB7Ad)aJf6cn$h(p7Xt{n@kga$NC2|736=poi`%K
z(S?Jq?Sb4-Ir)qN<OyfM<3KpWr&RZ$(j@NFZom@#WdzQ7U>BtYT|$09xdX5M=eW33
zQ1foOdpQw|%nwgbZvY+zM6c{Y-Sp<e*JLA<NF%5~mBr{=I*Pc?*=+f=d6+7L3;`bA
zDd1O)SO72iV<BOvko*$3Wr4B(J<cUV9J>otD3d*Z{y`i>2=(ph9>_$4Zx)Q|d7aUo
zeaDH>VQS^DpO53J_p3fv8uAIZU%HeE=)F)gG*D6uU{KF8K~S$}b*`HPnC0752b^3U
z?F{R;KNKX*n8r$l_|#vmsjM99<U_CA$a%f$x4);M$L_Nry#{qsF6V+0rK=cqn$2cU
z0(B59fi$bcY4b;NicV)KMDP8&zq;fn6at6-G8avw-#j92&g5jzqW-ttOZt7<HGb#$
zACkv@ylbgZHsN|%W~;`CuKBMM5jKwBIitBjc&4se@bnSE68+k9o$2}N@QnAZs#6rX
z(VvnNRXquNjaNF?ZHg00YqbWB3}v;8w?1L9lexINRcI{{4?8ZmatK-;bDSb4(TiR5
z^d>x3>hiZF3NGDqbJB0WPI!@Ab_f@SsXaO;h~Up2N6F){g`Ebl6>BmQSFq~q<sPYS
zZR5fgTu(25eI~dJR&}Z|-Ef4#MyEPGuMY;?C!%P|*O4$u8h9VNWofY``;ujC6?#1*
zmKG^2`;&q{Hnq=oJ|_)rFULfWU(+68{$C&UPSOx%z6|&`|JoS&d{Rlvx&+U>^Q{gl
zd29{hayF5aUL~sr_-9qFB<OVc^-ry3EAR0go?xFdD<k#C`B`5qSBGaEI^pTgm7F4)
zjFPZno3!JfJN*!bq__}yt$p8CZ@bY$^`>J*z52X!lr;BYhy815OYMT6D|uo&>g!I*
zWcv*ZuA-A$`loXy97q}$ZbhD=aPNwhX&NT3MgijqXRgXI@$d6lP5cG;Ua*^P%cbwh
z)neqZb@#5J8wq6Ud=^PD!S}#VpAT6hz8yj(@bPZv68=l<s~L>^e_LC_{7K8CQk$MP
z0v%Z%a&rP!DXXksr2_2reHuBxxQW-W4NdM#EIBZif|R~anX#m!BWoZy=;oUJAVMf8
zD2`$$r>B^hm~k7bA(Nm^1<a-aD$MoiP)%*^y<!jG5-~YNf4~(PP%fWnYtMk+d;dxX
zFZk7a<l_&$de=h0>H!fikr%W$VEdV#ooxU@9vWRgsL-`w1$0DkHiOizsE7z)==t27
zPJq-`Er2f`{XGT)Eh10~Dd6euuG8ol=Tw-JV+NGL{;0d%>V+Vh>Gb-8HU$kb+$bPk
zR+|qSf@pl#>r#3&;|l{U2Hq_YeXo2WBs2<olh;9ntRgVyap91t?seuUK%s(-0$}(=
z$z;MpLoGoWbaZE1o4qu>AxNSnDC(OQfLR!jBmacI%+Ad0sz!W)LI-i>`G-LVxCq!@
z@ooRKwtj75)@vdG!-zFhOrn5SvC`iZh|M2^N!jnXxH$ffz$ZYfm*7DGHHcyW;qtD2
zY^2hZkd*h2Kj9K9O6{|aiI+?CGOD$(*YYOo%ajO!9rz)1x)!=kK2tzgwz`_YH}}bO
zuOzX;cBcKpDzS%4xbWh(4tY>3jqP4qcb1G@_3E9;z)#@`-+?n|zsvD=!h`mP;`KcT
z?5^`~iW%x;Y~)-{OHINF!q@&8cDfC&b8NJ}6YVEzkGKZ;;w!IUWn`sRi)}V$0z!Tv
zgFRe<C1qvktAs_fI$-jR!~E3o2AxXhj3R6Ire`{h%juwC)xJFXlMc`J$%tBa2g}e5
zGOqNT$;_j)4ju?2b@gF)UMRA!yw>VLACK{3K3yQsR`beN%fOm2=WwV@(DD=IAUhbX
z7dQ{+iR8Qs-KuLl_sF5z#}-(y2tquwtL&5I*s9Gwjr?TAl1rWeN8mCyj&>f4b~42A
z>A{AO%cBC`eRaEDRf7X8jbk0=Cgt?&DNPAU5zt+BzM|Wj<Ml8f^;wm_=XrxoPu(;2
zi`>Ml6TO*TeZsdc=e~FH79}1UMOX!0UK(rNL<MhSIP5oO*qa3WwCCL$K3nkNJv(8A
z&ibUo?xIUPnXl#@G^zzZ*dR3<M~ph_g|V2MvellnwB@)qlaiWx_-?2B_9^M5sMwuN
zvstT;m#VCRVu@S%ss(*MmV+Gj%A=o`zZT}9K_ol}`M+Hk<J0uqCeIp>WZQOBXPvNO
zKPemVm&GtHEpCG@n3fS_7vVYVxOpHDb>*vwb&RXG>DhoR$^ToGNg|{8?ffz~L-opA
zuV}FL*`wk($1{et=jJ3~AXm}xF)I4X{(q@|g6ufVA<bw?GHE?T;4Kc&jT`IhL0Bhp
z^q1})9*sb?1Lu>3jEs!DJj8WJ1DwnF%sLXj_W~g3as>8|GTBH(>Ko@HFK)+G32>PQ
z#~SnC0}priu|jRPUz@^5vr62c4h75xQgmfjI|wcTUm}U!;w$L~K&SzNep+m70Nn;H
zJv}I2w*?YGIuwfCrqza83i>~eThUqW*YXVT@(w>Qj~1t6U|;~!`m`g%2ffll;J5~<
zYrqc;DdTBwG|VHlH}C?eRv@~a@6M>tN4><AB=h+C_3M3fCrg?@1n&_m9$+$QhG1L%
ztp>M;>IGkI-A~~W5nx|A1REUv!V`2%%-y;A^W#AXi@ed(hmRipCmt)!E0h5Mh5aop
zA0t-AMic>hN=7EUu~8s927*u53PL}IbpT^$G`YCA2uNd(wnIW*|4MJ8#KAbcuSz%Z
zJlpBE2ko`4pu98u?WG);Zh}DtxDAz-lzebtuM0a?=!E=(4Vcq+%~U#1^616!)?p3T
zt=4f#uxGy=;bU3qkkU_lu7#b~`!`J*PFrDcNdKJQnojItxeh~9v#o&Xk}fo@_-(FT
zb?TOYMToWnk*%xsm*J^-C)ObtA~}PAmETYCW__Q$$yr=q&Nrw>dO%tq-o6gQ<x<UW
z(MDlH|JlGZZ#q_bQ?%KwNzXUoZnB;`+wl8BwG?PU^zVL_&<?mvFe*~M>+?U&LbAFV
zWbN9<R-Usv9l*d+|LvornWW<H^6=p+lA9hLJr=87)&6Cnz;V8L@)Emk*-8N!RXeWp
z_PwMWa^)Q5u|*g4G;4@st@vfchttEzPyL;HGdNlJm$_O#u7p2r>23}$t5YV54!Vv8
z)ON*p+;e(&0vF6k8}bB+ebOC|3kNkn6%Ab)#to>aIn^n_y(bXI{8)%wI~G{Nj$E9r
zdySaa#7G*WSGP%TK-$Rp8~S=`9=ISxYdxmY)TXIi&ujDQA;*z^NAKBo4#~G$K{d^O
z2vXuoGYG0aMz&SQsKbQSS3G+;<M!#SPav-8ILH#xvwgU3Wi?|nO==NtDX?GmYlZ)O
zt~poHtDJnlqG!my=Xj35&*9y=N(519XS3%OOVDoUC57q~ON2+=O7>PizS|G`^(*em
ztuoJE-~Ow{s=Y8ZZCe<k-cP%HHyP@A$L-S0`znjk?DoJgfoHHXZQOR}a^=wSGX2MZ
zax)|@9X~}Ko>Z7W<?PmPI`b0?QqB6IFkEF2Lr}kD+RFZ7c+ow*BFxXC^Vi)oM?7?w
zo8AAPqdq&Bs+GEcdp@eWyJf!*zyOQ^Y7R;!K>rx1Ze1VN!Q>6d-xcNMF*D#^t)8#8
z3ub(8(jp@drp(eno310!szG-*kHhlg{>s5W31~Hq2d(HD;tvgg2nhC%SAyO({6cYw
ziM7D%2FBWxGc*6D!@2Cpxb0s*23KmbagYx81W*ky+9NP~c=9R-Fu(7)G9VS9#i-YG
zue5#p@&sIz0d=4?G42RZL_sUULVv&PLwm4gcmdKm7!KaM?e=DCf$W{i>(Vng$O2{s
zKvV<xFgfrpiHVMWBcVbPZtLuP0??2EAJQ2a`CO_3CrW$-v^WEaKj`CX6#LT|pu=O8
z0<i(;lZ17|5Z`NQa9&i|XsfHMTMmN(h3=rhISDXJ90@gm@xy&pIM6J?*sUcMC<`A{
z*x1SeY@G6gipoo>Q!v{Dqq*^!nJb_-8qyAIZ0LelJy1~ebphTO+;u8#=ZK7Kr^=`q
z7|@r&2&58#`z8Z?O?pDF(V)2%U<A^3lpzkSDl0SmQ2GZb4j|SplwMw54(xsa|3Q}y
zLN!EE;r6?SSPgnO%r&c&k=+lN$(C4e)BpAr6twoej3Y?NFfD2_VA~4*q<(bsY;04a
z@=~Ovzs3X|TPH-#a-JD#`?pD8HD>WR-;t=<xHbAF!B26Cr(@!UFe{vHp+c8xVoxy9
z{i1G*)3*NyJeXFVzE4u(j)R(pg<hGo;pc?Sb(H5oQqsw6<%xor_m`e7bqhjzx~$hs
zqqM0T7UA}I>)SZYo^(b8njL4Rnta9J<S8|=iNWAJ?06j(V>d<SyJpRzT7JZC)rh$H
zBF-6{TZprTcXbn|ZEX%}KVQgKwo&EGgxf5nKI0+E_=z<$WPP$eH@wx0YcZ%*=r_LH
z7efk#J8B%aM-U^TW7lGh$R`<focXWxf0U(pt!x&d>XjXPj8Lv>&g351$O-IUti(D!
z(e_i^ZF=fkFjqRkXg9Wrr&QP7nvgu<?ZIo~lxg|?ZJo^D{e_Zxos7}5>=-PY5LF{=
zv&I>-iGUOeninb)gyL!Cx@s9S>DXdkh2NE9=BV_X<}c${_B0_`q~QuF9Tx(lmWbfS
zGdpy}V`ejUq+_qT8S8m_UJ=`))a|lO)qL4OmsBoWyMqu6xYzFC&y--lQ={wQ$7?n3
zs&tD-i(RKq9PR{W9*vC?!+e{WTy)0mFqL|XbJcg(;jU8$-HXb4<Z1+tV?q<FwU8_p
z?kK^#oZMpz%S|NXm4{i?f{NZw1kA{3)n~?OuzE_h(_leoFuCyQR=<N824^rPGXm46
zC}9&vql2zyqf*4$c3aOGk3741zYc-JoGsA%S>?Z^fmpPEhl2EE0JBkpz$xnM>sv-}
z)`2yn22Ovl?%p(Z;XF^~b1MRIK5+g<6P$zR^`BkPpBvZ*hr?T2mv7D&iot0P@)>~c
z3}$8Mi4~2cV3oz_g8uK3kr5CB0SY=Gj=YY|;sob8H+PLVluTaWbWGc>5o|~d$g9ub
zvEaW5R0tp(f~9T_!tgff2nn!hOaLcMKyWa4tuq3Sct6*|^`bxay$=@XYyb)?_S+FS
z1VB0K7w>oIzb?2Iyhkf6M!{eJ)j;raBjYLV+hlHshgA<AJXl}9=R^ZgVzt#5S#NJ|
zfc_mVH<QO|3uia}0oJH=-x>meSX}(z1TbQ@iZp<-K~23jW7izG3nmpo*6aZMe+CAI
zvW(xs-3LuIcM7n0K&fzdi<Eh&WYqoi5NHN7H4YhVkE7@X1yfso--G%$!m_8yi!&(-
zUZLGn(C?|4sX<01fPSUm3U*h(Opn!nY{UDWFp`}3{-OY8Dw7L6JzHQ?Iq5pdV0rxE
z7RdgfA4b*dPB9p(<<YC99=dnB+<yQl?4G@o2^4o8dOiWB;&+e4c?9MAwRY|Jt|!0b
zKPd=~eCWbiFl2CjB+1Z>-L0G-q3e`d;(ays?hXTPw6!JK3%$68wH~XoTk(tTo`0*{
zg82O%KDZG?e(ES7s=ZbSR|@f<XW~nfYmFIW9!w@HpPTu9bGYKmmu-V}5~8TNLl&6b
zTXPcrb!{ziUWt*S)x^{2aQ<>EeBu#!zSy{x7s$%+B$YT;CG?Xpt2$$_I(-8(dHs?w
zVE+c$vDnQ`?fDi2j&@ooX@n2=$yofm${}_5me+coZH`{4Yk3lREt^Q;`Jm1^X(gM6
z&zPNL?=WApyprBcq;f6%_fJynW>dGz!?Q4y0?Z3RHJ3#9-%ZC`aRg%nNw75nh@e&Z
zooHt-)D7FGgL%H7va|dQ@is+m#&9erhDBh0N#VPiZLy}FN8R?iR^vp(B)R81$;NH(
zMk(d$bFZKu9NKqFC3Bsu@DtoEq%ASceuT@Q%5L*zlNiE8m5<~`zhD9MF)s;iSP4`&
zTQ~Z29G>j2s3aU3$X8Dve}p#Xd&8}ZGlOEdd_8!L{2I16w>!#HxSD2dc4KVJ&a`}&
zu0%MjleBkJ7y9_4Di~y3(g=@qI!VFqFk-#fLi*9N7xVOEb77^I_3Wzxe7&Axi1RTz
zzVw3YBxFT=?PvOBans~6Uop#h`>B?5i$}V4PF^Qz(=q=^*rlOeTap@Is&(ych-oj;
z$@^y|OmdB!J2}tJa_G-6X(#wH!+T|cjs3rjt?d7f0!RPiERD2seUsKpOiTnF6KJHs
zlSZV~6+{Mtq~Ia|dhIbaK?RPA${0Y3;$UFSf}jMr+ui`Z5Xf$m)pq2@Xp9b7FQVe(
z!Ge2Bp7@Z5hX;(ckC-VUHzbXX-xO?^07cBc-W$ov?kqk7kTXM-0o9R&mtaf)yhF({
zz~N(Vz5yINbl}<{^5Mfj?B?Q9w?M2ne#0N|RYEQYD3rn+VgN&^gYk74+^~g(SPgfV
zbF^!y-@X-M=?fF?dhz1LtZbzC$l_~j9^TPm@SMlNmVD09eqx&2cKYriKkyiZ-{3&C
zi40Xwra^a7;l@jkUzu?dfqOuNoC9P;K(C<)i--t9QFxLD2%9+Yt_vhGD?6K#lTH=P
zCF<;#zG^^q7wHUp3#gp{n+6O7TD!aN%OwC&C-a<IIv&g&bHL0VFs>&7Dje8uF~ep=
zKy%72lW2`ZK$!0xP+~d7YE&qW`Pqa`M6+O<Va%GCv&}OMRPXdk$#>7gS;^VG*0V>O
zX)Bj<hy~sj&iZmPz83DE+uURIIF;urql`O}RsN!Bxp#Iv?%yonN{5t!5mlXB42g;}
z-~4`2rfL~<$?;J%2S$FaQZ6|2cJG_^N*-f}E!oX(5%E$YorUQAX5Sj#r!zGS%(Chh
zGec#ZrE3L#%x2q0rhe@&mo95#Z&*;S(l8^MP|WQ7!{jZ38K68UDw~e5d4=jz3QLDy
zo_T}v@-F9|Wib=Pu4ag2C4!^41SPM(WA$?Af?JJi65-QC1zTr)O6l!Aozr%{Ip<3r
z2spL_On30ppj&eJqV-veJKTAsg(yBL&E<#@z9khW7d6P&u5RhKHELHxKA;ljqq2fy
z8#E2%I*3Zn{`vmNf_e4GZZJ4n13il}-1<2og2N8l#h4Ek%yPdFA6r#TvD-Q|Xoqec
z_19Xa6|;MLFBX1m(jI}!GzZWyPBd6HBlz50LZ_cb$@|t->lWW=3ymH9bDDgta~!xA
z90Sj!+7dmk#3PpXfM3^ZcH+*J!T(f}4Z5Z9dP}2eVa&wZj+@Wtf2y7aU?x^oro#ch
zc2m(5-<fLh{6KZM6DK;XGDW$15L+25pVR=hR%4?oNO&%BTugT5y>4XF%;C*`I4TJ-
zh&M?<*W0UG9+qEk9J94Z3rqkF*YOgk$-PaMuC}V5gfP}0m?R6GRKNT$?`$v%IIZVj
zEU`8^T&UX*Qt3Qw%gU&zs7Su^rDEaWP)&Um{U`MEd}T)JV-Y1KrNv)y<}z=Bj!-{C
z*a25;1l_upx|ojk3k7ETitGvPAyvpU8tsH94LMM~i{C5JzK}}CpN)F){U55=7?p|5
zH(!KgSy+FnY;+ZNVK{&@`6TnDWg~h3&l=$Aw&%CmMq7R^s9^??uy)~q_KYvivduCW
z-#=H4Bm`}2Y%B}(<c2J>76?HlMRArul_cOgf!D?fs{z11f{|AySn>0vM!^!4hLOYR
z!Uz9|)s#K^KH(=?qk$_k^N=&XB6eqWLxsbwonxj2b({>!OZMY5!)|0X>uOh=Y0{DY
zomQTx*KDC!-vU?~QhA^DhEsz3ZVZv7e<zf%k=eV>(DEz8?rid+$Jz7?jHhr{yQ}Ub
zGdpL<8otw}($Tu?{KP}}aPL+jb6C?X!G8YOBpl+r39&fb@*yL5G|HwbN2V>Vt5#*r
zQY})mdI_>+J=%9#^Yqyb{guDb5{!)Lt~C6G1JZNSTGoEIbkFGfWz{Jw#MvU|Nxcm`
zK3_762+Wz;RmzcZOg~Y%zHslP!%4c1OH;ZMQoRvOO1trf|55EGz8<@v;*q7fp49I<
zOs|Iv*`2lvp1Rk^LEVz)-2Se8I<#Cp?0UQ4&cASHxOq0g;C#FGB%!a&hCj6eX)yid
z)Trs_wX%0o_s367a*kTJ(#IhS)yVZf1;@zkYn5t3x>HoW5<UEi4a=5*eO#;hn#Pgc
zlUULxG`@;e$JctL0%{rM@{Og#Rxie?TP!%h`k1@wdWh|^N&vSIYAd(F8sDyV)6SfJ
zQK-9Fd3%#yua3+oU4or&ZKr(~nDkpaRestdp7)XAYnmln&P^Me_M@@*4{+PE;M2Z8
z7M)|Y{2U0O`I$yHc9N^nalNsJkkj?g{ZQ=!U-+iRmBoX4qp<-AxS6Q_+`Jb_{0-}A
zCX8>g(y@L&h#XBI_V?Qz*^(rmyouQ`bosZR7!~-a#=QLH1rg3`ib)b|+qq>}>6Z!X
z|KA1TXuRBT0z7WuD0%*}%SKHNU%c_;<OGB;Y%3#JWnT-&iPQ(Yo;o?dp#5m@4Zz^L
zB#`9jlFcvD9=0lkJ&=s0p{5qK4dlVVQQAQ_W2&N@d$2+6{pigF<-<oF*^;;+zFBea
zLc+txj;3+c>Vk4+A9_w)Mq|v<j`1?tz8Aw(TUG2)v3P7a6ecqJkEM{XcsL72-bkx<
zd!abRW6D>;j|AvWoGA<=KcYmX?cEQ#{}~Bz-1)#T{KT-Iu|tt7kcvaff|}@K&>t}6
z0;9KH;D@=7yaU!c@V$oB{)3U80Qh;IEn>|)x#@-T^y0R-_C1-7<M^1x%Lg=<`pj1{
zO$XLZ^BTf+;s!;GA1;;7`?hTPHE+OZTTPrlPYH~C_ZguMBM#=|qRJVnvF6-qGMKYF
z-LP|mCYM_*#+ob?33#7*UbA@67b)1>-u7(p5JPps!|C4nx^G`p284v2V_lm5o!obI
zVw!j2+?eoY|E{<t^;OH`;_`<kUvpx)RR`Bh0yEE&Z|x!~3y1qaVpgZojiai5wpP=2
zaO$JZ-KleB!!n1>^&d@Np~;#&QytiWg#JDqy)P$wI-ixj<8ax#G$CSpOxM+Kz(&`m
zu!BQm2Rp+ZRM~2%Zzxo^NU--;2GNc_eR8ew`GvkcPr{jBtW{ih*La@dd9neC@M6>W
z_aFgHKY6L{h*r39;G|iv;r~e_Pqzi7(+XuKA0^)k${nP(vwZ3aN#hZ;-0@H??_3h^
zE9N)Cvl;KZd4i6ev({`4@HKTX{0spY`+`#Cnp^_jl$AeR#*Je^oas!}m0=8bou*H4
z?nrF#@2ME+&9ri1gd(oM7%`Q9s$)p8ZGuj^vPh*Z7ukEaLcXKf&yUibnDbp)ECY*)
zTt09lE}s4F{W<M_1~lWQW2JKDTx0^Akp*skEh(JARJr5bv8T|>0u%eoqH5(=A;p(A
zfg0eql#Y@n;oE0;-aC*ZM&6_6EXhHNqn6QMs!oc<Sd(cA3Z*>B@}?a$Cu%3+k-4&5
zW8UhOXVF?din~}UH}M_KLl&bMg=$)TPZwV0uIni%H>)c*srTNDMK&fDpWo)G-6`v(
zs#8JpxlqW9Eh^8S_LBE&*_G?z-OZVt?s{+x3j277`5eZ0dUaKXl2$bc>JQeCJ2o}`
z8b`t`g5f`Gn)`SYuTM9x&r!V~(`&!e1Kl{1YL2RwvP)|;r{DevlhLe?bUb7I;CHS%
zeSymUw~yqS-gV|~DY7vq1CLKq%fK~ViiJ@|^~okkUUnw?h1swDw~Sqn^*<)oA^yLo
z&3~P*86JqjtJ8BYIbW*YSt(?m+0eq8<Ujng{z{*$S4B=*x)<<WsUE8=y^t_h3dVX+
zuGXsEOzV>ILDO&d+`6-nL7?nwT&QwKa9}vRgRpImMTV5tNyZ`9%UROSQSvEeNmY2l
zCVrHXlZtipv(Uaql9&5?#7mpRu553aI2K+-OEV~x<^|$3n+A8Ty)n%j6N*#%MH%zV
z+qOgR1p4fPhl98BUB;hW(Vv^g+QWJD8;EcQ-{I7Gil||p(x>#inxb!DT`G8KInl?e
zLh;Wq?x<Ng-&1h#G2B6v))v$5;_vuaGVmN_$GbUECd=a9f3;_q@ZrCfKw{NPYky+p
zzO}XwXX9=s(xJozS>3aVUX5AC8G&ngo%N{fZ3LgRAM*lJop*IwZ&L8jqJyKk@HLY<
z@%Zv*IonDgJpUtDWrytc$EOoE0Ykkl;!~l!MH;UQh$W#yUX0&b!~}VH!)?QH<-{d&
zVvGFZce$QyF9X!|*mt%E5!cj09s#wwl|5s)p-gps1{>ck(?qS7N*NR|@H_n8!ZlA!
zaC3VRppM!(UU63&?IDq6+oD?cL}kmfRwzMv@Ko>|#Fj5(3<XK<dbj<rEvM_%O1X9N
zW|k7JkmIB`PAe>aNPX|FW1m@=*0n-j@8;Gz!2;3qL#e@EIo8F3hQ3)^)x;dTUsLy;
zZYn9b=-r(Bribt1d>^o!)!hE5m50me%1`QeW(}TBTwMv6Ivmk$r}g+%9X`o#w0Wy%
z!GB>K^Myvtwukq5UV&Msx?SUW_W(`WhUd~>0|(i+#^a=9cW1xS^tNyhDn{36c8dkp
zoNti2zAWeH1r}~dMTUL)xdxc?X@P~)=2{b%;49Jzb4Rfh#gO8YE9Cp_eAAQx)g8}E
zI`MtCU{TJ*AJ+qsL(`A!8s-NP?WyXijtBV>59*)%ba~pkQysAgg2>td#5;yPJaf7F
z4vYQ<^}eATwv3V;S@?RtUWE6S9#o?dG^?+oI~^T=_hUnxkt>WsEuVh=q2;^sA72;Q
zbMw2;n3Jxnv;!!jK`QwVV<ifKd~-`pt94zSenG|YaEfI0#E~!b+rP|{RBI8>fNeJ>
z4HX~aP}m&@t<n`(KnvI}B@bo>VIRC&^S^bmKdt->KnP+lVJBl>PxwiO8zi!Vn4vdA
zn{CVx(c6Tt*98qaaTcCG^WWwEddJNGW|hQgMy!IK4%jRg3HBzYYi5X-kx}9uUB-x)
zrlxDu)Mmye2)5o@$K#hCN=HJHZ)vLEF$vIcFflL?%h!FwW<Pozk|+7VdxXs~eKo#8
zL272KBK!nndYy8{PWG9j<MEyLdh;fI7XzbAw=y9;gqjLqlb9AR@FzDV;K=;)IKI92
z<tNOD=O*^wxVYPhbbOiDUT6SoLh>#q+jf%Qa@n&h+ys~0&ARU)r~RQ-9Y<yOU$Xii
z)pXfwcQd#3^-T0_S&HUc;T051YPB5EQ$u-C)Jo5bjd!)@M{<&pYh`mR3H!c*{M17~
zG%q59%c6HrEzcf6xt~Ojz?=z+N9G#nimegq?c>E?E1~JVQ;uo`ut_iVvU7Sfho<mA
zZBgPu%K>$a6nSM`_>vM{r!-!HK#x``SGi-cv0L6(I9^oF@9)JY)JL(qC{vX%*V~hC
zZ%q1F6m{G8EKQ`b%Zq3hNVe_{#||d0k~!IL28Qg{lbEj%sp{w~FgH}4+%ea?FlKe~
zU0>w;Bw`ajU6>*9KW3}qRPOQRH4n+TslYwnPgdL#lT<*;<&;vs_5@2{t?PpnPi&k`
z(P;cM3`>JUq8#bd+%pwGxMS4A^CZ5S`=X`fQ>R}Pnz~StNX;{4<kMx^H`^P)o}R5&
z9t}9AzKj3Q2T&XH>V@F1hAv8KFoe5Ec;rXYMf~YA#xIdG%&M?^Wf7HPWh(29#BPf4
z&&V=Tu&+~v!tSwBV9&mt_$9GBqoCpgQFzm02X%OwnfXm9IO0Xi<8C9b9_j8o4odOU
zr1e|d8F<p*n^_rk%|K0h$Q+Qvy3{<HU_<hy!49UqEGkbl&$oI8k-I&O9Q~r<)*>7}
zhp^1pX%bvix^z71%xZ;a)%-<w>)DD*a)ql-QS|DB&1fj^``Etcxn7;?A;B>0FRg)?
z&__8(PdTwNB?M($KbIMqMRhH#R+~C$(QzD-P=&=+j$W+4t#_a3h%uuhIEOg!c-<uS
zj=Imawm8Ra@2Y0!l=dt-&o6G6+H;#V><kiG%Mp_d#5(cVjn8BVu|UfN28eeCUs=n?
zJK8htdPf``HO@*(^Q3T0CbMgh=EOI|CY?I7tSrAh$s!$W?bLVssnwImw7p|m;>5JO
zXj^jrZnBQJU=AbR*{vx##;tu`U3$tRk}F=LK8j^~N7h3#Aq-_(8RcrU;s)EVeiS7M
zSCn-qA%mf^OS5BBhc0*&CCncstg#q+PUfH{d#1E*CA?cDBGdS5{fe&B=Fo(fnPtvm
zMcHRCuJSsspr1#$I!4TAccV4;3CYkfZEXev9e?SEK*7`#tDWA<fR<&{jPbLaJkb}%
zubD>1&SImm%XpI09}7yTb|8fa5!y_C5EdG85Cc5>h*w7n<1)Up8??_t<gGr8)6$5v
z!LVCPVjd+Px|VY|h}O&hP1^k!c}S1*T=>_&3f1A_hcL75@i%<XD%l4adfFJv%fQ3F
zvhdFoiPU3pqABu8=1H#A03+Up*ncb>?+d-(<q!z8p4Q_t!kREe;dewY^ZwoCTwl8Q
zf!z+khaQ!%m>^&ceX|XEzWq$E-p^G!bm9dIC@aPF^hv5FN_ME9Mn|i3#I+_{)lLC2
zjG|gZk6dH0y4oeVPGF)1a+6NS!=hWqn3k?ff?8Ng*ETPjor@#n#i(0bS@&w@8(6Z;
zg@SaPj+XY4yl&m%Z?!d(+~kVZg4nNp#>^Q3wVNHS%dB@c>hWli$q6_yNl8DV(hjY@
z@Z$WKb7_s*vYEIe_cD863XeLunUdvXP709aB>No@so(PHVaptf+r;aqkKMkay17l*
zCA6n}#HaZXWZ-VL7})+4>-=i&7;@sph8Wm+&cAu*w2_llR|nIQQ+3);AqXq*E^2F{
z2_?Oh9zLLvzP{E85%8lU#8<NLk$|gGsE)TWoI<v3k3#~r*WeVYYL~}wwP2M`+w$G&
zn#YK(q+1mmBMCSr_=Q(#Fk)II!i)>|{(ir_%C(SbZKDx&-JIa@PRoE{sb{5W*~>p8
zhwz{ilSudPbL&W_$`p#Ys=(NVYwH_-zr0$S%%f(y+q^BTElFW|8>G|eyM(*KPP9c9
zHLc!XcU&TI98kE%v2_Xu%b1>~`E;DAw)d$zQp@IyLuaX1U^T}r>AE@6TR1Jh>>}`|
zm2l`ya}LbLFMBUFGSn(6zG<ZEo9uVOgz%tWr&B0=!_x}^y!@(M3f|eb5qeV(&|kkQ
z#3RW^sl0n6$q;yxCv(AOat6^h{|KvdN)Si-&F$}eXPEF#u$?`*;~_ft?De?z^BMD7
za`EEQ84}hP68HLRVqkFi$3QT`;Lotgs~X^<vPT69=wjx5TU;<+9>^Gyqt1}-)I2#N
z!2*)yOt~3$r_kac>L&+51oeJ9dIIgd0>Q{DE}dq=v!HD^EOi^~+4U<dH+NK9c=5+Z
zu7Hw~1AnK@Rf{|EG;ajUmG{EAMjFN4XC86mYm9&XxjT^*`KXdFpIozk$M)qG%A)9n
z4B8iK!(5268W_|U$aQI};qSWAd-8d4y7C92u<j9eTX4vivjO39pU62sJ^RDU#NOK^
z&bxhkCde|wh{2{bpz&2s{zORKo`{tG^`m=%bUyscf`5nXUal9S-^0i|+K;54SxMlP
zUrRaknPqONiJN<=WUDL@$OQgjFZbhe4;Pqs(eiv>XZFZb;GGA=F0A==DHQm=%lxUV
zXHnc-HY;~0oZY$?*>iOrXDm`oq&SlBn_FdW->)lno=C}5Tf)P5hCpfMmtT#PmrxJ*
zqdw>b`QMHU3qU&pLs0Oz=n1L2{N4Fd?d)kYTRRYzcUN(j+G+VsM>qI<x_Py%nFke-
zUq{Iq%6GoMT^dwbAXmCxfU1UEJHc}!pIu!GNy!OF=vwTjS&|-EVan&3c2HwKsC$+4
zLBX~2E)Sc!G50+GI))9sW#{h0h*Ui}gUcdPsb04W!evwF!9aDheLTx?Ck~ks=W?zV
zjq0pjs@p7ndgM70f&T129|!xdPLil&AoKyq$?rf52Jnc0VY}yj&x%<1FK!T+12pw;
z&>e9>Ww2cQ9{6NHX4Zl6GtiBfIyU}!;Led*bhZ4&d>Pw?Voj%vOUJjSpX}fN{9e^q
zdM$D;xYhjar2OafcBu6ui7~#PLJ7&WU-r<QTfdy%vCpW3$yNhoK-2FQBDj#Zeak}d
zsd1;?v;DmHyK;_?8Je1h9B$eCD8lpr@%8xlfPYnz?)Jq&a^uon1!11W?_Ax?T(MyV
zp^OGHhwR%iRY(@MLMBz=`=DdC0G>j*bwP+3=@lEF;skSy*p>H{-9`4^p~=-5ISXFO
z;RI_^DudTSw^EcmKGeHvHHtu*)Hi$VOJ^@RTHeWM8vX6d{g;=IsuNL`R+^{o{}03N
z`5lQy){U)Cpg+YLl@LA2)4Z2>N<7ndk?9(OBX>VMl|oIZgn9z5$XUP00<`jilqD~3
zJ4BV|5&;{gz{3hqnZ#AHErt|2zs}tH5=jra8ZGk@qQ5)Ifi2xajx-$nB#?6yYv+L~
z{I8Ta`7>t?AgDDV6ry5pl<A(O-hNcoT>93mai$<qD@@T|eV5l)6scrD@gyFi=s7o<
zzMV?nc-uW<FsM3vWu28KEJcP!cLR}E5yVy66OqVT@l9O9KxKR0${;T$AD+%2epkEo
zo^0Y}dhl$-7K8Ey`Q<Ii-y`gIJ`Jt%^7sp<jv=zet4Z;t9R(c0K4u!#x4n+%)zy8N
z6PO6Qnxol0OoF!Oi$zn!%;@N0!Os%xZbUCY$DcK*)$59+00sn5&v^w>1!zyJfu9-l
z_yGnGs_#z_YFu`Mrabu7^|YkF1^6mKi>^J05R(#Ro+E;KZw8ij|IXWkA7Hy*X1o`c
zu*h@%q149_4A>r8{`ghZssGMuo2K|OLie0wzmY+BQ<AOvvel>QAis%f!l$$7GGgxF
z?tq^IH91(O&EGweVg$jrv-;QW0!#Opv}S9@uU(Jd`S{M#w`uQ1OnUU&%IJ{<PXR+w
zYGdaBY>&EQb8dQ%U&D_Y$&PMu>?B>%$O+Si{e-mA_7~KBh?%dl#V$gzxi4fwJmeGR
zE{to_ZdEQ3kT~uOk-P(hG^uwLIH;s=PZFY0QyCpz&u<R;(IK50Mm3Q9+UrB3>A@0d
z^tiV&o8TC`yLQe?OJnreID8T1N9S_V&3bp`JcY||Oe?5HNuO!{W)n9HDxkav8C2zN
zKek53tlp{YeA`NUCNMyC*(ohH+V%+bC+%(R1^8~&SeKFX;;H#Z$831mf~re7G(CG)
z(o+JH0oP7(f76PIZoT7#2h{{GRFF4g5ZxfNyR^{Yzj~B}2CrVG+H=Oe6g_r?J3;Zn
z+{@hCV%pD|HP#my*02N>U+;83B*q>8=Gmy!hE9zg<lRX1X7DyAEX}=cHPK9HQ1H{)
z8zCuoGK=r46rxyGFWq6$7*xNx3yq%(hZ+SF(5FN-bv$H8sxsrZh_t;&Kj-nuZrekI
z*<O2<QWql#<FYO@F@vw&$`HlZTS42fm`lhXm)&abAnD?F|Jj`mJ|JGuL?ioCz#JRo
z`$Hau#)MKn4*eA82BiTXJIFs3hfhLzF}VrHL7*NGX257pp}6;7#qlle^^G0smXM`g
zjn4ntlG^;7@t1^au$ahRYjCL-UEOI=BDNjUia(zB`^k>O%)>O}>ig&xY*p4GGOV1F
zbsKxf=mk*Xb_FwK5~k8W;m7aumK#>noge%ky1p_h%eIM@ZjkOq8tLu^LAs?&LL?L<
zq`M_l8tIZoC8QffN)$wpmJk66r8)C_-*?tJf6iL(57)aCp69-=Yi7^P-g~ws?`#>A
zT}4h3kbLyXw&*;1fn!;gUG9+6;3%bCHS;K7V^4^&*hrYPvP4y@giz^jy0bC{a*a{I
zSoL`y4^{<}k{+7y%U{wBZsphk!zNpjt@{5eUp~8+!1*`Gf7CaJc-}`bDnFg;IMcNB
z-*Kb!?7nsBh1;ol9FY!1*0JG8h^$_Kmiix`5U%#Uk)mI(x!?ai>*apUU4Iz$J>ame
zvx8mrpZP?Sf5sna0R6YJHV^NF$lk<n;#3EBP7XTZxCe6G46+~9JQG}sE<dabDYKbt
ziV~GE@x$dj(OI{=Q2uc;0~q7zNJX?u*ZcdEsJ?vO`jHtW9sHozy!FV`0eVXLojMd2
zH-0}tWGtP(;SQK|nc96i8ZeeIcNh?g%1A%dy>SQ&kumb*6cJW9QvBmHL2>eg1XEQ(
z^tP=<-)D98HzBd@H2EW4*NgENuSee<SJquy_a1(?8os*8pXfMfts}n@ndq|OZ25U6
z{f30}>>sy^uiPv9H3MspU_pisi>%jtjb!7~#~W!<H}?Z+L{`U4sZ~T%Z>vfjj&D`$
zXAG50tXs$2wKu&+mgOTqoqZEU(QfXxBW3;Xs%rk=)5>@ZgHNB&(V)@I+S;F+vGyY}
zm3*4nUA|A|rl!*Kx)wOzyP*3H2DbxXL&ha1i~3p(UcC=)0kA}#dn*^IZ3VW?Yyg3)
zxTwg}Wo$^!Wm;f0O1z(8NAW!7!%8Eh&WMP<{T=)zKCw$Ni)S}$zl1hCljH5v);)46
z6=&Z%c52bgOF!Bcbx|}AHtV!K#7Rnj^(*tOTQlj#_aL**6Pdu#cR?-rl&dmZ>}KD-
zaw?jKP|dSFYJIvr>Z4)MIg~+$8K~!Im^LpYTiJ0?Jb!ap@VD{#!#fvme|DwKoH{k`
z;2M~`eqDAhy`NsSlWUr9)_m5#ML&Dw_)daz(P^*a?q*qa8^7b1fj`0IgT3tUz1<I8
zj||RVw{E3X%_j;Qm6ukEvOfC4x&1~*(<Df>ZKtXJ(GL7jqZ_rVott}RYYYTl3)1@>
zCkZPJM-k5+l-7u_n?(_sRpGgOefB55=H^+?8Bs0wEbr1mh~aVkQJCIMdCNgdpje$`
zv&EhnDQdD51={1%y&HUrYD#Tc4#sdJ4A?t+KMR+FmvC#x#6C5}a7k9)kc=txmj3{F
z*fWSS{6VTvl_^FN+$jpsr`3!a<=5kKUsu8Y1{q~!Ql_3yWy46vHF)+fH~`Eb4d2dW
zdS74PatAGVBo_Z&@Ku1_EUX-IzTrX-iy^ig`$B1hn%yxHY=YsrEB<}vru^$dl{G4g
z5HF`14i!?6o28xn3oFX#G!m+@s63dloB(&g;kK=A>@;q(#1CD*b>z`s70OlJuYY0u
z<!EZ*w!wAoaN)zMZtgDnn|;Wm-Xy}fCh|$&Ax@D+us|AAi?y_3?zDXF@jEDtgfdjk
zJI#u;{e%L$_!$Tcj!qlwhu&rJ=cYi~_Vb?lQZAWO`JJTu?I-I+HB$-iRqo6O1g^Zd
zKYB`={b6l*H{^Bx)&9}Z``5Y6YyC2T%a9QS9G+q2x8BG~czhpG`L2EEN5Ie5<`dWU
z-v?BrYRA9(KN)midLh#p_v~t7y`$6RLr~Mx^PhXicjmUu-yY2u<%!vq;QCrvx2(C=
zAMf<$nXKkqFOh&hYw3}%RbKP2(T+g)DJvg3Vt56z`cK9deO{_{{M>JQ>$%By?KFF)
z@_|=!Vgvm{?WZLl`)gkDi=V$cA6++J*i5%P3YIhYy24|;{L{LuTB_6a-&uu_Y&af4
zRzk-3;(=w`&x?&Jm}*<LZGTw*;6HHF%oEsS$r9LDkis4HA$llo=&77sU(_a!(%`@l
zD){$WcLa!Bb8A(Z#Hu6-#-De?j?V*cumpX>98{_TG6g}0;d;*%MXZWK7E4_%2fq>0
zmFg7z;&g$)M3cKDy7W0n_N?b9@#|mmNZ${l|5J2;&CAW`zYU%;a7yv+(ePTPDpg-;
z$G-XQ*>o{C<)%N5))0k9;I*suE?$1Br4qR)4wW|#a}`y2@LQ?<9cE_5Y{j*=r(xYY
z8&R4oVc%&z)QJV>h9tgU@&^u6>JjOPkdt>&jnDi3qpSRJ{gcd1KApozSQ~}vi}MW%
z2fo0|W}iN?VoHXJ1j<I1{~ZTRv0Cdk&$Wyvr?}VZM{RQJ?ZJJ%zsqhgxBRhkV!w<%
zul~Mi>zDcBq1Yuu$RCL=2jzST$&I5GMusQ!f}|7MYUg=%1+vochs&P&0K>#WIvw4{
zXaD*suX<$9e_=`w<uPMo?R`1<Wx{7I5z-gZ;B#Gd<GVSL`sao$CTE;=mgRBZKue^4
zn|kjM3u1X5k6B|PgIqrKdaL(#T5Xbd$G~K{w!lrW(?6h)#ADo|myUI+=zhry%kMPO
z+3-{A<H#y+lVA~jK*vn1UGYqCDdH0*P7FXRj#gk|^xz@vvy7&f^^O!*B{_%(av71B
z_m`rMvHbXpXwAZXc%jM@X14EJwM7L>b`A6zSvxLXFn`ZYx<?=09f4vuh3o!k*K<2u
zfjw?md=%*=mmr4|Rt;9Al$6gO#bc|MPk*9Q(biJb)DBA|k;0hdMYG0xR|$IV+l9GQ
zHeoH!n?I8vd_dPI`{}S)|AIpN&D;-9GgDL3g@>mhzt7tDcQ}`#NW`>nhJ5$Z_TJW}
zwm$9iy_)|-GwZ(4z8d0gaTHQKeCFspKKcy%RL*chDJthY&i!TsdFt&R9pAaTRp(BZ
z8XW7bi;be2@{S2>r~7qRs~>{5&p$mh2^3>|?mMcK;U`-p7POYW8fMj*F){Ex(9Zk$
zFWYAphnBV;;x5a@=Zrdd1ilwxa%}jno0ut$^u<A)#p7RooaInvgs#sg{W|r(=2Nmh
z$@_5mhK5&iigZDwmmL@9FH%iOJnH^;d<y&2(aJvCq~zrBe3=VaYNlVQ&w452<k7Yy
zV^|VnQ*zor9A_Q~m0dj8pwwBk3R1Nz+uiT~UT=$9bC^Tc#Oc6litbPm)<nugA5BB|
zDTBeqQJ15z@FzsUmh1yt3witk3`|KbE?1CJ!wUq}^He#1KZ#)Ga3(=3!&mEf^(~h5
z&(+^OpHl$MHAtS_z;*L!`Zt5HnCWeEYfoc7Iy$$zWS_{R6ZgFFcHb~dW&DP5BSnFj
zWvDsLMJqMUR?(Be67>NWQ2=>Bkc1U<_uV8yZbyIrgqrHVBDzGdkl*aR?qL4j?Hl;2
z7*?7QdUM@3U0^bOQ2nO+jaB!K-RtS~S9F=IYO4OmKp}S;k$Q7t+q!c8sb0(iuKaVH
zSpGi^*I*7i=(`fR-%Ax@82o4T#GpL)SAu3I&1T+Eh{@^?7mKTb5TD2U`EN4lYuTgy
zZe6ynSg@UXXy<waS+=ZyI7rwhPWSt|DYYG#7;Tz;T(UptvXq3|nKS-I&13Miqzm8c
z2=CsNe95!p`usnKCx6OLr3rtfv0gv7e(onNcI?--w75x5dB~)W{Zae8HviaC;-f}~
zf8YMK<&!aaw9OCRU;ce`-1O=!^+RWv^t~$kK8uP7jkD@inpqcTcT_x&xAdlg{|)vy
zTrh_Rg8VIf{Ka<vCR*!7PonK@98N;RRq~$`ujP!Y45y~1*q*8=<|^f?=GsKP3#Cq{
za0+~=e`!-b&T#7?53;*p0@uiAO<8sY4^z`QDAhgyLmcd1xZvM{i43%l-Wb=U@fM-Y
z8Qg=7y*W_>`}Ffw^Q~?bEgmg%O+}jynE>0TOEpJcOZvn=QpZ>YrWvH;O~6W|5|Wor
zX5F=hdeTNZR_2uN9XL=@k;~H=+$DZ^evnX0agYi+7e)bYTVA>Yn9qX9g?$m2dRiPC
zPmj7+h|qv8RmfY$_tm`K204bmGMVq&60IXSxi88Q8`&HRkA&6NYMDm@%}hv!ihVg5
zoz+U+*|*6$LWsU2>Q&r?XSV{248*P&T3ePsTqo?$`!Bsq=zL@1X>@5~X~K72oA*b~
zg!i1+`q;8<IfVE1Kg(99i4ALanZ(nSlCFNz!yXy2y4<d(SG^~{C@u~9XyNTk-6ZVy
znk@~acm86pU6OwKi6ZC=g;sRY{*KGi%O|ooA5MNIJv<HU((tg_tXaPl_>jrT_vYar
zZIAwOcJ->E8=1LhCl*h5PsRuSg=Hf0>Ulw<_a8Zj+8gV&cfa-`9_3+Lba-8HSzbTi
za+hl?pB=x&)v?nR-r?8dyHd2D!7avTu-0|l7H~9Ac5`dY`mbf{?gwR!A6?hZt8oKP
zeGn2}(bfd7$;Q&~%7?1WXoSv|+$AZRBxcnB2a>yTV?>k%s>;fEwBnxKp~!NV2dJ_e
z;A8~hJXhFd`u5#4VOWz2bPhOIJ=VFBK3vJn@mr7M_rTDIUeG}u7?Rk}Gx)5Nh3?AG
zH_3`M04*9;ogx-U!hr;^1;L^m4+ZnZ$^MWz8_Mz3rrgapP*wv~gq%YcoB%O^R{as&
z*ixBQK<6b4W~5+=#x;iF-Cs4DlNc4HB3)S1uYKF`*7d9hXH_)aIp{q$#<HFOFemlN
z&?1RZ0%es1LqUvb2j1IH?{uJzHHzH?>dyE?Z5(Ix6zm=Jg~#nZt+$iLUec=R4#bm5
z$b)Ig(6{g41cR_r0jn6{?I)EAD-2SU3qSoLc+VZ)v=wtIg}|oK+*-+JtTl&lz|eWv
zU*%dgR@ts_vWPz$zlAj?_#g<yb%wNs^=0{Vu;vu(EndwJ9X_t!U*%ll+w>sZy0~1r
z+y3}$egHD;*@TK~twdP+P2xJznmW6WtdH$$%tL;bj7x@!qY#!cIqtDoAx^Qt*}BuZ
zRo>ixd26j(AN)pqfA47Bh+u^tJk_TZ(v~*3LGpThVYGwU`s|!>>XD2<+s*9eEbAxv
zWs=DqJVM=0_UAd$q}x6>__LKyI@h`^q=Ghf_{4av|262>o!45Q@MV1L{FQO_&qC7m
z^5j}gMy4B%N2`9zL-9O6w|{58EyF3iR_&Pu?(o755z28;u|{SHubi%26XC2XgRCy$
z99}59PJTP+=DCflIZSF7geIhqt}pgCKW5Ycv%Do1G;vp8gcBF()8Vt+9Y(~WYFK5+
z39FQkwO(==H9Cw?MiJ>fh4r?a24!O)o`*NNO-W6ieaBpMbqxG3rzo`IlI}JnzEw>F
z5_>b4)tWZgq2rP((_hYmEavb2QWr>X!Got1q3{P<t-(F4tv88Dx9;$`Q%Ewr%@L<s
z?OYM06m}*Y>IK2vL?_#W89jMP|3imyoTqQLDX}tjC!(X$v@Bs?`stQo$xFN%BteCa
z(47v?ZRyY(VAa}aVswXne*QVGSP75f&i#IW08Z|Qxf1STx0H9I0NxeMgMrYeRP+>f
zkluhIz(7wi+st!^hi4Cq$IY0|!}Jw{W`amr7yX*3)UPBq!S*YozE?~-8tIZ4?!p_D
zZ~v2h$p4}FAyWj3X)m+~9M1b_Kh)lOIO}2MbKNc1vptY={n~G}RdGGwlW*V6sa)FQ
zlb<rrY_17q1tJ4ICs<$a=kA}IE&1Hkc`P2gSgG?Zwfpzne5u!T3Z$4g<;^>>{NVZd
zAMVNQB}u^VL7)96eIX-+$A2a~+YRz57uN!44<y?&o`(<(U4)6N{u5`2-27v`yBJWr
z7?6oBGtS;>k%QXROE2sD%WFN(WgYVrAWzM|U9u&Yn-#CM_=gV4K5jl=d<|~-S1f)t
z4HR{%L<_Uv#N%H26C50!uyXKl1P~(=^pH>eW@ur=3M%AGVVAVCsV#V?A;(i{RDuqm
z$vOpX1R^gvjnf8ND1LP#cm*iaci(Dt5NOpmXA>cVL!}e}_*8;u@8N;J1`V>G-zf+V
zj@Czx{tPjYa4FS;UXnfEZ}nu>dVjhU*Ajl9afL3^R=Lh=ZEjuX7)Qgz_;_mYV}u>D
zC)+jfw{0uHXB7_VZ}5vM>~x+gLi+-msmY=K(Cs(k-+FtQuUi&rcokLjlas+5DfsU<
zr@LvlSNbQvu6bsHNjby|cI{ksJ!w>AlAG@X-|A^Z-A=(B9Ri}Z)gpMLcYAhApj;jN
z1I{s@h2*WR@Lan$%zEyy{FXJ-^_V3>BTrjF-ar>1Du$&4{vkyk1CM#TpBIp`L4aMN
z;mywS5$%V9sp%y~eTu35eZSD=OT@$Y^E?D>rbej<=M>z>k?St%>-jsjzRAAr9s1_<
zH~J$Y{&a@+=?Jj%M#$OydmVYrGQ|)sS@RQHIg#yRVFGg~X@uEm>K>-ZtPl3~&D>%g
zmODd$`2c&+DdW4fn*}O6{<SlfwXdZND})~-*49l_&wMylnb^FE{h3T~e1Bgrd4|Dr
zQ&Cgf{FKuSkN~F?TqP~r{r-Tg^^M=z;fA2&=xwcRZ}?Muf9Q1=1>bvk*uV+=yx-qf
z4y%1ZOScDF98P_+&cHL+iLy$fsYbf+{t-=&IY@9IZc`Hx{TUOQSRczWNM=Ql(TkMh
z;LTylDA|yl=mUf_rx9@_1v9(*pzZ-U;=TVP2%667R-o>6B^Z5mM+%g_3tn433emax
z{qQ{A7u1wL8vbG3>`vG4kXFosBG0;pTH24F=5><UTW7teVyVTai2mYd8&K@6`xrFA
zG8oYDBb-0Lvj-G!U*(mD0UX~P^xaBlh3+fB7&xpt>1X)Q-V34Lx&O98F$xDFz{;2z
z0Fsm8CXms<rvW`;+LKBMWwa$TB;E9&66%j70@0o-#$fnwfT0p~&fwVLGLpt>9dz;q
z)IHOVH`iBij<%M%<Tm+h@X)^fTMAi%CqR$|?qE9k(*6*Thn_QRqODc*Fs5Luk8{vI
zRBr^@K1iJu5b~aTMD+CIg``weXCOQRcdr8QO#{Q8f&>XY2_cEcdgYLfz0bhmo(k7~
zhp?%>CBf!j!&~)}A_wbraQ+Lqz61nM>Z5~y%%C#g4#r=#hLyzTkHL$8bffk(E>~JN
zfAo9X$~itEroexrR|t>iU-YQ&Zt(BCmR9JM=!akSTJ}k`Pl#EFxA6C?jlJOf4Ef#j
zD0ZvjW+jF}zwBNd-f1OTOk`zbDvm~+XkKkF;YTt)E80yzNCs7B;9g?&?DspcF(Qdt
z-CiY}$QDTm@Si@83V}lexkh~<R`aX}lfe+ye#lNg-2c(>I^<eHWYQj=>+T52&y^@<
z_Cn4@Y@$E!;izaDO565EdURdAifx01OmO^az^~;GQxE&!nF2O@_{`?IgdYi*uj<4s
z-1Hqm-;~Z}#HFZ)@*p`C#9dN`vQHm^jUsrHs~ys!!`7xp;5!B4aw*@vOL)SbiE#L?
zAP|9?407al(}Zje7)C&@^USOd@j2Z}OK2)ZI3nVZAuLo6>#tVssd0R}AmcK02AhVl
z1Tt>bV89~YVVmFx4Y0~p`#oquABQsD1(oPZJ0M`uNAtJUQwrcn0{i@D%dc-u?3*ia
ze_&5hGZ?uNkP~#ntaj)7BxqNyVEmHG@NiQ36V%Nm;t@rsfUm^WQ}H!06e}U0F`oe`
z_sRNj&(zReb8x20WaJ;B-oc}nZh`&8wE1m6xO5A;L1-RNwc=9SO{u6m)w?RD^dT;&
z=Hhcj1;^J*sr~l8)pa9nnUDH>T0~&QSq*j=pe13hyMSt=3CrwlfI`A8Mx|7Z3#$Jj
zZS?WZ0?(W~U_iGgwO~Jtia;5DG5?ODag9$a#XmqX;lJB36i>>j55-#=t0pX`B#r~u
zJGf$)->}9yPgijjH7@1*S#p)MQKWn2!j<gQR~sN~Gs)qB?e%kp_9vU#()N<F{}!I0
zB^~QKa}Bk@?ejleXJQ^`y_YL4fb0q)o|6<JX-EZ~;1n_`G&+z#kvhru=BQF&y%GRS
zrG9BFtYc~MhG!mG01B825Y~bVXiB?k5;eGV;oiEXMoBrXNA;@?s!HCuh!Py@Z^~Xv
zo}8@w`OqA$GORqNDus*#=AGpTXT6q8*`RZ96p(QkCfv#3wH(#Hfm2PuAbT%0J<J{~
zeDTh!mZR}$9&e5#tag%#l4_qI37$SFDbdWRh1u%Cy6$RqfuN*h8w}5Aalxu2nwU`)
z&LJEktz(UuJVu3ZSgE6^ngJjg{0>^cY7df80iS{(UI-l3EB_=&6`=c}c8r@wm=cev
z^BVAbgDDY657qNO^TB`)^5|wia5O!ayCbnlc<;ZB4NM@vV-<Y10iouJ{I+ChL^7(e
z6P*jRx5eL0y2GKzIs)P3$I#fwF)&<mo221=mTa~l@zx^jS_yaedvhJ!F1Tr;bq~lz
zMXFu@Qc(Ssx_I%s@9+A{Pj9ThN3zzCeWd=%R;pgwf#{3Zx0o#N;^H(zs)dx*Clf85
z;;SC-8$0xL$-RYC#vQH`{JI-3UfThEHAs!Y-IX}NsLo0TJj+-$UNA27{$ZKF{YonM
zvL)BBx$7tuPVRZUacgf0Je5H*wt`aib3~k|GQ3OBU}tFI8n}gmj<amUYyLhlG{x@_
zB+J4~x5BL9;1QzUQ1ay_3nt&E;4#&OAfaEXVN|J)&J;(v5~lzT4&NYz0Y+t(PJ;~y
z0$f}g9icpBNT4NUzMia|q8EnfF-<98vrG;mEC|zr&)PvdP3Y-NdgneY(gO%YfEK=f
zH=RuZ)TSTcm=oirZ*nl=<KnKRY%jDP!F3h&_>s$Lz($Y`I_}Dss0vi8kH#^R%MK1a
z<3ojTux-c9lquqRT4>e4*8O9S*glNvB{m*!jDCTr?}NNvX{#G){m#`0jO{?GTEj+=
zLM!oj_eV!gGDmNZojV%9WpIVtfWRSi4x?Fs-@RvLY)COs*=;?{gfw(FPx4*oU-Yka
z);Aj&)_}`Jn3++8>`HOSxZ1&r3Qqt$9mm3_#A&878kSN2#1gS=IY+;*Z!zajh^MG{
zD#rP6AB;6Y=K4=jNeLd3La9{`z;uN7D<q)d+LAPiKmMCf7Tkm%1)j%at8g*Q;LmzQ
z|K}+9Idp%cAa!p-_*@6YJj3&6+)p9hKM4NeiM<qj@%zbyjF{^T2Z~9N?t(?G42py+
zEUR%T;z1dJB+IIvf-tK)??y+1&XdCZ-X@57h+Pslmz#3foR!;C#X}&Pj~v3LQef<{
zg>C{|$Q`_mh)z%eBD?`1#p)1c9Kx4&hkY`IdB^jeLC+4?M-oUm6=yVvoU#pPo#ve2
zskbbjE-Al!N4xB5a03QIgvS65-hqvPVKTHs8MAo9#~xl8;U;`Xm&!Jj+Uok@xt*WQ
zOG^RmrWpN<d4sZhwg#Z%3k1*3^HrwfrNASt@mvYm3W%)$ZvNGCyJn3JE7FD0NK)`N
zAek^t#3|#Dnmj=x<F&}Fp!o?E&SyezYuHqWh%8XW#7pYP!*sp#eCG`~5&@FJ_=!k0
z`7L=V?*XE5>X%HCeTOhHU9K}B5T1Mt{W+OpKJ)i@0$a7u8e(IyEHN4Vp=vH%f1w%$
zCW=CmEYp$>!zp-Ff`Go!8X>LNp`CsV0C=I5CFlsp8g|v1RGSJA48lDk<uUaH0X0?@
zY`7cO8K%rbAU^nO)Dn+x`@{U!YqqCoy76}3^|a~()W*y6zrR0fX5ASKM}ycM1U0qU
z>zni0uH4$a7#y?TyWV$9Oyg)&xPBvMAW;JyC{EUZjG;A0{*P`?U>$0T1(9|o>Gv1@
zeNk#^&i^2s3eu_w4E-ATHn60b!icQELVo};4|~1w!KeEm?}Vj8VgP?26@bS<uTU<e
zQP^&Rkq(>$dTGCuGT8SOwyf*LSxBvCQK%RNm{f}SyT(f{B4pz?##%Qj2qz>V%W`cx
zJClKF2nZVB_5g40Ijw}EUT_n$dA-Mytlco6PeNv5?2wD!&25*^w=jgQM5+A3!fzp;
zLUs~k;!RO=2axe$vUWz)fnnh4jtb*Bq)abH9tgMr=Z#e6Z=F-20G=k8tC<ADh^$Ao
zI#J!5&`AebH9$@efW(z6wCXvcj{q4Df4)jYJ){+f5m+>~l%;hb2A%?UDp$-G=&4n%
zpnb0OfG!G%UV%m3FAqPJ7ThjA_uYI@1Plt0U=valhjz9ww(T*=e8nUnQEC4}&!@iu
zQULIS=<OqUmXnNVoG7Uguo84LtHi(HGSV=4whZ8;#0B6~|4nZC0XW{g%Z}|cC{YJz
zj3oFqDNvAMXhELYe5;lQiTksr6WcaK*RIP$&3jsUgF|ViaqTjnc=iaZS&apCQ^^K`
zZGE;wURHPj2I57|X#n&L#=XQ+&X8<{8w6p1qgmBiGJndW*`!e!s4Hf1KDy!&`u_<P
zP?g~C6F&dl2|dnCqEko^9dHd=YCIo!D~f+U2N&*_;F+01j2$P(#I0K(4=*xy6-(FW
zk20YtBojMLMT6b}(9dRYoA5F-uO8MgOk(5WzA<ZJBjOWQjsVQZT3ejI@^p7j4+1Di
z+m~%GVvf&rFF|RKcyy|SNwS0JDaii<paBr82gQorKs?w05c~u;OsIS-joy$KiNaZg
zdnEpbFemx(5WpdKig~H|VOoNlljvV9M=C!d>z8WfJOu-fnTmZl$cV}o?D@UCx9p9<
zRpjFfP6Nom+lr~5A3!q&@FcZtptzKY*xFlS_Rlz!ip9!mYG5Q@1~~CNq9zx+zdXf@
zpgXtT;x(?4Xt))|hIH5p#C=L_>#!2U{Br%t#^^h{0UU8gPpC-2ZZtkweHyUHqNj?A
z3IZmpr!vE#E1CtY6c^J3-r&^K@pH7kxo){Gx%b~rHvlvOH>4FnG0WKLka#srP$`lB
zKo}YNrjqU|F6X08KqYt^8usv1(%-FE02(QO9UK4!Ownx>UqK{n&ikg951hFh=EkN4
z_pKj^Wt&z^NZIJXPE=#5E3isA#jZ9NWG?2Ts<|g<_t2vSASBNonfOI`?;{xI*0=0?
zK4-eMuCY?PLbuwmI5FW#r1j`Wd)6G@`!?dVHv#9zF1MK|6Jld0waBOFM9@3{qN}`z
zKv_XQnTK=;UWcBc_qq%;>3x)uNa|g`RDn5Tl49gt3^gh{$@qK6m~@o?^beQAUBxBG
zGX;vFLwT-k2ee3NgBy1R2d%C^?oEQdoJe!qo56iVvA-AJK@Xe(8D49I+YR)<$C7EF
zF$($SL`Xk001MWT(GU|KBFy6%WND*wrJ;8Ilq>NB!uqr0t*Ne%5KANh9Lu7jA^>@L
zfFHp|Vr#<K69u}gfiRMST$2X!Q-BZfmfv|SS;-ZGpG`%{-So$T2m}w=%#%@eHj1LS
z{9cxR2%+&Ge=wDYOWNS~$1c(gYGa6hUt6Cz9p>6NINygl)d6h+a?=EyEa=`!_*08P
zyKn7z2Hg02-~owmKK?qNAPw*VzpWy{T~&oT=#nB`o5ndaXpRFW{sRj&a^Pcv(|rMa
zmB<bLm3wb=3wtT71AFxTLVko+GGRV8@$Jc&#W7A-TQ7<p)z8t6pRC(XRBXOhJ*DEz
zc>_JY^CoORl>0GmN_iN7TS`@FUQ-+CmrVa}497iumslJVIfjg#?*x$ynxiP)v&Kn`
zFrqX!!@ln#S33__ex~w~^Jt+bTTY<iyM(|AXO}sc&FT@<tl(UW<%q2ToeJ0n!i2Y#
zJ%Z}fTwfo{PWqKA(9!8?cES_cZVg(9THqW4=k#YnqzwcgcvisH?gPB}HUl1w6jYE9
z+etZe<>g+Nzj=fY;>NE4bP;_GfHs5-sse}bO-dnRAD7z05s@IQVAloG(o@Kf5+sP{
z1dYl&)}6Tlh%Ob_g8x#*?oOHPfL8|0xKc_e*-dE~x759W#}r%jJR52X`g}a-aNtY;
zWb~SM_>}!+VxaZICS#R;DbC~G5O695GtPCS7&%vP^dXl>)p(uS3O65KWkDnvo<NlB
z3i{K%g>Qg^VE{8*Y2XC?5eP+vEs(W>mT?&~y_@S>$|o^q@&prZAR3H+6ylvkujh{X
zzqP%C_1u4`eR722r!Q6rXKe3OOao45zV>{6Yg6g&<0<u!KCSrgyO5Z*@0|91{o(0f
zXuq(PyqUzO(XQp7NvK(%9_t5C8NH%0jbi5^%yo6@_tiIa8(N_$JH3ax+YdoH>(`xC
zHGOADIneX*0=MKtW;O<R8eW(>1Jj09?S4~BpU%WL0f@l0s1@&egD#FXqx=b;pqR&x
zc4+QL3k5O7CMW+CHth<Qc}YuJr53d|^gIWb1*sXxVDj=L3s}P=sCmC>d+Svmn<0$?
zAnhgehcy2MFdoZoEok^LN|xcibgp^sE3g3Z(V6u*UgH<=OsYVe!<4`$k@teE2M7YJ
zqDUip(d>%(6g7x&6E2WyOpWQDg#|8z>i36V;r$1+$Y914D6+_7$PFSYn)e0iXj_H?
zx}_BEO_=cC<5JIA@nTX7piJ^51}!wMg@;pO=xOP;kixnCgDRE$qDF1>Yr;izLh<y6
zj|GKRfq2T~-(SsmVjQD08(W=(6{K;TOxJYblv6tjOP<8Xyi{~i?OML{QQ5Gske~Yi
zuIxd-&!MXXWiGU_o`72n>@Kc0W^pYr{CR&ADL<{}4rb^S>V9jx@C;*p<#StF7=+;)
zdo0*^p%|Ch{4c;Vd0)1oBW7evI9;<pLpfAtH{=_1bz2stJ#%D2g=$ux4?XZ`u|s9+
zJ!~oNkNl~bApbz1hAUu29|%+Zx7u2!kO!tpXllWfl2V}Ho5dvBkCRMhn!nXYCUfGV
zBL*J#-#I~ZRDN)K9rJ|H02OKiif@b2*47W0DADAJ)27inFz}_Bm%Aqk8M)|?2jt&l
z!OlWS9~`#zyYPK1z*QGKcEBIA2yx~9v&wB1j6F&d#+gaO?r;u3f9tN|w@8hnGQyDP
z=sO+5sPCqu648{nu$Ea+Tpf6s_&p#L6>bc<dVg$Q=K0Z5kj&$;qOj<B_29oJUJW}p
z$Pdqbg<KpT(Y0{L-TSkG)Eq;-W{)1l(E$%(xxVP-3vtY!f1|lE>hZ9=lR2~3=n`z9
zLfJ9p5Lfm<9QCcL*iR~>su$2z0*=!5<FiA@!>W>sJ}t`vu^?0h8DY0aTTJ}NB~Xf_
zQHBPz#KqM%*zrd$L)t4@cM+sR*1yXsZ*6Cu&R+VG8V$+2<PeO^Awd0_Ygntd?VEr9
z=*{cb<wni+^>&OxZ%1OWsp6_M?x)_?r9>Sh?vPI<4Jc@jKV~(8{>@(aOL8oyle3jq
z_A$e6--rFL_Kx9~CENxJRV-?Wo(dp%13QXiS0dzE8d;}6NmZ6(;lVBV50PHIOa*{(
zeTcF~h@5Sz*X=%o+8l^mn+4|qp3f@gZ}CS0$z?5FrC1eu`7>_!njWnbXxs;XWvqtU
zcoa@(Q#rZkRfs8BK;g1mBezA4YS??{Ah3+Z|2!>BF6iVgw|r_qTS}O!JRUw;X>_Rm
zOVW{xnATFZlk+$Muh7r{uGED<!33{L3LSyeWN&1GxSJ=BoVoNq5jt?hn}%1?qiNXL
zde!w*VN_c=t|AGCs&LPF0JZ=U2e+s2ws)@_SSwFLFAtt|o7bAE<s2MT(|!hk=hjdK
zgG~#V#}m@gX_X+yIvq5GE0(7qZmeXr=PYU898GOOw`}ev5{a$AuDmLFIx;d<JOs2N
z@I{PepR+D;lhJ=_ydY+gk@umBk|v2--umetoJyFUVP$=5I$&>`IZ59_K7Lz;oif$=
z)IDZlA}UT^%P^j%;N{*ZX1K=iLb!o4WwR$P?RHTZph>3zOypcuYeT~q(Xt`GX1At>
zIW&JPcvj*Hvla6Ox0$~$8s->u*G^!t<F?yKk|Yg-q2xdO>gkrA$LKtUJ^wdtQa)dS
zql8upy=!`)_Cpa^hWOSCY=A<f05w4KfX}pEo|ll(xn~FmhsbY5^cf=n>7-1|=bwIf
z4#*db&fzGbf3*?VB{$t}*5j{0v^w%_oKhQG)xSC4oCsMc+7LM<7PY=ZJ|I%+=@Rll
z9~m{k4l7i{h+~?xr1H_DM|&C;H+(F?X@s&<h+VDFF8_0VAaZZGT0@X61i;ypCLczr
z`ojX%pM0WVkrz)YxLBsZ`TKVC>(y5kq%QdF+n+hY?Bq$r<D&)^(Q)tDXyH`(;x;IC
znC6Cetl)&hS4-3I{wqQCR9ySEiZ<rp^lx#0I!pzHy6-4>$W)&#MY?Ij6FDld#OJ;7
zypGkmkO{^wuXl3saoz>2sIREuQ8$autzzM1*V7+2lBo<_hBac7R=#*zGO6ixm1JK0
zE<k~E0M%Ai*q_gN`a<5W{+RCZzX8t4QI78ImHqHXKBK55f?8IwHB1Kdgj_%>BPvb4
z-O3$G!ztRjeCcmv!&8=#>;I)topvo=)k9EU3wf{*J9@5%gVioRe4G2!A3fqbEgsf$
zx5R;hpGG)|chNt+$l|+?FR-|1D_!vNiBk34M~7uXXWn>kHHCs~`EFzsMt7?gZ+bM*
z8fbd}x<RBRSQ_}pRG#E<THI4l$hO7=oc@9{>6@YY*L&ei;)b7M)qB6%^JJU8B^BZD
z-(gCQk1xUyOQ0U+nEtrpO=DxGA$5wH$r$nd=>;JPUaUIG*xgDZCp3(f0r!{~3{xb{
zd@0{#>A@E`vGJ0mA{Y8-C|@)UP`}70W^=@@+No=Fh*N6ZFC=wJx`qL3Oiav2i{LQY
z$*64k7JT|{WL(T-6oIr@nv+D<hRT>}(z{<w#=hm0q^73c$M7!CXFhfabzmzsDn{C1
z5+yJA>5IKB1!)}!KA9xfUHO~9-lF$R`&`wRvX=U-;Xk9&TjYoQ5~<?Z9FJF_O^`$>
z5bjHkDNBIONASZt0C$)juH|V2(hwg9EGid<H3|zhDs{AUI4=9->nN#@dA%fMsKqRZ
zv!58K6c~^#A7s_PRwC#3*6m(@&v<RM?3|W8dEW%-z=XS3T{Mw~GE2#&pI=0w(3o$A
zuD`(R;aX5}m;o<J8>LX=eE8#nw0G)1EUHtAC{DQab*%d^FSuF6QO}7opCh-SV%ew=
z86yeV$;T7Wm=KdWhQyCnsMaXhDyOB)P>$~^l@GioqFU+ryv-}m#yns_o$YlMu_(wE
z5wGg`!QXRdhSPxrGc`5)AtR$8QnS47n!Y$;5+W?AKjf_%*7S4TQl!6*RnAXr;Lk=W
zQxa0de=*LeAW!0+vaLBq8E<TyH$~(=iiScxB2P^U3`KnnRKSAnpzDE3FD)v9c~D=t
zVC2(c<DH1AkCtI8)%ObYsfX8zZZWdIbk!d;{6W5aSFP^T;!i(Rf@F)}Ta=8?ZN$@W
z&1gH^x@DS_9Z(sXqW*A~bL6fHQpF2Z41EoUb#zz8=;zjtFyB_Ck$O@p{(Qd}o=C1<
z8L;e)gVKC9Ta5apo3MgIH&RH;{Tp(icy)#EM{R4d%}}dG{lozAXJ%JcJumJ+3k;gn
z0a1lKqD&;DjnRm&oXw&-h4x>e2_`{Dv}f*dQGW&?lpKEBUNFLzzy?Z+1hoFZzY6wY
z_yF!9J&7|x=mSvZ4iyCK`eQ-E1bgXMct-GzPeYm+DPmuIjuYA;YFU|fdS~M|e}*jA
z8i0qRohx2wOxIXK+oFpRwRXLTK^Z&4*K?;r{|JFh(KmtZP!c@_s-q{?{loUrWrLx1
zw1+Lq^pwWo<}}Yb%>T-Z88_yP47<Or(l1aiMPXWO-I+#qbVSq79_FXu(8jQvmKV1l
zM7MXkSGCs`A;gAG=*+l5)Q6|cr)m<Us~${*8t++_AE>Mx$%UHnDqvB95<Pzu$$_zM
z%2D;UQ@=c2gksH{9PGh;5QAEIh(wSrdpL$dmBbp0(c*|m);7%FhHY&1m|Lsqu!_T9
zk;^NR%Vml0Zi{JjGZ=pLbZ{<Wp+*)oR8&<x!64PjC;*m&{B3<AFb5BYDi!!(+8;wO
z`<U*Kl<Q<-hO=qans?e4(BXxV#>k1dqJ(`t5Y753zDr1BqvHF`*p1VbcMr$rp<rxz
z*dFuE2do>x^LNN}pRZl%u1$vX9n?oqzZ5q%p@QVGCJb%(9!6ug86n50w|Am_heAOo
zGsXjF!Ky;+?jc$>VS&g)VW!&-Tqr~dxBR_yNf_%a>!e>GWy|MxnZUBc#PrCFN<8M5
z5&t1{(o;VCnE9VU_bL-m#;j~}FIzr~8$zQ2F?-cxH3ggjUGBRhd<gD+U#KMmDWcH`
zyI(XIN2ZvZ?jjeAr%T0HFzRRa{e?5YoUd##u4`b3VMC4YfTAt^*fqR&|7ww7M#T-?
z$gTy-iCeHQ1`u`RaT{&n$h|bd8AiPRP%BsBezb6@$d=Y9q<&+*3RtTW?+pY<*hhn)
zsSqW9-`#ePRO3T0DuEnKC+&9t(0oFC$<(1^=V{+VVMf^o1+<d-s1abS$KX-*7L^Rg
zM$1!m+kubeD~AWj(9(|Bc*C7pP@ri;t1dg}?d$?GcWCzpKvnPFEEOHDYG_k?S7aM{
zfvU?;*G%8edUroGz@Mn)J|hgQhGe0>N=i(8VKwaGp6Ad&sY?<Vu2|C$Rwy8NNtICV
z3ikxYyHCH<s*7xt3Vw({b%*Ke{X4aU^qE!;-W!<Q0S!&i^D1QPp2U(@?J&ePEa4-D
zx|;&GKYj%a>YNB_3*>Q+6@!wnoQef2eHqI?TZWouVYAu~PLGzSNry8PwsGv6{Ai8M
z*q$K`$xJtnNYlr5dN;^G+=ttj+s<>>s#w}kUj6n=d%D<r5%MyO6fe?4lFyoLSfpR7
z+V892Ei3t&nTo7e8b-7E2q+C36BOc3C5++zobqHtCE2<wQn7;`Ki}G&Qt6B&7N?v~
zO6^At@%N=sM;p@N%%lK;1cOfj+u#bFF!+LBl}Am<aLnvPLCH#)CWtfm-{JMGTjJT?
zyPonyv3YVKR>_#0*V1atKl0j%5a9!B?n0qw#HLe<)i-0tPs^7ePo?Cb-&znMfc*!`
z@Rs4+e21}<uMl`Lc+3Q0kcO~4f`!3wq0W~lV5URcEQEFWW9hd%>J*VCvS1Z*0tKHo
z@S*|9f1+UbY2@~34{=~inxcp;2MOhg4=!?SjjZTFBhyP(cCBpay;cES%X!vDS&*i(
z&A_;v<8^Nc2(B;`O@M|KQ0$VZ4IfaYOoiBeoF}MZST`b}!E-7BL5d?#E2>QDl5;6_
z>F$O(Qwl(T7x)Q1ALU?2U{5$Ykv)vf?KaRY?_EachT@$NQ}T1XgwiSKS4}gl0WGxh
zC8$O_>i$kOqwoO+3os2Li^y^Q%BQ?56q`FJ3&_J2dKExbfqw)07=pjpQ#GJ?d8Xrc
z5C-W^e*7fSgjgp&A$Jo9gOo8rt$V^JraI3^bR)jPU;^6O`!IB=yR(f)Pg|DpisAhZ
zbSWV2t0h5ci*n$EK_pU7p(`NTqTC?A07DiL_(&l8p!sPfpNJGDi6ZDdC6QdQ!;5m#
z_9T`j7y0uj$DFZ$B$!j_v1rJrJD^TJEMMXs+teL?$S7d=@UqZKpn%O!lH5mbnPl$x
zKwcl4G}XAMDsHCzB@*=%&OJ53DkdEqfl0I}?!mZ{Jy&KWEk*_<q<bC6A_^;_QcBK$
zVrz(4QZVW-7>hXvIbw0PR4Beo;$$5Xeop8M+uLy*whR5b#LAD}wx$9%F}Wi`Vb$39
z>p}0Mzw&=?e+m8{cA*W3NIAE5YrbaS7(81Gu}42;NA$F4DMpvY27mHiKgf*08b8&1
zK8T+YImmn7PiXH0VFxA&FjxWFoEhBM5s!ryqM+F3JS7n<o5$v!s!wG!3B^f(AG;3?
zD|l1GN<dZ32MR%SOpFkYh;F>83cl80=&Hvn%$5!7r3<9yzs4Qr2l5{^iDAH6384vo
zvVboKVdh@dlosK95`!H5NACBwgYb&uzhd5^FTv`dROB(w+LN!jZiqk*|J;0yhCK&M
z<3L?e1_NeF_c&BeG}8-Mk!iPM=Aoyj2P`RwX%lcx`#<5fW%}v2Ar@K-1i|PzWmTCi
zvk2IMnZ3WC4y7od;3r5zpC%C8wqdwB7+Y0NT+kWdkBo1C(F|<ix2|6hY~x`>YYUp^
zRK-*geHtS2i^xyYkt2FblhFxd*<IiugW=^LAixxox*65csSRQYxlETR#}OOV+$Y24
z)WG0#W)`$)^X6<q%xucvcmQ(?#%n+(!9_cmg#|ZEsFlSEiFSbnyq?kDVPgQ0K!78W
z+H!XK$@gJ#Ase^Bv0=9KlSs**yPZ#BnJz`%&am6>(sBs(gBAE^x1GVB%snyr^l?vz
zWsE1q*NZ5<sHaV0rDfj_Cc85!7PaV`GKJ7G1G0um(c=xLRR+BudW0Fj{Yi`TKpTH1
z-pkIrB)?(or9mQ*eW;fi_IXGX<%{|#xwc8PEc1(px)btY=O|pMulDBC+-p!d--Puu
zP%nSk`-k=kE17gNzd?vA9UJH55OLOUkqr7sj^_WX$wi|Tr`4bh&D9QI*hW{t-|Q+d
zMg%p2xf2DZ*Vg4R@eb?j3uMFS%uzy4Q!EE}RFa3g@!rEs=m%oFXxod{y9TX)pgD!W
zNEsme<F8bb9Fu2HSN`IK?yyF)ytsMn0DVY!j6l23Iy=sDeu1-&k7+<c%6z2Q5h*X&
zJgQ*R0V+r3$|y&hosrDFvS`wOGGNXQykJ@IXICkf4VB*)B{O?B7S4&%6358FXtO$#
zApORgswQ~Kxgo8WOHxu2P7{p#dkzVqttAU<mNoPOn668fcWWk);But18a6%93K~~8
z*Tx<D{ZtG|4FAr`$i3IHGBAgMF{&Q7yjEfy(#|S+jdGlW4Z;c)MipG(#7b95N^;85
zzDtgUl{<2biX7g{nuJbBS)4>Ka}FFr24Uxv`1`02o+*xSI2c!(_LKmbY8krAhUY$5
z7_hb!=ph=fcv@i#VoXek7*(`$(x~ovsW(!H4_;)k1tF9!-7%!*J+3g(x;ZhAzo)fK
zhbE$~9)Hzv&*qX3d!L*(>Bi$Ju(<9YRrQE77v!I`+xB6sGj#zW`cQW|GG&!KWD>VD
zle)OkZBKNFri@QFNm%hV9!EaP6Q=MOoZ&b(tV9v@k@Rn{+~((%_2xu<mC?M*KRrY1
zFy@!-w4csUsg8=`42I;T_?zHs+hG{>U#B7SH)RLhwX<>i6@`VeJ<><(Z?hr8jf95P
zZ9cZE;NwIZE&A&d5_SW&mMX3woNggImS{GUvn5ttd^(@LD1R;dGAx`f%kUmJZFmjR
zU!!aOJCv*FZs<cs-#r6D6*BE62bMUqx@D0$eVLc|KCNW9H}i<VvpJ6zo2cp*-*Y4i
z0acj6!G(WNn;u#u8$~sVi7vTBPAPCO%*G;cU`G{2P0Aki1Og0V4G*ow(Z>xdc~xI|
zRS~FhmNP^sXEd>HKY2ro_El;uJoG?`h@wqiRaKz8k1;kE#{`;W8BiHOFV~e^-4P9`
zL7y@$?BxniY`IiBW*JK%5tSm(;XMxj&zi!C>OWzL9&Gf@a(`!v3cEO~bqf_2mh^>*
z$~y65RAJr*lVt^<XJOM(eY9AGGWoZ=ynQNjs31(_G+`bNaLiO1$-I)jB}lpeTM*j}
z77f>RT~kXr_k83*x>l}<eu=y&(23-w+fqWGsh-n7NkkQmM|B9a=;zcT@fxo6WK=b@
zBgNU^z)+^1S_FBv%^{WCit#UWpn)aw_iXbutTV#GKFPBdeA}zL!&q3RGd-;=OIY=<
z_fazXDk3vOu!psygIYS=y#<__$-IcYW3Zj<+HM$zaVHVZ6{um~NPP)z_mhq`EyAp?
z&lC}fMVuXFoW*ws+p_s>QC4A^;084SN9h~$(q?ovNALx2Cl+_niw{#zy4{7Wk0$>4
zah}OIbkV-m57)7ASx(1bW2wfw@z}55elFmX3ZH?%O%ea^EGZ?O3YBR@BZ40XAO5bt
zHLL<pa_plItNBY{a}^mA153~&<8nY60&l2-2vf8dCiPB$c7f2)W-s<zuzT`BdO+AZ
z;qZG0X!@r(K(vNd&jasQ>AO1IZTvVW)fTO31AX#9VY0pBBJ+gNW3C>#25P`oa9-!w
zF7;gk{*sv=NDfL6tKo77vBsv_U{v7dSY{N@aq|H!x;MdYkH7M*>c(6FFQUgV>|O7e
zok{Rt&3SiEYk#2w!Bd0vMB?FJ;`-^@|B;%b%$+oZeGWYeOYd>0IA&n>Ma8Qz9AikD
z@Z=0Oc5VhV26Jzc9g?^eU48r7JIWXc9t{k^3}G4#sp;zCpUGw1cq|S+Z!k~<V4OM)
zn;?6!x$eT=X_`fMjt7)t?iTRW!60FHZ4Z84{6R4c?O}k$Jl;Q5XHY&4HO<PPJYqjI
z?7+zcTUrG7p!+R!!F~6CBr^sx(sK!W{GjEw_i|yn;1}*e?T5M69q76`J9Fe#nw)wc
zEcd`C`BH60@*c=6ESCj{8E9l9{FYKUd(6tR`Wjj=?7m}CYXLM4`02vHURzW}cFf#`
zS?^1rgg{|~;HAhiRoUw9xD040D`2sp45~P;D?jMX2bGBQ*?KzA$`HHtV6X{11i*CZ
zz;>95M{4`Xc<KKA{T&o}@WX8wu25_Lvo-|RCp($45EyuKAs{-zQ%iSVW~qVEjs-CC
z$x9z3Q9E=GL!edUbdv&f{ao(41<pI=D}Ej*_Yv!|!#a#br)2-y?ogrRkT_?B67u6X
z@GyA?0#_Tc40o<b5EsE(fH^7L&aXnK+vUeu0m8i&nH26&9XU$s)<diIT%4vGB~cOS
z4448;h{c;g(fX*Iv(5H04(o=PT^q5%y76s2lF)!)ADb|h1Pcp`fFVRw9C98k?!nSD
zBeg$}Fmyn;0(}SptZX}(`>7;Bz@;0V<dGBFp6dcY){j^ts<;dk%&Pp;tdl;T`b+@3
zrN8@l&{RKW`}Vs0RRMM%{EoR6uQh-!4YiCm&hnGmteQl|XoEY51!q9jD4>2&SaG6b
zh*%gV$O)NctvXcB))RyiH`o8V5F5<h24Nm(ha9Ats?{URgtVwf=$QISCY+K|i^3Kw
z5#Q{A=U^3o-Til5z5KXXWmjaR_u21byFFU;98kDbf)&~cJ)#H<e7j((pk~yoDGW+i
z419t6>4G>r^)KsD1)EBk7)y;Fq7EO<aG-LN%Te{k2SnQ!+65lY3zjh3Q`8rUHx@X>
z+3|k8QzJ=_j3Ho;e997fK1vM_BO7!=R2;T~fv29@#M*kUTNNwAl>S=}54)>r4Z${R
zJEE`+7g{XqryC2C3Yarhi(!VNNRsiWp*2~I(FD~d(IR{jm8mu*>mn?w(gnEQj3?+^
zNv$bMSYz^4B^dt8gVA<*Pv&(|g>wi~Qdb>j^ib@L$|C4`iUx*hXF0|biUB{YSH9rg
zbtfm2dhz-B$(Wn#EQ<s?@spm;<<KIQp>Y^1ilk&2cu#o>RO9!*eqlKw(FC*eul!U`
zsi>y9<1PCN)YYS34!((r3#GC5+5bVOCvnfzkmnj0O;b^9Kj_-?#ob`7#|USMjvX^Q
z?n@CJ`W(j0tg<EUdbxbUGMmn~c<S~MZHQ)jLDm;Ld;0&fouHE$rGf`YY{0SCIsnbR
z1<8x3adooqm2(LUnt?9Q%XAF1C0!+ZqWM(fo#g}yF2f4LN`0uK*!dCL<YAPdLlP|N
z?hDZ!y9ztnR?+kaP&s-N;Tw_I)0F3i#dcWxZ;%BBMAHb^p;_9*hUid^6rf1}S&tqe
zs7Fw&SFR5;x`6VY!;yDd0t0Yp!``+CdmhfsL6mvg@7Il^9cu*%B?Gh<%r`Jx=sKR(
z1gdj?hz#_gff$B(#}G6Svs(3VG;FMaN)MpZLbmfRPXVKR3|5T3KDM!LMp(;5&P9^m
zeU#_>1E`Ne7(GG{EVx!)fhr!t3~ZFnY<UPNH_`~IM`>G{+y;jRy8)mf9KxYbgGIeg
zz=G(6Ww}2ySi=_;6&2xE&lW0SqKGOsK9@bOfa<nif}@vES<0;GfuqGe69^@{SsZ#r
zAZBBxNwo#}haBv`hG@k|oYwstSbuEyi|epQGSw25>ib)O#XMUluA-{i%dZkoD)D%o
z!?H~{Q1_r=h`!H`105fxREmP9Hadr<#N14%9RL9<O^FC!+CH5DAgl=iT<-u#t3&U1
zk!RS~p8?H{NSuoc2W9tQw(FV<vA5SYc*$=K-z|BOU;HSXzpmr&Je0zSc}Txa5OCB;
zPYP{a5P=&&FIozoQ<*uHG5Y7B>_~bhrfB~#6m;)LX!y}JfKvdKXO+QN`nGm%W-H^a
zLn)+$M91jP%<KV(mB{ZI&IPyesfBI6^6%sFwReXz;V{cPMl}%-l>xaKxB#}60%%@t
zfT0Cg&Vd*97pUtjbI}r7;bjqKeVMxOSxJ$BmL1M1d%BFuqskbQ>)cPQNW?Q1S%e<W
zL>AP*{ty*?L}{?Ij|aiO|Bj$GWb#7)9#X%<251Vgb3%X)y%hA1j+j_mXcoZ?R%$9r
ziHz%B1_lePVRU@bU`AK~Uv`YbEj9AdutvmBkmA_dcH@-3WwVc93qOjy7wF#NY?n|u
z3!KhOPG<jpd#5ZbhYE$;b5+qsJ&Mz-P9*p=qW5Al$y=S#W@c0pD`#tPges`xCsT%G
zq12d4!zImpiP&+TOfg(wo6rz9oG_@%OpmHp$BfcPVx0L9N*Jh4jaWHF@JL|@XzikG
z9rD`TSEfvz+h1O$I@A5juX7``9cDVt$GZD-4XA7U<W(-pw~?>&2`VD#?YLA5G)$3Q
z`aLr<ioRJC6%wnvAtAqtjApaPxnH^BwkfP@b%H^eWwoUeZMB0XW9|ZQrtJ&ynEbHP
z4%SvPf8P~IhT8cajOUI#F2!(shoSxru`}wYbGY1B8<WG@o?Xwc9xMnk9`D$0g<dhd
zbyU_xGe0+~9|pvC$uWp;Wll99^|GK=W>2Oz@RN2B;>qHL+0128AO|$O&+;}FiC4PC
z8qru`dH_tqVv2H{a5#k6Otu5jbo@5mfW4>$famK2!rnnoX9bddEQiorHL)wP2jKK7
zSomK-5zrZWSHoah$jM7`Jzeb8$67~sOQ#Tvo_<QI=MhXAvEAXSYqHv+IsluA+o*~Z
z`4V8b*XW=3*z~|Y)ftXCx`OLVT>5YKo577*htmXouHQlc?LQz1!Xln=xy-eC;@3CZ
zIw8F$<?48}#KdWGA=fam7&UthdCx#c=1a4ObrHeo@&3~5?wopB<3vF?!mtWcbyh4i
zGwk3Rwty*%`gaeH5Tb>hzrar&ggCS%1*ALQr67~nTP{nTSHL1x!$MZNFXq00C4&NV
zd2v8GbGfHaK!0=YjwSelLys9s*-4UTgl`Lif$H}I7`lq2Edpr7AW^k}W|wlN-$)78
zbJx1|!%>(#usQ*>qUEP1f8dG;DbN#T;p#it{>%=Mqn|(0pU^&DNA|1)s0wW{itWJ7
zna=Y}-Wz@o{{xyj0L0Q6@xy^$ZPN$g_R&%&oy*E=$bi7xPKhJB0ZAn8IOO=x7DB7A
z&gU<nld04O;Hpp8T1t(Xmuir$v*!;{!?5{*;tD8iP%%{0c;qJsjvExQewc#AlWhfl
zXlnZHyVLcyN>6T7BL4yb7TP=c(z(!bsmA4VQz0D^w3mGRb8O^Ap_FE_1pKl$ops7}
zAVeY-CKi~c2nS>aO%$UxR1!s!YPKicgZ4qpWHd1wh(Hfo-Co2>#Ok+DtMtZXvF?uL
z%Sa`l6%#q_{7guSRy8dK*3+@$C}T8PgBQeb*{frN-?7lpl)Je+`VV?*SX}{CNm(`U
zC3$GDGC33b_G}v8+M2ngq=wO?59Bt^*p3S~NZFi#20$Mb|Ipt573Qy38x263f~X$?
z%<_9OeF71{jI+xVBBCT$YM?W<;h~QlOJPDi`e=Hr$Rf&fDdG;r+P642R+Xvh9gwjL
z;hGX-H;@gUftU;WTVv9oQO>^Vl_u8flMobagys}plKvR=LbxJsXw!2<075zn_Zyzj
zwhgb($=tF?%dYC7=E0_{irp3!XP5?xy;S@|^hQe4=4ywxWh^40Omk_Oc`lBX2G7xF
zB3;!r>nJHwbp^={z%FAN!0<MU$y{WEDH5@~oe-@(RkWd9pkPV0Ku}SP$e6tP@Z|gq
z9+&@cef>9dH*zf!;I9am#_|g?)|eu7$9K*!VuaSj6Q=a=tRsKSlzy1AIJ%;$mPM-f
z=@pSv|J(;(zRy*xT$(6oHrDlqjK#QAT&$?_4<kug?|W)^#uuqC&yK7_Q#w?X#G&8I
z-%dfQcXWQmP@UNWk`x}(`tGGqt>~yTP4qU&c}9Fv2CzeG5AdikxvPGkseTGecpv6S
zgD6crr;?}^6^cO#i)ajL0@d}*o49`{M+2UuD{O0wTo_Y<BZApPl!_73l=ym|>>{4K
zx1`|zjs{M$=d!#ICraSlT6>!KcM)GC!S_g(u+P3$PLJ8g^j5B(uwH*=ySFZmV0L}U
z=aYYUZUevmM+5}!f~hp&{{xZMt@?EJs1*MXX>T45_4>z+4+ew5jD76JzQoMfmo)ZW
zNRlM`mWs$$YHVZddm(A8Q7T)d-JT>N94!i|P^Tzbr2O8W&iA>Vzkk=`n)Anz$b9bm
zy}p(=qi;Ij{1!wBZtZDu3j*+Lnw^V4TZ4Tm0Ojn_|3XdSeLaHU1ULL3K#l#Pp&^08
z^Kaz(S(MUH9B>=}m7hj-S2L&m0bB2JUeVRBppaoc;a9m1$nouPP%TRZGBI*c;<ztw
zEob(r0D$7`k7PM;(f$MGSj%s=*@l*(t%cI`ae~G`N?}Z=dNM}m`$Z4H`^nUlM<sD}
znL=;?H@#y}9aQXC&eT-72Uqc(vlENNDya{aF7m+edkO^!&d~VZleS59iA(iofOnrm
z#H!8MMKQTbcYrS#gowGF+Bm#u8=k}A<i|<~i;(<DM#+MBiq$QHJHLJJ{oUz6(z9Fi
zf${(Qs^dV+#Bri~H2|bY;<0v!hDgn@_qLIK=NJWpis85lRFqN*G9_j64;P_A0V8~|
z9_}o79Ew#YJWz6c4TO$;cN34zA0l&7jImI-<U)xiClO2ijd%?83iQZH$07wN{)uM<
zOs4_t8T#tZ%{hzL2=`>VHT47(a%9~PavB;~sl8!~zknWo@Hgs*gBdztzp$#C<sLRx
zi&N07!K_zdQ`3csirCvRZ2Y1~i~<xX=#vAinb7T1^prgnujY#&6qalk+3?8+ZG-J;
zrkg7k8mg(<Mh+!*5#x1SDdbcV!Y}kRgn~9h866x|vj>vxm@8g`L*ZWl$lKatk|h(A
zM6JXaD(5WH?sBXGo6SPHmW)TQL~x260w%;W?@&(O)6bSR2cRNbBBcBTfUfrCW-<YR
zdU{r2%I*AiF&$ugbIm*rs_*u8z|1;I3%8&K$Z`73T?jx{y-7?+oT2EXRHg6z{9ptw
zB5(IKC)$A30|?YdbFRQ@2#WM!rNA=wDrhxR?g7E8Zwmr4u#^4UoA=*7oz&OVWB#_x
zpSQPC5n;XD(oU_Dybu}e&D$*$Z7|A1Q0d7C8hDk=RSNHs-;BS-A|d?^hIP<@^ZMZ#
zBamtcL`7Qf3U!ebo_%<_dk{MM%dWK?zl2_xccHs2U)I#tUOQX%6d-f$&eK(JTKuBP
z)j5~0KJUgE8t&NZ8)<<OA??et3$!Y?N;fNuaTai^n9jVj!!wPR7h~rBkrsiytl0wv
zV`%9r9`$dFnCc_0RsvrY!&0$taQG4nC0HaGKnZO^dnFcG75$6He)C)v7%7I0K)b<M
zg=$w7@VlrS3V{-UAwCEVbBy2B*0UtMc<V^3;Y$U9zR(5Chb!D7DD~vrhM90Le9`XY
z_1OW5Vy?G8`mav}STA(v<n$c%{{$<c?#>AZT|SnX$V}nB=f4JeIQ*^dHqgWk#QY6p
z^)iIpTF1rm>K}Ci3cs22Zhx6av%YT^%A*-ODB+=<{dOsj`{Mx>R~D;LR@ZX>iI8qz
zNe$|yXBzhdnDXjBrDr0;v<fIujy3<`<p3bp!eF^ct?P9B;qZ?BLH|wF>qt9)Nn`I=
zO6SK;@KxcmD!2z@6!Z%)Jh?!}y@h%Qs1{+cCgZvcy^&XEq@Vw>&7&!~z}3Us%aJsV
zht$8J(8EwX|AdJZeqS}F@SBZHlI7+A6|IJJUpZzde`(qz3_;U@p0JBerX~;R72u-z
zW3~W$F9!o|fhK5k($?^Jyd@@wr?JFsO;I2es%usuAk?-JFv6k4njdiO02{G$^EIHq
zTT`l5a>RwIc~(p3IsMzA025RzR;I|Yr^&#orOD&+a{vX}LoEatclrQ(2G?aTmb6&t
zQ^Z|~x{Eyu2<HigCVdOwWI7U%znvZ-AhydTwPV@&#|F@fk>L>)UrV-!kee^F<4Re^
zI!eE}MDLK-yhS+Eu|x&$<tw=;hd7r4_^zPRgZb80P<H}GSm*3JEcOP<KB<#<*8=5*
z&@J3ShydBunU68kh<l>e{mnLNGVAd1rSW=%9P$1B)?H|ivEf9={ZlyYQ$OZ1CNJ&T
z!{lK+`}6I_eLLuwzX6%48d{|s#s<S|7^^;Up;TN42?em>X%)i~vL|~YH4Gb+fP-Z_
zm?ls=<PBwdo+oXRkv`XzC|h4TTiGg>2;-F%yDAgI+B4hsowgT2HNz+)uX1$PF3?e$
zQAHY^H&6sf>{9<>=G^mnbaWK(sm01^!3TU#F<OP$j{W<*)X>T#EwI~H{|8dDeB?{N
z#>xiN0g-nRB3U|e%7T`TzksLMb=p2DNI?9X=oAOQV9f5odbf3~teb;ZTy`3o*HC+4
zIXOX)4v;4qN8~~){uF&4#%yj!L=FKYU~h2Wi$N1ud_f|CLQEo|EJjaMbr)C2b>(FJ
zg96boN#y=Yls@X;1r_lPsJP}ugn~a5W<KE+t(;UeGOF0d5Aij>BInr3tl2U?|Lq3Q
zn|;I8^bbAnn`pV<S-Gftax*?la#tm)vH)_ZRYd3@h(#5pvc9S1NpJ*d2bYSnT?Eb`
z-Kb{rK>wGVel;%;1t=p2K+BS<Fi7JDWW=m@k7cCnxV3RkJ_$0f+&4Oh)81B+nVMJ+
zx|AR~<L4llf;WsFCaS&EGrr%HRsp@r(u*6PVJQcc7=4%>DPfZL4#2wepL+f^7k|lR
z!<}WuqhN~ZtmYmpRg)ge((|+)-Z-z0%2$<@uxNU>&74<orrII{ghOP7`)K#-AnF32
zRHpJ->DTv9-b)5+h$uW_>xXA+ePHHZ6s?x;bhWg$=CLkko1h5AZKK&rBc3AK6koCt
z)a~XsvOF_eXPbF~JiY)7x6DkVH<Odo%aDP~Jj1HY@on$FRLVi&s0k(|dg9U^tto{M
z8OgTgyWFV<2gWa^<`4%CbcEui%7xs*r!Qbq{Sw$m)9oEO1;0RL@Kjlc<y)a&P$RXA
zka&)(C`+*eh|PR<B|YBLEbY`@Za-^JHQRJ2Pm}p4o{VZOX*Y!+)f(M3Q1JFW*=l0n
zWcNJ=r>%LGJ=IroCUVK?veepfcI)f^35+0XW`6FY$+l7DD`%vWB{XSqd0Kg+@2Xgr
z-X^dSPXnDdhj~UUpSF-L>LZJlH#lz?t#rjCN_3SCj~~N#e+9ND!+KWf$-WcJoiH4p
zJwt;_@aNl$BZ8uZ58{+t9;7P{GZ~YN5}(8+#UAY@JF0D+(<1xMG$>OPh(W_;g`sI;
z2<sTS^**kt-=a-DawSAl5M2m^9%>aO=MAGDn6;W5erZ52*gXe_qZ~pLP_pvOma?(H
zsh+q@u)x`BqfdY~fUZH8h<pKSO&&r+1ahQ`I*g^EUQ?{=rj1KI9FzKGvOcj3c-*wA
z7PNNoqtm%0gfx}59SNGM<MW-`qY_8%bW_)AJ_D5lg3I=ZEBh{h$Op9H<?&}t5}S&|
z_$B<eb8LeM+mpt{^=i>sP<GRyRIT)r3vDl{uPakP(f{Sj$_i|y{c!#f?=Ze17!uFX
z8qsL`(K1*)z>XVav`Yq^c8ptkIy72)+Ycs>F}x-n&akr<N-w)#@_3xqAU1dNeU<!|
zI$I3DN7{gFhjS*Wh{!J{&1WjRyk7d3-yn0KP$m~gfuM>L{KXRN2h*Bnqk$lSIjvTf
zSYP~d>K<<UdR?A%m_I8o2OHPh7S1E~uWT#|2X~vS>nb+nyDm>%ew0Q@g<r&v8!!aK
zk>}HxT_B9|E`1Zm|E*hq8Ng95-33JHsb4Q%kGjiX{0*A#9(`*M1w6^WXUI%!%0y1x
z>fsYybJqLwr>d?EDV$c@y<EK0)J!i_Hdq?qM|r!$#vcbm|GU%%B!plRTv{A8hp?AF
zlvB~eO8#RdFkwWn7VR<R_u%&&9b$kMG-A44Zuy0ExV#TyQ5d;>d--o56P4*c5f9F<
zHO+R>^|7@nAqt+C&}3>x3_#XteMUI*FHPj^xvQs+9&UM>`7_fbNIe!8{eb9qx;%=`
zh`sk~z@*K@Q{vXxzT2_eLIwf!Ok!{EN~0`Qs8SU-!b6?+e9P8*1c9WLE9AM{`(JT6
zJ>mb{Qv76v{qdBiDduzUKy?_ff0}PWH^kJiI%kElgG9j=VmWCvhY8BE>bhMGghvg5
z%Uy_e&G(tOM&_e6SfBicPEtZIqU(8Nm(r~X=HPQc>DMN9dr(?94PU|><ifc@jrIxG
z1OM3BGT3Kpw{dx9)OlWmp|R0R^l*x=hC=L(Z+K&j9juI=ls|<W-5@MpQ6?oKC(@fZ
zYKx_1Hdbf0mT5Hb?{BnmZ%!Wb+<#|eT7IzhxZ^j9y&rdlLGsdwC!hBHO0Od;4`_9g
zvYr;jtfQhU9La3^Xuo@|TbaM(`y<AkSXk&U5^mr*eKUgPTZ4%5GD4t$#LE~`p&m@V
z+YZu3Qv%r;+6Ah#ZI_q(RTh@AMKr8VqkW?&BBhN_!e|>G_c|XDk-O|k%S`oyfe%?~
zW{%BMO+!vZT6=^ts#{-SkY(7~+LBe-)ks+64?VEyldSl8hIh}biNE#V?HXu=06T*1
ze}QP2S5*4>k>1~(b8cv!ohC=!P9#n;Ijkf%AcrDce_;*p&Vt1XgQ2DO{97d~=td}t
z(i~suZ4}Sz3bf8nU2r&)*K%HInM)1SVSe=RX!%NoVv=9M;-|;f%9}R*rv8l22Gl;Q
zp-bl9Z@fNvwlPzwazCrG_ZD<cpbC(QOJAu{ah75!a){6I=m;G{Dl-RL=Nc&mg)XYX
zW5MTg{CM`L<B(l*cLVVkPWN?~JHV>3JQV!~21sJ^wz~7YXj!+!-|PQyS>Xii4bEcF
zrWiX8E2IR$j}>N6%u>)<dR+Nj{yToJJq76+!4CrWAA=AhGH$(>qCHdi6Rr|M5xw4{
z5y~yYs=Q&(LA_G}crvxIdYHc;BYJgoBAv!@Ny)w>6grv;OD9fWCh+ob4gPjnFg|@;
zDF0x2-|JI-p^mGZGACR>Wh;mF2`UA3_eNX<UhLo^Pa@{wu)U3$y0mSae?Z66-I%@(
zf%8mL@-``cDWkMl=uMO=UE)%Dp-nAC@%xvNQbB$NwgT$asvqvd+Rrg)mRB_}Yft%J
z)y5d8+H+pqNr>K`fa;JP3EA-60X$`Et*O!q7kdJ2cm+1Rfe_9yx`Yy|eu1F!v2g5Q
zntw<VYu>}2qO@n2)NV6apG`{z6Hpb4mrMu^0`0w7V$%QO9IK5PIXRXsdwddtu6)%e
z!0PVNoy7+0U##rEV@95|hCD2)ha2dbc@sL@q*+lew&YJhnFx`cDPslzV9Bk{w)!&q
zJWSePsvs>dFHqz5P{|2Ow}B9s>k8`CP;^T26bVjFs{%^PdT*AQoS~d75@H4>&piSn
z2wC-P;oI(>fHUNqgTp?)WWmW|n;<XPH8wqp3QhnIP^9A$RK<Rpx(w==y&hM*?R?I(
zz>p+OSi%q1tH6Lh6OX;P&aZjk-f)GDQ>;#DjNeY^@Og^O2c~EjG>u#{s>%4D+xA^=
zNieK1P$BW8QldPIf*x{b@Dn<MYnFO=XqwaLWFUlAe^AJBM5`V2JNN;qAa`HfX<EZ-
z(b8lX|FA3LQ2&Rt(q~r>?C{cET44z+JFLLTcudF}j)>mqA+S!NKEy)feM>n-I$%hg
z!J?=%E@cz}tzM>C8IMM$&&q_Z<cuN9XiA<V=OcQ0vI(x1y|%0JP(R^OiC?VRI@xH!
z4~jYVh8*I)ldzYCDcQvHQFciY+O|vL>}2C!^6Bf+Gb{;iO6;bNoa-v;e2tmEVV65(
z_~eeIr6q~mUp^D#>5S9z>cFrVjF;=KnV;Otf4N*KCx=jO`ZfGbP%B6<Pf5IBIXs+K
zQFb7$`f6FRjk{yoGbm;lM(&h+Xj<PMYkJ`}-Ihbfe9<oTbo(5$OgMKeZ%V_Y0{D~?
zeO*EwJu)m_*CQT|3YF_BbSJ)B^bKWheioR{m^}O+l?~wwOJe}{KTny{+Rm!)-8pu2
zRd_}4D6Gj(fQnE2WS=r3aO87$11_V(sJS|&1S)*lavW<$)o2XVWIsN1enIo6siZB&
zuUN8oW=^~r75qy5inKYP4PtY?C4=@JaBs-GCh}R-Q+WJ4>zu@7Go(pV88RnrKXRVB
zv(NnXjaP}6fGdo?)LBJJqfY@&K-sRy@<4j8eSG7sbri-TjaCUgjr>ujXtE8oO@c~}
zw(%&IF%7)bI@YYCVECshxkFx(D3taBAQM?4+crS)EP!PZ9O~CW27#zX#?pHXV6|+m
z`i`B?@+K@-wt2S9!bBe~szr%a1cze9z10DUm9z$!-q;#LrS2~#1Y`G45P2RlNg<bg
zRbsHbyy@CX=I_9cUNBp=qNWU5FlaFlwTMZE7mP?IWKn3?N&TG9*2373MXl)21MG+L
z4f92nHK!J9Chm{hUL$X1{uG22s=*{AG?$PW=C?i_kiWapCHV&~Zbv?w2fHL7NWR0|
zY&?CjP?*8X@(5*r`S{1H*U&8Osi?F<4UTZkE7<7;KdE}WHa4_bBgK=GXX{X~Ib!_T
zSLN100%;1sX}NpFLZJypA|uhyZG)l<{eX=^PHjI`RCUDJ;x?K~0Ov_@3bkDPvwZ2Q
zh`I+>+<ibp=EMq1a7Z5WK~b~Yl$z71C=`xiDFU*30&OnOcr>tCq@5rZw7Hb6%P<@(
zJa({0x<MCEvk=Rwc_a%?%btLxTvoXp)hkHs67-=F>i!Yz1DKpc2>1}D8@-j85R|s-
ze3bgwJM><~FV<5Hu(3|iNP|X#nCKg<gdR44h|Ml26(kTI_IS{eVCUyCsC@neW&CHW
zULIbLXSui71A%4tUOYT`QTRDIGpDEI_xjaS`#U4$(105Dm;F6n$;T-oX72B}t%_No
zTV_L9y*W3|DjO8gW{c=Ha9{AT@FlO+`^X$%)%XGR)Z)Q@IF%s|0vi{@KpP6Sn<3UM
z!aZ;^ZJS3+k{-BCgtG_;7|ScGJ}TOkZPm}(U|i(O>)N*Nx#Gz|QSj>oB>>kaZF7#k
zp{G?UK^vz_EoDcAc@vF5c~>Z`5=JOt%di@ePD42vTJ2Rcy5>n*F~d@X_9`>FM;+DM
z?Y4U%t7ZJPrMeyn)Q08+A$p}dG=igt#MQF`awioj=w5M+<9sTNYZzUei0`*&{!mc8
z-JebpzXH@}Y#-MEp@)^uZ?YFVNYyH9`88U&ZD23D+_SK4*fV*e<u<>h!RX!Nao17n
zk~xvo17hR&1RVd*uoU47MD8|Umo)Kr{t%cwB?@CKLQYGf@8B1CPN~()>I}7<#sOva
zI@bOJ^w4W~FWOYcIQ|h+ek%BCSdFd}W<Wh>e`>7DMV?u)KFd&UT&aiSg`f4p*<(^I
z(*?y#T}2=5F)lLn4Sun63(c=!*wEHk=Ha1xLDOH`m=w5vR3jjK;X>wD-l`bC7|VWx
z$N_H+IRoGAUy95E?+5q>n#ld%f@qZrloX*eT&I?Rj?i=WbY~zcPxoXjAg42ran0@m
z01PaKVSVaB*1o6oDi(kyn6oeev1mREoyO<;TRvMhPA{!G91p00rUN^R6C>-O5A2Bm
zE>os-3ug)y!oP6kUUf#vA69fN20PC5GC2kc=1vLz@m9KN){y-hlmH#x=R7gHB(O@f
zwzVAu@Y&j9Sy|=X3Fc=Y>LBq0e$pSP57;vxG{6E(-O^yX*q7s9AXBHCAei6tJ9fy4
zB!jHkF&H+ThpY(u4!IqDmb#GvouCpyM3o|VQWyxpa5|>YOr2X`3_`;k#NJflTW3^U
zQ#AW>Va`->rPY%Yv}>r+ZWAD1Y(<K3S4p>pl)3rgz*g3?%;TABuM$6O3sf4f6>eXo
z=iP&19I*Dvtg`&o;+H*Z0RYfw{lgy5=AQ;b+ay>)-_m4>EC|A!9TP2FdnnsM=htnd
z>t6J@oMqbrdS|p6)dfEd^Ic^TGq;2bVdwW45PTI}lkck;zZqO%rIk57UjA0cfLsT|
z6=cE<(=}bo#GNLq=!<4-GBFQ|y!33%*LvLZ0Qqh5B_J2ZKR~xn7G`Dna1ol)$XcEX
ziqYJ6pk(J8?`W?-=0GQw!piI<#IJ(fra<YvUc*9D0p6i8HwKL?Ro^wjZgBAu#ss#q
z^=01Ml;?Nn8~_M>j)md}1PSX|RYu^Fqh5`Bm0+`~{RmZxKM6|>jguVxG*U=zt8GUd
zO1pk<mn^zNr3g?DcM`q=dbMyH$98Lw*)#~mb}v6JQslArwE_t`M)g?Uy=I-$dts(m
zXSxga;8H(YmPd`C;&H6GB3CAaeN=%UE~bOho`T3Bl_yWwi;yB7yaL<SKr=vW<elRa
zoH7|R5Fi59@6;6uO-tfi+2fE7Tj*=Kye>6L<v(6VvMdA+K#Y6<Lzr+2@~xa<P3cA2
zvuXiTN0G5V(0|W9*#HdpZB6y+kV7A|U4-yrRe`8JfFVKkD;%x1>Pd=xIu%g({lh=`
zmxnZi4Fbg|fs83_p8V95dz_V5Z@NAqTPc3)?tz7*4>W$+=L77Ya`(w}B`0c7<B~ju
zW!WAD1C({a6(QnWI+wrG94qq!&Y{KoO?V88gOL#yDz4Fh3nAGAXKv$4#-^j7o1;}9
zUNAf{SX-j$0W<gMqK_WOx=lT)QhpB70oRYbuKJW?OYc|m&(er^$KFe%|2)h*%uhBg
zZMM@6x^r>k`{%0x<&P;~s)e3X*_ai0k!(>~%Y<f&PkHN`9KVc+ww2T`M^5z?z=qxG
z6Ako%5OFJua+<TFCmhxbgP`!>*XhTiR}!o9EB$NQ4T*0d0ttn35}dM5BmkMJw)q8K
z-d(=u5?RmJ;+zRJC3)-j>n$riJ|AFuR`P?WM}yCvFwatU`bNYlsVZmXt=+~wvfC)p
zA6rB{Pq+2%-0{0_F7u{kX1DRN<+_6&PL&atfWT13bGrC&r;c%5qomOC{9me!zqNID
z(f`<1$v%-r6)}r9d698aD=l?iT1s@@PVLE82wUbZ^<S3o=Q`t{L4m!!5)l%;XjE+v
zDi!oeQ^;OWbx>FA0@E+fTP%>0He%EOn(4qum)Cq!<x((v-c|soI@eNUn7F2rDsUg~
z{$^gCN+eAKwE2^1tBjctnPYtch*5gLUb%CMs5w|r+_Lp_=Z=1gI4d<%VTf(HP|%7o
zKE`^N(T7y!f@AnGd6rYqxDoar;OtFS>QOK<KiDTvA>;X+ENv{k(?<Iw8m-Y*LiXF$
zWU<&e$IyQ+?p9yulX|en+N($Jqr6g%b6iftU{)(B`y+=?8BD<}F_s0Xr7axMPWA<M
z_;N&R9(tg3yJZX}ml<OD#VZ90gw#_1FsqxMbfs{epf)|<{bN#1E(stTwFtN-gYXt@
z?ix%2x<IwecwYZws$J#^6d|^<;hKE5*8~O^Q-fF1==NFY;9D)d{(}RFzK1Lv)y=dX
zWqM4w$6e<gswq?|Q8Wv6!enhAFwCQ-k+U@a2%$nvp{Br}_-6lU7;mvyv=&|K=*uX<
z;k(PstkZ-66-Od&P~@ostQ7R7*y;XF01_;HPaVz);P%M7vPXf7#%1x8-EizoW^jAi
zC6QIMKs+=L%{x6X9{%45Jf*H?x6iJW#h(@KXSH@7uGcEWv&nNM@ygsHIRTp+vii=c
z%vkgZ*<gb9F3+5DbG<;NlL30JX0<J+Wqo&Rw`*W0pNbZih3@ZGnKnJTfT@MWC@o4Z
zo7crZgtB^P&RlGScmHDOW!5@HE4<pXJ5Y%+x?jo(A1^1i6~Zd==EwZ5P!=+l<rky6
zyb$1}77Z`lE^AWiinvESQO4~UJR+a-+`DZHmLod_Up97sBt5{8{Jxc61Bht=cc8U1
zTFIht@6;Wa%*(S4LHR2mHI!`6+dQ4Y-DdNzfYh3{((IGuoo5(ytyUvpk!<|UOiBlQ
zL8)4O%-vos775Q<>|438*AA~IXrgvr*4bN{w`Q)IrEw9cfsp3-f}RO^W?J!)yI672
zvXUn8IIg{V!|Vb_{bjjCr~(F&p|XaTN!489Nhw8|69GDu6*INw?uM=rtkYFk>uBd!
z+QMD1&>KMy%*&>i^2tn@=rr5aP5!Buujt9J8{@$zUN8H!E^DFojkP)ExHJCg5*=TT
zr*F#~_C#oji-U_o<vh#fQisTN(g%_rQ^)~Rzu2RWmFN*HZ#ATR*pg=Y8Oo`t7ZcAG
z+WE2h>*r9PLRv7`iL25+eXTFcsvFiQt8H&^wLD(bf#VrU^j_15kUnU5vnss?C?lVR
zBUJvwM%%Dm5VR2-&AcFv2!t?4Z~Aprn<;WKfG4^rL`+xyGcF(5t7z+eV;0?5_u~Y&
zGdk<XYi^~ng294ms_u{PeO5(T;yr99l4^v6t@s<c6as|OQx+bU9c0~4WYCBSZdtT@
zS=(Ez0W`?)5wrcudCKIZ_8IOkps3q~As9X^n{}y0Su51j@qRrj6FB20j&5IbX%|%w
z4uPFiy&kdfVRYs;tLdH$CCWvGUX{QSL?l39S>l<FN>pt*`z@FJp>aOeDf+uSA&DXX
zqH-Tflc_3IeYuxqeF@|1Pj7hWiM1C>77$kujZQjhd3i7&KXHZ_7*3S;pB!aZvQ;PJ
zN{MR=OX~HF)jZgs=;@)V4x(~t1v|A$NzG|Rbrq|lvNl8w+n{h4__2H8`R#daq{+5T
zdoBew@JKzBmCG8$OxVVA)ZaGhvEPqwcdn~Y<0YjS6=j^AW^JG)K1C0<BsL}I&+W7}
z^5=dkYHB;k9JH=i5GwONCmmT#ilm8MU+5<kw%mW0cW>N_+g$eWLXgZrx`rOLiyAne
z(98Y=uw&mK^ulm4Z6mFXW^g{fDv`K}EI;_$ss~}>%k_iHY^f7^M8JZR``}AmB`sh?
zauX)mfRh0MYVuEr*lLC;OEv2Jdwo*vMNhx&%M^ri?oQ|!@#A$sx`Pzf<8#J)4sdP4
zx}DB1GjhdJK1<3drVN$_#o1=eYSG%KNw7_q91Ff1wxI&HBe$WUA8h8=L_khbO)u{r
z*LNc$YqB66cd?I~oyJoQT3Pu7ZR<VS!;fI{hp0FHy}Nx>j<hp{EINzz`}S8Dr05-f
zImkrTtHMcy!!Veb7LgctkYKsKs0&E-9POYXA)#t5k>Iu%GAzOBfR-uG;ntnz1OIl*
zcYwSxGl3#^8yJ4M786e}5eue-nI&y`aJuZe80-oaX3jmYtYImlpGBhIG8Dbzs~}ir
zeiX~6pJsLu7#bDz4p|k==m@LV`$x8Jx5N-Spa&)a&698baT!^@=O<p%%av1DVO#k4
z(2$u~3k<_OFtxj0-#>Lq!EkZ&-F9E0x>CP@)P>}n8^*iX)GdQ9*HGqvf8P3|<<%Pk
z++jz3FYTy06~$vDz9Vr{YHujj8ggIn^9?p{X_(alpKf{U*rtV%sE;Q-uSQ3?I_v(P
zmT&)a3F7@!9gr^tw=y2J(^@l^#Y%0aN6I1uuWGV-MmkqQvy+7@_o`$lU(dF3EE%N}
zU(StZtNw(R;C_N#NO&;2l=JSszUzSd_&K>jZL})7ts$%H$7&!(2;?^p^|1Ap=inWW
z_B@>sQ|h|JnpEiB%bt>$;zR$cSDr7*lA?LlDQB}oAWO`NrO(o!!Pu;`b>A!%=PP*Y
z>6wi#CF<ST(?@0+Sj2`j>eh&Pis@%>_6qoBtLE%x(Y+NYw^LNU-JqDblPN~lu&Ba2
zX$3@+C#a6Cg@X2ru4cMI)yZWw3mI~>u4#Lm#bR<e>(^upRG`RqM_=}G>?M!nC6_qf
zg##b>#Ad?c%+#A36@UYp+bOpRsfjIPs&mo2zB(>uWAc!OZ#pAWNr*MPM4z^!bUw9X
zygyVFGg+LRPgY_cVY)5os;0!VTGYB<5>=WoPK*0V=ivg(xKrAF7?eY+h<~L8=?JDC
z&HG}X!6bK1)_z*r^hDW@;-59PSK;`OhJgQTsL<5?XH8N1-NJrEk_sz@$Fm5A4S5DC
z@K^XNdW3;)JzP4&fH3pNh!~Y%f*7OvJ81Rh_Kt$wUdp8F`y+T+X{XB1uw=JFjf4b*
zc(Hs<L5=qE+6Ok!T>(787LpWecgA0ma%-zd1l3=ykWSU+lPNKWC8-B!_caN~pM7Sd
zrf@;@g^XWIjt>FQV&WT)r_sCU36@_#m$2rfr)SwBi)2B8CW1=<WFA!JfrMvS;<sEt
zUp&f_g@Mn>w4e#z_(SW3#dDcuj<s}qz@cy)|HIZDSVH2BuOZyfchf$>NLw%#1yfqY
zhNX6J0w<ySkS&o{%BW;-LlGg+C74CNH;c>Phnbe|L5a@j_G82gRi9zUp%O;%$BCu*
zeRSU8J`RH}Zl#<@<Nd6*HTefw8YEaLxWPN4i@iM)@+dt&??t=nYFj~T>xeHf$v6P<
zi6Sqit5c1vcYuF-F`<udnN?@>v+(rtE5K|#0dBYUNM8GYY9Y#?IE{c;*-Qws`b$1E
zxe^NZpCZKfr&H#&Ti*_)-Gz5v266P;>><fsrcrXPFs$x%E*-2RMzY3CuxCleP$E<5
z_Kp?{4S7OMd!+3L7aNIvO0)}^ojjZ|pkxS>3`FuD6z48#9mL=y423IQEO`tV`Cj!>
zx{>nS=FZmNzu&BvLhED>H*yGxkKq%BcjM7T<=9lU1*WmR-BD_x&qT3uo^Z&-g+>#?
zEo~!7OFQZ7ktm^LEFX)-L5(C<b}E)rWl}VBYLIHJp5!EG)zJ`oi*0d<@02!P0QH86
zA?!A1+sDhRNN7#*+&_4hcvn_lk$-f;@^hoC{k5J-kD0xVjY><-W29sb>hNM+f$LJ_
zQSF8zY|lX>l%zrxHr=g*Xd+<F#ZoFDG173Rv#@PBC*GPTe75$4>}*a7sn3*HplNLz
zgpwzs)@=I|M{~-Oacq7Hq#Cz0X^)k<BBf=khtxFznPEk?aG?rZS>l(8TAn6@#!{i{
zmSY$cXV%3G!vOM?th$`W%+b!ZEZ${vB~yKGmvC<XuCd<x%O$KaLNeoBin*GRqeU*c
zOT^^l@?Bg<FpXzaXXzXC9jZERCb)4;l05aHCq-+9#agcxBlNh0tg=Q&y-{adR4=UK
zt9-0hV@Gh4rw#0WC06XwD+w}HUm~eaV`WQvw9*kxz+p^;yYo8c5OD|lIfiOY-mtpb
z2QzCLQa#+JHzW>sFS0sTeJbLv_dU5Vh=0Wj<2LTNlQ$l94Y%#R#IO&VwQP}cB)gbB
z%h(>O*I8(&*J3=u!`w3q#Pc4PBR(RH7K*x#HyXxc_|c_q9^Y87eM(>ryM<WXK<-QU
z#liRc7hCLqZc`$XNk|7}HYY83LsI%i<agPszp$eGE?!ZpH(4Qdv@?-x5*(l^86&tQ
zHk#ham`2%D=HV;?df1lVHgQ_35^L%AvTB-EcfCIP!O5Lz&>h)}0p(Y9?@m(FpQ}DS
z+0~&a$2(if{Ja6GG`S<JCPW=`K8`H>c$do=zDUwMJ1Z*(tGGCs;Wzj|R&NzjPCj;I
zG}tB4ENr8Kxo3Sy-4wl2SeUFbX?d6Nkcm&y#a&{IJ#^^}Y@%ykTw_&I65z<OvKdIZ
z9FA?|%wY``ZWIl1vube{Pu;~vzFROldhp)h!GW;J9$8^d+L9$UXCYK>hNX0T1Z7%R
zhB3w3`!rG2O+d5yF^`%9O7^RoR!h7k2UAErGc7i`GPly*o+J5_TDTBeug4;@V8Q|w
z-D^g28$+`cu#f)Z;$|n!IwgELxo6iA4<QPv8Z#UjQ*GVkZh<|0w_F#_*_9>Q_^^8f
zP92$#77<5_iH4K_oT|eB$+8M`kC&_E>M^nf!#xn)6zW_nYepoK<@yL!l_Yv8-Q`c`
z*I&QsbZn2q$!TfhSjS*aVu5X&-j{+b394>R4%x2B#{Gw^KwwO@u)RgZwD>wpU|l24
zmq@F6SZ`Zgm$GeGHA}d3Kx2XgMWwZzR@lQw9t(5ekXGc@WL6$@nR_E#7DcY@l{5{U
zu#clWkJIs^wm)SlIXseFrj1kWLxo-AKqVxFW_zfGt$&YdplezSVB27W0973N4?m|)
z1>YB3C}wh3njvA^{<6UzbvYOvonE<{1}^fy`dDHL(*pZkvU6)bI!a$}<ByoLQzW?c
z1!x3kU>y~z#?IL1i7(Vye`Y|Jo+qwre?T;y=HB2kH2UZ8{awuF-=}L34@yF%yX3CJ
z-4Hs7&XN9@xUnO6b+-}XX1xvQUZj8q?2(_ZzYN+%P37L#>@Vq_DfxWZ_oby5%YIoV
zJ(01xo;&Sc<YpnLnqaLU9PPzbtW(3Jx+eIag?ZT0o?}93qdcUVr=Pf0uhSYiwhc0>
zQ*g3|cFB-o#F_TJ1)2?_MI<RqYMOPD5phRqk^UPuyQ;jlYRH7P2Wt6ruxLxFnxRt(
zL$|STNsOJI_AFcgs~(EuVl9)s?`TgazRXEy+uchWeOf3^&JZZ1EwVq`8y@}%m55I=
zZ2MJhPxZNlx<%!1x3KQ>H&>Te;}79TM+G&JX>|8D<F44;p@~uSV52o{n`(tXYvaSZ
zm=M`cGH&Q1y#^Z;gAK$a&ARP5Q2fv0JexZ|%iO`)Trt{Bm4_}0Y$1aRmoc{ZR8OfF
z_F|N_%s#e2RArcMN@2G~umOfu>zB&%J-U5jlK?e;_@bFu?HO8x_@MWR(7Zw0LMF3R
zGjKk-S5Yj5YHuAF6X3R&>$<f~MadqmMV4E>vC-S*eo>bg?+$DO({4(nOT}OTbkO2F
zL3V}7LtX4$ZDapDMwM7gqZ9+ex*5tyjT6BkTwud(&M%XNv8J0XIV)OWbc{-^v7x@U
z+!o8fD>%J7862ZRWn%+ljAdtzs!$=7vR3J4Pf{Bj&CyHcYVxc`w5!hL$OeHCf5lz4
z&e!avgKQ^VOKJDKwia45JNOo!5aNMsG?9$us>jrJCHutK-04cRQ|WpvL{2}QHmBi2
znC|CE>(*FH8K2G|ZrJZ#&Lt>jwvtjgVqLeRiwO0hr3)SQae89{@A-S|ogYR}=wCkz
zG)DYg;r(eDW$Aaw0QawSE0@7savnEf_r>`4xRBN$rp+v!N6Y&qZqHl>Rne$3eP4Gb
zX5}JpeUr{At&r4WtZA(40`_4>S0AdB%J7FI629-(Q4%u%uYk>yx#@c=!~c1iTznB*
z+J|kp{fA8kJ;cvTiee=^+*xl#AyNf=4S0m=8y4Iz-IA|PWT)F%YSq1q9q8y`S+^_I
ze^Vsx|IDUz*{UpXe)oF1^%o0Y)@^QynO$P1Jp`$szr<2cV1G7PKuMeT>vg%ybk))l
zbC_|$Vg<hhmL>646RCSc6~r#P;hxpi9%$QF8|od1i$=9BvV9#;ash#eI)NtH0`3&Q
z(BU3W_n!0OVNR|M+HbNhs8uU#nX(2}u<z1Iu+}fSWc<Ob7Nt-Uq(CA?_^~eLIrXvF
zV^x$;<O$Ky?3xOlpbJtib+0hJD$qC%9u5qxmuJ@Ea}vWXEwoyT6a!M_7*BZ5U{xMz
z7bxWsodQSCl<o2=R!fa1y5PIg>?w`DSla<y*}ApO^bjA;SD&Natwcb&h1G5>CGnX@
z(^^fo^_W^cJ&`wev!>e4zED}0skL8L`>42F80D)ieS?}fsa{*0rsP!qbYANshfAP$
z@7|O`*W3tpT&ZTT%V41AL`G(yi{LV2+y0ydjptpNOs-_YnN~~3v7PTDIT{9;MK&|J
z6>IgijNdWNHuBpJ?o27naMM{!&&+Y;C8!mqmB{JXGsTqhW38h)c5QDOzLFS~%{yR#
z&2SgGHmsw<R0+FQNjihJ*c%k%X*Q51?l2@YsKoAiK+EY?SH=x7H-f2Gvf3Y?WT*di
zQG$}jl1_=*0%*ho6wS_uJ=ylsneApt96LZ(-u9W=pP$QOdGqz=+kGTwX{Uim7qvI+
zYakKxKmr`WUcSrVxZ)|@`8W=H<{YB<ioCvVPc<Hv>J5r}GRyY{6pR19Hb=XJAF+XT
zFlfEa0vA-!0u4p91i<uxM?cJ7ELth|U8raZF&B=!-7j(Y#xK5qnpf%SS2#6|;m5@H
zN-6#Qt9+;aepmI=oXC$q{C|G*70>&|%;zB050if~SRsvwoKyHAG5(zAuS&=)h(r?T
zIaeOp%Sz!h-EY)isJvRk$xeAHsx|h*H~z-0ue{u2FGXfG-hl(vXToaClf?pXr>pk)
z=bGAbjh^1dZFU1r@IIr`#EKMDyu*32Ik~^-a<cNc?c<Mt9V09-Vd_!^)KDPXASCA<
zv4{l^tc0EJIM81F*eAP_x0Y1NVr9Xl!jTTLM^QZ7UVa9!+Gx5#eRb$7^`(Z!$=8u_
zwe2!&HzYFH$Y);CyZ(7Llem?|riwMJm7bH(G~?s_lSP$&@ly)@UQnj1K3i&<sDivP
z|GrCp@xOQXXWm@f*RDg~{=V*oL}uI!==}JJ@X`+vvi<v#5%2Ve_y50#7tB9l>E1im
z8nfi)yf0~%;qStDaX0n&(f_{S27K$-*K-xRppCiS6$IMTl1Dmw`~E)mxzB&UY5$il
z<flJoyYb&o7XA>&DJ2C!XQ&}G!k52sD);GTaCUGYV|B#M!20HvzBeLjlJKR@bSMLB
z&$hLL>ZJ0C?{jiuq2c?@0TorRMzFDWJR(SO&B4AY8t@Ixil^J=eI9ZQ6L`~bKe|ip
zaA(Yo*{Q@?y?vf0p(=MMFG2u?m(~Uf5MK9A7*<UJq>;goKwHzegfw3n`l^u7ssWb)
z&jZNnIvTMw?HZ{6;J24ET@G%tyl2YB>#b@NbPzKy05IaTR4l{%R)5iNKR$d&=a3*N
z?vuB_=GXIq?{Z^ryt=<^&fRPChwczQsH4V__vm4^6pKK`*2%RLpa1s@p~S~o(+2G<
z$Z}7fFg8#zaQmeC_rbm4y|M4kT<q=7ks0^lal)hgZ2a=?1DNN%arVC(2e<8e2Fv@0
zfQSI_eXrg8=6RsqWWO1(xqAnmdx2fl(NAA_&j{fa*oIeYU7TbRYl_5A>~J+o<zy-P
zwf7~Z<jM`($>ns$5uW9A_xQw%h96FRI3RG*I?_7wV1Zc=Dndfy?%CS`2J)ON6jDcA
z4CsmeeE^}qRDw96tUCO%GfL8_QlOIS!nqwMo&EsgBjQBAe;nVT=>C{GAuU5$`Nm09
z8#D4*zl3HSf5)k3cUTj`9Y4aG&B=LOX2n|M5170y?qZJ+Wa?LZWxZqk`M@!`N#_%3
zM>-8AQkL_b!nkAh+PY32`i4pYb0v6F;8*`@!L~;OqJuI0(Fog(XMbNmtGcD$!9BPQ
z$A9(z+=Y{&vsrKd9^k*4&a;6o^sj!fbb<-sen5%C4CBT?%H8i`FZ}=eB6w$CByk?e
zdXe(~CjdoS0+}Ti9st7aX?){87ZLS@={q|2=063tqmgq1FK<X_-i(Zo19+=p<Sa@~
zouFID@}-F(Ty16&7tha><C|zY_|p6qNOUk}ugeM&$b<3{2{%viW%3A*_1|Gfl`cz2
z{NB&foWg2{V&x<rKJMjdg7vMgDA64zGxUXph2QGDI%3jz*{r3h-Sve>ffFEt{C(l<
z!!0oe1tMkoDrd*RPeZ@<?6<wf`xxwK2H0-T^-zbHSQ|&l5N;>Tl86cOIAYO<SPkF!
zS)Gi;+OKfJ5cT=LuM-f0qaQ>*o6+v<jfY_V_q9VO62ifuJpI2xS$ejxY#1Tf<`8<5
zK};T9+0GO@nLqcZE{zk6Z0BOL;p@IjZRlqG=oS8l4M`sGSw6udi0F34{lCu+$rtdD
zku3A~0q<#kEv2-xO5<PnzM#@ae)F^QK>=s@I><nwY;rx^W>S%N*ON>vlt}n3$13ZG
zW6O8YMGa-&_%qukiUU~?vmKf|`X*$`;e8}V$fn$*0#|V<siZ$s`m+9C%U1WSw&2-X
z*JbK4BAm!uJdd(q3+w{E-b)UC?^r;Si$9Oj*i#S61MkHaVv4e@)O|x-0}ow_fA7l^
zdO^%!--F-9ixJ^nOzN6uA!m5*4xKE~lNRyJ%OFQ;3^G(49fWISmJ8@V0-q0jW8U6Z
z`P;m3#&Y2DQQUv_=SNkx_vm|bc;?nV-e%C%Y+L_z#PGYOpZ|@=Y!P^&zwa6Z_x~N`
z6Y%~ciS+O5H9UxyWbfGT*iR(Li2uF#dA(a9Sp0WW+Bqw^jLsP-0%8V)VZI@9bU9ML
zK9ghnS^saw&6~NwwZ|KNSNI02bYn+&OkcaC{=kJA_<PSF+alNJvlygg@79xXz$)S7
z97ISbpJtAa{oIfqp`W<MjO449g_twyS6_hr>rg_Tzq#*}!h}IBxcG%&`a4i$%hVz9
z86H=0X8PZQuJNbK)F3`k)8N#@I6xc%g@KQsKfgD?^uvjaLTpp`qS)W(0VWuHv==xY
zZzAMhUT;;ma~u)p5h{G8!750F8?|Aj2Wx^{`WSK#@3Qs!vE<=Li2ghGw;>|!w8Nc$
zzMkLee7mo6A4Hb1lh`|RNAE|+|BCn3_Z~+}#f-3;T!1$QaNJ=a%mdl{UB@|~r~zS1
z!83xk^Z)riEGiu1;hQ&YX5PQ>H!dOf1a8>B_j;xN{Fk-wApsr^e&+vf(BGnJMusbE
z6)b<de+mY)n(6q!!(EK&Y55L=T7Z~;gXIRG+`}ds$KVZ!>bPQXKF8%?e0)5VR=}!0
z0dT9VPb<=kQ~ctAu^avC!d9{sFIZg_Pj`Qer-8!Wqawvepfb=R){xy@KrHpDZ%kEO
zU)5R5%6;{ChU_aWWXpG__R=H|_?69@S)7;fU00h7=_Ja_@9s6LZg;Ty636~g2o-Iu
z&m5e>DEPXV-5%h<Kaj!Vg&IZJ{E@WYxz}^^UUjZ)qqW4YQ^gNnMvh&?I*pdq{5|qK
zs@P|T^Eb5~NB1!~68bzr)(kcRfbjzxvU)({h=Aq?$l!s<gCr#o6TDkg%U9t4@g78z
z43z&p7Oj0HA7!G_IS*w7ltM_Q^KBG~Lr4z!Ujd4Qo#PyFVt<QIq{{i<jobP}3m2`t
zAJAJ^^P;kS<h*Ffl+TY}=+wU@PT8Z$o9Fet8{1E9{Q)iq;^I02zlfzJy41F23MK(}
ze|@?QWgpDx`K=({3!#xs5hM-3h%Xq%BhmHz`XM4|1kPXp2!KGCORhBA9?V|;{>gc;
z!SVyhDewZUw(GWz-M(qe(VQ}0`Bna9=hbPnmCj7m=%q;zEwCs&<97PW$uLu}Y_sVT
zejj}<&^^%awQ$!E)tI#)L@<i)Y*HWdqG+<H=I!`i0to|{$=>8Aqn(90*}5@BNa{hH
z%_Tk^y?>2m=DCDEAd5|bl^NYz{|~wR_WGaQqHbb6n|Lr9=DcLOmZt)Xg8tVR0rUqr
zD7fSKe=9(7alo=n!hdsX)B(FdNf$R~KR4K+A|KhDtdd1c(x3A^7k<U|T6GODfl@JY
ze#aI7qke%O3$T<+$H4m2PTdLK7{Dea0<wFZpeg%=8y8rSV~IGG0FkvF)Z->$Jnkxe
z*==xP#PzDykFo=Q#v>Q6ys&s%I@V95Wm>1%fhLnFkcq+SX3{}{jtb2A#R<k-zkseB
z@%r9=E3;dnm}4xU%-i5bljbbLHc?Pd?er*s)+VOn7aBPJ9O2dh2~+8h%-gB3LY%X8
z;NVqgN2xNb)gbjohMo;|YI8Z(dkjXX+xEBb8m<mB?Y9#pUWJF<`U{w+O@1L^O$P<X
z!ea#`Y<@X&GSv(fL4DhsVEzn*ok0EB^2_2&Tui1T2cLko6}7O{*V)?X-JrjVXRDuT
zg+U?l<t$r4!91u|aFO6nJ6_ULr8;LEz%jad=BwGYWDnIKrf<)qKC+)SI`}FAz5Mug
zj{TS5`)md-Snl8BCNGNbIQ$!7VO{rbM4w^6kTW-hBqPrHre*-vjht997pR;;igZt-
zOEs)tfK&;9<V65(L3n7YMyQ+xW=Hbm{(Ell;CN27F$>P8-lm_*ycE4-M{oKCa2lwF
zvks`9yYRFD7J2|SBkLRdo)rjfsZ!mrZ_qC5{Vgc90Ce~1#SMP(N()Qk+BT2o>3v7;
zPF~n4^OE#?Z4RzPrgqdhxu;qcghUEF_FEFHqkvNk2H`GXt-Wpw%J%Mr!fMpgfS2%T
z9Rf3$K*ocV3EVFbZixXG*<~KFB*4D}7Cg4RZrRgU4>CfBAreBvAuTM-Zn5b*qbZk4
zDf5!qdVM?Y>fy&?QShfOMB$fW;#N8~nEa&Kh7UJ+Ms6rQEb|rnrK0BB4E4C#GblG;
zZ!4<mrT|qN5Ju%J0lQ_q{$m_xp&BBbAQYx@ttDQpt4C?lJSgbTKN6ahi<Mvw_TCy$
zj0T>FZ$&$6OOTLx`vKePkTV2RBlY2GmY8RCo1kq1@4P+$e1xw>`7(TyZ*v^JmBfLV
z-bJn~Ow5mtKC~{B5^t1xsbU_HCa0AG4JK&AHG%c_#S9-EjEoSmy(QkDn^o_4R_U-$
zz-oKy@D{f9;4q)RXu&`0BC5BoubNPuTwYE=nK!MqOr$e@hi>tS8ZFB9)`E_O<_K>_
zFqDR{gv+vrGmdxxTDib-3<R~Vc($4+E!BU5L;l}~32wFko$jsr^RHbx{UET0;8|bY
zfBPGVfILj2)8}XB*D1KDFd&aLbzj@f?1Z&BtjWMzNew!#2~gFP;e+D^G2%E_$H^T3
z*a}p((dV$e2V@3FWPArp+3_n7MdA;`5iHn~WsLalo!C{e_zIo?Z2APSh@}sN1)wA#
zsHwxseUPq`=lFMQy1;b>v}i0i7sV$I+T9r%EdZ?%$lsMMZWGJ@4E>~eLj4P;XR}Xm
zr>xrZIZbDvNC2K`qi%-**xc-2QGox+6nqU72Y`Aaa2<aLIdGU97|vRF`G?TYKwc_^
z2LM;Yg7!6&SV4(k*Vj&M1PMzzT;ytZ*#1X(D?64^D|0GB_k$%G1ZvP8@i8-96E~-i
zvzMp$_oA$NG$PzY!ofYmh&XLuDFKID{lGnw<8{y!gYptwymrm>#~C)$cPuA@?>E+J
zo@4i_9!nRRwe)9euqzIRNrO<B|AX>8P$zXMs>YleA)J!o<Q|!O3F24Zq;!_qPkmX-
z%F9y<Rp#G$$odvlixNIcgp3p6bFHS?T~<&?XRoJ8$0#M3_k(o#_C|gDs0hcqtnxi|
zhws_0I=VOA9p>QTKHe*QfQ06b{8Rv%pe{gu1PV~bZ5NP5xKj_TIfR@cZXz8XX|ocr
zA~A8sunRr4A7P8bM|?|{92a-LLtWPQPcL{yo5k?=HGu;O7pXs}0z~P7?LE;M6>tsc
zBCti=q2<vmmeALmkK{X$YJk~^u5T9&me2S|x6J5HfYSm&De22YWhisXfx-lr9mr0<
z;lj_#^o9fa44(QoK*i<0;Zff-^1cT1mm@E(^WMJ+z)m0-JStY^H+=<F65!H*1Bc-|
zXz3_fs)10dt*tEx=ZAW=2lEajQ$W22GLVwWzcaVLAK2R1V?s6eX1u-qC_qv>7+ZY|
zj&$Y~JR-Zha_VjAo<$IPAY){~Cjz(#_b#nS>_;qQ5pc=cY<H?_nz*EckpLT9kh4)-
z&t2!hNKgY<NhwRe^2hNG{=~;4fWeHkyyV`La{0^qCtDz%rJe>3@os=}wg<i<I5`3V
z8c<aQ_H5hO1mOajM7CVCyGD7Yb!*Q5YCnVJ+DAEAb9yHrUL^S{rNaS0uX;Qq)m&%I
z&ATCqJLZ$>PQ|l@*yhGFsH|4V8AzoF=?Dzgj0W@y(>^|h^0sK~^u)hq6$bihd#((h
zOuM-eZkfJT!`TsT*=KDVssbFN42vcZ47_C~=*#n;V-r8wbGkY9Up^nko$O<G**bJ(
zeP6d$U6Wx6j8}q-JrOF;*`EqN*^lE_V9`7Zz<VutYVbr?j=`OpXbrGw2n3iNd_rwk
z12$t1Xzu`9iv&0pKBba>wm8bPCy>Q8e9R}KZYZcM1QpHiLTv6NG%M8yh>{?m)vs7D
zaAf)OsV!q4`JX`7LI`R19b_WAKC5{&m)(oNU}9D~L7?Kqd>>be_53s_#^Kp6f#+Wq
zuJ?QcNW&=u%^xOnFtM0YzVPMUW6(ZUj~^)`zX8F+!@v!^`RN&0j{^*yD-#e38D<c@
ze=QX6<P#%N=M>F@fvN(WqRvyGY-kVV8QAMEB81s$@go-{W32rckOt*j=BL5GRtG`H
zB+l)FGXf%qM?u0e%+pisuGlI_u7FbMGUQ&lU?YSkJ`C-SH3BgbR&nV%@rOri2M~b)
zou<eiZS_%{oyl6^FPY;4qC|sAAm0S+3{cO23OQSRbGKK><BFhrt1K>4b<mx%b%-CM
zwq6FSG1dr{Se4ti;g=VhjDmkMTm)!Z&&xeM%nq~>neB-&KnTAT`|r>dcf|;B0z$~-
zBe@XG+i&C9JR)j<9}D)bKHXBBk09>B*AC&$%ItXqZ%xiOgVlf^xN;hlKuorNX>@d9
z5UjB00UZ5tqUkAU1%uHamXN#wQ4)gq;LqCBM=$+a-x@|6>=P@|Rs+WZ;DDGJ*HS`6
zm(l4MU@JMdSRNzy_<PVrMXp|ibKe*bwsjRW%@fl?A9X9%cIW_?q(*=-z;nF!*l}tu
zlo3&^^T(IOc_Mws`nar;AWSz^bDd&;G;ba?{_y<|-goW)MI!Kd?~>r+zUlVE@W(d9
ze0%meKt&XtDmnnZf9sjtxWhRk-NFSJnGuOZL~Q{+Jx81Sl?37}5c0&y{+5t4?nA*2
zVJi><6l5{b)#$u$;ENb{-cyQ_wPJOhp4S<_0URTPuoYDZX>h~{WXMlPQ-B{>1%ySY
z?a6C^;9P&*5C8P^uaL)PAvT=@^Y7ua`a93xVLAXCyf7SsAEFTjWuAJ26@Gwyfn3Xo
z;saik7?`piQcXda2vD*r^eNtl?}MoRfd~c;o~6+DA~QIL_JWcwG6{%VB9Lhfn85&=
z$sB*t5vC2*MGp1AgkKC}DW$h*1%(s%z{hhIsQOpoAf*khG#$8a+JGu!4Jq~ASEyG!
zB94>c$<E;PDt>PIj;?<F2$Ve*U0`_o3DM)I{oM&oG8|~gTMp;5QmoILPs542oqxBB
zLlt72aW)%gqMp(NS43E5DdH<2%8qI*nr265k|e~lz=(3e-ESvZawdaULdnpN0-+wR
zW|Sictro>VYLgT?f8xtSpmRSyEvXZVdvW?r-VjV>5%M+oT>JlmYUA`LU%(ba-uL7A
zaCR&rI_YAG5}nFUann<gl!jZN1<v4I=0R~E(t+pp3V?NO#&EalWjYu352)`Zxanzp
zz6yjdZGbfa!@iEAg*~O`q{FHnQ&1$psnVeEO-^e5F8=o@Wwxhp&deH-^l4ui9v!-;
z>pveMokvtF;iG>)`jxHA;QsFYy#d_;x1r&Szk*H!K1g>`&$Irxnxnw9Lnu;%h4LWm
z>gZ|vG49W1LdpwZIV7!(*&xhQqGF4Jfg_OX&G(K%`SXv@@k4M+)2^uq5D4YK7>A(>
zJv}`MIJSM2#mYOCa3H3tD;)_aQ4uX4>^{$K7rch!+FTxtKNO(&MJ!aoDNgbXf2yn+
zJw^Ml56Dqg9sh*rZ!P_Eb*-H5BX}bk-W(Hp2))&MD!*yh?|RYFFLe0cudW~3*O^Pu
zeh1B$g_vU^XkkqFF+rqkgY^f>`!UGg<cX2zC-)q1DpumPa;MfoQ9hpseXGO+PwkY2
z(PF<6ASqK-FLb~)07zt45ge9@Q%~KRw(`=oJ!*KaG;6m`?Y$P?*)<@i%VYdWLemeF
zhCb#2bURt<v2@)(aOksz)u*6>3HN2+>9zrAPIV~rD)kni-Gw;i6)RW{QUQ?~(6A-J
z3y$F1wb9EWC6YWFQda<sD5Bw6@P?hz(*=dt+rh#B$Sl|g*Zqsz{#iT;-HEWe2ksV<
z(W2Qr+@+)M)#aF^eUP+|2|3~cjOe>f+AW|oB?;9S`VM+a$S{)m{nC5y7Y}8hxBD=L
zkuK{}$)Uk;PN4*rRiEJ0JK#hCZ+oEN{?2t9cUf4k{s8u^00?0jMEPGAD@}aXdMLFA
zmL{Sqvg&X0e6Mkjyncs*KOU8t=wd)d?B2s{f-?!g%(=#%Lq`*TT`=3q@P&>C`B-Jr
zc8UlctzU_aG+LcTN~n|DQV|tl_={=GcM?VrJ1&Ag6#fn9Qy@Bnp0;lx*zN!sVzB82
z0jdBfTG2JOVtBk+r-OPDgrPqmF?q%7+R)rwNX=^pMI)zDHR1it?%ndJ!@%y5U*5`s
z{^~sVu+Q&|dGN6A9Yk>eoWcY63EwU1DpYT9A}QGU$o1Fzl0eJ_RB-snE1)I;wK}h1
z{g*XNwX40fZ(v{`q>9<pUk<LVM!suss)-02fk#M%R_PA@(<A`!gVLPhMmigXx>E@V
zH&6)>D}yb~y;<J@lu*`iraIX(LRc9UoI$X(iFqIo3IFoqCc8p&o$)moQ@H_WM^^)W
z*^pf6#fI^j$56?Jh9*SY7qn5{+?yi?DPDzG2EsO=gS=gL8IuI5uW8IkxpIQ29P3b_
z({u%(`!N}E{ZL*)dQP<;glT96Gzl;WD?YCs;taP4Y*TFz(_v_ehx8Qq;j%eKf$f;2
zP+Eqhc!a*L9fz~p2vJWe!8sFdNS-dMwRH&zIgib<!-(I)1EJ#{=fl_$HcAtGdVJ4O
zH9;Ye)6UKi+IXVS<vek8Qt$m;4{+Z`$oYG2{t12rjqfw52=!MV;UG`#D?4+}^i{tm
z=5GzoWOJskb#pF1y}+O04)K9USgo(Rw>dHf)YbA0csI86*ZN?!YxMlXw*MORY)(Ft
za%O>g`fa*H>VsJ5&-)qBDL^{wNj1k>XY5#lw2j$?oR<HOueSioa_!oN0qK&I5NVK*
z6eOg(q@_!wOF)niq#Nm0y1N_clnz0p<OU@SQUoRb#q+$+x1WE$cfNb}?3wM%R=lqJ
zT<5XYIs&?;8aS~1*>I-;I1Ev7suFWR<9P>)&PO7P(3%!!dE0>x(A<V^{K@uo5I529
z3OJ2_(nwdZbP}1AuXQOa(v6Nww^Av&@O7}24!VxMjLHvz^iIP8#s=V{3MEI;#2A}|
zB@W_r$zN<wt%GE0h%Tv*BVK|35A1z0wbs19Rl?s}v!5$9Bq9!UfBe@ODqzi0qvN6C
z*#ysKD0ZQl<Y0mhR*K&NZ7;!J0G!(i@`$OUuuxA^C`q{AMo`$uDo|+zZUM~XbNE;T
z%RT^jVxIf7zW_W)`R>}vI`kr;c)IgV?5<>*;zT_RkTR|GiV1<l;s(D|F4Ie}#I4I8
zVK-X_LtE;tn+3h{FB4-N!eFpf+YT%0VZxqyv)S5W%wlmchCLDNc~E&BWe*}W=$i45
z07AH;UVo#0LZjscCuGs|`+I0nv?~pg6C)kbCZS>yvGHP0InxRY8-&H4`~`;$A&VS`
zsT|}3A0VWHEmUuS#9Q1eSYGnpx*NfVP*Db9Z861s9P1RBhGJoh1a*%;DCj*4x~-nP
znXAx0TC~o#RMY6Ar@3#X0=*23+Ac5l{Old=#}hqLx@acKx_agb1d#=qJSE@gh<j|2
z)2Y3V?4m$Ozy|YgC{7O23wdIEnT{&BXs$(Vvy}i!;Ga99-hB51s@1^>>n-Ur=EjRD
z4Wb!c{%h{u_2)OuD-SO6=zQ1gXD#HZk`Y+f4i9jx!5fL5cGvG?5eJ7l=#~zgqDWY!
z3NQ}*k#FSm|IL6761)bmP+%0(2}Y;}xy6Uj_1x9_0V23py4R*x0I6mGMdGp#M1p;;
z@%8oPiNI<beH@gae)6rli#cQ9KDD4TEsrB~)+`7|lNRS(0Jt()P~bwz|4v=o9^wW^
z>|-e>u^fPO8ter_5x@tCy8;M1Cmp?}Adv-k2viSnf8Yau;@_FxxG?xI$g`0$5|KMb
z<0E8bAkRI81`;H{Q|%tl+`_D2rew1KuBspg*x0^~1p(**Lj-u8UjYqK5N0{kQirO@
zI?O<I0w9x1dC6wNzWa0+yv=msW>GNoQziVntrNrSj_Tp^iUY#no89}EKy=v%V{Pc(
zKBxxYpac6rFAO|NMlt^j`ibi<H2kR{pwy(a81BSb1{h0x7el9?obLJhA=?r>1})(3
zT=cHF-nqiu))rtYYCmi;gF=a)0y}q(_y95*5`vQM2R!#*3FC%w)jIby>;IVb*S7=k
zlJnq(VXpZKSowfoj}LrZamY9=WQ1ojhg0vPQf`&(`%M!KXy})kW*e#(8bV7y=M0Mk
z6O)cN*Gf^iD#7n{3+#8mp&x(GTc=am4X5Ho0RPR8WWCp}>MVm8uqT&3In4L%LlZQQ
zc5xpG85n(7^2PrQRE)!bC)D*Ux;KB^ZM}9YfDbk8{z#xy6$$mIZ|6D@JZ_M)wL&KV
z`E@-;CJev8i-9p3mOL(SQpRFs;myJpP^9z@*u9-!yETH_B{e0_-D9vq1EVG;mkpQ=
zewIFkf6oK_S#Rn&gTBl&ufGIf_|S!{eXr_A1i^g*4W2uY6dqtIUs1mH7Q$I%z_bGX
zgh&s0LUDqP&xg>DA=Q>Hg3=n=tsUsRd?NGck`*-yKw=A5pep>3aau(T;H|bntR^xI
ze%z5Iq2&GVa&vP54>=%cp^t-sG1ES{zG1C$wNVK==fD^Ob+Ug~56RZB(Jmx|5;F_b
zaJ1F-4{>?H#SoQUzm8GIZmm=F-~lI}6WauvFC3#8aB@a}?BSz5Qj`}mARP#C)kHjo
zZ-|3PtL&Y+HLba7e&fA6Njfv&quB2Hvs(@WwO(<M@PkxKH_>Sj`L8#$nGO;&@ZZl(
zYFm#Zl#wtV+@Y8VfU{8l*gYKCLYlknc>-XVP;Wc+0Id*?>R2~L*DnyM-b+#VOdlnD
z{RA9k0E&I;&z<VSa4%><9w3L35Q{xF1JgWq&K>~g?{VS<1iAF<AM2k8<29V39r}9%
z>1KdTxPA&1+0D$Q|MU6!i)b*Efk78EFkfW)a$15^Z<0|-2-hR&s9(oNUw;snH`JI}
zHuK`xoZA3bJ4Z!E(mM}C@tdR|)Of+o*${jIE`RE8{T3|gnO*7fyMnn9fZ{s9Q`a%~
zCfTx|pyz<|TKwouQS37+$oPQ6;ThLPoBtJl6}1p<k(}YFxz8KxibQoY_R#5{x}y%x
zNlQ3KF#`N@(|GN6ZA}VYM@dgu5yX_oh#(ZnHUn_84yjACfBNT^N^)cFcU{*#xHT!B
z!Vv;*jSj%{Vm_zb^W@OBY|xYbc~8R4h;%JK_k|M|+K?to$fZKAi(h=2D9Oh1hR;@t
z_K~N!_pyz({agv*8K@(gpRG~X+qemq<J?%hifQyL$$4DK(arV&PuIetAWyuo`#VFx
z4}BQY!;BrgblzB+=1QS8;f5g{e;Vet*drL)Nz`)iI+2ALlHhN_3y`F0feXBF-HMfv
znLsUn_$f@z<OuQK-mkHgCR}zMuF$Iu6s=+}gDbtZo$jl@c`V#gN6@iEPgsqma4f<9
zKZU}3;tAD+Ai6tc-xDka+H|7A!~LJb%`O*BjvNNk_Izb1)CLVUbnD1gl4$;NJZ`ZX
z4K<$HIpY%#Qx_Jm&L^+5f$0F4EI^n2yJW_geN?mrwT-+#hI`+yHwWEdlS|Eyl=4La
z*XLqG1H%3oNPivPM52z4R=}%wr(wJfX}<o1-*&a?=(f#GCMiZ+_|m!J%tPO8?LInj
zMXM<-x7Mn~6t@@EUO37%J7D3q$QXWOy2u;ZoAs$@uc<FMT;wXba9`<0*L#4{qpJzO
z1nc;?Kh8gq`E+=;@1pOnh1+X;&SG5c;G4DA!x~s-vn#a`AHRa;D|iul89v_b#r_71
zvF!kVIg^sexO7fP{DM50ZP*F`PP|Tq17~XbElPenTq?o1xYcO-AO0OiUpVejquT`8
zY}8y{eZyM-kl<D?;`oX0fi|E&7z50MTiyv}^8WPC90o&AxHKC8ZFV#qZRtZNH&$ep
z1eRgM#?~<J2fPY5BnYqW@E>Q0zI^a7+$QB5;1djl6o%kZ(}tG`oexawNRObQdj;cl
z*xo#S1E{_Wrqfi#bHrHS1N06oJU}pRRqgWG4F;G{LoxNi&ruMHrmV*S2r~1Z!4v|f
z99Zmv4687WUyt4V8pl`&Dt)*Ez;5RCV1gA{y>+7_S`11iI(i(|F^U5Qobna)8rCK`
z3jZDCWM1Mn7ga^v$hQxRFbmEv2xtC%tb6Gn2%4x63@i6M?OE!vZG9$S^i^zNSz=^`
zK8PE)pd%8qNF;|ky)<52j?2q5kM5@QFMa`2Y%y60(@4rp6X<y~FCj}3mW##JBBH$N
z36eypIXEi=VI~MQnX-&-B_TwCT_IWg{bktpNtK9z2|5f|ppn7&N}%8&Vu<33Vvy${
zUTtWqkK#P#NWx2-t0KwuhyG2GO48<f1o>P!`X9)vsn)L#rS*cHQt&q11T$BW%B=BN
zZUT4y^(NVEbL%GD`$(6XNg53sLwBxoS%98?4zvObt=stYp`qshrj89??ayT=m>Jeu
z4hM&XKp0Kj=WDlhtFD@QOsUvA4~u@1#9IR`2EbN`-kSaVrR8MZH7b7qQoerY;KM6|
zRS;0X0fRjZcACVXUhoi1fneNQkI%W&n}hiPsz$g_KY`lYX+la?DQvZ;s5nvbcN~c4
z#c}=udMTrm##_>t59rP)R(K~tSVM;Tmt$ZF3Hx)S0@I<2KNaR7CP5hP3{BvgndE=A
zdhKXN@i}p~gW3ZZ!k=Dm^$KxK?uk)Th_GuKZ*vnIO60#`=oRmk>d%j$@5yaL74GzB
zCT5bVP#}Vo`dzq3=8%MjY#wDXx2Dn)6KnwDYO9JwKAOIp^Al-NovsEGgVCB~r1}q-
z%#pCD(?Tl?mt>?ag>0{kyu2TbL}2y^;fdUb3JzEj9xncx&9(^J&>P#m;cdk?D2=@&
z*q@iF_f)zz+<KG~OWBtObDmoUaRw##P65G>Wmq@9DR+GFj`xqxEs7r`vkU&UB)aTq
zQ)!|Ducp6{VN#_^;^CQ*$jyb~fmM^t=dTDs-h3p`>S$~`q4S!_)GJcN=gn!D{DLb@
zSZ~t1vG$Yx$IV}y8;@;PJ&K4ZkwIH$_N)bgLqX~M2Q`DdBn#Jk$^xG&QUxia+-CUS
zAm(4bORqiYbg_%k1kmqpL5)HlaQ(`uDDW_neB3%ehv$+s>1&MQlL8S=3mq0^Q!i6D
zvgdy?YzWrZ{r!9f&t7}k^`lAzWh;7kPcMYa;KgAm9KekgjVU1XDq!A!>>T%&S09B$
zv?rW!P5`@bULiQCq##s+%$qm*BOp+Kq_^>jR#}vp%v!ql-%!d);+EdS%FQ*A{Wycl
zB+J4?)HbYxf;!mY;o*9XMGevoRx5Vl2_hM$ktm_ao!~FU(Z9r2($kn+wbqKu#SB=y
zN77hN%gz6Zi{!>{ocQ~E79TslQsdchCB|!iH~k@hhreu&z#Ip*+ynajm|XauemSd8
z7ewQz)#gR<@ycC8$DXozlLuV<b`4(R)YfDr5tPU%5{2+I|MS!?S-S7yz>v1Z9y=YT
z9jVtuzW<Pf|KX`Z(l7VDC*14hQab)$cpg&RQxmOiUj8kZrl)uAl9M0dto!>R)W=N7
z^^#Al3RV&E@$={QKm*zpG<!Fe#P{7tz9LlgzyTblCJ?cu-DjAL%U9d8<9%D5O!L2N
zY5dn)o=ei|z6a=n{y*f(dJMs}G=VsY2Y35O2nN{`bQ3`=Le+L+*=3^@w+IVE!L8J<
zi-L1D(zPDLET3?(Gk#)I<^Du5szu;=c)|~W<V+i97ZiuF=@nK5Lt8-UV9N2~MSkdU
z!V!+CBwgL9w6Owz+drnuo@UO=t+XJVa`_jz7f5$hH_g1poDMTE;l!>-9_e%ZAbc?o
z*AFZsY+o5oe!rv2VbB=V;r!r>F;ed`X^Z*5?VtP5uOUyZ3Q$O7<(t7o45~<Yc(~b~
zy5eiiVl4te<7YQ^rR@HB6V%*P9-NpYED4`(SLOVhrTzH<Mv(G)cO|3>hogOB{zHO}
zF$eA?P`#dBB7!x|JQ71f(6;<lBcO%9oV+@Zop{aO{OV-lY6cG-LT`7aC^x`1x^LC_
znp=MTIhPasX+-exc2&zYwd`L+Wu#P62AqJO<qOHL-^9X`Mg5~Mta<1_40%r6`+-Lu
zbifOljF&}K&I*e1KgkNL{fT`|#=GU=A2qRdPbUjkb^>{S((m#)v{7HHC8i1lDpt!(
z!tY(ei;ZFauUAX^?^lcM@p^l7)!FMmKR}E?O~;$(o|>rhU5%$fLGN-VO>NW&hhRVH
z1Ea(K#B1B;R#&D0=q9c)Q(6jrdXE41Dzg#eKz1FVEItEwN2I1fxX=ZW$82-nL+_`S
z#*Hi>$E7nt&_Q{JK~i$oQPNmpoyN28i_gY>bNB!2al{Cqv~!cG1h_kK+{10C4A+J;
z4i2qCR%2<b&`$t64I=BnYv?XC>J5>Sk}WTFxqoo>kg~5jhc(yKU?Ld?J@?1s2d~Gb
zF1z9Dttvbg=vZ4k59o_A_Oy)McgPQVg`PV7Z}0v)p6>F0Ui?e{%&YPRwqhZC=3BS?
zsA|X*u#l4J>_h<vf^-&6JQjL>ULH8-4|vI5!nI=&i1=vSJKc_|TLE1CRS;1jQK5W~
zx#p%&;W)6X-moj#VwrjrFNUmC7QH%QGUaCYzn;9^%eDXWZ4qIM!;$&_eM8@VE4@A!
z@cRGtagpXEDE+T<)9qYU9Qa?)w;vDO%l|9S1-Y*^3mb)s-{8MOs2t$W_+P%J3tE!@
zRizN2ke&Ts-zEQbBQ-RjwEy!<gtx(UZ?NUxq{9FD5xWQ{erdxup7TF<Z3`V)_}ss~
z0_W4t<6G_9N14CRIG2x&JHH=YAdccqTqr$<_l<t9(E5#d&ADBy7KprZW@hJoEh@(U
zL-MRY<uJV2OPe@t(6c1^&DMoV{LocwD%Rv9T@les<{P96cQV4hx4xM52wJGJu(CD&
zZTuqZYBogv&*6F7-iqH?ctCP3T^#dZzE0uq<A?zA%9|%W(Qm2W5*19~)~QqrGg0%-
zt?W;BX6r?z-4*;_p7#!eU*8uflAj-}@tB3EMWkyp5@Q^VUYeb82CZ}Fd#Kx`3FQ<)
zqZ=>Z0fZvD8XHa%#%RBWCn*F?{9l>+ytTxp1Ob`q4ua0EhAZaOM|`EDbL;%|aL@wR
zos+YezuC8~eRU`QRAuj<ss8aH^GRiKeJiPSaIbwVvF`Km@{>qD0YS5mjk>-9SYerS
zzD}n!14AN_$#fkAQ6iFB;an@n#;rT6^Tvn9?c41yMm&OCSpR5c9G~tTI!%$>z7lL`
zVP}o?SdRL>$Ntkj;L2(^UaR+SrTfaWWP4q%zfPx|Z+{iP#c1pFQpmEuET1{j_0dfa
z92F>d-#FU2k?MOTiIasRkU7MI!peX7lCbD+=vC|c=vki68m|p5EGBxV8XZJvRyz0N
zin(sOnt#oS%@16fCitdNu6YzLcigqE;UOAYOehyy>PJp(A{#H@Lq&4+?dT$m^yNmX
z@<NPhC&^BdDxBIF{+Ay-zLf1z?zpeXUOm6CbEy86Gxc)npYqX<{;#k1w=N`|00ATN
zZ;()S4f#Pfd1bvP++8Nvc2XGi@o8Izo%vjvP2Ql)YvvQBy*n?tY6n+eM!fsIdRq>U
zo<2}}2UCGmGS0-Q>!_=J%UfFFVvOw9toV`G7KK$Y%({xcr}zCd>5qS`p+T28lJzv|
zG15fxqbGb}MeG7$f)N;Aw2GFQU8ombsM}O80;80_=V(XPS2lIE0n3R=NH7bV>c?}6
zQS*E96C`w&-+O&uuxFzcBoA)AmyGwi#}>;Z%A!1+yuxNCfUU1h7{zXZh4#4bVaUDC
z?d;GIw0okdD=)iw-ILf0{1fW+U1JECzlI-6VD5>Sc^uMkO+J+->HHg481B}LRG`SI
zjYEexyQe=!%933e9$fKI?ej^JiAZXVcNAtKP2Jeb?<VNV?}mO_)PKb2-Ifuv(735@
zPS>7kl5s9Un#ndkY#m>EkMm8)swK~2HIe9)jQG9CiDcQ;r}63c4#lFzv{pFZw;8A1
zIq(lzvtIwLXLAe3w_EB66?;;a^j2(^7(IeGSu4Ui=0Q}XtabhH+b+pw8XK$wn;KHA
zvZyXDZW#raU|Ne@6-I1vv+0|c_l!a=lkg7D8(X_%OUfA#MfOqzu?1~c)`nNlducD@
z2Yg&VCb!>XEUyS>)ed}ig4{$lcu4KllH?k&$)>|RwIO2E;zP8pGa+h3^*<jqlynKq
z*068lH{Q_-+~O<z7GH(M*t=bDytTwh`$E?L<PRaY!>0M{h&0hmp*9-_3kwS;ryTNo
zU*CYvd<K%RtZ8|fsYjWgkjLJgpZi=Qkqy;Ljc>}T=yWHc-FukIA+9t3^88Wp$feT;
zS1Z0Kb{)-&373!QlF}z$xI#8O2-oasU5w~o4`^P#Hy_(!%l-24{;dtws|^A-r_U`o
z^mO!7{s$<(Xgr#(T4pi-#)xywum)cYW%JS)K29hOrY+~$a*)fem$dk<SneXvF+@Y!
z>vFep@NF&C%L%(NwD@3@2Tx-e;JcLJiQ8O!f)EP+U?_w6M8<3CqF(fF)|J=HS++!?
z+Lg$e_7%mJAGODr&!^;9iPei^Q3Ba-%-btU7NXroTRkea20PgJxW??_t3L!vl<P0*
z+{do4D%KmnS!>|B>Kf5JaIPM;=)qz2758l>zq85rZnT~oWT^UMH=8m%-s~ET6Wcmb
z4ZCI$*x9aTpA*W@*C(F&sN=>n?M}qjWyrfN*{K$MSjG%adCtJv@b)%G@KOHQmONd<
zTR%gVlkf^OA@>gvGF}ZKSGQKGRFVy+<9~Hv=E_#OA};YSN~^Y1w;L}aQU5aa#5`9W
zU;KI}@t68U65FGAgERGfRt<X#w$}!^xp(KN-(|l4=haV=TA<KvQdeE!9!qhij#}^r
zPmwY0(kBO?eEKLJ+H^ZM=MiacA_hb8XxaBMsgAmm>W6Ms?A~tpgepz%wQxi){ATrI
zQjy2*jOFtdu~`YVI?P2Lhu&#+cM<-^ji@`y(c&~I{*K}G5KmZOcq6BH>&Ymc-|?NF
z3w|F%E*Vt2Xm<q=Zj&0;FQYGU+{sF}J|5+meA>UKvBzVrQHY&*CDAvD&4;kKA{_b~
zD>DCVlZQtnrs5StoV)6n>`0;lnF7n1F8<ZS-TQ|YleKqWQTug_1`}s8XZ?9KQ;MHR
zn6-U68bLFded@Fsp}OJQxqrG+@!Pg9D|Ni$Dbu?kyuYWnfBo`$T$0_ac(uWNG4bX&
zntO-ZdWL<tU~iB4#_x38<)_PAflv0n4T=W7eu+-`yVYX(cZJK^EatD5*|U4@2a6*$
z)v=P|*+9*13v8k5eLuHVC%Gm+w{?^LqSH^LOtY~=!!)3bk%;2B>pVL5N!MuT#k=gx
z=sy>nHjS}+^_pL5J(0EZt34`B!tAe(4f|BPUfgb&;Sz3_880ZqF0D|=Pub8Z)Vv>J
z;Q2@|_X*o;&BC6QvpuhtZS=6Xmo0+-^P$G!4It>XDEq$tr~2S(zVES)PSH`8f2GPf
zingt7sWz&pkZf!B^W*xsGs8PTX(1@B6UTWih1(OYQ%Y;7sE8G*aZ5>a^9ng<tG8Eb
z#@WP#Iw^MIR`}E}GBlRno&%a3LK6zjQT^7?N1q56XIzdF7)m>N?lESC4AdGP++&Ox
z7)+8I&{=Njt757%9J$B0Bdg)e+n(NwqS+YS663^(LlRej7lAUs_Bc%>ME!K$_>Qea
z0Bc(u+GYAL>wvC-D_Jcw?Dhn<cX1l8#I(FQwY<M(9WRUak8)Wka9NhUnl!W4T#QaE
zq-itZ{^^(7^t>X#@onz&yq<Dt&V$gZX1vUe*FUhM9hG1IcpjZe6upA-dIcr=ZC*6h
zPs$~0@}*+Rhq4q8!vdn;_8n)^AHQYDj%S>h_U6PQT96S<?YG9F(U2+>tV@vecJhc|
ze5^3$%Zv4vsVWXxq><4j%5PA8l3!<%Lv!-S34@f8GLc98avqwipNvy2!N+c)vu87=
z7+=ofBeWbiM!!8f7C%#+#4`^2jyXXfR>VA1sm~!&ht_MXj7)R^5uRT6)}zwhq86Ow
z>4R^d6H5q)1uypv^!)pCpcjV~Ou$V1+gTKkn<e7*oc2WzOF>df%I;gE$=a^umjRf9
zv+5ey$Po(2EK(8S5(Ra2yrtR(i+@it0<|MM^B)R_Ac3SyK?eIzxS&u+WMpK+A{CWd
zkU<q2S29_O4#_R<2d+njx16HXWNvLmtevGq(g>2h8kRU$6jLenIneYO*$yEvkZC{8
zbSFRvOSM1743X6P_^;PS{<!RZsmf#5t6NuOj|i}&C9?TZ=n|A^4qlP0T087<oYbz+
z&92_1Y#aFCrabMT7VlZ`jyEZ9E52kat7y-tVvq5I2j`5(_}uSs{{3*G^M@0x-V;0M
z6RhZ*wdhsxp`7vFPSbx(u!yQ<;)w_ren*zevE;BPG9IX;cov=G9hQKiQ%yZo!X!QR
zZY*v*L8(lZjJa&U4TS~NO|KV9NuGns9p*HI2zoqk850l2AQ?)Pco|8n-_c$2e)vPr
znQt_2ewwJ=6GHbjdtP=l#jt);uhZc4Q;H_TX;Z_`N_lF|<>^bDo2fs=hX1LNv1o8T
zjyU$NY5GuhKVnWyPEL;R!~Da>${K)RA@h|HCL)|>5;K)R;&oKSZ8h>dKu(<!%CT>#
zyHVBBqQ~|s=E5E0Pt?SWwB7XpV{B}!;GUcMg8cUSmAs#j2@0P|skx<+PDQuW6Njlk
zeKd=YM5vRK?+R<x43GB5z50ajl0<ku)Mm<8Aw!w`Cp%FoKZV!pjG>G`;j~pc?(}Us
zWo1xJQ$$TWmZ1^<lPm?P`>v#k>oy!S`9&X;UK><tjPhk*H_C<b_AVL<KGOYjHrSQW
zguuyX8z)4zTMuJ;tkfe*`vEgwyO&Q^#aQ$F^DEg>=IZb}?=+VihC&6}Y3vbHhD$(*
z<uO2<zmJPLtx48;o8?=SWgOFKoYE;>*Qr&ItJTseo!04#I@~Qb*G)Ivy<U{-8`mja
zllwBbGfX1%=My=nCvrdOn4SEHIOD_bvE}bkv${l_8WwC(Rqat#ZAD{pYTS_;R5B`8
zZ%`N}r6GPUWonKlrI;!hU=-mN!T^~c!%Rj9%0C_~dI(C!Q2JI;dW+VG&CBrRUM8o{
zR|;v?c}h<YP!!g9bj+!ptO%E<&K=mdq+uGB|MrV6H*1jt>CIH`%rCv>n``Tc&;R~-
zR?!k;(y1{2T=%9N&M$b%k~ji$9$-uo0--7~QF>>a`S_ITb|s4QAZ_jroFt%KngG)l
z2zzr>QfVDXb=<+gSoHs(+{jI@P<;9ghlS>etu5;~lel=-b#S(&rQ~g}RE4qI?NI4^
zEP}t(qY-cx143DqlhM9Zlo%PS_or<=3lp!Q@S|t@mL;|C_?Y`~1OZzb8=3YXpTW&k
z0&S*)S>da<n|AAhMygOr<CuK%45SMP6gWaZFnY1AI~!xqVB+=!h{&_`yeuMoCrfV|
ztowj20z25al9D*!lI`TEm~C8?zEO$J8=b^;8d<O3!b>Hkui$1{9&Ymc(M7MWNG@;3
zSIv{@%?=DqqE3_#Wo`@0b@HM<F~_?@g!@Aa?+34>+>0H#lL$HdTDg<v*HpdHR8rAY
zPU!@TVYdU`KD#X>?;oAnr}DN}B~wZz)9Hg72_~Tty@pS=21`(HsOmZ`!;m$$<X}uL
zJsmYN)~`%@Sqz<qepa~xmWU(A2rWT{N!GD$p0ST~C>D$-vTLjcldL+Etg2F*^q%qR
z#*-92^b$4$Q>=4SLLav&q>I%ZS(Hi`d@FCODhDp8Fp63?NE!IPn0Y-Am7~WH*6#k6
zc(tkPPvKBRoK#Aw*;!gy+7!Z-$j316rE*V_UC$e%o_`MaBpCo8pK%c*0y4aKh7DM%
zUGtiNya{|(7_ftRDQ{-|jRAtMU%$>+zIgFKim0dn)w)&uuNpqd%B(~Iz6{bzzGgT>
z!7~x43zCn3o&*VIbY(drnkBgWx*8e*aq8;o5`@FiO%@0SGtANsRaxP#=qg+8TwWwB
zm9D#(p+Iq}t*IG)|6U5YMwb2;+BT44uRW=gl4S69UIh}|Y4y7j+X?<S)6F1dSt3%3
zLR(9B!#3#j8=rIta;7(OiBziUSZRk7%68c|;V4YX8U9EV%pQ!#ZVCB8ZEE%!$kx_d
zkP%Hai(8rY=8g32v~~q~9`lg6Kj8#O(umOAwsjUZHYs-Dchgfh7&&I#_2*a>s)(_W
z49isMkv~f`mIYxucW8E(XmgW>-qI4uuI>58>0>9p<ve_2EEaouD2U*$W)X|kd-GB`
zPYuE-0^(+2+f3=J==TG%3@ud+**^$7<ttxWl;_n*dFJ7kV;JHTJ+La5QkWW1XXa(q
zE<Z|EGDesxUP$QcO^}3>jPUE-Wg@M}(L+9QeJxc~6<0?jlt^06M*W_xrdUK<r}Xmf
z<6D0V<3GR9=1ET&N!E*24~b+gP%*g|r&*<0gCex_P3y3BAPfD07;_8{x~eVz+n*Ui
ztCc%(4tCkveVl~B!&i|i-}mNS##8hdcl3+qUA<U%CT9dDOTXwHe$8>c5p`-X;bA8z
zlO`npp&^#1Hl}>*?c=2blSjqTpQ_T`jc3Qd6F;haI#%&?_tW59eUu}wVEtfs4Z5nL
z0$)>P<(DM-9WwnPj=uf}ouS4?kJ?W&@Ug5;urLXWNwof+vORh9SMdIu5`(5`tESo(
zK9`oKh%|@qY37I|JF`@65A~EzV<Wt+hj{3P%40!HzUTH2W%7T8s(RQh_Gf$=lw><r
zFi$tzPO|!(hRy4Ww8D>0gOQ7+6($&OJ~dSz5_g18@_4o?aut=gNjXVRF1@vA?$;Q%
ziwd8+>Vuls<#aLk!qFG{Pw<C7GE3_IwoIs%CQ35frLwkqwf-i4RV=-?z2QvhNuhZY
zHZ|uHU5zJ|ta>3Cr1pBHryT{SZV1yo!X(W*ZqIt}V0h3h$F_t;1^xSzk3Ebkg_($T
zGGqUFo&H%2zGkT#5Q?wKxe)Sj3c3v-$1f}|cfckeShO;JZcZeJ>PbmSn_s@f+bZmY
z(7UAyi{tnU&Jb!EyQ<O!Dl-N?H#0K>wg9a1GT=1aVO&&54wrb4mX#DDcz{f7hh|PI
zW3I1H;Uf2|qT*iUjm;T078Y7-3aM}<RbiV`;HG|?EuMrOor@y%ExyR6?p&DnU(@P=
zJxzqXFL{e{#`cCtE(RZJ*6|5Vh8zzO7NJod5-D>wzL#G&Mq_uFfsDL5QR*-U91tpk
z-Eb!^1!dg$aD$eLL$7;daqsaNxQllQ{4;L&@u4!9jFELj3JD1%Spp*yxZ!7i{{|gF
zekA<0<p+jo!gvehc4-+42<ehh2yhS8DQrSFWn`6d<21Xm|K!pk*$~i?<FQK?3v2rj
zl`symqeUx)$T<@|X5mMR#yk6guzqnAgSz!3LusIxg8*T~=Gj6r;QD%gGH`iUn<efm
zP3V_E85>PjF|oqSqiH63VV0+P@nJaa;YJG5-v~PWOM8%ADp=xFYq}Et(6O^x%sANU
ztCmu^7h>xev5CY#X68z*KjeM<Dgd!A?S+M%U%Xhy_Tj2v=>1im^l`b&d5uPE<cM})
zkaA@L&*Rd4!!$~-kPOT6#Rpw^za2d0-8vXu+Bsa*9=NIsxT{pJ$61+Y+c~77NNxJb
z4xZTZQ|(cFD*EuN<Lc{_)YByl@2_5i^Q3a~XQ553jmyOLkWYOW&hHwYsJC3YzMs>i
z9AA+A8UMa}i|!C>d6TpO$G3jU8+o|iVILY>8FmOAtlZ`OBr0-cHSa875Je?@a=JMs
zsr9!Y1Aj!AehWv)zbvlQ(VU~*GcMgXPkn~xLqF@vN2U$JLdAOwbSiz4rN34-zO@f_
z>`<Ey37<QrK5VSaXY`d;aoC%CG0ykA-PBsWGxta|E`C;&xHy_JX3DE9o#E_O&lwLC
zkaZr5H%7CZ^+m?F;!7RThx<A4v}bwht6si%RLpn(iG<d#N`%VyM7!1kI@Jwjxc1Nd
z1m4Txml73g6Q{ONe%)G%KJ0W=J9aLuQE+MQUXiVuVfjKyaVsM*xkRrsloX2#P5jUq
z`P1v2k!GT{z0ZTe5AmJs{^<}j(BR4n9zlJ%!@utwUoK_cmYk9Ttkh54-DV(_!NS72
zyu1WX*d;`e0L=naHpuL8%fj2#$*D?(pZ(p!8LN-y>1K|OjtE)*J<8#-K*%?`ks=?e
z5OyQ`R%jJZ01?;CiPAed$}@qTQ9yu<HC#Jfya_Wjxr;i4z#PdYBu$<8v%f)!atvu^
zlsv|E6YQvfGc!68fK~b9PMLcDz(65TU8c|xUS3|GV=?`E8E<<z5+M6EVAc-!RE}*P
z<;etZrqCZup=v5ADJiJ-+Y07bWZn#y_<)?5jYDW2c<+7X_qIGtmwXcmZ8o(Hlyr81
zC-(MHbe-<sZbi~%vYF2*U@4TITTo~YH;3SBqS8IWEl>~kPw+pHN|Il2*`^Z}6{V&9
z4EwIM?SOy)MMcFq{)X~5x8t^IbBtnivB^o(<>;Q4VY`QXUN`XgbN{btEOcSfsdlJj
ziALu}_*!56NmODYG$$-bD>?!dO=ZIKxn{Mw-6<G}u<`;(X!SJ$${L~{E9i$9(UwMz
ze5k`d*LaT>UtpOrqv@_M#Gc4Yl^c?@dp@dP8cnKOgP@mHjL^;<RKXZY&r>N%FwY_@
z*LQM}4LxN{rCib~#YSN*J32EB`J(c;=!vCWXbsiVyT=WB1Jq@DRSBe|_hp5j-ga7j
zw%sr>{3Fd`%6%k9A!5ncH`Psai!VZ}te;1gR_4;fVjG3W+#WxsdY#mIGvUc+BQr!<
zO4=5=SK+sptMf-~rCVO3-S?-bM3vWCySocNPE|@Ek~nIWlRq+kTVkeM!upwOfbU`V
zY2dd0(EN)>0yWAr&1#i9>Fl-Rae`Kqf`wRXWz}-tF(V%o*XX7{@=#lBdJc69=}!vD
zA`<9blu3toV)|KEEv8l|scXGoNP0J2qR)3Gh^-E$EZ8riy%7%15SCB(VpRTa&eViu
z#XzmJTrc76r2nTX9leS|uF7_hlXb9aL~g<Z&zM@;J0>EQE{ud>%R#yrBUDugJ!TO-
zM*mL?1v<X%c23sCiows{D#p2C<f2P95$*;3yuJNrG4b}10rnZ4%53qcjjsY2RXwsL
z{3v3!)Fw*hs(6@h6)#1Lc`zyOJCm9fMpl#K>@o7DYX(`Glo5P&?9BLQo{}Z-e{Qp*
zlss)89s*bCZTOPEJDPY1*0$2ZUc!)WU;+d;u*K-ZP8$7ETU)E3qNEfV6~#^xpgi|T
zQ8B>1<fwkz#DpP=m=GKJu#)laU3nQ93rkBn{3ZdXWt)#R>*r@jgp(s9ST}ESv9See
zx5%^$W86AM3d!L#P7r6}=O-P{Re_uzA0H9B_*9I;q5l4EGbU?dArEylQc$p4SXo(F
zSmfvdC$*xoawJw75r8F?15#hpS7(-PZhU8^{{8(jZi$h(oTn204Gnzn(TI)mgx{xX
z|9K&nKA|0zgw8W8jVi%bLh`m$#4Ti(rTWMu7h6Vl%|(ClOK=P=4yoc@^$gX*VQ7Bd
zPfRd(5lLw7B!$uuFF&=kjERW>Ml)V0($42lHWqYzf*Z@*$b55BXUE5G4KYS@f%};8
zA(8<l>Rg;W*d?m2d9ClIW0iNsJk1{iy0+Q`;uug?z#A5*mSh|T!5^eZv24&tX>c5|
zVsx>{Nm~sH%_vKiLeE5xo9nZe#zk)V&?MfJ*Q^XvuC$0Wijz7$B-Sd~WV4iYClZ^z
zG*ZyYWopDNHa%#)*&4_iH9A_;7!m7;6+Di1J9zu?z<eY%rY7sArK>)xRAF96orADu
z*?aBYoi@}vTwEVE3$&9~hlHP$p)jSeXgy6PW&5I6T!%=Ae5lx3_~j$#+~YKY3)!!!
zvLF3O*qF)QzU-YclhF?BDpwykB&}#jD;@6pRkUG1yzrE$+McL-i756V(eHMm1&avf
zynZ1KOydN`D#fceQ%tK<97^UMkJm2p`VU+B>4v9--c1k`_Op$9Ds=S!s_Xv|-T$Rx
zHLk>915Sr4;{ytQ`DCSzI>wj?qA<OPrxgLuRUS3Bc*A%@r&;A~{x{q<`^^^^Z+~_0
zGIEv@g)u@|h<KQxoYazA?7>(y{O%~#^UD;I$s~``<U!N^JB~jN9s50}sB|)U-+qJ=
z&%R!Mrsz$5-~HgiQ);uA_?Z9&sguJ+d%=*4blB}*auQ_(5ngdUQ*IH4k^Q2wn7MY>
z<1*A60f=9;S${Kk=`vDU26geK37b_S44e9YW%V-|BNCWhI@w)7+rp&qogUBF96CP6
z7d?A1%2zhKH;7Z!MT@y33_JQoCAZCz3GT?~B&#c{k!Si*W4kT%^D7-YXCAcPJzutt
z*Q_+-T_5#8ObUimbFNcxqOoh&C%k{gih^ijlz3^3=hj@fMDO(Ff4LeJx31@)y`n~s
z$$KZ>i1}WJ6N3UV1DblSgTmrsNb7Zj#+-?XX?1nAs;UY^C>cP|-k#3)_4Nh*=%(u#
z$d`dBu?VK*&_4lxCShIS=S??BjO#@*3;}$BEon16GefitY{-xbe}8}Iu|S8g4t%q0
ze)|+qe1RU~Ix6@cBJ`Re?&#nEH0Tc?Hv#H2EusHg7!a%gYZUlju&BTGQwx7h4aV=j
zpePZ)JY|r9SYRHn99p*C;NW0WzYEewxa8d3qoX)0kWeLr&?e-VA;@F&UI3?R&@(?^
zWJFCJ24(W=%*+)aSw<{@9-mny4F(-%mX?hmh>niNJ*FI^!`d|`LNZIv$iTkHxrIeb
zn(Zr%>hBG844e7q&!6-2^I+0UzxNpIw}D7By$oWC+&D0@moy8<UYxSbumdbEC9O^p
zO!L5j+)b*p{`Axnmp~I8{2veqU}_VvQ0#1OB#u~+n+`7n-4HryDls4Ocu1w@6%-^7
z%q6oCc<|sBbkPNnTImcz%s8q9iNq;%k|+~1-ne$`KD;~T>fC(5pcv$SP0oX|TPC7B
z(uWzh4@6#u!rb>jG2|f@5f!D|ZE@M)-Z?rvR5&9*`a*+)7(6ILPNeLM5i+T;>eIbC
z2>FG0+Ki2MGgayIixgdd_xtw}*d)>bc87kE_m2J93J$8y5Vg3c#z+<WoV<Nf@77a_
z=qL6^U03@`pDxPNz3x6u<SP8StTf5aK7+}%Cy9g^x>6pz`sHuAgKz?Gp%n7~q2Zur
zp0b(~&Y^gG1?o4HTAflOPdz1OS*M(5%U{<f?#iX=e#yyaOX%XGU!ztC=;_lp9oKdx
z(9vrJ==||PSHf?{7xOOr4_vY0TZWWG5R6$oM6oszh6O3h`IjCfd0VG1FLJjGIZk|^
zj?obdJX7ovw`*UUZH~IX-=XvTd&tdO#^pRG(fy;%gC!Ob(r^3eG|p>#mxv~ZDH#ys
za{Ux-Xo}yflpK5+zmol;s#c`BVB!qut;Y6VPQh(uaFMs(2;poW!0fW!CMvw3kTH@X
zjm=f?UEuazAc!zb>lc;!yn!D{&`U>1WZfm4FU8bU{5o?IciC8EG5gU?bMb0Ld(nqw
zRYS57zgVCCwjT@%oMIh`(~Gcv+t03Q^NB%qQdDkD^!*ebs-ryidym*xMd}2sk_gop
zw%w3@`)F^@o<ZuKK_}$Fs)b$L&P6}*+dk>OC-!ekhupD9P;6IZ(h0q3UH^`(|FB~?
zG*Toujft?gz>Csaixz&)ucbFIpyWW8R;}41TOQB;0sBB!Ry{o-x%{7&bfYy;g*KQw
z9kjPr)SSZ{$x5IlxlUu2mzSU2klh{uNsS>OWO8y$c4rXggocKKj${P{HK0ODht@PX
znIAIHfm%rqa`>iq@7@&_egUd@cfFKPDuFS90a1XAO@V3GE0%iTb;2pR0Erd+5pv#e
zd_ci}4g$zrEQ@QMB-jmHfTRwAK+sCt*|8~I^KDH`Oz`pXL6*9++<FAZxLf@G{UeZB
zN~{B0=K9B+qWlh~=V}Rmt)SR|h9uY%`1p6PRH5b71m){2s8xYE^iWtB#E&?}auk}p
zZKXKKz#ii?ZtLEa^#MY_wiqfVgo6cuhyIIi^N!%S2i50zfB$;O1lO*H1Gr-_Gcyz1
zyr36Y15zg45&VvH-1;BX`K6FD&LIy?-4_Hb>IzVpz*-}~;Nak3>gdh0PAn%7!2wnN
zJEY0P1_*lmq!JBwhj1wTJHib>OTQC<3nh1{-Gi&hSWYgqxOgko^c9wn#^}VvwOt2{
z(<CJ&=Z-<enaern>h9jy)D*h9>a~>##yynzSftlk!EJjnXsD<Sb{}^8Zi@HEU9h1H
zOhJW~x7FhrSc2!(=5F5*9_oGaJ>n3wl_GwZB9GWmuyD<kBrbb`FbwtebALf4{Cjrx
z#15!zql1Ij;nv%%yLmX;#)6MU@cUnHJPy(v;bSX`!&)1lsNLNqn^%s-!2TO9#p<)4
zd2ZDE(C-jCMCtTis<Tcd;yGO};&e-Ur0?<KyAatdTI*N8aqc=TirZaGP+&~ruhqQV
zy}ZvJV>C9xsrxlj{6gUsO~R(4)O)lp^;{!;I_rh%A~mX7%h{Q7%g>xvSfr2H8a0^`
zYeoNpqtd-L?_XJQdg(zi3ZGNe<{nkP#JSCPajO75s#;~dF4<wJ@sL^P<?fO(uS?|A
z^VbW{V-r2YFYgGr{+7XZ!tB2y%MGwMd-RvsIAz5ket7V7d9RLFXXcxQX#1&f3{Rsd
z=ZlpW*5)MNYWQcmH#~@|St5)bD%V>B^N09V5Y$$@n@u~P)up%W`QQ59#>IBvzkAeY
zieNhN+iqQ+`i&Xif{NqByujjn^T3N~OD{sJp`T6(ff<=1IAoJOSw<;G(JGtP5<<u4
z{O)2HgCyXqio8rvYiWCR?aB^~Zh?b>6;5E<Xx4Jfb7^bTn#G=qmArQJ6Ea48G4!83
zM5)}OlX{|)o()c)sh@qnW!lF-KgUm5z~#9(<vms(O7K{@nQ3C3Xp2B}OG3K%cB9CR
zM^s#IK4$ybhwl}9b5MTp*Tu`uSB)k@**}LS)wxG>i%obZc(0o7utl8~w|_%^ODH%{
zXK&6qqQdr7*^lA-3%ntXMtSNu&xC`tU0>I91h1ha<A|HG>GFmsG5CmTy-f5(ze%=Y
z>1?=3%?T&;`V%ws?^43{vZY~<>e9EPpqa!HAyA1V0~wqva1}wi9%#L&@92T+0-%ZI
zm6h4qSq)cciosE+s=ofdSCl`vTYz(dGYDKa-(%t7!FRr?zCORY>Bi>cfH8j~P7I6)
z8L2No`pV6O+nS`s>&OZc=fqAw2f@rN;uosC3PjH=R2pKm-xm?_0fyfc=FF4m>tI&k
z<pjmS)=%97+=<4=#_*{{6r32izr$$(J=#tyN0NT~3rEnXPBXaegS83#wo(F#2?=pH
zUu_VX9;-WGt1DWsv)G5W{udbVQ1Sfzkuc{$$8;Q{9guZ-JgWu|;TY(ghoH2V{M_H)
z5A_HP0iFS`6AcZGyayI1;K!5C?Tw5lF&USBn!oT_9E1zrLj+2Y5~l|%koc^`#3QiG
zm@m<IdaV(yhWwo2ot>Qsa~5$B^+U~iE8;~|NlV5McnN*Y^%~|5Xe)8rLftl{woE}q
z418s03S#0Q!G1Z^RG4c3Bmjb?KG5!=uEqt*Y54yMC&4@d;ZZfPE|Z>vI16w`9TaGo
zLc|gH0PlQrYb)&DXOIP?aXjlhV=m||bjq7qMw$u%sfAP+H8nN(Fd!QipkiQL3orrB
zr9C(~IU&yg<(#B)3BIi8t$$Swr4c^6q9ptGa}NEx%Hxh-GjZP&ix?f_rW*K!Ds%eS
zn&jT1Hm2`Va+mreez(UsNF2MT6}=}3A#Fiwqst*;{^CCKianx(b@V~@e(drW-;EN}
z&BZtIi?Uw|HPP7OaU;e3ybpMS`O}AzMk?-w)!y&1jbYH?FnYQ3Bz@jPdt#1B<-|YP
zoUrQQ^TIb<$B6=3aV8;HgjnYZihA;Pti-ED_efub#X#g_D(9#r0;k~PTJ1}xL#~&T
zFLdu<JbMa<X~B~rm63R>eK3YqE=Do*WF!<H7Cat=SJ}ahRP?KjVn3S1e%^ZOr?9B$
zH$TVv`No?90SuW3FW!kDe9mn7p9{qst_>9D+IN)7&KR166#d*G3WGL0ywkC!voJgU
z%ZJ|`QeEj;wY0(d4wgkt3y;1#&HsuNaBgu##52}LR;;HvIb>Ve`0ARcv+#5Usju-W
zt_d#=GY?EXC{(hscw=FA+uDxIuup7$m~(zgOlOT#j`r_x2IsW*t%co(f4ZJ{czr~E
z!S<%L;+^hRG2Xb*<Ye3M1DV>(@~GX9r`tDA`??QP`bEZu#iobF7C&+phB`*3KXQdh
zqVRk~ug8I7;=pkkUB-h3<uYoeiVdduTB0}PzDqXJ?Fz(y_cLBJ+bynD*l(HUUwLha
z-KEsa&R*|}`C4a!qqXXC!qa$Dz%Bf~n*ujc7qiv(B(v{H;RG&9XZDy%-ZR_hM^oJg
zRh_ddl$;v;<7&;fy#~3YJq7DjV(!RA+`d0wFL&;Rde5#^PR|9qNCQiZ{pUX`NherI
zuG?>{2PPrC6UOMCc*Ff9FgN!JOu@l-Z3@5#fPFye5ANSjG*L7JA4jm20so&sL1EZf
zKDD*IPSWTLyZQ3v%RTTVf)=|31o`rMk!CMJ4g@X74-ywR76}OnKnT9}Dbdl<+0Ob{
zgjA|cNkRf16!`#Saz_cInG<1q*$Dc*iHR67hLAP|`PysykG0Ns*P+GuJ8<ZsDftDX
z{cv*vtm{7mYSX)p4yZ~udSLGV9JF7c#{^|{ZcU9d<gZ=#G(w-ZGdrWBqajWQh~05Z
z_@ZdUhZ1y7j*hSKudVz5S0Jl}%U6Ow_I2EQKpSv{LsrjDPwyEveTNN#DL5~|4(m-2
z-EmL?%M>i=0M`W4appQ7<GZLN!EGNj0xCT4nTYx+VGNE%PT+Esl%AIM5d@C#V5AaR
za3wlmeJg!e0Sh00a2t9Mf<szmfj}1*7nY6P-AKXU;?NQ@0DX$8s&ee=WOE9ycmjih
zZuEyoMoLxtU7lGx$3#bujgCge#GnhfQ5A`g3)ciH#N{?L97AgYQszGJ4~fJ7l6V3J
z6G%)s55t3Q3oADg1onZinW%`!+sw?nk1~RV{7XT8&34>7J?#Qd9qM7<CI#emR#$Ve
z<=OX^B3zIJVsr`Y)-lfb?9$7O2IMOL<cEC7OKkp``h*$U;Sk{X(4VK|ZR-=#&}lN5
zFeULMYoFgcCzcwo4_0CpE~$x;)T6PXCLEJbrd5-$sar@BTEaIC@MOwU!zLUv`_3<;
zM}4zaHr$1zM3v?3a1vc)9pB)@-CM%rADf)_UaKVU7m%~)`VjKU>7?|0Z2A`eZjeLt
z&IOW4Ik#l~aRNQ6|5&mj+Y6cRqc~WkftuWyvfJgMq$T<hn$E8AVaf-?eUFc`#<M=*
zr$!se+)O=Mp^VvK#<v|jDV2M{3d2fW?FCLm=B0cE*>VS~b#8Q~lC}61(aJJiZ^cpi
zVAI{fw=8Y6ma6TuYc--rxl2DN-#Min<E0!QCLVV<OzkN-ek*q$pIrFqfw-|1we~1_
zpVLbEChtbpUEIGWKBEjpMNi#~tN9{iRUF$lh3B!XQZ)F{L(_3FA5ak333JyKd8s@)
zV!3~$a6gLsew10f)YupUDkZst6}64stNhRby!-&k&>PPv(@X^#_DdbV8TKu==Z+_T
zx`=r#LMwjdzj!ZN;Ox~GGAFW6F>Pn*<!Tq5ch?%)mOp;ckzRUZb>n;t{qzk!CigcQ
z1?_TE^~zU0Ru{eF6$y5F#d9^ChJ9aEA1y8MJNB_wJRwCbvnAA-rOzv}43`Ku3?)y;
zAUF6!p>Hfui_6`JU1@p8Xy`=lMteD4#pJ@S$5h2amay-Ms@PD>>Qm7z#s@D>sx4_O
zzsFf1V2PM!)W`Z^PH13G2rsv`&$vJrXHSPBeoGk^5S#0~xAn&R3U#y(oCAWB$Ny^!
zeoX^p6d(L{fU67SFiWnHI6CRwh3dVZKRY2O7_fGhxStpY$7^g_qXwI4@I4AMS+8qp
zY01g?90guZpM!3K#N+GswvDCbuW^Ajuy=d{h2Yp?7KR8=6yla(6af2xTr#-t&6Y~F
zATaKaEl7+(lO$Q2mq+jCcLj$zQ2ZB&HwoTBmAL>F!thJi!%ampvQ%hEmX?;_@NIc}
zdr#eqfQAI;;lqc+ikC?cH}}Bd<36-kva{e4MZs+*0e*hhLTP5#=g+&YF8@Ngn!ekt
zPF}>3)(p~WpqICi-6y2e3D2JvSoH+22g;K0UK@N;OWsB3f0&3A!GjHeg>v?>6wUN3
zDDHCU|9k|y8y4(46ySn&4X2d#rs#IkPup8tKa^@=Jd&nMNl5`E@i{oVIXF7rKtY-E
z-Iw_$gy0g%qn9fK;SPY8$5vKfA>G-a*~xcf5br(Our(R9onNSg-7sCkmG0M7R5*aH
zn1Ekcm{K^bff3h|F8Bo0=yF|TSUh52-7z<(-Os?lFl}#bZ5>Tn8;IVGVJzLg&5%Sz
zO^we%7j>N*&hQ)R@HVq;8nr||LqDiXU`_%q0Wy1GdHYcG!0{<kKg>-@<~OV)!!E_v
zye1BM1F+~t1ejXv3a}r%u+(E8<+qmNt?@8p4B23*<CYJm;Y?x=HYL?&3HFEzzL_ch
zyoBJ6WtlY=n*LNC%3(?ED?NQ=b}ow<-l8cM{;|7!D_-Z3$rwH^4xBo537YyEts=$~
z2+Of6lbzQUbxX1i7hYGQuhzTnS_~xDVnnaR*J<-VeEHCJuko{QC!HY|#;VV7jcNk<
z5^<8_!>7MDIXZQJ*6~}LH~nSYJ5a-WHH`T3o%87%uC*WHP8+#77<%QkvhTO08vP7L
zboS!Lw*s9ClSv{_KId>IO6o{zY1#_8=`(Z5%V*_;Z4qGOi#IBHt}8pcl422-;NB<*
zK#5Y;lfCtH=^UF<pQg-y>)AFDtIzcESxo2bT3$hyEP71rUEi>Nwp8yE4;9CtwR%z8
zT9#8g3PX>mA8O`H`FhIL&tE&9yxQzovRZMZ;eY-qWo~$9U*2hJjaz))#je*s`R2P9
z<ze5;Y($sapX_}Yr)oZa<K=RBhSH_k#1p-Ek#aJ7-p<d#nXZTN;kQz`EzR$pIFkHq
zwS{`Y50)l@e^(=?@1~CnFUnU*TD?>A+ddz{sJi>(K_Tv^Y=Q62iVOM&&-AmZ1wN0x
zY1;BLApgA*U85GZyxqK;`)zeb%pM^;@lJous{P6DN4}{8lfSLWMi&vcD>jb(t@^lp
zMc1uT^=luAa;9H2<WG0!{|G(9Urc*wr5i95dffTE*Y9+oYolRGU@W$QisF2u<NQ`v
z(uX>=O4~cnY}T)S1Qxtna@}pueD?W8(T{U~PUSv>7`)wf`UNNDCr=mZf1y)f**TbX
zJ&vHppf+$&-0S2uK0GRA4$6D|_s;$MYl|*1*%x2+ntynRz9{0vwz$2KK3;^9h}?C1
zac%y2I9bCFx1lN4#bKtA;j^k*`?{PL#Sb4#<H|G=`gAf9iWu=Uj!ibuxSx2ZY_AhJ
z@uoGCs&LGf1RDlpAL%iOIhA@L?suu7te87*A^xv64kkj>)SS)?tvJ}&*M?}vU@=KT
zL?qRj_TCY;sQ@7ULQ4hH4RTQ`m;!x(^MCvH?c>>ng@v`XD;OJHdvqx%&_2@uhrR}Y
zH$pbZ?~pJWlHa_!O-?Qd7R;dWhbq`JG=x!^(+mal63j1lR)qIsqoV9*i^c(%L7%r!
zZ3-T>qu1LSXpq2l(WuEGJtATRww65{z#)Sz33MM&kzp|emNKU>6ai(~9RdR9lkfU`
zufGm&pl^IwUS9t2fz)7tsm!c|Rt-v5yZg74#6*T<r5;oX&VoR4sEc0TDx1{{!EF*G
z=n}&2j-V%m3cRy3TMSe2Hv0umo9@X;E{Ib14Q`EA-e2zUy8r3NT9^2-+}=e1oo!=Y
z9!hR;@!iN=d0?rklgNZn5)%_omu_xu0z%W**Owe&#M%tz21LluR}XGJU}Jhm$TheP
z*J;xXR!6=2z>A8cRvR51We`sd3zG+7d0l;dd`RRb{^-~kqx_qwC>*|9G&DCu02k&&
z3=a<jt2Ou<G6u^CM@qUz<7=uTtw>h)M2dK`sED@;Lf;2?O8Q4!`kVqaXLy)0ZY1>B
zNkTSLw2-_Q5b;_vUEHs;z5QX`)I8i}FwZMJT6XDBrM;Q@_A$%HG*TW8jt6hC9&tPk
zd=@2QM7e1$JRE`%{vK7FywxBpQ)b~qJ)u?8z5|JYOkbTjvv0RWtBM9LU47x$L$;xl
zh4EPr;}{NNu{kEPbJt$oHlG<b<_ht3Ve8Sd#DLl6tT$~31sikx-zL$XT)itdC)+q=
zekLgFcyzG1G~qeE!s}7JwimHWGT1?!l+xu;m)7EPRJe(T5%~3c2aiS1w0kkJd6a%#
z^!N&)nV8*0>k`u<LbrSVr97@lo!`&PZ^R4Pw`-k$_pmn~6$Dx<dKPPzs*hTdeks%w
zLfp>YenyHXBGBurM1Jo{5SfWK$>9IT)>}qZ)pqUQNOws~cc+rl-Hmj&ba!_*qO>$f
zsibt5bcuAgbi;e%bwAH_|Hu3I#UV1-o4w98*No%%O;kuBj810{akGyqQVbpq6$(=|
zNbC-g*na9@GPHJIFXa%$&!_I3U?n}umN!_~O}5m1wDk%H?(m(20i7|$RYAN!g5x9E
zCnx&tFE65(>-FAjNtvUY94)*YX=1W7t?#l`y=C{WBTE@+8+KbV=OdpRyC5^*VcKW&
zTL`2ziwGi;HeZj!;y$MJ89fZkyLqD;-te)mo+>Ne@5s~kUV5Zgv#vdd>D)rL^6RSi
z=CL;60c(f*E{Yp#@PpS$M=iufhAyYEfpWQ#|I}gqqM77Go=qK9+(^qH&Tm7Vq`7=j
z@v6esW1a)Ixy)}2!J({mZxUm<RmL1IN3>?=PDw8_?&e|n>)Z&vZ7<a8IATV4FCE5v
zlK9yU4t(qA1HKdbxU{c*xJVp6L-+2Y8lPI5@z$@GFi>WZH#AUay+8RQy3S(396!N`
zXt>`w|AE3Y$NTV*gT+N2eF39O<F~Q%!w?r`4T<?8+pc>>UYFnYqI><4k*r;R+D%QW
z@WC7uY@%0{l+DTk(9&A1WWtwK92P63u6i$>7l)TGQlPz~GcWz~+X6=FGtQFfY^7VQ
zb|HrT)02*n>#*N{)rOd0CVl<Oqagx&KtBEqAe1&iw-_J=2t4KB)sXeTic)dVZ&J+U
z7T!%51PTn$w79vs**KecK~2&4mY$xzKb9O<P?*Xbkx8a-0{kzi@4P_P(bLn@+S&>l
z(E!<K2fP4QtP~WVL9GbtNJRw&HwOnxfR{NJn)U}xYtZNh^cpBRC1N>{>*O)~VPRx^
z>%1igdP~n)1y1Q(JP~Bm!h(X_V8F^nL`D|l9f&D<##9RU-U>}`L|`x=K;mL!qu{Zw
z0CrPI37EbW6%~OV4tX6IJpm@mG-$=prx&B<AFmu793XEp>NR}>sDlrPQ#h$FNYR)(
z4ndj7<8xiDWDvs4_2$iY&>RbfMG3MSkcPf{1~`IUyi8uJhlh(GO$42Of;W%_@`{Sb
zpvmsO?Cbt;>uOuJ6VZ(~KQ|Z91vu0o@-~|d;l$8M6B7_1)&Z>=*;I5`F5C_$$i*6g
zoCcubTGG?snVVBzH09<(z>HB4f*cPrHv@1olyNqHEi9Nk8ZNCTU90xdwSrjcAX*%T
zN@Q(o`{h*!C`rA&yo}NFUf-Gu@bL2Jv%u5H8=)fQc#t%*7iC;Dy<ByV7T-=>F~fAj
zJb^?Ck(SL+qkj9j;Fgc_hxc_%2#iEd1`GB*=cZh6xerV^EvCQhNvE&XXroTk=+f&e
zpY~cLf173(tKzFoZzs1mwPRMpW%>$j#7&uaDFx6YTJAsnHcn;p&`fIQFXm2P&Q9dl
zYO1{8!%Z>cu|6r{$it_1<B*TM4lp`Xgf1|Ur9D%m&8c0Bn4Ln|wp(h}>7F@i6R^HS
zO^IhT_J&IGn|HB$9M{2Boon>C`MoF*Y+(m4?-xM@JuO}6WFuTSfw<bkuxf<uQV<23
zO@YuwcKf}+dbMx2o8|yZ1l|>!4d0IEQ&oD)d*5Hf0%~g?NlzLW92-?f!Y^FP4yvz5
z)p`Q+Kht<N5NIE`>b*Kt?IzR+`G#NX{_Zv3rx9Lx?)!|%U!^qcEzTKtMGLX8m3wdY
z_r{xToVmYhCXM~xuUI_&0EKWMguKtQyV3_$9J`25NNa|~l3GXXdO5^4`)ck%xsU8y
z+<O(<@ct$oi|~U~q7j@-rNu1?w@hNoM)uO<{E{?L1(p+wZQ@!ZZw|i?F0Jb+&I`u#
zg_v94-(2ZMXLVf`O0c@UO}@}UpZA&)2CEI03T;~LtvKR?4|}t+*OR>|KQ-FM-gLe<
z2zM+-TQb{rp1;#*)<JE0y@|}1J{oq!WX*r-Q#_E4b4x3N&zCtY@J*NBq0S&TXyiwy
z^?9Ss+~K)ouur;V?Iio<VL@~bnqUJ(>_eWhb7ghqq#b9?{FvXt$u!s8su-uk<(I0r
zR~K66cPEgXli|~x%Tvw+7enlIR8bcho)^U@e%bpfioZ>^qqNd_1in|G&A6a&xky7M
zCP$wmmsQ*ks+nD9bMc=#Xl2@Q-M+qZaCG?R&kvt}Y$ykXv+Z3lLb_g%5d}Hij`=k;
zC*bxRd(AwK<3z`tJOI`_Fegd@@^9QwP!Qx?Xv8y_11yCF^9*Zq^P-%bWl+3{ii$?Q
z+S@ZtlPPS7iHOjwx6@NnLO<vSA;uT1Ft@A$%@Z(g2W;jXb~71AM>Yb;v3<b&0@a>`
zxHt+ScQqj50%R8g64C+~`hXEM!E4KE!1$~l85+6+NbqKtT@lnbJN$xz%QG`|px^>o
z5E3e?giZn?zX)?R=%c&*0VO9d*k!bFesy&W(w@LTVUUC<VZe;h1t1150J7m9Fs&;D
zp{TGh52vXO5a&veW>`O3f`A0-HcU)RQo-J5Rth>)V+j(^Ga?gYbYS*od@V)h)JTXC
zAunH0TpS!38#@A4kdp!^Bo}BQukY_8h2|FTw5F%y5|DG@d=Nqau`D#(+1VMq%~(hf
z@`7aSe>VgMw%b5G0e0ZU;Q~Mook+z*M)LUHeoIZoR)h8&vjYksF-XwWkD!Kxf&%=n
zxe{fHYH=f}IBHT(mpB|Y=p5fm{IbtDp7TylPR}DT$o|e@LRQ1}=LVe?1~Ku``Z~w^
z8AjdKiy0lj3MzOLK#!$zH7@V&?v9I#i-v|a6}nejTMJD3K>v;wxcK|`*bGQgm9svs
zd&CC3&|pm^d=;wA9gV6(G(F{Zm>6N&&6b9E@_q~`SYhAG(R(!%bk62N7Y|00R%Ga&
z&|pP}gf|w*XcQRtV9Ujc`=!^s#5dEkus`CoU$8k|X|(W}@i6$cb(l<LHg08edJpxv
z$hO%x9lJDC(d>}dal!6S(%0GAsMnC?4R?&R!mig>8&(Vo=Z>FhT(%3(5pg`~fBOyR
zk2}}*ZjUqgAM71w3Mao~T6Pm)ODAgbxSK7!L)D8^pfxe^;}h_h&vT9(#Ohs}wkfvP
zZX^4O_CTzgk7<@RP~&dM$E;B{_&T5CPiWG$S32Z+2NoW|Dj8ql%4JZ~X$E;#jr?rk
zv1Sg}_xOYcYT36FRF&>!H`Un+sYEzW8D-o`F6WeJvv+lHdhaA}v1$|fFqe;73|D^0
z-mT9!L5Sb2@<|@X2)L!AEMU%i9wgpuBe9rsgk!Io3sxoGSAR2lx&Z0bU0U_7Wb)EJ
zf8kvL)U3>WL`x~GAT!%xbA8d~G0Jc9_l?vUJfZa&SgmwnwsA&8evP(MX5}ZNulCQi
zuIese!%^6_5$9sgK58#&ymHqkw-RjW`^`{%HaAgTk#S~J#Z)s(Kj*}z-@Gu)0%xy_
zn?L9D$(QfG`;%`vkSVzf<jhwgR$i=EY@xodhx>Y_b&&PqlYb_T8)@{H2t!v!wCUP8
zsvAe6be?yLrZvItbCOUv9~F6s=q%1yYMNT&+iV@{O1B$(xKb^mw9d%jK6)N$y{deh
zKB_yj_~mZ$mlr=y%v^>;VZaDKgKzo1byrof55H;Gql+79^7kwcr-R6pGniplTZh=X
zN$WbTU%zix=mmQUF)t@8&dhOihIQ={y=Avo$^SQCwK#zJTq(wyTg)BSzcEYg1u$yu
zx>TJxJj{CF6Eg=8GeRzaGyU8n0;4Ea*6Jqya7fU_ejdK>Zlmt<H-M=X*lp|w=-r@=
zUi<Ca!BWc|SSAJPzfbAuaI1lX6Kkjc>`QWVa$@J=Dz>OHHa1q;0<QUISTg{gA$GIm
ziWWTo(5ppv&@F25e|iL6dcZeFN`dpbI^y>{-2lBYattaC4vy!kH4qe?D(2;@(T9cr
z0wy4!ztrBP@QZp65RDr&G71XBf`0eUGj&MIhgk#vEN;g&P@4jcd?-js)T$UcOs~OE
z{{G<sV{~v3FjlUCPGG>m4fN804vEYiOt?X;BmzA#P^7A=s^;;23+)H&YE=;IfOsI7
zhC8~FBa`8~Dl`VIDQMBHi~%(6Z2_*B9%!xCf=>5%6$XVwL1E#zcOo4f9c{pjQP4U&
zKff=KM_A&v2)Vl8V0VD@&;*S7EeR^x@d?@+o;P1CiG&)0)|&VYNT2dRWCNi+^e14}
z1r32IpO-mGQb>5X=*rlb(jQ6u509@!jZI9(3FpE>LUNISoU%)44KorXf?&poM`Ss?
zu%JWT8ZVtCF7+VJgbdBosB{hH{)W+kI$&EPEQ}l>5z)IZ+My<}*6I=QjgCK<l@Qv7
zixb$*8m~8|R=(E@*6291vST<R7sw%p&R31G7U~WTile2&?y^J_$lWD+G=`O`vllU%
z?XeRE*C3g)yD{Fb24pNyAGHxH4clQ?L!Zd%;EOX-r^*}nn6BDyPa<k+&<&;55Ydps
zDgJU|COvMA$wFfUtDLse&9;lG8ef}j-aH2549{<5>Gt}p%j!{o(Q7(W2}>zVtKA^S
zxeJij{qcV3cAZY#W_$OO{>${N*2GLk6VY_y9d^r(Z+effd?x%CU#{?aUx7^Q${P-s
z_Jdm2pu>cDh1?f<HG0|C1TJ|p#n~K@3a>M+S3R55%0f=)ENa8$QhVpZ_D}0=e#jqE
zP*u`lULi-ys=OhYnJkSOT@zHohKq{J-dOeO+sYmK*uQ)>mtr!1d}T0^dlwUVmn@1k
z?EC$R<!;UQbZ+i&9I7a5iD(#AteS<e&d0F6e!4`~KEwXT^EPz|#%8=Q=<0T)PS@kc
z8sXC}(^LQ9bzg8*%O;NL9y&cfp0y>>pXu&TaJ3=nD9f(}pDI(Yw)Ni;XxrNHnr`Pq
zY#w1<PF8iG+#TNZuU^wI!!5{j|LCt@vqaoy?ereoDnUY<8%`cfW0n-G)p}TGf!lt_
z_N5GU%{lGk^L_X8Z8}DYd2oF<=ib+XvjnDQyME?ni;+w;mkiIlA3=>oW=W551hLnm
z6YodfCI7UQMJMjDKCJHa+e^$PtUJKGn>zaQE*rP?{Oyk&>sEKN_Z$Zfvi1CJFoRcA
z)k~95%lpk29N{A-SJW_r^IJlkR}MG#COr&3ND5{(pYexXWzTONMlNY*y!QqaZ!2$p
z-q`RJuXDtkXOEae;Xa(S4&@QVak(-xojQ+G=%uC_WRxK<p8;Fp{}>IgNrL}Jhy+Vq
zIWeJPE0>}}p9+pYm_*Z%k-Z=q<DrA6g^&iCVq$#!(&QJI=4NJ~b_3opE1(Ai;RS5B
zD`q^U4WtpGTR|rwX#*l((9H&Od}}awi;Rqv3ipjfJpx=&&^xkB`4G$`14xokNh_yd
zoDYD5pf>CQiQDPf8BiX>kL0>eg|-94Pr!t7IsweY!~`hoLMwoZMyL!Rs!bCq(bqxz
z07cnHP_+TjT4GSr($W&B6T!A4g4?(x@2ewmd<P0NZ55SgjxDH$5D^jEQBFyCT`WOl
z0B<Q6cFa8@#5e&Z@6#t8pikaGI$A*vL&v;-;etpf)rSrZ3oBBt)DHweV82Q{bvr)c
zb9NI3iqstrP0JIYO#=0)cnB;r2gge<p<@WO;h#Sx$OGt=h<Gmm+802vU_VmYC&sDU
z*f73+mS2G?u%iNSOb}nAJ><3nxYTn}D%L%|3C4h6{|xqsut$Fk)@|tE@87yASU;iA
ziFpHw#~#4e3}5g#_;9;J6b1#8D;hGT)!hMBfkc8KD{u~lL+mhe12$cshR*@2D*Ufp
zqkMY8DkQbeMpgZvSY~p`eRH|XozDS>b`RCF0qZ015U*N{Zq$Om3x05S-m9)4M?XNR
zDr?Z+OXaGdNJrr}JMfL#-Og;%bnO<SIeIV)ml)-_7gG2we)HKTk@C#N@MAq0o5t!x
z*uT0d(3LeM=D7N$xa3F4Dkx9k<FVwpce(rNDT3a(xD%17w?f<VHEnne7LTkt>vH#L
z$5*b=<<*CP8Wb8xFK>mGG$pLd03L;fmFxY>!&!EX?C6~DSG{S=>+X6{h!H~_m4VU*
zMF|5LwNjDt(1Tc;{)q)=4$>JxZ*>t*%qG~g!iNlQ<G$Bt=oNHtrk*+AFD%;_`n5aC
z|Gs(4X|1>=>Go>RJ!iq9w`bjbe#x@#sA<iK)7ilD>s9y5yUw{l*2~nhIG}NCF{wA0
zFj{hd$)fMkZ=T6yIrlz$aZqQ4bu+WJb@TC;hQ&TN%#>4Pl4i)OUrRQ86!$x#b#pl_
z?;rX;Z7szTjZPo5lqC*@;R|e9AZg7SbnRXKI!o-@?X9~La9XTp&deG#wGG$B`@!>g
z^_J7fe!jV-e)^d6X}@EEGql!uzGC)UKra-R0$+yX9`Qck{;yYpEZ;KyoJQq)#<^#_
z{tP@0sWNkzH!Ip&djB5V$}Q+CtK(p{k2Goitof=hmANguA)}}0Xw;|ps;u6-^0C|e
zVWPazAFHPFB{Qe<?|SA0B3ZL6iM#1*J2R8B@A^8Q9|~<`Szp!j*!H&GC8PB=+rxj;
zCK$I+7^~zC!=ImV9)jb?^|NZ-e!sxa5m%tsZ?5p3V(A;dZkGUh)U;<qe~a11M_sL(
z)Y8E}{Pt`1bWZ=N%kJZasnI*>iJ1@i!u?5Des`%eKC<Utu8jwC@{&e7jpGY#qf*eI
ziti*cKrGH+Gcz!VO6^+amy}2`=SRgx41vKv<B9BE17#a5eSX0Q7NI_z+~Qu^LJ^;*
zL}I(3xo)1P@$L2qY^MPys(Rct+Av1ly&p8ZJc)6-YfwV4=W*9B9U_%Ue?su0dMXiD
zlqf^|jv(s<gTGg=K7lwfDLFY%FTN=~S|T1t1F^dy{26Pn6jf?UJsb}{PsKVS_ti&m
z`|UA`$WUsez~_?Jh`?(!MeU?lDi=_Q;fG8i0t+ju5JX5nxj%mQXZjV;=J|sra83HG
zZhjp{3#-A4-P7F-f~Ezik${L02zJ1F7_Dl<4p6HA*%dG7bw6XI@TPeC-b0_@GY?~G
z@u>2f+WfIM%K7z$mmou_eG1RJa7PYfw3vXp?=)Eh-r(ab>85?cpOXs<Dx)OhEQBg~
zdM$At1{NGYDGbNL71J}6AvfYS^Nu=(U9*EcnQI5lL=|q4aPuKT8m5evhYjD}wLz_<
zurF_&%db9A@j<FUB7K;R>Po)4mEcHgpBr3$2`9J6Z!?`5f#~*Ddve_5X2&(%J{_@2
z$egwAR`=UOmCj6Nba!uyQQ=e;1jN(1w3x8k65naD@K=9DS_MXvwhG>Amo^gazLc+g
z>?a*;bh0d1#Cb{d*z_oF(pHK2n!PDzo$<sPlkLt_g@3%GNE?wwgCf9GBxe<KNoCm7
z=BvTYoyPY5oCF>(mF({cgVJLM{9ka>HQc<0;`i8e&dYwsz6*yWbH|oPHM3T>8-?Kq
z_r7kN!90v8_jdh{^EAXB7Oe5h#sqvsDfjm}Q2UD%sJJ=9Ci;An1gM&C9JF>4896Tt
zv`;5-q>J?=G+I$$Y4CZwGv>m-Wf0d;f3%G<$?}uu*!62L&v~%dJhU|YUb&r=JLJT9
zL+CxZ*8l3^a{BP=%^lrRF-a{Q&Ad0xUHH+@A1b}Q#7bOsyqA@mMJ(Zm1}{6~ENXI!
z!&@zCEC%O;ki>`G)I})HZ1s8x`3V^s@&z1u4O@9#Enq+Sq_zki)Yfdq@uDsq)=_18
z^<VaVts<P|9c?7k9p1_weCXb)4_i$C_R7srhq5_g$nUY|_~n8qQl;e&lG>xmb%INQ
zG3y=atHVf1_W5tBq4w@M26uPT#}@{F0xx=D`O$tXK26O9V+#~k91njzzQ|NBKTJW*
z_O1`FW(XZNlK<!!|G6j*BlSWq-Z7A#Mx%(n>*`13zy6}fzJJgIbFx)|;Ya}uK)a_>
zs>bZ6nRP3KnhP*WP7S$&BFf`|K?&Ke6A!<L==TVz5@PotBj90oJ~tV{tR!U;fx$}(
zs(>X{XeoK)uu=?hFeF@x<O?q$1jpMYoE`?rT*p6>o)NJ}35sx9Qj#I}lHG)63Gg+g
z<Oqs%Soy9YQqZi>wDIilWD-V3WKOO>NsXm;r_fc}am;`(XB>zc*Vnj)APSVA8w*Tj
z0%h_P#iWq+*u=&{2Sp*IrDQkUyQp|RI7rKj!VXT{e3er87NNa^ag*1cfT*NniK{im
zd-2g)nQa1_*(xSML`Ian;RUT69UhCl{c-)0S2=)sbJLK9UYjr~B@&vZ1U<sS!Px^t
z07!W#fb#+@|8Q{yA|ha5I*&L<&YoiK+lNF^rT?H7w_Bua2#KQe^0M);>?H<5k6dgh
z(|sDbIe%RxB1$sdRHwz(CU=I0Yt!4%c9GB5uR_e(ma$}3$C*~^v7$fxfL0~6HBMWO
z@?K$gJNe+bP}%b~W-z7KECss9%$z<$(YQB2Il0(oE_G1TrE#VF*B?nKxT}-*Pw>sk
z{RcQU_~#24$KHd^8BrbkivEY(qo=c?jxjd^hReK6*H+gbnOd)Y(pbkyrt^#}a5#-b
zs<MSf64c#KeIWrVbi{_}to;v)1$P^%lm2|fUO6z!CU?vdnST(5=rmH)q=rJ{S4?Ws
zQyI=SEAoXjB6OtHsopAL5(cg<I~59bLaZ*4-;&EBX~A&r*!oe$GAVLZqkdWaV7TM-
z?wn8U#E3u3Whu%cpB@#9h<~Qb%#cL8?{O_Y8ncpPtETP8&vrd|-MHCT)n5`9Tc_*i
zP_UbsO(@)!?Tx>0_8IuKX?NF2e9e}{)Rt>tJNU3?i2CVxRN#c$`g-!z?yM7avwAx5
z;FA?XY*-lQpO}h6VwxIwu4*JUVvh+&$@wL3n<AFGt@M(dt>ufiO5?uLx-YNR&+Mv^
z3T<{?h~G&ILupWx{OG$ZsLei8AwYh6JEZm9o#$+>=(fLS8)|#~nCDO%tNmwMwO=&H
z{v{vlspSbaw)5Pz(1g)Q_@(y~t;L<{+@~$R1^FL5_X%t5zFXfI>bqjzXKm?cZ8BV0
z*t~n|-8?!$B9X=Gm##O6OI)|ddvhAWzneZZcVaVRwf03Z>qmW0jVjuF{b!RUJcriA
z$r@_n@U82wivz>9q6hEvo4tNE@$M;kK80eF@P=GyCAd<jAI7~D=$ZB$-remxvn!py
zfi!O<U;dU;Rq9O0UoWoDG{I3)d&;2tJkII<S5ot2^1lt#uC9xE(vP0;ft+_4d0#Gv
z$27`eZQb6q8~QS`vc`v|>AkW1S}y!a4+XF4?&|n>{%bK9@&c`J4wpUgjn_Bh2NNZR
z>AaCjSldeuQJq6ap{h;t5>w!4_42v}-PLW7o`P{G*kpi4{I&rMU)|i?fUahIrWCde
zDL@DCNL*kZ#3UquQxK?MO#*1^WsKrxq0ckZkl}iLR)bZA4SrQLqGzd4+i3M;y;bW(
z3T~)WVvE)FNReT}ZIyqjpfsV+v>D3In(Bnx8hX=NMVH2^5fY)|F(?-tEol7G!e(jv
zjeF1av<}VzPp!jt;BK33%#Wvb7G}TsrH4<7IcOt;BQM+LzOP%aR8#H$?6HtY`}(C7
zgJR|=tKnkqpevo`xQW&JqVxtXNc2=oiTPFITFNxbEA!*?jOGQ4o%|LP4I*Bg%#S0Q
z#xOd5*QXV>G(VS`RB3&>vxr*oxUIMLN{8GObsKDNYrmx5cMY1#g#O4Zjp~V?!Y$Rx
z%fyzR?&+MgS5N(OFI9?_?f6m`c1#i>tpT<xByrplk>O~Qfn@1j&7nYJ>@9K0?31=_
z_>ML)-K{#2W_&;05kktJda2{_;*p$CWFm^#10OG2`cDq2T8A3G-0USq)1|ze#d`}`
zdyR~~m4Z6BT{bg|RSWigueO?PXNy?S%w;?0Pc`da2gM3>H4R6<-|(u--t2&#k%S{M
zMiQONhvzhW<!$0n(M>(oPFEQw8xz?>V$XY{Y0qGQ)1x7VfbD-_^zaV1^>}U4wPSI-
zcy7(Gjx75DXQW8aSYZMCJM80Qt9Ncs(S62?VG}{`KAy4M*;ceLy-bHlCPWJ&3yV*v
z+}pKn#%6^3%}xCU%Nbl*E!(iQo2wP`tOnA3%dI&cCac)1l6dL5>J^An9!D|rIHNO*
z=Erk~_6J@wcA`JmKG{f;>)>>68CWbF*Lpr4+*u*mYa3+vg)+7F`00~Q9zQmh-Z*kB
zh%!;b{X{S=@0y!{s3T7qIkC{&E{pa0eLu$F)9qNt6Zi$eq};AHwtjxbgL9pJzph~e
zrH>nEZX@+7x&;(S$LrO_x7ACYQ(l=VX9YIb*e|x8MT<L=epeyy!erHe*XQ4w+Jom`
zc+a=#Z2Vu=)4AXtDcP|X9;zhxHV^*gM`%d?yn&@X;04&q*X(&ljXe`}5icyS7S7oW
zzGW2I_Pcei?#CG{;Ed-+16=aKp`mhc2Z0IV7ohq8MJU^DV)+*hl$C%4ZuDG|KLz1;
z-=vL2)uSALpemKCnRULzk@>DRLR}eq-)q-3kURI*s`L+fdQ9o&2d;d+LbaY0#72oC
zWeryG&_6NL9AQzIMT}m(N}uUfsxcdddJq%Qs|>LV<!*$&#4yk{eDt_d+c{jX??lgz
zj%dQe$k0&wz>?ZiY(Z%u*q@AqN(28Y%}tP%?ZK{Qjm*S~-R(hvlh>7wm*TBtwi4-m
zl(BW=pU<&mr4uVtwIA-HqC2FQ>M`x8wzqPnd!14lsTl-sm%4`Y5zmSDX{efa;&U5v
z=kEMgOZ~`B=3&-0-lcMw<^Az1zRe5UEZ2$*OGU`(@sHwsw4%jcmIc=LKyB4rje#i{
z6bYFxBG!2^sn~38thv`5LnihpKLB$n-=3&+8=b+?hfv+o<3U<Id+-KLZ4)D}I62Tc
zrh9D<E;(s|k?wvceS;uw7TNZxWPQV6bh<5U`gp`Y^048L{#Q05SKHB<uRM!$liQPt
zfr88<yFWIBo9F3r;!r)iR^2(yUS8PzY&%>#OWVJwDlYtPpfqNwmekEFWlUte;np`y
zF+MDyTXhxc4tL|rzwUM>Eo^H+<D&K9>84+7VANvS?b7~2*5OVoFKb)UEgSb~`ntqD
z(|-4=#oGGipOfnaTU=8=&PRQea#E;hB$O7PPYQ_k{Cq9hstt*u2Kzkj3&Sls3nxX1
zo3X!+fT1<!+F|3cH{0)cF4Jz#UDCO)<-xyY<Hzr|eHO{vktY*_vK2A!zQg>|i$eDn
zyGK@*qS3u(!Qr?YYbT}c9<sx&kRPiadTq1EIWet^!1EwFOBwvwaf}*mxw2Vq@4VHe
z+yOO<>u!*=<k*qL`Bi1<L@xEbfo>N`VAi{`m4+4n<+ziJ)V?&AjsoiYw{KhPWb*@k
zD}I(=NDVv<)nhgOFPvrF{~tc!8gXT@u+AZP3~8YJI<Ouye;54sPWXH4fM=573Y$JK
zvV-+s=lYZYT$KCeGF}+DTogQ<ejQkZ)oFuARSzVVu;P#yB{lW!-5ne>G$j?)_<kD1
zbQ$WPFK_>LVatj~R)DWG^*yg~=#PrbSObjlC8Mubhia=MnlZ(?z#!3qSIH29pN}3_
zI8Dsxg@}OmI&##3-?_x7(3&YV`glzmyOU;GU0lX0lvWDgq><juph$%Ft&T=m7;9rs
zWyuG~H&b$CxXf%+sqj6OrrQiigCXyTFw#rEMT(VZ)29w>biT?cDN>U*b7GaKhe?td
zN{ow2h|y+IhW{P{o6F_Ori#t#`ocsUU9!s|%>QK60U>*n{6IzSb2}uqpkWbxiuv1w
zrO}jHBL58^&OiNkX<YjYzblPM-tT1QZlB_nZOu(6V}pAmmmW3cN$95|X1EemI;-!t
zQe+ns{~h|v+5TU|HRg7SUK)?LX?|X5?_$4HO}n95uHa}+E=f*YeS2(=hTTekuc^=W
zwNZO^sjBs}zi)Ve*CiJv|L7~N>yPtrpXS1M=EHXQ#0eS~*&JmnU`o9n@+=%@x>r*Q
zmWfS1o!N6s;+;2I&2fzl^XAq)z?hW#_TqSt*eJ~4tx)W)zPI#T=zpxs`<&A~C}~V=
zZbR~Zi&$lH(ZJYI-}sQBfLm<#5;09vKk5AP&6!lCAiL`FW?kN)ywqvp!bKJAosUs{
zz3}$@1)rk#=Y<MKxMQLL^Gm)V(jS3~Op&2&kt01#Kig)%J?Kpwmt@~Cn=F`6&v3;u
z+DQ*r;r&`lIFC-zq<l@7sAg~3(7lH?5Fkj|Qn`24N{;U!W9<2}pDq7qZh^Lbo&>5t
zp0@sL;uVuAzW&_$w$=8tFgIMeO#6(co?V{qz3kDlvco>*zfzg>|K~t&K6g}qcU_Qx
zBl<rXmE~6hUe-UqKEO+n<F@&Ut2{Vc-e~-D!2gE&F?pVDS6{J^)+Lx+A#w3gIciZ0
zfI%tMa8)wmRTkoKsVsS$qYO)@KGlEn5n`Rz4??zxIklEewo6B+O7K-$5M90+JTZ2L
z3cR=?W>ht1Q4*pc?d?GVLP5nfpHZZYettsw0QRO+qgqkI(1uhG@+57Fb)yKyJA`Z+
zc&gwXbb~?7Qjt^xYJs~#H5@5%$z&xF_1=QevQwYX3bE^afyOPFs3`1Hr%+vOeGN6;
z^XdZDclyeVw`BnG_|{4pmEN-8<}``W^TbzNTwlvd*veBnLk5Zni&m>u#k9&C@iz<B
zrnP6HOd3o2_E3triabmT<vT=!F>fPu-l|^fNh~_8MBUE;oI>oeMM2ouHMKUqZu%on
z)laKo5BKl2esk9P)rOZ3Qt0`s+%Hp{j5JtK^=T#xOJf!T!(c-<Pg9shZH;&SpOg%F
zwHC77BIc7@x79Gz)i;^;vks_loDs^`i7V}Q?G0VKrZ`I~&kng3O<pziOx4A+*0r0d
z$%n(M_APvWyJqdV#O4y4%q<~9nE$@9kU(2<$_1fh-E*<~#7Ta8-!;ql;!ga>>c@#O
z{=Dq+w#dVI0#1uP-rLqyEUms(1*Y`Z99PX@KRYlP1S4H-n6A9P|5!UGypPojmeZw>
z&s0gIt!Xmaz*HHc=;@~toe<PrepC9mqNcj9L*gA4FW5N)Q$5aCdzcmy1GGIdbUOGy
zmoCmHzc!d}Q2G$ajZ(LFFSW%nfPEU8S*&iiEtM8Q8M4OmSMVn33)FE}$b?7I2LK@|
zBG+QP??El=6`nEQJ97#@?tYQXz07$Y!*Pn7I%klqc|H9t(zA=LK2KJ`wjTcFEQIK+
z(gvcahWNl5g`T>~V*zLiWCCIe+k7|Aui<;O1?6J>knm``*DiwpC0X73o97e_0!lBz
z@2<kozd;z(3lD7&y~Lk2l$C{v2?-d#Xg=XhiMjr*Bp&|W5X0v50Y^K$;zAnI(ve5r
zXV4(oAw9+}qo`z}7vZ)Ql%cWY;MS)pVHk}5AmPC-Rb;-d(et|g`fzL{#M=qRJWSWe
zTKWSyA|vMNVH@NL9sO#T9!ppVU9@LNsdiQZ4X%I=lTU$ciX<r|eMXa7A*~8xQe=93
z_S8gLVyfkoimh&>SRgKHAGQiUZ-K8;w3NPbNmA4jb1X838GaLksEOqZ<iT!>zL1yA
zcr=$&lxz}rh5215C%9re88Q^#%CWNFC+9JdzkX0sP3an(oU(Z!3AMlCRcm$+C^fS|
zDOMXVRqhF=Qkj;lcTw9c&3qD4C&su%+aR<*$fk9S354i9l9s3(z+B*tR0r9$urX1U
z#Vdm@s>V8tGPdsOA294rF_x^?c6#+<s?C;A(eN#SM)0v;^5t#Ut$8W&=EU&l#6LAr
zeej~*;}MrVprDK!{|;wCz(<vvpSRA$-~5UCXZ^lc!IYcqo7%W9MkKa-c;;*9hI<}g
z>tsEM(z!YM3O@eK063el%2f%wMC!_nUS|ATg+$C|2-T{70^$>D<||4Z$D~KUBK?|+
zuq_!_YN=rutNn)JY1bJ4A*x?KvF07Fb=^5ktsUn2=95*`=AVP9^x|7riJ`Utjj=b*
zu@`uIe<zRpHbKsOWOY0%-^{k$z_VX*kzGSK-#V#IlT7TU7cur7YNuLie~ioP0dB5R
z*YIAzqf6)RkvXuF%@jfYE%M&Gch-5R#3aXHa;r7awxpX)Xw7S(odZKuLw!K8@VRqE
zC%u+ndVr<wyfR=fnf)WJ^uhrlIsM;umj3_1-!K8U7UP%oKjGF~kmK95J|2CyL1D#j
z^tBHt#_OXmw2S^pHlAzQF9Z${xsb2FCI)ejh`MADtBC3{r{m(_Y;A5vrV<C!$m^L}
znZ%P4>Rl)6R^d-s#}ejA(D__gcMtZn5Y=b3QQV(fWoK><Xx0VsCjfle>U&Lmg0#-5
zD>X*R$9#CEGzQJk%vAc2^cTB2x>V>wy-`tWwNB%G6c(pW!UgQ5e<HL>Q#NtSQ>>|9
z`eS3BR|_d?bPSpX4R=cZz!K4b;g;3P(Di6SN?}P4>bF(PS4yRy4pre1DUAYHwoNDX
zP!SaRcl2g*!D-P-p*3<mLkVAP-V8BXp!Fz*B7{y?sC6MuG3xZxCX|=_D&3Z9WY-`y
zgJHi^(n>5Y^9ZPmNMVepJ7SY(H`#x{I{xI%RUK7%=uuU42L-jgL9b|!vD>`l2}$+9
zluvT%t>M)2c^m!nG3{F|^PNoE8rcNRWi}VNDh^sj<7CDfg^90i?>9274?b2L<Ao=|
zDmYTdMHa=mzvrg>G`IYwrt!V0_v{q&^c36T7`4{&R$QR(kDB-Si3>!LvN7FMD$7i$
z^6)4;RQr6C1l)_l47~~n)BuiLzHnPNPOX6OMlX3-H_4iOQDCN>`qvyAiZLE<=<J`E
z(p@jbWr68-vcZ0)&UQ92V_fAfx}jl;zV_9+ZUHQ+3)_iT$b;S{N|&F4YXLVA1vX^b
zIp)z+?6i-<L|d`>uCmxbuUR%J2lbQI9T!28^_<|3O4YDZ)v!p_rdHe9?yb7OGgpe)
zR}u=2=mYIkV#cou>~plbHuDl?lWO*fLXrZ<cXGSQRg9fgm-#3985Y{t0~2Q#e|04d
z|27#RJpQ0<F;gwg<=AR_;HR_9ueHq7)y~w@|0ZLHrOXdf9lv#3-kl1dP2&<-es+mp
zQT$hd`7F29?CC1>-TreN41C{z`!;`DFrmWROCpp&pr4x?kZqGc^Tg9FK@0`*XUnfS
ze+yA(PNSpMq_uNaTz<b$*^m#FiolYrh@?9)E^>7jlltOklLU`Gl4VHFrfS)Trf(vi
zZJ8+A7&ndUbq^R;bTRx`Idg+XjPX|fzt9)72u!Yex^X2fnbT`*YVzc2l*K}@zW>=R
zWxvJ5F$v8dLI_pHG;?w6K%)|{g1Pzn<{)qmNv+$gQbKA}={<f>yP)1k?FS{~(8TD@
zpwBXShph?u;|bo;Wx0`ZD9y!K0#azwgW@8Dp&ig_g?yvwW0Ed}r=%ev4U{6yJ8I-6
z7&3KxADbduo^*a%^`g#WmaF-uPgx5v29`a9<j2uJy<YOCUX;wu4m~GYr>sk)RycW+
zd5kwtv$H^j$5SxlGE%mAnOo;wS$gIhd8iku9@Hx8Bp;9bRT#gBxD@jYkH4JqW%w{a
z`0X`r&pHjfsc9~@$k6UO(MQ>qds(aoRm|5psd#kabrh5=Ym95WlBV0mG&}XBr0!it
zqHJ3CZCy8KL)d#8lytGzMq5etTlZsAbkW(B?A7wGtK+$x5Z^e(u{ug|xXE$2MX@^}
zu(=>7f<efF#gx-%<z`~81xcBGmg$y@L6zd1&QH1vA{8p%&oN(;-#0IFRL3TtpKw*9
zrGB{kzzfsLL3tZ&B#m-l_v+E-bDHOmQd<e8dY?$~GE*Tjlz1J9N-j!`)i;aD)(znV
zyrD9T$rlyu@|npA#%n&aV@E%myN;)U1KJH?7MJ)Z{j_tEtc@xaRPe<?P|RWQFro2&
zBh?fMrrvw0pg^6tZZgSbs+QB@&2riwynl~rBxW;T7;3#dT;{cTH^P6N)0_XZ5%Tvm
z{%tG%r_f_Y;t=AJJ0F{Le!*6O`oD)YKDZJ>9O6`N)h0kodtNp)PBoS01x!gyT_=T*
zRRPyvnSQ{!I;@0jS=u{R`A}_#$(UulnTFY6$5-);{9fh*OU|;Fy1LcJYx%yo8b`eK
zKBJ}c;fg=GoveQf9N%~|GyQhn)#_S&w{_fD>rg++5%%>`_e0}V=ecis(P1;Y*|PfB
zd5iz>Z)dCV4hCoU?Ci#qoeKFroC97#|KlD5cMrwi4o>43%cTp@r4m*1TvqFe>cy3#
zi{5tQdCL}u+}|DAxGXO#lh539^!%=`%)*&}E_r%Ab_f<7Hn2L+ZqDENm>;&XyDv|B
z-uV{Wp6OQ~|EeHLx3F*fVHkfL#P9dDPA{YJ;xtGv9oJT{$@sWbyjgK%+0}2CY&rC<
zYGldLYW#?y{PL;B>9_}*Z<Kk#&+8=aE0Q~cwN^EWo<|wyqgI4l`e9R(&Fm(X_bB6%
zyY)%-GVbAx$#`~o^re1w%l^((R-ZXxlUaRt+g3c^(pMzEF0x<!YiW6fIeDAvqO!~M
zc{Sg2YA(K8uP#%+EN>GoO7nX&Ts89*#nO;Ot?$;{c0bq4&8P?}m{RZ#@BFgL3b6Qj
zr%VlVPXb<<&jbRz9#zXziM@Msk!Q7E)vF}pSrl)$=^YY8_C4qFB2P=E{c3_Ou8Z3n
z0<G&AH&j;V^K{KeJDW2}+u{`hje3+@$qa2OJe`nN$mgY-I}7bRxplSyrJf$KFO;bt
zDCA*7X1<-5n|Loav>6b6YWG5&wbs_FG;=Kv6cw|5B`95$?0V?C&j&3+FFiX{gd=c4
z^pN;|MzC7nVA-ANVgI~E!@^LABEH+}vYyKKVfY|e{_vg(tXt52TxvgxC*W6{-CuvG
z(OcoedGY2J`p0gj<-`-t?P*%Gf&9W*QjX$uT{GFP=iJnmv2D2$M|8Ee#tVsus-24_
z-O2lpexs`28GpRj)|=QrHW_1C8s;od)647-TGpOv`=pgw%Cn*y`)DCQteBBojI%0{
z##U6<QN;O}OE5DltORC+Z<Nfwzk8m~`3!X5e#}U<7hQ-(xwGAU?J^pR+<~o=->D~D
zsyrlQJ>C_%P$2~w(mb>rsFd+<@{^7HclW~W)9zovj|XG*4P8(DWkC$pX1~T^^US=R
z)8x;Y<#Xq!ru6N1EpXotI10pb$e8Yst;c82&K{5C@6c}YujX)C{H*5B(&<;zTd2Pu
z@b3<+rdS|%>>(w7yvUY27iSq`F%FF6?W9tU)_<vePVg>E`;xe-P+-0Ffd6r537*c;
z_)MUr5``f#&B#nd^ov)V?eu$>A$=1aM4Rz6AtrAH%W3CKDHCym;vrwPlhBY{4SqkX
zX_Fw@cv4JCvRkiq76X*b^Y1+sRbSHT>Xzny*<H=X-Rba<+;l!VaD;b_9K;K#Ua##U
zHLsIrd59IeOjWSY=a5cp{mL#?@MrQQJkJP5M@)C?=ck##XTz0$Cy%S+Pl*8i(v(6v
zPOwSr=rfk>y_oF6XC_-Tu6jO15%TX0f5IV&Q2mYk(Wibt8p<{Y8~h@cFsg|e3mJ0{
zhZ-S79gB!K2`1OECUWhO5Jx2qEMCkQB`u?EOW1LM$fOHul6o2@UIZ`mrljzpRpF?)
zjhMCS%gwOz8JaH2C_SzLG&3X1J1aw|QbWXt#*2~+iJpH)G^6;y_52s{66cRweUmy^
zNF}q{d}?NmlbqyzKk<dX7%I*ncEO#^`s$dinYriS2iDg^nc+0SeCQ_3`iHA#K9(Z&
zV!gIvLEN%V4N3K=UCZsBsjMI=^)B$m!={we(Jq=3e;*IF?@=D3S;Wgn$L?3UKj)mO
zY>!iieFgCEd}~p!m-u!*`L-W-*ewTTwNf?v$m+*d+ssa%X0>iMSIQVHR38XloGiaO
zYX0bctKB<}lo&o5ZqVY&#s5xAn3%a#B+p33={-U=ljFWJTkOgyCXw<e@_#)XctH~L
z&oYB2&XQE?3^}Hr)nvbrYTd5E?i?k?8B0O2R2o13veV*RQ0*#RH!5M*@s_E`J^wl-
zGBr;h%c>vZ)e3K&0Y!edM5$oVEJQJWoTj%saGeazz$IcJt=LqYezhJ~=5>W8ol>aw
zoaTQ4xHbd+c4@$JixYdOODcS+!n8qCY{XPdNd*{_9(Ij9jFL=*<qs?vZFUMFvgn2H
zP#L;es-DiOdAEzto|-qG?5-&v6%liO9_EBATBWa1$*B%b^~mYvD`T@wt7aN!a`PK>
znhvER95D@xCj9xFvl->|{SW;&k<We=;j%8G4=C+QU3LF;&HwH?D)(r3d=DhVaByIx
ze2e@JUo~}*0nuy%Ggdq9vx&5HhDfOfZH8P=f%SK_FO0MBl<GrfAK5dC#PXOuQ#;8+
zi+0oza;Ue@5Oe05lCXz*BrRNwLW>e!7N?7veT*{3W>BtCc_UgN73W#Xs7_}_kh-&)
zf9wEU76@SXz`tJ9?dQ1R^!IJFp~!sC|6nClC`W~v3`TFCD+~!>62k`G$dyqXa)^Gk
z&TERXlF1g;%sQLAq1dmXto9;S3qACwEW4nzdh*mPY;04~dQ+yd;;+y{j@?>Erktwa
zIFTslF^LZ-m$GWs8P{tZoQa63a)DpAJUtrvQ~v9H&;){ur2ba-mpkf{z~76v4to8;
z>&0bKpBcw32OYT8OJ!aUvKLhf(PA=(&Mtl{U^GIcOCHM5)uNi}$0Eo$$O)h35zK1S
zTw$Zc@j!ikX9bejBrJ!5XyvcprD7olrVI*7$6?Kvi>VYb`s;}XmbrwhQmN3V$f=fT
zU^5gH(#uJHSCIvh$hW$w?f>4QED-<RqOYo1=okum%r--1)HA}Qu?JNORXlKltw?6c
zz0PC8Bmm2k<}-<C)V7%V++K+c8<9F)(P#Re$M<EOmx3y(d!t!pudg&GuyIK8JikjN
zBovM9<7w=p77rE}JH_S)4VcPNPfJB^5M(6L{og0}7?M-)usH&<R7_=syUf(-yHFF?
zOA-tjBbqMZ)X9C3s$A7DF)t!f1w|U{I=BNe6&q4=gii=6ViN&nqRlVWpF5HN^^<p>
z)3(3r_50?4k$B=6NCd%B+5`#e+eYHXrk$8Fij#t}j<^Aj>%DM-qqvQ8OoTI(<`6)*
z6Q`N|OeDI$^k3I79pc}!gtW0*hF*G_tj%5o_RWy4o-h|)!$(U+4E4OUxnX#@#>nKG
z+F2}nH`-NP|Cp}igMO^|)X5;Uaa?l1;oGvq@<^aC4L_J?As8Ai^hWN*P!yrOKNV!H
z+OMn<f^Xtwf&ca7L;ZhVb>gOuUa*%c?EG@gU`bR3(Jw9k9q5X(m60z!hY$WNnVu6&
zLj5Xa1iz-)3~&S{b0}}?ps&)TQh)2DE*gS;7b{D*EN^vLrxJ$#Jp}*1d-jEmUnlOj
z$ZzqM;8KvP!6!<hIq=he#v!Jl_b@Aw8UZf}f^djW+<E<-&dBzKVDZFk=HHhqFfZ)1
zxP$I%knvE)(NHv7#!39y)q_Qv*S$`f=861&U!8rSKCr`rJ|HfulLBvTLE>CH?awMx
z;FOD{IP=e%D)`jN`acF#|9Qo$TZYyW+G{iYLM0E(Jy+D6rDlIucx-h?`|-ZUN0E)y
zi6ajGg)Z@;|1vJTMF6L~Vr_Mz)%p7BpXC%)2-SC`uOaCiY1LW3XO<Sq1)Es&v^3HZ
ziiM^}KEBPhMyssCiZp2Sqbi9qWQizyeT#)jh}c=2*l%`&7}Dv288Q*k8aK;=rQ7~g
z8vnGU^hdL_CP(d4IDN-H6|M3Zg;cpj0(Tw>l<;Ca)V~&rw?zNmZ}`vvo#|j7sK$$y
z9=8#n-H+}|MXt`%@OUhJ6BWwxF?-4DyVAarhq_e5Dxz3++$<ZGQlV<5i<qK!)Z}rM
zcW5p@xo|iy8m@oX|Lh1@=lQ2=|NJ~ShT;^;luo5D6e&_>=z%KM{*s?eGrlfFBT3wP
zO9s~`3oS?VLIzuoI6<aRnSR=-QN_gu1LK<l8)##WrIo?{kvJN<a>(PcCMYQ>$&HYs
z{w($yIuTu1Q%y}Q5<MOhfp-8y*fV5>E`6w!qCZKd5I!*oURptGijZD~9GjXtVn^uh
zcU*FkxqP(`5FPE%5TYTp0b(H$6hRWM5BXS-9vZNPJBUhz@)Tk}qNJcPkzu6B)G$Yc
zy;FOjXrsHsuw$`w$wLyP#<7dw%P6u;C1$0($39d-y!i4iF)9QQ_{kBeUdz)#7X-X2
ze7D;Ece~R`RPd3mOMI7Y;@^AdQM|;anL?r6FSM)6gp3g8d6yS4+yODXkt|t(9?Yjm
zk-Xg4Lf#U&=eBO3933mo@u=*X0|rCZaVc=F6cj)k0kd2oDJ2b(&_n8gsT5fjDNL@e
z%Ztbq)D=u3VP^F{;&KM*NZLp-ytD|_E62!$IdTjk=yWNuO!AUYv5;<(338-e2xhwB
z(NW2erT|&`0Qg^+mtGjW)FSfA9#}$%Yw+We5Ywf|Z@xekzLOS1oJ$&xfHI8Wt_fxB
z7iYsPDk*_aUx{HXAf+7n%<9yUfmzDRoESX>B<^Z?+7O7r2q<uoAzSqBC_)zizdD@{
zsotctne=yK#JW1vV%bh*I3K}3K`>fK5(cu4Zth%YQw$hE;w+%+P_ym=bfMsl^vF&%
zEzAD~(Eb#18kk>R1NL+pYHGRfvB<8_g_@~;1s%TQfgwW_RfBNM!YFx}&8(cbCMAh~
z%Dk#VolHjgW)JZtNr;rBrwk>!PMK`UZ}OXf5(F%YdMpH8U0udB<MTNzC2(*sgp~42
z+#m~gYR7cVR$aBA%QSf~98(JPEt9(ilJe1K3)53lNDFgwg^J<C5~7<53kw^>jInPz
zLN@X==(&WkOL2r?9He6*@svs;%HCB<`Ov$+C~+G2=jxXQ+Nry=b$yBb&($ZLBv~M_
z4dNDWACx4oc<O`fgLwYM`yh3oZ{Vvl#^M6uFY#?y;$aR&{_20$B!<VwhRz)@xXu&F
zE%o|xc;nzz&?Q4S)pr7g91Ei9F@#`Tgwl3$FfR2&fH)AKh|!RcL<zOP+XRX_Af{!#
z$&P@Uo_LWiH5Ez8p1jYD01(Jnbc~FYKk@PLfqA;s?}4|`LrQ8-8(WDbAsQb0bCMdK
zmXuh?1cFN>dQc!wfJ7t$rYmWfR52q2mFtlR<r?PNI91@Fs4VLY8X>pC)1xnCKAwni
z5abFY)&oO=0>;K(NM9joCj9RgWM3-r8q_T=G=KiHd9n(1M<W!Si~aY3%Rj@7=eWT8
z0+#>5o6ym&+1bJ2EpB^$XRin`oDE|<OzPjR1v*#A-1qh;Gp~lh!9nzVNeFT<um;v6
zet;l7%uGQV`>IzBHLwhw;3%CCEx?E+#H+XGr3Nmt?*<Xn0$>!z0~Cd>HY*(;;Bx>b
z*ujB~F5vf&LzARP5(<UPVTwAC@?gNBllkM2Cm>>Af#@RS0Spa*(~OGGP6_M?yZuxw
zcp~TUHi?iw6L2D-S;sFboq#6f1^9#-Y0>b}$>XrZl%lUyjW7{}$OlP7Yuj-?$GCJ$
zQ|5hxFIbqHn_E~gXmk?qL!=@j{wO5=M~qy=7(Q3IU<ET*S4w=4Y{y!eH;TX1;6I-d
zBlwgOj@<uZu1}63F9mpC8Gh=#6qkhW<^d7o5vQL8qF<~E@e;=|9>b=hFUaZdz}^zF
z@tawPv3CYBvy)z)UcZut1}6|p178R5$n#TC!R&6R3y1iyr4q5F_LLC9k+=kUK?~^_
ziX;NZgx{YIII!)C87%t5r>xX%blROLoN{E9%vY#~)+NW#;thk=4PtU+rlaHWyKl(J
zAu0Uqpr$qj;B)}B!Q*5T2sMCamwF>)vlh=iAVegLp9C%R!|52JOg#fF;B+T9&S+D&
zdq6A9!_Dmyz*?Uj!b}s19yh0(VE+;>7M7AIZ6g3iW%0Qiqpl=jDrav{u3+}ScSot9
z?;)x&8^APa|9X$1&iwoVaC7Uw8T*1rW@p+ka#D{4zVxV<yNIx`4E!5l6*e%nt*@=w
z@xS1D{^sleU~sV^1@u{PY=FbY)X>OYc%ug0J-1H?s2sj&b?AEE{PpO3ldZ(@_kRLM
z#P8u^7WixD0mP~#;OI=96_Sj&2cr}{CoNwVLS>+*I78~Kn9HbtqC0~8_07$*p9K6C
zps2A>Y=k~F%9At8hG3TFgmBVuV@Z0%=-4?wUiLrV8OI|y^~_V{RhIT+m5hdGc#oD&
z3;VbtEeb&zm!y_8QBF&k4lzLnu|Y<PYAG9$IZh$u%>?-yT#bn@I`u%NBrH;pYgJ+l
zHg?<D*)>S-x~MdYS5FkGil#chNFt1+g&m_R6opWsTZ8To7^1n5eYO5~@0kaca6Ns9
z3*Y*4DH7+8;R45$St}wc3cy(agpdZTdxzeTm*DPmc>4mZH=6^bVc>uUW<dZ96-h&j
zA-7?V4{bo;hXsvA(lFN9YR7+0+3Q%h0k&_xcbCU)PsGh;fRqKS#EQN8KwNxN254Ne
zGBT#@TH@j`YalkA_qbpZC*I%RudNw7bW!1LZEOJ7p>ljekn!s3Dw9qfA-~t_+6Xdk
zz=}{7HH=1|2B>cpaZ-`r5Uekro;M62u_d7LlR_s0pz&+qlLCe)z$ON&NJ_Mi0Rv@c
zY=GmF|5ja+_t*3y1%y*9hUj^ElSKMT5ragotf}xRU`qhC<!4sU?u~eT<dBdZH2`?<
ztWAi<8Sg$>?*l7}kWqv<Kvdje9~9aK0O8=+xS~Wz`TX?~@sE;-yDuE!!??+(Bq2Hz
zyp)mk!dOdSP!pi(`eBqlKnrn^v1<FswEaDt-1=JooX)D`aM`|u113nj=_c8x^mUC`
zbS@`7UX?L*v9WD`?2<cH1H)!gku5AMX*fN$0P6?mT!hy$yfmbV<ajK#UN6Mx(^pqK
zcyg(PoF_&{(Ih8<os!Vr!SY^5>hV*1BTR8cLjyPAr~`p;M6$Jr2qbyG2z)kou(I?)
zq1t{9lpd6**chRRH3J)4qIP!%A&f(=2s8|7-dtm!kZCW7ytsx$MmInNXMMcXQq5~=
z(m|xufGdF7Nqo-zoPRKq{ATEQ={@_Lfs_LmM+iVb0%SbE;amCw3hT20oj1+}&rd|T
z7vO(3S60w5G1vC@L6}uyU?>OBXW(TG`mL@~`WnD%!I>SK0LEO63QZ#>NN*N3NkU*E
z1Hdy*K$XUWZ3t;(cU<cRP+fpK`~N6=4{)mg{(t-&d+$B6h0r0{WN$)9Mp<Pfk(E;R
z9tjnq?3L<}N>W*6w5$rH&_Y_$p!I*8y6^A(`Q6|D|9@RS*Y~=w``fL~Iq&m&J;&qu
zcs?GZxvbA;u*L=spD@WQ9t-xcr@^(PyJ%32^{s>$oV4$dWIFgIxNHlf)CjIA&g=EB
zPY>3=eDQ*Zmp8=&B63)}_a^sS_0qLrK?Jnfue>VW-88{RrU?d15Xs-V_0iPT=pL6-
z`iI)DT#3QDEXP`U!8Qr$gLItbZEXTqzmC*cS2SPR^Vmpf+|41INd$Ykm!BO@`T-k^
z06A#dL%B8s|3q3nMSr9uiOpdjc4nbzprNX2#5bvT@Qb3R;`R;!V*@r-F|pI~TWS}d
z-4L6#Ez`b;cnmFYZ*T8P@x)u5y6e~Pg(gY=TL_jwzBch)@RK%9+n%{PRStG}EWB*`
zxy;?pes^f-jc)uCyFXWY|7Syu^~r5}y7ukY)Ag86b>DbXLL-=V^$1^$xHbQI7HK|S
z-WmOzr@xqq*32cueuHX`a*xcdbTz-j=h}u@4(7)sQ{9iw$AxDOkQi$12zyR<PhC@a
z#Nl;Hq6>`@N0U`+y?g$89@m`#3`1vasbr|~tkwzuK6ysP!s05Vudk2tV)%*{L9xEi
z=nq#csQjw5i`>-Uj#nEzXs&qV@?o3rns*Ofe<)-~vECf_>&HreWt`kDfBz$5o32Bo
z53FUJCJ4D;)#)3Q^h(qMTMm8=vB*^=^EgaHO+6wqQgma`7}>i=QAr63f3Vr&6c)~+
zg4>ajTdVjpR%Jwp>#GZAzPx?hL++JPyo1B>8M{I-{W^8(l)Ab)R{F4U9slaQ=hcT;
zse}R+<2>}W^3GzNk%LhLQdTdq$>iskY@){Ws-mI-62nkrC?k1Oy<G{I8W@0Xp&d0H
zi-BbP6Vwq<ZQ#5z^cq_2%gf6`8-vt*dKn@{Cni=P%CjFSVBiMbI_8@s<#rtlH#axv
zr%S9%cO_M%y}EmndtK+FN0(8wU;{k)M;@Q(kJUHldwP0?v!JSslWs0~R6GpI>;aGp
zvxQJ=9Cph=@n+P=*H6#BrUQn6nH3jsU<9%dDIvpr9*-BlYU~}FT53<VT7Qxe>g-MK
zm*3%0v&UF`qHJY1H><obR~ASN$1hgMy{KHp6&jLvT3aP_sFx*{^Hb*Es$45E#F-)N
zb@!na*h?AObMc3XhNrXjWNA}#b06n(BrsH6RY8Itx>1prOC|SXFZHUOxQ3XGBvVD6
z0<|<>oc_>09*NwHF9A6pC3jn{B|shohVI+h0$%xYNhbO}z;b-3h!NA>r~dSfzm?`n
z3`9oP=<xa(NV*WuGWSM)TmNknZ9wiMRlsM7L^FBXql2^-{R=}&Sf#C}Q4~xDHC``t
z+5jp=XQiqGPS|ct&stOgkCA#~f~nOyh~TshHDCjNW5^Rt$oB}F+S%Dr)>t+6Zuju8
zVegmP*`3T7xiD6&e@HvZsrvQn*F7!Ld#xd_QA9&ayD@O2_sNr3#6Rf4PG>}{Uw@t=
z3<42Lx#_oWSx;fdROU2i`^v!D)2+K7<(39eY_?|7#8TPC4u5)O+gfz=D8)Jy(g9^&
z)H~Wjy}i7|3ky!3)Cqag77cZKNS4*7@MK#<EJ;*U)Vn-!Etka1>(g=ikS!B1<?w}W
zF4V%6m5q&zy!sNUwX>phA{U@PM|%j?1eFF*HIeX!C<>Nt5eg9pMiE8e0hFI2UobG|
zY~G8FUWQ-f#x4;qNiKxF?d6dW_JG2Nz+K1~k+uw<fGG%^!h~d?JqHUE8kzO3WN|I6
z;x%PS-3OQF5^|*yztg%APgA6t)b}xC$<|Er==kJh;@Ug!KYR#{fcNR@jh|nH)r<!d
zQY)g;bCwt`?|Dq82TgJfNl7YI<ZPa*E6}y=C(zK)cva6mHJPe7NlQ=p>08IvzDFXt
zEdJyp7zB1-J1#lRs1q+)Sb4jVC4xm_aIRx*9!J>n$`0D4prhx!20KGL_J5ST!(VMI
zTrESz%e_vIJ}=FI-fE0hF#h3{iQbPlXl=W3wP$pVH?w+WUbnaB)~uO3zGjvpm&bEY
zva&B{gwdzwHGxbOKFJc6Q6O;EzS>^-to>jO+RI#jdOlT~dPL=++W`?bs&<0xA8;fE
z2wlL{a!)GvhsbhWb_VOop5h`ZKFLr3mMq*D{m$dSxAgW5)n)xDD68Krv$=W<%HkV$
zKU{?Hrrh)A&nepD?853S-EY2m;9;FPf4u~XHfCnGkm{~Oj1+~1ae`M-e*Orq0Uo9y
zOTdHS;g66n)r(x<aZWZh=M+dDVr=w!p7>KxKtK~IO)a@uTv$p)r5Q02WnRqe>oel+
zXj&ok4sFk57c6gIhmJG!22D&&Gk&x}fSy-6ZGSpCj2g=V**X0%!jL_@ZqVGV5fj^7
zl_bh*pb@5p6A3wVgoxbhYzcfftyn~Vz`VjdM~Ih$gJ8`f@lGE#RReAtyb_tbn6CZ&
z@;Hls{li1Q*C@F`@6VKcu1j!AQC`0J(xrE!b?jpd_imq9zjv~A9vL#gnjT^lw5gC$
zHuS8&_wXTKPWPa>i=7=?k+`Vap0WC2tY_z?5B2u?;lZg5SybrIezuNoc=NB5a)wbg
zVQxE%u)!Y}A5~os?U0D~?2L>FLv7yAujjh|LS2BZ@i@q{qYyr&877JJ8@*fMh+V!h
z{huSWT%yg^sh&7O$09KO?%l6SJ&)=0zSb_XH;E=g9CU?l<{n#%lAgbeSLdE|4o#i7
zxSRi;R(r<kZ2Za*zG04Xcjk6pg>&r0cI!-C{&G{drF5_R)z6t6Lo?d!=;8}|P%LG4
zwsbQsef+2uF~<>HF=+j*x%|ljB@Ruk<Me6p>AL>HzikM)<OS3_#$fsb0qX8vBhAA<
zzEMQTAok%zr|}WjHx{b4Sgp?^ZQ3OEg>D3rL8CYtC{ZNrPEVBR#;9u5*|U6snZ*Pg
zMErK|KAE4t4}}mevRx60_$2Sti4(Yeml4ZlWn@gv&7<c>cFqk|9J?XMq(5fm?L7lA
zBCl~s^~O6R4%*n-QuhA`Dp&<-P^JGuLYm)3lCG_*g9Fgy-Mg$$%5R}T+<a1<^=<-t
zA<JhU_GCRqeJCy^l5iG&z9`sic4Up`gv$yJ`tU{U=CzyfEmUfyzj*)tHw3z)A^eNX
zj`bsn;^9?D`XY-j-Q?fVy65p1C=o$SiB~fgl25pI)$~n}G7{bx)EYWtRJM{Cvvcp>
zBMRhmVT?5uj|9?jp34JYoO5ladV<gD;^Dy}=*42Z)uM~wK%66^*!L?o9+2GH^(p<K
zH%aPLSsClgSoEw&^wZSVr)oJSjgAnO%7*Lz3R-ovlz-<pdeRZfe~?wzBab(Fo9g=X
zx2O%gMTVkjpb_IG4VCcDSMkn7S2s819oI!P_B)v<jjPF}KAm0Kk%CTP2j6MWv<I~A
z6uAbM$$S~>e*1H(29w(N8NC>Ok;Vw^(&C)9yVv&`HpC8eedH>C%)v2h-@NykeiP>%
z$LbDyFC}r4D%T^LwlivuF@c1(<lylZf}(5V=lcmVseH}WzWlWA9#qvdgfNRlY5~Ti
z{K+8n|Mv;)4J)gwcp5zGPJ}dB^d%lp?A`fQfWq_a%L{q3ezYg$EtSB=ph6SLmBkD9
zp*Zss9t*#q6iU9n{Q2{ZA4}G&N2CTR1;*ZvkExe0YbaOHB<H<APJ<@rB%G<Ec<1U+
z9CORsh;Qazv9+g2B%@eDZw!&s;E9%(P`R-$V(L8i=IJ$^;M>*J)s!wD)yWHg3AO+k
z^JHjuYQlG74>an5I7RQ<7lbf?ROdjL?OOb!JW6M4kl-aOD7XS`=xh<Kmhy6OZSBea
z{(!DT+VN7$`_kh$rTRaYx2#H1)c=OE1UKv|_w>kTfrMaUSMjM+xtj2mu&2qX<YgIx
z1{bQo&v4T*3f||X<k9v41y^Wzcv2~3CSaQN5z1lElGqQ4RPs$xO5^YzTCUJ`wxlMk
zKE2?-If5SPAmT|QEb}VVX0PmfIf#->Oee}lQJLXL#_+}6TU`%O`aTEfW{~{mRCzmp
zB;+ki`a`qKQ9Q=Vis=CTZ9z{nPZpZUG^PSK4$cKiuN)fM(OB-zYgA;@mU4{_CS?JM
zcVvCuEGz^C1X%nQHW?*ldwHIPqAR);lBjmnBEw@J<a_*#ZRY9G6aE;-8}<Gv>zSAM
ze41T8)fF_W(ULDE9cc@Hc@RPb<Xw~1f&{1pLIq659aU6R7*y2AV*^evr}r0^vnCk1
zei~Q9G43tpXLjSKX<{SzODGbjW)^4-`%2qchP19MEmZv^?yo?N|Km6Hao#3o^dJCu
ze3X10Mn`Jhy(9mHuLf9F@_wj3_I;nON5DCJPYMc+c+Xg?--ZW;ZwX2p7oB?{#{=V}
zu$gXJhSaNA#eWW|AEUjGd9yZ!Q9IipdR!`ol06sd7-*4ch0U6{O0^}c#AhOgAp9Rq
zOM}bK_wP7gu`}H%%Zd+x)I4qtOj5uaG@kq>=)TUra8Tfi(`Vo$C>=(?z^*@BJT1&k
z`&S@;G}1S<Q&o^B<u=R;3?r*c%gf7A;d)avisVrBT}vXg3RWs9T!>xS7m=pV5d{eq
zlwba^Uz;X02cB7cbYARGJ#$skFnwOS=Dy)Wy%LsiY=SAFeKc|k#p~!hG|n%hUwN?*
zpS#;P+Y`qMcEaBw`R2eMU)lL=Vgl#%9`<C~lJ{F&zI-{&GmR%*d+*bZ&H5`e>T4Pc
ze2%iolJiue+9)?qLP0v=mN<2Lc7>ouhzEL{(C5a)dItIQ7q4C!8CmEAkCRp_Y=Hfu
zFnPofL2sUZP$ndXvKihoyT)c;!Do_BZ~77aRR%iZEL54$l!$7Eicc_c(D6B=4v1Tw
zUt6@^DP@s8^xIZq?I{yUfO49v=QdRL>yHv|wl=@66D#|ip=mlqDIJk}(RF`>_~sp0
zoIGfBCe@Kv`gh?Z4RjiHu6YTElnuhN60@_-vwP!reZN4R<0IAWVD)wVYHMrjx~=D?
zZ4#wK^mGU+_NjagmnJvSxrlvc<7`d5##7e^Sv;T55YZbkvz?M4_TJN@>&;0@s$wGV
zYA#_D(TsnPW8EYb-_n@$7ou$E%{-P>HnUT|hc;x+2@+hu5sXVM1;k}#Yk@=|n8Q!G
zt#{8)SkznzouOhODHInMue?05W8`~8Te2u6wYa*w7aU8!?xo{~f(vaTi!rS{&^<ZQ
z&Ox3QG04(PUf%l~ArXQ)#|jH69rzDu9$Q^1y(eyB1>c3f9N{$07OzFyQ@Vn??&F)!
zOSBe9fEa4?<;(Q$`+QMOMncFL#(Vk3#pqB2G)N?lZLN&H2ccC@QDjEj<iM<cuDEyt
zj}rnr4c{$(ESx!y8=ijMfNQK$Nz^x)<LuCH7tZ^4@1`7wJ`eo{-YU8j18TIGtv&pi
z={Y$v_lBNQ1PTu<2l#R37Zjja`!yB)%)3pV_Kv5A$6@$ROl|O(V^;L8-tq<+JU-Z-
z0WA|9gpwHw3fk!cz2C$w4Xh1dkYbP--LgNR%*G@<{1ckL)7y_2NFGQyXV^R@`uBWo
z<%>9DlrAj!?gHg}b>;|4B-6Qj;p&j0?N00G@U*gBt$<?=IeBgkyEg*kqcdCAuNKON
z%uwWl5>$O}u?WzhJDO7;6ld<!6$qttSE#@a80})x8t#0HiUJ+N<77r|`=i&jn95CC
z?7W1J%F`841tU4c%?(Mo@>(P)c;$8F8CmAXrZHqD#i9FB?&7Q4J<BrSz31ENDvC$m
zD^SBOm8WXT6JE3Cdgu&A-oA=gRnB1zZx@Z3fTA=52@NsaKSt=csBn;vmnY!4N|_i7
zc!|_i&}VC8D-=pxV2SkJSxIO-?{+cshb@P&r*X76oxmEMsO-a8Lb^xKjdHQQu4ia)
zIltX@N1}nYvw6CAB|~-xY7>LQuAZ0)knekWP+Zd>sx~z8^xDB;DIv|W5aI|geP1|z
zt)S5zH52lF6|MOcw!yP(Hg+YCHEF%8I=8W%q_b1BppW3@<@_-Av1^~1i0u$3)wT%r
zo`ovaHrSuEUbxT`lDdKSi;7jXO!;%_364q$?Mm^odx6LJ8TRN9ehQ1(qzi9kEhmXO
zanPUX=;(mb?B{n=!gcl@l1E#K={L1Bf88K5({J(A=#j5<-|f1kbvCckeOvp+^zMj9
z2f4^CUYjWBQf&H$?zIVxf7V?sSSEwSpQ5cf>W0LJ=5dQFTlG4EPo4%%tpgN0=fdsC
zHb62cnaTLg?9D7PEBV64J(D~q{C0QQ2O?_Y>OtO|Wy7XTo5qEwgW<+}h*#I46GxDb
zcF!fUH_*F>jn3<WUB*`>B_&Z>JgzXNAD1Ax9*T|i>gYOPIE5-zeeY9|OB{-l<NGLp
zq4Wd_khcY-gZ5C}qeFjdTxI_po9tbD4;d!TP`oDBU;nlGM#lPhd=E~5lA_{u94_8<
zE(Q<e2xpqmL6PzTe1;TPQI0yKsQahWzs%c43;P(sD5)SBY3Vy<I+sne_(=QvC1|Y~
zQ{SMQCmdus&Z}&mEkGPiR}X>~1yJuKC6+6wW!2J7_Tzm#J^X!7E3|+!6#{NQdGdo|
zN@L6e(b6gWH`pSE9LC<G@mq>Gl+Zk1(sdvKA%KVHL>1d>tWOvTb38}wgX(EWx~04r
zc+$8p=?*CrV2#)3annD8z^;!$6gRQ9Ezj?L7CPAGWn9iqiuXE?B7KN451O3>IF7>5
zKAlF`2Lc$RYOljHc1JW<!r%n#wXR&?-5j|U{$kknx7fwBO4U<|>J0+R8-m#cV%|JD
zUnjOdReDIMj9215?0me~6D-ls0~cE-67OB#Reu205Crt**Piy)>r5`uJE)$`6{>k)
zS&pgao^ciiE~!_-U-WbGBwbXAS@IkAUn7Y=kw%B^PG7Dl^QF0Av@c%)&vh5t*x98T
zQoDbEQIDX0>^IzxzHC8?!B=--LOnSrbSPzhv}LDth6$CvJ^!69s1F)Da1`Zs5wg1}
z#r;Wyqq$vZWh%@BG=@lOgq*HW5mi5iMix<Ro?ViyX;%_6=lU^w7&43yd3y;;)hHJI
zYGz*SSRoNSVYx=_(ok1d2Z7Y;lpI=buLl#4A75>6H)1DisyMbUsToR8*8tGmF+@{U
z{6%q%GL;JqlDJ(YA4=6K*Q!OWsrEJQth{BG9Jtvgw6$}BAW_mOBihQb5bG*ulSbbp
zr6{IIoZL(x8LCVU1{e+pNfr;(u-Uu2?$%@;o?txTv^{#L@>KwHVqSe#xcsE4I|qw9
zD+bv=4#v|`4N3QvJ}Mh;E(|E6a=qZXu~m|Q;o`R=Z>V-N9UuC=ft}yrmz1@&b&*<I
z?;0wVp>30e56^j0s*Cd;SMqI6KpurzBch0vw1IMqP_jOG332OAx1@{INld#4!CX$g
zGBykc_A}{LRaH?+eAnFpw4P@4nAW7%&J*1QlmJZKy2VUAkJ8v+0R93maVDp49Qqzb
zT7;e@3LNiUm_uS{au{-LURgP<<>g)wVw5Aip*_?^@=i1HF3di1q)v5?LEX6jNG4Kq
zB4>)-(PQZ=p^%z{<%<uLT3QRJ^Z06g;VS|;$H)Tu62o-8sDXSL(i#2VKf=d-$y#BL
z$}h9ps{$K}<`CEyz!1gHWZ+3|i#Yfh!J=Ox<vL^`eS5uYjm`kVoqKrpG2UhujcBr)
zm#V~dh;qATQ0z1#OV$jn^%KTGC}cAS<6s9W0c|#Jes$?!&j9KYG}rp?4hfjY#l<c2
z|Crylfkdy-PINdz@D!sA{4gEdMv>z9y8g+P?Y``fj;-4ox;Awi!JU{&bw{7zavNRX
zrq#JB=QA!{ljU(kN>H<GL9N089K;0`D&pv-Z1w~9n2*!5oonkF&B`HN(EstlxO5F(
zm`zGnRh8>i?mgL5y)=&F+)Z-hDv+V-mf%kF6FKIcmA8lHU_I(*GB0F#^BA&TBTJFj
zic>FUp!GK(jLQK!2d2xRucalpYZO8rIoa7>PrP)!u64x{3*Z-w$HMT+A~ckom3903
z`x}@VIxxiBSxR$_>j@+k6$$jmzk;QV9ty~!q#>4UJ6CH`K)-HE#>&S&F=LW8W7Wg8
zr(+Yl{qLW;`GJVW&Xnmzf^)Jp@V^gfq8YVtaX2EXlj^}hILW0xdiDKv<|M|_3RXYQ
zYX^>vQ)!zL<;WpZ+Cc9@leBa&nc2q!w1vt{pl!IoBOp<hWta5whuFIjY`KHw6Dh^1
z{TKGPkwwS?l!CNu9g_~V%R>O=^L|G3o0{JB-Fu8STFONEfy_{WhpUyQ16o0@u>LA{
z&Gssu;}UjL)2EAzE#-S@<h>XM;=aw$ue!2iO7seiDH)H|lrhP-hwDUg+rV(J2i&mV
zTwXrDuSS>6Xg-O36@PN{=Z_zADk68{+-~!rdX_VVLTZ@r+1M>-*hsxUmw%s5WB&RR
zak5LO!g}?YK#4fJg_9Fcl+lyb;WwB+YXprk9OSeSlJ?o1_}1j6J@a?o5sEt+`q1Q*
z6lk&R#j!^HlBOd5VW%Q|*>~b|(Oa{)3u<S%Vak~nLuZ^dSnk<+5kqUte1K1g^6?BB
ztd)!R$@}zSric8{%gWFzTd~E9C~2b7noC78B|kS*7*D{kb2`I})8|_#qmCcO-<bRu
zuhZ@mNlv&lEUBI4GalJ|UQ%=m)gcpQRwloy2`cAu-D`pr@oRytLlQrCCrl<@L*d22
zaucFS243WwZ{xr0DNK$uKV7*tTqr*BGSHPGe|t7%mC<r-A!esEfdHy727=4@C&b-@
zMfayuBjmWX({7<-X4t}7*=+<o>h!#`Nd!^JXpL*C9KoeMrTpr~Imds`GXHg#I&hcx
zP0S_TeghMN95)FNHX_>Y-EZ(@HkWB{l$U38p?x=p8BAnEL^ZuKE`V2+IMwc242VgV
zFvrBq-<z+=?IM$`5X%X4aA?~po{uj4R$Sr)79LmLY0D#~<rgT%N))i^BZix<5+v;~
zmUj=%@Jq@OPVNN;L7Mln8QRN2yc+ekaqIatiUR3rndHk}3out>;uBb<mAcj6Z}C;h
zQQ%p?EYR3Q6?1u#hyLoEl&c*Fo!Nb4bjHV7Hp+ySD{XDDkO5v^r!~C=R+&Xx1a^&U
zllcKDXv5tgg3p(o_hP`XB!uWZsnavAUDF%v?dy}e+0#=6T$cRB<S7*f%1`5dA9A%e
z0B$g}es#TEaR{MFrYz7xigo~9hCiOo%a<?b=NZckrZHr%h}^n$>s;EYok=;Se8Myb
z^XuZ1o?nUI#m`48d4G1sXaKpGVx)&@L}4Ot^2PYGsoU9mvu}3X%&+h$Z6h}k6hlky
zTbL;4hK~n@7Iv#v<d4&I`om4G-Y6@b%>o5W_hF-*_MBAl?1SaX>P*@vXY4U4S6keq
z$?UCH$;(rvKqL~!Lqq*4YrD85*fx#72{kkFPESxO1VQN+YiCpKNlx3nHv5}4KH-4Z
z-y;mj?w;Os`km$rHUgQie<SsDZHD^?K;QGVzoosxy0{L2k?vN(5V&rC;F@y^P37E^
zoAYut_Y`T@%>4R=zTKzqj3e`7o~a3HYHIKHJ0%;lM$W`vzh)5Jpi8_~`)>3LgI?AE
zl?7pt){8!WzqUQ^)H#N7QqZtjj)&8*^CQy;f`+K^q>%%sbAW8Q?#s#>c}%LKr4_I8
z7|OHHMa~f;<#TH-_ltHi(RQY_NmNHH&Pbm<r>oU%zrBu$$8241X=VjeB)x`Ep>#;S
z#qSUOgM+J>-aww2Pf*a(CgP5zuePkTu5#q<guk<}W3*H6IYxeN{eweq`V?BRM|$=h
z^X&%Ax6uj0zLkMpRGTI#<K3WU_ck}TN|IeZcmvhX(ut=5_#>C`N3Wuzggx__xZl4p
zI{b#qg@8+^^O+KBp-^v0kfmA_cI2C2C5-2PXLKpc$;nAcq5Vd^?8*2c%`W!Pp|I50
z=Q$eqx9T=b!zkVX*7L0lSwnwaf6SuLeuV~^9)o#(Yw*Mpa+w^<F-X{JX=@u@DlFs?
z5F^Wmz1sua^<FCnU2O~!IS?EfD``?6Bi{)aA9ZT+(E@kc6A;h_tddJOgW}=iMDNaY
zz+iNmAZ+1(J^nW&vc*r{xUuN~{k6!&an4;FjRnpc6lKOuKS&A+OlDtzvEiaHeT1;K
z28&*Al?oVUL)5i!`k|jJA$fPhfd><d@&veHz%<R!0ilX!Ge`j#f97QdZ0Dk9%jGBD
zQAu_cPuI;#V=lt94$V9W0in9$J5~UQH9Pj7&Z4CanU23Esi+tXJ8WE_$f&4WLKq7e
z5=)iAPDwJU*3{BM!c6aY?dsur7U)65NM}PNBDX6iFqiIE<j6NJ(p0V<ATD5J3SX0Q
z8Q4@BHbn&Qz(}wn+L8RY+z)!PUpN*MFc+qbFW%1u(|P$PdATOl>qjm)HJM<w;+qEH
zf?KOl<AJu&3l#T(u%uf`*&&G*eU7FoZb#bKF9nXi0$B9;O8D9szEd=Xzkk1;F$y13
zlWgBZ<HE#6oK)d()cztfPKWBEn#ZZ)cd_?gX<7SS2peQt3DNILTor0%6Y(720nwfy
zJfNy4Fpbh>Stol@i6<%w>9EL2_SZ}mHQFnCzIy#SN$W0+NB2@!ZKk4=p?kWN!wKuK
zPy_CMS`K>uL8HD3`s#A!W9G!5l#wubzA^nx)_|8IoDu}m%OxH2m_rKLjz+98rW$EL
z+B9u7`e_>3Yw0<r7H{2ZH`Oa+Wn@jdPx4P^S8o1&1I7VBe@w#VQoGgK(hW?VJpF2~
zIs6qS?cgha%s1s6<{z7*=K*_yP9+igdlc_oi2N-pODOWLZawyHQ-Y>V$V3ZmS`PvV
z>l)o}IMj11II_ZO0fd8ZIuochzt4C9=jn#=Op-8D(v^EXw4x4g(mQ(-w#8GJV(1Kk
z4f<MJ--eL-?1zl-r5`JwFo86Cc8oA*-e7BM3o1p9^*C#N%7p+7SugK>maBl4$b1Sd
zqd41bI@x~ISn$V+`t>7bHlC;S4DyE6c|oe>vrO8nm3-}lR{)&+W)0L!4|<!Ayk9#j
z@*TP7wBEtv`@DUwue>_ByxB<(;LdfpS0$azXqLLLX5L=DHJS0~$&<Uiy%V0!+{un0
z?DX*T1PJ2Jq9$at!|s%>R_JsmLdL}8q-3rONzI<qC{(HjcET@bW>iqQl|HVJoD<W1
z)U++B=Sw=LR9=9uFZHz<vMnoTrwKS)`_Gj(<j!YOimOoF&K1_%_Fp}CA$gieX`>`_
zY1(})otz4<UcFjXC3Re49Ql|3lbA4P?sd$*>l2r8>3pZWd%7-VMCL>&631??cDux1
zBuC7TU?zokC&-+4N~ou?uelmk%Q6>h6nizrGyQuvCs5yc*F&zuu3_UZ$-b1X`f&-|
zSFc>riZTuDRL{AX{W3L)bzgJb?2~){D#=DY8N*D-yS%lgT_RVP1D`0fva*JKO`9;#
zuxbxSLSwt!kB$bmtPO+L8nin<+>B`p*xjw2;+6NICZ>%rPDgep>>DkQoKzNP<Z8Y!
z!==<6)Exreg{Ui=j~;P|F~#rk{(}cGye>Taoc#;+M<R)1n((VSN;Hpc=K@z3eHfE`
z3gM_YqhvdV**+F^MAOoaf_6`#-~khw{%?jfHzOn^j7|hFU$m!-6+d#X+C-8@_M-h&
zhQOksEy;503lGxx9gSuQCR#PI$W`yVF~m0zuPL9#)xf;GmzS`|P&&QhOqOaJO}+AX
zYD&sBclYPl$?z;<<d((rd<n=dMNmXc?1-utn?u9%wrYmRWJ&FNW48Z>-r99kL;TyW
zUc0qdes(#X4gP6rd!Ige`gHr(y=Lv3soQ?O$>w@8kIsI)EzGx+_d-ic=#Ag#wqt>y
z$UM0bw___UtZXkgG|1<cYhKT9iTJ{lS;1Sxnf`q4+uO^}W;K~6I%!;Jc?~Q!>teja
z<nJZ2gVGdMt$&fML_6U9+R$OT>Oy3{f{{D83@JZ31q9OdD|yGg$rflfQlyl#dB-)-
z2fi7qptkGw+6bBsK*Zk=LK{<q925zhtkZG71d}qYMdB&y{-f(HX?Op^cm>k{&ILf(
zpNGxGVE!b|e5aufAvz^<h{>&wI6gSYbW3fXBZ_xXx|BXdcXbzE`~umdi-|t6^ml{w
zOUF7SI+)|8vIx#DE@pFoM|T)d6gn0i85tQCX4roAtP<N>XFJYg=E+IVwTv#;bH?zo
z^Y3deByDZJ>CNgR;dKqClY+>*ibmKOsDv^wF?Amm*j;L8ulaybpKD7fIL)R|uY-{`
z(y@<u_oa*i2|k9Ad5sR(x7$WG7m`==vOc$<SVhpH%vUYwJJa+#5-*;2UnG3FjCfUH
z-YPN8@&w#6T4qQl!;OywJBTAJR4CxlAG}_poEyhZ)+Ls_DEic1rQ^c-F255X+WeYi
zS^+>w#~#42W%Y&3)W_3Q!BphrU%zqiZ&QV8(EFFwBup_b&5h-QHe$^1o!3UyBCC7+
zC0N7?FHUqt(M#>Y$Yr^eXVpli%gX<-IPH~ws=UezS2@hx?N#HK{EP@-jaG~Cn0bz?
z_seKCcoJUmeKcoqa99V!)^>w;N(6V6qAjH_9!0wF8yW}D21inHbaF%<wLU0Mc*Q|?
zvoq5%ol)5#KbhE>qq}1|qrI(KvB)3t2;wG0Pjf<9p215^x3zQ1T}(avA|fmW?8k+p
z4!WKqKMOVQ)TIw!NY7;)G!Ax5w=)tlF&Q$qn)ypI-AJLNMOYs~Lcn}Gy(d55X@?eD
zS{~7p%APADq9^rGC<4Ul`K=xvBJVzG&UeLk3cg2+3pYkJy?r>Vs<-<3p3fB>JC?HH
zHUExS;)Bj{+Jf|S1|TWAMAh$Ju`D23*n%p@dbi7`e_)_XkjqCr8YI@!u}h4LR{&+A
z(!t0l>uI+RnD2g_oEj)rPLMW+63mJz)X(+cNYNM<J({MwP5saeC`NE_u(&W2_2I*Z
zLHeQo8TuJaG8ryLmN4y6qa~aT3Cd)>Ex8nAw=Nl`p2j36IO)(_#^vv9F^tSUfEx#_
z76u_h8zT~)PLeNPG#w=!8p^Awkr~fFMt7=U?dH@EFXE{+4!q>PByRUvlT^hoXS_<^
z&y>s-){%CqthBUz1v#!t!pV?^l~qucW~n@Bj(N<EmodQTPa^0XF|g>%@c$U<T{G&Q
zHf|7MejP39^5R6nnsdFS=7QonI>KAp(dVKJrNAUBjgnGQ%?6>jG(j)<k_mQM+tsUa
z7@(l^FyR%^ofA~{^EQXbzjo#xOnLzgiE2l5F4<UGb`6JN6qa{9*O*Wi13Qr+7%%PE
zv16I`Hj_0YD_Cd20Fe+{T(9htae0XeVDn|K42N}2oK&c9k5l>wy-un=r$=`~GdsBq
zRw<eL`{D(-?GE2wYCAgf^ij2C0eD(7E-5t$k9Y1|ZyY(D%V<4EY1B0$lC?K62-4-H
z{SeQi|1MEXPgWu88J*@J%v%uq*(&t7^ViDA998W~OQk;1U%AvKeUexn)vV`8Ba&y$
zDuMEbhTEi*{(+_GIJKpnr)5xyk@SeTqadMH)Kpy8)SgypfoYnHn{a1XWU|tPKwE#(
zVr@*sJkK!EcCIxcpCDOJYiY6Tg%N4iAj~8pwqDt)`|#*zS}w=P1-3%EOLFqrKdXix
zU1VOV;2W<YjeA|WdFxgs<H!b0G$E2jb0$Vg$y8P5Lt(G}eGx7zv{%izd>6vrr6R#N
zbGlPKa6~%8#AxrQF73c4Z6D#!Vtk9(Zj!=jL;@fUJOWu3YYL6Xdw`ky68N@}<c}+R
zPQt52S~6>mEL<OWfAaG$bT)8ZEG;b!RYRP_^nKlxbDagf@w}L5AN%e5UU#}luH`3t
zV*5hl8|8EDJ_hzYg)I5ud8OV(26p-3c3jf0OOKX@f4lMWX!v12KC{#h3`e#J2ymp5
z!hb(|e4{oxYPEa&2!q>=&2gCv+5qFVBO6zph7Z-@<tdKF2~@P0t%(T;^k1i3yWo?f
zHP+^yM%tQ;g`mK`#ll4XTHUt~&k7HR!+ios=I!k#6maLNw=AZ?3Fj*+s|!0HeBe-R
zVYV%h&DlOdh|ofWcH9Mu-uWB94q$4#&biU#&7#*p&y8Jog;codPslkWc9wO+r~=47
zzw^Yz2%pm;h06&>FyH#^rR|F~6_T0PjrG9FIr%|xTZ<P5OO`WHJq85I`Dsi(>n)y9
z@|I<@MD3QbGYqZ?@|s{1BIBv7H>+I*w{)m9Z#NG9fy>MitU_vDMWy1Kd41^%>F73d
zx)DG6tNtnt<$U)QH6?Z;R=2o>I&#LHv#+4Kmo4&E??a4caU+VVT~P!Vfn9>Oes@cb
z4Ll%w8^2->&yh(9Y(p!E-HH~fh<8tlZzfM|94%&K$Y^i?rEzJMH%8XZz##siM$Mhv
zbZosp?>nL39E5>rA(@O_f#;alHn}!SS_@`vM$f0P^;|aFVo*Rc1zaRrQiwH?_sewB
zmb5j)FP)&HyTMKJ-}o_xyj1!V=G;a6el7m@^})o}OR|tUySJ-J=z5oLmY2a=53YLW
z?zK)gSx+t|(r~d4F`coEJr%l=JeAF?zLH@Wcc?q$7VXs%X7!1^;}1N@1Ipum{J|~w
ze`)a-ruOhJ1}XpJ&oQD;Na$jw)$6ukEKWbMJ)RrV-|Z&FF9LG|TJYg9@Z>>fSEeN6
zZa8?}b$uuI&XxzsG#gGj)?;?$*Vq3rj3NM@n+Q(-9Uu*d#J^iwpbAZBe5A}EGjE4A
zoQYhxrclV2hZSy_wj>w$??C(RqJUQ7GR1UOC(7@n)lCGz=F=vY`$;Miswc-Aw$v?b
zR1N_I^9a9dl)}^;X8H*;^ok8Rm7CEeOh{L0U6$JbqbA(EGs8GdV2_YNEmX5wFKbiu
zVZ#43g8v@0n7uE75{v4`wtdR-{J?!;RPLJB?rVVJczoG)_deC#6GnXe9^<Bql!Xb>
z)qqQ@pd070LV|Wv)S|1oxWmR(jNC8ar7_%0_Q%W>wYhm53x(z<pm_8Pqf~<p%E%i0
z>1YFNRa$(-Fy@yTXJsCe)CpC*bE|XZ%*<TvOw=#o(avdD-lb;ce|(+H3>;O}`naNv
z*^=fL(2+yu5oQBz%av2^2@_vT!~sO2jAeFlb$PS~IPlTb3ctj7VAs9|ty;%-Pp-Tf
zYcQU|<cd$xHBYwavmy_2qyO~{XWMGdg5|Wpf03}kLGXAMWd~^UdC3BqW`hKZZJp0M
zyt()XMJ&=^dJOqm+nRqF1PzrFAMY2P+if`1{f+0*9_pmmBDy<656UWTZbh1U0ZTl?
zL>dZb)oy-&*1o$8uZgd@Z7jpPcNUx$Sbns2ahC`A%oVSKpQ)aADd)>Js!R5&SAi$x
z*iA)soqLt|pFfAqGJZPjhorI#^D_3&-~499DV|rpWvzJifrE)g-TLauCdchBdUIb;
zod%-~J!xCSeEz2#_V1S0LTT)OA!Cv9hHJOJq>7y2(>6C^BbSBK7>_P`9z8-u)2k4z
z|IW7{Bh|ivD(Oq9TxV^GvIT3S=G$&FiPbaAt+}D9JXT9MSIe93!*TWC>#}G}MU0L6
z%}X}4=7ta$4;*9hB1Uot`pH#Ls?zznyAzehHH-$Hyo2QB!ov=BN1Sp)Ce^8hYCK}f
zhl%@dqAi_p0M7oX-oY0|#-a=e<-M0~08K^?Fx6Cb&dP48xGo@|8`*zRZQ`fy3<e2X
zaaS+|&)Bdb3yxc8u0pQ8P3I^*9%C}N?5`(N6N>`|@IzQ9N>OKI*WD7F-M1j_94Ea$
zI*R*JY>SyB06_e4jk2xNIgjGN%J(OTW7sN@oy7b;;2juyLsYk8wP1t&>Cn@T7)<`A
zfMwsj;nhWTX^z4?Z%h=zQF>U{ixTyAsn#cq>*i!vH_UI3d3h{ba6`-H)W++(*>0Wc
zMnv-NpGjDA;)&{dHQQx--=I$&yMnS7b{--WZG4q{TXvI5aM<A<e8sk3grhe8C&p0D
zz<1U^5$NAX;=jLoTFn_Fo^}Np0cTyNp;KyKls?ulWzc5WPRuu#ZAn(JXFIaw@HNh4
zgSuBOQ~HI`s$(FsF8q`Vskr6MAs2Cb%z>ZJTtk54+&<#3HxD--9#QjF6Lwpam&ko3
zv?1`F(|cGHq2pipF=J}r`MM*cUAunYHwWsI0pH(pGtD;CkDeJH>MEsfFlVYOtX7IF
zaNk+D^*j*pi=YpwFMy)3Yt!$aU!Q?TaULBJZqCSxXs|_+*mp1Q0S(fAzM<f5rGalN
z$0X+~O|yV(Z2?AyP=<gQj4c^$sa;EhGhtKcF`hr(zaK+bV5gvmoICvv$#;i^g#`iz
zg*){ac<%vx<LTfp1cQwRYD)w2W0*K(@~$)E?gup~2E_l3SGPsABVtt;rSJhN3!cc2
zK#FlP#P_!wLh=^?0bl~*tC}mIB8k6ZF$b!Y^du9uNV_p72V1lH$i;)`6c6B7voSG^
zF!EPg6h{k~+)^QZyPL#Ikh}jWYg;GxhYvq*h}xWLuuYAb>1AQ3iab5Vc;XcKfMz9G
zYbKNW|0AJjP_oJY<d<MC%FhQQ!y_a|BiUJ**U4|1ImO<GHm610vt`f=JQ}dsU!z)5
zo+Dy>Hhy2_=C?0JLWMaw6L>8q%(#ZF_DrPjt8`b;4kH_6<%-lVIuYIGzn&#j$~io3
zrcP+6lDO0Fv|hx4%1Uy_#nu=z!IVkIq(e>hp6wAasE-k#6-9Zfwy=5GyAv8!?>X=v
zs3iDEXn7W>F7s>3#Iwi*4NEvo4KUwRIu$R{t1Vh5VUT+6EjSAJIu;*;qO*T-TxE<e
zLt#NaMnOB0mF1N7i(PGUf^l|jUew^ncI}0KU>`aZEC3zbw~PMeEb+<g2%2&Vvn%`p
z26nie`!^QQD!idgY~|}#QQ|B|^A=s$QfspfHu19Z8zOMK0aDIm^p2Jly~tum)Zj=v
zZl^TmFpQJE?;YHZ2mzxoTX3FWE_N;-ahS3#hZjO#ogjNt%aq()%*0X&OE`#$cw+-L
z$P%1oKCi5dS-AWig#~_G>Y}#Ta>Pk+x`Xka?}<LSbxFntIQAbd=2kxWqnCVh<?rqM
z-}S-&@7Gzw|0+4lMP$H5Gl;%SyNNh?ij%fQNqVSSWKGC}&1pMWn(rsg8q`+s1~t&w
zsh?ID3*lH}O)IuHfhfAS;z)^^;4x|iGcz;oLBe?6=8T@&)M=-xLb)+MXE(zIY+)T&
z+%_JpbAXAod-EBWwwfE&Ek`Wa<f=WZEg9Zcvc!nL^v*M^ufJZfRfK)5o~bIU78gyB
zLuE(fy7j&4B^E(;G9SLTHYRj!A+nie-ah*A(>l}R%sT$geb<Va3HST<7Bk#oV;s}T
zzc;|+BmXF|Jjz>k=fm`Zg%ZWt8TBvwh;7$GXA+m}MfGN)2g{5mjbt4COLkn3-L@es
z>VaB3J>5t9`k0&pc1qMq&!~%{<L9YA#O-3*{2HkuaIn5q_Y-Y>=4MjHovoSbE5%)?
zz$nS^f5%1S#($>D{}mT0DKY26J*9%X6$K7I_)n(UIZ_SCuPu!<avpoQD}PFs#cw)I
zkj~OKd`|cM4AE}dS~kk~o^qi=a{r`Cesom!2dUA(^mcOd9@*y~>W{ZGPH)wU88cYd
zc;PJXrWDjRuFXEQ>RXH0G7fEg;B5V4aEqyEMV_wvZcS00@_b*uC5t>x6Vr8*l}|FJ
zBpP_9w9Ajom1mObD=qQ`*Q~Llvvsn&)tu_<A1~td45@8T|HKD9N`XByu+O4{vTvv0
z_bcD1`*pE>Ne7j*mO3}b<vQL&3KV9qn_=OuG(Xj|{iJmp!@P#lZhgqB(5@_%F$(8c
zS)ej%wd#~QRJvh3;le9XXV=p;5_`g|BORNGwQ;4{30-^FlvJ1Kl+=}o@~Cbr(&szz
zHHO~#!e>LT%0FlNj+e&sKefky<(<E!$loOOw=!X6q5N!@o8vUI>Nn|FrYa4+d3eq$
zu+HSMk@_w<1G8(AGSV_4t*#yAOfNHiu9#{Z3uTrz37!Q?8CD;!FzM{5yz66@)pkK=
zhjg1Ybg#)7Mhdr{TDBaiNzT4hZt~d4(ActyfAXrf0sYP~!>PvgF3mrGj|@ts?R%Ry
z@W%W+&7i}r3EkZtrOM(Q8!ZA&MIE>eCaL6Y7(K<=lPnk<u8uiB^|@SOq}qRD*H4xk
zHYSYn(vi<*H<I?R=3SUM<M$&rjoGfud<*mMYLmJLZR<kT$E9X&Dp)wattyZ~IHkm7
zR)QK_t~MEJ>I(#|Afu(v4~s5@<YnlcU+>vo-Og~-AURK!b(`|Cp&E-~zvHcK#u2e}
z(-P|?CT9vHj)~xS>lR5>-%)&>WBuB)Z_(E(-~U#inQrX%&S1N?;H3>ols<#fOZ=a)
z;&18q&&RJ$qWtWyC^r|7m*D<5lJ$}8#AeqczGCEo`z%o#4pVRWmQ1-JpZ<>;g3^mX
zWb#rIrc<k!KaS6~2u+6kd}44WS@_>Ci^{}$e6*AD9$d{B5>OZcTvij6d6PFOdzCP-
z7Tr!g&F2-Z8Pz{;0dL}IIY;_fX{es;;;tX58bM$Fy!}`Ix`}^32z3%ahxUjYrVHTN
zf4<B=ZXkqeRhP@vrn{#nqq5efxbjg~#DQ~l)xu97^iisvWG4H&j3@pyP-vl&{__&E
zqW>=+>g^`WZA8R)FphN(J*Q;K4+3pq!(oPwGQRx1$Ts)*pG6Ud&QDM~7jY}2W}y5e
zr5Q_bG-%Bnuo=JGtF!pO-ZRsIw~4f{U<?AO7>)W9^s*V;YmH8CAZL7L{C5n(mnyRu
zI86yizyv05#QlbMH|(zYIXSxujt(t+`6;#>VSFZ!@`S4mH?H-d`_~V9qLKKB=30*<
ztl{0fo5?4?{w?&L{i*p`S+?6e0qBhu4@@!mfDdA*=&$Q<AanXp*LlNx>ju&{&+b!n
zC=qU`AcethZgZ(-7*GNbFdm8R5pQo1D^L#j7}kTP!LIGk)x>|SVM{TnewF-2#arX~
z-!BLM)TjS?X}LL3<<6zP{ENto6#52=rQ6}Dw(Rl$E<Y2x-gA9X3#HVe$Jv6gnp<$}
z1<0}5d6_N049J`RzG}JsU}-4Uw*LI+GB71rJTDEMcqXE+eTVT;T>PKr1#jWMk7x>(
zH|K>VzdwCGyqll$td6k$WH=!ymMEzwGezEisPq5+^B9nSG>6Kc=T?4v_O!5thQ^<k
z9T}R1<?sn|T>_<@=P(T<W@Kke=VWF|?u=<3P~QLe10~P=<DhHuP#wMg;XhyC4ZbE{
z8Qi!(AK<@!ujD_6tS>pT=>_#)#DMglzs;UzB<_e_?@w8W16xGSJr>*fx41_K(E0ag
zdd8l?B<LSsANRxNe0F^0-dn>H3|Jfg@v<Cvd$(|yga7A%Cp{DWzkY}Iay$R=YBV@3
zVRmhcd)dT9|L09jN7KJ?9iR_x`EykN@!Nlo*8jY96>rgXEAf95^_~A*=AMc_@#5bH
z<HsO5w=Q=2k@id`9(~O)zWt+D0FIzjDBZ^)C@4>%$<}feN?(ilR2w3nMr0gwX1v@;
z)f@G5HPW%peoq*x+zPG)Gftzg16w$Y{i=^JVQox`i!XFp>)@9r)!F36)c$%2@t%Cn
zjD1vYs{LX6`w8-jH^-zhXc@wqh=oThs!tWxi8O~c4$aV$G%u@FU$Vb5Y&#eb>-(A*
zWFc-4Gnrz-%bM0s?H5$e#YnV+m!ySgV0u1>xyGd9)ejblHVNA}Dl>D_GzEJl&7JC)
zgRJe><rNZ1XB?PBwd_Tm6Qt{D)Xn!8zO)i;X5)C5PHPt)zb~X=uE-+aH_P#Sg0FKt
z=eh0ItZs#|aJa9tB#^|@_;#}X2~lg)T%7c*To3*u8lI=~Q9W%hS948|(>?Zjk7;=D
zP2A9iJ-Sy9`1>Bw&rAPV%BmYvcDu95s7%~G#oc1@_s#fx$`Ts&^aLOuOqM}5l3$x0
z{Gjmx0-E@6FXqS7)z5R~9EI|2DQ|>s%|`z~|1)dpj-B6jfkIINz}+mj{j*n6vd!x|
zRK@qgQhkkEBiX`~w|CSViGK8G3nenz6~1x061$?x;sb5~kFJ`8`ruJB_ZOV~N=)$E
z%IBnZYJ8JUW6!_K(u{jtj`Knj@i%am=@Tl9-Sa7zYiUbD516bI*zwwsK{xtcDO+`3
zk_~USBCGt7LqSsEM=O}*SAg!J&Ay}M>1d{4DI}FBrx`h$)ICC@z`)G>X0+};`t9k8
zymJj&^6Z<I{O=Sc$hSqd$ET9DF6Yu(OhgBW5OZ2i7lY&bU}kF;+p${U1XC~|uVueH
z$5>=9#AC1{enS(L3|WGP^;iY(l0~W&)20*#&I}hINH<S04G7t)8Hz<5FRRi0;WYM5
zJ3V|i<@Qc*YE8~>>1@$F`JYR_gSFRBzrx<?yT9b6Z@M#*tyK;?Ew(nf4&yMRBMnH~
z%(zN^y*A0EIx&1ZVgA<7XlLoQ>T)*%ukCvPA|*u<05}yk?y>H^`MBZ)s=uS>lL&@p
zZ9B_un7Gv$sl6?Yo@+{e3=*Tn@pg;jLjBksl~TnpKh>aYy?9R4&ds-XJ=L8w%D;5n
zNmx6s;&!!TMtw9mV(6uu=>uos+3qJD3XVC2Lg4Bu;GlA6WQ*!B(@UAVS_74QKEsBW
z6LZgaRY@u|tfwkfJsfPIN4UXpl_^Fb!bRY!cCZ@j(2#>;Jh$`wRi5WARP&E0w(6|`
z!#FI4OmJtGe92Y0h4eymYIsO9e*mHlM`uDX@=`FYsXMWL$1N)X`c#0wuPAG>Pdh*o
zt>h5(Gkf4{R&Lr*O{_F6awrF|hW5;aEoGswl?qrX)DGmZ-iCpB+p(8{rcRni%iUGA
zPZ|%5AFpO=*k7uDi|&#rT1{-dJZajt;dLIHmXnib`9gY)ZZ5}Z)j!qgkA&m)j(n~z
zZvTk9XA+9;tZnU*-I-?7%eQx}$KstpCn`(EPmN9u`S6=p_G|~(XL>cFd{4){1O1(r
zmL?|2;cDgF98^ZqPg<Y8XpflZiaBPm@a)EK;k_Lyz#G0rL-hx(D84)?TU)8LOOPjX
zO5vg>8AzIzyQLLJ43!%K{4lkoNyH3F(X)LSIFgIZdV6_Q)qJPbx!{{bs-so!!mYVS
zK7lOtV!cNjhkyVYSmQpb_zFW~(Juff&fxjryQ^|aOg0d0slUxoM<EBA7=O;<QJ{)!
zG}>;KRIpHQE@4#qN!HOSfQ`{<t65Nw4HNH6&MY?jE2eGj#=Xz*6#yM>&<Wa_L)GXj
z7?SXfs6D64mQbXPei$sEgdDDBOR;#>+--i&#mc(6rR@<+3dPvJP#IeIjQ0MD=jD*H
z%ej5w;7xPMSQRR6%g>Ie)hX<AF}p?NS);Wt`JE!({Q0B;Jqv6FT-bR#3P1q-XoCZ+
znNXXNcHI%!<J|Vys=4WHy;A5Iw#+oPeb$-x`kfw4OBhR-rP|W(@dDHw_w&sT4Dqsu
zhg@Ego>RZ@c8P5CQfYKQ7TkMfBc&4kAm(Odxy@@^WEuClzSMuDMH`NSmE<qu)r-e7
z#%JFqTUU-3JiC;8&;<Y=cvrXuTkGv9TakHkCNiRu1Ssp$8F~fNiPCGv9H`z<jvc?l
zSS11(iOaIQu9~bxPfth~L#i5?;E-Y4sH!>=Snt%}cr%k%N+d-qO5ExVd03P&+Q59w
zydKv#pM_n<Cw_t9Jval{1l9;1?=%o6T{`fnY4dphP*ox=v+}l<-U`VruZ0MgFy{BU
zgXj=yy^>V9Q^=In?U53%<xaJd<Gu{_LhcOGePfCDb{k-OeM^niMc^7!OwGl|qNRsu
zFESu%56aac8i<Qe1I*QKs+b@DQZ4Bm@760WXJ(!!dvMTX8pug?u*6d=^8pvnPh)-5
z-9gL5qlsusXVl3Mu|tL-!mV^uoc<J0o2(F&lbj+Vr8?2?fK-RSu`noUdc9nDX~=|S
z*~snaLhM7q19cL89fg|5Psj?1rxg_EW5T4qXVQyC(JU)HvYv2NLQKLbdYN<f38mZ@
z_{OeOQLRXBYX6@~qH}sHwMy}3xk5>gQGG4_8;&MIS0hxDqd-^1M2E8JJa}A52Rl|#
zpY5{wg@hV4su4r3VEllQ7v7j%2?+C5pYUNYjl204d+=yhS|MMu?&~wEsvSTMSO2bP
zpDjp1@jhaHah=5?rW%2s?_b3WKYX3=SW#}N+Tq3TpYP*9%{l}!HIVW8=q?ifkYT=^
z8VB~%KjOnfPb9bV!3rCjM|%XL^Nfk!etWY`OtqglLkeW9A0mS+X?Gcdx#iE9!Wm$y
z?p@8qtKf7!Hb%Q!iBnacipW$RdP+COvD!i<aHJX|%q%ObaMxX!wJh_nHfPg`zL6+>
zI?QD2<@hlzC8gp%&K&Y;I@?^vQuC1>uUjFQuWjYd3#fFgv4VyHMS(>+B(gB+SRVCS
z-!x|>;?qYB5z9#;gI~dq#c&M0%8UM^)Dl4L#yF%z)J3@NHZ!I~6kH<x0uNJ~i8LE=
z{MGcMv~y#Ll-)M$iq2q18soUA<PC`o>m4d-JZqC$+x!N&Ci6KWwp3|*7&ik{tFtL?
z!OP2Sj-JNe;Qj{3nlZlGo=G8{Y|AQe04f|Toa*vsI>}B?F77@-r>$N-a;Ss(6mVXj
zN)&UBc0249FJ<NTQH_fY0L8b>m$t;@u9VT}1gD*6p<%d{J>wxS`)HB>^FqgP6`$w%
z3oM{o-$=R4M)IOj9L+Z$GoHxxE!=TA#1q2?<T2}C0O;kg%ei>u7YutjIXK8@0YOi3
z0?3S53F6LAfQAv1lzA{^Ko&f)4`CEg;X0Hr!<D8$dVwTwcg7%xBCw;2b64Wt9ua6^
zk^b}@(W2Z1oQOu3vsO1jWMLOllarL31=*L9J~3=&=2I-fO+mEYLYsoKlye~N$8)jY
zAJR7Y-9J^9dGO03av956u$P5XaZ5d~#};1#Q_8v0Bm*Nj=SHVMjCoDSt#)$OJLWv`
zaqvX9Rhh9SgAw%uluv=*=&vHAkyNyICW+aiWlr4I=-SDE6tf9Ze@<f-1+sU+OzoF)
zN!kxO-`L!PGmm!sUVZdv`@ypaPy%QSw}703XMriIplI*Ch$yf@TGlwjU^wX#qJ38Y
z7NE`IN>UTrG0L$6Mu6W<WfOJ7YhnEQrj<<x<GO-<twyiniPUo5;&LWuXc)O-!Gz8p
z!y|!=P^#@X9cU;`SY9KIe#JqTGGSn4y_qdg?0xgz@;c*G7B$;v&1>`g?-g%IOYoI4
zJmrRb9q{O!Xyv_Ade-LCf;v&bI20s?hdqs0!b{|iGdK;%K<WlEFpp8q1q^_8is!}u
za%H3)5^H8j$bFF)gNYNQi{ybPMyv%G?DQTO{qZJ{DIoC(bq1iH@4-9(Gg2x~-dO2Y
zGvHtRj}MMcfQ0e!GGcBwL3q!eaWc_4khVTrE&29L;5hwvU&lKaeQsu=@H>kgr1@LZ
zKE~Q>1O(c!KaiTbbbr(DQirTo{TvgSS5!IO@mEz>fln_}ac$@H@7BM$La7Ts98CIC
zYw(5scdfx=#d+@LCr18*2TP>FvE%^p6#v1(K!Dv(-aWnc{eIl9PZU9gH-}Esu?lr8
z4X#6(j6Kao#B~q_wxTY<5JTDh(jq2#m`-BQ9o^zLfKP%@^cyTlRAH6)KXmRGv<h5<
zP{DWiz1JvweG>}r3PVS1aBRJbn!drlqTB!UA+r^Hqo6UQ`~c*NdO*qlUTI#y8Jl9&
zxRu*GaOMvHhrsDz6Vv~Zg>9#$+v{;W8$QYI$LdcHPKzXWxd9>^GJ1OF_G<@rHe(TZ
zQ#m6S4qXye{Z|OObWs-OagOnQyY5|kZ2gYwh~kgl#VKpxwJ2ZC=>^IQZ)<shkxvB8
z1&jg^P|v$I&tew%B*=rK`-AtLz1LS{aZ;U1ktF9w>%7k(AcA(mfiLD8n0CW2k<rWV
zgYmh+um1zM<-Ro_BLz>kW*9k+x9qx`N$YkgIAa@SXL9R~Ll<#NH5rqP9^ql84kKa^
zc^PpqYAPthUwKEG=T5kkSUA+K5z>y3d;S0n9R$JAEO0T}QM|cwr2zE9dV!QxVq&74
zwCMm=0X3whU*K&w@9^nf6v#Y>wY;Q|Sq1!!ReG`5&bjC9uGwrpc|dBQH^b>~u+C{`
z?5CHvzuwb%Kh1)x?foPyI5nS>vfzQQ+rk{#FYDJ_ZIV&@=5STj@5d3jD9STPkKJF#
zbB5HOro^fG6@k`Ed6=fnxOOTuas?{BW~qvbirEVSr`<KfZX+Z;Z?^albt^Ho2*ISI
zjV3oi&5Z>m`bp4Mc-ds_3cUlK#(uJG%1K2vjwt!{&4V*(pUZQ>n56HS{zf-gZGGY#
zP6lf5zo{F;c568RXDwYD79}Qqq<)GO9@<O%<Y0P4?rQ(EK8ejtDmG(JtN+&*$HhiV
z55<W&CN*Dp|D1Cl`}bGRSZBu#bvMs$vfvgeelZnAN~bnGm(5_G$}<`h_y_Kxy7c70
zV6WY_v~9-^b-Vw80}q%5?D22TydT}RSlagqyi%;Ky~C;LUwelVywN_C`tJtm2Eq6_
zE(JGDqaOx-7_EaNGK+fvF|mo6-*5NEo!k`n3$wcAWK`>MOD_g6CCdJczX5f;_ZU5W
z#@r7F%(6sn9*-@M!4atf)1s?Lg$jdgYC?Q`mtt3z@DCvW4F}yFMK_Jo@eQ-88wfbj
zsDUG|6YSq(JnGgSA-{q*DQlTujV?2{5!h$tF@#_gCA^Q-1BRw+PHYc)bgry&0_+xG
zJ-BNabxkk5yp8SN#i^^8_5IPyxgZK}$F2zuyL*1ed7Y1;N2hRfj&9uT(w^~3h-djo
z$8TTP8mnW#98Y}OMyZ&zqu*s)g?4X%;#c9=(Pw}KRr(+8h|96<%`OG0b+`&)qF!k~
zMTrL2Sc+zop&jaL%HUky?=4o%clPIb<0HGCM<a)c`bl)lFG-LCVF_2c&Qd@ZfwfaL
z@UWIgH=~yEj$aNMM@@k=u?hte%xRCYZNIWF#b`Ee1VcN@OcmkwfL<fEf>35ilu*>5
z)Xfw?q@`RnOlkMlMc2~{Uq;~W>X0(ap5{9=bOj0VJT`QJQ#_D+UWDW9!Eicye?J4{
zT37I%A<t6l-sB0i)g*&U#YX#9<-DY6CSnWy?hPeHqR;0(S>7oUH%!Fc&r9oV-S_{{
z_1^JZ_iy{Sy&`*NZ?ac*_R3xvC99z%qCzD*D=Sp8M@AGXNs=8ZSxMWBs4GNCsqgXX
z`rP;Zy}ys&@AJ<`*X4@$>-Bt|=W!nAaUQ4cb>F~x<<i96FyRul&bwUfI70#_q)3LL
zJsdF?wRL4w#~l>;M%y7oQFMhpYDT9lzb>YnHg@%o_mxv>B>t80_!w@HlCq&2a|!O4
zy)fgug?~4NllJST@;z!L>5@_OI%M7)y^rF{xO*)cwuN1>%NQFWQ_6QH;m%#!n)W<T
z?;TJ1!HDCNd_T|a)|<7r?AK#YtCS8=VRL+Z&X)2D7e}aS6XR9?C6f7v=gem>rg?=C
z{IvR@^S<pZ{1m!g%NyWcN$qT1uiYMa^crpE1Z>fPc$bb%Qo*;EiLTrd7L7Orr!c@#
zTaKJ}4wid}wKTU<NZbK8R_30a13^#+@zlqWOHvLd$CPQaz>qL&*xA{EVgB>A@K1~X
zOQnL#cnZYJCFJ+MuYi4zp;ap9{?JRnZ`16T>f(-Uk{|ef#P2hJOwdaZ_KxlIxMR$h
z<@f2bwZf%LyZ0k14d9Bzkg7OmjpH-w(4U2STh`EZ;y54>HzSL7Jj7{yu-vn4V<f_?
zR0Lq*&wObbO-3K#?uR=#<Yycjs_q1om`O-E+-6hQEIgV5i!l!&d2^a8|7d$@p_jBr
z%Q`}Nd12|4b5TFeItr}Ft*~-x_0ZJ9A%jrXuEs?%pSPW$Q{dhMBRrRDMV!7gQ-uB!
zg+oavrou5)e?%s6KY&g{=<*bR)<_&;Y4Nt0HG~DP&zSQNJc<f$6$Qlt4&fE;Fk-X_
zwmZg);U8&*;LQOOzR2A>AB$mjC|~FFNxC6tDmEz<mD>PP+0srOjV{*^yAihyJ|kpw
z5ETq+rFj=jA~_MItzVpWkN#_9zSM0yQr&yDKI#d0f9C5`kVTRiTG^6z!sx@V$4tKq
zx#(<`5ifFqUnh6cgqvc@Z#;*C?==-A<=OSg^QaQeSJ)OCG?nYd@Ij-BnJV{cN2xQ0
z6}!vm(^ph#KLGjtxchLE!7$^+k`<~uk#x<;F~ampaLk0%|0j_#gR32)6)}Ml8El_g
zK}kg=zAGmsqvQrJRa;f#-yQ=0Ha9c#Fy6YJT-F=sNb_r_$-dl6u~1+Qn|o<!!gzwt
z=>~nAo;Fpq%=AoQ^V#&O_T%0%O7)~M%7M?=ZcnwzHRxTM&Z7Cvxj`-+&cL@Xf0Kda
zy`b1HvGfPfdQEnoe<>wJ6!f8@bs@akp-a6PBC&chQf?l%1%Jlgp#h&vTm$CEov8;c
zTJi%)-9$elD?{i3Yd|8qftskla%{Ac`Sfonc@jSZ$p6A|max1m7!mdK48k5UI}hYb
z&#g3C<I4I}%Cr-<A<)2}S=0!)2XZQ2*{dTKmc<p}K)}C$&FvJp6)}GpH8F|_(XLV2
zOGP8+5!(S#)}YWnh93^y2~ZhCg%OxYUiKZxbA1?f;_-(5GO)<GuTOU%yha%%<0ND<
zadUin_uxKGamdBvTrff8+w8xbTHce&_p_Z^z_L)6Z_NVk-N$FlDz2vJ9socin*~sP
zU+;5X6drbQ5?hppY;R`ny&Ivyzn|nTE+7J|PS}d*FVF%p58)`pMd7rCO)_24rw7oV
zA*L-+oKS$D&00H@>rD88LQWUF7!oB&II8RyTuO&ItoO4s9ET(U=`c4ZgTfn+Vgfnn
zJ5Xaes~BOy5CCLgvshOgj5DmDRV$Jg;l-5Im8ofK_*~klI!n^dU@m*UbWl!MIC^i_
zrF{_^V8Kiz@IEjZz@_MI1Zf5_1&cpW?SEFFqoDlPp$ILzmZzt+)t?ilkFZ60E8Lj1
zR-piP`d;@Q^^{h204R~%-t~cx>`%+hGRS_U+pZ()&)bw<PEHyox&-6t3%2zpNW5!5
z4`DX`z`Cs}Vuw1*M(548$Y!$<&q)P=v#S}pL**1(CRhML-I@Z0#K`iWW=XL+8|(B;
z0nQfLtswf?qzmffj^nj6l9xti#6(APZLyrB7kElK`?vh$XC%)3L<7#f-04T#wl$<)
zES7KJ;kNuh!h%(dq*SEi7AIMIU(ZyKQh1*uOHlu|+mPo{#p{xtwu|*^L4ui%nc;eO
z(=Mp<rJX&p#5AGNKe4mM4W+thuehza+21oyj~UP-NU%7AV=EoHu16ZSxt$?;mP=)k
z7X9IIOQBkmNhvA5JI{faz-UJ1UQMm9u<{}d%TQbyC$X8M1&BH#adWU5|BR^YA)Kr{
zfmX?3yLTwXfnErhfx6ZI3o)dECZ&kYDD<U*wMgC+7ZBZ`Rog9YQ($?*xAp6Q77~E?
zLj*;{CY*PteWvz%O^Ph|x2Uu)Fa%#w+HXq;--oH4c42kJ!*{*1N)BaaLTdyZk#$$Q
zZNTOe+sJ0npR2kEh7%UCgt&L(`pzvhv;`1E!&@x?j#pXm8YRYateCb>hRop`p}HTu
z={>}05#TCMQ|g7{16aK_=$`l45o%DWNu2Tp2%k{qU7mz$NC5Eq$de}gddwmwA&X-d
zI8KP(MduPlS_?V`fOuuXVib$`Wpm+(78=?VagL8x;UOR&Fk5TLM|-q)gJ=7VD?*!H
z57v3K(a+(++0hOlr;Vsy_RIY(2Qvm#p-=_ALH@#hnb%G75~kvDs%J?xrDaKXg|#XD
zjbkK<zt&8)@r^zXr?)_zpUl3!r%8drCB@1BSd^TM%(G|<-hc_IOuSyt5mZLtQl7uI
zq0xZZh^&&OW|5JS6Na`^?}hY~8E((Iq>Ix24@@Y*1zZn1pUo9VWQ=sj-+Gt+tXAwC
zl5dfND-&v!YwV`#;cACR&GsoRJhm+wI@oJlh1ZN^`2N<xG&hQQ!oxbOW)IEIGEUTR
z;tzfMG6^dryEY}L=pMC%Qr3DpU6W19*A8RRu^Ue$dGOn7Y6k&7Bw{%1?F;tR)DO_U
z@R`25lr7xGJD?n&vRaXDD)`KRzfxO@l>22W{cL0hXXUMB5}6N|ccq6NU125n>)pLQ
zp?f_m@W@5k_pG0O9;Cnd-Nn`>>NZQSLu$C5Nf8tO55~9|u{k^a6BTkwvb$dYDL%Z!
zq#h(aj{Jy9E8$*Z0dej4*-^e9_}PpT2-MwB;k49dZ`mX9sr(VqoGsu9PpxZtG^e%4
z6SH|3#R@|Ze0g`|5kkN0-sY?`K*q$FB7${^3smjz!xw8&6sVt92S;dyaE#^+p5RtK
zO-Bq6BBkFNPwKyQtSf;To_^nONvf2P34lQAwi+G=7=|1Xsz5_RE&EYseobr=a2;9q
z52DEGbJ3#5cp*dQ{j_buWQO+uOys!%h}nRbd0#8Q3<h{)`^}c&oBMWVkW3yyX0g@V
zIqmcy{Dg|>xhs6qXKgSUsWY3y4~VjkUnM0@*Cm+02}Sx390J&ew+-5I1#E7NLr5AT
z9FsXkt&VjuPP*$8F$86NdSO(`v3l?QM&*<E<1fIunrBnrzP!KLDWA`1AN`Arl8)d6
zGrRw}qjvTT6uNcNR*V9=+K86p&ZCHW7d`HJ2#btBM43Bcw>55~{}_CpG%LLinZ+SL
z!n-m8egMN1hbCZ5NYp(nUq?7jraNEe`wf&&P;3A=k~JcAh+xOBqQ(FhwQxf18$H4=
zv##OZ3%YkDi>{$Di}=9YvdiQeg=ZcHrftuii;Oq(<C*m%<{Q*gzM2r_1i`YUac!*^
zqS*iL?DxHmns2=Cf>O=XJ<DTy+=N1AUu&M-SRwO7POAcM6YCEY@KbvsycIv5&aiAl
zRgU5Ece!H~$smb+SK-3b`58$gNa79E8hnCH-yeLMD`x%199|VlN_<7K2Uq_mzPny`
z^+BhVfj?GTD{QH2D9>HSc;WIB@i!8rUjvgE=!Lg=b36(c){zyw7!~*=^-Q;Lqye>b
z*jQVzH}&?dqd|g4&5uS?jyl}CUsBk%J6|_5jK%KZ_TEqZgtM$wLc~-TO1%liK;REh
zq77f3E5_!8e_`$A{CDKQ`GoI+K5L=G9;C8?OY-l5;O=*ZpA}adySeYrnESEkH}-15
zEgt7{=?nlL7&5{T2c+iV(aL4iU#S8+e*?Y7#{Kv@N8~engTfH_6GX0GFlqLEoO7X>
zVlQs}3qQ`Y;6*;7QcViX6|Bp{3q#g^S?zQkU>37a#8KbwTqAe@x8ym94ftks;4i&<
z<i%Dy<nobXs!Hcto~P&#CAwX{4nlJYEEMN3y2(j64tT{O2bMvoha(Q+CcVZRTKGjd
zEbx2jJd$?C3oi?lE9pHx(PsduSCu_x6xVRVHoko(W)ktc44%?dg&qBc7vL2i;sS%M
zRq_p7siRs=$jXGhy@YvYY=jW$GeYzN?Ji#Hd0j^txHrqnxzv$p;C64me*c?;iz{^U
zcUlp7$nTND-=la=55e@K<`hslWQ*a-%4jj>2y|t@B9+?|@^>SH#JSRpT#|7ux!Z?H
z$W3UZaxh}!)xlHA#=?@R5q#i@nLMmP639>z#2Q(~{elZ&!laL6pF=qwkV;pRa?L8`
zelArL*9QlfhSZRd>GK9EmST590gf5?PQ_JkwoQWrNH~4u{UeBTDE9HprWg~tXAjx&
zTc0{qj$dY#v)hqUJtB3Di&<|Zh35`eKYsQ86_T|>i+5gll%7H>-yCM?qW}-Kt-!LV
z`lr%EYC%eIdEt@|*cAo;j#FCyh72qDNIZn&dd~LUTTQ`Y%_Dc&$^eY2Yu{a(_9GbT
zhkt&bUg4}Q9JfJ!1TrHg#=VwVd!mPoc1U=ZYFVfKi~0%l<9Y+P10u{i8qL#%%HIX9
zzv=l%`OIJQv0-XTK{OTPc^TT?abp|ul#GtEZ<Q>QwDXFKDfsOQRo^fabLFOMimtZP
z7(J1cdRn+g=Mj0IAa_^L?ilK*`nE&#6pC_JlRz=qC9DxYkDpeC&p)2<(Z&e_^t@G9
z*J9gC_l5NxWiKHQJ8ZDX&X|hEy0^qWv|ouZ{D)+9X}H4O|1F@r2YM5r0_pj+FMrn2
z`hgNa5q>Qo*brO9&wYNS%JvR%E<@NDwCOPN3W#{50l4dW>+9=(`kK+_bEGYj6caG6
zb)Nb#EykDtu2T4~^`HfBOP&QZ4;uYn6769m6Sy1#H)qZ^qtp{Pv!stO=2waF0$>Q!
z4+w^#pX}oT8$s_>4&C;17==v129zakX@zn!-k2(kV(>mOOTg#G4!Q*O3t?6@z;zFl
z30sMBOeN!B1jKr{#i+UST8l&v<L`<)zCP55fE&Uc&#Q49w9*`^xO4?(CG?aY%idAQ
z-D4o3|Ay$dqfS3$wubwIJt<1A4Zg5D<B#u{Kmm$tc?{(;iA0iD9`5Y?F(tB%P^3{z
zc|yMS9rnc)(`YFBqq%`nUU5sSzF|ntWYLS&)P))BmoPOp1LY0208Wt_&d=qmn7fpD
zZ_@<h(c^Kd!u|h&AP3;3I)}7lC5Rey@AY)^%ZtUWa@$DQuY_2b?k3qjR0X2DMD1=m
z3a_}C^mHcP_<w9MnPT5V>@aHR!$ag2*Ni4rlqoH}+cwG^sfg6lqjzh!(64Jo$5$KJ
z4SUvqgVyW3iIW}wY~mt}4YJ50ofWpei_VuSlV4}?Xm26{;I^rr%Q}F_tJV>zXFjDI
z%zSh(unyf<@a<QnbIj!NTNx$aPTr3@68Sn%3zSL^=XGHQR&&Ew-E{;_`a9A+lNf!#
zIZ3}(#h}vA|5snE&3`*RbLEid1ql1zaV1w2eT|%4HaV3b6xy&d^MToVUs2}dvU#3<
zpt()o*Izvew(MP%&7{}Tk9oOtaHh~IT(XMrR^TubZyqL@j4%>X>5>(qyqj|1OmpEI
z^7MA|!C23KfCXMLR`S+%)b4xQ76z`4oV;4o<NQ7T&U5LE^IDC@f{LuQW<~9tQA0DL
z;pdZ!cAi{1Ovq9sTpon25{(cr7By{I^OEg9&6X&y6Y??6Rhbdx=>5{VHciMGz`(<J
zk>=+y?=6<0&s~R@f~s<87CD@#7!fd#5q80Ygm9a>!7nnOLL!9Qfz1L$jHw$&_W%X#
zbr<F~c;#iF8<S{!`4`wJVhTvWwXmBcJ${^+H22!vyOU!H7Y_3j-k{Fmp{d6cz7iWJ
zIt|fF1SWmJ1L}VT>x5!4`(QbL(*$U}Lt8sxLwG17A~BZY6;Z!Eb2xE@#0Pi|S6%nq
z?-uXNNE4`h^DAUIioT#)Sj3A0dpJa0>#0Xm%PHd$NX#(Gr$miR$7`p%G9~k&F~qQj
z=D!PSk|0Od)-xKTNN>trqa}&RDasUeLITu9vD$KXah7o<z0Sz!CF5kny(K!UjFvu*
zi3|B7`eov?div+)h?!R3f3AKsysyN`ecA3BE*E`a57{kGl}aR=FK|rz_8#shEA<jq
z*M<1VO1Q=Z4gF)*LaPt2+p_QS7XHTdMpH~BiYZ{fK(0@j<mkbxhaMj);p*5=B;${)
zo;uf_OA6MN#kwS?`aA({U~!(bzTGRSH(V#2&g>W&8?JI8#?D#+b4bx>zIZXrkvO)s
zq+Ckr6hDaje7nSbA=98dZ`nIULAQiU{lNlFCo&HRB0YY}I-$KLr1S}e=^EIq5I-D5
zd($De_bCBV`ikPRvP@Zyd`b@LD4)xVTnKL(rU>KbkG0jF4%7SxcAES1sI&Q>>HX<0
zJ1-}tQz87!;Cy=qW45-<Di+8T9M+a`8X!-buSO*X<%bB*b@#h+Vb!JNX*!3i9-4jl
zc>R%rAd^tJoRlot9WG|(NwN15Qk3(Fyv;@KPQ^yK+v9CD&SnkVrsRd-k5#4ik3N~B
zk-5d7RSEBv{)-)Y#;QV_iVZ#-DK+%^@iPv5s=bx+nF8*H`)LyEM2kiJS#|}7C^xoe
zm{Zl8F{QD#SISmb%BK#56iyzH=}8liw<pF%F;6>6!)Pl*HY2^2$#`Vm+<jP|kJD)^
zUYc^Ey+FZ?N7SOXZDL-YWiJ!$#03<D5@)(3?qypgNP+w-|HFq{Bb!^;7$K6waYf5l
z^o?RsGf6i6QFDQ~n39f<De?tGX{bguW9Ra%%ZP_^+&j5ksQisZSX75P_f4P8pGOW=
zm$O~5zLY^;F+!Iv7Ui({Bg)bK1<lDT16{KVqcJ46ltQiyXl@k=yx#h#u|iN}d`Av1
z_l1;OmZYImT()-x(+wWQ&v5S>9#?wX=9Q<PRoY>bI8wrsq@w~Mqwg8Ar{>+{y$-wB
zeJ*JgDKyGwR2aQorVZlZ(iRzyIQjlqzBxl)3$Ihyndh!kkstV;fByNiC^peX)Tph^
zfPpctw?21;^!afphy|nUsp^-*I%ZkjHuF@O)(8`7ct}6e=pM|C5zqb9MFQ%m#^XUV
zzona~5NYAJUw0<%<jd<F=l||24$d99i<F#d$@9X4i4o2d(%RZB7TJW|R`><88^-r!
z2Pm(9D{T*3-5#oU0qO^0S<wc|NQTrGr|kg=kBDhptN%#e<%&(&rJn8KZ<T*S%SjfN
ze#_j!(J0dR0Ekq8Y79s_5@b+7ON1d?#6)bh-jL8)6Q{XITH35daI+5vT-(s?!K;4-
zGuGI_`-mV7tYccA*-!)CHp>vk#4Ji875%H$0*-ci;<bdx#N9$M)F;-(j%*Z|qOwaP
zt~e&>lgSP{M%CUUX-U2kO%zEyr2Sf9;nEse=@QxD^*f$tkt?Yr#nZ(P#u^0hIWccn
zw(niXc#d$Abej~lV~AVXK5+7xu_#bH`><W4(r<$-X2euFvw}k8qG{8JoLHt!;wpuL
z?Tw7RXy(GRa2VL(b_cSQicn3NhT;gHDK%S<x1{AfHxG|RwSm2noprq1LRCQ3^%U~W
zM|^=PHkZ1mFJD@yJcYXOOau4;g|?I#WXBmWlE{O=IZe)>yRJK3kAJ8iEikJ{_V$ux
z0P`Xwsl_D=D43bdXgRKNx{$M2s~?}~1>+4g#YOeV+05A_Qb33A8Fhm;_Z~ZOC-<z2
z?UBQz+mucQb{Nv$4U{IoDswHVOsVN`J9)^@J^B{jl1dQ;fr^qLg<CZ}+H>{TYm8{W
z4XtKau3V-}FQ)U)3cfDR%bMtVO{BBdN6)lDRNaZ6f~$-Cq0&0-?<cZh+WPM()B9}u
z&-)F1RK3%?IL7jUyk0fx>rQDZc1mCBSN631=^L?!xpAg@pU%vYQ0JUel8XFLsxI}&
zPW7PF!PdYnJMV5y^Gy78msM_D@{&rStudhhSD|xyCH!so&PkR~M=w@xi=Dx(Xn?G}
zttSyA=KjzuaH_P`|6|i*U}4cs{c>cWTT5p82Z`tjBSrdW(V*r*B<H$o8_`GpQ)wDI
zYLtkT0d3nQE9A7(WxRBY7SbrZ=?i}Lil&Jr#t|)Nh!DUx*$W@dPr;bS)L&ix#ebD8
z1-s_$jQhW4NK9-A?AWj4@j&oPOU-Sh5!7RVPm;)rz#U`zL~c0OzCypk)<j#<#3D2t
zhV$P}(5cU#EL%HRmw4MVeH^tN;BVfj`%_I@^}|ux`cK3b85KsD6nXEAYqEH>8TymP
zSRYjon|&kv=A{kG@DPROh@{&`|2URd6*Lx+Z#13k%Azfj%p_y4xc6~NI;xxPjdL!O
zHqx!~wo*#ZQ~wD(lBIsyjc>$uK0EZ!Q9d3qHz)T7s^jUAE_79kA*QC%dL2R^bKDL^
z^S&ZRKEO5El*KXib){5V?5)gf(;F0a%Da@QQq!y7Fy*OUEF9%tuWx+KZSo|f5a|0!
zPYahSo`hf~<2Ox4JR+Er!O@Uy8plNquW_gbPGzVnWR1vcMnGZtQ6}ahY=??9#10!Q
zH!InelQ2vQ)%AS>0b-dU+znVPHJ3BC7R(qzttFVFtw-%jpPu1uR`m1G_P(+iLMr>G
zC~+nR2&pe1ve`acdnG7B$$AGV`h#YYeX?hZb2i8-cxl^Wcx43rvILo~4r<+wz97A%
zSE6Z<MeXaj_wF<HGWNHk({r?!d`J&A?e}{0lqpW{#1;B6l2l8&d)=dDquw-*H>ADw
z*d{n^w{Ej)leacwlNO+^-d>%T?xs#Pn`L&?gzj#8eP8IJODePbIaLc|d+7}dZEx|L
z9DS8t3>jv2eIIW+%(G4@Vm3BC&2{AQmPcRvByYNw8fcGQ`KWM&r^7@ywbVl9myyB4
z>#TAdtT*{;mr7A(6V)9mi>l`)ZIMcp&t_3WYVQ0nTSLXzP?4W}%BANk=^EMmJw_To
za0n)*T+An;9N$KTuP=Eu*F5y3;Wf=v*<rLMpv`$;An#>MSa9?^z(TB~VZG0ik5b8?
zIN8UmC2kbsc*{**#8f)byr-giCbn8BJe&B0bqRyW!@+JrR5qvV4ayO^06K_e8fa+`
zXK)O$(=q*#Vk&m#<?~GDiz0p7@e-s5(4Nnh0QLbox-h?HWC(<*;i%6yLdR!VE$8dv
z-Tf_+8|1HyZ!^==coNx+la6l19@s?4P)$(#j=Jh!HO!t@(Vv~7us+3`Ngi6sbzi<s
z<2nnwPfvh#QIhq!30g+R-JE%Yh4co3?c%DV`wX^QBrIIB&fh>WB=6ox|8}%F-cmf%
z*K~WuiTq9TEW-;7nhDqqcsLv~BVwrn$aTexP>RqHaY|bctAvA4kikz_Y_iFC)nKn)
zlTt%tmj1bl7q)y3TAoHE+~+B-YHrv0sI=L=2Owy>YlCP+$qfxF^_8dy=FX2=EZz>J
z7X7**)zB}RXNsa#N~2_)?KLDJENr0JMLNuTOZ~v^n|y=JA%jfUDbD7dWWJBk1W$zv
zSQ~<`Am8<X`N>dAZmD0FCRvq%2YcZTv+cLVa3nbcuW@ZYFH3jO=$UcOWS+hCMZuOi
z)5jyFN0$4tPbbSnez7;XW7g}}-|Gb<xXKvsrW7qq384pH6jT5HEvtl>eLPEbTiO|W
zix!^s=t`Cnj_w*3{k&)kQI1lg=LV`(?I~y1G0&wCulp}H{U`(X7HN?6ZZG8)O>?64
zbQ+cQA2m+xr!>DNoH3}ZIhm<vFZJzuVc^HGxtjAeYKUo7j#VtTv>M;$Q9pu)DAW=H
z4);IpAGGBJd~LKizbw5P;1ujr9CQxa${p}gW^drcKU;L-xHJ1@y>taXn0BD#qwzs;
zX$w&nw8u<Ttgj`hNK)hc^8bGhW#41vSHyr!*CSfag@w^bTk^ixOcXjWWqA!Jt1gkc
zv}h}x*w3gYpn%w>dq(|dpz&^sB79P4178z#3e>T`aY&K930WL^i0C=yxm<`$;jh1V
zX$dqcXs{h<JR@8KB0u!#-dE>Idf&9NqIRDHS?sB<Ch)Dr!o?<KYwdi+J)j2wj?^(Z
zx=ADER@{do9xOus_T6&pUPVUdLmZ71*FOr@9+5cna)W1pb~_|?m|AW{z~a*mO>ZRb
z)XgXJ>V|r>I<L?vV;~*X^V)nb#a=I}1o5sS9EwYP=@gk|hw~xeb71Zp__mFy#d{c4
zb*BOZ4vr_R?I)n6Qk&&6jbe+u1wsMb9t<#8_hO(T<|0F51RsZ_Opi?+`?a2}^if|Q
z=1cYr4(1bV0>*Rz9}blVNp#a_ikI&5tvd)pgh$OkVNGG{-gm8M@4wqkn1O-35!eyH
zOVw^0LM+lmn+F{HT_~nt-Z}Z}yu{$|Leg@r2IU9Wn5JP`cE!4wC9XGw*F<yi31L~d
zZi$6kvfksMx{7EUqhl#*V&@>Jd;m=iz?e4ndW;ptxY*N8SXWv-0<lZX2slx=_~EwR
zHr9CHBQtm*e%=oAYl_Fwr@9i6r9hae80koqi0$7Jdn^Up-y*p39MT|GvEMRxzVHS_
zK<xQJ62~s)NZpp3=WsYu-WE4cvn?B_aW_crk~mP`4af9(-p0P9-K4Bq<~2z2bAs#0
zu7BF4H86g-GTLzgV%v3g_boN&gR3bt=vl**R7fjwWNsGyJk6+TWpbUu@$GNZHY%pA
zZ=5b4IXN)pYkU}G#Es}ecxxAOpVulT@u=vwP1oxg7)lzI$kU~psVZ^PC8bpp?M!?K
z6<-Ou8%;@8C-uECMlUzB_lXkeF*X+#<NbGD#L!OMUI|tjm=R+{du5Wd!n5!9+5A8+
z3i}j8cemistff684tjhNrFX2KXh(YqlCP!@>#g4=^1<M38$IE7wp4N4NAjYwSk|KD
zE+&x%?y5eX-6nHuJvNk|ma9-gNl18EqM&Hq=&6vcnnZTh^Q3L*XF3R1lK%_HRGTgV
z#)$2yZ|x?h$oQ0nV>O#6SFHEx16%Dt;ZE4De*?u!EP}zScvE2`5Sq{o(uorcD-_FM
z#?ThtfR?w?p<)0770dX>b8F9cL*0E);65~&SWH7OZbgK60)WLTU9cTQ`L0^XDA7aV
zzJfZSbZ?3om%cgLKj_I9$nDjP4f!;lp%8*=3}|Z&G7nBK?@xcx**tn63roSbyWN%~
zgLC|2T>bC!LnvAKxYCb)gI&bJi<|qP(M3Oq5C`BGmWjkVP`J=NGOx0JIG?e4Y`jir
zS#ELw{ZV409q58t_(p(9#ECi(BGe91xXp@Yst}if6Wi;C{adD0LzgB%dJXRZ-)gqq
zv9jplq*XE+zV9&IfdfzU%OSc4u?S5QQ+0zO?45Um;#P85hm7H+nes+&h0w-Y#m-GB
zgc+`*gk#NEEp8cv&~Nc{<=u}$Ay3G(`)CX-ps2jF$|sytA*?ltgNxlB51@p`stH$+
zIhDIoXkzU3PK~!!m}NxQmokl3J0;7_b7i!?Xe`<}Y{>~tZnEOXi6b{3^eDjV<djOa
zgK?2aB19VSVzMZ_CLLH|0S2{Btu$<+jZ|rzp%#?_u`nv%CN4hSJ9re97#(5?-DsK)
zCTWYrxpHL@Yag?Bd$fD6CVLq?15Nrdg<d3$Tbb%+snBh!LS3C#grmB=G1)+jz?3%R
zzTIIH2aCKy5i{nA38NS<h?>Sh-l`m&;M${2F}pmB-hyztNsw~&GZ-i@kf?38e}Z^t
zh+?3xm*|Qfyp(D+pYQV-ffdyg?UqZR?(vrJoG+s<ia;JHYQZIc_QB%`ZxbidXGbk%
zx&wuXv3oD-Ye)6;+6W~$$jqlAe5dR0dv+Xd4Nlhk6v>=!QXn2E8^-DQVE~%J`Z{qk
zF}JFw6aL2HC;2sOeUwQSgf*;%CO9%V=tQvyK0Pi~EbiWu=pLg^J3A_Au`+v>^bEb5
zSwA(KqWC<6Lnr2(*+~s}qo(Y>I1;{d$R7u+20ex(YAoQj#od&X$J)Dl_O9B?XjX$m
z(di3pox-ouFFp!#d>mZ(nf4N!VU76jn-Lx5cXm;YdP|zwSPH57n%8TLiBHe`n@sC&
ze<L+p;2E5-ucQ{^ZZ<3)ckF03UC7eQ7O5I!sQ<yJJu>i?S|s|8>kmJ-YT>b={=;3=
zHPyO*{f7Q;WJlXO@`G~S!cNd4-LkP1Vv=KHHCF~&LMs=wqX!PnQDLyAFEy2K9RU-)
z(oXRfaKFf=TNoL4p4|umZ%*hL|AVAHIpS?{v9TFVf}@2|9<eO_+Y%`1f{5m;m$Q!s
z!i?qR6M1+T>*8qd1c8r1MdwP=*SPOjp*CyWM44~};}99dEdiV80w@6COWhy%Abx)T
z``cZ3$SgciXw2tU@~zx+Zv|QjsAab**M^{RC5~*>bmWB`7ut<(Ao_Dpwi-Dw8Ak4U
z=n?T_zYJlIyxHCg_77!qO2EL?9cdn@k=9=ydsu#ov-X(~A$d62j@zKTzn@q-i@3Hn
zKSX}VkH(?yJGMaD;BMBFQ$>A6`v8khr0mNgxuvB^*@}#3cKyHw7erA#Lxc$#puad*
z!iGKI<%qX?;}{rJKY$K)9^rf7B%oSZz^*x;+i2W_nS-o>mvWwOg;mTV_5-F`dg74@
zYwXMEOd>Bfn|ao7doz4TL*&oOrH9zGSh$p`u7#(RG6V?VRm$;U|K&qBDkyvM_mb9@
zLGOlK0!$8n4zja$bvL9Gu~`cWLAdQ%6l+8(!$!-6-a#P?k+yUQj~ILHWFZsUsC9iK
zg+Zg*yYD*IxwvDdkB5-*;SHtv9^jlVkg(xDz;li8dmeB=<bq6t>MZmsA?fa~&`1~o
z>&_MQBq1JhtFC~iJ+N6pR81M;3dlPH0BBYuf}Y+r<J<drxyjzxoDYzsCFc>&i|X9z
zM{M%zQREWYqXL!(Xj$Lu00n)M0~#*NVU-QCZDp?>C?tT;>3PYu4D~Lt#Nf!_5tE1D
zMDYfVexOYj0DDX;mHv+4ZLGT#Wz2gDS>^Q3)t`%|pfy|GZZV@lFWh;a^h8HDPn?U=
zI4PB>cvuh5&7N>BI{th^zqx5HhO-l8OuITnXxTdSgqS3xn9KzkjfTgP?R><lP^yQ`
zD9ksp8urK@x22+7^5C&I_Iw<!Fe<6HLz>K@GU1G#km$H5Lz`Z8K|>{c+dL(!&2qOn
zi;>4v&}+!HeJ4qkR#<ekTl>K5c<=i3?IsoOF}(sQI{(To?!2bii%Jy<u@Mpyd+HgC
zEs|Z#?~*vAm(+^ua*uIe8E_So>7jl_a1<?#Un$pUm?9KfQ-70Ghco|l4%5>(v0pgg
zLBkpSCuyYgj}NC=G?&Zr-N<+}T7PGS*6!_JM*#>vAo-YM33tp`kr96vN^0G-dNNVP
zL`LfuVFHVZ#Q_OFYnrK8S0WM1Cs_<wH=ySUfi$G*T+e<3fuF&$1oR4mvUou*6N@%v
zdmVZMc0wl%9Ylp6Pq_tl2EI0az_9f-baU@vZy=n4usjRC9|M!<CZ$W-C6~cz?(J<q
z*05qkak#IqSudu&ty7e<FQeIz^emz6IOJGD8*ijP42=;ko(cfprb5dU*JWC7EYRF{
z`m?IpR0}#tu)F~vHTZOWsQfCVd$^zc8}z*DOW1KhM2r()B(-rbFd9?5O`B-H$znYy
zq<n;``I${C1V`xRwIeRAMQ2AcoupLCciV^PMU2#-V{2iUl7m&Y&564`zoCaqEb)X%
zYRpD=C83`N-V9W7p(#EU2i1aY5sA=G9QxMvsbq+;GQX>RSjPO+`h^|u4gvRt-6K6d
zYASkeb;uNslEN+Vjt#!%RGTOTScn9*L9^{iC223(6pA?VgnmbUx1GlHuI8h!)nXlM
z-PUkhC2iawa`orp=hyXYi^O8o5J2;4nma%N<9Ygz%D}Up+ZZWC^M;%qvc4VYUMkGD
zNC^v<paGeHmKW1CT?h`LkgYmSj1EBsegdtV{ejH~XqO^hV=(L+8iDF_Rw#Bm=hot6
z?&3cAUS{fEKmHmOD4Udhf(0vzQduYgb+x<P&4@9_B0`DPs&HoA5MT}Z1xDp>`di=e
zv#^wOGRIc#{n!~mXVdlvFZ;qXXpMuR#joLn46nihKYY0d9fanz{blchxBf`u?ZY+I
z>~@);O&NvQ*9lWm>r#)7UJiOPg=>C9Fr*{Z_e^HcrDdl9gZ4e0&s-Iy+E?n@W2(v-
z2bb(FRmJMv6VuxvI^mbqIlXj|G)s`~fQB-Q8FxPjhI*Bu*d9Bc5|&gesy0KfPpO@K
zf)+K~wlZ4T4!yJ*lDlIo*chM}=FGSrrsBDS!$Zl#wYA6%DVZ}=y-kCX*9Bu%oVry$
z`?yrXRMS*kNzzil3}UHtuB+kR@hSD{J(r}PEWYof<<#Tee023ISNYzMi<w#J2l+%q
zW}Spt#AL#~zxn-FwL3~_;=HI)^|dU<B7W5UeY2B*Ic2jH%d_yCGW(cf{^(uf7Z}YJ
zKU6ut%Z+qyh<r5ZU)z@dO^(|b7G%ozXzkG+VviKgsnv2{1*2Xqp*?-4%Ap|ZsV@X~
za3*~LItcLV&aEXFWn&6Et!W7&8UJ4x;Ryu=RAvX~2P6h!{Xx8~uL6d2z{wL$x&_KO
ze{a-?r9L%CKEyh*u1A%(ab!>oTjpy%_uI>oZr<N>S#}kWI3bh3S;_~kA1u}bh~p=K
zvw2g`B|9vo)>bQn|D+5&>%1Q4=rS&-g>JDuG7Sz=^SM6}0aAOgc?1nC$O7Kt;-G(k
z%U+4fk2uV@>t1a<#~!S4oGfCecfxmy5*x<Rr<{i^x6#p*6A`hxE>&pIuu-|&&KTWZ
zpx6|Ib_QxX^`~ejA~vi*F+)hd%D}*%L5p4URi`3UANiu@EX}1fjCVfrmGt^ZcAqOX
zxzJyr^AqWVLvGJyByLdXrPXFC%UHKq)MEXzvi!I`)gqEpz)%TgHOo<8@mAD4T)fgI
zKNt7?al3WEY6JQ;;|nzLQ);+-m(Ao`N%>|y-6@oOapf&8D@-DmRT0v2gqtJ2%&9ym
zVGMWdDMyj*A_ayE&ju!_Z39p<zQu;P!=*x<85p#M?8QgrhYj#Qmh))+VsJ_m*qPd?
z5Y5G*nywtW<oV!p`SSjh+dDi{F6Uu@xuXnIsTdQypzCNf2Y5DpW8jC>4I;?YP}AOQ
z%RpDmMx!9cWf^L&3qg-~puFp0tiKv=Rf@N-f3C;wousN@m7GX|*pcVe#yckcyh%ko
zFGNO?s9>FXyNzw8(AYc)<#+2vu%g+cU%&Fn{i?>?-n!7~w}`Tn-`J)^=?|gm;j&7p
z`l_F!AG)OXs|9q%qnc9^L7~-k!sV7%Sau;=*gqO;dnuKH<p^<CqFL?Ff|SrSB~KBb
zj=PPQ&@j<k2$tn;@SL^Ua~x4V%vJ8<-Br>$yg%FLa|bQpLuw@glweYTuz<96hu*C~
zG-&yr8F9ylBC6s1bbBp%thmjq+;YkF%o#_Ntj}%Vd1gJ3x4<C$>91L$&`ZC(mF;j}
z3H#^)Ssuuj0a6s%wq$Y9(@(KJQOZ%Z3e%y!QrEOSjke(NHZ}h?A63@1%MSg~J-I)6
zwjEQr6*|*i#Qtvk^82X34>T9;($p->1Sp&c%D<>QaqLc|E~CUAU9TNqV1GlEM)Rv(
z!oT6K*AZ-W=w$yji%nsbi@ZT+k4Cr?T0kg!q0h|JJ@k-z{J|};QlC%1yv$H8Y1ylV
zeySNy0@z77>f-AwY7v1#4YX-jO*IWFzHe9#dYC$)4JnIIkw9%_Z)vXgM6KYg%zcZQ
zTeN2Ywy~48FMuc{F$?bUFha*_7u&BaRz+40R)Jf^<-)l|Hc4z!crDQs4>~CmTjym`
z_&y?k?*q3F(U$#nAY|C8Hjr1mSW39iJa3Duh1dT1{lk4G9{AN!KBDf_`9^3nL=6wx
zUCx(2doN-$9Blu~#Rd`MdMH@xoWw_P+`#_RxeM(()~T54-{OZiJb?Z=<JPU>Y4L|S
z)$}63@2JFX#USrleAU+iX#y(sYznnWB23-)Ze+^B0;MEAvPNM>iyWCgmtGqR(av88
zaIiZKL{i56$$lwyFmTzLDq7#j%amFs<<83mVpS;OM7dpMh&BiWL<mFi2lH^;fD&7E
zaD9iiS*LAEgGZwQk5q}|3n_lCoe{)f$ue$y<|CR7PuA%&i|iyj6Smi(8;{#y-%)6#
z6<~AX$yLm)%#Hek^}?Z#CbXhlQHsN~m*NYa(uUC|Gfo@>>-i5>3)~si`sPS8!*OI#
zB%b6M2+60=!>4+0xUn7suD8I<0tPQX9ep;fKZ%$MoL%^#j;nPD%t?miP?#%FGc*sU
zKRn^)DVOu9@S(we4N~o5h&n1`y=ME$xGvD2L~lot57obBRfJmv{sSnI4IdDU0AxY<
z5tecr+vO>hYF3_Y%PW?cen!hlbv{b09PA2ESs75wFlQ-B<qmN~ko1gtb}A_hiEn*Y
zhk(c>;hWf%i7D#N?c;XSTxfz}tGjye#Z3hRk`pfvD61++9bq<bQK^$CRX|KSpmM>!
zw^FgmzpP&Q&eDa4o1c$C;>E3Uh-oWh;*Va<6dy}e>0hjJWVoF!PlvGP6RVUBRftuv
zSy9{)2b=5v4hSKcJk>U^hW6{SQs6KhEZ~e2hkTDu&cW2Wr!a`zt(^y5&i29}yDWV}
z4!K`>&Co#l(stMpefzXr%!fu+*Uz;^>9<7vn5r?GxsqvlSX^qC04vdidZNlf!D0D9
zOWTt5!!$9t*?*0EU-d1ELu-LW?l}Pml0YJhjz6d8XI_u78Tb7cIlmWUb4zDYVwQhE
zBC%(n(RGee@+nop)2prWBy0_xqepZlZxIpeGzKWVJE_dSIFmfs5rkoV;`Fb<Fy-Jy
z8-I&z#J30_!SL;*KVqxjER>N8#(q8v)Lbtg-|6cw^HS6P6wWa*N_W+Me9)m#v7-|>
zv_EU9?iluA?7Z69)}|Nj=e<8R{ll}u!o7vT{ea?ignc*?YYH8GW!cTsq8D0H^w_K`
z`Y*{p8{ig_)SCok!HUAKIF7@7Yj%hA;sk_HN10rKo*rb|HPoQ=YNOD_NLb}&<tzAq
zDwiTfvqsLgNDqsI#*2pcbqS|mBZafZMf-sRCt%a+ALLaUvx-{4)rFQylh{jK=at?D
z^<9JcJmfH<;dZcIKH0kwnQFGzbeI1v?wdGjST!gJie}!=Y3)@o{^)q{v<?4blA5TX
zakH9z4-1ZJT>ZQq9`i66Vd+y(tiHvdcLnM@Z@Eut;V4v#`=KW$$(Hu+)D5u+(>}jf
z^Ek-zRJ|619{r=d@z*A!xG5D>SqA5z>+XGab;lQcAfe)Mu=?{N?q|=iw2j~~KoT?^
z>Udt@z&Gn+4os?TU`R%YNv~Y<Bg$ut>R!S$V#}67?7v1tW)I@JN1cZX$mh@@ntgE(
zAv+}|(Mv5oYIkE2^4h)bfU-lo%z>-drfkqIsJq%sJ}z?>^FXW7KXw)SdUME_P<=TH
z1rmtL%eM474mKlaP$J`5bUUS|bW<_%KQX#!NH(Lsg07BY^WS=vo=~jfhkL06Ag$$#
z?cxZxI(Q`pXP{jv%V!4LNfpkz2sG`N>{B?5MnSpI<(Jmf)YQ`w9>pA$21&1>=VO13
z7xNV?Q<mqMmSn<WoBqNrCdCare6RIYN;xND<_UVxxUeq&Xoh2jiau1Lxt-*TuJ5Ik
z*OtzO1i)Us3_PlRy<Mrv3X@xfy!?Yz7Kd#2o(+&A-O0V=;>>bMyel<pg!1ynuA6)U
zp0edvWh~}<Si1V#-bmOi9=gHKUc}x!q;DpzsE}Zz(C+gr=!ej)8k8Eqbk3M14?OlE
z`qay$#A0pCRHIh%>|eZd#0esxw{*?>o9*7haggP2_I!N?7I^=42UjIU#e9W5!cn~@
zXo*?5D+OX8^5hF#Y6u6N(MzCfBiSY-co%B1T8zp;EAq1S@Oj1rnwN^1#307&I>h}>
z6Hn>wklBAIP1E(h6!CFb%<>j`pTr!1s?+^COvUAZ|IGD&)3l6juU@z4K7v>J^ajOa
zXX_>Rli?(M<0pyP83e^rCf=P9Ef8iAw<pBJy)mJZI6|5wd*$5QG3N?C%lf<nfGO|k
z4ognkNS0O6&ItBdKQ^J6p+7jNP!Jb4>n4)*jt=B#KWN1UcW`Nl_U<6M;BFyB2i&6I
z{&LUQmrK_P$vq4My2PDt?(w>?^VcL}*?gPqaGg-eaZL4hE00MyUOs||<Dceb=(Uk5
zhJv*dr+Tq0krdg|75x#vEO)gZ;TqNl-Fv$Nh@ATR1N@0F+I)#mi%du=_dN*g*Ni8p
zXQo5hIAXYyhxBbxc;3#W9#(Z_&&Evc(xr#L;`ZvWKuO&_sGJ3`Z=_pF%lII;#E_Ss
zZ)tl^E~&xRxXM?^^~humg)b6C)hguJ`_NWv1!fq}nY7i=>Ce+p)^x~VS$`=$+neEo
z{5f+)oStKIe}9o7`bSGiARRlOOb8ctKp~+hXO`~mQia!p<o=wSgC4B~%RKe^){HV=
z3^1hR{&o}QkaTS*vwk!~GT&D>bpZl86CH6%Dh#LH`()mSpoau#Ec>G%B<Jza7)C;|
zzOkrNX7rz-QtE#g5`}uoF(?&PaCyta5>us*!CPI~&j}J4((^!lnaZu-Wa8}S>A6>)
z@7`B`NGbn{gXRzKkU)d{LNac+L>@G};{9f<%7Oa8HTv05p4vrO*#K9`rFU1x-dlH{
zP(9UKw|U@0L-8yJgH++pa}l`vrWbgOX+?9$=6XLt!3e?bN3`R9piwf>vtBnk4zC$p
z|Fxj~#QcbPjHCpwqBn(gWvSwa2#^z(KT5{O``XeUiy|D2A=FUj>?QwI27qS!@ht+K
z%kCj*oG3!5Qi{ppwp@~{&WvL@s6KoQ=XSRd=+?4OJvgs|N-CJ?`v>lJilIN73aTz+
z9-vh?EX8U3n=~(Gu+h5d@XqJBnuxBZSU24kyr|^ldIpw`Uw9jTU?;-AWbs2tTFeL+
z*cn_@wSphCm!@_py{h$lPn=;jJ0K!DT3W9cPe0Tm+RZ@njMKb^`O3PNyRImSZL|J%
z44hHnk<I4@C(Dq!V^<M~Ki=-x_RYlf7z`cGig^Bf6n_+z0TC|1m5S69CW~J)QhIHC
zvLfUp%0K{H5B!yP!a6Aqm0$?RDtEL<pIj{p1z2B($RlDTo=_bV^(NN_pq%dMZ!%<w
zF>4O4piBG%UaF1UK~Z}a*bw|HnBs8^qN7=xz_XE?IOu$o)UsVy0|66g@uEJ-gI&2Q
zQrpZnl4n3R4jpOC=b@y>j+s&T#<#8x@7h=vpYowg?1f28?*MD*+L!l*3-}S|7h|;4
z`f!NLxA=b=qQ2sP=oIeFH9kW`81LukI1ewwU}gS$H3{FruZ2Q}RO5gLYAD8b{$5T)
z<j4{C=a-bXFH7)MIt(h=>!A)<oK>&$f97`n34_yH;P8>~yFl8OPpu8N(NC<Cq+UgB
zOO>zay@zWM!3Se@30}tA)&8J3Jp8^@=VuPVh_oMgH1JO|xPcThJ};(O$MKxej58}U
z=8em%2|-;M6H#8MhK{S9)P>oCh>3~$wWkpDdiGx3A%C*-X6073fH%GKp3jrV_I)HH
zY)R1%&k;gu45)$qo#MUsXx9LE>;vwEA{d{i5hvBG0F2x~{A@kDM^wdG_>B_)$Kz<<
z*WWKq^Ug2x0C0oD;L1hk-68)+%6_gXL}?#}SKTz1v5xc!{l!$JAn7;sT6K3Ws_-UW
zA$w?TpH5=reTtKVBc9R6FfU5~%SZ*|06A^nIPbCIyqEAxRiWw#GNXRxH6xqN|1oyU
z!;V)dD|EJ|T(3*<q)SQhp+L&?e=-lqqNI4jqC2U0c|V78Q<FeWEQ9>;{Rqumwm@Z*
zIy7U$gDp%wN!BJ#jd4e5blXmm%s*>sTcM|(K7k@0EsY7aC;L^plyP6(;9{@TdvJdF
zu(%8hT<0x3B=*?HRCUcO$7OUbWS|aL@iI?KNzq0~AGzqn{L{AA-`iS<$$HgSScLA@
z1b>s_b?ztXR8QOcyb}WXt~R8$$Gphcp^$JcRDl1_?@LTBHMiHNpMg@C((e?x`aDwg
z!t?C7OHwto2D16Vid(#Qku)1;!L{SB)ohGu>``6JQv6rl8P1l;qV#}EVo#)=12ez(
z9de@+Co2d<;GPX%BeW{&%+X~mj9{W8R*_h7y0?PUTzH#=<6D2w(EPCKv3Gmi<xAY@
zUVgrH;$WvUJ}^SD;FYsdq}Qk1+ypd34xxe=H#uBEbl{K<OJjtI;k$;yU*KWJyX*h>
z9x*M`LZJdi=qyZyKJBe~JWvN(@zW}s6Q*|3HVHMeo#hw9IB32MK@%q4`e=uT{4%&f
zz&Ub@ul={2Pj)ZAH@q+=rOIra?|>>D=ee7ITRlk}%INY3in9FbfqGh&ue@VwJ2|D%
z(P1R_-f^<})AN__8~nbj9f;Bi#t4kikd&yyCXgU1`}7Z4(3xMo;Z)<oyru55sgue1
z&&}@yUfwyv$-+e$V#sq%+?ds^T^z~B*y|HUGAvw44${%n=PCNcTf5BjSjW8reKhRH
zwwcXX^aEEKmM)JY_*vYD;DSoe9s}b;^kN6fXw~L6Br}V<ED$5woB|Vt4C9N^rps-g
zOP<aK)q~d0euOGE&GTDAjRDw}>4rfqV{wk_LmT>?t+A$9!@?Cu`n2A(BjC6~qy$zO
z*dL2kl!P7vs`{9C5=vm<0T(zwh$DW`n1-3HOV>_lqZ7={Pj<+=V(q-TpQ4IN7J~~|
z;vi}DAjkLv0JsZedUxTbP(W%Ra~z{)r{@QS9?0EBNb%Rj+zJD=p4gj2odOe5kz}KI
z(r&__!w-!DAY$&DfB+vu2}}MIfAhuj&o$v^bCa9x(e8S~yeD7DtIF;X5~UHQw2s$7
zJGrTqz0W-v7(Ik$`Yf=4b+&Z&*Cf`quno8yHQ$CQ*Nk#>=qD)jg%n+FBbPIMl$W{B
z=Ez(x;H;^vkxgMc@Te}U?v~izMt|-_`t9`3{Vx58{_3vUvYlTfl`MtKYMP|7f|9Ut
ze)1l9CgV}Crxv7E{xrqDm{&k98vY@bTU0mjstp=~E7hS|561Ml3>=fYnO=A&PXCB{
zC<_lmM&GePRq<WO(Lru`rXReY?;oO}r48B|%|JgzZ5iA~!Pa{{FD}dRx^QaJ#fN}@
zcyPZf3M2ZPtGk&dK2LeIcHNMh|8}Jya7fb8?I7kX{>K-Ji5j%eopxC5wg~X*a!gIf
zCeyG)z51A;sTJ0kj7{67i5Tau|9o&KRiafs7q*yvd<X7Z2woF8?$5n1-2q=3?Y2U3
zlPj9u-Kz1v|7fBJ>FE}Q#qaw`t!{O{J-C^4uZ_ccn{{=k<p*>OkZ(Qi2JrbOlrUWt
zjAHqA*Z*ss`rU!kI)~6iXhl>5-`^&){}7E%y=ZQc&}rjGDIWPXB%B%{+-vh&!`LFN
zw6ktKkL`+gj-$UYb(~n#fUrZiDAhoX*lwcO+yXPXJCZu=gNDz)ac%B5q1;p$q_8$D
zZd{y`DPrU~zDt&C!j$KzqU6Q`-JoWerRgLH$)OQ$i^$)Hj!$(Zj`IvNiDl9&*Crdi
zfMaB_V#z5QBbgP_m^d;Q{yJ8u;T$eU|MnJ3Nt29q>1Y`iq)q1{%f7A=#+D1bxGkSK
zRk2*-tnb6951EWi-Iu+&AH5$u3YehzxQHWF=$P-|2^T%;AkQ}}8ZIn+6Z$mMv%Iag
zl-&~*F>k!N-|(x}v6m=NItdonz3S!(mGbFY(l4R#q?RtBX9!C6wNNPve`e;dlsqEh
zPh|O?u`h8%4+FC~C|hBkVT*+$n9W6J1$#y9a|2DRyt7aBEJE8q?6@))o7_5KhqHXs
z>3UA{HKBQQWUhKWU`dd?b`nrSfu_;vJ2%@C%8;g)AZXB58!XvfSstn6i6REz%?~}J
z(r2=@3YNZL-*P5@7apd35{-0?;*@b`ndU~8+}>Pi9w|Dz%nO=fqFK^T(&*T()87p>
zfME+dUWxa&aw!Pni&eL+DTSl8?w343xge(OTAJz4PChB-i^&}Hnu_fL(4D`GZZ03g
z^b^bTK*l*z4pehdNxHY=E@eKt6kW6P@k9-m$|V)QVH`%7;W8B_DBoE&u`s*yrhe?B
zUFvrwLyY?pb8lQOU+<((ea=m>JnSU;MenZ6*_s}>kY{+p#{A#^g?dZg7W}W;EieDp
z);%Qp{MF<u)`qL5d8-!~xF)O2>V2dv*lNktLf=S>X8Rg=C@yLnKYyuHEo7EuyX&WW
z?nqGf*TM%1^OC026xDJ}V%tSn?j9zy-POLm-+_{LMv7T#pqSk1`U$~Wijv@peVXQ^
zX34eMD;YKMP2IXPLVl-fKFft2wxgs}$+ahm(9<~Wxx6KdWTAiM)pv^;`x8m@!?zX1
z<?Vb&IZca#9WjVdr7g7)xJ%$(H(SFk@}tJ0dw%JuWd*+6Csr?{;b`}L$dpe%jGI@d
zctMcykUWKFdU*eK*3&LgA&tjmDjzPXd(80Cx6`H<9e?FiF<2O(Z@^H&IYr7=?Z8sv
z$Pt+GQDtF<^p5AnPOSrz&QL{X9KX&I5A^GYyEc3<5v_X$Iyy+iogw{k(G5u{IT_`!
zMR4DhIcj@ahQ9US4$9XsyIhNw*tW~!_8v@6!yD=iJk$<6{aJVhhM}5hEg(S<zJ;iE
zCFO04+5pG|y<S6iL#UV#D$$?YFBqsm6{q-|Z4qQFXkh$&W#UR2o+r#|oCDLKreT-c
z6AHjNuK}_N+ysMwE^ox1yZ8#dQD2KG>5zj!<oH{UzHfcND=sQphT7Y#=m-cR00BmF
zQ{#0M@UU@Mgm?pou?iF1^LaSA5A;vY^fHG-YsvkpWJ|~on{yiusD6VoF*zY>Q_un$
zFtxDm!(w+2{vPD`6Dawhu+#{eqR5qp*cM--+$%t_F$zx;qFDuSKfn{<$+R=!7DdqG
zl)*DE8f<8lX&C3CPyl=a<E(My+ASJ~64epe3t4fO%zFRBGyGfCP}$JOag@bccI}dH
zqkR$M8E3AmH=+wK_W!+&>)+KF|5@I1@;i#6h?url68<Z!oz9Ob@1OqrZ-V|^6&KMN
z&;u*_U-7j$|5+>N+3_<LM*APhxC36geg+8umI8e3Hn`!S27$pPGn`O;?r?5dV0-)?
z|9pI;09~Y6#tvX)%(dyjvf$$Pb7Py$YmL)DF<?C7q(TaMBSJx%<8@b}+{IT|R+-Qp
z;+RBQ&n_k;B!nmBm3BC>-ezwx3PlKU?g9H%LC1y~YVA8~)#GMFvq8vDz%~w!LCPH>
z^EiMYtKKZAny5`8MV)uJxi3fyQmKFw>qN^Ktu?|g((mzS@DgR_2r%%Q(su`{AdE+J
z3|I@ORg5@sB%kP&en#{e3I@`m-vmv5f`rcV9b8Q!Na|6gponnAR?TN*b}%5dhdeei
zG7_aji9`vcf^&Jy+qkp~m*m1)p;U_O((e9>@92NivVZg06|2*1mFzo2FVObRoGq~V
z?-d9UvXT_SV!lcedpw9`eZ-2jzdP0bd)3n4eH;H2{Cyoyn>?|Nt<g<xocL;QUH3gt
zyluj!pZo9P1mfQiZv3ac2Ptcr7q)tS{m{Z=a?dc@>X>1Rr0tiw=ZMniDt<n*xWKB(
zE<D|Gw1P#i&uU9eRQO{<`WaW2HL`>v2chxtB9Hqgt&YX@9vX;Z9wr(Vcn9jUzLJ<n
zy8X^RByw{y#6(C~nCwSCxt~}z$%*ovQbinBXBNj!b>ZN{FPC>q(|Bcv3EyV%u*&g?
zdf(8U*(a!S12PT7$~kxzRIG}Gk1yqb*R6i2S8X5Qx%9^1dLhw3-jhoirFR&~%aVFU
z!TsXIP+RN@t$C@?|G<+8RxEEIRv1RaNbF(!yLRr^)tI+BC?Eb^SAi#_jz9ceUh<1r
z7=y-^yv*p9BdiAtGiibX_Nfo5R&0Tn49-^LyC?QHVeIo~#5&5#{}apHDs>z0i9aqD
zMX}lGC!7<GYWBZuus2{I|73qX&tM|2lvX;HPFYiZOHFB7r$EI&V1G`m7#k}A#{!1G
zfN<MrKjkxAf2b4WUC*_PC@CqOOyiwjG^iLl!jW~UV=L`o`qrUOKV6!R&(b+U<HFHc
z(M+6{*t>AIKL9@c$^H+~>jLcf3@W!&s;)Tvk3q5ER%}%uSp6%kH%xQBmbCrnSP;t}
zZRp+e{(fSdmxu#(SC_Y)yfa7j_dwuTP;zWhJGP_tMKp<)rntH%rPq7*^FMx^ca|7N
zL>ho0&ZNX1XNE6BX}XLdk@|IppBQAx?se;07h9Hn2syp@J8g_~eASw_wyj5&p5)?!
zla$4o#*&o78h0Z}hvzQN*mZ`zx8OFLfKCK6Ka4aqXjmn;3Wxl*lyEwf`=QI+qrdWm
z$|T3(PhV99sVvNjt2t&fgQt5K-X>Wr+^LFc|4R4fIogg}np9ZNOCCmJG*ruBIF}=h
z_)xv)E&87rH2sf@b^<x%07Td$oM1W;5-aNN&;8d9CPXz3{NdjnK!x1I8koJG??wHM
zXK}B;|FMYlytI*N=%xMSdj-u}^j1PUjw(ZQ(p!I(cD%+yt#aG`2bHsV0;DSt+e(~x
zeV!%Ovv6G8`xeht)=X@lIKAafb9wv8ufO*dCNNY{R8ppm<S40_O8<bq99-7CS22oE
z%o7CZ4yPm}Ffm#Q#-{Y|C(Vc~BaPJxBP|%O)jC1SZOTBrdi6SVY&Zk`4hYzdLX5Vm
ze`EGb8ol^^n@U>yYmA5gdv^xR_po{6?;4|R+LI0cF8TP+XZ-(&7UDa1)IAUP9-qRw
z_%|RBJ5`7+9e-oRs}V!qdjH7)w}jy4WitJ@`hV~n6LMD-6~|fK_Kj;PV=7}-bN<Ph
z+c-j!T^gHQ;-yIp{d_FL!7rg)R=@v#{IN*bM?)$#Ckb|TTkGVEj0|QD$sv#3j!FZ1
zf{!w&Zf^&(*5J`=P}AQx$mHm^b*DB<$+bSM!{h<o$DV&%AUB$I=18}!@Z-uN^``1g
zJS%g^bLlk+zqOz$Mghd7`2Ts5Wl9$ONJ1rB<<b?S|K|!E-tu+ZFN>l7clY4`N_4~u
zp<i#>oEH<llJT+e?}#Npe{<V^?Rv4Hwe&sd{Ay3ex%6M5m%rF-sjQZjJo^$a0ssV)
z=+@LytF+I(zbyP($zuA+l(fKDPr~4(Gs~x@WTq!0TIgJETir2HDP()&d$(TJ+Hz69
zs%5_e|4;SA;~a;b><GVrW9|=gjAbj*bv1`8t=VVwKQ%9@Gu$KH=2%F-kP+1$yk*ZQ
zj=j8sRYGjuzTDl#pO+&HzdmNjjZe~h8t^|M4;9(JArHi+$Ybn-!KwLAfctkH)4w16
z-{mzCc<}}Q9RmOJiSd6#;{UtEk+>TqefR5=RWn?bybCKxmbHy~gJ~XQmHmS99dipO
z;2XzLf1R-njL40B53R*vq{jCN;SEOMp+8pk2UMNF-Ce<ff3sjio!P)|Z(!l&>s#g#
z6wP4A_J5fA%BU*0s9ivi5=0sVq>)g<pc|#TyF@^d6zNU@2@whD?ogyd=}<aUx?8$q
z-?=^C{qFsBhGU?I{qA?oHRm&*pbu-{)AeW4{fa_jdd<e7TU{yK_eKy{nfqdTzfcXe
zf4x9Th-Noc*N&pP3mhC3x|s3j38V#RN@*gB_X24NuA{%toQ7Na7r!|LtFHpioD|x?
zmM$(<h5?&uiayVX1nTT+vDRz(>v1L@mqFrn&t4lDLu9oM98McpZx!FuyZQeDO2iw)
z=?K<veg0+J?Bv@|+kjm@gf*`KGwmVlsbF(--y7wl2+F_ADX5+Qb8I-=QU3200y%mV
z<QL5400n`r81Vd<A22X|ts>B4T@Wo^V7>ESkPat~PJu7}nK`F)-Qk^oF`3A`T`aBZ
z$MZYHbQRgf68~P~*<*}X#JX27HQ%HW>S}ro45;FO{X4!G{{<SsH~D|>uYDR6q}CX|
zE@S{FWMN^KzeZ9D9z6rN332R$SP9fRa$MkTxRu6v_k%?4zY6K9WWvb{?+0=RMb@yQ
zf2>^NYj}1*n+Q2e5Qa1Bf~WP3eQewZ%+_pZz5IiQkY)GZVS$ec%?C&)=5L+R#y<*-
zYctZK!PRP5xrUST@cX|f`h6c|TV#~XX3y(a(NNaELJLZ0SJYdUq!Ybu!vW6#wS$;8
zpl;4k+v@v#=IYyfK}~e(`<3?mUs}`u`*41K;zBJ(B7Z})XxZ4-xg~fDPXd!@{|lt*
z$KEV&#gNep?b651c1b%Wk0#(nLWA%yO9+pid0(Fkd-ndt65tawxBvT4Ptb~DuOetE
zSkS)wbM5s;`tD{+Y3NDHWMyV@^kjX%{r40NmssP!jH8`Q->)*eqYK|Z&i`YpxuSkg
zLLn|f@z4?#mSJXng}h*qv0MQ&n}P=a^IrUa-@;@qB1D&3#cG8H1Nn5`ceHW;OH$&b
z|55kM!~~@{z1uU#3Te81!yZtc{QUe0QXSN<f8OhLa*F(yTK4}v@c*xVpF*vIAT34T
zM}eA4!0Un__{EQ!Ogub$+(rv~!5&S%3i%3D|H{Hna=;^;Rb5V<-o@slN|*<l_1kpu
zHZ>R4#Cc?O-E>0#WgLCqzRAtuU#vbox-*?p5C5D=*$ZRt>e|0k%_e(pm*JvgBt%~0
z?XCzjhRuzz+K^)D8k#^po4!NZHq+rC9*5C4_v4qN+}dxQ-{IUQXlHe=xF0aX^LMho
zx1pB8c_Ut**SrB2XE;>%fFSA^k9~R{HApS+<$vD^KkCMN<?=hk;QQj%EAav2GA$EP
zj^7EXQs7n6;5)!(ipl=(C%?_I(l3`Dn=Pyf|J=>Bk=gE$nt5KfzAL3mCOG=(_^<IG
zH?O&;Ax;0iJK6^+K5utdGIc+Q$F3|&P-ui@Eta{O{#f-$O_<=^bne`+Tt0hegs#Rx
z7g6CnRliZ|H12d>x}sIN67P|E+u&JdBYVKYPl261RJ)oLT$~)N@%huh@Tw20!#xZ$
ztd`q_KNh}jOqJ+0S4m=0Cj#O?Tjuz!L+3r{@f=X%Mq-wIO$6RR<O=#4)D4YZyoy>s
zs)9U2fn=$MNddb1Oh}&t6Lp&U_KNoi6-ba=A??#IsuKoSh8Y(ITSnM{Z)qW+T$M8!
z9Rv#Um<Fue?hCYd^b07EK%oPdA*5R%tf8#i2h39<XwLe!V#Nq$ZiRx?FT`{02>L74
zm~E+LnKx`3O-1h7PtBW2_s|^nU2deZunBZ@TI_Z<7JHR`jXm7|{J4R;|L4+_SC$$T
zlTSOYdB<e<?xdS4=LSKbWofN<toB25oBBeR<(XQa7Uyw~7Lx89qWfBL=lHJ_U5(2x
z+Axvc@Rw}c_Jaaja+rY|q0)?d9|HKK<pJIsyG>)X>U=W=^OnL>DXCSJZfnSw7x6>O
z1{o(KJp^x4o&r%2?hDm*RsoE{rQm!KaiVN^qGIpBq%MoGB-#u$P;!Zsa6mO3r=-y6
z=UnB4D{+1u@={b(6QT-XnF5+6sHQ>vBna~$QiTAa1e5O*`5fpIS))R`p<W`3Pb6}G
z@?4nqK`R=CRsa;{sN1}MVQwp?(Gx=#ez+iXLbJf1&z6lP)%34Go>0#jDI7E#yTnbu
zYjQciA|YudX>}eZB0476xN`QfJh#*Sz_R>t<w&ug)7z+8s9DO*yLNxl;BJ7N!-oqJ
z&WHkS;~y5KD@S#=7ldm*mnK;CH(K?lSoLptq~5*1l0IzYMRVg{Cf1W0QUr@ZWmm^&
zQ-v>O_21?XjFU}Xf=b;CsD3>JPp4}fS_h3Uo%<qu-B*J1b-L%YGp;&vt~Ivi5DBCa
zd{UOdbVdg5WDBeeC6ZNZ#9u{LDK-1H?#rkcBHyeZ%xd>kT(4lFgLNV(%8({S6#+=`
z1jSeph(Etb-ta-0-NpU{5rjKt{<=R7SXvJ-C*dn`0PGEHlbaov!oCLnnsva|k)8kF
z$Mo=DEo)|Ia}{M^yzf+6KelxFboWgq3)@i+^}6u3?dUmO*2dn|eB?&m!rR)p)1{=9
zb?1IfpP}2SMJ__xS!theEmYR#1UfClxVf#V7@DKwsXDToD-NzKnlaYADtd1lR7mJZ
zueg*<kZ(`Kv>DdHJvWSj_9#DllWt)@Fr4%-^1ZFKUMDY%;8~N{J0`Sf8ds{~Pgc<J
z<^;TlwhxArd;F5rw<ig1-jEr<j+c9#jR62sSRWhc$m*cG<311Ut77!ii6@?WeF1ZM
z<kcc-A_VqCXGYn^v3!NusPLu9jwc!-%Bd1)!+&A!f-R19E?3Z3D=z6B%M&jN8(XfI
zo-L)%;n7hAu>J_RU5;k;G<GEs8RQ78u60&y9g2jJ9hD%3WXu_JAxzCDxcKh`{>x89
z9#b>lS8K2Of9j{+u5Pd%x!1p?pITonG${3=Liww${tV?*ljMh7mj{3E1hqH))lFk+
zuQkhe5$+*!>m*uJb{{8Nn+tQZy)T~=vO$%`+Hr7|G&<$Mc@$)xa8RAtak0U>iRIQn
z_VUJV9Ix&9csJS7v8atFL4&g=#PG2d(6_r@$=w>jLmP&pCQtOrI0Yq&^v*W*{cL{I
zQYR%T%#;Q(onoSghkbZ@@n&f2bXs<LF{nGCjQJm71Sey>gG-yNL-xGj8OF}^xXxX1
zybmnO;n^rO6{u`_?}X4a2EWbL22mM(33yu$FdA@>!PK*d9vQ21aoe@D1d1FG=wZKR
zc4)F@kA}VU|IT1G_J38(<NGC1X_roj!8B3n1oshkd|%by&mLdzZ(y!w3A<!^8aUuL
zyq>Dxx>OoGojXOiey8&4b?P6Qcau?FjydodBkOUEBK%t}?Ww9>rfs4hdqt|=5r1j8
z*()%&cjcN)(r~#E7_I^EK<Mw#Zcm8};yFE`G<#X%f<Kyc_IsPwgLqcq=j1Bw$iOR|
za-^@*BJdDF&xvz}_4b>Zcwt{dao?%0%-y#lT!Kt}>>4tuf-d(<zA?O44*kuNo{8-3
zol|qFTWxilTZ0rH;f+wM?M=TpR=$SH^rGD-KNDHT_=S}E=zT*rTxujFCBI6E<xF-9
zVR4<KfBl~q%QN6NrN{j*QadWsFmu4~z-iRbRhQwot>)+x7rH;|5wVh97!71Lu(?Ct
z@MPuZ4J);7olXmpyp3)XL>4LXPi88-WjpI1jK2Ax8Sio5j`@#=?NU?b_DPLS+3yio
zQTKyw|KGMtr!uuPvItABj2mIxT*t)$0c4zwD~Dm^z4{7g6Y{m>76v1q9Ccf_a;7V;
zyn~w54$jaDN-@9BAN;$|r2?gFb|C{@aro{mX*Xniqyfebi0kXcXYHla_##H-F1=@d
zZke6Xv@iFic!0brFb0@G=deoc0wxK~96pPHPRc$ixeO>rGG;n5Khj&<YI*@YiZnCh
zIeZ%TqL%JCZ?Z3Gq8Vh|tO1}lptYiveTI)qlf(y9h}{Daww3%bdcbyAwR=~^8Cm}H
zFq7As0dj>_K2^j^uR5xlgYUoiOz3j?udBzA_;yyHVXFzp1CIeYRj#<y(4z8~g+KUy
z$GoWshZW5lXj>5cc;QVzO|*51;Wo6Iknh1=y=9zK?XA;U|9CIz*ha#b&W*Py+6?in
z!Kq@)$ynp7lR(O8)SBT(IlHlQkCA@yb;GL0+K_dsv;y-qvhy(RH9MYnV~Mp+<s`2f
zTdW%~)(kCc5;Uhp$Jf1_<i`WV6qbpUE?ic|Pviy#W;3%=L38B1`D+&#B}j+IdC$;5
zEeDZ%2bhuIpZeyq*Z7JD*rt0>y^stq*a&tL5wNd&od_BX4Pf&z(9^@nRt=lp_4j$m
zydUT{>w(#sAGIrJ5cv!bH4zYbi1t|rPFS5L<Esi+tVv|>U%6>3fZGEP8NE2M1EwNo
zqQ(B*C@N~FY^6;Wy`-d=AR=FB?hzzv!|VO+h2jUWGVDfN|9+Qx!^44Aj4d<|0!JD0
zEXP?XzGqb4bbTeFDkN&?Lz(~Gu~WXIQ8{bNB_88;1aBNXj*n6%s<+Y}y)zAP=j?IX
z4qlml)IWvQKV`4{dQmYdL^$j`Y{yv@-zWJ?d58g*bY0*@*m%}DqPQ&NSEn$6ws(B|
zu$O2V-{`_tSXQu8yQxRT{p1IKoci6<HlF{Ox;^MpI#uhm^mi)MWAGL?cMNx`af6T1
zs8gqh+Q#lvyXhy(x5P=t?zMas+yz-GHHWo^#t49aAQyfQ@(5rYsb>b<){v;^lKHVy
zHZ$b-TE#NOac=oC3e(SQ0G8hkus{W*-^sg24laN?#?>kIbRs6&Pbd#>X(Cu6b|5ta
z+`GX1VGah`z9{=OFK#=GqEhuKYb9#c>(5Eh$nOqrn7ro#JtL^CAuLCsF>;?b!zyK6
z*!`d@fqMaV@pohJa%ziFsW8MK|M2?*x)WeDgyw+`HFu^xUPNhznjdQyyMlte?e^lR
zqsH?d@O=bu8R+u5wbcuY6)CZ@Qv6I6@feEqig&ZQZvisz03>W%;C_CE*CSyG@y+qg
z9fDCf9I~?t4}ZQ)&tp`N2x-EReYDWUcY*&&rUzwN&{rLD{jL?Y!TOH1a@`H}Hdv1R
zdJ=^z8!e^*5H+$2-7Y_yYFMbXHJmn{-kWT6+djJY(R#x|Z+mx)Gu1;|`1oqA_Sh%2
zenn^y@l3x}#DImhLj6_WLbgGmHE)BD>R=iB5E0SbThPB|8{`v9cN_1vB#3NLbuLrJ
zywnP2d#3PW$W_M2l)u)4eO+s@ME{nms`lT>@ES6wM}M5QQde-SBjT5?a|o=2?M}Xp
zbX%M;SG(K3-sb&2^xm{m4FP<;bR7BvkURvtM|W_JMba&iwi5Z-uL}2tX=#b2y0JEt
z@z@qIAe)$lugT)lo@8mKd~nq7Ry7F7u0SOt;I{YdP-8b+v)|)IE^|JXDBkz}EkH_3
z!9i^f?c#;}6jDA6|1cchcX2SON%L>53*oCsgn822d;q~8p`nvID$BAak%nm$UR3p;
z%N^=OSeF(+N4$Ce8hUU@h%t1=)l#EKcCFb9B@Yz5JFoazthzwcbQyY!A&J+{2xz$J
z>FKa_eX}}%st%`L71660)mD5ds=_-3UnK4Hjtq-|*);{spJT8g2ma(upt%rYTWetB
z;gtXx7M2^kKFl((#_fX06a{DJ=UYT($TR~-otsAI-Mvm)H(!2}%93JCU!jdMq46m%
zh<^JcOXUk8R{^S%fonEVDPQ%Km?mSibH{&$()QcB%Vp%{i=fA;92(ry&0%i@|2V}v
z^POqEK6s>jK%#uWq<ny({1Dj)X4*|Qx-clYulzlnI4-Rp{=_|QcjEP3fh5h5=EHRO
z)spQG&a1qe@ykkgkT;X=(P_{|pW)2fln3v&)XcMyziydk4d$+&E~XOn`xOgSYrHv^
z&mPEaKb4+-8+jn=Ra0phFJgBllyeX-m^z_4SZz0bxkM_mR_oC3#L(d+{D;V`pGdsN
z(VW_GExGsXHTUwM_j_4r1d<|U=0Od#Wuof)$`Yu(z<qLustKl}z_QwCkhMXoc=+sT
zZ_(<H0g-bQD48&jA>pgnhwGaDhWW5Kc-jSoQ9W36f+qtANkaXYfo>WNw<3^eZqXxC
zYT+M&i?SNs!$Xl~88rDIiOC09$7V=@#1Gj;xhL79FzA8YNC2`l*3^LK6AOf1h}I~C
z#IlIST^N0U4!Gp0D@*n(3;|vXuws<blz|1Prg7*La&^@W!{Qn-=(BD3Varv3Lu&z~
z9C#zma*@niu*{Dz%b$Yc50{8|=35{F0((`m%wa9zM#>-+S16klcZ4noa9~g}kA(^c
z>oibD<0K$uE(d>3zeL<%@5p$v<Ry`O{rc|p<iroMa%XpxYuaukJo@mh-$o7|94rEL
zhpDtJ=`k@dRJ&+Spo{`ucptPFJWnt_egVV>IiB%wIk}B-nVR==q#E~#neF-K=igPk
z48aRBOXq?F&xm!jY*a1m@Bd|U3qf(IP@Jt>tM%G48sTiSOx1T0Ml{R`Z_fKWj-U4m
zxD<0P{yH+)Z!<WQI`?Xqdg@_YvDUazyQNI27%*6IMVuu%-Y6LLroG^5hy72{P^)uf
zKe4&HS*b@R17aUzV&7x#Nk7Non>#c6g8%yp#f>=acckQZc?^zcZBK<ZIWa6Rb51uK
z&k3*8Ets;_(Cn8jlypLFu8R2-{pg&GXR7_JD*EWxz<q_6!w5WeaKH_p5%@;nCgpe)
zRSomRcEi3BxSj%#41yUo0K<XU{>bK6v<_)7Qr)AFxCi9)Es)zJ1Cgp1=!%43;VEHA
zUgxrX1u-u_0sH|)EK~=u9O-~<F)b1~06`ue<-;!cBWx_d5L>6pM)w6Zzau&|JbP(&
z&<z{H{|%)3S@3-uLaBn=2)YAgh!(VC@{+9~H#@Z+hM@r!+`Lu6Kme9j;Ki4r3>2xD
zM7Y3!i-WYSkV#Rgg0(C*A)|@<B}AuzaQ}|5C>X6n%b>Cg^VEj{!4|`yL#cj%grCZY
ziJ@phqK_!}&0K09!MhGD3%}Gw=a!%~6bj#bWETUT@iw!nSuiX>A0xF4HO(p$jDyb#
zI9-#SP}gA+mh?b@krxy&-+_qb^tg{krLRE0(2B(q=r=Io!s)C8MPlFE$0npuLmPog
z$EA`3tThgf&BR-oZqNAZZvuAU_dQnZrp31gt<-L3Aj+?>=APneQhdvPUPyTJ+wz5R
z%yTAR^jR|RlK+imbrt`%-g$qaYUS^{`f-MBsp*5s$|mNs=804v_l9u`U>OvRY0L1M
z38^0ceJcIL-PUmTI4leZMWx4f51;D#6zq!TRR3n&OPI}=MPMKp3>^wZFV5Qkd-D$7
zXjHC@;r0J45-HUm-weOtyfwYiL9*?<(&6Mb<*8*&ti8yPeKY=Ob7(~|E${twz1LyY
zN{{e{;BSxAP{CvRztc@LM9$&l{Y1{=PT@>#0{oWjuAM|qg3L)>+d=$u^kG@5{)12{
z;_e%s0mB;hFhH*X_CY_WPtvRI0zIb$v<J-n(1pW75-^lCP@EU2W?g?lM7rD)w*kJ&
zcX*y*>Fd4#H$Z$p_?yPy;6(^p4~0YcL+tkNFDn~m%}t>1mRN*sEk0DIFc}fo9oo#6
zmX=?l>Rv#l0HL&Tg&9T=@VKD0u>n>FRtom#xn~mw`6_gOM&rGJ+AEd_6VvbkboNMg
zKb!}c8VSC_7jF(i1*EP3TLI@m7?Vsis9~=I8-Uh`1*yP6gQ+b1;p1tbm5j0*TK$6a
z26gfVwZH+iKfuk)9fugW&>$RTI1q>Xr&3*i*jA-bkQo!8V*%6+Y3ij20&shv{(;u=
zNfG1<s;WUt1jJu3lo32q@|_+u-X=fycLm%VZ_m>6{eftzJ$B!5%Zcb0>}s$R`3=m?
z1o5s~czHp$2wqXNbeN|Kua-Yg4~+b-Xqdv2FNF7wi0)|Nsh!qd;1(oZ!fA9Pci3pK
zE!gq3E@~}<GYHu0#kLPZ&@GeLLk~h*km&M>#6$g957j_*ZWrNH{jsPugI(7a-4ENw
z@n$Jb;*AKicw^QdU5nT|;XbVK$2kS7=V`K6f2=hkT-2}ZQx+a9?OiPjRXr+@O>6#e
z+DAAiJpEZKV&mhCqhY<r%Ex0n_Rpsb1a&@ci1m5H4YHLxs7Smslo=ov`4Apt{4P9q
zQ?f$+0XUCfO_B<en%A$SqqX4`IP~DeRptFg?gY~RekVb6@*>1cKwbL@lrp-^tZ5jQ
zA@=tWsOq0zra*;*ZxMhxd1XvI%D{ZErfrp+0zeZiBg3x>N!eI8n@r|_RRQCgFtk=c
zLIvW6)M~MBJsfJ_Vn_<p+l{;&%I*f+|61T`LdFA<bPd0sRO5T*3b0x^1qb~q7|)5Z
zu&`V~v!wbqSSrUQU+#lKI>5=`=j@S`n>+#FOykj?m(Zz=HKk0O60l`nAAvR+2tv0A
zgFb-s;OB49tby;6euY^(h?7k6!3Prt0i^`43?#RA3n>!&`a<&$$ZXNYAC01ZMMu6H
zaFK;_b`>Q$WY?^=Hmi-4JZ^>E7w}Y0PT`{_?m?sFL<$ByaKv_fp7U1!=!7o6@T2#Q
zE@-)ZVI{D$X!4j_-%ZcDkEg6Rj{O+)8H$NKPng{Mc$VBqH@JKDx&O;MLP}3QV*Hd7
zBSC52d6{Cr7TenC``=zim4MoL;(S<Xlib!#s1xDlG&&s{4%?CKSQo97P$TD-FY7fc
zh|AV}W5iCe$g-}-$fr`FIbF(i-DSD>*i(Mnx(myGpOl>o?fjMPtDGY5qvDI-UpRhz
zxyWv2RpdN9y)_gfA0F$N@hhP69pbfSz9myt+*hw0cKAWQHC>WrUFV*C<2+%+c4c*-
zs%xZLFT29oCk2FYzUAfaDx!L2K8!lAnktIVqt#>fFuc==pDlPPNUXp9^cuP$y3}O(
z-v(M1gFnijF{t6;4g&eg>+R8F(7nKY2#47R0zIVOwRu~OLJy9V6r2Ue0FA_ej&>9F
z@IcV-OWwWG@c`0w$}2X92Ry$!Kfi@&h$W<nzH;gXjLw9ILuRm`Mu1!lI<V_Xl*qVc
z(1hMiY-@WcO#|k+a9=os$wY~I9=;>bv#w}(1EB1gu~Xk$>Q6IXQAr048+33_^pl?N
z8$cGyrEz6s&OjO#xi_VRkHje;G|;h86P|qo#bz{gfM7i7uYWY56QK3_s$C3ngG`el
z*<>Ib`b9dw7=I~Cq@@_Nh~Z;)f7RwkGTY&8sRlkPT&~bq2IRr(`q~Fbnwv+1<?y?K
zEe|vU(2Gv24d)ePDvP4O`wV#8H`=E3l42^FexDQU_+N|Nuz}}*3?Mj<bEc)5r3P;B
zOpLTPwr(ziussK$ro{3eTFlh3SW3C~9>`4p4K9QeB1Gpp#I2vG?w)R3_xf$Y83Yx@
z-&HjOriBnu#-49D<Tz=yRKfX#TLiJh>0^5KK+^53$bj}{KK*|*gaAu_a^=?=2POK0
z)xUj$4I3Z5IjvIrdA4$6O{4Jl&c&ni#iHM$#y`KGzPxc?tpwpRdPY|8n9um#E!_=;
zE)Bb|^Bw~P%W+)JRU6e|$6_&WOFz4G<1O9hJ2AE2Lly9(pS|E>la$<k5<Kw(FW6$&
zNV4Q5d9_*Z&Smrsyz7?5+uA)Anw1;wOdESWcTBsFjUGz|s3zWy=+W}|pj}<3b+)Zt
zT31nK+S4}YR!7$HL(T5RvitCZSTj?*=ef>`{Tg;^x!Ww3FSrCH7nmrLO1cLe_0Prx
zhpVSjGJZxzl%y5Cguw1Ezw4?jY{1{B=-Sv<GPT^Xi3aVWsYJc4ulIR~|CX0&ja=T;
z&VA!?wLki%ETwAdQ^uj~hFV9{;ftWVNw#0v<%_5dW~%<=;yx-4=1A4r5sYWb`+2|A
zhg;~RXYx(i{fFI?V?`tdyylPGn|nV#Dvs38-AM|1x}6vK@X_%`-fz8E9MgZBaULaT
zWOkn%WoaXhGuRO$*yBG}C%C5<IN1Nx`AqG%mG^pxE7dTrLk&kZeb6KQj`0RpIvDk!
zGtz`savF>cfs90$M~DYks31tUKrfLOMsxyoX9;wI{1DST$N3e8pLNg2GHo)PAO+9|
zZwNVNg#<BsAuwx{fyo4-M_KhP&Hz#BLmIijB?~QMh14HDkoLfPiwskNwlM-!!yp`h
zYJCdXL!b{pM<$m_O@M&v1}?57#p7;Jo?Kk)_d}M6zrxWFTqCd%BNpK6d<p}NA^^ou
z3o7hEO^1v}f_`z3>~i}6reMe@7k?I&5B3#<x<CW)7vQlTViZUK*GnK8n%&1SP5-hw
zkS$A;l8Y+g^NPHSU<qk3&BvFp42B#av3vt^OPS4!+mBvoz^n$RJ)Ldz@Y<=4Y^yj~
z*9khXuTI(+QtVkR2xE>m#-j>eUz|8F_rfi|^JW=e9h=Y^jw7_$T}_nL026t_MU^uA
z!US5)e|tNYYyGb+fDw@|<dlqQ1>{4wzI8;hYuK9gl`-Pb82W`J2O*cg1~dis{=ZlT
zi?4|-eM`1K6@$z#QgzJ9Ayl3|6RR~1I{OpWTGPw7x>F*8cWKQ0I*KDHqcA^cb7eQn
zp%6b7#=?)YWwUMd>pBnQ^OCqz*XywKp(k4IPP(ng)b1fRGj>5;Zo@w6PJq}pmCrZ)
znl>VQDH~cjk>v<ZJyXoY5pE8gUf(EGX*V%T3n#V9ZQf|=54({$oT1-YlGkt0o0(6@
zQH0Qm`1R>15Ru}tN0|;1gsxb>V;HNYSa{n&=5$zfJdxSKFxHTIc<xw|J9cWS^mRGw
z<-^;CUrz%me|9{!5?VcH4k&!|iD1A{u6>M%t&#!}I<A8#3)9l8+6q+LVve)njVscq
zXPwmg%T+2@ALF<6)E=XfTD4#+VeeIE{43rnoB9}wiJR;*wl$)x+U-@X>{S%HO(j$4
zExnZ~QmIebt0^c3++CL*b45JmTeA2wR2g4b>3Ms5={1g~xnUN2_0jW@aLYG}`2#QX
zg2vPbn>{B6mnIZ;r`_e5<6a5ZXw=jBdBrc;e4!Wrc*`fhaxE^p5u5FmvWls?KhEuo
zX2Op?RpatY<Bb|~h(-;!s^h})^&CfiBR1!g95rcUw))GQy_ZDVI!lc`wsHo~J?41?
zjqiWiT5^18eDC}?zW0(>d*1P7<7n@z*)S%j6!_~O*-^EZ@EpqIJ{gREJZBxp-}pnp
zKJ~GDo-|3uz;>$0V*Dy&b7to5K4O}!aeiy4_e$q^dl3mDwPyZIilmycu$;j(XbPKc
zQ&A=6Wp%Zgg}luY9ya?cLdp3(K|;-6q$_eds^g@F8nQawMV2jcp;OWMn}6CY#@x^K
zuMmv}gLQ1h-Z?F2+C6q|ITw-IJzGi!wq?Bcnqw#0u(C74w44yB%pCne4)c#JUK7S&
zmR0v~dKYzta(rbe<6o;K-}3TfUr#+WD1U!WR%2-xbzS&{E(!?=fk_*PO=oK*txmwB
z7>pMS|8sx^e+@)5og_@3EmaSIx_mb52l&R-Y`{%mo0jOg7ZY<DA=AA8u@nI046bvi
zH$``b=X51GK`M&ORlRRmCzb+78wM19C_kwpK()>Agd5xb@9!@xP>d?)h2F&ch{fdx
z?>e|d+o8POU2z)(PXHKmi3B9u<)F%CSf_+n%-9a3qiQ^(N1A&g<F26-rR9%mh76lV
z@C^blygXYlK4=1mO}PHmN{w@+yFt27pN!`Q<_3hnVkJizWOut^vA{JVxZN-erkTMg
zkFau7j70C}M!(fy)Z+(n_8CAzHBhWJSAI_;RUWA@tOo@KmKWVD=K{|Qn6=eQ*EJZ;
z@jl-S{Rv<lZODj}iMz-}puF!r4vu2D?>EB$$oXF72CG|`qM$zC*-xS9Nm2(05QG-x
z$8`M$CQny)aQQ1SqHU<Azs>6Ub}tb{gSw(U_QP)h@EYTWeM(HH0n9nl5#$+!G)X<K
zX|kjmh7ZVuhJYI>M#vaFx(v?O652t0Vr3mM;v#=y9b^QqRBoW_u*=T5ImVu1vx;S9
z2RamAMU4vxXMSwql$G3*+$><`3irRqCh~?cJC?ZHPrWKGi&pD;JUWhS8tVuyD}&&`
zs^mfE@*a-ZG99Uhkn1bUulG-%$*4wraIB1buZ$)&D2@5P_$kH{6iVipNrJrF(aGKZ
zRC%~;s4%@dH}JkWeSk(Sb;ntq0;fCuHtDh!GZP|ONtlg5>Lw680;Q)<XC_khBzc*O
z_^dXQLa!lK_~G93iAmj$N!@vw`bk@em%ib&+*ru8S}5<b$wY)=>GZT}#S)>GpgeP6
zw5TlQ7CCif^h{}bFS&7x|ISja{jkU7wqieptF4=aoi53?tI}C~@DsNU$AY&DV@#)5
zLdW4N7o4e1AMGDXH|6&&jSklhsFT_B1t|<kuWx7NuC7s|QD$-)JoDa7uAO^zW)rb;
z$3^HoQ|Q{*%sH+7)+ah?LUbB=6<Z(w^ek+&o1&uHEo{<6*SBPKwwejG^y9d!q+5K`
zh_q^Y;_~;prTjdIFzl3wE16W|B;T^7$r!Ayw8bHI9l!a-7j4QKSlG?8A!74;`~o%c
z9WLt?Y;Q7Ro!!|c`QgkZE|a`rKgoU)n&Mt&j_n_%uf2M?;p(4mj$KIg<XsyorV-w+
z^QYhbR<mt;*6)o~v)Nrr&i1v5dk|sLco+2S25PntqNgenxC)4?BvjKs)(-z3LUf(R
zqd+d-ncC-V!~H_|9OU^2IxXo8*fsuxfovL+X<Vzb@~D_Znj#4`d#P=H^@NyzWvCkV
zm&B3;PaMBhw4r9aWltMBR1?#g_l>Rkmd@~ZV@8oUN;{6B41L?J@!&!MkIeSOcw@Y#
zfnB%q*s>;bdo7whsh5aotG4wpKg2*U>?_S@@(xIoR`zTe0J?qy7}&ah$Jwz`VFxlp
z-UXQaShmxE>;UXGdyPKuz1IT;2+#<fVb=_%e_dJYkcxR0m;pU3R2ef_V=(oA1rLNB
z=%2*Efn5dlGSWO?`m6OYGxRFZdgLTyio-Bi`$S~oIgK(*V03-RK|(E8;dj0&gDs#Y
z{me*18fdHkG`KzZiuDm-gO6OM5)T9Yko5{_F$ist<ST!}Kd|*aLW<x_74oIFfLA!!
zs|BzcD6tD7f6cN$ee{7M_wl}AkJtbMpX$@O0VrQ8$UbQ#1+W3>J6<D=9xj(<jP;k`
zL&jlH6RkS@K&f8~51BN19iK`EU}BKAU|?W?j`fDOO;8{B6qdpI0qk(fS6~(}M^sXr
zsZ71}GA>U9C<E7(p@5#Z;S9hGYaA|2WD*kaj{wh}TLkSMC<wWFgCYYGMSg_N&YI+s
zd>6eTrZ2xptNw*Gvh_BCm&=vS#PJk8mKV5Z&4}}6H-kMPCdOajrVBPiNNZxKrPjA*
zE3jB7p5IqjQ*kCo-^bTBFnMGVEvv7m>E|wSC$wT#mB0FfV986_cPVaf(ycE)Uo%O}
zeIilWNlsTM877<3w=T6Hu0r(i9m3im1+lw>4QWs&4@YtZUO34=U3s19C?6%$&9KNC
zxh?4{%Z)~nBi6BtU4S<`w-zd&UY>;*_7}nvlyS6a&O{fc%Xr*s8GnZN`{M}zK(;iN
zMmWrl4wJqT@4hNSX3H}(3RVT89$M))0q(FBd&p9zeL9a?skA+i_-2id!nXV6>|NAn
zcim)~X|QEXf9+&!xR{e?Y)h9Y8@^f{YMnMtlF!J@KtVwq$V!Q8G?Q-CI*h|Es`LD|
zVZve+@Ak!d1A^=#>h+VhUtg^@GMx)lKfd1>Go5^ArOYTanA$sNL|Ay1MjujVP&xll
zT<$7~>6C0EEaGT=c0{fHSNyQxVp~)8>4V1Alelv{w+DmM4jI;-#KQfqLgrO&BE=2s
zTi?9O#`ty}Q`E5w;dJg{X=hrxV}vl{2y7_6w2{>?SI;cOB*I9Q*WhPUUDAJhO_>G%
zcUsNa<82a0E{C06ZU18SlU4TbA+>}dR7zBy8jgg)RMq$8R|=&|HtaJAw&QBnW7<aX
zFDIVJPHrT`Hc`$u8sXC+qT&lv%S+R034;S2neh2{9lJ!0a8Elo=%i<E@b5hz4X_K`
zoO8c-GH}NqvHL<rXMXm90cTJkQ}G*m(?fGkP3`c`{6oi`{xbJ6qOuli;~o!-j=IQ3
zgTqj-n43a9hjOzq+Wt422tOm13ZZcEOYvtK;fq{44kX40T*b3<pU#%I(TQf!CDoVt
z{1);qL;sF&E%^gcy0(MWiXUy7W}P*bIdIqQW&^{uz+KxYT@3Y2$p;ytOJyWP)qFCK
zi#9nhFaX{`4d;LBfo`DrpX5gse8B*chYK5q7j!yg#fZXrzyy$CMo%><atO*J7=;Cm
z=;fL+Y<?GNAAp%<^^CU%9O@6(h>>2In!gT^aVTKY1&9TJXE4nl0!ps_x;OCw%lRT8
z>t29qpl4~&5g>N}FlqyQ)+2HXC_4b6GEf<=Y#D9}7HSu$F~Q5K0=ttGW<^RK_-~NZ
zFGDcilsE!;$$oSW`eg_{_1Rp=9iT{4FA$9l6No=x1kd~*pO00uWnutJgK+Zb{I|i7
zu#EWz4H!)pBQ;O(FP;@!CLP;#WGI6%l8W!x8pG~`<tIF+P)9PZe>4Ee?T-l7ixG@I
z?5x|c7Yya?s&-ISd*11DA*U)2XsK{Q7c?c1w@m+K6Qo;UzQu8?M%c|vf)ppW1Ikwy
zQjA_(b|_89{*#XXf9nR@X<)vBFikoPK*&^EfP<l+b`vG)-st{~yD?V!T&d;)y$)^Z
z>p9-doAFPGUxj9?ql65jzRXGS_!y1h8(F8KRvi`iYehHAW;G?bgN63{GP+uJSVeh+
zvg?Kr@y^cO_jqe)dlp8;?}#Lw4Ni3z06$V{?i#4Hy@M_+j!~I2Hmpg4ksQxO^0KEN
z`{$#v{Ja=Pk6E9<4t&0wj&)gA^zW8UXf-9Ht)^HS=xI<kvAbl5DX8MUzcbfdNk7tU
zr7#u<r6iBluM;bDOmE416sf}!=6rLX=LJpwF#{sCxaFqktGbis>c&nZSN;G?-L&9F
zw;O));_lhuVcxk04-54v&0^;1TkkDd`4<{IYrEcUy1yb3DG-jn$EFc=x0(iH`a{Fn
z{r8o7`|tPq?>gVNO?jVBZdb4USL)LEpmBIGRrMvq3@86e$>&eTxFQGcTd~vCfiz2D
z`)mX1O=yxtT1^RDvo<Z!Q`kke$4x$MuYv@z*{3~OXAk7X&y5P}x;-$qy;yg+w3FAT
zwTnCrDjta@-#t;uoV~`0$-kBnlFf-p?Rsy=r^X0RXh&`~LrPrQ2uCD|_C(4*J&g!G
zh#5;Hk@jQ-osPvA2iv1yy`NJX?^1F!s|@q6>zAG?QLW$mdU29vTBn`8n%+vpC;Rf^
zEcqvDI~nm3`1W){ssn@Z*OcuWGZ)zG&dPcPTI<rTiwm3O`AHLDTrik^6D@XWiqtuy
zlBM$GP~CB`WA`(CTbS(5s-m4xJ(%vJvvpQuHgQjc^XcMfbfet|-RRoEOv_#Tcv4Tb
zkK$w95IjDQ3hahNAU;A!Ic`PqsC)0*8!rgFeuBnNC2q<ZFokJYdtnnX1HCI9BtCFk
zvVg6tEUOdvi8eAmN#_UF=urg>Da=1cTa!AO1}&imfO<fZycQa4FyCUU9JUNbdci=t
z$T8pzVBc;9P>K*MC`0;aYT$>6fpnOZ-~j?<SVE}X5FV_BaRB0e7<aO!0A@DlrlEK5
zBCJwV1MmSBSjgrh_~1@pKCE*^@u&rePb=wr?V$4qi!#`F_+rk%Rc||-i?>wyWMBf4
znIDRC|M8D?L~(jc$W$J1RTkPrYoKUOB>czfHK2-sAQpj3k-hy6EE#_dnM>Z#1ZL;s
zqkKgt`^?AO8T5D&+tlX9zAr!s9nJDGiHrJmOOSc5b{rZ%3#(JuXga7~VR!wktS#H#
zH9-UnmcAOT2lkNa*;!rJZ5Alo_D{sB#K<S<oO_1=RU-*koTr3_q8rT&fRo51@WW{)
zlly}D<`$bT`hUW(!H}v{L#!QR8aJ{`Wuhg<Pn)13gsRfbznPvEfm2|c#+uy9>WtW}
zS~>`t6JLSJ?3N&Giz1pXq*XQiFq`?o_*Zoq`m4LU*!BLn<XRMr1RgK~z9sAcSZ22^
zC9|iQ`dsv7KEEHzt=?a}P4)meftS$SfSGw)!Cv&02pd6A5H<T?SaMkB4(L=NHZ(-n
z#C3Ba<5y#=kG*TB_2^w3F4Dl|P5ajyL|S-vd>37B?J>o!wN9sl!uPE4CI#M*<f70M
zKEvnfQ#6r0t8baJD}?8;zdw)lS}B>}<(xVkp{(S4(%$Fv=IV~T<05rGXSMM7Uw8HX
zlA_dnnLR|rkwNo9t=r1qpMrzldDHCcRmN+V>}Shc3C4fz-HO?RC-hy+ZD;1{Sb~i+
zfglkX*|6nx&as!;JkIHox&7p_#rYGdUFSf2SN*!`0d?Thsh!C^qvK55!7#mMYK*nN
zm*JidnZ`&Knlf#j+&mNyEo0oBBlad6woaF(Ij3=dW(lcQH>?@<rx*(j+MxRUc`fW#
zdn()W%AMicxwC#tdTSp=w5WFSweUPoO>B7`R(jJVpG?h`SugCOWCfiy$CkapX~|Ny
zyhf(c$4tdl-#xBK0+%rx+1gLNx%x<+d8xW0<j7rroClf5U3+^i`CveDDE`{j%3)9a
zbbjT=&A8(Ry;C1TOez_jC3}B1gbaZzz4&Z5`gc=oe`OXd{)NWER7I7;*O}4gWtcW@
zMSEww?5{ks=BGt91P&aRvfi>I7*xNhZcNCYo6Byf_heyTQ(`Riq<8o>7th{$WEWq(
z))R71ZF7X3O?+tq8_oO3NK=XN#=)B%rfr8$a+{9ZB%$vOZeE~2DqULGkYHM2Z$GpY
zMjW`7PMKC%ymPBit~v0nf%}YN<!u?sg!Pjc?A;E_G_R*rve?xESl0@jcV@rCUK;6|
z`Axh35l&22gRAR}wLwX&6^=uttTVNn*M%8I>eMJORZ)c9PS#K58J`kGR-M_gpojI8
zuoXsC$XiKdFraBtdu6{r8wFcJ=q?CO-ebx{+xxk`Wp;fEpu5B!3AD2y^bo~&^l1sF
z;K}g<I9Grz0(l1+pdB3@4Y?oHHoqMK*Z(DTkuPq@Dk<mUDe(iz#Q2G;NF}rnYRwwq
z{S*RW*jLpw%J`m2oB{>{TL~_cZz#`gp)|mjsZ-(EE;c^?ea%ARipB&I5{Cc1qIX2(
zJ;kGxzL|fpB)Yu?s(AYiAxT}-1K;aE)a#S@=gy+Uw23uWDrl?J`5mr(T!+(y1a5#M
z0-HkU{P~STRG;LsI4jksvRcJ_cp}Qdp}?dRv6nA~bp;Vb4N#E4;AI+{;tskET7FBq
z5`^-ClR44@6O3lZ9Z)^Yo&`eH3y3Ce<w=Jz4*bo%;N!d6@{dv*`{br`W=EU=liyk!
ze}|ws36id%f#M<)@l{51&lY!M6C;vcpy1#gMg~8DLyZo&8A3hb#%Wu%QtHrOx%It9
z|MAh&MZ(C34Kfoq_K?0oRse5bmrb_SdGCob_udV%>eiy(KSVA}VDot&vWy8S6n|v*
zQ}(U${Tw`lH8T};Lak#!9?sDxm({aTE9I;h_Mz*?I(wpshK`eYM-DQr^|wvSZ)=~X
z2DQGR5x#6*?PV}53^Era?CLyp>WKSpk*07x?n0q)$jsI~)6Uh*Dip6;Ju>^Q-D%@S
z>gt9O&C&F<W0#BY@!!ejzwVja#>bhuV~u2b>C}_c;rhgpQz?1wbOv~Cwr#G`tvnH<
zAsf7{2sifmO~w8;1irG-o4#|B$Ia>%h$8V2q97{gCb5H+u*>$}!_EFmEI2hE@6xuM
zH=2%KzP(oaPDW!eHh+kEdpun8cn0CV>!UI;bm8h>m`A7~{L1i|5_3M~3&Rf^l25j)
z1CK~Nc~tFJd;Jh6)x6m>AKYgW1<qc~X26|){QMiu(0C!0Yy0`1k->O>CD;Bcs|w0@
zsh8uLKRsFwpU;lDpp79|O(rJdjxQ_rGRD!acID!T9=>R_Tk;BF7w@9m*4GecX(%(m
z2o}$zo6#m&cQ0zDw4aY-6K$s4+3(eC$&aI5CDv}49j-IN;onyaJybUq7xkFo#Jvh}
zrXD3ZZ!GyW-kc~*!|9cC()k(p%R{4vIiJRvp{G1__QPZs>`!LVi`~!mXX`=S&~l^X
zS6DGnBnw1KR?&racI?IV)hd}HtVi+(AqvMW+WKdnx<hK;Vv0T*4U00-S(>~sku@1#
zm~14CC9%Lw{5<!XLyud4YXw7CVZ?pO!CQ;!X!#bS<>uNabh7x0t!0*Hz_tQXfL@gi
zb{yf#ZuX6zV4)dv?+kXBcfJ2)3Q$<Gh&@$QiF63fzy=HPEjjda*sen_a13H;C=kJ@
zkEKQ2iZ<Q^&IbQNauAYu995t9_*_um|7IJzgm%;N4POzeV*>7`L8wjQCM0x>A<95}
zJCrlIUP8dF9=gbfZ+9{CZ8ovxJfh-x;(jv54>KBjoNK;BC@S>c-)t}x^uK%Nkdu+$
ziWaxFK#38DaR!(8ZZ!CyUlt?n@PWHC1EwgKnv}k4vIRL<Yr2xXmr#O`8N%U}>=-m8
z2ZL|Bk>d-nK;#%FS)iAB2$|F?+iNsnCkc$j$xL76&@J(A_q0k45@FPlP<wg=et|xh
z8^%zeWFv4jM^nacrLi6eA#*s6CcjulC25tf62Xy|*n+|m<MQK>_)_J}7gjG|E=<L6
z_qi}EPQY>iX(i6lU!v#P<tmJ>$G2J_^byMh%H<F4DpIWMTHus?i5ZaEhjoT4#wpra
z)@>fJ=ZlC}^XHyJIzq!5-mH^=SmbD~7$HWH{4PR^p6B(>&Ri?l`E{<`BP|R5yrNDe
zy?uRQIwiqlkb~)7$AwE0oA9zNVrB<ug@e-%lJ&V$J#3zA2YdVtn%PUebp7l4w?j($
z)MJgW8?ixiF&(BAtY07fes#6p%8})IyP0j)ZsP<jlABzPKT>{vd6_rDel-1PLt^=r
zyvac$xm}ddF}<)0gOCfSzI8Us8S~P^^;(Z%r<IP&a3Spv&QnK|UrRlzg<VX(+}|6z
zpfEJLym#*56U0H!d{%ng)hlpfR+p|A*!jS@b+liu|5APp&rajdzGGa#+ael|?sHuA
zD<cQ*zBN|k?|H_hgu9Njh(^7`Z@r^Ou0Hx~To+3{F2<#v6Yz7IHyKN7M?EwJ7cbok
zqPe!amA)bljYj)j`#%*1G36gQwY;d%IQ;D9^LQgCx;#)*xiyV%m2sS1JmYPE1VUK2
zbmpiojfTPN(dz1kALb0!q_W&q9PRe8FSeuvQDE`~VlxH9lSFzvgp<;rWL&KwNWxDd
zoYW<Rz@>ExhuFo%g{3BhSS^%5o6wAr4o6ldG{lu>#^;#he0eF?ixcC|kX`D`YXLz=
zc=LWw{cfFp_sg(yR{cSyF-I`l4gcOX;ew291Nr`p+*Ez%Mi$KjfA%%WB--W()zB73
z9h{B~fArR0JT20l>B@WpaRECH+^m7xBT@PJcXD#cG*w0Q6gjIJyg6#C2eeF2K1Zlh
zN$_W#ICfN6++gS-4+@JET?;q2YpoYy#z9ydHFJr{p5becC-PDoUqyz<+uO~p?<Km`
z*bnEOqtykYy;e`x=Q6BY6Zr~+7VtuwrFo}dV3-lmAo)#+Oi=O+OWVMJ%0dEvDq@vj
zf^pMjcxXs&`l|!Gl>SKei^cu-ykoRLTR#wY$&R>jNkpdkl+sZJm2Ge=Ss_q3u7Q(f
zK#+|#%{II%rad$3eQ^8M8Z`g1va);EZ(6S^PdtW)X)}R_h87*%x9G+2Wgs7Q6nzyx
zv8FjBDCoQI!;&s(494{LHblNjd{W*8GI4y#%{Y3=uait1t|~(0o0z*yb{U>t2_l|F
zQa#M@8JG57?6Q1VC)p>6n_A|BzoH&Mq~5eN7a6>N%f&R?;fn2C$6k(*PajoD-`}G~
z&aX7PoOP=-Gcyw^!wB#l;24`#gD*^23Mw&dYrTP$0Rx%bo4hh|UzaMLG<>Vj6a(le
z=;`V0vCgmFQlRPF&lW;g!+#!5*prZu@bKkWgtx^<+ADEeG{g8X4FgJ@rq!<D;r*hr
zrX+9|IXFH(-UgZkEKRH|7%;h~JVYL4uY)3mD-TGw@pd6*rmT?0R|De#uqh-d^Qa2W
z`Wp9JzmLGGdJj6T7SfMnBp<!NI+8^pfq<I&orUs*?fPZoH`k?JOr~<}4!xn#(VR%R
zQd9*$zQi2b(G%*1hKBSDSR_R=$D#@7n-(=ce?Eg+@5V!>Gyy!cc?YavMRwz+h=I2V
z)w^xx%-N*n#q^I~ou}A6{Aldr5yaoyIc!DO8!K#pA?s!*Z1AMLmM!@B$ezRk_lkYa
zxzOhOl19S)1`(|fng$;}8FQS>a@qV4HVf_J{K3vaAY_&~Bi$a&R9C$d$jn#1V-SSW
zy{fTF{RE@HEKe;ezZJ(3(c8+z*C2H>esfyln<pLdRXff7Nn%_s>GsSG+A;zb+36y)
zH=Cw<3%AG$qbkb^H;hLw+<sScp68RxHDMkMO7dTphY4^79>?7<WTTwWe(0*E%3GNE
z{3*s(C60SPJGp!O0|z$Cd9^;;{N$aV1>`|jxVvQjsyGWWLAy>tyI>o6P^iH#c{Ulh
zv&1o1!akShIbWpg9@7$aXDR)T5q)42-h3JlakI0g5odmbH|_jqv&fS#(!0k|9iah1
z#_H?m@uP?LvbJ=e_BJ*wFRZ)2dGva-aHB?J@US5JwvM>=$)~qwu>`wztk>BhZY^+0
zm=ds~U&_p3MxD(`5Cp}mFjN*BN$F0>%-w!gSFz-5L{G|gJDo?bQDwC=jysf0q{EKj
z-d&p=jT4E)j1cmMz)HWe^o${8j9YR^mt{9_S}o%uyw(H_4%pi(g_2D$5NJ2a#Parz
zum$y~(6ZMi`Ufz{)`5pOm+J4uXsfRhwP&p#dH~BrfCwT5m0Vr<@KG<<3F5tO;AF+x
zNumtp3%acYsEvGogT*a8pNV^V6y`zd7OtkQE=ws!$*+Q9UGcH9LLBWJ(~(A;_)*(s
z((Bv_f~53NN(rLHXxRe(O8Ryc)V*$Enc*t*%mFPLe8OlkL4v)%gV8Z}SwqaksOkKa
zWO@7~#jFdp*fjiFPkYlf<>V>l4}6+hgYalR3a>9@6O=O0YXp9I+ehubli@^!=de69
zFMaDzrbtpROZW|A1XUkP5RHw)(UYf7hlG=qjOt=gPpPD+eI?N>+0zxi2^(zFZ<CwI
z)%`N8b<6?oBp{eA?Zo^wltUP|l5D^~3$`e5kXz{PXO)(gK15ATO|`YP_4f9b=|y}D
zm2}TmmXQe!3)|b>&1l4T|4>#~vndhT+>8MA>DtUv*EtHVS(YqktOq<j0Rgj<H*elR
zBj0Wdhg*MDKv<YMZZPG7CC&8i-M6@2;Fq1)H9k%@Iv@|A2VkzWu^njT+364Xr8BU7
zAKJWXY-lKd8S(b59~IX4$Otmh5t2DDnYgK}!qw_1(lZ*Q(l1~wD=8tN;#ZaW;VlVD
zA~_bZB>q@wNy#hVM3Zsopp+n)BadGR_*{9u4(VCFwGpgA-<pY*YZQGr#xrn7qCDjZ
z=Kw{C3hMDa8A;Z4bCoW?AUZi4mSjS5jsqye(q1}*crj5<*1*XDMUWrbU5V}2FEZ{G
zhnyv7g|=J~{(NO)gN%9u4_XZ|kv}a}GLm<a6j4&F6HpSTr>DzFG+JJ(P$%FX2Kf71
z#Va_W{#@&q$WT{czf8%6=5MHIB*7mTi|ebaCLb$k=?GT1B9y7S&D%zPO-!_2kz?Si
zq6)W2RR*fyJSs<vk$m+XBx7K@^#~YiP^U79N6SUllz(6m&Uhc=$(d!B-wfvPK%pZT
z#!(j(6pZCY)eweU1ZWWz6%>j~N=(Iw#h-)R9WTwSt8>j)^IdJaoo6QHHyxGOzFSzG
zTp2>7*Ge81KE*yz%9TWW8ceyGR7l7C)s#K?QDsZP%*n|Kh-Jr04Lv|{Tu#!5p{M#8
zPZXaZ_yK2>1=;7{^)yxE20p#QBt<y=>0SMu3wPNTS-!LouLiOP4$Ti2go(SZ;e1qq
zv=h6hBy^!lr5uBeOeddk!f{oSb!a`;X;5Qv6hDXSqSAcQ^)^)!VDEd993Mx2@r!^?
zw1|&0mZTvDKim=L^Kh8sgTRMcUPjCvXnu4KWi7@z62wENL2hofT%1bSK<@16clMs=
zOuhXih+mh3_Y(=(?AjMv=^bwHY$-lTj_k#jP<2oh&p25SUu@`foe?C)jmpY=Nn0Z0
z$)78hOxwoK!TXM6R?YhdUH#h0r$;QVg=-jbk52mge{0;>=Hn2t%}>8$FvX|9eHLSO
zpxa*FdYI=PKYpMY5teWLK~J1TjQh+_qO+>wnP__;%Ti?)r9!WE#JhZ+N17R@8X31W
z26-e*Pb!n=V%e7ca9(M*lh?14evkW!R+JFL*5O{H-+@hYKc#E0!vUv6CCEq$V>mvu
zpZ#;PLxhBALvhRjd-GmyOdLlRd(r}zRK}8V2jAyp>q-eu4O4<r5!R*#w+|BM1v{+l
zuhQ6Z{g%EO7OvKgJa#O~u$=KMbUDYM`<d%D&SkH1qh4ElIIC`LALp!}m=g5`k$JDK
z)ZK`H9tE5-u19*N{;xl@aHyK@NSG$258$(#U#XcA>vlYp^O8%J;H-&|CAU@^<kQNa
z&>Q3{4RiY}Avw@IcAy>R@HfoiYLuB-lUrHSs<V)yeKhH;F4Hs}1VBGoy_fK|ij?=P
zn)p8ZH+@NpQRbK2m5xCqh|%0Xi_2W-B{WVVOK!$!Z>dtWPg;n$&(SA&(ja7z<8PFH
zLj$eGeSyZWm+voSjpf|uDEdj#7%^5hhC3d&Ctt39R({2*$|ixieQi^n?L8k;_H#Lz
zcD4ZSp;z+PLn>L>ND2~rWPb7``>?(CH~)QY^Rk?`3BaQ*JJc-{i|k=FZ0lNfzapsu
znRz~{KI72WdTewg2)g{>2h{Pn26uOUg<|RpaWK52Z@ViY(LgSveXU|JEij28_peBl
zOU-9F&ll8DJ+Ru|9?S~K%gg(GZ|B(+q{Dz47p~siDOhMDrMAs5NdR#gN$<$XaR#xU
zRd|x?x9K|PqNXMh1(a~eMl6IMfnAV;gM&D0U4Z>2GguD>X+b#K73{Ku@u};~JMnGq
ztD-6|0GACJ7Xwg8dOtWTI5?z%xgJt~63;mUc=KZP%1c0HWM+qM#0~5~-5_wCZ^O0;
zF6Wf`3X@ivkQ<>y`W#3{VK9?a3ItT$`o#-Sn#2WDP*T>x)(QGPi4&j!ah1ZgaL=fr
z26%%wL1y24Q30hX|N8ao=g*(Z%YAu%=?+n2$-jV->+bFjnnFO~JIJ}!Sy@@T9&&SM
zG;aw*2sH<qRcI3on3G`dm*#WDFDN)MK92OpAZPd?V$nmqDk&Pms2p2gU!Rl1bdcR7
z#fz0HAJnWVWvnz+ZI=d)RF$KHgS-3t^$rWyBXUbhrU29jj*d8HaqN#D3Y)&%WLEwa
zNYxztvhBJ2babe(K}qCOFt~EZ@iD5Kg!_QOuvMh4<Rx&7&6-T`UI)GaYEvQz!Oz-1
ze5ZU(FJ4hu&G{z7QAK3{bX43gWP*kB6hB>0yep9ckH6)80wq<Z;O1<_budEQ+T29O
zeL(}E37`|0QLa)m!`;eEeAH<IrXQBip9hcfn0MUZxup>1CsqynhV*)<^DPm4OSBXu
z0H@hnS=9hl8kP}eZ@6^GSr{47@ql*}ey9ShPe@u2W6r%@WCiO<a!O{5vD{C>g{Dh4
zC?8_Q{wmSu<)HaNses2|Wo6}g?@HX|*T*J2m!%$(u0Ub#yaabETtV~e!0g1H%SRb_
z19prmB+tLUXlpaQr+TZ;fnyvHLa|pIG<Pq6?r$d1eKW|rBAeTYho}6@m)5W+u^{Sb
z>4RxIQy!hh87_?qxr&4gMvj1CQZ4^mNJ=LxC`~BRNwjcfgEOp{e9+51X|er;3<U3d
z9iM#Ndv8IMrj&lLH7>pn2i*s!Pe<tUw*i?VLb3)g-K>P^@e^b2^(<WUx$5YabK{|N
zt(spJT%?Ju-X2Fie-Q0<%2{_@F@B$)oT8&==Q3MnFW>~@@8dc?aB|`yAX~)car`{|
zK#l0jOtva3d!M|#Vo#sfwRU?wkppalij~#V^GNJdj#?FRvOVsxAIY1QlNZK@liFJ%
zo4Xur530GCnC=M+Kj17A8&IyKK>I7z($C!9+$iHWwEbxMI0|<#{G>|fc@sgl!QHf<
zd+&8`jSZW2{vWo!GN{UMU0b?Cy1N9VyF)^xySqcWyOBmhx>FhiX^=*`OQgF)I?lu1
z-+VJ?=J?BT2Jl_1b;osI@rRl7M1B4WCzDz7YO(m`!syA-W5DR#Q5**9<$KF#xsn!?
z1>zawlPs^4n{sR6s$%S7y!Clg?GI07e^;6O|9UwlrOS&nJFcs_=&Q|qQL%(!hz=^3
z_0eCXXvz%qrl$P)o#telgH(OWS#{c3J-Xqc`$7x5{;Z{5`S*d;JC|;3ueZsJ8|AVx
zSo&cExVaO^^!5Z=t}+5gihr+~(<MHD8(C;$wOCJm#YgE%-Y<y6(R^Y?RDMH$x0<`j
zn%W$tpR`!j<Z?iW?q{|k9lI-(J_V^CHyuKRLv9{*=Wz88_MhzeC<`M46<q6Um_b*;
z3)iTLND^YVzg9KEfe*#rnZz!pq954^vF{=L@NPsOK4)SI2_w4VMb%^W(|G4ap(W=u
ze4nL#=uZ9jo$8tB4f?cRx*vkS3GQc7F?5`NmtXKrnsF4+A4sO8t!ec2D&(E#eqStT
zQ6Y^J9@uHExn?l_ZNuMPc#3y-it@55pgSSuF~N9Vim>94*RQA6A=6oa&<NL5D+6cj
z+p8*t|Gj{3qC}O-QAT<+DLzsS7RO_^>Vq>CF&#Ol3Vs=W_+=dQJjK%S@Y)w-Z;7Mr
z_&Ddl?4@`SS=vu!BJyR@V#)FHXsF?rxD;6_phd_?my~;SZ@4k$?1P~f_&6utK+$#o
zgNWche)-c-cBLR<_f{n?Cng-JB@&8RQp!VUV3W07CD=z3&MH7zwZGmGkcNDHe29pN
zK|T2reg>*i7Oyib+HzP}7@!7p1#{4ETKyRrK~{JuE-nVEbNBQ!XaeWbs~}~|-`_u?
zyVwqV(80Cwc%}6QaEQ)*Vh5gqFb@O`$B?wWfB$}xNDNS@LQ2kSYHGlw>_;1P53I2J
z8=iqL7AWQJj*fZ$>mL{_m4WCJkh4YLQo)D#8rT57GBCmI^3@{%uphumJ!SC~I1Fe2
zz9irc8GWC4wf1-oC+G)k3lcrO6+lN4zzBT3k3NEQx4lz+KuN3xDRzKO6$l*-DT&8o
z_~s~p23WGbCil?i9)ck@pS(Xdj8ZaM1ha5og4}W$sKB;*J~Uamp8oX(&Y!ilwRrY`
z4PK+JD5VJ~Pl^v<@2_iUkbCRT8|Nb}iEJZ6CL*2+iJ~MYE^Y$OuOOpQyTgYUHovN>
z1Eh#~5hH8oT>$J4<Yc^28%}x$7^${iFbF$<qs7&ay4=#*TEKPzuvb(B7OY~7DMN}<
zxB{a>zy;0bwkMH=Gog5$fismXVg9keNXLf&lMoSnJG)~r%8H@3bVUZCCoyT(yg}JN
z{qTlE7s!Rci(@EgU|@g@II*35kUd_&ah3}i)k?7rh}je|Y;3_nMw1pu7z3dBkO21;
zk~2Cw8l;eRf?qta$$g#WWAfmklvGrLmo&W<5u5;-JoxP|Mj$fM^wT6vCB{Qc#CZEQ
zkVD-h;FifqObpVz88i~~*jaB7uC}l^G=v}l{*$%<*8bD%Y!m`?eh7ys<^vcP7Z=?>
z{6IA1Ysd;;ud1Y^Bp|8T+@7t+e=!T=1Q>}2M_^dZdvoZhLcq$`)LtkMvA7Bq=NNDb
zO#neML5P~4f^6!0k#r-BN&&wG^m}70MW~(u8IiYMfm`5OB{l>&XhxwwZ01qZd!oS|
z{QmwPkZ68s_qi1Cw@6R!UpsbD^r;{Oo$cN&ROnqFbNmD)zxy{`uP%0^5Oy9%FgE<D
z;Cggl>EKY2O!V2@IJFPUfq%bcXw}<^s9ORJSTJ~#jOBmm&otPQU-A6qbh*fBVY_25
z+~_r);7h9j7aC4mR17~pvIox{`_tq%GvgpLj$hw5m4M^I__5LPPeZ?DMj5*39MV@V
zy^48l?hZCJ@-MW+Sfhp*Bm5IH)VrpTU|>)UTDg~;{!;UwUKxk|UB#;ZA&_z*d3zYc
z+b8CcIPTPI;P}-*cCS5k8>eH{V^tW(OO!9CeFz(JSfWHCsQGVA(0sH6yIa@0pX(v5
zvp?EGahsyE8KR#>Nva}YJ7#~Jpe^8e98o{??aRe+RyDYs%uQaGas4e1{BpP_o_6@O
zu-D^huqU8I`clzddgirLU7jAMQID+3eO+O?raL+zs<-RM+5Qki%kQp3xa?AFz>Bg>
zu=8y8qn&{ugq|a4c60-a@7F9%yCQd-@}7`H+;(&jcDjCKZ55)PeMp_8!p!^N*%2tL
zdwoQxxQiVK?Dv%Pn*B+f{#7i<%6oSVKLoLtPOQDgl7EoUdl6Mu+pml)cn$uhwGdx0
zQsA;pcE2flMk1+A{#!A>bMzZl0c&&R_ud22$@@*(?e|Z^3O@NP7pedv;zVLHxsc5x
zR{XnR);Cm*)qP4Aj8#m&{XS@xR#;`PDVg<3Y0s1X#~+3?7=Kn)8P>m2tiQ`!Bud4W
zt16xg=xO}0|7FwnL#xikd^f?-(K`KjhtR1u)1udR=JoV(E-G`eh=^;)QeIAF9x+To
zM*G$tjo!0~igv#9S5GKYF2+?t>}tO8JO?7x2eVIs-^*fWWX=9N)<Yq6p-K;qe&URZ
zUf2_iPj}>bQ9auVO_jIEoCisz{WN#L^Mcgu--a!i`%`<?AA|Gile5<x9N*+qGK_;k
z6417;(i3!1G>~~k758%jmMDs=grU%IKTL9RFfcH1b8~}<OyLxO2NXYXFO2xNC<Dc*
z+)n?3@DKwNBo9D_n(4)CZEqLc50e$h+=LJUP7M6~-hh}1G~FQS(pN?X@#*ma$oc_S
z1-L`7GEIZQ-VWq1f}gCE#>GTJLgE1lCO&?qZ5}{ZFBZ#N0BgXbJ`;wvw)P%m%Q_1s
z<tr2FwK~%zJF(zcO86h5F9~^Fl>*TlID(3DUiga!5^!3JK$N<JXk~$8QUMS2J0&Hh
zgM(KgT=9HsF2++GGTIB^ixCKTuy_i-VN?O+6|f)dMy$%}fmnLba$YYq^nP%}m<qya
zKkDjU{R{pqliF5kHy~;Y`rM*h@$<KWHdC$JjIjjf`)9xv0W*H8aRoLW@LQq2BEa=J
z0%=yZ@YAB00kXY#Wr>NH*7*ka<^C*DWo7SdIRX3sXpGeW50xHJVWEvDk&>Fd{?U6%
ziU4A~Wh@J{S2f)IG*)3zQ6(^10Bs9&(}Ghk!+s-+nchMlAcF!Ot(R_a3DDET$3Wj4
z`YAz>Ps3=)0Ldv03A@nhZtrD(2*!LMog$V=C^kb*G|oEu(~N2L#s&?KC150?adL7p
z)n$YLNB{fnM~@0jRXpy`M0520Nb8nC64Ilfb+d>J_F^$>|9I6V0k7XY?m-qwaq%9Y
zRR6kSxDL{FUIqNJk7Z<4s5N+3y<G`3yaDQzUAAJRjONI%dq5IC78Zx?0!zh5Mn58B
z>l!l9p5==`=K~^%z(!V9)(Ib=CIzE70J)L2a<R%`kibz|9#r{WMw3DC(BRp3z`tPh
zGIxlI|9Ca5h!$ytoIp7TU8<%Apf_}w!^v1(2jEbE3oCKA26TOz(zFWMAH0ADSMd!)
zVkCSiL}4&mF`hLJBI%H)O0RhYNfqJeeN9pr2{EP5te#DEn!gB<p@!+Cu5`*sY6ex&
zYS^Aol`b3*ayBpobenK`vFcXyox<NQ*mZ11{;MA$)PE~aUOSFCy)gwNr66hK=p?W2
zC8}heuof@lm3T>iIeK`cyJdl0|Km|CDIeZgB~tT<a2;x)Q^=Rq=x-Qxc$LH!(n)=j
zSc+<|KIQvooQuKt;dwYw)h%KD+qJ5!!p$NMXXJ%jb+=bO5g0_WHF5~F8g70{L+d_~
zWB~I#gJq}DyglaEr54a#MB%j8n7qdNgCc44LWlOPrQ-&7(?0s|&h7}_*vqyX%=`DJ
zY6L!)HlI3w7ck3rj-Id=`_q(Uci2RIti=xV)F3$28K+Rxn-^uh=*NX^94+Sa&+~0h
zIr-OdC_eAaI=boEAV)OgO2Qz?ug;00!5#CNg<mdjy~un`M{<}rFU)KZ7bkGrb!7&5
z<xmdoyY-Hm=;}v!*jO_clH|#|%8KlQ^u=k!eu(Xu$KMB@Y8)43g48v|%_YV&qt!I6
zGqde#3e(@`1}Qsr$2~LqT;_Pc?bkIW_Z>HP*2O3+xJOZ96`V5k3sea5HUT+E9c<j}
z=n6d^f6AnPq4|OO;-8ZIJa^u9TEvwSHJX8loV^Q`y;cSnqH_5wrUHhhTCAnU$l4og
z?R$>&YgyL0jz^DOuf(U$%uS_VYi?SjaLGmtPZq8*l!xgd8j~(n_B*%RTX3@|W9sP+
z4u7HC-bckOB`T^t_(?#mx<^0Wgee@a=M$0|>*hEjJuD0Avf-sV%;R=)<^HM8glc#f
zNJJ2nyL~F2tR`h$%%;pvU1*$~kkN%2FhvDilY$QZAIfsFi4VQY>E=5&HnxDjF%`0l
z%4oQi3u$cY;uu7xM89C25;+r&u@?oZbDwlc5r%Rt#?(GgD`=eCM%W=QZCnjd2VH#n
zD+yutj8OXCST~(a_uApfN~k$J3ONv(DQSYR{fFK1HBe3RP#t!qt3qT^w1ePrfu8WN
zFknSc03_fby7S##m;gyOKsREHcDJ^WNd#_(nL7*JefG@qD=I1gEMjA6Y4`z14!VN5
z+qpwnl?_0h1|QbL*LW^Awqk`GkY=MtNJ!{{NS&u(Y@FZN$R&7I;ACx0AH57{v%o(l
zAB%Sanpe>faFOwbfhZVI^KFfcMDK&+<I$7SQ&Zb~?l6iJPr;#j20e0ex7N5<*akiq
zV`gr0G7$a#ljPtcC}N<B<dLINQc?oVJqJ+LBg6e0Iu&OPi$iQ8H2T%t)C2<1!DRY<
zYdt6o44^>WiE^~Ry$xf+r2PZlq&FW_1PdU%r0hN2d+h@|fVs#x^#+nvask3>&<f-c
zmX%rkULF_wm1=Em4VaJO>H0&W`-2ITJv}{>iWL+-u1NL4Wxu2WN=1r|4WnjM3aUP-
zupbe&VQo_rkFT#USVS&Hjo>eux3;!sDzw<apTQC})OD~)aI&zF*<+PSVFt>x27`oX
z(A-c_QB%)B`ne%W0es1-`>JnvE9cafn=UXp0fr5hg{klri0F8D(t15%fJt-*6wLb!
z_HWw7#qr?cD4w66p<t0yS&V{`lV?FM159aOK=-`AOgcY52Rs8Hk(vhd%85vyiostV
zN+{ivI8g%=6Y;vGsUITxLSW(GOss*HbD`)HuI!JAB1^<x#W<hb_^|C)ng%GhF(7YU
z%yRMdO5p;0FpBR%seUDUgV)8e!>|VQIWSwBGHJ8dEP#ECRir|8f#@=5R^r}pGJg!5
zM8QN4WkUuh*j@7jmW5cc8gyjM{;epg8o2H=|K~dk%MK8lgy#>`C?FI=6C_N?BvdIE
zA)+AO$3F!gJv}-=qiNLM*8eo-GWmJ@bLp_Uxnyl?0AEv+(WB`?iCj1s+x%-dk~8CD
z?TZ4Y;kyfmZKGc}+jT)M>hVgtR31$mjwF3pC^`-f&mW~mbSrK-nf8Kz<3~#r;gS`9
z5X-)zSU9A>`PQS{$FWf;mZHnp){dRXAl-UGTu^U1?#19O9re!KQ6fkrsehNXB2{qy
zNJ`$oS(pm{uI679(e-x`j41g$G*1vpktw!5`+hGf-XI`jsx|n&Nz^0x6Hg9%RO*?!
zo@fI4MJVp5lZqxpztiBm`r4fa>!q=6<fqV_;isQahyG#iL^!0}s&h9Lf+vyvlJ3hy
z*DP^*a)$R0*&2i%9ba~;|22%swtn@Yj<F&_wlDRsKAsV2AV;G|erniA1%r2Gxs`r(
zxpzU;Ns&{q`~0*Jr=R;mvMJXo$%9kA_+9N>q*5bF@qjwl7rKJ&o6rOeHM>?Bg2q`F
zQngu6O}DFK#Ld$gcJ~S^;9PblYL>-sHlVK*-J&SEX|2|-GmBzNZ~a$e+DEl#u=#to
zc=P#<HU9EEdjkXiqfZRNw+y^hTNB5E=cZs`1DQHGV@Vyo46CCmA!7xkDE`$^Hzwgn
zF<;8o^!sa9*-Wg0DvimXWws7KM{c9GX>`LD5I5~r3G6RtuSELj_&IxMyX{G0R)#Hw
z6r<bo%nkKM7bICP0El;3XTqd9+pIUR_cPMu^W2=T=J1-IS-Z0tr-H~h!Ts1QjmPYS
zpYo>xDZ8z9855?NIYAvYlW+G6@0}~_D=-!#M#sO$c9xm1J;f%x{5^Xa?SbL+vv;Sp
zI>S+A@C=qDNK1kRm`Rx?n4IY;IaS2y)$yCL!w|MISH*3wNd8-^7mkd!r~S~@@S!uN
zLPDThOot{4rXL{5izu+20b<V5bP6Rvh0!E~{yJM<>UnwbF%dU`yulwHxKIB3>yS-f
z#Y{@0@Rs=n630_nDRr(Kewnh6YGGzkR2CI+I;@E>Gc#LQSO~;}Ejc?oQ7QfF*B~E(
zby7huEVh`K7y#MI*`J6Ij1B<#CqP$Y-je5)mEq&#e;Mi`ZwZ4|?RS0vX|m*qd?523
zl6NCiV`0d6)#~$SA%HB8P<Sc>${zrhF>P#Y4j{8$Yd_d-0TEH^9#9H_rc4LS-;#mK
z(q}g}FQCx4y0{pdn4JD;o(A?bz-C^A^(vNv?oXZBCuG1F4L&(J;b1~SiUM<=k!~rJ
zS{xDY6p%`JQT9(x)&dM19NuUYRLsq3`1<fBaSMO30Su&{&g<p`CBp~gOJ1?k$XWwW
z6!7JtzX1xeH}OgbrGoh0Xfr?7*9Rj8_>E$xm_|o*6o&~ijg5@}Y{>*j1?r@gq+~xp
zwL3ue{A*W1{Tv8LAplqbbr8~*^Z+Pe@Rk5&Q&vunA1vj-WE3FEU%#REgtGzn#$2YF
zPN^P1vlM6S@~DL+BRvP6)`l(Mn;W|9QFC%)_q+f+0|f=8mMxE}5<Qh*A810JfQ)~_
z0T8lN&0GSlifRp=SS3|O;?RNHAsEJi<O9g>B&?jAoL(jURW+zqYv`!_(FB|aMYrc|
z9OvV`B8(|GJMf9{DqU@qQn9^tz43st1wtmzfLpZK9T;B0%Cz$LFNruA+C12WlwQC9
z&myF*1l(mnJ5j<6uUQ7C3pixFfM&^208C#2uIub9wwp*C9xj^_CTn^|TH0$sUin+v
zPoV47((H$FE<hLP0GF=W@C$VKWEQs(7<ynKMR13QWE-(=7!AI24}D#IJrWX9FcI+O
z@mfbJN-Y4~5z&uMs1%qx-O8entUI59L0YO}Zw=JF*v|9Q12Ex;P9u1YBx5zX`u7jC
zVBnG^>_iRTBlW<KiAT_C`;93i+dnB$hg5jTD0aMzj`<y(tl9atuY*0IF`B57<Q`2^
zT1v3UA+wA}V}Bi69+l7wkpeMZ82WoiJu5C?vg)+_zTXa@I6EFkSRBpo-kGFirThLN
z52=k1!@1`ZCXeget&g9{Ka_vguiY1|zKr|ZC~UWBi+i;p(E-?iS_GNOw`(6mW+|&x
zZZc#4)*(fV$1-E-FSVRpDm$NN7txaZK^qpjV>#=J8Q{)@R3d;&i#~2SU@@PQ%vej(
zkd43OARk}4T$Iqc*_<c&<Br`SlB0As_W`DlxA|%&@)F^u@P)M>?TeAZxgF~xt=IAd
zVPr_BBAi*>l;-uP{#c$OpE9d|p^d&0;`X7nooCk*{tq?JJZ+mbw@rE9vn|-OmizgA
zKDV3lXPS(M*QzLJz1-=m-4oebc{ueK4cZKiT=;0l)DC=)YnvEZFq%o(Qd%}h%N*kr
z%;I&3vBzv@=af1=Xuti%meEG|(bfQcn*VMm96KS|HS2q-fSRQTLx1Z$tB0=dpV7I*
zEGgShGki&9u5`XvRk!*KP*^LCvvbXlJ;pamt(2pce`T9fgq`LuQxg3vD}4)6c8))P
z3K}^1c+xCTc!=RYGtZm($0ki9G>~5#FMEC&)1xbDMZs9df4EU#ZGLIX^xNVbl*R+c
zO!H&%d9`)Vm}}}Gr>#`xWV3Ch$rsA&57En{><%i5dRYu8|32@N44pOz6-8z{-<{ta
zYV*AOxZ55K{`lTvadtv@)uJacZ#l@j@`{BwvDlR?FMBMxSkj%J*@eK9Omowv;$-nC
z+eTlNa97cM;^}^=>OG@wE0Ysx^Cd#Gi5HDwwJ`s`OccH2yP`>7SEzNfc7OTXmum)z
zy)(G>HkA**Rr0quiL8_smE)~_SYEH5#;?=3(q{?Y&T!R_pym^e31ehVE+omoZIEB5
zc-(iLaBy&7c>`&qGR0dgEGz&-eke2C)uLZ8O+jSxB|_b0mgIY%93Pn+ft?_~gt5l^
z1Sag$wz`0J6eco}mOJ0B<G3Y?eiA5e?8P1lVcti~M{E)%0$$$wjg5`HPanbHx2Jsq
zkL_@~H(3Ctr%k>n3o9F&L*OJb5jT8R8V#{|M@ry+IA;fV2{jGi+?V}BP*6|_0@p^h
z>)H`mHnp_0;KgQV{{^mRXIJ|wPR_aVl9I5|Fn3@^4(<YHNiNHYH{V=k<8lLU?>s@J
z2Bh7uvJPM<1OaqAU`3X;_##{mVr5N1cvUPhf7p6cbF*k5sEyP19dD{`!QE|kYAT2Z
zU?JZPI)$!iR}>@h5M_ZHuM+qhWTmFUbGo>=q;uLxGEa61fpQN*5AMK^WqBtrFOPQw
zo@u}Ry$EKU4r+hI<ndxX+&!3+eZY_3q7f&qK!De6aRJckcR-A}S@jnN$IT1wJR^X1
z0DyI8eLc|VH6E|BcX#=%iDD`Y@+)i%4!(hX(wCqYao8=XKL5ivw*Yp^6A<?WQ6Oc{
z|7OJ<++$tc+&bKj)6>$lz%=aR<D+;9P!ASJ8Z4`ke*n|T8wU%<b|38B-rIdJ(;BM{
z8hnHT6dZILTU*8qToLhuw<&=DE;(IVS^`Un2#vh7YFAPoQfVMZWfi#Dg7)+oU@X!F
z{F<){nu|}SsqeOAQ&}LK!-*JS8Sxmi!TkUh8rl$J(hZnJc64+!t!}RO_VtBkYN?_m
zZl9dUBO!x~zB~}DG67+=7xyKV%Z|X>7$sMVlCpqgV^vdx8I0~?1V|)S2T8Iq2z?VQ
zA|qpf!o!-u(hwL3(QdqRa1aR-Rwjx`WV{<__Qr-Xka`BJMqu|?40to$0-8Dm6s%$Y
zE9D2`eyuQfhbK=m8V|zR2!4wV>cXinmkj5VFYsRgzxI6YdH|k<H#h=;ScL*I^nK4~
zO*Fc0H8i9;;H3(zVsW9rw43ZtP2EcyN?sy`y2m+zs^0SAMz~_8(S|wIi<>mqLk;Hb
z-;q<`FC(&|dEX(R{0|S5shQ|-1h`p#)=VJQY3hGHvmipMyNnFI`F;}8#=7e2KBpu#
zPjxL2C+M9VGkt4DeyL!F<ert)u|LRF4i|N!Gy2y_*ZE}W{jR_7S4NMz6M-*Uu2=VU
zJsRpn9em!G2}P~)FFUxwkA#2EDJ?$FX*PLpQkTT+k}?T9c+M^PJ}@r{d>IupfIDrn
z8Cmfg<!2HI=aniZYPxoq4Rp4-&dItS?q3|{)@?E&%u2nd>BPH?92&)Zo}$1J={Un<
zMlQUX^bNs#%F787P>;s`O7Yl)l^CK3EvL+`1uK8F8Hbr}on2OBSN?fTdv5S&g;5v3
zP=zq+e_1czcNev9s?N<%SM}?8Er?5qZ<;WNxwPxm({a<SPapgEF8r7>{P`>HOGjfG
z#$|aE8-O2-lR1OGNo)H8gfQ2>hiY{*w@YK|se=((-9ob_*9*zCz}I<)uW>CM?pnvR
za^{k1#IDDLDj8P0PVU}ya<O9N1){cN$(c(gv6d%ZjYD7ToK2Pm7uLxdhcn){B~RO3
z+sAN@?Vm(<+y`a(^zW>oxA2qnS9O~A%zJas@bP^vzd1L&CJQFMHmhg;kWO+Yd@wK;
zQZpy{%?4F?&TlGsl<8>W)Aew*ZG+(QP14FolZTv|92|jzm-^{D_{Q#R-#pLGku{{s
zV!rqF7PJO6LN<R6_elQY_R34vxuV)uqv<%j-yG1I3-j)tU#JzIwCz!8q)oCrHw&IG
z(IB|DK{8<urt};TTU1wYqY5ELHs&^{uYYSh$X3##Jx_n=j5aU4tr7W#e*K=&;4wi(
z8BRupQ^tf$dfKQg;#dgs|JU?{^s?yx;NPI4V`uh7IJ!~xOT1~lVYe7tv)TZcqJ>`@
zAK|>63b!+FHug@*{yVwT`h^3N&b0)V_wP||c)a8bZQw<3ghcNAA+4iQ-3W35!=v;+
zL3o_eM6Jn0()tTT!a+mFCnBwVT$rEN5Ep+n`2;*RMFbO@KTWLJ$NQ~HZ_+@0Ht@Tn
zZqEybI|b0P;n@Y{kK|-<!m4CsWIRiX{YbA;JOZXFR(#caz@z{;j4$x`1ET0(>%i0j
zK<betE|w81wAoWeip0cOz|$pNS7LE-QLzE6=3sD4N&Zu7A_Y)_Jvn?G9UWv-V0T*h
zW&@b}fseF_B?1Bhxb{^6+qV;Zy6%uXT#k~v*9o6MzrzRLiXfq&fO2c|b&$v7OnEys
zQ34d$0M7~5EF2n#83M=xULPR-ni{}P0sZ(ape`C2EmVRUEd27w&NU6d3xJ#eyF@P8
zaO=HpU|l#d;Q)XgATbEvm!{E9NQ88IlL|iq`SeAch=TOr?CdO{0LF*W#7BDuR@SJ5
zXR)S$N0?&b<>gK5Fo^XPSOU7p3IN=I6RPOEC469N7IVjK5Nw1M#)!5mh<v)fPHp{4
z!X%5b)4i~eniT%E6b%8aAm9?)JEE+^7zYHJJ&KBivkt<5sKYKV;S$~h?u`KbNMSa}
zCgM=619Ln$612y~q3z)Ef+Hii5ceB*S@)7}nPjD=r*~(gOAGx1?p^Ux$W!RSsi}Ao
z-Fqx6@*BJBO3<TuYG76Q{AIOy;NsN-h?A3ZAFJz*(|jZqRC^j~YNJJyexoU19$Jv3
z4g;O<&iK9pPBWOz(YPC4F|KU~^cPK_JsAt((1c1$HHd~Uhh(?>{8_(RU(ks~lmL)L
zUlD8i4<A0Peb@u8LcrQ$KO_isFvLp}L36i;ij5r8aAU7f1oa{hfyM>odk_BkX-_)E
z!W>eNl-n1a&LSk=0yr{a@TjarBLv1GoWk+O>Z)B%h?;Ktj`H*-D%Y!al|K*aZWvO-
zd~{MLiBg6mF&rC2P;uPfR?vCqsG^ltThr0u{L!(m;c?VV?L+*kX~f2WfiuU@UnTUB
zec8|b>Z^)P<sY<_e@lKBORoGk7WNDEKE*e~bElk)Zhst*nT<txZT~(;5g>6dhZOg+
zxp7l%w|N)(b9t-xRtbI~6f#?UZv8xt-})k8(LMFlvjZ%gNgpdxJv*7QTQ?VaXZgqZ
zZ-qt;TkV^p4Vs?X2BKKN)fyJRny+oQn9v1Y)~Fm!Q|q~{pP!M5oL#|%38AEU&4Qk(
z%S3<%7fJ5lSuD)6RM$TeJ)9l(_2gD$bw=J9Xlw@yLoJ@NSYB$5Sw5{#yZUBOB~FqZ
z+sHw`2?Q7{&W>`>HD)g>gby|%LeX^V7L$79k7I5~oJ{7s7gMoG3}RQCHs&K397i5Q
zd?}CRTD*O$J51qx7P_!W{&C7juN?U^BoKRcw~TizC|k_eBzNk^m?Sb&akI5)sl3dy
znfSdg*{{Oe)?eA%*Pv<Kk@|YtVeT!s$W3#TexOUzxKuJc;_aKVaC~k0%{X=EdLr_v
z@dt}Q=Y{C{rWn_u>=d_`#g&`Dx#5w#0AUAPQ_*@dQ@!1oWKB<CMb>s@<P+D655vAB
zMurbXzRb()Y6dC)dLNUJNdv6isimiTkGR`0HDUdoRuRPVl3a_xp>cP+>3ZLfszhd#
zRNn#e;7X4!den9$yQ`SkdcAp`IwZ%60pn$La|<p$Tz>Y(u~^qkr=s6oYFQ=Oyn91q
zQZ=Z~W2!{W#V^)BRo>dh5Zl;YH{ImNv%j^?5<Fz-`JOO#4N-nVgl5)h#{ML@K0BaW
z`knT1QWhJkICsYL4w$2?vt5+uJGLK2FK?~?#yBC|c&A6lV;qIJ>eUotaI^Ew4_Ga5
z(s1_V)Sq?|FQ^;3(Mut%%8}I`9A0@WfP~U_8az`6U1W|i^TG8$Q#&?a!gf1;W6}cl
z<|15eR76e=X?9<H?ufFeQrUmL0F3IF5c3d_t+-B|Zv>z=4gxcXuMwbE9^R<kVk+wN
zHt`wNpW}Np4NkrpObh)WD?0*;7(fm};GO|Uy}YnshzDTrTm{H1A>Z`Bi@>RsfMf@_
z>;3S#bJDd2PGB*+kHCL$okjPNCH~8oFJgJO06YQKd4TB>V{r<uV}8Jjx&~h6+!nY+
zw*d<*Fh!#Nn+(m%TjyT&`43HljFih(6Cf~UY<k-&Dk?Xps|LW9(9X{8Dt1NR$>{>D
z2zlR=latHK4}m!bD3M>}Cvnp!zBQVUWv0D*uC<efM@9X-P(w~dxeKsr&|^R{1nrio
znb~?R5Z*#T<=KH@7;H3qQlUVc1|0cGLJV<COiXT$7F7x)QD%nT3P*?bf@Y8hb@l54
zm<D2n<Ql!6U0wDZjuu$KaT8#-Kp{-3J!FtB<pqZL8i5p=NZ<!R{V)$6X%?7b178B*
zI}p&JA7>_WDJF!($T$KY{pRqOq9RlpXnM*T8sR7jVeu^I_SZ&O=t#-HohYxM0BTbt
z5Cjb7zDC14vIom4Mt&p$XfP<;gLz;dDlaMuC6e6(iUTwvo>%pIZ*T7_Xi^SdheS5Z
zD9*)PQK<VTvNAXp#0#Qd0RWun!m?fZQ3hI-CNF4H6Ys%=8VMn*+c@3<Y*K(Ulf-O5
z!j4342vQO>X<3>|N@%mWYY1vXfKL$2=CH*)us&u%bkYONl~TYBiZF8fb2PaRwxa#r
zw3L(-%^W=VsT!^w8;}RhBD4d~>k<8{S2PhkzZiF>0k|P|Yg3@%`u4wi(AVG{eOX)u
zCQ6La?2rXL%2EWrMmY596{TfmA3K#p`r>KQYG`L}Pg+lbd1X)s%PX+nvjAa^&spo?
z;_3?Cc1<9b<j22%|0GU9*a4My_t=CHfMi~|CKHyen7Fu72Kzw{vM5xBv&7&ALDOB4
zhctrZ(v#nfU}JBO7Q7ZB;m)HnH8oZ9hQ$o;9{`$iS;ipQ_6PD)vA60*bW@T?oebEy
z9AA1;yfP|$loNY#%l_6JA?MLy&*SxDu=SEYnVD>t5<w53-7E5L;UbZ?`KvJcgfkd;
zypbQZ*tgdtx$m<Tj5ZH0CMLSMTnxUU<j(Z_aroFC754{<Eix0Mj***~MW=I~GFgHJ
zN41yhkHdt1`)P<yuXDeHd`p{=H&OT8s;_a!gZ9mkjRo<~bCV-wP01IS42$fR&9CE+
zlaZ{4xYcrQM5*2f#&{+VL{DC_TDJcfN4c`nNF1hCpVvmFyJ<s5nB$1+e7U-=zKQ?T
zHTetA)VXE*Yd=J5XlzU(ntT&kgSG3!speW-@DbODMQAgluoS!}{30W5mKkjwMWzHC
zkpbrvpRV|BN=u%K1Z5{;3put+55qx7CuaG+P<82zE^k%tO<U%3No4tfr+=BZib=uG
zQJcnFZR^UsWvL2>hL6TN$66&r1Fmk1#uPjHp33ecUysMMN+1_+N13+0>`Pg#{j+Kx
z-p5G^`t;!Ff3mEoZP;xibi1?d6EDVd_;C^P&@hto9UoeQ%~wl*pn6udq(}6q3-fxq
zyOg=%=rE>L#cW~yUYqs`RdPkfXnMS!ui%tx?nfo>fzwUs*lzy9!9zvN(8uY5s!p@o
z9OnA|0)HEh6ET}<XPvA?a{ud1j-S^%onvi}M?Zav>lteL11g`2GX)QSoeb14haYn;
z-ffr@J#6EYb3e<h)LI<I@)y?*?TWH3U)Z=Q469J?=>GH{O<AsU5<i(IxTzWa@Q{q=
zY~N<SvLj?^?ci39TkqB9#dKXEaHY8XabPsIS@(<4GSS!NG*W8|$M0EpTIIV(SL}1X
zvB&v3ckU{wbJ<-j1m3gZc6Js1POY@w@dIAWm*4XoTU)9Ou-m1fU9)zrwT<AVC-R)S
zuwH&0`6Ou?;n8?B^{?JL-V;CIg_X-lR^3X8I11xJc{W9cD7<WA)n@vS^6P?v|MGrn
zTN2@w(c<vzw1*LL%YNw~N|ybyjbte!6PcWhojnU25)ZRCcE>@5%LU*UsAw~)0=bA_
zq`eL&^}_?+-++PgcC(B`Vbh}p6%8$%2tE@4%p@gpa&mxC5PbzOP*CxpYdxm=KVx8k
zVh^~)U!=SQa>Rv5+JJkr!e^w^@jrivp7?lp;?+Htq-Ywm!4P=>rqiT6_n_<3)m6|4
z!0C_79}q+UVEzPL#{t%oo{@pniUv3!Y(pp^;V&R+9e~|a?!bgw8Sqeogi7B~lNSO*
zK~QRf8o`9$FHPP%J`OGhewJpYrY->d0S3%hCo35p3TPM@81Z3w@n3cff#V9GZ3509
zcu*CvTjbK)8k?KL)&k*DsvI~wq`ClN`u_gDw0IBT#3lGc3j+EIDjti7o*r?S7>w!H
z$~Q5PhH4<R$r1D^MYQmmaWJxiZzOZ-5V*HziHFnEs~Zv)rmd;@1M~wxkOyS&Y<3G&
zNehq&@$PvFlhA7>q>m*SkBw8<{Uo!hipjhlpf$kaQme@!4}d`6ehE+tN5Jiyf@?97
zGd=;naR7jc*e?!+He*QvF#TMq5|j*h-ALIXt@hsbmq<kbV!Y7|3#73oT7O_NNyigr
zOlkwTfS9byW$|IFWF{q<8XE`gqaq<ua#KsjNQ8d;wbVuKk^wlG(P2ajq+h_eZ#buj
ze+Xe-qM!(|m3wFp+<n18SK7kV6tIn8O?nG~t2PZCoh699h!6OfcV9zdj_GAgpNEFC
z09t|(x1eDAt1{eb3c4IJid4`T9=JLbse?DjBdF?z4zh?YBwV(5NdqdFku?EErX!Hh
z6r?@#^Ya6URQ{P!QAoweQ4rJNtliz3da2B^A#t~f$^o)o4JgjwA_TL-k}=^4j;LUL
za6vTj6tM;NR4n{8!sd2>{j&!t(e#xJ@ca2QE4Ox_G!qr0r%0t)nW(x;rY?~XL(vT7
zR<@TUoliM$bPJt7kgA{#GnwvJ?7=X|O3F(jbSBfEdxuk`&{|RoLE$EbGyFpt?xSYR
zX5F<ke;h8F9S|_NSRB^9Zc&_|eamp*`gg0L75794U#W{CQqz=m+5Xt9<Kz}$z@gfu
zah%KaxfV|4W<}3;)?$=%m9>*7$Mq;dim4SRo!#y3S&f@S_?@}_9rAfKvvSE1Kkv)d
ztjM~JI)wOc1@Gz25_wdNmJPel{y%JuoN=KIKId_Jq?_f~oW{HU&4_uJAWmg=82*g}
zy<3~aprw}{8tTm(l+?-%vGrixJs1o7jx#O|eWBqYGhTa5KPT3x_r~GJ${kZY+ERz|
zYQ8rzVW60c|2_;=pFr`Ytt!P;7ZsM}Whx<6pIcLbafKRBC)kZf3v0!y3;kBlaI>QC
zKa+>;etFtvJbcoxz`yOx6rD!=TzT`@!>wOq;wNDsx1eitHKtySJN)?L`(b9r{N}<E
zTv{c{4Vspb_dbk{LwGWwQ``6JCuZ5~q<IuY_SnkOU2bEIKQZ&Rebp5QYZ>qc8A6{6
zoomyELd_bFT%Zs6cFXdIzclXr{nx)@W#?znNy>kd>6+tjHl;PNda=-bS+NfPV4nVM
zSx%sHI++;FSXlnr^1G|ul+}%nm8?y<LC;&b7Q9ozlXPe55MLVy8H-N~4c|r{J>=6m
z;H+&j%UE{|F;^(L%8s<5Z3^1^9NH`GC^8(=W+xnM3pXcz-(DjwLuVj!SvH%rewlZ_
ztF1?{U0d2!3(v7Ct+$!N*O;epqtA6%Z1~nnyx?^>qEmYmB3#cy)YKE2g=}_AV^GTO
zr=Su%9pj=f-m2!qnvJ6Q@T0a&&y3ifbESs<ew<-HRAUOEvJ~@s6=8AJ3lZzZ>KE3&
z92Y<AuyHKO@tJ5}hM3Mdv;NA}O9uqe!Qr0$F~QeL?kv^vhmIV8G(c>GsuzTAGJNIf
z(PUcFL%AC&D<bk5)(yNAT*1x{Zh=!jO9vAmDgoK}0=P{9Qu*NcINCX2e2@zHL`Zoh
z?QCro78l2Ys8mqm19o1gEoV;pHP#FcsdrSl+8!RaAhZH40*DHS<%!;u>$Q7v0)hG?
z5A;an{RARw_Vq_2P5jYU;>*ScB#hzt#Drpm7l<DM3j=`WC*Ki>p$2?)KlvlN3^afs
zg%S=9P8^cn!`oZD2UIr@*tgWv6CC!jb1+y0`3%hT6I|rv>j3&$fZpBSp40^AxRsR^
zG*Y40bO3NCj9*2G%qt+KP<-Q*>)_<X_N0CS!f>u&d`I>{=g7>=ETz2vRU8{T1_18b
zAxVP4o`Hy(nu&MXqL7|~WYD$s_4T0D`R+xYU0eid0U46wuhmsjw=OJ05>^<zcaeJ*
zzVTtdvUwaKVF8f;0rh~EnwlIl`Q~^TPQ?U2*T(j#TCWwh7LQpnd_TC6B{w)2ilZ>L
zHycJwOl&MiSOHelIe=A+5vVZGYz#ZNKL3d@>Ne*2fJq?q!HB1Zwiw~75&lBXl%;%F
zkX<bqSU_ZUbzEFH)HlJonH6yXB88kA-6eRehWBo4f=G^K7;rK<+&MBV;e!pMQ{QQ8
z(B;Rnm}$17BdO#@q;St6w=8%13s)*w#)e8A;uGhgy6}5m6qc7W%miQ5U{pv!*4ox+
zPrOT+1|49#Gwlr!+5=tAe(P-w%Mk)dMhkiS%Z0<olU0OOHO#XX10-%>V_}8JBEwxI
z1khP}0NZp%Vem%KA|Z>Z0ts|sd@PVy#WbXFBd}xAgToj?M;#9J{@;{n{an#I(!_-o
zu_B$KG}T+qiZ!?xif>}$%Zvlg#B}x5P`azn$PD&i&^qxqs<9F^mDG*iei}ED7uqkL
zMzdQu*O4hcoBln5d`*+MjZ<^B$DJ~*QL*eq|NfgqhjBIAVj05;tO}Q22Pr{HuX&X~
zxv<H2S?l<tK1-*EImgRL{&6P^6{}9C&lB$hcTQd0n0ak;_wH8ZiU}jm@x58NnxX)|
z+o+!VLBE0Tv@gbD6K_e3f3vOGx3-&&X((J@lBSLppB{b|mgG!Xn4!C%F?dDR*0aQA
zxc<Ddyx5TH(rpA`<q?Llaie#OM~_cOjRoV}_%}5m6;`c%x4R@k780u;;(LD%n<|Hs
zwW-IVrNLSjw0Wa&{$y%T@`LS>&}Dxu?U6DSKXLC#yEzh*_df#<(;S_HX2Uu6U!lcI
za4jQEY9@RAfuAZW4Qi?94LBwjSloIFy!UNKDb;l@b%~)e_-MwGQQChW-haz7oHwd^
z>eFl-{o-5XTCm<UysGe2S@t)re<?iW?{NF$*BEVF-R76cxv-lKJg>s!+F5ybH|j9g
z9PeKjGxm*(wsQ#THeHp~{W<$A`$y}vN7oEorb;58vW73K?w?WyqHkb0rupuBMksOf
zLzvw-+4&~C(}G=5Gwge221sm$wvA2dP2?C+i9GtR1>aY3I9%Vp=NgNCvK{UC;NBze
zXXj#FVzUtgJ?Glrx6=~tE^OqTQ+ION&VVMgIJI@l{Ifvsa#1ql_Rd1=o57bHKb|hz
zxcLy*PAj{*W#gM2W2(dUvwIC-V4jg_$-TdE0VkneYkQ_$eJ}ZQ_<)BV`Ei&KE}0!g
zvVsMX&H_twj!OFWIbA8h>2WODXUp&)PVv`>oZO|@?jkN}yXi-s_lOQF^oB5Z8`{2y
z>-0F8y4}^-tC%fs*JPqTF)@Ap)6)k=Vz<KK7z}0Ba6l>Co}h+jZIoSL_Jt*3I<I@D
z$4!nCH*wX=AndWZpYF#6e|8juNGI0a-(L(+g{w`ruOiPhynuGH2(af1>mh|57Q`Xi
z5~%nA$V4Tv6!Bd1*u6W7d8mI9ymgu)PKq+=!@>C{iZXI<=oM+wRSfnvvg9GC$S^6B
z(cT5_i$qhvC%DqYBS<qO8J}!TCPaynz;9E^V|F5ha}ZFVA|hG?Dma*bEwL=A6`=PS
zNip`sWWHdq^>yyjmCFpK<T25~?xoAp2UBQ~*;15zw4)1vmZTjXI4g@iqRXpQiF0zE
zDY*=cep4Fc69LWnK`!EJOtAVJE6)>|*l&!CXeCsoXr?-oExrScdr3~ENM!TjTJZ=7
zr|?pkR}mBk8cfu@5eZP0=)-IfTCjYD9lkHMRF<J9mbba4;%|rz(Wy-B-inhI1^z+r
zG6sM&6|{s?nJ)B-X?;PG_1BwY$^g&ck1T%})ssg3{vKU!mWp>S;o^!TrQ$#!{7Osu
z%~l_BYGS0G0QIo7U5>T8i=fab;n~eSsrCiw1KL}!p<$d(R?-2)x5`mbA<X)of^ymQ
zTZ4^HH_B|G-`b$Jqe61D`r8L{gj~0;k9UnSl2q5<*D!GBjHLg3*=e5$a4_d{oiAQN
zV~fP^)(gjytA85i681_P(uGP(xr@CkXNK*q`9ZPnT2p|#LNmHz=ejIh5TDhwXT{+d
z6>P7rORm#)coI}OpDFIN*_%VXgH!+QJQRVs9>yQD;@frDwsG4XPnqU5q2pSo3Ci}Z
z?=j_Lv`T8lPx&gyl#KUHkk0j*@<Qe;a%T=^4fwtt=eJUv4Z#fiQb5^<T?~PkNTy~o
zt$?S&;$&y+^~uI&tpU&c2W@fteijXZ#R2j%zft1+DDIIGP5nn>mDtvw>?>TSVrva_
zTu-K&%_QYEaRL)_z1I7q75t8}HucW!Mu#zOciAXr&Q%>{eD|i?wHoDz0^hARR2I9c
zBdey}>+RxT>!T)Z&*)1Kedjdr>$VwI#7ARdW0yDlj<J^ydbQIsf%-6C$TIOfFP?wM
zHq`aAO@VkyNhaxbO&YCc<@20ezm99Rmuo9~YgU&eqxbXnLKKpH*fK6#@X9#-zvU%O
z|J_<?H=$TgPX52XWj&*ejf)waEPMrfKPwuatE{*Sn2TyRCo5)?f_*hsYu}p=lhn1O
zOJT2$J~-~YJ2Z9UPk7?lzWrG|fC^jJGp;!v+MyPfX~n&Nkfbs`22+3BxcCpQ`ulCq
z(bCg5&iREYS(8oo;)mT#|DCba6Zu`4CtQY>u>+o!gEbX5!7nJ<$C?tGNn*?TMtdbJ
zDDQ0ED)%3ybu&sEVKDagOG77N_%CT)Yoy+%aJyHOx*k06T9Ec5<&1w~_)Tw$FCoEW
z<s69^a%ztt>Vx(c0=NGrh$-MAG{L(GOk=CDF3n0}^g9l~R)?qsn!G;+;emP)DE#lX
zNSGqJp)MZ~dlzhh?E{Bpjrk~nS9UnG7Zw~3GywqtI9Yx5H<Uno85$Y_+cUYKIc4#H
ztLX+WscU?SFA+2^{F^0Z$nJMBzX7qUl<^_YkjZo^Sdc)h<4C^SM1U&sTcFbf@fI0M
zU7v7D_)cjUbmZV_0-2u+vQvC;$dRK6GgbkDmz2=K8&l(sQno<8!IJx{bc{gx$+wZx
zcY}k{{{An3w#;QU1<vv?cXWN|(paeP0%ZfBp~WD#$sk~I5l|s8RKsP%^}LOZDQ3c;
zv5W>Sqd4TC1DdxQEu|#}^ZrhvOQxX6e}$MynJ)bZ8$zeW@HLKyni?j&G?=39jTWVl
zP&P*rr>J{;fbv$7ORFKq_Pa22)%f<R_yCGJmL+4q1dz)mOJ*anhF;_Z;}Sx%m!9;C
zd`enGP2|GLF(0=!bjuco1qmMlgANWsRovZ_Z%dJ3Ya&w2H$viFS%~<ate%RTW_IL6
zX2|dp#$Hl%a9})*^xzH!5*Y+}lE^!+!oLt<P(ySQLjNAl>Cp9P79~QPZ&xc;8jm^W
zS6x1R(Dpda=Mg`9#G<VY+N~gKX`<6OA`G?K_%@~%5jCwT3d^9#%QRvt(Jax2$D?jf
zB+u5LkEErG`bps()9vxcvl%sh^NK~+o?p|vWDB#aJ=|1hp0-|Rmm^w8jTI|iG}IZ?
z<_J0GeE!o?J*L}3haKaI3rEQo7Vm{EHnY9f=S#K9tFNd3@K~%o1wgy4mRKg8H#*`h
z-x&B9AE*0l9VGJFFjXu%j|;<ouMfs;bEUQGbP&FxHlaOkGq+vr+!(w&WKziOsT`={
zCS9a9E!@S~#jVrTt*wEr?bTejNy(u@)?GyH#O<v1Mf?ljxz)Qt&xo%3wXdv#Cjon)
zb_2R_6$_UNtF|C^$l!pey6VNo6VpFbE2;ao89kapEiy*PPIt1a^L~MUle>>^r>=}v
zOJx*p^atq-scUoPm(ky?Bjn-DST$B9`POL5Y%Xa}cNVstaD<)j%=aQ|cyUwJ@Rl#)
zUF(|k{1=`(E{Wu!>*P=?UcT?eUUnbg->FYuszm=QE8cxh-gn(J3Ea(JM9tYSB0Py(
zc(gnSm9A_T`p4nM=pFCL5L)T{o1pDFdy=(t`t6Yi{Nc~uf?v0oDq~WA#*LlFYb7b$
zJJKCGhg}{<V~-AyxZLc#dRX0e^*`Oek4q!|T{`g~J>M4#*PW_HVPk3duc2r(^YCba
zz41)`JYbfIveCo##+=LZ=mWBi;PLOD^`})HBcCm5->Hv3yl-vZYdMo|kRu@cvE@@z
zR)Pv$N4RhMc%s26Wnfe4T=lfY;LJ?*H_BouL-%2<*|=@m_c?SIlWW1xrp|pZl2Co}
z$QXHg`IOHzYjmWX)t!A|h1>Se=W*?OTr6!S#P$ic{>g3Gg5mVuB-XI9f{+FDb<cO_
zFX;tnkuf>%WOI^!I?z=+w{5m<HdbFau*(|_-7%KMw=>bpFw>9FqJ29v(K)|qY+75-
zFX3|ul#u=AezLydz~j&Vzu`YT9h#$WLO`|_&@z#1`g>jxIUqY^AKiK_p3O1hH;6Q`
zoc%ugDk4*Y<(ClP9T*sh!)GrBo}URD++m7v81Zq+L>sjNyT_~hn1l#V%IO#raA;c|
zmQsx6AtjF1s9P3(K(TRW@WxJ)93pv=2*5yBcnT^Mol@e)36#Tdr5^<;NbQPrCv5@(
z#Ti?IiL8S-auF>hP!fWFmm;vpijZLT(uKZNj7bXdnGp^0!F=_s;Bi<36nX%6#rbm4
ztGpxgEyX4~MZO}ZBn#8Dln)pA9AO=yL_ba$z&7};ot8&dTAEA&C4j9EEl{}*s=XO@
z+ff>2$Uc;)a2q<_`y1vPY-u?756CdNEcZqGB62Q~c(Yqd@d;(_@Cx3CM7<8^Cb#IJ
zG!Y+Za%reV#nX8(KI!GUa|A+4Q^L7QquxVuplj#nN52rjFT(LDz8eYRXkMO(cVR#n
zDyf}rrVQ>d9a2QQ7h%JQNI+X5BXU)gA^5sPJs=GwCA2k6pA20|rg#E_08e$t^C7{u
zB~GmN3~`3={L`hqVZzYEDT4o}Nm__~+e{rs!3?vt{Uq%0+KoY?6zba?O??RO0%P<)
z7Jc@blZ5J}+PcV5Sh<HpDG38#FSK+?J`I`=;WIu+C_UScQ+y*5vgj~>n1Z6!AQfuy
znNJy&y7m-|LXP~n=(_PcTV;NuUQ?ILJ9+rCFlu(Q)62G$DBhsjzyviv)2ODqabMta
zxc$Q@FuWg64hS&a!TL2vbZ567Yf~Qg*z)velQ(0mlHYCo`lGTb4w9T1uB|v1skg&8
zEfZa$XUPspi+!iV>10C*Q-y$+@!fN9N#$w(cDtuuQX;kAp`ga2cM_icXGh7Q^_TIp
z=j)+i2Ko{6zUIEWX2yDvTO2K)gf-~sK8~W=Ow0c3CaPIB0sX&QfyTxG#>UazJT1{i
z??jEz)vW2tnM0hsa;Vg&k*e6PmBu9|rGgep<(dzI?Fg(|Ik_DwSufN}_D={&>yeaX
zEfk{jcN_cDHHx#|-`~;j6ZEF6m>iPSQM+r#Eq0*v>pwenHyns7Ft?0y@zn3nFM`=(
zc<Ajm=Mz@&N(T!nBmb3d@+90pg^*(e^YY9nZtr?KA=yKb%%vLfWAmkvwqz%sAiFcu
zjJ5?YjqA;E5?7i(6-AC(CjPgQ+{LXKoJ6GB7MUiWE(e@H*EOJ4oHAQA3@llZL@XYR
z_MeX28;?}`s)uXqztg^s;GF#VndL;=B*sSAz?k-N!N|Vx)~oU4B;HxcHVUqs=TR~0
zOQ);OiT^F{avb?%di~M-e2Lg%ixjihXy;$)hlL+DY2}%k<H_f01B<hhE!9Ftk7(=y
z8jCfQezpT9ZoS{^+|8Hx#X6?=7e~&bPoCpd5^Up0mygHQ`Rdf-7M<X@EE5gv3cSr4
z+OS*RZljpc<MmPC9ND7FeG!KDXOSYsU_j1hkcIrM&67MYH0$_x2(J2K1IECWVr)a~
z`g?p47LF0_xhM%!3&w_V6a#rx`2W3c34Zs7?Nm<6qxI=6Y)NA1kfspEfVyzW4Qgok
z2jKb2ii%uv?L1WL;-VrYIf0RCou6Y13wRG8h*zqZF(eb7Oi+;6TSk@U^i2z_D)dBT
zc2`1LQWBNHDmk3*<fQ;Xei9KxDY8<jq<zI;e*8=9A%tBXc2R<e83*)WxWiS{Jr#u2
z)|*0z50jd}u}$16fF@p%4K99cCf;cxlg*5GD=(GJOa_3>ub9rOd*aZ!a*OHdU~ir-
z99h=auU}JB=`_Mjzvq1W2A8%~f_aEoqza*kDnejqRrn?)aB-U^pctb*j3b?rh8yJ_
zrTW`@F=Qnc_^Uke!n`+Xl(bQr8W$&dD%P=x=<@dkMgZCxWeluJc;^nSh##EK^aeYR
zpe5K;x`({)qAh6#(=hddoP)|)lo5ljn=W2bNE?D`k4TjGD(Z)=AeE`o9s?M*DpZyI
z89!M{i0z@fPDF;N5L<rgk%FAv;xL{Ob=FQ9{6$W`h8~Qq-C+kQR|7j}^QF0`X-oP0
zyK9;s)azurkDDc=sQq!FQQJWYv@GUsT^(u9Db5}E-S$y6u!T(`9x>%S__NA2Z=iSQ
zA7EVajFH#Nj71Ej3v8edxRoBABbmM&>073#$aXwL5tW>U1Zcct<;AzEAmcd?l`@5w
z3~c-uEwQ^TVQK+aR5ZYPeI%#<fyCK6ZR^`t;;((#h1f7=NUN1`MvPP$cSSo-I0T#M
zZ!HKh*5BqtH{y9)y7@_~e|A_RbRl5y+al3x?ce5?uz1GFG`wM4_e{w}%U=38`@=Ye
zsRJpzAylc&{?;U;4Radrtpz+u^@wfCSK8YvjCw7aB>%Am)SD4&$z3dS)W{*D$RPy8
z9!t(&4OgE_O9{(}W?U#|T|*SL9uj+#U4v{0?&nx94jPzBVvPcpG=HXhJ^zc&P9eO@
z4U1jTNYv}d-q+VVR1Zz~Mwr3tW3{91Ir0>kaoJ&jwQ41L^sP8M^7&f_p8L=358vob
z?A7PnZjRgH-J(pinSGR$#((A;)rf6c^=J*r(R9*r|7rZb(_X#X<feHv?>riH!Z1aU
z5kgrS(^$@O-_Py5@;{Wl1yq*X*Y*oYcXxxt1JX$6LwAD$5`qE((nxoMJRmJfw<0JK
zDj*>xBBjzuD2PgffW(>T|K0n2zwbNe8)py4-b45B2A+GZx#pVln!ii>WV>Oh_$Cug
zk2&K>^I{H;4ei9`f}g{l-=2ZfWoQvy)#Z<e1aiHN1X0r`jMt3cKbfhF(=DHFvR*cv
zA5;&?FR>raoRV($%VpSooNK9WoPG6V$Y=EVH<`nc&sS29-ro_r6S4GIva#c?`1o^o
zx&E5F50P?Fy|dZ9$91fwT|Q0gJNcnG-^cxmZ>4yWOub7v3LL7bej&V;S1(SQO7uud
zzB$d$DHV&ZmAdRqh`Z=yJRbY1duHtERr6n45@Q%_E7Ox5t)E&?Z<uLVBeSW;BHJ2v
z%|H2=juBJd&{cRr{?&vVBZ8PLn_h^lT|$P1*?c^xRtTT(_L`;PSoKmq0SS4uH+OF9
zkR2Wte;eu|HT6wuY8q6WcJmQy$DdNU=>JwKk3Jc_`FWvpr!gb2MlK?BYg32h80~#m
zU(rgy4=l10F}SZB0*NmWrA9W|V3VAZLS=<pOcB9Zf~OhI<9aa-jgzR57-6g%7|SiQ
zXkbQ8-sg!nT<2gJ{?$jLRWb61ViD$4alB8@umL*xDi)*S9J+}b*>;-Z#<H;@Z}dG2
zqlD3n@W6}&GZVVpWvjwAhxZuv^m+V5g;I&+6ck0wA!y7f`iv|JCuQYIN`rP3SNo!h
znj+0|u5w7Ym>4=OF)!;|6|Qk4mWascIOc`4?<gG~E#JNz18lEo`}+7%QoX!kR2qpP
zibEe$5d(t_UtH6+U#biffx=WoD2cpgvu7MA3x835t+4UYr4QUChVAkFs!5^F<r<WZ
z81y0{yanUfr0kYCgnSZ8y34F;{th~81bxOjPpU_3(W{F%TIjcnM2XqrC>4_%O_XRG
zd9Kuw7~I<}%4tx=C`VDm<7ptda<LAdnys3feJerpMv8UbXJ2^o@XETkOV!J+0X`YL
zTje>9Gz9MDjD*Fk_o;9du16aR;Zzn_J~HB$ab#70L;JDAwMekx9mN;c6vl<1P1Q&S
z0kvJfi=z7o8`6gvXI$!c(hv%~5_?2^cXBh2k9}pgjS~s_C@5`EB)RX$L`k_R@rFc_
z#TqLm#W)C@qbFu$DcQQe+J06|coXvke`kba@!;5gxpx`2wU?^S9E-m`{vyq@QVgZC
z3=Ado%Ix&_MmybX?ax<OCQ2QS+xC?d+i~sNV<vy-GHdfWBw+pUtv#T=#(6!+YU~!>
z1A$xn2EyNR?TuXNN({uKP+CW98{IB}9aMW!^9f{#@3=*4;2CoP!JuI1B+1htOUdz|
zCRfhf>A++-#AsHwFg@a#{ow3Cte<Hz%ZJ?MIgb}MlX!lP;>_6}JOnDfRoAW<n$ACe
zdbf)vR?qj6)vfzd*>pD_yRTLbKjkY~sUG%vEG@28^xeFF(a|v~n!d-As$pip>C|kt
z`*He1^V|`o%;yw{yGf649$wY$Me5EQTA$V1=eSJ@ci7OjM$6mi_!&D{nGwo9$=Pgp
zYUg@|=}Dp*D!@kg$X&|%$yMXX8ht;5<QIjsCzh9zP)8IeE~`?Aqid)32eTW4a@a$7
zKjcQLChP8f2(y?s+ZkNcp8T{l+58hPC7G$(Wh$&_qlR|3GH-57>$+9VUEfF2YY|hM
zzkT;YYMkW_$B4}c!>(RaXzA%zep5MtPjOAWq0e+Ts9Ik7)!M;IVnmy1kKAwNm4LFX
zQ*oj$#NA(p_dh?T{cfguR+TqI@y4kM|Ehj9ZFFVQvnuyZLUeC)C2mr5JZTf+wHKW#
z$Ll|WJsy=an3*YPz2i}FJN~(GbM_9YK6C9Zqg?_%b1g<kS0?wJW{>AxA8?fJq<oh{
z-L`CwUX<?t6FP4HpF+pVF7YRs`0TM%G`SjWW!3sp*-QlTLnw(!xT0*$h4iQtUVFx`
zi7Zs<A(%WNf|%dRl&*$Il48j?WFFj)%Fyg8VkAU2;IgOBuwYl@xahorr52}0W}FwO
zLafw@u4TyC$b(gtK7f1q5|L&;`T2M}3|=M}V|?VJf+<YS=O$_{`yCpKfUe3!4Q}nH
z)V1UK#9(E<-4=~jm{qu)ef@VmgWHU^(Y(;Y^&P227JZdIg#B&&#GUBW<|LA`H;)XC
zbsF%6c}T-jO0V(<U&q%?B1no>Sk1}ih<(+0T%50*b)|bWsg$O?(6IL4*JR=j0o*n0
zWhL8*7Uv^N=M@ufC$WBxj4&|Z46b3~K)&wREGo3XMPX}F;^TXaYAP9&l1fQFh+z%p
zU}pRE6X)4Hc1wxA3yWC#5rVwE%QQpa)iv{s*NNnG+Hvf7Sc3zi&wKh(h`3L#4s~k^
zcho0W=}S>O+3vYk-Hq#_rd;W8pt+dXbInmlj`Axr{xfd;u?naJ>qfrKk&Q`r9Gn@*
zk;)eJR^+*T)cmTdrZQ7Mz}O}lpKFdvXZC~6?6}T@@j*s1M2-y9@({Py&3b06?G_%_
zZJJsf@C|lSz7QN>=r$E05V-xdO31@-^)O>B$gp4X*^2;osvU>rY|%ZQTgzrW!%tqF
zzTJ)$9Jq3jS?^<FF@YFl$rdNNbd&nZ$KxuD0Sn2@dJo>~>()Ip&j!2W9Ql8u1a7UF
z_YAkpC0B^+&c01)o^^k*@k86SE9COeJBbVXH)S47R^eVg3A9V1OMUAy!&~yxpkp&3
zuix8usn12N=tD}R3q2;QiA3PlH<Fc)lyW+SwCosbgc6KtFJ=hG3s%q=1ClxYlt8%K
zWHi-GG~Ps%&{#CstV6Q$=^IhZRhtg6x_m=hI&iHxL5q24BeldW=83@8>E3uZq#jR%
z!MDm?`TdQ_r@C9t9wWRls>{!!U+q3B?v~wu5niUjEU<v+EfxLZzkya3)!6L5ARixu
z?jH6hZI@&O`WbNpmU8kXihb>wu8TQQGdz=^2S!CbcBnm2)~bqskWH*5?9suuvtK3@
zE~Z(6443XxI=-fnl1b`wbO)tlfmZ%{kX`BM`s48YrrWBZTgKEyrDARy;%nSpGe{jM
z#1$DK^I;WVJ~k>c`atG-mHt0O&UYqi<Q35-kKmU``c)W6{%!jo0c_Xrw*b=4jZt+z
zjHzmQ6XV*?JY75WokgyHh>ud9<jvD)mQK740!PZa!B?GDS@+)KZ*RsQsqGnLoG}-%
zD#)}8;h;NbW%oZ7onVL_>||V6sg#_2nwTU~WLUo`RdC!H*%>Lj@XWRaD>CdZM#~e@
z?NdHVL;lm}J+F!vBRkJ9t@26nw{thCejKxRT;YnA6<)@*K~P`>Qh4ESdnavs?d*7M
z@62V;CvHETuYb)Fm)><Y&nB3y#x1$My<-vD`1$^zzADe4rXaullkEw|rcWtq?oM_A
zFTuTLfchc+b%~gS-XP5DsUm6x2%h9t%=xUAf=+%5JNjy&1kwxSk}Bn?or6fbuK@nm
zIUb<J$ri>ZYqgDtq#=~z((kh~?-@sKX5<F&>WnNWbP@vFb?^dK?h!cQ*dr`3vqgUy
z(Y7E6gWuAsnTu)Gx~5g#V78f))o^lJtQFc<fBv+m9{(BI$kNwhp&hdvHH6M}s`Axw
z^N6pwk;~lp1m-a@_d6-Kk(7ZCzwkfI65TdS4uHA%kj<>!0Dov7UOLRYRA-mhYZE5b
zr6m0Ig?;DkFN0CzT)jMm9B=7mpA@n@DrYgcqJAey_ucE4kwr}h5&}pnY9(c%kXoUD
zYePJx`AQxEQSn~bhF<{5PZ!Hxk?d(Jb=~gAm%-z=xe8=fu3Y+<d!!7%@jJS|&(a+)
zZSt-(J?a<}p%*q4D|SioJsw)kx|P0}*-Y5s_Q3k}D85CY(iX!=muWatw#Q}a6>kz6
z==*s<1;00@Q8B*Wu`@Iws2S56g@fScjtiwxGpG_V@^nV&YTspwi>CkqSzq99e{wv{
ze89p&FjmNU)g<VGPN>3+1@D44IZF4kqrK$vU@?9MULCDQ-kKt@R9*Pzfujw5f3j7*
zAsU8Ej1MMEf2gwOf1UO`*w@3e{#$&1{S<w)<9E%;O){HI#2w@Of`_ISvffRmL9>VE
zvk%(^D6ic@@Kc9s#zk*t|4xjt;Vn<P?Nbzyh;AR<Yq>zg`2mBkkF32lrg8O(3twr{
zcJ%GXG-XK<q2=5z?62OMup8Vr!qB^s=xuSzkaeE}pqeR9arn$vl~>J!llaVoxhhy&
zKV76g;ii6Y!$@(uDI(E?Xv2+VK~BKTg4069XHs)Xxle#RRFKa6^^jz_1Y=uE#K#y!
zp8vo%d9$1YKAos}j`$7JkZRjw9lLESJ96tDp4#Mv8WHS%Tt}kx0eY?siDcf}lvn0f
zrIfL{R`Ia~5v%RWJT)}tW(sPAhK_q2WCPz61aEB?6bi*tMzSsPaANwWYgXpPgkgE7
ziu4HJBj0cLyhr4!*4%HebU1xg++q_T`pc`_eKE+c$fexSF{KMcG?cML_$L}Mr{6`e
ztMH>RV?rAaZsK&6(o&H!yfUEe;Y%)|;xfb^bBa-Fwtw}+zQNm6?tQsvWc8}tqe{1u
z;X1QbS;Vc=hQ$WSn1D#-?^4}aA4sYSH_SCZJxTO4pkh++J?W)NW*o>pz-4Yt&`Z=z
zeR~!6Np%(7%PP766QNDPo3sW)q+9o3!oo2{?k(NRY;jMr$f|o8LY^I@q?kAb&f%X0
zOoW5i4#n|nN~tV^lr2i?{j7CwE8M*y=xw2;XQyY^_<0%;Xl#(d7aUiE`(2`dY9&GG
z;FI8oqG`TaMo$*#EfN1&zWM%zmq_hhbL(stnFTsX=@wb+qIE>HEG%+N%;?91stToA
z->Jlrs@jmHx8F<o$!mW^evebnQ6o~sXbUHbNDPnD7;Tx8lk>HtkH*FW!#u<islf>V
zTuc<Nl2?cn%c6ffa3fAA7K>=JHL5O2{xc)|mkV+FHxi%!hOTN72T~SbMW9!8RA7cs
zQsOb^vuE8iv6B3LkTNv(@u3ev*u(e5qgQ<B3G{EKed8D2(+v(()9~9GW89a`R{c^}
z>6*Ei<4T?VW>M6XNN^5!yKARAHkaRUH4i8jo^<@u_vGFS;J@Py%;M{|o8)ItQgzJ2
zr8}c4ysT_8H7%*D6?e0KSR$tAb|M*y_&sIk4k5Ln5v4M9Air{aKSHf=cbYXr87YOk
zbcybCnCs$oyPS>d1qX!ti{eRoHw^oK1Rx0X9gA`}guB1ity)p%cMwlgHAys&4s<ux
z)*^i`+!h~0J^gC;Ww6sELBSW2k5}o2(Jz#A98a<{_sIFam$RCD2(dQ(Wh&k};SwnP
zVYisHZ8+sbdF2Dm)DyDmHBOU}l$z?D;>2|V-j6AU_#>vf#bo9mQXW;a7|rs0CZIT5
z>uED3d{s?*U?LiPwTrVf)^nAnC*niONj2ReE307_=PJRyVT799+PR2K)pRuE%9UTf
zRIMgFu?;Um#kS{THGErXeP=PnTg|@=Uc+k>Dw&`k8(Y)SuPJ4zru|k*8`z!~QIl7T
z#0sg<`l>(9E%(Hhu0kltdXE3fyH!>3uDU#Ibl=^mwKbKGpNJmcS~Z$J@H9o*_)-)M
zQ2S+GVm1@rtF-%J{dV|yd4#3!g?2>jscFnaQ+1I)700h?HFwh#t5X?PoQ~G?djEiD
zq%o>Fi3`T>pT6+4u#Q@>Sv$DQ5_YpMS>|DVvA)%2CJiO^f_sil_;kr;&;t7clR$_1
zgQ#eqR%4<Ut?Xa_S>8rPf0nmaVDqWiS*(Av5ayKn4F?C=z+I=gR{<ah1q_t^N*Qw6
zfE?@T8~s_ZZ4LvCFK~bQl+@#&b*IK_FPf-PUcraujvV!RqYxU0Y4T>kqS=G(M%M8a
z3jzDgvxA3T-3ssHj$qgi&>|rRn`|!WVjtLYopOHdPg@S7bFu4&&j^yTP-&@G7XiR3
zGcAvojVkQ#{5<>y1}%R?rFFxf@ofc_Wt=6v&P{lu%OXNDV2_Qn9xA+$ZFoyyQ0mBO
zt4O__G5FPI)Tj4xR%R^C&lZPMCb>iJ`z>xAUw2PRWxZ2LE-1Tpd84^^hQi(3^zI6i
zziN#QaloUQjc4u!8%H5+@#ZX>R)NEgBV-j=>JPp$A%8qwt^2-+T-PQ(;Gbi8b!XmN
zSS5o{VS~DpJ<(tF<duw8{IBTu^E9#>imzXtMC|P2yr2K&dfHZZ7}Q0xo?y`+=(07(
zQ~z`4&F?Pijj%=so6YnSbZz250jcF9n}x!c!+UnA<Q)WCi(S_iUx$67AK3ambrTA5
zWkCf3^Gr|g=pRIeykA*Q&G$xIkm_7^)8}?4%4?IkF>c?UcR}DI%WsX4=#nXoY>_S|
zN)ASoR0U@q(V5y~l)6jQ&kxwrHAFr&<MTB}VJvLSpUdSx*B>dyAujx=A@rymoo~?!
zYpM<jsovc&WLdrDj7pM5ka*p@E@i^J%8tz)T^)}jRZY_HM6B;x2<qMxT1Dasi}{a@
z@U8)5v<@3#u$6P6C<elWc`-hCuV{a`ViApdwM4#8I|QX)7V(e@r`d%5hlO*zbr~B;
zO!zLV#IiZ<kE-&8C$!(nX+KxeE*4+zshGl?M_gylX1OsoJkip)-c^0IF;mQyiX+sR
zFtCz#;c+dMp?iG$l<gBlRDKPK&*Mq%x*PM{;y7}Z^4)4~;nxq9_NiiRo=7g{9es|Y
z_1z0?{P0_@TQPcz*h{%$EsAOQ<q@f6G@^@{-GupwVKfu_r2O(`(Ujs#uL~@A&n|C=
zM2?mQcN_RMKR&9PHpO{ZJ$8Es)!)k)De^2aMsS{r@+&13zDz`<@&b_x=E4A1Ti2WO
ztL&e{frVxYgN@qHW~K{EgYra8@Zv>BAhQ4ra<Vl@A``*kcTJjBd=O#DYI*!JQ7&*-
z=<?<L&CR}m-|FPf?~m$H<43j{-m5z08hU!?R5K8~13D#9%xkq(l(TOk=17cj8CaF|
zFk%G5R2}xL&ec(0Q5Uqt2@n}p+T*1rrSvSxoO*aw2e3OrL`vQNTdIRf)HZpolAZru
zAKi>L%Qg1k=RQnQKGI&-eb?lh-~2r8%}0T}nwL5go3qigOyW)Z;}$cfw>mx@@mYSm
zePDLWI1bO!gb;wT!6mI_nd?~}r4er)`(A!NGB<I}+jzxu`bEm*?5**Ka~!{RnV-M>
zG{H10cKNKZrS0DS6tQ%?MCg;}hjDn*p~Dk9tvw4Hy)3^&j}!crSL(UXD0=eChn;`)
zZ-@~$6?ouo`7fo0N}MkHFX{O+29+;Oc+aQG2}XN@Hrc=YZL_g;&x2Kwb&KpRoR`V-
zlUUXzg2Km@EldkI?|xc~HTr#=m~uScAEKY;Ra+Ia`z=F#u(a8>e`t0~`;(_-Q1axQ
z<IKam^f*&4%<d%tySE;fxHS;_k1LEAu2{_XOT5UPbE@%u-YfP?k3vpHe}CQe+svEo
z`oyAVw9>lACPh0caV%VNKcu(p%(Z)KsoiG><zD6n5Y)F=`g>QbQxnU*<CWYK+gWv7
zoE{s08CRzMsb650yT$jxG8?vF^g2aMID7QNEO)s})}iE)#_tpKX1S&P?ynNoE94#d
zif?^)S)ZL9ZJFl$?Vjaled)oA`@ele!=`3`I7<+)3~UI$X`ALWq$7C3eD4(*D_z_y
zx0G*z>!*-`+p`t2KjiyWS4T#F_iA2yz}0dhIaaY_vT<20)pAwV^}5rq2ZtqkStM82
zuDLpUELiT`vc56lcmL<8;|uk;1m>UbLZtO}Hyplk<BIL9J084hT6i{hgIMkov!D3h
zVMpihxT?zvde7J07bf41w?9d{dHeb=X6iO;ZuUD#9B=Lv;l*x@-l`6I&+9J7-O@!l
zdufKPt|qrP_3L`hIkC_`R&)PB#oUI-H+%n`kb9pjTcW!isVToK-?-7PNg?lP&U!pU
z*CZazZnYWRo`X7TgH9Ib;@7@^HddLkC2RMDNan7GX1i2yn0ye4`Q3v!%5Oib!6^y`
zs;g^iSR_3Z5oXFiUQtF@?2s3{Q;YN~gX0Pv9i5XUx3B-wmUlae`tY~widQ=@mYpLz
z!K*5Y7rZhP4poT}h4kc=96raFBg|k7zRLRLKA2stE?I40C9v1Ai$WC`{uvuHHZpQ@
z!KG9ZuF`eZ*pvTrqu7E(?6-r)Y~{aa5*t<0X9LLqmC{H0D#Cny0)RvwdQYvV@$%D;
z@SBTR8{M~<@fzE%G|pl9hvYmLeD+K4<Y#})Eu|~jkvp{t{jYxBKW$s6O-=M%+v9$6
z`|#E22hkmgU#>WxWVt^Db2nM3{~A=E<0T2Ea62YnKjh$?lGP0OeDAbI|Epa4_{-3$
z_?S&jYvRjoXL#*KoBb;EnHvWcGh6EUp}+d?zts0yKl(bqcj?ti6zVodv=zg=#O1c!
z@wGO8>=+#RT-?Yj!Oxgw1ELrigl+DUtsgoJTg*uu-xZ%r*$8NF{1sw%#yRj&aOlW+
z^xbPQoq^2Hk8UZ^-JG?*I~`-SbNA)y(PFiFo-Xdouf6M-b+>8{B_7Ok6rNTPn9q6%
z1XNr-<g^U9X%XOPv(4YUY{=RDuq9jWnLtpP&6Y}E^I}@a8;*@UhL?*&20k4!1et<&
zR<3Ohy!>n$Zu^B7v)-=5G4&N6bBmMLI}U<(g1_4uw>4W=uLaL#TKil#d#JNIBC(LJ
zkFhNn^fZb2$J01e*a+X3Nd3+-?ka<?uY%^VQah984zq(X`)Opo9}icN(6>F^)>PiG
zPmQcrU+1>+7<zFMeMP}h;?*S8`^EeEw2$1F^27L8m(tA_rB<4EhMow%T(R2YX<HrA
z3!*95?N`{?`&z7iYRb)pncDF7A@A_dS2!;>moqbM7O6=5-o?xY4!TP|)9%|vkY7;C
zi!&r>Z6~UW%`|5oCyfQt$7=Ph1sSzdhA!1#oyPhT{oDcE)+HM_y{~#6YIzjh#CwuR
z4V2j6{{D+lKy?e!|3zJ>&Hl^7^SnR=5?W>`5e>>&k?%g>JsOM9uzKnD7)D6}36`0d
zNh%|VW$|p>(3oQ3;>D4ejGg`WWTE^THK`b-X|WotAcX&AZWH3W(24bwaF^zYB8eyM
z;lsOPesh4(fzhbRm;Qol8c$7P8C}3CZ{)*=J(w1#P!S>na^&t2E$SVgxN&54h~#<I
zXp!XKlF^@BE#x225gDVs7as3-iU@atE7x46?tj|CdPGa}2!)ZwdFmuwljBHLKW?98
zHt3ZY9XD>C{6@G)ET-P%gFU8|E~!Y8Y2sLSEUre0@q&czBF;yG#Av~)n~B8+I7;rS
ztvoo@T;}EBVu_UmQpcV(peDs?BHYsNEK*+(lxic&2<7HFMD*Z}C%Hx_+?}V?4$~qF
zQR@1%SjriXzLU<QXT^R)SEtbA0H1t~CMnFp=sE44r|)kSbeE+gEID4qn^LSc#6rYa
zrNXZdn(7%nG$NL5OUF^<eM*MPTVXFW9NujBaDO19h+j%76H7#;BGb?G!h>~GT#D)t
zLe!-;U!FEIDt%~{?U?E#<1Y{#@32>tZ+PPzL)&>T$pXJ~+OtT#dzDOzG{+DsB{44B
zLc9i_Jl`n4W_!+VIzsAVJ77YxG1%8jWO463U6MV&Y(eWF&8dS*(WYl)ck%J=*`4NY
z|K`LP7R2JI7ESxFaDjw>ONT+j)VNzWmlnvI+|DLf*m{WHcXY6EbHk9uo8DfW3jlpk
z#yWZ=L!O&E;VSAdH8BCnJudw~*{~?^L4ZVeC?FsJaK8yjcAHQ^XBdx$v0tgsW68Z7
zm}|RvGmd#gT=7P5@T+II%P1rclM?^Q0~OrpD`~HpDIeS0+Z!kd36Z)LVXxh}bB8r{
z8%Ci4qSw*UF+qkT9xr4rDJeNQIRPTmkFQ^|^79#KXySy^b+*OOtDSG(E`Yf^e3)c=
z-q;vRZ?d+s5_fGl-^<DA+qXO9WQ6gd*4Ea--T*u?iLPbCkuD_0j%0VDA|tDZnF=89
zG0XT7`W7z3R183<v$}cQXPT8t+5nN#G#~mhaL;9x*OI)%4<=4*NVV0lInmWP!syPQ
z5W~hO<>derKp3+I;7EaxT_<JQ`LOrh2@_ge7o)tcLvPCEFEn^;5>Hqao*8(2VI2}6
zJ<BRu-6oYU;lO@0?)u1rGx5qpmwLwSB$E_XlDp#^dbgq%mDzff)n7Xc#`zPQl1Q>?
z$NFn&6OCshgkv{*FZ0s9T}X9f@5NOWO8UHey*cu=!E$3^IMQJtg1CqZ!`&OvQy`}J
zGabJR*XZB@of5rjXEnujspE>Gnfymu_VZP&%ao4K7Jt}x=pPk?Bh8N8L!@*Mz3x~R
zmBx6w9DlNNUeK-o9Nn3swOWt*!X9t^);lg*$awKvEUk40W0lZ^f2XA`&ucBP^|(!#
z^MrqdA<3|-F+eq@lSQ9@;1Xhx>cN%b>q!`+?4ynvcnH(j^}Xh;1+_non?Kp^0IV~R
z@E63zC9y^TPX*QtpmooO=mEwB$VXQfmnjhI140IFd5(^bX)N60;=VBaw4?%N+a-@5
zGXX*JxU#Ym3@pIY2-Nl;ySp90Y6H&fW!cE%SFdDo6#z~Nc$pEb7Ta@^YnZx%<W~tJ
z5IiZ>krysRv4kCyNl#2o-MDe%p+Z<2aD;{IgM(!!X{Lu^Q2z}0i9*A`M+2!HEZ%6Q
z>IV;IVa$Fw7}E0LV6e6|xDB)UK$msG>g?(YJN!a}`ve#T%gFb56kN&7a#L^L5|m9Y
zN_;LtsDXgk1*TS=om(Kp!l+LeKy!eOr4Vu?7N}AKb3QPC8rU6ACND4Vl%ACpJMr$F
z8@Q>$xa|4pD~!kP?e2oEB?pCK)u+ZLaQhCBT$tVm*2DMj-zA)eKf_!r?EwU4kJaVn
zXqV;M$P>W5fWb#ve!i=t;~tRhVJ0+o#&RMIN$G>M0U+)e@OrM>+gEDLMcyNoj<)cD
z@zLnRJeYo+ss+}=<3hr(x8T!@h=^FGFEL{rD!{I3HL0W2Rz;jb%EH4|^*dFazK0tr
z5;vgXa&jF;cK?+Ak5iRIYW`MT0W@c-CNidgt$FEU=>jh}xIobfqu5~JpVX`!$1Q?1
z>;|*IBwKoJt`uBMfYR>l><p*KH<%iO(P4U^ufczY9?B(2ufhrS0U1j;2@*q?B{NV5
zh7nBTl97>tqZY6<4b068fC2&U?n`!*h9z$Az9-NiNP*JHwtEMb2H@fVpAW;!VuFGj
zK&(VXA!%r6EZl%92B3oIpO6lMaiXKWJ@omJ7~n`~4kn5)Fbm9Sh!MUp)5;6JS7E!W
zWMb+gz#01S^JkGIIFrKn5VE&sn!&}*jog93K7cUb;y<!!pBo=<fCrxc78h3$Yuf{T
zF#pMu+i}E9F5{J3fU16EQEv~aBn&Y}H3F()7Ld~b0=2u?aB<@rtQH89EiF=rb9mhv
zlayEY@NgaQ&4weaf&fA9KKb;b8cq<*5PHKT_G%LdKhKBw{DJWdz>XG}q2on6$CQr3
zbl`RL*F!L!Hw)g;cl&^S2RkT=EnnIfe?K~tOD~_6np%y>8S$m5zRn9A$8LZC-qse)
z4aUhJro~=S<KiNI<_dGy7yHA(g%YFUOaWi>ahPoSi!)lz=cmFNF6YG*7<UZC>DM{`
zBe*%1!&<=nH`@?~Y~y(HPO}DOqyJNV2beyD7Xj=lLIQ#kmUTHG>G!gPjf2xJI4ckm
z{unKL3j|bUB+@h9h?^T+E2UvU@PY*cST%wPnvBQia30O=XATYy27>TPAaEQ5--rZe
zC*jisU?9Bc%RD@|s=zZjx4L2Nou4nbrjAcc%q(R48b+kSe;3#lqd=9lK+Agf?j39u
zH{g)CKp@y(pPlaPgeg3Xki)~nqA8$@z`4<H?F-*Cn6)^=j;{<jIobo>AN!@VxnbDj
zOYk<yzJ=qJ1c%oHn&cUr8Nf*ds7l{t(`_4=8z}VF0Mv=Mmlq)s5p3n}KYymg!cuqs
zR67d*DB&wSF%Jz$tic}+AuG#xLuKmq>+m_QsOkwdAd{DThar2m6?iQCbajo5YI(6?
zU_=2s!EL^c$r%t@xbyYbaT0~_S6!W*HOm!wlc8SV|45XU&bG8q1)~+M(gBtdY;9g-
zD#K;hJ5VsA{s@l)KF7PkK>&8x1(1-CSR`Y5NwP5Ue+r{azj}6u)AtNsD{Sg<BiORa
zi2sz23ka(i{^o4IQq_&j@v1D&f6cHPCgz-vSNy4CX#H)_AigaejUB5p3!wS#bPEbU
zwrY6_s}V>6%6g5sT3}iv3^tcQ{W|&mtI2un#zJQdY>OB0V*wL!WiWRPV8LLbfQ5wx
zw8c|!euHz{DII}f>2TwQG9^H3z2NpWS!ag~2|0m1apmgO7cDJCy}P?UHa7FH!(kz~
zox3M|25#cHzfmQxaXBY9H$aJDVU?eQ4z#tCl9PXYsQCo`=|zuIQ}qGpeTkocm<)UI
z%a<6Jd))eJc{4@^w8}t<CuVT}YoO{B*~<UU*xg-V`MTseE}0G8bYy0Jz8yFQ5ULaJ
z-c@sSI7bx2IYSy5+V2F*kwNqZArYKSD(2=AY-|ynsEylzv4!=F2Y3d1*qm`KLKc;Y
z?1&g%Au)$*@aMB5PblpKcJF}i$6zPeHKAYyoP*SWLOi=llLfr@L--+JN_2$!!#T^V
zyxb2gOL$^qmorp!E$)X>Yt7GzT)y063$*eT_)dxv($XM7pM!%05W#k@!3DRNO^i%z
z$wU6KMeZ37?BOkqwNrT6N4>07Wq+giUlD@>osk6Ki=Z&H&XQVMdyeskUp{Y<aCP`k
z+3G*HYrFPcz!7P+HAeZEnSBIDC!nIiac#Y9%eiYb3Wis}0VbuOcn0VpglYBh?wEdS
z;GT%6==bTSjd(JShUd>=7&$5`N<D=>rVCmcVnwNbU*cKrL`uPcv0WOR&89FR4U`99
zrvc5GATb{1n3w$_ECXH#yf(&%hgZR23x<ke6qyju&dv@n3$U+s_4K&>N%((nf6;bT
zGjxM8Gzx72xNLBe+?Vp^3J5@>_gkN#BPu!+Y(K_WfV0E|GZQZC01KT3H$EPH8EZuu
zYd9td;dGIZmZr}Yl8lzPJ$DR&p^khq3_>YHFYqoz4gp((TJW0A1)PAzAPX}yGnnx1
zoPn@Qg!K0Fi*-2s6%G;a-1!Np5C(_vHYx#RcVT&qUK-XbET2aA*~DEq(ZK`uIe5-e
zf>TH#@bv)M^IZ_*ch^_290PV-q=BauC9(z<l+L-|Vnag%NZ{<wePirQrKF`{#Cd*n
z^xT#zN5$LQyG1H)hs`#jjmGGie(X5RPi~zBae70&A$cbaHCX-E-~qOD7}MzHAJIx;
zW}&5&d-gvU0%OE~X$cBCo=|$fX*bshyuj1y^KBGP+QQr0=?16CbfQ2Cq@<@01h=Xu
zK)8k-1?gNRDK$0Z=sGWvmDLp$5<aU2KgdQnO^@%#E-zs0uAMXft4(Vz+jT}m`m?&W
zHV5!0QBew2NP!^Ko!jh~nNjyJkdi9aUPQxlYKDCagiuLI$w3%P2ZHLV1bD9i$pR88
zRFoKaR=Q0!oSUtWV5*`RX=&pJz{xT^z5RImEdZ-_;0jt=%6W8I7IBWahO<}2e-)!7
zoQsw+(aPGIZE|!p{q!kYtlEah&x!gdO0};LBIAe{sOjkNa>0GZ8jks;rKL2Ix5G)d
zVQ4>g6At~!i3u>Npw>pu6(Yz4kW~>tOzY4_>uy5Aa+gKnu2}dny#9_Mh-{r~YlTuT
zdYTK30K@ui>;TOV*jKSz!odURIUwST7zBcgPQK(wXD0>`K-2Z1w6uVX18DZ=VOZy2
zSf;K09n!{ClZX7oEAN$PC_bd+ofm20ot@2d<RSqEoSz!)VD`7$0f+I~cU0_uv>2Ff
zWzBKm!~yMd;+0>}fn0pw(}h)7b3966at6mE?9}IQW@ThhdVR65w3Gl!t+qDbrAt2-
zy5iuYo`d=I{YZlgdt*?<GBy^TT3ua*{{zQWqC8#!@2O-OqngO>A~`=Gg10|FVE~A>
z0FXtIl98bw!X||6!3(B7(O`oK2R14$scrf>xC=oQ;r2vb1m(`|?vLrFCy-|H+*i5*
zsgU{Ot5|pwb?n@dk~wn=k@>K>&&lv^-*ovb_Bvw-U~xEos%2_fF1%FDrZ)BAoZ?jr
zi3)U)#G(NV@4q&V*V(^<m1*|m+AJJ}N12NdE~`zdyjF&oG+wi9Zf*jZiv$Fqot>Ri
zjczjTGm@?ks>E1XZDBv2o8*O^$`XImwuIo#@rl6|=Jl7si3ytM(H0qybz%86*4M*g
zd<PIkTSgJe*YO&fd1*5<R`ghF*OP@F0onlerETRo<{cwh7A%q=vH`UWc4J1TPcbL)
z%Dr$?bA-_rH*yVdKL=-W=~Cyl_A};wMu@fNvKh#)gBvxv4CtzI&*N?L^<qkY{XauO
z=Rud33K|9HlZ$2VySlJczddFT?}jX}#-wT#?y=|ix5-KHReA(hVK`=5zy}ur013VO
zmx;>aAs-Hc&<Cq+`1UW*#A6fE4g=!;^Jm+1HPokAD<NPAn;9D;lR@?#2QcJM?O|c&
z=H`so+Cy7`vkuo7$i~3nZ}#~un(CO?*kT^Q@W{)DLShDwjS5y!P&mRXefjb??71ke
zRgj{(0iW~cU`_;Chl-H3tu3qR>mhMb(PwaC!r4~<krXb?MLUqux4}*Yj<kW`@(cD?
zt*u4(%gedw7fCyzNjMMLz&YVrqOpz*fD}h?sDE3!Vt|JokqP<QEjKr!1-KS`gQEoY
zNdF2Dg`#W0SLrUJR3v`gB@<H~N;pBI8Vzj!@`K@}Gu&YEjU{GE9ED3*$t7w7a9=qe
z8xZ>eNff}@qTp6}Zjkksz#7uUSgQyJ2iEnTnCJ0V;Ls=s>#G-+;eZY9;D-z|TE6Z=
zB4l=u(=0&d(8%I%{in#b(}a{zar}4ZrT%S>$}^DA^nq>8+qZ8a^Bf$sY72(V_wGE&
zg@pzY4$d>Ajm;Sl@!;X53w9a+FMW3Rt{$W_(+$p|aN<KyvAcyU2cN32^C+h)DH~C7
zpQqYXc|}FZxiuP4`h%e!LAX^B48i6;6eNmOlU98n1IlxEV?GQ%12`;xj#a#eA5B(P
zb{L-=&b#5nYZo~R$m}OnkjM-8C6u$kYz4C#+<`vgmnakpl4|f=$qC(A{rp)70_{fo
zSsUbMw4Wi0V-qvRcZ>#E>^`LpX98>={7`1KR=Ih3iS?{)p(oOmGIusvkJx44C1MYZ
zy(f%-fsy0GouYkxg_CH*!b9-Jf_!_JF<m$cqBTLrw~6`^zzo8b-oOrS*}JWxiUSR|
z=b0~9wTH?@cWs~3@-XheEzCuk{)Cc@NjF!-5v(O4pEz2828&+4Mkt?;N+LQZ&(E)4
z8(lsi`cyt~adE*?>$WH^E*6TSrlvl>a?uL~^|MHM{ZY(4iExh}`0STz^v^Cklyf48
zK6tj}@g>n_iu_o5F|HCa5x96keg{jI<$6sVx+30M9^$$QEpr1t9$tN8V_V=JG!yvt
zW0p<408ZlJQ8<9vkFy)I7at!Fk*T+*XFz1+7=q`n9`!ON4vvhJR1q;D4Lv=+jFGqp
z#2ZMFM@W9X2I4o{46F_SpInVdP9_9<4OjgUe2laxmtk%JfxC>Rw5<GihdJb&25wLv
zxZab@c1F`u?6f`1c>O#Tp{SS0f^ysK+xqPuD!OQUw#7PI`YgqG84(ylpCJ2yOCtp{
zvmOz;GYrMVAJJm@s8OtLeE&|MU2NQ-O1Sj8)QO;<Cx*vMmaRvn@Rm{Rc+`nqF|c8R
z0s}`^QGz~P7>D7b20_5i1rtdyK7|{Y$~`d1eh-(+nPyMg-;lQ2Dpp$=Vf-ofoMEiS
zRua0Ec`PmcuUdgRn<GM5D-?<IMQaA&Emj*>3_;XcMO}L{Kx)&{DS*nig6dFTKZQap
z7V3hONz3x>6O{f#K^Ns*FB^?Q6Xv8>Au5hiDMnssMNeyMAx{q}DK7SiFK%cMOUDx*
z7IY-nKw=z5RT7U!S=1Y>W=rd8XdE1Ue*%ZQ+LH>lXQiYV>0e^Su9;}->Z&T68SM-7
zuM1(sjnj~?@<CZDw~x&-&2gBz?<8wHB9DWO0W(fWa2sBPNg{1|Az6Q6+asU}l3T&e
zCWF^lM@NSc{vjfQJpi1w2Cz8Q*VkVo6Rzt1qh4#re!+&|m`8rA{kI0Pq4=jgW!KIb
z1hR=RNd8B(Ygeh11L39%C`YJfmUpEy^U+b--6_Q$4G0KWeqO}Y*URQ;zZB0nc~3R2
z;c+zPGWcJyMlg!dRg-bzdxFa#5JAEJ3SL>e+w^6J(eJjEgwCs2L}`leU_CkUy&N?%
zHg=xYqGBEE>f(SX0A*XS)$Rd$kS}1m*mBn{jH?jh<u0nvXu3715+5F*QkgX+z;HCf
zh|j^kyiQfkk(Q$MZ8_4i+ll9{4n|yG#sjTNWNAgk+aa#*aF=3^0nT9p6mbSC5&8#B
zEv?Rp+t87Qv<-eFh#$`Io?t^pi&t`eLtglsn%G=$_byXzlAU6+t$F>={o<dG=lp)r
z?RNijtuno*mev5&UtB)b61Dc%N2V1j`}tjVhPqi+S{mC+<vtn?7ILvW-Dp&-kWt?A
z86s<sy_^5&5kIA2NVrZPTQ=!bv3wciGBC3SZz~pV3|`B96B8B=>7TGIjk?j+`tkar
zc}hpHdX$}gh#;>49CK|+iD=mAF~HY$;ou58I|cu-2r-{HJvLJEVbWpCtGm;h<jP#i
z#J=hb_MB*W_r_8R*Gr?C6mjX<3j&K6*RT{ZT5ug5HmFRo`;_RJG9M-AOz3`$F1*Wg
ziDrbyK*136qhbYTeoyTq(LbA}K&E*t6MuHk!@HD0`kzwDs|!#uyZ-ikNM@7oP5Noo
z%*@R0?k?n6K#%({J$*l)W8(15n>YOh@7Tdp)<EmGGQB9d6npOC6M8m$Jd+Zg4E7bK
z=WOV{Kn$Vf@>M^jzjCn@Dn{VA(*|DWa5*%>LZp|m;k+9ma4f!5217Cu$lxYEUf%wJ
z0T(a_fbz-@I6NSl+uHnaG9=O+Mg_Z2BE5@RohXic+0vk7RFAru7+u1p79nP$s*Z|c
z99P09+f}AU80$QC8u!69bkcZi5Z%IclaA9sUIZ%pl=mz<>@nAD4=!S1lzu^)gkwHM
ze96Fk0AWLV)o|d;pUibW(x=@d(mkW$UdN^Mf65JW5&zMHeiPmFz-uEN;luRp_q_Mu
zK??eEydL{<(sRzbGo<swgIh8KN?6;eth&Vx=EN>Wks8|C94lm|YBrqtN6LJR=?l?Q
zi??)_g_Mb>7D;pKumjb_$?pa;rf<X^mAN=6hqCX+<7*V+EkcQ*8qFb<M5KzizcjWl
zZBHGmyOfqUwXKdV%QQ0t$y0V$ix^YUO{=e`XiixAiX2a@(em3-9(0aEN{);DCUMn8
zEf$8TsC6yBOEl<GEX6|94XRj*cNMBHh&#;wDWV*H3ZJ&A8creiN6zSb-uyqv2hU^X
zV&h}Vb925w==k$GjH@ElX3dmA325}}ysh?E{B#bM{|l7_vnTOUH+{T+kGSh_#6jie
z6z7l6-$kKiqcoUX=>CsH>ilp1V=M*847femr1(r5V_4#5c>N>D-B5z?HPf}HfI8P%
z!Oi3EubRIt?f<uDME>&vPiY~W{mNW>7IFT4{wXN^`8Ry!b3Mv`zJWiP@HzX(L-Nd}
zbowFrL}gLNKhFpyfoFvF0>@*4S>T_C{9m5%&lPv4_q-SJ%j1OPkN@m{zUu$i7jMV}
z{pMfQPX2rpEWr7#zuJQ4xbOPx3I8Rrgm3z<WEiTUgMZ^c{kO)7|D`SprIfP^e-r(`
z<&{4|<8y()fBy2{OZuNLcltr2N$%qR%qh=rbHGRXlg8Xu_0iA7_$OE#pVwXgE!BjH
z76(;R{?ET{|L<zJPc~~@_HW<~BZNrvukd<4dG#Rz%XR#Jt=_jUL7~s%pXE@X@_+vh
zocR7#J^kqbz%$ZAy$??R|2^h^`#}&)IoJbXYDd@E=SQ+)S(!4>4ks>Z<1h}LX#+=&
z^z8~rqln2R6S|e*!weu<eu;Q9L2Sr1o1I3As6une!nZE}_nGGxW%zK?U-uYdQ>UdR
zo^8DzFI@ge?fg{Xq89ZQcfin@H{{KvHys_neEqsO-uL!xNiaP3kivE){I@IEsEsyP
z8{DX3uJtF@jx07RvXuJwz5G}Ay}^^;SK+7y?Rn8FLSkN=rQ(qVgX)0=kGX3&&z?Rl
zE-A4A+XFJPv_5#h8=COUMPR5dXhmw{yT6P-FYo+wuYYnL2V3H_m1n3!_kSzXGLGRb
zr-&CymFrY7$L*Xk1UeINtNQsh78J}w9}F67!TUcZli)hJ^DrN7RM2eEn0evL2gjv=
zNb>^53o>Kktsy(jZW%w`;Z_FN9sdyyWZ?hj{7L@-?>%^*S)lSN++}Y9U(F{gm_-*s
znl#rBw66Jd2*KW%c=`Mw3V?LE3HrEAO-&HW^M64e{1s|M&{xyY)GT^TB_QJSKBV`{
zE)FvfWhOpY=>BhCu3OFuW3h45T3#lMl(L*IGYwzG;Ak=>zUy#YQbxuGnga-gmh?H+
z=NG2`H5QfvxO{`~)OH7T|Nd_>IV+!~e?_YQW5a?Nh=ve7L!zXBptIHt6IrPF?(N$y
zuKV&>%Dx7>hs3C^!)CC={5<{|4{YVU;hGyCkLxh1d7jQyM={)Taan^Kr2YfxOsI63
z(;BRmFFxo>kMGn%S2n<R{wKuzsiNr&k*+V;LuD*CH<uRPh2OPn%=>8#5}B~J6ir#(
z-D75jxTsRs@5J^tlNzU4e0fGk7Pq6>k*kM?gA)hY^%!@t6a?Xrj-OPY0Hd7^PC%nE
zSWUM7ZO;<@r_oZ#bFt8;_MoB}mJvG#$Cg!IS{l?g(XmjPL%iGi3#9n)Q?XLuDdz5`
zIcp88+octxr$2=(0x-O`lwMeUD*immdE}_%P)`l%zN;hUmoHr+qC&AcqMiKoz|bv3
zkXI5qLJFCdbqm8Nb`5R3qHUQGmwVQMNLYHXAYT&?SG^t3y-<P!2Bb2vm^znRa}_aL
z4LZ~uNXOz0?qTB^;ApXzBgL}Sb)zoUXGCGr5A5Sy)UJ|`gNw7dBEKG|$6Z*N(p+3>
z*OtqaYs}>ZSGyxHr8y(Qt6MqnE5h@U+~R9vxd%bqScpCmJdMI<c+hB8t48eO!T|jh
zVZ}HT7GVU+;YuWHjaa1#9eIrvj)<c^yFjX#pGZ)ZfiCgNQlvLg&0RD3h&Qpw!yhHy
zn8FV}ZwI8rdNCc&2vUuA>#af+u-WGAsFNulQa1w*N7i?2qyvgg?SowxN$9LEXx;N9
z9UH=2d7g7gF^GZE&{2zn4Jzmp8hHe)D`)}isMP2g8QqIzct0Xl><ZAuc%)Kj<C-)3
zek&4ET;_N7>%Mp?sy^wl0x{>k^P??449DjdGMRyAJqOHNwA;QQp(Djb3>6S)6#D>K
z{}Q|fq7-1-UAc1QO;3-Jc#HgN$$GxxdE#MWemObo(DlxJ+|0BwP@sWF3sl@#DT0W_
zity1gwO<qq8EJ8HaoOLCW4q^Fz3fi=-YX+vZY0YuqE1|8<T`VFYAQFyNU*_l`fpWM
zf>LQT`y$b0)~ub87%K{qq6Mg|+!w#)2f)c{>|sp$(T8}*^59ApDd@i$5PEsUTQrhH
z=qOIHXMI7_C_IXOguR`{wP$c;9roySkz;~*LUbatz_!`-FBdq6vuZDBe0J?@LB75J
zF`&Qfu9(OdZye_V?&X~$CKQPWc9GPFqWttSm^3rz4BS?+8OC>hL7Mi^YeVwH&}Q63
z^2vNeDKFA3GoT_fgHM?T(_wK@QL6cck+@?eM%<2P$5WgEg8O=w7#|Fj+QQHoi>Zd_
zXFeNHXke8^yv6WSJ`*9KiHPXJAl1(1ST@kH#O<yOr~O2CSg`BBR9RkW!fU|9DWu4{
zg3{r%HT@CKiuo*juAjJ11#7ub#vw6Xo}^H=2jhz~t`A?tEGj{4-<For3#}&xKSK@U
z-d)UUJ9ZSRJ4C4X&fg>Z;_zc4;q{zm-%#ca4<&m0(jreVM}XRk%g0BPjc%3{6ckVo
zgVOPHkN`jv>Q1n-ZeXRhmR9=4qQ>=KtO}0kjH3?;b0;!GK{Nm`?#?KI9%Y%-%1WLL
z`yevF>FYxIWZ8{6S5R2k6B6`^Pxy08hLUbdg>0=~A_ScLBV$c44UFdmI9O(t=zhSq
zzoDWBzF|LauM&yGN5=N4=ULgVf{0OGYXs|Cvb30A#vGIZp^}uLh9!a}otT=ce$}r`
ziEorhwUls@j#bH7EW7CnnsuQF`FOMl-gpt?ICm5p{f4>~3FA<l;tIwCN<?6D-!G!R
zdMu{^BnGvt9tGzreGF1VO<5k3Gha^{p&B_P{w0(xQ4wiUC|2Ds&Z|zB@8eUX$j7-%
zfub*#;R!b?ExLf<z`?u1@0@fG##=B=jnzyZQ<Bh#j9~4tJ0`ej>}8-_JS17Dt`=C#
zVU9LT)J=Ucjl)b_ol&8`84=7rOs^IRXF9@`dv{~UV*#ObpA@46sZ$~P)3lC`buavw
zNaQKn#qiQBauXapyFjfw&Ec=EC}WV@UUO2;-PM!MWRD0ooVbZb*`tR0UCYX#vsVAw
zCA142R16<bsV*6Kwr(y-c|6L>l>20)ZvgcRN2y?hyIZ_xZ};rZ&H*uv&l_;fHVA~)
zCX`%yN_dIud!_x?p@?<T_Iq81f#H5Sg9xia9>xz6s7kGNkjM}YsIc?$e!G9WjSgJw
z-99g~Kc!r5f5xCFF3YD}_WJefbI^CTO=y~L7Z-{1R0i5q)o@$1B5}*YszE6Jr7Jjv
zml{(W95eVzE`3vT=cmIh&0B3+ZpR$;L&(WJxIzDTxrnTf4a*?HK7iE;SIB5w$x=*3
zN3~K7p(O7&4MLV2|8BIm;V%@is*xi7T*}vpS2nP@Y3%tmI8C-ZiZnvy(D|;kvG#d&
zlNaHNrzME%7vi!ii5sE|Ke(dtdAv(XFIS`zFZ$j}JIf(!^uyblSF02?8<ZWbQ0SwQ
z=YE?zn+wQ+Uc98>J|#!#i)<;<7^Ol(Hqs_c8mJgFLmTw;*p6b#6L5Hri;mXF)Iz%S
zECjpOy>JS+ARUF${C+P>z>If@z#;M0l{>lGLu|uZTAA3(@O~3yt)42rz&Ori7SQ06
z@<=9@lFUxaY7)S_e6>%BH}|ece|V%`nUXJx_5NF_*OQZU*#zGd^C>IQ>no#XiS08w
zar@##B#-%D&-9xIG1{xp5{%X{T+%+YVTBZ|_0=m|Ba@N=<@-%|-7Hw?klnx>V*7;`
z&)Iq|QAwEn7d~)GG_5Aa3o3Y~(7J+}d1)1gYXV3EJRxM#XF~3il%#E7K-!}wFBnKg
zpjw#<p!~QvFtn;>qj=v0jTUBTY?zo(65mTtN0HPq6>(cObh=+4=>l}~n^STrRuK^|
zsOQ>*o$Nt97c?56kEnl#^)yM>j~S#2N~S?UK@&I_TRCykw3LXhqjBD!uA8`t5$6u&
zt%a0Q8c0hCi6%%RO4#sJxRzO;EiVZ-s)Jmr^cpav!K;Lg$T{b3u)fomjSUh<A&*hr
zQ+0EbSTS~adFFS*j0lWXGT|Rw{y0&#{CB+M!3GxWUcqZm0aPcD%dvob&MXqsCDLUz
zo=anH&r32)&<Cq~QAL@GgyxcUz9dK@c6A~d2UL=cu`5#VtZD1N?Nd({ix7(lc2T~G
z1JG4&d8H4PREk%J;u<UQhRq(C;+y0KTWCbb#5@MWT4)@Dv?VSbTA-3oiZ~I&6IJrk
zkvgouc<_TrR2=7-xFV3dF_;fEAVY3-9^<kqugnt}kM25Lwe_`&xz3Bh=~TZU)=xSg
z(7k4Qy23KvO++coG@5W0RQR*~eV1ynEo1&GsN!|Hqhl*^>Djr~di?5T?jIYYz?(WC
zt3-ZcsnlY?Hmouttsy8|+*?w}mLVLTnK@o52rE}WQ>LnnU$fl-U78!X!@p#52&L|u
z=FT%%9^N+^N;~_x3_3C>+lL$<)W3=;A!5+7vsC)ni-rOD99$VbDK=g1ZmzMX*al2^
zp}<cSbaKeiADh->J$`(tN6|eG{1gD#Z`JI99;7S#JTEWr6dLH~ZAlPlK^h$|N4KW<
zzOb+m>|0Wxn+hdZh0}xU&@rgj*4EUdlMimr%A)>RDa7ge5SxVg$HoQ=C?`V_pb!sv
zILHxxcabPSTlE)+qE^2^5B0o#WKg6Gf&;dje+RUj?y`#r?{;Tlxs6yuuVUD*4VN5}
zY%Ybo`uZ)<EuqSL^<-5+6A=n!zGd4;duYl%5WRU9nm8|BD;APh7j1*I5{j;|*5WS|
z-$DC2`4(7$L7Tj;9~uBqEoWuv>A<FpdLZIBu>W%!%m`*m)Jb@fFHx2g5}`kgUU_$4
z!uEAI+*Jq}B|RV!2f>$+h)AaZ^>m;KGS!6QWONwLL80J2aJ-0&i0A+fLLEyCx~F8&
zzUwMA6_u)SEZ2CJECx_Oi67fNaygG_3(=h=ebB%5pk8t<%iHycjFse*aGeM@&T+AS
z$AR9DIqD^^hY$J~+02A&VI|z!OWXabdsVoFczSdh199P)M!Jp$(MNZB)G#tZ`V+O|
z2{Iw*yTwdFsdDnEs^3fF5Umo^en!KIAVqpDoZB&IT1XLl78VvzVp#FnN>rC8Pe6ur
zVC&n@O;$*i6fA9tzHaOjr;I^`QpCzI5@#)_DBISQvnsuSsmxNjl^xKG>xu@7g-K}4
z$;imO2(<Mdfvz7hleF#o;TG?kuJwb1gUey$B?}jvey_+{K@X{W=rMHLcIjyn9dheL
z?FS8^&R%z~qY)>rxb8g~EoR=57SCD94d}M(B*w)3<cp0>V^7IDcY^?L4|t(E)7%ai
zoM>)>3izC;|CXk@UD($?7X@g~B^Qag??XMb%CICB>>(U`dU}Q+ph2ezq(^Y=xRb>o
zY~Ky4tdC&)0L*ge4y;c-C-{x$%Jubq!P!!(!a3d^I$q#LGTGov;b+))d!!iaY6l}J
zsPQ7rpp4zS#24Kq4UMY@lAeq3?9KT2uh7SVM%u{82wXFq=G#t|`|s)JOD=3|2>woX
zqKW*;G(}HGr<4m4m~*WZNf)e4DEdapuTtuNnqYMYWd;YkH-t`c_Ziv`g?N-|HEkik
z&%ylAiGez3kASg_4GU8d7qgAw4(Rgi<1i*-LHCvA)py}soKqRWM8zL|iQ|zcm~4Ya
zCrx`DR0fr~C{%bFF~emYV`Fc~#-O_zdl7cZ-6Pr(9*e0NBxMFBw5pwCZhhnz8~ONA
ztsQLrggBNzC(zR?pMgR|QG|<Nc$bY0f63$YhLe)LDMwLa9D!{NSV<Wa8GIfHzjt+j
z%DNR2K@l;r(k8rRZfR-bZbT=W-sa$-PJXAPIJ8I;*^hb;DYx#6R4T@&V6Jv6@mXQ=
z5V?_+5aaPvN$YFkSS5M%clK+<!6gkWADc0iSeHw<-e7Vrk$%91VfV-z?WrbJ-Ouxw
z)p@~*Bnm@XT6&jWqbfc{GCwuB;niH^bFH_`6`UcN<h~v<<uQ4PP$b$-B0YS@#o&ab
zB#yH^mhi?2yp!LuR;wBEm#b@QLqQ>l8z(Y>W%}e=2)I~H^gOa^F#-jr?)}S9Qtn=l
zslAMexW}tfrlnMiovSz$Aq*}zLQcc1u00;OY$oW=7U7q*CtlmOXJ=($N5yx_Unp#>
zs91sB3!TE)dfVw_MvEW7!<<0cpL|AHU5!T~kzZ_h)9D;Frs6mfmi`tn(PyVfm)a73
zb^v3lm_gRwHKeXxDLKRx^fw^+X@$Bz+^U%sLSKRM29`nBKILx(SB~J2kP*zx2M->E
z9et~S|5H{`0m?fG=TQe}Wo!!)Z#Ks;sW~_-gC}q*)BUC<iG3Cbp))WDVfuQB=duSh
zWMC&`MBSVMo0)gHqB!RU?a$q&L00-)qYJl=SFSm|^G@)ak9Baj0|Cs0A_tCHWV%i8
z)*Fb%^;A$giJO9)T#d{*avkms&USVYM*jZ(PS0H@MFQ_&LpK^G0-J*mMV67s%7w+n
z$UIsuEjxTyG03{2cA-}SnWqi|uey3Ks6A3>g)yc^f4f89BigKvc@)C@cc|z?4d~kg
z%I-P~_&pd6-P-mTxqjJ=&oh1kM2`Et7Zi5K$Ht~XY)BX{_X`?*V&dZU<_wStz;+g*
z9>>WMRCFd@xgA#<zUx$497ph$VFkCAQ1YT@Lg75Y(yP}?EVU%ihxIx7?4Xi7c8~OG
zVg;c9aWnnr;BVj~X|3r%LStX4RLF&*&pw!BC0|V%Dp9yoj1)JCCDvFXhY!0H?x0K6
z$`AcziAHz0Yq`f|ti4%t>B%{(O$>gLpb(jN{vXQT0;<Y2iWVh>O?P*9Y(iSPyJJfu
zAu6eKw{!_emxQ7y3L+p~f|80#mw+fCprGho`_z4R-1o-2cZ@R}4iD`8$M>x@*IaY1
z&qtNVIpj)TUjv*x-9)MlB?1|vuM8`_ZShoeP*M*5y=+LR*CPS74Dm-j!FFfT-8M|q
zxGkr>?AmjU_Llx>*+X62sYjG&--FwHmhhk&>!ZPXrb^O8*Y@1yW9%2qBNY;%1U+Za
zWHl34y_>7RzU<Zgrv;mWjxE!Fg2u{r*Lv#}g)xRkrkWYH*;?-`aBWc8O};XYx&H=}
zXayc|8iQ0NGiPUb#xIC!tv8k;pxvhJvWuanNgmxZRpE_kGN+|X_2zGoiGv22%#@(?
z=<bVGBvxFWWY4wl2=avwLCYmz;ls(!O&~>r?(#jWCVT}gC#w__XyQ>*!$Cy4f2d?Z
zE&x62sSKLtoN``$E_iKk;rJz$*b6GTPoGL{U@N3c-&jQ1*@XhM#3NyX-uB>Vo?vt5
zU8Ebq1<;n?PJob99r>f?9IqVbnZr`V&o3#|g4s*IJvA_*p;Mbc<{c0EmdIZRS{{a>
z%nDpunwl`9+7*r-(k_$nt%O(_5)y)rri%v<pX+Sy88Yw2IT8yB3f8G82|14!Nr9lJ
z{Mr^AVASm19{y8$3R;nmx<RtD<)H4QsZa*^G8i-wFjX6k|A@DrQUy=PRs!TW`|)GK
zUtXD9GrEK(A(=Y%UN|!|v%=$E<lKU)xc3Jhqf+nd*U?%~1>0D(7zbHC=_~Vx%%fxt
z83SZQQ&bd&P~d$pg@tp_mwKq4$~XZ}nL&wZMTFAKjD3amx)x4@0$a!~h>j{MDqx}Z
z_iRtVE(9Ggf;JA~#Hx7SYm#iW>ulzO19-f@;nc)(x;Qg_5x3!fYK-%2W!Kg0)xEup
zMiCY%-^;4dkInE&;y``g=bMGU?sfgV4$!OZ_3}Iv2lpH(oMzfED!+iv#n(wCBST|?
zK+PvG@c87U)?E+f?sEtcxDqKBpI461k9LnhGVGKikdq4_%qW*QpSasJCx&}y@(tb{
zL>4JHG*Lq0r;EJ5Oc~bw;Nrcx17n6yoY$|(==kcczK&<I-QgQByx_@Y%qsr%5iAK%
zV2K`@JTNyVCS;MXfL!L5{E*L7^d+7yx}_9jNY6()P(JIhy@ItxWp^7i?M_!Q4azT^
zsDebKd-g(&7=vHt;OrI9A_Nd~$**y!74^+TL`2LbJC#MfB0ry|J$J#lEP`<&&}RE}
zv6GRJ3w0mf_eHN6K2(-R;{~5nxzLkcfH4!aa$msN0ISd=GKQI1B%=)rY9!8RLAu)5
z^=TfmJ8b=JNh5>NrJ1Q$k+np3c*aUPLgSo7FSp0t7Cs4`AgIKUs$R*|71Q(a5%Ypw
zL24z7q89gxDoPSpp?eL<n@tuBM#s&J{f6E>F}QgG77Vg}T;?%~zVTXi^EROKl630D
zN$Pz{o9D#AcOj3Bc;WKP2<9t2&xmQQQO(f9#^r9F(x$Y=?zRN`x!FDA_YfQxR-|#B
z^pQ-k&H@6RpxupqrR1HoIYG&Jwndom7h-ye+g>%9Mh6>t(<-G!t)^rPVzPi$Q-|M%
zE@YDVV_&U%tvMJcG;`70u<Leq0J#veDxo0Z*He6q2levN&aB>vJ$WW#BN3$QkDU4d
zt25HkO*9c=O_ED<gY1h{A!r{os36C|_ng}W1VVJzMFA>`ps?dvE7-+xWE61mpDV*z
zPFz8i-YY`jNffOaeQz98SKbTl)Yv_i_u<vgjk2+p3!jKXUM>NJY{<|F{>RY@wLcl1
ztwc|DJ{%rzE0wGlS5rEBsN$2&FQCse{wjj_$}+#e-FEEnF@L_Q(5=B(XBX%z!u7rH
z<)0g0md4<y&6`t<g3GQQtZyaW<%$n6U48w0u;A(UCW=%J5IcG#xtIeg1zn99y%sO%
z1FTs^@y<tjZmA<9xICFu+TVVHBTPT!iCk`n@}`c#YwdH`&o8YqNk>zFgWKBzwzHkR
zJr}_+6f$#1xv#f(U5LOthF0Uz2hjK{e1O-=77UW8wq*F|o?Z2yeELcZriDC3h*S}_
zZm~tN#Ryf7TuPA`Oo3cMt0p+9TIduc%T{&9(Hi|BydP#v9_Ev(;EU^bg`HaCt9!%~
zP&?mq?o*LT1{H7Qeh=QR9wm={8z}7x)j!l#FeevOgJ8K|7Qgy|lGmsgH=C2nr2OYx
zDLZ)V!gkM$%LZO04Bk}X*Lw(>I)2k?HX1h<SrEuV;(gBwb<3cs+Z{(c$M4E`x}JJR
z1Erb{5b#yC-`=;W*I(|BDUrU$aF?rxVm9g)c9r8L_HpS~ECuXp7m6O;AWI;(tYFE8
zXPF|I@b-zjQQ;~e@!fWu8?e;9Cdx4x!K3`#*tG0WEVUpm@3rdmRR(L^G1JAXW09K@
zqM{q$zW$clm-U^x9}lou+;h5GN5XBCD%?$o&%Bnpao5PNR|;fmaLOQfizfX8=X@T!
zzX3&*%Q?5vUPwya8|t#eFNE@I@+*~(KBm%%tG?hs?}<69_x=P>sJ3{RJj3tcEEa!8
zaxFC|Z&%todAAHA-W~veCc{eg<T)a7+(1yy#Erozt<AUt$&`u2p8!=$t|u=)T5+C~
z+G+L|LA7NXMlalDrik{w{zDagTsfn>5mOoQLmrU&@2&*Javj+@BD;RkpSWIleLa~~
z8!ay!OlN)p$W4KY*d3lD$T(c9QH7U?bZh%k!LHTM?55d#1AGC0z!impb!c=2Fe>bZ
zaT<dRP@w)=&oS~C5E@ugJB1uxMaOufR=;pD@=v(yj&^!0#@j101^C#9C_Yu5K_?XU
z1tLeJ1TPeXeezgluCMZm<0p0ZL|am%o$OD4i4*m~vsZa2*3_{aB-@3}i%J<aeizF9
zZF5sGZLwiFT3#yRR}d4va|7s1_CB^|Or(DYmHG66v2Qh+I6P9vFMp!202af|ksQ2>
zF>O><2;SIeV|B4-PJI_D)#H|Xr*PgNWDm=tdU$oRafaesa&hL_j<}**)#uU0a7(Ws
z7V?15w--OwS00M8ggrPCoGy&vyyP0>BN@4^<TYf#)&z)HDSWauS^GnLW$dX+R=Fl|
zThH`1L9~~v5PS&0W@-V1l0L~)2u@0=B$HX(3??h0?~PDD$s_^ztsVk0!X!>N70Xlo
zolN9tzgqT?5xHX%yzMoi)#TM#a`t5@Qx#UcwfwMhEK)4HN#nX(eL-s;c&_Z3_#1Jz
zwF?Nib#u4CL80deGzY!J6|PD)*qUE}vY=Ej7FJLw-nw0vFm6u#p4A%F&*&|6e-yGk
z*)u5MM(qd*aHH8W$<pUiO|RP+td}psB6@!ZlFmJ^U2VvC>Xgj>l;6k(9}z1B?PGAi
zx4@@*ci%>hT=DVU*#~xa@H4+8{Ycx-E>Gu>#)*6M>wVTlT!l#v+cl893Aw&iV&u8X
z8egxk1&08;Mwwrcce7JATD1;w{Q*1Axy*^S5-E>e!E=C~&p(+XT*Nmc-vwG%`xGjE
z!1L}uqYgA3A8dCL-4_z>gql|B+6PJK$bu+wI?jE^H0>g-XgE{y%iqTjJKhaD=}Zam
zwK!Wonft@ViwY9@p%;Xdi;jWZvl{xyV4Fz$YH<SU{T<jZ(8X#5U;(HwUzh`=zq{IJ
zIgAm6EGA%Mn@fCe``&a;%w-^DK*|67EU+UBz3eks%iPr`AurBRTm?_sotMAj)2xPE
zq4HT12UhPP(3$W-6<C&)qQ#A+ilM8$%_=Lj>|}{MAPy#~0IUJAu=1+3T+tK%9X0DM
zoi3%$0so=kwdYsWchk<ss1!>Tf**rhpswG3NEr@(mIVg96u;(&pLa4u!hY0n|DN-U
zLC#7<Wzf|}f`>)QzoWZfV!8JX*$l8&@fZ|j&Jo{sq72~$6}e}^pwcDKIsz&av3ZPx
zcbsFSltr41v-7Aq^2bV|wj%`x+3kvtv<_iC7~;4$H9rDwbD=-+LFo#V3$M8eP4bKh
zmR(A4qDvr`*rFcHqh)&d^44-3;i>7n1-!1Tp`U=G7pf1UeU$LK+g2R`+@=>8Yy7D9
z(CB^(nPt^z@w-ko7rkPLBo@Dh8j9~1Hq#vtvah&Y?g%2^BiO3|qV{Z=V%*pNz{<z6
zZ2)n?#N4Y8qobQl4J?d)7fLSkdl)=f0&0O}uVrk0*6;|p?3d?XZnVi*6S)^{Wr@xH
zl$(mdCG_F8Yw?K2DZU4}05)hoW~IPaasiFf9K~>5tsw1yb6`w3;u5G<G*+lrIQ`_k
z=fvjaQ5UC%b&6%gr8asvcc5>n-iz~58;&%UlJ@-gOt^NMvx@rnRggr(2hz+gR3O=K
zE+MS4zxqhN$`eeKPkJ_o)3-y(*H096XEXd=GQmS1CAz^^<u>ERT;!t&TC&zH31e^O
ze(L+Hkn?~QD!v@woqQgxW4NzOrIJ)rqFdHosRNQlMB^}s<B9Y3E+}0awd_uDIe2^n
z<7xv)%ltRToWf01Mvdh>CdxI_7|2_|w}E`mkyLJts($~r>(B3>Km@QwCkV}fxQt>(
zTqIvWkbI85jl0WPf_=D}`mTExhsM!mb_UZ?o<5%=PqSxAn!X#O)Froa_R|OPQ|2Ci
zXuV-nG?y)cmUi3B-JTmaj-nHSCF7yp2uWp&_QJ>zRh<7W^=|VAN+Qk#CkxF$c4c0n
z`^ZH%U{g!Juifp|hkSW)&n!QdhSSPY*O)K-0WZq*ZsTJ0jbCw%K<&ZJxqa*p@BP+e
z=}o??0JznJGGF1roSk+Rsh)l0XXkJIX+70YCkcl#xTs()GHfN9VV-)&1`Ju&zud_a
zbtq+i^V6LF?g+%!uG7uCfY>>S*>^8NZ9DXR|96ni)9cZHcAhBif2=xsC7o0XCglTo
zoBYD&bz~(h3PG6$LTpkL&(!4vOe*7e62?UCUfr9ert<{O_uw%de@$I=*ok6`z~y$y
zP-I4OQ?UN->~0Fg&nhhG+|c^7fVgL1ZG%P)_s3e~WPbSZ=Z7yhYn1nbt_I!P9fAF9
zflG8ddnAX~-Rct!Y3Tx^D3#r|H~H1?Ta#<Cq)N+|yM;yhFEqZn=G#agvq_Y>SY=RP
zr4$J{jfnHggkY+msLbN)MZ`NoO8>Hz)fDSuZPgdRibTS?CsK=)#+k}J`TUObVmz$^
z3!UhXo@j@gpN@?L7mvUs+s*hH?0Aq~?+DqTVI4}){v?@#n*$>hd>P>P1-WNhsJLS{
z#tvt`4DsFrC}M*Itl_LR1DVIPqW1lT<*H!J^cAfWx`8m8h~qd9rd;BN9s9!`L=Dw1
zfZN-Ab%&G|&)wGE1oZx<HM$yc$=KiF(9H^aaN-)1B0!O<ehtNn+@^9M9wNDi7n$X>
zI&WTQ%nlIMtXAKq^*Xa5yPt<1ZvSd**Z0LxIPqi|b1ity_~zDxin|ltH(>bz&JE`a
zGm>z~y?bCsi-$gq9V*4a@l~2V;t}9Cdys7j%4*BxV#@7oTx|P1Uk8LhNI!60A!OB^
z!x~91>iZi!xE{l5J)*g5Zge-WKVaH0aH%S+a8#r1!oU_hZL;|dNX89O45oExDx@)9
zyn^i-|F}I%6IYa`NGUv|-n7Qrx8Lu652VT*M;rci%K3EQe4?S2UADX(f1dJ7H&0;l
z_A{C5&!N6e^>7DAX*KyAtVn1(WL*d+OI1vi)O%r%A*bqYTXB~|P`VQfmtgDS^J-p3
zeD)>ue4C;N@H4)X%;%3ADf!UQ+^g;mWM9y>=UidLOwc6JgXev+WdnNRXQN;eFwH4X
z@4Qnq?7GAz;4-buI;c_W)GsEqzht)t-i)>Jff;59tgTR{jOFrEiuBZ(RGCLhy~_K-
z!AB)N@<)Le)y4!!&ka!gfst;$(8$d!K`W6HMK4o_o0>)?&=?_S#Ok8_`6lDi@1&~Z
z9z52uyB9Mm;Ti@Y$1x+UQqE+EcC~@!==%*hTx}VBrMyOqKu8NbVQ%Jk+5tfIxN}*4
zh0`Pwq)`sx$JDR$ejg2Umb331DA#lDpB<U-Kl=>j|0*j-zA)iSy_Y%hoc)?9OEE9z
zz{mzh*3WA#QE#d`t?cL#(nd2b%LTpicd<(erFHIzFcVC3%CR+sogT_uY1835`S#`#
zuR&4n!pCp6+qZyCf~Zmgr5jCmfGbepBvN8B*gez0sMEhL{Usj2mLq)8uvo^L8je0C
zY>2EBUdwTmaE}7d3wt<BVL^@JASm{`ls^ha@A0k@`_=fhAij-$%79Gg)K3%=@4JEf
z{d%#_wn1uB^~MEqGK%Vz5)Y#FZ*T9=0(xiZXfjed#kq%eui<#lQ{?Gf%;mD>R3FP^
zR|97SJ{u{ELQ+oL%NS7(t&<-IYcgtWR0RnfD4k!WaNDbaP$xW4Po`*-0@quwRL{pB
z+xN<RMDej+1b$AyI*Yon6_9G^i!^3~J=C8m<0KP&RueqWEID)(kSl-d`l?-+=&F;t
ziGf2L*K4i-A?rtMhU|gHe$X4rPECxX%z>0}qw6%Go8nyu!0{mSHe&^njvDZfxUi1J
z8>z(u5wzn$L}uur>mByzcX$9#*T9~7G<ZyB0LF=A=5XuL#6-%e#`HQe_~Bx0!y0wW
z1OkIS7{)84;wC1G_;8E!_XaD=xE6U4<qTCnOE?%jsO3&JHf*!zgnl50F*}Fz$djWw
z{U4Bh2xyRcQ8ijh>>@v7l@J`BXJj<;7fc8iOwwj6B7byeCsUn&q^F!sN;;CoJu#)K
zGNbW>(#^KTqoRb^I#tLgUz)J^Bk)8N#?5+}wMZ2b6=r#s)-AIaH?O_rL|jL7wh(7)
z5}y$JwfJK(+QK?aenYO>(QmmHe=RN&02yz&^Nj0bcQpQynqZyd!@rKUQUiQU=uTHJ
z3Qt(hWCmBAleS|SPOsmfeY3O1jb*r@o@*0vuJx-J)p~c*uO6<C1UDWMOt-rfK1yo2
zj1w<s`#UoG2LJ237e&F1>5U6=h0PE5Z6uhjFy&)g8!?U#k^l$BTlLwigx{QmHC&^c
zr~7Fe&QVuAEbiXxH)D;Rj$=6pp4-?T0;N0)uOXAP$d{bqPos3c?W6g^jihm=c;P(y
z1?86pD%fZD-#QPaUw(4M;8!se*|hwo>XG@=ycX|W<O6s5FT74yXYQ~@u0X}JzTB|#
zaYEPOttM+Z74w8mMr>MoG=}|qh_b#yBd%qC!1ND&Ya^{7GwTa0;6HO=RSMW5qxQ)+
zroKq}#+Z`y8okm3p!LU38l6@pBY?X<>yjm9@Za`7Z+P<*>JxPBSW-#%noeFie<pw%
zkNEjO6f{<x8#05xe2}u|mg#I8hw%FLA_bYoxCiBC-Wyg(bbU$mM+9r5gz0xS<@bd(
zsEB{iWf>-*ia`ko4_{^J95Vqk<U6)~FXVP#m7pxjBEMN)9?0EM4L>lUfUyHm*1QU(
z!7R>Rn%9;-TcW2A$2;7JTQ-BL_~MM|RQ5?qkzd0_nDMSdYz(+1v~T3&6IGpH&H=qN
zU${?*rxf%Q+ZEs5IYg$###~H5nwL{qAf6o4`zbtv;&nPj($Q3Z%#l{eTKS#%Ajwgs
zX|;)ZkPcgl&o7CAogfY1HT(Zm@l;(Af-k6&f1?ik@tr%diX%fxW7tH!c^{!ov4Yr+
z(=*tjy1GT~sO-EAm%D~5?J*HmF*ykfG5L#csn4d|&D}P)S2Sl*H%5X8CtF;Dv(c5C
zRIe(h>eUY|{Ebm|<q<%lKLMBwr_BR<W1J=&Q<o661JK+{J7Ds$n;r+#0Q%5tK0q@O
zizL=sTjdeS-&1IWb=hc-F_NZ$`6AmTr=8@Kl`LfX@#)@u(VMaye5>Mn<|P`JD^ziN
zAMEe@Nb|MS96^EC@&OnRuz2I){?=2ZPWo=W{h_>W#1@Tq4rD8VFw^qrZ=xVOE!*|(
zk5-SZHbDY51kt00&P~M0FYw;w3Rvi_aZ_@?FXwaS1j{JJg8(Md-4<wpyZCoUjf$rh
zuz$FkWLIHEO;f&jucNo<;tiII-H@v!O#<ijRbML`^J!o`+`cq|cn8rF228}_4ZMve
zHW~5P4j9DwU^hpw|8&j{kcZTbMTHKAU-UOC0Pj3`VuJbd8&oskV0_3Vu#SQ4`ecd~
z`|U%AGA<p86MFULwe1RUc%qA--N2o2;4kne^W#IdqC|5=9h7d)fT+WTZzo4*@649<
z@Hy5CXGnAJr(u+e6u3{HU-am$a^>OD&cqPa7U9r{A}O%4lf3-s-DCqqd_J?MUKTB#
z5$EknlSVP7O=sOyU718NwBL>X92w>C7;vQV6<&q@CQRjdJ9!uC6*NDUV5cp3G=zn2
zW!y?t+w<tXouH*mi@yg9H-s!`R4UsV;UGHPx`=;GDR@ddomI-ZtQ^PvvFQjp02P2)
z86Ly6-j2gl7f4Wa;<5HlsNkLhtZ+QTHVlp6hgFj4xUK!(DC%QzqVtv8EWS}bSPE~b
zhg7}hyTb2!aUEe2AS&{_*<}M(5bFezRxw{^;?Fc{`xD~hCz%nm>S|5+S=Og&Tpee1
zi8;|vl0HQb469HE!cV?y7~@+%(Ydc&zQc*idZ57j(5$@c(;dBQr}4^yO^1zJxTjuC
zCKEVhcY#goP>Vlb%zR#1dR=@Ca8&X>!iG`O1MQXtc>+9O#!IOlk-^K2x#m^3j`4Sf
z#TI338T7R&*dz1~;FxsaE<C1d)4Jxh3VLj10(Z=TFjD%t`vf{LUV4SH{#U?+2Uc8-
z-4>T2l3rft>cHr-J~bs6yW~7z{S$zqQ&xym#?1%Ncz*I#GnG!|zA8#<E<ry=yofCl
zf(SkeUL0g3e3|W%JgB=GK~cD~hLIXimiu+<^6e&c#3rQ8cizfqfI^!q9KH^Ai2Ha^
z9=;ct*@f0&Y!#PLDT<wgkxBz6X#UW0Yp!{1>Gw%1>=Uzq-8pep6)b@-+FMZ#FqFv=
zPX<h!d4SAg#3vJ(uRspzzf7c6tL#`T<2%RNAt4Guv7pZOFeXnsJ)eaz5l1#e1BO{_
z!<qFHx2RP_<@Y*MGs}(p&ju*Za*BNn3dGnoQmE!l1t?WOe#gB*-h3)#_iPsm+qVym
zF{k!vx_+$QE{pt4ZvitNs737+!i$UTu2~iwfKuf?%a0Oc>AE-srDeUThDH?Dt^_)e
z%U7H@NzVaBZg%46pHAd~B@4c;q*CT{tg}~F4@sVHQGLHt1PvzuDn<Ganp2r%56{0Z
zIly#b&;BV|3hh_^-;}BBjbXJzC7;#;iW@-0n-KV_rG|{7gtML{xnXC3Pyzmxi=ZF~
zDgqsdEX?e>i|FwH^vjUf3#_2qrpe~KP0Kuk-d+$nrnf&r#ayodq+YOZ)c1JC1cOXY
z=5EHH5Fz*~l~S^jOB>iK7Z_kG48Dl@doP@Y!d@VwrWz!pvSLCu6_UQ|B!$07_NX6v
zCVi*i(pJt*dZTV=jFMnAyv*7p<7ymh$uNu_|5TB*?_0XB3mT{o;NUi|H(g=e4oj2M
zry8eLR%GIb@vk&7n7!Uuj!gZ))U6CdkHpCKRHewN!?y*eV2n#ucBL|D;ucg~LIl@*
z;WV{MSwyb@)&n$At;$n2jJBw9W5M#sl9`a_yA*mNMEKHYr5EHzRS~}i)Go83%Q7Gb
zuc%Bi?~qe5Uy49o+Oh`&KNL0T3{tu)HrCd2Fz~}zhqc1_l5EhvBV6i{JW9yjIZ%$H
zLFIKcHlA^Uu`c;CT>cTG9HcssGswM?c35`EYpz2y(+F9k-P!;EpHyZowFh2};Y%3Q
zi`fc*xSxVSt~Uq2Vb~%J_z%j?H$0D^!4mG6Pfo60akD}-9*9(lo4a#R<5%6)C0<MG
z!-)_<J#pN(1@l9rVOvX%PvCf1T`~+NR>KO$ohJNfs9)-{-5npk3E>&SS2HqrdyO5W
zQg<YOmWFUujCQ9dHgEyM?L+nwxY?U`0go(!3<qRD(63IW7NmJWObv|t6jVbH>A!#Z
z_#M{M?xob*<Ge6o4zROZnUnh!D=4^0L#aG})d7ZhLd;QtdhU0m$}CwyC~d^$C`c5)
z4&}u?{ldq<=Rl2KLv8pP7F%5`w&pg(6L4k^F9v~>05<#;K;ux{K_%;YQQm)(=u8c*
zH$B~Cd}iEIiI`w^apmp*{bL-`K4+rgq!^SC!_~Q84jLbJdBFgSu6*qhpvuP!#AA8p
zv$Y|-K%k?Sc|&e7Y2a{qcj3iF**f)G=09IK{I2Yi+8tEhe@vFHxLq;^NJqjoOxR)=
zFr;)pYhSNI60p}29QysY5wQ~k5K=&y6TJ?(dXW%n9cHC48Gju!y^arsf9HTydskGT
zmlH4Q;dvZknHmY}eVC()E|LQJ^L!V6`izIQIiuJ4e(wRHXOd-*W1AUHGekX3Q|^@4
zg%Z47%uN&@D0(#WShs|yVrOPnMky~*W4t6YN$Ip0H|oYnI7o2f@pr?@!9TD|LD>ux
zEtbEmk@%BLZ_SUYUn^N4V`k6HOvu!kB<~&J>S^G8R)L`Ks5H!?d@r<*OK;npOSL;$
zb?AwndHI(1)Pz%~l3Ci`$iIlP`w?T#m4G8vHEPUjh)g=92L8Pd(2J|bP=5r|JD?-S
zHtWjNkHpzodT}emBvg@tY-gDf(QqoXAL?YzGXW7YJD`@Z!FPa%F8W%WTtM|VslFga
zN32V<O*UddIlt9PeI_{xpF=Y)^5@4TbW@*X^cVE2p$_i5RzCC7gBtsjrEbVw>>BS|
zFluomlO3Bx69OERIC;?5gL>_=OoH4lBgAm@>x3z2F9Nnz9bl|<@LuQl$5+Nj(^YVv
zZ9%=X^&${xd(hT7-lh@GG;Tu4>PM>#X0X2b0+fICgX9uRFW^Vzp+W#o#q;fbdKMVL
z6uhM!Nm_oJLnB4<+6Ss|ZHyPJADPo_AcrwXd(Q!d3e^HNpK;VRGfOv8b)jocFzNsv
z&pie;wTlfE*$HTc6byahhU<a<V9B@-4_8zHiT(JpgtcuA@NLkq0*)gO2~tycAz8om
zI^&97=+T(Cfbs^W5c~!;0w0X|xL7saI!P}iOZOZC6rC%?<N01NWE;zaXBV2(TL7Qn
z>cLq52OtatA_Aj5NQc%KD=n%Y0gw5<vb*59_(ILa`~%>7u|<s|j<wO-*|+B9eR`>b
zPP;Hs-<43l!;Y+~^4<okz{dqi{}4GGj9D$}ltx{|v_jwoK&b!WFNM9lQgOFSC+>Bd
zR>LXYemOUd=jh}E);xy6yBcO$$J!i6lp+&Eyssw_clLFwSeDf9ewjBl_%txjF=QuH
zhp9^_AgD{!Kv6j3&U;|XP9N@pJF1dXH>$2krG|VVNsgqJOo6(E{Pbw|ea=9-b&RH}
zdU9oYdavi#lCOwoqLN${bs2JtNjN*=_9I!YBh5GX8Ezn=slPF`UFmV8{<T)(Gby^z
zJVtK?)!PxLrO*nLHz(WETC8k``7foJEZbYZITBbZCIb=l)MK(zzYvK+3ru5Gz7aD@
zPvj>IUxL;U>7`%j7z|MqW=Oyry$k9o^!tYQ_w*ICU%ViFKxiAdRRl{AdM-e$8<aeH
zBzE*3cys`jk6u1w+skFe%?F|nI@u8HCVztZ@7SfD?>WqCP~RB8+ZuGR3Pbt&5t_tj
zP%9FP7{mJ}q!s|(>m^tZ#KiSRf)hNNtFXX92+9Ym1a^eoGjCa!K_afkTcsqG#*ZQU
zp-~u2XDfm^4{;pN!;a#`8!Z|WenXOufB_Q6pcNjUBbR{*Fc;$Eo2fgE|3F)#PF=~%
zk=P&>X0u(q`Zm?G{0r3spVe){KPRrBAS}2Dv<%#XvxJt?W&^wnXskYBuN`!5Q7uZq
zet2^ejcGN<s%Yu07V|pRcH=(ZLI<z`b~VahV*1sWf>z)1aS-DZ#@Kc$?W^qJW`^!W
zOT?AxhH4PR#>Vhnu1}>M2wSa?sKF}1QF%bLHeOj@m&~xb=VNjT6mdTtflJicJo1~3
z0jhI*oB+$uqqlP6fo;7O(#EWmDW6?dwa}h<XF4C}^7L&<bFBt79%?RW)3=d|d6u};
zp42&gGyyQB3CcV2kOy$_fC@oZ%lnvvYKG22xK1i*f-9|P6tf+BraW(7_s?8)!od|M
z<X^$adhg+0oZd$)t1klLH+ykE=v&VO=)U`qJN!K4SRj-TK}<7H&4pmY%!v5uAh&!?
z$TY)lJxMuuy(hDS^NV>Khd{gkr*xdDd;%z9+cy}Ff4)8wqbeN!&Vor$e#uk4-XYhV
zzt#So>a3)F(@wlsKngNiAd6Lpkd*X06<e9GiGgwnRv}$tx^^9M!cuW3wl&uo=V-F|
zj^iUF)_DDxh2?<ERJ7@?GS3a-aMxXc&B({^$Pb?zmMJMh#z*A^3+|sA)I@(NIty5F
zLz)`@uN%GiR_}4|9O7MM?5D8h5})JwuBASy&}(hiBVu*RG4fhInO9UFng3>u#d%86
z#K;PAn?=5&6n$F?_EH}Wjd2@fJ9W_?Dh)gQ`3rgawXMSVAZ1*MsnKGN{8ksJK-JuK
zmoGCJ$8#XhuCfG@J<#b@P!xmO4^m-UR~i19E!p9A(F2S^<(Qt35&<pGm)8R-x^Ncw
zi&WWuB8bloh}P1&bN>P>Vts$ujoMi7lz!KfS18X&Tt`0D<Esd3YS72J7HwCoR^k(F
zcz=$7>jcU%uR6;ZVqHYaR??`o#m_H*PHM0fcM5jxmzM|-DeEm58oI_gf(A#eIBu2F
zMVUG;Te1K6*`C%3<Yj&n+h6cPKG$%+7MrwTnWqT+xK~VGrR6e>BDVuYKmu;S1Ctz`
zm%7t0E?ToKO{X<gmDW~dzq`{F(ZqS_u&=N0{l}Nk-+;`8+n}ZD)=&}aE=jRN<so8%
zZowU-SHcdl5AIl7jHYZ_;@meSi4i2Be>avWc(RhBHt4_SBf5UzD89RvqNb_(t8F#2
zhrEA$idA4ztB4KnCEllOrl}y?A39^CQ|4q|EbrYgG^2lNFqczn%p5Qw`-0>rnXXJ_
zqqF^eR88UHJn~~+U!F#_^=-QpYpVM~#!r>2w6)FB+%|+WJ*cDXjt8ilMJ{3-CWl3t
za<Pq?B^Ql;uQsts@vOdotA_R0$xFAa3?8ltiN`7!x>9mav2eUl$}x5+0U9L7+;NLp
zYIYB`i4|o>O&Csf=?3q{pPr)7@izQ?EnLq;uQZUEh9-f8D=H1wdZ2w4d5>ziS_y%C
zuAB7sCzQiawfM`T9~otL-<YYFI}OT!{ZWmZcjLnEZ&JvoZzfU%d$-?xG>Q_Li{wjt
z);hsy^-Q;e`9@#0Lo%*<uz|5!nc4IMfmkI_-!EDw<KUP^pN%Hh5?Sd+hc&fXcs1gT
zkEq*meQvqkETL?pc?ENaEhVf;*W-srZ(c>kJ|tsLjSyfIV6e~}B?#;>AzLOvkpnZ9
zOfVD_v#R2RD38TE{{?Cp0MvrNAEbxkb=CX`#jzh%fzY;Abm}vJ&X2?FYbh0N8dxkB
zPE0(v>TX>E$cB2d#9`fJuVlLt7j0#*_~70HB(8{+xkHXzcC8)yMM++1f)^!$%6%MU
zL;F<;L$+M92U}u^kiAk>G)|CUDk>rm1Bc?%{L9EPjMQ1GYvGum^;XDwtGu)gZd9;O
z2y#3i!>`VsQkJYS66Z6;vYnJV48+ll(Z}MwQ6Tx<oWmf(d?WIWb5bRbT`_NBQE71<
z1<@LDZ*dqJ`HOw}b70ukv5>kj^1^M%h4jEu(h7!DOdHm4-1x!O{V}&LRZ^O1ih>Z{
z%A#fpCb_D^%uH#r^-YQ|0u5?z*HtLU4AZT2)k4%+4?S;RZ3yFfmC%kWwcfyvfoRBz
zmCWU;2qVRL?9wQjHx(!16aHQ{%P9RF?vAG!Zc2xE$igIT=;QQOSCJI5#tMz_yO}!7
z6!v>8AihUSnWM3AkuW9`cr($i9~@9`g795arUn#|S(cJo^y})(_g!N`tp1;oEaO&j
ziH~9{6I6?bVsQ#|=T7_I|3lBl%0XQug+Z58NlEqyxa+G-$?JYPD98Mg)vafm4VO%9
zr5tyy6+u(qEd<KM&mYT~JBSy&%eT{w_p9txQdY9c*O^i5A;q##G3d}|@H;-Ln9<A0
zuxwzmkXgxGRmN3NR?son2_mOzEKMMg&(qN&<NGD*X`5ARR>YTRXOrEc`N;;`{Jmc6
z6mZf`?Mi5jTQK)0h!<6k+j!0;B&3fxQX&4rp8D=1cJ!HPl;HJ>n}{zM>mZ~yl9l9L
z`J!#V+1LGN6=TnuK;d+!B;u)A@NDiw!O9ut*$ztXb{+@Tg38>4og$o)?1=|lbyx^4
z49-<u5>@R+{D3iawY`qyP3@}ZR!faUrN}5A<o%|Y%eJlfGoL<?C4KnNiHR6CSF#GJ
zpvqYd1lb`JrXj#{K&~%>S%+xBGsn3l?S$p%1djFu*)>JtETNVE8Ol1dmR2a6ZpBA^
zBg3&`T5J2NHYoLNB_+Jgxi84hgsT6zI~p6bWiycvIP!m(scg|vS$WfG;{RIeepm|Q
zSAs$OarQAUU10w61fGV9?|{;}?n)CoO@{EGVcXV4KG;abwo0gGQmfs*z`Z`|#MIA&
ziRggYNy_^=@#<!u6d^ize&)ewZ94f@*77%<kYs-i^(9U)0l$qB_NjRKXC+sl44UQ=
z1*KD4sY`sC&%Zzb0%QdYBGl5K^Doi&ufvxoIK_2CfeDbVTl#U(fisG2G3u;se6K=y
zI79G+-D=dZ?QcNbc0CM2GaBHmhP7Q$LOsd!g;MQ0md|IekBB?yIR8ocp>)&DUTQU*
z`DC`XRl1=-Ry3gjw?WM~Xop}d`#zfu4bmpCs6agjI$iq%UYFCo<rLyR{Aj?O%No85
zPuw%Q2)?h6P@)9C%N<pe4E=Qx0-Hu{#WLus@Sl5%fOHL)b7wFa9=ro%(_KDhjnW(M
z{|~O?<LLC#?>ktb?*PGqdT_31{>~AU0jisk=MVo3SX`oS`m*u<iTlI-I6|#7Q~8w;
zi~r@D-h8~h!-(c@E?o$D>YH}+A1I;LU4kDYnC^@E{%?eAcItTW>+ItnjEx4IM~uJg
zC+5y!eTb=chi(LyzWGD^Yx!)iVl)C?b3RuMyt&VL%k2knFAVUG1=Cf2w>jkf^<w|}
z9t$BCsFzEk<jMc{1$WB5zqF;}Gi#_}Sl%y2w064uV94<B>T+bN->jb4K9VS==m)H^
z7L|cth<A;>^&5TEfKmTiUw`pUXx7PQ82v_l(SH{3E?=)q3WOS{8QoO;rB-gm_|AhD
z^;JIcO-6~&`NjW_m%9W*RV$N6N$UCmc_0k_n3IX&4Nx;CkYjx?#VAX(3s#!HV4t8;
zF3AULk~j0ICod}E?{EC;&%YlV`cKDF{HZ1{jJz}S+Jsd_8VxJkw{SO3kmvt>ZQsa;
zPG7D;W<T(?xxg`y%fT6xr3y~i?9pa5`U@8{sDA;Y;8(L7_X>UI|9w+@D(ofLT~{|b
z4}AnNJguanbpLusM14OJ|6a;&XoL@h0)j~%N2O`zMQHCo|I(gC*gtF7hSowr2`Lu6
zR?jx~*W!bf!OBUS)L7y}kN#Ds4kxT3GnGe_B7gm4>LpDPGAsEN<X^uS)Q6LPF9y0$
z_5c3#FBZS(HceP`PH?g4k0x5fMKBrR_Wb)*zv-SU!(#d8{}EHlloG_C`2YRDAByW(
z=ry^~<^SW?f7e4uf&QugzCs+n;={k!%E;rRK#lX?@4LY7KmGSwFX}G`3E<!S_m+o-
zaaX-~QGeYP-Hn3o19P(fE;8f)?s0URRL%T*M-ilOM^z<0onrreQw;jCIR5)pk*O#)
zh${c{RT$x_H0AzxJO4Z}za`nQi2ttV|No)=_xu0*<A}Q$*t_xE2RH;XEOaN2fonob
z77Ui5M_XA_ljXH3GwKMb^)nbO`wNE4jk=>IB_n_ASLn{30NRh<{ZpOir4;dN?$t^P
z?T!vUDe0$%Fe+s=3iEQ>jnFfUn)aF(9`=H*ruvoLW@}J*>IP|Stx4U}nfX{}yk1DM
zV$b}BYO5Y6D4~Xjx&yQF(Ui%TO&yFGGtpt*o;)v9o-y-bCl5pXg$)Y~Ba2dbtFycZ
zI8!Krs9mB4H9LyZ1d|uFweA<?1{zBF74ke7Ehr~)DtY)4dF&bL9`cluT|a-5&a<`Y
zsmDx=s^p7N*5MjePbwu;+^I0u>NHj%<nj_!abwWM3^9QgvnLkA({j}rj&k9UkQ9DO
z6NZ@U(Q=DEQ3ML2P1W`FL*&#?EpYb->+EhE)^SpN-&-Qh{q=H$J}|$*TvqZZ_2D!8
z11d+8pc)fu9%1<jCRuy6hv|3P!hb%yCtb(0g+SsMb@@rEDcA)UX_s3S5}1Fh4)#3E
zs^2{NoMzjbmvn~XChocQ1tVZ5P@TLGh1uLtE{O<CxxSt`p<hLKz3N027e|+8$Hd^c
zsuGvb{M*c1vAheey52Kke#Ug>DXuSl`hu=b25dCgT>E!5-AGmDBgc7e+ICf)Imlc5
z7rlt+v;OfHq2HUPl;<~aO=60sGRto(FWjDPqlgU_XBW$dfror5Om%eGUN|m6*#OrR
zZtl`8up1ojExgb|59$U%(oxK{b<Uhks!2;N?39g;1anO!V%rDuJa8-Z_=?mV1jIR;
z;K9mO_Uj;k>B&>ftz0CawP>i$dgz5;ooB9^eunF(utMb|+0K@8M!+^()nvY=TLOxR
zWy3~!Wh|^&+G~n?wz4KSW=puts@dqbNJiGN1CMs0ynlLQNvY|`&~A4uuZSwEyBdZ4
zfK#O?l_oG?X2r6oQELkId_WfpZ0sS+)OdpV!z~kK4RcF7c1BYNp4Eeq;iJ_;taI)%
z9IG7(dx1vb6ph*U*d|knMP7V#p<ovW(!lfcdxF!WMmvFG`CG3)GcV*~OeLw_N1DXq
z9FDB$+ODM~C6zOHBC)@4tk7I-jA0O9b#)5iT5`iB8W1)f)h5TEujG<F8m1P@y=Z!U
zmPXr*veBy$f8ChUpPk8b-G>{`RiBNQZ7zA0CRR+g@De`GMy!5+R{${h=s}d9sZLYP
ziv;mbVf-^p{uJ;uucW0a*J`q7zA0;7Q%j}R#+%s>BP?c%nRU$KB?Tr45z?8^AknlW
zrei(T<<vFOYAxc;tt@q?p_m%F$~{AHJVU!Pd0Se1wi@Br5#0NLB6rI2d}=;tZQL{<
zU;l&G4+bO!T@edTE7ybpHdTYZl2x_S2{haNZ!;8p2T8&@Xa8sXYc<rWm9H<7e$Zto
zk1fAd5!M&<Y7(_EI_9qQHy(miz{p9a1&M>|E5iYT#V)nPhg^|Df9IPqn8B2Q!UZ}F
z6gO?x7vxm=ktRfWTUiAuY{bN!i<3D_&eG0~Qz`eO>_iK=9%SB4B1}4;2^-F2hh77W
z61h95NAh(Wy3uGUB{Uo;=CiB9!1-xB5b7Z)yIxM}JVHuH$mtH`zuRaoboB3%+`>4m
zp3I4kqCIBsAtXHTuGeJV9?WY3-HR=F6(A5v_;`gl3H#_}Xiq=*5YoyrQ-SZv#br|=
z>X->CYAO*_5ZGw?KdqP3VVm$DnnVfCDi>n@d`|FK8abjOo^~52h=zs_EM^@*vI;wN
z%|GGIu1V(d(TMSW_3iM2D#`eEl4PO1KXUu^Ra|>=V+R5LG-Vx(G~CdToBI>Wxta`z
z+&zp))oKAxBQ?pD6(rMC3kQ3Ao?3VaS7Ko?0BUFx`Q3iD{;j`iN8bcEK+wZPKl38w
zA|okPtdS<}WQuzd=22tEj^G>7R<!Wsb~9%Cu+Oi`og!&nq&`cm5ZzvL%Lp@tj!-=>
znNN{z!Bk65FtLb2n`acK;n$@VArY2-=rsW)-VRnvzavS{SJcEduYsZd{q@COfz>d3
z4k9&gX8yA?j8+CJu)(fX1e0?oi=Uk?TBL&?(^a>u?h)o&n8O?VO1h5e4Npra*hF4+
zIQGPV56_Y(CCligDTb?2Q}uRHn&Boc#nEtH*mZc>#E8^8;?9N80)6iN{xL`dYm%5|
zG5J%KcG7X!2(-0}rc4u<W|HJwc@i#uR5{<VndlGY3rSC!n(lz9qi``m`NPy)r6Ng?
z8UQisZAKK=Rd@fMa<~+)iquo?3Vnf4|5(Ams5oQhzZYpk9w54ZGI^>p6FJU+1_}|k
zKj-{I0u_}p2U?BFQE2{0oFBiF^W^ZV6pi;vp-%3?Kf$l*5F@HqXr^>xw0fA70JHaX
zu}zq+bBRIQ=OVOdH-Ot+pN=cPGb{{x3n)0y=TN@3!Ph0{Zp(Aq`W&&0Ewo-v(Jay|
zDVwA*1CxuO=K4@;!02b3K+sUXh!EmD##gpByob+~wqECj-3pcP>AT4Dcc9qdlc|2*
z6tF(4PCvz<1k*Qb_#Wa_F9KzU@S3Wp^@7$L68dZ)oS0199KM6}(sQG5b-tEXf`dg(
z*C<L6kk+8<gDa4;#;@}m`pMAezo%THuUiw_jvb(eY|ZsMmc$&y(#_G4qCnCj7Ah$!
zqT4wgQi3Ul-Jg|b+^f)6k8y8>ZcAy5ZGG|%o`9xqj&nP8YKb@pF<*^RtAdRpN;iwN
z+9b8vX8{~vFudh`y&3P7__4->>OdH4aiup70Rz|7vl5JyR3}nQjr>_K1+v~)_(hq%
zr(9{_=&{Hr=Odd<XiyWJ!urW+-09IUfug*S`^F-J#UFTZgEG@2!}K<+oyn|JH7xd0
zhG7*aM|EvW9)zNh6#KZvm11$1L72%d<-e();@SskYq;SN^lPEkd;C^AXQVqX1FLi&
zRF|-mWq{cBcAMwu3B9kZMO6HZffG)JOA}7QjbRwBcma#BM!zsSlaiSZzfiJ5xT-vN
zA-PjkzS<S5s<vn_M&HjBlbF&N+f2})RzK0YD07*?LMNYSx)ut%_8LytsW`z-Z6!4f
zBPB$Q;wu+LR{_e?MSYAZxrGZ2!5Zc{&UDjese+-N&`N*_5b9!YzCfED^fgVC%DGt^
zIv!p1T1jC$(Ix6rnM|^uu(oK-@n-tP7X2ixo+A?rN6?aED2M)DzM|S}>G(0UBV>ik
z%>#1?T1?>{(s1<o5zyO&?1=&y3bc@T^$Wzn4ud5o8ip$xW`Vkgjjs`6YFDFN6!sy+
z=`O8xOs_D-%%nB6xeD3U5`cxl8Re|Nn$10lTlS$4(foow)OacK&pB|-I@1Ht4S^~e
z?l!zZN1WY4hi#fr33G%ZU7t9bfPmzVu-(a*)+Gu}U4Q=jLpW2I8};|~+rN?6a9sUG
z^VRS3=?K0`(N2{YTJl%M?SPeRsN&4Yh*K{6Hva?4lf)$aM&Jthg8=9&gYjdtIhzD%
z@v&7K>IaoYxm|QgR>UUNBh@5UZVkEVXosbNMFXaQ$@|b4meF9kAL?UZr=6-bcmb2f
zm368a>ei158IUI`x%YKRGV>=ZE4{eH%30!uV84Fbcy%%ChtK*n;rO-&Pj)eQyCYzr
zKM2OSm;-wW12oxU1HWU^skSsrcyVuO6lujqD6aY3#^Mt)7*-cgyIj){#pIT42?{@E
zYC%ia_zMl{l|#gQeHOB)`iIlp-8>D-TBGd3(dFth!7{Kd;XS}XOYa)1$hUhmN-lWC
z`y5&ENZEu#(+PUXH=cRF$7ejA*v=Z2Jn(YnlS%}}9Quil5a`>92?-lvNC}*N1b*(l
z?I<SZ9mIP|x8c;2fGt)31RfN9*J0<^%2};ekBn49^as}V3*}jK_7JpdMlxVgZ^aV?
zd`f#A%OOygD@onf{um=E57RAds+?oHUa-#_OcR!HGEs|n<q*5aYcWM)omaa@HU5&W
zAyqs*K{c|*T6Hu3tiK!^ssCz`LHvGll}y3-7n(ECLo_*ME2<wLXj1U#C*9SyZKjOF
z>uTo%ht6PLX0kq8i<(mlx9^|UH%1k*CX`v!Sugz*6zgvSMue7`iA`CyF_&ghcPfTA
zH21-F2Og*~&{hoh%vS4^*Q@nzXO)xu9M(PiU<f=F^t94l8CJ_Fs9U{e38csjGf*Z8
zXW3N_vzUXbpl!u5nKw;q_OGE8xNqMn2i;Z(vS`0GwIq#zp5Kf=nUM?|p5mlKAI^?h
zAro$KjEVPrn>fS-&`{T4$rfSER6JD9)2?!&Uk|D+$0t@CN$T|5AaGH?I8!U^h%?S1
z#p^y<sR2HU1(?Y&Ga9Q^URQdifJ~sLp{Z@g_AJHq`fSN6`Asv;b*7e(pOkJ|FfVIT
z{V<vXnZ;u_NlP4jvn=dz1Y}HPhFKR6mZ5KWM$FTVY;jH{a(FZRN(*x{PnANMXN_CM
zErhqsQ2ZDq+-5bpv!MCgTfgm9V4}AC47!f6vF)K@D1A`dDO5g<smykHsUvt=UcK9L
zt2@tWiXb}4t(vc%fDc2G%YdA(Ol~G4L^;8=zfyX^iRpgDDF#=^b1k$8;y@DG=mP9p
z88&oDG|Y$@<M933lmKO!Gh<ehEq$!$854e=My)<w{Va|F=rj+zMwuo{<{j&M#*j66
z>1DJ`bz5LgZ@eyf0d2@46K!RSDedlrQhrJOGiKn`@L0pdK>VU>LSz9^qYSj{2H0`f
zh?KTN{j4a-5iUHB-nC6~Jxp`wcdAHF1IG5ZYnm5nND#YkSUCJmQjp#ARY(K0w3S3G
z_|SEbE|9^aVft-oSPRF}3)~}hWTh+Xb@Dob^(uwa0;=QcmkqwNemn-WW7oVIsAq$2
z?s|iBO#xQ7ej4*IuK{I)Cz36HgpFPDU1l`9BUw{wx+O|Qt@g38!9M_2|H|vo|M;GN
zSPZsk84i5E8lQLg=716o<8Buu@`->>9oEdsTf#d0W~_~@B_2kgupwscpM&K`3dVWt
zpby(MDP&WE>~gJ4DIEODZCAz_!h_UTxc&B((5D)J#sJ_e=sFS|j{!SCgLlGY7&Z;q
zd&)o%3SOe)uM43dn;%|!;!Y~fzSzewgLWl=sx&#LK0{QO#L5qfvfmH?oIQkg2Aitp
z8vtxqMzU+*y+Xlo`MIClLkw_3lv9)0`Dx5TA{DQMC=QY6j^!L>bV{M(8=4jHo~YXG
z<izq21;aFh)EFmdC5FS?a#z!w&4QRM@)Gd=$U>~dI)*xflZ@N9OUET2>^i>CO);-R
zET;p&D?M;#eZGBEDfj?Jt||ZwMxRaw7G}_xK}fAeoF0L9*;Hr@15P~|;Hxz(fg`ZI
z&MMj2h(oh=GOQV2nDBy34&MZq<>Jk9&Kb?bLJ9ZE6VN=+y@Pcg<oe?jl!6t6?JRK0
z)LTwUu}N@`!68H)k$=z@5nyoBc<KV+bSQoF*>aG<U`vw|Z^zFu#*4p#f2q?X_Y&(V
z(8xVxLI{A~^>9*)6+NE?+CXQcj0X7P1={)&wL{Q~u)&ghgmI<ziqfX@rq~XAH<A&k
z4;9<lAnV-6H$mK$fXlZbTX_?nRCB`X?WkZ#;#3UIe6<|kc)^uB6)mV%^%*Es7fBYm
zLVWkvY&pCz-o==rNU!@>1(Lul?m6_L>l1@uS{__=)<`$`KwIt`oH<Z-oGPGr1|jUx
zNol~S9O(2r6&mBrIk+pnywF9NSORBy^~(u>eG;G))B~y6b7s7vD6sNoNVVVmG8)GV
z(ns0Dtg+eH<Y@9Bj!`Y8H(8zu;(4)QV*@zL{E)xD3#k>AD?G`?+%d<8^F(f!(iKWF
zRDPUov?|2De;bx9G|BcfqhNKx$z(aQ31mE%NU7F5LY>-?C6W&di0+fKsDL*ICac6h
z&&-ele_t-I5lf2()|#`McwrybQpgof=f#leQo&Q}*rxgsOCOjXbSPfZuBM|OmrytU
zZDSN8@MvUxrr4E=ZUst71=_USd&Qvry{?1pzYG$G7Pk-DI!Gz@ti5s5O@;iPRP9Y!
zKex?tmLf507C}3L*85UCyk=BSx2+^74Km-PxL7_S*or?3=vU@*GlM}?Zm=Zl6P|$y
z>*wjGvJv-Q7k$YJ28onYotFx_rJN}v!}^F5kxgDRhO1YzvW?y;+o{w#b)0)N`OP*?
z|4Yg((*3vJ(N)1=+-E@Qar!tdfGW7XI8a=N><;f>Rg(pT!@*;av0yfgjPDgt_#{7W
z<Nl###~~Ni3t}G&cvfH-frYv*2MtFcXs3!NzTYd07=`v0xH2Go=!k;SqA#a9A_fOh
zr#9aO)e_oi5AtKaiAoK^-fb#=(}1t@Hmo|z_;1;c#>+0f>`JSfqq`lrx2OokFbIQ`
zE`tV+X#+}WZAX2N1(2D*Dh5YCAUUEI?!j7iHp=h@&<a7R3y}kw9nT;(oZWFf8nE^W
z(7|YS2BHCBoSe2zxJO?IunU$JT4I7eI1^eyQ&q2DCQSjzx&50c$5aReS(gA+X8E*(
z<`Yaa0$>7jFAGN_K4&!+L9By@<g({AqFh_ws0iFdQEkfpyQ$rfG{E5-`M|#O40bhN
z?+nZ>oO=nYe=f&83o1!Cq-RS#+jF|nN>uZF{Nj=i3=ZP$8_O5|2>K(bA^hFv$mzCg
zQ`HDtC%J?Kl>o0N9+Mo`VIIt7kQ&2}e5)42Jq8755vLZ(5eT+yz!tWZ`)tc7cM-;p
zO2Qr{d6UIggcrw@pd)j+MwdFJfO;!RR~vXrnT#9o^8hze;UvYup6q_!E&ugl^0;^S
zQT6n{p^)hy_4ic8`sM@^KXMPF3aG(LJeI@z2F%UDVY$c@h~5xwH(u;@RhhBibxuEx
zFixg_W#-~RSLT^O0!@~CJk*je0B#O>yT1nIST2u(O8?=bN7ODomUD52lb3{qcA@h&
z0|o!>prZge0E%F|0<lWYJ+<)rMGC=w<~3&C+ULOWn?u-w699z>W>`QS2D}s~4`7?B
zokP!VUm4~XOgC5vmb77hzD(%?OOeXy=BBWeIEjXWZ*2&u@2nkg38=amW_k|gTxViy
zg<HqMXb3grzOxItHd6^&?m`<pYvI?Y$j4jOy1N%rMNBHyp-tt|StWq2uJmokaM|Iw
z!VbKb#|TmDr(V>zvGh1nsI`h#9G?5dBgS&Oo$pUWaEyQn90mCD<)ovJ5Ot?OLlroJ
z$tE4-p+yp%HUo2HvZ?W3unI^ObZh6qjO_sjT_Uc7SnbUR*O$EwyNn7Rabgm|^WHWL
zKc<(I8o+NSRZ33Eu%W}2Gwu%9&wMa-3e>xBe=f7rnX)5cS48TQ0()$gDF=sRU8bBd
zh3&n2yHsL^dYB;jNJ>N}zW&-zG?aRuIoIhR`${UL(kf1Kw<<@GW;?F~!y-up@%s|v
z`(RBUBcpQs@}!;L&H0;<wJ0E!ArA#A?+B2G8-$iJNSS1a7-wuqfB`8565QAoRV5>7
z*eKrk-jD8s;ntXxV~G!Q7&^<W;}%Uq{%_0wrPw>fv3%9Z&^=Cap_S%=bp-8%{31I!
zGD~7*3-tBWkCI_f0OdXM406Xc94se+XqpxJXg)d0Gm1e<>Z&>LfTIukQAmBKz5g8W
z0J#3zAd5rAz@u7~>qxrNzmArKd#+E*&n88{z{1ge^d!4SMKZq5=Mq}3*Ws)<hu<3x
z0XLQFGQziVIo83W9-jb+k0XhjkNd~~R6|bem|Ww~4Fr@0l!pW5gl0O|evZESBlW|r
zo8X|oVEWA42Fq~Xwtw^yD(e{tjTtDo4}~U*e`IE659dhAk<FsVh2iA1sJai93fUlc
z$UaV=z!o7&GY*3%4%+}-EdrYg92V^NT%?<Bcr8&zaT2p)r%@zEv`7kwg9>C|)aJ?$
zFz77taA>$Q>z9Kj&kb(5hI9>tbMa0bPhdF&B;w!>n%8Qx2CNo3dnKs(3v8u)K!L_D
zg>Us{xJNu*Pp(Tr|9(HwIulrk@6AIH4Pm$4<cAvAXE2qXu6Vd`(|5I>z2F}0*yFHM
zKgo*UASNb*gW4#V#l*u(X^UW*g#;{qkce_Aed5p2&gMcx^=kAaBL*;SZb7{0<6JgD
z?t|^bR}Z)1Qv{T<us_*|)z}kHlji`=bLK~E18LR;XP?pwY(LQ`IPd(v*f*oV;N5HH
za)R7=B#hl}3I18-Z{YTw+5_bG=kU%;F+sZc*CcSRp#zMLS{Jo`grWEl>Zj?EEKa;{
ziHS*=AD>=LR1CJB!_+fP)QBVDl$msM!NB-)q@%84u9?clIt~7Z)cPbJ8r336&w`N|
zr_qXFu;x6k)PX}_w~l~sU55|M-{|XitQF@rj*b4D5;9ZG$@4M+$}PIFB&mtSO^7~C
zAgP5%b&Sb6VOuM#@!W3%#>(Vw%KC$Rux;xJ2<xwt4=}i^Op+6z58ecPJ>yOXP;5A6
zWAcfFagMBJMxDVKq%lZ*{ZaFWIP^T7VmOjchUg^VcK9gopn&FrlJCd^!_NhuP}{dL
zor%4Bx!l9+@dGwzfeb6E!e*pufPy%Cbjz&G$B9KSl-#Iz_8fA|<EiZpP?ytv0@GZo
z3A2-?<JkcYnwbDJnk9J}wQc=u7f~H(p5|*UG)6q8p+uUst@0ZhQ#K2*%iJ#;_piIs
zH2VacsJ|={;OpzvV&$rm&d9SEv#dQ&#On{ca>I4=TbK#yd10M`@yY*S>pj4^?%VhA
ztg^CYl)XpU6(M_NCwr5SL{yX=Ldq73>{W>-rG#u{7A+xVH4qhd@;l$U@8@~$|Nna&
z&vD$(5q<i+U+>rJdR^Cfo#%NOzFN?d-m{c#W#}MYeFP>XW#DRJDA%aJT!>HmoXscb
zYbB8FI!G&J9>G4Zp_1ElT9yiDt5aO(83xe3Y{Sa2FfulZT610F)aux6t)Hfzth3qg
zN9??1p?+6JOFQ@Bf3TdRiS0rB>_n9j_ik=DuF)0!Jeml2ORC#zv9Rq8`-Q8Ap(r&;
zHo6lD?TZSA<Y2U4keM)R7YVx9A&I9<^rwrz7Watq4Am(JXZBszr?tH2>rg3E)&4B(
zoFJ8b{O5T34w2pVs2a`Q;8xa?yAKtDIbqi9-R}k{b(%(Mi-gyw=tH79cHWo=8%9(C
zve5{SCCJ!;jFI1$6`Nsv4tdN1vcxB0EUepYS&}mQ%mR_=jk^nuzUWsF<=*JpC24bW
z>Wny&i2X3TiQ}HWs1!(^B??!f=m87fAdg~P-bJKGN(2RjjD}4-f`WD%#hr!$PjS&%
zz^2Tdg?lq9c$=BTXDi7gMXB;=aKvtj+#)P~kgSRfwq2TRl+octR>Nw<-i1;l?if`W
z2j|lgkr#h`ymYkJ(qZaJG&zGb5tih_{)*qh@*8aExN_7G9d886b)LZ|2jUXHUqAgh
z`}cu;6x5q44GUvP-H)Oq=+BH~_%`s%e01+BV3_mqkp}1;oYl5Qxoy<iB*=FQ3qk~u
zN-IMQNED_W0m=xDso6JVUP$VeXRh9W-Dl6O)>P{=qPaN+qMLGIjA0MU6wrtB`IeO_
z$Af9Ljnvj%^S-}4giK9cv!B)l7o5BmMb03!+5oZ>&%K7kgqSjkzE9zPUo)Z*Om{sH
z8~pu~jZxS~+8nUPSCNoCNnEkyo%+iOrT~Osq3L~QlW6=rVWU}U$RYW74*Z@@@?i|U
zP()BuK0d?JHG%f+;)QQh4mA6n)wqSI<k8owGY+W5+8+g_{XT*~iMsF*E}sRKpdHaZ
zgDxjrM42evi$x>+^8wKt3i>=tu83ES>yIW>MFFLFdg~<1z=vqa5gO~Q=ACEU45UMp
zT1>CqfQa(2L-XgyR`E780D`rD66cY$^9B&>_bUG5TKTTUuAD5+9iV=ZHoJ;)Zw{bW
zky*geDpr<=dn*Pv4N3Pr4M317!p*LqA$H;Ea+bGPDBVRhk*1k*2VaLPPtyBpx=4$2
z_IAR=PdDDS+L^>8a=B-_gPV6eCW;F-6K*E4uDm{h$guP?C1Jigz#z0aGNoUjQ!Y|r
z-<?}BR~ae6!U0q|h6rAfUv@?T-KEnWQeJm!=~aK`1Av>-3E&pW4%~i+aRdX#Z6cPN
zqX9-;dBHXWi5X;{(FeC~`MFxlD4^4O<I&MeI~<hmQW$A_NHsSu6lcHA*;%Yoo6$o1
z{<?NrrbO5IWuO0?eA<wk`Ry4^4gxce-Okl8?<f@3-haR4X|s_J&L5J&cn88)#YyWF
z%KSAYkhrA+$(xq&2=MPDMjsNjIE;e#ZF-ceTaH7akN~Vf&kQAMyo1A~cXXk8w-HTi
zyUrbtuY#3>o<(VGZp3xe8st93R2ht~A*w6S6Uot=M1EPKm(ujtyg*{Cwd-DrV-}CX
z*Ho1lq6fBpgGwyDJmV4e=zhpiy*=8KBVVIIDUd9DioCoA<qqJV>BTbGS8Ek$WfVv9
zG0+ZJA&R5cH+Zs7kZ0-LYqQP_=>?qOpq}Wb)?`-;#TAgXCq%<JB16(9HUI5wittTo
znHeHfKg}V;zp!vI|6G)$%KuZOUDp|DJ!Je<Qri<iUWbJtPbfaVY3?F<n91hk?&C-b
zX@gN4cP?`CpE-h=18}T{ZN$zG&hq2SaFow%e1VoBzUc6EwMbIr7C>3vVRHswQ?>`_
zH9m=;Fw-89edaMTQ*$0SSBYywLUTPb!PE)mk;2M!{2{G-kfLBfb<XlfRw2FQeCUsq
zIIlW2sNQw8x2DfcG2zM+wz}3f@C&u)!RG{`y!_!Jlqdq#ZIZVM|GndZ!_h|&(o=A0
z;(iF|lJ_v(M7FjwrS7^{v)<lcbDF|@UV+BgpYR+PYl-k20ki_4U%?5C)`h@aq6I=0
z1M8LvA5hug+ci5_aSKU|N0f1ZwAcwXV@SG@o}6*%5Zu^&w>uKhghiD-2Mr9L(sY{z
zJPOWp$i=o9{2s1xv)P@akr-7&(?8Ljr*i2_;7=O4L(klqcG%vIlRtOP^08r+)eUZm
zc?9`a64EhS=yZxy1CBv#g3e!)Fm1w^n`5aF7F>ZNXbV&_E+1TZo*Hrwoc{W-?C2?3
zFM<z^!<5|m6IbMb%lY23+p;$dXCG)4C_4O-!>;cy<RT@k&wDMWu@KJN@{Eh)9v_XK
zS9=*#f7I0c7Chywf1@lyf?cqmoBV~2N}#4>28V3ZG+j2Q?5crkKx#z>2y|2v9sQXu
zFgrPlMULd=$2;v5xe{{IZ%m_KX{`Udg3oX@T$E8mlV6{@kAv|^5H3#rB)gR60wHA!
zGJJFMarW&`9-o{I$zJFod3I;c^hU<?FqhoA4=p{9rZmR~C$`H4<4!167>j%=jkccc
zpwF3WMv{+vgPs&;D<-Bq9EVavTgZc@d7>bH>uK5VPb_`z8fqu5;g1n-X%*SiBnHgy
zCVcw1tM+`R8~f3%IfeE%?cL%3@Q#Aq$eYgcPDw`{roG}9JldtdiTC?J67%$5flrWc
zv<O7BkqOH42MT%vDmaWx?gTDsBw>ZJP1hlmAnIOT7~ZKrxvJ%hjwIHAQ`VhwjE7F}
zNS(nN+_JD!N0Bc<!w|jrq&fNoJ(<&;W=hHq6xoqqfCt1eQBAW7O3VpdXWp?Wn2ZFR
zrzxHff|oS$1LCfVg`o#f<(`0{(!yj<(krbqar{ie7lg<iaQNWDXqvQxol{nYCV#GH
z@0y|YZVYM-B-GP!KJ;8lT3iXHOf;}>$xA*4$UHiKI3Xf4&Wx#e>vPz%8)}joYuGFG
zS8OURVtK$w*z?+%$#lwj=L}GkRw10=tpa-^P*Pm5=4oYWyyp+ZJ3MU9TybZ5Av*&E
zfKL%Ah1N$(EzU~*6M$68+k#4%6a_u?8UV|j<Jqf9QYS7@3BZb&CV)J9`oiujhm`OZ
z0p$RMxiAl>uIw6T^No6GfC-qsn*d0Z=Oqj{KpcQ*a}>Kk+8D~hpxTjX+V6ZUNXvQM
z%B1p;I)*;6D3Ispk202dMsUb$aT|*oMvcu%npiTmx9vt``Py4RMjuy^ifsvSZQc}y
zei0$0r-dUfG@B+)r+`fZEOx*Q$13|C`XJgeU+eEcrH@2!u%|{wC@TSFp2zo2OXWQu
z#S@kwgyK-ej>h!~_XUzOrk&+xH?gVNiN5(Evb}pZS#Ov<*qxQ~MVj+)FuFxRA-}>^
z?(V_6yyRxx)S<s;p<aCA)$U^79bzD~NmH!xy~mg#MmkZMh~1YdsUiFVgLRZm&&PPP
z^ua%kRf^)boLIIbITP(N8pcz-_l`Q{+2Vtz{gG+_3vTl@YysT?PUTS_dc<3Khn?g&
zO!F$5<Xj8xcn!oZB8YXgeG+{vSGb?cBSqh-y9fDj&}0)!0hwHOM!B4@pxid0T3LpV
zOsyhDY(5dnx}SJY%PM)OUNS@$614JZYrFa*)$Q71)PQI10!p)ffO*9h`5C>MTIcan
zVUwA|Z)m{gE*r^FYFwLjc}fmR9B%6k2iyBj>Q$W4w~0q|8Vjx&0T^y{ho};wKSo#<
zwm$NIuX75QH_!KCjf*=RtW%X74yJyy&q}bqbhf1DxGZ_}w`%D<!Y!2Dhs2pZi<orY
zbJTn>)yX`x{PkS}kC_i+7TYc9^V!CL;KpihmRbjPANWYMPm?Fp-MglfJq&uUTBaU1
zM-C@%iO-CmUr3Mal-I74jkF2<cl(x7)yC9sQ1pX=+J&|)=;{WZMBa{<F3u#}+5fT^
zi;hUTbyYxde3H0!@^?X&Vc&>ibD}fjFn$%569RtxH_cO;e0YE9tRb#5pBth66<t@h
zQ{4;4i5QL`&Jf-oopru9{c-=f@+6q7!8b|c34HW%z_j1-7Resb=cRtCZ<>RuJlALg
zmF;E@SwYFUy+aX<1sh!W<^}ssLr>{h_;ZVwIn}MM-y`Z9w72f`(IdQmoUib}+6|R1
zid63=NDtvO^a#SXsNkrO#Y62Ar*)a848w3Mv2%GR%OR6P8b7OPf_{R2GH)aB-UC`?
z{Tvy%&UJ^7ONcN_%aQ~Ds7wyW2E)@czh)kvkv#Je6rFLGT;<@@obo3d#I#vrwO@@k
zo}n6~s;{_~<kZK&?gNCfqQ|f(hweIM5>ZD?9*0NH%S{0(&RHxn+ZNMZ2S~4s^|!s*
zFaYLJyfs&(sA;}hB(eg_wPSRb^z33wrS7G6Y>Q)+cmWt|unQ+8_{7S~qaassrx|qg
zWmB%AE3yjta8qD^v^wKw?3$bd&4~u7f>g|{dyW)1<*{TVuJEZqHi(rCcG{>Vc^#-B
z!Kz1g>>?wX44|%IZS|`~DQVJa+$hikj9QHqHW?Ibr&4OlLgiiRg5S=Pw$)-Mk3n$g
zmUs3Y@PhUf*&Ms)s#7mJiK22Ffx3&DY4F_ZOXyvQ#{DTh#__;6WqGLKHwG)+zyCZr
z`>1jSQo5Vg^%N9|6fxLOjws^M6afIah*ebvJZ=YJ7TH#mRm>FS@h$A<elUMhru1-w
zZzD>SC%w{opbmh{vyX9q+@Z!3>YU5A8P*xopybirrTo6dhRi7I9&nQv1*}~9c3fJp
z>6t*9);~s<S;l&Ji-4zif98s4yqcg}A+VE$^n>B~hYh1Yz}NZ;zA)mO-_;B5N)x?%
zNELqcCQH!Aye#kF6~a6G>*b*<nD5FO$xb47^OhH#^pPySK^NK6Jv3j)!$O_BqMaEw
zJ_2Lx^TsD5fERoKu$=yg7!9zgjV`~Z%6k+Eld!H_W+#y<+rpIVsmeUO7F>gO@@(wd
zulWjJ8VRVb?kAsD>}FYtrJJc28A!O4%_KWeSQ0G~fSzea<*mIz)MjUKS?|rMvCn?o
z?f2iydNhqfo8YuHGI4KhH0-|Y*9c_Dj{%5b_*5@n)UGIge$l2bT)1iZq>bCn<juB_
zaLWkVGI9{~0xj1k=h45evbiO^L`7MrO==YtK-w@jHwOvZter)%KW}_Fn*1j9U<F-5
zsk3G<y6M>%t{0`Tg>Cx`&4ksk9YDLhenze;;c0ok68SIOTVG%&hYzR|S}{r!-t5oo
zEB?^A8!}Xu_Ee!RXp=qn)mp<${kDcmi0y3+7egb?Tl;n=$E%}eXwGOS^up-9iQydr
z4PfWeAxgzQDVMuXK+<Gapgh9}Tuw7|oT|p6*Gf1zzqapB$L%w+^Xg^X`rt+SYMc@*
z-`_Hvn8J|0`vlf7Fc7yf`qtraFOL3_?kdw{8=G%(Xv6xEkap2v5%4X009bF@>h#n}
z-1AR*5b<p>-|&>He2(Y_514*DPhgW8!ON1#6=s#08;a!lI5bb)8Pqd{qfgl7v51&j
zJwpdRC=RxFT9UFdoDZ434r?ht1wsTbjSQ;hqR9kHbYx5SpI=1RC4p<tcl4a5Ne^WE
zD1X7-gj+Q7kS_CtwBe0CdBV%6feZK|?|*!a3l>9I+5{_{8Xm2bv;i<ZkFcrRlZ=Hr
zXDuo1t~YU1PewCHRJjw>K+`ML;doZUvkj>uq5fywxG{{(7tN?hRe>JeAjg&GB23*9
zEY2nEzxBW_>q3_;+jy!YsAhvv(3`1NX^s|@azR8^(%5cz`czvx)Vc>Bfku^9^KH=d
z%%<z_q%`StKJwiZ_iAz@<@(-;c$uw1n<=EJD^IYM!dx%QGslX(LVB3{&77ym%xII+
z;|)vne^o!mHmngrM2g(hsQj`%_*P|s+$?7E%$rA80yABi4F7#7bW6O%fCqBR;_T<;
zwv`rQFDP5b#BRx3Q&>lwjdC3<P?U?NB82W(YV*i#f&&Uv6Z;Q=xuG0`?}1KnPR?-J
zUFCzHu6;}_L>7bmz-`nWNqLe;lZQ6r;VZfk75X5M?*XsF(Ak}oY>1Km#16Z=l7B@!
z%1^K{RWsS*Ci^=3vEhd91-RKsms9|synk~=Pwsd{ybD;>J-6~@doCJ__1_n0Y|`Dt
z?T^9-gD6|lRbk3u$4rA!>c$q2g;~Wd9tRQ>j_sBj0mr6N&PG{V^3zAX+;`HVRn{|#
z&a)*=TeXLC?9=wFayT>isIT1Syp^Lu5-^`tO?8ArYQcsyFq%{Ai=JBz;%k&Qdz$5h
z^R`bBZ)+72Pf~m*cgTL&?eaBRV(xr1+kX@Zjtqa7?&p@7cQoBXR>|1Fcp851<$!K*
zsQ5M#z?0u{oCeiFT*mKvRR8ip=#Rbtb1Mnk+nz}0KW+@8r94<}ijE!s1g>@l2Czsk
z$6a`wM49lDNL?wljsZEMoFr;`<%%S(Y3qcV_XYee@G=ZMYv|CH$f4<{ryM)US>c&Z
zA2*#C>rGyQ4pDoKf`m#c2HYJ5zBR>I6Cnf~C}(eYnC!g6^b`s^!n{Nhc9gt7Ck)Dv
z^@q=ml4Piy&2&D7_Fr@-xQAmlbEfb)Ggh{N5gK5PUq9a`!Cyhm<?FTy^t6D2wM0<<
zf(;(!v-no3JrV~h7xA=(^aWyy*!==ppemfZmathytVW{JfG$O(W)>xOxz0%trZ6%`
zASDD{Ppm+bb=<ES7qlK_a&s8kz!{l?A;zIk?3Yayfz}{62yAE_T)YHRy4F2Vy&F`R
z@Lnh1IiYVBj4Yv>#7H~=Es{8Wm~S<a!~a0eOog8F44nSyS1-wX6-w!uhog)#OvJJ7
z@^uHG<w(9YF;1A4T*BolbPaHyBFuI@t8P4UHUGGA{zR&vK34tC=^ws1a`eIJr*gU(
zs)n!py!@zKDwpvb`Ji#SC}XLb%7j2297>cHUp9pA?NjZ!@G-FjEln(4GwD=>CGC~T
zJa_`Y6=K@%EUg@7S?FnQ%A?WQmm&TfQ_ZU5ck!@O4qVD^{&p~RKrHEuE<skrc@l`6
zY<JTLSXE;6mNQR)CboHSj4>_Y4iYPFon0tMP|y`Lqm9~|z3FLy55OPT5cFOL4Z=`4
zCrBv{l?z|?A)?uf>|c(@^o&=B&-AN168+Uw%waIhTOnsIdK{P)bCr7@DUQwCz(|gc
zM&87!qv3zq;f#Yis9|KO;sL*(l1Fl)c!I?akt>Ou3JLN75oLFg+HrFvxgo95bE|Yq
zLlP-%EiQL8coA65Bk()4w4R_Mt&>&behLgFP_Xzz_Xe{whuUhhoN2>hNEFwS_i1Zc
z_+R{TitL+cZk@iYbi5J~%y8=oy(dVoa&wf^(O0f<*PC5DZ+?V@pbwn5iweWV`)FNE
zObju<XrN|~%z<jfeOVp(^qTm{bF7`Nx+b5xn+^@;>{OPt+;YlQ=7?p!Sf{2wte0r+
zV!fuCZ;Kcm#ILx>n%drU@4#21gZ7uB<%woM=;&b_MF8r?xH)ajA|2UjOqjFN3&|9+
z@2{AjKsAjvPfV^1oq(&1tIFb}SD_qp;$)K#4j3hK-W@ez@3}zS$3|E6&ach>kl6g*
zLEVnS%0nt(_`hs|pYG}@1Wzt2dOgWc*x>(}(trTy-{|#fmm6Ly*_~YN4O|VM$!mFK
zZ@6k7SKlaZDqLbE)YNm7_v7;8jN`qinsMfI4fm<K)j<bPV~Oug1$A}2bcbN951fce
zvNjrj15=pcVxhi8Hb&}DH0GV;*R(I|e-L@)i{%}pU9cyLGL9bxJ%`})G@a(xY3TuR
zV5+}_h8jZ90jW{}Q7+{m=_L-a6~jwAKNGEK@}|?aBycfl(rCFKXhfHys5Fou%EjEr
zroC`BgMH5l$r8OCme+;>XQgO{j9?>Rdo$TG(*v^HCNb^CrtHLTotq-Fqg9WMlkF|z
zYCnUQ)>}+qQFB=xl(!VRE;WUTK5;KKG`nA4x7*b!<Tm~#iBq8xxdH9AT(<4D(YL`5
zkPb0;xT6-yz{R%8v4IEAxB%ZQ%4w2Mk`HH{1kHa?L|iBT!Y}t_AlPo3R-4%J`(dqI
zU8cIG&1I<NcR@X95lH^QYG5C-C3;sLx#+-(JpIC=qAZc@$Y$#yFXZ0sm;Xaz^yW^@
z%+ziZ+j-vdW{XclH{Jo{kpED-@F^=2CGSzt5K{K`kQPllSvR43N9mO%w-PV^QKWz|
zH&5w!!gLMN1r%mZl)ucGGP0Q>`cR=i$Byfae782<$6zW$T`KYIe49g|78N&%>r#9k
zO!uqJG3uzJ9LD4YJ)6z0jDh1*hv1r+V-u;?+Qt0j<6@V^A(9tYt&SqmIHkriA16cO
z)mkE#j?7o~sNEg!7)Fcp92zGVV>m^7n#OFBdl;(OsYa&{pSrAaI`izaprw>uyI~j^
zOJI;*OLu@C9Sd}A-|p?K>D9H}qz*WyZGDb~q>5y`N*_tbH44en{j4hf&Obp&a~5*t
z_mxpNB6Nk{nXZ>&%V?ymiYJ}YN<n%jzPWn`#(d^haY)_D(KZr$C?_XjQT{maGo~Dv
ziD#>^$qPolWtV)KJ?!HtTV&WaaRt_|n}ctn)SIkX2)ujroiU?_7D;FxjpE=TF_-%q
zG1LbtE#hmOH=n=IRwl7g<m~3OrDx-i?*0H^Xmfq!#;A-}15o+9q{8k<5QkY)I?{We
zwQ>%P?Fq<;=^^(x^)1kS0zH6yS~B<T`LxZ`BM<kSGgC^&Pz_sJYc#{S$-g%yCZ-?U
z1GzbZ^So!4GbhYCqN$4&WN2}CAyE7-Azc06?)_Xx6u%YqNh3a82v`*TRV@tM_fZ=7
zn7q*zj6GE~ylDkG&%N~4qeG9A0sw^Yqj9sBB5aMu%$%zHj4;!en;OEs%>ko-j02!*
z{-Zkm)$cr!4{0qqw+90u?fs(@{>$&}PeQ}~M~&(WQjyeoLjC-Gj5~=QqGv*}xvpMa
z*Q#D#CcL7I-|TDFVPt_k8vi@w%LC7jPtJYCH3cze&z?j<0!|tj!G5R6pD~LuMNfUY
zjg1w`@{{cziy4U`C2jl9@Y*k-<v)7;$7$c^YV5x#LG$E4kxMYL`Va3h&U_@6c}HNr
zg)O{Pz7yVc^a&4Kc?M|{pv;z%6>L3>`yK$_Qao*UVTiiX#Z$(E`=*HJSl4l{%S@YD
z8{{L;GLsLTCp6JeF8{M6_=CTnZC&fl{G*@H9K!|cG_fv!8)bwN>g%T=yN^R>PCWDb
z`&5J^9G`Uj{TY4*!RzFVf!5a6Ak`nkEQ{7E!@CMq^ki#vsls?6@yPtai)t_CyX4o)
zyrYAjTDvDE&6E8rOV0iO)ss?6MDbe9d{!JYcP~)_TQwZcQ5z|KpU;s9J0krZSL=4`
zYG=?k(Yj|xl%&=QGx>DUNwhG^;*`t(`Mk#V5EcJN6aC+pPrO*>$v^Vj|F0k!dU3qt
ze<bYU2Wbup9LS+uK}<o}^)yfA!J{(TmCnxtkAJwld<P2THgt6G!!*n3uepA8=}Bsn
zJ&}h!{;y}tSBsmqJJzI~l8#io0|n5xi4Hk%6#j}_tNd=;SOWa!5VH5H78Upz8`vYJ
z)n)Rg10{LPOH4}t*`j|-i17ey|466*{gR2d^8`K_|MT2<CPHca_oL4L`T5_HYl}|f
zDig0p=t-HlxiMkoJyBKcIcco>UHthoooBf7fak!ElDFx|2UB<S%osNtIaEm|my6g-
z;Yj|6qKmCceXRD83Pwkqj8OHwiCpFDj{+wN>ruoGsIn1M2|`kP9na6~;01kM?`^&6
z_k$G+G}9)V{x&f9M`Hi8#D83)^^eg2;nMQ==37_XpZ5Bf6#svIiX98Tfw1+T<NpvI
zFPpS|OdB?u8u{|T{049}dLkGp5^eWgzDjA5)R(FTBCZ0HApfgwp=&y9pLdE!KD$CT
z)Ga+CCV#x{rrLiLy+%yyTa)_adDF=wyT_u+YqI+j?nD*l5F+y4=ttENsx4}q=mu_k
z{=AqoHi~U-@ALoT{K3KNe_qO;Nc88`e1AoRo^@-Jf1TRz{p(xx2mZrX^fo>;@pISf
z(lDxD@AXzs?vu?h;Svv^@O?R(p3i61q0Z|?e|+A+k7@IIAi4VDLg>D}KQiv~jDLUs
z&)Z?UsJHf*+cX}N_)L}xD)Y-rc?ieHz8n3ceuWXgU#`I!uqNIhGJ5X}O-j3J-ll&?
zfZFk)*jeF!oDkM6bpE_OB0e~7UAHXyv-s-<JAYoCBd5q0yi@#VhkKv_h2Zes4zrxA
z;?=imUI)xl^nD7N*syg}illwwMZ=JOlSHGweBw!JVwW*wX8dQ1$&k8euM@c*Vvns{
zi)1P<CX<4HqQWX-Q=bT%8VUDQ@;SS}{3ux`_W%3D5bOBwnD|GMPk5{SeH{Ldn1BDd
zyz!gE&BwnHe{HzqKqUETwg*ak>iaw0?TT{xBNKct9Uyeg_6G(8ULCRE|0|5!UamQ)
ztatE3Cn@^Ke^mFo^m(sQLMQ*`4!i2uiVE>B&ErGg!<PaI{ae*NaJ|ZQVK+<O_xN9;
z{v6)+jGN3mh<NP-8-Qm_!QM;CwH~o9TIxGU{w3o-jIc>KW#E%xo6x%F-0NpJK611I
z)V7@eim!Hm>;3D90FUWFC%4?og%N=VyAI23`Tw8vKYBZ19WZtu#t@s~Ghp-P#1`50
zZ`#{G`afEHwP7YmnxXsu`xjwgz$|bv;_z+e9Y1oLC)@tH&K#2;`x`;Ezi<6|Sznvq
zPuhk4_oM#rUs!o|*^kda`Nl5h>EBw7A6j<<&DbBs=hyNDV}LE6Z5@N!&A&pFp608K
z;<_&DiQqG%`LVjqM?3y;8h9NG8UNP_s*AUis1>VrN6e77D8%_!%UZDnVN&wo=n8DI
z)W)`wQ3QEoBBey<sFK`P`$)n<fnA1DYCM1Rx#@qNxZy1ESu<2@wNdY4BPT`lG;eou
zR~aRqk?r3ckY-wX;o%6SXA_8g;Y+IBOCEdodk`NJ?s56jIN4gH`N*r?^#6!>#&nVI
zaMjiC6S3ze(R~(t?9KS{DrEgi+T)p5nKUxgm)=oAxNR|x+8I`{2Ud*6LJyngqt1(d
zK#X_7C=7q!1p3Py26g|KD(INPMWN+j!YO!z)Wh+ro%!0kM+eGMC=+TAS}-W+mjB+`
z_}A^hhZ{t<e9jURZrp8eHVvFm`2oP;y+Lzo+J9D18Y>uiPfhGU`;0OHPhD&HbKh6!
z+ze<eCU=hZX>ZaseZ>2`@P+@l>$Y4`lGsx#ixvIA@yz%?HVVr!e)qRoTbi82=7E*D
z44(hY4~3HYYagEf;|`%Ck1zXNrtiVxc5V60{&CdI#PTcVS(PcRv=+Wm_w5L|<x7}*
zL~-UBpw$Xy47b7kadur{{zx0Yi+u@;Th~6ECO-dXK-27Q(cRMNoiUHY|KoV!3EPN-
zu4s^La{UTq$m!1g{)z$_pqT;xOmgk20@RzSn$5eud`FFA$dh^seu8joL~r2~+83-X
z%GR2l7>4Zv4hX^6JYPT>^JjTP>o1;(BGar0*=o=E4>TP|>@g*&Q*hKRTtIIHh$Mx`
zQGjL0WMEwz^+RI%XShA)q{^ZH0;FoX?QKQHEy38C)hBxtIFyyr!mxTj<mOhWU97Fy
zt$Ow^KC+q;5?xT8kCuIND&vaEY2mTX6a)8}J@FGL7Qq3NMIM3gn&89mbB5o_+hFsZ
z4+ge}f&~jX)A(f{ZkvHCC=}efPlePo^z$QRD{h2TS&QKxN0FwxX`$x&kit}eqkKB~
z<5cgev7n+-{lVLUL3`z6-!hcMu0N;NnUkKTiyo8LJI`eel@pP8zSaNrdH4>t*M5F~
zr(j3zxa^qJ!>uCr3!l?<zJeJ0p(AY)jrZ*~H;ZMjC<kj$5V8|2A39dVC}UO`i-m`0
zxVfAojVl0d$fG3%vVjT=EB18u>0XXda@5S9EjO7$UsgO6c$iM@$*+0Fjpebo)mTrm
zYl$h~B9C*k1sq0La^h80sxfnlhvH?us$`=@N0T=)hJ(T@cU#Jt)RC8$2YJti+%8-|
z4+Nc-=2{Dqd%KmDL(u0?{)%is-y{(EWFwL{A)EZl=rlhYGvgoiBLe*Vg9%j?k`x=B
z9#j$6Q+Z0BqqT)_-HDxd8hg&cLcH(yN1Bi9!XNRyzne4^dw+C&k74u$-_ySg8S(@1
z()TV;q@fe)46?wAGuv`)1R6?)XfFYq_b2yS0HS}x;-1opdE<QGidlG<_B#C*17^?Q
zzl*=}*HoXtjs1dMEyWiu>a*P}ozR?^wival678qr6fV7RQezR&0P-pfHE>7y{RZr;
z{mV)l`lnONwsM(Wxq8ZsORF!2e5UjIvv%KikFJv`ESg}a;K>iD^EiS=<A;I)oECAf
zQJW0^;5B2$n1^G%0;GN7n098!lq%)9PxGr>U^j_4Z`<J=$^q+H-q_h6$4rTwDDmFr
zdv6icq7z@MI&PhblGriuz`yB3d{gs4%2V`1z#T)ed;<U%x-x5EqPqV^P(##iUIs>K
zfh8bo{k68ps?ECw9CT_rmxONy$uFn`STqxuC`NV#;i*uj1{`3{jlp2BX*_PCnRhP*
zD_U$ZviWjcufPoXjCSV4fY@`<rdmOG6YDYN_A5M^Mv@8q*DPO+L}{D^ZrJR1%-$os
zzcF`e)3l$~W*Wr{$3kd^hw}C9AualWZ<@C^oV(*qzk<<}FK{7nxzLOeOpx*0?2eW^
zI@n(C9;tl1@Be<|7PYHj%b(tKsQBQH`<btJYwXoIfxMi=vt?;-_R_v^GBM^9SdQrT
zQNM6*pWw|lSJ}OO)fF;M-yqk#;ZSu<e0>RbU3l$_2(Hn3gy+WQ<BhBr#b%%^{`ShG
zHu<Z0L+Azklc4~l*a6Of4@VGs8qaJ>i(dmh`W6-jHDxW@oX{!tlQ{W3iDN`3L=p=H
zG!muCRpuIi1Gmwr1CtuC;tB?=<ESZOU4TNdNICvO4`+rFuBn9k0+eEUn_GvWd&5OA
zJ3NKhMG!~PHbz&9@Eie_?$Qf{`s!gN*baOF83Z`U8B28R_MTewM9o(YSFz1p9x~Jm
zYrlUq>_u3Dqk}U0tNx3|<9K11Gx!s2SVA;`=tHP7Tqfj~*M2u3)S|&~MID=>0_7dX
z#}%p?Uf!MZXaudm2Jn>=WB7`G0gA(PmG3=kzj`2@(Y64N9_09V3I^SemDQYyTOn|o
z;2eoVbwk332kH;LaxF3#?sbZwYhV`w#R?pK9El^pI^V{F2MWP3FL6W#55VAyS$o5O
z12ihgD<${b{U_{c-Z;LOxT9NN$NuXrE#)eXF_qIWJ-|nSaEMW<5|WbF(DVQ;;%%*e
zQDrXBL%e=KgP2N_Nmo!_daD2kD0ci+aEYKxBsLK%xHp$EhXPuHtjmakyzb}-tu08c
z$>JS>D3kFe`8ybFYoKd8)VRh>;CV6sVi;tmUmq?y;Wg<rqlzJx0nEMj8<y8OLm@uY
zb6T;xABgJ5znt*QMIi?h=M|hUu+qCTB!<w4D+kX!3+@BJk!NrSR!mv1*B@O@nZkX5
z7r==kuSl0(aG(#bMWzYAfUWKX%B>E$MSGUad-R|DqIUTVtLdUFcLW~^%ifQ@uX7(v
zM#uqM;jV@vkNpsaD5Hbck~k5FE@1H7;`DyOCkd>?z(x>g52Hzk-P4!-Q8bo((WMYL
zkh&}E0=k2yr>^{-zA`g(!z3myj&iUI{S#8u!l`JVcb~=!vnc#5afN<84kxKUUZsh0
z%ncG)e@k{z|9VU7XX)ajV?Rls^imB0xhD!HjeaP`(3w1h%b)!*?ich|Y_L~wmi9y8
zRfqTkYI#;CQpynsebL}VBfj`u;VCp<LDfd9Ru05Z-xOljsV_F|jU>+_*x8^C<J7rm
zO@MGMhyaF8$5v2XORy_B0Z}Z#i2dv`4$ODtgZGZS-jbANK3pFh0D%BNzmj)#XwlI0
zLu8@-4PncbN5>4O6)+q=(+d%rib+t^x|$$Cm0#18$=!r3g_hz1&t6BIP3-I0$@{&N
z$3}llLp%aoWNYw3uk|oUF98>27v9;|Ho&g1de^g$GzMG6fbJEV3k$E0HngxbYz%Wa
zXV{%3?a~Ch{ghHC`Q@piB<xe|uhw4?D$(-6>dzt?bf^>KatT}anOTum>5tg5?NfL~
zNfkB9ZeNFMieeeKxu3=9?f>kxLH19cxADe8{(63QbgM6sq*8L+3$5QdNHKKsV>He7
zzUObrEfCsHgS`em#v+K&(J?Wbxs`V#Mt}kt^6RI}y%w_G8T8Y!Elr?##%*F6NKhuA
zf~j^^hXx9f9|Zd&#TabAQ$31YG)dHVo(rg>JytEW!ymtaNQ01k8lj2s&<aq*F2f4~
zR;t3!Ux@X^0qIXV;D0qO7m}Ed&vFr#Ug9sj#xyuISBPW<!YB@0IwGK}0B&lBM+7yC
z=wnfwLv_{8a>dNWFppUrE)c3A;aNqvo6e0CNDHZdjYIJqE-WItT&>5adJDj~lI}-@
z=wmE$Hbop5xJOgxdLBnb*dV<evYZKsqZgqfKtw^8o8T5Q?xPEZrTe-fEOZmm8@LN!
zNO3P=YPZHbaSi<^xa!!As@XFeV|hXsQ+_x}_GK~_ByOzgTfe0lH;-hg_tC6doCTfs
z`&YL1NKV9FV{He++&63@tj~7@=jn@mO9573GQv3iC}t*r_27h;gCn@n20JEvr7YYa
znO7Yb;r?R16tGxupNrt@wef@xa#(`2NemZ6Oc&6d^u!A+ZUSP&X#5TBO3c}~1}}I*
zYET433+)tEHezu2N@=li=M%6t?)tvX0T;p6{{i+M=w)C&MPFb5^OSkp{!`tT73IYH
zLO`)niY67x+ZdLxuk8q$C2FAO+F&pnCeE|xG1DjhB8Vg4`QjCz@=!bjapw<6A~T`C
zWD+u%+g;Ox-a@Ldk?mE>?TN9X_jNuYf=c&cq^#+C)Ej~K(DA~ywyrcUgAX}&8|2zq
z#zjHb@C9|&5Mc|};HywQf+tw&vezpm-RUlgMq`WR@F8@P2aopVH)5aEu(Gn#DD6A4
ze%Jq+tD;S?7jx{D32!Rdd$+IR$xP8Z&nN?_cPYQ^MczdeOz$6|oJ<H=S+EyS6l~Cy
zKUjM{=Zu=V@V&sZ*1i>LboV-~o|bQZXWJ_czd~tO>P%WI4chGoG|s@$3w~CJ?XDX%
znh?6uYSD_a%S3s}WWC@+0m81!azIz!2Eld=jP!9{iwm)ty{75)Fx+Xuq4cBu%iN%b
z1`Gnu+TgX~vCZH;JJ)W%QP9UAm@W(BNuUOiWAGjgmeB^M9_rH(Sm7Sog^LtCJC~rn
zYro{)+oQGl=SnT^;gI<a>(W0&OU<|z(ZJh?WGL2-;S3=&0R<Fm$(~e<SBozW78XRL
z`YAfEaj-!j4~L%=CCM>#l4@O3l2lj9LEtREk8?nz>r;K2ZH5u2F;+Vb3}Qj!%j|C%
zG?+v7gzUawYGFJ9Wkj_&RTWl%m_ml0qTmd&VP&~M-+|JnI8C^J&b#7}jc}`Zw2_q(
z+G-hcUy}XA{CPxa7`_kI@DjEY$d52Z8CAvzU@zdY`;j(oylQ@%uudR2D}IZ(GK{g}
zn4%|Wl768#`|JgDl<uI)mDvoDi4!CqK6%^icIJ=^Ds~Zte(ab?|1Fx>k?HyiZoi|?
z8P_ee4tb@QQN??5J@jix6=TqFnz6WNwlAE%l7vcpU<-4HsS?}%iqS15-TU@C9pCU{
z;rWHxB}UV|l<TjaLe<`8j}Id*FMFIy+)`8=l;n8Ud*Ge-ck=0+zRF7rgJC(Ok`Y1;
zkkM_Svm?3piI!M!6gQv;)#Ifgn_9c)_~=y2x8M8)KW@amadM=*^FjR3DA(>WjeW_A
zdig8p!Qzwv{I#lAd0vOIOLeOPRMUuYR#z>Jc&=9>SmC{59CxE9qLjpSq6N5X(;!@6
z{(|w3Hid5m)-MftXR*l@ZZDihND)-70~EE#8foFkT*vuRiXi6GfDwTfIn1hCKcbbD
zjjj}_*FH9D5s-cn4GWxt9e{e^_4p&jz%?9wS5K4fIwJX~qIIHnp|W2?xg~xAU-S9f
z?5eJqVXMwK<0aYNfWy#3YKBwLktHL*+H2tO4gvk`{o|-fN}Y23QW~IOgsSm8f?rh!
zk>i&Zo$SvM`dcQIRbeq)>o4$hsmNimoJ`ll4=6o~13b0Z^tBMdGCTruJCF`OY*7ew
zK19519r>WijoQXEH=OGjU{){Gpz)B*VRlAQypv68;D#XCGqS3vAG!{6Z#J5o&+mQk
z>CCeTa$a?qI9|RTz0XeeIE@*X^oKaldq>I2SqPtA8H%eJSMTjalCK$e8?guboEy?i
z370P1Q^?44yEVqIM-5NZ`8~zW8i~xkdZx~Mm$SrZ=54wM{%%2IrygvQI?Occ=pi+)
zwBN3(z3omA0137CA_d!*;DG~I3y}7*LsWzHKB+5_86X=XCS^GN!lq`0$PJ0n>@Bl7
zlmIxSvp<GVZx4g0g1L{MK)mI9)6ck!?BW?DUw8qYqE`Bw%yFJLAi(d5y&M-8huF#=
zg1dsGF=g%-p*4j#9+}Otu7IcDbz<MtDD=+YfP#Z1g|0QoaY6kEF6z(0k}Rwg%-^Vx
zQCfsBG^IwZ5ER_|7GDHm0cmgx-dhEmKXUq2UX_O+E{H=7iK557da8on+J)!-R;9ox
z{7c0>=zp`H#&cnuPr_Mbu&S+b42j)jA3Dpy?Y>Up3%?zdbi>hg5)E?*>WET*{rc7;
z!xj+X*wob2Ud9)XOjYK@tJI@ycI(;ZY4Tt9dE0qLIh#f7k6oQmj`(dwpC7Mm_BMfS
z*6O++efr$WLcMNJz)!d3!J+v~!zZliJ*<2zDQW?m4TLGgMbH1T+Fdn7ElvSPS{=j4
zt38!{<D?q2u2z@BkA{-S?LYTSI&m-G$m?yx)Wn>G;BOuyOPxbs)K%~0pX4B~Y@qb+
z%5b2pSs!-GEMkugHM0v_liA`OvTtOPki{C(UAm^aiyZE836LKX9uY%T*RPyw3L(_r
zu!zJDEHP*Wg&FdwU7o$p$fvwPi%*B>E2<l}H_)XmW}d3(Mj_edKLk&LH~lSmPt3xG
z?8u8@?)7V-OG-)VHIf8Wh16RladW77!-S;<{18H;y642TvP0nREUHT%2aWp3B6PE7
z9|;oz0qh>kkNXWWTwF`4J%=QH?0lYLKrGwF<Jc1@Mk<lwLC@p@IuWfmZeYD<7p30e
z&BL%P+7ij=R<zB(NIAT#^(RB?Xd+wMg_LP7cKY0q2?7$ckO5#M!#pL8oxX2=KDTmO
znjSc7e*YP014!yp7%Ds?2pQj8<0d`c^QxW;Z%@AC3&t|jZdOEY*Jyy8tcW0>=pbc>
zgPo58azPBCWr5sE{s>3k)!aWN2R#{`rYXygV;@)(-55X>=T}zVmR<j7X;MOs*|+HU
zBI)YPS9hY;c|*TcxXmOi&X-JltjC$>dD-<t@>M}vD-nvv>-kM&g%3<$<s6#bm=QIe
zuvwtA*SuemZ3tK6*fQd)Lt{=RyA?)s%}++Es7nctRKF6fU8sBuRtEyJzuT~k=+c`F
zJE={XO+V7)-?g9q@^<%_Yj`?Mp?oT?FbAZyh!f)vq&F@cECm-32`C?q3AT81h&bd{
zPKbqRg8Hebw;-8gL1GJDJ}{ax(vqMAAWv&hPJ*C3L^v6Ibxy~<jn$t8tsQxZDDrP?
zHq@(HPP}_yqx}d{E+rpv`&wyRm^|rE+8}1bRNxX_eKozJ_2st>xPoxLRUvqEtAm0C
zDoPx;UAR+FSMHx|JlgP>Vi8I{SSO^xNa7|$VZ^&e5PJVOslhcFT)bkOL~z59+6}SE
z-Sc@FWm)S_nT;Cz6^49PgFk?GRd;-L%X^2L?o`dXwx}-=El?I)`ZUck1_2g~HeE*1
zCmK;%dlzI1WTPzr4d;Djgqsk8E+QJDl9nDp7PEQVZfTpF?w(E7NR2PVz6pc0+Tw8*
z4#XHqfr-|r)f$=Gx^eRRhQ|`JqQ^>t1iqzy*uD*0;n<bHrN`&gm@N`s^wBIzY@+o%
z*Hz#mdmH)3xLmoOwBJSQjZe)|l|)OoY4O2#hGyk8cL|f|JAE%@{*}~MD_Ot(wIiAa
z-?%9<Kfnn4fjwicZ@oOc>CIjtLXeqVY;b%k2m<oL(Y5bKv51qaR~?#OYX&XPtV*<p
z$P8vm<o3VcgGr&ElMLF;k$2mnQo`1*cQP;2J8KW%1JlQ5QCZaiTaBc<WO@{w0WeAJ
zkU(MIw2KS`RQrz9V>C`Ba^`-b2AhfLMpY8DgYmoTUyco754+o@CRj<ldr$1&pj=tj
zuqvn39d!yjjW95~ES~oT5xBi^++v_eyBT>o5xSi&KM60nezNfFW0bMa5at1nV#^JU
zT~y7Bm6tExu1P4K!U|}GYW#34aoPAnUE{U#Yp>NYkg#Jbb4c))RQ*ObXeWB2Mw=3*
zp-HTU{}w6~AE5vjo*5`v&DRc_JF$HpD5LKjpeZHHe3~FGyr624+%%fK?pK{yKBq&6
zq<o~S{$+4W8=4qjeT&D=BiD?*S10RV(o3FENSxwMhm><dW#^titmH2;p<hWF<oM*P
zx}A8Jsb|!UsH7nb7J4K8M)1IB<z9IMNmWCn!*kYp@9&$EICj)J?)v*0C!N(+k8DE$
zjo8~g{+!8ewl{U~=Bd||<-cG;1>`j1g=)~z11D&6ZLithq28sF{fSj@amCVz(Q}2r
ze7n_s%}*Ez^?~c9mX_8OP5j8u<4q;h_8jKCdyXAlqH74eJ5E(_;j(ycz$)iYzdck(
zUMM*f#^0}nVpCG6jSeY;9>wR;(NOgT<P45UskAfgw{~wPdzr$`3diPI9fjw0Y(Fzj
zs*$F4BzowGO&=^wDx;!Gx1w0!AiY;?HoRX=F@n@FCtAc*p(M{<vp14+YMGQiN+K2T
z&m8!s03S^i7k5xh7?5fRPBt7jCrbbKJycTf@~1v`@8LQdc`pRq01}5Qdrnp%VM1sb
zYWOm?dO>(XcXo<m<$3Mm*XqcEF>yeV5JV5^lC9;(+O3%Ln|?T{&hk_!nLJM)r6`+I
zh#3k@qRtUplFq&OBB`8UDc%k`@cz`>d~;KDJD;$?kti=D?8P&{qwy5J8^bKKo@?0`
z?fty}{N;O_Sun_EJvBbSGc3q|a^u6ib{CUjH~|5W`~80JZ%ti>SNv*MCFjJ?X=O`A
zygGJ}rm*egX!Pt4zt}~_Y7++1jkN3IVm|#tNjN0TV|*E`m`(eW>zekr9-d(Qb`8!@
zi=&NX9^L@90zPzVYdmFqcA)=P`N==X@3>={>Y^(yj-zK_)CZN(DIjEkBP_02&m-R&
zacbfI{XK2Yz|?59(1mx8>^$yvuc~ii_IBD$1`-9-D{_1#wAVq%3!DrMH)Yl9vJ=`~
zFYg<lGker$;wq)C5a3fnSNV?XVS|mi%{sh@q6z6^%GcFt#@gpjqSI!IiLdsNX?}~9
zsyB|Yn%O+Cwf5{GnUcC=UCxcS_>wazstaN(y!D_o-1(88IlTKcb>*lS^MQ1i`eX8q
z^7C28(Ux#RJpo`v!Rt81(Mo0mt=#X9wsz4Io-*Rwr&=DAuze*XPrdQ-OH0R~1s&De
z{cp)1KXD@n4Qwe$VoNS^Fm8fL#nflx5x)&%=6Rhnbk{8!X9xePk4m=+4IPP+sbtNz
zegEbdM9%}#BfN&%UzZA~y0^;>Tv}G+sv7ApBJI-ka?~HB?e^SNk|7*`PyWPI%lxKN
z)>M5-zxEoNHj`lT!6mvYetp`e>~`23>wKS=AiJQ&y+!t!q3R!|*Xk3=JwI{037!qM
z0j?N0b}rA}Xh2rmh63y52a+4-#9Hotd9rN!l}G?xv|1htht5%#rk|AH7UZ_Wq(;8a
z$ffH)5Hr5WM(gS$EUEhgKfKr@(qHzlaNO%Syr;fe85}<lpjadb)#eq{ha2_i?k&bm
zJg&Y>uAx<LBwH~`(H+F)=q#p)6!jSp23(Kj`W5%jan2LuSZdt1jiF0XcB~`{bxW;r
zoO;d?D=h4KDzYlsqD7tgE3k^Cd|G~hBYULn1$&&h-_p1Xzjq7mVDTf7HT}_DJAfpq
z;OayQcMoM3z;$8>J%9tk0cy!YJHUqahT$pB)>*Z!Q6Jd{zBZ_gkv5TgSMmj%Mvkzu
z@ph&hmGE{eBM-sko(#K%41GGU7f~~5@!QC6DrYbEWeOg-!z3o8S|a=OxMvK5EYNO1
zL0m@+<Sp1D%FzcTytfejM`Ay2_rCA8m;CLib8M0QX-nlYsik`a)4slJyp_0+A<Rrl
zvy15<rw;9VBfX=ovS$^ZD`;mAOOjt_c_`oE{_!x+sDUlj^Pv#SobE}bv4j&_slE9l
zMVIlCSGg0PZa758Q}r`ApVcH7Ssdz;D!2pyfrYnd+c_8Dr#Vx7mfEHkjRXrOvAlMu
zn4a)n56Y}R;<gY?L&Or4C&;XrZxxU!-e<Zy{oKTQpD5uH81)=JT*;b7+guj~)&1fs
z(KT+XK%cVqWTqBlm<V?Znlc%|voE&m*a8(pPex8{W7qaavJX8?Yqzu`rlr>(Aa#>U
z6jX=(wOt=z*3IZS?ExqQB)KbH?9AcH4GQQ*;sOSLEdLemMkJuQ&<5TvWLs<uRY5BN
zS)X5A#f`X&GO2{J0U%;Woi+z6yn2Z4Seyp)Ofp&G3c4eD`IM2-H&$Xc-OoQck$>sJ
zy@{s+)aP7We2C^N6HA}AmKHhL&@hK>@zmon-n+!TPT)Iuc5Db_aag>o_=e<T#LVHS
z%~DO_AJQ773k#o@ZH}zt?4-KrAtwFsB?+>GewZ^0R&Qya&)G1L)oCUNRj*a(4)a5H
zq+EfnLJH)a4AHkvOxa54Nf^f?VjSkXRSFo%67>Pnm4Ot&YBy1T^w?3N{f3oUU?pGm
z<LR8M8;zMapXJ+6GDwkK{^SDr;Dmv&r)2s}R?>=N${<+>$%n1jAlr9*EcOud@({MV
zt|}z|ts;Nh$Ge$)S`Pjr>6ST$m|9`Oeu?DSHiE{}8+|Y49^3n{v632E`Ig{b!;>RA
zgMvnnY?sXf{u`3lg`d^ngrlrOT`vYfBDQ|;+kMQ(8<(&t@CL+i3X!mZ7@UHv3&<`8
zmJ0OlVB!)y2se0Cq_9fp0a6ZrF}pTOPIOT;jFH3;QWKyq!S95wp*y4g6~9)Y!xqFv
zn;qtYZGdh~{sE*x(D-JcvI2m%f79XK6G(2Lse>T+ILatJT6Sq(B&5iPUd(go5coHm
zyc}KNy4c`OgbLBUEAt5UK{~eaDq%52P!zFcFe1~h%Q@Z+{D6LZFQUr@s|Xo_yWLr<
zw0Q0pE)u@&prz_P0<|8<2yP=Y<cWB|UPdx47aJdB;n<E<=sIcc!)K$A3Y==yEY?R)
z1ph1xJTF?maAijFZ+56j4CB1wNdQbh&rpr-dPa0YYr+ALi56a;Ox3=-D{&~1?v#9o
zO_|b|>vP?6BzN3Q&nr0!?~DDAi8~5$@8$^xiYKiW0=A{`(PWC(NUIX0+W9g|NuRSE
zn=RIV9aBc@wL}v=V9VJ)xO}528@SSJqICn8PUuel`@N0?#dgav^f!`qD%ePB<jS2)
zcuHP+*G4_N<0V9)eBBenEC!1&^lMpr!z(JJIWGA28$Id0HZ(aU-TK!X)iT;&UcK!a
ze$bqxyeHM-Af@5tuJAuob?g%4&aTfw9`l-!68BjwRyd<Sdyu#0(|e!!DkEu&r~eHq
z+Y}7y7Meah-HKu$Rfho$#jsqz>CaM=8Pot*x-z$K)kX${^7TE^Z-aEv6u|pHcE-0e
zOfe~ip)y7N_k6OR7{0wB7)49Y;5C~7<OnFBjsVYeT3Z=Hdd{CFeFIoEhphYV)8DV{
z@;+7UM9$=$36KSqBh;(FJ5Hf!z(2Q7%3=@3krGHg!Y~w{pKz@KF+ep&fB~oyJ<la0
zIW5yq+h~Nzs|_yA8>2(MJ>7LBY=sC{UXL(}$(OM01&MQ2n2hjN+41V`k#iJ~q`roN
z4t3lWbZ=0i!xKb&e`z<0jNj<|(gVP^#Kn9V5e5GqPE{SGUT8TxGq1L<qVhSe)|&50
z%qYfg8{LITP{j31NF|hdDTn}h`eQdoD@}Co%?NJvp>&D9pkK8KA{1s4AH%I$O0v_v
z*d2X?Q!rNn!fDQ|vmN@dp=jYOVR5?wo-2Nl#upb^MM_oRVpr=gc^N=es>vOspnOly
zi6xsH^sO*a)%%FW4~&RWn@QGBSvdY(aJa%c>x*#j0~TTRat$%Y!zhUm{SBjb2wn~u
zx6#<T#R1(;v|#l@Var=GSU}T1qEoOY@RjR$pJgFn(A$S*5}H_42xjR^63-IjI_ix=
zxO7~(g{wbSTW*uOiBf1SX>ES5MW?)FRCc#kNtEitmP@Pe)>hvIw|RZ9+)iG43)9s0
zCXNBvTOV}wbe$_{f9vA<jH%F|@L=adNh`mdHBN7pH$5v>qGkHO8}Ok^@I5AB*xRA3
zS#3h67e%fW;C9E=`Y&c=dg!-Z+HeOA=#d)+jqlK+M=KZpql60x;P$65Vt@q#)tWr{
z^a%tMq<C`F9~gLGICC3?aUx|>Ar3f%Rk*#b<xp<Ckc^wiY}3&+{=zAAw@|&uUZCV8
z`rWA50VRQ(RK#sGH4YJ38Qn-1(Hbkn?J`m(jm8x;0B<3sUx7D_Ffo%Cd}o-bFjMC<
z8BLWVprY~Fc&jD!&?u7r9;jzA5&=d^Y99dLn{6_)5T-=4J_KlB?-=%A|F)Pqrj5)R
za-!lzTeF9^qj3SWsX+LJ=2@g5+A}P3H_9VaY1K=GnM2tLM<e)fCN!E=;JBd!pf!o+
z-5qqmumu5NxD=xwrnM`+$yLw!?$iru$4!QERXOE`ch|n#CD^hcuDP*dl6$Jy(=X~#
zcS=nZ`lA)}Eb0J4;P2s^6ElPjkMG?4QEmXH8GSxn*Wx1T+i&Q>>(@$xv7Q^^)vg&}
zX=p;OwqD@6y3(Jyc~cD<xvqzE6a$32h$~(x(Q+Eh3=nhf1IZVxK0_GBgzVh*J%Q+j
z=E%q2^)YqV(bDR^wCe`;w5a~UmgT9(7owlJ^PgQY|BAj0ZGti3UW&%ntTbm)uv-D2
zvqXVmbI^Y2^LN}~2;3=g4YU!Z3D<t_Fmt|}jvKbneHC^*vQjKpy<ID}-yqHFojEOQ
z>zw`HA_$K^JaZz82BkclQZBEeqCs2qY*~+vN$D0cE6fX9pGX$V$oeB^kq=6Z^GK43
zVIw5{SXa2jjKIzgiIcU|$pw9){eq<i5@TvKzDr|2|1dV#w6iCA?6@M^M2cnm#EvgE
zZrZ3Js#kp<p#zQ)gtd`V=+XhafTg-v>_niJ(+DLqdR95SBs^zEml52ML-7WJ<zR&h
zZ2BUhV&Sv3{PjzE?r<;CZ~WEMNU!~j(bP!>;)pxdApMgfLL{m%bSV?<s?h)Bk#&#T
zrF8!%s7e(PuH+?CFOe1j0_&4%72!3>mi-VxLPlAwa2slIT&8L9zmXjDQE>@q*j>9Q
z?`7T{r5;xjKZ*N^XrBW6VIo67!?AdQGbS{yy=%$XPCg~ip6a)V@nvh=kmz|50XggP
zBf_F-!#f~h*yX5(D{xw{N{yE;GE{M%bE#L&x@xcR;rDCis&d_`!D}GQ0jeadjd0jd
zJcQwn5qJG;nvVMvkrfB~Qf?V?6~u4;Xr0~rya0oK5*&0FasPOW9i}kR!jii_^ZBr#
zAn@%gq&P>&CQ&|e!h}`zQ!tQUsL&zGYyeu0I4R7C68!|d!W#e|ko&!q_k4}+{q0kb
z>Tg14<`wyJdx4ZChg~CJ{+CCP!#bd8jJ(6V0c~~+AOG>C#?~ea59*PdYI5+dsqFN{
z3}a#On&Z;mT(w1t3wK5$qx0LPM<{LUx=mu1>)mZC>r1mApQYz{F;Q&Mm3{o_qK5&|
z-^F1)=$h6M)qnNHC1RgKen8_!lR)SLFaZ&=fLelpzCOV2yE>yuT5vbesKSVlx|0SH
zjrB?Cth5J+8=F=@{ENc0CL9EETnn<4$4I|M(;Tuo8XjB-=2vsBkoiMQN*@xda>nhF
zZW5>Wvn)wGzphD<6NoiI7lI;@zg=(!;^8S+tM@j9uK|ZLK%2<;8{YY;qK^q7zJ%Ws
zTHyr7fGig><YfqV>&ESz9-JVouk>i>e`T>f63v*emUC}cqu_syd;rZX?S?H$!V&K@
zhH$CA0x!e}=s4l*`wS{eOHfX95Ab`tGp#VC5Zk!@E}+}!0i@Mss>aGin!78<7nyga
z#m~V^m*H}mUP>Y2J>XIG;J_lbXtZ#%`L!4=kS@6($(85hCalYTZ-APZH?5azt4?TK
z;s;zBIGMy4Yd1ks5f7c`h{0|hNICfK;wTb0xhD{Mr8sv=`RH=GOD^@cSzh*c^s>Fe
zLz+tLxQw^k*H+^(K*SJyO4nTY1#^EAtaS~&3O_(_>~|X1cP3xJC6zIpSDaLj8@<;`
z_iSM~7j-*&Z^+N&lBePxUW8t5JH^4chtTP27aPRD5G@5ELLp~>D;vp)7fzOFp*}KX
zam#C9Zu>`9zcs?iMDflI)1`f>)yg364Gv0uFiSY)qx)(5tC!XV7|qQ~ts}e)GDsnv
z_N#5fhh#mv+aKw2eqhu%iHXC>9Sj@nsH~jXW$2_Bg}!Y3y+%e=Pv`i65Yk6_8qmDp
zq&Wg22O<Pi?@JA<uNzV-+(?$G{;oS@M|K3IuaB|>QczD0v1#AcEho>H(<W_?HK|2T
zZUv(gu;1EeTY?V+>34re0|NH+YWEh-#807>q7iWlToVnXT;p6Sr_w`u+)7DD{O|+H
z{S^T~?s1dhYIy{}vr;o%FC+*|DEmY1vL{wKvOTx(<S+zc-|lXc_d#_4Vgzt`V}^Yj
z;1TVw-JY-&E!b7GL?GP#iSvnyMn6w^8GV=zT{|U>-S^&w{dN5}$L&YZH;ikUnDDzq
z*|{Dypt@9%WIf%?5TS$sb_pKHC~Hu~>70Zfe|!$tREF4oV#XnP4K8y781^Am0|O~Y
zzI{IIs>S;#<P-2QD@O=|ru;$RG?U6qxp8i)X}Ymb&wfu3IuMJ|IyZ3&dOLym^$0JS
zsNG>tjjD@>;&+=+Z?fW<%9&>-?(bsfnUsg9*gP*fC!D}bKup1&c5$d4ekp_FRjLi@
zmSRGLor1gi!KXPH(itBC#W|M{Q`o;Cs@h(&meDYs@w?ixk2#b691Yxh5i>Eg>MMd{
zr)ujXGXyJiKE+7S;soFH1}7`Vz(-flP5bcY4X-sYaSDrjt{cfhvC*YW6(h~kFk-gA
zKGoBVq@Wn&qJMznRxLLxP@?t3qDb}xZzZn#T}w8jD<o1m?VLCBm<Dghc-7lvMXE0+
zt^K5TbVtGUQ6ZWcDsSqeqK+Tn-OZ7<MkIpS&m|ee<?e|cG&pQ|*p=*h-fZ+NMKU>+
z)+P{+e{cOi_Son1m;J_uSkcA7Bdm~2BOr*S)`JL%T{C~UhdgYXLk80Q%b<Co1Gb9(
z9ge0Ue1qosTm-eBT*l4VW=50-DC{ZEbkw7Rgd7RACsE~#=PRpw;4b2DP;(Ug*}3==
z=^S$@K^s!4?E^uo9oGliK}esLkg?#5^0}j;MU*O|x*)3fF60|*WR812V_5k3bf4DD
zs^N3g6&w~|Clbc@w{hEt&$qAv6>;M&*NQ=)In<SjP2fwd8_CF*KwbMFXwp8IAG463
zyao$)chDSf(#H3GB@2Mv_O46`gqmJO5@$UPXO@KX>YJ?9q~!S;hp{!XQ4XOiT&`DB
zW6&4*_>!(EM5o0vqWt9IsC#3kqRM(Pf;s{0gU_o!bdGXr8OOa-XQh1~6I{bw1@1yR
zJl9|$YWNX7kOLLwLdYj^@P{@D+WeJ{wsx94)08XfV{GjGVq^X&LSAkjX130|MiIK2
zY!t!TnGq8_KdyZ@AHCJ;=Y%;3M1$83o}hi<3>*QMp;72{sV%2bU~HB5e5_#y^G=#%
zR;@BeAH&d7>I<mytfvVQ73;lEa-Qvuy05V#374(IDC}USDiW9_cj$uZxmN^%PAg|a
zCIAY_(-gKYB*#oMIs*m&>J@X)wadC|e4ag4jEzNDTuL>Q{s!S?Gk&%@B<$CG8*0J^
zECd#OXvX7s(Ca8?Y&M#|XfMv6XtbwFkl0CFk?)24ZXDnttZ-d_M(?AWMG*z^8_|#>
zG7~hQK(9t>fUIg~q>#EBA`jpsSnO{Ic|m|_IZV@Bd&4fr)>aeQxC@{Q$n5%XQzGNx
z+subru~hatlpMzVAn)P4@(v3;15uZ-U-cIz6W3}=4&VH%cMqcg(cX)vi_XQF5$1om
z<)@Pu3PNH7vnFfmVOz8#;a&T-cP#)0St!G#xt6eYiM}h#l}Myo;+ZF5`#i8_P7r6n
zR=f6&Wq&9WVvhl=1|IDp`HqBZ3PGv_aEcN(n7^c3<53S&R8LT%^O~tVjnBjxf4ZSY
zA0Qp<_|9xbO9{_>BI-3_pvzg5wG6{@YObG<bP@M_dGt2%UN$n9>S1-=<I4Vds&qSj
zl_F(aXE#~H@Ykb{iY?`C*wr{Q$RbiLA2UQ>Vs13W)DxGyAJH_PO-#-e2yl_CPsUwk
zZ+TO*?RW#4op5+iP!MvnVI{P5{vTOi9Tw%<^-D8!Hv&U<w=_eKG)hYgic*4zAU$+<
zsHD<TDk9w=C?G0e0iu!;0wNM;&ED_(o$oq_YyYwT*jtBr?&n@>{c4TuBI8ImWa>1P
zwSr-UpH)EEtiP>&^dOQrh-zyg7$T!Lh(NQ(e}S&O%Di$6poYEZIVji`a`NU*{mwR}
zSQ|V*K2IRM|0JE09dspDO5p2^fiTNz08T}(?^gR_iTn4@KLAu|iWw9A4DgmkWF)8Z
zO>B!k<7{t<7)jdj0~yD1V|jC_5FK=(Ot~tZlalj&t$|kuBr~=!PNoCW&Xg@jT}NxR
zpxxOvJc94$&BF_|oKqI(8jgacf7wXZ$~DD;o5Y7{Jf{R}M1w=;i1*ueKeAj`=+f~^
zXv=5^yrJ8C2^zpi8z6^i1&ovRu=3{HO~JLOw2!px{^wxb3mnYt6Z-2AujLM{Sxf-d
zp$h>HaP!3D112;N3j`oyOdgu)!!bZ`C9G=bDH3){K&=fuZ)fNqX){jA&k>Agqv>$Z
z7Xd#CqiH*|{4w`XY0#l7gBS@2&8h>q`);kjOCiNVDbtlNfwTc114=Gz3A;Q1ZVi+_
zT)A-0jkf=QIomw4C+9n=2o9+AQ*RczgsKcoHPlCV=Z9BJv5H}U11>|<QjP?ODM6rg
z@=6scZaYQLLd7P(@pr2m21!*6Y<7shTNm>Pa|gR-Zzvxoj2W16m=6ZJA7wuU$na78
z5sWewto|#uSCY&=g~6gcykzZd6HiV16n-cL=Ompp;49qU)G2(qvAf~baBaC5f#GEv
zBI~#RRzs0E`jAdMY&MJCK{G3b)SiUa1_PR$_f)pHwf7lNt>agffpKkegA!=NPbv@@
zm<LlX{QBv4VYY>62M9xb*$45sC-63BSBs|y0D=HtYtx64ghW6}m<5d4<;&o0ZCsSS
z@zMJ7J)&IoCgs04tI!)XtJur~7#QwqkqAp4F0}D!c?7P{BzIYdW#<Z65XC-Ov7Y+;
zXmk(PDj)m_P>xLVHJg0iq-(+xNi+_;|LQx}x-$W-Szbqc&^6}AY!B^C1*ZiHZCE>0
zZ7cv9=;L!Dsmj(V{Vs}2i~e5HQBBvt1iQ^odz~8yusfl#MjqO>_cc_p8uqS-F-aVO
z;~-SWCcHpO3^s9f&6d;3bUX-N1(!a!P+(yH^p`odD@;3TWD|nU!q5JGNf7R&(gP*i
z;YA#RwSL2haJ1U13N^fkO%WKAt|4P|l2QG|k83z&a4W_8_-XF+?cA?6=^kipE{c&%
zhgtsR&5!273JiJo(8boRRvF9XjTL4wPwl57$54&F5HH>SH5VPC$I|Dei{gI|k!oc)
zYX<Z>GreleYtW@H<0v8KfHZ$4vpaP;vcd4Vl@?a|45J%dxYaOk1Aq`e3nSF$3In<@
z)*Dc;NF_CLe<Q4=u%bf8Y~WJNv3tfJ8Rpc4pPg2Cl^G<(zz{+$29sr>oH_J$@QaER
z>yCgL2<}-aNGQJ%X@$K=Azs=I!f%xc-rtt0HBg1H`Wm>_Md48f0oE9WwLa~id;#&T
z8;rMbe|k#~G(cfL-Dtrs?HCS<oQMAswF?XYq7M`uSOyMYL})$kJ?Vhz0(ejPQ(fE*
zUP}-n{DF(#dJtY*Y{>Ok%X{d(5|8vt%Hd6Fx!i=rqA>$-T~C$*Du5kz;-5K7Qzu89
zPBA{Lx8T7fgen|U*7VRWsLDZb4<L?k(Iv2dug~Q$9dJ94KKVzb4##2W0pWjAr21P1
z{t1BQYAuK4#D#mOBjI6i-XBN47S9;MN2$`594%WQ3z@JIS)^}eeCsXl{`y;{IueHZ
zl!9>|ssz;hn=>BbE1pa-`=Z|R=!})-7!Thhqr(4kw@m3I)5Obi6gKs;Yp^P<7(8T}
z(~WLW{T3J_@YgrTZv_v6nfAVo?%3WgQ5srIl!7p(fc?VlN%#&gRG|eyd=VCPg%$?1
z9<twB?&)|O`Uoi3$xJ#j7S|paoDP36xBLe8AG9q-kx~>k?#nH{`H<-H42szT03Lws
zJ_4?xkw9>%9VUBh%{ti%e}Azj#O-@HK)(PWf4{h%M9|oke+*q5=)r=Z+s4i({m|mV
zZclsl#9?V@9rz}|rZW#;J2b!K&<H}02-9ULcwuUxmg_@6F^tF{4wQyT4BF0BPx5*}
zIFbxurRHu|&i*`rOHAV~a3o}mq9Y|B*^0-5M+Z3}ci`#5*&dFEL#FizwGRpu>?Q;(
zK=`&cj%K!`L)AjP>9rVR(o@On_gJOS%P)}3^gEwt?ob3<EyktybMK#`E5D(mYHM&?
zSo1$GUAX6~b9Zq&_J7QvOau=^LAc}lew%d%yH<$owbdi}0axV=%@mD<^Ci8%%Tt%M
z&()RSAO-6?3SqI60Npn}!%0&=p-X%?B&05*y@4JJt$kh>DJyRpsy#zI%JVelFJRX5
zN>uT&Td^eT_?fLOLaX?3E#sou>-#f=M|2Mj!`Cb{%Pf17f`xX6;-Avf$kY}p^U>w3
zAmUhFI1{X;YiNO&_tM0j_?b(#x;SX87!yRDb<o^G<>m!7B}OB0hB0zaUxfCmj<R3|
zq=fKI9=Xg1xF4PD05Qjtl~qYUlIpEh_~&t<DDi}wKXl|e{0uXM(sNOkn=qL{=7BfB
zJOv+XNcsXf#Ha_k-!@bdHiY`rBMme6kr!kuQuivvD4uZGysDF+U2fd7POF%*DHUIH
z=n7>~qMv$^tD*(FTwu(+e#HIee8@uvxhb2>$g4AY+Fq&muQr%t^Hm)c(9cUu2R7c;
zEULcT<1c-((RqKb8UJ0<HIM(MtcTnFC(4E52W^@dze(GQB?<dQom*{<3!lm|Lk64&
zsZgrZ_bENa)$^~?>X`oc#ubV7@0iUbxWMJlj7!B(@X<WR?d{I)TPEBJrX_!dHM}YV
z9D@t(7KB<CZ$#QPz<$ync`~GYE0!5zs2uW-A-FAfZxh2<nJ7pro%DN0mMcyYM{ZKH
zSB!+=c81uc0cqK#>kWoks}wOiH4KRv)yOKODaw{K*fdL-mzsgzN+y{}H^BT?`sl%z
z(`glpOGe2I&;^Lm7MAtcnuhsM07a!Ga~5c{3da^$7oc21#n1=ZGp2=OBgho%$G0@k
zZFweq8x5J6%VHEQVM|XJtiLen@}9Z61o`G-H20Ses@5IK3#sk$R%4h^tLwO`a@?|J
z7wR<e?v;z7?H=ip_h*wO<_eRUW);Nt8zMI^1oqY|yndT*L$Qpn^*`Yhukj$o7Q5hP
zQE>^&0Ob8Q*(7=q>fJwiHBD3-2lgoC1>6VB)JcEEi`$ro3ts=5(je(5SLpB>??F-w
zbo8_@LWaAR1#xZdHO=hQua4mDQI-OF2%DiE1J0eop=wJ!DX2jhlO8k?TE(Q^aQGy0
zUeoW>U*8YuX+4t^Un#ymtfo@95H>kr6x=8dVrw}l99skhm+IFD94~5`KAAM5Ygo~}
z^<V${&Jdz4;GZRy7>W4d1FC?&!8XuEVl!s2SsoDKvGELpyQMm<6ZBjvRp!CJ2`<hZ
z=GLr75ww>sv|yV$yQdp42Z(as=$y?F$uUr2x|-xRpV<Y&7T{-46I;NZ2E{!j6EsvG
zo+b7ykwwA18SZ&ge&Txx!<g{*1F-o(|L01gr@B~{9b?C#W+`@aCZ<;T$^S$+==R(r
z`zOKyYc0R@Z$u2lIQ)x>Lsrb^|M@cK3up84J-kgJVJjc{AK<+in$2rgfAHNWv&AiI
z6OQ||1?}UJZCPIVfSvyGJQ?Pngp(0U%#MfOo0+(xhY;eB1|dPfzUX(y>d7&-y=$}m
z<2RwDd!dc{-G9RrKJ((<5=SUr&Gvsn*HH3LGRm*TL|1lfCJ#1P#JPiGwlLpg!x%dg
z!@Uo^okOpYHvJ!vDm=o~7p&T&Wprg7vLovvy%VK2N+`N`Mt8_b37^^;{O-ZQZN@`Z
z1y9(6Z3s0PwDd0gf7uZ5*x;M^Cz|D7it2y=)#mXI4+y&|N4hGC;WDFs0q8&u_cxKT
zw*~a)txZ45?js90mbvt%nr#gfFSYX^C}c^aLUz6;US=a#62!(1&BoDPVfLYilho$5
z)?aVO3H&rRIuUdXNeWlxu#p(-(pUQ!KK;*2aDmqM2c%#?P}Jf_^>LE->qCK@(z7<G
zYYiXrhXc3%$-nVneoP<4yTzL%BC`p=0jSJ*$wLn|SPHP!d<Rf5Fs0n#{I;!aW(q=Z
zuuV?{{RW?Q7!HBbNQM4+<n>X45VNe3e-Hj51Rz1~6KM8*_-+&)O<pBD!T*L8LW1Xh
z56iIu#F170rm4q~HsSL{Y)(uS$$Qv)eKfX6=Jek?Q9}RUa|P-JNBiH%=zG0iE-Fc-
z{jcLx=+J$7U^I<AO+ckU*8~jg3&19zqWj0f;eshA<l9!`(k&3_V%I0Whl&sT!xL<Q
zWr76=fC%=970i@kV`7tiYpQcN_m_qlh85vUwjP!IYzxl<o?#>J6DNa4Et_s$sK;%9
z^+N4EeQ@?Gd{%i@p+muP!JUC12a{Up`+r{u^gkcGI=th5y$=5ht_mKPzD)76|NU>C
z3TDU9`8>oz2+<|unBJk6;-cBYnpduW7|Myb7|G`>mLS%RFBh$)kCr4SO(V%M;0d^Z
zb0edAJ7*7|1P2*xo>qh65Zp0Nikf~C<X=;k{=H%vEp75k=)|qT(zicq(-AE7g7`eq
zDS7(#>C<Ha|HrpEW@6UQ2lU03fn_XS-qP|+ZkxuYMB*L-uOQ=Mf_Z@~!>L_Z;~}_}
zwD3j^Bic1^KQ)(%?6gl^*7*pZ;O&bBa;#2<*R-e<CZF+^h|da^lY+7YwqAxOP3O2N
zeiyCEs%OIl&_sK4;BCvX2x@-%1(D$ORYBX!W52WMR}4<!(z$6=$Uf<0Ao#@y)pC8M
z>hfz$xcB%Me739f$(DFh5+o*yl@*t*M}G_!ZQjRq57@25e|CShVmW|j#!z2ZP3QB>
zE`Q^t%Rx93?Y9V5H*VZ53QRWU+1GvKwZL*fRg%g<K=Ss7fsm$Np;4cV<qUfDtDdwM
zZQ#1;Qa$%tsOfxBQ@gw9=TjnSJe|+)O0Op85#;3j>Ej|$vA9E}^-Ln|eo_g~vL3_F
zdZxDUvo2cl%k@<W=k#Bq#$eAzY4+ZRM@Q`TMpPerNw(f-);Fc0e>&!&t=?3E4gH>X
z^sCj~=D~JYTLWf?lGgV@^up7eJY9%1*)-l7y3&Tn7@vH+YLv;4y!i9$HxYrWv7UE1
zp4HINlWPiHx^-qZ=?~S^J!HBpAuLQE*R)M5s`ggJw;a5}JI^Xe0%gtT;>KFJnR!M?
zEdPW{HFC1nh)J41zBV~WtmL@IJaSiVdwOYX=6!u$$$36mjT)hLZDM+STI$VGlvNSN
zlXApT<eT1wILgf47IIyUjhAQ=3DLaU8LO&l(}GmkLs566JVm{d^x5Fe6NTH7ihtY^
zM|Sj-lu6DJ>1gxv#I)AwsXhDr^?<0sZnxanwtCMv;;B6gf`q(kwO)@L>}?yl<o3_P
zljljvS3YGfJWto4BsntAkj8Zl(cz6M<F6^<|J)M%0ntvHE%YsNu9im1YGg*1C-U2E
zy%Bopq_rf^XUHf)Q(O7>8)1CGnZ0a;UPLS3Je7hUIb79}^TBx1u8oanWVVLHhOj<n
z<hX3QHxfJ$lKPL~nQi#GLL>$0Y)J&g*tafO+V$ao9>G#>6V<c&4%wTfwNJ}I#cHG}
zhX>l!3RzF)&tg2!@BD6H!mpZ%{@|%Jl`fY3kUuh#NjsBYciN{S;}7ZZK5_7vlbytd
zWzS<Nys;9tXEU1N?rZePNa`80%aPP8k55qV9Rt*vv!)_dyz<yIp0(ykkA%ktO=>4A
zqX)ebzc9}OSfW39{wQnvW_bcrODXL$TCGAo{-z3^TB30s_Zy>^7Jhe>kW7@@d>>4I
zRp`1>j;kA{tRmraICi_<Ng><pG8$Q6<~6}ipBvk0@#u%vZUzo-qk0(9Le+&}e<TMI
z=JGe9-S-+D6DC~AUx%plR>_F1Nl|=td7a$e9^Dt3F4Uv$)x?oI_112cW7cN)s`Lv^
z;VOPE)X=TpJ}mi^u~LLQS_b2I%>o}z0g14r7;&?oaZ_xrXU&|<{wi-eMYAc7QqkUF
zr%9sjKDo@im4NTn{c5k_p5%PIesEUIbG?jbw$-By(It)k5P|^@B{(&Em*94gO2~gw
zV7}h#e=daW40z1!{R+18K1b4tZ_Vh^kd34bCtSf9kU^avBVI%O`a8&JXZkdqPH4jF
z0gVu)TSUgb<7(Sos&*%O^B%Tlrh?#T9X<&UN>pgZpXOxY0C&{bl%U(_7ww>OeyVI)
zrM<h*k4s$LP40jD=7&`&l8c3}oHT8o>FYj63^8VDuC#_L&TjC4nuf*?w(?d_XfU6f
zE*lGXbTimu{+af}%5>%2ud<pevsIG1TT)XmUskayC+qOz&81V@>UlF~twR~fKEpej
zjL8V0ST!mO{@9Gvsj#X@AVzD=F-BMIIrOqc(I&%;vOe$Fw$E`x@M|Alh<LvKyM@wV
zV&y_D%Mt|d103rgtjv=il)}^Wh0HdnG=D4?4Hl^+=k+$Xy5mlm_-Idh=(~TzXEdd2
zhzN5N$w`D)qD&_;bU&8*@tZt>-QMGeInyN{&i<&MJ<1jSQ0R~IRiCrc%0`5&z6z~%
zX&c4j!xs62ouK|&L&)TRddi{maRC;g$7dUzfj4u9+kby)sr<WP@kLHh?0TubQK`P4
zkSY88(oge_wihp6#4gZ^uGqeiV3Z{o=~L>_>|?v_oDmZfdwi<YZE}C>=BogI^+pSJ
z<uB?U6RH6d?g0}Y11N5Bpnvmd*9j^~`#Cl%*i)rE+M{4<PZao5bV~RkN`|w{famMd
zQZRY`s0z-ch*^cW4VRkQUC=NA@mdbMSm4QR<~UUSPQaU>iRmolwVf2>=O5y?R55R|
zp_mi;QzXsFS9Pd|4?eF{5&#wZWuzxqS7M8aM5H47LC*_;(;((Dps~)IcCS=duAseW
z{fRoJ)6Fk?Rx5V;a#<ju2FuN-f$b=RFaT;nn8zvQLeMLOr%5SG<%OwOxH5!wVF2!3
zMJ%%a@Ej{1r)5rGv*m+N5MJTPL<eor27sABMTAD*=bF^J|N9x?I?#Q|7p*U7#ZrM8
zEdJHIw_e2KES16X7u56{a>T2;K;i(10tSP*if|1K-_gRk_f7E6ubxPJ@Q)$L$jVP&
zho829oDC@Qr{Ae@YJ#0V;c4H&k2QgvmlKXChtx`@Dg|NTtAH#4J}@a<Qej5m=!s|p
zQIS=D_lZ*Er&M|!&}2b$(Qi;Nd$!&HCyPj`yA^mvoPievq6m!}G>RV)>FcCx&T>e7
z(5F`(yl$Y7|2KpKqU8?NU3MXXayF|8Z+(W(v%R{6&9q$OyemT@<!c$)myVuVLN;6D
z4__?$`}zjoaDIv;CMJ%P?f2$PBX25O9vQg3O4zoDr~GEUO7DJoN0hX*bY^k`bbG)i
zJ_djWByVPj+7k2&Jm04z(amF6?XYexM0@}+1tSWC)?za+04AwU<GGJ_Gxu$2?r=p#
z1vCf{@vq3sixM;3^u#6)Z(^M>f-KEIO91u-fwouS6$3|H5iAF>w=XU}h$zD2HD6MA
zE{;Uvevk?U-13Om@KkTim0YhU#@w*o7nms^CS)P$1u%qhFG!gOt_zgl<i-b>J_W<8
zB~+$_6xVs4-vAD(U;vI2I6U)%P}V}UM=zXwSX^9Ooa{iZ3lLHDw_Cltntb0q0Re+y
zq-PfB0~d*2H0{gK6EIAIRP`7_Ep(2TOOo(~N4q4{s>+=K=LZcj2M34o7Br*PGGxpR
zNGe<pf~TZn!Uz4z@8~s+BAlh0t6Cm39>ID6HJ1Uz$q9dOJlp6M#5>lWEP`c#?7RN{
zJn!w?-c$=>0x)OCCnolVZiMxOSmt$96cqw>bp})>G{E2;qZ?l}Z|&E+mZd5T(Idc$
z^mSg<qwvJj%A%ww=|df!J^vCwDEjtuQVn2JBangu;>F;BtMiZuV+phZfRD}7Fr~o;
zg`d##j=ApM$7$Nn*Qpt9)wqja$VG5Z(N9Y(jm$H)=5)*g%q%ycp`Im@d*51;knOD5
z6lLua5)+}&eA-F8Qt71kXP*83`HH$xjmd1Ou)@o?`oAqKY>)SL@wQzb?(JPviag*p
zOhp&xIYxAw&&(N{l8plcAPbI0;7Q!Z^LHQ&gSWaC_VN|D0S?rZi0n4Py?5$II*NmD
zunO-bdaM-^FOu7R7x9GnWP8@OQOGdCDdPHV$+&s&^Uc6k5peI_%xE+JIolLH1POFu
zz_3<P$YOnTKqG-emf8`Uzzxu^MgFOXepS9HGMo(n!Ut!^Kj49`V2oC?b{B`qgiHvh
zW?uk{0C?=#H;Hg8KLq&P&9~MNy#;h)=Jz=xT+9M71*$eChM<;>L<1-l;0Psw$AcT^
z8e)Lj6IX>@mhlEwFQbJZe{v>1+iihA@D@H4sN9c$hjJDo?PrWD{{ioF{>4uYYGw->
zI&z7N;izBn{We&QbJ;z~m+44txB@pnebkOvnDRY@3+)c<+9EaLj|FALvosbN-6b5G
zk3d_4wk?tW2q}5KMS{S$`V$&J=|OHtE>;i&_#7)C2{L;`mX8}*a-OyRrh|Fo1i*}$
zvt%SBk@)(hzxJ<QZ%zx}o6>`0_3k3P$7);y7Us-d@E!uI@#pN%hXA||l$)VR&-Wg@
zgw)jBE3@AK8#RaT5+>Y%!9n;iRB`KM5|NRj)-K7j7zRucC8xRSsW^49BnVMmVH`VV
z+Aqhiuc*I$a6K6~qvQ3<XUfif1W%mQQVMSgkMql4MMxxpTC(NNAz~s&IfKh3?gyRF
zHEC+uM`)>?A@X)Mak!MOP#*9t9I(T`{UDxC6%16li+iI@u`sEKa>o*0Ubs&$i0i$(
zz#j^P*zD}=_O|bMTkuX9WfYtxrP#=t7z_rhIEIV(;f-$Y-peKeC)(*@S7rw|rhrru
z$b$%!?s-2QU*ByupN^d|k;hnloK24#xxjA`voZo3ETU1$OM^Gr|L!w|D$Wv`@CdNr
zCAVV@2eItngz2k?))A)emt9_2-rXI=rl-IT0ohWWE>;Ex5F1sQsGne$U5-=AYhgwY
zYL(sdQSskb0F(gI9#GGx7m`oD;>P9AZ^fu7Mp*%~3{v7))AO2M#Qjnh#*`!^qrkvI
zA%)_27fKiaQ?wtfuUs*7GhuDky2Rm6|M_Ks%ntx`%&-<`v>qIz%&aWVKF0}BT%K2=
zRRD$br01-!n>1m42oTZt4R}(NhS&Q-4u(4t1o7fFHFp+4odn`n`m85zk{3G((#lSH
zO=Dihk+Vy?=>u@R@6M@4W3q3~p?tFnUJD=>r~K3LCJ6|p7r9ucJ#y`U>4(^#;jh0)
z7zaT}Z>bkx(+Rpfh)9B^%t`IG1TJsy{*G(PChv``v8xC{^K1+t%b<dS%JFS~*sI&>
zB@9mmjR~@^JU#^Kbne$}Hx}FV4aP_NWH6qO6uCg`$h@j$*)MHT$GAsC{Hk2^L<Bf8
z`j&0~IUp^cg5}xY9F0hBs7QXIq@<MK8kfH7l8!L^hL9Liu#ZUW%!f57Mu4nCb-=3s
zIdaG~TwfopXdCbd>*(pN`$T!th)Co9<)i;Gn4iylQb3ZnoCP%wlFqF_@_;25;f5zd
ze1M9s>12T@DMA=lE^Rl>y$8@E#}Y@_t!Qjoj(y6FwXxIxTjKPkob6urc=uR(%p?Bf
zH=E#Cfgq|jmqF6X$0guQf|3RBsU18jF4JaKM#ck3xzb9eSBc&%#&|tS^<<tlPMB<K
zQ?#BE$K;!+B9V)5UaH1;l%^rN<OLK7dS|uCq;P#XKg7|SsHauJn%S)*qrn*Q%BV)I
zvJLa)o#4ej!jE{`&tqxTOwH4hlgB~M1aBl)Po&Gs9?(07!y5s_N&g4t+G||o&ml&F
z?gHVfR-C?ekn4c}3-qgsg&Lv?+=Qy70$LmFQ%S6}DGoSHQzGBwZnYsw;fjHDW9hp*
z$57P7sp6^LNkyAS>+PCU*Wb}C#;{seV4h$jjNqyRSgDgE=Sd=w(6%0Nd`3h1kWYJm
zrH()Hp^gQ)B=xzKN{5fkl$@fOab8oL<(fF0`CN!NoT>GqYLJ3tJX^oi0}(_!5MxH?
zS}4RtvB}fk#JCVapYN%ofsebn!t()Fj2e10MG#U$#h6K}!&SjLHlZ~u6HYOe_S;pD
zAnDN=r|09q2yE^qB)ij3d%dsVqPc9AfzJ~A7UAO0AkQrBGy4)H8%LxGPYI)|beX1)
zr-A=&{x!@8r|5dODPsw41Ovwu@#;o>un!0W)aJ8;H3%3KwKWJoNixd$mUzD(?;{9k
zq`99NO9>yuxf66~_w?vpD<=iDgL&1UxWTdu9q+{qU81W6{iKG+5*Mv2%=C%j2-HCN
zD@9xhGr008>S^0d4TV(Y69;}le?;(zDVz3o>AUlDZ7S74?1R?rt;!X=iKV<xuhmy4
zWhP)~pKs`s>)npPn-nRls)MX6(0s7NPJvt;zPd?0VNH_+yh)yO+I0?Sitz+?LobAs
z#i(ze#u&b^G^5cX4zAW)yc6h$pf`2|*_dNltBlS3v0OAYSL&*f^Ky|NL9e|nZm`Qa
z<9@MxiPEY8U&G>P?R<-Tr+whVryrTTuF3H7)n*jOQ}a0cl?E40vh$hSg;7Vtb`%lk
zpz!e%Drhr|#a7a4vUk<*mJFC@Yf25!RIX*>`QsgZrQ?s+eLlsR?1IQ9m5(EiV1e~i
zl$^9pidnG>H`>_$^K)FvL(Qkh|H??Bhl1&chw*D(e4NTrf+JY$1wuLissybjn?7iz
zR8T<Mc?Qd1Ku7}dEB|OGp;w$vlnI0P7z<On48#LssAUSCPUtkJ2mjpP;{v}%_}>pe
z>K}XnqmL+TKsThldt#O&3D-E-Jz(iwEnIlel5ur|=j0TS$VoRi)gVJqfpr`|%%q9O
zfNg@ruoQGMJ9eKnT<RMT4+A0ztYXaCUDHhh=Ac@$a-y14Hic9k(V8{WB*kw=f*PNr
zLfq8aqP#00;qM&CP2M-03*k5)l#Co-2bqo<<U#_1E#n6N_f0W}_H5<5f8mlC8HOT0
z4ViTWu)o$HL`lW@tFZ!07wfDehb6l~=iV02o>067Er->70Ql|}7M%75WJ&<wWFDN!
z`U88OUx3!4BEw(J9|}nqtdjnw!t14v3J|5BqI!fEZvP${MED&>lx=Dtv9lj~nZ8Q-
zUjvT96>cyf>#8p0==nk!0m>~0z67`{095!4#QaBJMT0G{?Oc)$+ACHIQ&!@5cMs&l
zupAevC%9l08z?C#2Cwo;7s*N|Kq-c-fd{bIeTaS4m60A3v1t8!5WLSIu?7JL#L4X`
zd<n%Tc0t?l-FFrr`vVOSzQ+UIR#3no{G{Qbf!fKc-Zp1Y_eEJ0sgt<c*>QmEqgNm2
ztnlrk2<|5;N2OD*fyo|Z@Ck0r!k77aJ&fV8VP8Sn;b**y<3?~7=HFm$md_Kj!zd-<
zsu<`RhDsAIw}Z#PJvZTcM>e=FU?6-ra!}b@bpl<#42{YfrWS^TLZR8K$~Ykqs&XAB
zF|>l(fI5f_E6(}Q$;a~_FC?RaNHKJ?bz`?a-~ItY)DsApfVE4S2<Owwr@MKV9B;>_
z_uPrcwqeNr9R?{$(By+wmRcB5V_r#0K4tUF$M!EMv0WTZGbJMgvUFCYx6rury1Kf}
z4^7kDU)4>CYe(dgGaSS~o7T%nhhXD33Xe(@nM_Y`ilq${<wWGW9}5XkTOLw7an<7Q
zbM<h~Xe%5(1|^A*M{VyP_!@X>NMz(?S9^|^sBe0xG76c;JV{ow?gSa-_l)NrjD~sQ
z6J5Ac0eU!+HY#P;K}u2G!aaMNJ`Q%hf+AUHPxR^_Z4feb!MUl$AI1uletANQMh~|O
z+n<GKs{E*}uD_{P)i^`=bxcFeT?omZ8`U4E^Cbu6?W^e$QRnZlvTsxUWy3U5nGQ#`
zlejERMtbGEesal)tO(!F926BWbb;Z6x^=BDZrj<Xx3<nEyH}iiSS&`o5KJe0&`VWe
zw*unfn1Dx#_KfZsDfwYzy3GPwb!t!pt-pWyN~5{&`9c{BD7k{Rt%3tU^F39taDqFy
zE<{CRa!KT*8`qa#6sy>z?=c!kK2CniI{37Qx7l}TX^A(9BKK`gc)s&9c3DqqcF7b(
zwN))+YUZMMehjskXX=+Ky8Z!mGU8vzo?kJ3U=TzEc5-^T8PBE6na?_$?LAV5g{U;&
zsh!A(cH3iguQocGl3%7#s(N30NkVi<ZrF~&z0r~>p1MCvL&s!gm3tZX!H#acNwQ}o
z{2=i-8HPdW1neY`#MeLFbCx{FUZRIlRKW>8&(%6+?Q%$`@J~|=!#ecCmXkE`nLKnq
zDw!5AWQSKQmbaHx+zg8=yatHqOKzmi$Y!!;<Yb&uFiS>QD3XLjCpYRl@=fvjn<993
zf&B^iDR7Ou3Aq&p@s?G-g~L4X=Ep?DTn7mhFTUF+2pm>>&OOay{4@)xP2@T93}76i
zzF$9IY@Pn?K0CiEqMVMCj?5a>m%^l5oqpv!)1X+ZNPQ5xOH#m5O>aOrK7|!9FI)05
zFH0VAN3?35^@ykUEa0NB>I+^mV0YY3u^U;Y)gTx7JN7O<T4&f3U>Jp|mElXC=-w&h
zf$HF5vZ%E%Z!4TZ%dM$xt|=>!5JejWmr-VSh6jv8L~lmg$>;^QInQ=DLB~2ZS2&Xw
z`UJ*5UKO}`h7+MwWv+o=@ZJVxTsmzzvoatB@pWl+j&qb8e?g<8-ziyO22JZw=(L$I
zZ}Beev5?$LH1#S=gQ;+AXFDa%2;YPSWx|V*Z`c$_lJRq^EbSoZ*?<;q+yM#=$Zt^`
z@!?$j!~AsG2F)%X`vj*Ql*9xD5!ai}<w)kTXDYkGg2l8&H+o*5mFTB27SQ^^<$Idf
zeN2ewKnc#8OT~VK<bGT>;{21KTW{+=+4LC@uE`8s55jTs2n`K2H>Xwmvy>z;!bZY@
zNB%8=dUh!V<hC6<Lu@F~z2)K=5-(AAdAaA%{y-wG?0r4)18E!HT2Mj{kc`*)TQ=V^
zzg4#mJGqv8pPY(k+80*$GMc}Ev4VD};_*M?E^|*>T3UdjwCRNyzB~^Qz%?n(dP6JF
zDk;(K0;V4pFLi%EA+yL87&GV^n2nfQ>hg~u7%{!}4169lBvjK*DreAh9e|9+Mw^kb
zG!$lUUkMquZ-1$9u}j96sA(c9HQ8yEU{t<>phNM>M2m8UNEI-Q;R&csbwf*x9ZbN~
zV2slu0p@K<p5TN?0yc(+Y^CIGjJ|jb^d3&|uH^&0+1a851*XtZYYFy$y3{vaZA{IS
zL+pSua_;&<#P`QtN5a=~<zip8v8sti0wRQrir2B@#=VH<tfNM*f)mLpX!bU9A3dD^
zxZBC8sU9DCt?|g;my(|+y2hBd6wb(x8=XQMw{DF$+XXv(f}6W$xh0F0oe=#<4H1W%
z&3sG5?bfE_ghv+5K6L%wn%*JIPh5v7k9C)CuFa5yM8yO~z9O&#$#98VHn$Cvh)SkE
z-7?6OV!c6E(0#mX1Oz66x9ljIO06ewKzP2d1Bz)3r<<Rj(AjT7366KH&MmMj*jqr-
zG#DBRMFDAP+6kLm=m8LdC*bnq4K}8ZzHN8PSu6u9R|zlNc?agaTGfZc{o7ZB7Ns6W
zJmF+z9b=0TkNCdOeY)N~nSR^3AF0K44N}0)vklA#!Tov>81IV&Vs&z{bPYqH?`TSm
zI>aDiv%BdJ*xTO|JUwjjMN|M1(9~d~C|d9!{Ip;Zy#vp_K=U)b_j^U+Cv&z5bc&MH
zc#P+Z$T|9bHXLMMJy3rz!A@B9RXo|HpqxmiN|Ld!zki3w_#tolWTMa=*vgr}E{J=F
z)!gyUrkr&t(a|=e)8iquOOdHtZUO%VDWl|137*3TAT*Y;5X3aaa4#m->Vc>^H)`E_
zV}MQDSBSguJzlBWTXqhDiBzUK!Vtgm&wW2JFMI#}K{DJV_!qbwY+GEKMBg=z)&2}h
zb|v2|TGMAtoDq6+y0M=@)R9rUvI5(F1Cx&d(=!lWz$f-6nSKs8qTmN4KGKMnuZNmL
zsX1#qtJ9RY_>(~y7$%|=R}3zX4vf@J3CqhL076ueT2bwWP|U7Ky%}$bD<@kli*Hjw
z2ZqP5PKG~mBTvNKnhD1twJXY8T0<Bcz_ltvn%YuPcvV1vxAt|Bg2d6Uc!c>ibOghn
z{GZVy*7{A8)PtsJ9}_-eWSMJM`RM)*tDkC)rLg)cLYS12IcUsY-B&e|ovE=(s!O<y
zdR<jj1usoT*a`L~?)O4I>Z=6YG;4U|9Tpb)Ua>+AE`73l2G3TwH+fm^eoaw;%(T#>
zJ+B$i)zY5MTtQT<^XjDIDrp8(u!-liFLFosxs{Qv#$+91ldA|aCZ=OY5%VoqsMtr^
zwi#X_b7Dz^xP@+k&T^nQ^J6A?C;*=-eWbr#96$*#88@@D6@GRH8t%YSe28~HgmF!z
zpjgUP7bJBfB>M&An%FJPC-N$ouUGuB#?&S8Pz0`VkJ<7z7-B$eC2QaXfLgppyJ>U>
zjr1q(sXlt>zLVIQwbMsbGVRu)&)wu%=l2>oC@JAuL#LmlQ~SByM?K_bym916q-wC$
zWEnmZw9tbqJqyu{IZf@4S3z_Nh0MTyD&}_Yo%ToIs91oMRETMp7?64%BYO>{sbALM
z(`Nd?!?Z>wr|s3ly?I;>c!UWl(9(O(LCRy1_2yJL@h`l9W>4vGf1e8q7IT1|z~kr9
zKPFMiyb^Yiqy${fhiQPFSpPD^Ae_15#nB!YARpHuAO-a>dE0fUKsu-j^0@jR9L6!b
zk}xd0sO2`7`JL0&($+2ryFltNKy+lpUTmX?_5-O$&2-;*^VNK5Oiw8Y0rR!#du@)u
zUh^CF3%E0tVXq?$v_A#P*W@9~8U86vorLv!l5)_NexoVremVj7U9aXC&SB33#x?Y$
zolhqy;O##7M*$cEP|GD~uKShOHY_)cMOoSa1=xacWF4us0hO02Z^uxAthl9BMTQ^y
zlD`TD$pkhTHSz_m%^0lTTjjUBITslsO-E5(BJ(m)(j$sXI|Yi(0x1G(*aOJy7+{<B
zrBcEtP;%2)QFyQ1GM02>S)8(v<e<`zRzoY3_SpO$!MW68&}@YD!Ne$JC7DrY!w>^W
z?$q1yR}ijY5u>}jMAjDYI)_+zw(k&)EpT5K+ICK9l#<pfynLWxJ4;O+r#*YcxA14(
zVq^H(-4Gi+6&D{c6gTP{E{Qz#{3OZk3Blq6$X+Fg9f?`W1v4!c^xC7v@1W0TJ?47t
z`9TyE@gju?w>QB*?%j&NE@l$J(7JuYMXt#Qf35Ya?^1z{MvUMb=`62}S|Q>1;{JeR
z<Wm(F`o#<5jkZmBzXt(;Nm5_bmJm~<yLbB*^^ZoEX%Zqaw*wLSe%;Sphm22;hKWL+
zs5VO&u&hOFn^q|v8;x9Y6jTu;xfHtof5%#LO+BuEkns(Q_u5~*KKhncnbW8KT`o8>
zB4rJ9V+tM+Ue44{|C$l$i4ZDQBV2>&1u{hSIrQxfctQLn5UaGKJxZNfo7DB?2X`zF
zF4v0^<9UsrdC(bC{+==DL-NR!8Xe;bu^2EJNMD)6Mk5hq&X=Zn>c1at76cR?m3s&?
z7*ILq>PG}kK@D+Qp$rODt``82v6A4At_eH{ZH8n<jO*hH4Zz_cSf!c9-+|qj<1I{M
zuU=SR0&HwrWzFq!1;C-k?({+*A=^R?ihZ-tS|c_jZ`$C_GW9fVGkxYWpvf_Daakr~
z;^PBGvsz;?;IsqEqzQ&&kzI3XD@4S!kGbMU{mjvguXY$7L^q`A(1bK!qu0m+>2ua&
zZl;UN51=%hJlc98+!H!#HYQJ#Vv_H&w=r27ec=X@M{JmYDAO@>K7%?_{9TO|*|V=7
zz=4}t;Vh~anc0y+n!s)&UR-d#S+9?X7#xFl;Y}b218M_Q{k7_YA?x+eU<f1Ni_(8<
z%@7>TtS!rOjzu(qv(r|^bALkNizO@xjL9Y8%S9wWp(tTk2jMmaS`)siMzUILQE#{Q
zj%dn8cRFBO!^6EdCVr5P|5ZOaIw~rkY(kMlzAFkR?-c;G(6mIcaYTp_^<~Y)5arRT
z0CUD0oc;ki!jX{?=;~ngDXH}F>tifhPb<;;6y9w#g<k`Un|aAF+W;CmPN1OUQqT%r
z?j(Y>dU25Cd<YRKW~B9hX$tyh%B|tj^Q*f-jPnuPMbSQfa)A%M;T=RP-{-}}H~~hU
z{}k*MYlXL#9|BFlM5lNKFlTh-joA2OAT%@M9&evWcis?;mp#Ue9@apSar@i8W9H<V
zal;jU%#z>k^;4-gc8!p)GTdy5zUe^INB2p86;$+w=`AIb)G!zMC_aTpHMtP_5GTYV
zQE^6<tVKhm(QC2+5&8Dkm$3J+>TQjH?Q=iloQ{18DB6SQJvg0wrWk1Pr(#w$NV#$D
z^0#kGlHt1UZ(6~hYnmKfLaFL!jEx(BKFZxrJK!m6E^i8&_&kZGag`*QAi4^Opu9zI
z7i!O66>h>ic3_8DQ3eE)v_uzXmbu|z%Q~%yO;B-bg*((uieHL=kx=?;yvL>yA8tt4
zOM`nQ)8|NEChEH;+*7$tJ1h?q0^fL-9=SFZ=P@S0m+Q!gAgiHi!w4mD&G3O-BrH1T
zzmx}nm~}_}b0-s5XIkDu`gb%zqmDS*gB+x;LM@}>y*y4PRRH^#Lko7A)F}wljb|U~
z7_9c9g4u4*uKd*z`5r$wXg#iJ6{-eCGTAG&*q{e6Yt52?D{#V5vjpNz+O3<gq0ao{
zz7kUWen-(RA73#J)F9UomL7@BL+IHurGS(?wZjGc19SOK5Xo(R?zFSuS+DxazF9f0
z7@%n>$tW`wQ%S54<~k@`{z^CU4;nWsHPVz@tIk?&L*JV#_#wERMOD$d*MsEQUv?#S
zg6@tPg7u+SJs-G6pjzf9<SOKBl%R$a7F<zb{J0-K;un73m!{z9Prgcu|Nc}&rD|le
z7br?}GAr0K7Vj%%XR&1Zn-1g9;`<92ZkSPO7Y>(p00g%u9TR}u+{;{tr3@J#6VRCK
zeEO)3?8wRVpN!)6`DknY^ig_YOZ_uv7Oq-eI*SlkQLMF#`|3#2GBG|IaI%agVf^=3
zSlfH2)URa`Ju=EO_CjvXz(*djZsk6~-e(4Q2HyH{g7BR=LI!hl8*o*E)%es|T#M%Z
zy#Ak{)dq$v&$1B;Wpl<%{Ko_#4bnN*>U%`6ADld7mu`)BS`u)@4z&e5Gcz-IwRprT
z1Wmt>WZ<*qnBz6edEbTxc`>1;A~Zfa;UgvPjbS!m5$(G|mD1cs;1A_1;x5+?r)`9(
z5YWVkV~QMDeSy{**+{Q?lX|D=7Bp%4GzzmWTpqNAv&NKjtzH(ikLa!L;?o+WVXg6r
zsVSDGX~zdpnE80INK9+ykhTGNIzi@7?hHLzWB;d+8y+7+!FrS5pggvql1awk+-S@c
zK?#lp1`q4^HdZsZ8}Bf)@6N8I3!SU)xwL!@@16o1o}xi>mo)1>^ok#%(>x*491~Gd
zk>@qI$-4~b<79nqyWnW#Xrcj1E(Zb~uzM)?_Tv!w*#N|4Rf#}wG>hCTUL5eYCVd<j
zKyk;6_NBn3?x75He!Ps|IX_Cf9VB_Yt_P{is4ZM+$B)!c5{_-u;*cy|73-Lnr_&t`
zL-E&ddgyN3!E9(v&%23Mro&PnSzE*vzH(07zLaUur7#5W-i0&|K&iAj*^PNPdMfJ_
zQPf1>%DdtZEDVJdS02C9-YQ*BVE(8wB=Cy%OI^M^F=<S1rkMh<yi(`tZnQbK@pr<l
zIi7bTyLCI#Tu)w_T$4gJ?hxAW!6s0=#{Ga|YUWY1m3EtOsB8^_SsKK&p5ZJX&lI@G
zYYRhNx(<l|rOnW82?p9h7`(lU)q5#X<tS76H5W=JN=LrvSWJ~RXP*S%4c-?vW(1?x
zC3$6Kvz7PS$WEq;onW2DYapBxSaO9O22}h;b}zNMGLgk#gUbTh5b3o_fVD;C65Zk9
zcyae61WM6hoKUXLVeWNo9)J7gH<Y^HfYlZ(XU1*>xp5gBD8{-{9Vy@E!<T)@ljGwx
zC|uIKj($BjgYbYL`-vN9M5(|Bnir%mQ&=7-_}nL0%_SDv<{i%u2@^p{SZEw#FIjPW
zy=;${xfd??G}$$CM?qP-JmkXU6py35vg*Q}{)#MCM<87KTH8Ged1d9odd!JU66+J2
zeF7Q7<_|KtzX>&C@g!+JK+pJ<`?DOmTRqH+`PPHK>XHC6lKiU|=JdSjR|_bWdr8&5
zipx`X48I!ZPuTS@lqa_CJea>G%03SKWoV-0<-H>|LQka1ws0**?{)%3N~c!%!ONP`
zOL-CgW+20m&B0q7_Ry**rS*$74Z{B}2>57KT%fmv;1JO?tPAZxdD1it2slS8)@FV;
z5+l77M~uTn7*m`;MM7J=`u{Xo=hQYSm{^AU7ZbktW(4})*S#cMygzym7(h+64xcY-
zDD4sg4UL~bQb8YJv}SCsNfu=8Z@mR}MJ!l$ZzNU!fxcw6qNYZ>ajsSk`l@ECp@&ZM
zGf0n;re=l;y?gTe%ljWja1Q<el(bUz%Ep4_4lv0ugH(23wQuz_gVMYIjBU(hB=+;&
zzt<h`Gmf#FjoesQ`dz)fMGF{K2cU(9NqIDMq&nM8TH89#YX<mPvb~ClWmn!!-Waz}
zo=K-}7RwG0s3pJ<S(@4%OzsZki#kL=Qw}%su_3SVJ#s-{-sp#1gbajc3;IJ4i}(rQ
z^HHvnAAk6AiuvAH1IcEiG6j+j$$a4twHjUunk%k>D^rtr_YddY!^lt$8bKwmX<lh`
zs8I+JMa0|1{y2jcBoE7w*>0w}XbwcDje;+ARrMDh=lO1cP$v1fo~C<eiJ!vX<hF{I
zjl0{kEX|XzL2e14yrYBk4X~Y67>AeFycPk5p1F$b1thFs^M#p>BBU6P($muc$t_h;
z0($lB$ie29M7)8F?^0xkEHBhf4_*1Q6SNswX$1&~JOD<arAnu}v3GK)EaorDdi7n^
z)?7=RKEKx`e}p-~VULRRV7s=a0(bf!_p#ss*NVr>#mnQOssxME@D9!wk%bzQrkn;d
z8!jIJ+~cWf=b{n5HS{r~)%BcaRCxSt{{>(~3<*er07?euV%4J~j1iX#ibQ`42u|a9
z6E*aWG-=T|Koh41QIa-jilS(7i})*L#+>sbj_g`SkXw@fhCZlEedEa&Ut}eae&`49
zn4D<MPQi%H^Z4PbvY)Wc#M|cFJhk<L?2?r&Bu<S>_deh=Vl3{d;IX|%4SZe1<OOhe
zI~!~?<uolD{GB4k=>LHZ^5l{%-9)mJtEcA*ymmWC3?2E+QC(3NK3aLGZf-uYU{lQS
zgk-c0h%|QrrbYiseHc_Hpyz3{5A{Wa^MCacb0(iVpGy&0`3ZXVi&A$e#}-KOJYdN6
zKc_w045ewD!yiILR7`kX$#8WgXCMRzI@=NVIobo5^j#iGMve%eSSSk^nL6wA@Nj;W
z4m$)#oS0tnAxGM0j9eTl>n9yw&RFzEbgm2)a&zrVd1FatF6L86`nsnWGZb<Mq#)ki
zhd~fci58g({<G`8TqeoCpxkyH_|Zr}aWRfY%sr8vNnT-qQ8ZeT&zX?~+6%MF-~R3g
z_pqoNs_`m9Y|m0ccyx3&o?a}-`$~h&g{oej)8Wc^{!?fPJ7Gq7s;EW7+3ce+?(b^*
z<Zi)De%3oSr)^P#`mHjTJM0?^bp|j!ecr&ZNl?l@1~|XWk6sxT$)Tk1TRS0LC^fK`
zF_F&tIqIA+Qa`tO;B&~j*u!eTzkmf?e48XKdi^^Bzdi*mSfpe}>|>B@#dG|j)hqfY
zT7#l2suI@@k6aF6*&0ROzleDSQwJt_RfC$1rlnuY;~B4HqnTML5=Bq25!WGwbbZ2Y
z*+pn+X=2v57@0oYk^aDsr;G3ACyKo2e}A-vR}iStjD%m)WWN1`rt~Q}7jSn4r_;bf
zkQMpnRe|G0zmEd@++x+XPlOG!yEM#R85~uZIGAP<L=!}?V?qsVl<`-;)tTJw<M|_F
z@Df1k9hx*>9zDLPzHzufvbJZtpW*rW`9aMOhO;u-vxrfEB^Kq~>19kbZmbZs7a<VX
zvG={mhZ0x=*$7KgJX)WXQHs#<@c~oe+TLd&1NbUs0-+-w`<o2qH@7Q0p<MEM@#+BC
zV#-L|*|k@o99Yva(DM&>U!lM2Wz26;V<}|Lq+;;X@P@8`r6W1$YhWXT&HKNncDml7
z-*PVP?G$!UXhLGY>HW|m-Ar=_C8X9Z>@XS;4zo#tP^OfveoD4(6r_@**Jjz5s-zVn
zVpC`Xj~`l+mK+1A3*~H5?*U4Rooa7mj!vED9-~+6sb#*9M~YXb;;xCgoJa8=D;2Oc
z-y_Lsg9Bdb=IbkITu#UpWy7z>=YvWCgyt(jWzslnCzigj(BR5gV1Px}a@3lSKQ`Fl
zyCr~PqhEbiaQ|kD1{0$uJ1Z-xNTx|^AO0j)#^MM!v4=c^2LNI(A-@gMMOXyo?m|qc
z%Ik_r?u6`F@pb)|1=qe~w=lJ*@aYKD!(xb{(|O7X66Txzj7r#iOi3V(&zp_$Oc$Js
z{bt;KxsXZfPmVAu^<kP`E)hF6h)?;`ziC->Wc>B^iXt`8oue9zeQVCCPi6wlHZvsF
zDhmE7&YA`45Nu49be$+06|}(^oVW$qs7YNy4F%~?dThj{Me++%yPuuGJKWcbFTg9^
zI_*bupXJA2sbJZeb8mo!^?UdGynS68T+v8E*V`yQ@@mMd0q{Zo`aHoI44>sVW9#BX
zHUz@gN?}rwq#`4WW-voB*%5d^hytVgY&_!bodgo6N<|6lMlNI|J%?05;DG<6s&s=s
zglmGon*N6qaPqMCP3~Icq)S(R6iC;cS<iDwnczTNik2qc0zV&%U;uUEXhcuXczM@@
zGM-}HRQ5l>n8fzHNuKPR1*4r5&AYeyF*2KyNE~_+lxPMP(|*TA*NdXFoL|S$)bb96
z@DI^(=p0+tn}a;x@8*db`X6G;UA;jOgK{~Nzn?Ay)AG=hc-#T>rX&pZ6u>I)r-dI!
zPeh78rTJ)Ah9bF+7au|5_{3SX(Z4`5NX+32&%L%mwhf&4e&j6FU{3FfOY3C%>{xg2
zF8~*ZlG1fKoPiJj;uG5a`}OW48vgOSfZaBF0ui=7Ol@oZX`{d!CD<<*<a#`GBLbhq
zGJfuLg2rg2+xa6PPlK%_Y?_y$Pj&Z)_>FSM2$%8dHBzNq_3;Awx}nGcffpY^9_VC5
zpoP(%r7AEzz&%b@8s|^JwgzR^l;l^265QDS#N&^jCw=3>bO;1C;w7YrX=<x*WkmFv
zN0=<EZu!PV^aSD}-+Nun=lMskxq$siCsoEX^LJb7*uw)Xs!|w1`=P2z@YOoBM*QJC
z1@@3K0PdvGy%C*JqNeM>t5>L2l$4g1ddk5DiDtECl=KzMI$IV{1vbMdTgB`jz{f!6
zW*EjYSQ-wO|BNP-dj0%;&~V)G4>o6|y_?C|OcOGC<@D%%cjEm}+9@}hiZ4}~^6_=*
zXMbKV{|YW1NJeXfR|>w+_XlYPN*7m^g^cnZ2tFY899fdrL6~4IrfR^fPcu4w`Sv#k
z(P@SAYusX`SRDGr-Ou`S=kJ$h$mS>uxX$oT^;yf7euK{srBTSCy%o*l&OOMN$D=vl
z<Vwtf-LA!KtQCuQ*a63C`SZ&#bxRW$EHX6%3wR`3Ui;eXHSfVh)^DM}g<@dgXU9-+
zHgpt@V+9t61QQ?`NXZ+aQfd=X)xIKxq0>KuX7YvqH^bx6@g=&Bn(n5|D<cKYWZ~aw
zVhhN$T%aR_<^sczMHvPaZj=GZ|CL*Qn=J+8fJp70&HRW(eO{io6D5ikKSA$FPm{Mh
zGJuS=EY?4NdzZKT>btrGv%?Eh(-4;8?_{o7tUIJHNE@@peVxA{JEcFjx}uNQT-a*p
z*>bB}ADT36%(=?xoXq~`J6lb4!62Dk*5eG5^`4c?*QjQ>LO&`n75_)@Dez4X?U=5|
z@Uci6u9Xq|SXb95(Yfr^`yhcoZukr}0}&AhyVyv=@7aqBATn}0@Z%5szRr1eNK7K*
zkISJ=@tw&kja^CWBN*5dSp>S>kt^La`Je+aBDz0*&PI9K??uN2iI>}7PB*_GoSxnX
z8Qm1(1pcJtr%((aQc_w9Q*+dUGT#GM5)_?bAbYVr#S!BDLtXM3t{fX|1d*%gU9S0p
z$1su7otiqf`QmQTu<2hR^22*`UBVtGYZvIlX4#s5Wi8)t0j{jlM>jD=;oc|$%A{88
z`0;PnXZYrm_tt~sgmu=6o=JFU)$ff|lEv0<RbN6C*lGDmA1|d+t<KmVCu*fwE}%Ub
z0IEy4MTW=WdSHMZDWpz{$bt4DWnK7;>n7nxbYyWsQ7ME`O>?2@%X&Tl<KKY&49$H8
z55(U=YLKLMz&LL{4-XGRWJKZ;wE&$%VjN7)(<4#bujaJ;q+PvuKU?zysz@L3F582S
zU(f{MOc)tw*k0^%6`{Z9{1swNaA^9<cz90_o^>}J@MUwM!ruwCXjjQF@_Wk(QnRz8
zshde>b!-M>SS~I&YGseO#l_%fpb0OvsIR;Nd9OH{B6NT=Pg(-OmubVVNbx|@eS7$9
zvV>PEn!e;OYfvd*k1pr8@_u!F`E=!hGvAnu_td!b(#?Gg-eH`<#=Cm9tU(Rt-S*x!
zP$$q9AY4QyzmH>vvH{_YPRX0({v7;OvVNv?fJD*oCGj1bd2h}6E}VuTd;+Q)z2a}B
z*iYxz<d{^Ng$pP#<v7BnG7c*VaXSKuO@5^vE;!-RkG48~QQkSfm>3d+>r;glsQYO2
zH0y|PlTs8gF^bX+plR?Whh@eUX$DCrvIMAJvae=$um>tNoHMaqEQpBc!DYS`TynuA
zE1vD2KB_+eFNn8?V~~h&gXDtgix1iC?5B-Re?FXOejrRKCW+j%`sx}P#AcXq$N5H^
z(@5#ZpE<mnZr9icpjy82y3d|QpY7%a?evN^qZFWaz*S{>YNi7y1lN$pV~GUCu>iNN
z_m4S;Q5=f~+?s1fM19EnjK;r`xjD;|ZpP10sxgnyWI0Zcz-YlJaxs~p98jn2KUi=o
zPM;`W=G7iAvcd`$8Pa$O&xx*52vIAMC@sQW4GM9c)D*EXbXj@%=!=DD3~$3S$#S}H
z8z@TUF7^l-79Rr<)NB7Nuxc2U`73=WtE7z9qHMA>!z~$gua)IN`o%?RX@y<R1b$9f
zI!dCIBaQ{#N&6y`S!tG+A%mN%6M5_Hxp%+-0~;tBm*ti@n?<>({V__(6Yr$Rr;CN2
zzC!2&q*{lXMySy7c_Ckota}PsR#A`2<YpokrTDZM0p6axobv6}y&~B(c5HT!o@}al
zkl2l7FSm<mzJ_SFV#tE+wVY16I2-j~Q;*s*KOUA6mZ<M-Kf3i`>(PW>GIMVQwIo4K
zXcur2AkLs<S4>xanl;kP{#r7vN(y56Fj=%&pB869Dv)(4OCj^I%O#NDkNjBGx&bX>
z`XF9E(o-j?>rq5Kn#(9gED;&YI8su|JI6ni&q`})S*UVbI?E+Ilvu;$yU7Agfv<+_
zwMZvd|J6#AYyhgS?m1UCpNm<V)q-of^m&w!UlCv^=9jr~eISwL92K3q@56hh0+wKh
zUeV&@>y(U%*hlb*#7++0sd!UY0&V!ZVX9?8V5CUb>CrW%(2;cH_Vb^Ab3#H2+Njiz
zu^W0~1jS--k7V8}<|^ZA-&-AWfNYsQaoI18&e7BU5!%*5)RR%t<6PI+3xVTv#;cK@
zf{TRbJBbo&lS3i3*!i&Tmeflu`YU+v=q<*HqK3EKKn4J6!uT7e(n0{O4YWhx`2rnl
z#!KBPh$s#FIp9sZJUa~@1vqC??xxseuA<PhYXa8b5iVay8wP+ux47h~2j>?Mm+Sz6
z)gLJM+MYTK4tFp6IP4w%osnd;IAq)m`sAQT0JAP$7tJ(7t7hptc{)&w9hO2_Z2#-w
zgS_ZWY29+<lxQ<auN^@rdHDryKnhn!%qDo%wd@W?FLs?t;5}F{xu{T-{M7V-v7UYc
zVS#<b&`B<`tMs&c$W(*@u<X;h&&dCk-G%(D9RCB25yp|iZKAIjr{CJ!S!`uD-l+&;
zy`fvkrzdLenY(U$UnSwkRNMp$YhUzc>h%;=;_}8=$^NW%3Ib7BlANp2LxwlF(4W|&
zWV%M7^XCBsuH>Vg8g)H;#lv32yk-!FV(Sqo$#}_hI+d+}KYtSFyYXFb2)I`pcBQ9`
z%bfj6LyZrEk4B<+32tG_D76{5g)y5O0?f=m{=N*6m-;yP@D>cNe^_kLd=_a+Doa68
z1jCTXZHtlQ;l@V`ZfT-10if!z){Kvq*#}+8hX=o05w#3fI|2t#0q_%M``nt|`JNNG
zw|!sQo%9-eK)$_Jw!#P;CXnQiVkT36=PSl1h{$VmENVEER>oqGxJY;Q<n#ZBu{VLH
zdi}!3&oK`N$2`wN=6Oy!<}ouNWU44hrVw$=V}?$ss~q!~DX9!0GbMzS$`FMJrBbH<
zKGpqpf4}wruk~+r@48p5Gko6n-S6Jdex7G*jO;de%<7!({)M$`&~424O_fgJRUfVR
zc+8o<1E~#p=bl}g72UeD+gXBcOP2(=VDD;~;&5FpG8J`vIegcIo=zGF*o<_CW#pZQ
zA_n?7!fA~MY**bE+Va|A>RwR`S=3>Cf#vSNJhY^Ns8rhrEvyWeETJWO+Qh`vR3}&p
zP~p!i13)zVQ|Pq6w3KIi@h8JWA7bfz1&+IYKXggksKjc_nlDLUNBC>p97LDEuVnq`
zejQxziJVU}?MH=#NK7iatkVp;DNPri&O9>5-mWHVfm+0vJ0Zh5lU@F#074Zh5qOCV
zrmJC12Kr`W>Q&QRmd@{Hy1Cmxsb)m`vO-!C!8JmXpunx1B4_}f1ANsBXL4tC^yRE&
zJG=76^}O#`=oeEy#y+?e&gQWx)nqSU<p&7c?!Zrw@}Yz$-6}e&=gu@7Zpmir2?Ux{
zAoR&lSd3<Oer|Pb4MLrdnmC9#(IV>%QwQ@>OumCM%I#$$51uSfE_u0YpnqZ|8UO_6
zT#u#j424C;tn-Rkl-T665T1vM0JB>Sd%93~I9K#@y^%y85}NAo3EssN^V^W1Iup)B
zM4lm^l{saYftE4{356Hbv{QPghn*N>bsseY^mmczW=BS7x8G$6q+hMLYVuV40N9mJ
z8Lys{Lhc%|KKTHn$KzGeDk~h(u9^YwQM4#3ss>*JEa<lgB!%nI93%{rMrcceC-{e=
z$jmPFte|A}c!izZC%Ske0Nc0JP{<Bl1uiAo{0X5juEdg!7lo(O40)OKk-8qWzBG_;
zIhR}T2kIbW<$EXuK5wGhZ2EtsFo{JoxpU3~7W#2og@oQ!m;R^hXuta6PB-0gd-6iE
zXg?;6iw`t++?f=jb%_wuqX{<(yDyl^oy#`t4Hh7GKu-y$$5&svQNa@ETJ~5f_Ze+h
z<13{q^ygZ%Hn{ekW}X&KwP+GN&8xMFdNqgKJ@u&7;PuKokzlgGNvT7au4kG%sT&<_
zvYq!sqJmMQlIW@@N=*vMr-qs8f)fSmPqkp&#>rF-S_I7E=|qMSM(_n`0m@w4_@gVM
zq%_Qu?mzHkU(N+x+b_pTGP$;$n-kr?*q|*JH-0FNrCKm6v*tpJ{R@uhu6q|exL<F`
zqHY);rrw6=BEJ$WLrQX#*lnoVdj&Z})AWS&u+Sj7V?*}@&dn12!{5xthKauqvy7iU
z!`JuNfm3h?kskH}hPcZC6t|?$Euxw*JMeDjqW(7)W$E2iio-+mC_g?K)@a`A_{M+I
zU2dvod%Jr-?|&Q3=vp!%erBG$+bslxnMJ^Xx5!gqr6T6~O%%9I9`c>b#lF>ds$%NF
z)V*>Gt9D+#kQ&$V&mDn>RaJ{=9Jf!Od_XsKgwNz&f(BK$vCrrnh&Hv4i_y3aeX0mh
zNK=0h@Zh*~Cw+$W*wNvaTwDBjJw>8QaU{C9_yICMk4Y=Fuo3sb=)U&IJ0&*%Zq~FB
zXjwu-dFs7cU=p2c;?tvU?$<4o6DcI#m?^BCMN%}7M75I2Ps}}OiM6^pA{~IRDsDYL
zH<~XM9oR*r8$*|Q>cUmS<M>R;hqyp9GyE+Ub|Q2Cb{z7`&*$1bP1GBQHt$N`vvVa9
z&O^pqINm~v8=+AZBNAr{5rrj5=^K$+1J`xSJ@F0lox``*CIkhRtYj(+lg3PVDyAFr
zy$oo$MBNoL<x$^X7!V^p`0+!IG_C?B%T_72UD{mT&znij2cK;Xs-f*KSSQ?FA(DDh
zD!NEw%y}*PAdWOx%k?_F%DI%!_KAxU-t%<vDP)ELk+OrYs1>b6Yrj?vu|_soO>2Mb
zX|{BHnPCwq2e;lmfD7gl=><J&Pg6Y%oa?o@CM^<(ycnhb6Cn;ACIWBP@Lg!*qqy9x
zjgDBTQ*uNtAG<Wz*PT^7myzVsK*FRSVC3m+t)(MHt~ie2SVWS!Qwyh`#qtl9n<de)
z`*KUa-&Y=7^DE^}w72rwN<Tv4aDJ40gvdvRm>*M)>ua+j9?^4tA{PlY2=J;u!R0a$
z$A@=WCN7S_w1_VW9=GSqVX=uOdnk&CTo#MZej-j>e&XpK@*rx>Z&KdC+*n9n$x#zJ
zP@Hwb#x>#EdPRuzO6$()vrH8JH%i&ME;neW#a>hCRg4fojF0xkm%my=y-L0=kq_ch
zPz9|(*=1eSzYmt9U+zBBtOD=5c4wlZ459$>a?dwC;ab&7H3$n;Z}oBa^Ep}mv~5VO
z9Aeo|8<^o@8@Au-tPdouw5vmA8<7RDXLsc~HC;RRT??c~{hY=#UDDG@0e28c`I6N(
z7v`n0$ti6=7fmkPZSWa)ByK1FOJHyUF~-*Nl{AOg+R>;KHqCjy0?+ge%en5_M(h`1
zo!PF70pL{%E!gVgwLE4~N7G~r8be!*LmVGwIK*d&C1l<}6TfnsKXOOgRM4}*W{`LV
zbq1en@37!nS9o>8t}xNal24FgT)>`&pDg<>2iBI-SPo}0L9wdDQp9E^!()9*zgrG%
z7>N&7d?C7RVoPaDI(y#7oPC26FQk_Gb?<v9x&zs?qD?+ENa+{Fz!@5=;F%iDd~>A7
zUJMap<4dVxymT>hg4|fl)s~s&RHfcIt;1bz+Mmi;JPRnR%XMVp#43ox#Mp^4M4N1w
z^87iR-AxXsu{4$wksB*^uVs@JG%CFARU_HP8a!}lPkMM~NFg@Ek?$ILu~3^VRzb&;
z6?I-&S`#OUHr7CNTSO7-*d!F#ln9)%KoK!bk{A`5;#oO*#|qg>7h!yaF40(h7|h0i
ze!>CpiC6P0JM-!*b&8_u?MxbZ?log=^hg%LL}#{?Q~Dz&Em~7uy%{zE+#zE*4zXyL
z$M#HjwY{-Cz8s_hfgMtl#Ip5TdM#we>T69yM4B6o`?&kqU47DFdm)nvX7orR<tt;V
zu0<=Xi(Eqby*K%H!sdua1}iJSMecvehm32a)|YZSKWomfl%(8Pa40$WEnl-b{n9;t
zgCyTDn_CRWfRAr6)qEV+n1blAILC4wZG5<7SB3~lbORA$I=ZUDSut|%5H(TAV`Lc5
z-n}dZ<d$75nU%anwJ7^_W8_Xb6+g*|Bm^plsfx^wxVZe5Wfm<~oFhe5<mx?kE-t4B
zesewTd-+W$-82G&4!niHz7LI|D-j{Gs1N!`b(*T6lGs7$_=!DsVUEaSOL3BX;W1oR
zL}Gjk_QtOhkN#V3Dsw3duW79AwswXFY$_Kla1EdCL1w8R5+00-+I|>qIYj&%W)o(R
z`Kd0Di2708o8749jUiI^nJ#+gf#l3Io@!8PL#Q|*f<|pMP9bJJpJi7nD9-MZm%Fm9
zJ-FW7ilVt)B7Iyw!@$c`Pfu#!<#eKBw}lu<5bdWan1;Rrr6aVj8i0MUKnBDc;hqT@
zb-4_o&Y58E6rvC#DTZTu`W2(pks^uNv_w`2X2r(0h$lo+R2-eBS1}F=x+nNZ-@9v*
zMzBfeBUXNzb<R*7pbRi7TbbC;xrhLJ<V)=V`ycFKD-3-_<E63jRBeX1E^D?QeB6o_
zMI<X>-HMc16vhu<oD`0<&ylAx#$$s^yIJI`$kx@Av<2ng&TpK-TV2AhzL4(=KbB1@
zg-g_NBXeinGF~0kZ8Nl?_HiR+?|vdvq?paGDB$=+4<YeXbq&Q-zbk^#H=^#glW;gB
zFIPaSq+8A4`XD~>Jf{BuGmPXIMh_)WRj-;ZQ>Ch3E)<Dw{>n4R$8@UrcGw*zvN14s
zd<#H-8k?LulxWbSxMNWeeZ@CvAR6IHOFYLXLKHMrSoT=Q*`km$!{egJ8t9Y3XZcoJ
zX=lA8)#kz`aO}W<{wWA!0nkZTG-e4(Vu_4;#X)*TsZuwu_9&^Tx;26(jS3N^GGaaK
zCTS`<L5h#XyfB}<5ItVEThF=}sw=0vGgKmdN(d*fuFi40K`&g0$Uem@M;>>RsaaR%
z7_eYAfhOS%>ZV4Wc&27A1Ei$84OI>XQ&aH+rnnS57Twjkl?4a?l-Kwxq+fiL!8Enc
zlp(ooHDBVIALejo#e@*Y0O_NBT)k{#IuV)ndl{PsuRi`jhl?m(uH8H4h`TY^c_VI3
z+;~C#BW;PHlgy;Vrc6)9k`3;Gf?EoBF3{No1?vkstX#U^H5|~Qz_sBnn5$Q7@~{ty
zibrdZF^;pG7`kDwl|aW(LWY05Gpgx`p<|@kdW_zib9+69J&k<!&OWZ>w~<8CMq~ie
zMF&c*w+lP%VI+HjDDbP=0}h`UvA~vE%>Rx8B;YnjWgq_t0O(yJ!hUhbh)bFL6r;LC
z!?o?Ej6UM?#=jXwh{zHz?BOYWv65!*uZs!`bZ0vq@>&Zvk4LFj5P4khTFR|y9$rc<
z%rsc3v(iUmIY_q^k{5!Zq6QHeUnY!IJ_&u9zBJBDufIR<-`2vR`uP2#TtYK(Sd0TQ
z$dNCm%*V2&-Eyli^|T3|^o<X7o2LxQjjwdHX4R&G-iQ9sUZ!3g7nxX~T<jC$hHjeS
zynn8XA!|h%Wk)o29P6m}Rj%x)Q+8a_SG&<XZjs|?b3eluGpyxaxq!wH>vZ2Z!#i>#
zIE@IkbqFJE;ryD9CGFI(y;nDKpUwTe0lBe8((vF<l4CVtTB$SX!4>XtrCHLldBW$D
z<ghGnh!CQo<4%TXi#)_V;{H0)DQUjj_8)4an1vpW=pelMta@UgSy+?`1tXQvJsqDI
zBq_d3&l54+xIrNt=1!kxlfmGpyj(aczcAWtBR(3p-#Gn}-h4$-z)V8oR1_WRC>V6)
z%6S0K=oVN(17``^XV;D$YeOY)GR)~GIe)vUZ%iZ}#WIwg?1*rTi;ZmrCv8>Lsgu$j
zX9vNS;ye5UD9*P_xLssg9{wfv&OPpSH`YmSs`3tFXUy5EVYHe-2a8&Ql{y9Le)@=q
z*svB!iBdxHsgLbK1?~B&cg{_Cmq{;=kG{UzfQe-Wm$W93UHYxqQg<VcC>5}{_uOP)
zw{z8W4c3h^#spC-^O_)XodRRho$c!4Fxqou<cj7uKF^47V|t5L7wP3y6ZM^`)K+dr
zT#RDYLBwO82`UCpU}AKGHVtLcSF}mmqIu*dC*3FlB0nS&=eY@dERG+ymg(vt;o#Fe
z%lZ`RT!Ljh7%fb<7v0~kJ@{D*MiroAJ~m`ry|q5!E|An{&Cf7vE?6>-@V|MG66G=;
zL&xls$$=P*vZ#%@m_Y8&_gsr<&gxfZ1)MNk7TV|PCU`YM{A$)CCtX^CrNpGyBlawc
z@U1VXy>3ge-TSRr_l~MbxboE%(ydj7i;oVhjLtY8SkD*f9A*IV>$h?cc%=|GR_v9w
zMN#<F8Jw3GeeZ!HF*Y18EWXM@n_?WxH@ixELR^#K+JlwwS}WZCckWr}cTAZSWzocU
z#j5L+<F7MQbvwPrWn0|$rZcS`_VRj8EE!D}CM+v}ko|s!bW2psuWl`>7qDPs_S{4|
zMH|<vULUPO$27$Ythh0zCYAQ%Xr}^w<9G~Z_?}oYzhk(~=YCP6PU%$JYGMbZmx0cX
z=;ES_stL>MT-FKi;^Us<{6)08U&+ye91_)GhV{<}MQx)PlvOdPau3zl#SFsLu7w>V
zB}tRw7Q6NyCH&WMn)!W8SwH-uaw)S^<#H_1i3Jak9CzYZvMA_Bs$Q~6aJZQX&eA8c
z(Kp;meouRQUf-LOeHg<doN0g|HKbZ`;B~bBx=|^9lPK+a{n;EwNpjQPgs{e|V|_7p
z2TU|qIBEG}q8N^Oa&YAu>oS_jci$w=)g8J)m41^5NlP)NYu$(T?4+S>#H1hB%g@af
zRT@!KR%S6C*H?_@o3$LAHC3Z(@~=fe5#oKHRlq-o%Z$`6*wA=mZ+%*LvrJby+(O^1
zPG?qRbiULGn_K@GQSw!z?!{Sq-NPvMX!)q*TtrgTT}M2VN`E==xE(cDajIg@$6~TN
z1#Q8t>~>O;&$1cyvSqP6@r7mGmlNZ&ntkykj;nqYY>VsWk@ze{+<sFgKheqnSn+)q
zuhSt}qBkI24#_fDffQGm!j)cQLL#0)E2S7CsY${d-gtPxJ9PrHaS(pgHGwu!hlB@j
z1Ic2BA$zVYwQQ`yb1CEb*zZKl8s0ke@nZ%-p<`w@?jXb}EH-QHi?;gFX^)9TdC^<y
zh<CJf3r45GdGr^#>NaEDm%Cke*EX7=mt<&Rfv#n9QU7*Co0T)i1&!<+{^rzKzKC58
z_VY6&4vg|VG3z<BnND2h-v~ls0#HJ($DJB99PR|tMF#GvIG5rJ53D-xuaO{{j##p7
z^5lL}>_UC%2)yjtd_?vQ58ADrI^OxFTYL$-z7*Y)#!%PpV)po3<fYS)Qeo-WvCCIH
z*@Ai4R6<?jkI1oI(vVMO=V6oM$@Qf(y-)s1<>g(3uiFWxC$e<#JGGgof7&J24gP|6
zyxRxtvY7(mr;a>qU*HgW$HU7Je){dtyU+8o>!*^ptJLtYriKt+t~a%eR`4zH^INCc
zzHogaekVfbr_>fJ+G&)ixyLEpU~Roa<0w;k*UG{)sMtDz$DRmrL<$!co9eRKpqLlK
zZ^1osDwHVSK`i(O8>jq3y^Dqw23VH(a}*=|)5afs(uOOiEt`(BKHVR~`g$YV{H(dB
z4i2;3=|;Y1JGDjxcRJz@zOmV|{`(M-$DK45l$LNLr}aw{?_+gOuum-2=UUDyUs}Y;
z;za5S-Py+&&?`ZHbr!A?8;SYQ9tOGS$9CW2CRCXxF$~j9W}dH96JneN(c3chhsY0d
zze~M5aJUp!{NiN5D0qZz_{UJtQNR;k{)Ta`=D@Rvw+6y^UEmDNbGGlPI1#mJoQ*&}
z|7kJeXWU)y^M>ZdI^pU4exUHAelO2OgPU$sCG4l|Z@Lj6i_8D7Yv&!${;k{f^=7~9
zN|<YR$ggGpp3onD_{<<nseugY9=X0VVe#O%>GuHQqHOYB4LZ|HH{IaxPKEy7C9vA5
z+XnIU@8A;zI31BD>?8P5wmG+cD|zYRr?T(WUX%A8<C#4hmSkj>5W8sIGAHmsmy7wj
zpV`(P7mx6VHqUnRf)alGi??49WFkNIl23_;*v8T6?7m!ipTe?ULbuZC&`c>Cds|;@
zwzeSdC@*cz)O;-u@z?$zJK5`(ZQszm*<EWtUylM|h37|90qez)Y28~?QDoO$1uV+w
zZ!O9(*~MkKsE&N(JdY68i3$>%9X$x{h}M@gC~rT35qIxL)6n?roxui=<AwQ9nK4}#
zEFOrfCe1~Lc9AmWqmbw+Y4NZ|DRbnj6LpWJ(SfcJFBf%M?CuACJ8mCx^Od@)2I+RT
zE8_RQUl}t#PR%@N>FE0)YI%Ea#2ywY<K!%-bUyEGBw;VZ<BR|M?0!90yI+UwbndUU
z+k4$XIK)@nVWJ~@{2RuYUyoMdNgW){%Y*~>e;(6xRM#-!JQ9x1Q8~itBCIK4F;A-h
zdsG5(W6K$g)9~aQym`o5Pdqvx<_Dr___Nb7l#dRQqKm|(9$n7G9lfQ0!p4?5eW}ZS
zF`@BwYpBBL_sgMvjEoI^LNf<8I<+++^AQJk4uyMJQqhErpIm)R{_rd=zOgGUSV?<%
zorLFnG?h+oq3o8i6F=UW*?5RB&mr&es9id`NC=}73xq;{aQFJz9#)Xa(LhU^@v@q2
zIk12ZFoi)Yrl{*7+K7_GWm41&nWIrS_OCsNHME3W6q|3OAgx{FJ5R^zeFVpjD2<q{
zmU*!?wj&=EkKQIBi}K>)l5F&2IvRV5<HCbP`@*a0Ysos6V|oi^=upkVaBbIP-foW9
zLu^vA<5^g#v!xwJ6ehI&K0clkCg$fx|2{6w_DUEj8++?d@e+47e$26VB!2G*EMxz(
zB!8Z+itO3nC+g4oJ)?p6mHX)snc(|Ow<!pL5c>!r)C3mG;BS!ob0+tGJLLQdkKbWc
zubs|yGe<#`E8QuHk$X0$DeL<=Du$y?o!j62^3BMSM2pW8;FSUXEA>!M0Z|#ei6+2R
zZma$5QhVx11fzdN(d`RPgC3QP_=woD73C67zO7VS5ixuDiR+Yye(vYH_bX;+&1q&G
z1kDOvoakXB7Sj?xg-FY=<ga-2b((jxLKq+h2rDo$juKq+NQ<p}z@_J8_+}44UBErM
zS47F>Dq%~yECy;*;V1h)F&ApbHi$hd1z!w{Y&G4|ufPq8vY+D#PcIkZFrHOdj0|za
z3%Qh-q@zh<!?<Bpelp!4$@P6uSXfwIB^=k!Y8h6nP1)vH?sdvCIf=%V$m%)-z@Enp
zb(hXB^%h0SV2<Ejo-gQB8jvTja>oW@{ykEUEvcF9Chs-_P6fag;TC|K<o6#E){k&x
zuEURD@4x?j5MZg`jODYX=E6dJ|9u{wqZA~c%67q_f;$WXQx{x3zgI)BtL}f-9xRC|
z9LGPanM2#Fk+9S8V1StR?AA(Pf6`jT8^4ROI!i!=p=K7}0zJMRXfT0Y25r)x0PBG1
zRA+^yT0z?+cDrW%eUC^&9twz^W<|cGK1E}%gk~bo^NVpv*yZ{?|6bL&Qj*D!?(XfS
z1waODrqCIVf}7cNfy<T$MbT5q?QLX*q#`37G+`X{LL<^58AftE;8$o5S2+j(%QG#@
z4O&)!sb`oY{RZe0>@`DTsK)Hi6d8uB;ss>H^l7j9=jqQ^n4ItTylRUuUY0S`@iuc#
zqli}XsgNbHaAQ&&@1bfE`1V1B#*N|zlU)m!p<oahS*$259R;Ux59hg+P8BDd#j9SM
zAkOJW_9hS4C*NJ`g|d9gURJjWal#;NX~`=>eb6}bvEt8il+_V+)z&3Lhb!3MS3`M<
zE%CT^Tux@oT$s)F?iUimz0nNI@Z^61OCHtoC#?N9jzI##`)ieUD!LLQArSsqsc=qL
zsx7bbb-K(@H$sX6>z(~;C;T~ea7_`S>yaR~&0jCaXzP8o>I`Yc_bs<>cum4P|2}5@
z#mCEZ%zVs$<h%#2mo@mRfqnr@)z(2@3I-52!Nw4##R5B~V#eXco#aHRK(Qi4rOo>X
zk#_jZJ{$IG-=gx6ulI4}bUeG@F#??S0)xvJJ!-uXF3}H96)H$a^&Z6c+o8qX)f}oV
zcrHUf#~)shsc;6NVhgQ4uv1WjffXknrMK@QRqQ+alF^NA+bYRp8oTSncVFbQG?}2p
z?%1(}AV@t~E#j8Jl#q&=`b3>8Qb850bii5W>N;5MbSM;#bF*(D`8mkRsqdWA<15I`
zZnqNZW$QtU7pJXyEHpP!8&4)qX_E4Vfhi=gvahD3T+4cOr13tmk%~czr=_Lk$hTCj
zmm~jKr8q3mFJx59kUaKR8itp)qp^Tvm%Ss=V-WZ3s5zPttN!nE^C#AQ|4(p(6l4eD
zA>sU~r*1=Z?ESOc_mTTo&rw*0{r_3Jm>JIF&#1;Wmb?Cq#9a}tuNRP=Mzv-Mc~iGP
z)37!S=Ey)}U*|Giv?kPUL!i|KIAt_B8;Fr_;PL|3OqQ$BgLGovtylKc&p2F7l#`PK
z0zKcgtxdy+s)CFn3FAsPo_aGfGS0=PfxzVm$h}{C=?ZkI_)Kkp@URi)rRx3!PN_fj
zR@7VQ{yVh<A1hqn*0d-jI&nE62&mlK+aX?}YX{hVOj2pIZ@=Cdwky!m2h6q^XjRVg
zvDlxl1^M~iAglrv@RpoM{F9>~jZ;@x0YF$ZRrM)TUO^w)Ax&f(sq&a+5F9#JI;!(u
zySqZ0%b8#y@uAU!s5{Zn%q*T^`DcuUv$kbHY`kH|H6tUVZ>N#{bWPDtv_D}tEkmae
z<ZFbDTV*Gu@e-KOAiobtG$1#jn~p+bV`Abaui7E&b9!gy+)KQI2wFI3H9NtM8Z}`}
zF~kK|g^sx%t4G6#<!*s_`a437-~0Lb`B(kD%JrXg7uryF-l0y&LH&)%?h}Z67IS;^
zz7KeqH4ikj{=NME7f9hQ{6GeU1K8L8C%nQ>AtLAezWbj1PHrG`nc<E9bh6Xp&msLC
z(IE+fKY>el$~uAm;P(c5HWOPKJ^C5K!k_#3*RH@`wfcQ)syHPc1`-Rw!c^r#jbeJ%
zcq2^3gSnIEwY48R^D19>`x-b|fVJ!b#~(E6GxyH1;=F(_NSI${1_K7c)d_g#V)k{e
zz$t+7gFGxOlK}BTd}o$+3IS2)=;-LcqoW}}#(EEIDTwwk(@|~vc%_Xutno%!PK-!*
zZR=-aU|ys!OH9HtfRh{!s<nQ+R*a!F!~r;m*G5JxP7T!+>e|Lz>+9)tJ_N9HDFX)F
zz$<=wd6%3BRjiAJ<@+#ro%;Gn0B{xwb~(_6GKv~#KIICS+Fh`r0}B_B?r(j3L3au$
z*s4FXCXQFxod<t3Ah?0bRx@0d>kYy06`ltQ%RD?suQigd8NpEm#1|M?EJpVD*i7B(
zo0j_^J~r$`v)5F#0-Ozm5pkPx3z#7a9k@BG<y6be%uMiZt%B_fepG(@ux~*WZ@^mT
z7Nt7~w~#EUsQ`xnNBjaCz(+k3rVh~I*d#+0#6FZsB<kpU);Sl6&viRj==o3B1`X>+
z!*pZc_16y-!nVBZ0^!gC=fS+iPTFEbla#;^SF(pO;w3eX4!E({^T~HkgZJS0%d@hK
z_pGHz?n`sI$QQ4E{XZ_3p1(@SUF_`P7o<^tw}N46YO17Fu^~J!4|jJjBU4k*1dS4O
z`Cvm3#>l{sEpyTZbVNWcgjuqFFiNU9&uXw4SQ;vCLt+Ty4PgGt9mu^1<V(2Tf!+8P
zb`RYAIg$>afq&TtJX?N|={z`eFfb9geh@&$p&gbH`smB>VT!_>#)lAMH3;MlQBhF=
z0U{Hy%9{e53pOC0cnqAY2wf1{D!Vy}2xYxEhB7H2AOl6H%DQYgmXh(+{R;;KB_9@U
zr1@2<V-TP$Q@??mY2fNqW(`<d!nY~>DbWMUy@Eq_scdpYwg3s91dBCbX%evAB`zMG
z+n{y{GkT$BdabvJEn!Y0^fTC4NB}7$iCNr+;1of}tC^RVmwE^i3y`z;q?TMglRF3$
zfq9mGFM^p^nmtVw7+wJXd^Q6%0Vz4T2cM&x61(ba2*2rv23QOqLuAw-cmUE&{X_Id
z4B{m@2bT*t0|3VcUVRt**u3O}SM5oR5+FW*{2tHO%Ri_XuEE9ii8>fz+%gExHRi=f
zphUX2L|p;1Nb2Xok0yuUd}7&{I1ShG8fIS2*6;+!5dj<KNDMKWO7~e!$-R!E;*XhM
zr$JmZpFjTfHk~5TXr1^FPAn#D+|o!#biyQ=Hj+lmNHLQ)ilPxeUap>@7FFLoN!~Dg
z=WqgaMkkrO?uQ@f$uP6rd&F1j%zuovB#gPSTls>i6k|mA8lC$;*pZp__>UKR+Eo+z
z=U@L%C(@-re5N64#4`CE$1?k&rn2BJVLOm@z;@mNO_mYqIfx2iy#W?6Tc6$>78g%`
z3wr~`d&c$V=H}uWKOgKIfc26KcsK%uD#I4s%+^54cILsAhCO&>fo-sPKsvin-T&|+
zoF*V}f1Iip>{}ce8G+Mx?R-}7SdWpqygZl-XU{}@zokhv4VJG!5|5|lu6(XQ{t5hN
zuZvm|iS!r735s&SLAK4gm{$;F+831S41Pj+7e$_cP4{hy<I*<5TF!S*AN%dHd8ge-
z*Jv*z90J)zrS~wqd9Ez~%Dj`=O=D>)#>OzPusCFz+u^+rvp=Bs{uX9?nulEocm*F>
zAy#@-fb#|SOPH-TaD(8t2mu5JRf}4lco=4ANWlPFGd*tlV#W}LgYV1F4}qp_Ym63O
zyG)!!GT#7M3DcWJIb%BsGq#i)$$8Kq1!(*sbdZ|oR>02>Ec{f!q{?dq53LONFI)}q
zlz|<N4qzi9AGE=4vAr9dD?w)J8+BMTDD4e#O5<_4aRdHd5Nhr1?I9WX`E6~;*iDY1
z*AH$7k`zLJNpcsAMj-PRNaUCFE5zB7rTNCeA-)T4LQ(>%UAo%dZr{PSbO?9_U+;;G
z++tD%<75a41D6M`yqvVZ)R-6_;SH4Ltp=Nc<jCzg@^9*|UQ(ImYd(E-X5IPT+3S1u
zS=efsG1qLNLOJ9SOJe!>yWXzRj}GYxH)-LtB<?72T)TG7p=@l1uo;ov1(Ql6q@Uob
z39+s-D=I1qZESNKa(vjm0WBK)W5B&^Xj3jmGGm6;o9B$b=CXJtvK7Ys>ihT+eubQ#
zHDy7o8!x{eNLmw{@zc}O1Cv5|NLk=%f(76<XquhjN&|n@EiD?W&OEh%u?Fy(S%Etq
z;v-DHB#cy4`|SUKFz~d@B|-<wpO*!@%Q;avx@!}h1CB#v{!9=jvWnXzb}4=^+8OAA
zOA|y+Dq#0LJQBz(YJrD2mn*`VHQ<E^l|P88_}{&51y&~9!G!I<I<8K0$&KPl*JZ!b
zlstIUSApVDpgDRL28K;`<~5I<Zma}pRo;MirWG6xxZSpSy}*C|3($9A`fn1!`gg+!
z0?U>jnI~7N<vZA)j%{H<US6WU4xm5*CtQePFsOSIJ{ZWxJ>VAp=@ZK@)Uoq@T?PuL
zc))_AqXS1vNgjX!Zli~0HNoQ6oAcBLo89a*xK|~srwP49Q%{vAZ@IDfnE<zvAe;nt
zr+gB@f$<BBXo35n4H|cW1>xXOjSG@pxOj?#R^|xqBZDkXvYvd#Ppq6NU$PC#b%^`1
z+n}j&hvdQDps}x~hyDp{I!VGHJED(U1pDoNSRkWyu<iiwiN@1UIW`Nx^_OCr`Xke_
zqdXrZj&Ke(&h*s3w%39r&(eR8C|@n0^ihQ_RVVnjUjabF+0%0YNHPSq`e(w$x)K4l
z(#><piHYT4ZAwhvhvBKeb)A$~SyWk?sp;X73QZ4(%GEqc6}uy8P&#5tV2?Lw)uSMn
zm2i)e>LBb!s_J8yIIlyizbEe<k~+J0j;ij$Sr;obdYV8%HZEQu?UT23J@JcV0_Y~#
z;T@$?y+#_#U^sZjzf131E_Ae@1tPcwHkJ^|U{Ae)sG+vw-%CwPOE5%w1XHmI(@&x7
z0`!4@QBZJ^VrU8kCK&=*aoQDMq#Zt<t8HsK_d=Qn`N1RWNN!(mFRWGW)-#bpbxc-3
zmM|Q(TR-6?Zo=z>cSiCASY*vyUT=e)oDCNez#0qna2@kM%Y*UlJ{QNOX7VllvU-Dl
zK9u$>=m3rISJ2rJys4ogh{6+cfD=vQrx?$=DwVy2Pu2MabQk3}AwYxY5!?KM?#ux-
zfs+Gr&uIO4F7-e|Z&}ATn|qZ<d^R!Qj@EzqA_b*_qb0#se+!b&Ud!@5@ajNutJ}Ol
zZb0E6bp>AqS3Lwroon#<G8Br<^LdUXvq%|-rIu_!{?6J~M@31=pU`(G7h}xJ&7GDd
zPlBh*+Z6KuN9kOATCTbLvp^86A`<Wckm(a-)C^`TS7#`s$TVwAyXHy^Iyh@UHYDY8
z9n(oHCpCBjCNsfkP3Jolc4+z<^=dxXAFXh+!0{0%c6bl`Dv#sX)V)}Y@V;>7q654n
zbl%RT-Thho46@e#Lf8;hyxTy1wueEefkldt8)W%4T#SzbKT{Y=zsEVv%JCRmg7wNK
zGl7j4fZAQSW<Djy21d)t@V~IJL*erJS?UA0Ms*7~CAq2|Cfi|<;GnBJrZoxjEq$<>
zgFpNV8w1AMfFJTlV5{<AgkQnj`yS;ULB5!HHq!Ezpbr~Qv_ih{)L&qHTP)cHZcpG{
zUk`azSbc-pz1N5;K`7IIO5QZkuV59e+}i{X0v?XP&SZ1^oi`-;RLe(A20}A`L7-#H
z-ymoaY6AGqxOia^5g^SrK|-Bp9SY=5f)uRZ3_@iX+=`$|$g<5s%4f%3)A)Aph08yX
z5Zz3fgO5A|)NLrBHYf;#LqQp!1c$xI1M<aopr$hzzWTaH-?Wjdbk5HIRdKP9*)y&p
zBjaUbLqkZ%NyvQ{?~5AAXclN+8S?8LqZKB%ly|dw4cJ3~Itcm%%?T5sz3-Tgd~jT7
z94|R^;|xfh3E7t2LKR3CMq!ID*zcMrIhU)So0ME~`~31uekNx?X--OXObncXBVpeB
z(;!htJsI%6NdLi;V&e%M#z+{R?EfBg5dvldYDO~4il6r21h7cjBTfM@3-Ky=c}%!9
znHfwP`g(Cyoim!p`9phuz>L>{OhNK1cI8XabX{Tvd0<!!d#K+WR1B$AkP$?k!E=Fy
z*c$YhN~>V;Q7^vx1|G>KY{`Vll)|g7mm%>-3!l63)e7P%fqhh+2zd}e3<wT{Zlv@p
z;9?*NX79|2?1w>Dugt}w$_WXRbK(S;VLaD6oPuMPx{X^sBq=PetNM@7$3UnGR%M|a
z@=*OqKU__;=O*LYPB3saNiB{5j}J&}U75X@i*_N?wzmW4?ofg^vlAQz_BfI1*C39q
zpW~yRhS_Ba?y_p(+p=pAcgELQkftzmg7Yw$31|B9g=^Q9QV_;oubTrx%rJguy@{nn
z@w_x4-``vc`am5rYVo;p5W+T00uQMdPxbcHE2eUG|3~`OUomkPFKONYk+y-@)pK0x
zYV}9%aY}na#hLE;88ZBHQ*{OVrF2{%aRVnY!d?Q)iscEqfdGneOI0<s8-bPw$t_Tc
z01!(s9V^ap8GB4GsP8$Hon|eFGyVpqyI<hE>a>GU8q99bfE#YJ4-w=e|EOLRF!%sr
zYa;{{>L_-3n5DW4J1Y^~F4P}Nczm5<q8j8`BSj00kSl3|2dB%Ulhp<)y9CLd=bR2t
z*|C41EP4dxt(*nBzpidKM9S-M)%ag%Jr)evqr>p``2jK33vdYOTXLBie?lSM67;bb
zlSdc8@D+AuR`SV~U>YJk7D30S7nBPH$x)!@666jOXLWf^1)qz2=##FN041P*h?gw+
zZJ{qV;V+zep8yAl2~@wri|Tuy=%Ntw5QOBlAWC%wfp&%s%trJxU7zI2#rW_-0aFD@
zEx4VP(KA}GNm!ANd8A4t<dAjqmk8u-hi{w|vl4fAxK!;lX$VmaOo)a!&Ll;E@fpNr
zk!|qucY%-wFOqfiTs^u2Zf7bQnvzGLy@0q?>u@)I5kxvCw)w6GCtB*~7)$;Di6$6@
zUV=P2GIl5fq_fvit$uTlS7k>K%IHZC$OG($H5$Y~pB4zo`U<HeX3_>~wkcae>J5<u
zD*F-I$Y9rOjcLB2ydyL^aM*g^MInjpof?@SV*%;Ns?;i7`5;+hiDV;W8}78!G@6pZ
zVv_eCK={*$$`GV=IM#|wGU7Rp2JIb|)f$*WNq&1K4D|b8Gk}vhc?BX5S~lZ8T}ecd
z!w7}StNaO?oc)Cj{{Ogn^DzA18?u95SwLW(upi$v-@6i~^W6ZdFAzvi!ys30=sS2o
z7DnJ;?C*wJIWdevB^Iz77Xn9&kpDxjZ+Y7Q2YwwdAh|qtHRti098VS*mpn<F=Q_aA
zgev=Z&1;xLK+CJy3V{JqX_z;YpH<9S;F*+HJYWg`m;M8gESTCe+xVtHhuq(CuWk$O
zUA4F__ORiRx)OgFs0l-WGySr(i{8TK>aRIio7txkh6MT2>J%0Wr^Y~FS=3+-ip3w-
zkGt?o*j;@Ca68bbb4i%*Z1jS4KZxTgI^pxwe*_cHrIFHOoNpxfGyP{fu(G;ez)i|#
z5kof(&}dd#Q3q^_txM6VKf#=GlQVq*MX<slQPWUX_8LLBqhtUV0T8603Z&Lhz-gj%
z1spT|Av5&`L$Zv{JpP5LZP}hX?O4|i6ASnYkKn#9{`t$^RwP<yXS~8X6oyVHhq-gB
z<25?JJ&>nK$l+=K7;j=ijOj{-Hi9DnG|iA;-aTXfEdxq*P$I;;WS@suf9W?BuKVn9
zagOD<g9V5}ZbHHc*)aZw>cv9&vwTYBb=YvQ6eylY7tKMvO=t>agBENQs)vRVukknR
z|L8ys0mGBKN}GX3G|6#-B!0wX!2kIR`;54Rgd*Y-H}vZVAeh8CpMvn}69H_r(@L3Z
z2Y?fzWy7KSBzYemPQ#~0!Fq<55A4qY6j0*KTSc{fh@ZcckTjB$sL6${-)|3nF;CPQ
zzeT4Jy9d=O<$Hk6HeVH{=n2W&shf1%7qy;uz?;eVsW`!?h+n@VnfyekDY#2iYmPuC
zKMD^5E5GuInQ^}jy##14a7cgzj+NCw+l0Z;*y!6fSe4^o)Db+Tp9%t2&o8v^Wea7j
zeu4{*D?9<ko&{+fSQTuCl!a&O6&gMwKSBnxtlJ=IL4o=>5b|k|`a;n6D~WDM;gW}}
z8lAy;vN<p*8*WB8Rg9<l%_3oVHEeso?2=nWKe%U9P6>4^y$0WR+C|7W!$49F8siiT
ze;)>ailtk!ZbUcAt~}s2830dlE;t*oCkIN@`Uui4Km-I&L2@DW4czC*<LVb7=P!;^
z?>1#&s3+iVjn^En4S<VxAgoj|vcA5aLVFI%B}+o4YszK|;21E$L;L&R){`cP+Fngh
zKNO%Z-R!1hbolkw4N9JKFB=vC>iGiKzZ}W5ImmaU0<mBa6~RNa(FG28U|m4K)11_y
zKpUeg^n&myG`I8|icDxAyvN-*#nRz1pvdJCwp+s~ea9dhVUqe)uh1l=dFlj358;|b
zOP_r7<ntj(=8o#C85!v84hWF+oq`f6&V{hMyTfDG4}^q?PxZW%IGr5;zHh-l_K7DK
z7CdbRGx)pUxI^IyI=G9<60b6c-1!O2XPIsdfIHHZG~vn*LpH!wLx3T=Hw|xBx4YR~
z0N7g{9~I0W^<Lg$N2p8e<)>LR6H~XpPApd(#ki|P(N(qP{x4F8?|<UDeT1n*9GUrK
z-b&-+$%m>8HnlFda+aY0=qpqWUd^>r_Y@-zPoWK)WSu*vhdn>{*PUoz^mna%(dqJ_
zij%spz$d6u0Os6}w9t_@(7&|MPtP6t?%g{OXfbkewE{Ry5M>puM5Ww@<W3@~<WVjk
zDIl*)FdgW;V}DX6*H<`lKOYejLs$Zt5_LW#G#%G`Zs?ECR-=$f!bwX2VbI@Up?$tE
zfw}=EQJRmn*~i~C(qNqoNSnYx%^prPL?}0Z5a@xO<ESW6anTn5J78;&sH8?egB5cX
zzLOFCeq#pu8iQT@l9H%r9XE<DgoLO{XQi>3QBDK$2ShgzL@vZefT;|}C{;cr*UTr~
z_|*HUUS&Rj5?n3dJ^Y)r%DXtl$N&<HGQd)FWjH|SZl37}!;=+-e)Jt*KtW$=<Jc7h
zo*`SH9=su-+ec91JIW>7v_n!1jKf=CVk>~x6@8*KNDW=yT`evv1_fN~%a{uf8nJcJ
zP>LS$o5ff;@#yL7-UUj2zbrt|L|{Q%87urTMH+nN9)rWyUBz<26t6?RM`73kM6!kf
zuacCk`bP9yKw6;*VdLb))p86xsh~d97bJlz0^kJ%@|jCF%PT0wU$|VRxwsUs3D@#4
zbWH#O*dadG3Xl<i?^NMz{b30opj9qJ?ctCGKqx1GM})4W+*EZ&oUXFsq?noOaY`yG
zaqH4202NFrW=lI$ogk?vjetW7FBebu{-gerUnrr-s>TRu&3yigV^Fz4U^w))vUKNu
zZQ~T9eN1yJi`Vg-jTWdli01j?tF3<#4+)MAFo&xH%8o$X{Da<?zsn8=3F8K>HyC7~
z#o?bBcQUOiotekqd6`t`W8P@WlgK|<zKI$Mf+>sf+q|s&F;T&b&s^-|F@qS&6SReA
zQ52$XDMbCzYDx9BG1AMmM{7vx#=d5g3e+7h3rDo+R@KaPC=;Oo;*L#!+95Uj49)JI
zuwhu_PkfI;R8rGw>Sr?57F!{UJ}HT_pU5GH22Ud}cLdMz=TJJsZI)G-F?TH%umv((
z{vr}!J%|aw!s3}LXZd@1!n;WAFTsG17m*>AuBRn0Q_n>}Y6)!wKzr8UQiEx2OK)0K
zkaUq0b~R3fN)o0c(62StA?-lf2Fc&IvPirebBELY(-7iNU`*l)u>$;$V5r_lh_g#)
zS|Po90h<8oZU8Q$g=IbaGe9^C1xef*4o=y3NTig&(PD#FJy6tC9N=cC6NF$;0byuG
zvxrXi!c{i8LU>o0DOC&L6GUNFNqaOS<6VGx2$tKB?*Ud`tt6>e1sP6fB{(}Ox^rvX
zn{dr+HPEYiLfFT*IZUTQ@pWZ|L3@!0>jx7#ul6luP9Q&ytB8^|BIcd^X8vcoxNG^p
z)vfrwy4r;mKjv=Jz3((&v?%;uescxWUv$4`d>12lLlz^-UhVz00xPj(d-WDopm$=2
z2ge)thu(b5wD+e%J`8h5ULf%_q+YY>pK5a)rPir6kwenE_|_32BZwlGv#De$DTZPt
zZ<-z!74-sXJiv8?k$LdQiXsj?xHELcVZ8(bfNz#3QAv3l5GbuDl^TGc0$2sD%?Ulz
zN+Ku~42Dg8x(wPy`?Ag~XQJ-D@&3_;Y=R34#-qgVuTxjWv_+8lWI-)WNlB>|`q|UQ
zW*m-;yNAbl2x%=Dq#y?YJ27<F^Y5%z6IG#!sU~Ie4pKx(Mct(on?`jQ$r36(#x8u#
zjhUUDori~32X8JTw+2HQVHQZjGXM_PB1f<yFvkL%OGL@Ym8fK2Fi=zIEX;1$xIP{x
z{>t#<+sqYv>T3GwMLHUKK4KKpe-QUy#Z)w~V{i-p(EWWy!;0au;3kdQ{@76&>{$MM
z{@`LZMi4*BK%9S7-{=HApWsVD>tn(;L0AK`iG{-8YTxjXVrqv9-y+Eo5^`;C-pt2>
zY2y?9_7m5Yr>T7I7&8>8w@rH5J8(qe**rP4x#c4h>?OQD@TEE1vCByEMq-}Xs|oSp
z-S87qVq!_?`EE1THB3#Nqc@I~<I}9G)`o?+4+Z}l0`Mvpe_rTvOoHDrQ&S<|uU^L!
zcu1!z<FblxCQhu_1KJLo9MlI`-8&qS7d2MQ%Sbtxe+&!^z+)Ede<>Z9zewjfz=CWV
zqe(*P9ue2jCXVDa8k}*Ownd#VI>WS9Nj<V;&bOw|-_IqE9x)+RAbxD{X?6ogc!<sR
z#?c4v{85x4^xHZ`h&F`$oWmQxBZ~idk~+}}4j4a+qMR%bVdz}|#VtdkDG^3%+V1gI
z>>Mp6>MnhMm}QVlD}47^viiH9bfL0V191<JM#^-bJi9$~On5Z-$Ma$iqHZegPlvWT
z<7FpHsa%FjgCh-_ONxQ`D13|Tn<aDcb5U-uPPEk)P7XWE`C)eBsKtWlHsx)g)Rj<|
z0-NlxTWvDpN718|=z@^mzCHj)wJM^DN%z4M`3P`Zp{9b24s!f@T&CvxpF3g*^C(S<
zLV7+kMRx&wE&+9+jPx$4vH9*B%%tHUR!JPcWWwUL<Ze@$Mj--EGn-joOGFHJwk&Rr
zg93}&5;)Zw)Ac->vISFT62<IEe0!wi(}4(sBFPA8VsPhwx`_Wf+NDJc){o{s6CK+v
z+3-61$ePzUt6i*!aXjulCJ6H;7#V5Irx}&Jl6Pl7{Ek!nmqb2sv~0Fjn~m28i$PKG
zg^Z}=qmi>0h=L-C#I4d945ib*$y0RX^H=V~=r6IC7|3Y}2U(WsrPUP*ELQB$X}NhC
z2`81(c0&$JKaMPl@+m-3ko{yUD;DsxE7G+uK!|BPwkC05QzuWD!7pMKEEqHnK3{r(
zH)l39dNd^VO3$>qp~0pg7SIC+sidSN=*?DJ6g&n^DI^s-TMS(sr`mb$MSkhWaDL-^
z`@P-V0&B(WIzfz9AeowZr6a8C%E8Q3ClP0f;Bb&K<Z?Yf)`NZ-H*8a_o0ReXZ2fVM
z#_|``mcVu7&Lxngb|w$YnNm|@pHm=Bse?@32_Eon+daA4J|`a;u)Xu2Z0m2;DP;Eh
z<Wl}qu}79$gc``TnWv9fHA=UZ;i$Y#Wsw#A%H@doJ;p#bB|2|JcQy|x+wDQWDrWqr
zgIp?9c-@vw9w|p#@0eG>3v$Fox{(h^XF5dTdV)=)@+qyHiXV@R+<xkoTDl~Tb#`i-
zM1_=kk`kIhSjz#;CC6kdWT}b3VS<(Syy*=bPKd+bbWi{AeBiC(%c6Hq_I_sL<;~B?
zzzA-Q_Z*EYGH>MW5iF^B#+InLFLAS(=Z>bv<6~Qh+s!gx4pu*2i9%dwlemUuicj*f
zIl?#oadsn+aQxhJvlj6|Zd%l9?>p%pX^BN4&>y1zHfgqtqTuW;iS}GfyGA&BkzJ(b
ziyoC#(eeuk-{dBq(zaoOZl&6mMe~27$GkrPzmk>Nf0Cz46Qd(MnT%I()hq|idg4HO
zJW7Oe!>{a<QH=<W&TzWWcbH{|?$d}h?6GNMT#ogev?X&S^}<<x8x6az@A`05_`S;r
zHREblRS%;px3x}Ou<cTqEH62Eq$me-e)luT+n5|PDl#pbPmlQ-HyBzrbW`->?03_;
zU<lSdn5-wim&s>nXozPD5J%zc8ef0jv&DZZPK>mytdUSy>1Q@y)^Scp&?;){_tYH5
zAC?#2Cuo_2n!EcVTM+v<hr;<Z14(0nrg@tdu2|R0wr&o~i$O=dm|WEm*;#;45Ow%_
z9B5ydsQ)ugqI2#Bri`B3WVJ}zfJmFf1(<$;+t~Jo(lh(VlL<v*)SGy2qZ7Q>!L=KN
z_*rBtH3?}$E}tw$KP`}Yrjrs_v#8C-1R^^(*Zzj9TAlVw(GEi69>yI&Etzt_{rz2Z
zHjl8+%V3u%PHCpL@6)xMcokvUh~G6SE$uTRAPfDRVE(LrD=u(*u9^Y;NDB$HHnfVF
z)-QB<?jh0PtZ!UR70`cpa_g{)vhw7W3wrbKi;OFtv!Oj75<W!$T{y#Ug6ZsrsoP_@
zr?U^-$^8}G<NVbj^_e70nmz+p@K1b}i*Xq5JK>xr!9mvd@g^fVd5992>b!A$@T5N|
zcYpoTp!SP;?rm@stwa5x30GCR({U-85&_KL-|8>g&PiQ?QpM}%Wi>Ryp_2(W`Af*0
z!245_&`pJU8JOq^adF(ubhMfxY{BLzd)7bX*I#rm!lSw^W~y4s9?W#^+MB3j7((d=
z{tta@=Q)~wX$C&WJ)9dOyXkKdxuYBn!0`s)-jE~I6#lkPjOkJ!@MNH+;n*Cw3||mB
z+zyci0Usx&W`e8{+q6oA2RL%{!tc?dAE<ncg-#h;ROEqa3>f&Lf}sZh#km7?vLWd&
zPl%0$v3mZa5t!y3d)GhoT7tA7ri+&oq8sY78<q|L8fbpM1F%rFsxHXlRc#IrHH;!L
z4eI(j5;Cvi1c4Ceo|};YB}g|E?}WiGAzgoV*&I8zsDB2Gog#PN@sd(8K~nR;_kpOI
z2dVDh4G}cZc7HFl8ad}UfH=}Fts&q<BCqAQILN#L2Gwv?m9$>r&G@LvLU^1$t;k=*
zHd@+9pYFYQdtPu7dWjCK>M89^(wk{L#~B)!$h=4$&~?f@B&=Ht5+UeHrU(9N-$Dad
zKQS?pFeU>MB>*jl9<J1^r?aRzTGCN)d$a;k6~e}kzTaLXhc?VNr-B=ok92=vdv%Y8
z`(Khcu%!;G?(%oWqtSsEbLq?PT6v9Ug-W8$jW++p<xRya2_GS$h8z#5C=Wuvh|E`?
z{CC>lZAx&o7;-Q!V=}XW8x*JEZ%mnpBR<9l#}BO~Bk(JU0D~vt49qlNdemOR`Q%#}
zSq888@w6ZiXgqgB9d#Hwfgcd39l}^jH7}Hfw;lyEvLxK<Q6Ejh1i?p$_nm$0YZrF*
z|1lyo4dGY98B%$5TA@5(n8Yzsm*Ie_#tMvH?h;qC?Ea*uzrQb?>-|mht&nlyoKH=r
zANMXPBj@{wx;`a!vVrITzBC+jf?g%p7haBv@v1l3VT5eVp6fG1BB?^fXXz-mN>B3;
zIo}6Xtqc^U)Bmo1Mb{+_Y6O8w?2$(9-gEKKn;qJ4mLQEHXlVRGRtPh`+WP-y2O20V
z-@8PeKuUXW{|;+^(J9~;j`fVPaR?Zx-0&oCtHbsS{EKeUQ3h~r{-Khq8$bLtGxY=c
z=@$4I;b3b7c~Sp={dKPKrJ%nr^gRZQ-Yfo(=GGh?`QI1+Ps^(lKK6es;x#-7-|)|y
z|9<K_FacxGM#bs<1=`4?|4j}bbDh)p4>m^^4{!RPS7z_}-=9C@d=d<g|Ic$`(f#rG
zwcnnL>vi#c_17(zo{jG!kY)N`Hnua)=JbuejmX!xrY2d+FDJgElHm_!?gTHwNt}_V
z`dduqAf?9Rr}+iKm?{H$64z4?kLcUqR`!9tSe5)Muyl24txL)TGR(#;{RMHLvqG5R
zA@hTVweIXx@)0pjOPUCSV*!)8EZU2{y4IFEdw%dXX(hPZsgDO%A|#{AbUWBB>R*K+
zk!OnqLJ$!gNOI(Jcozv1Qk_kUD1I)#27Bc5&Hkvn;iMzVv$raKzxjIH`YAR<Slp)m
z^OUK-JK>k_ezSil<%I`XSy`Xnv?PQQm;n(xO)HQb1zHbXJ4{=erx<bOxy_Z?4DpC3
z0ek?S88G*kD;Ui}5^^?N5~DJn5iss9;j-jN&b^yt{qk!|RG{@2<Zu&dlZNKh(eFCR
zeUa4Xus^%%sVH(8E#>pFWKD)XT=;!O(Z#<#>9Um8mGb28ha!pncNjpdiqn1_xu!Uf
zUx3g?d)k`ZOEhtI6lre#rPDZ5_xTEO+Jm<mugOu^_Ye;9&dniA`vi6JV>%DutGJs~
zoU0~B%mb2l!u-_e`s2OcG3iT|np}}X$QMZQj;$lK9Z%KMDmt&F&;Qy_<m4SyLVR1z
z1^?Oj$bV;tevAKDu$lMP&+T?#$N1$(>({qNX_P-QkZ8Pphp(}*0=ak1y0!dlWXhK7
z!K~HJD2q>!Tv?w%LR)!*I)1u6Pi7qPe(oaiGgtYu8qGIUoxYfe<z6+2Kg}W>q(@<~
zvl*X3Sg0;ubgMCu_PVa|Ul0b3{?}KN;jQ1Bw#&y~2-B&qxv6=ke~%~f-5$^95Bf-c
z%R+B<<`ZcfT$0!+jUCma-~PEt=o5*ERK_)P5YNNo`9^o>!kgwe58Hz_L*ZzHR^(P9
zc2Ym6V*hfdeLVw@>x=cc(<I0HIdQRVwSB+B%iLUNl{jBW%IFYvCTqsu3~=N3uHFB0
z@@}_qN=J@PL9^{?Y-}vhmM<!r8XG@8%^vxToQGyvQ1JSIhQAQp;?iS5huk@N!y{ts
zD)B!cEnA!Fqj2i%UY`NG+F6!+<Rt1Th^GX=l80yCPn>_~VE1X!Bj2v0Hl|gzw~RvT
zQizD&BhL3|nes$G+v5}N$?yX{`ShcRmYTNT;h%>iEHbnpfOMVv|Ks^Bzoh~@X+Z%2
zchGmkmxR7mF3hn9loEhvt-}d=Gv2bKr>EYL3Bb(ZTfitB0TQ8zkWl&F$uRv$z5Xry
zE}#%#&RF=ZFA?nJV0xg4sOS=~$249YZE4}vMRRi>0ge?sjGo?J&F)=!!Tq9;*z;Ca
zV*qskOJ67MA%62y*M2|i6Xxe3Z!cZG@tN^7XrAO<z0Mx&&6o~CLkil_XkOk6H~)Mm
zsz+Uhh^3PMIMaV3=f;Yjd<A`m^Egp}*&hJR<O|JHptwT9bOWZQf?^)p00GeQq5#Mv
zeBt00s8QpBy0qi!KaWEP%sRqNm$JSsu|O~F8=3BREkqMgf?*2H5MaO_9v+~Q{a_Pf
zoVRBrxwp(KtPv!pqXsk-F!2S<3+Ni_e#<*z{X%BK-AhGSOf<quh@wMl4fQZ&(;es%
zu#sz>TS}!B>v7Q!+^C(=OVU2jj@d>#G}?zryx4y!xbY$0X}q+@<x8g>3%vp~kJ&ZD
zRmCezOp8|l7TsOH-reVT>0K|4?ZT0Y&J3WZKY)hFD&WtL_L&lU?G!H&ktLS}vhdQ|
z*Zv&R6D|z`C=a?t8N^6`DeNt~Uw1MqYirq7<$T)g!6bfoN4qw)k7)C|w!jEhg}#>U
z@Amj>Tk8+UtK||MHJlP9!XRQWdA9fW{|reJ5Ro4N&kMdjfQ82*>%GXfYh)oYs*ttI
z;ouUEI3mU>p}3Mu?OH|US%@>2Qn61`<>$v<TLO3*_FDPn$fhKH)k7j8^14#v-bv}{
zbaZsQ@}30ywzVM21_<9KGP9#DK#)WbmFhU#@jg`)9%+Ti$2IV-keYV0#DiyGJ?>j`
zAMFcth&EwU0#V3Bm`5rN5otS1nTA7FTzx}fORX^)37ulXr*|oCdQE+1!B`l<7$(K5
zuXS2xJOt;ZVY&!!N@$`1Rp$mm%0H)-{KR%Ssl4+vQeO)rBfy7u*E5meOW`Xr)BU>o
zG649*x|xoMHng?o^z5ZyBt6v)>5=`~r+Eh70{ACVQVlqsb_o*uBKhgR(JcPG+J23v
z;$CnW=9K2v2a@0!=)M8HR?$Xq5kdh_Jixh@lbwCQ14dIC=)ZAaGB#o5Dl9H!kat~g
zat-;qVjGd!{gCksaKAW;3JVEPNl6IRH<36-1;<WtW##N-rkM7c)4Ie2k4y#zc|hl#
zsLpH_JB#==PjJ(?GLdXxIomX}Ltz^Y0)0J`f9vWxqtHU3TVUW85TL_go-@qls4r>#
zL>!cw^}ak1h<DJ9pH30l-ddlDgf8RH=NcjNa$)odY63d!{ejCc>K)}>5X(%}k*B{K
zGwd%W{9N(OFc*a)mB{C$Ak8lNKEc9zoODEF!hj!Q13rl>fdCD(&6FZED<h*I_k!Ct
z)B<`OM5_3sBSoi4+*?V6gNzdwMHLHf8T12tO9>ER)#q1XsI$IUDqmXAujh^Jm`=z#
zpZ9`FhDhmi|3BK!EE=U}Lzxo)VGUdUVm8+n^B<zn-w}q3t#b@eF)2WA5Oy*IqZK=C
z@=0h5016!h=xYd)Rp`*6XW-5Z4K?T~vID&zz$(C6p()1A%S-nZy3WwLQS_Vb0H*5j
zO(hurc@9udFtX)^xwa*mI}Fp%BY=I_WpH$xnVDJd9W=|qx8o5|0Iv>>19nZQSMYc|
z;Mu^JB@Bsbo<w?`Tfc+PQ}iB#>PU6i%7C1UhTIFZU<7XU|HIgOhxPooZ@}$c+DoOO
zsV%hBr#-bqLnRd|Q7DqMRML(pq#Z>lLQ<M4M4PN88br~a&-u>xzVGkz9KSyv$9?>c
z<Nn>$=kprZ>$=YKyv|D^-YB){GQj-7V5WvuLVxDbm^*>_;(VLlnEwIJkI_{T^oZAl
zZ~=NjD@wDYb%@6>=OBC^K!3wLm|;0*FN!a)VFP->o(ImS13`9YS;-HX8nITb;dZsN
zx93$U)Om8SRmf3A;0=Ux*=#i#mqjqm0u&LP)XQql9fRBp@*wCBC#<iG<lhHP{wZoh
z3D4_xK5F2{`ZRCv?M-S$oF;2U={U&De>4QdHz57^gBU|J2OD8n69yrZs;JUE>=YRu
znA8M1cOr14O(Y0>Xsh`{-@XupMEyEgCHW^s-)4)X0A*I-;p5@4QKcnLeldoxi}Z2*
zv#h|p=fqn)@SOTyK$RHTIVu+ua)l@6<0<5~!`f~q|0_ZMZ`$;J{oQko#}}A+#3k#%
zmc<LG{RWHa{p7?r|0SsPr^dPup^K~Q7uXJ;o)Qoi9bDiTa7ZA{Dc)P1$ssp|api?B
zRST$oQ7<-^-UrKz!#Ow!?E!uQ`YpCC;gz^};ex1`7&J~nKR>Buu(GpLtYQ~x2f(I)
zShO$q6KNtwcSCY==`P|op~F{I4TM(>j^Becr--|b_*_tEi{PsQ)*!}BO1C&b?2Hnc
zudp@IibkBTuJ$B6vaxvjKXGYscDphA>-}?&yo1nnerwILe1}7KMOJlWOh!e;cGe1t
zy(f5l!9xPDPojq=kC>*0>DxdgiE%tCwUL-IZ=R{CrmlXq?LCOdXumEk*kaRkM6tki
zT??J67_x)I>o@bmLF%aVATCio$q#H~b227^Sk7&VA_`n+OYpakY-aGk@rLSk=Juz!
zy<nG&w%^Fc{TYFYR@5qZ1wb{4c~FkTr?I}=m`nCdaEmu*EpAuRru0EP4t>ARM9`i=
z;<R5OX-!kP`QRJHlU;mKZ=l3SCe<y)%f7MvE)G7ca7?&4Ywo*Z2TEEd{Y^AunMwwW
zeMf$-<p?gqBZXxCdHD>!dmi~$WPaje&!E)3$NqmNk$C0k@yRh6YymfDDu=nPYL~9A
zE>dhD9{L)MdL<`+xm5g|5AivKPlO>4Juvf?h~J?74CA-(wselS!he4RVxy|>iz$h?
z-nd^Mvy5*>Z5|2evpj<|!3(`UD!ml}FamLb`fG=&DUcK!OuF-T$P)pVB?uxDWN_hk
zJw-x<=-Dj2I|+A}&<lQ0-e>F!J2vooQ)k|yKS{zo-4F5^NWn0M<ZXx?m!KfCxE$Kt
zz8;0L5t+<mJL9%`KPZ-<0SAZ`NiUP5scxR3S_;`p%ciTH#~>%e-EQOM;HcMk|An(T
zee)D6gt)qhA=Ikqj>85YR{_>^99>6jY;5UFd@TE1AxQ48J-hGp>)Fm9KuHic8?*FT
zw9cK?673Y{6ebPC|3=5k{_LO4H3RkMFzJM0TYBCS(b)W%+jWqJiP!I23*Q)koqB_E
zwln^R;l|COzv~<4ZF;*P>$BWnlrtJ}sEzdo_W?TVVF{(6w8Y6%l9e@|Hw0;XH%wAp
zm~Qx^nz)bOvE06-pKJJ8C2RkkCJEnru|2KR2R!U<F24};N#<p}5aZcJqWwQo8V}#{
z;LxLUih&`%<tU-HATfnK*-@!4lc)zChb~s#L1e$X=drxJyv4h1E3^3aY<Q-jBU&e6
z4nYu7<(UXsDXBuFAv5ysQ1C!d6MbRm7mhCA9St;bvIwe=Y^8c6MJ%Q#Qj2qG{hi28
zaPRvjmyJ7-<l`!Z1yw}4DXZ2=h>I(2YoSd=-^N?9%~T(O<!#V7LCh9Jh$DV_bhs^i
z$m*O3l#0O6N=sX!ex6THLEjF>x{Io*@#)}_rEMtrj{JqU7r7!{e|e{JtI$LA6ZN?C
z?He9;NBDCJsU6$6J8uTYM3_*>qURhkdXMGw^q9eW{B@{{KhQGqmiW9^rWt#Do2tw6
zLz%QzQhdCADHIauMDxX@g*mD-R_os#?yclg(23W+<i2s^M)PZ1nVGjxoA1T@Aw)P_
zJKMHxcw94qguTTA8-3n*lSLvmrW;^iN$1l*#>X0XvI_|%QaVrqrs9RVRDJF{(`}5Y
zrq<rsB<iE-Kf+4$J7#>2oED>nXdM=o75FFfpME?>fHp^KC0ZF{7{nDc1lRuy+W13{
z%wJ8pDg%-aI-49!@0!6wH@%Bx{Bf{0St#N<cGi6!c`P0>4Jc-uC;L;8K{{3VdqFG4
zYxoM69&gU&^z@hnCSaDoL9I0GNYlZ_zD?6X4m|=T9QF~h-Lrj~S^k@*I%sS>BQR39
z7>@AH%)%0Fxbhw+9nwEIZ<7Sw_9%-(<BApRa_0Rh2&EdrI^N@G7VIA;mG7wxoJ2jI
zf)*Je&navD1TwPKDHDAi+i!2K$5B*xlgES=<3i(E|8f*rmzC)*RxYk?BodgXS$5<z
zzXM%&71KE0jB8M(yH7@IK0yq@IfiP2WnDb_E6^ds8<hviS>kt9@1bs_m#B$&^>`x;
z%7*s5kCEuIE=Mp><*;i(N`cn|VS<UCzP(_5X01D-QpND1rQ+nJ1IaONH`2wX2H3Vw
znjjobPzIQfbQHY8Ny9_07_t<o()74NWH3DjdJ?G3HZwr@%F5x{U_a7+<q3kdpkr+Y
zpONU%2(Q>klq~63UG_V|?lV{R`oE=hBYUn`jeiK4fh&7KCN-o_*H9;&t&gL2d0P1+
zkhb*VAB(bKTF1;!wb49#NyehTG^GC}d;IUTSC==w<^I|cQCN@ls(!Bbe<gAJnh$9b
z6hDWq3?#w+7N(|-Xa&c<`YS=5Kea6yf%|K^#(@@IDUnV)vo8EsW~H~`T$^_L15QW5
zmvI(%gA2y(mdWTx*pB^1Qh;;BBaI4oFP?D~V#X`vGXeIs0@IKL_F{^fQ<IdA0M6J}
z1OYTjsVXLOFB^Qp6~tkq&w`U+tv3QRvQM4E`4}rhOx0buXkus$;S{qOYW%a?u>Bex
zv!^}i3K*|jr#B))aHR;IYVDewoK(c%YbYpr^yxRL4M6v+X>mn4su!X#pI;b;<pKuv
zHd2!K*tob(W;=89c(*XC`ai7w=diP`stiMx=_8H_++B_8nyq<1qo-;GZ=T9`4=Dci
zc-;CM9&S(c!x|1Mp`p=mw5eYy!Am!^+1MB=uEbSz`kC`&???Iv^~E(n`Y!t;6fyLA
zv<G710~-fPqU5i0Y$wQeQ_Gd}@0sAbs;E%5S*(pnUE-z!dH{)WX{N`2Bips}egbJ?
zlE4-H0)_VVoyqX6I5GZmPf}WHFXNB#nXHtamQ$B*e&{%Jda2&$H~&bKOJ3oZ|5Z=_
z0D~E6E_LhWPnQB~9LF6*f(qy9(qjlve47u%uis{&UFiSk+YT87ZAP4EIeRCkPf#VH
z+vqq_G9hB>n%^>qd^(y(hCeqq8*i7lFUiLKXKW$vH=*!C`U?D@6mJ>!l7(L-CQngx
zB;vx5atjn)F%(kueqD^r%;Rl2XL*l>T>6%gGp*qOl~xl2e><}g@(7_v3le79UGVp2
zEbC5lpd0V2UPWUXT2<LmO0csNMNP=k9GH%pQ@E#7V>h4HAYoXX8hzl^DUq5rvY27I
z*Pwk1vi}}-4n>_%QA!=;4ZA<paQxb*u;9wGASO85VGqgHXQ|iMHS9tcn*7|(4ynpq
z*A5l3%)PVBG=@Hi^dfETPxv%QE2N7yQ(ZjDGY!$@5-CDNStSyIV{75LPoS#y3A5D7
zj~pF>xbYGVNztu=uFE~u9`fw(nBdrW8IOF2ZaMTi1?Wjc&j`sf{<)1)8K#cg&>dJp
z?rT1add`2?KzLsl8k_e~Ls!C<;D!!&v=a!iAcMFuzMn>kJZX(4L}r$`ZDhk0sz<XB
zjh*@PdK+f^4Op*Ur3gIxhdn<xPO?h9Ht)v-|Mw^hYW9EaeI<d{i*>#_RWF`RHr$S#
zMidM}^+d!{R5rNTcrhO!O_Sx}OYEr#*hKU|*(1lo*Dw11Yen_>*o>r%%ou`hh62(b
zjlc<4=McOJ3Q|%rgad#uT4(bS%UNqYkSU}1yMl)Ry2jD5&YP|1H^9~nP#*U@GPmL`
z5lCFv=!GXz7A+I`b*vVp5V3`=)9vP3zg`2SA%4gA%dr=FvCqWh*lnt~y?D%lMConv
z;e$;8R)v^^K%s)h^z-x`m8b&v?_{3~H8*D(10WEHqZ`Qd5ZX3Hux4luMX@-<YU&jT
zzD*#)X<1|I{p1K)8bTR`O~IK={@tSr)gm&Gp;d&bu}(?1D0QJcww5gIReb-BgDB(M
z^0)#V!vx-_xuh9Mnec?TdaI*m#J@*PaJ;RFstBc|L?H4$4(-iLXn!u}{|beFl2$y?
z`iy4{9d@~`pFBODO&yxjq@ZD!BuGcec_s;rA)vl~p7k3e8#1DVn3%8&Pc%YTG?yk7
zcgAnx?YXmO+YO=Z^m0q}g^N0aYpHpr<wQi=y9QWneEFIVk*JHf&vcoeqU*<Z7H^KU
zUTa>t82vJJvU-E`uV_-3WYxb|iVz%w-vw0z9er`+7LlG0F%HO~90d?^UbJVq@R+1}
z-rbas6~in<?A<;4(g=<_&xY$FCnhEkkOk$vP|?#>Ral#vnhp{zxD}*<E=G>Z^VuaO
zCCGI24GjnPCe|%PfgrMaw>>f4st<@vZyrklC#5YCE)~3ZQ^Rc3QtJd%OVGl0faM`>
zG%?v07vjw)H)_?CJh|Q3^kFs1`ox>7oIJ45bkO#GpMdj|V?+eSex6TAa7J@D@-W4H
zNRj5K;*tv%C8G1R)m<6$-ehi%D@IW_NHvFvjKjcSF9hN^;#ofefoIlGGUC9?bLheQ
z!X}BKR{Ei5>6L<zZ>D<1&Mq%-$w|>~I2A9A!yvVpg7!lx549DqvLCvCc%k<d_!@q9
zRaor1D$FoCa6wzBYMDQ?%xAaO_6H-)$6ff&A$LkuLV|{3&iL@+@kP4rXla_dDou)4
z5~MmS*c{J6I9H?|w<6m@QP)(nR)asG{3YGXVjFm9;%6Q^QWTgWK<7NU`>S~KHOG%y
z*EAJmYclU8EL)!lOqkZaFJ;a2mt-gYaqWMRnHRl~G7*@$prxEY%*l4j-n7UI0_ga>
zHf3ktlCH+pdL6De<?4HtcUQ4e^4=086(15LiNBbw-e6-_^h$Z-4gW=<?nEd0L8kFg
zNzq3!ssQ~VgoVd{UTd20<=<VCTd8cPl3L0>o|fm#wp;LIU_DGd=_wKymZ3+j)rIjX
zN^o*O9iPwdw%w3AN}M7{sz{MLNXFCnUaN_8sK1wy$?;3^_a7&3T!$?X+UnDTixybs
zsI>b?itOkO`LR^D0;6eD4%aK2S)-u@jLI;frp=YSI;3Joxt*oGf&5UEc(wu8j$E!L
zQnq@6Coiig@ecY0vg}(G9|DT>VJ1mXV+P&gY0^6n;J%KzojdsW-60FPIz3<FE#%DB
z=l0e6KMI;DP$2ZEJRaP%G!>E#nAaT*Wi5MW2@{Df=jdn0IxaC!A=U1;m)<>77gdqX
z-P~W#D&w7|-(5h@O3oECKAu$Wl`WUk@C0B>clWv}I-9hS<#{u5x_)UE_6D|3y*AcO
z-by)%2Fe_M_GzVM=zM>Q%x*?Z+O^vAL7EmB3tfSzpsi7E{!USzqa_A=rbYR6ezVtm
z-6RU(Y(NovsHL`OD2CIlXxbd4Q(3vCEb!)cv~ZKDR6+d1{&x1xIJFgS3={iEaa32A
zV(`lzN0q%RlmilZOVlR&WKzjRl-IE9Vb&kRKmcZz3wccS_4SeKnWai$IDpSgaKPyF
zaMHQnFI(Ce&y!%3EA{PvS;JbASTL+Guva<)w3oB_$dTuDt4ll^HiRxO1hCvw$(8%r
z_K><p)Rb)~?`id!boU(jbimSM3-x<ht5oV<hopR27qmryKhh>e_49=`-Fubi>}COm
zLNPE_5jx;{xb-Ps*|(e@t|{}zZYHTXYdU`AvtS(Gy=l~UcoVEHi9QixfY+bxlwOf)
zxdx#?Ute^vUSZl}_<}XmuE&~`l|Fx4l0<nlFt9u!!&coaSzFlZ-u_F;$zlHc#r%t|
zvu`fA<9~5HdD8gax9cZlS~v^jA9O`Hkqo$ttdDgMhH}vI8Z)XG=g9L1QR?dbjj`KC
zW@6t_DFBdmp_*YnjUa;O=*;5yW1tV+d)6ygJ<ul;3cC1?q+k{1LN)2AbNPQ{mN7Ld
zs(`JhL4lUMUcJk(!?V5g((fC;hVOb>KW+B6j?$0<j(59y#q9U;)YI*s>n;u)%aB(M
z`${IxG(h%)nmHl0jZB5ymX&<NyirSvh1Wd;-bA>K7WO4X$Q5i4-a{??mPBW@o=u%W
z%+WkMl19hI@V;jxZyamWkYL~5{ju}n8$55?sgv=>vJ1!PZRIi?O<|92V<pqfrIhP1
zrO`dFtV}i6$}&DEysOB#Oy&`_Rx<erdBPaQWw|hs0~Dv@B-eYjON9w{7p&j?N)k#X
z4b%55;#5q-Y&E7CmzInzJqs6~(wUYGDhcaj;0sjU0ug`W&uEP7XXD~3nEi~G6lIZ1
zp;Zn{KSs{zXk4rAWzl7b>sz<Ehf=jOj^9`(_y4n8m(r_2&Bn0MF|qu$c&s@Y&qPKT
zTaJ^{z6~Rsu3%6`7%hFI97=>W)}Na60m5tZAEPU;3BsA~uUi?+v>MiwL6yR7Z+D#f
zIJ+l<BsY^~0~~-bnE_so$1Taog*@nc(QHo6<9Hs$n|2EP{|gTNQEPPZiv2dHB*tg%
z9%O&L8~<y`wPud?k6qzE=4qOWo&AL7g7^eC@j2HDF~%q)#-p7>PoJ#@M&_|6EW|TH
z5jC5aq~-mgY!pBSWv^dBkU3+p!WFW%+kXe@tbOoL>p;*xE8FJu%)NJW7-3@hSIq(6
zHeUD!!S?5`ujPNN57(G)1ua$H&wrM!wfi&jt8H%HZA3x=Lz_{I&_YuZ^J4Y?mOStg
zkqN9jS-<}ufe7Iw`q%J}u*>|%q>pe~?D)4g+?qsWK%Cl$XZcL7(60r*U%lH|)HE|O
zTop}%kT_jMIc+3GK4_~Db1rc2oQpC!S!j^-|9U_5NNa;+U#x=qh7^+NpWjNj*8R0P
zTZSWD{+c;w^mb(?4MNmJRJ5<+G^&>^pQ0rW`Wt~uKNnVLFQ6}yu)eU$(FGtp+~dA_
zlkI;yIKc##{j1sO`sw@u4MUnRV*UQQ781^BmW0JB@w*q#*T$Iq=f4o{t!syQupb0~
z0E9fgCxB?5M9qmIYhPNkLXqCBw$4`5GbV3u$75TN43np|aDo5xPkHqp1{(m&e_Wd2
zUitsymqvu$SwyXO>-){GYBH!FZlkgXuJaYmv|WSWSAPMZSQE(*!5nfPMueDE2vVL6
z?OpTN{I_`~VZ8X)T8!AswYx%mc{rY~E$Z42;1Tc{Mcm!Jj9ec2jL+4fp`h>>xMg|S
z*>&B)Q6l|P)rM$$@?YALOgU(Hg1vmpRq3vN@Lio}YqLBs67Si1FYM2zgoT?QaOrQg
zuiWgn-`9FCHO%nGE}mlB9FG`50|TG#f~*NL?BA`PP|?dxVfvCAH}=SrZNRkY4Cp#n
z?!W3|^(f+*&d(ufP=@<#yR*99-$8tT(HLnVn@q)a<e~gSJ=Y^@W@VgDF(S79`8ZNL
z^YE`s9A+>4WCnegNu%q&=nC_D=-g0OH)ej%68ezQxb)&6v7P-Bt|OP4;!G|Pcodp>
z(KZa8FfK81CMEqi^}Y3r2ji1iT=tRYq}@1k7CF?~0%M77aYbxq*%gMjIc4l1$mfb9
zBrAgUm@%Xu@wv60wL74+uKle`z<@Aaf6YLLqrTWrjy<HWA@8K(2c=|9qb0?~CylA6
zN8BiQo5coQn*}h)T3c1sp7s!P`}n%H>udr(jQwm{Vd~-wW+v@59QHxC>61MJy^BeV
zD$4Wtf-ObmN(`$p$`CHY=~a9xnVfE;S=w&ESYYM{2$1fgxNV?jz?f}ta4-;Fxwd90
znU=(0i)HX^m?{d4pP91#9Ji{N@yjrDmJ{v#-rZwBK{Pw!>W)#1^P6sKTxcfLSpotb
zR8_C0?!p-gPFDv2`VkqfhBXx#g{h0m!pW;m6y?;BF2O<Ten0w`_Npjbj1^YkZ_E@1
znA3imdPs6Fd{|jTdn2lwEO5<lig@o`;}`URWb^G^=Z{b$;y!I={fZ{CuVR8H0;cse
zti-q+vs303!zGlICb7CE)n{(+4>u(RcTps;G%2<lwBiO}$jnoe_+ksl^t^2q*xAm>
z`Zb*#qS-d85Ir-oL+oXCrhEx63wiyhsfC5%HfMJovJo!N9A^R9<S1c7lM4QV_^~h-
zCX=JFzxF-=gwTIOK38V%vtZy`nr9YNk`N|MFa;PnY2hmsvZ^T~K6~qdqcDB}34og8
zJs^#K!?dcM_2$vZ0h|Eb(B!iq#y0KfNhi*&Q~Xh7?a-Vn3wuY~PYtcp3?M`lcF$Mk
z@@B7(RbH|^<)2^qnNsJz{}^f0|Dx3YgaU*PXYveh!KU@5oP@Om;Gxa}Gf*=RkS=#5
zeyu1v9}|OaxLwHGU_SF1{{txgYbOGVsQiZfq(A*R6In3x^qKF|!jY?u8!B9CH;bY*
z+y~BBgg`{l?E|zZlS4_`Z_sI|uI_m8DEfv3q=Fb@0`}4{Tg(()&gEKwb;R}9s^wBg
zuL!xo$ey?49nYy08AxHm_Mc~#y=d6wYLSU~=JUjj)OkF-*}+lc@aabnP{~~+bbex#
zYZc%&D@zNDM|Q_p>m7V{LFK9j*#K6n%`Q-}!S9Oj8-br7fZ}EWuM6j>xTRL9o;6RX
z`SA1aHC3qnewK&!R}q-?UaiXX!1f9DFI?_@VM&70zrK;$_9R_6Dew5N7)V^u3t}9@
z;)wEXfj^Iw4-O5DE2*fcl%X?`nBagWYtW{>=$}5bDe{egJvJWrFI?PmKolQ<3;~@}
zXm6Yv<e7RbG2yA;|AYR*z=G^|gv9jL_p=r2)RUC;Q#+^xl@GoN2GpIJ^6YyKN?|NM
zxSgGHiYclzV-Lh=DDvkPcCNHa>`E?(U0GO{O(V_?O^d0n$T#c0Qx2P`(r;65AB{2}
zr${i4B-8TDHT2Jmw7*LU2`;O>`*OJ1s2hV{Oa?ax$HmmtuKWAVG6dMzbQr1py=04v
zSr(44umG<qM)ww)Kwpx)==1BJ93M_EM%Qs;V`GQZI!azgcfN=M#VPNRwT1N4p4ffg
z*QH9w_IJ?lhXrA?Vk#?gNp$wqk-Ng|M0Ef48vl2!yIEj8wc?Lk>%eUSiG$S!f$!i9
zg4FOsA69(znZ>RAHuAt+u?$!;F~j)gYukPS^>5Iro}?1LY0uOZ&`NM8m@$j6gNsf>
zO}+1a(%XIj{}_AX^5mE}6~qsqu&$s!zbs`f3LF<vVlUL#SZ|`~4&Ms?a(U=h10l2b
zz6ZTKG#&u`8%dmI#>PGPnfM#nV^k08^cp7V^!yVO61pF<&`tuI*oc#DY19j%#8rCd
zZLeqO*aqnj&|Veym+;o$r8xds-g=P1)PA54t!_CVfh&VbW!co&VKIcm^5g5(#19ij
zx%^j7w$zf$dmsVhPoWU6AP5^X@iKJE0mQ49s^DA?9}pne16Y5MoFHP&8E+`bsH>~v
zG$F5SGM8XE11D3pPCa48n=PCy`W3diyS`EHu!`q{<<otsQj3ta($&wHF_2?4!SaRK
z-hj}yx{o`3vzn+~c9G}26TkmIdgh;u>HMD#vpKui8AF<$p;71~w3jC8AqN<JCH5mN
zdZa~cTHd+h%bV+`0nKHIozdG#5@e~cKrC$h02Ul$uk)}T=+O6mclR^msMm1GQ=}I_
zIfs!u`Sw-<7l$Be1$%|atN`*0st8zQR4$C&Mn|2Db*?_RAN(gy8EvF5)Aoiqz{d<R
z5Xamb5eZp-KI0j9D$c>#XK8LI2^$N)h;NVkLau=t$Li*0a;`B}Tf9@BS)E2hzLK1(
z>fG&n&mz{Jb1fsrIVn^xMeGJrN6bN%LVpwapVL}BJ2gy!ybzv}r-DhVXo+NHEvr`q
z=t=l~36%%WAA?3haqmf+ixN9z9LuCaUV(kY5mOpR{ERIDmDOK}hxGeuR>VP&f9nL*
z^|wn%Kzv6<slE7Pa|5iv?xU_lK9I)<Z4^s1BH2}qlk!Ih=noy_XU!%n@7{frrJa-s
z7_Xi7q$?mNV873=q_08%P=5+YgQr=V7U}rfmKuu%TK}dQF!0JebC3PHz*MVl*N!H4
ziVVuS|4C6bdDpa;L2BS!P9Fa_Yj><`zs%VF=HwhOA~Q*g*avxWwdXbj@=E9g>g$U-
zbFZ<<OiZS%p0u^Kg$&PC8DSMm4Ag?KGFbQ|{nxIV`0%hlND(t4h9|-V5yHCu>pea8
z8GFFq5N;^IslbU5ur^Ks-^$A3FW?-(h?NzO;TJY7nH8)Ih%R!l6#?=YHXjKC<|(^-
zdV0dPqZjWEzzcW+(7RdmSb+u=(wS0@LqYud%I4usI2nIhwVN6mTo-|NdhTl;s6Y3Q
zLhDRAjUU~E8$s|I1xy;tDb0@daj?gL9{0nu2=65zUI3}HtCPx_#|e>y_Uh7cM?dKn
ze7|rt$StJo?g|Vppe?{XCGiRlvfB?_wNg6Y9?LHfBevZ^%t5&KkToYhHB<*9@=R$V
zz{gAKoTVNizXhO)9$GF)FmQ`YDgb=qlwdF8qTBS^@=Z9(9KlI-ZVO!rmcos=R~=K<
zIsBhj>008p;zZiYS5xdcgWs3-()G;w89%wsKvndwX0E^T$=~bcSMwz0FngWom&U0&
zjbEXmRro#g*9I@OH#6Vg5tpsPXHb9BGJwyWF~J^aDsP7C37*CAlr-hu*;OGLT3YB|
z7QhWGj7nu_;2*&FA)bGWsRt5R3mAsMD{|Tx(wh%SS__`o|BAEjoX5#lQGw-r1WC@w
zDU}S(2Qb~Z%tl<S<)+Z3b1N%szW7z;X!f0HowW*pveWn3`~fghS6Eb2;o1qW6HIc?
zr(@0E`-6hj>O*TMy5lG}jG2o^Akal`f+~mYGZ<PhXTLr?WW3!@xUa$y-2g6z3}{ju
z|NQh_lR{KCQUoA@;r`2s_JM(O@S*#F^RsLdf=1*1C#PqR%t<bWn3-J_OEIckzzy>K
zRGz|}I|84S*U2J!_V(!#Y!P4)UHMn^3-Bcn(w;&hStfQ8+m#L#&Vk~y>ks4#eUh-q
zXtvjA|3~pnb8jU~@v|jUr3<BQF6KVu)vJzZDe5c8Qd|}8q^PsfTyvm5@;6CqVyJRk
zE1j~=%s7CQRa`%EfL1)99(Yk3o+h9JSh^&mM(^??!G($&Wn^x_q6O1|--6~t8DPjb
zP8I>5(qMRD;7fS}l|}@V2ADR9>-6~0JByPppehM+<|y0Mkw$Ou7RVxz)bZZE$b#F~
zk}BPa@0yM0UwXK{)V)b%U(7Xdlel~lO(Jk*6#T}-s~9HFObb`2mxyOL8v)^4;2cmE
zCGx>7hSN};;gwW|@Mi1ZP@XKX`oMe_2?7Buz!iVws@idhtAr__`c+rhEp~T_!_nFU
zryh~Au7`MFkx2+VOL>S}fhTaAcNg8Bwh|ck!T7BkES5EigODv^6QJbEK~9LC_<6W@
z60!3gnx>NRlz*M;3y~Ch0(~!Pe($zy@>>z$WQgKQUY^B4dwGiEE>saG@E8FS{)Dmv
zd3`lfcr0vn;ACz<B2m<ztv_2^BrI$`%RzbXNm#O{OH^g?DeVd<&7zOCopFtE!ITC~
zVprEdpEbaHpj7uBFPa-N(pIFlIUx@L(DbXPbO^O-$x`C4*>BxuIMLtnt1%*t=+5?h
zg1&<)z9-)o4^cDaPeK`lYIg<R^zbL1M6~*TvkxfwCA<@GlmQiXc?PK?i2XZ|u7O3`
z1K5O$DN+?WJ~X{)#{PkNtv6(G9RI5|EszN0=5H>DzXClff{}OLkllRmDmsoXs40E&
z7J_dE2PmJ3bG)?Jw<^TR8TtEusx@)rzb|s#0kKS|_i{i#fH0Rt_5hJfZ>jsaBb`>f
zLC!+qu=+|6)ZjikvKK-XoU}7Iak$^wU?&>TBt=|4-~{dA(v2M`*_2|NfQaCk7e~Sa
zr!UX0LN;-hNP2a>uzI$HfrSTc2#X$XGWebs?yU?gg`&(@|0CW;Sow}~Z1`fC(Lxf4
z;jrTR?k7Bs*b1b1!TtyCFRa;Ol9G&a<tvFHRD=<M^v>u7VyZYe8|J@VTF7JuXd>4p
zb7;0%zeHoTX#B~a>-1(jYSS^hhQN`qlYcL35?9c3D+1c8c=}{`c9KP|@Mg75*SkFe
z+~ZGYfV<#E@+*57hf`3O&_;OlC8ZKb!6D((b_gpeAgpcgIBq$!Foow&8<pD>EW*yf
zmlcv|Y<FY(AMAxK;#`=XA4?vL*p^V2T!(u@G|p-&gzP4WpXj_t*a`QaBRqU?y7?fW
zt5D+3gnU2l{COQqM>2lApW9VbIHN(|60gYFhzRtuOzCi=6K)Pk%||d%&IROi!p7Qn
z_OIq!ZwsUA7C@aNh2Ovg>DMr%Xz=ds1DgZ47&dNPbv$sOtzV)a(jDs9NtmdQZ2QI*
zdy5!5ZVIQ7Ux@d(FZJ}eT^$Boi7)XeK)z&6b6R9^Brgd<E}eH^owerr&!Ps-Tg8b%
z%YY3OrFhqA+dTvDYNmG;JM7$CIPYdSaSCTKrzsqCU4Kg9S+z@qshleG1~)8LSs~n^
zudXHMkN(?0xnwpmNJrO6Aa8-$dUWCk$xhZ!`z0S#ognM3Qp{ISjaSkN+_RL^YjkeS
zp8Q|ic+BH>H8COe<TfYvGp)0y?eBB%1Pwz7UqStkRnm<NHhZ2YW&w;p?i*zJ5OA9U
z>zMs6il^ifo_oXw`;+F_@LP!Sr~?p$3VIPCYid_1b8(MD;n)ckPeEemz!RjamRj>3
zuz3(Aji6wFR8t*hMM8uX5X3;Z9?&D-N+W!+;6pZziy8<I>3zs!@q^B-yv>Cw`Ps~e
zLkLctL>Wsva^o&kz@1xgtibE{1vtEP;5#k_QN$vQ!-TIJN+Au-zE?VR(SvYTV}(@f
z4iau8yt?A%^^HhHIi+o=ZhyTDCqy@E+={{pV@<+<5np0q`yA+bT-79bnp`Gls0bI%
z%THlYx8MV45;M`!f}Bam0pT5`E>rtq!J{)Uaz!?`UL2-q$V3KErnbG(Sw;9j?y2qV
z`S#1Ed8+Mqj;|p#0zyo^!f2^n1B0g+^1AkX{EQB>W;t~>^6f$U3itZ)ik-2FQ);E0
z)>2=?tp8@GfyHf`qW@6=F#eifIj3I~UWBBcuoQ$2V0u4yGGnmViiVcfGZaX83f}FN
z?wt&eJrV;s$5FgOC=FpDCgeWwq6ZQ148j2dV6-caDQ37Ig5=|wH3ce2e?c5O2sW6!
z5Q4D*D4i~4WXQfL3Bpx+>OTseGs-``a}nPeT5;NMIQHn7Ar!jfAeoT8y4B%d^Cdne
zEUVj)?SN=r#Gx;9{fvU)1F8WOl*&91NDd0bf73hytsPV;c!$rf&uqV*sxk__2(r=p
zuC)|hH8x#_-I&?U6g{Q<py&4s$t?I;e#L1tRM$DXNAVWIJtmCQ7><o7qT-bWCbWco
zTMeCAp=`M&IzAiyB$Hl!bD}y04e3}Sy8+_B@i%-MrPL1U9HV)0;lUTCJ`JH`ZxmEU
zDOs35Zy2Z<{p3$}btUBVGSBqXRPS$<2s-=KLwnxdsyN>57+_aAbHpJg1DiWCJdU9?
zQA7cpcLtn9q(!E(fYX6jm&dQ4>{Y`U`BeK%C}{v89e#g5%FGWr1Wp{O1Zv|!KXl+2
z!VcIwNZagS6oQrp2<fy)H|zl(fJ(ms3YM!Pk3h(mlmx2PdXI3(o|?L!{GQ|PUh?M+
zCfS-+gToy1^|zTSYm6l5vqf(T3<r~BTUqR!E)3i!l+yP0ns%P&b3E=G6bxprE|6O1
zp3&E;+=vHW0+uy!)p`vKPf69<7gYg{>+j*#YG|At{Uh}9-h`1bdySnR^e(oHkcWD<
z^~WhZ!&}sjfRIg3M>m4-2zwoDEwZL-_|KSJKHk09GYDAXrm0fS6)HcFflKb1o}D!!
zW{m*%-VP<tMnWNu!Vky;X%SEWgz-$|Tr|=k2;~R`sVg3Sx`vevp-XK18==5uDTM~5
zXxHtx>wPQRk%83I)S%0N&>cXtfv5Ke<b}l8rEe`y4u9Ob|Hbb(b@2q8+puh8?^NUk
zFtOLxLXk}fcy3D#bRj>!hGO@+XgE4@5kPLh_8xg*Gm_y=N+zgC@CXHz`J=$X`3ymU
zi{KW<TZ*^fKxVBOk&rVfIKf+0t}*lrsY;(_Ct=BpA{AQo9K6N&iD-w|)c$t;VZaNL
zT_aH!%rc(u?}0OJ^aDECzt<y4KrP}c6$3vb@h2{gJM(k3LP>1<A<Obi?jx!ze*ziH
z@3{EAciG=h&7y1)rnxK6GUn_10h)J=cli~{eYn^Dv~oGRNj>Cz7A@(d3z?hb^`kBW
zwdweLBeE|XJht~)Hk|U5+CK&a8Nd6+X6fT4kmaoB=QlM_*v^dQBdqWkd5++=;@(a-
zUcPW1EHzwgVKcUj>*<YL7mp{(%J^J(2<EfpqImBvw5FWF#m-G5IH~TUoszh)2&ECu
z)m0CVd{*~AdOnu$tMljPYHqp!uod$tGRV)SnSDUk8MzZJ=$-&B03*!6wGv?isjIWE
z^=r72LxF`;Q`3(JgisT{oFB|Ltz@C6Px-|Zinp<?7e@sfz9U^RoIy?HfIHa-z61Kq
z82$hp{s-B5)UYm)KjD!^_k<Saq6A&rdU&mO>IW{?dI;ir&z?<l;TPQ9y50r93katV
z;tt-QZBTj*noOKGCy~e!P&(s2a;3=Hmk2+?$b<>xF^cSm2lZZ+A00{$XcNo2{HuEP
z8G;Q&=dv&zM{N&?Lr3F=H^thGv#%_(Ixxt5r(M=#Ch~hxfAr8KJr6nOr`_1Ld&(0O
zv{xianYY>{8-D+=3alEqH5u{h08+qx`zD=o#G@~8B?pgg(HuB-*=_?Jo@Zue=5_0m
zVq--qvkj(R(tE~3O$jA!JMZ|n2}Y~)iHR&YKMV{NA<GMZ>{z+JFLm)amvqKO5<ndc
znH3ckfsmXCk``yEnxc^L?mFZa$x`nxpvUw3c@&ACoa?;k!%Ha(y&Fghv5GYE@_fyJ
z3y|+@pe%`%w=di*@2PYBQ%W_j!Zt5`#%N5Oxo9Io(WV#eB6Wts@P`hgQ}ay<1#$8z
z`W8cp_;S4$1uc4v<DLyn(}VY!Y7{(^i(>XECh$whB<rlx7$;jKu7^^ap5DC**RsE1
z&8ybtI|sep;kUIsC+ec)-=3VUn?I<%dyh<UrA+tjC902In>32Z=<H{A@$j(njXQqt
z_Pp#hEy@w}g(Q(g7cnU8Y#Z-EmcSbo8E}C--#YvdUKl)toxdU}sOqG;*;$M=*@F%<
zk$DKFHnP<!Qgr87@@{h2WGQ|{-o0|)x#taX`#K_2_{i?rz7q8GSeMM&K+y~UPT$2s
zR6jP##Uw9PAi2%K^aGdQ7`wc1!pM31sz#s9_vxSOS{|u{WO;_7%PZWFi`<kqfx(?d
zmugJeaGZkO+#{?xguan??RIPPmr+^Ww<%d#4!0<;)Zyf0A*tFMosaQS;tDsTD?1>$
zk+LhrFv`ZPe00nA(jFaM!yxe;X}Q*d)@76?G&jt!<s=@iudG0Oyg(Kq*ldH=<7OXa
zUKgE`u_ujV^JT?G6<uF>=`*^i6Ef7{Ld~vOin0`Gtk*JL6mpc?(ua>x9Q%^ODejR&
zZJIq3>HIf*D9Du^ICb`Gyvy4ycY+jtL^2wGK&C)6W&x8zj<qsTzYbtrhXOCzvFeEl
zKX$VFY_hguX&z!_BQUezeDEYcGTq5~yhfn7<mEXvZC=ys#fH*5bV)^_J$Y`N<dN$Q
zB*Z8hOh=`1TTIZ`b5{94OF8als)VUfcJ=ql)AHGMJ?<<{9%SMTzxk62^+-|j9{iM%
zFeBH`VR1X?=ak?CUE|Kn9GkY7rjB`9d$=ko7kxL6<&G)Jwhj+i*j`S+!k1CRlx6mp
z-$@$E?ioyT6Q!NLcOjZLyhX{2_P#@Bl6u4abKJYKY57wTnM2@^i;MCsX!;f%**9_n
zGXAl^aCL(V+-ivmC05pA*(^L<ABwCf0x$!_%u#gCXYH8IiIL36#N((Bz5YJ0;iNTi
zLYqd8cV6}cKYec<bw!!3Hu?FUC;o@3$&Rrpll@Nrt5JL2+L~123*-n72{By-xs_LV
zynw;fc~_fA{fQ&9s+Y_9mo6+?Qu~XGvse}|4sNV){Tm5Rhj+h}EQ>59J@|RCw5o(d
zUd7PR5G^x@Flt=dCcha-0_@nQE?&32EbE{<c(a}^^}=v6)tK`!R~Bg?*(1MQqK*=*
zBACCfQZ{2_y$h7dNj1RM^ZAsor?<s<Jk;0l4el&-@wq`QKRu=x#c;qMBZ2n6Ox<Xq
z-lrp$Ex2f4DVSi$lcqkSD;sc>zOY79+JH{R--Mbw^{NZe1f<z*@)pHqfT=h#O3DN>
zu4er$v7SZ}y9XpprJtm}i;TE1)w<C~D#EUMfXveuX#>OyPmT^5Qr*I{Zq;sF#3ujY
zYmDPaM~yYRONG9khACShK7+eRO($L!!R<j^8HvP7PW0D8AFR(-S?2o4khPvQMu7iG
zWLWGsUK!T7D4SunFKxzb1%qPNH+bmTFR=E?tsU-AR!{nDkE8ou%u!zV<16=18hF4~
z=<Ih*z^^Fs>@Mzf+q0K?y26_|_nVF-=C2-!G(5({Q{`kcrYzEB9Fol`qNwNxU#_f>
z1ut-~goU*B@~GvnXNyOWzP;XXoT^9cPlK7sb?)hx8@tJ?oG4`IzaM$55JMAV?$pTR
z%S#b#J|e-zcYt3c@2-nZd|2$qsjOtyAZmGLC-kJ_Ph1-N&tqSy-);$#eyIPf`DA${
zP+S1BLHM>PT!^X^feeZIo_ymJU?LrHyS{}{240?N3SBR$tZd`!gJIcL12(DtAT{QZ
zm)So#R#1r_oVRIkQb93NL;D@ct;olSBvA#pr6Mvq%H;=L>QI^0$%W5$7j0>~a4r`C
za&1ucBRM3;b8fGSEz$cvs+&4ilW{o5ATK*8^^ZJPn)+)Kx_G-G$XkF!0AX|XI3`_M
z;sj8pVMn4BJ9&9Nb&xc>a6fygzs~tu1Sq9n*V`jfVhvF)XrsPG@gZU~mRuw+1Dty6
zO=B8ky@x*8+j3l<nAAC7d<<USL!|b&Q{}KMz6L<LuOfg^`BN>;^Nd)Q->gziyP5)<
zTX=K2s6<3u4^qUion~U@mbt}1LAqBFsh{?Drv<RnU9nyk<sn;Ku5id#Qae6(wxK=m
znEmB~q4O<y{)(<#Q&Hhh2Nyd<bL3rrh{(CVIOt`!h+u%+R`GK!`qhm2hzc=-L?3yS
zo8Is$DUTz5b%kMLwtV@!B#{%oB$H8g@vxvO+<VD#UBS)l5!`7|E#uGNuCU9SeM@3G
z&0ci0URbWPC>PyO?bM0K7dQ}*3G4BV1m?H+u6kt)8Yd9Rd1<}R%|RUUO|SqHvfk_E
zIr=|hXJ@~U1QcK%_=p5`iz~%6$@L={j3wDazi<Qm8^cwKBZR8h3x?PuYbeB=sTkUf
zN1J0L6}q3aAgmHV0=%L5L}J*hJR4#}KjdX>ur+vCQO=36dF14_Bf1*njXr^1^vEZe
znDX-lUD>}P&=a*H&?scZGAvdUGU?<?%gd#GY(o_Cg3d3Di|eQj*sIZ3J!*C8S<yM>
z7*V?W++L~pI1-OgJG7UR1?^KwBrCUyeVD5wQDrM!<72=@s`sQ2Pyn?E<O9XCfreAF
zCZ=G)+5hS`U!*7jy!%BOce-sAzr6m?3p;D0sM51MT)CX(`f;X95r*SVHtft_`maxQ
zL@e_wOFvvo5ZYo%FUD&4C;2n|wrj*#h%S05`CVfVYmA(7V*j*PFnq5~4ugB6o8<?i
z-{khwFN|BXeO|JQtJCY`J>Jf`zBHnTxj=r`ER9yh7TWXrr|S3cu(KafJ3pb#5UlLV
z^XU+A7yok^<!T)_IV|s;&~O?d`V^{HrWHE$<pZWzSy?A$KCVF=w5%xl35R$D^N-*^
zpfUhnH@cC|b#of{N_0W}!9gAwM`!hZ_~x%HysJhZ%UbtmV?w=P%!`dC&i<@t#meWw
zu0gk7k#ZL2aO`OyI;Vj?WCCX-lpV;UA%_AjfXwwfFs>;Xo!ApADZVI-c>9VSHhW@L
zazbyb_NsspySTA_`X{b%gvd(d^MINr3XrBl!TOx0I3ijVX51$*stJ9}$qxWkbgOk?
z3rBRV0gT4f0H`7cot^ga`2oZfR?0Cqe^vgmK>ZCHsqf%&QXYvA9=**ssR_JvD>#*}
ztt9?hLdG%w?HWF+jYXy=pL<sbB%q>a?*gBJ->yIChHvJqvqv{$t^$?Ox!q%RMnls;
zXq4Cw-L@_2z+8+!or_Rzd&nyCCZLH(GV|(bU`W0l`SkKj^R1zGv8G^=>Ar!k;C;Hf
zaBmd^|4#6PXqE>h$j6k&^HIf8Wh$PnA<)!Va>v!kMgJ?Ci%}GEw4(NSgap2g=o|zY
z2KxD+o{j>I;&BX)iY+Q!!8EYfDOZlr(q%4YJYFlTxpKaST@b%UJ-B7*^5F4Wj@>&d
znEWmZ-+w#SSKOuR5ndG2u|79PSK7_lG;W)*e#oe1Og{PMLe+>3N}}hb*ev4Wk6sHV
zr)2-eZ2Kk6lGiIYH8@~CQb48O#;L@NC0jR5p81LwTeyrRnF_o7{E^#H#GmJ8^q1wb
zT<7!BxOSNRVbmDV6%#k5W#&(n*(Gy*13eaJ2{Sstl5G$Y3PA#aQ-zj6BF#rhB@ass
zoGz@+BaAnada(ig4KZ&8+Y*8aR)oX=z&9`{22QC71bHyS_aH@Q9TD85!q5d4N)4zh
zP#7_W%k1K&1d6iwtNL9L^CdvRtOa;&Zaj9ajlkJPbH_N&=Sa7;1t6_<qE!#4A&>3l
z6bs%cNiGVuI2d{XyS*%S6U9BzHX!{o7<0`4Xj3cGYh>aiY(`rtj&Xe&IM@f4Sz0SA
zE9e2^Q*<SyCd3>*=nUY6Oek@Hw1NCUQa6KxG#d2%&SOxZk$epYLA^;i<Mkm_pEq`V
zM2ic67h#TZ{LStc*)A&}N)BMNQ=-iy>z@J78W|Y@<YHyS6HnJrhbtip+FUGAZ?fmg
z_R}Y9j_;r;Aie3Ds3b>etLgT}zF%-M+*#~25DMIaLH<UuC78ZNMT^ieFc9|Qz$Yh`
zF$}=HxEhBZ%Y*KH{y!^A!`edz_-0Umzb+PjgiB|@a$=DB!0Ml@)rO}47_F5@kgTPv
zcwKO5)*VGcJ@NHHtJWseop|B-ZUBELrl2)sjfg}F!`gp1o_a>{1k-CUKk1ZnxgW!G
z@)M=j!jraYnSj-Ol@iht3Wx~@zk913W$wpyS%qIlPO&^bEghk+LQhZii@Ww<9(k1z
zqmW)hw81^^ofocnU9qbmZ9O$S+4r?wJMxx1ubOQag=Y#+m{~=?ss4nSpR_=YDE+FK
ztIFk#)aPT`2iwPM4&VP<m|YsU>+RBZtflVe!xic*zZ7@SlS6>CM2wgMp2@_Jqa-)I
zqWl%B3oo3{c;4}R>F8b8WL<zvAb4)z92P1%y~P74E|E83>p)-<Z7QEc%;rJcK!^jm
zTNjQk6*ct$k5_*0){c+c!^6YTtwdlL$T?s&4$#0Bj}#6oWY*Vu!3{5u`-a}es2EVv
zAk<%IV(i)_fIqfoqkyGQVZip-fR2?I41xk3*d^mmuarYEyUNR<*f<9L=RQ7g&;;3p
z7Dgm<NII%9rwL&0+dUSxxIw!ihd}qca9>|vRwLk%8)j)N^@&2;V?}L!drHU+j4x{V
zL1RY06VQlRjPb|hy<q0x33&KZxstFjnc7;a+qb$hOV1%ugO{Dc4l4j$&mS$&4RyNN
zg{~%m%Qo+SsULWLy<AWhV=wRomvauFOPV%T9lsfxqhHjUAu9I+=o+3;#8^Wy9im;{
zrNKSj^s=l;(d;M+bck&nWVO*<lm;l5u$#t7oE!v;$i#gMT9`~|wndXt)bl+2(c=CY
zvpyu~)3$hb1!680wybeNse$0-5k>AFcx^i6(F37hXTHf!IMW(lY0J5dXD(j$vLaQ>
zHp3EN9cA?){WavaaVg<>5!Lb6kFfsdT;AA;bLri4vfPDF@qm_2;hDPq57y34N#OYb
z`C*qf8;gpW2+MM+`%ginU@eazl!G>#`15DIR&XGg0%QwEu|jy8zCzoA$iHxN%b7##
zG}c33f@1)!BV<}w%Sw=rgj^2mB$m;+DHxdhVdSLfYpE~rdHc#iJuioek+E~OJ@>ly
z3=cm)A%eiRjK6<yPPhel9Nr>eh58a{$ppHD00`*w-Ft>_XK++8q@#&OUdPJH3M1VH
zK2(Qlr<J~GZOL;Sc%DLZ=Yg$LkISLn$#w~>6=KpzcL|;|1nCTARaIV|jSql2LGSX;
zZtRPoGCF9;hj6&qqQt-@KyX8q!&(cj{i3*;p^5YGmbq79xg!v>NyHh3z{}uC*ZYe<
zax65IkLF;})l1pwYyqbMHNSbW9DP>E8uuZYE{{%fOS{&Rfo;NvUBx~t)3_?myt{3e
zM7Q|{{({~d9tMcGqIvFLRCTvOG~6OJ;ik5gL&>KxB(hC+DxFXwyI1mB6%*J!v{>Ip
zCNngVfX|}S1~=eW(GbgJ;hox+H@wJ{5)hl~c#1KscO6yG!yV^5$!<yoJQ9~Dww;mj
z4qYmsEiOv;Zyb>yB%QYY{r|?L@%}valUnYp!b+ssIR#ggg#c1t;TM4W00h2U219Pz
z)Y|ca;Qdkq4TeE|g1+JKHwB*f?Zw4|sCan61Ww`GwWcfSRgsC=728kZ#a;yx0oIT0
z&FvBOM`S2yZVi1ys)et+73+hUb|CR>LH}XiG*wkIn22G#jlvw0$Z|)=!4w0@PBVz(
zzO(E0<wOhCyT|#0`c4fCI<WYgii1HLy=bZB^|tuRB!yaJ1(7(#a&=nf6W(3GLDDx;
zppP*exgKuf47SBPWd>O~DrGOM=f*~3^vt><0>G2Nn1{RwVIS>*#_2CIl$idI@P}A}
zOPfw2;^XwO3IuPw&^DB9QB(u_h@<;(XDb@0b8%V;Dg=Dz;{1Gj589`rN3mu%?6lbZ
zj*D)^0}9?B9F+%3iG|72JqU`ac=0x3b*vS#K@ii4@i|fRDL@2f2VH4sXlU^zDVh;H
zVt1UMK2i?#FWu0#xL-ZNEwjHF&rqSeq*$Cv<I#o~wlXNC5>0-8KG`>r_huWpGT$K&
zH?BuY57RYqUG{Z(w%ZS}9MuzyKQFO#JY#jO-nz$4pjo6Ij=OgB@$Yxm{`<avbg_~#
zs5r6uJkyWQ3x&lBau~<QN48_NAdUe4wYSfyz67d3;?hB3enM3fZ>;G0e0VK=!Xuv-
z6@>6GU2)mMoAoL35~wpRu5FbYm}DLY2H#ft98~G1UAH19a0kt^v;=360u!Hfp}i2<
z3OJX;*pse(JZF%15R#qQpUxh+Rd|@tzj>1C^s`x`d9bx;d(X_cq%P~$rPGUBi%j?f
zTw^Zu)YOokYog~b956H;9bL8-de>3LefOs~e2HU03?0NCs{GQcjggNBkvIg+1^siR
z(^~UiIO3o94MccONI{8=TstOssq+_;d=N-AOy6}7EkWXj9mX@_*ms;NNSs0LEDiI^
z47JS;8l7Y>jB6Czkk$Wa5Q?c@p4n3@s#+E&NJUG#i4KHnT?taHyj<fHQ9O*<li(Rp
zPTg{P@*5{8O>R$PveHO{fN51V;SchSgzrBYb1J5mt|6X+nqg}E<GTi8L>;&krF~r{
zdr?4Otnx8r>(dcP5vveWnKlGe#herMxPQJ)gr^prlp94vg;m@(Ke!8lk#bTM!;rYq
z5BfABX*JMAsa+=NbdQ(!!Oj1`*83*e>zyA}k#Y?czA|bJP{7pz$-qx=GT;lRI2=`8
z3c>ZR3cHCr1YKeJ#^heC^!1(o&@E$R7AWP0Oza;1HZdBc%*fEN&O$66Tp?8F@)o1d
z1uiO$m3bmCLz;*oY*R#D3L&SEP%nrn3_%J6;W<S(69A8=YZqa018uz<!yl%4pBz8u
zkI`M)%Re5p`oCcxTMFj=jWji(1qk3v8q=`aRK!wL{(iWJ0iSN%qpi!t2ICeD@farZ
zZT@!Wac>=&{(!<QN(u^8El|sORn_lz(Fd)&56ZU*7JgnRL@+j)i|Hx+3**67Z*dE-
zZ4zI}{Rz^=)AwyLUnAO19+Sc;@Pi}CK2A~a)6vsAz;qZYK8QH-FN0W#*YSa#0F=my
z!3KJMkmgJ6MjNiU8&Q)Bn{t`gx&B^3*da7Gcn%xVL7nF#<+P7@O&ktIsa+8e=Adkd
zB_pheYst&^;(Va^o?l$7f9|tSLx+SL_*!<q6&|unAU&`#Vn&-eoQXoo2}UI+G5-qb
zwq$th5(t(U0;W9wgvpRG$Gwa9=$QoDsj0!!x%62h9cy?;5~UouV;@JR-?BF%01s8;
zkD~s6s7CwB2EVk!3Z7Y(^Mic@x$)=E6G=Ww6AYm<vf=r;l%9HOegu9f>Sl<!7aVKA
z&O$isP~xg%{`DA$L~JZko)um5)k0118_yDoxMIg-^O+cruL=37c=<z-zQ96jB>D6+
zaXYMHiz=F!qp^Co;4p)nt2#j4&;y;rd+-~u2E?I_jO@DWyogEG=PXkEMBp%m>i}{P
z_lepm(U?cwzV;hl4~!@?zo(N!u^zP4HE14CYbEz}Ak3uB_MT3PcW|;#Bqs8PfOZD@
zk(1ItaykX4W)T9}eFwXMoM2h|3a!Qd=)T1h{q?CuR2Ly5YJP@Ei4oB|@ir4LEs_Qi
z#U}G+Ot^UvGUgIH5%(J<IHCT5{A}t7N}SL5*Eh4iNGeC#YEk?kzjYQzl^Ea|^sX57
z0)n?z@Lb6iUEHt(H>jzpMZ(o7U)o>exu2Vx+ZOkl(B~KK8$+hWn?{r})CqWUYaFkK
zdcA?k2Hj=ollsNPGUfJcO@)PywP`6%-1&HG@O&uD5^9i1x>vGnr{BVHel*`qKqsnn
zx3Rz18aLGxewoaao9->k>ALBcVM>4KAAei}!0HCMBA;fQ)+yo~{easadumDWF=Wa&
zO)q(a#IB&CZ`}cXUpl745o4twf+dDBBR53~jJ;O_I25FG8dhgSp`^Uu)W@gTUhzUD
z;S%D9gqrQ7rmmpy6?W4u$URH&f&(SchROp4;0iXIxD!B%&yrn4Rd_oqCN?%!S6BtP
zJ-F-&mJ5V?_vp<m2*)uf^*N9*;(!qU1_Ch&%gkV8O{`?kO(mS6p~7+KId6gp@&q6X
zB8DweZ(t5k^Q?<NH3_lY%2$QZ9OowQe&jCzL+7#c?XXPpkf)@igkQzkLm;W!(?*+P
z@k6el`a~5(L@Pjj$X9xbe%T6PuIVcXhOBQ|2sR_}&E589N|K*oh1Gxb;dw-UQCDAo
z-W=zXfKHL6qc)kv`JiI;Ds!bTQYH84zQq-uE2yR}n8#*FGlc?y>T){jgwEF1bz($%
zSu83l8gm@i0fm1UGvH*mu)mOu$^m}%2{Q!`whZ7zBl}fyZEx8Yp?Sz%PIk`BBpKt!
z!qm%Ub{Ee<W0hmOm33Q>_QFUWj$0iI^KVQyA_=s;X&#i&n|Zs(*IKz%i8pA8z#?!X
zA%<*bJtU-jVkYtxaUw)T%BVcUjRWhx&esjxi`YI8q~qEWTsQt##ZVGRO;iPQRTkx}
z@ajUlk|q*3Ol*>KuCP7mQs!>x;gRp3GX2o!{cp6mgbZIlIW<g&QlQLlK=*o=>o^=X
z7=UzPyqkS;7>^=C-V>w~7_a*R=>#%<yp;!Cj&|g<K>i6B=n|qSkdKF`8}SkoEDX9m
zPL6+w+JzJpBR`w)C?~%VR|XwV3>YPvf`jZvu<l3-B33Lz7j`0rSN9)jL!%am(ZLvt
z;+R{qIr$-wXbHZ>kVeJ?$R=elGY^XnIGOY%r|CBU2qHbiTMKJ2bsi4*(BbJA#Vqj+
zGe~WTQh!8r!)}GtISY3LI`6l|MUOj>8hj|(rzg5QSD(HG5llm;r_Af3J()EoQQ07f
zLaebvpy>i2LqY8jf$nr@afguD?DInj@#o8nop+toestxqQ^A{W4nt~T!;|P8Vd9$b
z5Y#?~&Q_<2a-Rh(&0>aJc(XTtAg*KsHBBkrW&N;HU`71#RNjba4VvgSi~oRv+uDe*
z|2R8|yt;M;#k?}Z6oARAg&0ZXdJq-c^sqFagri>;+dP6crsKkv*WxrVWk@ab%!yH@
zS~DZ<V$eb&Dv=c8!4)ZBD)i-GL^EXAi@2FBzg~ajSgR@GBHP$WUY6x9N~j_SPVD)I
zNssVLJFXygDQHsCiDX2NOhG`&Ei!~zMnb|+(n@&i)~%?%E_%KPG>K;gQ$1&p$YOai
zxMkbVr)OmmqCNk?vkDjZ;6KUBTaFhHg(Ug}^qXwRt^`ff!-I)1fWwy)!thPLZ`gQ(
zgF%~21;B)@Fvv3RC}pXI@^tHm936x5KN>rl0a|b-Kt+m5mDvp<6h(ld%l2Hx>3J^Y
zemPi9<fF9?o{B`w>52DXx_s)(OVl*hm*dXbB=mrS<4izD8R9Np45K(h22%FDF2Kzj
zjOYlOg)1^FEDV8efFGtdTb^Y{1>TCJ?uJf5G!yme-V#^x#%6`*!w_?h0iuS88}Y@c
zraj7js^cNXx;sf!cAeiW9%i?7!}g%m^x5%`ClOq6H3-6!&*}y@c@|uYs1SPJ<8&R}
ztAgBN;}1Zv2N&8C4WlXF872x4&~!h)qaxD-uY*&>VI_n(1*~EW^zoy(13g=<?94np
zM{v{dvEZEIq%V>W%?431hQv1=%8k`vS_U{nv{?$X?&?tzZjTIo_NQ+xec*~%dqyrl
zw;PI#yR_%THSyQQpZ>DZ+}sL6Z>*z-W%Z1NepCgR<PPFM?e%+Fm2DgAKMn*c$68I4
zw56B6D~sX65cA{3D>}i5D>D@G+0I%vcBhc};wGwicS+$-$Glqb^?b6Xo|`deN2<bm
zJcrjAd8ZeSOf>H|Q+ArI>_4%3!0+=!#K&>!cd`ooTiSQ}JaO=6GA$afN8=2z2&jJc
zem~ckop07I;a2#E=`7{CY9gD6dhRYoo!jL$>7C)X?{?`Pxf%y~IoZE|LTJlJo83#i
z-qB<_J(tw~#{BprqfJg8mGUE=c{u}}BW`3hWX{hjYQzL;b;cr7P2n_)6etezY&3#k
zTHyz;E;XJN8M>N*mFc6bagz6w_VKS;)f_#N3{$!>s`tSfTuykZ5bux)cWro|AN87A
z#3uFAK0jf#ziUWS%p&v9yqZGN>C1*&uJRQmPtU@YsHVR!b=}}e@{iMq0b_?8@}<1Z
z%S0^c*aGXvXCiE*J09``*G*UUU;Rprg&m0fgOy>7v~E)}MWdPst}dk20my<qZ>E%8
zY~D0yNo`lf^Xcco=uK}JkIeeg*d_3MI-*ei*+ux<51yD)_VzshtZ^;hBBukfiFD-|
zURVIrKROEHR@}sn_ckBZcU-&WOQL1=R?n0ro#^-S*cteBpkr<APh21Q5%ob~Wo6~J
zI{NyN50qxf)4CXsJmyKAsjQH6s@~%CxT^oeB1Ou^%=qgT<-GSG3j<z)VdPy)kJ4WD
zQLN^jvW)HlX;-b{_xd*>kP2~+B)U$K<`D51p!1j4*B;|}07>v}k~^=SRna_I?f2i!
z%%r-*lUgiDZ%NRKZ3?g5kDxokOicKU|DONu_qtD2r{DePsTU}`ZkA<rZyS~%dA`jI
zaV)ql;3M%_{rz**MZU5R0>VN$3=_M=ieq*a0!po$Guhu*QH%y?WYQ#BYxV#Aj1<o5
z`|{a2IsFkjp#Q@l^nMh1K!tW4x!2d5`&%}A4V#_Q(}|-NKh$*lXx(#}m^%{Eh)**}
zE#Xd9+4<kSu0s|G1_@CiF?4mY5Aca;39`h(xyTM)U+ferb%rS*b8VY8vfqA{U%wxF
zzTD#X{8TOOl#+R1-E(m+!E(AA)NV3II4=m$K3+^qi7`(zIrr)t&d9d2w;PEsh_B3Q
z@{^@1%i#0j0MZxogdfr^Nf%>eQ)(oe*XWfwcU?0|aYowPFE&lc8912B*H!Scvcg;|
z2ABr%7I^)0dt^f-^AW*;Fq;6CM5egBwB(ji%?xnFw0Drh!e)q)*nHEJyUX&DPQA+A
z7yQe8T>PG9@!eG=PF{ALl8x=_SNgVHx;z0gP94-$k_?s{w2w7j_`Sctl=k}neNL@v
zsFyo}{r$^&gEzkMrd8>96?x8O@}$P!4->4jiCUbISl|LpO1TQ~-G?EBffmyKpR5;m
zN!OVc)W}^#K3p<(E^#@n9F@lPYadZ$0^#b(V5UR%rsw#zzrvA00_*Y-&Q#yNugkwV
zcSw%pj*B%ev`4UTIW*F2oSM@lO=M@B{N4~%i@C6m%PPVpOytivLQNENvg5+r)Wiz5
z_pa@|@qca$1%<;O`&A^2FT~J);XwD_L&>w0wfcv!H{jsp)OTcuhxXg+`cXe#?r^%m
zbWAzRN@jWx@2p+<zTXrB)AVVt2i3yoe{g(K{dPMpj3G^>;va3HC6(Eemv-MGUzuos
z3jOt$6MzbpFMFw>=Cxy{kbE_dmCik+cP@VQU#JuQAGY2DD5`X87bY~&M9DccbT>(2
zgGdq^Xfl#fKypS=0Rai3geK>pfC!QWMTev!CbA$wKvY0RNs<I4iJ+)=ZRfl9zg71?
zb?Q{jnHgwz?{~dxJ?jb8M;%pC7g0y+oLwW7`uNb<mLoUcSN&HpbIZ6${m8@oEOT{N
z&+C7VcRv5T^b4^+G5r#_SFqcahYu9{;oPP`C-Wou7Eb!<rjh?%WdR3*q)Q>kebPo9
znZ@ESKL-A1^JmAPiE!uOslQ(>?##|4$Nfc`qo(je$X@Yinc0P(_4l9MyjxmDCXCR(
z|EGuX*o;oyD((5)zaI-qIU^l?a>k>nFD{I)<v#JO(!bx17Z8VciTj1(RKU+zlWYnt
zf&ZTC(=vSA)-}zU|MMJbrza{TqCed5gm=(F+6!o#JW~pIKDnaq3rt6+kWcaVO)5dl
z^5rF)wM=~#)H-(M5r>@3f1Qn;-NAEAg_RY)#m_ir#(y!2qHjlR0v-cTi<>b49wiUe
z(Iu8C@&76zj>t$?mD6x)?^4VEY^-5t&BJn3D13q3b#0agX0ppO34L%LyT3AP2>!hb
zUQjt`NV>e`kV`$qY4&lJ`uz99jPIF|KiuE{n3JFQhqadk{Kpaoo-m(rjN}@9em7%$
z?v<bL2EOVD>4YEn-#5rHBPZZoFX8y#zst>So?wMBj_mN-)S0RLgjBD_znAI%JaJM>
ze*!$szmO69``x)^oJpf40naJ}Mr}j_p14G`EQs^TefWPrPYfyD8Gh>je8-z677V1q
zCGwY3o$z3MRQ>K8YWY|GnB&D<ru?;Q@m~_4`26>LBs!c_p1PX1{O?Lq!c;{>5NdpU
zZuJlNvy65gISN(4*}mm`So{A>B4J`vUY(4_RsYxLl-HJG^(yC(`>v5_eh8lFP3<LU
zFs>}m-1tHx@oSgz|L?c9jT*rr_}{O^9v+$l0LbK}G;eD^hv%{rF!(JNd7%Bf|L+5J
zU9Nop|9t}o?0Mi5vmoJUhd&iafDSi3+Qj%KP(RDdi58+!JHans8jwgeIcQdlb;wij
zyx^{&EKg%?He`$5qaR61Pv_$4NWV;U+Jfk%Fjc&)z7&@ldY(}sh2%{ZFh-}jeT*J3
z%+kn#vf$~+!S1Z%A@{kZ!JvoZaF><UZ7~<5SCFQ#7QG&7Y&-lV`1kkHuqPD^y8iq$
z`|kV=#vvzY$MBr7Mq4&jmUPSt4k$TMlkud0bRl;sMRqx<a<lwNO6@Gu3rTH%8@){0
zOMDx#-2AeQGRg?G(CH55jZCPFr-K+J*E`^Q%)OzK)yJd^5Yp{(^`;x8cW#(cx1re|
z4^;VOGlCkd)wK6;DL#3(qIX>1NU+P$Z?qqm5<!&~Z+txsD}Gg>wS>`hH1?8B$v+#5
zH2&CnaZY(A-<@QMaV*vMj>1DJYZn_t=zH1NjZIX~c>iAdsQ5<z4SiDEl>KZxQ<&-1
z9klTY+6Q;b<=#@#4(rwaWNhnpWKZ`aw~c#vQe70Oz5mL(y&iiq<XVjqe~jGn7JdFw
zcqiK2w}@W#+u{)sc+sA^omW4vEG+-e4E-r+Pr?V>1RhTVSW`dz>C<rxhPVcAaUMxj
zQ}d=Ih(tDeRV3IdNrt61SgJBn=ZLya_j&7?88eM%j*YGb1}a=~gMKX0Ooh>l#n%O8
z70~UP{P;l>>)!r8vxwGZSXEjC8Qqc4?|Nk;#6FTrIY!B)t1E>OY;%_}xS?j5Qw$IT
zL70$~j;C^O5G2_2`b#%zKf}ye3(Ue!9_-Bdc(U{v?}!p<qS<Z(EJBng;4Pv@#$h-M
z?=f4euZU&v)^(k?aKDXvV^ZAS&Ep|J%#*3?SH;V{#ZN?sI%Hwojp=VIdlTdM&|||%
zyn4#Bdx&qv)MJl%YBd_)9r|y7ySamrX*p`=Vg9c2&e2Y)9pFO^5E7jyF!dits0PZ7
z;+c%U-HzoxNwO3pg}mv`k(PB>_v_-drC5tL*7*?4L2b_Jdumo&Ut4OH6ir}zVqR*q
zoQq>jMvY!mNDr6B2s+Q_o_i(CLDya>_L?UpjgqhUbYvm%=H@ZCdF}H4PgFG<@CxV_
z)~B|LZ@?R%HlXXe&eKKpZL|Y7W9BAj>7!mq<{*m8Iq4YrIoOB|zxlq$&O4*^t6V3!
zoV=66<ZG(zH;4~Pt8t+l|Ez`2YKE)BOkP$xsskV8ZOB>GAW>GtkmP`38~*I9@fRE0
z{8D;4IY%IUvF*!&tRD9&&;Sq=0Z>$gUUwDt902Y7*xxV2Dj3_^F@gMsk`J|jda0^Y
zS%V(yreS7f9>Jk28QoZF-slC0(t1;t-e<5dtH_HT22%V*`0B}QeOZ>qTQE`q><bXb
znH8A3_`xp;{&xK>ljLjRcLes6s=A+2=xIc=H#DE6t%+yI_qL}BIuVlGjdkKD2&HQ$
z@DSY}<I?gH(vrc3?jLw7B!A(x3Op-iK_&yl%!$VrB|^x(($TDs5AnP?3tuc#VQUtJ
z%~4{p@(Qm>I&D&UHk-DV!&n%o5@Er_Px+L!)P~L{i|ttRTy_Md&UCD4yQLjdrA^8b
z6)<&HK0f;i5PmjRPEjX8*=CQ79r#-p4$&cX;kw^Ftc;xe-su#FCChY58E2WsGmAN&
zt@`;w-WflT5HjSR=P%#LFln{99c$NG;~K|AVbi5!ly4kI){gFRJoBqcj!UP!--YTa
z?oc_Y*uOJ}yxROH1%oD85xCAsZ)NE79Wwo_CYIeUuKmM_h>MC<wGa>b^C(GQth7U-
z#Q)H<HqnDj>>*tYuGN%*RV-$Jfm-hE-P5{U%y-Y*`Udxn5gtEkAstd)ug-s*DE5|F
z^ZdbWmoq*qH|%k_HrmzM^4t#f?S|Kt-(IB|Sj*%-$B@R?T=eAHsNw`2>0p(}=@7t|
z>v_$_`gWcz;q90gS4iBVZ)SYA2w&?p$;Trthh1J@YM~HzABV3n;gHA`c-%0(0633i
zJvZ<D{MmoCByFLvKQ{sd!O(e@XZvtGB^jW0bWE|btti%{9Q_qI@*tp51vogO%qPZe
zaCkOGUAlRx_GQ)3Loz~K1+Fk`9j&o>V$?7~tbunc%w$<`<oAJLg6!f<c(nLEcDlNl
zoNhc|APy|K9tsI(z~7BkB+isG8nlp-{8f~9M&pgtDavW6JgwTJv$9y_{0w5tWAq2_
zf!yg3EOVrSV8@n3nT|S<a`GSNe_`f;VanRT0Z=A>FVPl=<@yG^I7mzp$#00!A9IWI
z^~}-zQfpn#Nw1F<9~r7DM{PnIZG(_9V9UY9fzgkxZoAWE#$QX!L>WgD$yoc}`~sQ|
z95RbAmLu5!z{w~TRpsZIloGwz64f^I7g^lvY<Hr4S{jmK#W<XLaJ{@~DV!yFN?an|
zwJgslxIwN-?Cux8Y>T>JzZw1K%jK5+NAV^St<jQ{-V|XRDdp$ombo-!jYaL=`6;7p
zDtG#b@uIpIl{Q1HYm@<IEw4Fs!B3Q);yo^l!H-(5LdU5s>ln{8746~UiXZWK{ugW;
z>-o{P-n~FdeL-Wf!eRa}anpU3gw?$CbLN^S(J7bQYNQQ`ua!C~{j7J3xktXRbK3@=
zU2+Mf+`aoRE5(HuxWtr&Lns?bKQeo-S+fUi8oN%a!PM1vw-}OJT0{n))5}U$<*Ao)
z-(qdQNa?Wgo{3C8%gK599A$G;^!PBZrc0!Z%<uZ)d!)Yfo?pIy$*?__S^^GHhm|5;
z{Xi>*73)YY&jm2^{`U3ipQ78D&N8#L!SMCv{#q)Eh>+eKm>sG0!Dm|fa%!xw7KFr_
z<d|K(`Ul`{4wgx`vTO!+5;lMy>%>|hf#?K4TlEZla+j|a=hf@#+Q6>$nO8q|vx&@g
zEFIN~zE;RVRi%*JV`}A|JDrj|%F3*FoibR(gd8Z3B~i*WTKj~Lm08M%^c*XT8{;}m
zxla<911ZowpJ$X(GKilu;QE2AcRkrXQI53O6#X7wzzh-Ez?Fj*Zu-(D3D>c{OK-h!
zTOoy6IdV2A6l%#<_2RnsQ{sc#qOWRVeERX6YW&)XU0BB^L&vPzv#^H;GBT9UJIhoB
z%r(RX4za&PmA#6;FHU!AP8FGJMeliMy!uJg>ALduOQo=7tc_pg%O1A5_tco0sf8r<
z<+(k0D_W%RO3K)b6-iRbyp$P68?aRImzhf{u=VFsdg(YvGjx=<T5dM8Vx6-bjrdbc
zv9ys%?DOoeX_%^{lV})X`x>1!H{MI2RkaP3^^HUtU6}KJbaAYfb-BhG`6b<Y@@vCb
zHA`^Jl2AGTS+wPogHh5{MB%%FwmOoE=1!n3Ni_-<-QH!i3>riy=F`g%_=t=rwXv}z
z)<Gq)nS0Fa@2YrYwM1_$QdJgC7jWD1QgMiN;D>X1qZiL2HHiDa8uZn<lS3{%>4Ih{
zAfSl-`}P=s<uK~5fkI82KM>Y807b$xo9Tp&3II4!fJy+xGPi96Xj@V(UA;;>u;i?~
z<~DRl^IT{>fIYC|3`kbz1<}D2tP+7L;}4b)p^86#{zSa@kSp=~*Y}L1XgT{DCJ(@x
zp)!z!LP~Og{0flFClJ^HWQ4?_Tt`;k8P3h%%|rPC<FU~j2uLO!o?ogedlweCfsX;t
zhu`2%pH89C;09H$dG3O%Yw4tAAf)(6qe$$qz6;)%)^@DE0t)^Gy3qnLJ3YoN#b{sF
z8UR^=W#P5~y;@ciys>rh;|Jq>lgaeyStF?i0FNysXR;C_;r&Z~5v*v3))pTsQM;(G
z+^nRWhVi~w=xYUgH?~Jm<|@#!z}4k@f%4bq7r$rUln^iyI{|eJGY!jq2XM?<1<0q%
zr8vn=K#6R^eW6@C9Cq~E&Lv`TV#MKbznbE4!am;(a4bMP1;nd<10+s+NVrZ>k1*m<
zS)U$5o%Y<^@CGu1b&D{s6Q*hIMaW#O6RI=*dvi8LkH(QpyK9tQ;*IF8&<CB+u$5bO
zXRgZT{!BZngEgWG=`}pHWTnBCWP3Xg6(h$T=pPqt^6Mg}4*L(P)UaDjq{1eZB{naX
zI0a|+9I=-YoG6t0JqJVSf#b?IQogflGU5hrx=TJ>XkPD*Lm#jwnU|0MUa^o6x_{nf
z4<G3(afhg!SN(f+7u(gVJe?z_BA+*Q#8%nTvMiFke--MAWlo0igYmww5ThrBuc>yt
z&zGLsQ5J8e+}{z?UQ`_m>G-TTrdAkFL6{$wn<cTnf1~5rdvqOhv-YqECFIuYEpwD#
zmLu|?=Xa^;weRVk8X@P0N^*6QX#Y>Ks}x9oGI}#0{CU9M-Hp-WfaS*n+Zl=d@LIw<
zA;8PqTam?`whCEhAKgE~VineOz%MNTJUbBRtg!w=9F5=#-f#z;4BnW>P#s8+Y2yp%
zJOJZB7$kfH#tFg@09p!2Q-R%cgl`enVgQrd1856cNpKhX1VW!Z0RLwaL7ETDMo9x$
z1_85l@>`dL`$AwQAFpeMx1n=`{il3KShfQV0zxAm0Tc2%Yt9|GF~#Tzb;UqAgxwYf
z_7JN;EBQwI4pxpJ?&-j<f}}PfI}tI-@w*8wK)@36d&#>3<=5+N84@{k@rOP(V_L{j
zH9mBT>;<f=B|Rx+l6hc7{tRNPFrurq%Zewzxw18HB$*rvy_v5g2pn~im^R%W`tc>)
z1%MDXE4W@*K0ClpW1SdhR8Q;)W7F@@09C$eY<v~JGyj8@b?~u-BA-ST1Di>1YG(Oe
zB0cj~1L_%x`gRig?i^=asx3UbwhHJBI!#J<yo{ht6emJG!IA3~SPRJaqoXNEY-@1J
z38e)L*lkKe?7JtIE--H*ONB^__5%1IBR|2(18gjqMPKPO<9?!^{Y4zE5?lJC|3ZHa
z6&^E@ZW4}l55-L=$Lwnr^(9U;CNhXiT?<|=p*4)Nykdk73F19@`7)VECkHp4=vVha
z{P(t~3Ww}$=AfHa>Cp^%Hmp>~jPg%jKA5#qZcCoXjTIMdxsX8tOE;4t{gqhB2T2Qj
zF${c&DKdKrbjnMkg1QH-nB$Z{?7>Lb)ZnK`U%RQ_YH9mRaiovrCaylFc=iHyYnP%`
zIk#3<*Xh!$iw!OvF^^qX84E_|Kf+2ZR{v<-I)8MiRWQ5j*6F1qiI%dWtOeWous?13
zWvRo+K4~iTHg61kqCHz{EE-?9R%n;s{Sc$?8=M%FtS^JB0;1<rO9}mGQ`-`TDYiRH
z1N<A8UGJ7Z6=J0{>X~+lmAu8s$zklo?xP7*Pk}>%C8wIFH9pXVqLxnZo{sxJbw9Ww
z@D!pJj!4_en^AlOt8RpQ`nnz9X(-<zYm>GYK0{;*cq+XD$REU~pxnNF0IxLc3#k>C
zk=&&);l5O8*np{%dnB6f?yXz5oYTa<%w_{odK|dC8<L2pi3~_@p_FqUx>Vu|JYoLh
zSDyan#IPGq4rg%7QI^pG%h%BEN$9<t0;soO-tP_`Ms{et{VJSXpn)-JJg?8X3{w<%
z2}DQ1MFIHs=LWM406N1Pn_BC&%4lMsv~nKXTJ}m4eWy49&#`Yn;o3JQwHidJ?y<<r
zmAL^F%&)M%--Trf^q(&M>@skI^{JGBf9(fKgTvelZa4yHblQh2k_MO%t1Wkh5%Fl=
z<DR{&?6ttlIS^8CrQjaTm>@lOdJ-!0Of>_(<$5J4whs5UrFs>~-vH?gA3ZN9zU*tt
zk<Ts*H<B<E4^R<L+FPQ9ux32x%acTh1;W$#TT2s#nt%k{3>@V7iW?K3z<dFI=12%^
zSfQxc-g5{6I`P0QXmLe7fsT>(4Hm_G{7-d{5d1vvOzS{9J>nrYGYPX>2!+8rG}bfB
zK!egPw!N3vO#r18L-~K5lV)^dfUnO_n7xPbesxcAyl`pzl;Nn|Z1EKeMW)w-&{rNf
z%YMFtC7YZafTX>w^CKONW_|qN4mJnO2#}T(Pw7)yD%WI1_1Uz0meh4mZZxf~gnR|9
z02q<QnuL{c7PdsoJrfmW<$YH772*2x<vIJ)mG6f{pPIyrxb(h)a;fW%-4Eg@b-1=j
z6Vwev+!MF7{zY{yMQpZ3-Exhv5a%zINPE9c6>*hbYc25SP3H%!w&$52Xg>K>k1;Up
z1@jyOT7*Bk{_UzT#RJgwgKPm7H}COB8Mm3K>dN&JEpUtetnj7+`BM7O>Dc{M)p@FC
z&Acy4*?z(v*C-mk=RWTklZZmS*29l+ToRNE3!gK@@zpeK_ftHzWCz->&rh>NlEE7f
z3a&x6qJdw8@;(_|!iZ*ZF5255&$QbDj|6tckWmn0a=rn?5m^!v<|cZCY|7W~g&9+i
z%LE^`464{fM=+bWY#1AeYPKNrK5Tb4E*HWo%9jr4ZDov9B?-V0TqwMITkRT5UOH_}
z^c!71gKdlv5KL$gar>67j<>7pGz@29l{vBC$#4`D^)U$t^xQhN;C6EFG*DJFwrP%*
z^zte|L4GES-=@fiBAdvlr<ux^0BoDwPc=LSaQ-%7X?ZrPLpliv;6rnfz>9<4LYXm#
zn~T?o5?0k<Mq6-);X3f?V{xyS5J3f8lbcIGcmtv<vd@0jd<gg)pt%LI3^apeM#~#=
z<NrLmyEF*|a@dU9y&dabi47H=RW-Rusi-Zq23)9RxL!{deq+kD%Y-~gQgQ8@2WL-J
zGv^^Ret5fJQqX&N_0MnU$Xs#XAddoyN25OBWxWXGbuv1kkZ7a=V<7?Gn?SaL8<3Yp
z#wP%}y+yXgrS35CIOob0aEn;3?J33(A5ZR|z1GDM`b_c?jDp4Q6y12meUsEIbu?69
zF`6ycgRpG?9O>|)iY2boBm@CpwsQIS@4Y$DP_cEBV^WjbW$C`kw|mt5ZK}S~-Rr(%
zJu`A5eo-m&l5qs3Y((YVehJM3b86TZS=~OtY3wpi&vRCNg~G%RP9?OS;G3qqI|^%C
zAIi7hT>Qps5@lV69O}`Z9k!aC1q|z8aEg*YD<=cjp8N894XK^R-zRG<M1d8GW8ce=
zjMguwq+E{i&teF|8CC1#^)3N*%uBdXAJ~sDrIib|5otTChNWJXc1&9-w%@iX_9Myx
z?^Fc%F`RElO)3T~Mz3WtCiPJCiF4@2GY!9pGX4g0GmttVFqU;K(XWgo{%niIX?C>e
zCsDCXjGnkT!by|FPN~o?@%0rDqoKkcdE}?vD9EOvz@Da2@4<u$sMQ-jP!0)~t)lm#
zA#(24u$Xl0)tD{lKST(LyrK#z>}T@i22M6VCRGRCim}j;<&EPB>S~FT#A*)()ml<m
zkrm4&zGIEVwQX6S_5~+f?N{ZTpxm#Ypy8FHSM-or3%kQGYD4K=GMyS+_=&=e--Km*
z9>|qq#V4P5W1iO_1aWaTuKb2KObywu<>r9-Cy^gIJ5T!x#cD}WsO}&(hrjB5K}V<%
z8j#P07BC+Ex~LWX-c)6s<Ui-FD4&E!z0;|)tjNpc6`xB^c8K<kre`6hCS(r$0o_g!
zB=1ae{O-BG#3uPq45?2eqAE2-$KW3^Vrt<d$x;6i%<Ka>KHvE^vBEqCwxR2XPh}LD
zI75oc6);a*W$QALa%$8rSJ2Jx*&|&#p<`GKOjxl34a>~B_Zwu!PdmQT$#B}6VFNq&
z5eApOn+oiYzVW(u^DDSUe;lsPRyO&{usKYJz!%3Nnm-PU-s&{(ZE=MD5njta`rb!j
zC86t6_6FX-dRzYZOrwyG@lXVCyGOtV3vQ*xR>(HIZh99k!MNg2PZN2!(fo+lATRKZ
zpgTPxEu#Q^7v|C2#GSWd3JUemM*YYTetpvB4{%@YQmyLXcDw+U%q|Mg9ci}~Kn{GX
zbc12E)E>G(YzIE`RLMOVOLeDM#3?#p(+2NXolPIJ3-e9xkozC#jx9(J5sxb(vP_10
z!fIvQcUv=bmDfobz|8DEFsf3rB9iOd-k5EawQFBje=6S5m4${X!q<6laDa*9aS1r#
zh6oJcBsKM9*R!e*<f;=jwvt1kGs0M7Q-|TMoAI)AYf<ENA_?=@Wg4C1GjP=J1!oOE
zo7REPP!)zv*xPCv95`6#U3rriATS23HHUtXvHZR<8#zygQ&|ZGK=&+sqpaD@*3$r&
zLRymjebhQ9`f^9rUpdO&ueMg#P+uxp&GNy}RJ<J*x7V>}&qQPY?!B#~lpE(891x*>
zj8`iVcjgr;%~yx*i1yEs-0zIae}$AM@6q$N&DPWh_=R5kA)(w+^GQ8A!ByN*Fk9b9
zBb<s$_SY~3zA3<^<B4YFpybc?mlmV;B~e+%>V2>z#K5rwD}Z$U0MI3Y)EAsmCT|9m
z^?Py_BpTeY&b}Odb|b}fs5}^^ZZI+8)w<lGJKNy+)49D@v4irYlo54xvCNpHRfTV_
zN=S#^4yXP&b3PT#K$k@q$`0MA$mKp|lOKJ1r$f)kIT4FHzEZBY*>#p#u-vn3cddtp
z8d`Bu?RjZh^jI~8E3FQzVK*7A*E@DlmTL7I!qYy30z%Yin^mnX>ar*ctM7Cr%l3ev
zb&{uabdIyJo^D2)UOacwGF6TTnPT39%W0tzSQGG3-{emxsmR*6whJfX6w%l%BQJ2e
zegx#a<k_KX%x#kKrVEr^#)K@-iR8H+&F&QKJd{}9^SQV~TA1$(w3b+fE27#u6#2c1
z<)|sqZ@-|?{0O=XAqPINJ4;Yvr!YG52p8TcH{lNAhk0<MasT2Lc4RY6&RUc(-f7pL
zO)l*>bt;vh#rP&!`OPNGjeCf*izB3VDEvx?P#lz-9qzI6ox@(^gU6~QavHe#2i2WA
zeC?WvuJ<1Q94q&`3^{1U{YBQ66+#<m9ZoLCtTPWIy;nJX`bNl?Zv3JCyZ;58Zg=q{
za><9~E%C+Vf*w$eP4tiJ#GFy(ZKjg#n?SHG4nK5Lf?p0+E#cs6w&AXsY7Y(FwbyXl
zt;58Y1>R3pz_G2vM@VOHL!<o-94M1OHRl3nAW3}96+Czx8+BmU!|QxK3r;XF!fw$?
zo-CAD0P1kB5KJ<CvoAlxun7E>+xa=lW(c%km_Wy+$!$LnJV_If@)FVrO#)d%4B^&g
zw`VKa%6m`EsR5p9pMZS>Q2dvXOhMt|I?n<LJ*cAK@p*JX@sQo3A#vsy_{0KYVHnjb
z9~h&V5WP`for(dqAGON{l^^bj-2=})cCX|09Qy7i&G55;b{`pa)B+1Cg3r)xYp1#O
zwkwSLi5$P88H4B3lhKArn2L59U5X$+^9(=oon;mH4a7x$cj!2Yf_8cWn#_VkCT2Co
zLP;aFA$G}CiD=Tb2JuR0LKGddK+}`f25P||cz!K?5w#qqe1BjlR2t@GI@Zs-o#?8g
z1omFl%sGK6#T4lSf{q>*phXs7YU52CJH^>eL#eWdO8L79zT&dc;+^c);DL9SeRFoi
zn4O8Tv_oq!>T;xZ-d`F^m6eQ00eKXRXR3t6&+<J9ey6n}URx16C*va%sy-!J>zdoM
za$&dXm3-|IiJstvVJ|;Goz14kn>=hZko{+#ov1u7fe00jMXH2|wXxSd6Y)$#<3qL%
zZ!!1Lq1^`YK9V*ytY1{^>9nEww*hM@Lqkk-jwzF2yz%91<u3PY{FLd96D{Vg*FYZ?
zWFq<4hC3#%GBrqq+LMV8*tME+g4H+wvYeZn@;CV#?0VwY!MCcB(}S8T)~H4D^B#~~
zp$5B+it<a1;OV35O~f7NEgATS2S)a(E+PV&%5c(a1!JjpMLr()V&T`vTkhzj?iV`j
zP$dxagW1k0aZ7fzlYK-QZ!xUBigfFe<|8Jb3AzoZEvs^ds%vYqb9KC;RxE@mrINC@
zo}A)LQE8UMd8S2yBE9z%?{c?|w@h?_Xs+O_esPM8b<ABPzC49fw9uxF4ZUGW=-XgR
z6`W=IM^jI0{~QpG$7u{PSzoCX+t2a`w%^QAFx|>~OcESRlB=9KBJQRps~XQOHzTCz
zPJ#}!&$1ysw8XNdls-+;rZZN3!nG&fB*9b(#l)|Scr%)6u8c>^@98<QSdGjtvNsu>
z7ZrC(ObcB<GTS*sqwl&jVsc=aZe-(Ic0ZX8trfabq-a5Pxl2<zOj`r*WUBToo?@q_
zOvoJnX<z_2Jb3dG$3L2fC{qd?@`4MK2l1la6wFzaYvXmjZDvNrONGo83%GZ$jtmfK
zLa=lZt7FbNawp<|LWX$9uD)<x%)t=lb8*+FJ<|AirW8ZS7Cw8!jQN(H)Bn1=xlsn6
zwFvqdVEzndZ_Oe}MGB-&05S6no#xdCq)paBttcR!7C-13?Va<78v@b9OP+E29PJIb
zedQ&E4g$PAC38RcLL7jeh(rm@4Q1wSlh(&-IhHv`rh@>j#M!~fzL4A#mj?XFX6lmj
znooDqAny>dDX^nxArVr=9GlPH1j(c|C}el6Uj73Jlbn4cs!($xSxu*ABfuxBBN|E%
z96(c-e2?G}M&=B}034WTc@xpxD6;|uZFA2w?FGo)*|-F7yzdPC6+p^>2M$#IY+qNV
zo-g*MUeG5)moRqRr;O(N2$HHUyxFq6xcDAE2Eb#K*jlV7kpC@SMXf;BGXD8s=`Hk3
zfXq>A&`WZ&)15T#!##AMuW>!}aO5s`6DMV*VvG8W*lP0}l`J{7xdq0BANmq$=n>Xw
z4Mwg}Lv#8JcSFyfOp#0;fFDRKU8Y6QHeLDtFN_Gqx~ihxUgc$$)G}-Jz0x|OM<3+r
zK$JPHm9l#y5X$w*CZ4158hL4T=3(>y?XRy)TMqD7sy}H#AUeM{`jOs~_L#6C-Og9N
z6(7TcekR~>LUKhso=o@^3*(-xj*m0$-#o8^Y>4Hg;=S{}FPWMe96`_mJG)*g;NuNY
z8P@^Tumk_jJ=xAqcliv!=wN#SU`Y)%O`C)1WTy_&2ZDm}4h))OZlVy@R8F%`d-m94
z)+b$XfE(g}&!);dXbj&ymh(EG4s;Cw{6X_KZ58Q?%Z;ftEoAS3`R%Cha5M^HQ=34~
z27QJsy(yyCw}X)l%2SiFu6Yji9Q-Y#nPEhZ_HGBz9yXucSJG9auOM~+p@Vo1w^!!I
zI*4UGt4Yc1AV=vC5)?H?X@Aj5o&aEgHC28*?iY-O^P=+txGcbA;IMDKce#4vMp=Wn
z8#ogE1b+LWCk_G3Z}U85=C9AIk@;hgV$fG6)Cj_*tUC4;_yp#Kgeo|0l^K<~lPibM
z>JTVlN1#}SsVZ}Z$3_*4ilFpkznEtF9F{@z<s|A$3SVKoxv>T#@l0qNqq{0_vWq(c
zF0snx`1EAZM<0L&H0Mvf6vm*#MocMq$wJ5$leh(kWd1GAFW9!mVg~%Ey(Y6T+D#y5
zgU(Aa6o|^P`J1*1Mk|IRd`HN0;@ieEZ*Sfv3;l#sqybY@vj>x|OS7+KHQgF2hF6E4
zZ=2x;d^=z;&u$Qqt48FB(@`<YF^`ynd<PY@O@R{V+vVO!K~ci(r-|=Q6R^L*0l^)Y
zT;6wIkv{7cL5@kx8SJl%B2jASm$X~9`qvwDH7Z_n>$-SS^U~tT8ux)UFmSr~j)gnZ
z!@!@ul7(barn<+k+sA(;OI?CJMr<xfW~wRaHCuU&t)fDi=WDzfz+)u0UGGR-uWa8E
zmYESe2#+OAFcT8#`RC#@$165tv(Xh%056&ThW5H5>2bR_n)|%7&S0BpOhYGAD85Tj
z-&^LPTc_0Gg;XWC9c%|v1bpiSw@hVeT-p`@Gg8Xub>FqnJlgxmXn8ZAuRp!VG&-Tk
zEcYC|!(p$|4<5bv#Z1jf^lb^}yR@#F*5xfUG#gv3$R5_wX87^G0HtvWy|0`1=>4mY
zeNHN&#xrXHAM>_Yx<<Kr^RXu>Y)6q*vp5MRAUa;Qh(KciC8zGWyeKK`JR?Te5Ysns
z(y)RUpsW-wOyDb!*5m+0sWYmpV3bC=kD1*G4lBC#h~!|@9q__T&)*c1GoG4LgDBas
z5-rU$iaGiOl`2AT_Qk9Vn@i-JE;PTe9fdJ&gSg0s2texxmY5hf$g?8@4BG1594U+P
z=K8_`!R<q>I_n(_>0dRc!L+4+PM8p3pBAqCrrY|OfdV6Mx^Gzr$Mu&r4u-eG^tanS
zZ$<z>+>>xyQ@?Q+d+S@mZJZk385lbw{l;yv+AJ}05%wox;r04r;pgkk3AbfGx-t1N
zKg`Yw>@%Fn-~U*}ZSpR1YCil<$c^ZF-dqXMbP26H_L%G*v6w-_FP{&N8M~tupUEhB
za=i+%8}B{dEARIQ{1W@p!D`>wtZfQ&Yi=U_7k@0Q!#fP^YDCn7lgM#zsR;8~E21KV
zw3n{#&jA=q$GE<`(-rvc__Jhj1u+tnz7EOM?kBx`9;qb8b<<U<Tfsl;jBKJRqGZZ(
zaJ<e__XD&`IAdci-+A%&v$6V~zBu_2KJI6*52<9->q<AVVO4&rFGWo*vdCEn>H#|7
z>ptq~U-<C_)-Kp?GR(r-=a{>;6uA69(R%ikc!5Za7JjeJGyLX*K=3gxM-_Qr`?4<F
zyGEYyj(Gi(MxlGFqZ2(%|BlX@w8nm&bov82t6B)1e`0acyfFz>kwJaWdE)FD`m9pG
zAP0u>lL0xX&=<p5A6+Gk*z#ank_7o4BO;WdKcdF;VGgS1a(p1Sqc0eO!pJFSBKySR
z;SIxTo^3-iIC&}M<$S<c*U}_3NO^tf6&I`;V`J2YTM_W8Bn_Om|GkMk_d{mwRPu2{
z<*)7Lq)d)K8|yRmJ!QjnRh;5WBp~5|_9L!wDT1rGZ~PD>|BhSI!WC{qLV{rQK*}?@
zBF~7jcD6K7bkTXw$vm-dO$q=AT!Ee2{hGXsmdd_rc`nT$Wh4KnW~CdiqkkrHa4+Lr
z%6T*<Y+k^a+$&mwvl+&myzmPfQ`S`rSsIPN_(y^&CP1(S`rr?hx~%A$Hf?Ft4D9hW
zKKO6x$6`9s{1s|Y{<b{Hp5RdQNBotmr8)4Z0f!oY<Uvs;eh5TX_+;*M$rIP4x$-M7
z4(IkOmI6Cp+;@Hk-L(q!Z3Zo8&Cb`HtD5~&v8zV>yZA{-=*3X!c0;`@pX@0`-DMQC
zAR&0U{W4Y++)vlQ(tyucpUxw%UpqP;c4FS|vMaMMf{uR?neV*3F8A$#N+_<jE720e
zs7Irwwo>4&TCU45s#koy@dc)rRq1uIf=ZUNJ8dRfvM{DA<^*aV_l82>bH$<pdWtSq
z>p(%qO@|MXzFE3S@Yq4%#+{I$o<3zk&hLAzl}g!>3c}5-#>TR?1W-jQ4Qp2P>R1{q
zHGgq4RybWCN)WL0>?dc>4Btv?<MqZm4P1wi1+)mCd!5&qLfSIPbcsf?d_D+J(t(W^
z;3`7Oyob8PeKCi=PUNx2C_xUSlhD0qJ@4t=W=Q`7PEG|l#~?=N&ME-Ov8hkj_KEZg
ziX1%VP!NX5t3BGUGwAPF`3O!VELC?3r{PGI@AkTJi6t}Dj4%1zn*;uF(}imj<m+Ak
zzG?{zR{bMr=2@fgU|gG(S;by8wHeea3Llo;QLv$V#p#7<`BWIfWDf{9{XZX>rnw_Q
z`5JI@Vh^yf?Y)i@;#`q}PhBMoJ2lTWOL^BpM|IbNdO_2g^Lt?ks17BqD$&-(p*Big
zduB|EO!S7GF4bgVZ8)ap3G1A)H>Nazx0rt&b-AJu9yMUJ+rC)KX{qE71g4^JD|x5Z
zJi6vq$?%hnuGTR;uRt>ha`!lcdBCxEY(9@bV1+};s%DvCQPw~%`lVaqG&neDezL!B
zXXd)tH)L(gNWa_x>cnqmgf?M+58Dc}*m$CjgeYkEr|l>1o|2!3MutDqF4Axn152iE
zVKQ7PMLCJ$e4^$=;pc#wj~tJ)XiU<f<uTs}7nf4BzHqS&7cR8!vdl_Y;G1w7Clkg#
zZkgr^y=`h&+4G}l9`g-&19J+*MB?nv+wUnBcqIg6XKz%BN3{o;dKqC>P33Lc^i+tY
ztnq^H%&hPyd3IoQz4ooBJIxnKI%ZShAO?%B0om%63}h0SOM)El4yD(gGB*Xcr*sHK
zuNyJMIQ|@nSH%}lx2ib%RNb!_ruqgL@o-)DX<mhpi7>)!uL0v>k>^=*S(QQbsR<=B
z>+k;&aq^8RKqw1tq78T%Ql@WdaS_8l6NfgD)3FQ1gJ}yJ+b4Vcx8ncGR5E`DMN8Wl
z*6_vkL$%1^X~p|8u?$r|_jY3w_x+|D!?j!OjPpdF0!+2$H<F>Q^4foS;z6U4^+M^>
zSY{t&z~auK9`48)Y=pFfL0H!eGvbS`vQzKAl_{;;f~nu@xY5Zrd}KG|dDlyMJ-P2`
zW1`l7_=)weCb9h<kT;JXZQSgM8cl$X^3R;eAJ^sg6xrPk6W-xR>?un#Om`nabN}YJ
zqPxJ)d8BPj$E#5XW$8a`Qz<#|d`Qbs$%2G^>e$%W6n`HI`0}mYPG52=;(kBQluI+x
z(F$}9H%FD@U46sT*dn(<?kRYyuzj?(;`udNm(~U2l0MI?87KDMf?2uiik**br8%f@
z#n`O$wF4;DJXJk~a3Nq?qohS3hULS)9MF)Qnyj!q+0%$>gikd9Q_E7FLuv^3jy#0t
z6OZ&(SsRy<2Y_mI)F`)wls`4b>E3xu#-0#llKU$sgFsiG+YrZ|RZYO7WvGiGx*FCM
zu4;2bvbtc`_f7s;AC0_sQ^+4M4=_wDuuM8ptbU|VxLiSi+x;722M4~!y{ycmW3WJC
z^*Qkn)_Lt9JNN5Oq>Rl+=Qi|v%b;$=K+gmC8eUC8j^kK0tC1hr2JoW2G1l2qUA-%9
zH2?7N9Dx6~bfKo3KP)aYa&xf^)<?b!cPC{XCZL#HUZSo(XDw_#JA^~6frt<y4~o@J
zyIH`km>{<OrU8X`hePk!t#fg4rM4rg>s+^Bg&EIDm}U<^KKt&4Y17vZ3U5M)>92m5
z-w0V??FAJT74OLfwM(oXiSN740Z_K$t~G~VK71#c_x?!IZ73dXXZ24k?wS4uK{8^O
z>dz8V(I*`f%)d6@$s~BcL4LYtL@0)c4#+zF1T38h$x$i((FMbbI|KMhzNm#4ENK)e
zXnw9)qqf51rV>IN)PkP7<tFVYO^z0?9ifcPxtG}MPE73M%8Fe;=yF@#$kz7c(H}n&
zUO#MzDex~1APbN&O}Br7cSwt^XdCTiPva&dH?z@>cWH9MC+2sPKHuM8JpQNl>b`5n
zh|c6|{&qp{(Je!8Jzy}W6=H6B48w?q+wGycg?(b%k&uQ&A%^=6|H6iuTDMPfIKzlU
zJJXZ8xaa?<KFq1?1KG+bUTtR9`%g$1-=`U!Cnfy_l{+*WyjC>Bkw16Ol{hL(M^Y^K
znK(*rrqUfV53RI3h0RnuNjiAjWY<qUDw*BW*sd$$-fDOLTkw;h&kU`;r`##4!e}DG
zd$+m_@;=NzRVH)a6Op0jm!32#*$J-B_7V9gYJbRhvLS_`!-xlrD+VVq?$Id6ig>H!
z{8Bd^q4VV#>d$-4lxORxk`$BPj?HXF0dL68Gl$?LJ#H>-N>eqAA#s(A@g^7X%7~1_
zOQNK0%V{u)-wG(oQ(OGxEE{iTq02K&lxMNeeILgQT~grnBY+q0LuGf~a=W|3COpc`
z)`TTboZVgY8??MfdTqV656bdf>#!j`Bc*2^J!6wo++m`O0Y+DTVMf(4+N82QUhXpK
z2(Zd5|LgSR!!X;1?|<~>C<C7qI*SHbwUCuO;rBaR%{*1+s_rFJ$dDZO4s()tJ%?wP
zg~xTU+*1v!=k}oxX@WkSzIp3270l}gA3ptl2Yxpz4i%Ii9>Xo(l-E?{vv{)B3V;0g
z3m~7tlyeb)K;V0M(G8VPb?twU_oQj*dBuno#naVT-)7O+2Y$>fV}u*&E0}j}6r*Ke
zQ-+v<o5??X0NZM(by%S+jfPofD;EZ~?K2<Yc9HHDlspleVA#lb4uVzqSXAnd=n<&X
zn}Hqxm%;;Z>IdqYXW%LQ+k4h-CO1JS4SzjN5bz@x$k!UF>eQcsL9wN?`Vj!SdnOup
zj~k`(VJovOF}L=n(UGosqb%4}_*vqo+OhuD9i8~D05{D$*@!p&>;%MyZgJ<_gmVL9
zXo}RC1*XVlC?KxF_99Lw!8MfeGPAT*wdrHv2_(6d(Ws>edrO#HXWAd@YxKQ!^n&n*
zpI>htXL}AV%4r~_G=aVq)a-h=R8FZa7!D3!6}JEs)$I?EFnm{<UDsehcLK^0xSP!~
zh7wYF9a}Ao83UKV5()7)D9#W#%F@K6b~RW)=JdllSbVG=T+(QZ2GAOD>Vh9GJ|Qj>
zZ44__MAZFIx%pyI62&LzDUIVj1uR#?Yp7*z3j#^v{=JL8!!7~Zz&izMRtt%fDf)0z
zY>rKB0YUE9Kj7eqSi%=5JxEeYPm}pZ7Dxe7e6?Y=&QV5>?_kivRt2mecZncn+X6q+
z3$z_G8<*#7x!4zgL$dO@3)&B`22AOP_80DE5ldK2Ee^RGE1hXZ%p#HGvzcoMwg9FR
zDMm@hQ0X=7%90cJHd*7Wqyr4Nh#O$`R19MhVK^+E!M%g*dA`>Rr({KnYj+QZ$b$>Q
zRGJwD-lS_$l-fkLzEI#3v_vHxM<I%Ph^{HPk4g+&Om5d4D~TP+zPuuN&8Tt~30MLR
z_A7sFe*O_H=)0Sj+V~mWAQ!|5*0{=g;h2ME^Q)t1u><JWZm9-}6=BXxo~P@uD<>tx
zI_^y>QJkKNt-QTFb^>*IWvsSkphml`7dFK)fs1|^Ib%{36kgNF6~u<1ppZD8O=JX?
z3<(Hf1(D;9cTdXpnEYWi>uRZRD=W5V#_F^L!UmFTx-bvs;E7m;=bJqO1+RX`T41hE
zQ;4Un=5d2y%q8|bhw*v7^EZ*L<+O07$=e3hsc`Q;p9lTnwgcNkqTefpH1}+H8o1Ru
zYg&D6R?3W^sMuPse-Q}{3%&bqQoNnH+zKhPIg=bMArunLaO};p9t&)LUMftOrk*s2
z##5wknRSWp`J&F`@zBa#;ng=1GMU%HN;<dNRcQv(M{5LGKh*YkXV_|!A0NbQc;hi{
zrlL!DEd1c=L4HJ_0asccgIL?0PX4xt13>&c-OK4Vj?Qe=1!z|&Nm0eR=pT7zV`_@2
z$W9qCW0bKOz@)_MTb@BlmA#Zcq9Y^E6eDd_shSke@b1QN`)7`w{{X$`!}p7Po^W%v
zy*dIrT8Iw;@YH*fT=cCQ_5kfOkqjW<%M#;e32vyX-$gcnk6*v4>i!P48LMFvSxpls
zBicU7fZQK0$|s+n{%9w>{LymdSA_3)Vbcr*$(#cNhw-`<F5!na#{7;4&XR!2KS6FH
zonfZ2dJmUBP^^}hV(!B$3!IEAa0wN(8#6~igcqbsb#m_jP?hBMy;t12|L*mm?lQpk
zV5x%Dy|xJqDgVcVk@)&j#D)nxCOUXmeawF^6kSjOXIP+A0kl@;X^rHrRp>2KQkT8G
z45=G?M=may4tQuV^F;<l46?tb_zX$c@X1&A!EE3Vey!((f9DXeZh_-<BVA4)B-m@{
zX5lXdfiOYO!{EyD5%`RfsYHyNFaI#Y1rGgb$2j*=<m$l3f<mMBP!+~=IXra|<%Col
zsSP-_RpFNbjvefcyVM39$;J-+qqwg*mt*=qHTzlXWtxmUf{0=WXz8(W1m9OHsCZi7
zIY`D9W)W_{vk|WxA5eC+hAEZdSuDwpb^OKEtNy#&+t@AmiiE%tl>Z1fmF3$8%nsn;
zhy@&&r)X<XftX=Xxw8bZ<8XywFTNK4p<CP7g5gp&tQ*b(PH%_Gwy{uIwb0u5z|Hnl
zSOzQR(zCsDr)Dpp7_du7w$Qb>V<Sb&Qe??2uV^q0S#4B&RAoM9>~=k0`sH8XLL|0K
zBU^(z^k^CiNb5Jiq?FI-C)A!mi`xn{`uPh=>#+FdjbP@J4Hk8S373pO_hhyr;7`74
zIozA3`e^k0qQoUYEc=wlmkv(g#MPdXa;8~z9l+zLlL>ln+;74~UV<cBhD#o+!cM(H
z{>P~APN+NaRz5!fY_H5XCs{?s$PYe(*#OKQ<e-3s4`yBp-)rWiQj%zCIYf#P<HVdN
zY3EqJ!R@EwH%j`>!(lG*f*6U99)NPmDeo*uAEBY`kfbEbUVa*pg20UT30fdG&jdtt
zjpVwmO*LKp`QcN6bQ+6pUyE)6b6V|r$>{j7LBLm;ARPo&0j5J>mZ9(kBAYcX&u@0;
z-T`RX^ukgyg>g71Bw)XIw*6ju7}7@U>WSF<#hg9hqLkM68qX5+viRbazDoyto9O)T
zfdfEf6w~>F(>%pF)SH_I-S(=@ij5Tl{{UaMO=UJ&vF2S~^uJ)HO+S6zvQM`2*KaU;
zF8fhS#FQ{V8xh8|PX^7oeZL{=(RbgV&6YY**$u9Pi0B*aA*OF!^K4ni^WDFJ>$IJt
z*`lrHX|jG9-s~$I2)gh0b+_rBPKgqC4IM^j_?!^EXzD4th{-Q~uRR>kQht#t;@+)6
zu6vEj{3oK`i`e@<i6_rpC@prD$+ks=iy{8^an>p|f#3!YP?PKJ6eIN+cZ0!EQ=X!W
zp+kWA_CY)yGUAxP+t~o`rvJYang|$2Q|$BwcDMD%fmjSpH5jogbg;-1z(Q6)<?g%=
z?)na})bj5w0QeqT{Qh*QXGH<<=i$HpfZqdO2$?m-?Rt|i?H*N4GoB`C41~koT|hN%
zc$2ERRPOo00RZ!dwKmPQNP;+Y)$-s#sAH;=nhC36+=6iO5NrK@;w5mQfywyYrAD9*
zlfzrYsT}IHKg<E51dL;T#?#Hd+W+`t3)^X=;o!L6GDpD`gQWffnPqXXi07<jq6=~u
z0p}7H<xpUyxDQZA_F4qoOG%n+@4oYaWii>=-{Y2JwJD#N3|-(;0QW&IATgQ7miEKB
zh>D6e77KuePW)sQP5p6$#-U^+!o>B03;5Oedu$=LG5O10oQ5vY<eB(GJvGKvAvRHn
zWkHA*l>$W1dh_ZULTVepBalmTEM2}W$OeM2IXsdyWx?zw3=~sPx$35Yo2m};glcN*
zF_z&WnO5*@;dnh2hu(qkAx7=tcCroY#VB)T4Olg8Lw3~CpjPo@Db-yNSan9TC&E7C
zDp)6*O1CPn1-^iqp$aYqtg}yR^sxBtr!YGI7ihEt>Va>>Xg%um4fum1j({X*zEv=v
z;fsZpN?E+5AHRY!ls5PiC@JTdK1ql>y?~hWKffFf3><|LSnsb)v8B<-OtG~92lRNX
zZvJB<dLE8Qs3Uem|0Y^RUCTsYoPz^Jv6jNbrPl)e6Vp*)Hq$=0I|_-wE~Hzbuq?+d
zfby#s{KNzo4{1dM8U>a04*Y)2{IL!u(X=W1fve>)@#IsYc;l(BfN!0hX#5Nmt0C8A
zyp(vfH_IeA<n`RMtg};0vsAE59|aS=f|xiaQPrWi8t_p=ShqB{e{bc#0Q2zc_aUun
zserzZc+ocUu;k~Yg#pNw2qYJRQI=I00G5#`_G7cJqX{1h4fm)T&hv@eLQxJUmI-~I
z@fz|K<Z1@jk31RsARq&1>he;p2aXqhB$X^u=<CEyOy$6y!GPwwMkZ;2!dyT|CKl@7
zhK)AcBkJ<{lN~e{x8V{G(>;pDUsC*@act(tzolNLEprFSUJn#hv}PI+uL^Ljcol1*
z@DG~txvKWod=j~L?e}1oLPQPql!SwK2}9$=U*Vx`Ovx_s(ADpL>zc10d%h_Flp6@b
zO@&8K?<`W?)A*=x=YdcZFw5Dy6SD3-u#ca3WL}^k3g=t>=N{-XenY1j`sLkV=XA7F
z1aLOS|3z4#>G(*shp+rK9z@Z!#K{AFOA6dx0rlpg4kosxWH!Sh9To!14>Ewf-}LX>
zP=~VN_3Smtq5}X}&N3QnREwcBL_HWML6HfKLU!3G%`Vu_LD5(Fu!?(7$V5+H3j;oY
z%eD0%5LzajkDYsBWQ;K_hPkiV!d*=k{-0Mlct#DkmDN+AZ2&tw!(#W|L2$5}-h=r)
zHZCr($)ZdLZYU)-*ThWj-9NzM%6(7HXVx@pn5*&v0w`z&rM5;Sxnrc>L%$7WV(E#)
z4g@D@K&TebObsGkU0snE3^K~Y6wP_1ddh)`_7!+_aHYVCGi?Bvt1A!q(e>$mH{r5W
z`RM3gGBx)2Pzw5qnFz(nZ_w|;c>)Z~mQi6r5rz0<w>Xc|`7a|bXMpZuP8v{v^bzQL
z`aqqI`11B{KCDxt&N3+o0^0<<w$*#E3?95w0M40Tx>6{x3$wzCq2&%mWPts4OshCW
zsnv@sQTn78ns``%N`UnilFj7+E8*9_`fqlHrOTjNs^#-XM$7e5VFBnSP)6jJmF(Dr
zwb&Oy4&I~5`#>}U@8c$r)($dr5bGdoatflx8i2>7S?&c>5aNk{_vO_lDg_fTo8JMu
zD~}?F0PggNdW8%)cISXij^{|@KA!@~hDRW36$WAkmeMcaqcm?udf+XSg8m9szUDg=
zMwqdFaLaP!)S@-E_-Ov68Si@v?LP;Qni)jLiE7|pRQ)b!Q9eYcM^(BvEOAi%@f<r3
zVjBt*vG_JjO(1<FS3wM)DgD3QXnELtTr6@vLEATDe}`wYo-W<^>oSCwUk0Yh^SxO{
zG5NJT$-!ccM||(#6(f8Cj%ca;uDh&Kc>MOFP?(HsW`=5aMrL#5_)R*g)|w6U+Y6m%
zbLP;w*URS3Jf8;Fn=J*j&uk-Y)_Cd5f1%|nn1OTrCMw;uS`OQ7$EvJMxCMT9;Xii#
zX!G{<l?&**4&YWN5|lG~|4`&L=1PphP4ePk%VeE1t;`AKo4pADf>xOTIY$E$&XJ%i
zVX7C@j^B`*ye-%A4>6lH;`i_BfFt0g@d12=PK>tYg-l#gYPrF#I^;>au9q`o-0;`7
zU$2e5Q(9)J588mC3(vvR^*Pi^b(t{dfP7|o!y`Re3a%f(SD$J=#DAWai5J4otU}Wu
zkj-cD50wAQ;A;iP*uAM0HXnfY{o`*9*XHHTS-l8)6Zl4eW-$0MXHZt-HNXLYfWGPP
zxi+X!9*k<cvIQpYz(f~G=ea3jaU9&hJpC;Y{GC~P4@PjyqcDJjs=@t`Y#y9?pO;A=
zVf4I#OJTJ%khi4rPngJP-1OdleZMHmAEwLkVzBm3{Ux!}RS%UHntzW+Og#Ft4)DZb
zmhAU_3ohjI<4?oH`o{QJ@){p|Nem#_9Y{O<ILJ%oewa3kCQyJNR@zncIZ**}p>|im
zZ%q}9kc|knP)(iympUKhBk<k9QThRsKdSIo0B{n3&Pl^)9|DUNdJQ>^H^aYf55tac
znx!aUNl{n{{()G**vxive0mf_4Gnzy*!~6HI&GqSKK~8)sT`+q;6kj7G`WzSpmFJb
zb-Lh~wm#6vEGoBUA{t^W;Ek__PZ>rg#wKh6tGqOoZ2%A&*fFE|cgVhQtPH(PUawOO
zgU{U?ouSvG))Hv)Gx${S=(`Pn9Vvrw)+f+UfsX>{1EJ1AD7-Jg+Dq;oN^j~DYgm9M
zmV62BO<<eUU$7)wO7u4<b?s|JK%2G)X|TYOp~frS21*k6CuhsU6@JgILF^7VzFr0U
zTihXj<s@IFb;ntav<O{`99sgndZK#R#x#6qiip`&+L7Px?AvD=wz0Dm0$H`9r{M|*
zgq@elM(GRdN3a8gKa1H-RW>DymuU88D4c{@_d{0?t{pXUy^J6SY47t{lWmz7<tY>x
zG(`R|2YUX7TmVm*n$+UcGEk#9#7!|WU0E7l;8U!5j5qiuUKNJK<1idxlPITLrer{>
z`s2;5-_79aHhzS!;G+f5*fUM9bjJkd*-m|%8Z%vn?vfUT!X)wyk>4N9r;M`$@8@;#
zo(z*;EcruSe1TIhFZCdS?55NSMvoLy>d6d`=&7Lde*?gqAr`NAy9%TyT`RDHuUW`B
zt&i;<{0a7s%jrtzPYcTc#T^2pk9m+vK@J*oR(+&X<FT&7<7G4$C|;~jS9JfucDlMe
zqEN+=AYzeNgp!5ZPqn;#b`#9_w_wH&`soTY5EKi0o|a#h+NNRRoWajuFd@0k;daaU
z{Xh-o4Ho9_y1qP!4;}4xRXiL(>AW7iP7p*0A&S}U6n(@H=+-YR(U#4ZwLkL!i=7|g
zf3N&2`~^O(^gMSfz<f+>BLO_z{(6>yvD-tR1a@p`;hB{?IHCLYMhX8V>uu6en=rZR
znW0)GL)4W38QZ<@Pc?X#@-@q){mt0xny+}ScEnq$TnE*jG}xjd6MW@0Ny}NlAbdPb
z<y*&3A+iqO+Ic_uP^L@QT7wXS5@jln0uM*>ODWvYtKY}JAzdG!2Be%{Dn<Gzv8Qks
zz(GZL&ztw*l31Dqt6i`V``x&GuyXgGB`cO_BPL4vFOa<PTBYb7CVglx>^FUivr5XC
z9}^Rk=dHBxys-9lwh!a+Vkc3nvWP`zz%O1_-9GN`Fr~_Xl_G7^&$W>XI=E-Ilmqqj
z^gtt!H;5!%^u4oyVYC&_D;MM^!yyDv4u^(0L{ub!F(ULUGzz89z)lt#i?~2wm_b#9
z=xywW$fpSn(EE28+*a_N03F%s&oC!spPJ*89VZ$&eWE~e-Qnv8=;94nFN12PNkT$=
zuiwyZUwH9R3dM&YG(z9~bza>g#%(VZ4}a=zir7pmm2q`Zoz%`n%DANPzchmUBlLh3
zzCvHwo$v`W&Vy_qmUfWiCY=LNk~M5%fAESOl!siv1&o;)o}zNIO4LJA0vD0=2LG)Q
zGf&=l&=bKyHU9_0rudK@numGrehAkcsb<rI_x9zb7FSV6C>5iOgdK(@uQSl=r4>L3
zPMlhw=V6OdiVW}$cj_o>ccIdoXLGJJWUHo|y8_PvG+zruD7(pPpwlTGo8d>61~G%s
zUv(6+4_uXr$)4!gP*f{42{SGo2rEm~pS=aHV3OaMk4(LkE`Mn%3Fg@zF~tKS-aJj+
zd$Ves!Hu5)m+TxOLas3zfAu;%zZ?nkk3jpS<%w{Ad++qo^QJn?Q8n9NT4AE<@Crln
z5jB{ODj8P<fWi(|vooqHfHo8)SDt!?wgLQrp5Q>StMtw^6PW)M@!Y;y(Q)jfAkOK@
zFN~gtJDy!ppS*nMC3ddEbp(mZaqrEIVVjt_Or7r|e(C6UjZNGh;6Gh#cG2Yq@zd|2
zse@kvku1%wO!&_Cu$mPzy7&Tc_(Xy9_RsIC8Rc8NB)P(W%@$nwl=9>`ybe=Ts6;t5
zul-H;7R7|*m$)vR_%-h#=%5;M>A;`X7HR4(Jl{`9J|Qp6CF@}G!qY&~d+28JujYWS
zN)pKu4;B3sOByOXhnKy&M&cj9cn1KrS`MEt8LS<mKTv+C&w2%ITz208Zox6=qGEeN
z)sHm=CB-Ca3xEhZ1X{HvAD6XU8URDDgkv*75Xr^NOHCpF+R<qE&6GsfEMmHN{<~5q
zS3X#Cy`W6uiV2cOU;tdF*MEBdIPJR>^rm9I-$uC4!~RhuYKJXSbbGR+NjKtIjB|uk
zA9L@xGpK%ygzz6a5D$C6B3Ik5!008tI+0g3tN|O3s|Rx;{t1ZrCnABs8i4F?DJb?+
zqPQb#u2-WiVkY|Je3YB<g>%E*)%<;sv<0rDnmK-&kU0()aj!If29Q6v6x&=@B)wc1
zc%;V_8|RoW{Z>(&)A7Vm>`1#)oSpbmo_9>a(;st5<M>c|=x$-sBwRCK>+CvG-#7s;
z(I=?HS(*R`!covQ$~SsV2IvPyN5r9caw86Y>qt2oM!4OKZP|yty@vMPIHYBN23Jo3
zNO+&P@WVx?w{Q%k${j(_`PjACEWyAq!SoZq7m?R@8G;0pUIVSBFcL1$cnCSRRUZ}m
z^{yYInrgtC7EYod_TWW9A(}`*r^xOD7P^hlLFcWEnLB3ayw2C<b1Y_HlT4=(hS2te
zO))LFiS&-Fk=O}L-b!r&!&DfLhj2O5$o+dH>=DEmJ@drfgmj+fIOvk+ICTOz{M3_O
z39gGUoEqjY6=n@^iw*n>u@x#duK$a!zksTGkG6nOkPhkYE~OFa?vM}_5oswAK|(q=
z-G~y>ji87iB7$@yji7{tG}4`KZ9Vti?|tLFJ<jkrw#5GbV&z<O68;%?P+?4ik~j2z
zUojz3^A?5Q!2rKU-Hb0|wv-U;AOiA!?4ZzKk)bvxVMW_9->Z}ZZ#(d92rN<N38<$9
z|D;w$f8iiBAyvW99e$lS5!lo$zj0q_<zlMJjx>}Rbxfq<DjvyzvNEUfa+;teCYts`
z)=n)&nlHQwgTQKXOGSydCg5YQPMr)$u!Mr5Nc@CqQ6vg4dZ2i~yq4Mqfwp+zIrPW@
zFH5j(<G7q5iK+Yt9XG~!Rg_uRE5;E_ua+<mE<X>9?KOo9zsNz3YVXG2^m{yP@B`om
z%;81PnB}zJYSP=wZlzLq%hbqj6EO=xM~Z-!R2{3A78-Rx2H=8Nj4hh*={T{W#AG&t
z9Dg%G<c09@;J@k=c<s!VujOG)mZ!y5p`mI3OvcR~(a1LWCo~OqbZ@F;$c7+R3`cSo
z+XKE1s?TlCY&}LB8dml~E#cpAZ^&IiZKbpp8a4wQq1Q1nkva$Yc3`I1fP$eFubkxn
zUPw=pXPb2ZZEm1U4~qkmwy)W$%mTBybAVVtpGKDG+`XIr+yeLf3m?>ri<9l%;AT7i
z{Es0|vI+&KtP|5HdORMepmV@!0DpwYwWG?G(It$%p(uM-yRb8sU$aA*+HTe7*5$NB
zL~?i&l?`VL{OjXCDhG>izIji&yoV~+9;=tUUiIUSegm-16o`I8sYr~*UEWTRh+vod
za<Bwy=1?cv)0I?=huSvO**fbGujN)9=E<*>DWvuB2bk0-CggNbJ(0I-WuP)2ydNz0
zP(^|8sznLw?Tz@u$P5avoCHIZyjw1<1Y64FgK{W%kHU9tj!<%mqEM?Wd4%lPTyyUs
za)7~rkwzt5WjUkxOJ#zJa}K?oLA=AQWNaCWI~_cT6ip^Cr7l&r@WJI9MrI>}%x=*-
zTuQN2uM<kdimk3ZzD_31O7z-1VcyC7H9|4^+g@&vc=mDp0Dc7uI`oHfpaPo~xp>ZW
zzuBn=uh%j*r@7Z~)qqSS&{>{7{&e7dQxh8(^9%PF?xBIG5~3cn1ie5Kci)UuLwQhF
zHRLn>ice{6Mr(yDxh*KfF3+48C!((!o})@1FU^5Hf|_d(iP!mDIg{_BC4(Qe32I<c
zA#n_iSagD?+@iTuZn50;O{>>)a#1XVSL>31rG~Y5p4LsBEI`j~r0FsKz*&M8{wq8b
zliC67ib?a4czkwCUK*+x$t?{IUYfgQ7WRYT8HweISc8<NK6(HKDI<?!K^X|qKj#|<
zvzX1vfvptetduiDB231(YLVo_WBi6dlE>8`OajKN0{GkgQ0fg~w8KXMDnd7j5BnY;
z@wWZK>uc%20v^(VM-1T{#zts93jaS2oo&z+9^=}P25BlhCfa|ziczv8Kvgb|GIBox
z3}QS~A|M>DU>;oD^^{+&3$*vr({^mMKY}^xaof}wcJhpz0lxB&gAYMk0+J@EsFZ5%
z$m!Ei<Bz|!E5ed=8~<h(i^9IQj&H7%Kr^a<!548yUrG7(IC$k(04@PiXZ%3-;MINn
zL^P#}3PgrG-^bmgZ8-(>PTjYBT-@gJ+<y|~R*1YD0*LiA)NJ*9M)1rKp)<t^iJDg3
z)rchQLC0V9?m=CdrY5wV)^i+sN#Q}EiG0bO%(s(JtkO8+QLpFUQw(5N6OhsW5Y{2t
z*~&#z8y$@D2b(fk0kwXPmD!kPjOm5D8!D;$aFDvheIi$bKoOO|q3{sRXp~eMU2zt(
z6a;4#MH<`>pf)dsG6v*1q8e_EN{EGU6u|<84kxv61#OInDh>*2g*bStH3n0~idT4X
z%TS~XumxBLw@R+yeMJ$p$c*5PZVekqO+m4;U^d2$Vh)X_@C<X}V-8Mu|2jb-3RB_A
ztTG0Bj4QRqZzfdtd~PA*ZYi@MyLM&PYkI5Xc)&#FYvlR{+cqb|gcMzg`gkwReNv>K
zk;%Kb5wD(9^bn=**DuD@5%Vw=H_HY)y%N4V`B5+}qPDxcdkWDt)IOp>MYwivV3;{c
z0NDCrTrI}QFPe}^)mn`*Pf<Bmlk#9d6N6cW8(pn1D$?jTrNAc~<3dV}>{^%%zUdmQ
z`|OwV<~S+eVMzke%t9uyh~XBY(l2vo<a9zl(oeF+{x9*U5fzHy>}URNQ({IOb%}wV
zb&QB{w^aC!zc7h%CXeXHyeJL@u>YBWfrmi{ARg{=xUPJ>KJaGts=;v2n^uCDg-wix
zmJpTC<rD{vNw#`p&`Sdyvtn7kLT#pjK^*eU-Rs|-YsTwvMCOtlR6cxVdvs9I`rQEo
z)dJe#NI3-X_pniZ0QvVy#uDmy+W(bimgRd*_Mn3?JMQf7Qe%A$;%I~H`~=OP+^8{I
zZ|G@OSx~G8esl<3?ev4WdOMmx=d;+|H)*SKoY)3z8aZ-e$vZG^fj#h;fWS6PtBCE&
zGph!ezp*Q7)jr0E<{xKG)n%aw<j@TY3dY^Gw;jpFJ@wJ3$;TEFp2T#`(L3m=Mi2|D
zbn|3f?fQtwi^d%vy&~DFe{~>SYn`$@K+BaopjgfbvTRK;*-wN8m<qt&n<$Q!O2uui
zR8}V%*}JBUVxgrF1dl-c(#qn^WX_ma)K!vL6}myOAr=bi@|%N7p|_vK)Lsu9jJ{4D
zQ(~cjQIJcFnjMrdCzPWo#``SNeI<lSBP7IR)nI^uj?MvdD!L3`g<y#2T0IJ1stsoI
z)+!r;SNK9k1i6T{Mlev5{0_&Q#UA;6uY4VSWL7A;iWN(vmdjiz$Rdb>ffyIh+Sb^h
znJ@TGvVH(j3=L|+m<Jn@klu=doJ)5GCj5+>V=2^!5ywCR17Z}CkH264p_QzMYTIfs
z%*9%wDK=P$cUn@~>S0){s7UE%`2MO{eggg%HlTw&LO2p>Od$c8lyNvdF8m}?lNg!w
zh4%<4<-|y2_6-iDG=1c)bTGKd%UN3H`E%Uw1lWl<xq8i*a8gejPxInzYu4KzV#ey$
zDiMsRwJ8~DmRuCXs@4rJuH4XhGGES@kWKOG9U|D4Oy2sp?oE-xf5f_T_sxb-c-BkQ
zo<V}209PI&($~S{8lv%K+A^~VJ0ea$>damld>4!MgtGYZK29RF2KM;Nil$Q22AS9O
zoCB96P92=aH|qi-ft3OVP_n^%LI66#B_&Tlj1&mL17}||r5;)(pdX;Q7{OFt&+PT|
z?;F4&1phQwHxt@|2OU0SFK@M;iEp!}WQ-QroI#4Z1nR{AJF)OmBO~{9`Nqk{yW%v;
z2K>7Jc*fO3f&SIl`R~0%GCY3+(%fpc;K8Ij_<X~`=T}~1{Gs$wFh&L+0fq)Z4p315
zI?#iiE^)Yo(za&E=?*}#Kvcu}4hB)`b4<ukn{&Geb?wc~6O^``bW6UhxcP-e(P49z
zASC#iRmJ!j@K|)OFOQbsCQEURszvRNZ=+%>y}*Wr*W*yi&GDOWzltwF!|j<4f-}qa
zt$(AHpy50@2-V!flZ)*n!9}0`lgU}S`;<nG*A?|6w*AfQdkW}$cKOY(<aBJ_;wp{O
zUDqd0=E{-hCcmMe7{#Z|RD3Is;oKe_p=V)NG)9XP@{c%J3bl;J$indB{!`(q_b<4C
znFuOlFt(zCw-$S`9op7&-^M3k8pN3vF?h|dyOcQ>pHAu2j9gQ`z6S-GCbm_`jTB8h
z(8wM5x9MXN;!LA=`qcey7~g;bERt7Okd@*J=B?y%KI3vA$(I#2cJ8OUS<MXQ#oAg(
zI)&5vP0djK%!m4agufX``eR`9rLh%3t+or@GDAnEUN0FK`&}?=C{1dB0><0qE^hLl
z)Ery1hiS)~tB`}KU8xB+SUvEBdD<lGxt#kGwtC6~D~WPsT%;t+5fQ2eKFyvNM*+J^
zJE&InpYJ@(IkfdUlc*BB^G8YqRTTT(chm1{L!PJ<=y2X^l8QO2@EpU?EOiuU-0Xy?
zozz*$h4eH=M{Q$sQ+U<#2GdVge(SXc@O{kgsZzTky4)E(h2h2%t{{XiA-{{G8j2)>
z2x+^-ze`$q^4=Y^i;F?53A%i;9$VQo_g$-)KJ1;5C?QR{$v}6f0!Iuqg?q@CFy4MP
zYJI40!+iJY(CjlWBxgF0F)kJ&h@t@Xe;ZT(6{b$V&Ad^E^GQi??;H}-C5%rKs4v)7
zx9>4cIr10ZT=^e<a$r;6fHc+H?r%#Q>2waVoK7>bJf`g%tQ!le1x7p<ow|loD8lWC
z$0}R&fGBxe3(5GW-MxDWrSv&!gyowTZ=kJp?~(-1wnHEzk;{Cpf_(NYlf|vS^c{$i
zc;<|`NX+4>IXxzb=dKwu2{0+QO(nf)FmS7l3KNi_U<ziJmcl&c)bkUKx{lf9=1HgT
zmSE_1@SwSg$K5A14rV|TCb>WN;k+4#GKmF>qMtAHZ#={zpfhantM~JgtHu5}PJR`I
zpIs0+H3pM-wnZ3My2!Bc@OmMl0Gb2!q-CLM>RpsSm<&Dt_?i<jKU~pxl?W{>=<pQD
z2V*Y&+TGv08PJA(<*r~Bk@gT2{ZPsG^zBoTM>**_PPhL1t4K3)tr^KcZ`ke37-L0n
z{e0wM=n^_oh+yNNEW!UQr*+NTKmK>*8-M>v3x9*Gu%I(VbYx1#l;}SE0wi<y|5%ou
zgQ3P7*Z#4_^TPk&9-Ibwd5)mC*fmC51eNdw6$Rx@Lc|GB0-FFwc8zBw-><kd@0V@^
z1KF{Uq1kVFECVGozk7*tx`~4%;n3n-ql+8>#=#oQ^!z?jc?S0&qdNKI`;ILcrVr3@
zc7^wW%>Yn(e{~3gU#fH|CGR!wTw|g||Jdn=t|3W2JV!d0h(IL0Q47yj!PtWG473zB
z#w+sXCPBXj+FDSu9A<V!mHzQ&6`S)3yAYJkVV24dOatWeAN`nK=yqaiV86NhHWFDQ
zicD6~=xDrrultW(i$WbWir_KUHG;KHKveU9nSjzWnBTzyf6v@2sQZ+aF4lT^$@)<<
zn|{p&CT*&2f0McY@E88VHTM5m3a|u_>TyEj=D+gGzc-LZ#6*|>kmGsrYBwPq`EZW^
ze@9*iCs`cFi5h;Mw|pgrm?X|2aghpxSFMPE<d^)GJDYHG0473>WZX@Pm^gql-^`%F
zAZ=|f>3iY|2!ftu{!5U6NtGqbWsI9i4cUfj_ieyG!PEG{8gVW4e@z=5q|Gc!a7oI;
zW|5y6;>?x;F%&SM0{Eq5sX)RC`Den-JT+AXwqcNk0SP%y5t4AH@B)G>_ly%!CD}>v
zM~Z8$uJG79r%0g(IiRfGAfnE8L|~H?v_n$}N<vP6!)kre4yV0P{e?ArC|Bn$8B}r$
zy$CsRB%uiG^GojAFkmJrahaR!j$Mp`4O(zPjqurr@k9(`^)7vz3;qdhM&+|MAA7r$
z$&~$sE<VJzx4#@8;A&RicTHFB!un^F%*693m9Ga~PXoKOhST_bSLe22fw25T4*CzG
zD{{mIvkUq-!NV(PxqG1#=db0du?GrD_dkV=u+#HBNc>w)hr}HAQg1i%H6Ms&TwY<)
z4aG^}wD;tT@6G?K3h{sSb>yCdS$YL#Up+LHIRfb+Qbg5+`)~3X+w)a;j#yu%^}rlb
zYs>K>*wXUFioMzYjUI@S$Xqvd6NQ|^zJ~tN7rE@#0Hs$}D6KgHNEGlF&@TA~z3LrA
z;u8t%31ANbs6-?MZyF#`kcBoF2Vv&&s`X?L{VGQ(C*y{ZAhL#&N)ZXDq%WZVcm^GX
z_XAhPp!N|($$#s>!GwK2!V}yvPhzMcN<rRmOF`t#>}{O=X0Bru1%-+$$@T^qotQ#s
z@$o7T3#YIt^Mi1$k_L2}sp#m=U^ozZ_P^nVRSBRwF!z#Np%yYH8-oHHQez1|7sN@n
zT!DE%q+eU6E%c^VLPZppQjV-Xwriu*B%b}lHze4gdCnhk!60?56I$ONF;itbdb^v0
zUOJfv^>Ql3BRz>6YyEY5qbZY6(szhP9tRixOw4zmk->~W?qHQzhD^2z#7Pa*QsR*>
z{7~*K;020s{C{uPnf~O+-%{uASCg5c0l3ev{`lCkN5@q0PoCrdQ3Czv*O7J%G#f50
zYu@(boM1&GUMdY3yYXjY`Pp57*b*CktuL24iN{U@RB=2WRe^R7NIlg;$AJ2Vy#bVl
z05qdm?imvmHWq-2274m`ny9eg&}=|bE8!B|B4)}W;twEEu41~4Q=udG126$#&9k8L
zSDTpvcIafy^islZh>hxVD;tG1Pf`^X6SW$Dt&f7pbhhTtt2Oz0oEm%yXnbxo>@*4L
z-1Tp0h1TPqZCM=~r?s>~zZVdX3w;^haGk1{B2{?8gHkkqxAd^HS8_r78L7vruTBu}
zt_LiP%)m(no#1-s`A~Nn5tbMUf$0)rwV;1~{zVgR?j7}Hd3kw>=^>+*x!g!Q^KUyi
zgMWv*s}L3Gb`QO&fjBKufFMBg(?M@M<+Lt;B+0v#?n0ktq(TbZ1z6nYaC6vG2Mdtk
zlh;jvI{V)@!T7njrLUM<M_rr3TlICDt)0dAD?tJ_t)bQF>N!S@64ESYQ@VYt(hE_k
zuYY8u)dr$Ot!p4@G@2DpLD9hKilvt*l)zt~39?t5^vI#>AQ*?126QPD9)Qe8r&*(%
ztIPPGa^)SGFK%mhfpY^&T0}H2L_<PDRiyp0qI?Jf;jjX1%@WKxY@sl$3y2IYxFab%
zpkn|$d+;ALw8DVmkO}b);C@J&HTbHh_50uNnfijR<xA)?^uNBj2_5fK7$8ZMeC}ve
z`+U<6@T*`_L8J}Iu+>Uh36(?8cqJRrP8UPU6BR!IC9LRV6}etu!n_0E41^i}hFK%f
z_Q2h6Vhn<N3d&Jc0C@pSSBiuiPjXF5<8T40LUJc`%|;<`0P8vT6V4D>E^_?q1XOTX
zIB3w#fuRUMyy8%D6&XJRLk|;`U*TjRLb|LR6gf6}GbEG6%m|wS2Ijf;o%dXe-|hs+
z3ZTCf`((V%tm(?`Zhf>GbWvcy$Q8^q%*I0p1g{jECRmLhlc*FX8lh`U+GP|&^#PDC
zq)PyXF~dA~owarI;J@&jx-3qniDj7-d|dFIUe5e0Xofw8E~eGb|5tp%?>T5dusvci
zMH0pY_~enC9^qj?r%(-wwScw(&2nuDwWsjol$6l-V5SF@55vW0b6YWR0x_9Iz!O!2
zXf)Ka-@$N0Ytn$C+!$OW=-3$oU7JA?(5L~L5{kXBNGhOL4Hp6iNRjHQqtJAPfeCna
zB%1_G!%TzLHxlm*9u4rb9d+<Tlw7*m{+AbA^*}xfy9<fxDFBEM!Er$s2sX9F58ny@
zkZ#i9XH^NTE5MHJ!9>IP0oIwZe02c-_BzQ`LN@@gGxwll1??(m*>xxLXO&@`sM-mu
zfO0htV5VT;6<`%1=77|J)(Dpf`~n#KUx2+(P*ilYQt^5S9CR?B1`UiwK;8koI<Vqx
zFmS$@$?mEPIdg)^AMY<?LJp*Z1a&`zkt31-jk%&GrxH!22g#er5D68P8WLa)GV)05
zp$A-o&^sQ0bnr6*24Vcbh6Y*D8Om990%m4r7+X}Kd?ly81v9>CRDfIEDE_C|p+;gz
zk%f!g%cK_0{O13+7)LdyadE8nR+s?-iZ@6}dtj{4{qo5Zxof)Fjc|2}*F-o$s^gc<
zi1--%7LaGZ56c1|Hbh9sL*R96C{-SVj?LGT)l!(XHTnFET}WsL+FKA>T!2a+bU78R
zuAreIF;8$=fh74wCMFivZ79>80dAT>$O`*96s_@baiPh42Qa_DUK`j5w9GL2ft(eF
zPEHLVCLmq8`Q+zbx&QeZfDPqnf>kvEa|wl^z#s2PJ+D6n_@Crv-EfVwWj?ftN8yt|
zY0offfe6W1#loV1*~72(h=l107z+qi!|-Rp2y_8n9hwy9^vI$-w2*%fdp*GAh0dNe
zU|kXd%#mXz2XX+3dkapkVgLIBfMF;}CKYSK5dh4oTiSOJrvq5ZG6FBynbcn=LqfS2
z6rJ9a1_55toM9c#jm8U(Z$RJhTeAHSgaQH34%-uuu?1N<^lsBmOqQU@4CD_t!LmeK
zbqW*$Fa%JThPAHT^|^mBK<|$jn}UuEz_lSYplrKfzy8+U;Ex7$kbo)wgG2c>0dI98
z1QXD-7t48ZUqN2EK8yS`OE&3N0elcRpfVm?Ovwn9KZ1gSZ^A-D=gh!9z&On_&^a)Q
zFCQj#h1KPUGmY4Rpd~*Ofcc;W4L#u=U~pn)?S?7g&UEoz_(5!>?XVQAV4&<4*<uBe
zlo-%F8&t!60GAQS4VPQB;ajj2z_Uj70&Lsj2^^K)<d$t)=&1u>3$7YFTHsYRIi|eF
z#zX~Q2|FKoc+^zAwq$B29tEsNySA*XtQW*bhcJBzgxZvqdV&BpgDZ}oO2jG(quC@_
zg7e^&PiVuTqq_%9bKF1hX$Iv+-abeUNSF1`lt>Z^<zoY~bR_%<cu^;z9ry|+tcn04
z2q}e(_rdkVM^X>pgNs0F4kHmrsluGh>|?6@mT7<*fe`=`peuoL7x*J+>sbR#2>by-
z-aqdu9K_bd`CpD@gvt$aLVw?fKXj0yd4mY?*^^NZ>V^VrtAG!RP5=*wgXOk7fcn^Z
zdN1*YetUa6%$0wFwfufK)2hr`VB(64hnENU#Re`GtZOBBI=!Iq@NlH=H?WXri5)?;
z7edHgz~mu88emBVOLdTD1NH=-sF?Lt4QUM^iM*lxFW;y0*n9{u8ZZo@qp79U3!O%Y
zx=lfk)ew}?u=$@MuU9V;l4v#G9s_565s<wL*d$!##-D@m#DdWI{Li*K;N$ooFC@e1
zVdqrA06FI-6rRrL*w|M^Fct<}gB;UHg$;l?9;JvrF@ino1R%yf3@W+62j#-W$G@(Z
zt8{sBuKr=R7LozLl?ZqMjSh0c{}4?5Sh1esFeuKW0gh>au-)ZHt}<SoB;dK+0@^`J
zPnZsD2L#USJOed0{S2WkAU6Xk8<6%uDp(kf$^dOzWKUlS?GJ3Q!%%(~EGM8jAHWX7
zd@C8RQIcLKV6y;w7B1T|2oMB(mF#POqt@oRdrkLceH;JyLCRd0eIpG-oBl^1>Ieaf
zPx^&py9mt=X(73%4tnB{aseRf=clJnr|*#{;cLTbkv;zX0#5cbbsn5ACUHZkF>=p9
z7QGp)4e0l7K@<UCC)#yTMFmI}KxJDA2|xoI`u^E~x8O6WI|8@j#QYY#7!tDnOMgUC
zTOv0|Yq71p9W0_0M0yZz%<sU-JUMoE=|)4A7~o=6!90!wt*oC9<WXR3IqbZ6!7M!h
zl3%cNeQ<r9={|s`c!pHvg^sf}@ECF4#;+sp83z;n5t^Xj=T^a@LU@nl^@cMIo@n{b
z4H&zCh~VB^qnAxnFq#4hBt!?n66@j+h*em$f%lAxgaC;&6_{@tU`hu}1L6?~w$wmY
z?&6wL0UaL<T(WVvV?u)E;M9>(({SN8u#1rWMO7-1Q+Vkm0RuUd?_VbjMOniMIN#~v
zub?n90n6aT$p-D)RG}2r-UysQkiaDqN*!KDC5Z+4NqDvO;Jh-((&YeL)W0&y_3M5(
zpy5TD;q>{JxQ|zzE2ptuA0?VPma{&V+zeQvMS8xE*c`0uaEPGTu=iHZV-y=&{9Kk6
z7DzpHc+t~q`@$^)TLe<TDJB}oS^zwCm!zViB2KAE4z4#oAB0XxaPi?-|77<8EHTUj
zY{ND{wopJyr@{h;65`N&pxu870Hc@Co>zL+1N72xX92tlCFbPt`76;#wP!#e)FX_9
z06|>Fk7*(7HyBG7K8R-tdkDOiL~Cae>SaL;OcbWmUTbgRJVP#mgEjkPAX^@C=r~4M
z0(MkTK6U~8AEb-YpwJ5*Qa)6*(+)UVk>FiG8$g(eiGeW~egJ`F_ael%@S*T5Q)mr?
zdSPGJiZ%f8iIiI3Um0G4C<IIzyDel6Z5e<?BB_U307O*qSwPT<5gHHZr2rosaun-?
z9z29{;k2zvB>+Q$Qp>0sYIF`>Pe}@n*<b0h?PozR`#6&{e*Dw6MUI@92I(_(j~yWJ
zI=B{!R%ZY~52telDmbxOTj}~(TuIpw@PSMG`Q>@Jf@1ksGc}`<<j=NYc-??W;sK`&
z;}DlfNJA}haufhhk9uCM-~|x(5!S9{he_Cuy`%pL)2P~bB1vG;{MX)of-q2lUJg0Q
z0CamWWSrpvDhBYT(8)IsFCfz94#THT<a;Q=a?2MSI>2y3X5h|z5ET(|1=JHTbuq`l
zg0xwmw@S)kZ_GaghK3s|Gk{xv0}`vt5S&;ak-dNq{irLk0K5m7KGG(*L&OshUV(oA
zkFF>Ki1kX?ItU{q!Lx`c*}=6Gr$?9YC)tMc2uQQH_sSXCoqj-E2-F<QaQkiTAl`(5
zFs6ZRQW73u-vCYUIu!yD@Ssq=qTv|CLxNKNWL=)wur#v!<rKj4^-8dT!U;D}Bzhfc
z^OvB)(cI1aOQ{f|tlzl0Ncx{ZY3J4DM=wA9Ux*+BvUE^J@>zj063LdfjXINv$R2>&
zkfSHCI6);<DSQDXV64F40yq3AL?gD$FAXS}w8YdfaNszx>w}*J1!_-NKqT)apkKxz
z9)AsJTfjg@)7)5v<$@~&49WKZ7#pvW&1?%x0y!KI$$P*^_s}q8ws2h_dM^O_Qb?0?
z34XvX02o~ufJG@ODX_pRJ<lb0b20E4WuzePJmE3*@bG}uhTnM#)e0odY789ocLpUx
zaP0M9G}H?^dPo&>!1Z?ldKhxO2?(i3cb$wCNw<$A1CR>Q5DFPpJ9r*#&4S~AYR6K;
z#aaW<W|f*=Wfg*m8BlaO;BvuXJzpQsnXd)`OZb3DW=)tpX)Hk!yp@|?LcsYLb_S}K
zvAF3#kaB?$bE^iak_nSZT-3?nULlbG3>VY3&UJ-E1Yq<8UtMt6w*yJKs`&4JKzJ%w
zfdU8c?eh6{B^)UlLxyu*o>-VF`F6fq1^5kcqb%q))ER(SlS_Bv`Ue;>QHV!7LVSPx
z{}Kv3{+a32r8p_vVF>DR;M9@PUMN1bg^9%#-POMmClFm<Ld=bg?#Z^7q$VIzQwiw{
zTqj>}=HT<MLoWpahm(Up-jF-mhBtyA?S91@g@C1m(!&?fuZ8sosnu##ZJ#qJvcJCZ
z_!VHBVfEsu1X(yZIIdq`N1{0a4+iTEaT=V+&)@^#hCBlQz6^c^X%g+B771W0^~PvW
z^qOx5YqEFi2aIo-19Hm@5RL%!9C&l*8k^0xw2$Bkk32w0BfV_|q7G#C23HM&%(3S@
z`%k_uFWc5Lxx=?WEpZ7BF4$hN(E?4%b>MH=gPe(sPGJy?E?g_hYj@WnqByzr2t@v}
zvP=P8?y}GwGG>5`hq1xf7k{b+8xhk0;Ub7&@brOhFP26j&BNtCFj27z1)md8M+g5D
z<6+SVu~+mv$mo(`-ympL`T{cz;Ln*CArwXi=XLmzUtNCyPxiS!RTE@*99|Jpg8>*P
zU<op$JQGcjGkADW$#mDZWz7H2dHvOFgn&I+JhfT+V{3bRA|=49oxz<-d<<+yS9l3=
z1%wEOHu^#g4F-d$1lOSuq6&kJiX7T$N;7++q~XtyBa29c8vyGdq=w}f97Bn~kA}#;
zGYj}aiuLk<++N$;%F4>a1Bt_f$tDpPb1ka{zz`-3>M(1lTEq9sVI-#nCJ-UXNtl=#
z(<i3@xeJ+^t?>sdoYioDXikC?%ny_!rs;^L4weQ;D;p=YmX{NIFu@l=SiA_C!r0pf
z&p~@;a<bO#F|hYrhtEJP3FT<gE9BBlFKn}raf{tBK-gTtD1z6SO{jTK*AR~L)kS>_
zhD~7$^9P%>EkcIiDw48{%t~4+k?2$*OQUcep?3Ptu)+eaFEVAC&Knh{XLSr0ditV-
zSQEPsvJ61<##Jh*%V_);ENH^lW$BVMD_H;Eiu)*V6R~p-uX#2rvlQbp&{(>DV0EIV
zrG4Dju;=|i&PEU=4m;jiUiH=+r0(Q96A$7?2-;LkiJ06eH53{&mm>>57J9ouf?`_!
z8UzVBTsx>#Rhe<xIojHCxvdjRLrcgP_)g#%mCgbBU}%eIOw{F`XK#teks^yt$bGK0
z)rp9TOxI7YYp3FS6kv`umy1Wisy(AW`;y;Y3!6ABBt$Pk%O&1MF3N)a$_O!5E6e1{
zVPkY!{D9Pdr-<nKfJ_eiYkj=Z|5M>qL*{<@TE8_HK|6H*k<_fvEgIqIJB9a>H5hS}
z;0B26M?^+OhKFZs)-y>-8LJvpEninr<rKSBLQ0W8NJUDDR&dMSRtq~Lmf2WUsyNtC
zV^%ptJXYQe@Y@gDM-W(6`l^Ld?o<gB^z^=P9KcdsKz;LPjdPv~B@N(rme+e{-F5b|
zn;0@AP;HrBnRhM?2@bn(>w##Sfomf=s+(;w>)jYI5DEN|5pw)VN#R1%dPT&{ovkRn
zx~v83O`=MJQO}KY!`+!^9xCMFKBJPXjc4`J%T;)0`!DtNuxqkkAiZw2r~g5&a{T`h
zYAAtfYKdYfa>&0t+MRR3MczAUSM(K-=qv$CK{|WR_ItQp3OZA?7Kl(Gc>I@2CaRJF
zLVDhCOxtyH#;AhPyU@8X;MTyF=H}nyftpQ(Fe*TpogpuWbPs7X!Ak+#zX;fOC^#iF
zLEJN^QB3286F2Q@hVFVRzc#QhqL>Pe>l-(DfZR(&j;0}&N0>?~x<F$%hJCUR73t4-
z-Gma_9%8(5@p>WhJ&wqt-oHX_@8QAp7f6k??vEMv8M6Fe4ynxYzjd{Sf^d5?ed*OB
zoL=_STyZQ^uVb~P8%GMtzZytE5m~v+g*t<7kmOGtNkQH1hqfbnc*%tdIFJNI8CsI;
zRB(!k8LEoH!;xrysTCMv-b-I$(nubl<&Up}CyOM2FeVusI1HTjrrpq_Q7(U;hC*VN
z#I>&ws=p5rrMe`;U^wc|y$uld%udz}JZjX`a@AGlx6nhNW9Z6pJTu^A9eZFIaDYfq
zrO`DkHbW_hMjbEv)DmAN=WMq;cuSHZx3jq2FT1v#D@Wpg4szLJnI;<Ta-pl=mHyAQ
zC168Hub$eOj1=pd5&!Jzfa2FKfn})Ir&B$gJI_!My(ouHS%V1mf@-2$#=2Zt{EAu+
zUEzQlUVUwT21NyJDtL2Tkr|Q`rlo$$E59|b>_eexd6csyoGw=*k1Eh%Krf*--U;Gp
zzzZKAAM1UF!nxHOycX9?cCU>60j@xpzR`aYV1=O?Sxh^Ik{gaGuu*!5j1}+ykw_O3
zv6WA21xjezqTe#S0u~XqwqenREBaSRF%c#hcN0tIvj?wGHY(7J23dKr|JNO1$LdMf
zv1PW@8~)(<*B+UW%`vofNJsl`3CP4on=)1t#bpUOZ^zB4HD$yNpL7nNW{F%rbUC>^
z-DP8A(LPegy-+<tphw6s*lxyG4YllK6=3z3`dq|ECB3P+v8x`SB)vF4RWN&N&y$2C
zf#b|$>vxKjZ<YV!6I0WRqIsUIXvALJY;Zqis!ljt*Y5_ktl}x?dgl_lVWIzssFayW
zSh<2&c1}t}3JFVWdq5>OU1XD6j>)GPi7TJ0ljF+7edqNT!ty~pI+}}#9240T(AW;D
z;zaVp0vz#gr)&`eskz)@`7bZfZ+`f$t}#)SA20o{wem>tAiJEA_tDbwF|hJ+@bEFV
z^^wZzJn~q|O8${H9p_I(&qzz|&(9+hw8Q**thfVxkdWbn_r8PS{G4U3#qlLtErU#?
z+3UIWXDgB3ME<fTdXv63oTYK@jd5#nx$}%lGCm&sd<-=7@1-OCJ4exUR>Zx%8(%eA
zepAFA$cal>wDqE*y=3CJNVr|JSDeRJur+;X8xiM5V;3lW(bR%fLAasXCYw7ke8Ls$
z7_plaH^<N_9UbBA@oV^ED^PWrl~CK*p|=I=sHH&lq@^YWi%{yBbCR0Op5fLnlK40Z
zJ$;s|CK`iG-z-~#4H?dyr7jpf$4i(Zg%0GSc?jn=UK1uW3@;?h#GxsKOX)es5;El?
zXex_6=Hy6Q2h0e%=_&M{k&|{5d&=PIm$7O*93-4)Wsr*W`c3T^8g9~GBg_@|aWaan
zCX>snPc=q5mTyb}N56cSir#lqKD|S-f6|+XmY&r4Qbu2SHiA}fN34tM17$v6cg-nb
z#dMC|O2nV}+7ADIwi<ug0|wsCxai36$cS*4*e8tAUR22e$qBx$vfo*Mxg5<^Q`u#j
z9KJtna2vF+R#WIkh_cNMoo$ahDkRJV|4gy9oeY;JCp`@p-^3hnDU06B{ET|zeDW&6
z%US<r=O$s{`Hc=0$>H(g*dhiS>GE<XS+7MMgWh^BYkJaN;^y;pjV(j9uf%JJ&RI8^
zL&kQC@SM1as7K$sxg0}_Z5>hKMtv+8Jgr50eNvcx!ZFaO+wr&ecF34ICoiM%Tn2L#
zi-mdVb<`ehc*`)n_HA_OKMkq{yRkK#>2yBV6?=`Z%c;$?iTtqFsqOrV(mdUM&62UB
zY9ccZ0DW%O%@D->t0`#WJpa6NMU%Gv`q}}a2l|-G%`SYTjMTJ@)YOc$G>nuajQyO(
zSk!}ub9t=uo2u=y;X8C<ZDO2sadRz<(mp=TZn6?AJMu@;^pQ%cs+IH4Z@rkyotMH=
zTaP{VsP31lV(_XSBg~sW@;K-?vHkUWi<Ht|w!LNTCzgQV!NqxsVH}anI-12shqB~^
zHQSn^q!$}%MU|S2g)6$bj2<DwlnvUgu-%9#Pp3-;YrO_a286S{KM^Uh8^6JyOjaJ5
zLmY)97vlw@$%f~$qC3n9&U}pR%Bo5st*t7$aWUIT8>&0f9oI5@RGkH#4>t#QmgSSe
z4$Z5U(ywha^gq`+o`Jvb&C2$>x<1<$Bj|HhzE11AG<3Xt$zZ=^tSp^*If!7p!5q=V
zLV)9SG{eKFl_R~8W7D{zp_Wa`$9Fssg}dVIA-j>VB(Ou=(&`hA8@EL_+S;ZX657!r
z<@9no%6D0u`O%2fm3T68`a-9b`G~W5uFt4Tq?DT3;k)NzH~UVAY7z2&WZwLIq4y)v
z`yXk!9w|aF=N;jxFgr4zZmGI7Z|+)^r-sg85%VQ)+0RuBvu52{Fw=`}Sc*rKXWhgq
zd^R!`ch`WSZRpn2FoC8q{tI3qu`|8B`R#D?Olh+%Y0i6&ds0gV1~tzvSie_f4oiHv
zva}cDB)x+l-WMWO<VMJ-BpV(Z8D%~#fmNGnY28o#EBLgvTR5+^?R+iAznAu0fG5<$
zOQk>OaI%DIc0@3#>ul?5PQ#^u=xUSnVzNuhiXTJ2O8<6}3;Lon*GXW@K}vYzR7}(`
z8oE%wAWNi$MfR?%tjz3AF*9>y2SY!;yYTBv1SuY)E@i<jg>{@U{=a6{fuHW(2|A`n
zpZ7%(X@xAo<nq5JTwRh=@-=?0mmmJ-^89q`lG0DjTH8COqx@Ulv*K+0`=?Lk%a%rF
zn(B{E69_GHEiHcR$V7(k*15KY-Z(H<@-a3zQ><Pe+;*szE|Sf>T^{CqILA=&=aA0D
z^A@gD7+&V5H{<cDstA>^uvR66On9WnZ%@1H5;79qyAe5aBYC-VmU(j<zrI{D&0U;t
zrKIS}5L&j(Z>Vm05|JJVNL=URm~>fg=j1pePS(p&i;arespAP{PpZ)KnUn5tIh@;6
z_L9*v*zoLD<72g84JKaL#=FO$!hCsAAHUqmq|>7)L&Z3MG?x@-F+jpdJ3B~48z@02
zsj;alx3w&v&vVi`>pfY2I+)YxPe#k!C3q;cr~4+v%fSFUwm5b=tRf*(G2O7gE7?VD
z_It)XL`@wfDLn%zz5JKmXSaJ>QoMbn9H-;jx3LBjDh`|T@|vaV24uq{eTf#tnW8LP
zb1f{x@8Exxjf@VDi-<gow(C7F4iDclGi35R;yTD#8jonqVP%n$xXvN8F0V9x?mZjt
z=_+leWw{|69or<;Ivp2TOWDpO6YZ`NpL0m3tSrcvSxmy-o)IVfM9L-)&MM)HYaGp~
z7MXHw(}Z#1HQt*h1FZc95zOnYfodcyGPoZxlZlAAmMtw?a`P0AJPPF<YGk<FR*uDX
z<rU{s5%>t<knF?g1e<r$!I{MJWz@R;Gt+Taol<||r{WMM8uY3&%@{?l)=^UX<I$|n
zy&|d~Qh6CnQyOC_?U&|1OEN9;dCWvK2y15KG4>x*5?hB$^ZN)A5#~xOGRmJRGOC2i
zMjy2P6269gnzwA&?>pN|w1{?7PpNo`BZ!G7h$1wYwnLcFf`v+K5nu6=h*I}>%j9?c
zz?OH@AS^xQTZVS8Lb`c8%0q&kJXYzBAi`WmCrN?t&YAbgc9{~1<LViyDQRggnSykT
z4V>2NFHZ$H&^J>WEA;RYHn%KDYJtV|ohsp_&ScAkb6hi{bZz;)-we}n4gRt+-*;)o
zSPPBPmws5>s`1brCw<rIH0ci<R{i+*CjY}0B0+I~n=oMXk>Is|vp4_2wf?K2Xw>w)
zq*NPO{`fyvNF?vLwN1L_vT+wfq`!y4L6dQ-ac*~pn0DDahgtAYVSYY%e*Ur?4Aoxe
zZeR3LMcb`WmvQoafzWR}6XRjeSrmfDpULjj&CRd)&Lk*h+3=qpDaWPM9BpwKi1Qb`
zU-5;rbCH)aj^&)mFQ1kdbQG?7cpQHCbyp$ks}W|5OdsZnUdrx^7M2%2{m<8OEyvZo
zrJQ6Ab2q|5R9Uhl(DmZxHm9DuUt0K(G18F--^nbWm*!(-l!=V?rDE`9RE}@rD##>~
z-mCkhxRT>}w9Ig2ex8-FO|{kY77B6r@A%H;_+`WTLk`{%XAQSu5?B78x8<+Uz!%8K
zg%2<I#4CC)pNE+XGVt2xkL^0gV#T9rw+7d2g%JixZz_4F4`H2PV_sWj5WR-YFwZE3
z8yC@J{Tm@09UQ8YuSnhdzFihK#-ECMx3RKQY%q_3hCIZFdw)4{J3V)B0W~o4Ga~~j
z`L@8pbRHJckx$D+dU?pMo3O1~FisL)C5)<}^t_x!!@S1F7fVe-LmNytpMC0i_JJsH
zADy$$@{Ns`SUn3z^>}Xq-C?}=Q&c<SBY|WxitrW&Dg64)<H)@09S#*+<`zmymge|7
z(#8bRUd+4rrL3=B&4d?w_kCKkwV^rt)ycJpw$HWn`1Jr=I&ac*MOH3lLiW6Vx;#8`
zNP6A**G<U$JjtXZm;5Y4voS0*Y%V-P(f;hPe^0e0K6GZg71ozSC}m}_t+bM`6jeNU
zNN-0V_-7}C*@n-P$Ag%blFY>v?W&|(!gkZo_r+oIhZec?7OBL~F7?DL=)Jn*$4?XV
z44C8QNy*8n8K@V1Lhe4#x~9Qc);yAZbVRFmpyo}sc8tkRNVe3zxZz?lvqQCMeuy60
zzbgS<!}pxVe1Jv9znA_mwgwDM7WKOtfXn^^<p2i!zq9^d7Rf!!ch3aA3)u@M9d~UP
zD}N<5QhwjlZ$RVpp}R-i+<0E-WSrI5iT~XE`TV?&Y-9r!qyM+h`P-K=(GBEX@5XoA
z+GmcA9>mT4U>Ry#x@&xvft9%_H60yC=xTWJ-1sb}qke3D4vpFGcL`7xjXY)ImATkK
zBgD%>SyIHyx;$@G#QEZ%u8P4s^0cGlmor-w=G<B=>Q*;CPnD(&`EtnscKL71&`V2-
zODsOhBr2Z;`LmB<nG^<cj5Abn8Hw!ysthJwhlb>g{-d*rPHeY_+OT$QixPE()<-Iq
z-pu#ycW^{7xUb&Z_yYRm9!U~)J8MRh{(D0^4T9<-tpgQUdQ=?sJ_4D9<he?cjLQ{R
z-FVL1OLJ1jw&sS^A1_ZkNlP!+-kWhoQt^A(Ap$B6qGc4LDQrfLvQJhO<Fr<G-ixvF
z;h>`L25J^^nQtwGZ4?-6>BS$LbzSoJDf)AZI-7k~;!YYV(QPI`<@LcPt~1`z!+7zo
z)uXlsac}2QB~9D43L0X&1PNj%bqqaSeW3@-1+hf77dK;NGpBQlrsi){o;Y(`^f!tp
z<SSd0OYI;OG!oP)8N-3M^`Xl`j${&%TxiI>P486?)T``n>rFiBavah37~_N(YizBu
zbyU3&j}H{^zf2+m;;PP`F11__%H&%_X?Y@}g@O@Z8+QIxl`_V@VRf?3hGk=TP5kz5
zdQqEaY(vI8Z+}98ce65s;ytA^)_%zVN9)}zrz{;4h(C}s#UG@Rkk!8@Obqfk_!|-$
z|1tz-4v?r{cts_XY&=`QDA4~GCWo;0?dHi=WR?@Rd49DZ-~2j0e=Oxe<|4c3=ioHy
z>)y6B&-nH#KHbN|nf2i@mCLisgZn4DjUktr)hoZd>&ISg)JQ!!-)0!T8Exd^G&{Sd
zsWY8kwP4lYIT6PDQ*i!r{;=gz;->X!Nnq*0f#KdIzES<t9eBsLzkpjd>yNnqX}}}N
zj;E40HUlo#rIS_PNlG~lUao%n?XP`i>UaC_++X#H?4a-LWmf$mO8IKd!Pi~s{`$>t
zr_+g(Y`5If#j5AWW53K#d-FGmQoYv}1a==l6;TdK=CbO_s|65YDhZlJzK@UB6<03G
zs%-eR{_&&l0I?EP{KQ$-w#Na~NgjW%x)J4DElPx0{!3EkI7;sUp?mtL&-3ds^%R^j
zKdbzWn{xuM4N3G*kGOlC)#USY<kK-$+xaJlOic7oO+HutnSy9}@glC}^X?>Xm5`K-
z%f?1|;ilM+r+ON@&ZV{O1+n92Z6hO-=CpBD85Q+EeqTMm>my@%c&y%Kx_`go(^PM(
zNzZ|<1ZSnw$Ra8I5}R9ks)%jdSMG`aTN+YRk7qYty%2TH$`WPX-dmRraayMPRCzkL
z=Nw^Uy?Kr9wMXGZ;$G<dTvuv(qOkA1>3};}Mp{!N=I%T3`(ZP(_G{ZFnnFhX<3H^-
zVw=`Jv~#4>d|ps`ojM`er$bNXZ|k%3LvZ5OzES26=V^jx?VOL|e)xGcrUlb`q<_l0
zObfRBl*N$cTB~VnQRMl+n_pA;#XM;P6;;+CH($=T^cYr>5AAI9^dDAs3GhCBOslLo
zjT|AKAk>*WUU+{s>v=}jfcf`!^EDxxKi!!rK6R(L`Jwa4`*FX7t$G5@aqjz$*|-|k
z)t~1+slRCzttl?*d%Dex=kA(TQ++u3<TmNol!moZ!Pf-t8DBn*=8p#7-AK#u^0FRE
zMx!W{6EJg}OX5|f*pQXwVJ>Z{`}V~8t<8JuN9h^qUb&Z%8N3{C*FQ<QeSas6C*-2~
z?$?;z_x8+P5|yViV%O%+mj9T#-%pu-_H)rO%01@C!2;rUC95cd^6u2)CRO#pR?_cv
z9Gs$4{%^}t!k>53*$mLnv)#fZzv<ZBl#CFh`M9sS_v_I`AD_#MQ@$UPj%yL>6P00a
z#m6m8jEa6l*g7=Fu5;UYp5ODIw)av9`>ft_lm7KbN&oSaJg3K!H_SWJ&?<-V3X6P3
zZDunI=f4Y`z!y9!%h{w!{{BSoXX7YVD)VjkblUgUvTp}i^2A+qE;_Y4zV!ZT8o&C$
z-$TXg;&)PIee%W=N!FbH4_ZSmLXj#@WH7^Sxx7$ykP_vbze0ENw$nk}?oYsiUFC4)
zlFgzJCw2G+UUl5h#2c3`d+y=X6As<0COx+~^E0U$=8qbWdaH-4T~l8Qd5kvUMEnq9
zOhKWiSf_jGl-MY;EO4{nyevQP+JVmavq-xx2PHN(>dJk#JDBgjS=_45$UwBWvp*8%
z{KEfh!rt9tsqIUsqqvM9@AIvnip8~UzrShS@)ERDy>;03g*G~BvySOWXK0>Qvpj8F
zb?WO$hm-FN*Mv9=(=$_d7UJ6?9u}6-)G(PFHP8O&>QF749(~j<L2>l{&X*!bSy8{+
zcl$9S=&c==E4kcy3(<BD{KP#U{B$;LHUG*PUO%^cJZ_yk`M`cSqL{KKz3|1_Pmh|i
zUvwtoRbf3rZG4z_x9_xAP@)-JWqXp47N6eT^5&pEWHg4#u#M*L>zBG=#~u9Eq#*{r
zt5;**gq_g(2bwi9Zl8{fy+{hv^!rrk2QkrUuyPI&WkZJJVSLiaa~17((oc@B)fY|O
z{<L)d@ypn{_?J_VmSMeHKVaK=e&fs6Nk@nCic%VFlS{|A6~eJUyT<d(jQbfAPD8an
z^Ip{ty8NvCqe42y*ig7qrJWV?;M`z0hyNqv>EH~;w;~4z5x+m)(l&J?ULxW#MNb^0
zTy{?tDWxW@m}Xm;@zVOnC#_c7InxMz3m3MYdw;VP^7M^bc`Zvrb!gl}On7s7%&FV!
z%?Qosy#+o}ySe(Wm3Fy5Mq)mO@&!#)zEv5ase3==u+ZgIv^Jtji|_MscP~!$t(}bY
z=Y!7C{_4yl+hO9%^)JPv>GUxi>{7q{hUgjhy>i=Zhv+FbF3cK-zQ}Iu8V1jfp7Pqu
zO1@p#YfYZeuK#kEf9`Ij{?A@@@6xf!2LGYWCd}Z+1g29Ge1GzYA2T>gtzVo3o34qH
z5`44asQ=~PW%*4-X3SbYCa0(C*j4N7f%KyEsQr2mebE?A#hcmIw{Go@9(BhlHb1rf
z{AY&xIXFk?KW*=4?q=EvC#2tXaTiT{W%#5qvExCk_lJd=L(J=TLcGM{S++7~C9hh3
zZQRJ)PP)o#!#+Y)z5MyWlEF@5`Gw#$nb)-!^Ul{yR|Su^t65FfgwKc79~<>fnD}l5
zB}+zofBjZW6FiruGhy(2{ms}HZO^jf_`{R_k{i~ZQ|gapsVbI397(fQq&B9QcWJ+k
zkGM|$Je1V&Eu76Bn}~TVX6^Pm6^D_~bVp%gP)C$@$FD)0x6sjE!hGt>!$PSkvl(xC
z4*5xI$2mz~oAdMGjpt)4+ZWl#PnOtyh3t>>VlXF9)t~=-luiB1zTQUqXZEGAc9`G5
zQ@_`ql51MyTlR<II@NT$UWelQ?N4n*9!)?AUux81Qu7bToy~@-?bdJms!u(NCe|s9
zw0$c6D0xje88x2<C(BNGO~P_FOnIBMbm2T%%$FH-=oRK|ubZ&+8}54WKwGEehV752
zx17>Howy_%B(9ZQ<i9O<&)9aFC+2re(Yn=v@#QhWLyS*FX|W|TX3lHWl4;sMPu$1E
z<3<?IOtM0vdu--!-lKiL9O8c4WL<2bC9o%cb)NX~?3Tyy;O`NJuZ0(g7+sm~R;|8n
zm|w>@-!1ggU*&L6Sez(*Zs|j-Gu?gk^_M^K-leSoLa%V|MZ$KuTblbNXT8ZEfv-*D
zquNCdW(Pu+S&oA1!GXII-*nyyJCeUR*rrgtPr1+0A?$M_l-INNcsco}*1PGa>UrA_
zR%3r`aqQ+y{a%vLK6RaJmzckKhw;N)0l{!eAmdfT?;dBbtY1`1PgtA@zvW<h@Pd0H
z;Z6I%%l_&Nr4Cv8%CB9~R(o5|4u24eQlo}RkluW5SQ|GjJ@xD?FGf}9&wUK8-H(oy
zj7JWgw9<>;={{FCB|TvzFx_`O?TV|WJM9Z-)3$l?RD%1W{vBzS-Q;CP-~8+7hocr2
zXJNjJQe!@1Xx%gpHziAEkKFjHs1J4PFUp^1{`45Ct#<kTF@@~YwO@Cvs3_mtjw_EF
zkK6QSIhpK{wuKMl|7>v+?A<U$GhFAnT55z}HmA|@=B}MUe0Ll9{O`mLFmDuSr8PtE
z-?TOI#0K6mwlf@sFH8$XzS^IYe0L^C6D+6-(^OQ<i)?bt{ra4qz$<9=@$Tw_-_>C~
z<$k49T>FxW2?{M@R6^|=Cuc1c!iA3($|Tk%w(dCHxjR_M`p(x=Mde+EOsUmqVDk-C
zx(5xon>A(*G7F})n`dd~A>2O_lB9xr$-|=N4>BK|hY0@(swnML6C*XQyZQXb((&uB
zdxcB1+~V!4!OA_tJKwFyJN#!g`fgS)f#5P3QDPspWFM`SV-LYwapMmMy6QteI{Tzp
zXAR7zh?h<*HxTPYdm^aYb<(EHE!CB?t$@8)zQ@RO>!N$yw<-I3JL|inme?Dr>970H
zNnN7dOuZ;=D0=(FC@({>2t=x8ld?nvg<e#ySULT;z<V8ge3N09EmLr)k9I<bwv>RP
zT>N*g1U+-8-%3;S4O0)2-ROKNw7#B7y3$yQPZ>7`T3!v$ww>bLwH7CNhW|_ySa=!T
z2U)~j<NcmU(Hqumo+YAD+Pc~#puQjv)1>gtY}g48&V90E@Nyw65{J!$&7}pWf9D+I
z8iDb+7e`8ZsX_fgvG9e`N}A=n{41=-K^13e+r4|kc$K)KODgWKsN&yB&xPM(33>4>
zdcQ+cZ?RA~u<dmBrZtv6Zp>Aivr3`9TR)B$b}VD7ELd-hjqfP0tomYXV?~ixws3!L
zZ|ARHc3((H)aLXpS$fF;mZPk<*Jkhe0yk=P`qd|53zkmiUn=EF9xXH}h%{{AQSxqZ
zi_Em_1u$DC#M2kDt~D6Yn^tW$7ryWl(OHZ<Z@WfF_C%c6N`@`#kqjCCgg5iWdw3#Q
zd-dKM-|1ZP9xTr`#0*Mpm|h%*ke^19+`_p1RY;Wn@SXUw@$=S?+dU{hrxTwD;FiYL
zd`c$}!Yw6~O#CWz*XCu}S)Ipe>K0$<X<5ZZxXmBtjyH<8j)c>;vOdoDuJ5hyclbuP
zeHTtRBF+4$syUXmH^?H=8+Ip5W2RxjifJJ|;nh<INy}D7=eL*5c)M1%Gshv%+b)`~
zcK9T1NIi9sn6>PFa@727Z{m)bgCxDxOv)=Er-_Eh><MLnnbhz<ol4F`q<6j=My=Hv
zcb7<Vw10O0?qE=VfB9MSXF<st-v04tqIE)=+>s_lOK(Cd_YLCxhzD?XDb592R-)1n
zTJv}+XX=|DTG~n*_8iPo`p~O0adJMfd-p$;Ay+HFvtfN4SDWIdHTBIj#4e=T*10J#
z=wp$OfsPF2eea{@55D5Gu`k*D$#3-%2qiDK)ml0(qM?PU(dvYJ&)6!LUVM03P&Bqf
z|7Wpm+VqXzr<A2TvbSA5rJ08-$QNekE@f#5lRccuut<Ts$^AB<Ad#<mN%S%@Cc7S|
z&({$`6aqPW54N4uhf!#ChOp%v{J#8flF0Cr#eDP9j&wqfDkmw|_DAbUbl>Ob-(>2f
ziF~T}W8<!-WxJ(e=D(d3(#7yS@sY9UVy6G5!Ly_GP+je7XnP#i&PSUfbFwhjHq`w`
zk3SOK-&?hy5lRn?@9F5~5^cCD;`m^Zv!$p^#%HeV*o^_}R3&AtwDv<SS}1GoQ76{Q
zH&aGxf(8pd2H}W)Z<fCJZdde?<gYsqnQ3xLNXkz-C44l#=`-`;l+K9y_bKUS?eUR*
zqrKZ?vxr@9!0gdm<@4e}kO8w=KbLa#cnXicv;>FR!%?Edq^@j+9_(Vx>>iTe6$%%L
zp(?(wrnRDaUlIxsKN**|if0mWiY0I-S07KR;*+;mpV3R=pik0Yp={9(U>0xIu+8rg
zEx6_&n4=a%!y$~`n?i?;Ffr`PQ>G(TGLj5GV`;pRQ)HLWV0_)DyG=ApBlOvmAMzR@
zIi1{rsv3GpLwBgJ9(O8UH)1heWZO+Ob9uoe#g47Bs)99ZhV=y(=ScGxduPoHrrU-k
zc0_uQjd^$DUvfnoW?4%zio_<<+;*q46Yv{kP-TmI*t{Nc=7z1bz$PkfoWMmm7B_z{
z(mJmDb#&suf3Kqrrk}>B7G1`e6c6#u6u1|S$h~XKLhNj$lTxD-DLP&?E<7Wrq@4J}
z!doDd)z1+caWa6p_@RHv{fjgMVFekg*Y6wV-f7vNh6l52r*Q3lhQv8xjy#jdXx-w}
zGYr=||CmlyOg2by$Lxx~Q5CzAwZ@;SDck_eq#pDIh8rS&@iRZWjCe(wJ#);y${MWS
zl$umsnCtn;b5(`zYy7X88Noh}Xp_o0Q`-^qmJ76FbJ+!ZH)SRQYID}PdyJET5A4|1
zaWSOJxHG>IZ5`JaFsPRj1*N&!CQ(QR_37`!iv7NdpeqQSP?fkWts5e_iGDYmY_ZD1
zB=&89L-!+#S3lG35>fmW1RO>`1{)X@T&RuPAbc0*!yD#^2#Wc)OXIdr4dmz%YK_>p
z+0Y|{iFb^cU%62GtA}X|sV9HTy-0twaOG{-2v!VsPBD{j9Ioid{3C9D(txuj4UUlG
zrR$@4ZI#y%!Rd5DAG&Y0XbJ4o6}aHwzoL=1*7^~=N6(I6ONk`EGZ9Fq_so^(o2l@L
zX6(JTChI#TL;_dj_dhZJX+&@e$X=r(z)TjW*efOyQXD6ZC^mbi?m~e0)_5Ja+ozPP
z(;<P!T41WOx#{cy$)Nl)|Bjbu3vnE^kGYBnU8@u``lwD?u*@~YOWN2FI_xh&YIb7(
zAFkdyEX$}_;}xVkBt^QrL%O@WJEgn3q>*lrZjctGyHk*qZs`usVt;$@v(I_|gUd^O
zpJ%O^S+nN;-ETLJXOtfCDh-d=otL#WYYzSe=Zv0ShduAovzB%(5Y~LUFZLQWblWNW
zYDg2+8W_5rzB>0mO9ll36HW^?#W7OLl?6=|p`kR2U#~GeEe)&*Yt6-v1Sm8jNNJ-K
z2IRJa@q=&Wot)|yd`)GA+??FBCvj`deaSKH)nc&I2fuzLl}=)^rzc*c#;>mP*!=#5
z9qKD1#O?tY=93abgmK~_BH&?{M`2m{nqwH)7*lv{`&C4mo!#HaNWU#csQ{gi2qhOa
zJUV!{U2XSTRo_7W#qqPZWaXUYJD8Xa7p~6P*2jTK)a{6$RgO)eS`-jF8?3=3@sqlG
zhnwCE4rxjlSFi|^dr8h|?{KzrFO!p{;Oh3cv%@1Ey%x_N2->_}HZj)2NEKh8XWy#t
zE+d2^8%~|Us1X-r>+QDq!udyu$cW4+Rdmi`n^078O_ATpPl~wyiIRuAOJSq1y+>h;
z+Q~I!q!c1L!-tq$Ad%`gnE3`LhtjP=*XNw7g`RbgAWdoQ*4z2z4Q4o%lp-C1RbU|P
zSJ5!`>F=~SkY}30UTn##WPjqz(AY(wcG5qG&dKsPHs7IT8H_54$-^X%b$v!vFp!8s
zL5q+lvS~bolW{2NgjrpJXrfa$B-Nwy)?wmO!B8#UymzD^+23<i5qxuFK;ZjQD=9`Z
zg(BzHvf-lBeaa50K(-$Pl_RlOEiz;WwJJeOOFb_h=BP%^<yA%evmr#@wqulneMV#P
z14>#{Qsr1L7F_64kW#`QR65OKCJd+hXZwJmPaWs?DO@uqD_?Pzk=9aA=$U`+9mA|8
zDDvq|Wf3x_(yI<RaE6-Dy|m@pD%B^Dn$+WUaGg4S21{!d7WqG)SO@6zk7+^TYVZ+}
z;y7>5o6$7uBV>i5!61(w(1d}}b%5%RsBZ=H+QE=js)coRN*}3{Arn=Jc?@cCFwwbl
z6b@wV?Q8U9+|s2!Vynn7l<!~O6HxLI#;>1JQOcKC<HA@&Cf14TGvd6O2fT`d!1$^p
zrSBhNWOzDabt6*!I>S52cO;xVGv2mbqx?2jPsH6S=Xl0x=!~DmWJnJ!tqd4F#{6C`
zJ&{|eHaEZ45a4VxX?f(2=VvUVeCRYPBVw%2CRQ^{-0iV>$c%apf(*!K#{Kc<JS9^B
zwU%l78VWI5#&;z!sH!4z<MPhM<>J}iFrOXw0;azb>s;aog+V9RHa!hP$DfN-nB-g9
zsvpvEh$}baqb$j`3>RPFc`U?3)dd)5$BQ?KNknYD)yHs0zNH5z{76;#%>C71k>wd>
zM1EH_j_ukc?w~|Dwj3AVGh9?)2Ls`ev0vU!+2SMa4NXAM85gAS<tk&6w7H26mk&cl
zT}U}KC&MKLo$7mY2WV+!TQos+TOkKHd<6WG{gJQ@V@7J&_;Tl2#ePTKB?+#Q^=Ou2
zW%W_t1=(||<`8^nwlY#Fl5bZfSLFmY0y}!D)>?Nd%@i6-8in}=SPcj2Nt8QH`4Izz
zg#mbMT03p}0+jizkZc+zKAfpER66%EDI+{b9P8T`UsD~2MvD-_eje&qL}tD%@xa<e
zORvuiHOoBh6CXsM|H7k3n|eE_wu}_>BVo`JuK35imV`rFBN7qjJkdF{T9R7H30!o#
z8$&(4u*V|xMMSipvE`y;XiTl|KxESa5o%`Bo=9sQSi)*dKILh@%t*^<@=FjK27O8X
z;(N7ru++3iAkrkx|NX-75&r+TDqXEZ#=>8h<q#Td#jjp<H8ruqS78OPZ?kXR2nTKC
z+rRCn{=mM{lYrd{4NBlrGvW#zQE7={!;$-k0h9BHkIIm3dx9-FC8dSAxiUguBDp>p
zB{FR3tTY3+E*7)zTZnW~rlm;etGVE;Yg=3(<&&^2O1bSx2s%7VR3RKcr#bx|1w-1M
zifuZ~s46SE6#-2d5Xsy4y*;yo%niCp@9m1C-%41HeeVa>RNId$rpFg2hPydjg6*od
zW$}zDcXJfKO#RdLve$>;@$M}WRT;a`uQv!8zhC&}VeaLWGPagebheR(+tp7FF~O&J
zB9~5b8;&&@U<se*>t8aSd@gHcxAOCeKKka}L}%5pP@K*5%QA#~iZQkVRX=S0`u$7a
z97CA;lw6vhei<uE-v|eZLrg|@NUEG-*vgr>8l+#*^r&Nq&<qM2iS@MH&fA=nlARC@
zcVa^tHrg(|JIta+y~rBI?p=EQkb&KhF$!gqXmX^82fNG+X_P(%m)2sn{+Kwt?RIO7
zA~%`pH$U;J)~Cgjn@_s7#QQAt;TNI^@ekC@O@ha(Sy_S(@IQ3?sw?YxN35e`mAu7f
z^A2u5RmCSgdAV$?#rm9{F2!i!TL_$@NCoCsnqup$n660K{4I<*g2=Kkrh2*0BE3V%
z_+Aj#`u9(DPOL^_(!9TIo}xl1cCpbTJw+h$hz4+cTDkR8{;B)+5j10UEoGY!i}w+%
zWdB)zi;5$G8oZ=WN^*nwf0hxh3YJKlVog|ttQ-w))cdli^^I2&w`n}T`y~Hu3=m_1
zQEV_~>IK%&t1HFT$ubug7fyM8H!h}0qSDNC;FxvKi8~G!mLC8LbJ)zC89bSGIiKD8
zPPOYX#@}N~Et;4uA)ia3r&7W95tH0AlQU!|KBel~Td#Ng^ehh*B7R{#>Skuvo1L9a
zN=o7as!E`$1+w@AG8@>r6sKg#ZjOZpaLPwVXMFJQJwo<*hA>p(ahgj@7I`7YF}U`Z
zq~1pjizRLG7B)Q}5M3Q)l;%tHS^KeqF*mr+e>gHCpL<QY@aJ-usw`SmqCir=v~6|Q
zJ9rNuVx>hTsL#qhf~DTU&S~yhkKwV)ph1~<><1gRwZMrB6q4t&ZWIcLFfF`9Iy=yy
zrrlfM@f9*{&@#GIO4s>OW3>KUzM2mDULWLJdw@{DaGpqms+k-SN6h~%LyDAh@nk9c
zL{4{Z1ZpW3g;bP1$dmdQO`lx2B6&*`Z9Rh91n!G98%_`diq)H@^cMl%yk@lpIb=H4
z*-0tt(tv_@#oFv8I5VcsNm|*Tp=QviU(8qFMpp6KIIp(JVq6RK5{#peqm1z;NBYW=
zp+$&|VL9>=k?qZe@hOZkE6WW^sCmWWla&xMJ}?Rrd4{glKo-}fl!OiZZEqTohcqsZ
z8tX3()>gB{y%#PdE_%|wC)sLTNN+q4N<w$i?vDzj<W7GUXz|Wt{Ms>IYWDIlFLK1+
zi(qW0!~!xUiv3u~X?N|rL=5fzi8o&;XOBx>dokcM(DH^w%7kP$>VHyZx)MS!?Tur1
zR7uj8FE8iu0qnMmN)Ma2k6;4(9tcH%|I+G(t~iJ|i9hsruDzwt_Rl@*;6LnowA;2M
zzq!xzKBTGG+u0EoDlL;@r~oi*+zaZyD;!AH9dxD8Zkl8j<r$57Yp*B_R#sN~ALj!=
z*0{a9JMw6C5sm|;RzS*A_tE#xQBO|~%<t#h0x<y)GJ^E|$^!<o|0J|m3BUR5^hEhT
zS^0XPZ_b=@WgGN<VCD;QRPyJ;J`0x-eHW@%48fJAVt=h?Z&@{A1%g=fTiEEH+&3KK
z>kZm@vnCl2d^IY2naH2oum7%9OD;6q>A2ahdhgCjS1+|#{c1jlxt~SMUI}}<htQ#e
z*Xi3e<)8Pfa=t-v!JeO&L5FXW$dQQ0+i2=fM=0lsj{E7X>BE?H`%O`A!h2?9ENpD3
zw}+O2hg|YfcxMsM0%T?W!dOb{>?+-sp6YNu<jFiNzPq(G$A4P<-ORreel;b^i4<~D
zKDIPXxHU^|SA3R`e|{K$GS7G@PkCZj^e@7Tf)b4)Ttc{ql}fjcZphHUd2uYe2vY5N
z`ke8w&7*f><h`*iYpMa49JVh9FQT_Q#QKQ+;mLq*Xs|+L%~7pRfT`GD!g2=c$6<@D
z?e?Kvb^=om@pRckq5*T2z_OT<;BX9z@qAG=3-w(5yAT`B&-S0?h1KMA8g2Y*Mxy2?
zq2}pZIj^Kt?2E`d=6uoYQ(}6h&`f6Tj*VWH)Sxf-B50w=l!c!mS*$wF#AL^OugSC^
zlTz^{>*6S0B>$+X6+jB2yUaf2>@NuKBEu73MYY3Qq-5$?(Al_!ib6SXOBu1xJ1eVb
zvyr^JDqF|G3_i5XQoDkF%6${zS~hpeyLWM$h4oK4tsZah$1!f1a#NpLP`zjCSeI8E
zc#@w+W$i^j;v>?KYM2Bt@#zgAaGCWpLXdl^>HqI}BQ=mjoup3XD>Bw-W*a;GcigT}
z6<iHa8m`EJ9O=KCVJQGS1A>Dg!J$JOpbJ`ocR2bk0D=Gk`zlbg0htM}`!P3AH31D8
zF|7#jhxiU8Q9%7@5A=jL#mgrHN^&wXnLxl1@H7~(;=XJLu6YRn5k^A;8>#*XxJ&Q?
z;SUgo0n-ylAaMe~zAw%D{?gL$NC1zz40Lk<pyB#=1uv_qt`04Xn;@>Su@Rk2;uS6m
z6o)|MO3TPtl8Rf*wd$%0paIfwbgU=1o_vH=8fGP%09o*A)RX{}wa`_b<n_RGIy1F^
zzI5?ZnI&@UDdVE=lkhd{yZK6)F&{T4&H&y%j`cm%Ha!8V-&JLZ#)a#RZj%9Xw)#3c
zL8Xz)try{CsHSNZ@ep3w!XD^ZBSCN5sT2r!JcTAv*ZsHRvh00d>LY;qYo$SPFg8mQ
zMkMaIwgZ>ff5<X#zDjkk7oF@uK9}!ewZ*`8y3xM;(%0sq#4^u&zkiPqWD2V!N;hCT
zv%_hZNlsZ64>j*YC7egL>5)NXwO4YYOtiS0$X&Fy1dmS22;W`D_D+Qa!wK`)!6FSh
z{(DbEifFN3>ky(UcCw<ppG^5!>@HWx1Gdl915(O`AXJLrAh`xfcmtGMFBc}ZC9kSq
z*Qlkx(}CgO$aKEIgk1o~4|=WBO)U}(tPw1~4?S21RNI_C;%Y-CjqgT9(4MnM{-}(k
zp*e>2j^K^piX%Bt>)|7Hr%Kj7NO|3D#^+c55!Z*BPPtIlA^OJEWCOb_T&kvDqLuV=
z<QTi3!i)v&gCZ7j!S~P2XikgRyaG`jt;d)yRqVH9YgJdPtkIfGLLO>men+plzZ)H=
z79j(jm|Q@v^TD~*td?ArMrd0j7Q$m+EY=sngCTsgscM5VruBxa9)Z&P0&hcRB?N8m
z?Q5?bF9nZEV;2M4IftV}#QR;@G#f$V=zNmvpVhVN8xQDStqEUn5#c{4@(KtLzK3(!
zR{h^H6dp*Boq!UVMe4iz39Z936eL92sCt3rHf!KFkw_Zo77+R2zcn=c19AV=`)-rx
zB8$mvdI!MN|1P)G*43Q>lFaiCQ^0Q^F#{qs20-y=VmbvHF0(b~QHK2@z_s*P_qzo%
z5kQ77R=dy+RG9!!vFdv{-m>QX37`T19w}s6s`FQk{^OJ=D*sv6+q!39QGDM5eC7Lb
z3_}I&lw|^@*)nQ79&E-lSNxBFzn+rXYK=ZGzBeEWl;2&=DvHj2Gnb9%4Qh+TWmf~r
zDJSa!ArqrcVu^SlUk)!j?fmBtuqr?+o|cl5l8`V35I#B(KnrMCZxXhc2gmds3)#x*
ziQC98J;#UgF~JKyRa1O1x%KH0QW$l#ki4p+hQnLixq3ph<-^AsJ?$uoc?~9o@)iYO
zh|UMAAFp-0${%-LO$ObUv(;PVli7cB!<c#(6MK8_u=Z{bmbb=R408A_A2N=aI!Aa;
zT(M4M*6aP2Eoukbyk@`izPKMvk-WXQyp)lN0_n{SxUw}nEDY?>^Q5_?rp_5UAkqYc
zdIwd|pIP}wv<DmcXDmA-h(Vtl>Oss^Ql%k_xL_%fem45YN}2wlb0|QVc~IU9)kKu1
zX;GK}Z*w{lW%Hs=v`t0C3sSXN7CQ0%D;l(uqZHi3TdZ)a)uoS}zIDosojqOM$|UsI
zEYzCMhEU1*PbNEVxF3$|6U3Mul|de{V$yYuG(d5WL`(a*sm{nPqt$^!5f#lSC1Nw(
z7lwEr^TE1vvhc|@F@HgQ)Aij*j5AO4lYi~t7E0*TA%9z>_YS>T=ueXMwi%@byexrZ
zHm37N!xutmRaGYx&vDAR5|ZwxydRbWy;wr>@7XM3I*14vS!fcp#@a#5TX7ov@b5nF
z-#zC4yKw)#oc?3{3`DgKAY3le;tGN(d=seXpXP-trtH)eXeKh<)rb6g2DP_9I|w)*
z$G~#d`{r01EN>N+8K9a5_P%~VPMmxp^`P1Lpbj+J4Gj&^QBnEUb7j-2iu|vZr@)C=
zqz)`=RKce+#ej!dVDs)Punt%=ub3yQTu)LmGBUwDpZXvOZ@}JArK6#tVPbLsd<ww4
z`EkFS1ysq0j@(9fKqzl~@#=xj!g3DwMn*=)RQ?8_Ty&R$zQb9O8|!kTwactL7Z9f-
zH3J}2m^9!9{Ru>w&izfr@zDxizNEAicojDRIWQ>Et$@i3WZ`0Raxx*m_tYTZ3(Yb@
z?M?jq1w-`a&A%&YF=4fw!qmIAz;Q{@Ey*`-4eHSn&llrQ2bl*ODjB<qNg~2bh=t5X
zj)pnSUWTLSE}TRkhvn1SD|MLB$u<$GVMyGFI1OJAoTtr`mRkL1RZ#^wy!WN7wDgXV
zoSdBg-3<!1uG8F@)5Rf+`5vt(6M@J8q@zjhSyuBE^GS*V83_r*S%g<Nsh>gyiQZS`
z4!*%shpSxjfJtp-sf*&MK}&rwF+vUy&rj}M)xK$oZ}|2t9F=Hd<LKPeGZ{01^j<Eg
zWp2x<GC*|m>14ig0enN_4{*?{0<}y<{!~@L7ixI9N`I=T_}piwDU+Iy8P(QvJ(TsI
zcKo?VHB5aPNBkwMEi?#cI84aR6z>Q<TNg(o(Qy*G`T!bZ0st2@Y^?tC@s-sAvOFLo
z1|bO$xmeTgc?FJX@4vS#rj10>^qSMlMgi))iese-DvsUs2d{{uG{DY(O|HNs3Ft|m
zGc0oxJ!<oLKq{AI`soTH9jE{l#u~uF5de`4XuY>>5MZ6_P{GmY6hQZY=Gig+`Vkl#
z2Lu4Ybe~d5BS1_gn-E>@J93vn%Y*-of$zEaxo&p=fUW?kdV^u-SB5Jk@MpnP8LGMz
z3QIHh=BqdN3;-nojDJA6ZcEKLCgfF!0LefwV8(%O!U2#-RHvCFGe9KUYV?X-;rj*1
z0su-CnV6aiQ*SdL>UxNOs10sokT{93O!)P>10UowyvxP>a1Fd#cPT&o6|mdc6{Xra
zL2}7a`?GOTsTma`|DIFuKAuVv2_FX8;{fzoQ)!PBYJ7m~jb5u6&S#iOt1i&b6gaOO
z<4z^90WQhw{-B}x+;|*Yb+pf*c@mCqj+WEcL;Et(i@^mZVB%pkT1<_wH1Rc>qPl)F
zR4Tq8od>;zT?46s_iw8ypf>V-BiAmf;=rK)zS%>XdIol%f#0<{$~utsK0^8jpKPeC
zpQtzl(V{MBt_@u!A2&C6n0-u+7)581d27oc@tap~WR523SaNFv!-zGC$?(6fpui=R
zZiL?O8yF&qlppSWrfo;5e^^r~#IYa+k}+PJgF3I2{D*_mfXl4)9{?2fy5j%^3V<1a
zb>>?LiL>qySVQjv3OQX{K_?PqB7rCHV#(IGje{N!!MXbvKt;`HIR)I08VcO~d3%pz
zbk_+irNQncTTjhP*Jz!}<#sXw&R?i}XI((ri$#VB2h$DO(|^HV1CL1wUhxcu$I&n3
zpu|^NY0Ikn`vr?*w*$mtwRg)o;B4Q`z6$c!-+9++5IoX*UJZ$4Kmquk-Rca)84l|i
zGr;O_%&!rm*R@s#4ILDVc7%Gunz{$GFApD4J*E)-$(T&!bUI7#>$J1Jb;R5_mQQ-p
zz>svVzgJ`OyPsPqM>h3)3YYxrW2Te`F;(XRGW{t)bHCEaQWg=+RIj~%ZYo(!R|9tx
zVA__)ZjBL7Ohy)xvj?_*q8$`u>Ndx3hk&xW@A^A+nVmLT$0kNthFn_XeO<I2;HR4R
zRTkhknoul8fj`W~&$(>o$_)QKEY$wIdBxV19l3s#9bbQ`6cr@k@w=Eis_lFMp+7GH
zm`0K?{qvoAs`>F`yNIJg^cE9UGj0;M&UTWjSChied^@Al{swB?!3o-r-h@q$33Y)>
z0t*yBSj&kFsMFHXO{GAN`T9Ape&dp$^~5{fs=>wRRDu>guA0)RvYq?NbQmP`IR@L4
zN*VOx;+{n?e~u0hdjZOUq3?PBj~{$2_W+FGyrA#lWGIdS#Yj&tW)byz0tSubQKpw%
z&&|)8242uE=(FeG-6`^4tAQQ8?U7TK7`5UF5|s}~6Q=4D>3}t*>i`Hk9QW)e=bmDL
zV`F22;A{={bWxPnwlm#d5cLY<1-!w*;Q09X)no4h1;@=UT5S$43E&gRd;tyb^@VrC
z5&_FwWR#U`faG2RbR1xt(g?ByIX064{l8>nTLI=o0_0dC_Vg3lKJQj7sO@21y)cNa
zs&!oEfZ1h+2U|YRuU$`pUOcEcK4wz-uA)%ixa=06?n2^G54hm)|7+6$W2zjGg@?wq
zyG+uMA;_ty1TV+f<TKfga~QS16#*6rXf+Xh!ep(eb9?iPGFj!;P-OAN)5xuT#F!&s
zzHSjreRSB@WquA)_XR)c|7R)0K^#e8R8jJ%Kxn+OZFm$xR8_cNpp*%_nCh<5H1yvA
zhTVib&Sw7p9V2@Q?4%dBnDA>xT{z0?Z!g0`cmxU$($&FuO2<pIiX23o-OfqP7eg9<
zQ#}t<oaV@CSBM$Yx7w)x8K=X?U&p8mW|pmkdmHp-SIOSqK8&lzIet37?0<^fX%lJb
zVX(0Qyk!Hp=4h?uOTH1JLx~6hH%ebE^Zag#(+p^-sk;=&1W8CX;sc&cflFAQ#a6Hk
zDI42mq9h?6vyl)u+Oe;wZNQ7lfJku(HsdpJK1~(O-DmC0fUX3@1ipv;!pGawJrN(!
zj_XOF{8}vo)xH(SYv8q$(qK7xL2b`ug;oND)MfjxTYtrQ6jUv=U!yE+QC#f+ui+IT
z2MSqG&9IsMSsLpiu>n4eW$NHpphBqwj0u32X!$4q9uD?oW9H5&@OMp5F`wSWhnlbX
zi6?B{lTiU}!Z_!SPHY`Ry;#abWvPZV5<acrH$-|WMX8oHHngL50ErRRQsCb*gca`w
zyQn5T3Z1oD0uG$?%itvq4i1i1FwxUrdGgVZeQJI53kbrX4OM^2iJ-7AHdcR}?mBb_
z(?4L05#)I$2o!FfDV{>R(o2BRIBna@1)MQo0JPy#X#^NVO#|=yUBPEBKqdOpYZB^K
zzOaQ1V~d)`RV5&)=sV%SPSmnHUc<%}a4;F~J*)c6BmSwf&47^c5+`CEO8p!qO-uF-
z@>h>-i#J36d#cwUHek4?;<^`#3H-V!yYPSWciLhrt{c<OD;2=l>$8+BS!{oOxc~-X
z@|u_1K^kKp=YRc=t_bG&UJQdu><o^A9UM9iUkg9LCsd(eVv48jydQU9=I`feGU^Uq
zf4OPV(*_WxF){+M-+aN|1}MRIE_kn5<27z0SyS-xzH(Oq0)Aq6_yG9AroB49vO!6S
zivk$TT`$oKv+KSRxgh9e<-J^$f<h<SL4iF4LK;a%M#iexxHlYaNU{}JV8nIJ9nO|c
zg5{tCN<%O*4z@c72)YKc3_>`OcyL~GQ+L84<C0+r;8wnl3HL0)rQ2aUJa(GS!*|K$
zIQ;G4Wv?<}jgi!}M9<;m&x`;?`409@0sr2@TfvX5r$U{Y42(4+OdWS70I8u}K+mOZ
z9u?FEf#EXm`zHu?5p$73qt<|-GlViPjLE-dar|ZwK3R#RYV(wj-iZ#ma_PU5`QU%%
zyU?kd(n!LQ2TAvGehmEpl(5c!&!-?7&VeHs=pw$hRyv>Vcb!ZJMg+-*YjJ-18`c;0
zy+;Dyl@FrxWMc%m%#h|6UYmtv%>xQfdnh<!L3gUW^O)xnQul1FGqUX!>HJyz-@#n}
z&2I8t^L8QgB5m-ZtY+Jwm694sUvlt!Y)f_TRv~F=X&IRj09|?kWBKNmmeJ&!8>F%5
zKLE=UtjBDXF~MQ6K=6J$o-RgF1@4SMzy>^}LL39njru{tEIu!1V`CB|l2<YjGS|u(
zVCDhasaFHs#aIxoe;n1cw{G4X&L4r~*9P7@&1#DSQQxA^RSW3tc&s={f=&(CuMMxq
zjqRaCy-)QOUOzxB2Q0zn0eu`;OTT=k$}I!LaS%PQ+Tj1a+;&R7SrVr;dy9Ky^+lz^
zrTp(g?JISrKQHV=L6;gEk9lP{Vjf^!hwIxVM0|C7#9otp>W|kXuQX-ak+*R!PP)f`
zD0_MNCH^YA{y~MX#!;*IDKXGD;?vfHydvLK-&v3-O$tL;{~b7K^8i>yqirtv_Q0Tx
zev=IrA|E5;#M<T}YQHf9`wapEEGr$@;vpgPKmW6@YeD}0?=e5xh<RVI-z&rWYyLCb
zSHoUq!;&xcVvW$MSF<0mYW%sL8C<XqLOjo@Dymm%oV>D<l6@+*J{<M;_y78Rcnk6o
z81V}^SJ~ajO!Y0f9^2*@AL&)cXnsjG$)J*DxMv;qXD4Ljz{l#Q{q^6|0%gudhiY)I
z1BGLmxNvl1O`uEhxyc*QM1E6BEoL~AK}!KdOfq2jMV@G?sgdV)01DF8@$XBJ*lR%p
z5A@o$F*ThLi`nVuK7l$Ll;Aml?*~A72|R*=0pMAK_3#2N;a&r6Cg}6wRu%EcS>ggX
z>JNbE1xTt>ke@+0O1-%jO$ZK=vw#@%Y6R{H2wVVaCN9hF3h++=X2ht|2xr{}Kl`zY
zy2pkJ0+4k?MFBOcPo-A95)_JCX!HUC9e}(8>iY`d;SBcPLB3-W?H_y_El{1K{>>n<
zkA8~Js)1t6p_P0l5kGRE!H$R_?M+YeESv44NV@=i`F90HbHX==DW3>^{?z;PKM0XM
z!fOt_ickRK%B=lQqMKxPPR=X&5JOLu$ZH$@eiUQci2obbkObI4PC3L5GT&A}xB>nJ
zPRn*JtB$?MU|}OYybZOw3!yDT9c$nX4bBZ*$59TDoqvzwzY`m?{3H$rbY~H(I*YCR
ztOd3;bz=|4Xn74s`Sfi5mA}DOM=FX;=MUl+^J!)O?@tYG`bVrD+8TEH21=M71Q+CG
z^yumlKD}n~tWP4`vL#QpK~U!)HeOy_NIj07?k;M|v$DYDD3to@6HcM)^3e}~v)hp3
zdno&s_amy5eecy#T(e0ZP;}LdcQQL;0@cCx`B?w&T-$MfiiAZbs0`gS<@?S4_VzYC
z@W%!h1t84Z1MnBH7hVJSB2cddfEpjbfV;kjg$pcQ$#gDV%-x}Hd?92^p?^ftH0~OL
z#}~z>__1!U)OPA94*AQY^~c%_@p3x4`~3=i!5znuf&cDK%?Yn4nY~kUTx)A9==IjY
z^s}vjZ4E$~sCcZQO_RkB;E0GP=>LOeegQmlz9ul_S~wDj_j*YN)@RvmGo-KxJ0uBK
zA1}qJ<8a!pY{&~3quJA57T9lL-f)F0?0%U62ixK@e!c&xWz>;I2|z9NIz?+jT%tDb
z)5;h>%D#R3XosW4K2%Vq_hN2e%8q^#8wDed`+M5I#;U6>yK*#DqXKPNp)oi(7_e6W
z-4O+sIdItxT&fJjeHb;>(aD4h?`lRmtJk)+dV)Ixee>?X2+8{y-}r;dyywPMa2{k5
z^AiOQ7-c?{-VvgH76N9W9|)<A;|O0&9zqXj;H8sOlaq(OnJ8PDnbkc2$6*$;AvEl*
zeBlt#)e@ZsFBhPdI>G*MMobtSJthI)X8|fZogmD<Mb{sno~Q2^In*kY)WT@GK~k*e
zqS&hwJnEmN*)QQ_sXu3oN4^*S)w|@?`^AWUR#7bheX>CtqF(i%Bv7EdQ#Y0f;!{ev
zIs=Te7g>!rY8tzYEfu+{j5XqW&5IM2E)Fay{4FIJaO;GK`MU<|<P76&CN5;wd*=3H
zo8K9HU&2+4bhF4ki{K!&q$zo(Hz8)=V8q^dL!1LnrK+kb@Mu)g(xN7sh?v=M6uZ=P
zwi;F4k_-*l*Z^hccO<fP=5Qu?-_F&1h6qKh0q@q}IYgh}wFGqcM_FUZ60-GzDAEzC
z36n<6jKM8q{@v~Ep*-ED^{cUoiITDv{N%w;p6j5FX+`4Z*G_R?f|G=sHmX%>hbcBE
zWb}#{{cx7!1iP%b{4}|C*^-Np%f+uZ!WtN~Ug!>mRg)HR^j`FTx0=7}|9KRfnIzaA
zaw%S|bta=uTZv;<@u={%_bt`Z(Vq2?zHEu1mh@IEnZ~Y}q>XAdJcMB>D_^C>T;i%l
z;)Do`Rd2|Wr~B~n1zq)i^%iIAK@jGIKcFmB*}*QyeQpN_?bBQAcG*@m*w_R?G!-0e
zqT&KaB?jtL+|i`*KI<1APG>Fe3cp!X13kSl*5n+t5$Dmml|pdG=oVIbjM`l0HaG$R
zXwu<=1S$cx9EZGmpsPdYVD^-1I$lCPl(ws1Wxr^Jsu>1)M*kf}I$B;sek4s;n?^rq
z5E?^3F79TVk$!$o#jblFHg-dFKOWyM>Tuaj5A!88k55W`(~4CHeSSERl(0~CSnLg)
zZMjt010{dLp^Dk)+t?w3aTy`3WizVO##Kq~MP&E@=}%zsD}j4pW1(k;e(hxx_w2em
z)=rhHa8EdlG;TeC_`IcVmCixC6LR{GzcQCk7-?wGZ?WOMFjapQN*B*m4LXl1)yg2p
z9wB3s86|$h-H}tPyukRctvyeq8~ZTh8#kGr@u1$$Q~n5aKRafHa6-CRgp5aA5t=BV
zYX6^sxbXjcQ3?+}`exb}6dWY^!Q=<0gcS3h4o659uknGD#(V-N`u(`O&Z<4?zGmpq
z>T4qzb3u*8R5Q|)lS5iq9gjA>>Egw|W;&?m3{ew>%N2Dz;3!DlYH6_4tA0~_4;len
zwlM~6TeG>Qqkh(FXS#-&5$Z#(&M7c_3Yz60w~*Q1&EH<l#YdWIVr$AiGUY{$>b|5x
zA1O150#%aaapL%zP-M7o1RWYYth}J+6|bHp|3=U#+hL4elC#2d&2Q<F`<8c25tWet
zBWwaEF<mVSc_3}-(Zh6*1q;(E4ckt1!av5}C;Af=sq~TpTyYTvNl&zGQDIo)qdAvZ
z8kq96l{J>7xi@J*fE5x~{4HzDCqf1#LKd%LGx}DMn&O0W9lL<HCz~Lmm&622Y?UMO
zuaIMwX%vPoOx<;dm=9)i)n<)Yi!1%Dj%;n=^Y2`6!0k8Q(i_6%_UO%$|8D#IBt_C5
zda{8aQhs><wzwd2{ryEK5@VCGhJDwTTN=043dSP59%IC$uFOZ=Gw3ISOZ^093WK!S
zZA|xef&}Q^pgMGw+PGxsEa@<k%nL&d!(L)LaV`d)5_?*_v|9grV)Yt6wH5C^g7Rq7
zf`1>SEL`ut&$)ieWZ${htLUdgo-whdmegR>Lw0hdmb|wMb5@b2mUKyh2ro8haRe=N
z2n8Q9u`yHbv3pNtIPozf@5Y@RdBeq1u3-Cs1H81B^Zou>_sqJ#h>~#!8yCF-CZWC;
zGgMFWxytT+nbn3*!Rg4+<S;5?^aEYDUA@=HXeW16sREM!eDrys#bsp^lO_Iz5E8Rx
z>VjIA#Scezs7j4x>f0)N{FnT%<RcLFDn}39_L+^1)cTQOnLl<F;X72(eoKjE<=#}0
zsXB+M5Efn*#yY=8Tcm8Y*#cYYaTx;Kn>8A%SF)Fp!hG+W=JX3oP<id%$DSfqo$$gq
zH#$|-{c~|vKj+mG<kPaL0EHt6G%{LTyOBEF5`8}!C7vYuD%Unx=TH;%(0h$>C1pi=
zaqN9Jk|=o_zUe_|4#A;8cF!0MjqB4AoI{ZnqxVXl-O1|Z_9S#))1t*CY!$!5hu;Vs
zg-gXpzm8=jJ7$B-t!o%^e23>BkFJ*Cc!p2dxj_b1{RjE|kg1ar$+0p<Pq!_4aNtIP
zc<?%P69r4i0+C~QkJhQh(Z-C_l-*5DjC$D|f;)=vT|kbDGLG#odxX&pBLs^tdJEHj
z3@)L}TjSCk6g>NeC>dD-PMPvg*xKEg&KSp%A5A=DAmd%-hl!UETYCjcQ#jQNf)67Z
z+PM1m%i^dv$b=(DXTnvK;lgEXQ4wx&8Q&?;DI=vU9lT?|aTF2~?<ar^XWA4cuidyR
zaF^A=nr#<K|6H(y5SASj=$$qAP8wPjUL!Du_J-_0#ju|1548`{T?VP%FZE!b90Z77
zB9kcE_|JI39r+7(3WV1RN}+0tM;AOHHc>G00iT%BMCNHB{D}AAN!l_{Xd`U%Z8N7O
z<A0-nl0$!kJjDFFJ2f>_aGNwAf+U)v#N*3b<fQK0jA{Mmx5>LRh-D7Hr^^GsU}hXZ
zPP(rD3UrM^3(t)ct*y8d-6wg2>BU8h3ty&5EAQaOjG+<05zG!h?;(zc#@{vg{sJl)
zTvq!^Oqt%vA`99`3J!&L!70{JP|2T?=R<M$JX7351Z+9Y=2@-T9cfaOh8(tx&9N^U
zXsx0Lh~2kaiT^wkSMr%iX;0i9q8u>mF?cZcZncg7a>r_08i;&hxA*R=gsd#(e1GOP
zy8Q1K=yMY(2B)vWqWV^z<TW5&$<TgZwb#X^{bGs(Pm!RrfI5Q^``~N4FXM?GsAYs`
z`Xyj5FqGAxuen{uS!#4DDM1<2WJYZp{Y(m$0wR<uf&KnM%S&nc#nLVlbC*;-tgb>G
zUk&|*)x`{>XPq_<qWC{bPBN`!4<v3w>K!d~Rbijj8jRG;|I$7U#G{V+|IJwZX7eG^
zhwfONq^Eyz5_)mx7AGPlf^LC1wd8{hzm<s1uXB;Si$bGnY*<pL7)=wdX1d#wNMV|8
zbQSAE?C=;!Hp(+C3>H0-UOe_}1N(syj-5+91I0d7{F@XBPkMyPbuKJi3IDzdDFzYi
zK1V2|G^S0&_b&;`G7PoO;!{eW3m~zWpn5_{oyXRdKlWCT*q}?bwmBy$mf)397m!;)
zvnFbLU5&|^%&Z)I=#cts$V0VH<GWv#JQFqhl+F2o4w2AIj*Cs%AB5JeAX`Yz==nUA
z&reQ&1)bcuyUfT88cZbp5!sL*O<2b+Vc@<fo}zVOF+T=l6!BURnZx~2#f=dvNycW0
zdNNkqM#UxUoT-MTP@=2Kl!!qLGEyd25yL7zIcp0PTsYb>z`Ahh*XV<*!jCPhr{;W=
zvP@Yf9m~;7M4wFycDxfIhs1>2hh~R5tdI_lO5j1$@JC+~&!~vPnj$f4ZY~Vjo{GM-
z657m9+>>NDtaOBWm=JSjLzdIT4*I-J&4KW9AS|B)8|R5uNKb6AfN56!vmx{x9BgEU
zh5Hby_>^ylU|(xl0S%^Hczoa?u97qen+O!eSD8Y=lC09q?9jPyOohb<a?*WG3P|#_
zc14wG7TkNcG+dS)CcHv5_2Y2&#vL~F;n;}4=^Wh~5K!pg1lUj5vi&*m;9Tp5K5+-z
ze2-%8uM$WN%m^Rr{fbEQGm-HIkAfa8e9>XMFe=g}4BC^?#21UT<02wmd<Gr9sQ9!;
z&pYTW%4Kl~{=Mq#4QK90rr8eyVcynD;ssB{=bun<G(Cd3f7QNoHp7fo+=AWT_@<9_
z5zb?ME-`H!KWNI^DU}pI5BKv8qzMfLiChu3Z<&<hFpdYXy&^wx<nG&glV6MWu5I-%
zxbU&oxr=NGR@p!jn;SiA(-894!MVjAmyU)Lid&qT@esxux<n34Amw2tYhx&i$q$q?
zaW0x8*R1oAq46ymRe{Qg>A?~nP^e%l6eC>T!$K@q_fiTQmcX3B38f0}R3~^l|DOr8
zTi9PWAKp&T$ovLSkE6^k6;;q%oSnKm5BeQ|hpNfFsYzHPRMf{j;Tc<84!abe*=gY*
zyjg#?^poP~hNmR}U1pN=CWnjj!&TLie(QBzz^$gl0FNl#uYkWx59Z|MQ;TXwReX3_
zjzjeqp#i!<^@UT5nWlXwA3I$Q&wr^7{Dm~#(;WC7QapP5u4Zj-(Q8eLi5X)Omrl^5
zYKVHto4%21a?zuEv9Z&2{O?zW$CZrV13|Sh+f`j9SDVN_GH6DVUSub9rduSZnSOEA
zhERzlY?D&YGg^5EMKUuu8-6?kHL3%t&$%gh;^&fnS<W$b_XFV#17CV;pkbpHvXLka
zn47op>Ea);3F)<8!Yn`K3M)JvoNZ1<A4qL(7{OF$vosT2)yQ<#8RvZ(ls0v!5x&*5
zOzk`MpvYmLaf#WU9Vj7tDK6jR{NQ@}u@Vj=9(v&~L)0Ywn)_V5l#g>vC|QSkJ0hoL
z%Gbu{vdyA;6GajN6@^NHzaK4ahg3vn(7k_htp{FStm43td#>bI<~NEzM*Z^LkR9fl
ziHeCWC5^tpnH(Kjze@paJ1KhhRHDm)>2g&PHDqM(#Z2XI#+t@UI2&*GV)RR6#~<~F
z>dph{?vv~3CZz;ERq^V5zYrP@H|@x=jD0SRoqP6o&8k~(IEo3vg&*vdWkb+Bru*$K
zGhDY<C5#TmD{$-QFXLu2%JQ$mPy7=q_ZJ0;{ho>0iYz+!T{|AFOs8Lq9urc}q>U_v
zo-QS1_tAgW2*{A-2`{Qis76PP3d-hG2coVZ)pA_<NTa@5T@w~Z%n_Jc=GG(gAG<Lu
z>wmkqGSiH!zx`3aBjk8uzmO_txQn+H?Q41}Z94jQ#(a6wf!CxckIg-gjq?Kn!@Bx6
z`%b2l#`AkGvg^=#|5{78?_}qZ^|w`tH^ueVc@F9yG3kS0+;{P>>`(l0*c_M7nOEh;
zHB7s!*6P+{30Wuch6hRIs0dX%)G%h`OZZvYPRy|uk4W!ByP@(`-*pFt31R($cJeI=
z=^EQW$N%1DyXRFAN%$o`e4#YeR?h91&x}C8!B>F^1!}*4#IKmfGFE>twn!C5Ml0Lf
z_(++IY;b6Zjnfxh`=ZU~;AN)z_rL@q%=t`6Zd*HI8WA%2Hr_H5?q~;`+<J=Osmq|Z
zx4sqm2M*4^&b6{0C4?NToviNu*0w9BhHZmw=Z@5g1(K+xvFh3ao;AGoMc=+Tt1;n5
z$HK}SP!@`w;_^b?%Ncpg$7}rkF2n>xl_+|hg$Ipok1GY2n~;~ZhN+;a&a9aZ^sbcy
zZ3+k^;R8Z=x=N&NSsLq)OhhILr2Egx0Xc(5*GoW=e18HXgi>$zU5_zx2R#=hLR47|
z>YSP<N8wyv2{BfBDI5u=UVYEI$7aSh8P_Wz&$W#t<O>0DQwOh5b5D<m6MfVgc|j<r
zape->C!yfMeG+V?X-cx@!G|bf%(oL`)ES&o6ylnwi!)>xbzz;WPBgL5|2Ii*TP3+f
znTr2^ax{kXq}ox}h2wqyFc!Qw>0znyAxCUaq*KvQgVFNeX0p8|!uE|>0Xo8Jp8ayg
zh=s%YqWN^Y>OuQ}%K59um)}Pxzu1=I6c1S$a(rbBt(cp=^NM3F|CaGMT_W=DuC3c%
zHRM>%5q6e$Hx}s>{#w_yJlm2V1gdlG=yICa0eipd=P@e$81IsUI}1!qT?OfTv!Nv%
z9Xaoc>GVT>oR-Y=Ij?~l%}hDp=D$N8y5m-CCZ9^3hKW23?wnVrCj(f&o=3_vP?7&4
z`u;a1RW;X+c{ij6F*9~;$=^g~)xXlfmicBlKEi*+#d^W|pnA~Or*!8Ew&K>OW3>@A
zqSl(5KjUsXb?fvK_tW(nV&<4kH80IZe@(-w9rJOyyQ)A=UGc$j&MAuCjnK2P;{1E~
zh>0W>-B<<BhW<H8L42td-|f`DY`1Es9sASq5q#PKX4Pw>2^$T@N9!l-w>2K^oxg2l
zvd)*k%dKly?tLviMDpwCF3aS{Zq7<y^qniQ`Cuui@3HuvfvN@fXWLeCGK}a}UKQ_V
zzXhh?LCd$*IW_WthE+Ko-<tDQ_au*mOY48?lk5bdodS4u70=0Yzf?W=ewmH+#!CF0
z@w&0Z#K=^T^(tNe5|I_x*8Y-!Pqy`bLhjzPXSejD+|SP8Ax-b`f37ncaEI5r*EY}7
zlk<csrGuM<svgaRO*`Y*Nv8pwd+i@A{5a`5#<z>&VXJ*hhSMbl-`@!5iR)XQ95Q=9
zN>*D4s=5qijh8gyHZ{#&UE%ws@n0PzL>wVeOgrh|`vv?QE-JM_s#r6zc-+wCRZ#Hj
zTz(onLh<VuUi1#pXvs*Iih=oC`D-iZ*X&a4`kLM0grYaS|87zNlOJcMSUdc%e7N0{
z<s;AJulN0p)*pQ_T}q}Ct`&XxlHq&DjE{BV6g+EJkN42pH(GZwRdj$DdpO~Gk}K=N
zEX0Y(-EhgKCr)AZ=EpDFCB*B&&IKEVEcE4e`K9^%h0KLRMc=Ov2_K)gbYo=g*-eg)
zsxA4oEw6O#cG>Zpi?_C~KKd;P{S&L+X!_1@#OI|snz+1f!?_i7``EeeW*nlNr6Vt0
z&S6AxdGgtt%;s8u?bFL1!+^a{`zrmw?e(r|Lg~?!zS~2U=S7mSlzRJ~ikUsP=W3-q
zRpO=nvi7)y?O%QmqWky-LX%oVxC*!Q$F4`eKY=q^IC)nF3N!@7`^?s`8T&!BV|K10
zgYS`b{^?aG*7|?^JIgrwT|v%)jq*N+(<QfxYxg&0Qf7?2Er*xos_;>s9rwm(MM?G3
za3tQ3a=))lj_~3+@&1WCYP${C+Hvw%1K3SGN1m(4&kZ6J-P_-dAMzAdUi9{OZaMJf
zpN2#2?Doum{cYRq|7e=`V5N0Z1OBnKRU5TU-D(SdEx#$B9PBxwj<){oxp<f=udma0
z5r^>)mU%llyMAjnBCH~;AFqP%0|~WWt~PfDFtto#1pF)s4(1*|>~Rpacl@5Ckf$17
z^ebo_Qabg5uD2)Mh<rHN7AIu1zh3y&dmVe8bLr?ct{4%e50|ZADJ}hZaEqilR-BLo
zv-Ar?1;agPt*WZ1TwGlA`H->%;`W=Ho7=5-JOf9hFEoJ#-@<7{z$N<BoqRrH%RP>x
zpR$88#7tL(3%{_gR6Do_i-|!>?j<W>WBKMsccDjvCcwer2FwF42$N!HdZHJ>P0j1P
zz4JC)kEjp|JI1U$E5!-xKg#F|qZ_rE?EoN6!NOC`%GzeOEV?=j@?>SN`Ub{&9e<Lj
z;#Z)Ry!+2N=>6+CXxohB7Z8F%%F2UAtvr}c`z-6#3Ta?TeY|C}%@!b-@}Av2cPOWU
z!No~pExC{FgQe{eCzttCDyECa&g8m_@t=#aUrC%8m#t=<E-SlR`g`QJG0Qyeqvv>d
z_gkuyH~K$oPqI&brk-Sc12#y1pPY0RT>;$3$M~UdoGR7q-Q;Q_ubH()UR!xcnz@1k
z53h?u_gyj@f9mleL5t~KI9Y>7PU&Ze(VLs}B*@>vjZfx2vXlcvCtOrbw<~kQ%ZigL
zZvG}S8HCX@yyFT4-*&qiKNyZn3&tn-ZO(ijm&t708O4HKxty6m)o-qy9Xoled7790
zg&&Z$d}pjP_t^!_?@9`tU<p7yLDYI9H0U+#r)i<Eo+3F>Rz1i&A${0HjEpkM`oXCk
zA)J1F!F<3yH1yxh+nVXDj(nU|fI`YU+sTeWRCV{|pnnm{8h#H`y~yjp1r-Oc8}E^Y
z7%}IR)tR2-ZtpE~^Cu<aq}1;3PshEg93Ce;XtXPx<TXp}flxcDy;Hi}`b)j_9iR5`
zbzwd>2Ate&kBrWcY^P;~iP2Uei%xUA)h!j+niVcOekR5StGQj%Rh$xGQ4<Y`?#8Q?
zzp@@pxhYctCojX+JZv6&6H<KqjxQ4e4PQ#^dFpLCUHo<a<`?@U7%yf%tA0@wWp*B&
zR=7-B8eiqKz1--BmBBt4Bl>9@FnRDfB<;93OBUt31XZ>b7gv4nN)gL)hhFB6MI=q|
zn{VR0m)HRYd?vFS6PHQejM7=jp3X08kc%kVO|`3Y@}in%jEgy)7lAGpsarpHDQ|V_
zTxL?YE@v-GDe^uvni%eBe~vk*%4tLT+ZUQ7N2SK^K3fm%6KzqtgKTi`6@Opu>h65l
zrtK3=S>!wa>Gv8V;*119S6MEEwet7BP4ipx=>CgN*MNQeqt47@c>9_PW^8%>)5OGQ
z-3(Odq%WO^P2`2MRomT_C<^iu89&(qMs6DXHr?H_QdpfXht2ca_lk0fewZ0PmM@3*
zS;{Xtx$oxshG*RmM8>aNg&pqZ1{ZunW$lQJ3LR~bDJ9Pqkt#CrPGaNVseF-TOWzaK
zILWIgv)nPRm3#bq>7F1Y>*^x*RDd#zxlhTj<31(NMH1K>T5ZTUMxWc#ZgjUqziZY>
z;gfIp)MhF%^Si@k_HkVLJy8I#95(fTfd2m5&EBRHD{r>&w@-9rJA+iIVc`N%R+fLz
zRDiTaeCriSWrNaau-xE2gW-+dkJ3+iON*hZZ0<O6ONq0l))MVJ!_Nx@*<Vt*s2V(F
zdhi<O%yl+H<qa9v4G|)`>A;O#2D{^RH~jGaMo(F2QVvd0Q$`k_=Pb@8YU}PP13~ky
zQQB|mD@c-z8#qO#2gbGW8Bq&LczmN{iE2Ss!L5~*u`L((0ROR4|A#{sq*^K~f8CBJ
zUcJqY@8MvQec*1wtMzHOcA$@RY-lJlI$9U_!n|6yDdqu5hC7lN2_}9)8bMI+M!qJv
z+2eNIPv8y=MT(3z1MZAqL=N2KYJo8y;By8vMy_BOSVrEZ401@8OYL1wmmmj63Z;@x
zW1e{AN#AwI!V&O{?c>Ju^7688$&#)ELk!>uysT;}s|yWcWV!{oBh3arT%yB;NO{}`
zo_xM{XTX{YhshwuUi?x8sz{YEKH@!Ok^nDnR^z*2v;21^4T*Gb-1?bdh;T2YHnV;r
zYLLi5VD$oP9aKU-&)#t48Kz2Z7?Il78?AG{peDb;K-JGGaa0qOC^#n@-(~*aCTX%)
z>)j+6+hZD+9II7w!BHn-X6>v^e$O743Kf@%|2zCVY@HiVc|)t~kGt!lX*L|5q#tbp
z@jp)`tV99xGRGbV0;l(-kT44k1ijpc><V5nNyP)2{?{3$E_1Z33cN9Vy+gDdaqkDD
zd$}<<zd;VL=oGXC+FU7>J1rJh^lleTa$B(S9jial@MEywq*dIFMmmvJv7%qJDq`gb
zE7Z!69rE;YBPw<}^?dR@P$ifMjXAEnmJ;A84WZpVZ<U<q$5RXHJE$`u_2WC_ii1um
zqe8+W+ru%&5~G5`sMsPYj$-Pi-D6J{-U?K88sfNijFcc7P_`OlOj_JyMakqRrHl~j
zQ6Rb~)7d|1ogG3czoO|pFV=+jT`c$>ZlQEdQfecWxiy0_eh^4X8T(YW6El1gN^_}f
zk|_~X@<xU#hB7!qUx*oI(?}_0M%6P)0BAQuOyZc>&v*!!<L+Xa_N$~NFt0vPQX@a8
zjv=T<e8q0;&L)W^OgN0x+>w$KpG(={gh$#6)NGPXDKy?v5^4g^B}yXWtpSI-rRV^>
z>!yb2uv*X?h;(>uG%-2kEPa82{6~iS&a<-b34X#fEX5W|6>#Mp1gPa2aAOn)aWPeg
zYFf}bB-B{YDKf>8l91pMWQssMrd0~MxTv52E_nYwP>uQqu_e>9Y{zVo`wuh9cXjby
z&Ze?p+bVSSLUy^%^fJaRwQ_vF^y~{fLssj9U{M-^rUo;VR9wl7e^!fysc%9m@xLPO
z2i+STW*Zb5vj>LH=d+#TdQ6LU>B;P}r@oLf7mCVtTt(KC5!~QKq{9nef8Z}Qz9S2t
ze9szy_(6lHtwo@xxTDu?oL}#k14=EyIv5-DyL^0ht!-`f1nzfW$TjPA^xf-n0NBid
zxlS;tySK|ag>YdL(@GvVbnM;^ECJ_%nb51giQsrSibUMR<N_El_kf}LUZ@eLtpPCH
zYyzemb7ebw#jy^T1S9xd_tCxpBQ^;>nda|kqB9yzM=+T}Y@!h;z+lNzL16;iWk1}W
z#;1Pex1TY@=&HEMftalV)7fB4(NP;^=v}?M8yXt}Mv6PYISo(G@V5h2u~Y?b4zPam
zV1)vvMRkUKqW1~iuyEQtBo0yCL5cDT3fLZ{a@7dN>g^bCy`iB{l*?dZKw1|XOZZyy
zzd$yRZ$CZ8K}f<B6UYJjmAp}TIhcR}H|NyKYrVxUnOS&q6zsT>p&uXu5(Ty1ac(DV
zTM|$dhlBf!JSzIQyUCPP?pP(`p;5BWmjaqKgTeywP?C$MD6mfwxQGTKQ;~O&{w<}+
zKN;UKhfJO_T|@C1Ahg2vR!qS;vuuUa7c9c*!RbClhZuN%?Dda$pmQRTyX=Xq?Sn%s
zesJYtm&hMF>xK1(%T5#uT5#)_6J|I_VS4B4Ewd^BlztfTaVj45qtYVeMU6uT%<xDR
z$xuJrYBoiR*#F^@{A@?N+J4Ap7mE%>3>W13BS3U9WnYf&j@Rwm$+n=X_wMFQiaO2{
z5t8w;R;of$8Vv`}APrskMTAVqEqxnWHadpbk3_!5I2A+cEdA7jj6@Q~0}4>x0l!3u
zy5|jk@$NEf$&<#JxJbW18r%LkK1rT83zHfKJp)o}wnX5s)hNq9!5a+9<B2FZctI`@
zl0kz92>0VSw;~l;5FSArmfUdSF%Cnbx5|)Egk);l9@DcJy{KHJ==5-Hmrp3|3sBy%
zg!>(QACUr-7x$Qh?XQcuI7H2~C>lb85Fc^5mne1<r^gVz5!Dho@TA^}2SW=><PAzm
zQ!BkY!+P|aP@4KspqgmH0YQ4>OU#G_JMqX*VIE+Ck%=gv*fDs5P)YEh9(X~vhFHOK
zU~!hc-haoM8H2(~jEcFOI}Zo$iRt6XFMcRsi?9m|=g*ZG*DL9BPkoHvZjd8RQfVlq
zXCY#j+J}Qhd|ulmo*mOfJDV~5_=PAi>%kO~vB6NS=uvzmsBee;`1)Zy-oaGV5t?H?
z^TE4cTps@NCoO#Am(yFcbp6z?xJ+c!0V;t?R$?6&ypymikr9hhLsx~RLo}<&awcBn
zb%NPQbn65@(D9A-MysJ2z6NAHhoJZ#3EGj5F#_4^c)e2)pi6o;(t&E=_U|fsX6~{X
zB#fayADoJc3ebaPW@Ny_4x^i+Cm8^DIWQG<d;DAU0qh|(QOeHrO0;*%%1gBL^x42=
z8Q7D5`}R!?2ErODfuM59?QMl)n;tOB1LlhQEIzX2-+-kgFw*ADQCP-<O89>$`|fzE
zAOBzD*s?d_*dm+E>}=V)a6(A-DB1Jad+$9$lu;^MS;?lPB4k!ZQjz;Q^}WB}y^s62
zkH@{A|N7|Dr*q!#*M1I5d_&jZfUrVfPcq7QS4uZCNHWsLk)M~H0b~w1-(_403FKns
zQ@W-l;tKwJ#Ul2Y^q~G(Oliu|rE0%<5ZvB+!M$v1dirkE>nc0AGBOBqx7t@$SGT)N
z^N5NX9$OEJQlS2qd!yU;Om8U{@_EVds%j9Yt1jECh+2DZbd~|;<GeW^K1+pGG4Llv
z6_qugEGd1_QT~2&LcVD#=z(`o7R3Prp-kbI1MdJbb(_^imn;Kwy92B9zQ5k#*<Veg
z6gnrpf3BpT@ZQY#Jc@mW>#-m5$Sr$3@AZ=%JirT7*?Q2Qbw$^Va<+??%1a|cKjN;a
zxq3)H-t%9$k(4=?40gz6h7OO3DLE<l_I^J>C~p!Gur#H=)9l%6llRsCNvCV(Kox7V
zm6pq%=cJyCh$O>_Ga%Hf-D*|wsp?X>T3fmEnz?hS7-t%9nJg+^p)0}wVQ*7;+RJg^
zDE(c#a6YtmSB8zWg1ck!UN60uc23p2@5?pe%CG4}J`ujDS8$6}*6u5NP^M6-sL;lq
zR`;nkrFJ7+)WvNOn_c^<Q3L8cm)U5YmuN`s-(mM#G70(;P^kVvIP!Oz(yAsmbJ!84
zR?gh~L!=>F`$wX@&eR31Or*vxL}q!J`x00~1?Ol?sxAmtp}nFWCGx}>b+YkYx#L9h
zNj*elN8$`s7W)!)(|zdMT^0SD?geK5pOl;%hp{&H{oCZyk;pGGUzEa@Z%7BFl`bwz
zKe*0J{InKFG}GOKGF**)gE)Fpi{Dh&JcV3Rw&*9{yPKJT=bBzdM_1h)d>>@e*vaDm
zD}tLflu{W%_a@bBfHSoet<)uNG!h?{uJJuUIxlq{2bt=muYx7&;;MByTtYql)AurK
zf+Cf1&w<FX%iaBhrT4o-H_GPawQa|`cQ++-uGTI4#c1oL+#1j@=xRe7X%2Z@;9ZF>
zSlZJZzzww$mEmh296#8wjNo1I#*f#*8LZ_dY~hzdQKzQ1BJh(fR&Q3Sg>+MnNuJT%
zNEU``SB{w1<4_;3mqT$;fP~u;KX53JOKBr9WrbtS4KaJ+QxOH5m3GiX1H*6#i<D<O
zk*Po;*alz0Jo%BEPX=6R0twN>YUjaQ`aQS<yGD%d`s)OMKbxlD^=FR(WDQ_*UV?=O
z-_SLY(jfaF#?+?Z{EbFY9Yf>#bDAS)$zfZ~OR%1PC24<zA*`S|x<G>Xl9%F}PoG84
zgt#0u2^sZj^PQ|!l&rbbysct+)dzrP=Lv?oGtle$czg5FD(1|j`^RnKwRlqVY-Gf!
z<yEdVN-)HyXuXf6x@>~rO0{f_uT9mW$119l?N_!Eb5WroTmz&fmu-kTA7YB-Tp72o
zw9on&a4U}4<rUK72cY<4tbW0?QC()0BIC;V&W_tAd+8^@J)`(sGOMeEtT^<jq0-y%
z?kHoIpHr&n`P0WF4Jb{Hb1c%SYg`Vk9Fh9dtpdTwb5V-<X;IH!#iHWwM&(A)C?~qr
zCa*(w+hEGb2=c`V5ArIBswG2b|AiNIVLSY24{&2Appc<eac*Lzd&)4R9A<*<^(y@f
zzB9$YW&UKS-|?CXr&|($tf?*}MP0L>mZ40H8a~21=kam7r=sM(==}0NlFHzy@e;$g
z=$UQ1GEHd;;$L@3YePNgq9V-<Y^!*d$<>0e4-yoRv>!PeJ!3hK`(rNE+6eiVx|Frz
z%4iqIN7!CVlgAFN`=CM5i`L3uKki4aa;1KxWC(9|omp4fMpUMojYz&STsbgjIYC<)
z^1WVuh-8S5nxVa-<%AQAKa7rg9>R87E?k^Ss~s8g;KL2RmpJ7dKE4%09yP*bwV7m7
zj`&v5B9TL-LmL*Tg}3N+M&^yS`5%51+-iC$2@wi8gxW3Wi)9UlMCJZ{^I|qED1x<z
zhsYAej|T*&V>4I^r=2M|^#U@YNTV&|F0;*OM2f9r$WmGYt`p%_Rg+d7YHC$u?-`%w
z^cokD-KE;!Ja%SwD$S2`$+s?ruMe0RbFdta&VTPyUVpMx`pP(B$&wKzzOcP_i#wBK
zGMJx4!lv@Ni%FA>-`WeS-p;Zbn%avz4Q9<xk{b(-vI@jeIFzFoj<EwD&+z4wkpyC1
zAaDewFX&?R1p99o2896hSy>syLFIn%{30-eXQd&AVAOhQ(*!(v0AIpVt1Q1vH8vS6
zC;^r`F~P45uA#F)-~043WqNO5U;ung!GZJ2aZOE)u`CAj4L@L2_yrD;4kPdO1D_N6
zZ%mYdH6|Qxfjv-HSBJ)q1<TSjOy3LZFSIqHbQTP>!QeFF1ehfcEFZ<h1YKt9<K^WQ
z2EWwrTeBc!p{nwWfsIX=YKp>7{fuI?Gz=IC(3j?ffYWw(Q=7{)J`seOGnqn<yqp~K
zL#UxZC%6Yx5TF*?fE6|H#_Ti`Aks0&?Y_gUSrV7Qzs}Ck6sOC8Q8F+N8!TE><h_6(
z6d_}(S&+p1t>#+3l8APlr1z?3Yn0|nkxalBmR;~L4F;EOv<3mAnpNc!K(8AH0Ejt}
zGE-9;zEtqqHW+zK$}E+LjT#zwl983A&X$%c@u|3=faKDaN(z~al?1M+3?OVrM@Mgn
z4n>vKRKj0%v~=S9u{byM=dW|${*k-m<ls>1|9BGbO1Mx)Tu-ZYqm|?aBmJ-FqtZ&c
z^A4y9OV&K1RgnkI`Cocc;}G1ciA<AN=P8+-=o`@}Z1D{4xvt=QP9$yYsq+)<9v}3X
zXlQBQn2Y@_^d4AmLf+iqRu-(mh4`I)LI=bnB{IQ*k0OJp>AyPK7b4s4tEtceAC!}G
zM0{`w)W@FmrA;a2dVl9Y&!6<N;@9Pw&6}aLGzO8~o$F8guDC1&t?`#reMwy=z7k~L
zPj=LpN8-0|)4N($o`}mi+V1Y-vBIf`N|$BOpbJBo#IN-8qxm1|n|$T(JBjM9Cf1qP
z_u;2(IaZ2gBeYZ-7OwbYpr}?gt*6`@u(A?~q+&y9D^3jZrk<5OXp5Kj)rfBXwU~pT
z8nj<aGZDgHR`T&r)sRajn^GRG;qVFfzbi3K-$E6w`D+T<*Eq`D!dkJNols?1P$t3U
z^@JTU8E!?TsY-Ft)t9zljO;S!Y7*k)%0vy$^!M#ff4@5B^IVT?Y?z4d_lmGN`e~A>
z_to3jNVPefughguSK-8V=jq>9-p8$ekbcFW`N>1VR;@V67S*}?DF}iLwYdkc-jSvA
z>*bKBV7>GfRo1Rp@ziW9zdlUOM(2}qR+p8qRIXr?75VzJk8IKP2OTgEzI*HiU7xy$
z7xSxPg{Lr&xwyD2G{8`{z4Wx>*?`(+@_D(p9Uk4FO>sfx8>m(IetoYXD(VGqjqgKX
z905?DcIAoBXaCJ9ykd(&2#hZiWvT%4{s{^lz=>efgAO(n8rKB6iyYk`k|Ac;xwsoc
zn-u?<M7Ka{w{8A9vy3;F3=lxTa~#M4)4;Z@QyB-hU*O|_5vS{bT@+ur%-$!kVAuvG
zV~vcO0xY>7LKP7a7dOVIjew00>KN?@akdXpH=ZXR`vrQ;@e;)|kUdZrU%AGl5a<ge
zZ%{}8E$*>gsB7?oL+!mYTW{)1i~(AMgEYr(%sFN#IuvmrU-S%e&Q#suq3;UVKyr#_
zgqzth(9;vBs-dI}c&3Ww?^2D=L;x$GI4_p;)?9<K4qqb>>@HfhS^(h;5}RG}k#o*E
z$cK#Xs0?8!<nKQ1mG%Q=>{YI)>K~3(V7t2{BTm89odN~6%oHt@-oP~l3+?jXd^dX|
z@ThroQ_T;0;%NmiM8=Oj*nH|b<(<!-Jp+0dh&QDUH~W0n4_xXF4P_|49Gq`NbJ?y3
zYp+gpWQ?&@t^2WGB7-Q-#Ytg4pra3Rm8qK%Xgirb19244m<q?GCKY9O3h9fwFviDJ
zo|1S2a*lJ3mBCaR5Szr)a<OdOHdNqaOyEz6$$rzo9iyJh54+$TX7P8TW)8zm;Ec(Y
z;EiA*R?<(h(A=EGXym_HNQ-@b-u|CD^cH(pV?xBfr&lyr)a--!h(DS=%w+i<_|Z7k
zs>E_L^sT77uj4G9)CwgB+dPRJSvF##eP`cK+sXHmthhNa2d@|*O;Jg^6R;MY(0n!j
zRn~KlN<QI`I&~Zg#Lv}~^N$xZv;_414$QH8-`S9J+SUxxvxjS_Io?~p&Pr5oaf~>v
zcd@Xf${wV8JSxzU{*&0mSMac<Wu`G`C#hCRI8`sChkptP8dSg3Z8_!wGUH!`cs)ag
zZM-7eCsd8Ah~zWl2E9e6g#EevH=Sr?FUrp=m4&uILM+qFZaw$w8KuL{g~VuaQ5J`X
zStL{L(cwm3XIgyb+*bM#V+2=w3X>drzf><7{|n_Y(}FtYC3>F5mmc3aq?`=Ubpo0G
zA1rYY)**y$E?J?EcG7}e%r7!d4-V^=aw66*rs%I@iHFPBRnKx7_c`b{dMm$8zfuvY
z2T;|Qv_}bhRmhx8gmF)+{hzv?t+v8zu-CxLy&N0}AtnymOyc5cZ6I-zFs2xcz5{GU
zRuQ`%s4^4L^V>^Ld~O1%#(*FN6cB(Olai2-aVcv8qg4Z$zofYMi~m#b6@L%1Ay7n(
z5gAb8Zn*b(_C*ni(Bx1k@vbQD7kt3u4KJ@Hc?BW=aro1_CqB?-(y+04%!y3c0~0>y
zqV*Npm`Y%B2$(muN<IOiyIG?ZkdU(_szAj=)M!}Fd3bmjNRUOMH}F%qxw(f_LjkuB
ze|u{K1FTp`0vN6~Ncd2QZ$SdUP;6mr<@1v*(!6}<n;qh^=SQr4_AJ-eJC8@#WMTPB
zNPTqQRigKN*xV*bx+agz!ROZ+{m`ANdO($9hRFB#m+H*=QE>G2!_{f%Kp5rx8&1e5
zA?ljJ50;NQkFgG^8UqXzbf+E81XA}S(an6hz(c-3NPq#*N+h$$aOgH4510M+B^U=a
z5)G<cE-o$+*%{i4lfj*1%_9j;z*hMJdBVtuO1(8AdqY^%&AQbY87h<ktkiPIk$zh<
zacW*(qD3g9;jaR{;J(ZF5VQx3yntp|y9eoVRgQ)1E<btWR02GzIe0SsTn{XJ5yhU=
z8d)aT&bevnc`sPP#9ec)&f|7sK32AX*ri)@iFtxT=6O0Q896z;f7RxaJh0l0$q3th
zWu&owOA%;CQ$*a41tSZ$ubEW0$a7+1u9#LlyO&V<XDbg7AL<dko;_^6F=pL&R`wH<
zwnfhiQ0eGLw-6&~%OAXIkwJW4iDS&U^86dO^7A9dE@Dp7EY+7|hU)tkbeVROdOmXE
zwjOCc+=Uii=)lEj4V2a>XO3*dDmBjfHows&D}8l4e3$v`@F065As)2d8mi8EIJfkD
zmZ)PYdpd<pwLZIXvW)m+UEAWN&J{Z<3IQ{xub_v*gJ8`{c_?_ki2S)x1Ec1GvK38B
z#pY~<1aj)dfCx=H6?K&96RgiVgH!PcR&E0>q?M)vPi#|G?$=9kynI$~z5RCC^VU$3
z6++o1taaou*CMW?3XCL5W5#IuO?j{!I4<ajTD@M?u_NQd$<V#NZJg)icc-&&%i6Lp
zK8lmY?A0|EzW8JT(r*n8ZXt~NKcljKXa`x1l=&?w*nD7sU20DMa_Xh_laMnsB_~+j
zE8N|8pn_)t)Wa^Cwe@v)UmijLYL0VW)6~^<gVl<PO2quOo}M1&*bB8`$CihVmKGYz
zTTo?lpFx~tcDHH{LL-|R3c?I4E2w(GYn?RWt(7|@wuD$o8~KQLa0%h+&OiJaBypaN
z4HR7R$@76B1Vw7R;1aoZJP?^;&FavkndR5tmd8Pvfau1E6Nu*^qp%X0FX_wMY;JA>
z0XgC|EQaPAEPZwsL}f9D7PYD+z~m(Qtw86P$fo!Q0$LuL$~L$+zj^ZpI_6baC;7m8
zy6;WB@X(PYUzxYkg^Y)5f~pNF6NiV?q|mjn+co+{aIT5z%w>emJiB8yO0inT0mA3&
zyC={+7r@mUG807ult>U&0eX?fI%s^z7B$$;Qh0fL?>AUJ!Y5-HBILj&R-Ucx0BMzP
z4l}DsQsAEW{9Xk|rYZ-x#)XI)?O&LKZiMW-Y^&?+1-0_Xm3mbvE_>|MYB^H6Ygl{~
ze@1hJHS97vunG7;tOOo}3c+$}cJ>PgCHa|ghlM9TytALj@>IW)vC3=GUh#x48+Kb|
zwow02U-r;;5`p`xTKMOK;}vf~39c<dW*f$cb3TO}8mJMvER14j;8ZaLEu=hrG?(xN
zqXZ+AFG=R(e|K{lw{;dJw<oBJSY%9V3iX64p5HNzZ6X0`Rr$hS!bq*Gn#$Hobt+x*
zoa1&v`=2q!0}mpWNn(OWUOOV>FB~t$JTSrQ?huUieX`(D`_<C28~dpn#Y2OI&!(XP
zSG}q`hc&9MZHepmZurMl(VCllG>n+xzEcqqL@a<pIO_yAUD!y9IvpvZKg!@SX5B5_
zpY1rp^_8(hM8yryQC)qT?mz0FBqCfU!6S6v^m6k0H{lxygZHH0#jef>Z{Lwnd>Yki
z&nPG^a=okhrN@P&_VP8+#Voa-VW=V}PloF_M8k2(yI7aL&f78>hil-xifeKns>{8j
z_e#Xy^_Xz=Y?NW$z5i1kU*>gLe|0=eVD>W8o;Z;`q`g0G)%zu%uh7o*YdIz|jje8(
zY3d5+cC=)!p*DpxJ^4hnbx5zaEF=B1wcNXiokIQft0>=p(dXh&^g3j;zsj{?78)>l
z@+CwXRK1><qWK=sheuu7xlqF~Y2?d7P4U%xU*n~d%IQYN66Y3P(*p&Y5V*u~j1|g2
z{VN{A41hr1w5Qh&xqkgU@Z5f7pX!n)NXf`N0hudkcY&)|<qIj=s$4L(Uzq?3S}SUh
zm=#Ld9F#)nj?;=2Lqnjrt=%#^$0U(T-%!enAH5#iqt(M^hKGj-W#l|8NcEcU?4g*_
z1ERyGH+PnvUTS1f3<(;^<Od3QSmY}8&6_uWY|RQFk>TwS%_dL%Z+lgPf+Cf%T8icb
z-7NIe1;xe5cCCIe8bj68E0i{rB}uJ>Kvaz(<rfPblZHkUM&jXbMbLgC?W3j4nryVb
z!wf3{boN(6m1(SNpFgWcw)XYj3h9kUWJ0au7ZSScw`Bs=Fpq6$qUI`FW=vsN%)|m{
z>G0_0VsVQ`AVpNjSfoAQKfBvrz{AZQt*=*dSwT|rI|v&<D}TjlKox%<0`}_FUFIPu
z$}V_ff#D{JBmq=b_A{%|{D_ZU3(fY4Y0tu=k2(Xsjz7*wKJuJYgR%)k^xIEg1Ep{p
zyyl@DIIj>$)7E->(I1GogfBGDfm+{}cTa|dg%rJ3K?Qf3)3xmCFVOuOoOoc}K_(WZ
z;qAnEzD%>eCtRAJpXiUSIer2W7J*kE2Wte3>kpun)>ULA6En=Q31=X*w)@X)sY^dD
z{gapO$U){S*6-WVsZ)Q;A4=N=Q~W?QbMd)j;NyV~b&)0Ok$%T6xfR|h&izk~N)snN
zkMHjBET79>%PpDj;xiM@jC%6T`#|z+gW3F}UETg@)ZN4S)&b=QzkY`)3*Ylml5y0=
zjYs~tOZz*MdGPk1_|aRPh9*zn?Jj%J^}gK}pQh5;R{rkgCqPz^p833w)<7sM?Bz*9
zlubwQ70pvi1=<W@nUVfzO{e6ou0TV4vUZcp+{^P9wFT4fj48@7Fyqu~|FoOSGAOo=
z77Z3%({LF|6nnL>g%==^^2?b{!ik0GcLe44e!0r;%wL@CcQnohv9(jYT{An+r7U_D
zkdbw0_`Ooqok#Oa2HRiYA!t(@`=Fiw^?erpE2a5}YT*|SgajSte%Tr&b!?l*>Me;4
zMg8b|oUA_Y?APLx^=7kDHWLOURwd<7{u3jyJo%CQ_3`{-zXd{AP_x31QZ_U;pS`n*
zFJ4?jq0<y)V_Dyv#wS(W)6;!RE#!Bl(7j^D@iAJV`b0CikaD|9=(|vnrcfZeS?DG4
z9WmQNZ${-D%5+6q?P@s||0orG)FYu3p-_v{XthI5D=~sKj%!+iOyW0img-8oTNK1@
z$d(gkJ}7*J%PGLFkBRQC?N7^Mp<c&&->w~c+LKH@Us+j!4GS5Q#L!XXgnjpiui|I>
zAESt<p{o`Cg1gb-@!>u6Rbyki&MTij!OJ7;adDEeW*QUz?n|A!3oZT2o&$q}-!~>z
zyPivWynhB^29><eACzWbC@nYiGM$LJQytcdX5b5iY*Nn03b29&(D(Vt$dpb)Lj%!5
zkPp4y&x6lUE{#Lbv6?1|P+dW#08}Bq?A=Mv$bhsG)!JT6iCb4o$eq$&l^_BIRzmjP
zk=v#qf(vF(Deu*x>6)uKnVGt<<N-n8-0?$|RW%ipd63QfS#1F=GNa2|+TxWct9Ca_
zkQ7M`Z}t7z6OId*300}XVa|(v{&3xen=PGRZ;AhK<&rp0GMl21NBE>%3~unqeXWhW
z@LQk<EX{5B5m@aXBbxw=X4m&EuAdBbD1{mz+ycHU%jF=3I!I7asnD3HJ%{uN<yZj(
zjo=$pJHR@}&O7Cl8BEHmSAO#lUk~~oSal1G%k`k)zEtSH++V7jCx(}&#i=-eR#P8x
z8ZRVLwNj2f%(TSj&M%R_yAOTB#Czy~;ZN1;X0Sno#cgQtgo#*!$_`?KCE6eWO79A}
zdezDa6ATunxx8Z*PlC&^^HoEfyO#Vg+CY2H@o!>VH?i37jIsFaye}lliJ0jO1pOj*
zYuTH`99~zP|8}~w%0Jt2K&Y9+KC)EaX8miqAUS<?t#^?o@^@-|-{7pS?d2FThIquu
z)`R^za#USIbLSy~YrWgfVzA!ibXN-1^wK8%)mQU6#Y4L0V*~SGG-12u{mM&@6k6pd
zzPizCarfJPWq3M@%BWG!UJ(6`tm<wZzufTazQ4smjKHR+fdaptU2g%)Ov$2ncL^d?
z2X_s1aQ?mkq4qBA-V?Qk*7~Wf2Uao1CF#bS;w;q~)z?2dvzPp;NUaV~mf6_}=;F$}
zXY!yf54jO}k+V;WhVVEd<a>?qtMJl!U)v=58xAS?Ou~{5t;Td*vDt<XXlDeRv`LBP
zYAOvjxmQYm6~u^H&j>`umwkxO>MTcnKX;OAAsOK1mSZH4U%*}CYO$&36n&_F`m<N8
zXwhdl+40@zAV+t-snq9PR#TdS&<;w`+#Vk8&hG>>Z2cy052<6bN`^8m`R7iKtd+X3
zZmy%HDs5M;#OH>diSL+t{4`WpA;0o0JoQrPvnkSI)b_co?29)A{#fa(`Es`quSa#7
zgbF9;$@ezzN8XQL<@@n?^K<<~f0dKi*;BFHN2ef#)2D*R)l3M&>hg9yVQ^^Zyl|Z%
zezh$JR>lEaGn+6brDkPj3R*OmLh|3w*`%VPVv=wcfuS(v=ir;ZzCLIc12!g<Wu-wA
z5Tm(gI|VzZ2rYg6<mt^qxd3-KO~8IfZIGfw)-N9Mtw7Nn0j(bs>`g(?OiiU;0^VQ^
zhe+IXSkT^w+>rU@&7&Gnoq&mw{t{z)>X-M=e~TWZFgIDWl!NArMW>0^6B}PpGAM(-
z^QA<`c@C^)MnWq#aVOHk>8U9`4gyh(MhQ&O39oNKBLK_bDDeik`&1TC%-0#;gt(PZ
zaGl|kNG&cVQ;mmhk&b}o0yM*e3G@|L^TQghmRw%y^oztz;lq|J=L-~t^)_5tw))r_
zVMmsuK}od&HG0Z6e|w>YGdMF3m;2oWZ4tLdh^n@}yStDn<P@HIx)B&{LC}Shyc5=V
zY^Uito4M~=+h$HS`BGZ@Y7NgD-i^YycbjK!kq8DID;U-XK|V;{e!X--ITGIy7Qs!>
ztCKN`4g7h_1Z~bLp}f}XJaLVnyGM$@Uk(leOe8Xo=Mgs)>D#3exjG4l9k5>aRm)#j
zQJ-GnRbT&e`r9~XI8F?E$>E`>_2bo2;`O*^0|Wx-w2UvKZj%@$^|8~(FgrQ!7RS--
zjt?OPkJ71)rIsx;v;G!uZwXJTVID~P&}f?ytVxIpw`AW-Sgh}?@VUud%Q8A_>YwKH
zbS2wP*0ACJmLtx9lfnDku+Bd*14vcVHN#`s<NgcPGv3vdmC6x;5?^0VmGckIkL|Ya
zusf(&3Z?Q#BfqzZBEk!EC7yGC7)P4X-(9v%E*Rp;%e+pbE0eX3irA+Z#NVjWu8OQv
z@I||MnzGVTE@Ud^8xRS+r(4^keywF`5E?GLwYP2eOIX)K3q;R^cYpSq-JE^A;L}Tn
zq&3#zF8|HVN^uam)!O8gqbp#MM=DJ1tllMBeR(0KcBSZ<n?Z7oPOSF;J)UteebU1>
z!hsjHGj;E8ti1GA)~?FFHvh%Mty!^@dsge7s{Mmb%TY0t`%`q+p9GJpwALfT#%zd8
zh+=R@%mwrxqkrL2Mun9dhw!h>aHS8jo_AA!^D6kfL03LGZPZ5B0&)Pyd|Yz6-%%fH
zjg05RzUP~^$<AL_Prr_^FUC$ylF#<5zg*?6faww*KXhp{J`{I1#LwebA{V+t&p@m2
zZToGx&_5@P;!dE|@(3Dhfaa9S!A7a=);!Nm(CmcWC0t)#f`TUOqu`V>JG}X}Z5u+&
zj!+pR$2F<+1Mqhc<XGskGR^lms;u1EaSaU(Fd9#>xWGu~Fq8^ScO1z&?0{j2ERpsq
z4~l2CXJ>_i&;YTo9th2H>e|{`Zy9vQadC0+b@qj_ey-4of`UvXTEpvADjyL3&6$`O
z#GQ1Z`*lhF0~e$((^nOvc@Y)|o)FwcqicPov2FusO1|5m)(1L<qvPXOuKD`^I^1kU
zlMcY`_2rnYS(9yd7pVRiOgYLXUtUWvX)dRUF6{@AFp=kX)cgi4K1)nOe+x&aX(2Jt
z-I@-Th~zQU?E2{!I^c92qeKI8I`AFQnzOeVP!7!0n>8{eLH>x4z-{$hR{5#UTRtT$
z!PAim5UdKLz^D^+hr=+{&mjesJ{IiN^P&bOCaaR6x9+YEQF1A3?$J?lhQiW-u^N^H
zh*C2sy@rpU{f?Q+busA6>s85cwwS}gJ=}ZAmO+H=TKN_7Al#OSd{T^L(+djZZp{hu
zENAi?Z*cm-z<xovtw=&~e)egAN2Zo71*tn>JM8%JFY)r$z)t@#lQr%ImV;Q@e{Qa;
z-&VrxM!7|Aju(Pr<VsmA>x#qj<g(|GqW(~C;5lU<S`}UXqo5;yeTje5uIs>#z?^@D
z-Q6y(+~ksY9F_~DTTW)!3wz~dLAE?2=4UU;3h(%fkleVTMqE&ooUHtFYhJ##{Q<iL
zYOrTZ-Hk9>m|F0XnkApPRh~hYoIjtih9!{i>1Gz~X`{Uz&SW!hjgzenjo@6vnpEgC
zp*YRF`TK#2M67l+pADBQ=}jU!7j>n%1uP-dtyqTf9P+h6A(Hh#Bi0V@!?pF#mtxXC
zB)$=7&I!rwHp<L#PDOHZ-hf+sZY3(KzRrq=p?V9BftyMow$`T#tIly~%qo~VGjek^
z2d}~C1`0y(94OH9q>V7h@F^%<D`e70W@(vrK7iFe+%gv7qR<umG)N&n$V*o9X>JYt
z8AUQa)h5GZV^QMi3tw}3&wVnjym;Zl+voQ>63@y1*j?oPO01knI>giMuF934T0&iq
zTiWp37oj~2!37vP@&<~;rt{FAq4KLa8aeUn!>GayaeN}^HVLy^58rP3s-zYcCNl6v
z#iKsJu=#bN1$QJfljax6BI-cyu=wEz@u?!f$n8BPq98J~=diNsa4$NHXhI@`Yt%PG
zKvF<PCtEOFF`}0(P`X04^C~5A*%HLGQ4~t==!(9+K4{OJCYwTGQ9vQ+;nZQ*i(`RA
z{wkA$ptE@%*hY$|xbeYaLr@_r;3-yLPvP~U-|hxbhiOiGGOjn@aaM_82xp{;r_jC3
zn&O_uC^=OwO>HR0lz~l^!*<QdW=KP-)e9CdmgO_i)`vUMiV_s5F|<Jp+Ifnr6D$r!
z=KszQk;Y0#reqD#B=i_TxT}|cR-PEssk?QfRIaHi(vu2AS&(^;{M~iF2*9562Sb`!
zkg<Fj7W_cPVz!CNOdK@tFnXpk4eOwYhH=4UuyB12x`!#@e^s&={t97&-08pHC<%YS
zU%SjI`#4(Mglqq$qcxBOI*Ci{<y1GsPVE$I7)m+9jswCh%6)UAiiRr|cgIIZBd>e&
z#b>ivXX|IF1@|oSup{01?RdjJd<AVjK|a1P@sr*5AznRI%;}5wYH~sX=Sz3`^H;<v
zQ{u3e)<1vN$Pv3Ugk{I4kRCKOuu39IByP>^FyoTer4~S7pw`8O)|%!>9dl-H99=6X
zY_qVeW_?UFL}FlO_9nIy>wJr(l2ty|P-46t-c>ncEX&p?cmp3jH!l||khxgSh_1ND
zq|hZb1S^8}K_^{Ulqi6_T|<MQRgGC|U$`^XM7AeqyEwKUCvD?mA7N=3dJ>V&>4CtS
zOldUb+r3hz++JA7vPX`S|L7&&f+|bnRV?gtl+$<y`Wb&WV&=qe^4{q0?gqnZ;i~-J
zK!HbBp4%Tss&*THx1(<x72hsE&WK1VGHMU5ELZ=VGmhu%Z(sT=4P@p8T;iwyG)Y0M
zuF2ct6-I#epR(C~7PA9*h!}x0jAW^#pg;UKyY==h3ICKUP5=GQ`Eyf<mUnML!&rq%
zUh@`Z$|;^AjMQ)zXKsb$6|^>zSX)gkq#adUqf8Y}#$Q~b*mXr-DcEOtl^Vl^oE=t#
z%^=)Gc&-*Fb`GTDODTNI?Uuy#zs5cm{Rn;j92!|Vw62=Wg%z|Dv}yRn9cMDJlE1Bh
zy}OW_04?HAO|j_5kJBE%gSf5L_3BNN`?L}}(J*D>+ms$wGOEc2rB+g<c=YlxH$w9o
z>%qZ6-WLGE!#r7VT;{BqPgk^nGH|^F(tn2f8IwfJ6AKPUw3=#EyyvUhqw2?K#`LFa
zmjbZW+fCR5JwaQ?Z`c2?@=g<tTg{Q84h<dM$O~%|lg#4ckkN}B&kn}rAT^0zy7Qfv
zehu-2$Bz5~g?AUlqg_rAm347;4%%*RF95V1n7>Mc;ICigtnS~a7&Ilj|MS28y;oMh
z>t%d1uYW)K_mnX9*ya#mO-um7u^2Qzmv9Z98|E=AvFlM_uu*SVn>-S~7RHWtolUC_
ze9KE^!7i%#oJthFs`QEfcb8yZ<&t}c0;`ewROYYI5HfrMIX&8`)rB^!fp+<J5*}e;
zaz7ZviK~iUS7>sl@Xa0hX6D+?P`O|e6_6_7my2^_s}8H(K~04PJylQ3Lu5{1AwL?r
zBCj@_Wa4O%+^H;|SQHC$&eA5U>Z7hbicog0L<<qN^c*!9=2Y`%c~xHAdW(}f%t`e0
znv2R*X5X|B71D5hvO;6+N1PI(lrWmahZULN#KFSHjZ_aqwC!BRp+akuRt4+fq`p}y
zGm*uKO5sA=>t9^vxjlJH{bpYiJW(B$K!;oXU+Vt)v|Pe^D*9CR9{*E;-!kmVe?WBX
zec*N@$QIf|_b>mJd0!Iy-ks>wi$x4|3tJf3F^ukU+mgwDz3u;b&Hryv0I3Y~BaEOQ
zgakYXcwqkj5p#w3`HuqNHoi*)Lk7{kO^mVtUbDyV6-tVLuvIMMMPd~YC!{vgu3mVs
zn$dhPNDY=%J4Va=h)iPaFjZelw2&!lo!IB-+e#V<ycBy_M9gNEmi%pQ?Um7CK?@vQ
zMEom;Qxpq_M%UmOEV^pQ%blxrf9h7t-Ka#K_o}SWZL-jwJ7u6<CG1YlP|Nle^UUi*
zoImAN7+=k0t0~o86n8K}Bu#Is-BD|M?$S;=F^wSFP`@})z)e?5gHunUS|CoeXT7I+
zt$>&Pwg96N#WmN2+dratN(tII$K1!wo<bmMZV`WWUjMg-Cw;j6@Xgz9#+Q99S7T`f
z%-;FDR=~)yy1Le{+6YXzN2dlCb4IQ&eExs_sxd+EFYo+sUp4$9^rjt@gugKZaqy!k
z7OkB)9QFJV_av*Fp~9lJ{eA?CmjgNp7!^mkTFIxHl<dl6rDlgZvMWl+?5HH?ud0Gk
zNYT!6jyUH)EBZG>HR@EYnu1m7!Y)*rC`F^mTYckcTb_}LG3ep6a%UyBS9ECkK3i`!
zopdd?BMZMg4J#TP^s;J%Mz{p8gp>dkprfP-JG@K%<ZRz&b*>sGuso&bGoW&KdjW?-
zG3o7P!DUXDdx+bYRqzRhI||s7odg;+(-i!TxSARJcstSYRK`nAgyBO(x_(yg>{R?H
zhqFKUyQOiyW6zEPt*4JIg;@W|>@rJO_ax=S3+mlIQpvF-LyLPljd03fVVg&^nj#&{
zb1I_N{~`hYU*6^a|1Y@zWa^m$E9>-q4wvxT{8x0)7jI=4ZVCPN36Wyw(WoCPvA|hL
zEWKEF3*c;ITo>0LzM>#A;-WILYC^IOrsGp&@ZhI=$VsD=>t4n4IE1Z<=JQ6<E|n7s
z?`K@4eOumn&74rp3R``}>EUnYrR-pZ=DeOccgpp2tPO<P=ZVzQ*$b2}=$PA8v?A8g
zx6k#fF|}ETV`*ARFRUov_&pT%s-#PkR(n}+tO74J<wJ%?he}2Hr2-j>-8V()2+^RA
z!tc1UHTbD6gK5nmr!LpDyNVUkwjOucu0#KAw%*?^ryyK>@G{SW-R^1OIkTe$%oqG6
zpc^zwtqx0wy0n{1%n4o2i!Lm`Ir~4}<NvOOEMVph($2R3Iv`BL^Y0D*kH|Cp_*f2C
zr{UkrjY%C}<<(43x;#5oY^AZIEXlX95|;e%&z0TZSRZ>K5C+O0n0MVPD^e~@;g{Gj
z`u5!cBl;Ul#TO#H#R`gQvHCI)5;Ihx6OJ3gc*iD$kM=yUvn?Pi{i{vl(l}s+$D1kt
z5Z7k_ePi^~9{Mv$<mR~CSJ3h0eO)AXlg%N*<JpaZf?zy~bxrPACy<355mlpdNFB4V
zP&1E!C9n6HEcaPCXX$7wdb~pX0c-YS__XkiaS|U@^KP3=`ExL#N^XH^0M;AP)r}l_
z$Dx+wMTT6-CM=_9hT<K0fJ$g#l+8uxDqiC&Rmf{^w=|<M-65vM5V^lIx0$@8Av$q4
zlZ79L<F+rEL*J@Vn9*^@3+Wh(DRYF2C|%!^EleMH{~s1cR#l%mY!{p=IOrIfZRf38
zP=g1r6>Z@;0Wc9pw2fWkPp<xMb<8C8<1H57S%vbe)s?m@*PPoiD%&+vrE*GBD=#8K
zm6gL6PpG)hy>S=bA7tv{X&z|&E40OA*qnnunvr`N-UvQ!!34lSgB1|$!{EB9$s+5E
ze!2{`Y8ZAX$7vrmX)OLoVL%Q$p3<wjIiFaET$oAt8|5pBTXF^d=O=I8Dz^<NSAT&k
zchxE-I(4w`uhIJ&MI-~ZTS0Da>+QjKw}HyR7j1EO)p&J-mDa1UxJx-iGn=bAP5oyL
zf{&%_B-#G!<40CRiR0am$<SflrA~Tze0==5_}&))bS<{rAV^WcPpY?UkJb65jr6;L
z9HR{DPiwEA>Q}E|dCBr%N`l>9k{b8Eeic$fv6ObqCO3m8`w!KkZ8<_}Z?>PR<1bCe
zSxwn2_POXo!=1$r*vj7p(vnRpxGLb0XbN9{CM_i74kz673RnqO^nulr<?kI_9bLGc
zXBNWN4vt}?aj-TrCpEq}k45)%8()-VEegvyQDdCwZelbDQ2uRZE)YDYn4rgY5ltQp
zX<HR209$Ci%PB@AuWVlQ<K;Ee7V9eZRDg;ny7j|(%xL;g-uCeyKIog51XzTQaxOi2
zq;PsT4OlYF#J759tlJ)CEoc7dhR%|O=X=8ov7EO}^I}QNruf*golnI+H<<1cBgfUW
z5}0;#)+?`BaUo^q5&!)vKjdAwmEqS3D+&OG0v*b+BMul)u!@WwgInJ>O%-SnH1OUK
zyEP->W&u_{tMJhude~uU_Q|^6V6V!GH9<NB^r2cXaD}&^A{QPXMv5!)n&f*^24=#+
zGzyRi%w;xkmX=qk7iYfYXL97q<2-$&P07RcVdf=w=s9f0!r=AK9asVgn-}|CG-}0P
z$pl*<P%yFOY;)7IYp6+QXYURR8NtnSDX==Zw^dgIcv>$2s(G(|V3i4wj;t+r1yzys
zE+b9&7TArn1!G-6MsVko#T}|qms?Us*p+5$*q46R2;No80F*BVu`ZM|+9i{L4$0ew
zAhU+F1-pmxo+-P8<^aX^k;KGA8K3oL<rbGz)ikZz>}El3(5Yi1a@ftFP>om$3&wJT
zR|HUW>gs@#ycca*fy#BmM7{;nENhcaA1XjWS%5T>RGvNQedTux3%`GX|0lcW9Zt)1
z7|W($6$h7$)I`|1O?AOq6~DwA8(OOT=PW_2G=2Rk;%}n-TmR-63wZ`u1Q_hS2Rv_D
zL(GG15*UgtRaSCkXrF31?ggo{`TTqQ3oi><@=Z6Fal9!GG<COq-?&xcXf}@Ej(c+Q
z?Ed(DO~_n=T2_EaY`3GciAdM}0hXC0d?tpWF14|c$1sw?J;~=>rus!MU(8c~i9c@e
zhFf|~W)HT@bb=PZ$BTCEC&I)zs4S;m7?9AW{$(DY6E*my6MU0Wmvb2ZM(e*Jcklx~
zL+~caHER2zWlGIUYX%^?ioLnvh}96mpcFGa+7M~M>Jn|CEkLd__m%X2eca7!-udvz
zx77<JZ5H3(`IH2z#li{-MXE3VOri`8)9wbI0R<wgS|)jo)+Il?V$PKZ->gU=yzrxl
zu#gZP8K6jDZIsq}n-?qN<gL<hAUB4C=RBZvJ9J%<sM#Lg?VAwDu=#gbOXs|A?QGHK
z#sgoqB312Dul#MTN4U+*%@?r}YXM3%94BlYn|h5{#o(?cE$WEn_!jv*w|&b~_a5J)
ztl;>BG`pS2$`c(Y(0PMcO$PnlHM@<?gvH%z;lnhE;L4hJ1do{~G`x3kUrSxrB4ISG
zY?@7CP%<zw>LU)%GU-KhCu;0yBlk@d{+7#sFMOz{idK1PsU0BD!5%JXHBAFHdpo|e
z!>hF`r0M+$H_(p?S|@B@C11p3I+uk0<o5c7{z2quo!(0shqPYT3Jwdu3+L(=6b)&_
z*?D<y!igV{WPpq9UiE1(M(j{N2}HMM#r~^hf=L_E!`E8?Lj;R=a3P6s)FJzwCCE0!
zCrO_HSL_rV!5{%sd@1bI{CwHqU%orUZx|i6+3hI@u_6Q@eZ_nxpYF$VKF@42wex7;
zA?1zpMqDL+6gBDPe8$?~Tt~FHg(HPM0-P`|<%`4NQ(r2I*r(miw;s-q63B^ASLoTN
z#dA=pG{b3>-ZltUGQ(n9SSU(eG+r~U++sFD1kv}#y{`%7gKHFJ$a?B*{Ps-Zc4X&-
zT8F!U-j=ptvmf4&V&LHhO#E-a|I4KblCekk=@CG8Dm4ZYBbM-5)dVCoY)niJ!F<7Q
zV*<Mki?4!KB?#UDj6njdTgNWRXuDX^k#g2<j73q9g#T3>yW-d*%H^bFW%btD<GCql
zaRbag!xC9JG8>uEq%x$;6U)i#1UaVi793W+S^D$(P4w@!SYYKHE#G3sZ6|WDrb%y3
zx!1`~BvVw!XDUJj+VRng@Hc}^wbPSdq>Z@}N}W7<8N#>@9eCkf2AKwLWl-Vll@$F3
zf<53di0FUMUbaEXDJ*=Is+D8*wm|f{nw7m!V+LoH|Gb*~Q<wc{*3?=Gqk6bdM!Hd=
zO2lWud=pUnHak9fXGa&Bd1Xip#76Vh_ML?}?h1CaO%dBIz0oNyioGC0gS`_pXLsm`
zV6spr;cU=c{DDU()JFB@k{W9rM;Jql(gWKhHiq2UBiT0lt0DXsJG!`fIXKQ$&150$
zk`}h3#~}Im#{rUywTdH5X+z7x@&iquG6TnJ@`-+Ky=m33sZHKbX=!O7|5XFaYR(Hk
zDHaL@5f&zV!98Kvsd3*qOF1ZTlb_R$Kio|pULVrzAKCOpA=9o_TWVoHB1#RD5%mMN
z3{@PamL!oz=rV-gRSv>)eGWS~5_+L1@hXuH?#gR<S5){F(pff1!iwqC@h7nyrex*1
zD2!cGNKk~-bsRxMnIUOc@Llxd4I)I!XwGxUtY}fX7*Z-RSK0%}IUFoe>>1hQ{7Ks}
zVYX2goBOWa1jpt4csda`Ef|lC&tJcnw8_;auauw?c5cLO2`pW5mryBhi>S;7+C{_=
zfAcd_Ryd1<cd1Wm6?`c?Jl-l^BPN7(e&0WeG*V0<z?KkYf+@!mfw1<+G%TM|6ti=x
zDS3W1&}S&Q5mCv=$T-D)f5}%ylUGIJ;9Z@eYNhXgY)q+&Lsp+}ZvuW&O;5j+NA7E;
z8F{^V&B8^k<YBF`ViJ*cJc-2<|1F23taTGlgp0t3L|_g0S7uFGPI4ay{-iba8Y5CI
z0=bkJcKmi&j_rtx<pT8I;`v`>ub?L3pPe{<ue{#wmMd60dhhXS+8_rr;o;hjk7Ze^
z7oK#;iL}eHkIo7uDq{eL^!EA$8VhUuXsUuZAx%M}Nj&{VO_gj=t^Q@BmRah>?KIt|
zL_HxY0{(S`6ndp)d$_pM1*SdqtB6eQ7yB*d6eO=M50tg0$gtCLvo%}nd{<egz594X
z!3^I>oq^*8yfT9f?CH638^HiMfW_4DC$_WWM<u5Xa1j!_u;b`kJO#xVAckiLC1)qY
zS3|tP0UK3qFw)NFbj~&XeHu@1vTpK{<crIJSa!K3B`Ky{IH|Z*Zl$m?zXev8RVHQV
z!kL*Fu+D`3COVFz+$f=iUSpxkj*ZpAurE)-iJK^pM&T#JH7Y_?jU7GP>#DdEqh2bs
zRADS>2s0I7W3yvIpE?}P1coU+R5AgT3GavN<iM^`FEJvK+mB&(|47Jnv6H)`g+lA2
zQhrc98+-_O&=?<FZyz5dE~&<$C8oTBMc5;F=Pb%MY+DHkW^{1KHVmRV<eL7fmG227
zUs8WY2M4K@?9Y?88X;F}*EF-JyMY6Uv(t$&AOh!so;#@(HZy(U0%YvrERVyC60s?9
zafUw|y3w+Kmeg)<r0n6mf_LZ3lh0rfe)-7<oTr_n#7E>rZupN3viA9mdTkRa(1Rzb
zbd#(x*m<eSy0q*UxNCqj52i9CF~p|LN)*=za97cHIbR`}b;BHR_&|6cFf2f=0337=
zz{F-B*p?ig{5-JdYfBAZuUx5Oe<vZ)6=3I1y*Sz^#ws*d`dlBTg~xZjl^^L~n->5R
z%6Io|)@gWB(^DcT#Ku}a)?>1v`WlzFcnvnvxZavR0b#lfIF_SFUA<QAigZp70yaq`
z9x56{^VH(CxSd~JxSxfPII4(wL5?rTW`;do>^R7IV3Upi^Py%Oe|i<~t#}C%H9ncc
zU0rXiQMEY|c4JU#qdU~L(%1w*$q77y>-Tosa;^t%)+nC304rnYCc{7{ikby*>em96
zOyMFQdh&@4{8Fjo+1X}A3d`A%H^%N{rqP{CSG_Fb7OG-LkDXsl_)1eBZsXt?`3I2H
z+WdC89$>`|D4>yw=dW?{taWKn^#^=6gw<EJDQgOr3eOER2ZSP;dn?@bB%<6@u*!e@
z*g#fj^x15^eNoGzkCpaOmBR{OPNNk`(T;huw{6eBDfaSIUsRAi>$wGRI9kORlc*)L
zDrl3*Q^p`pseZ7%P>B5gI`j|qZz|e2m0C@=A0$Hyz|;8q`gk!8_4e}f@Y2W9ya==O
z4pvT}RY{gYaVfWh4TcwsBAAV^yhNpH^2B<#{G3))dkcSeSUAI!3nqIZ;Eq5UW<<5J
z{1z~`bho=hPSI=M`5MUn0*xJ4z}Lh<C8gLl<fkK9K%fR$v-PUO%R3fN{V#477J}Z%
z+yqBqRc1U2U&JA`*9QzuBzV`85;+5`>LI(j0rZ%JPVl1_m<WN}3(X7sOIy%sq(j*e
z1Ump|asZ$Yu*O^pK3iQ9sv`%bL_pl#Fha#kfL|Oy`3Csv!7#M7I6vQ&*}OI(-qr0w
z#02b-zp~@QC0o#R&l3z>M&mOW7Bb#-<qpx>!3EYP0c;&zx{W|J@iNI4xD4IcJg*p1
zxV;$57Q*Mj>Uo+*ce}Zt(C3KyUaUj(+k`{FDci6;7HUy6DAJ+OOR!s28sn(q=$ME9
ze;N_C%z)EvJd0t@fk_39M*0UY$Y}++EpI(6)kMF>R_pfSP-jU~8N1+=HQZ@u*>c4p
z4@)cK=k2?XyF|MZJ}l#G<nIb2k@i4+V&DKA((}#gf@T#4(j!Z+{L*Nk@Iu;?gL@#<
z2XckO3BZ6>%Bp)d6F`yKNNAM0d^rS!Y9L4*Yb#BzTvAXtZ;TmE6HA^oAeytAS4ApA
z{v4G2*qFrF><NHh2cWg!tq%D$UGgvsc!nx}`h;XFWq%7ABZvYDdX9B;bgUmb5IG#;
z#b^q}Vt*6?*m$9sBXQqE=Sczwr>pf1u4bH;4ghRo0H$@0xR+Nt0X8PssGBcAbh$R6
zLj9MHaPz?`oBk`NdcVNu-fP-pa&LZ77ROt3_>M^Fy8M7DlpD8z-mgi+3~4`>0!9_*
z*%?H~V$U(p0fi`kq3u>qAqS0U+Lz94A$>`*Mld>q#lq`cQQQL7HPtYzAyRCoOB!{p
z(Ohsts=%-gCyl4luhQmy`B!nzs0zEi=LmP0$G_uim`105N@ozq?X4f{=dSq-Aob?!
zk8gVKzl{;}rzC2MupsfsyR$b)kG%JN*1W}^y(hO9XJBIsFaluCXadU<OqJ)912C$Q
zTjQk<K^Q-nZa8ABy$bY7>cu4NmF4tgO&=_hO6Wi^{(OKF&`4rZ_jALN=EO2LLynG&
zY)w^>q|2Y39ME8VZ|mS@Yh%OW$Jh%B1&YTXBjJ4M499U8U4ihDY|{EC!S)2F|0`s4
zOc2q{07|%d<fG?ng&*u9)%0VAc%?*Fl>fX+?7Gn*acgb|Ccggm@Sgx}2Q2-;W=%;K
zaI1jj!6@xnY9XhzBPuCHtL%(P#HoI~%rqpcwt<fqthkYMa_zq!gnYjb_@b{%PtE5D
ze~=w@!29*E`f*Hi(oBP8MpA?vVbv6i#5a4!hny`(ResnhN7wbJADY|<w|iKKr#aPZ
zugX+KoFWn>-sm$~ihN4n>RuCm{RxwzoydWup7-9(x8gtZzO9SaHsHt*I4V5!woISY
z!A-?ImxmR|?ji<Ky-Z=rEvj!q7@Gk+f$^+^bdYgXeIhi?plfX)Ic72vTTS>5&F{o0
z>98=jS9^PVaN)iKt$ItV$oN7&aCL@XzkY4|?2afMYs@@nihM-ei{vM_7o}qE!VMAA
zrF{)O`(1Lf%8T)16?pJ0qHGSj&PDg9yC2R@KVY1bz<_gU=Oax0&3&~@Qf>?=HpLK@
z^@)yK^JD^B;Inl66?|jCL`#;Fv;Tdss1K|^!1hVlIPm59fF2(JWm-6yET`K2sj8~7
z|E6%Xa0BDP20hA47z}9bb2Is3x4vONtO0Kq#Ay0D#Yd0O-`0?WfZV7DIq%@?TdblT
zXZjV~8SX!;8CNH;eyPbY+{IY&z_mc*+C;4(=g*gPJuVs{P@dG57xD?iG%F3i0?9)0
z&+(04$(`=qr~ZfS;6$324?8)vMDR|=kZ>0gEK0D{F=S#RlR#L79HzWV!XL7)OwBkT
zI<;HE_-Qc|4GEq_j0p1nGf6tmNqtK9ai{s5AXQETg^hxszbJ(<!hUt9NsK&)T|gi~
zoasP`MXQgE7D-;CC`BGK0>~Q7sTQE%U{!Vcg4tt0HzMYs1DF+<M=5%zIawr@z2{w@
z$fu2$?#nayxelR_jI7&S2Zzag7*H`q(q4UTC)+Khp8$<EfbM%}1>#(QCKF{4G5G?;
z6n0K_-S*0UI}4Q7I6k)ktPR8w3rPlE`S`t<7ByAP#{km8pw5cG*cM<gO1KJ3YRyo)
zP~S)yMC>4Q9=by(zaVp%iA*(A!cFfXWR$-nVn(oUw`zbl0{+t+7;m@7+0z<`{+TqZ
zf%T6jSn&`kDXDQ6rKAK*<ZW_(WtATnL@@~3b`}0s0p}Z$eakR!OHQYYp+|3Sz7qo)
zr)8xew^RvWGK|v}<87{g6il$fVyx;b;gC9qxN&B$Ly3cR3MFlotveizt-A3>AKt`%
zcz&Z<%Bb)q7TRSO67s{5*<<Ahzkxn`$`%I4aPgn;dIUq=ovWT`7P6ob#71W55@O(R
zr$yycQ$}<oL`d9po`c1G&*7_N-Pm0|tU{Ye91(fatYa?`OZU!Ao_76vDV)Z9EpF_<
zd;MVhXFn%Pz&t(jy2HW*r7nZIcXPbRdU43FO&Gu)00c;n@t$UgRtL~a+J^x4b`O9@
zFiI5yMiyS<?+Z6lfJ>A7ihd2_O9tk4CAH|fSnh#rz+Ww5Y?fWXUwHi^c+90z$DAE`
zobj9?;!_vyo_#$#RjgFuiq|~ZGVktlOE>?uIRi{3ckn{K^!^U+AB!8hOb$JWptUUX
zRa<$$2p)k?Vg=*^QcoKj8`xv1S-maq)-}sBI&1<YAB(ue0Af(>_tMvp*lUCtfG&Oy
z)>AZ-B!=`AiIhJfe!NfYV)_a@eeGfQ#_$mQz&#+=1cVx)!~bxyeyQ;4%vzc;u`!i;
z+W62AgQP1^A9fAsvpK4Hi`K%@%zG?&F-ab%x=VG&ybCJ21i%yAvprd%2lQt8*224?
zyC=t9t2fmry<Rv1yo{miThMymP3R&e-E7c<k#&FDEyKH>8wt?_(w;JZE=2u{q>qUe
zCc2br^(gXr@c3d4KAZ$UU)wQ!Z?5&sGw4G_6s4!rl2`<zpxS|zZKSn;L@rAxxcy1L
z8$A_AwxhJQVRde?z_9<-bpIIg&j&~kN8K4^{++rJApjF+IdFp3s=X+Q|NF_o>l;>f
zxOM^dj`jyb>huQDb7=(k@z((w^9*cdTOJQ^g<Zr60C|FJYxkCd`{3)OH&&u(%PM-U
zR?`--O6Y@+Q_PUTz}n_I3l?MeQd0n5Z&uK}1o$n0nmUtG<3$@xeo=`wxai^>M2=jn
z5Dew{xu#(Akk}y)$b)lE&<sD>^o+Ax8eXGpzSivj2TUzT<cMwVF0kxa7YH&+PtO5d
z?@1sAKMT9%cRY~4`o^Ihlgu>vEH(?ALNmUCm=hmqyPqD5?Me3$^tFJ1QjO%YIelF0
zIlPkg#d8>P1wVZ%Ch9ra%)=iYny?p5O&l*PXJ7dE?9+_Cwl+#j%5?_)TQaX9FcBMR
zmqq!A4g`lRA|E{4C%&KV*hiejkgH<`0|Ea+qTAJHkGUAbFeL$cx{GEB3L#j_af5Rh
zd%m?IK_taIX+OV&TiwF-1&Pe^%XdaZrnkX-O|*68S!O3(0tUSE<?o7Ft?$*<6#x4D
z;cVPZi9v=IXqZ3X7hTX9RASSDi`eN9XUgH1C1yuDdiw5feI#yANl6cVW7`)tL?@fc
zhI`xZ!SMP~>7qU1XXp*U;I{ik=SpIk217#V>9*~fn-cRr(%<&Y{N84!!WEccDj)6V
z78Lx3_g<{*&D^pLfWc-^-5!dLBQ$rWgr|H7?A3I_cuLh2fxNmd3cxT@Z8O5#_Bcjq
z!+Mm#GJvrGqbkZ54XzXPWDGnUE`oQa7^+oBtp`4Gsg~rXG?(A<ydt7jH4i+qN1=b%
za{*T0Pp&8*a&l+N`z>ru;U5$Hquv3RaZ1k3?Q`R6#K_NLF^JFX`>@r}kqrT);10I_
zb$z293bCp<nA4$-GWkSH#EPkNQP8TQ3y`1XI<&`Ff2L!7oS;|5W73U)J=%>$QYH!X
z=x$@j`?pm(^n@@3M1Dt|T~udE7q~y%({tzd?1PXtAmd+o>F;fC+I_r|upq@SmwOI6
zC{ANH)=HH`NMRWHfQjk3vy<0no?cZ$Ga0`~)qw)xOm<J}vR+Yk_ED_j$ujKx){YWZ
zQS$5}N@q&m9}|%S+$_sbY2#@x0q`4kyh)7W)xZPJm4zK&pA}@k*CG!#B`Kbp5;C|t
z2eBaq^8J*@=6vsx)7uRaiFQN+2rSC<YQE&}9$a$IyH3~-b%EDlA!k$b#5VPyiRfoQ
zaL*i)xewgrAG>>!Fv$4}k`zXhW<YZDvMnVNqKECk9nc|gMgjiW=BDdhLtbt!nhV&G
zwbmU%_W_oA1n$jt(MOxpp8<1r<A*b_9#m9t3h?E@!u#b~bRi(TF}fjix0fX)LKgU>
z6dw|;`oF&W78Ld{d93gju&&cN%sB3wzB@1YKiGQfuq@Xld{nx-OS%z|Mv!i$QBaT)
zDG@0t>F&m$yQNe_K)R6>1O=o80g(?uKm^XbuD#YdzjMxY?LXGO1itTmpLu5Px#yl4
zx&-49*C*+IjHxjK)IV1zVbCtoV+JMcPehtFwzg+qCEKjJQkatJ(3G%itA*2%WyPT4
zYrYbZ7RNkQ=j7(*Hsct0*t`IP07lP514%`VoWf~!w@bGpoJyRULG18#G~k!$d!{rD
zx@ZJ#LEqYnM$je8i<Z~o>BR><J1h&VZXf(u$W<d@ltNY$x19anx^?Ro<v`e7;(1si
z97jF1KAKB%4%a{P22~Pf^KMC|bLVDCTfjWPVpHe0;exS4(R94?R@+M~8LX+aF00*r
zeRtC*@IUM~%sMM$^9(3HWF#Nk^@dEtU3Tmq-{AGnpdH>@8-ipj9vv3ZD>kvTb@iEq
zk*Hm4D!4Q95?MUD{0e;|xVUpW-x=PPGdu<YXdn}%)Xy$9fB_^Ej8C}UUXdHernjXO
zwu23c$$&3OwS0qvhmKXqBE+8?Rl&B#z(0L~E)AL=Iu(&Zy7Edh-pB`h))LBfnMkg_
zTU2db;dHx4D~awKu~3xlwrv;b2)b2kiFQeixgI>|<E<BO%EGULn-Frb=xI!08*wHi
z8S$vDp@hBjDcyGyul}+)Kd^ux7$M3n<B8s&uBH}Ygl3SvgRCihCb{P*(VoP9QNn3P
zbW}DJB@OlrOoygi=mq}EyJaU3Xfdu`SgNZ!J83&N-G1mAY~>3hobSlxC{RsavjDI$
z1<3#sLBXU~VJ>vtWKWo~n^ttV{G6P`_$vp)?X$*4sa{TTaVmC9>2E#q!=s~jzrb`A
zR@s!Yx^i4$*e@%$93yL1f6c{f(G`k^;M{WlSVwGKZn(;yEOtL$JLqH*IBz1(!$C+w
zAbT<V(rj}c9CVMs&e=+G&IQBxl7w=%)T2#GNg6?xy;iC>7boB*SdIqgoG!uijdhXE
z9GCqK{g@fg)jMcWOBZsXO{dn#A!HcGnp#MP@VncwH3f^Jq=T`LNjx*gv&|~v5t*Be
zkxxH-gM#%&4LDVZ!snGWttt0#>BQ#hA#pnxvN%iO{{yc37FU&7jLp0L6f{6u@E8jh
zfW)p}|8wE0*{=rvs~qvd&_9gOLoyy4EWhYZX+#=iCkU;e$M|x@s-4Gb6fgUrwMVp-
z>chGKT3gRmP@h`%CXebNM6uTwA8u@F+hL?E0V}vkw4D}O?=WgI11=B>K*gqhW!_Q@
z0@*vbh0{Ol@_n^;jj32+*br7KT!asE03l$*Hq*!j3Hz8Cn<Y`_IjLVB$Hs#Qb7BtZ
z`_JpEb~3i5t*~i!X0GSwpv#zr&E2oBAIv`ao^#zvX0|dsAWAx^mYCUhBOlpRJ!Ne1
z;A0itjf>ukXs*@JbMZ5(C&DO;sE7<>D*p{|TGsiHki0XggtW4w_T)R{Fw3z*gYvU(
zpHIK(26kdn9x`Thq*4B)e13AU)kpVpw~M4uFbr90+;cKyrX-!E02S$#F>*XQ0wW-;
zuTJ(~VBJMPDJ0P2WWSI0Kj^YwD(+7lsgp{^*GkaEZSC<X`v*(Wxg;3lN_R@(OM6P=
zR6-VCLZCJRi_QlfV$l?c?IcqyA6n|T;JbSg)XhkYSt?mFS@9tgN6>wQ7#Q$mOmu$2
z+d=?HFINP%FY)Q)owqoZp@q!-3kKb1!3I|ZKay!5f;UCd7i?t`Yh?`Q7qFOB>TndW
z&b-^uB@-1JwwyHUpi@W|f6TrSvc9|eXWLHRwAD}gc;YqE%zJ6hbN0aupX@}F$@gbA
z(9@R-yJV47&k#89Bx90P-YYFb%YpT*%c+_ufPr++@${B=JqNVzxT$W?&c2___S>0A
zmyic|ce&11N3xe!&emki#!_t+;iu!%N4_eIfY1Wr3V@FI4x;Wc7i9!;doh#Gi9n1P
zAWsdf#3t=u&IU@A$!o5I?S`Lrt!VAO?P$*MjaO>%^iJAUx1{vCRfA6GX)r%YJH!&i
z&V`buyt~#iF+nEyQcrHLpIyLC>sDKp*OA`f-M3hk(?DdAymu_QLXkt&hkvgJZRa!e
z{w_88fm<?BNvdl#c~-Ty08${N04wS2W;11Y?IS@@rZA?>rWdfR^%yaxD!#G8baZrx
z6ESUYa%c;(d-!xrL4i!Bq(zM*#x}_&tJ{iW23qqW5vDVGUk}*ZP~ei<A#72;rmcO|
z{p)od9pdNUf{|{a_iN0|!ixxZ?dd|B;Y28wpeW&Y<kC&b5XE>D$0YOQRtQyW@e!P3
z)EitP3d1l|-yemdfYaZ|4a${#nDggX5~KAI!299tJ)jhYS?${JZXbjF`mSetsd<IT
z#bCogo?uROchI<-Jh?!uQE%0St))K=v|yC&2EY*a9G|ar$A>o(a0vgV_Z05nr?2nB
zWK2u^LY(7@9zbp1SZ=bohpLYVA1|@?F??l_5PTP#n5b^_TZ2M?oHFXO^vsUL0wu*1
z9%-l{j`Kzg#<yRy5BnN9QYp3|?eJd;r-7U*f)FN%h{PN4Y5lX@@klWAWeqHz?;%S>
zwI|<!MV8xWI|V?N#L8Xg?c61mQS>tjL6libB!RSI_DNk!?E#H|^`RYx$Cg#$4BA1#
z2&^7PMaNME69tXO1#@`mSE1_!(o^|bU(qSmQ-VFh=PUAOccFo7#(32dVP7{E&b}|e
zPzh-9z{18J9$?sF5fx44dv+Bdd$=aFg#vkGVHIAe>_BksF7&$qKdEPCmPP9p6}iTu
z^#!mBFem2*98BC?%t^fstB&#GN*}Z{#Fms=q1~jYN3B5Bc_=FQMTlm!1Lb@yzG8Vq
z?;+W*IWAj=Ki5c}ws`pfZxQEn>jiMgHp<>m>8?FrWB&10c?u{Tc$~c<m2JP9bj?Ih
z+Qe{XB(X^@#(f%n6z91{V(8*u2JsiDIA|Bu(uZD(0h_0bF^VDDi%XHrUtZrgzIpS>
zpU-NSMLH5tXD2^iT7LSNx4zu2RC1>w0ZPNww_d94Sa_sfOgF9dJ$3xk-p=vV=c3FT
z>C2EV4z6Xd4e;G9hgS7nDDO0aleIzBhuDC8%jVro6^C}oFPA%)Y?y5*iXu~#<)H_+
zOT!ZC5z6OlxhqMA0&l@c7T~0TIE;BFlS0~;^zL2C^UTaxrl04hf#=Lmh(3~YjbM<-
z2C1s@CQgJAH9V3S1EhmRr*g@~1O`hXkm@)te7BFbldb!TO70@KZ-3Y%FMTP=&=DE$
zk{Wc}@#HFq#xtFpqIZ&nOy#L(U>dS88h8+lx&a$I9G7R1*$18<1}f{8_SfkWSnGtJ
zp9G#i^!2?GpAz~_^TXksyRNl$L4^}74C?p|HMf2vgr3^qeW(1!WpQzdkTib050*d>
zU#c=cE*8YW`zmBdRT-jw-A1ey)<!3ghP54k&4fMP>T-#3!~|bqY53a~@!tBkz)dc7
zH40xBQ#qs{Cr?5<CL_no_1n`tR=@ar2IyHFX1}Da8%@}jJb2%d|5@(kMaSq#r4&bM
zO?*G0f$ygaUZbR&=<4=Yotc+*x&lw2KiZ1i5(BB;H7_$fY*Cb>8G;EYa;R<!p?CW!
ze=@1naMMf#vOYs6(f6rJ8skr(#YM)8z`+Ne9!vv4Fbj=h&MD8B$6V4rG=t6ng+K%7
z6<lIjm--khRg@w5ka*2d_iA`DQ5W3Kj6mCC*2_k<)WG6ImI24s_n9@GHOvV(l97Rd
z4sv^_D{>|IMG_Q-&{`f%%t5q@p$g``&g;okkU%FIv12)T$)q+YM=4r(<7RINX8Z(`
za}Nx2$cu(*kLVS%`EQdDl_Rvn2c}<`N}jAg!L=mT!6HS6O_)rp<gBqFSZo)ooqqCj
zu4)i&YYOfQe6h>%i6Bq~j)3N_!U)LzM$tzlJIHNa2OjM~7PaizE*{*pn|w8x$O;Hc
z0Z&2gS8Oz8(B)lQ*Dn<N_DbDx(m?SAbjP~ywU1nSER$RJ2Kk+C*$htD3f+?_(4S!A
zJ5Cyg8E8=B+ZJ~6Fmu`9sv5jx@-9F;z%ohmqD<XARJ|jl;`?pqCv5_B*F%utrz?Ld
z)>k%GJ7-gleoII~^1rIbU$QDQ?*&s8^K~MW%cmcg6&23wa+7jV8_+xY__<$S$46oZ
zC_Y)^ZmcZ##I6<d`AUL@1DGgrIk}4wGY=3Nv2JSB*n2w>E~Is!ij4JlD~WlJ586Dp
zRSHxi!1Nwg8`mI>_T8*K*hEB+uMUH5E#dnSxY+c~3qIg0{y<gD7p9NP*7G8Se&F$t
z1*xXDHKiNhpZ!w#9>?w?3<x||U~mPp<lPRe#B0tKM~#(9(fjtR^w71#hd^|hl&y*?
zLjRG+O1$J3U}TodmRmjnA_s7;W(ORwyiTSBkqFmiiDf`~$G`=cf7t~&3XjB^ZopnD
zDDM@&EGb=V3eDzDkkH|s970o0tVKT`JwKM;d+WQu01PFf33=M~hx0DxPZ%I_hCr_m
zxo0Y-`%2GXnhygz!-JpRe~wViJ52<$^x}KSV7SvEp*DfsuG0HuxH-^l5&ZV*+&`6(
z1#K5LW88!Qt!U}yIyFT9=svekFX@aFLfsbKgx0cpXxnp^O!`8|)k#!qT7UEXQUDHa
zRfc45^mf!02#&~$H{)GuXM)jQ6hAMdu0W3U81lBi5H$Mo<1(Zq5XW{hl;6FtA!}x0
zpLGIujpV2hD3@-P>M)_g2a4%m+5lIzw|AocHS!CfTF!GP>{>}4atso7w0kM-^c`F(
z0nXE6O~B*(b_~<~WZJq9>M{*Z>kAzDPwb_j5kr(oUmtgR5!RuP-HUUG3&`mGoS$em
zUu@VfM8zLAV5+=wf^$oyUa`*D>`Pa;xQ+m^z>d~lrV5&0?abeO_G$PG=tD6>xCHA^
z{(Bk7kFm&WE6=|p*><cAMW5AQm}sUrZ%C-6ViR7E_ROAP+}dMv1O|X-*}Q8LW(s0d
zt$HS9W)6{K*WZ5ITfeG$1ZnXO(<>#id5)KJAyZq%D>&GXxb6^^yc57d<7P5G0<wVw
z35RFXZD;A?Y{$!0K?YyMlMm1fo+p)qFqGh1e#>*tQyYwX7R^us%#e66=xJ+E&P2!B
z<DK&05TwaKhh`fUQ9sgr`KeA^Ir<iF&Kb<eyURBpcz${=|M($Y@l@T52QNpTY~!NB
z6qIlUJLW@_lNNV&bdoM~WG`m)iZ{;6NMPWRGh&aRVNVdQ7E6vPkgx={{=9QK7kg!N
zb}M+^1Y@8jph~~e24<zye-&uTgzE<l>iA1ho6!84!l5Z*H*y{8PYxj+H2vPxJ`Yi!
zh1>BJL`xQ}et=c)c?#WW@;LkBlVD`DtOw)XF7%y3<RRy}-anDw4CcH{HW4d_VIOiB
z@$%@CU9Od@o8DtkVgLy4GF<H%tG?3=cW$xl^Z-0C_~+-iH(5uh`>yObfE`YhXjjUI
z7T;1w*PXwbd^{|<04xf24brJ?fAFU5l&EeGD_B<p+DVhLc=QXPrjVp;N~y2}Lm-w8
zmODjkC_yeLNn0{!*y{Pa+2gkqFycF@x^f+%9PeO);dbb2D3EGkg>hed5;q7OkdjF2
zV|Wi_;f2xVbfAQ8=y7fFI~EZQiH+kTq-OGd=Z#|PJ%>bS_x^D|%Eo-}>oC9ZtT17h
zu(|8eV5CZQ+8k|bqN`_@s)e69nTCZ*j^FDyKy(^YMFx*0`}vVqkX>DV={(m+W}#ZK
zEW(RV1<K7HhYlKp3(?pA<N^~0^@iUtQ^V+ETNm$bu1G;z0f$o^irp9+S-L+CO<c_D
zm^dq717*ROSY4B=2XG89{zo<8tc~g3UXchf_PhSqT|)*!QdCG~=ol(jmZpr{Vay=b
z{%R70-~SZT+#&odC5S*0639RApyCg+&}{($HY&iYaURQ4gzC;Xnu8;!@;C<vC0*}U
z)UT>vWLsvEW{Jm_RH2qkmvB`kd?R!$$iMGa2X*Gv#}eZoM&-}13&6ykcWkOLq(=3U
zFpnVdyk<e!qxRDQ$*j}6ax`e04xfS2w&9>BdkJSFOTlw#cdlZfwm8jA-nwxX^Jto=
z6e--!mjW{jQ;4|K0-P-5S@C$a_Ty~my}%W?f6c4V$){!b_^SpL85Tb5Xg7>u%Fw_1
zvoz7$#)ji@%)I2?UPANoa*|5=6g|@%g@hus=R#W%Lnql?-0SJhOA|JYUB-AVWsv9V
zW=SP0$N!`}D9YzsnOm%a2}WrvqsKQWFK0U@yn`9H@hd?2yoTb&ayLs%At|eVaND~<
zGFf25VRR8SpHY-SN$%a`1R&n}T(4(?Px6BVKkFrsjVae#c!<YfzzAsX=$3$R`u_37
zEKpCp%j_sndbv3cCHIsoJqHpNm{rDUqWjl60gQ~l1uO$Wq+|)s))md6pR`ON5sJoZ
zVnTX(?ND@cH5hoxjw^68OZo+NLO}10lIzdm*VrSwvMHEJ5(hV<R6hZr;n*@Dq?KY$
zfsWxlG|T?Dr&z+)-BAEO3oqh}79b<i!o$Dui$Dt1D(Ri;*cx!^+iL&}a>RS}YN){Y
zxy`k~sC6yazM)zQqS#XUGq&EMw1D!ly1VLPMeO%Pl7Io%C%W4S`6#NVPMTiHBQU~>
zHUd@A`9_Mv&1iLC5xe^n5sgKlmp&&G<0e*(<_?<f<Vxt!y2%@z;M?Q5Zk$2*q${!S
zUG}l2`{>^&9;4H!;$aqC*y(Qm(aKNL`7N|i0B^BLIfFb%C}B1fvwYK|@c!pLju+M6
zbP8x+Z_$@w@FZdmB>RcLoQ~+yVE1t6BRB77K<Qjn6i;}5^3;fa@LRzH4WnUUbD3AA
zCQGuPh|f_GvGJlnkT0{Ja>eAajshyI^WuS_GAyHDlA!lwBFQa_tX0bAJTWSW;_Vl@
z{fdXx07Ne^4p#X{;ZIMAaz?{CfWuj!z{(9cLvWX|3h=%=FH@q^onpgE-FL7Dtr@|Z
zu-Qb|3OyJ?Vi%ur^&GU@0SN$;U@h#3yKGc0OH_TgSRui_cDwd77C-Y0@6NBF{k03*
z;tlB|Xp8qNiBy$NutJKH9VE?0@xS18xkuKJGd|7A|Gg6aK2_$k_a=S>>juu};<q}=
zK6kz4TloBscC8r8Ar}>Hel?Z&wjvh1iECr7v^#biHyc|>^;%sy>nLCd^S5r{hR-tG
z@;4~cg_#@_l<%}Bs|64y#@~!Xe`659J=Jf=;(?TmH&+IVwbCoVrA*))fOSVo`tj^a
z{_shc<FHpn@7KR4Yb!P`|JY!VCoNIDOc(uFgfbgj7X@#zjv>^#WuFtrSXqswK<}9t
z298>M!(jd%q=dB>uCUPcWe)~1PKdDZZ-O<C+)`o5HhAu+!<?sHrAR!uE3SkiGS19u
z@a3;7y>%25uCj2;N5pSrc{_rDBR*jM#?vecxlg~lw+sa(pC-cIn)Ww2*BQyzM8hoc
z_QrVDZoF{8Fe>U8)YnI+m2v2t#Ka?q8ED1}{uwOl3tnq_M9k5Q(==LF!d=TX^MtP&
zs59aDxK>1mDVU29qFvS0V=lthQ+E(h#%d{no^xklE&*zFuS+>pM9^3C8j33y3`U?n
zcT{{WR~^Cj`9t(n>0*M=oVO?S<J9cVk`HYe>@lL+rD&#9cIMoK#bK%(3MWPruyG1B
zmOC&`1>_3J0nsmBbzsS)T}o6~7LW1VnbYLTPKmxrBWRY#o=tA!#+9V`N;NOc*<KY>
zkx|iG$x@XmB4Up))$w1mi8b3Y^L`tACl8Y$_&dh-EyumV9ZU8t#tY)p0s8c5Tpyep
zbEujU7;F?ROVBbSx+}kT@&8&P>WY*V#yPF;Ptyb4%p;fx!+zQ~<u;OotNVg`o$fo!
z+Nt-jU!%e230~$)63?!~b+)3dVfx*4JkFhxD6nv|)eGVo)sa->1#P8es*@z+#XkOD
ziqmnO#aQ29unV_#hSB+bR!<hg^ZjrO%H20VR<O(Z4L8UzuaE>AZ!2eXUmOm}ZI>ck
zNepes|0ppEZte`KnJ_@gK<=@YYKx<VeW<-@a=Cx$b@_^~>XP>${T$4c{4o)E9-5gk
z7S8fvN&II%S3rwxgcat}0|sXEI+6zu_>%O*CAc!ZKoA7;aoT)-+V08`Y2dqd9Z+hZ
z>ted~&k#*hgnn0W&?fZ6TszU%mWN+^NSmKWbIQnq4R`(&Moqqfd2j$rfkTym;S`D?
zm@o#T%^Ov~_juVlzVv1lp7Vi#XHo-vv|P(_yGo^D11Yn#(DYv;<!>3yB=KiEo<Kcc
zxqCSAu+d!1W0=S6b`rvZz{uDUoB%>*!`(^UB-FR{8@(M`lWAn==;r9bnz(3ubiK^j
zPhOqfd9Gb*Jnuq=%@_HO^o|e@*>y`@@5osSMgAPnIGh3T<+1RB5x@o0+{dqCE;4C}
z2at=xT#}!lagmYARoQ(ri=s3&)#f05x=7;P)iYzxV=k%4blGIrJcmx#m&Y0BteqOq
zuNkuJuMm_WCV^Ym1v7wRf8~wJk_Fo7AGqGj=Co+>1*k8%ABl4)k=I*uWQFwz-@F>J
zg_fHe?qAh&CFaEMEQ4=<%DwX()qT7h<6p+pE14}uZMp4BbcS<j%Baf{y;EtC>SQ;@
zg4SFz0;R4fuhWxXR2pz?{Is4m(`YCMv-orAwzcBO3TpE>$>nzj%=`qImu4kR&8M!2
zP2&B{KEz}t2v_JV`5g|w<>qPpjEjkxc*wgcgq!@WHExnHfJzrNZ$yzZ(E+wjTLZR$
z5?zV@>H1^o{2NBr9xSq0k79-rKOC>Opjo3{n;5a*U2m<=vC96(sF=I))9)jVw~>$N
z5{{F{{IWiblR#fAYmv+#STpnYUw$o7o#>Gf+tiY1-hOl2<bq6NhHKDoUr$+Ac%Tj@
zZCPen?^;Mwlu}^jOuZ(?+Qm^X)RxI&xqK0)$FwbNZ)L>n8OKa1)GWpx^13+(oec6b
ztyFo(6e??bvk4zXY?aqB2*L|SUgDS?#^FwH*Et3c_92F)&v8gjBTdAWgB7Yi`kLn?
z$TxCAE@L1rVrq=yT0Un34;yLa@O-4SEQux@_m**a4j6a4!I-eZSwANh9f+Di<!stN
zRicWV(c+85uHw%m?;bhQvUrm2950M>vWgM4Ja#=^?*~dtQ@gBqaGzHGxlaw`rs?>f
zGdaA~R8?KIU^cN{pq0YxrQdP24AsWWPW0sezMc-dPy_!<X`ySNAL~0Fanm<FJ!cPM
zuF9Gzj2MM2bdko4_mSIT-36EANO{r!i(h~Ga-op!<q<eBnw;Bkk@WNi%R>D%p7t*3
z-<CAvI4gWbTh_|_&nwxDAzC3pn@zf^p@hQa_k*rOkcu|Ct;O7Ijx`LC+;dmVC&f!p
zIb?QG{c(BrUIZ$p<ChmhYIZZ=MUbPaN>Z)5Yn7#`xM-s&Wo~P8NFV(V0P1>m^^9F0
z7)&ExJ3__y!)rmlNCp3;i47JKAwE8>b6fQH;aay8Qm7wuu>O)2l99zn4&jK^d?$5C
z5-}KKv>&2hLlXsx8}A41F$nf1JX9vbWBG|vx~S^0kiQ#~OQ)L!rzU(xT3bZrWiPrn
z2cZPKjC4knT$CXK`swI=fK))5wcff%zA_Is&ZFmHdJJpv*x2kfO0!}(qJnl7+L#5H
zTR!V1On(uMV`=%m1Wvrec5=t|<mX@m=P4p?JO7h=E(%P!)}sg)=ZzJ6NwXUK47~QJ
z`jW9q=6_ErKTsHL-YPgC=NdDu*MMrdo2+Y{+VI`cpY>gZyBTnSnQtZ$FRsypf%V=G
zm$M7lcUZZ95;N!GGk*lnf};_O(w^p58>=LEfyzl=QNIlr=%3eSvLgO-iHZTN?z?&e
zD_&<il!7C}!(p`iU0DAFO!1u-ZxkS4<0_LnfVIF;Ukb#P=Eq1nrY)mR0qzX&)y7kc
z0M>ZY2@e&e6jg;5?uDVfd;@vM`?PApUm8$w2`%NZxur-Ur+9&}w4NIXg_!f<@eaxC
z56aBy^W5D>dU8EphH#}wmpr=;J_l(kcdA5m-?v5XOD{j6+%1ixZo@&GQ}I)}>h*9*
zS@3FBw63_Oi4+5;?vIU(Cc*K*Ap6>{Sjt(9VBK)K&tQ-ej0F8Tn9eUHn#Iu6;hnJH
z8oeBC(!AuG-Cm>{HvJxP{Bg##e)UNkhR%{^Uv~Yxdm^m5S+lM&sxQ9738>$L<YK(d
z=ZG!Z7Zdr!8sX_03%fVI>T2zEKCR5Ink#_qYUswl%%v`hi^5+cT%qbcaXP7G5L_Y}
zMecj=wGh!k&jKr2UCi}}xy<z_VzwN3!VI$S!{MEO9T(w>c=t)xNxOdGq;q4-5}YJa
zSCn#yvTOruDTT{*)xIhr^6$P7?vRha!n13m(fmPKXT%-N!MC?@$=7i^f<GZju16V;
z5MEXUihkLD#D9k9>2Ab2;u+bAmsINK?Pz;b$yd6DHJ8sA-r1?A_<SaM`WG4WUgKIk
z2v?|1n|JZ)Ld+n7Y~4jL_>jDP_K6VTNEbL9h#8$5X_j4X&W+RSQ8s%j0lP#`4`m{C
z6Xsp$kdL&I<sAQF!LzEhRQ-v_SOaku%Zxgu8x~ja8MVi~?)(aDWQai7AKAFuyO?c^
zdGA=b;H?havXL|k#C$gN_Y;u7)ajl3fZ4N)^S^f>m7t{NW7DeF;{5kq;0I<8SV!t0
zu+hE6l(ooY5R^Pxx5q+UlW?3}$0;7(=^yl*QJ^_AF{>?<NXr<|;r5vEHZO@FN7Lm^
z=@#tWDj{j6vj_#z{TBCi;x895kl%)X<6X>J)L43g*^++F=`v4={3f8CGZH3<k$>Nm
zn#L+Rs{5YrRp-VFkHB3<MwW{4Ed2fLm3vFFselYY0S?3U*w~a3VwlBID^!Rb{PXSl
z*lD8H@4I(}KM4`@g}Ie(%0b`%zB*c==u1#ogZWONb%Y$B@JzFMW41&OacI`ezb{|@
zKfe6m12;b+GKO(1S+b3gg@djuhLSf0Y5^So{ym$4l%;qMt+X=Bju1##PeJbt`An=K
zWur5Guq+({oc{Zxvj2M{jdA9ifoJQ$hQrV%2VnYu&Z+!sPgX4)P@Y5-=UVA};=nSn
zv7rlLC33n<Q_}m01i+VcE8dP6`sY39_hT*7t^DJnxdqRNX%@f0QVHfdeSLio%8M5R
zrvCXcPS>@;bbxsaplE^K11Uc6pecRi$oJDag(v^-@1fxD9e<v4(Of|?Lh$O+|9i-6
zkWTHkK#mIsnbvC@-TDAuHBS{6zKv(sJ;Z55puFL@{2n+rl2Rf506Ap#5!4(Rv$<;(
zo|$gALILtAamJC0><M=xF|-^Kc%O3RI$lXD7***KK4aX#^rjro8SJX$;cKQ?`Q&Q-
z{ojY={oh}S{&l3ps*ikLFF!#arCl1X5B@g~5yF+xI4{N);YloA;)3aw2!6{aq{t;g
zzLjgjdIEUkzrY2#JShB52a3k=z3Nv|*^t&BmgO!jJJ9y#VrCNtNa0ISgy`aVw;rnc
zvMo3_{xwtK9PCjh@TY$fg>;B4@}=U8@w2Z9&KWK`mL^%zCI*MH9nD3BGE|rL{_mHL
zJ}kXuhxmv%dMimYxN44#q>0LSX<y@@X$`F=&5fG3e=?g!7oMBL1wBj!rzcifFiFPG
zJoI1tmFGLMVNK=_Z?^sW`)rM*qw`kt0R15@z&zZ9n3yK!pqV5w-3c$i2_M>fNi@B^
zj}RRW*!0G}_l{0%5h~8LYwdJoDfKS$H;~t%tJ(g6Ao%Z#aP0inov#wI4%i)+3yMyM
z2m_8^yU1F!4!)x_Seb<bj(iS25rVMPWf$Xp!`!y>v*wXhJ9R-)-Tw@FKxIKEyc2nF
zZ}BBPbn>ur%xah*h>Xq!Eld=j)u}S24SfWPTah~`7lMYnidl=dJ`V0h0&}8`gHOo>
z-H>+u^Qz57#@`s`d*6~YV?DohW4tN{<bOAofi{pGr?BQ>SwkDXLvIw%{hW}<jQ4b}
zLQI8(SD{v}=mv8gB`<}Mp#vW#4PKxQVVS~@%dfDeg(ENpNV6!|nP@+OD0CKPFXSa0
zl4Cw+jkKh#!To%8`<>JCg@BU>P@{(K<|P};$S(jYQiIoCEEp7_9|OD80_-fb`SNlu
zq_YKso&m6(zVGSpM;wN}aKHQe`(de7Ez_jda|LBqX<f`0NeW7CNqLN?f>dR<JtWcg
z9ck5^EQe~NXZG^uRYKz10Ac~LRR8H9d<rMw)#3r2ypQ8Z>W5I#zW?3;J=(M&rdzSg
zbQCvg26Fe<fN#VLX_iwIr%>l?e6h5&WFD^&b&ZMK*C2QhpJrg3Nqd)x)PbtJeu$>U
zz(V(Pg>)GemG?4RWqr&>f<cagKNX%<=vrz?h*~#K$ZPUo;`74-qA~^X3}H6C@?KS5
z2lCZQ5ph%)uc~H}wPQho2F@Xm{^d!o)P|1v9zBuXN~;zXAc0;7-Fn}&#71Z{-{dz|
z@JNP})-fe;eS~SV*1sR`mbPg$rtTH;A~ZZD@w<r@lu2rogSa&nU~j}SQCHU_DDi$7
zLkQa|*SyVx!?DB*?BeH<|NO=T?$IOGBrx@o*(XxXOG;^HbT?hATmtTRdrJ)_MMXvF
zCFIo$dYKJd8YhXppe5)mSG&@fcKuL`%wEby3#U!axn-{?{ic5ov2^qP(P9TijQ0&~
z*4Y$=3<}&L&d7*7!G1-`;-hy)E)RmQR8-v@<jAkan-BeY&b}#V!W@Niq!l82;rE@3
z`grAG<BTsySqbwZesv*3^+pBB8>*9Vv6DN`H>3Q%<K`FGVM_N?rj&>2F?9*&pnE2r
z#Gv6dwEY{E|J*{JM31yTRhT64lHfV<(-tWuLqFLjuEjKwRf{GMP5ljsl~cT%nq8I)
zqu-R1hq!~wlH@lqIlNU9iu5bk9^tG~kn?MEr3X7YDiO1oJz#372%!(TQV?~0Ep^4b
z{CauQP4TIxe&lF$<0@)uV35fy9}X%b294TmlwOgeWno?q_Q7%pGmQ7knRInii8Jo<
zj;^inaeP}}^r-6*YFYK8u(Wd~W{syOex@;1|0EM);OU_}o@fV;CP|I!7Zo!@3L{GM
zE|rPhcDB4POO_JE)1)k?G1|V9_~k6G6~S<ECha$^ao%PZ@1LF=T6`p$HvE73ml^^z
zBqgNs>RBVAxeCM?r+@$m`)<PLAYE2aBLKJ1;JTuAqw&$!6LP8G3BALc8__srj9P2=
z_tGMY%1a_zQb_ikZ+zl(i3<K5+;r{^cWw=odMSDA<V}__zX~ykUsaBNSX#w!a5JJ4
zAJZG*tI;yl${^F%x)*IgR<o(04Mh<(x#tz-@~o6EI+O=&90iC)?vxwt;a^nZ+M`-J
z;Xm49=p70Xf1esYn0mE<p&F9=`(8ZEa|KiN#u=xoX_b|Zd-G@o24mQ)`P@n#iB;bP
zc+g|aXzKbX$Y#c!Bw0Eti-L_uh2u&?v{yZOYB*+E{xfJh*2QT+c$7Qztjrfp&Azyh
z9RRUesgcYEg-PJ8-V#vq=#}Z^!=&IR{KmwAiTL2?)}pO3BZH~OQFgnh#Dl3f$#~M@
zmlz8~#hJ{VFHn`sp}s>C04NMqmAZ_o7zE;t?=`(r77zWdOssX~DxJVoOTEIh4Z4G-
z%dr-W0QZL7b@0Nc`3s59!nG?jL&yh>5>xQ{yMvB?Hx(6X9Cy|TcYBM+J&n34K#<NI
zE8R=<)O0;0o}_vYioTO(*D?lM+~Rh9*9NJqHPc~z!WjrdI20lYslr5Z>B}P-ucSEZ
z<l50V(_+^Sy&6xmU73Bzi=;vkR{z|BB>v(dGT8>e*N8kBxT+?o@O#I2_(I_odQ>=c
zb6S8+^Y%B2iiuHDo@77sTRcIlJ_*h(L!U_7t6+H&0q>;e(Q10eB+iW$O>rtLqo@YL
zZ(woj{mF$u6(2n}(o0qdX?kMAF-P#{SE@~lZaK?~)`Ck^K@FQv#jNpK=*XneI?VTV
zc!>ruH!noP((ASN&)s1e5@m4jwR=q^=nnBi1M9r3XdUBSFzlU{cpu7cFov27^fpk!
zhCD0PXY1o7UaqS*EdF^{)Gfbo2}~u;;Bh9{jCpJ0(n%{woKlgl4=Gorn$KL2tmK07
z2FmzFEBD|@oy0sbi~FsnYq6Ae(AVV295qUvd@LXD#rTHov{yRP_EL0mS<i-eQs6Z_
z`#-(NUw>$t()j1vPgw|ECPf;_P;1(hzdZSnDxL2J-{W7~&_~4i;!mY<4S6}jk^+?&
z<D{S7xDUmWqUhV>#~=_3OKu_mWZvu<&$v7bj`VTxLVux5JelMkoF<IxAS59vmFw#3
zQt5=hEeFkZkbN0ysW)|X-feYT!~clLNb|*022|3npii<;;C1(+UoB5WFXFu+9xMV|
zCFEh^J&?0>-vAVDsG_+*8L2BD{heM+3IN(`IkM9EQiEg7sX;xYN=(<6BCyj$sE4`k
z{8(tq9eW2lafpYoSPB-;6@v=>8vT!R7{mVxov$*V{cqTL_2E{T>?f_nb2`Brw(7M)
z8nr2)ckSvBfrUNa#UH47dVy|~fQqjhr4#_9ds$b+4foG#5A!dKXKvCpU^rewzw?1?
zofaqDt-aEQwpTRo#pcAe>%YL|=q2gymJ*9GzE?agc<Y3~h%NYdVE3R3*HrzuAEfuI
z;$R8J)n@wH0Fpp5^V%D=3^<zoN;<PQXukj&!JPe9K!t+Ve<&B$2l*XCGnO0lAh9ih
zajyaY58yuSA~eUnrlW_20EHk1fp0pPCH)g*d!kM=!cFXZX3$=mBkO~_e)s~wW;cQg
z9|HX=7%b}rIf{b;M>}Y9Ht2sy=Na$c$PiqFPEtMiEabbwbYmFv0jq~NoN}P$l)Oy2
zEzTKI350{6EF&9#1WSH4l-e$;lD()fDxU!O0dNYs&1@mV0NK38GvTE^=0LMrOGOSL
zliEc9m-}B}=7;&UG#=FVHw%Kd>Q!hS5GuOudv#wR*asi(wl)YYE{=1JC|EB)M#=!o
zu4>>}+0_$lVo;S+_y?0(m)}lApeFEqx_Z>2$S@qoE9!rBPF;XK3@|wH4K%QJC@PkG
zJO-xt(|ttY>iyPr1$#ChD$Y)fMQBQ|gu)Di9uzQsmpT=DLVUeg@y*YQ0sRs`@~C?+
zfo^_ctTWvlywHNpXK$ZE*K(kN(?$<m@B`(WAnmVJ^meSlDx7DX5pcd+-(#=ju%F=X
z?NBWCyzT5ae`#2C#SP}Nyx$xxRWPcLBZ(D~_P?;W_Zmj700#oQC~JGxMqS9x$o#0G
zunk>#m;r#cdoRPvmOT(Tjf2b1lzeDl2a(KYZ<Uqj4y^2kObs$ZB|YDzPArZpv$uQD
z?*Y4Okb%K~#pghC4^y{c+)u4Ru@>^fAlOOyP^9@2G)IQdSsEaxY7%C<3|tCC2Z<XM
zM$qeqvBRnC{G~-2h3qc{qkjpyTDZT!X;Z`CETeJ*WHAn$_Z~!&TIlL1vf{bD<e924
z006rUMtXz|8-do=2UuJrm8`cJ09B7;5%k*$=@+QLch^sEZw8?)%m5cKZ4hvkqT-2%
z7Eb7`L<SQ;S`De<N{QibMD2BcdWdX(jO-Bc>^y+W4%)nz5Qc!Iy78)NjGpoi;2H;L
z#YK8Oh{0!;Horszp<#Fg+?2vYm^h&yKe$mdhR(@)JI1PozL9_{M_{sV!37N`YL>vr
z_QxxjlLJPzt>wn?9hf6zF7e|ghUy=!Ckev|q?k>@rf<Fn%(zx3oG9v$&6&w0b4z!>
z*zXT$Ip6ilm6mkIIwK*{nj#Yq^|IK%`D)ny583#~3peGOqy2}?k!{79`pkxJ_R8}v
ztw<bzs(CI^bgLJCQpG_ecO!zo_r8-J1)hr4zfQs1VKFsa1&Q2C)E7+|&k3iY*AE^)
zL&|j-9tvUNplk}_iSHjuM`48V*g6#B?hU4u>*b^0Ucy->WtQ`k0@n-<q3iTcowX`-
zl_H`(Aox}!b7j1$t$Si%<Us(K23{!2)isKOQ!5OU@8NutIB*g$QFInY3JFHI@G^iP
z71A#_@VzG3wSMObS)+9-96AUnYdyYA0DDnLNwW`16V(_>hfnpK!>E?**?8-)G1PKT
z<(*~;{JUL{p8(jT;WOfa&0u1X_}d1fV~ssP%5qaPNu*v-x51;}>h4hOgnxsnP((^7
z=!w^qw1E)`FqUY)-^y_;aI#DvPGSejv8&~x>V$gfXeT^qJlCBPMPNC#J<KM@7XlRv
zcyN^yu+;nTy}&U-T6A4pMc=~et<NOz`8P{$^3HC`e{rdMA%)|-(8@$cHV#9}B_M}-
zj9d`V>v`g<;##eEY>WjLeg&z*b{=3vpk4}y#qlISYtX@~(vD~c&@ixF<TRL1ak)=?
zfhh%j!&=%R%Y+W>d!aAIZ$1M5>GU8W91zS1Y-5T?1}Q*^1e*Or?}lYW!T9d4@DsrB
z>;BNNedf%<VfI=0%(Av8=wVjFFQ_vE_xiC=okRk?#))n1=hRAhv!z_)HkX{EU%&Ug
zNP|csg3kh4sX##flS~Iv?+z%jJxnPrXoj=}wm^r4s60b-nNa+UrQ-huf;!uQ6s%I}
zMCx>i9_f%#l5=WZ2kFF7l0B*9AvB@GHkYfzC}Mf={U9z_Cfa0vj6+0E345mw&q<WR
z@u{GjP}K;U$By9EJp{Gp^+!Z-^R%CftO1Qvu3!Oy30ZQ%HUkbAFqJI)ultRal@-X&
zZvpfkWJ#jE(MHHAjrj)L(dl9+iCW@Crc3**P$JYy;lQ&#ggzpGV`S`VJQmm_BqXpI
z!Vbh-f)=gs8_BtK=3wQNlE;+dS75!6!lzg_8kZfMFfzCTLY;;%0lAW?*T7mpL6~<l
zNE_h(KLkz=d_DO2%dq&^mzxOUCVLwMKIp+>A<S!4vkG{Psvz3~Ndd*(7n^!)8b<z$
zq<6DnMTn;HfRib@KGmH@m*4{n7!(MxrT#<c!^ZY(LZ@Hg9YJbS0#IWIG#<x$YthvZ
zEH%hZ-DKTJ{lQHkR{<`P5;!Aw=y1{UL1Gg$OMtrS+f3aGXbGg!$T>9HHK(8k2=K#o
zk~Hi?*xmSd(Me!2Zp-<8yHN@bT}PoEG}_a{w^#j`k1y7#V-wQm$yW`SFE)Q|jmWy-
zXL|gHO32)d`S5YDyuv^L+5_t10Y9KDbmRX8aI&00-E`;|rr9wrxC{is40hwUZfjBd
zu+Pp7Fd-NkAWRQflY>taO(G8+xKQGtAZoB5N5^>s3?j&gV6*Mzj4F$^Gf=_O!+3ge
zJTv_q%RMj{=$lD$4)^@=1!?7iWw`(xQe55uQ3z!bcIF?+Nhz$LUWhP(w^<H>3mGy4
zLgxcmoWP17nX2#`{zDt8m*DA<*xMH1&$a~71-64=4oAmdetNb;HPM^Md=83l^42dT
zf2NLK2Dc^GEbt?J#jwoQ?dy9@##qyu$7SH07CR`yM9V-t@g8;<9{Pit-AJKPK=i?9
zF<;;rMfV02_mC!71t_=TwdgB*nQr9GUOiP6#tsj(0Kpjovq8c0`tiYLPZ=r~BF`5P
zLMq+Y(zKN9)u0$I&k^jDjC-2kT;-uqC&C=qRea~db}aZ_kRm(5-*i&bq4E^WjAaX}
zJ(xjf#M+6dgks6ImsYYemL>z#4?$2XIZ_OpO6#)mGCzrD8U6Mdg`nr^T+7UhD7_K5
zw}{Z3s^AjrX1PGZ7C+j$lHLuSkT4cdmCZ-TcyoQ|Y2tSuNSuj59e<N-<_q3$(<3E7
z?#v`ln#jq>$hP&M8RH>1zvIQd=QoqjvNfA6;R<Z?`UN2ksMVMH(77+@;rvw>{6lk{
z3H&d}+y?u=Gn+-n!Y93|MfCdx;6CWrM;ZEXj{K=P|6Kz`XL7WQa(>UEP>UU*Dzz~G
z3(nLWP7Saemrm9O+Y+>DBr9_WT#aUhYP1^ZHIrF@WdQCeb~ev67IQ%5v<LXE`{5T5
zAi@8E(KLb!84a2#934v~7A*Dia1+3a;JOP~&@t23r6{){&D#)H21?Ty$>AljruFcG
zhd%~!wHod9*6QL5GNQY{T7Q@atO(Id%=SI4B#kWi@hmn~{EXDzgJRa>nMef?qBgvO
z2#BQ`M@e#v#<L}*q!8|+IKUi8!~mYE5m!tw9?!f*sDaO~3q4?w$5Zscm}_M|E^!ZN
zg`Ot;BbalOq640`&j1?k*)qf5BOZYamT+h(d-lN}nPCE{EK5iA(koX<GX)Dqfqg1!
z>RyNTgpUaddk{!qYMtpX5%greYBOoCj(Bv?HwxUSm;@Xkl{b^=bXme%Vf8%g>f<L}
zk^ZH|I<g~@Mg?Bx^R$qn=>C4oTnoaiCFk;^sx9k`dx5ZWvvm@L?yAs{d4P9Q&SDjC
z-4lUZDTzWgI|MyXthO8ugC}fSs~7}ZCv_wL4|jktxzv4<X8ZjJ{|+!5UU^Hv50YIE
z=!BkY@p1Qn?JV;8_aG*^nj9EQ>lx&;I|90wv+4}%e)9W+gj5V7IsnnJ%aw78QZn5p
zhz_`=H3;5=W+G@)S4og{viSuI3IRw!dR%-4Q&#Iixm2h|G;a$2O%Or@#LPmurni~p
zVD;G%9R1@zw349Nkv3x&M4I*cvM!4XaMZBrsLN&d4vZbr2WeZ2&%Bzx6$ExL8e|g0
za|k5<(ENit^ymcEpsGI8whh6=n|n=@*DwKhcqE0BK(RicfP;2Z;8s26794oeM)or+
zP)I%tVYLi~nPFowyE#YaP`|`G^Ky%=jyERqI_XL+{00aCZK~S*9hk|Kn8O4z=IYKE
z0uHPJUPDW!0v4!+S^)jPO*eb%_IW(7brC9?Uu|X@UD+9^k6pmI!tV}4b_LgkQ!8x)
zI?twfrmRGu`8t7Mq!REG+e=8-oUSCG@3Z3gZ=`u&)RTc-4v^ykn7eq{8dG~FbCo^j
zJF_e`6yG~b7AyM<Yn<Fqu>@OJ037^*&eH>mL2wrqFg6q%YY#Cby8Ki}BAZ(SPh(#U
z-b8<(TRiaUKN6qde<VI~^g*vc%lmaCyBX3YshUO~gNP$xaP$Bb*%`mXIRa3}Gelj0
z90&Hee1@Q$cPV&HsO^u^;%A7$6-%Ta8o)syntKQ&Y(I`6YIGN1W;Kp@Cn9~p&qdb(
zKD%lHdOrr8WB?54fpo3(z8LF>0BjA18~|dlD%L8Z&4VNWoG;{$B*8o*a5BmV3{hzX
z7<fIsU^&R)g5kij=0yNlmtf5@q`lso@ZUZDJ()-;4Td;0dwf%Re?1)F{WuM)*tp0r
zAlj3UrVq(Dw!CPus@>rz@G5{N(fR>052Vln9YVD;05l=Zb;rIYuEzH;C(Jg|G7qM{
zAxLf!?y=>w-!D&*e)N~%$1!KY-XW5w3QpR%rx|q$o0H{iL|mIP>18B?w1vaSHWS#I
zh^ze<bzysFW&%EB%-iS<?S;;ble`QPz~2D<_0&WJ>5#23;@y*GfV@a%glF&dHy+qr
ztp?}!3#$yw1uUC)O(Q=|;T_zl4R`L{KtsLfAMQeQ+_un(2K-f5IAHZ-mgp%eQa#u9
zqqM~Xe~%gK&-WlRUzr`|76Q=|+`iS+zQcDg&(+TdL;GEJ0;U9kwmpGO$b`**W#3#Z
zsCxIOciv&&@4Op3#2^UUc&`D90W@{3w1phA0FRZK)gGWD&?-7ApTYOT+k!Cn5@<t+
zc-sqY=U}5{Es#M#{zv9Gfhj~*;|0SXA+_uMR+P3x+D+aHGa(Gl1n<Drc@1<MU>w*6
z>JR7~21PZ%oRU*N>N~KL>?)u`aPzL<Y<!BhkSH?@>8UU{4wYK)kln#I{hd@XV-pj!
zVg27R2nXJQ%Z50r`ry?i7*`A_&sx0!nttPUSZntek6_~Nc6f+FX{rrLSXcyD_N7gV
za@Dm9yHE!Wgt<fTkX@1Hkd8wBp<(z^FJCE+o}cx3-8EdiVPe;l`g=oq*u$5%fiw%F
zC$s~46wFx(hwTsaWrAlkly~N`ch-50((0i8Ixx68@X;I8gE>YkjbO%@`64x+D-el5
zGZ|kl`0@C>HeD}>)*PfdPx)@dTu62Novg;Oi;UyK83ClTuQd$L-|cL}PIKmF)<w9<
z+`~8TF^}`g#CB2CiA_Gpkb-%iV0tsYO?ucPoSYlLtq33&NrOSJ5HwGG0((jJB<Qm(
za328c4?u%W_`~*`wV%ThMG3909Iw(fQVXvaOJ4?S-QrEc#8ct_e<hb`Eub`jgu&oQ
zYZuvI3D&dt6*WlVueSnk78*N0QW3JU?JU66uZK0sj9Q26x8dU7d1X&lT=eKe*jJbx
zq+e9=I2W8cTUHp0tU1^+aDI^3RmxW!u<YXG_!z{Pw)mfT@<GeC#sNDUn*>nr02Kf{
zy)b`AuTM_wp-y8T`v#WRmBCDzyKtc)rWJAt3gJ`qK~X{T@+Js}GRg9H!KHwqKL%#Q
z0oS_$T>q4UM^`bM+XlGd;y37lw)de=#d`wIzw44*z@J7!TtQaaArSDvTpBe-^Kye?
z;0lHz8B+v=bWQ%62-LIrNH?347$`4z3qd(HFMJrzl<PFHt++qMwvw9Hpa_g@`<|P9
z58FEJbCG*mfMj7=r#Cc6{OSQ@HdL~*%NizV-qPs&{(wMFArTIOv)A?|0E;CEt)LA;
z+Li!c&ZP7c5)eS75MhY96uk>hBaQEdR^a<H2oB)-!1!ebYbof^AH#C4WH{w4`M?0E
zIN4FI)2gGbV>GwIO>-<GqFo7!hZ0eZ3>>^(H+2$5`=N20{pb^tv$tPqYh~=wInr#K
zKaKuRnDOUUJ2yeJ8Lv;Iw-cy74|p8xmz~YCy!apP>A&l1T+SC6oee%WO*%4sqbimt
zNYI!NAnk}wsUJKjsJ=^|#a_sI%NoA>@3p5E)wqAYc}*wd2B=EaY%<}IlVi|KZT0E0
zh=>?qvx*jBWif_T%4{R@OYjp!7iAkEIYRO;I84akpjThmsuMHBMNGZqe$<RQ9zf~v
zSpwNxGl-fyTLd@(u$j?Z`CQ`%e&4eJg=`3Z1H=R!1^3uVjmWVPo(Ep0O+~AW=05Y^
z5ny1fNTdNC^X%HqbSUlI19}6(qSJVRD)>vyu^Qqmpd8r!!226ye$h|7a0IPbU~#@C
zCNq$;J>K6?tmL~<!QulQbs#k?6%j6=eLU7sgu)5sWFk*@oZj_?5gvuX=enP$&}I#(
zFja&7|EnzpYC*akQm9t`_x_w+Qf+@)xMex86LC#`25X1AbhW5}d#Ow;QYKj51!HhL
zQ4!kyNkV!i232b}jpS{XHj_N>U`%A?YBIHrYPxUgsVJPl;5VIT!ivUjHU&PlJRDo=
z<CqzGT3mQxJfdnpT0$mZ3hCAImAE`qh({qYz7#7haCdis7laWc+t9KRM-#BSsCcTq
zKs#nePPj6qxMdNWHC4?}y}Rr3;>H{6*FyVH?r^1UIeV&nN=u`GUbg`)>6+UxDGy@q
z70xLBPm~@i?l<nPyJ5q6yK2AVJz%s84GYHLr9zc_{K1XIKVYh(a~FV8ncVq0up<ME
z{0lvkDZNCD7-4U?Q)2lvX=cz?-wByP_2r2qKaVjJ#>?hJD~}@Kl^#ZO=WC;F<4UA8
zU_ZayI?cfo5)|~*uj^p)KkCykM3<Tzw2^B}%XK}dhrH;mS?=pDc8cF<^H|G5CKt=w
zQ@*OC=tP-oZs6^!mT<6lPf@lQ1pEECs>khJR5Z{bwRvYa+of|FqCC<R2%SlWLOOEM
zwA5YdUPOvkwVNv&gIq0IbbJ_i#XfBDUsLD=<_<J|fI?-Yp&z`Igu7O&))a?#twIUK
zJ*dpz?!8^PodyiyTdZyJo#jj>vX;fyG-l<iwJ$<Qf+1Q#gMRjIy1@ezEzJ#5+%KKP
zzcLKt92vEZ*bR$2NV~Qc(LFFWKZq0EbyA*9?`0-@;-O(Q_;o@unbH4+cm2Vum(~ir
z&DaIAI1`iqZ=}ZggA@w4ff2D6J0AOZlc=_+-)1e?OHW!MaJ!MtWytq-umhbF|Dvq7
z0tLMzu2!W6OW!=_l0owphb9XdPjp0tV`TzQ!4{055O<ise3;J2&CRhH)iCahc}624
z68Z?6a<SZ8qwrFGy-29?{k@LIcp(u+CG6xQ_6nb|mPSO-wOi7xT14zE?AdF5&sQGu
zHmx!Fy;dQ1o2#B2ROdP-Hcwa9KJ8tGfsjDv>TXvIe%2oU&b*_zO8O)vua%hD;W1RK
z-e?}I|I|S0!zwDZ{JcuD5L7BeYMi;Xf@x*OB}!21tlqixfv>|~pM*$;%yP-{Vv%dH
zcYx0LAGOdZI>`T4wFYFm{{odOkH%S+atq{G@1>O(PK>OjR_IV19##Z7cGToCu>Ig1
zdlDhmS6RfB@8D9Z5We`kJ9l-XQ$so}rBG~xThSXRialtxp$`}1cyVPh@W#Cfk6;%`
z#!}t>Op!<N#A2*OBO)5OAG3_PDK<t<$6}NpwLd0V_2%vJ{$wv?Km2m!e1(W6asV2I
zXFhLdFMcl^j%C!EFImxKGWV${Y`?jy@&I-sgKvUMsX+f|M&`GusmD@+z~Ssz2oF^{
zNAB+^gD7H;@4l{jAEJTS6nkX9LrIEUkwpA0i^^<FhDdIQUs1o(W@WbTncvXzCs$B%
zsQ6ce*84x)mf{uFM}62<jH^>6dz*%iJgSL#1YIlp2LZ>V@DZMdB}+$O)6hU#W~E<8
zrAX+!z1zn0BTPYUC5O$Q9yE@Q*V=S&fAdsvvd(*}5|sv};#E_T@5ixPc<O0fSH?5C
zeJ6=a5v%x{YQgS-X3$>ry8(Ty&wCyP?cZ!^g_s`TKcJxA1#yB={DV$G0-MJ)CTWfx
zsUOduXvjUE^lFaAEcR6u$V~HBSN9ksQz6E?jYbueF`=!yZ1@I8THePXm8-%9YUt%L
z*B{uW8I?=0;F+fre~BYqnG!y0x0giAB-5}zP4zTQWPHP`QF~wEIY*Kuh;S6{WJ|H?
z^RA%2Fkg{e+}<G<qV#dll42Sg9;UE$jr@_i9JaL}*}euvUyy%ggrt&^zctt+MsY6h
z*)^KquQk<ZS(fVC`VuMmKn|J@P+H6Af-i2ELphU{n%eVt?;g!!ZOa{{%FlqSNP=~<
z4o!Q#g?6`U+8{%^K{MRcvDla==At8uvtgura6~`nlE3z@of#`_b0QPd6LqM>G!;mC
zbcp6*c<-u(82FPWtwNcDvcONuh%``&DW^xOW4aj1$d5#b{wfZcIv(Lgw_wd(1VJj>
z|L5D`cfBq04*T#8?iQk50?G8rwEvSg<WSLe7^l%*Xa=AL6CO0=UzA(C4{Uu(``csB
zFWb3M!51S%KU?M1Fgj1}6#z@k;L`BS%fFKEwEK^bHJ`lY<E8#nL$|uC6<+$Wk4S45
z|4Z!Os#6Usngti;@9tTm>D1-tU7-A4_nt>|W}wV;Vfz+=bkhT^mkEPWfD_!`3ahfB
zd10>!>MT3uX-X;KWtbp|D23ZF&I!Vtuk{l$l8@r}PEyom$=56_EGhl4T&mBzW>~?T
z$(BFMDKcMk@J_E5gInelJyNb$wQiC5Et|T$S%kHq=&w2dBWAw~Zu_XHmqRjt1(fEP
zQhcl(*?DQD^DbA(a-=~J>Y6a^Uxmt`>*dEA*WOj){PPKT3}E;^g4hC-QvZ~;LhYY$
zA4BTJ4Km_f%!Zb`rlcT1e<o^|AQ-zkE4whnmaQR6b`c3d-Qz?w^eaoJ7mw~2k_W)R
z2`EpSPd*}F8Bg-~raTTv!a-F@p5U-xyqK!Viu8_ZzOIpx5!9G(qaCkeZmOO8=yO^p
zo>^g%7RyKBUOsCk{pXtt?cPvg%MJej{o>r@9SPQ#7d@`P9v(<MkaQgSBgp~dvu1=t
zezo~m4EWt&9zgajD4)S_fk)1=Ui;rx2hhUX_Q3|Rbo7774=sLMlVgkyMa_ZO@?Ohf
zBvD~OL5QdYPnn9>4qwa{AMEo+>Rhzra@luPCZR5vn+c;sdvqO$dyShWkXvI-rU6}G
zpizs%Um-aEbr%75IBLMxz<n<PvxXT8`E1cB4h!-caT3rYiP2o)!Vu%k59~hgsvG}?
zY8fjvOp(qu&s;D_1H-=>SuSJZ;}0W`K_W5r4Z%Lla*SkT`3ASgZ*~Rbj}cq}nM8sO
zD7TSx{KrBK+t(vNA&^-VE7{l-o#0h*hm2pQo_}iP9>y%?qM-V>$k9@=SP<6j+;}$Q
z{oyO9n?bxC&LJq~jt38-9xPA6j(m?)?iA?+kS<oYugm>@NR14M&_a}^K(In$p!`T|
z%pK4+kStb4kmhepmVW>O@zE!akPkw*^Yy&%pq2^M4;Z#gF|>OHY8}84LA6w&xI_G|
z?rx$pjIS*Nkl)|8a8Uo3LG>m|ez*dfx&Ql1F%WYuK0_yGG{ls`yw7-R&`A8@Ex0G#
z3VrB}?h40Oi1yzUF;1ckM&p_mqp$l05;-?QpFoZBhXI81g1j_^OZzu8N85lH5OyO2
z`LYe~2C{)ddTBQssANJBN>SSjtw>(t$IjcNh|h5rp4^czU#deJ<KRw!@J_&>Hlf=j
zmNde-Lx|yn3!9LTBmol`gj$cR0UtZ|Z(}bs&I2z#V<xtwIRZbB=KlS&c+T%rmD8n5
zesfS9NaN982GrfMNfIy3I)V8rj<&=G9e=mt6+_9;W#q}(6PDb8mHmj~|3^xTIa2(O
znA<hMj3uY>`q8zT4x*<j`ITZ^?|?>vd>8aZ&WP{;29m(=FC1dVMo1~=SHdDAp+!9=
zOwhN##dRfOCjwTZ^Xn%2MK(JrHJ+@glgrNYq<wR|!rqjr;hR4I<;#N@ap={a1^5L<
zin;>L7#x}@u&T-EU|cbJ(ZaasQU?F`y&rRLyLj}vPVf1O<xB7VTpKb59zCOROM)xJ
zK>N~OXlamNMY-W#@GCXN%Ec{-zxQ>ST&|CG+{-K=7GX?Le0frxiAdiL**a*Eqlfl=
z=Uk%Om*`HFYm1;0JOv7Rh`38l%~2LydwfhxCsvEskDRUFpk0xL&sT1B3;Mm&S3ei1
z!o%8hVS?XnU&|en@5K<80?RQ;NWgj4^_*7)mx>Xt5=!}Cpa;q}P{g?YMBo$n*&Df6
zOmew)>}uvNQDO2cCs%(r`oQbAzX3-WdlRT?5Y@DZun8=NZ4|^`&wwm>HlBb~@CI3|
zm=R}ReCOXAE)_xIs<HpB0iglSnOatQ|Mnq~t#9D|U&OsvRF&x#C8{LJISWY6N>)IW
zoO2YAoIyoUR8T}f!X{?~1j$iQ5F-Y16crG`gn}ZHOb7}n(sNgxs_t{U@92m7aK|_g
zr%DU{z5nl9Va~bcdbhSd5%ewl2lCS(a0p;eT%=c9H-WJ5zt7)&#1SWM4b84S7%M~`
z%d5DZAoJG0)!<9t3B(xSCF<)}P@Z7cqE8L-8$3@_?3EOp=5sivm?QmyMN@KuDIYN)
z-J8q>ATHQ>yFjrhDFrRig<c^0B4YCLOSqa~LjimiMyLg#=R(_Ue<L90uCWJy%XN~|
zPPc>Hb#%Hw2FAf#0F%EXNQsW{*<0D6_IqUzcnG}3wbehy{z2nhZ&S-$XC=A!H%ys8
zSo2|g45-uctE7@cGGrs&7{*8ax&P#%{e~CU>3RKUZ5zw^e<i?Rs$H4}%fYw)58o3s
z?F+RD<!`NYoKKww-v_$M36SORN{UnqfDIiT9fV6FvyPQo>1bXHac_uH1$=9pM9UDs
z*r*6$?Nx9SY8aw82Yeewn89b46V1kyg9U+yvq{>tov+wQ{{g}30UWA#A9-nE<O-g4
z5s(tFG)`$YvrB3(>Kzmcyns>yS|xfPB2(4=`1Pe#s1$%7?lFFsypotnUOI;N@sIPO
zsZ6Dfzq&hNs$3QXJQKfflW5TkuoMqX#OHyXtlawEB>N0ggjpca(eCl@XaZtgLjUJV
zMBgD`!jK6WWr@<gmxR$d@Lt5nDy};KU2X@z@53S&g_l)kMK3oV{i>-EuP9C1wfI+H
zBzOi<X+@K2Nc<(we$Upv_wPXt$lz0n@!@JO-33Lx1O6tbaq=JwnFH*M*nh?6^^>3s
z>l*>KMo0`#7Qh_9X08=Z5mmt1u|?hyNeT5gxZ@%y0ihaL1a*(k0@C?6+&%S@IomY`
zF31#Pu!1;b(0Z;o0?+~P-%^!1hBLA8@lcrG0`dpfgxfgF02(j~t^j@sRf9ksps5f=
z-^V=5M4ME+sDs!2f>-8kr{Or{vd5_<rHtf<rticMAjq9a4^+&;HSpiv2Tfu2j5i6C
zHgVL9Y;4aEdr^&88FfO-S+1ABED~aR68*WJ4Y*6NOuWiLkuyM25e|t45Vcrf9|;Uy
zL4zXcF(is_n>^zKA5G$eQ66~t_cf+a7l0_}-`R-&nzcxcFt)s<)iSldGVV$|e*)TZ
zaFfS<y^jx*vVD&Wj2;Sfbaj>dhWPQv>ncPItcXE+2}D52>4Nt<aZ|u)G=h-CS?i@<
zuk6MexCM_xU|$HR>g066Edo>_?jL}M2$B9E?o09=$WAcB2xSoP_P#!YQ=}(w8u9BM
zp!0@wreqdt7XbTKas&tlK<S7?7IKcJxTz-RkJWR0Q7{#;2NQt!v6Lv3v;^gfyI-IC
z=%{`^p5rVi1EPh8TWDx#hM=xdwm9)6%%^cHNrC~ygOpTx3C@Fr_EfIet`xA0G>?y4
za9yJV@t~4+=|A%tF6`mi+JXlXW$ymNfW_!wV8E$rd@jzIq;dm1elET-p!fJ_O*qo<
zR3dWSkRXaDCMLr8-x#?6HxiT#+u7N3Q4Anb>LslfZ$c>6L*&YZ4bs6aA>LmA1PoaY
z+HF&C4FIEnoj=x~W|yvM{dxo00YCBz@IRs;r#G$j!~%Pdq*X;9P(r54*0K}Og`nc2
zhu<5b0s_am?~nFuqvZ?&27{O51FRJ9YBusQF*)Q&KEs)vsAPTu!osi*FpvZ`xhwlS
zPw}c86UNu0*m`<J@@k!4EW`d)H(Yv3;@&90p98r&lOFk7Rhe+bIhAU~;?s=cslccp
zQdG(3t^p&r%o8|p+3pBrS+iBG_hao)5&ZV?|7)m5?{z1KitrNqf1N?%d=B~EBkP@?
zh~x<(12ko@+%T<1kGF!TXBi_8U<mK)Ij(ou2J$|!pTV~G<qRX-y%Y`^7hDdw<v60i
z1p@*lPYobMT*f=lqCuDU5YL7iUsF@l*w~1l?}BUqV-tY;$QdSRaZoPbL7`K79s4Y%
zz53Ei@kJ4>^${a8UK0(*&Hw=fISO{!ZnJv|$>wRLaeV2p>nZ!l{a~@xE=W5p!GR4_
z-O~;4T~5!DT(M(d+o@b?+C)D1FZI_DUB-|l0m?prCIS!TJBe%T(Ff}sy%b0XhWx=2
za#}*01vsdo*h%{t=o|0Hh52^4{bKPh78KQ7YYcpU<j(wEWN_~PCNNz6;-5hazE~7Y
zS0B-hqfWM9jS_Dt-u)8Y3_7X_1Ul3O?|xv|=0f;}AM*g#Iw+tWz$q#<w70j%1%>~T
zu98u|zy@>@OUVQRQD<fc-50E89te;S9~=3Ks2|S5`^II1H1`1X-Z*2o=u1+UtFPhv
zQi9qErFwjPJaj!DnxE`1{|UtwULQot&4?lEt~AKsSpaeI;rA{q)a{a#Ok75yf`&-(
z%#XuAKfb{nx-I%YAgZ(KzB-1i<>d(3SL~a#0t3OKK!S7<O~0hY8blwubS6<>&R}3e
zFD8hpLgfiU3Hk#y&;nSDlehZ_cbrwm=ShRV2GE#(PEy4{1m_y?4|748@K<?>^ubXQ
zhz<hx{e(<2gnKAjLq5ND_^H#<PCUtm7N6kz*q6KW6?%+*<PL8nI7BL(Q|FDo5%jZJ
zBF1C)&z!25xE-v0WNYs?Gy*seVCxWnh<;a6wsp$@06;!&Aw7%x2spaIu7SJEkD!=1
zR0^F-0I^YoUrdGZg)3+Z)_*xEVzui1Kaykk>=vXd6-<=EjSrSxaby966V3D-_XMNv
z6^9B4*8}D}4=;-&1tVCjoYRSmj|WXuhZxdAvhbq$BXM6I<hvv5nzG9Y1j5inafAnr
zfzTS9l@8$&nV}1ySFO=!j*|SVJL-}k4lMom%;7>vCpofc>(8$Te$NsG#1KY~n9I)T
zr;BT4p%6k@v4l?uLq(4BD6@#OxqR&GdQ6h&4YH^a9t<z;{)8$eWZQM%!KmV(e0T?_
zzOVfhbT%>#;KISqUIK&9TbwCM)OO~{33XP`7vNn?U)%!4!z(m@xGTh@4V7^-CK9uu
zy4#0fk4QVZF$|(DTR@vaRm%}Wji2WX)G2@St|L<n@v0igla|&X&HkO@f8oG(c6Ndq
z+O8h)o9NOVZ21X&5p-$rxR1Ni_T%%!MTB5PY#gLDfP9oMP@kj=Xb<IXwc?uP(EbFe
z_XAm`b>nS2DV<yXnq6h;{VG78@P`TG?0?lPvVUDgISjWKa71*nt!(}=KSvb2U-z?w
z$^{J+6Ca;h>aOJ3i~>X+DZEB>=7{ZQQMuzWiOYx8lnzhCetLa}NR<-#ad=N(gw0Sc
z9u2Vry0hEcSI@D@86jA}0=NhvZ^|f>6gNKtrbEr%53AHSQt559qmURNm#ndG@*o~N
zhvpeLBU(ajGpZcE`jrT_KtY4(^7I7CTdN8KIq1-Tl3H`Ks=mE*+!r|n-yzSw)7O)$
z-bVk1Wm&8p7#U&?0Y!$4a1l?Wlfb+aRf|=95lSbhUcpqEX`?=T3oSv8qQ8|qQEQ4)
z0-nq~usN5PKL&!AvjR+1GNph`o^o&*#Y2sXgqXh&H++*+^a=kYSv9^p8pILZD{o29
znG9^CGiAcZQx!E1f;n*D^iBhkE6&TVb7e&BKV13}Y5Eq>NJXqp#iMMq_=xHy;PH2~
z6L_XT#uCuPkSkQ}U*qn8_#6qj*`u3!;tzk;@QJw*Z*X!yNo!mSVq#+jsu8U4311<6
zrm6o?MzgTq%`c>voTuoYsp<?08pI@%F}DR<zJ0OcI(EF?L6wBhEJl}Y6@piaTP!z-
z-wX11nW(&i79Cfdfmc;07Ex4IZ`$?#X|`YQe~rvR6iPG&f*2KQ0(rrW>l}w)-)@4e
z0aYD1C}OA46!%A!Q&}m!7N#FKUg#~`1=>YQFzEf?hmE8)cvZ1$_^8Ai{7{$4t9A)^
zB7Gg5+3H)9V6Dd|7|Y+W$qcbse#fZ}jSq+*MzBgrvUj3LhV9SDoDH@LjT99`>`Lx}
z42iKUSRf{~21OZf0A^(_sj_}EVhR8@R2=S{Uc0|1m_(#2r>qS<TaCHnSpladAt514
z!*vC{o=PhhE{+Mqu%)>SP*24l@v?*;DYZMH2^{)zLUP+w%bStQfFSY0yF_l&31r+V
zNqg|mD__O%B+G@l6D?E6ep<9{i>NR@pwKcFg&^~8Go!@SnYo|WMu{!zZd+mogSbq;
z*E}_CW5$A@ynLqEi6NbznhYfB^6cWj-|mpJuAY9_WpMm}WAw~D>iaD>qwTn**`m9b
zh!fl9N;dR0@(r_=LYZ}S^_TZJAFeIEJ3TVw_o2s+cn<Y=I^&gv*8?72m@Gf~k2Y2=
zo%m=}=jN1dPf_1KV!p*Wo^0E<JCg}XN|zj)dKS<UFTVe|#l}rF-)3BBF1=<n%{TDx
zSH}270h{?$E5mQEB>dGH;>{&<{*48EY?(Uk5E{_^x4nn{<od$qoi~{iqXTJ<YnD>~
zdF90a-h6lEzvEcqm`ncM`6g%|wfSq9ot$wGB^orGmCY!*EOj+tOHL0TAXnli2`2pH
z`tjGiF7cnzh-0o!qQHu|)q-Vc|ME%^`YPE?ay5!*QbBww<*r|}|M3y{@8fle8~@qk
zzkg3?cT>+HB6ddnD?;?&_ILh2#;xP;Pc0GsBw&Bx1bp?r?7cvbzl>J?GB45Nd3QGM
zY+uf`e?&$40vrV2<n6n@oT4x0xjVJa5c<dkelePAlCJm`iO31@oe=+{e>uMQI4Iv?
z;IVS;>u92qivnC<XgU{q{^w`-?-Yiy`M;`9IJSrc?PDYPrwj-s4zK?!XfYQ3|MF*G
z9RHo~{!e4|m$S=X?=ZPq`2Y5^?^ylU`~5#mI!~UKB>VU85NFf>CHpRz{QvQ1$^qH`
zes|@#9tu7GJvsS*d#3-FPW0c|;Y*oqD>jt>b_&Ev{(q(FGWq}8pRGB*2@+txfByn@
z5kb8fS{qOL{paOUk_54L2!PcpPbOVZ#C?RD5BUYg`3q#9Ymdotn9mU>;x6@tIFs$E
zevI-pCsklKg<`dkm`;cPl2$2At^W8fx^`;~RL7QC>15++a-~nm6EaO|sr@dGz~ZJY
z{7!rH(-%}}1j6K;(wPi5)f1-?HCOs_MW>cDsj_Xdp1&9Ni;h07Rc1%DI(X?iId2el
zW2sy<!t0!m&S@h8Y0(6UQ0W8*a|(UK>uIBF;3V9`h7wb+e+a9yzWQ9>;PQa78Oy2D
zl#XGwZK1XfBOYl5LN6*Obkvy?HO=#jzV3CjXv+(95-$A18Gk_4s?$w)=jUJ=J)_KW
zPluXphC&xhmxkXp(L1gxkHOa~wEIai(UoWMyx^%Wm4g{UuLhV3-;dqP)l4SmNj@D0
zW23D{p51NHlOkAtWYghZ&#=9bAp39Y+okbW5cyp>J{f1+^6t&I<R6pKBxiD#jFPK)
zE_?}EAvG=D64oEcpUlKN+Xq{)ucGRF&2YfFIO8?q<SrR_Yt%wnvhb#nh0ei|>$ddF
zeN;AK!U1Ju)I%AkX~kDas6zNs^my6WDi65v+iPS+%Lhselx7bg#o8(b{Zx8Ft|Q>8
zsoYb_A)il!NH;V7sK|~)g?k0;iZ_|2O!jF6kB~0whuWtCMzGzdoc*F*QNVr)MSXtb
z4EF)2Wpc@seanA1(-%#ChT7WprX@y8l?ape(g(8l1z%pU^c&x@ZjpbWXiFyJ8NUt<
z3x0lSN9lmC^K8FL==WI(*lXuUhdW#n^V@wwIbB1(X1{^sqPwHBwlJxkR=trY1KqIx
z&5_5t@`+6nHe|yKGgC#BSLa1qzQh}h8b_TdV<UKoOP|&FVVQCFj;9miRvoO<QvVKM
zMB6IZ+>{s`7welc6parkDLQq?Fj}l<bfbjZW1mPgM*wZvuTZ{{3Y(ES>*(<6o0Q9I
zlJDj|YLEHoaAwK<a~Jh!5gNL@J6um6iHMVWenMOMv6NZ!cW>Tf0rxL#xo1@zAbg2Z
zX;_2t^0}UK$%Pt6`5w=SX@(n<P;pYTDt{xJH*haJaPPRUqODzl;ATm5hDK=sLD%NG
znM@`Cn%HyP66PyXO7;hZ$(~tQHT<5<q~sJ;qRNzujr;AS!BVARG;%>$z38l>%aB_R
z1^JKc76Z<EyJcuwO7tDlG|AVK9~>M#O*$c8Q&phGM7iyjXn%X=0969g-Enn-mBbOt
z9JpRw4fr57Bu;kSqt9T7TWDL9!SRz@PHb(@mkW|&7vN4kb5_tVTGU|6PTCLf`Vjw6
z%NKP**Rf$skvF@d@0E$V@+xKxN0tqp+usDUc&o>IXV=6ln3?@9&!~|`m$PY~6Fz@(
zPd+!lZk<pW`F-KpqGsohpMW`$%>RCZdSxizDkT*@6a%z|CC-$8n_f(@sViJk-T~v2
zoR*YMBTq9!zui%S^}WA6cub~!^2Jyh4sgi|yX<*F8luf#6p-R?W*B+k{cz{GxzP1B
zjW8o``$3p8A(7#K#8Sfg^ZLT_!9?+$2iTr{t7hw3622|?qw}uFrO^%Y&?9`RsqOm%
zr7e%YHfkXxCyz?)JKbGcBHDLn+cC=g&^m!K3(`<s+jnFEkj^`+ByL@<pt2M!D~qN0
z%w1D^eMc<g>5&*Q{?}3w?&33=a^tljcE3AI@>n?*TAHw7j^wcO80E2h?|k*#(?q)`
znA9Tpw6&zNb>vLw0#_@F$jP#dO|QP7IiET^zM;n!a9hkrzp2eJ$;EMya?PdLzPysM
zB7;IWG{;^&N>3o2QJvLL?kBbR9vKrUI?a)6(RRkXvy*IeVOCEM&1kQjUkMv5;Um>&
zq|4B7<@Zl(YL%p+6};FtIW61GO|xbs{z!G&P(m!(?zY&ju_3Z3+WgeQ>E6Ys`kGQP
zjnfr52X{vgXOIeOycaBuqfa<3QL??DoH^k3i*cz+R!hzNma8_G)%k{>vQSI6)i^xc
zx;^wv%6f$y2b)3q`QXBpwubNq@k(vx+21OY2{e=yr*_9Gj*HuDv-!x@_4LWMU$It~
z@-9^V*P9_0dHtY>m1KU$(Hylk<1@SYdLi=RdTZ-z;hJ*gl(NX`pPRSuna8*AN12EO
z6_APul*qfB0O~BcKyTI%s(Qp(R^l};V*@7%g)@3%fF1p%GIY5&=LLl`O}ur`hWUVH
zQ4HR5RwgxaY`A@=^Id*f&X6{4o&DU`#s|0Qt}aBeZytw=85q{Lb=Hg@<!$?=A7fGx
z6l9iS&sLL9FmLHTTwuMeEW2$H__R7SRAWQt$HIuAPt#R{Bni|?Vc)j1z@{OkOax%l
zBGN0Z)*b3^a2dcMvA0EklF1(>U@4{U5-e`t6u6O8efvd4&K174R(i{eCbldAAL0cA
ztcuCDy+l)$XMOTIeB26O+*nNGQIQ9DgeE7fd%sOF*~+uMvJEZP{H01&38D&d-F}~i
z)tCq;I-=mX2!lPkBNOUd+;$bIp#jK)X!VtYLbTVjQO-HztEqmPGE`hY0DB(h+C7X8
zNI51fpq*%pX%eSh^f6TYezdHFz_6-t`)j$2!ewI8qYY!Yo<w#YZVSnCC(Fi2XP>1R
z74u5;Sl`X#ak0$gvEcnDDEg9^n>-r&r+N^gK&AIieoE#(#U7{I!^f7OXtU3epqv4&
z&;r&2Uo`?iAf{EivTSno7i_5+KdtW*xIOdObeqZrVI=OlDl$v)2SiXen@YY9y`kL|
zr-X)3+cu3E0Arw7!U4?-&J$NA)!8nf@1s#%y7GzjX&r}p;!w>=c$Z_`h&VMj7izNc
zF?L-f`1_3M7-KMhvn<+fpC~SspvlOCR9*L}gSE?4)iS^>#A1Z_QL(!E{IL3=?-l&m
zgb_uU!20E@e$o3!ekTl>8$&2`7U%&a>GU)-7XfAhO@_%@)F6NkV0t%T+xq!t_n{vh
z>BEt=y)(c$-t|izY(Wc8gx+0j+9$5>XHs+*pyQISz_S54p3M1B7qmy1SW-7JRJiY9
z?t6XRpM}C}>-Tx3BqhaRnF~!nt4%NVESf-542GMBlE?h;u0)NGyi_p9i+xuI?(z*_
zQv6X?iF0LB{0wIyc|8?3CIB&`g%xz4iJ4SkcK-a*jRlE!2{T5rdbzJb(BvJmn{55F
zBD2$2vc`5X*t+(qt!g@Y2(pGSU-uszXH=l^h7He<i}vm1YI<2K$8YoLg%?QfdnSUy
z&6RPz^!+#>UFlWeBmlvzyCQsjp&_+z{?2pm=CZA}^?UsvQ&gXY1&UWBF3uhnYXUF{
zm<Nt;U%|B1RngHqItnCw{uNfD`vF!ER#v)Nl~?&MMeJ8(q)nB3;rdVE%|r@RA~^r+
z1()-0twLO`-8&)zuRhixBJu*V5-j3-U~U;uokKHhC7EWI!#n)uZB|JHRWOwM$KQ2P
z9a}D^mRu2f>!?nq8A7D*Kw;j!E6Go9a~rz0qtbETP4DUaftCX}UY9*5Q<NRh1E3eC
z4~`#U(^%qW*3I!dGc(AQY=JrZjezMSJ$Hr#TygmkP!H~#7&Z9NpH&TD1_xU7!9L8_
z3BKypnY5Y2%-#T$_O`WF-uSh&J3Q-_UzGmDfkkLJidC6;N#oT?(@nC++iw#$!vdL=
z9|Yt{gl_>!bZrMCu?~C~m{GLX<TD(qA;wV2{X~+%;rBiHL2L&j5|+47BcV66MkRj?
zO{3lh({7$2*o|-#=6z)0rO1CymR;@1Wq|n$K&SxtAx7eOeP^;?6eyu$cQZr7{|CnK
zO(d8GZ`)-IBo#2y?!ec5H!D>hn(Tdv#A3$`R9c5}O7&y%>9l={zNb8;PU|!QkT}L#
z?{fbo3eU6I<Gb(RP(!$_tk`!T^(2@1Xr~i?mWR{g4gB6}ll;sRSTsEj#?DfI#Dl?f
z%X{J$RB{u?AH={_<=I&13@40x;6a$}cY|Q`td=c(c}V<8P)$E$BpF@*DHL^EyRi`=
zL+Owm`xNMCB7vWQ`M=5?72faOz>A4JGk4pWfkQJwr|DqU_rFwnrM2IPE-*8en*n9d
z`hHU!W%ru5S4JcN_pur=*TdCm#agq}x+7S9Yvm=<%&K#z?to(fwlmbb{o+4($?xF5
z0F%E_iOe&JcTM!gO$(F*01AT$+GXG92E92(<Q@RG1M>kP2jd(4GapJL$`cF4w9HhP
z%n)Q|->Fj%n@ja|>P3MOI`?PoBT`E5ua7w<T2-)z!{NA!9Mba2it!cZw{E>TeF)Ql
z75(GpMMFBlB>Y@LYSfY?l1<xwm_zOX4#O{r`;wy!?OYs*bO|IC73Rec0IUP~60Q)_
zsmEM-=T%q=0Mf0k^7|-<EswL{3Ox6f-sup#I+?G@pXi>Cm(s$?cf3~d$58qV9sn#@
z1lTk1JVbyWj0y7~%Td{f0NO{KzFit$j4e$aeUDd)HO|f+#v{aW?Hoxq?J5JB<bg%r
z8;ScAV-V&=%rAvQ^-wWqX1t4d3^Q4n9h+{x5CVA({)g+~jNEBrux{Zx4D>I*0QliT
z{33=&&9jZ`jd>*v2&!}mi6Kd*hX=n|0nGJrqVr_fJ${3J#^aMf7J+pINg||lfz&O*
z4m24M?V3_;lS2t&SDz;i%jw-@+kONDGtmuT{A<g(%?QJ!eT2#d;_L>`Tp-iXYaEVb
zj&9;iKAcf-Yov$(CN9&l>U0H}tZog1^jf~yy8Ep5$AG_sn|_<o_GGhc5DD>m@Rq&A
zu@u-}lu-8lELd~15WoTc3vu~982T>UFET>;9oWw%qPzQ*r#%}%H4i*WWLT-j(u``8
z-3^Cysy~;19X;(+v7Nfv0V6t{ReAf*s;Y1o9hhtC9e&vT^hrGJ!`re#p8p~af5TTX
ze+kG84}|qEd3^gyB+Mc0!%W81!EFJ$+oCGi4n`Lq9kr-`r=}hoBuuzbcz#zjZ!meT
zjZ3o+9d8Qn-rb>2HBm;xD<n1Y{MP<P!#m+Y(PcIt8~O#@G2s6p^DRg-iJwszf{GJ*
zkVqhu+@Yu`*~j^TQEthG(M<d2c6-UnBvuJ4n;MI#IX5eC=sHyex2HS>eNA-vcLkPK
zEsUoa%<3ydQeU^#_M#U2gh{;Rg>m!ar6w~q$dBiKy?P5$D@5$;h4GB5cY^q-y|Yz-
z(&JE|6k)n(T^!z@Q6%DUKa1a$yTw?8jzv+Ez5%Sz>Qs`<12;W`r$rvJDI}irwgc(u
zO4$^3cfw;XNFCS(eFs>Y^gxJDK0ce<!fL2p^{lpHK=`$!Na>WdzIv@#L!_XWB%Pd(
zj(k{V+8_cFY*2y#k9(nPlS8(<e|qKEiO{mNtYogDI&Nvd`8i8&$zoA}6vQlpP#`{H
z?ra!#9elE#%%qRbGhw<K6W*W(1ECaK$9j7?Q9lsoC<I_?L#aD`xgh2%_XIz`=}EVJ
zeSv`%vqNAuKvRBxbt~;AH~or8{6L6)^gd?iy;~~lC^Bc1p<Kui)Gbi-FEiYF;Hha$
zi>Pa6&dE9wr5h7oCOz*0I&e#0OBr1=Ga%|@28B*q?6=U*(&aVFL@9?kD~DD^Y6u08
z6wNVDi7nG&E}qiNZcgozQ9fk0OavqF6{#FDZ}3Gc@z{vCzM`9*kf16geas)d&TNk<
zPx>ez_w#H;6C;B9`9_EIG@2JFYVMq5k-Q<1BX6ahFZcM!9*q!d$FgNI(<`Z_{#x|&
zwXV53K;SVtEZXEnl4!^(r4B*~3L~LUWYqP%_YMzPbcl?pbKvC!pBxJEI>J1!XtC7V
zIlPtrT7^P(NoljJ>FaFrhc@&^6q{tZE$nr*q(co~-9(zGq=ezufN9;6KI89#S0=LW
z@JY~J5?Ub%(7NIFekf^ag0V)1ce!hEG}tkUtnR@QSGo21sjo_FFg8CSBQrZJVdA|f
zXTa-2U!K{s+woVl%ho&+xg?DK_pTjMzVx)C@duMz)Pjo=K0@QO3@5`rrL?W7GMazD
zR)K!li)X>uJzVKy!^2-g$IHlrk@pISR-tzgWSQb5d4vFDnl}N?8s#z{M(+9N&Jpz-
zkl|nud-L53ym~0l+>}+uzyM)K<Cp$XnV>s;Twl0O<p&_r3J26#ly<Cr|JdKlPYm9w
zN1oNO1uOeMt9D0H!NhVRUB=)L<qDe~7Ny0toq)&y5*d(I$MJPj-MZr1YG$gdX-}$z
zy;*NcwP7VPf+G7v&Xo^8Ayy)Z$}5At0vLFx#0ngDVr~@GTg<n6Ws;&0IjQDqUQ>%m
zK0g;S5y^O%;N8d&C$f!GlrDBN&iDk(0yZFRWR<p0r@j|p$Y{*6t86DV3{X=F5&28(
zp)SI*QkEWrt}FiDEm&Q#g7Hx>duKp&(^B^@pTRI;W20;tM=lQ?6GS$ycCz24$Rm|f
z=JNPMM0aa%g7x9FHrOLt6l=^niZ8p4$Z81)QgH1F<T<Hv7&H`yq|0jTOVlOdTt#gQ
z;<?^r&vS5WrTtf1{}|nXvkeT2^Se72uoh$3E?2lqM0pM>A`p*I>0L3IA>rjT)-YK<
z4FXKiy1#;-dX186@5#eZ%jrtHjeZ`fq|q)fjmV%*k6hst&3ZV55j9=G=I>-CDI3G_
zv0cCA$x$YF>_ALR+SxWcOHTzl&NG#hJQ%8d5W(j+%Xp&pl$Y;>Yfsjk#l1w^{8)V3
zbeyu0-6b2kO!C^yj6c*t5Xo3oP&$5s-v;sy?beIUl(mt64)5AMgBxrwDeWdoenjb^
znh4nqhfjV7!5fZU{B_@r)_{p7j(l(n(bx%jEcq#xq|@F8ndYE(vP!?|0d$%;hftAB
zL!U#<Dn9h!>={Y^^p!@e*U8;xOqe+={)o51&n&t-!2<+2SZXoj)VUJZrLZy;6>z(@
zX9uI@L9lx#K&o~J<teB2x7~Y-1h8avvk#8a_^1w~T}_-(cC=(789gWa3Y4U@3b#7E
z8TGYv51^;^iHS21jn64pop!U2J0I@jdMmw9_&L!_glHuLofQo;xs7XUOJ9B`Mf+-=
z;{oAl9+Q{`PMHyVt$K5_EjR5kvpP)d3V2EjJz**qvQ0>PX43mn3F*R)342+|vc2rI
zXQ(%tb{f-1z4Wlx%k836^Y0M87NSC!jkT@w%uf~X7OjW(=ErL*%Hb9a-pjoc&reM&
z$e<wak%xGE=rd7Y@oc2p{OY+BH=5=Qm4h`V5{(auULJvhk623>4zj6?h9nh!H~P5q
zzJj&5A^lD7U7Vt2@N<dF<d(UZbd!_)m(%^zInS<y5BAM#?PC`+w(QiW|0p0uwpI{4
z>Qf!$q~P^w@1^CWK-LVOhmDjfJMx5X=G1QsCv(_RFEyAnaXm1fx5aJVLAP*cy$Nf%
zKKo9(%`cl9tss{Tpi1*4PV#cee2x|+@mE!E;=368l$7p;(CEii>JZK&#~&X_wH{-0
zo@IDdde3OBXPC^OT>Wg5--|<5c}+o%*BqBiE9A2t2j!VA_EdZ)KlSt8=a$5&X1n1i
zp;+4utY33C5w77-96z;nuN&FPnB0^>N>zIo_Q9hDAtvsOdhPT7azp=Xok6aztQ@BN
zAZ9Dn5~E6tkDGow7M@VGRU~X0-PUy)#znptR>sTCtYrfk7L*m!EL6}_X|;Ao{t10E
z9ggLQgpK*jSE2g78#tk=GxZHh32N6nnC2sNobahozM$iW4qA9xR9;wBP*R(YHc>Gs
zRlbz<8D+nLXYjovYDeF7qE}lGyV%$J%N!v9C8_24zN|<V-jJU$b}&}bH|N<vxSbiu
zNs`TcP^P;r;$ucSKOC@d7OvnVqnQE`o-OOHMPjh=Oty?%9#y(YkX9O@QYDzAj#*RA
zq>OuHR9Jp0Cly_#tPcW0JKqRFkMb+`?!yKK7WiPm1l;MORVOrtExK+`St$!p=5iL%
za2T>m+EA7=Juf#$lW(u_JgY_s`UtG`<zgAdj+&}fkmMnbB^q1fD7wCyY|W<>_yJ3_
zVVD*qm{LwN>V_DZ>OCTHyTMp4KaXbZ=>b&5T>Ar9D&`6(gcQPQN6-#JO^h{n+0<yA
zEB&B7L5x$;^E?SdnYJqyU#X-eMIgM2YNzTx@ysBy?vQA7z;%xvLr7Km$RGS!KO`t8
zT4Z^snMv%z&V#wn9=0(>yXX6LIFDU4i3t=>lNg%Empjc!xaL%=5v`Q)vYzo0?KazU
zt5e%1_+=ZQ=jCS>O)*sP>eD!Um3;0;xr^LO?1>!0lB0EAc`wRWHz7xjiN>ty2s>#m
zBg;U9K)kL2;j&w1zW2&C+2=Yj1JElB=I-47D~XatJL9|uqLfH6mwRI#K{SM}o`p)R
zl*h5@Hz)6z7|ZWQZG&z3XKg+6b0n;1pb#wAC-I+2Ixv$>D4?d*_w?;CESJ2SX`5Il
z?fFS`+B&M#JxJOP(tzt8i-$#W$w(_$P3@xqwfUwD7iw=gWK(A|2ho!Edb)OYYAvdW
z{T^MEEtuAqH0H1zEMiwv=vMXW;ZioOi4?EWdzHTPD@v;4qb0(;O!;C4>5;L$1kR%<
z%(;%)+jAZRywWp9+-2VE)gLYA!0brsN8n=WHt^2@?0_JXX~+cauMBQ5AR*Bc0JS>x
zd`>EhxZ%J`TQaMXJ$EQnU+%Lb&Wxal<5arLO7oN~mIxem!z*jxYgBAhpe*JHR6UBC
zDUq}u&JLx!%Two4f294mlP2!OLpyJ0<V5;%ca7Z2D-4|6BYp-fqb1fh(BKuM9!j;-
zYxqTZa^H5wHOIDO?ix|+<33OtG115-2-iIM;cJmhc=XUKSf}wDoZ&iQD%c#0bJa!2
zlQ1!r5={;BO>`KkKRCv~?sMWk_SZg7x$~a!U`vR^tCY28_xsTqI1J)$ssM#_pFHf&
z>Lyk;54gnMKbwRl=B5dqaq0sL(v_M*RP~ThU3-fu-FB;KTEjwRxqKi<ZZ{N&`l(4W
z&#-d7iw9cYKB`e!P(IPGU&XG_+{5lu>277Be`=mvIe$(N%DwDsbon%6q-#9-$x`@@
z$w{#TF-y<dl*J9_pk*3P;i2Dm7>1Nb>?n`7e{Q=Z%_s3>y_D(!iQXi?F6AMLtYh@Y
zml~BAyHCHT^`f)h_JIRs%PwbCcCmvca3`CMBN=498#z#5v6F$K<3MJ?VD0`SlYJ}$
zigNZw4xZAos@`h?DgE9fFER(|jXb#KpC+#KOI=P)`3-N1rZ_p}j{>@&#=NBmIhy14
z`6m_Se?z@}+{r@oQBJ4?ncZp1>rc7(7s#ytq0av&JA^tj=6Gy^J0&UQJvQE{9}=$P
zyP`uyQHiNR7hW5FFHDOvn(nucp!skA@Uy=s@wBCCYhAK2FK+)@9qRHyAJY5n{@)7j
z&}Xe}o=Sp(;elnTz_*!}ruMwg2H3}Ul#k9*n|e#&9^KVh=$kq(>T_$7xO-vdNsih5
zIh=YLncD@JMBUj;84cPr{3@QGZ=9Anw?;EXZKr1#BBTZB-NgvLn8_5kD*RkroE}j`
zpYDsBuipOYv7b$PAwtn<F{`1E;UY5Qn1hPF)xFZQg9hK`hQm-#<}K{N{!Ks)T<@WJ
zfx3RX5my8Rv;;E3NlM4YXOM!j`Z0}KS|gHb@t<JbQ6{`^X&M6PbEfbTD}4-LS5C;0
zDS-J)DFYpqBjx2hlAex14;MXsGBa-fn2hI9jIl3-#n56vM!&U^lUgL7w@hAe$D(1E
z0j24z?w~nm+GC76i?#?==!A)8D5uXB_?d1_aoC9j310EkIZPqU@>q_S%(1{UCBy7S
z1thMkFj-^X!qUf7J8~hSWCroMJ#J9+ggx8xDts%>0=WD9zz1q2`y4lyOsX6%COw~D
z8Jx;N{7VkoA;AiV*9p<rESK)k#Ur+5ItiEnNEhX+dWzUrh~=m0d6l}_Wk%BqdUg_8
zd8c+OWNqKqar4QREt|`RI+`}`<BYZW+pp=Hvs1aNw`7>hCVSkgBVpVwMAvOlE=!|v
zK=N=QzO-v;;vSmU-ZrTO&!MNVjI2y@=<`a&|E*Rv(4c!cVySWRIwqv|u&Z5+9+tpJ
z$H(H~!l-7)>lej!Ujd21)cN^=<t3uhoLn`aQTUj}MX{t9&HHFW>c#83*gbzWOUcav
z!lGuAT*fZ%#)#*8rDX?G3-J~gen3U|fir7;)`Z*#66i6=uTNqeXo&snyWTXk?7`A$
z<j;-jeUmjfqy?6B_KitaX&6>T0KX&qj;>wc5a$#y1+B|>qPCl4LozMYw1*99^hoiU
z3(jrFDqYtdAy#L1b7pF9akcWCS4vp!{^70-9Daw8f;Vl<`!XP`v{}^Be1qLmr>~95
z(QI6+$XD`7H`SLx>8rcdxw~wq7;`l>i6zDPW|kMcHP`WwXpNe7IE+Xu+@x3;&bKm&
zvNw8hXVD|3glhK_7!2JM+;Q0>KpKO^UXD$MD*j9zQok~&p(5=s+PlZMB%&=bEAfSU
z>TK+mOJ`9<c#l<_WcTb1{Hz77vH<)H15sJzkymA|C#w=iN4juF+!b@T>T{8fn$I@&
z$#MV6$V&g7QrS%=M}2y{#3G?~n&10iQ<<`u%A-ckZ6wYLL=<d0`|3_zis+!8rMH_K
zZ#jQsmE@qPue6?q^cZQ~)~X(E>FtYctVkkv5ptxdQmt=Nuphh;z^2-q7(yM~;aLnY
zN<P@ehx8hMM%vP0bDyuEL7pZI+-r2KJ8(6XKI)1Z=iXx3$8@`upGG-wQU-N2H$eQW
zv;V%V-gWP841jPOkEEMV0YKLzcbQ{)q|y(gpIY^O{pn3E&`z!n@UvWOoKPOillS?E
zB1O$1s{UM}tg>-YR$<)o!~N@UGnyl$bXpD$t%e}(IyK9$OpVQ)2ng!B!=UOq50q$D
z$D4l>tKf$dt+N#$M#_-vEn<)(TKs;`PO#6-BO#R!TDqYW5+cjaEX{1v)l)(Lu_BfG
zRCCYw$~G&81e?t6p?}@|J@`2YV!K%WWI`Gh@a|n4&5mpr1IBsAEkMG3ttQi~-tUmo
zv*i^DvW3#x@ZLU1&BJbKQ2y)}D`uQ#be_C`;U`{(OKw&Nj6;7UmiQ%knl5Ti>T@et
zZdF&7mNvPx=ZymWSv0G`iU`PtF>&vA>GKr7S?i_U(GAi^`>@8Wafuc|D^#0Sy9mXP
zh+(D|W`joIjzl}mp=H2g#(1A`&fTy@lwRPg8|&7L;UOHbX{)%&#5f&kE83e!-~NGN
z#La+b)VKIrcYG<9leaQekz`_#_bTv=fv6OgJ0wLgTcJ!y;H1(eA~+^SL($}Ujz&~E
z{#tqZ`+KG(w1*`;bRphyTP%>N*Z-;=qpeM1$?7v2b9;4`GhH^}+r0kekfVe!Cc-bX
zWK&_o$Q18J1#3Hu7~#z`#<Prh7?Sj1=85cd61@j-Jgw0IH~(mpGNoIx#K{u-B?Mz{
zvji33_C&?MqX4z31!>fB^f1AP>Qs|t!w{FZaMU-+aKRFc0r0ikq9M0PSk21IO6eL6
z$5P^T2Z}-C@W*u};zO$Iz2f!?Xzn~4rFR3*%=7DTWUawVz(A1wt7WKUbvJnQalGd;
z)&W&`>oInCJS7p*D(^*P^Azbgkxlg9gaOFJp0DR5<bzG}u|kw_*~{wXt)rXR%yzBj
zx^}Jh;Z5{6Odl`rKj}%ubVM-!z_i;H1OQ7T`hj%qdv!?$dZy1+aL?=GNu+(8Td8x|
zDXImaRNg}MLG}%7C}Ra0TPl*Te5dSgVhCs~2PH?`k<0YRsN@(#)4hT3Y^90|46KLu
zez|v^9#o@efJSSgfx)1l*DHCMt#ZSyzq`}>RUqBJ43zng4gbwkzLdtXDRyZ8N2J+C
zaGX55>sXa{<hioH!fa3zRi)$CNcqCL!Ij9iV%>$|@@<y;JiP|&j}4vxY)3iDB~<x5
z{U%ENI}zIHVs!aTlKKy+ZQKsZQ6IBN>x|i#dXvaC7B%W)hje{bOcdkD@d1CXEgv-i
zPRJ3iSbFVZXS+x&6E2XdpCM!tEd*aw_f=m2=cBM|jPGU(tWM(~?G`xG0Ix2az?au0
z_L9F(r_hlrHIbVGoGVM6O2P&=-%AC^q&_E~|G^O7*x4O!J1*V3b`0c;Ce~C&q4^q*
zr77vjmauL-A3;XdJsbN>i`&2OHx$)ChIWpn=NJU7HeLiD6x#t!`V?uC`q%285|Hf+
z>0%x?{Zixy%X(N$nWXFrFmyAg-=P-*J~vh3<mDJot{)_9;*NJu?(}7~j@*}Tw9Eq_
zsN9Xq_?p{5Dh71E=8N7Wz3LVCyfI4dT3JXw4bRQO-7ilOM)Es(O2vNo(k!@DShLfv
zTgNj6Cmzd|ldyW?5XsxlXrKGpF<)$DIL5(K-+=B#j6gGmEbAl7NTp70JMA`l&iM0$
z^95#W1h*h(4nZ<Hm2)-qyH<Ugz9?Tc*uwHCnwF3-R#<-iDs7cD{X^}a4a>%&BaCGN
zL3~RM5TBB)6?(4s%eypD_0n|6-IZ+QTebQ=;a=G!*{3O|CuV;Dw!Qn`?p+G&p5a+a
zraVOEsNZ>V?8E-D^tJ&3>$^*p{Es&J9;<Qj-~6v;T;lB#6tG$cVy!AHPlIP7r)Hgn
zP+k68N5YnG79ZNP47v3;fmhntr*0b6=&i;aO?hv|8Ch*Sc|r9=z_H~8|J&mz!YOHJ
zI*WG!eWC|y_Nj^fNWz;0ZGyYOdtad}s}2T_IE452f-I6O2UtQ&46nCDSy*@W@+%L;
zsK&J0wDIbPb^XEW_Oe4|(pnZ}G96+nV=>w>^{5#1+*^c}H;@Pt7$iKLyyR_l_LBWJ
zs1oQD-sLd~T@}I1U<mGnuU)nLMqe?nl6vvKw@6`3noMVm%}akk`OG5DEt8VCC#6eE
zJdKxfn()S7i&DQZt_HInQsLc{WTZ9m--rQ^LcE#>+wOJJ%Z*h9KVkTbomQiOF)0EA
zNsk8FouC(oT0bU&K)V5}?n6BzAbL@$u%8D5D+1UvCahl3W2YjhuxncKic|f!DPKwm
z{t(jWek@Ju5o+VH$T<(!ZDDzRWfs^We#ya5B|^NKr4aIa1=SPEI1F*AVFWc<<9L5{
zLVfS;(D`lK2nU*W`;6|~^4`0^o)dpTIK?)je-y*-k#+`mgQiHhMa?f2l3QQ4+i3%D
zPCj>ma&5}3J1?gW=v-9v>c{+8#vP3%H2RIL5yh#x9bTn;mszQ%S<W1#|NZ3zwyE7;
zHdA7!8Utik?Gt5niR64^V?NW)GyFd~`xYrTE?m$cF8<amsJaWn4-LCpF^lUkjgQv=
zr!k;6hbXldG>3Qjl%f^_N94U1Q&eKBmuSfIT(jF*HKGs58#Yf<HW0-Hqq3*ehGPud
zJrsotyiYzq%VV{CWe~uM$1TK~tg&5LCeh*SyJ>PJf?=XH1A<!N+LnPv;i262YlckS
zfgXaKlv!rC`<xhav--u;t3>Oq<eB!0e!YASL&GJ6?kDdmI&i*fBNKqh<Y2(JD#4`R
z_k(QpVHbL?kP?;l-JTUBH${pgR<ce-hW{W0elt)wC7lT(IY3HIqhjlf*1lCF&Nr}s
z$Jm}M`TCJAG+ov#-HlK1mh)19Po-<S){E;s>KXkOeR`a9a}T*MQ=CUyy3eC~7-wmb
z_9+sYf?K+;1MvZBLH*Eo{)QDMk!<vPwA&y4*GiVOhujQJMVxP8z8y}L_|l$5c#Re&
z9@eAKI!HEuEUKWzS1o*1HYxsv4oS~iulgUr`LrX2mf;pC4mvr93k#OZ#4^K<9R^{a
zc|5_yhwEaxJuH;B$KP>VkQ;{$Q}5C=ss5g;Emyqv4e3zt0jGdTndgNP+u@2iFgx%C
z^`GCvDvQ=Z%Dc%TDZ!YQeKc$-xkZeVCWj^Y^YW|qI)*`x@^Wj@0?UQ@EZ(l+hPOW}
z^g|{IGr}qWIN4-H^{EeDe8Q-ZWFom>mhRlvj#*7Z8}Ie`@vCX}kAw`AA2qdA7e^Si
z-a8if)j7Q=Bh5QRzHv*V?2$0~9s3K{yuW>ySi?O}443B;DwE~yrFm-<GZd4P*4{))
zU87%r3#jw;4^o5lAHv({X^YSH-m%2(@}X8{c3@urwntdO>xXiVN=yG%_MPVI-Y!E~
zS38j)`bu}2-{d?LX-yuR&rKWs=tg<I&Lxw54}ZZ}Hk;=N*GrFccC44VMQ$vqT$bbR
z&354`S=3W{;M8(Y`y6+RVe*+qbAv{PN?M+YJl=nl<b<gI_!WGPOM1RGM@ZVf>&`ur
z-lD!{m@({1)Z6;;c|WPBj#!-yRtPcaLecRpIKhiDozezZ(nLeoCh}^skQu=^<|&3$
zfJicRGxel#%0-)flc1`!B9G7~wWJLI00f6VswpRcK!4<1l+C@EC8fs7sJ3pQirO??
zB`zdE!xRodM&jKXlMo}OC^>fuy{=n6@?YPFiTI=onfXn<<Ixn?rJpK}(2E?(urCNN
zJk!B&?+s`o=8r=0&ok|#XH&x$&xhB^nG)Tn$LhHn@{X-*ozo+Fzmw3u+q$T+_$bR>
zYb&$nLyWpLQBjB$@&|Qy>cQ=2HwT8ED18)v(dJr$90>KC{POgv8b(P`-U+vf77ERJ
zP@^4<v5WC~o=^CO!cLbmL#32SK}+okQfL)JUa%2Y)t?fErX6R8*&j+x3afg%5N3aD
z`|~4TOJ2haY$g}~N&aI(tBdesLGEc{mSbzbG|I14wKHS;@u`9=J2LX*q~{C|x4oU*
z;vuKRBznaE1f2dnY-TJm5sAV7Y$1Jmy)Igq?d8?(04dhv^+k@1w(lkXZILZL?)b53
zmBz^%DDg^#dwh?}+1nA<O;843ka2~A`ApeB+WvJv@QWc)Irh1nxi{hm^(TT#58~gv
z;9jrY(RL|jU1u>dCF+^hWL<G@Y4#Q+%%DDxk4@ovi?;%GMROpA2Onm;AE~msAT8~<
z1kY++4YML}q%3@Q`EzHISq=QchQ40D`oN<s;fh1<bxC-$wYZDNX^>a3b=#{;Yq^Nj
z;gWW}TK~pwNV@n$4^eUVnQ(9-+{*l08=eQ&@0<4H7)l&+-a}q5V%9+1I&f3<K_pl2
zQb<a>e{{ohyU+R(H}2+lA!vTbrVg%PWotvzhI1f;^&oqAVYjHm9kKS|LLSY&rdCnn
z<8p2_4ZRl3sie?ng5ohL3^U#WTCc^k(|@CUY#tA}*0l5@Iq?U1R#Kfb!w8S-phO(e
zlRq@{cJ5Y+QtMnUiWe{mxmtmIH0V@9b<@LJUc&2|((EB%8R&2Y9@WSRJw>-+YsNrE
zp}Jh(?$BPVHNNg(GnxD$Crl?Sm(e+BpqA3!(>{-`Y{#DWJZ@j=58g_>K1Sht3_ytG
z`2&x*$2@hCqX(X6oli2kb@Rnp5R~scd#v2aXZo|^NmHhV3XiOO>)mlY@{sj{;SGfT
z19dhDy4^kFH_EGy0^b}wjAAvc+isC0+xLTYm*pBV?za>-4$mx1aem`<zwb|-M}KNb
z;R_FIVMO5;KQsDx&VWWK+pRQi0cKRv{lXr*a`&yw5l9Qq3nGg043Fy2#SQk~K^Xx^
zz%s_6uUDFO2c4nYGz3b2z+;tga1FI5LXwfOn0)#g=Lr<S1@NIID^uG}O;b{5bRzJ0
z+lZ1>%oE1bg07@%UpD_7RrKA1x;23`UN>4KUwTZ<Rm6_y_0c5hSW0{M;DtlcX~s}e
zVLJQrf$Rg(1BK5E6}Y*3ruyae<a0IU#b{mKg&(qLNL}LTIJ_^er!ac&C;uz0MZNJ>
zPao}u<E%4|(1|#M{qJ?pnc3`Dl`oKNm6nY#sMv0uyfHlV&$QV;E$_&opw8G|QWvsa
zvH{35{vL<l{;VkFleG4};c8dr+Y_r}F(wuLrCJDdRA;c`LF4S5j@#oplfvi{OhRJR
zO{e3`%}bUbCwsR?YEmFifEkm;l2cnp(hb9P`!t#KMwQY_PF;F@=z@|gV}=W+l!0PT
zd^t3fu`2{ffYvys)4DjB2tsBx+L19*=E^!jWq$15HQG{wa+fOn4}$1mO@GQjma^mQ
zvL&eLxq_*Ca1=<~WpS`wAh?5w@JZLXC5vAW*Hx!Fh8Uq1;c=|qXjwjdHE8~6`pm4!
z_y3Gj#&GFK)NeO2B4+|PHbmYe$3)q|#ob);H7};{#7wG~QbuGOGOsMpgh^9wp0sF&
zqEM_~0)tRG3PGkAg+qCkG^8tFp0yX_C(uX6%aavjDb~|=aWFc4!jem355T1t=zJSx
zCSetd6W+1_c%>@So@ByChdw84L=92}Y2idgMoHPP-BFvzQ_>B!g#^2u2J01tm&A;O
zckAuAuFIcKqV4WJ6P=e;!+c!sEI3Q}5A2`Xb<9s!e>o2>9>C4uB$H)FxrT3?@<|@O
zqWjqhbjM`hS&yJ=v7K(6DziQ<W+X-}QloADh=%C|Oe;WZo1|)4ZxnK<NM~YSi@WMh
ztsh#DG>7c1x__R#AY|v^b?~=ih-(g7n7MaT?X%h6QA;aa!Av6>{H_ae$~zJ?!RMh;
z(kE!-8g*JX|D2g9B_=3o0j<E~tKJ&1s5Xxs7SK5^=2<4$Y|_dZ!=w7HHq|fnrG4f%
zpb;_4^>P#W^3}jK?qUu5!8U3C!v|5nP7hw%_Y1rX<PO|No^foH=^;7F(L9Yh``kLf
z`0TP*!bo9hM(1pe?72VT6sbA(w@_s1876wMQ#{-~o)!Sr%NNXdSJST*>}Sr)CgU&U
zFa93&{pC*Q>&GrQAz@9cxl06uu~0N$vA<%%o^ykBxETyOkCA;I&tjWp{~!gK&RcS#
zZ#D;^&BLv4R%0FPn8`NdhbO9kk@P&&u-E0exaj0kn>O5dXIB!}8H}}~4%2dsr)p3(
zQ0e5_+c~Yax%|}p#=hF~*U`O}6W12Z@<ypSw8-}XK$;`S&4-jNfz5e-isvk-`j3pB
zVU0f5_q*fGVB_;!l`|sxyM6aG@#QIb$y2lQZKKQ;K0DpVlo--)@CZ@o{>s?Fb^mLy
zMP~XwU(GwAay4u`K5}@NMn2<7gs){2`E{Q>R}+2xLdm**`VU>@B=LOJry=;U&wZ&+
z8&B6Ks>`aP=x%|E*^Q~}V#KOhGed#UNpOl1FG32WP3hpoOE70JHp|>fGlZ(Ea&=47
zOh)ehv!@@B(8k<+Uc3gOyQnY84)P+-!doqY<sJBb)<{lb0VU$^y(QCjX=w#%bJs#k
zIA~e8f(P}ITi_^Da)4FAW9;&}`Hb7m{b6!8e4H+(q}ktJBFd0i8d^JbU6IqS{D>Xf
z4evUF00XxoL2+$4`kSFA7p=kBpKNY<&*_BxlBa{_t@0IepFQ@;-p@}ZLp~!S?5JK(
zmNM~w3T13O#(gZ6GEVM-CgI*{p6?7_A4(+bhWIY=yjkBe;Fq~m%YFKtz#raCzPo+5
zn3exFxzR;M|LCLlJ$vcz9Ta2{-uzy?DZI;;KYqJuP270uFEjC2Uqe<+vRIy%?@U;X
zn8@ci%(bF_w{CnoO5_Tf$fDu}dCK;OpCxGppf10QTv+)X+4dNA`^-6kWBeG5KYA(r
z^rA*}O!<3~)>7hTEkU}1r__&dDV?yNh>STvo|ks*?w1EbalX;REJMZANIb)?N`i$#
zw?%&J;#<8tY||DcS|OGvw!2e4nK10m?p&(@;Cop?zJiTvDDfk@(H?tnWL-M4s?ql$
zg2f!P$eGDjwY_Ysm)Axyq^zVZR6mk7Eh`ig)a7WObHG`1{y;vVl56jj;&4)+A)y?S
zT!OE80na;eEqU(w4iekpd(hH%?G)FLd7hG<#?&NBI8LYp4SLm;QqV}auHA^*h^b>)
zuAu^2=uSa_vZtAz)S&?tU5BY(VGz1d(pGY#KGDZCgH2$Mb27J5B3Eyq3Q6nBFo~}$
zC&djP!{~UW*^`^x+N35KgaljZ{-ktjoel#x)@epZ&*z__-m(i@_#SCg9;Pco!K=-(
zvG@!QIz(MX)@1rV!~Jq9i2{jM8n)fg9-hQ*`-3CPN!O9P8grh@KTjM)cD~lb_}K0p
z+o48->pu2u(gN(X7qv1SY@`|V^qDr8nX~$rE@N>+bK5`#A)T{xghRJPqH`6XqlXUl
zc>ib)*)t-+FYO>-;I;`ZBupJr$@Q4(MkE#z3C`-)5|+^u7(KTh6VsJ8mNut%v<z9A
zHXJlCkU3<XxD_tP0~$j+=wOra9jpgT&u!V=Vw;UN;ay}APwd#54?SO+&-QMUKDRzs
zeR$jH_C~Td;=jQx`^U;E7Mxpoc3?f{GL{N8{zS?8IHYm^i$?Ks_4=M3-$T|!xnc>2
zC?P8))gqbfP^741BK5;sjkYJ#*J{JOpA8G0kS);q2{C;c)vJ7~rT*!9{%VNG<jJki
zhdE3y+I`w9+4x~Niri3QdxO*Dc>IcI$fER2c1n3?5E@SD99R$?x`ss4J36cJ3u%T^
zbRls{$QNE*ASViVR*k=hJo4zfxaVqCzl%@p@yCrELs?2aC9*OKS3bes-oz)r=(6{D
zrt4f=FJBvFdfcBT-qYu>F|5A>Fm$wl?0H}YSQ8{dS}IQ=*8UaDv9=wnipd^T1+vpN
z^v;dPhSFm-zkslHcfdr+fxBlQLnFq?CI<gyU)S-=2hz?PmkmYXSlye?_E9z=E0EPF
zAsjgC*Ti5~mO7IJuhDw<lZ*o;yBowil#y>d$5zoqM=5-fK6A6-k5Lirt|86b_C>g<
z%(&6g{BA9z<!P!nr|sz1)-P0hsae=m)6VU7L)PW7Z|<J=y5>g$d<u^|j&L90q9;*N
zS1Eq+nBZ*|_UUOg!$Q1Sel2a(=I@NS!a<&Ug@c)$dv+mTc9NcJa%p7d<ZyM@i;>3|
z$)J%q5Hiw_e%(up4x%55PQ9@_E*fk2(W%VUj)U&RK$FAu#-@vlk%}gDv5pOnN;>X>
zm+UVNAmz@y?+6K+JpL~D+PByaomo=F>YdsY(*{k-+WXcuxs14q*qNJm`0jC19g2M8
z&?J04#-Pt>KzN(TuxVZ5<UX2vOQYfjLl(c1!jFW#tV<2@y(=$atIbqsM;<anL1t7W
zYGvZDv6aoxtubz7TZruZ^pr`EsCVBLS7x(=ydA<$`of$gCc-v4N+;8gDF(0xsm?CE
zFG+B`LtP&(vZX<|n5-cE<mmt_jq2-qbv!4yX>|j?bhUBmJgTHU>)&V}7qh_1s3nop
zzpXzzXLPLnax<R+!7+nA*Pl2&*Q8U-a49@;b?6=@c_Ob&K6pwg*0_o4o=SjV0<#N^
z(60~&PCqFwcFSQ<__p1hs;LDPUD^ir3)Sd_8m>A+$o9@ETBL9lB>{6P^Y*8O)a#e0
zVFA<2R<-lJV0L$K?_BTE9$jc7IKHWWR@Nd=^jGh_m(^CSLPjP==GMiTxcOlZqtld2
zFQn<W9qFm_yZBnT1RC9wb$EfQVn~SIg+@i(<T3mkn2fV^rQ2&(n%!c;Vvb}p=Ptx|
z3|Y?$#0v_t3#ak!&0QN=WQ+yyQ(O|wzm;V;CgTARB3e^xLoZ{u@1PQf$$i>Kp_3DO
z?7nN7&0i1om)2qw-5mT}2gr(bn(di$#4}rUy^$VR#>$wLh<+&;*Lak#u<g8s(U5J8
zg#d+!FJVpOu|A9FE$IBZB(LjoN3iL}cu_*`luQxbOZ1izX1P1^5EBesthw%G31_%S
z<emc#so$aFAtJld)i&D}nvr%^+(QS07#^%3n!8wQgvFBi!X!<3yO=BHd>?60Prhef
zB~~3|S@%2yMK5e+-g4+vx?vVTQpQsm<|JA2D~Hus^^_lN{<ziZzGowZL4lAtD4N4|
z`OEVr(k$k7A6S9aE;6pFuMEY|nQ+t}+1L!0PR6yDQ;qSoPwwYYIdHMD6jc~j)^uNQ
zD~>IbH@9;}uSW=NatCe06um^`cc~Rl?k3synC5qp#B@FF?{*>9wm@kr8xJMHr~&&p
z{{XbFYllsIqC`#n&{I%7Y)UvxPOUkY;a&S`YqdbGS4Oi;%c(D^4vc-ACu*q|$IzNG
zy_k<r=H!;OHt6X)+)1>Xx!)h{t~1-S?t6n#f#~c+w7R<!HyB;YZ8ZPIyy*|%I@2wK
z6>dME)wy;|nao~*;GJr(e%PeLQ?K`$mylZ&tZV!l<n@#?H0{r5cs&-?+L!ny{JZIf
z#Wdo)!(qaRH&>;aLrhJ>+i2lxSgjTA9_)sk1#5N&XZ>pWVk(V~=Q4KoD(4OFG?V=5
z#U*Pc%Aum_tK0=u4}sU>F3!MVbLK(=)Zbn&EZhN?@SH6)qb<ClBUQj5ZV|cB&D#9i
zehb_f^D<OgFz5m3l9RX7x6z<H`*>U#u7iRM&?cDo9C=)<{`RV?dTxG%BJBndz;HUA
z>1Ji3qg{};eNU?3s83kq>bbQK93!K>b&Hx~Un94Ya$cip=92OE63p+$yxv|>?tLmj
zd4Xm&|AVW)fU2^6zQ<v@JEXfCj<j@lcej)X2ntF!hwc!S?iLXNX^;>l1;wBRL`6aY
zgZ~_TKHuNF-nCfk(IwA``<{EQnLT^<){$w32%0or{nN}iS2zetEG9M3V?V#Q;Dozd
ze~);)BXD7c#$%JnnQH-3w&nAwi31b?prbY!14XC$T_HDC>9d`l?0W4onQuB%p@=ug
zaZ}{9546(8vQwTczu+z9tKhD1y*AJEFqQ7Zov-qHH?kk%!GZ^X8jkInwfLzi*Ngrv
zbVtk)AFCVP3L5kUU&<m%YJ8%^#TShFg`&~;?uFx5qfk>VRpYqd)(5g9g$n0$*en$T
zb}*}OeLt)GT_$LU>~1_4^3m($5--6M(5TBv7SF$=o6Z#kQiss^7^fw_0v9(iC6b#>
z;%1}vr@xL~dVSf>HSRh_*@9qO-7#Bbb+18Hjczi=iA^JABl#myjSk|@bPsVrqO$&L
zibYQ>o9GpoU%8bpHQ6RA0L5i|1f$V=^K$=k4LlX+KNtk-LY2+uqWIL59PCz4K4QA_
zj@}j&_22<1q9EBPTtX7L!=_aTdYd{D{QJ-2bz}^!Fb^vj7Xr$a^s!W|i1szV%CkDA
zXfE>3H4{;3EG?BU3W&}&=VJ3optW@ia!+5jLf_=bCveO5=!eyx`(ec#`V_pkbDguc
z6O`PEm0L=g(VIH>N_4t4Dfub(HT$AU(o%DCoIxXNvsUY|D|m7kkWBVCEIeYkr-v(^
zi_zh7?r%{?=_^a&*1aP2?u=hw;J0l`&X{J7*J2_=Z8FK~IoC6~=+P*DeFCprDTy!6
zYtc{m%4LkKYsXRA9xlm!OmZh)5%PXrr&t)tt0FA#$gh)4P(EFq2a<V-xPfFa*oo>n
zX|L9cG{~VTlw%o(JeU3fN^ToK9PadcSDzt}j(E`=AwrZG0)+_{MF?%jI_67O{6r|*
zDj$SJ15M@_90Xevp})LC(Xyw?oDJ-Hm{cSd>N|#qF9me%5^^Qygy!`RePq#xi2!%Y
zy;_{LF9>Wrj^tnX$YUL<#QHhncz^^`EMT4)OhPF}8bFoLHpJEjy38lSXK~J0MCZw(
z$D2?U>C`{@U_3O)uK!D0E&5$j7u6Bow!Qb|OGC8PQL-Zw3tz$S>3qinw-8&OrCBBb
z<j(HVNxxDJ9aAAE5V7mZT!OY~JZo-FO{$*!Xg==!OPoKt(%Vd2S+N^jAG5J4xDf@n
z^%#BVRms0P8zv;HYK-fLXr$`I!;=InB(ZdwA<*NDr8C_DC$K|UF_Z`NgVF915x@3T
zx}5ZJ&cw-a&T1~oO++^9f$J%4rg#cUHV?D}NhE2=1hNflpo&K66hRYT%Q{s-L9p?{
zJEoOZ6~#v?_BnCMcZ~c^Jxp<5tPEJsPLi{i?y^QF8KgWYPK{TdC7Z@H*tqz!B3%y*
zz=8=CTL-#a4>HpnZO_RWXe_j5-orLzbsqH<U{64a4(WBG1Ys&@eEh7pgPqf<SMAVO
z!vk5R^;IhqHw^Y6aZ(WC1qe3`9+H*Jd+Np7S^j*gYHH+9o#Ieje6A*zc+Aw{OJfP=
zgT(xvc(l0qR;e;vH{H!Ea11RtiYax8=n!$#DokFZyvu*|sv>TZ0%dVfU@DufRg#vf
zA?vq64jh-jw~2numQ%(?>9w!ZSYL;Jn=QhREJ{{<VPZH$hS78C?YBvsX9(Z0SDY=L
zB*5o#`m&5C%aX(*s!%3P;A#~(zLZd<8N)&}L^UsQW)c-97+YUr?@MgI!e;%-<CbWw
zRW<A+HOhA;N3iP7+=P``#xh@91ODQfOty!Pg^m{V^OJP(qa914tT{2_+qFQ%0q&Da
zPZ>V3bq?Tz&aJ)e<)Yjek9xD}Omnr@1YM%^^7XKM^)BH%lGWECwq34WW*i$85FIs%
zx|Sz%!^0yHvkXZ0$13_H8o_b##u?w*3(Q$)IVeYxXd?g>l}WSS9Mo_clku)3wPj#v
z*AIyYU~4x1=Q9ctUJtS}xAw8ZAZ~+)n4T&3^$2v+o8nvwQ$m%cs8-2_)p|`R^Oi9L
zWh6;jJX3yK%UR`>1z@#}1-(uam&98<zK(e=qoyQ9Oou0u_a3~vrZ7jBv3IJin509B
zG^w1{3$b6-*q)^(?G6;$L`1oZ9zuOm6qM}#rBK=<-`!Ax%9R3kS6-rzo<%9wzU%^#
z{rETMJah}L-@S&`m6I$GJ*kwblkK!;f(%A{#ig7dvH-4X=YH*1a=8&5DNPBa<WI0J
z9JrH}oL9)fZA|=5?V-U=0hUGu_f<1kusD8LJ77KX-T5MLM$E0VEP`rjkj#@eZ$>}F
zU4*$sk%d>44=E<AK@WxWUIDh=5@%*Ax^-LOJxkws#6p%!<45S?_g08O>7a`k61IHc
zW)f$sj(NRmA%QO?GIJPT<Q8E^Ymv2nm48)C#A_cVTUqxd4pRcm>EImplU(f>%g+k*
zCJz#7^+lT5T1rA7{x(koSI}#}<|<z^qQ^IzC(G2kA*97$inhWt#*6j<X*|!7=ap3E
znS=<6eiKG$^#EnIlFc;*Q-XsJ%O_!9gLG?k#m>vwW{|FfOwv?sHzbty4zO+q=wkfr
zF)7YelJDh{Q70+(toGay<QTu2FGC<59URrunVlR)RQ^78R7bnYojns_!_T=xxMPM@
z|5uyIclL2Ck0WEB8cI*mQF*uNW!cY&qqI$dl*frTo`-CH%QUR+D?Yd6vr%6n@f^ja
z{fL=}|EQwB7G3@u^+0&Gmw^Q54g=9Cmo!~3yW^bJhGCrIFUl7LI4UZ2e~5{Rcd>EV
zZCubecc|UXC>hopyJU~mGx%MCHaAwYwZ9q=kF5_;A1hN*@QTn7Pe9AcWy*mqM-<9H
z#V2d7FqFmpF`=(EmhApQmW4OA879RJYumV6>OwAN%^a=tV|)(Q2k-MZ+ER5*s{@QD
zDP{D4xfeyyJ4qE(*=eRhg`YW_SuLT29eRD!RA0ChN8m)9SA0oyLRq>ZQ!1H^SpVEe
zncw(9omvc4Y5HMwFxOXN8MA?H1Fr5&apDKXgO4TUW^>{MS>2<Y=a64`=LX1A66&7|
zc$u@N>FHFVO+_{HWn*-xYwv0^3G%s<sf1spv?<HGtx1_Yns~Fi8gEN`K5jN^ENV|h
zC5hJB*H68!?32y3xeiHqosh~xT`sOyI*C?k^?ZKKc9IEIzLgSp@JuE#HlCXNC~XHj
zi}3=RvOsC_eO4~)d}njk{MR4(PLe=v*r2J4$;auEwT6W`eWvP-ZVgJ}MCM&4<L4E7
zXvI!gX?Wos7S^zUd8vrv4%m-1sUGge)a0_IC2&SD29H=}V&)>;Hfu2mJPQlyeOTja
zUeV5EU6wvuPGj6vWs0kiG}6Ry*WRn8304zW)V!Kob_|<P#Z0@}0yU%@F8hrRC+Z~h
zE>iqH_GN4Y2ReKzZx>kU*p3alA)&#vn~kaxqnk}%HkSWDjRk3x{JyT*Byfl3(S#+*
z({Xydf~;uEZR4iOJcEcL8|sizmy%$uin5@a)Z=VvE~V#YrG&(qInA?TVS%+TDUCfp
z<rAco)R>}7s^c*unX_akmD_Ju`dmd<5^TubZpR6(B=y3Xvf5D@!=3AJ-^kG*G2}~i
zA<D#h$Cp@4lxVs8JSQW41fzOYTN4Nnb7o4ReN)kgJ0eVmdpRQS#7FtLG*wGQJaE0T
z8!ahd!OH-4L!eUJjd_i}Bq3unwv%DCr%N>iyicijN&@1}SBzetH2>Z?W^1x6lMRSk
zdO(_%TVp}unsJvwc!1SLUC=-fCA1&;=jZ_-OR}K8s#hsn>F&1R`dMt$GsXPmL3hdR
z(`URz?rHJV>}@uIBv=S{K{hvx7Q9NIX%WM{%Vpv<X8IlUOjNUk=R0}WE$Ov}3N2As
zSGhJhEUsh~*P_+{K@^MSu@!ZPpVx~?%dho~!n6e%n>VXsi}#BAfTh30n>$R2PZ49a
z<?oaa=sk3fPzix1XQjsz*v<<1NMCI`L7y^5fiWKNs`M5YZ}2mbEA&4zV;OS;Dpu>T
z2so@K4=M?9Qd~il_x8Q$BzDJ(ku3$o@v<xXO61?wx~^ck-7LbWO)hg2qnaVBRSi$Z
zh{Fr~t10(=XJs&ll=uS&D7>LuH3}%cOwpXu|M^N<gJ<q)cAgZ|cQ5Sj*^DeH=IM@(
zD*u)1XtmlBC*>`V4(*w4n^hObp097{H)OI>8rL^=;u#C*V7{I`+Z#&GQ!N$Gyct`C
zNXL-md8Una$YrsSx3tyGt*mgug*zp^gloLnz#Sa2?pYpnRF0)?AisIEnI~%?w#J<j
zmde*QerwJy+)Fon=}s$sWtE=4g1%NxsZW8^Dqg^Eg#Sb(-VO;T0o$oVs)0mwm^t^f
zDSoD(a9LPFsdgFRRflfYHM6R|w^yR?N%$X1j5ZUNQa@D6S}>}%C7NU-?pT)y(J;fM
zD$_RH%(S4X-3!xno9s#RJMb6N>dTLw*C{e%)m+SN`DTJ7E5KjK3Jula;s=)<(P{!g
z%q=wh0u6z=g&LBUpy)7b+GxMuJ@-;{7HVjSM|K67a=)vJm`va=%;b)#>9{H-V~c0`
z9~VhocYsoTcxcE7-z*xdsg`5QUiHyjNF9eO!CbS<;XQ=gq#vhvvI?TETJM<1!7@lE
zivhb!d~rd|Uiux@(^7^>r%T0Hx~1IbJrdjWlbuv$vGX$$3-qdu3$B8LH<ZJXcJ6Ue
zb4q-jb8~^j@47f=b}NeL6~aOQ0zIJ&b(4*zVw=P-*a}sb#tb09lP&kr9wYG{RVaV9
z%D0iS?GS9Q5|dD>r_}Bc%!$#m&u49@9`uZkfj3pb_uWDTgKTZJ?PjhlX15wV*r<%A
zXoD-ROg9lQXQv`PP3^`nv_nHH;rek=U%ZPn(J9D=e^8agz~?*mQ&GM_guOmuB5QEh
zvI?&TzeTQY!YNjQd`C4NguFQoO1hvYb?`$gp1)U|>F=F`qa)E|7Ugu0$*rD*K#Ov&
z-p~e%e+=6pQlV1DkUK_s^ffU}`CH`BeV{$?!nzj>VnLXECt{MJNxa6&@cUAgsAvF;
za!`afVlGV!u0h_8eF<^Nd$05khB&6@$`uxK4Qco>4ky$E=JqAdRQR*4x>=|1XWt&|
zqSn39olm9-i6EQDu$d*>T`(yx+k`{IeXth>0r(QU?l+rp{|H5g1vbn7;?c|1)aL9m
z#%wY3*nh(WmUI`e2=w!Kmt%`-r0jhbog8~$tw#8vyDBSgj3tKro**_wdlZR-5-a6q
zI-!y+7XQ2c$jEJbMRB2Nuc6YNTymM%%$brsb4s=JvGv5QfRnYzd9@|8o8E-fDDhhj
z!M{hpK%W8}{RKJOeFdAD+w-*<<$WzmBrQ7?U!N)rya>)`(ZFU!pKZr*^y~X!me0uf
z$u?bpwO?n*iz`~m)@_c7IkqF)O3_S}rMQ8uR^)ylRg|UdoIrMHRT(=a-+-w-hkp4E
zeSh3}APb!chIZ5uLOEE=s2+<I%c~cm*Iki5MtB%umLsgiE5wqNaGRRGR4<LmjeX95
z-snM}XRYN}5_fhZxi)2>)~EIatd^v5?jifS!@O8!@$dyrsom95A&IO;;iyUREQv}^
z-e>qcj_Nyx+=g+wENmCqvUAalBM5d1Ill5MdpX)SlGp19lx``hnsYp(Hcn%&;-agJ
znu~co$i1nXG@s8iEn$V6QJXBqndEgW&dfO6oIx`3fR;3EoVU0diI;adrhbe$*8^?@
zUkm5BX1jQRL)T%biKe>BJ@!j$Ive}mm7A>dpZTP&*sM@xDV6fi=X)35-qdBqR5t%k
zLj3wx{Y1Bk1Ya`abZIdfK61zMT~-BFD!_<cey|CUWbWR<{$M*P`%imb(8l5fIt6`C
zw-TN{Svh*PlKHL%HZl{<lh=6R7G^H_LJ2`OD{mDCLOWAr3hO0?zW6AWc4VNLj)LK#
z@m)siRFf0JK_-0UTeMjteX{j!LWuz(ehR!ALV6tmokfBL@*AAL-MKbr)IcNt#(h0a
zaQM(jXVi8NoG~2^s5MQa-x>AN<vs}=qs>~dQ01TJYmw8Qx3lkZ;4SybycaE7+F8ue
zZKR5WvB_FejAuOTsT{qiRXvxTf%Qf<9zTjlzjy)sCV=t`E(pv;?WsECTg9f82GQGO
zuBp7Se!1DzB3@hmh)@&CHayKFojfH4Nj7C$uG%_V->SS)dX<GMMaNa!L22aUJUOz_
z-S1`5pR&_&d9lmqaf1N!pFvy}Dj}PNlNh~6Ci<nO)<Aix;}B#d`}&z=m%C|4cW5w;
zikKWPiDEJXv-b~3XwYNCA|Emcch8$z6vLDgRI4uu*;Fb<Zohg$VK%SR6}Ux^7z!36
zAXfsdLop~om{rji1?tk`848j9E-6)Qc`k8TU4`KRxqV-lwJdA&d^T3sqcXOm+%ljr
zlXhY@Wv03`3rS3DUg2`z*?|!-y%s1yQ1BQuD&9xi?7GK(HsJIv_+%rqJzG`whX1$S
zED|$+iXCIZ46NX{^{R+hs10q9Yk-u_ab+fxfEIbKHNPf!hF8}2skjYTkg5X~CJaVO
zmcHW!gNr>BNh*B|R5#*w$IUbc1i>=A6X^Di;U|j#YKZf(;vd)I2UjRz*i0;Or7>D7
zMKtQ^W4~k0)-c>BdxsDe7Dq3}+d`?U|Ca*j`fj&8yUw?lg6G+YzH`)~H+Q}hqwq1T
ze=)8@VK^r2$Gz&9z8~Yck)>g!T3-zO!_U>}CCst*rl`LW;Zu87;c0sDH?Yl!INrX^
znaC47Ue>M?-4Qg5pQ##UA!nRA*)g~5)!=OqT0(Tru8b`a?b#wk_DR-VTxm12wAz6y
z%|b4#g7JRu`ei<$`8pxPkwYxE^|z%>4t0%vwF$iDH;o9~4mZu4YPr3}af>-}c*d_~
zli@EMU{B_7L{G8}I=vH6_cqXH{d|a-ketwGWmBKvZ>g!S(?IA@xB3cmGDqYtT258x
zLYdZ?*=jOxaZW7BtT|?}Ky+tmhj<x1h24@8Jw7Md5F=lj8-D}++}qSCR-Fn%@ZdDn
zQK5(`-sGh$vDnmgP7d5K!657su1yd>)Rvw?>;8s})g?dVGw<Uh6OzUs?3zvy+coft
zMg&3K95DT^4Xv1*qWOve|5b-X1`&i<x|xdf@W(v=W>5w{7uiEQn~P(g8{{^@5Z5qw
zS}>tzD%rx;FG<N@9GSd5_X^*Q$}Kz7Mb32`{mmSqN(g^q$L)n3tuBjAt<pKU#R7y^
zRl@8jdWbt!BQL+|f!erQoLhD*)`DtrK1<P@=3+U6TpZ(fM0u?qx#41EazipNYgt(t
z&hEG9{*xD%jYea+m9S3?NCLHXpvPh7#}Y8aj=#|nTwgDPIhz!f@S=XOVM<y5w-s;2
ztFNE%<5;cjrQ77_2n}s^^J>JgCTcLMj&;Qgf!YiJ8|9C^rI;DT5D~3hhDUQcXp4o?
zTcTLOJhg@-RRaRSM&{~6UR#HBOe=|&)~YTNe0a`2nwA7g_g0(Mau)<V9YaLW-An!q
zYB}o#02Kth69B*^b)8h>FQ@*UZ9yYfb<N)~YKY3KE!3J+IkLFtOkE%l4PWK#Z~dKH
zMm6moI>t~CnW%f0>MqdNdfX<mm#+fa1$zn~P?qR3nz~t!2EDDp_8G*+LDWLwpZ>f!
zjOJlW2}%%E$iS-OZdAp1#U&tY4w_4Vda>r%tJ*q%K-+r|+<<P}XNmO&tXjd7t?~wj
zr9V$T0l^2Qa<Kc7KIRhUKCpDW0mtD3A~g`xe!w`jn2luun0dhUVi=12_3as;%io^P
z>|)X00L?D=wX!w9+d*#46o4SmKw^;zj5DE9MSuP!pV%wmAxwz?JX?UNC8(N%O4y&z
zk3WcBL3s6fOw$vcz+Ya~oBO~811iha6K{PJaI8*io8gdLU>O;?)<=J;s13w01~9$>
zVGH^Rn5hmgz}I&%f>q2{B9J9xaUoNqIPD3^?lUN9{v9Q9i+iwV1b}PMrLxPlroXW+
zO?iN1R6pz_17omg1o#^UktS*HC$7WgT^zWe68Cu}7;aLRZ~zX`6iuM82lM2Iuz_P7
z3iuZ+3n*RN)>6F!R7$X@eco$XXA-}A_sXs2KX(|NE}eh>3^tioE~$`rP0Ijfd7h*Y
zCdKl{8yhF}eegfkHaVg5n+KamiIIn3y|pGU9W6XaON%C)6u2pg{y?v<=ls}2v$++4
zxiuRh+C<xb$2=zb;9XUpZ=6qgn78cOo-Rq-lp4LEO+3~{E&VDb@4%~DOcOzSR7#Dq
z>ImW!!}LjGrcmbGIRY(Q+XPv^)IhRD!dg=hPjuKRV6TxR4$b~LMlx=>gve!R>@LkM
zp3G&ef-~yM8xvyAku)la-0CEr-#SV6`PnJ8cr_(y{3Ju+X)Tl{PSbOs>pPy!VXPNp
zbRg$S*-duY)RI?1s8piOsL|`hAnoGnEH>vQWDqo78f^Mz#N$~*dxR%sc;3AFo(34$
z;@;jadUM`d?%ws(GA4J!N{jb#jtR%h*n&OT^>@f8HfQqF&GfS?nizM;-L0G!luOOn
z9p$s}n~TTdG3ucWCPretjMDmAt?|@TxjtrZ$}aF(Jf~-2surf2;Z3rqIp9FHPw2(&
zwTC?&8xIPyZtJ;6I+WLVZw-&ivFFECY8yJ8>dbSftI+@yI&(3d$VlyFIv+eB$~-Gc
z{A&nLJ!aCNEB}(${dTsw0U-wBIFsPP23@r&;$I!~C!u+I{zsomsiMC;cI9N05jRsg
z3FS&tGFO$-w#d58sgHeC_^>Y3oQptQx!Ah2+D7csVi_S~5gXyvAl|u-pX;5fmqy_y
z{bqJysk`cltcxW6=MG<9a{=6GF%o1Q$D2bn>9aWtB%8iEj2#kXZ&zV-8^3n17YP*Q
zJJ0m5Ky!F>P}!frVVk8ypC43p-eY-N-L~7P1|h*DCR?0YjhY@}U7W{Sd?C~oI1yg+
zlV>&3$wm_|sQ0t0d>4j(&7D_!Ra@eIM^zaTtK!B}v|;6HAA|5bgg9sBE^;R;fK4Ac
zp~Lz!Cxek<;bSu6bAjLXx5hcI0$UMgZYtIE2m=1DwgwS3W78J1nFD)1Edgr{VsrGM
z*3428R?S**l7sW3XhiO0lqWMFkV!*ovePJ^QCRu~KG{PAASo!ToSq9A+!^FAAQ@F_
zWtD?^1mwl*(13yQb>HcF3TQ4obY_FKKv=4suhiOxk@W}IYk;xS%q&a<d4<5z14dfF
z@{B5hthkrT1ddnW6?TEzk_NdyP%4Ab;!hwV*#fu!2MZopJy(GE2C$LJKEYJc9MsBS
z8-xlHRUNGQfTKjN1>l&^b9i0?A&ics3esO$0a$Tx!cq*3xl!zzroQvN2FL}6;9T0M
zT1vm?^(bfT6lNWjDX?!bqYErG+HIhl@Tot5;quPKh96LgA*q5FOM>3-tM?jZ1;4|x
z^u0d#*992B!k6B?h+DjnMF7p@7_}lz>jcx6p`jt^;crulr>n8RZq%k!gDI;Jd~Voc
z1@)o`_%MJjKj74+(6|M%jnCD;!d{15_<2X})pHzDW<3#*$*Ym681sX79;QkaQ;xwZ
z#Fz&C2^$!>BWVfoJ-p#S052>>|5Y@cnm39UXD?w;0=X@xjYCs$`zFelMeqfTNFKpz
zJt%|-L+1zywg@jsiE<q@^~^!L6}8JvG}mA$l8~Tq-25Q9I;NA&hp+YXKV8!ho#W4|
z$y0GxQHc$ELm}c&W=HEm<N!8jPBdSMzk+~Knk9ue>G$VvO_|+TS4{60vz3{3-f-m{
zY}j0l6mWF(Gs<G&kBi$j#F~s75%@kRsw|6TX$qRK-!5+yy-Zw617iS?3LpN&{VHS~
zH2n1&zjc2Dk!o-o02cs_qfd!dT6}(7J(yYt_0Kay-u*myPVUp|p&<7t4D}cIEpR3P
zD}e4FYsp8^$(;HvoFQDG3(PSyLCM<o=l5x)RxyiNI6KA|Vf5b@NBth#mD6t{PZ1$|
z=LZWXYZ7-ndUwCA1%Dm(*^V{jyu)(*L|L^-9zGYSm`mOJD`wuv^R9N=>*&`3e7GWs
z7vH*nMAzrKpj&gmAT;V_TyG<^^T6%$gGiM&gF7@yp(JG_E!S8M<33LC`-3<=&#;3=
z10~u6`f!!tRp;jn0g%I~jkx|^?zaHbH8{&bzgCB0C-oPI_T2{wD`U8~a4?1d37w9k
znLZmFY{I*T4XX~}-$8T{)nXj)E$ZgK2ErE{WZ(qU0qcjTQlKxK;b$pl9tb2jfT9bu
zISIIbaGApvfRZN(tG?&tO<(|m(mR6r4zuisu7Fqz;9-V*YI+QsLH%G<Ma&q!!_{g~
zL26RGIi3~k>_UJAHXSI9MBsgm3Bsdv1}kt`r5E3d%0c)MHpp54zw^EVd#5-t3a4*_
zZh@~V$Uz!KuNh5lf>7jYn$-Ip*oDvDEqD&92jI$92S9rF%=M+_cc{Pxu`vhYUq3{E
zS}X`=L%&YH!D4C%Ox>QJ07oScWOfwy`9yAk6&+ma#Yi1p1K1VV7)=49eH}dWs1;1a
z0c94{F}ASkIkyu(Q4hQdlxGpk6PGsc#ri7!yI`QarB|}u4MGo4TA`K(8nRp~p^VxQ
z4camK{c?8a6)eZVto_#RoO-d_%lk|Xd)GhCV-IQo1pw-tst2r?SDioWxYI*hGDcY@
zf@i3}8&(EBuEKnKSmm;g*5R!aSj6}=YhQ*PDNR*Qw2gA~o?<w<r#%Rp6V8cdC6<}2
zG|;M5wPh{q<jib|WT+9M$R(|<pKQbR5}`7SU+sGf?d#rX20Rf0-~UR2cUf&n+_~l~
zfgq^9FM*E=ZqRW=ca=kTcu13gdVEfcvfeEVMu$^A4G0M*=#eMjxs*$3bP>9Dp;miK
z@qX9UG0Km_0ufu^Ak?Y*MgK3<RcW}y^5421jQsP_C?W07p0qrFoh7b#-+F_w<qk`&
z4xh%%$SBI--p>SLdhb=!o!zyIi!0!v2_kGLy0`494FFP}P-Oui4b$(*f_Q@30N9oV
zx!r1rJt+m4HBM);4FeS1!XW&H8-OoRFzt4G5_Z-u{wxjrULqlVdulQ1p#05%KLOHf
z_KIsEU~sSpaaRFc99r~;skCAks0wxdRvP1dGmXb6ry?QSOVLmaf++u22x`=QyY(Ub
z7H9^+sni6?6<AEi!%qUwhK7e>={p;of{G6aq%b1Al?-uIyudl`<Y8QW)S+A!Xoz{}
z#gV4IIAm)h^8PrPr>i(70goikQ0BY-@i_?svt~Ow_u7nQSnPrYpW{En{ofu#Fu+C=
zDB{IAv|fWp540Z`$jPJKPI^Ge6bqjMMBNxjOG+?cd6nM`gtk>pNUspV!r7V;@k97<
zPvIC{*6GJWW}nA8LM{0<M@y*+)Odl-=?9C9-5Wmh)x_SPEEU>>f{#sYP(EtZ;m$em
z_N)&qe+TggqZs`njtaj+=r5g~e`={SEH*$dO7#H`vs!f8xXw4*HaO|DEfA#%-*}HF
zRwr=dU+(xE-Re3ez;M(Q5kULk6#hngzJfx<0Rvy*XmX7jzspB%Ld~o-ySHA!P-0Lc
z10#Guf=BsAf$Gq1vW~-DOPpM+uUzBN2k+CC7_ZBM_NO2!3;r)tLy{Dx%58U-rc=73
zS@be~;AU9#&sj<uNY&th{S=}!@0saRqUB$;(2!BXq$O#*mess9^{*+KYr&M@;{9^~
zFL$zT^;a?q0?FwBEECvTb-*!#YGnn)ci=Vw0Cf1`%2y&VL$^c{fCGmfY?VNtgYmgM
zGB4v7L;^VC)j(VIEQ5vT2pr^qW2u@R@u3su$(6xpC^9|RP@#5;A+;>Sq!x5OxC}~Y
zTXM@GclZ7L(gT{~=K3M9mJJkmu=GoGBQk+Eg^>hG*@V4OExn%YD92DC^y||fwE$?`
zybp&wupxhFvV?cQpFoul)^ypiM$H_}!1xySFHy>vu1oidQ={DM?24tl7qk?MD?j8f
zO3XkED*(gv$7A~F^S{#NyvFRmmvUgM7nOy_*@O(K@gXxcft)SIHyLnx%7tSC7Ib$b
zkS2CFh*sdlc4!+0eJWA!1>U)Ow63=Rtx)Ip-~4O?;y2*W3=L$u_%xxZDD*zvO6Zl&
zp<}k-sd)9~Z{#pkXeb$8*spUv14dhP=ou^uK!e%9ChqqZbU9DE8!#H9lM7k(KLM8>
z8YF4h{LGuHpn$xuJPxAEbq|0J1NsU(hq@1kX^ZH)ome*yg8n>g{G9a78#S`MP`vXI
zokjhT#6gu5x%vYn(n<*(U7gQFhzfgGLf$Nk-Ab8?nk<tYkGGu4i(u|bFVEZ^DJ%>e
zPAYA7G5Knx?6W^tu9iG@yt#%QH}m2`s((u8<NZ5d?iD?~O7ie7A)75uoiwJ@^T$+T
zG*>a)KDc9?Vx_XHJ7rMyqq}N(W$$Fa_PqAg_o!`Kgjk#FjT)`*GrW=L(y#HE0iR{E
z3o<YD#Vk18<>h>I-o=*v#cKNX*xq)+;(o$n$+bp5OJW~dsYZ{#Kidrn5_+9&-A|k)
zdj9@=lzw#pzfc&NTJ?gs;q~92GYtQSD_Uub)5KoCKU(dzr!9VFajpCL%xdp#Yw^3k
zKP`6zZ@`}}#PVgO8n=C2gKrFbzmT+e{C_WVR_{!lvtc#d!}bMvO4~&#b0(zTTYY+Z
z3VO&>YyNU43#JtHwa~@`!yZnxBS77!KA11V$q)QQh0|5c%{H=+xTO3tGEbn`LqQYx
z_=B_MNdxw`-aWduB54C0l{4s$a|X4q1gxt$IjzF>H#E%~Ad(F$4z<v{Lz3<fOSuMy
z-l^*H^dnQqloTjbQG(X~?`az#7=f*!Isuwg_cZSMF%Lmk4Ekc;@O&!%KAwm3I~^!a
zpe_r-?+<{P4m@wsU0}_U;^DzAKILP5JLSm8i$vzzp6~#s=D9`8W~`k)*W}4-9N>8n
zHpEw|ZKpFr2F8kSu04Jy2{Gt-^q8qlXDAF7tY*W1yyH=%<0coz$9es=LjHWG0xp9J
z1CJl*Q#2ZaMtxlkHDO&HJS-j+Hy{hbYAH$=wat{#-Xg;ob{xTeRI@sRu7o~cJtka<
z_z?PdKuKjxrGxj(Acfd;`c7Eq&?V~uLtZCeaQEZK#NY5>tm%q89kD|(z64y)&d>At
z&Ap*!BTCdZy9qTp+ze%9<r1(a{BsWbd|QlS0bZkn+%L5&;bNXN&Jl|A4wRxKdQU1n
zmRp@c>C_SYpw*qe)Vicw<!xc~wJ$v^=S2oma@gYVF%YaEnbx{}n{USvULSb>QM5QM
z|EaaZV!lpv`Tpy5oY(f_Xr_7P#FvnjO3Yi?S2gxu&CN1lY3&N%;55_(;+$r>Ua>g-
za3uv-q0W7a4C!EdeA*!ni-!yrHz0oPB^sUoUog_Y68*o3hoJwJ5wNuFuz~DwkZ*MU
z^EX8Qi+(~U{GzU<F7~DiMqPV&ncuF0!56f;_ZU#G3qMD}8Sc&SAH^|~kN+MXzrPRD
z_l&lMe~*kKym26-Pl%L1wI|o8`e52b8y*dZhNkA_8Mr=1(1AcP3mO*@sS}{eGYc>h
zDn#HGYJu7XdNdT4BA`?gBN8RG444gUf+Z#-xKKyTLaPXyLb3OumaMn|jq-XFC|~b@
zNJ<2xPuT4i{BZXZ2%^Gmf=vb<xmsu_|3Her3(~K``E|>5xn+-_kd*cc36F?~0Q1*}
z{mR-6r}l6|VRC)={d+!k?sZKh%XruF(P}Iy^mrC~T(YW~EG#UkZ{e_4A9y$#5|j-l
zkJ9<QAR)JzB~G*Q<jpv=kDJlB%sWdhEb6(gdA-bw;N96V@t6wg+SKPzGgQ*JfWQJo
zstV9lN4($(<j@7rL9{a@mjraJp<vF~f4(O`gp%okNIZis*pxI#^Cdh^WCw?bF7Mbm
zIKWC6&KIGxD+zd<JUqbh{toK8pn|9%0S?Hh;#yhMDn?%vikL=~VF1vowqr>ZLN>EB
zrTI3ESKzFJQe&LKw!IY|qV<l+$5gX+06MlIgFz{JSrN)PIL~t3-JBW3J!iUueGC$V
zp7{!wK{4a+@!7}Lglckq*^Q4MS<X8dpD7fZOT0Cf<ljb@B6-%YTt~GW1)lRUA324S
zo)h1JjWh(fwxV(joVn0M14^S5+lAO4gv`Py<}w10eoW+;hc9mbj0k<LbMW{bEOZkp
zr1@snv(~lY#3it}y{=&==Iz$6nWw21dnM=zpBT+c%>RWS#9aYo>?Qg9Cw~53+GFPX
zh-RtX!th2vh{JzB5a{{vEAW@cM6Wvj<=}2ez&(Dg&nF=RLxN9*2v%=X({JSem-GK6
zWmHDqfS~@Hlv!q_i9QBO4vkuMnLvYu@_<BjV;Tjw_sbNdrMuvJ9{w@*^z?*u2pe$$
zC1N(CtEiZRV5qfy+>B*cUS4jr3@ZY#K+pOXc-EPjWV15R2|~yI0#tUxTwGkhqa6xK
zc=<oDa8p%T2}@d}n4sCsDiCEj$_S~+rp4ju&W@+x;9w7&hMOyq;%h0{<kQdz-PtKi
zoKbQpodU>r)VTpV9N3tH|3O`TQX5KiE5K~vQd6vCD&J)~qbP!ZLAf*ls7p1Np3Vee
zTvgyOR9{-kTBJY;AhIEpPIai_MPUt4nD7tbKeCVyi!(C^Lc{jzYCwc>GI#e8urBro
zMIH?sE}O!ewe+1MwVUjF^7;A!_4!VN1CEW~t^=l$YA*N{4h<P5fIY@)YN#7#3@KBN
zKry-e0#?L5J)zVs$ZRBS_y&p>f$PvBj1OT*1hvr+i?OggK*2ujc8&N(M{jSuoG_eq
z)dN_G7ZE`2#A;C(D&hCmsxRvtsL!a<Dq=#n`6Yz=6b+lTRf1E%4wrC1KB2U(u`!jp
zv2dI(U8OJYzNXZ`V=8s(9;dLdUTMZC$|#ycIHbU(!ynp~!zsKWs5O~GH_6|&z~-79
z9BjUO04EFIY4Y8JGIDgV9`;_FK+_T=lv92`uxw1is=<0S&N0V%w{1YS-5idBPa&e9
z678m}roqUO6@W|39FTs`w9CfD++M;>@Yet83Wzb`6{~m6P!~K*TNHvnLfJ6=zluWU
z|NbtcnMr<QJEE7&CHBhSJo`7^iSw-?u5T{3CImnofkRVJU~#K)`@dpB&AWL&oK5y!
zTk#E4;&q#p=8+Z+p_jR|7Bez30<A}$ptXsMthCc%vD|8M@Rzq|AQ<)*4#>d3Lzt7G
z;tv?{fE&0#Gy)b6N!JqGWymvE@eIg2*Xp-kK2U_Z0EH#oNKQ#fK_assIHCG@NYF8{
zvB2F)ySTY>?J?|UCOm=Py?~;<l7rs=rOULVc#Ct)QerlcAbJlc1y1k4K{;FilmNv~
z9Q{pwAmViOL3k%r{SY^A;VMHp4G`Ng<ibfp3nEJ>w;^)%@5xdt()PCj>PM1T0R|#4
zGFs+NXLMk!P}9(Gxq!-^7KA&HKqCeq<R^T5fIO1XX(d5C7MD4s6u_89YF8AlxUzD0
z7McY^0o~(K8pl>OBK~w<!tpv(jE9AXS5#DFS;Je(|9E=@>t;G}DaEi;AqQOVWj*4j
z3P1NBK4ZQ^q)2HB)%i#zAfB;<3JMCa??9W(i2)0;_Hf#h$f(Xw?y6?L0{xZ^q76~h
z@MJ3a;RNq;GFnX_6fQ(4@tv~h8)`H**4`G>4;9Zg0cFhBS`}esjpE8vES^{=VvtOo
zPb6+UgSE3K6w<MVa^J8TglL3(hPo(r+>H2(R8XfJ$k;yV)GiV{acj35u>5}80)pPp
z#chh!UDf$<H#)l=1y8%Ph+N14tF3giHrP~v^~ntM-$YJoj5OQ{iN<j5!BM>KCDsPb
z7aXq^)l5`W3oulIB5$pjQQCj?(UQY3-(Y{1<=a`-`&gfbc!RzrdBvMrA>DRjvQSH>
zKV>`Drc2T3OeR9qx_ewDt}-;-h1?oXF1C-`jKkOMs(k?k1gd;SC17u>;jaIc)$p4u
z@e}Oa>VF>)RDnDtX(9D59sm6cbB~=`hRisZQ}EB8if~1nN3S*h-#efx9Cvtyf7Qs1
zbXVf9sH&!IVGFADNCyAcKStxp9(}QzmPwcBWq4j}!7Y4W+aN-hJaV@T%8ji&%T4zx
z@SZdI_Dl<M_D^VfU=6k;EGXz0QWSu+j({>j*qp%93QWgP$T28rAg?A#snh%_2ab9!
zOyj{g1b$PKhe@n3TH)f?5hN0npE6YAaLmF|kTc}efVuUJjjPWKjlqHgP`Nq#F?~I~
zMwo6v9Sb^mR+(L0U74Agu(iVe9q_d!0LbBS0uV+0vfmmM>#%+{AP8`vDNx=3pGGYP
zNh1$$&w^|9(LT7G{5lv;r6nT+!>3Jn3KR~<Ie;NtotLM0=X;}I-LDV)yC9f2)eB`(
zA2gut2xw%PZ>%kp9#v#0+=h+M0KT@gHJFbje524;U4#=O8@||?1CIv}C#RE)j?H7g
z=^=zji5C)>dLxAHMsA`T@LKRhWNfv6fG?ax&QVC>b26tZ0)|hUu>Y=E3LpM(<6B7!
zB<78HXjEdM-hv|9XQmW=-dRF4N+5AwS@Q+n5XG8{229|b!wZdp+6Y%z*8&00Eu5!0
zD`}>$+TC^YlP<GIwo*JU!WXvfO#OoAbOy)iP6VLslCYa`;yYJ~FTgiAb8v6~k31X*
zJ0LGa6%R`DAl9GL$XR0|eEkX0_>}j`|0`ZpC8@s8Ft84B^<iI{imWRO1(XR=(x*3%
z1Q^2Tj(7~}o=u>Y!~zV}mV&bGX|mi?$E0MI^rbbRjljIpAl?=#<@1V2G2u~ZwsB#~
z{v-A%3X`9aBIF$EYzQ|`>ISWEdm};>NxdPG(pa1Bv!C<G9f`S``|)*<w65A|Q2m$l
zKE~Mp!%Y4dJreT++7Aw%4{Ne;6v5pAJZ<lMFaPryEW&$&s325Kxt`=85ZFiuYSbhs
z00RaLU^{RH6bJ(1c9K?99pzroUG^vui!8rSm#l(BO&3I+hd|;r6wp{0ju_`E5ruAo
z*E-AZA1v~@AF8c-ZZ>^Z5DW76KY&07Nagtslo{=J{XfEj#Ob1?BQYRepjI;~<Ywel
zX0@D@gr|28fC#wHwB)2WVT`RuxABeBT`kV~W|4$ei66A4(m6ntgB{4Hr%(NXDgr5!
z2$Bb&c~CIP=cm-*dcv`?g0euMqKf1HB`>Es2cuOHn+`1;0%Br!`ELeAr9{upANHbP
zuPf@+bkx-Gp^k;EM$f+#UA?~x7&2v+X@(dCMg__r4A#$3DpmQd($7`$W2iHi>S&qb
z-JnVa9pr&?_*Oh}awQJ|^|njZWW!jV7#&NsvVDQ~ejh3&V|E^Umjc@7rdR@~1y92w
zgnAz}o9TdPaa5{V;MnYdpcO$tjWIi=86?x(DUI*SCg1757eK(c55M9qT3)v56_)%8
z8DX*6{wFMjx_!tirH1vMe#jN40$mpS>n`|Lct@G#Z!fesI{pzbDai=f7=tMgv1OFK
zMW>ra86lxKEan2PQ}z*H?$6LRAW%v^FqfL;W4KIt^~%)^MNqmT!775=-ClawQ>H{C
z$Ac5T7Ej}!?0f4Ygm}>Yd`-rK2Opphg#*;&xoglbt=UFYWK9ZT2q$WeL=Vbm8tEEn
zbREQVUQ)eZW@>6GhFM8HOg0eAmZzhkSy=vAKU%HJli~x8rM^Q^O+p`qTUL3)yyq2N
z)_&!|<EkW&68U2-$0Y~eN(Y>Fdp_|EYh%L%_QRVwO62#xC#|!@$g|H(mVU1^8s7=j
zup`bCURcg%Wk%4+snW%BA#6)NVCE5Z&Te`?bjz%C$c!$psF=u64uK{QVE8l0TcTsH
zCe~L{&|Fd*vLwykJQdAe%#nMAM87G(WBdox3Q6Sr>G4Ze(Qw}iYV95o?`zX0+F5L5
z9ELhonn!SFsJMQDn#5%DGwxtawXP8ts`k7$5wT{>fKb4EGIAqLs#W=>UFR}1d{Dbw
zv^`@6a)AQ`Z_(W@a_M-0H9mpD;C}nzg$G2{o%LiMkC*qaeSOAS(F^6Addj8G3w85%
zulJz@!DnWS6czhXt?D0<D{qq^hyaANi3mCZtq=jnzF)A_RT&Hr3hfM}LrC!;ep(NL
z#5>Mq{!6{Rz4YRq2T%?j!=edPIe=P^`4Tx@LWsbZfa98c`COj8nMxsf#5C~G7HRPU
z>*I(-e%9!qs~x^om+R6UDzdw?V+-R(t{Fb0Y!V&W6A0l^x1&YThF|@y8;GDv8ucCx
z4crw2JA|dH)rDXMp;<ekliAV@uVED-vErdU`~0w2$Y3Xi_~rp2Eju4yvg!5yyEq_r
z^^9rsBUDmcIIOFFvGOjLHnM8QvFu;+jk7Oj<KyE~=u^&k(2RQAnT-=vzZ1l!YdqkQ
zaRMQR4AdTHR-5b`+75(E-%4S`tMTxMY32RTp>TO&5itn7O!nooi9>+o0q0~GH0QEK
zk&9h0ECPA&nklF_K&IvtmheZ%#@gklQhtC!sXG*1&<7+*9_Ju3_s>1Y;Q)r0+p6+o
zOoD4!ru;{f+?f-y$Q?MpkN`PhGJ^=u+0+a)*<rASx$?;8*6INI*+m2JIeKAMEX{?Q
zLqH`8&j>RmWvn^K7r*NbeJIVC6ncz7jk@?xtOqL&l1?QnrG=!4pi~}W8)R@c>fxnR
ze#`lb%Q6GoxtEE*DrveonqhO424m^A8C&vJWx46ztVh4(=!m*Tab?OTHrBy!v^#1P
zGf^tG*$(9;-2Bn>nHI>7a!sTpukw5TLKmVzrDk$2tQig$@hALkCo4zoS=!MJauIc(
z)<yF>G}P507^jw&en2#RT6x^^_^}l8wrhs`cc?$tBc^z1Sr1(*H?7f4b13<ctv>Rd
zVzmoXVV`%kh{t;?@qf>`sa8crjT`OC%F-d-jNDVSDYbG?hm4(MdsF7*n73w^@ZFNr
z{PG4#Nv%6M@B1S!Obz8v-uSdQ$NF~b2}(*@^zqO#G0DS;@+%5Z08of{gff(I?EeFW
zd4i}*`$+_d>!2#oI^VYa^&K{@4=~Y$P@go+H<5$sH|+a?iO3~7x@6+@25cN0R7nD3
z$T4+VQ70w9SpYX?WMNT+lN|taW7QwP!np?J0F+129^QwZ3x@X4K!1aD$1E3O<lFfh
z4JW(o-z`#i`tc)48ox4xsfz%GkG5h`VnkRL>uRN}wGxbIF(5l%CZsaGEo;%5^G-B-
z+osu3ljH7y*JTq-PRl;UYpoYNYF^V&D6fwt>~<7iD)O+?GRj3#2zLySPS61*h6(J!
z(NTka&v$_CGe~zof0hU4PuO*vwoAh0XY3yHvrqFT-t^UWyfH1^xlJ6RmM<`6o#Wm?
zu<gCFQU9R<F7z)|w|TZa;%|V6I5&KH<w?oN2sSDwFbOUES!ar-?S;(9D0mvVHJJwk
zSUA{s0FnidLQszSnslvj`d0uw3iN^IxcFYlxa9Lo%(S$q-W{Z(Oj6U*^tH55hbIb=
z6(gs7JTNuY0JUS+-4He)UX9V7aZJMEC0Oog!6AO2?ym+t$<d@h3*auUkZfrsVYC4^
zN78d<6?j=5C!arjK7SAq`?m^_qLXH3CcmX_$10a!5|%hM`8%ztL@(chh!R(?H0iSI
z)T)m*jxXtSLOO-!!*_C<*Br-7a!#nVYzGp`f3;MaOK$Obh-I+TW5LMuTDH!q2GUcB
z$0_^Q5=Wk!)^x<hXmd@9o;9*kIu1dYP;G9~Jrn1#YalR0#J|1f{KlAbgx7?xQ~Sfn
zh?>D~;HTVzzymu%C^K0#<Xy7{+c;zCT!<vTvu9>)JxVFhUwFh!J1c2ufhpf?;f!fN
zewkp%1uYcuoJQN0p(#5cUT0}-XUkacZ|6__T0r}?=W@MY6pS(xJYLgBzYBt42OPry
zE8pTnu(Kw}>t%%7_*#MRIkZx!ZC*%DKtt&Q(HaV4my5A|5a5!7NQR4Fp^>lg{rd4S
z*!Mt(EJ&taiegu^KsyT{M^yqF)X4S#djY8Fv;rn>R=`}#&#rz6?IOUBsDyP%*iIS_
z5;#_xprSm6V!or@2yn;u@85&42JDKT0Zd3sHRAN|OknaCm1B26CrKFL2oxO3TRpsW
z-RSP<&mrX)L1sero)lJcGRu*#9Rvj!lA`Pm4?dNCIlsoK=1y(bD)27tao`1ub!bl>
zk)){biM2&kuMc@F-y~gtqf#c_6Z&0Y%%rt>k0QROoEYlwPiT6gZVMhu>zmnoo_9*>
zWz*mC9HMAAkXq<6P;TWJN-Du)<&bFZWV@NQ_TQnap*p!eq;bPlt*bpM@VhGlDz-Yf
zC@8tYKUEs7x2B<;0pL>MU;q<3ez|~ktZe9=5Y_D)bI3us!w|jMSWVg4*)xJ)Fp2<~
zkUx5U`S3Ok0h}5Dibg?;vvLtU*0`Jg91aTJ2=E}>gl1dq4?Lg1?HfdCZL0eEHVWe1
z_LYiRBVm>s-+{{rD5!Mq!pi;V|LW^gH)ise=+DqdaWjMx`>XJX_}55tUG?%avD5>e
zwiA7J=x`O^tfHPqTv19MQShZ1m!MiF2&bdERvwot++07fn4uD7(Kc_+c1Tr4-C`J~
zGS04wlr&Ci)q6G8IoSM6)RI`T89}?@%~sJ>pT~YUp4rAVvFaP!$ceLIr9&yPp!=R$
z3}+|BrtKBZ)-i>T7j~T{?bh+5rg9uk((?KHJ!UZt6m1{;f`xP(_M&^=>HZB{(j}n;
z{k?=#fBgME08gP6)ByU0J5PE>#xqlV5|XhCLVSD~c%&f`fxEfVXnpyNLA>zij4CN;
zrR~&CKz9UZpL@Rz_V>P&TZ?cbApCAYCqeakAJvS)yeAUm^NPHztd`-=j^%3jRQFN%
zxUe6bsZgLx$GQwdsowkaDa31Xpq)vF^B#;<jpLoc#A$%}6&SXeF9Ubg$09@G7hp7G
zQ|rG`btjB8Vhy*+1FHP-{R0n{0~Lm<>?j-OcX2FZG#mZ?{(|n%B|g48>uF4DF;G4O
z7Fh+eS6U@<8k8*-^vm_OkH1`gDK`(_8a@F`Tik(*+JRUD7-ilDej9pJi&~?>m6e~6
zD;2;=aPPxKPvQ3;7ltm1;n4TI+|wckwM`LG(E}J8DqjwVO%+FQnT1pAJBU1Wls`cs
zwpZ*#0gQ)Yt_^rIsK~5`Vg!JW0hr_hj{X>CULchU$R>ZdZHH&u?Gx`!l-nCzVVDMa
zB>PX`o1&hCt?CiFrw4HwU4HtgZ@Cov|NAX>r^(g`2niXW7zHfF<j)@=y;Kycgfe)9
z-WfOqZX-$La06ZMi%%?}4G#~aEQ5gx0i`AIP^!MK*s`X$P!qWVXMq=h+OFT7fEBMp
zoe5Kq*f%15r!LShqi}VNzN#*mJOQ(=L@pFD@oPmYq<jGgGqKT`ntFW$v<wVCp~oO*
zl+K)lrwOLGmPCNvm1iGCb2N|(|1E;lohp7Lb(zqwbuYFWTm@8x?{6EC>>FPx6&9x(
z5gRpI<#~1B&%1`gLfX1yK>mI_+zb}lzJ9TfA<cwELlfO+LRADw+}O_$nfgwC;#Y;t
zcuv-ur-~AeOI}@#dH%}&+Ajjmk<rmC6HbnEF7X5oA5yI51l0Q=19Jv7zLKAP6;AVi
z=WSIpPuyUQdJ?E;+)_BFDNw^P>$oXqJd<gbH*OYuP`xH6&ut>Rk|!o6#KgoZ@is(E
zV&xi?ZjqxQI}Q0HZu*3U$<>W?(#AxWOmE*}aCLR%ii#&jbgQ)-Xx^jncp5k0W~W_O
z#&N!z5@<ri@#r(nwMr9It4FoP9c%xdqf@G!yxErEQ&6|FgaGOTuE+RhRd(r}>Pp>=
zBQ!BJ&B@6L_)`gC=jdplt(_H>8~1>7WB<EUJK5ozT;g!@9PZm?m(UlGFW`#UsAr_6
zaH?Ajyi&bSzvmuA-Wuy(j?4KcK7u?JyuwY!KraIgv9PR;x)H{Hh~+K$7)+%G2r3B(
zs)WVA9UYReT|FBD&-#N*ZxHHg{I+j0J4%U`j;Vy}VS+W`#6wrDKNdkcWsVtog^H_H
z@37p$&aPxZ3y%o8uBx$!9KxlXFBIJ|r>7ya`I(ul+|eULwTaNzBh4oH$mNZVjm2L_
z5ETh(pyoTsz{`UUU&&wp{zf1^6s+rf&j1j)zn{-8Qz)CNV0SFtADuEOBja(TukN~$
z8A7UVkS`a%rn>qKw{t6=QF1F2-VJOzS#BPlsh0x}<nLV4Mi41GnyIU+7sb5bHo-4a
zc5x|h%A6fV^ET4*X5hA%xa;VtB>4I3t!KV;r3r0H#i+ZX{$#=_<p*AmVp9mVG`=(&
zgs1xde|Y}AEB<j)bf-@!VD9b|-Hi82^zQ^{`0uR?By>vPlZ$Fl5=f8M==%Gr#&Yb!
zWPHLo8eJuSC-o?_{NKe#e}0gQJHj=CR{+-lHRd9tNjgr*@GtuEmU`gtq!Wfh|9jbM
z7k-{`e^WNq)_M}5T0OZiq3%2LVfwNE;y2fpc1p+}Q!~vX&Hrzlm)qe5L~A`%>k?*2
z^Z!lycQX60!i{fxiy<XGRP`^528>{{KV9RnL*0pTUMX3RkV(vS9k2hrnF_pFG1riL
z_{W2}+5df1cb9}3xzc}+vvF<;hcH>4M%N$Q>Yfnn*8fJbs1H85IPm0UtLBZ8i;F}v
z*_AD$KRn-UeqRg+U%UKg#UH)#^9SPp`>>4gVI}^3rpFX?McY|^Zuc)EOo=u`hPA{=
z5s~inUPWV1h&bly3MYb?$BVNlM>)D=w^gz{Xg^wAQB6NS($Gn`AwL~IUAq3&X$jlK
zC|^OU`2ilyq?oG4go4FK-&n<>{QUgU=*on$x?ZAqYqEy7ZN=2;6F6avujv#DI7yoy
zSek5ZOV~mvsIT2n%4BEo(;;|K!&bKtqGt0jBZzJB-}is3(|Y+zg@s4l)WB0M@l-4s
zMB0enRlDuCp_hl$k3Nt$2g%DZzc4DJTWKG%y-4$KONexrF36477e~ye9`~;ZuRbjL
zQi3~@H+hCv&>)E@j3#D1d95jK$NxMR*VV)pQ`J@VQhY(#2d^9+)RWL2{T5LfCJefN
zVq$`Vg2KY-HLv30un>@u%*MvXs;jHH`H+EA13XHQidZn-{z2ub1)~hiBfuq!S=bC}
z+4Ana<6zGZuO#FniTxLtTNZ<Kxmm+R-EQ=JMcWM;jC3zbQ`NfWw!%3`Mrvm_FcRrD
z5gT@a(jPtsHm^i}SaS)zN8X$o^wGzTk>=pF-mMo9C2P(0Id}z^tKDxSF+%HJD&%+T
zM)SBar_RsK6(UF{sI0LPE-5ZkAf6EYt~O?FMO|&l!!@M@adGh==uTkP1^kFJfFYq=
z<t+kYGR%WwQUR^RgHE1fOVtTjZ<U*8WLD7KfWa;Z2+=Sw2&5A;JUvqm9R2RTtHRHs
zPrqgYPg?F>7RigF?H;vA+}635S2nD@Je+h%4n0=K#uqjsnYmw-W*jAUBJP>rJf5)|
zqq-b5zV_=&jkq1&>=sEneN&|j;~GZCL>EFlG+E4^B3~Fa6`*C8k&%&*FdrG8dR($U
zTjelr@|<Lw^}jC?Xqm08t&NhVfO*!{>EcmU!2>HF#Vws$UE^F^EWc0%tV?&b0^%p2
z((VJiAM$Srfr1o(Jt9Z3o5;^obMd(u+)H>%?iK$XjPIR~o;7Jb>eJ@Y>^{ru7MFPr
z7kAvf@BP-V^W@8!InB?oN!~J^wO{opKI`$=rC3J<^s!$Zd(vnwe?5Vu>GE2_aR4r4
z02BPnTL)kL*T$1;JQXKxhTRxuH_{jPlNT1um<!?FKrIY|;BgKSoEiRi@q(lKPU)-Y
za17?^CO#Vgvg6AVnIjN72nYy(!*6zW_E4W|0@Cy+G6sgJG*Y+CPe`EoTy=9p!T+#6
zsAjAnwb|d|FWPu*nV5V^VJ_b6*QI|C_T)6_-TvO;(JXJKqDb5)o9@lxNAVTnm)(Zf
ze)+wN#FV}5CR0K#Y}e7Bs+UgnQDpL}m9p?rlkn9L(cv)TFC|&|-j$gSJMzLcQXlaH
zs+!H?2;*s;I8^N@^4U>$sE`BGTBVvNnX)81yBx0KlL-H(+H8D$UNH0mqQe@Sg|~0C
zU^cS+ErHu>tJkm3a+l$L!8Ck*ef`u5joj%5jq|O_>)*44E3Mh>Ufm)QVfycb6DuYB
zx~KLDTlnK0&Fw7V4_4wI-e)gcAVVvyKQzq`&pUTJdA)Fa6NvNVIrWV{uSfbL1E*52
z7wLuzk7{X4Qka$~PN~P^mek9!HJiQA>?-+EL%1&D5{u$_L5AE7R<+rZs^=p0qB*ri
z(#%G(=~c)%!TFzkZU0XGvjOO|QS<tY>fBr^KVCoQv+?X7ViN+$z?6ZAY5NDo#gjZy
zVHQS3xw#Nr)c`r7b|k|5mi1YCTCV^X2fojLkA-a_5%Akzd}S;CdPzHE>UKj)Ed6D_
zoG*<p{3Ry^>~Dw2J^#uq8yg#`iDR0YDlRY-f8^23eNj!nJE5VIO<v&3S^0sLT$s*a
zU1wczvd0WX>M{9<<1IhL3qwd47nA^*3i|y6A>){<g86R7A>_YlhW?kiaBroB>12Ks
z^M_Vgt_SGmF}8X1dt05^E3bN=P^&-TTFt*I@X?h`LSpf~!<pVPU_8)nW#{DZ>B!fG
zS%i%2-@@0TF$u8w@3?x5A(zH^wfb3A)hPYgljG+{UUV-kyVvLEwscdxs<B9UtM9Jr
z&8KZ1Y4kEPXNYr1jGhVDy(s8<L09x~e){qIkWE+Ymok<)qxvtEST{sCWCoLdPbJA;
zuPnN6dz0Lf;FeG#huuIah?KdGp$ces6BCO6kF&3UigIuF-C`jkh=4Rm3ew%62n-T}
z7@#06Asy1CQWAr7g9?fY(h|}Pol?>uIUv$G)ZAy(z0ddEd)E2Rx_i0y(xpti@Be-B
z7dcl%nsbeYntQWDJ@z&&3OlLjqTJ5}M?@IO$vrE?tmseVh2-bwGx-Xhv8`BB1d99P
zZ`m9^PA}X8oS$&aZt--tCz|lzs4>v=xc2he@qmbMsA!crh7(&#TceD~_ueXUo#2;g
zJ8`YTSu4fp`OMq9kFR<M)zc4?Us>vZN$oToSuA~3kC5#;g-OoOldsq*uJJr6yH|!+
z0)RW1g~^<ldGI+`yNqq=&0)O?qRi!|WRUx2P)3#m&EAhEIqc$pxlnn;j)oSvmDQb7
zA~h)^EsI-{zIpzJjgBEuVmy`Q5s2FsH{u0^$}GzX<)5?9pyYp70}h-u#@F9O9HGnl
z-ft}2_<-(lEmjgfE@V%o80uF4R&rx)L2=5BIYLTJF#xVMB`QcbRQBAo)fW=SaixY&
zt*VkfJmP{|$%5MPrrub=6dy<+^)y%NSk>bJux1VeBWN|%lf|yx+PuuhHnr8z(7?*V
zqQM++E1aPMV6%X;g$CpsvJ>C6DDqmP_bXNuGiNjHEjgSQVjRb9Q?R`&t=rCha_NkK
zgbE1*gL)&;%VTPqFGQrQMwm0TE(Ru1w**P0hk|5*l$37$e9$@5azSeU2l-+7CfDN2
zrE{baUj`o^OW+DWq5a6r+~}PE#mh6AQKsIcx35^g&*xlVuawt@l0B}W6SvN5C9fC8
zZxD7{!>6!Ya|8|B911g-3wVi^jpupd4KmO<9jojlpZ!tW!CE?gTa#Jz64mlG82l*M
z=y`;v2dJNVQ26~$M1=hfk{pP+mmbP9Dn9;QX4#yC1Ipi67PMjE^Db3=j}t}JzIVvW
zEYygvB7(e3Q+?<~i*1u=W>D*%eul7nMnY!%b039|*`N(Kx9DV;7pP8Y?$u9ptQ72&
ztgel>V!=MSu24!Dftx@9^V1fVmd}-?4W7pcPI8c~+zYUQ%{;W#4Ri0`vkR<WxEG8e
zAWr}oXi<?6Js3Y-Z)O)EgI+fL)EU{=_wjVzB=clkD2mLq%zLP|mPdNw!pyA%MqffN
zstBIa56w#1%0_1I-C;wj=Q??EU}#8v*r<$><9bwn)8__xU&gOo#ORr~EyaRtY>nQ3
zU5y#!y2aO$UaNP#W*xU@gy~mL#tq!#26_{~+J5%zSqAwHp%A_?>vJYn=j3AFywSZj
zGdx$vJp1t|jf7|U?EbgEc-Enl2YzOxlxWcWB%53d?50s;t;VZ>4gpSp_x8{G(RS6B
zj=QIDw%(PqVYM-{xx4;T_-Dg9R&><GAqsD&>gNlS^Xc?dejGg!Ix$RCCb}zX>%U_r
z*=(?5XY;{^?r?%*g8dovZDWDZ!|KdX{nEvyHSB`4_wBAVNsrKp5w8Q@u_lJ^^Zdw7
zgPnXtdDyvL)CT`@iJm@#kJr!fRAV1%3CoVxvZPa?o6(yyGu2a{@CPRJ@2CoDMuoW&
znN=)mo==Os<Jp>g5X+=D3R7Br*GYevP_>Ajr%DObJVUIYs7MbgbT}Km2R8sMZ~zc$
z0M_9EqLeQvLZmO8sXKycEVCzYZM&a~hE4?Sv{xW$#p|ZmUXWfk_kx@9cpxV%033BM
z`SMi>Y_S92g+k$)r_C*TYHD{N4Zy;7&DE;<=}C4NtP>J<88OxoDmNm(0%PJMj3wX>
z)uR=U*S)`>K88d_7}0aM1NtUqjL;b7Z-j_*X7Z!%;%ZmvS)C$Q<ld+yPiADWyz656
z%Cg<O*L=P?=u}aD9qd8CoZSqD_As_Q1jKBKdG{2+JodrHTAP$i;6&v8SCY!|Nov1u
zwM6t{EX_40-O-N@wJHP-B(1`{R4vS1r`w<;X=w{PGkOW8Z?JRml$Sq|b{PhI(-$vY
zC)JWMUVvz)MPp;;HV|*Ea#V8Wr<(Hm=n=l%qWwnX>i|MKm%@HL(QN#|hx6W_m~`X9
z{uIJ{fo75QGokNUn8l^GMn4D{PaeJBldi7X@ZVXnK5$!WBwaR_n%!>f4XKhSG@riT
znchA6hL@LjcvTj%r;TmtL5|`^Nag0N*SXV`gNGYohGtl&Q=dCC-?37mQw+J$T35TM
zs1{hzw?j`5p>2Eg38rpG247DwhOA0bodd%Z!1hY;aKwm(%)mOC4;}@Vakos!>)_}H
z8S$(dP*89e5HQ#<x4#e95nQ}BLK6+VU)w@~3{YrdLP9G5dBWe!xRLt<lpgjVH8AtV
z$x9c(=*t=?d{A$f!v>&Rl{9KB-}rQbukT-bz?xpfE#A9K=w=wHT-;zr1mGgTpP*|g
z{UahG`ZiV%U_XzuFYfDgfwlX(GkNNjqmMH<I4CT1AlLnfK+wB^VmFR%2?j8N<$y<|
z-?^)oSEt|9wAAw!N0x>t)Mf%&>4h+Chb09c9gGBFw8ltFN{V`5*aPYq`LRvw6nd^t
z39rBMOGpJ~B@UaY1s_}wTwDNWc#GHU8>ZCu=&kss!3fM4VahETy0*17i%Gkm*C*}1
z38p~`@HYIeuv@*bTPXY&b#ppn+ey2Vxu+Fc@F=)H==zODQiR*JsGWwIR%*|o4b*oj
zc19i5q0@jI#He03YBS0)ng{28O7D9kBW@@NPgZZlJ(Eodt>~=NE=(LH@m4o9&-6Ji
z-fFRC7nN!Dy1ep8C9Gzd!>IU_K!K&@?_eIysmg{7jv(`pk!Te2kz(D*Fyz8^xaOeS
z>&_{Tp$q42(y*hG<*(mQe0x(R8N9oEWvV<gXr+otrdFYXn0!kj`-6vjpq9p(h>oqT
z)JiIwe*aGyL#=EQYf26-2h-pUbuMK;6}{=!b}=)Sw-4R@RCGD)dDaGDaL<~$45=~A
z{RfBJ_l#XY_2LN2u=j@xL<yS)9otGEXL7*V&40YRItiHp09}D_NKkOP0P;N5odXk5
z+*ELDi%!T~12FW9{aKf*e>5=Lz*v*uBG({Xdl>6^!%73Rfm6T&9)^sdd4B*y#;MZ`
zFn$Di?+<sgV$;$XguA3RQ~~eh%6HKiAQYsqWO^-kvORqZFbuTP?m|_<T|JZ<pfUpB
zG+USj7gep+orT3LtBi}B93CDQTh}0L1)*kqbD|HJs-ZOiSb~XcqbF<fX_I+y(q4dF
zFUae|+v@@lj*j2xL|yz?o*@blYyb$<_XDToBtWnd-M$|vI_{bdyAaB7+X{~z8(Z5I
z7{^AC1Atl|fH;6YyrTc~gm_`385KBq_u)2)VKjomu@u$R&+ijltbkkt@#X+Lz8+V%
zHFEuIk8zjNh_+%H;HIGGV4#4ZVRH%Dhx}<>;1s&;FO`&a!pZ#tu3jHzrl(-ktcxDi
zg%R*%00b*eQL^w@_J~)7dgx$>yAhw#%2l^1mdn3?{|@7^!tSBO`E^V80*d3Jwi+5Q
zPoys_x~D~I!pl%AmS(Te>Ph@5>lag;n3;!^kgDP6Ge^zh)1s)|oixQUVju5Uy}=`%
z-kmGu%q6xjQ9D7Xm3Y)jDT=p!lHmvb;0pfeEdF5n2am)N+paM><mmM0PZ?bYKcwGT
zzu>=VVtSMiLAkHh=fkYKPE8?`7U9{c^yL<lZXLj+)7<88klq)Cl7@AD9?NBDhzt$(
z8Bje}VN79$49oM7l+rpFY3JTb4;bpla6TApC*|tOcTLa~_c=O%dv`NcDgpd)CCI^7
z3$Qx7FI8XOb9=Y7zAgb<8@GzbGq8iFzj#q`5gJSI+8qb}5!E69ynFz#4muJv^z=xP
zQ5y^a3z5_3$NeBNu5(}!?23kb02^)NZgzsHI6=SaYTV{?%^=~d1k9{)9y)F_?@XcG
zf!C3ZAxrRpn0fs8@wF%25Pz-*JO#>OTY>TM>v<YL?oy0jfSLU)&KD1Yq$TK%zXop1
zS!Rn!TgzZ;0m~5`)6Wo&!*1XN^ckxGHwQzEu`<WZig2I@5+?$p^8@TqA8FjeH_`A<
z<)Ww|ucjw!P~?#<3n;r^Ksp(@k0g$QdHNe5rjFuFK$c;HGV@6NyUY}6I_#-I`hW5`
z%cV;-U0vb(iTR~ETe#>GMprbIGlP_LT{Qqu-k{m+tYsdvE{q?T+MPu_wylzniC6}E
zQj5*D(~y=LKIQp)HkZR^>bIyH8gbE<vidExVL<+>X!_5^kh7n4G%pz-a(u5NeKim@
zXAm_Oh^v0gmwLJ<i_&`;5ol@T&3zum&q)1bgqh$<_Qb4|#0uYSq;%)I&gK*1!~&hv
zx96%)SIRHRAmXGuQLz!r_w*mQh<~wqLf@&kPfPc_!~IK8Mu@eR$kO@f@`rZa#pNoe
z4$76ohenLT@|>7!#nNmts2406#WzBNY0+yz+6R43%v1wscR2ThIQ`25a$hvXMv?H)
z%dgo0&iMdxO-s1FYKp{XK<~nKh04wCEneVfpyA=reCCe<|8f_EL*PMesIULpdVPgC
zTnhN+xqy!Jf(H`XRFE8DfW7EA9OOWMe=l$i0(?O|5dL1u%LoWuU<Eh;KlRK*;(ct`
z^XJbYFffpj$w!5U6Q|<LB!IfZvEqKo0DEvTyjJQ$9Q&;)P!DLzZAj27GRHv)aYVjC
z70&REp#1nya&q#1z!gL6L0V|KZO-3%_q=xS5|JqJBqYqbvbQnf;~+W!%@?z6b#R?F
z2&L3g9_(kPx_<<;F`(2S<}sy%v~fDf<Fr$^;c!H7+~E}k5cfsJUtd5oU2km}11A~c
z1BfW7kC0-4@OlW}js}Xw>-&3q&OZm&aNGB9fb$AF;Gzynxs(8BF{TpEB6*oj*{TxO
z%uhvbMzf`|i+ud83dM3d6d{Q!?y#!6Ff(=PH6<lwvsY_MPh)-6FovvWQTJBP6&U(t
zj%pN0gYWq?Ao<<DKRpeq%bc?67PdYPT@G0VFAAIPW@|@C$59K#FLlyHmG^H2{F#}u
zYf+{utlmF@rZ6qSeVoroFwB}n@v}_U`e)r_QG+z*?@IJoW{g+(%#L_+6Z$<0oq^iP
zVE(R!_<jv>RjF7L`yAtWeSP0=X6>+l(xq?Gr*9}_&-eIANjk1ULwy-+N|~pNgy)Xf
zfseftzP*#!+^S4sR&PQ@in@fSw|&u2?1&lSb&c1_<J%Wk_gSlbG;Age0@e8*)1_Re
z&Gi@iazb)=iM<b_k&3J>lL(N&Q<peEIk=p0++A^S&E*-ic6^H5r&}Tx_pGBkHi@jc
zgg_r6YmQ@4b3T!K49>3D#N4q|BkNeL9|x$|!o~zb=I&;(G)$aeY<#L|hMCDbNuNMY
zX_QizR9b3+^Kpez->0eGdke6Bi$Y*v<U#K~{~C66*B;p8T<1Kxq<3%v-c7f-zyj-t
zGq=JB+g}ak71W34Ck6nK0ZCn|R0P^5z)b_9q{j9q%<X`AKD#E|e_-!I{~WgDIL7|F
z7L#KWMIeeTMO+P49F+4FkZvd3&?#TPeuecK;q;m|eIBa~>jGen9~7B)11tjPGBU{y
zg7-MI;b@61!|j(?M^mvzqi7s1N`!^QPx-^z#)bzJP;NcQ;9x+!lhCbAi=PDm33w9j
z*7=`(E6IU8f&vuM`RpGDvh~AONX%_*y6tg+8}MAFh&w8J_t1NKdO}Uh)ODujgj?`=
z>umbg1g@-^#l`(EEdY^)M-c*I%Y!X|vO$i|z7E_JASlaIxUsxqrcOqWlg^0+JIt14
z;K$*&G4q#P1=Pwe<>VBa0PT!xFXSWjM$2^3FsU-1Go9(Z`ex8!K!YPr+D+kB4wr+O
zecTZ5WBV>>v3%)1LEOi|%UvX5tkOpV3LF8uzXB*e4~QJI9X2y%xwA4cI^-<stUHov
z7uJai`g%|1^m%bpE8PnE@GmoHq0}zHp3n`S{2P}uX*}w}(C)dd0}d9czLyYJ&Go8L
zCq0QSZp&yiOR~hd#G@{^Pwpq7RtBu--8_A`zaLsM=B8sR>(*V<>~@nKc2k>|JcPnm
zCh@$lojlwo-yVsYu(hSH)~7vUMEa&9eM!rXr#tMYJt68l(xA^h#CUDbT9%A-TUm~a
z>~DDZlWiVy=laAme~)Kg%}c+Y$IQoGt<QH+Vwj<M)@5|k<6Ae+=%fpiOW<*$6>_(O
zqlYyvwny7dj-U5>yMZ;1?5yn+i%v?>S{D1UDjr*YSY`A{>&{Opmk|cVT{mWqUZpNR
zW?ib51gg$z{ux4BarnbRLMOwWDwg_~x`)#wB;njmOuC^VmM(xr1lSdf7=Rq|J!UEi
zsP(akUT78@>psGTo^b4v#xY<NuHb?lfLq+s3DjMHrM_EL+E80tD;6R(v<yHEDDm6<
zIh<f_1QDO`8p+q1AVBZnyc`|nQ2^=!CrW=?Y0z0X)o}Nd=34^winX;hAYW8ZBPGH3
zm5zeq@)}*}>$4d6w}7b*t%8c}K3HNuH_AA`ljh@%y_H&&fYa81V#OJ3$X?{WHi6Qn
z57%7*u8c5nAIb6<AjXF{&`p&M6&+p2i%Wo0h=<_)7-r5m{Z5V7b>KMy=F9gQAN~fa
ztp?BblZyd}0*X_d%Q_&}!$55y?LIwm9>Rpu9g<h}i;|KZ8rupS<q!%Em8vvhfY-wx
zlxISUAS(cHy>@~1a!Mbw5JzjjFK5)9<#H_5B%Tfbm(|U-uo^XP*~<t(f+BM(w;w=b
zjDg?Uhwtw1BNP<uEgdN?aZJdZauT4mh&`*5>!?u1)V$PwuA#$xqS-3?rzI3Kpp7e(
zM4{H#M&Ej|i>C!y2IXt9t%3e@@73koSIL!9TUCPX9&wnSUXTlx`!gfwK9+>N8)i4V
zeJEVLlY6oPIk$1dT~fGmCQx77W@2J}m%elH$)&WeBfP5pv%4o}&*Hbt`qX0r;(WA^
zh|D%H0Tip!_cN|*cOwyJPX~~#pXK<uW0~rVSpO`mSF>|RuljbUL9Bid^QA!&O5IXa
zx2`p@*zhUzwrotBY-jf}F=9Wj?&0+ir=jQpkACZ_Yc4LKSH6mLcMJ58P$p)M<aQ2Z
zkN&K12qd5UlD-ri{BX`{9~Gn|dQ^vPaSAB0na8K#n}==&up8pGwzi}9r3L`lj-z9N
zCJx&0ZiV(}6VT5ASbpBk1cKZxKwOz`#0^JGz|b8ajs2PG44B9CRZJf!si>%0qPSD@
z4{EO+dkS=*bydz7h<l17fX2um{|t1psf9R%enkhwG#v5^$VBnivNE)Bco}F#NGAGz
z&JZ4Np?(+tvgumf`~_v#WK%@|oeMom`R-}l59jFs*iw8cfaO)joxR;$pF>M%>e-_c
z0T(80HF!SC&Nq%*Cm<d8bV^@TIB&-$2yi6G<jJcg3cVhH%(0}LePNnE9qI(2u)5;<
zw_+;{00Nb0tpPv(lnsh_HuMxgS53F#KM-C!MTIWg@pJr3p^QKmhLkp8aI)9lw`UTF
zlDQ1w%#N!7$m@CUYwM?ag>mTYVUWn<kmJ0(1AM4Ng6x+(iG{j@xak{tZB<Njb0wR?
zI*>$chKm-C6HC>wDRFwtgJu&{azpT>fpY={70j^*2zO0hRykxnoB7c9XVt7lDT2+S
zn`}j+?1jR^<x6LF!}cm<0@wFWv_&)xP))Xy@9LyN7#yMP=xxNzX&F|3m0EgE$GtuC
z*yX)>lc2w({LGg4w7H9b);?)jWw^K}(cIcTtB*n6?RSqfp8Dn;9IHmJhjlEGE}FY!
zn`fe2s*1(c7au89Zcj{zzk9F#c)2*gOp>;%e?fytzI5GnsTz)w@<X3d@9kDZsa>C#
zeTF#0<TDtsK^70VtjU3-5naYHW%-R2gE7M-Y?GhHpA0;d$~K~D05nWncvCJo3NkV>
za&cwDa}C6WgQ*Z+B)xQSF)*^g5|#)4<L3SZI~_pe##bO&UKPVFhB_~*v>#dp*Uecf
zO4%4Bu9k&gA%A@eZ8%Q}&U$%3s0#io(H>#J4JuWTC-3Fz(b3X|J}-w*iDS~l%bsg2
zz3Q?a|8y2t`da2zHXawjyHMr<{2u7-s61T)il=YGG>P}ldkr|T&~6w1{)9rd;|I{F
z7_0FmMLjcwI`jzIedi=D@a{14zW5Zkf8qwR3{xM7LLmozZ%UbID#{;6BQIk>v=3?u
zIZ#pYx)}B(UfM%M7}OmWpbg#v{1kej&YS)fufoQR$6v=3%BY*wSQs>PQMx0Z)XCtZ
z+9vqQi$q!54Jg=vW3`&7l8)O0Es9lGb?tza$w+b%-CaQ8t$$$(kCNgBp@L{J-Z83^
zRQs(Z-ME64tkW7*@w#*X)}1rOG3P9ygM=84Be4#i8#)a=L3<^aPrN@*0SZqiay0YT
zxvRKGlGCR6Xa7+N)!kiYU0OHK6ok!0dMDC{fox+>vN|iiZU1GuR~~BLz@{EAoP6Q@
zy;1BSREOj?J7=E@IO(mtJUF^c;3A=up(1B9!HyW2*l<g^@|`rX<nYLIspR7N*n)ZS
zNcYs$HJb=GPj!i5#ft>0c12Q}&1SZYx#TAwaPy2hEG~Ttr?8>Zdi5|HCEC~RU4mM<
zf++R$X`B9x?R4f`!q-|?BbhYf(j9@r2PEoO@N8e0om?ma)kxR(+xrNhH{wW!Aik9j
z&>+)bgf?^$AfK?iw?{ATaKZ!hNxl|a>zDx3b{H0KFneFuZZqavKX&XGZ{=nWbQM$~
zLyW3>5P2YxOsl`4_4xwB#NA$YPw4*LVa5&!U`SRWO$HZFpmE}9S-6zjhMUboKfb`Z
zRsaQ~;Wmzf52CJ$n`>*eb3lL_bvn2^=YKd=Am|QLC3^2&Lzqa>ch4Sj2>@V_Q@=`T
zQI%gpg8FPAA(aE1^D2;B%npEw64hok?9r1+oS2FqwO!2jyU{&dYCjFCYco(D0>8iv
zAHx|1AXx(9C9cF|j*CypTv-h8H?wui)?pTA_Q|ywSTofJYg@oI6*LDl-2HqQaocNZ
zv%9VSWj~t&<s?%&yH+w}x|TM&QJ3{tCgLx;2X7`p#unBT*5ei8US&7R>`NnNZDvWQ
zVg3;lSAC(~R)L@P?{F6*S8Uwkh$`T0sZ<T{3RX)<c@JKa#8Rs`(@I>S`w75Lro?D0
zjeS(B7eS|*(jVlFuJqtRuCw3b%JlmugV%VleCW7yUP$o@q*w(pdizWZ8f$qA`_jm|
zgu=G$gT}@d=79~@6vdr`tzH+W@Yaci@QSBC5*17vuKpBj*vj|Vh!HR6nE9gg_9R9Z
z7ov`SiFssBChaF;$p<N=boq^vA+FYCnW$E?@rfPz9sRSyXReGMSn*@4*H0b%SRG$F
zsLjnTeprhVudNub9v!loy`9@JM)FABRE$|SL9sO^*zN_cP4C6E=__`utgMqScyvq8
zi$)NN`1$#LPsJTDW0q`3uqOgClJ!u5|2_I^ZjT?rxDceTKFqk?-K3TE_5`>gq%<6d
z21vLd%cREo?g&;KK%|g{Z3G?bxL+iMn>Ukyu()t&SOCH`uXrVXqZfVo@c{xB*<%lr
zUpPi!JT1VyJW-v-lYL<U_R+XQ0|J83`FO#+XWNAlh_;Vn<Yh59SsLhE@C%DK8%~Yx
z0eBUI!MwN<oa_&ic<Ifr*Fgq#2#yu7qhx`73(mlXm+>5s+NAdawy1<3lNqh=>zk*O
zGoL<3UC*wX*8lRek-5Mnucy=x5>%kva}Az{_86qA5+FTa=R1W{O*wc%FPL$5-H0*a
z?6s^ny5~yqZp`A%Nkroh_*cDUH<IGVF*#uo^Le_k4oLerX87{$O}p9Z%^sD}OsOk4
zu6r{gQT9zHKpa|*mF7N@yjaRwHa%k+rxQ+B0na21-Soi)J?1B3itsNZt2mPx8FIIm
zQZaknzma}9d{#$VqII)fhDT=<3gh>yc^zMTBqgejDmzr4+mKD1Sh4e7dBwC;LgD?$
zund`$`lAvngH<bgaM09kYH5Sk(P~a}c0EiTK$}2@9jV-r8hxVG%OBx|H5S4&mUhUN
z`mT5*+Qu*=4CR8~qtlPnStV_)`J_x%FQ#u0PLGS!mV6fTatYk^JjUoIksxca@_3S5
z206DbnaWxhGo_18Vyt70AWK!C(i**|HACZko`i&v%IyR>pZ1p^GeR<BBO?<DCJUVq
z@0r>hLydzQKi&pKama|WwWRa9%_t;!M#<?_KZD#A^(L6d{AvK9>0i@$bR;$OE#>YT
z>^D?Zb@L2rp^XNzr>;r8NFt6R3iXHW*q0cotpYJh=0uovhlo6;q&O!)!tYCnmvNqf
zf!C45a^aa<k-&*dp>xnKLw<&H*fcOu0+AMC?&kXX4_I&j(icRZ!hPRgV9~s)uecc$
z#L-HQ$a$P2t;sVMf++Rn^nqC?blwLbAu#(cN-~bHs~y18u%r2lfep94!N>o8b8>EK
zZv~inF`@o)epE=+KXtmMozK&|yEOYWL8I}bHb6asemu<zx!u{;czJ{r&mj#Dcbos-
zTM|IR>SxyNtbXa*m#`+8+!QxGFxrVfa0cOVC#7?YQNSlNs4nFu*}9~5-clzM_tC?}
zPfLds@4`kN?cP+YkX$uGL_KmlzCAW1S%)c(+v%>*3nVBSve#+z(ek!LfB)R*jG`>+
zW$)$|)5`i>rej^fxw=~UG>~qKLh5iEDHCEWO4As(ABs32B6Hue<DU>jZcDB^k1nms
z#`iaKx@nW-Of6}Rd6MvqYG|Hfjmf;9%Ex*fs9%v3nfLTw)D1%!na#>TMa9wB)X;E4
zO6kWWjL)}y4uU(R)|5w;uPm)5c<x*?k*9ecEMjqiMqW^Oy(W}`=bm9jJKlQ|{^${V
zCV}-h2K!!%bHv1EdQw);Jr!;x@`ayXfkGTi2WijF-bi9Q@E)l?eg8zwUy`;>b$RtU
z8R_u^0zy;?k_ITK$03#ogE9~_1~=pRj%i7<vj?%p^ct!wGo8#1bz7IdWEAYsU|+da
z%Ee1R83~j7+UGbr>k3!d_cG!6Dj01*LyM4?hff~ZbfZkiP3Ud&IVKk>qdTqrHdpe#
z;z|?z?N9Y#jpuk=^6wOU$hU4eXTIXQeX9N(Cj)*>2anNJ{eQoy;j)pjZk^3ahEYe0
z75R%UW`0=)N#t(FiDw9;u8`!&>0LWnNi@4HJ{hX|@Ub7~>idmV+2j#kmNZ)>nKYD}
zC-Ti@{ml7_hemYXlQSVsyWBn_WB!S`oMZM61MN?XUZ(UoXY7`IYppWuWaUN42VB*K
z`>&rptt}f_DJxNFekhYfAe?w>Ve9Sj*aj;xvrQe#na2{?PTw?Tr!jZ^@0~`UyuWl=
zwoIqYRhI0|IHTe(SdC(Se0&z>Okv|wY7qFaOmfNY1a0%<nHZ^L+xO&~vaUL9to`HK
z1q-1h#*{CpxEz0k(N7xbh67pusehaws9wEWAd#}TG`$ynw&w>jbPC{WrwHtg5TTTe
zvJ1i%JuGeq#nT!<Wx@H3W`ZU8cu}7q4vYJX?O%Ic&d7*~7z?>JV<tiDdRz7wzxAEy
z<mXv&(UvjMoOVzON|m>|M9u15Vy5_{+e1%s!)1P+q=+Lp5~W>|Mf1&iA;9X!XtUL;
z^=sG8N$$e90@#``K0w@BcDh}O2GHImYNZB||3bN8?;`E!o}4&hBgv8SK7H$MjU)^7
z#5eDbS4-l(p<U9T+|C_PADgV4PA!%laB~^)JLf~!EVND2=yM^Ar%)a3zLjP4l#^gD
zrz~r6Sx%2;W%YqpMoW0vVkkQe-=o2gtIq@YJ>%?sGRcXZAKuDds;E<&o3-Tow3{^{
z^<(2v8iTW~s>r(&RK!Jk_J}NL|4O2{^@;EEdAFE#<4#Yz*W-Y~n2(d8rw*~J-x`)G
z?r3}lIsz=3FJHQ3004}2IjY6>pimWW$k<0mN3g_+(@yGN`dAy(9?{b3$w4q@<WckZ
zUUahD^4T19&77+*>;QkEdF8F1$;^uZW{1ya4F7udPO0^Tc%;2yH=Gy+v>mbR!OISO
ztym-Hye0+4>wgxdHr`P3c>8g-Q_ZYPCQo3j5gWWL?%2d87>aF`ryGX~*3CNp93McE
zKQ8{U%;u;=JpP&a+u(lOnwQ4tHzDJLqxSM)WckR-enm$n+G2gW@|f)1rG1s@*Wh<F
z{8Q2$Rr<tCq@L#Zz`Kbh;ZLsn94;l;oK~HrA3jByL$B0i(tYS*u!<Bi{^6Z|r~EDU
zaY^RO0q?*G2}B$>z`v!qp8S$>=)63qg0a=>o`XZE2*61|*`B2#BQwDk#QW;sq^73+
z0?+*5;2_z?3jG5RW_$0@^w=5o=NDYDI^nv8urkQ+FkP@a9icA#`bL!%`^1BFd}W?9
zSxIl$2adscJC(%t$tv1}rCEVB=_mAF02%eb#4^Pgc*p)hen+?YcT5P^#W;0d_v5T~
zS(Od5JLxy;tk_CKwl%C@bja&J!qADPn_DI7n&57kq)2UA8GK0R(=uStX}mN?v^%-U
zkBTp5tv74Vs9b2QAXS`Z<g~FBm>S>ir6<rGbyMsqIUPzK(dg4jopqCn1}h{YPjmfS
zCYi19QGTbOCmTIxO>}y~EbQd##sWU$+Fbkhi4{%k-9~zA#pML<C&lqZXBVpW6~pZ&
z-viw|rXrPD_g)F;YJduz^Yqjwt@AI;j-_%l7p!Zd_Ck)q@`~bxUBbiMzv#!jLitax
z`LbrPi=T8k!LftKp*07D92}4bv{?(g<#JUO%1)A0vz`V10kD+fg)Q%OVu}6@I9vUL
zB*&K&>6<526?oQzp)`HW8~J8Qj==SB&fJm77QL%Whi#sioTrn~SuvL=#{`btqZ1}#
zq47T6bZ7fV)erd}0hH6}3f1Fd^HBtJW}m6t?A%K8nftX@v-s_&F;wN6JJ?4Dk15k^
zRm(DG=i^RerIzySoB8fxZ9FlKJtZ_u-vZLk3Wna04D}ICaC9lx58e%wkXW*-sA?jy
zd*WlE$E^G8mjn+eq~(%8&f5;JogOOqd1J1ty>NY9XW)`-zHP!{K(j9Bqrtx+XU%NB
zFgXmHP?$D>i6f($rY$0nWHsms=F2q~m|v4-kM!fDeB64ej+O0{rMKigf%Ux&sNe(s
z+ac+1G=dL7QnjVu;uTMoHBm$j2cqT$Tp`;H39!Siboo4{lTAkuE-{?ueBvOY+>zz_
zjQ5kF%8qKE=|$#!<FJm*uFBEF%Du6Db?uF|DzfRet!l0Hqk|XUjQ3S#K3^V+_o*>I
ztldM<ob#?))GFMm_or^m^Fd5ZOl^z{hJOkdy+|iKOgwt0-_i=TJU#bQ29sszS>9io
zyHMxhNi@-o2~F>nK?KqvYiK0vSaYIXgI%qF82#n^FJ8sJs=)oyf^#-dG5GL-CF=1}
zkCeg*S6#HzOHl=$b5sp<S(v&@s8_`qLoLU9KC+9SN>j>kkbG$~R4@yDX;jnI{bw`J
zL++%VCRdmwod#SyaL~TcP2yR687ARblnjhR{y_t|2X@GsG3jDFi72eGZDZCh6TPN8
zbW22J>k^68s5GM7UN?!<mKBPh@3F>I)hC%L4&B&m2T4-J-MfbwWwR3t7wdU_s8r-S
zOR(nM&v^-VJuO;O#f*0=GBS0%JobBSqb>JZN@TI#>|>OLBKgTH1L*^AmsLa+xz#x*
z4%!fU^ZK8cnwaNo&+N6u7q_{-!UUHOAG&*F%F@E7>X--ZF~<906_J68rCk4LF`dks
z#M73;@ld`-CnqOIM@L6SGKDYSnF>luNp{oh^cQ+~>KAN%%z*2fuFrYHg<0gLW;88I
zxK6<v05dS#tNc2l$+87!%M{df{zRmJeyj0)=Lq!|P`j!oiKsE@_6>fpa?GJ)RN<E_
zz4B*7H+mrtvr!Wf3xth#FV))loRj%e7YnmBlHQ)gd**QRD6t7^Co}OJ0|m;CL}b_E
z&gl3g(F7mbg}Bhe4>krznd`f>+%t5V*<(*7hw1pL-?|prWfmf18Ba>k@_xf;Oqz!1
zd-^nmUu(R9!dDZ$Nz<s_6w18Nn5sQ(khoUc_x<z_!ub3aZJ)Y%DH9irVwx=GN1ppb
zwww29$^^erewM&Y&gpv>PvxdDhso$Oa38J*5va*}b-K)-p7=D9WaP<U6>XmXMrp&#
z-&0*&;&5($GmE+AV0q@Q#DVuT`@GL9r7Q&~R!TWWsV0?;+`=3c-LHhZBrKeIyGb~$
zYuYHz%sr;muvK^1Dubg$Ow#Ffk>sc}{1T1(MGnG=#HHrx;DD0}x;;Xqg$;YbOgD4M
z#v*P31qIaNqz!Kz_+*RVcuy@HEOn1EFHAo8;$)$r@s*x5l>lhU3Sai?f-)o}d42oU
zZbdKtwOH(A3`-DLJYP3}|7rRG6b6S41Z9~JBvM3HE?YY8&Y#J`!Eu4G4XOon=nNS%
zcPn49Jf-l2u9HX7NreL!^f~;N{z;`}U;PaX1NXe+N2T(?XG_zxRn?LQ>aJo3by5sR
z@LO+}-PB*pDAHK;%5)C>EhHNNmrfpX+G%yqg;Z8al&@#!Z>vu~XE>S{p0q=E?VKbU
z5qDi4>M#piDW-f&O-Qrp<!b&VUue*^Y^41{*OtX$=T9F7k>WJr#%vLK*GG>hsPeBZ
zG-h-(X07nJ&h!&oR>~ZeAAT6=4I|MB-S^U(vniTe?#v8!e$h<l+B%6gEu+2PUe!Kb
zijvK~dR61~H`#kjhp2#6LNmWbPfb(BkF}0z8(!kf)5-Qc&waWwsn*b;+Gcr+nx*4R
zx}u!l*2`*JJ?ekFV=v(w#b1xTn06D^Oh6e(_yCF~U7=@j>PBg>p@oib{TSZ1Su^=l
zZXL~Ae{&dxo9o{;s|rR&g*rwA<cs&bKb(6esnb<HW@}dE`@BrTPfUWgWzna|cjd##
zaN|V_ip7IBM!uLT%~&DaGEVzjGz#O;Ydc3`N?$F0fSlU~mgsj4?_4?sFOgZ>s`&^W
z%fJ;O5ff_tW&YN^F5dC)StDr-w?8)YA*Yc!AtK-8sl8Dyd*{XuR!9|B#f@7SjeEY7
zvYrmpK<#$$1>_1TizF;b3OLQKG{&Boo``517$L11Pbk{vHBK`OJtsoHSjA(zL0*Ev
zMoysfP$N;Z6!}=q-oMQJIQ46u;(bC(ji3Xckf5<nilr9-w=IO$B2SsPSHz@iVWB8=
z`o5q;<U^sl7(wke^r^)a5{Mb2k%Po<w=2(+lQ$TD=Ld438&b~~WTtT2GA7<@*z1D@
ztbY@z1oHL^1=9q3!urUV4~aMEawIC_$ZX5zovX(>@wJ+cBax>aT*S0%Rt83fv3m83
zcj&8+BWuRWjys#(*l-?9DxcQdiDpAwTF^rT9wM)bZ_k|>Tv*lf(Lr-79Nd#gyvd1O
z-cxs>B=r_Pco#6XB3)^K;w9*#d7_?Wt4Ck4l%*d!bUD;zE->y~@}Tj9)w-xg_3p-2
z!N%}v>L_QnPE5b6i=JGI$b{^Wea^)0apMw`Y&D^aM>g$Jrk?qix5`Ns!yD|O5RWa{
zntE16v$4mQe!T2>GTWnxBNY`%TBqHVW*FE#y%&<UbU6LRj=7cZLQj-{KvYNWbLvig
zsr?m6-F!5#9V?Bv^>GB)R_-$lh)DZNI!#SYmUQ6Skl2~_w99H*#pIq}zmH@4{bDFS
zGT2cUW#*-__z<vW_AY<cC4HHObHyhAr}K)J+aa;I#0hbUqpA6;GVfohn;WitJ*cXl
z*%(>$p4pi|d(WI3G*gV;mcU~v-U?x^annc`G1G}aju7nUa{nx>xRd+juI%{3t@NeY
z2|bs%m8o*CIN7h5iJg;N)uIM1g@?{Ul=PZQhiVOp>RjY}Swruoxto4k%RDwad@38a
zxc(4zEoqTx(8sK;tRYc#Un^wg%8qXL`Uaq4ZQt*-3<ukCWgoVDTer2Y_;gtCY{`db
zzM2zo7?YjVb88c64G!W3+TLymdMt`4ZPnBJ^4TKYHLKhPOXwRs-8H{NSY@P%cG6Ix
z!#17Z5l^;18hzxYLV^g}ct?_x753Q^Vr=jm*Js46lEc7kT$eR8?%1U{qj3KmmU5`z
z#vdN!FQ)Mm;_~VWooM@USRe5fr-<myW75i#a;wHT*>fjI5P=4WOfTfka)&2_Q4_qS
zueu@*#;a#{2pnZ$FS+bJvn7$*beXGUgAYrT-o+8vwL)9gQY3q?X2twi+H-|NBC?H%
zS@VL{we>nluM%;+vG|gXaigb*;N27AiB=93U#bksKb5#ybB>xCkH5=WULT4^_cxqO
z;x0=cyMj1mP<9@^{~pumsU|{hTRxprtg~WKvatM37VT}Xml`)m;p(<PXDu?`?d=k=
zea-(6NxmtW(sY@r8aw1Uez`!K2XV2Dccppcs0hWG<Ew5`J7<}?ROYZmHBF2PYEzOi
z6Y~k?6r|hf2(^2p?8nJCrgUkMFxdn+qO*h$6mcBnsZ*jsKsUT4lMTE&sVRG{%4cab
zZ<7Dy6CfHchx6L=2%<vm6dqCQ_=xJw=Pxgt%2I4VdS4MmG@VDF0Uk3}Cb9J7s3LkI
z7gKq2#ui(?ACWs|vBPY;-|JT4(`8LJNwk6=xWh0<GHLF`R6UX4Ic``sLVso6<Nd3h
zqY7&m@>OvSzSSM6BNAAVIFhYmE3eip$Q?8EKOT<WAmW(um=USIj=VTR;JQ>fCM)KW
z^{E6y&px$b`P3Qe+oP=<--)AH3U|cFa|NB1%a!SelW#irCW3d5^uCHRRj&+5dGljD
zvF&K`)W6T(xN}6=2rKz!@Rd;~RH3x@gZ*;BI`XK9L{l;S>DFddm9Cev8Ri*gsV?6r
zZ<Ol23y*tPAJc<B(BJq#<`-vq^t)rr)_rwc;?<>fzKa<xr5?$ek7m?m{x@z}*wuFt
z5#GRVOSGc&0qCfQ4g0tiYDo{Vv6tfDB=uw7;cNG!>h#+h%QY`6j=|$0?tTMdqrbn~
zF-bG$8Kr{UZepKXlLUxUeACKz>xVv-OP`rBc*N)x>WHjq2BO@F^UY(EJGyi?#Vfp@
zxH35J(pD{P^_CsxF=p5ed>yU2MwBa!6e(YJo!+USyG}P=OO$JXXsbL~aeaA(9+S(H
zX}cqvntM2TFpfC8mtrt4bu4q;g{X_%t|!4oa6OoAJafG$gtJHHqf*qlyXDx5?IIEj
z%5EyOW+=->*e4TomQDiILg%!nqUjYVRCCm`XQ2nYM>dO{UOP1zr3~~)T8y1tU^u?!
ziB+?no*t!KtGwnX_<zF+<P_g+T<*du^G99?+q6RsdN#h_z%uDpi%SHGNif(sNxYO?
zRT}rzcig9Q-VH3x>|`UcyRmVKwq=@TeaBv`WF_~)lEdy%tmtY6YSAvW#@PQ$s+}u#
z%DfOYSuX3+q)*rJoYwm?owp%T+63*>Oj_?ISl&tE`LvBq4lY&J(Q&(o9}tnxJM?uw
zHaj9htUF1~td38wo^9=4up940&~ZCMrOH0eJ=#4L2iJ)16Y<=ZjHYjuci@IIVaLF1
zJW3M(cA+iy?K{jt-FivLm2b;CM!7j&%UfyRQk<($thj`lYr~o>sM$pY#59JK=612P
z1bYivLE<Up7l`)|(gHtwg8C}dCsLk@YYX*e(RV>?b4@<>>sRuL8w!j-xW@6zXYVog
zVtUaZI25P!6+Pt@M_&*cA5x`17?@=pv8}2+jHsx(O#AdT5*Y}fOj^2U>$?msixi2O
zsN6D1`cBhC-c=~hk7ICa@trd*D~@7mUAc3Hm76o6ZWub}cz!m-)gV;bfo<n%?1pvj
zL~>wS1$N7lKERpUZcyTY*nZ{=zVng0SD-%a)6=xaPP6L9G!1-^tzOALsCtb<^SKb5
zMsE?flCG+x`o5B)BhnuQz}y_MSZwZW_Zzk6^j2GrF*W{@M|?NmQmrYPeq4*A8dsJw
z%Sd)P`dYEz@+j{hp_4b*9q&x||4o1Yl@RYLi3(g0AT<h`cb)E{WM0TN{246#V^iBn
ze`D6AXzcb^PO*{+8AMHv?y-^ey(RYf%Ia5I8Zv3GMyvKW_LjSDCU%+m)NXs6bu1du
z%2?u67^eTuKDvDgQCkdyZ^`J~!`Bshr^VM@br8o^P_+IP?R}CnE7O-6`P^S)U4C}0
z6!L~wZ`caYZ39?ug~Cjz<Mg?ExpjJs{*}aJ+edHny2k5d%Fkk!xxSYO=B`wQj2x(I
z#?I5HU1xn@?Um6#HJoC$a){bx9#i5IAQdoL!XFTy9(7wQ@9DVyr+jDEBKsF=Ji&ru
zqrT$fY!Vtv`9_+xTLJmpQ@S0UAh<xKlf6*ztOFaBxfQHy9Xn%PS$ehYkwW5Orc&=`
zOj1r)ucud)>5wuBPoK%5b*@DCn=p}!)<r{7#SWw2%ylLkM+hpve5%QkTo)dS$o#O;
zJm559-Qi4TUHnPA*E;gZ%c`uh#dOj9OSeq0kdA&{|DNZk0krMs*9L8BCv|K%`iyiY
z=h%ntWh{IfNwlf@w9q(`_^JBS(3g?KLr;&wv|u5uxKH6{iV{p(#>vFPJK1Xml6uK|
zH7e<gyIy67u5&|<@Xbu8Fk*rgTUs9@oI90d!`u9?XZ)^xZbfJLmR|jb)#~qrQW6%3
z42u?Hmg)|A(H=TMM^CfbJ^JxjFXss!j$Vt|^oOxh!%w^ucsAOcA80TdJUWTRMlY`3
z9ztR}=WZdH?Y5$hWi2${YFW9wv73<oY~su1!-1HM2@Meg6zQ=fWfwd8M|h%ARI9iB
zefwh$w8}F&tH_UgJJ3JHI!j+UakT$}C@a5EwW;4Eb$&Ii;Av;N?suQoeQbFJ_T%N0
zCV~y^d)+=%9BhyH*9qunC30NfZA6+KnDw1YKL6EruWFhj-y+-2^nq!sIGTd|wq}?k
zmaon~T@kc6e(Of?_`%l&Qu04MC74WLlQ)#qRk6$+LC7vxCT(uCm82zZJI>Unkv4r&
zp(^Az{n;p6HM-hV|Jm#^Hd<^}_C?e;EM_Sn=qCf|K+5E9qZHdGX+ew`5`SaYxTnj<
zvvB*T-xDA2&pdN&Tl~`^^`2#u*|)96KD1b>mt|yL{v<8!HnzfpD5agqAx<mhF{*PX
zLbG=oA6kf4J;X`|Hml#K>E!QMy<B$RRUurK%{DZl;3$0M+d;7bD%UJ3ELwHCLNGbT
zc^tES@4?3i@6KlEAP)ZU-ET#6hW*PeJ++ZJcjI=?kx=OTOwmMdSYN55qEi4QmY)-u
z?Lu{YZwQ%rP)f~wQ(-D%Q-sGW%{qjJ`HVWK#WP}*6OZ_kQT|CB!o{Ip^`*4<g9{DB
z3!Jem2VP2RSLn1GxRMb8Bx`Xvv54NVqN3={(7uh%l9EpFwne{hKai|@#8ZX%rN;sJ
z{9p7qgjD?6_Btou{>{)|Hq;T(pK4V?3Wm;CPsxRaQhw}ZPZsQaN8>}eU>24U-@fa&
znb8*=T4XZq`CtxHv}r|ef$kyg>1r}dR#)m$QkBIHU^ZINzz!1+FX{{JD+;ade8iU8
z6{;?3)EgF0$Si_V66nM}%FsrbCeq$vGfh=#S3)Z_vvjC7x3j1zi?TS$w?;(TWSE#3
zupu7Ll@*0<7KOHNEHq*^I<+!;dV$0}?Rn*P^J8=j)MI7^$XljGoGpCGQEF;xDr%kW
zN^N}AY487esQ&E^6wlr<OJ<eksBKnN4U@G<4i^#VN>lGrZ4-(-hlKILQ8G!AMZM&-
zAQ}*^Xr9StvABhU-lu4RP$z-T)tdo}xFOKAr%Am2sAGV4JMZQrYM)0E)#GM#eep5q
zSqRnwDbgt)90?XolY{Pjq+$~6;L}W&<&BN_anO;qN%&$)+)VlG#b1w1!b10gMYp26
zXCo#W;Iwa9(q!WjBRU7guEtLZ5gF%i7F56e=WG0tAo-OMFV<0+OW2B~^Pz8tZAKHK
z?K>CFWtd4!JZ+V7kzwBQe7E7@{4SI#cHLEM`i@PYBO1}`cEpH^Sa8os>StR>`1X`D
z(jwXM9Ts~vhW0`s#&#wkd2y{I{u%|5*<c%?|4`uVpI92Vlf-6!aWjW02%{rUdLUh|
z(;9vE=R@75w{!mX&j})-2>QEfK3n_E^G3WODKSn326Uvs-Xa#~5CDZy)no16W}FZ;
zxVOCI`LoMaC_6ue7x6bgn6aI&`L`$xPH-AjsBwzdp#H)J67D$1jekUB8vg4o-{_tf
zw3<4GvyZ`mQ_OFv>wmSHdHO#^8@77FB-a|;65|LgW`4`Y|FVzyZFBJdsL}k=wBZS&
z5?S;8C5jE5#2;bqUwYa9v!cwX->)mv@q6Bj6WWF!*Wb~e`||qlgZl4xnDDvovA<11
z{?k8)Q8_<O)aIWHEB0R(mTZ>V_`i{|`5l4(<B$3N4;K*307wO;W{>@@X>t9)e`WDt
zhcJFPDd)A6|IYCga=Mp#xc+St{l9pD|Msr44^aMx_x=C;v6@@y0EYW56ZGfv{sWbJ
z!yfm7Ds|oWpX7!7C$NK>PGkHe2XPSR+rRJSSw^1o7P0toTPY|N#NRLZA79|VD*$gr
zTZaCJ_x=C;vG4D@|4dzOMgRG{|LmJUrMaF^-R<h%ADsfBdr9-38*Tib^T_|=1^!*1
zDS=scIUV3m0y=rE0oTUwhLXQ-bUq&uhtmOCXmC&9#`;t1Tvt{OHu-gQ?Hjy~cgXxK
z+`i{g_-tj8B%$=58-uGVM6LZeVUxznsxVp$l>ZmjWy8#Bk!IxeE=6GTEG90V5WQ^r
zIp&(CX25yYAGd#*urwIvn%F+^?}&33u=;RSk)`kw-KRP=0>{lDRox0QU829gzR5MX
z7P@Q)Z<F}yVj5ba+#Z}%zZC9UIy?i4(5$=)qsjvK^^J|n=PZI>+^!3CegSenaHi;M
zISq161Y@l4IP0}!Bn(ROM&|IGz{_b!x-d6Sk|4&(tbzkS;Z)0_xj>TYN<<pG0qadc
zjsX6anVA_-$;Ny$493{R1-($=cB?m6R#tv<HnLCUuaMA+FA82@#KE!HuJYDbuHMES
ztAl$T9vYEH1C^21anf;bEOi^HGWbJ^hPO;?_UOJPmz>r<{ouwQJ*wa-5_op)6QGNa
z>v%#j8Tpd*-cauSvS)^UAp`hIOyPV~A71wp8QfY}7EnH+mRISh^ZM79x^GZkB&uB8
z9UmVLl7a|DMK(4zW!6C&p8bNw9OcR}r`t@VPKb+7|DM#d(?j$I!LzwgyQfQ3mswd`
zx-1Nd-9D(QsWrU4c(zw{W{KN9pQq?ue6IV@y3h+d*hJR_G5Vfbkdv-_FZ$@0yjKeW
z4QpOP!9!4n0z*jw7M2-6vH|-vA1g_4tR;`6{KzbF^D}`cv%oc%`kk8IzoS7g0))UC
z9yx^l(S2*ek2^?P1>`u;CjfQ15)KY^;K2yiu1SJsM4duvuy>#lG$mBP+<qZ83Yw*V
z#0TGtgI&=loOa_$L_GC@t!FDp8$Jg92kGUT@-%n=^?O-!@x$+P+JeV(OeuqngX2uv
zu|PmXhmOUniG#kCdj!k#+Y!mhRs+6Nm7qHI_vtMFEwzOX+R4bBV!*6!f~dCyEfQ=X
zBkRCgU=O^;zHS0#NdxEYX>R`BwFkgeT>wZ2j<0%(M1#XjXUhJI%c%fEF8<I}rl%6i
z#c{uYrP7?K5{U5tvO9~h=NU+w#mPwlP0sno_WesyuuL<EjE`5MrlFyspfIa$RIoHL
z$@tmk+#C>ksUeBj(*564p?j}lX*?x|%_c0c!ARk|ofxdKK|696$WKwWKqGN=-37vX
z2q2olC@)`}n|leEgdnHe49*H6r^^6J0F3-fa25eJ>bsaTQ;sV`g_(dM1*yzkfVp;y
zfSnHj!n=d@bACS%WnyBdfEUBuaPr2@n?T1h+A(P}J$qACH994liCzItzSV3Ae&>Aj
z<s56jknS}*$_K$FKL`4klwXqmAnD|IXmastm`P3NNUa(hdxDC>ofcjdzA1&D{0+Q8
z*1oEw(%BW}QSQGUy`1YNnQV`yt6*)n+o2j>2BOM1LMG7Yy8vtX0q4j@=Q6qm#4DgM
z8i5EX+!b>G9fPKab`Z$4f~EnOtiA!zEhy{&NBRnAe)toRgR_DvV(tPRU05+(3!HSi
zr28g&11L4M(t@7iT2{`aC+=*|?jfXz*W_SE4n9YNH(2vnV`_*xd6Hkg^v&oS925{`
zQ0-uzdXPs3VqTF^OiBhSaMX_5?<w(z17j`d!}n^wlTwOqm@%TuLzjmSL$T@_{#dqr
z?k~o~T10N(V$*(e=%ibB!rSS$KX4I(Z1y9QPNCJPsF~kc9~G%gzyObdx+xe5=mYCh
zLqh{l_Bc}fXG<;JH$c&d*fUFYQyfRtT?dqPA9&*RgIuaqGhqCq;ah9IRfhF^%$6J)
z*yR9YuLYhQ2z`RX(H^)}0PQo@Jkjyauj?#jSbky~nGhNI3~dL>9=iA+UZ2Sa^)Af#
zo5R?bbVj8C-VOZ$XWZrAg_g&nNO)deJBCH*g}#Y=Q`D**Z*rPl`q_mqjybI7*<Q7#
zM%>-%dYPs-D<^083^V=l+p0}a1>)zK;qJRR*9H2_7F_M6e<k%9z5?N>0{iJxqkbej
za{)IpfTX~x9Bn5?3v5JPxS1;z8=XKm1mjcs1n}kA&M9C12u$ya@rDPX46^i30kop1
zs0fZ~uR-U5{K_4CA|fOb**I+|!A1Iz01TplKLZ!xE;xDvp+)GlQx#3PBo9#W;8N?_
zhd;_l@VT`H$Nc5sX*>{VuzF`zYBkXpWoCJ5=-G#gUtf91&2ORiN=VIxSrb1_VPRnz
z89hAhY$>YmCj7x(OwDaBgdMfg1|i)M%c}A}SeZXGH>>iJyLqTEnTx&A<XDMwlRq(P
zsF=-{Ff(J~)<9_JWE7+8@h-YSVe^+5V&q2iH`Uh0B>?|e<uu__5D|1Lo14#*s!K)4
z`Wyj|0#5H#@rVt0qeVBjCyN(?N)a4yxl@;u5+PE8gVop{jpo_2FMx!ON|L|p<RpZ*
z-un>55ZVD@516aZpg^!-Ud@>M>n$ah!Eeywsh<dlUg1nbfzSY|7_shf+XXo0x^(M=
zH`yId0qwYX>gAlBUkFL>(b3H}Wa8J7xj0&HFh0N07nL92a{ZYa(+fHAaPz`Sw*9(1
z!8kwp^a5Rafg%Lg8TFuJ#a9w2-f2d?oo?9r{XJ2?zGp{(H>qOj)uR$ScxP})D1$g(
z4GyJ1Lyxc+`yx!LXaFiN0DI-S^ZqN`UG{?WAWY^gMhk>{u^|Yu9Jk)c1EL$82vG7f
z)$9=!K(hnmnCIvv+UXUnNQG3%FL7)e5<9W%(TVT=d1{4W!6kMe6aG6TVz)<Z0sbuw
zhR#k-P7V$N0?sBgYythNL8{69ZIk$M@0n&#w3J{o^j^udc#aTl)XSj<Q(u*zcp)Fk
z19=HNrH!?<<3F@4AZ|1w-#xqnM|Q${-`dqx%uVu&85r~op#&XXv^F^Jt{NsQ-qQ)~
z>RFp|$35B#EruqR5X+qZ$#*WLN(m#t&th=>{uILRB#~w>fNy~2)DQk}6DLK#0OuC0
zpy2ZYJe>{_9B|Cn!L|>+ebkftz#{~@BF>BrAfzC1fU{=+z3p9-J50}c{TBs+j|*tU
zVVg9%?LYZtgw^1A@rKFZ^&!Vc12O<ihD)HWt*xY_BrorG@GA1sx+s6PFT&)LHq*tx
zC(SLk9C8j04j?#nU^WimR1n^)pT8hiN2w*+MLmAbLLof49$aZaV7LI{YpGe!m1>S_
z0gTCS;_wr3Kz6W%`yTlgL{kj~9PNmevJfosG11X}H^jUlKmULvnjxUl6teg$?y&|&
zd`gH8qluel3$<$r*=#>g@dG@J9K>jWxK?ToR101Z5&>L2NN2c%3Kt}^3J~uo!ixc&
z{^kCxxC56d;7rV(u6WPF4c_7aw?wxmI0Bbrt}U+X=j5f{T>WZ5oea^({3?`|2d^FT
zJf2M4a&{_2DfLi@jSUv@f;i<tX|YmrJc9Oa<|*ZTc_3OTtEd$EI7-XN9DyV=4;)L_
z&(Bs9TA%-}dLLB|50CwC6Pgr|fi)x}q7};nsc^A7Q#M2TS|+7j6pGFUULZC(2-;%6
ziPDfi{yZ|GdyHSw&6jO~Gj0k*UzFo`!Z?*!ubV8mlKcsbQU$_oHr|ekr86#620+g)
z<+vU|I0V)Xec$ikoXsF}M^Oyp6qP}z0OG+%P(0EH+az!#RIq|F2^4)GI)s;$xByWB
zTwB0{Q8gCl$_R1a{L<SkAoPiW|BBwQaB?>8dW^pM9^zX6xav{fyQKhEic(AX;*qbX
zr=}<=Y(GK-fol&x&9AUluzEPt!1;pU2CExJUy-me6}T5#dTy+Ie0%}|k;-nfAK~}{
zqxK?|=Bdc)er7t>uIL-A1Z*0ppnH>8=1D>O#*B0>|BPJ^&6atA6N<wT!c=l>7f4B&
z?e8X6`W!Cm!#82Im2_1azNJN`Tp4ddQ5$PW=0+SL729mWfAz#qS#=h(d+XZlZRTmp
z{4wt9p?I3a&3x>Gb-0w`V9BJz$U(!ZgI1%Qyb#ameLU6AmAuBvTGm&plORY3^&n_P
zPTEbtm9f1|kIO>>|K-%P?`O*H1=Ih^2?b|HvJlyGI;Sj$ZGw`X>M+^AOb)dJ3y<Mx
zoJc$H-Tn`GZ~Yb3`o;~@-3;B`F@TbiLnG3mfV8M6A)<uRJ<=^*iYOAI1Bi5^QVI$v
zsVE2%Dj>phZT+5Sz0cq9u62HL!C_|a`@ZrMpcLc@G#;?^=6B(mY3?EvY|;V#=NO>t
z?1~BsuuXtm0^V5LpYC(#L$`E6KuPdsba_n0<dV&p?xHF$nkxX@Fcykj5+>zEH<;4{
zFs#O2={Tl|dtU&(4QPAJI<QqL0-ujKajIGG%WLt5z0}+;Bf5VGB@Qr0V$uShw5gtp
zBASHbbM>`$nJpsbAQmDG2eINl$b&k?GOi2|vJrW+*)SOk%E%_JVFv1Gc>j_znmy89
zre)q?XkUR#hE}*rZRf$5U=kD^Q|Hfu7qiE?i2EC>{dGH7w&LG}4m+Qoq4ul%ZsB{;
zU#=@g+^-B4XTXKG0znWE{juEn5VE-s{OaD`!DF)V7C^BB9e9yQSV(A$G72$12f7lM
zdMK+ULjDKtg9i9jA*QmBibKJb5DutqwZ+P?OgkKz6=)eCj(!835`F~*t1fp2@vc0~
zI^s(Gt!WAouK*TJvGTRpV6}R<N#i%b${JCf0?nY%&_gJ1MNa3VAdNMQPC~*!B%f@6
z9L;tM3^>Y^#l<f{6A`dE*Q&_%C1z86gC}ZZ=Go>Q#SbOqdf>tiOj}@q4Q=`+Q0?${
zho*7Ldzu&+#9O&CoS=FJtZMR`=za(@KS3X1477`M_WQy+FbIPN9tIYg6v$-_U6L}M
zZmiCT;(QqJ)J*cBWiiU7i3MbS3VFlxY3E`O`zx*Ykq7)tvVmhrF9>e8cdno`OLF9)
z3>#x#afej7=vDlk99)(H{)y!Xsvi|2rY)4q)d5E`=lmN2v<SCt5MSLg(RWdIrUh(v
zq@qq-QS52uWjYoF%KNqv{k-HYAXY+Tba>)L-wV*+OsR8$@WrvZmN#$S1f7i<>l$VT
z2L7t5iV6r~_rR$Hmj&S!*axlOp3Z<OjVhQEKnMZbT99|EraiT525zpa(;zb=2NgGM
z(C;?!*&(PY%7DG=<CCfJbJ`7>oovOYP<=+@Bh?x(kigln2M3%>F~^o&AiYCAR|V;L
zcvQ~;I1e&%AzvzUIBE2uk_8X5*lH-szXI`3Q&SUSHljuc740V^zA4uEo(HQ|GZ1uw
zN<c0EdMbo$Z@o>EV;4gbpOBCTj$J^CZgTD<u)m_#0sX*7zkV(-gjQxooL%7b{n*)o
zUwH$z3g^r9sHw`2;EurqxjbGm2+CA%fO7?0;HQ_TuELeRnGWra0OLat0RqZrxFNy_
zyLAu%!55@^=&LA`G{Er{*dnn@>>X4S{GU(g98nYnAYr3fD{U?{^UmG2@nm1elT&Wd
z##I-XOuo}Rnk6ow9Cl$c5iRR+l1aqL@jm)n_8u}$pF8Dx;-j41M4*lu+c;;kuU5l;
z9BL3T-*D-U-L~9-xAKp#6E3!Rs0}(-q2EX3U$4(LTV5)GasUb>#I5%vba(X-6aYQH
z&A?2>rSb&iTOdd|fxf_d%}6ESKSNVyVr)!FMHLFxT8Ig$d)j$0#f7Xu2Umlz7hce3
zuq6SiIXrzGjcp)$yTEzq#hW#MOQAtMj1-s<|3Mcn{s0hvH$y@YY8Vt^rIfeOQRco5
zXNuJJ-=6caesmV{QZrOT0BVCasupycU>Lyq{-<E?J&zvX>w*vsMSC9qqe*Ct5f2o&
zy(QC?#yLQfsdZ}0e*;QG^YET!N%G(y!SS9n<9oJPgXBnlOk!eU7iBv%%tFkurd2?z
ziUfddD|9x1I)=Cl#p1gcw_2ai#p2g~_>pyL>2D&4;^*KO3)y<fw&3dJkXTVs0lKy!
zzjIcZuJwKMy<@SkHc##$a@FHC87*OunT8Hhgh+EdHBI@SpDvvu;S_Pd0BEy@^Yq%m
zCFW7QT43$L3gy;qII)P;*OCWt$uB^_S_IJqR<7g3AutOE_XZcpzpU6WXgW@vKYxB-
zN}Tf^q8=(~?+*%SsNQ)Hot_1LHi!qgHo%cvf?6L9<!DeV#b`5d|DazvU7(b<fmAq9
z9fJb3$RkN(2)W>H{3K|{vn2^%5)>=ihH_-uJzug{cfJHe(od?J&!dKcB7kCMe(E*G
zPXg7*Nv<^a0Lx<HYoQ>UBWsd~<qvj-5)u4}J~VhFP0Gh0rDG>4&*8z^<H3-S5LM1(
zDDvcP_$kqszW^FG1l$Ww0aVn~y|GaFsX_2Y>R$-)IuID(cZyZ6Q@FIqVj#yk1+6gU
z7wF{2Q&-$?dN8^3*KC0C9i8DjAxF^l%IY4TKlqc)KTo?rHyt#H_sSAD4a@@e^oPo+
zzO1rMIGobV#5S36!t)yczj^pb#JhyMKHrD!;l)-yCyH0(MN~z4$-20nZ!SF$pKReF
zg8>A{H1(XH1%(S};m<c+vfjp>V*Lr0Tc<!z0p3CPB<qe3J;a?%Y0#wWxO)~D!B8rx
z+}H>OjQ<n9lm{?805zLLwFz*1=pt<c^(0Vz8;OUTFJ)Uh3vZLo)Yv$K4J2ZpT%Mw7
z0{yI8z~ek0{6%PgcnamW420zU)$$Z0S+YhL8o*0&1WzMGv4)6+rY4q(&7wpTX;BaM
z_ut501Y9`SRqw&b2-v|4lu(@t%+=@lAtv)8MK`->WYJ>JwXiTyK}rm`EV=5g3Vu#t
zlWg|T4!wR4Y?khUT2ALKk|kp(S-?e#j*ZG$$sJVbBJn{$5sYKBfNVbV<l;4u5y@Tz
zr3Lpww#Y97;)umNu;ro0y3Zuf8qefucDC?jo<pa6Es{+Xr5pIt8;lz=K0p&LOj66C
z5u{4cTcEWaE?705czN+sBNt0!DU*xbP1c{Bm3qiU$uy3cd-s1c(7TR_fdvq@SOlY>
zbMP8~eh-yDXcJTc0R@Cc5Q_E*@D0iowS$xl0cHXIJ?#txCL^N*KoA#)ZV$o?%KREk
z>>wP0&9=o0{{ajnW-W=^_YQTnFMWDdcn+LOq0vZx0bv6s8$FP|zG+}`3kpC{Z35^D
zkV;?x1hIq}bOgE<GG9PV7DYl0zcmh@0COA819ln)WN_5TwbLMzA0rN_AXfSUB>Ny$
zV!_Pt?L&L$nOva$5`pIx2>Av?mLEQq+=Ipf?FLszlHjP6%U1gc!cPcXeX#6_UXvIC
zE*Kb+rhuI-l}pDq7?Fa&;Cnb|!8<P%mF*?npfmeA^;iRZRKaZtl!31v?rpJ}p!xV*
zV1!9bfnrq&5UmlRm(~+3Jb8uPvhSp6C$Nc^sbyvu{$2)en38(rxYM=`e*CLD4+*E}
z-!cbq+78M3IH<}%I_Vsoy&SN_1U41)8Ju83K3b|X2nLPEhz)Y<4H;J?wu4~PmOxrg
zvXhe&gxPE|mLeDUxa^8ou{olTAS8*Od;0M3>Z!&gEVcj!5HL~dr8Bt(=W6%cT<fzZ
zP}`+x1%YP`h!gIB_mKkVLBY2L{lY3Si2cw-fkH$L2)T0Ye1$&`?*ieG;45|Lg9qe!
zm`{8=pPVzF>23xs+7_QqtXZb?YA8s96yIDV$JTe-jSrPT(&~E;V>|QZ3N!G9xv7B2
zW`Zz03V$CCQ7CAujRb%`0|+eL7A{aayTZ~$BnWRpP{S%kJCQ04gvzT0Pn(+R(e6C5
zd6XY2h5BuuEfG@ocbccCAE;+>(&)d<frIh)K{YTY+&Bw*>0qrH0#>+4d!2tm0#eKV
zCQn&cE<ChS7&wCHTS7|8F{n^L+(jw@81#biM<6^;umjwM#=HTBEYavUA3q|`y8x6_
zAW&^F#Zhy_s+o#BV&&xEXoZ<7#A&#mX-XOJ2N1zqn@8`V?*yhe+hr(?AkRFus2qY@
zU>^Y@En6@;?l{?EtoaqRYbD^+LwvpurlZdAK9I!xSHdwKZqv7q?L2H)EvZ}JKgY(x
z5+~GZ!V2erQ2{)jui1gVAu~6(y5Ay(>Q$Bm3jxDSx+X`t+ZpKl;cwnOak(#^H4K_q
z2vsoLhB;gI7ZCSw0c5|s(s@wzfqr@qN+r8C$aRrS;3>HSq0w#-Y9Xp_=N`L6<T^kB
z(a^P9$#iP_ET>p^6LN=h6Yw`ccluxF@h0^Vlt>o;?XRX7Lgi8%y2%io7^uC@wFO_-
z%go90h8y~G(((+<KR!nf!c-b@GSh(X0CP~GV^A$YtbgI>yNmAMzYn*`?4fyiUq=KX
zJvV5Lwjcd?3<9IWpp`l}2zom0An$~@SzGN)3HnMvfIJT;y`!UJ$|>aZ2bSM32!h9M
z4qvnz>8oO5_{4nFe!%B}2^$O<x*kA}jDt7!;>C;U`ETFu{PA*bt_uU+A|%jSi1kpg
z!V>~d#$TWgGQ9cm%-xfB7N8Es^n>UM(DD!7T_~1<aRJO++0rbX!#o(k0RZxg1Dt#a
zFJ+fN3OV38)ZL(Hmvjm_+F<ec=kPFJ(Z>ncy^wODvxs(r5CmGP_d&rW=_h#JIdgc*
z*f&J$f{H4ST`CAs2&$=Z4#G~(29KKT*Vi{m=5;|(hdpsk__x96<$6c)f455hcREFO
z$iRC7x_j^jbVGz%PlG^aS!e_e2k(g!S;AjMOmf3nUwwdZiu7FYv|v_@j9=sYL0kYz
zyG2qYJ;4bEe~f&Eiww7bD)Iwv#RfF5Xf%BxJbIAv-kiAi8qA9Gcn`j4e}wz-1Zq||
zY8>jJdr<1@T3c9*PuII4F$79QSBCeX(y0vb5o%u~k-=&K+QeWu)~eUPVjySyPTz;_
zH&sjOBx1Xc^n@_iq09LADo2!qdHe=w2v5q-!gIdJu5nvU#oppzNY&x#xmGBq;C0fn
z%Hr)nd^Glh2Yz!ro(rVcbXQ@+0ZNNi{tc-)IgLt}N6eWYgdHEjfQXu$ytL?xWkL~1
z)g@waAh!wHzz_f`fr0-J%*Yz=lYaUiCBskusWz<8|Gz6~a`ilYu#Aw9l9B?23UTqF
zpDPVY*QcYbvALO<f_mv1pfQ0=g2}B)i3SFy$m@C5d1?^Tq69PuZ;waU9UiI~oX;Fi
zatxQv2lfs|`Sj1wK?9VbCc|a=r1*H=D9=!<uR@!L%D;LrX;0)kB$uDn66xL3+Z`aP
z$6(WV#>*0Z_$B5CW0Zr;UGGZyc$#P0fL~mi*g$?As=>^vjJmL)Yx#;H+Hm`%J-B4S
z$fSnv@5qFs_P?E1EgRx22i63TUBZmVlG%{ami+f!i<j*xchJD1yy&?~k+IAX%5cBT
zY1xnu<b(M5@C|49Fq)A@fp>ZWh{QW-cFC6WP8bO$3T9y?_yn_csWeS4$-WkIk*+4n
z%8idsrDJX+KKsqNz)spsfTYBp)1zA7u8JH^dwMC!N*R%%>TQu*U-;>z@m*%{2F={o
z`bos(=r1;%5j9$WS5Ibdx|?-s^Y6#+hL2zEJ^P>TMCN4@cn63WoN7)Zy|fh+Zw6Mq
z$?vC~vxqL^)zqEVmJf6gMx)c%f1eOih>nYE)e9RiMkP2wb*F0=i6L-=v3N#$x<Mrg
z+G5v@VXnNa%zago26Xo&9|hdAj<mVYRMX>`U%`M5x#EE`NyjVTI`1aw?(UUp8UEa{
zf{85{JppGYe_agLuR~w)*<zpW1h!FO7}@HX%`U&r&q{kfty#p!YUSyYQTcBkz}~==
z-eBHv@qgGG)JlHDKcBfN!RP59cB1usSmxod;<m+0pBWdXX)U&((gfl4OrtLb^iW7U
zxTyq?ZW|<qV@d{ih3Bg4<FaMx9#z0TLr$M)U_NMQbo-k@%dqCtIx8bt<J&8VWnOgh
zqVN3_%_A!?)ypqW$hk@deGwIj%q(RSeHU7v#Lh;O8#xkhl%HBE(}*{tHkisU78J}E
zes(PCEE^YwoJ~;oTsC9j|NG&OKgiNcqg<t(pN&MY|E*gxFB8;~(U9kbv3iuW>bsN8
z7D1z%m$8GF?I3Pfl%JpPtsPrt72J~_%VE>V;VMN?`zfJ(m457#Y2v=+0oio0sKv#=
z7LtK=lj135mU;^J7s&fA!*$t6i`^AI_nDe*LGIc0d%s1i{#sU*ITSm@KIZ36R$VkQ
z93V{jmJhD5Oy)5w7lqx|jZ*9;e1Q~9Xq_D`wnRmfXHcV>eV;>8rfon;<oH>VN#z@<
zewWgYg2WRn6DB_*kZPfq5KPG$d>SG?;L%Gz44A4?ZTmZZnW7^<H61jyD5NEmQj%&j
z+XP?B{_7F?=~Hj%WFUjuG>S+j9P<!2K9D9hE~K>SZsHx5l#Kej0@#XP&#F)~i5~v&
zsZuoP^QV6s8UH&5^6l@1uadJ3CO!5yj3>EaW+3t9I>SOk{$uw4*?l35zJLGyeG0ST
z12(3K!^?m7M#0g;0UDAI#sBx%DQc6y<;CX^SUeYeScL3~0j^b-fBNBrB-e!Cu5{l{
zx5|HCgrmVD19@#$5iRV0|E~@j^9Az;hI@l=TGQXI>%jLbep`^@>nNs{FIeSdFZt$}
z(pUumV1K_$b8?#0-T&Z<*FXe>_0n%PJK%z%xVX5gk=7#7{~I_CcI+s_9L37Y3cw=r
zqOM2Y%{L|A>8rF{D~A^p?Xi*7J^s7Bu42yDCo6vqzdlZ4f#TrJ-`|$!<52uU&A7mj
z6a%`AdWb0`2)Et%-|H6mxiKg4!NAMQ3pNxuiJP{I_3k_>!5D|?HIXh4>I{I50i69)
z?3?wzn6s7YzX7*~GD3f@k3F8jyWl%~Xq;yA=<joo9(ZdQyrhd8r~s3f{{E$9boSqW
zA8OM6ut4y<1mg8`R7VrTJ)z$Q`Zs#AT5j|I50o^;0l+Tg3EuGbIrDdqv63HNlL4k*
z>FJ9HFMEdL6_m>@i~a*V3?W##-Pi<Q7on#Q)~b+4H1tD{`IzWl?~n(F!p;A=pp=Os
z@SbrF;jWm{+LCtx%MW>k&Hg^}!609AgO%fj9yj_;qwRP4&)IKanEr>$2ja{>-#4IM
zHw=#Xh_$Hrn);aj`&4InYX>xL+{D~f{eLiNA5#BAxU4bCj|L2;2?I|T@k#u<F!~1w
z{LhxpfAw6VsMY4_zYX9T(Uu9(mi4^cA&+qkM;S%of4{O74`?5piK1Tgu)x>BfA)ve
zX=FLpd!!{j0{{I~GXjYFF#X>jzl-<(1N>O9Jb0arkGrc=i3rG5!kLnT2yIH<9iN<>
z4V`eJyO+`F(?Wp$z+Ad(R5?kx@v01$>s~R)+(-5G8^6TmUs+mE5E#%4WNDe}UW!s<
z_cs1_4Rt$6zsKJshMJB+g92(yR>y5^6BDev_q~|OpSZftK%brps4y%N;|&?PwA6&e
z{qFb{W2~8{3_4P@KLjp#uX@dpi_%+qC|TGJSBjp-@^?qz(iV%Ff&a@Ni#K$IZN}j2
z%WAu8X-4O$F1%g}AgYf8Lwjr&)@<0lw=%QTu+ik>b&On~6LXJsuCRi0f|P*S6BaGs
zrk?7tXd~f)iUzU?_tz*E+lN{E?~{Z*M+>cpyuD7?Zm6-<46P@d=CK>OdtEGxC$Xg@
zp4w2unh}lhW=+SMh6I=}2)T;uo*NhV`H)^G<qGX+K-vq1=BNB7zbGAPCzCu?;Sb%z
zp8WMi-b3P-B9>n#ga}{K<!yYzVXqeJI+8D@q_)wzL;6BI6^e!sbzeJZGz})Pjby0J
z`{Fj}()DApHJt-X8GMrUvI-L{8Yxyp>$(*=PmF#+;DS|79eZs#f*sQb{tFu?{Zlpz
z=F!@JR+`xaq#XeLm^U9N_n~R;_UKPx{R8vcJz1>uiJO@8wBruO9)X6P-E=i>8r_7*
z=3xE#v)F_L7qT&4#@CTGrZXpPM?IyZ<g45+3%lu4uTzy!plh79@7(mLSRQku%^}Wr
zm#jH__R*m4)GDtQbItc>uP-u<BnRNz&fuYUm*S1i+taOY!BE+?Vp?X$)!~NQY&i#3
zB17o4Z|y;2F3}{eR%+WqOqZ>YO75p9z_HS(rm&LLl8>z@roXi0E?0^^eJ6~rMH#L<
zX?YsCn{L%Ja;c_|Y5fTcDLS#Xt5#%yi^ze=mBbCd&EU~lMYOFQe)hoC>r6U?kDhX8
zT4t)5$y~daBqcD+AN2K$_E-8edUxKS@lw&Gi;9C3srWTJ#GjB1aEiCsydpGoD<aTM
zAGe<3wl7H%SPhe8z%uMWhl=t@s${tTuIX|P&I46$(nFitg!d^jg}=@0>e_`icfEmB
z6^-qe`~(e(yqb?;2lKYZ)(08`hBpnzwwCc&EQXuMbe5MxP*)1K;f^GYvf15v?VA`i
z>Y&KpGXsNUIb1DW#c5dTzWKiST3P<53ufjCK}zzhCPHipQKJ}Y(=iyf$a16aDP|X7
z@#g&&gcHhj*}1r++QO+^sra1ObW03`4!{Tp``L&w%Jnm}HQ@EW{$ynGOrn1#ZvtK$
z-XA;u-~nDueZRII5|yD#cdL}!<cKOrMq@S8$$u=f6`~B&TqNZxtj2Sw2%e0)f4%lT
zDtuZeBR9Hk+K?MV+ZB(#Y_SdQiGtb2PCcTo<j(1K#;0^j%&Z1mkX1HJO>i&dp1hl>
zzT;%V+2dSIsxVr}9*eh47S2lb$-97=UyS>Nk$XU*LH;GGA_>;BEoK;2w+eE1RP+}K
zX|&3q8`BSL((SZ+AKn@|J;9et$B)iC!IoAbdSalYU^wbCLFNS4v*O-+<oJSvW`mOk
z$j{dXMox=O+>6KSs&EZA!7v-`nz{YFcG6H{?psYv8I{y%TJTkL$d~0OWr;6xF|jX3
zBKf->(x%H%q<gtJxqGGW6P!qIrYo~w?xk`L=wq6ptCQz#>p;QHY35FQEoz}YyGPVo
zFW~S~z0+N=`{d{|pN{~5Ks<c;cQ7Pw_kG?qRJOMt!w5xp{HfVf(i!h%v4-l@bp0qL
z1^&?OWy3ygD*Qx#JrcvG1)w8ag-Kw5v4BpjldH9f36)MAZG>eE`ERxv^0xc#_`2lN
zjQ`T04c?h<fklSYMe%vrWxHrfk^Y~0-(8Y<G@!@)3G>m@xv~q$vgk!<^Pc>kGQWU1
z;b2Cm)u2v5z%J}y%%JIopfG^xnd28Q5;by&QaiJG-~Ss88SZO84~I&C7mOT11oh4`
zbh$7Jebad145#_U%Jj+-7PiTuhEYeo`mEvja1A|~RQ}tAyA3NIdah5MRqw<bPHTU4
zELHV9N6a`iHkQCBT2w)ONtfvd!)9GtWi~M;!Nka-r2JvZm8?@-%nv}{5EewMD50lK
zyJhLg0~t96j3vc}hNns_`?C1Ljodq=$LG}bVJgQBt~}R-VdjXz`U$-lw3sOukTjOk
z)wFO`w0IJCEe8DO>!cDGvMD)MP3fD`@e6*!5NPpmbLQEZOX11mImu78eIJqDAasZs
z6cE_vo#-T~E@h&u&Xlg0w0yGiMIxhekoj7SaL6rpUS2|e6B%yl4%7{4vedMCHGbFo
z#4VN;3^C(L*oUQ8u)AfV22ghnU5^jdOWR)PBQ4}YFi#%Q#_A<n>TmJS5B2x=FZf#3
zIt0O7)FJ^58*LC^r>3IHbhHsZ)Ay6lojG*XIPFxF)4=zHGeSHE7CznF^Iu;KG`z}_
zzvum~;h|X2{v!%DVp|<%jGAm6X@eGF*9PIg8iX;5aGu`J-@s4zI~`(MgHNEwd02qR
zkid=wZrEj*p2I8;M5ths@CNqBoGJli_@5j7jS`>Vj)|F!KNo{e@AQn`SssKH9mx}P
zj^u5cwoy%?)0*bO60c{%(WtGV`&vcpDD}hd-7pm`WksQ^>Ro#ga0DPDT%YfMwS*Q@
zWsn!k=EWODLX~Rm%DY{bis~^e&)F4{F_Sqt8lxuGH975wA;Bj}*NU(atPXfoYH&%1
z-pxIYz9jy!sFTnSS8>8Lt%S>X$<Oa+y-VX4I|0EEJiN{A>{zq-H9(RThN=ULvP4yK
zT4&Qp<({HZu$&(Dl{+n2KgF3^VYqDAdy`jy;J%RVAgIW}rsEF`k`QwpfF5Mppwf->
zc?HVd<c)e(z|)vtFLo`FDr+FuQ-#alp2EE@l|8@5S<XupR4ZWI0#f-x&Me&AP805+
z3}X6CH~?c|!XIV2n+oBMUniC?RZE$`pUGTMVD3tW_pq+WkLBtLa!bR?EOr!uYlo}c
z<vd{neYtU?*yNvsm8wB$`sqe3QTKI=f)l3`>Q=YnALd?s6~?2oD)b=SMpec$e3hu$
z79t4E-v}bOzt@695YZ8g-1;JzNP+Hj=Mp&;m0IYYY*y$l=;4`Fe1Q}Lv*XaJB()jZ
z-#pdcwA;sV4SJ#%?yU2{j7xYkte(x_MvJU;Yx3a`UKcp4-1?Mv!KT*1Q083}8w>v7
z7)&`6CFynLU|u^pZxYX1l2}@4{kH}_NA!8AT%?Dvvvq!uQG^e6@ZmK&EiguafjBb2
z1Q!`t8gi=haGSzB(YGG9Hxa+%v3s|}@t?|*<leFEcH4&;`6g~Dd4AscQU&?>q-ws+
zg8?aXR(Id}?~jRQNV`?F?G#GBSKljo-yWtBWK#|p3)rluktN|S{M6(%hBb4~yNu^l
zE;G)mab9@&Jyg|1*YXP2OeBIG?s{7~{+P)+8Q_l6dve#|WqHv?#on8ZA-4SMbzHjQ
z-(IX%T<?k|2Uo1D>GJ^DJ+zgmQ*s4~(w!cv#@>sxgoZWxUb;m)xgKm0S}-Zq&3dRI
zaBy(oe`VU1c!C~Z!Qjp}T}n9xOFcZ7U*>phzp{veBdlff)PnqB><=F_1{6-?Azij_
z4@qoK2%)~^y|;NM^SD{N<`ln9y!CFDb=HfMlQWkhlF6p!P<e8M?_RT{>T(YZShN;#
zMT}i^9a|4>$zZ7&Ft{;j{FS~3ho^J`u-tZF+6Mw}5N6xJj<RTe*}|pDe~GX=FA#B%
z&g8(`$MUZ<Ccp0E_<b(%r~7&vY}({OZvJR`87xHD6};$L2_Egmzyc&9B4RuyAGA#G
zfVUW72CRKZh>4X?<j;gzS)tAe%&>+mz-T%Q+!$bG%PS9XML<E{I{xzugrsxY7_Y1|
z!am2vp$cmU>pDObOHTAN7Q)g5E>t|5cgr6BCo&S1ceelvC;t`TDFO2x`0t+idyf4p
z+i!Q|AZ0s_bQ@a;zB57Nu+j4cfEx_<9jkj7EU=w79s*wDD$@(PrEM$hFs6t~FE%#z
zz0bpLSRz=$Xc}JKg0vn6!<*nH`~dG*<mAch&tbwzct-2F#HYy+hb?e{Cm#fKU^ZA+
zE_B6^)v?1&^vBi~a)2yE7ZUye3`E4Vz?r#9?%q=fh6z|~@+<Hl%b-u8nXz+{3m3x1
zD8^%N<_5TsT^jYaCAgI54M@k^yn#lQtNICcLc<Kq%$}5Zv8B|P?KQ#Wvf5ncvpE6v
zlQR5nFOM<S94CKkJauuMiKLC`sEmEUs?7luNT~*l-VEL+#gepS^q+Np5m1pXO%<(u
zHcg+Lt(B?CYP>M`_t!4ZS28=-+dtfY2lAtjA8+3Ed6D2FdHma0e2lTrmDpV?T&U|d
zbF_IKevN@Wx{46DXs4Z)Fw-gbbu9MznjF7y_9*f2?;mUZOvBehzz_%hVV}hIWxfNs
z*HS>Ea0AMJ{0rq|$=jokUV>x7BJ^l`(X<M^j+;;X?(ikJlrg53mhbA4aOCC$xEH3m
zlYK>xpl&#kn56E+a8F&&9xN*!bWL#-yTD960^+-FR%OhEBT4Md;k|e_yi{&}=S`7E
z9O6Jf{MTbJhl1;`2X_LNi+_Iq8YUKCmnC^QU+^?R0dkW=+`t7?b!g}ubi)yYvW$au
zY>4<dunSyyJd$pK?6qKk?k&J;ynk}ByRXBk74UJeMlOMkNSg_wqYY}s@KW;*jxMYH
zehKg!ZaA<2(Lwy5kySBNB7lh54-XHA!;9v;b_{NafCGwM>-%{KyJ$6l@Bo^_h19ip
z56BIO`5m~mq_h!H1Dx>0IaO8W58T=Fa)DpQR{;L_0YE3`xT4;-mi!%%JR|e|!%go)
zbmMdxm0I*?lW1crDZ9FPSdoM9HefPTPbeu{xhA*+`aCY_$J~vNTa%}NO8}c}L>Sd)
z8%nMIXL+(N1VyD7MnJyWR9jTS3T(m;eE)E#0zNkv-V2xntCV?o`SvXV)oKxxyRKDg
z*MEViHiYV%UI=1Goq@tW8c+#xyMW<JRlEKbwGX$}cruEwtGgTR2{vzV&vEDC$B66U
zQ7xtn*8IWt%5C3IDRdQd*0{~SB&Q#$+vDv+w*pz4O+8eJdkH)Vk~_CsO{ZTk%C5jd
z_cv&cf1P>uIFyZ19`>0LU9d2o7kv$zO4yq1a>14o7IUji^z;#eT;{`N3u%F?qxd1;
z9X&8MOpV|bw+}gXQD-rUUq--{>GE&@ydFJ9fa_#>6aY$08gUXdk0A{GKCdMRa-#^u
zfLG=cgj@te2fkqAHE=aqHTBJheNB)Eq0|kFr!}|8I!vTps7<U*!2+zbuE0)4O~XKq
z%r<Y|{}!x(GOmkSKbVAN$)H&G1sWO}PebJ|WQ}_TX7*v8{XuCN!z<|E-Bl13Hlr2I
zQ@^Dm@zkxKrlo{bKu1SMnHU}~7(m`@Z`TMG%p@#Osu~n?yQH*G5D?eh8HG0_=IR2a
z?xp;X7Vgqu19ZVd)`Z(m_HNKZ_O*S#13Sf9_kB+xTe2xl1A_tBnfOlGOAAYz%b!(l
zb|9SYBkt?%8y^&pU=^^Xxdy}r`U?*EN|a!Wxa4k_nW(FI3=tcyZk)A4Jwtf8DvQXH
z9DkkC_K|@6N=0MtNYZbbpv-H0Te;mCWIMgLxx-``TvEQTceiyno&mgC9p_8<Y_5NT
z)E8Yf8zm`O2#2*}?eTOw3!;&E+u!oj{zkVx&ZM}f`5Brm(S7fs&zlEKJRc|LSLUti
zuMC7?_xAU%uTPu*bbI;@Y^Mf4T+a;y+}OL0>9c}%eQ~WO5id&s<%=Uj7T*IjL!N`u
z{Kwth*?kNsajSTnZSRw3PW_k!WcObvA*|KE`wWyb-dF&%jatAe-7wfCTrA*zh2IU{
zVRcs;iwBSW-W|7sh!A|hN8vkLV~mS&^RMRx=MBE|7Ru90`_%vr#21!cuZlHz^d;V`
z{0cV!V3-<|nrabCGEG<KRKV^|P2}$5-mvcgsn7sXaR}p|*|@C%4cV9SzWJI6*V-gV
zEC{4<s)tSo&fGMEMKi@lMh}@_BpyTtNRU?n_XVLKVaf_v6NoogFx9-v5l~~wDRq{@
zU}gCevER$;LJ|ZxK{KCu2wQsCj><g$t__F)WYeuP5CFTt7eGug=X?Yt6kzF`f|cwA
z!``j#>qs^$;%juPF4W7dmztH=tN7CVxv1M55O+@S+I)q#2x0S=bnn-4#+gMY5+b5H
zUMeXKYps5ejQtE0i0=K+wMWl<RbeTZDRW+ZU)5j~`m5~T;bBTeSiAEy1?X!qy7T8E
z#sq+fzW!yLco3@Z6<E)*<S<P6f$4~yY0cr09#jr>?f^D<xD3>xF_1rp?r#I6?Z7?i
zH7tw)kHz<K6^q3#hx!GY#ng<9LVqC8czH^?;9PAD?B?AFDbR#bd2%)V32r@re{>aG
zL+s+3E>6VCZ-WP#>vEp_1)S1LayE!4K}&ZOeG`-~7uc+Wk1AKt^YfqfVD;Q62P@G^
z$~Aic%t*&hoewMAg(r6v5Zb=JvLLm(`2nJt|82H-`7XBQL%BsTKuPR$huH4-N!@*b
z?qRy$N`B{Ye^Zq)0Aa`a79RtSsS5FRx#Ca|;IfscKH=V6!P2<&ypC)n#|Z+T=LX<2
zOzwP<J)fV8D$)o<Fn7`>iP8>)1vZmVOcnCeYAMvC9HwW*3bYanlmdqC+D!WLp^4Wo
zBs-`<qmV_K4LCRczBfmZHhc}QQ3KW>@5h%9ZK@ZtC;GD_!=y5$5%Lwpa2(<QA;7%=
z0>&?iKYjc5GONSHUizv@z1CH`Y%6s=r6>q!y6HPfN8pX;M*BI^a^l6UkWA-301Yi~
zq`u}<iF{-PT&NaZ^(uq?y+y*q*c4whsjxsdTBv|EkSmZl@Ul2GEF-sHlXU2x<XK(M
zVI7oCUIUE3hH61H!_!2BQ~{91l#ptdyDpai!=Q_JbXL17{q+3F_cWrePIjvgPP9!K
zhMeA6iIZ#Fo67s-dMF_KT+g}sF-zK+m1@TT%BsN+LiqyJjjnTp6O^iBl9qHI&Ht<Z
z87oA*KMEuE?eXBOSMv{QBpc3N6gN1~DuO~+0l@YjZsfD!hXvnx4=^PVl9s*-EgQ}d
zUI`#Fh%DzX9s&{xu&45{-2fn481N9}dH_NIn6-GHzKZ*45qJnXfD`bbkjwL?U|a=w
z<*^6W5?iCOG+c>~n;>p)!w+<puT9qroY}VPnoxB+U98SUN;|a+uxbSadFk^5$`k-&
zacJCrt{jO5d<W3Vo&oTBuM>BTY-z6T$J=wYS92x5fRDg%rdT&;ntPxDWD&+^ci0vb
z<rbliM`IbIfA<G~iQL5zPiervAOMS0ts-()sxIi6kq+e%=oenBb!Z0jLV$D|B|<X<
z5L`E>n^{zeJN9tz$Qgw(u;&hjR9E$}J?t0|EC5!r0wj!ixn2Q#sH3UAmzStm_R^65
zP#q(+Bw3aE&WJn$3ZJWnOGR@4$R-2&!h%r%f1o7oQY)RS_Fk{LgH6ni_Kn%ebRlE^
zgVk0*mjZ~xFVPPxHdNyz87Z0Oz)*0x>h1HOYi|=R&rloLK`~4z@cLljz1%7wh<^at
zv@txO=iR614}ds9Djzv`N!^|!^A;{+^8jfY24^-f6{!PgrMFZ2?Ncm8&z>pPHep;w
z!_RJ45Ry=Je1c%eXLyR)KL|LVAuvtIjow0p2q6Ljg!36#tumLwsVA#*HHp6L3FvAV
zBnj#=$pK>R58V8LYZv{-8ZhyG`9s-K!;xmMhpq)FfXULYq8hRot4P+q?g6NlWbSd8
zb@|S+6!^IVys*o$docrw52XtkB9v4}6F>I)gvqJ3?r}I=$!poYF1?7=iL@-UhPXI|
z3#x1x5H-5Fq@1Q~Q_AIT_gDpz2qjrQ$5@UmB|N_s%TQznz9x(t^snF_p@$Kb5g}mD
zB}k>OaDuz2f>AFw*k4_m*zQaA9c0$l^Xv_+D+QzEP~T#?uqzRBsNxd%E;qG9s~R0a
zr`sQZ)70z=&i8u!pK9)(F9Ba3H2}Ld2ocsoQ*_q1Zn`)*za4#M3tEsp%{{uCOx_&W
zJ;*TijtjWDw8s8<!@5(l(s$8CL>zpz9I6y|(Y0@&n|~KF%>o$5?xOc#)#|`DSw{Nj
z>En{WnNy13T)Tcxcc)|bOy`+_dNLLPx!nuJw`|}j0{qb|!1`7Bi4%6)Q08tMVB32b
zw*fIE!=0;(SL_Sf0C6aS!t8q{R7G3UZYg7lccY`MAW=VWAlgw(2iRg90!RWFAcJCk
z+Hp9hNQ_7ArmT|EUY4!X*7mlm<X2Ka_dxCh1a^9VD->-sMch%bF)@Gy=4xEIax3U5
zU|B+d*4U3_i)x<&{2fdR7TQZce*9SMG~mYF=MCgmz)gcbZh2C8(5m1LBnsebUWane
zLZ*%vQcW#by}^>fktHs{_JLJ`7WxHTF^IbNF+9-_OI0~(5;S3oN+;t79I2njPr;ad
z8;Z{&v>VAjL~lSiUIQo#f^r<QivTOgYbxKTU^QUKXe#MiK<1z?cQd^rcPM!17hCm(
zAK%r^-}><;HI*)O4p6kRY0$j1vd^|$zs$S<m@62o01Qp1Nd9u1F5+iarE|mdd;)`z
zU45H$Sf<(G1?MY5-9fuQe*6JQ9hBnc3{W4xWY{jxN=o!_=>gZrr1MuM>Rfa(<rOk|
z*Qy4tOP}5wlr#qWlpgU<OmuYN)dj&<DKsCQ5~#h?y3qo;)ZSvbv;^?A(4jnjNIqYD
zjapWwYUFy?Y<*lD8#gs@ewFS$lzOGCVhE3L*wBToQl`8PMHcXNGGPaS=XsY495mDS
zIIFm(!+m?V>FZZjS1dwcW5>-12?LyfUqFN%wwC&?(8)-Va{yqpw~x=KxY+eR5@ZPj
zRwe+Sf%|gHK8S=})>#vxBf@9_d!br8adf(FwhddR+G&^#TnH#K`VhP(B{xgyP%|s(
zz+@74Im=@~D`Cy3R%ln2g;&4~*5m%S_>s-X#@3e`$Y#V5<Jl{+cieP?d*0mP!i*E<
z@yU(ka|KFaEg73hmW7{s{A8?3r4zZHO;;C(JVSFitiG)J^}$=VSD`eyB{f={L0h|R
zz4l4#=P=I?E)5?X>*yrYAAWxE>O_I^%Bd^UJ0msk-YqV=dKXNSt*}W~xRG{Uji%j&
zBw%|q9bfBuy!XAEc7@(!%o<MF(M0i4^dsXyGW@$l<MqcbijhqR2f?UVo15T@jJ6x$
z9fIu*<BZ5p(*VTf7y;hZi@0dR?IBT)e96F174i)ZTOHeQEn%JUEtsE7zbZXxhW7_^
zeSeLaFPctUg?1EAojxx@Ad?)^CA8z4fa{vueD>mpRFIX?(WTW56KEcPE4J^ygg3nj
z=-b8aNDFP1Oa=-~*SVWZcR-N6gZgB})M>@JC-7Pgc<oprJN{}vzU5c`{ODlq#@uz=
zvuD{Gd=mpt+p;_?B|P5i*Kh(HDO{0{{=-r*wh<E-e^6V?4bk&V*uew@=rW_*x79K1
z8`Gt$U}ftEFw<d<LTA#q?gUYhk=i;sd^3Q^+g;*0-YcOAm<RIW(a&e?TAVgEHm`Eg
zg#5AqemiMSnSO@kZbk;-o4Bh6{i7-^iPd^+SW4@m;bGnPE|aS|hK7T$Z~tuE-}zjA
z9fbqr@ffqe-&t$x6M)T3>g9i-j9nAa*e7>aSWJDm+C5%r{J3>PWtZsm@&4;Da2h%W
zH@1?C2nAuF7x*ho-94fJC_LO-N*NZ<eZ``1NBYlajbp8P7-=Q&_R~*L`d_=ocPs4o
z%tzC^C#mPcZ#kHc7O+Z2uN@z49{2V4v!GBVg6v%ed|57Zy`%Uec6xdwm!NU6OvSBY
z4<86WC=Va08^Nn0ri>N``h2b;s^bfk%=nFTZ5DX>hb--T#1%~rwO*8j5nNthj`xd?
zl|%P@?d{nx*PWet53q(h8i31;7t<}j&(H7&`u~{IL9(Ya8!Nim*XJ#?@b^^}NPhHd
z9MKc@&qb(J$32BO(tQ5US6cvYr*7od@*K{S(yo3y6MeNma&hqxUNH6LRr0f)-~ARA
z(!1$oMR3t@Z{vnHp@M1w^uD&X_Qs3fSFvQr^vn1<yF}D{1VsQWc4#rsKjXVHAFtda
zyA_7t%*reLHRR)OZW2}Sv33w)-Gu)Mkf@CgKX!^Qu>*%(FK6`JL&=fFupw&2*>KD*
z=4_|nJVmER%F%o>;SF@<f$>^e%w^Vrk@>GsjWKT+nXz<hwF3Q#W&_V}aN&sTSj#sC
z=FiSbz_IU}ETs@Ol5~DgEXbg3@Eg*oZ%=LXYm15QH<#XzcMGXXq<)g+4sFnBnqT6W
zk?Kf}+yxl-e(T3S8;}kEAkB~f$Df|S$inVJV^pAnfpqB5@ZIJfNh8;fg>oJgPo>Ro
z;{9fPDzScn?t+qTE3`0@sDw~s^GWh2l=-nuQ0t0H^`sHs1>oMaTiu&MX)?s-;N^)a
zu>Pa*^R`tgGd~qar%lFJNbu)qjI>P8x95sD>J?l|e1#UMExkl$$(K+!e$&bOmrD~P
zmHlkoYw%C(B6;?5aR_~41hR7bPT{8ahv#f<!7Ev|yw@?p_^Ypqj}Jem7U3L^zxjj#
z#d~u|z!vY0Yp$1&vNGE^<*%RM8_J&fW^ZdL>}O-~0u85I+^5X*dypO}u{vXawsYD6
z|0<aI2Dp9gTX%ebRLNCkM%7#wyN3+Tfx2>dcsM&d`|<FT;_41Gaiah+LScdPE)M|I
zII_^i1QFS8In6Y8UIBq6+OWNDm|rCau=c#vXejyP90nPGmE=8B96>{!2{AFT;#>e@
zg@A<<B)plct<)-YFJ5rVN4+ZfJX!|ZsBU-H#M`^&JcBuN(V)d}PLdf*umxw8^im*{
z>j;4XVID|3#0QMszcK6AzZrHMq7eOs;Q|pI8$z#1qC9huQmJLQdkn#hbpW}3FQDL-
zn^_efaz+8#w`&%JT3m&}er_A$u$!Yo(t(eH))qetV~i!1V1fySB8q}G_#T-X6-Cvk
zO7iH4wY7C_4S2vBam#frAMW1M=+y)P8igby7%7Av|Na;TEIYGt2VScJC^Vrd<p!+_
zp^g>&tfHKpID&y*>*yNeTAe460>VFS+Yho<ee>{5h&2_}p+<w(HG?#0{GyVQ(eL$r
zDha)4l43&eO^l6<h5&%&cj`HCzyM4QW&S&8Q^91e0hmY+Pt-DFS#nMZ^RUp?q8<8j
z=?WG#dSMuGhe?a`md@+?k}n76^utYJp2SEj-)R5M)uTZYx#42U9kN~z`JJ*mvn#h4
zz|~#qp5zd#M!ui9y`2FFWfw;z3m-?}vQtH+yI@hfpur_=H5*vU7eJeUV}K^}4qJB%
zLch3t=UA&Hh&oSama~)QEsLTs1T8Rd>o7>mDlEJcpa4Mf*QGu%d}c*uYwAS^Xri^K
z;7+Rky_0cL>bKj4xup}Ft){=$<t@0e|IQFB6B$*QK3~dFXKgG3W&AHFWwezcyi&KK
zGO5)!XgQU58>1Xg&svP)PYc)64;9bjjq}OzVoMkRaZI@q;rJ8At#L5S4!?u1D)9*=
zR9eq{YuDTWU!flQ1%xXKD;Q;E<>|TpI~=4DCwxAr1>oJiW5E3GR;43c$>;!vl2f7l
z78I@|1cZs-EP`=8ml-)ZL+7qfEtt+YPHGA8t)zq<E&=}_lEVjFibFPI_Bv0$Ky_1}
zTz*-2<3oaK*zVUD7AM?dqQvsK+jPox*lk>Kob<t~8!s9mcV4Wq38NsVA1DO|&K#sh
zGkc|&f|}~;h!S>{fcrRk=fh8TeX?)(^!N3Zm6CGb<OSnIG<plhF~47j9Yx&@b?=nS
zR|P%<kZF~`m3U~#D1i0>Rj`b#?DzA>2P{t{tlq&9_yeH+Kc66@16^wLn%~QkI!^Qs
zEO<X2ynR-3BQ4Up<GaureB9<w`Inddr0lZIP5$u;=bA3FFaSFw0TOTj;_p=Abcg+j
zE}#?sS-+q$({f!Rziw@FJ5Cac;?FSth-iV_&(e}#b{x<BfYOV&<TK3SJ5YSYLSxba
zxZST?{XB7RnRs|CI#O=$3OuyBefx!ps*2>9)CE+OZY%ibz5qQ51_lP%GL1i9&g8QB
zRpCiu+})SqC^9<uH~6v=j8BY@r{07mkXzAMkeH;j+Ai}%5_fi1R;lgiGrB=mGNYl!
zv!id?f6r~o&TRMaJSgGtVqc00j&nEzbSKE;>aZ9X?Dc~RRb#J{w&!B})e_z5{xV|?
zkIGT$20Av?KyPT2N1i?MxNxCd87rZ4Os$Vkc`$tbNbbZ5ruRqC6NEu^BIKw?x-6&T
zvw}L+FGtNP>kNSirZjEPllxYe$hL?)x?4h9MQ<_%ZDR_h#fLMrK%?}PkF0vRxnop}
zf0gHI%a<y}kD=FKxJA3>Ly;Y@WtE@t{Mu(z)*hzIFD!|7E(R-u`Fr>=i>zz5qLxNl
z(i@DUgW%p{!A<t==p{LBF!O}za>7New=f*24`gL0;h*B*kIdzdP7Q=1>q7iDykh67
zIOE@4E;U{(+|oM}oOkhwq7Ti@W5r#G?=t>0_D=nj@zV^C&JZb4fHu4f8Gi0CQT-_e
zmHuKKNnWJuw0<Qy+Z4>>Y3hH#<-PU2lN3aqLV<h*+61GVSm&DXg08@LSEXA(o+z!+
zOXf`Y!<tCP)%S^unVG~8|6=@0AJ|R1vVG&93OUCQrRTsD>ndq+{4(7Yyxzb;HHT3H
z{}9^B0APaA@TemuqT7wi)z#HF4n&qDjmA1k&g&P<K!3yGWn*Ntbaa$*A|DW(t@nBV
zg#6U;+WBMg6q`X!+53tgZZ1u=ADzI?C$lFS9}?hfS;Dlet(mMiA84LmFjW^3A-yq&
zyM7E6q}|!GiRq)>F!XD~8H^Ug&_@GE9D1Pl<nmo#<6sQ7o4#wwU0@}KOp%|p|M`X#
zjIw9-CuDyloj=s(bob)A?$f-&%$l>AtTnMHDsI}>00WQB(9f!=NuqewfdG(6(9}FW
z`qfTLLGixcjg+YF&83*h!)~6V@AowRh(QMa6QP9B-BK*|NzH^Kv$2wMUiy{XYWG@g
zt0{YLK}iS9Ibqg<!-U06!Zd!RnU9J`o{)*69!Vd`up0Ob=P>RmkoY9U#3CL<(+3q?
zfT6~e!!>GQ4Iv@omoDn&;{hTrHt2B}po>XKQ4{tzDY$e+4@<Xt!<5sDYl^8#T0sGI
z+F25hS+-^K)@Dc?Ee}u$^dx`;P?s=_*9{|BNm0?%HKKtNgsM1M0z$&xK~Y-wQ{bey
zt?w}1LqB}bSp0{|6901Uv)$c*pi^oVsYyl0ua6JUU@(}pBg#*9ks$8FdW%&xP_kBf
zpJxj~mZdP8pF*NBf&SQQoK@W{j;ij(;vbkphitU{axxK!jrxlBj1al}Xwl66ujSo1
zwNdF>HWO`RL%zU9To;IAM>9(fK|rW!$!x;Ii%2%aXjw5z(#0M_*5|O@gx0{BPRN`)
zhb^&`7Ppjo9E+R8KZ-j19;Xos6a4Szb!_PFu~MGZI>)Mh6~C_PKImClIAq`qJ9U%Z
z?ZGS4fU4AlM%rhxcP{#&Og1-T%-YA$DOr^SRrD^M7|a4%Ax705jFUD8zZCeo=t-o=
z3!`1!Rwr?6wI*YR@aZl=-pjy=!AYdq4wR~42Lkx`J81Z#pPX5ir_c}mxybm?Ed)1`
z;=J>kcMsQ3Bd%KGEgL`37w+0{TpBK#OZDf+_xt?!rpa8Wo44a+)~yYQrW1WLE$!$8
zrbo<-XD`GX=zQX_uB$fAk(IAYD5QF1V4D`d!IvCA!fLWWHo}$vx0oa{ASjOa4DSd(
z89v{f`Pvu1ISI(<&*6YwZTn#}8xa>9i+EzTAFjx3!t;k^HXn=P{`KqEaTi{EeNeNE
zW*ZRU^s_~#gs>AVpTSl4-T4FPB#c<8W^nKU(k)s+v6xg5-;+)t8y_%RQ$B(uyw<I-
zqn+YsbAjjF-32#}`Nm;;P>39_ZO8WQZGZPtIG#eXk?Q5mke{ZI2Gb2}uaR;axoNP4
z?7@%t0MqdUpd1~IrQEi1aF9I0f$1=)nm9q{I5<44vzB`)08d_KM~vbM9C{eM@tB+f
zrdb^}9_L+B1nb^lh|n6fQDQByg&hkDpn3zO;Y#FwE*hrczbZO4<65t&B5(wX${&5Z
zsexpaWnPY`SOCR!8)j;QBc#N{NT<6^@f}8_0E0_1rk^_pgDkkfar!*BP;Sp5Ji)x_
z`GwcqyK2(XG>yAaJcoD*z`ruPo69y*v5Oy72t!gxoB9C^Yw>4uMMtC*#3#K215bMX
zhMt#Ep%GVxN8!w5hS*7tk0P_MCrRX}*IXUjr8`PpWcfE?;x%S%Pa~<|smaZ+V~D0a
zg;>J#(%;ftV<pS}0^P~!Hy>+a)~Kyzl~+?T`?G$|ZQf?FcILcimj;yPMWn7&BE@HC
z*uv)ZFu0M(`annTa}qkjn7tk74v<jzmOh`8*o@0KmaSXd?P$d~5{iOcUk5cf#!${`
zF90adMXMObOAZ{kBmFz<LZ^C`-LhqER}Tl$1pICt!T%#woPb31#aRb8(Vsc(hr}x`
zK`{IBT7^!yIdp9Ys(wA`;G`eADreJVZiDOxEei*UlJ~Ui!w^6+d~$fPoD_1>p#~nj
zT$T2Q98isu@XK~^H0X@@_4iGbUs%~a&m=1m=jG)ge)VTNk6jPr9P6C%t7`7w_X3Wk
zolFH4k2<H{E?Z0*@$dUIb-2iBzW*{{icF|>pfhdGQP3LUpf;(jns>+^w$GC=H5s!W
zX^{ENOeG=yOzIk=$*gXtS0CjSZ%9yNUpV7~w@A_noB3IJFG}adQC`t{|7L0`DS2pU
z2t1m;B+0ypzk3MH6_CkB5|Wc^CyM<EM3uok2x>SjQlq#uVtZxqs|;Wo@&yhvuJF~s
z!2LHoWm@<cB*x9=4WFlrh*vNxZ(rhEx|5O;hHR*Gj>e5;ghWITv<o09qddaNOjqbZ
z-G_+vd|PmnftkUJ-Q8W-+#f;83x*#8q97fp6P`?50y1c7D-6cPQa;get0{r-AnY7n
zc@6O8GCo1+YHb~ph&v90b_}v}bJ+3i>f}LX|K$Nld&h9&q~zrM`><@EX39rj!`K?e
ztCoH7d6*$UXZ1ux%E72IqH}iE;o)Pe&QwsUfW_m<9{lVOD4%izO}Y?+-LRuj$>>8D
zrnjTW9{d|5>kz<j!7<Ct%Oe-a)$1t^{#p%N{BxYivPvL&1r~>&@Cmhe>f*zoPeN3a
zU{jg7_IO2`2TCNE-!@#F5Z-zm5gAGFkV_?DMN~}8zTQ>W&Tbmv??WT&`d-)3*s$hE
z0zbZkEc-U>t#L9PVh45ZgXs{(N<S;<N}Rp;N2cFjw{!=YJi(M#=!`dh9uZdiEv0Au
zDDX#n+7c_AQL86oX_pqCF*tL|V+~+nWpfOHP)7tEw|cTqs2ih!rep0tAwYY{#S5qc
zcEY<vJF#!*75P80NhDcHN{ssjxmDK94iG@OGC%<`4TmXQswZL6za}k@H=2lxON|^R
z>87Hk?XQeiciTo6=T0XkQh<vFDYG+AQqmgp@sb(W8rknvhFH8h6GRPA<IU1B*U_(q
z2cl9^Z|+*;7J!Q;ot|$K$VobWD2=WDPOcK(1pD3Jb@8jmFrllPg_(zG>X9YYKw?6I
z)@$=|PBCa%$lN)4>5HBB*8c<t<A{1ZQl~q@D{}9}8@L2CIhOt^{5NYj-MXhOh@Xj#
z&o<ttVmTY#(mkd$W$F7%;>M<4`rUK*j|3=l<w(T*`)Njls$&Eg{Nj$G24=W%WWf@@
zL}J}T?<Q=dqG>o$92sv<U*d-2(?5f~#&wY^SBI`~mAo(Jwo#cc)Ik*j1OiP>O`q^Q
zFbt$#sOCCLdwa2!2-ZwX<ua_&u&?-eF}&3TjQFePC&=F}8}bBL4+-!m=U)1A<JTx%
z>P5x7-PKr>eVtelnb^b6mrGjS85tTTjNnNc=oawP+`aE%O0%A8DSpQY9Y8LI`z{zM
zAl^kYR8IaYK~6PX=-Qc_QhYo4c26?rkL&Huo~7BiS~HRarCv-PBiWJ{!99bx(<sfy
zzL{g4ydBk(x)im{nVFL4r0vD<D0}w>RNzRju1bFD7Qq)0e?N@FS$x@~g%06G*77_W
z%W-}RV+ze#HC=r9<XAI?c&-VumI%q|v~*G4FRM|weY|xqoj1qMw7wM1_$4i8e9`NW
zN&#5owmWrC4U!ee1DXJ8)D+|k;5O1<t9LgNG9}~t#<M@#M_(MVCwr(8f}2H8jG?a)
zre-$sy*-Q@qxw6%MaN2h*N&z@CCzp^8PT$6w)($bcVWBtAz`CrMw4P*+L2*pkoTMP
z^X7dR`Tbd-4I?8aS505ru*4Hxnov)~U&7qrWJR~x;%4-96O7Av6FS<YQ|+(IV6Wbd
z=~W7j#~7jogzvA7G2eguSW*9qP4#%Yu$W&XIsQt`>qG5IRqpJU&5?eaMR+LLQ>e(+
znEZV9YnXKY68VjZ)jPlNPLD{kqV-8fPtB`e$LsF-qWrLQr%IxKy&@#2=TsGqnCM03
z*jv{=wfWtkCHK_5F{18v_IXH>_=doBQl_y}zxb9u4Ln~?6>7#4(B;&hK(WhB(VV{d
zED3dEcy&fuFR@Eqi}@g<u&@mvjvzUN=+c0HdmiLkSSXJ?d+1DF!B?E215c81Kfas3
z*l{oXn<TgNjaN0fih3uJ2RK0NHb5z}EX=4sJE~ppC`Ze(;XhX3S0->P{0X6#0l%id
zU%9lSF2y1)DcjP_+FIyp5=`!=3qVIg<7g}8{Lyv}EUPe0N9>Y2Vp3KpTS{z6V$T>e
z1+T8&J?d=}%-MeWX9pX#64RL|J55C*RK|9^z|@>!1P;qW+=DZFtf3Gcz$;cK=EPdT
zD;-!N67N>A`rslybt(44de{%y2dy`ln#@L&#%k~ym93(0Wv0Cg_i#7FQ1EgUW*!+N
z2AsjpizdkOTT0!N6%7ox*V9ZoOS}6uvcQP>eflS}v0G*Y7S3$t8MpI^Q!Q+5<50@F
zDi(Mn{K+pmg~g4eP19n8>C#YnP6;Iy6>E+=4l>Rs6N4b+WOd1|qF>AT$`kjRaeL5d
zl|2#7_QU8Hklv5Mp){HK>m-@Xof7l7d`Z7>|54D&rk|kyjYpqH%IWbm%@sBN*hG*&
z5`zhUtMQE6sQy~`8vZlyJsEo&n^;w)#u<nKIBey!I^l$9y742l#*-C+$z9*3{J_r(
z3|MWJaF+o}fxAd#T8>07$FTS}CYH~(IxSwnIe(u$OG7*=;apT!^I@*zj!H7C_UY3v
z|A*WKu_|FzRgQ!@T57T8J1X%{uJU@lFMn3IbaiO%Zg{|EDIf8p;exw2?=p?(qF=S8
zniFO!wByB#Gi;HpycFMXyrR5unQ!{V;Rw6lH?#^PcFdb=e$s7{``+RiEh4Fw3(fsw
z2k-J#IXs~h%X9k0gbIDH5EnZ<SU^-P^b&)4o^wuVMy~muTZO02hiftEx%`;f#$^h9
z+qw3OWM5yaIm9ls=KPxXZo8uVA%nca*o)<q-?OlYEA-j}l^FGp?lK+s-c5~m$5h>!
z&Otv2a&ZrFasN$S&L)HP{yTjlz<&EknP!oC8P^=++S<b{{X{gGDm=s|{#4D;A<aQl
za>Cp6bPJPUiTNkBwWe3oYpz#(hmm;T#;lmkzO;mdyrZ({x)awxVLQ%|E(fzkZ@`(b
zu|b6~WBr36(znyY_-=}rR({5t(@Fedjc>5KN}`!KjYi7__)<`gmlY&F*Sp|MEhZP@
ziV-II!rgp7$<J`&0~elLF+&_zxNBWFnaQB2tfQx6!D4(sMQ%cs2(fif<OtrP1>TNW
zxh(x}F9Q-{XErfVvM5c&4s!)ex3N+f<d`^9FyZryVo@kr7TYRfd;dh&DlvI;P110`
zvh&^>wq&w*lIWF*<8x2qFRsc~kr_~|<IX#8@R|opGkR5gEsU_QFvyuzB^fctJ(Iwl
z;q`x+XrQk+O2<%XZm5qxaXMDAf^gGXiQ|59m#pXxw*0s20?M92Bs!HQV!v8~=j!<#
z#s9<DS3qUCE^Q;-CEZ=pf&zll4bt5qr3eTjCEeYKfV7l!gAy+wARsMZQi_BMVt~Ov
zFR{-)`*^<d@8#OAB@fSY$J{e>&s=lOsGsf1dny%&9<G)1aaTG8>v2FcOyUSO2MWlm
z%2W?Yy+fwO?k}GqC`9pfd}YYWavQyYWr<X%ysS*{^poM?zPn7mdMtuv@hiL<Mb#}D
ziM?x~ez>L8+at6c0U^AeXiZ=Z>zHzrh1#Eo$=sL@A^Ysq*C*LetYx&+Ek#&NMfyPE
zL!0nJ1`WR-tXlZw?1U~1Z43`XM2*}o%g2b=akP6QiX@~nnt2>LooXXmlfT(pVdZW&
zzp0ZDTzciOi$z)d?F9>czvLCUBpy;Fg(>m1_&FIYl!bJ8c}a<AVL_JBg5t+0P1YUO
z#d)WSzJ5*Xxqa>01G9s{5cfHG`MZw=EE&3O;|9||SUWQO3d5M{c^B_zJrxz5W8=9-
zo{*x9%}kHFhmIg&%=*r@N%nCu#dA*tiy_)$!J~L7+%}696sa=jKoW*Ulzj4CXRc<o
zpZJ+UrNLB6f#^e|ZZW6~(Hv{dD+c=dLqr&=Lz9y_bndZ)1ktEbre4ISsOrh&I(7>A
zzkw#=;o_i2OjMyJ#om0$DUUn%lJ2zQ!c|RaY9ql5ab!*kNoG_sr&M~l@p}{egvM{Z
zm9o@9AxU$uVJBhh&F*6-u`llINJZUZ(N=9w#E#aPL%&~YiiH_$jOk9q8QZw(3Qm5+
zi_^hMMWrNZB6mMaSLADt)EZm(E)mAOe<{Mzmver^!Q4D|#n)4@{arG45{q%^=ZS!^
z63MC|RTXO~B{cVMx-0DhT<z$(q~FTIS#gVkE@In~g-~saUn(W}#xuzxAz+?Prgxr`
zAOI|8W_!JQ3V*(!AVDwOEy82U_}%HgB)Bwb(Z{a3&MpUHK_tLoBvEuPZ6k?+f7c>H
z2Exq5lN`5{lMT+CHlO}3T}-w@^Wjp#+(IA1i`mipsYIbz@NLfOmoY#3$`rA;(FOv~
z9_okpwNdE3$qf8RO_5}<#IL~QmtSeZsp+Y`jFzlJ{|v$Yu$RluBk051NeiBp(?vAQ
zeMD3Tqldy?j9?+fR??=Se~KvCU?*74IaIwV%lr!RdW&<ozgQ~<XoWED(oZAoZFWD#
zwLB5q?&Z?>w~r4hQ76z(B1!_uXmN*>k+D5&rwj6Tqz!QtonuL^Eyri|))o1+N(#1b
zgeU*!uO_K~V5l~@@m|tw|6T3kD^x`uq-|EdAgveUK4~NW>XsZ4CG(1n_0RL4dj~n-
z?8f@1Ezb48<B^{NUz)P~KrWl?0<k0M+Uez$xDg2f&){V=BgGHTo+1>GKl7*~#tAEm
zjC}HaY;kYdn<$h2xrmjn^fTm1hu^~{#V#)`<>(_Ak|oNdZMQr7s@<NA1i6-Gdh%D^
zU=K|*OPOVtP1l`9{#zr7miD>3qs~n%gy}4WCFJ``@(Jf{a6|5g`nHbWFmIh0I{aoJ
zGYy&&c4ETfqO3rC7K6Z<GfxHwqhe##IFFVm1^!D-{k*f|?Bb$Pz>=I%^dr!pNvC4j
zxAky3KjW2|=q|)Xs^uL-%Fs<1`1trB)8ZDmhigL%>`K`=IXM{_n8rG~x@hUB6O*{V
ziaPH5OT${h7Y5r%aKdaOx7~0AqdqKLZHA5j?d|Og3nuc1Z(j(jsHlJp0bPMg{^fif
zc@yg1lK!<1+>GPLE9NSXdbq?Wxe><BVu$lS&!mmM+}STZ_Z?l9pl#RfaD{RRlBLCb
zZ?&3?miSF|Vy#IX4)3m2%kzF5duQ_KdjdMoXpg5fb~vS!$R|;`GQQUj<t)t1Bfl_T
zF<%A6j!3$1@B(9B$a$8MwZ%gj5~pPecH8~rM*Uh`GLZje3)#ya6cIiZ<OC)usA5*|
zOB;p9O!0a4<+Jl6V-LmlDx8Bl#I4rNn->~$2QPRZ8P6m&!eYW{>|GqP^yFzC&u?i&
zCto-ZU)U66sBS2DB7S&y&UGiTQpQ=2;T?^6$E!a{z=CR?PqE^S^3lpFpAlLCzcK6c
zlFP@%_57C{$kh&K74D{G?dVq~r+a@icqjG<x;88P8y24Dh%$3X;pHnEVRfTm)!|PI
zRe1=jlo?VIm>={Ve-T@B<+iz$*_vP@i=ZF>edG`KBno2FK1=J#JW1v`TxEizUwZFJ
z<pJK&h|jj@S2vYNua_>^mTbdt<0F=Rq&cYg+C!eFk?s$lNY=45B+4xHdCHXg3=64k
zk~HI$!!ua*|61mwg;BnbI35)I#wDW6U5X;ac+joZAUM77OEn~OYXK}BUFQ{>DByR)
z%8r-6SoC;U%sRLpTO02dC&M1xjl}cJ|BXC3#jAsgALIEg{H^p{gmf^JqGA%Zj@Ih^
z+M3507E1}!vq!gI>r_=%rYZxA-?eLenCXxrL~eKzq1w%xHw_FZ8gZrRn1rOHq&PV_
zf$HY&#a;Zb0ouGQ=Kh6vVW83f+9leeC*q9$@ls|tJIq-imI+sLWY`ec8+DKy?P-V1
zmEPL6p<DF?&_Cd$x4~OVGSb(dnVVbtz#+U63w+VBu<VmZCt`8{IYwAM%7G9W6}n^~
zF^96AkAU;cL+&Dd2GB1<mjmcULPw&6y96ju02I$4F`UE0>Wm~|1PKxT+p@!d-<E4}
z{O|mkT=Q#6BGnRD+zNsy`Aqb*wDKK}qy=qP1&UpfAX8^&HjIuyTiYVLJ^7d>*jUhI
zl{3djbyC$+{9R~GWu#i|{8i$lC^{%!g4j(-NeR`VKuB=SP31a_xA@8-`uh5+jOq%j
zs?>+)yoiNhioP?*HN*aKe3~2C+jBk#D|2f{T5=L)Vw=S&qkn*)(v`8CJNNF@aN8WN
zoKfH7u%a9m*M@n3t+l`s4pJ3cy?#s*9YwX%k7t)l342RKl)0UY_#Am+k_urnqSE&F
zeOd+SK$uc5KJM@51NJOvJP$G}A<@n-k)*r%g;)>?+ye?Sef{+Jto8F(S<w7h>`fB%
zdQObnImOHy7m2yQeEIB#LzU})8Hnz#K;8_rqw=BV!BY6@?JW}`zwL(P;siwFmoHy*
z)DsFVIwvaguwZ1zx@dvQd~8p;cp6LuyLo>r3JYx59>8}#fBtMw_9{QFGiBDfX^Cs_
zJe`n&4LVbZu`K#jIBUI@#gcTrdS4Zj`$KM4mZlXwmMdn&%k|P%GCXz4Dl5<WMHS5x
z<f!5%q+nmLIo1AJB;3rCigl7^_Q$d-T~-l=3rasI-WLvNN>rKGL-MnXQWdQ=CX=~-
zk-0h3$hXg5YruEz!Dg|c4(~6WuNHqg*c<f%E1WmY(-J!^n52PxE)83nBB^z{x4g4e
zW1+WvcQ`;x47D!Qb1HvcU%X#l1-(>DjYjtLq$%4Hm$Hymwydd<S@hj}+qbRbXBrA2
zGNSV`fTV<6UTdPtg^-&5oaw}cCA1-S2$N!5%>A@?<#rNFNa85q3xV6LxV~QJ;%ZU?
z>(Zdtft#zSjZ8Lzljm4%UBeW)b6H+BS|ZG5V}ya<{Ztfd(W6JNoSRh5gN!}CaWmQM
z<BbSQud`Iv)oCwz;Of5R9=?0iO4shZbe}vg6H7lzMaR7>_V(oD<SLAPHK*`wG@hQ9
zE=)^i4KntGh<saFxNhGlDyd8c8>DpEIXJ+AEj7#3qj-#x;3x~-mmOHsM!9uAtJTl+
zg~L<&_e2S$oXXNS9O)^*pvJRFX;VND%Un}g20faTq_4_&@*yWmZm@f_T8&#@u}X}U
zCXFDT+UYe++`DIOLu}^f=K++{+R;;96=K&GIu`YqAh!>C{Y~gIol8y-_BBRpjFl$~
z)o3_d7HcD{*f(K)1Dh+<M~?iSGBr3mhHs{D?gdL<EGO<!D(i?;o7C31D9*01j>~YL
zPX^9c==YW4BMVhL8pQEA8hOIBuIA1n*uU*@-APYR&&Z%)WW1N19kcWP{rmBIS?o-u
zZt^PXlq@=wBpnH2WJw`KLGtDHA!JhzS!B(4@oG_sNxCAKFpBwngdL&oV0?S27U)aH
zAR}VNvoI!E6K1QR5boLS|4DUodV0F`f-A9%S8+c7f-J5HWtWPp>j%i+WC&Oi@>v)e
zl~Fze*-f>y%e;u9M-o~qa4nj<Psltaod3?MMkHPmcBz6y&_x8cj@4=7vRHY#er##<
zToq;IZd8>RbrP1ftm*#p5ws+-sq5jQ{l(Vlz|-Z{6dPDkRRtMIZdO)SsMuv^w}<R+
z)ZH!#q90juFG9&EDT`3D2Ude^uUsk3N^cfKpXTG{P8M6hxYA;MN=^>_8lPD!vRMQY
zVfZD&8ugAFnY2&CyS2M>nK9B=$OrR-=FY#<-OS3*a?&W(UUJlC@leSj;6_G!aQ!6~
z8=n09E{o3Sd92txDe{N>Q41o>4%dB;ntw#v)^-`7=Rl-;2`U31(=(bU^#cO>gQKJ5
zT|wsFn)ACK$4^DGKJ4t2gjqn+xSh<mskF4Tx|(oSi-BY+J*ao7OHk^<lCLyTa#Xvt
zuS<xh-uZ{LOCMxbpe`dv{02vuySDZOlES(=o5-l3mP%%^qJl>xJ2w|-nfNg5ifvAp
z+A&SC<16KGXNAGNNFHV7!X{Mw6WPjBmxp`8-JIagZ%VyqE<an)-WrYPsFSVR3@Se+
znN8wyzr(VEsv?8l5R5(i2HT2)$vmPKKqTtDP=#26MwRO+O`+htsMjrTt(_F^4q0L>
zwNBu5fcix1SAZ=~h1Oq21ET{jH4o20x&kVLmLJ(e${nhI768g|#VGF0rG5zfA66j(
zHU>nj44Xp00ythn&G1jrYiei!{S$wMEuoNfdDKO<Vz4QgA(bSGHnz4TN_-7LdNR0}
z?6=Pc35yN838Keg6v>g3Wt2;wD$egr>mgwx;pU3K9^iKgwpn8CAJv1D?(Y5OW{S4`
z@Hc2=;NpM91Z~t~fBPnL$mNFS9k(W$W4&#H18Rq9I_b<ham<4$0O81>Sc^N1(IpSI
zQ;&LqE6i$vNhU|Ff>p*caQ5t3N&$;b0L~3HnLH@7kq`@VbaAhzQgQ9Z=2?F@o}(eg
zG9fwK?&#xS@)%ie0saBsgUy*><=Lyb<&KJ481#291zyY`Cs3)ek`X9e^%V<6(JZ+~
z^#xM$0LZW!!>sS4#jxA7Idw%t!<EMS-YJ=i{2=cPu?lq16*rhT%D5gXn6}EhyI4y^
z+hJds5;mNq^B8>#7;X{B7y-z|CMX}KJ;kB{jh?WKTQ$Kr2r8~XZtOZ>tYI^ThlXT=
z0S64Vj!2x!B*i)fC1nj%h(Y)m{-4ePtaGpYKaT>?z0fJh^^N0x1zQMV(NEyvt*-~v
zEy*1hLv3wl5~c^reRPyG7-FKFSb(|&f;=+(o=(S?G7fHiw}9t2<bW_sPDTE))i|fG
z6eu*yH&ZG<l1h$s)(upRx2KbJ3JDA5BtD-t>jjvh!$_8PWuPs|4VLIqTI?yn!0Bsg
z!IgZ&mI*liA?=4p!7JvoQ>=%cr4F~0j2KI~Y-zI`neoQ8I7zM06ciHACb*DvcGA5E
z&{Y(Zwlv?AHQ+3Q8LEvN6zN#Lw4YaP$GT9aud5sC#mmn>z`gq!kbN*$4dp=3QV=)X
z4mC$3#g4UW*470bsqB1w*S>Df1KFsOgO+xL)fi5DSZT83exg-h&gtSJB4nmHYS9Xn
zoj!a*F3RUy#JCDs_sZZLJBj-)mZBCZh8_24IEtet%V0V-CbpKg&N$Yb$UA~k09h6R
z+z;z)sP3IpX=%YoI#x(DLvmL+ExFJ}U3~<W8Wbr%yEY|7@w-U^UY1$VC-1YQa+WS)
z*t<PtotcnOFJMd9XK|^Fi^Xb);V~j1>SEx}gH+m$>Tx+<b`Er7N4*7%+6Xew=l+zm
zJT~WQ6|>w_NURu7hy0M57OhdAHUXwmz$<>+dLC&aOjP^+bUAopNImCdirQ5I0UEdw
zi3k7Pu!P$zmHPlT>fO_OmiN2Ha8g;L!4q<Faspipg9lhI)XYXSj*g8f@}&WT{c}Ju
zi^9Nx%@s0@KK{^`%?Y@ZfrTUTZ9;79=>u7JcOjl$RCRi&v^amBQe$pcAeXtNu1*Lv
zqcPw`egh}0TVMGt9V=ocmJv`6P~A|Ac@5f2oN5ez)l1mk0{L;HIcRJK6;(nOf>1<&
z<Vc2EPROY3<X+f*pO3pV$t8g#UI$oT0gI*(zY&}RX!ElSC6~4C%Zk&YFBQcK&l(#W
za|OApNce^nSZ8SE7Z$R>=AJu8Q53Wfbil+O)(urv_@TX@v`KyesQvQz7Eo@DkWP}2
zI1sdl&C7Y|^~e{HkC1cV>W`aQSTKxatiLYp`{aK2R0CIZNsn?JvG8J+lwR7!B4#S2
z5|_Zy{V*mFG-g{|%YDE)?DdTWNmY)k|LFh~FP_~32x`O{lETOG1sD2x3lxkHWl+W+
zbw}xxh{Hmr^%7aG%xS=yFvKis;;#xl&En@}*^gj{3NWmtENUvHmb1dbf}C0Yyr(87
zDk04|f|HGqg8N9U+e2#};>U9>Yx$LvTqb>NMF+J(d#BdKJ=_<qnIQlDHjesi?F*Q=
z<J#3I?h_ZJ66t~z9G}|Lr~Y+nA4KBW_i;jk_9qb47Hi$_>@@S|0@n*p>G!UKA6-z<
z^#KM209#~keVVV>30wrwa<8E*0a;22*=vC2LZKh<qnQBr4)hQKV%>JgrviA=-p(#R
z9g4>~fnEZ79YSf%4`4cg9C_bH@Es*&t1hTe5v;#DFH8k|K6?P{sBdUU#^_sRP9Sf@
zSO&Rtba~b3<A|55Gz47xBY9GOfUOY>VVxC{ke~^-^xJBJ3LU5mr40??rb=c;$f~O1
zn)H-S&_zV_I-2L00Za+X{`>&_AtX(9+Tq@<7whZmFt%{*cdM&I4SHOHkc1x$z{d*h
zm$!bC#YKfAFcuUcL*xr0D;T6r!TN__c%r1n*+9Fq7qIK&4xYl0zvW&N)D&WQammi!
zKDq@v^9;)xEd`SD8ek#{OVCQ-;Md1Ma3C1Y<7XME3virj!53ECwtG(*Vz2=~U&R&@
znRc_!!i7-U-OZGJPIsKbfbmQePR~oMSsLB=-*#87uu#sfWT2}By;m@-tf&C<1xpMm
zs`r91i`aLKn0B#JLtRi(C4p;W`*IKVTWSrf6nB;G1a*>93@>Y3_6h54H*0e!RQdv?
z#zpw+ODVUZ??~M~6c6{r75E|R6M%&2H|6tPflIwKr6i&KUjVnq*iGZxbp7>3GQ@B%
zcD>s*+s?JSm&biTh^`~mzWV+DRQr#<GVn`HVJ#(gzl5^)&p?RX4=&RKpgsVq9zac3
z)YP<?Jb+U50BCLjeHie#yMP)AxB#x$*)b)k+=YZ0h(sTjp1HXcAa?*p#0vQ+tfu%<
z>skoC!A)MVbi>ja5vJxNUWhh{Wh6&lg_@1zl7>Q&WbBc2**!pe7hUH<CXoo`rk-DI
zM$#^PU2t(k?eE(N<FGo72J{8878ZGPnV!*U85#UWwN^mX(AL%_){g=Bh;LAQHFozr
zQGoOwv{Mi;X~cG4Da4`cC&C_I1J#O$i@PGi&c2E)tR}#0kEB3C_S6h)ZCNEk+W~R{
zOL<X5iZ>q(RA^S?myKsdk|sU??5<U`S%(rVWJ^5osEHp-*!*6->noPNCyyTf8Y+)O
zV#Hj}{syoq)MAom2&sXwqat}r7oHs3tVJ&uieYqym$z@zIvPs9qMzg55Ch5TCsk5X
zQp2TC<DeUWlyHbiR=oG?0PmOWUajoOW7t$o6l4uy2DQ!rzwDD`GOsAA72gsLrXtMP
z1geUZZ*JBMwZmCL+&C_42!Ql^Z_Wjq(Fvu3Dplgw1i;)VAoSt<S!0FvD(nF41DKtz
zO_l&Oz1ss+yr%oLZkm|IS)7BSx~iQQj4^P<Cqhtqb6&wQSMZ^`Fdpb8tL%WuXz+a+
zHA<O|F>x+`dpjY(?BZ>Vp@&@euG`4qp9D-Yq*M3gi_^*wW1EX9JLm2a?B9Z;1CT6L
zb@e{&yv2&jO1UpU>74fdV_k@bJhVh<_5Ns4Ib&jGCh7V@%+ZBPh9Ye}4Ck~#l~FKu
zMbQdUAAzqkGBN_O79f5Ye3FMg(j{gSG#yUA_7)D=2yjvZK?JzKln@uKm*$$Cn-hb6
zTkf(m)6@BeTsRs;Kj5g#9#|g~|JIP$C172E&MS&+`_%agS)}K6feaha%M%ov2(kUd
zUBK{I*MeW;h@Ej?<F0{`QItt-#QK+gmo6<*w4Z=Kw_+q0LN_}H0R4VR1lijySpEel
zD>N|3_`V>BgY1bBCo@!Z9Yjz^@uyhU0CZ(2I=e=y3Evs7gvK!tsi`e4M(0zF9F3MO
z0_W#?=XS&h+m)-(mOxCENQfNHQ-9;&w~w3qm21ff*qWy#g4U5G4uG{`(d3`AgerCe
zJ_!jE4&&kFE(FM*;PW*>lStzc!7GYp+O6k%NGfaH7G>iIAIjDNP<tr9uY;}B>hvIY
z%n<9<9Zv?111P9PD6``!nUxsTfQ~JMt-)VvB}*n87coHp1*KUjy;*j8=kcm69@11M
zWn@H%QJ`irx^@fRK^D}1nK7(OYrWHZ%lap%yMdH~tnXu5R1IN66ID4q%V`i>$NBEr
zd!J(b;*{y?;*Qug932JxrO$VcqeAD<vPU>sO62Kf>%2^e4B@PmqNWDfzzn0+V>JS6
z#7h<YrI4!Glj5mtK)^2`+i8HdD|V|ZD@=rScy+i-%gabc6(o2c^nV%95v71RlDSzl
z2g+t3kulM=yXvKDq`gQOtEP2BZLJ%WNdn~O1@!C$3sQ0UjxdJ16G=W>0@VZ{Yk{38
z^kTl34=3e9crpN|3UTY9sv;#PhgTy%6$;liE?-u%o>quyOVFA_vZ5oGDrr82tNM%?
z4p$pchajsz!S!(8W*j0hH-XMSF{^Li7Lpg|kI-K447MIN8czil^ru-uwqV|B%?u4W
zEy%Z<t)M-nVHRDS$!$|XQBnPM8#9mu<gGUc!L%fdrtgrqA{%Qo4uGoBT{ml4L0cVs
z-5BP4r;)Smd@s-bAnL>Ru%>%*idC4d&%G#kNQQh{v7jFc=8<Kx5CjD48<qcDI5JC}
zOga+Sv;{u_O9%q{_eb?CK^aLi6scr(=?w9AM%-~U^aBUNE3Q!8qZU!eig!A^S8R#J
z3|bUjyS4>Ez*5cJm?k;?`dTg{k`Xou4or8SZawgyme#2F8O(0g8axQ(^aL}`g=9}r
z7v@(`7n>9!YGtdv3F=cY<hQc<?(Amq8+TRkT+!i%u8YUS;_go~bsSzbhPVh$7>$Pl
z{V<>ByIr?aWvZV*WorW9NmHBhW?wJt5O`KbQ08ZB9Nh;^V3BV5Bt>dQcD4kdnZf^v
zip01Nj2N$*ubG0w0TpyBF7dyYBL)G!=nJ9>xt8^(oonW`8v-#<B7XqzsWaEzQP&ze
zFQ`Z`<r|72O~#|&5<eFf7C<dknRgh_@z;hnUGV?@34op=*A_&!bqZ2J($q9HDGo@g
zPHn$|h-yAgnM+?~Wo3yP9wk2@Ln=C*10W&^w>3Gr!4!ZKB_yrxsArI&wO)n(0(e6S
zV(r#VCR0;WNWOl6ZeO3PJw*YWRX?G36NI@6IkPC#36qdTw$N2e2cje5I`~-L++61X
zFgMaESrk?(WFaqzv%S3yLfGDV8@QKadu+(4^1r8yU*j$8G_X`87(YX2js7GUdlJIv
za6)|cD&E6ozSh|h`+XMfop;dJ7<p#EqC^#4%2IrBu|Q&Y&<r|4TA8(yuAI5Ul_)k4
zD~4;8VlOZ36e3nTE>%V5;hq@AQ9C=BqKJowC-hD*)~xCx{!+b+MBJMlxtE|jhIb00
z!C2U0thx)v1%&@*IrrjBK}!~T-)g$^8s}BO@zRh~VK^6{3HuqTw*4G$#~<$dn~so{
zU;1w3dWOib^2C2l2m67{G#y?$+amFrAPl_+O@-!n@3+L^=Yj!H2Wo}cDgzgo<(=Pr
z{ZLxYbmsi|ZxDTf%e;e^m#Fg)ZD|I-xrvSri&rxL>zmL^?iLtrLB!k7@=HHzH(nPb
z8=}Dt!%be*-25e!%|dOef(Wymw93RoF(BLj3cesy+^Ot52zD&U(zW&0+dqNIG<}~c
z(2eWBE0-7_pROpRD8ji#K}I(6%yKz=-9{2((hx9#3zi~X|2XdYus1`$9NXzw>Y&zp
zg4Q9D{$a0>P4B)uvrL2*xlTx*1q<%@c~C;g`{or|DKH23adS}84(M1~CcY{(($pj*
zb?33%N?V6|y2p)B@1VjUN(#`r{XIYdM<rrP`2Zb@7O9*xg+v4N$p9UA=Lz3wBQvwO
zglIoJrjYX6&;V!kLI4s@D)YW8sM==2y^AduYAhFw%DcAIaIGexu&WDH80ZGI$It`P
zUH|IyW)0lIG*nL%3_-7`{8{MTvogd>mLyQ!TeT;u(}pid7j2s|AxDjxK}E^gP1j3v
zwGa(?)1jbgYyB#iI@n)dxB?|<P+iXXs1|HC;67>bv;l*vW&?~4JL&3nr_^aSi_X@!
zaxg%$Yf>{QQ8y^6?>K$-UjEp7kmG6w|DoRG0Vp!Ktz-$?s{(oBhXW}7A?Ajfgk8wO
z7_NV`R9XZ|XCRK_H*LmuAEDLz0{WuBTcK38rVt6|wq}DaKX9=EU9`Hoio}IOoe2a_
zDxP-YSomV&i7DIxomqGfdE*574E#sX(v*075Y>p=m{)lT=x$@)Vf=zy(ik$Fr|j&!
z4oq4=4MWe!*ah4o05&D3q(lghK=W7f)d`7xh=fFvof-gXq40!mx?Z4<AhUri0EB$b
zN;I1%DM8O8$*bY7RIyM-Y&-<3fsVt<RU3I}h8qYSo1eM4xsDDgejzQ~ju``XCqOi{
zE(!<`UF-P`mGKP?4cd6&?j_b_fXW4)zxtn6Hc;Vm1)n`R>Nli#Y{1Yts&(zhJt3Fs
zF+!4l`3zj$gt>udk>zhp^WqgGzwE%12X|Ch=Z3G)B@osOLfgV-*OxKTvJO|z-5o(&
z=#4?}##p0H+;Cr1`2zPw`BEV$S2@!G0X30EwF3oZvLKRaWT&KRTu&-nEGoPV%o{9H
zkL$pv*&6nHoTOuF8tc<7S!3QoL5X>_5XVe>$v{qpm;blgu(Y5!P&RFJ=`n@MUUF|6
z{+W+Pm0<QT3!Rz-H=p@VHB_poyoiOk>l$aZNE{h^a!4$3K&pYdq$Un?ac<CM&Uq=4
z<Xezf-n~xOjQRK2;J;E5X;szLufP>#+X06V$qxX9q2TQDNl87duipWu9o9pDmpAPr
z8pPBfktdhef(lv{6tB!8@Gx0(XfrI4&p=Et-li6lKK4By7uOuLu5oqcA68bdn(F!$
zIV-dWS5Gc{T`Vsx!$(1H2~`VUf@|8|E;0QQgh;b4K|w(QLQ?lYZeRnMIws`QLuQ;6
zrhwf>_VPIUE@P8badWdl-WAzk2)w}IgU}w~48-G7va@-rS;(XfJUturWbVCOJwGzg
z-(Nr>fh2R$lYcr92{Zt^bheh&p(=>h;!d$P!G~aROaTtx9xpC)ChId4(&tSFT9Ota
zc&#~vaNv#>5)M@7#u|-hT<L?v`|<_p@Yx`C^Nq@g!`P+Rid-<&(GZiRAzu4UgnXW{
z+y*$G3Qv={+5}qx`41N!R?3$Mk)`Y&6IM!0>$c8Lf1oohW2Znm=ZX-;fXJm5eg5^<
zZYyi31<9hI>R}s{9Yn`%9dNr4>bXbCE`3SJ){*{~4Ecy+^zU8949wVAUHsGcYZJ$;
zCfz6_6Nc=8tv|w~^;J@MPvO&A)~?B@owZL;d5`S#$xBRu`V9XquCcwneZ6xQWHRN`
z`cQ-(G92_=7(eiqRlbjUPxI(XaxeJrF@F{v)oErj)B9iGS|q7gVnob{b*0oI@IgoM
z^RZ4bx`AZ=N0{5}Dle)Jt}?QSO4P=+E0aA&$7jJ)(vv}Na+7bD#0}dK8%`BP(Lki>
z$(ZdkJ-~*1jaUqck1Uq5*IcGjFmd^m%nK0^_A|NikG1IUN2%dT#PyZ|P?4-#c~piu
zgf;0~Zqaoc;|it_p2=&}B+@F}_(|bp4HVLW#fA8%tw`Avq}z9?yF;qd{I_+b<=*ZT
z2)a_gfas&0r(lTdT1n%g8hUC3$sG;lZ$aWiGcz;7c5^a?WYV$1pHa|Gd6X33Z+2(L
zy)+|H$>bo;eAQbeu25!UffnMVOFCLq1%+_fcF{scbk>#`7Pz)F)&_C;C>4WYZ@5U<
zh9&dy+u0QVb*}uKPsy_-JQX=UQWALMb{9#w*^$xqRKM0v5<JQT>#^%pqh^8zFQZu*
z7|n>3#ajY~z6=by3S~d;r;HF6h;!x}FuEdu#L`tXQ5BgY;S&Rnukcu(<Lz0_d&If=
zSgQl{$rJsP)7#(FQP>wbpFTm%;P!=3o#e>)PC}WmlN||W_*oLggY9arkNc6Y-6V{y
z(tLu1NS?ff<41>oJ+sFn2L8mU3?}_PrjryUGFO1q2b++fq^2i%O!29eG0E(}T4Xsq
zIiQE?tx25rR*J32$MEDWfc^nOfi>td-+aZ&X?&8C`IEr>gSF(U%jA4pJB8{6s1P}?
z1+$UB4!(1aX<vH>A0aUwRP$SyhZDVxaC{563=&yoC6s$6^<7UmsaUS9Ejo*yB-lwE
zh3`q1F&iQwMX#vlkx&!lYI?-IeJFVNc0e6;^sHr2DmEW~2TUVL_x+5`k2^RK*vB)=
z#fH~JrIC8g-H|dYzLs41gqHO=yyup+o#oN1;BBUH+VPNE7yd4i`pf*{Jh7A9Ka%pu
zsJ?HjvY&J{|Mj@5T}R6@B$WNFcMvA#Dx@e1B`||;rqsWB@7c+P9pBnC(P35B7A4LL
zuj4%yd<P514~qihJ^XVsRtUN2Cja^ipsX!aMcI^!Uja138kUrRe{s|<F!S;``C|~y
zp{YN9yC+j^|C8U<c&W1hDGD|s4n0{ncG!nw$B-WT>UMqCMsKm`A2<9M!GeWq+PV3$
zUGT)4OhraR0b&y)aV%w9bjPm&jL3tC6QBZeP5$)MU$Z|+d;j4r1KxyB8UJpJ{;#1N
zJvSNLO(F23gJ1n*E$qPU`O{husLSxqUu}l^ZO_LE^c`bk?<_Hnh2eobWiUV@*w+C>
zhy-Xf-uTxVN@|*h==G4yTHQc4|MmXR=l;WZZd?B^=m=y*4>jb`tDN3h#b*98r{u^S
zL}0|PSm2EY{N8&9^a3e0biPHu%$CGYRx@2XV-J0p2z>J+e@*!U*3ojec|zTOHw_rd
z*Fcol4*t)cX5smWqK(bJz9~YmhR1d3KR059)TgzNmuJBXZZtoDY!fK>CccjqP!430
zKP5bwEBbNB;3&wHbd#|8*8FQPYmaD2GgNiabLR@%fDVlj8uJ0^mE$wcACGWPHYB?A
zQ~)#58vN&6+4b|&XlQ7NRn*i%EugAo=qlfd+>vsfy>~S7BtrCmeanV|06xZ|V`O9m
z^u;D7zB{~38!!HCipYG~KNiO+K5_%K&g21jp#A;*5WJ6&+W^kFL+Dy@`WnkP*3oB+
z(SrFbzIvNyH4Y$F-F+XOyf?#<W}NaLkDUB$Xj~*;Apa*MM*k@W=f3_eeTrO#Q>&4X
z2S0vKZs^gc{_Q<TrTM=E9Qh`hBS@SC@!XPq;InX?<6X+d*Ff73Ig-Yc6AhXMnWmDJ
zpw7nJJr>>f(#P`lVB4*Ua4Kr_$_408RF|+=BN2FfAe`9${J2j}GjRjO@%OIb*dbLC
z5;Um%pXc8A?dd;>TQQt__6OmA9sK|D*uM@weB=LTUH;ct{_DZd_~XHkbUGP9v;0)h
zqhqAqzw1B>o7uu+DdG#}{d~L)f35DZEPDzwJ@H5V)804MMOGF!ok)P{e|zlYfuSJY
zBM8esL<nAUh_FS%b&*?f=6{Su_P<HbpzuG>+$0T=;f7%R$q4>*5Dw4Eg6xRN@pK#6
zlkER#GESCK6B9P`za5tJMv4=if!xbKJ@zkQhHoI<qd%OvL)7YDQv5&0@_z~MKLo~P
zdC{4^^u$3~ApOsyhBTg__@j(tkA=G#y?%uAc(YDa%gItAHxnm~5#nzDP^psx4Am*K
z$9r_Nmw$Tf<N;1J_y#hV`=77jU%n9ej_5B9{y)ZY^xPkX_a6eI;v#AG03mWR0@Fe#
zY0IN&{iUlxZZaP`;R(4+9ETY*z;OM;zW&>02JamCdWR|Xv7RI2yfBB*pEUXVUjFg1
z;|Jc`!8eeJ4{#a(`5Jrwcc1>H@&CtI{^9TZoACZaV8F6edSxk|3{eefWB*fbAOg>P
zh3{Cn7fAo}n4K);;bv;x9whfV20br`A8B|MTEA9R6TH9g<)0q=mmz>}ApO)oye94=
zUEZaWv--cr@_z~MKLqB;mYjIX*ZyFpka7dSyuK=hV?||(3d;W<%k}ro{G+GiWJ_eI
z;_{dEhQ0jbV<!)!o`P@u$tQpYQ~w5){U2lbzl8T60s{_m^{h3G`!_e79cMmw^YnFT
zt;Hz$h9EXo>f<s2<ueoDHvFeBJy~uH&uZ$FGV9)T3r1G#Xnf0fV}Wv_G>|6ZpNH|n
zjvLNWw?u($DJu(i3f_q*BDL@zPs>7VBwo~6HDI>l<>3)NP13_nx=Qx<5B%9wu@Yro
zIF_34c>i6xR9{#$mjvK#KVj1TX?&%6n_l6zS~3!-T|D!jr!MvD>LQN>LgkUuA(p%E
z@}C}ATAXAUmsnop0V=M19zH(N8^|FO9Go~I4>12zv4KsRkx*y-0M&X~ckh~(rrx<@
ztfK>=g1dQn;5S<6>3J^o;gF$lMT?P^P{f=lDb@e$_<9o=T3Eb-NGF78A(NQ&3Lxju
z(h&lNT3T9`mX-jWK5YCLZ&MbMg35D}js4S>!C@vI8XYwUP&`CxneG8<V)r9AMS5nY
zp}xNTl`F20&VibGV#6Ia!y)Sby`!KeEiH)_frF|5*u#LI?EJ-xfCxsmgD)sRBDH~{
z5{W3n9vU0t=jN9Ars~Di^8fQ%3@2?pz3K6BlsyrEus~uKXxQ>6ii?YZr-0wM9vye3
z_;*K4czAdjd(E9=CpxSVsZ{=p@?p9IOpt)g9~ZHUkR0+tlFnY-vxB+f;NXB?4j~o@
z@*uGoTwK!WrzQRmH3eppf6u26@RW30H~q}aUI58HP*-#S*s@3|5wcaoH%!F<!7O9x
zRP$!?L>nOQPyaZ{so<vr4p`Pa-yCHRoj!aDg2lz9r5S4iuXvz+@#v@moiWUCRRTg_
z83O}~dYX`r44?IiLP~YmEi@;`mgfbi1#=!A9y>cbadCvPVw=Rl)%~rIPJlK#fHG!p
z1FsDGeN+}9@3tFrNYUt(=a2>ire>ZqXGZ0jRNoZZHkrVp0N7C5%naGv%iW7vr~2Tw
zO;f^e**zV$kdzcsZnVb7EuOqk#4C1LMJ4!Ch;y*Hr=j9u&6DidDYC`+pwjy1TS+cr
z!<MH3ff+9;fPZ6)0bex%C1x9#LV!$r@afa@5sTr|hyJ>sqM7tu>)q^Z;>Y}nw*Zt2
zsaqr;IB)~_wPT~?8@7vOIiE@?H#_jKiT-Uzk+2Zkq?scPCHRA~?N<A3D7b400t9LS
z0a7XX?J#jWw$iDD!zF1%9TcTwKCQqlTL)e4HaE7bPDij7H9X%!vJ!p@Pf6oNE}W;l
zI%U#(!rqB14G^s5vwYMEsCR}iRGm#0n{x!_kc-uZ>m5M;0NJ!`R9NI!7suJ$7mvY4
z(wccHI}%S6<_JXtB^@5}XOYXxTud%qBA%;B2UBvxb;^Pk#&_?YX``o9mam-QvAo>9
z2G?68Ne7qOQI#`2@!oTCmboSN1lF7WpMek-t&E0_8KrnOoRvVO6XMHNRU`fp8!LAN
zcrw;63Is(J=b&ww#*{%O<4$I#L&Lm$O+Eo~Cd88x`K5G(SjEhJ<c&;Z&jEb{IFI;E
zLcFlTy>F)S$Z8G94nc;LcK%Qhf}|^3$Nbeu+~-$mX=%R!^Z_zJKuobR{2>v$9tMCG
zN*b)OciZ~*?b|Xk!D0<S$|3ovgv;^rwOouX>S|bRC_(G(mBq&-7`%lX0Te<p1-=uJ
zGD|X59C(JhHUV_$(%%6zO{0SR;$Az-DWJOh08~)lp){j3@=2hyu)dyN+S>1`^>yby
z=6fse`Is2^hsYZR&gAtdOZZFzBr5cCRaMo`pZ=9IxOFxS^KN}sN1qaR%b_nThekYr
zBZc$8)v&pF)rU3gGE&@p*dCOZ<H&`&BJpY+H?R5nwhQ446dzLFE{N|irT?_oWSH)?
zU?eARf_`PNw{j>bLl2{(HgJ?0vCV@cG}ocQ!0<586uFx_G4M+1R9%{3&lwN&(Dt{G
z4rG5AfuRDq6VMh=R|E$V6o#N4fRAqrAMS+5x%^yzRPKnPC_#B#TwLL^XK&oN@kO1H
z>g|HmcqZWPi1Ue)h~ufLfn#nHcv@OvaB<GaC31S5mYHe0JfN5;cFwo2z#6Ot(B((+
zZj&+N38Sou@}shlTea2KlO}g|cEW_$aD$YgEGi-C@}9(CI&U#b4p4EJ)k3GtfxbRy
zFd+uesxP{_x{&$TVmajd2+KK*&3TVb%2$My747lb+8X4rzkmM@JN3p<4_V8L?Q~wc
z@jII?7D*a1AkwQck!-R>tR^EP1Bu9eUq~V0{)$ZiEeTas`pD;*S90|7!a*9Kym0Tw
zJAk<`w?MiX^MU=z`vy~uUrCPyLCqp;Gg)YFvS;}W;lwKuqCJcuj6L?(w;P{t4cvWn
zw6F8QZadL(2R%J+-@c8Az})+?0py~9jVwRZF_U$~;mgxPDGQ7g9WQUgxrEdrAfc3X
z{66p>-a3ECOy`|nTI|(+HDY37vj61=p8|4EJbCcbmk(a+Ulq-U%Wg3nj9)<DvcGBJ
z(BW5=Hw2~3_AMoHVKX7X_GEN4-3<9_Nnb-3TX%W~KZqH@=vCF!An!QB`L6%zvBHaI
zMtSHaMkkhiDTt4u8l)6zYmsZxHs=V@$?M$1mh@geiie*V!_`Z@ob7e>9BqOa)H<kK
zzWj7_RJ7u-jIxook8&mcH(UGHmiB~@lDax1+!w?HRFc?Zs{8@AL$Q)I!J1Bc=}PIu
z#lU~@=t8q}iI;$Y0GgiwnPHhE0)ylV!(mnHp!oQ2vo#<LAdD;m5p8SRgPs~Nu?rw<
z$y?z@ha1iOuehg;SXt*u5hdwg7kD8$J&R+P%p>|Q+eJmlBS5$R@$1P?hEB@=(vd$o
zw&!hqfBACwSm~616?L}R{oB7ETUIlhpC1-O?55-z)I^!N_;O@YZ;bll$~G92ZT%4F
z?nLlqU9+glU!He-j?rKk^+b}@@x8Ltl*0&)fy`xO1=--96-=O&je%c;`P7frtE(nO
zm=4W8d_P<4{BS-zbW!<4H(`ibLjkSp0umbqM1KJg^>9}XmMn=Vzj{UL7~FqZuufM|
zXq<bqoF)s(SMP-ztfyD#D0_-JD=<H$BV4_@qw7{)%CTBssOAu|rCz%sLst0yAcdhx
zGQZPfukOIa&3fG*Bhf}t>l|bTU$z)M&<npfGfH?N!{~;@LK>p9N~5ADdLmZ-uwXtG
zxwhY5A}}5<hSb(|<To@1(49)=7$rreX_4Dr`_Y9c&vBT-xkhHDp{2H_i-(50u|I4W
zl(kDOY0}wx%7&bU^hT`h!|Fz+Q*|`iX_LP_xu^nVrw=k5*?g?4IFLffkD1wvu)iUm
zt*6l-VXxoMuU~ZSZQ;X4qj;VBU$h)<MK^j1-0`RjDNV(9$haIx;cMslQQa-}w%7Q$
zjm1{8@puIEQMq!XLU-6lwryC%JF6O}ps#A!TA$#Y{<Ao)Ql-)$<mu-_xar+mgsSSd
zqV8)9)tL7yX3$tPzH&s$dE+_xwR8BVIoET$JpBDlkSKZlrp!i0L9Pj@2wQ|NpQLZ&
zEqAo+Zv6A_X)3k7Sr>Bn*SLWkrZxKutHGS|FJa-s%40LKpFjB&%pIh0#Pn<%B(8a<
z&(n+UGuFpl8fr6Z;@2-FHWRIw=O*Oz#&Mqr<-h1T?|`Wh;4dy+p4H<&T*=<!8uu))
z=jYuLrB7TOrwWI0-<QNA-s-LLD<wa%DBQdmN28y;>(F{6xF+$7WuJNv82HUS)-<8$
zIQ&6pfw2?O(DIAfs_cAfv*AT&S7+DS`3(`GCz%Sew3rV*GfZxrK^PY&bWnH@G4%8M
z5=U=1_WHZTPF#K9JxAkt-X`^}&vd5VjhpXn@MZ1>S`OMA7I+rEfi)|VdB&cNDpxh(
ze7&k%x0%Df>5NN5eS4LGzP&E_IYT~qRP;Ne<ut!2tms&8i1($JGLF9aFe7|#XEHCy
zBUh>ROb4Q2B9@kh?op_c5DszYjHZ6c(}v&I#&s*oM<(Xh8l8!L#6~_TrO7^?UN~}k
zi`{wamx(ferV~~uezup<u|D6jpm#bAZ`a^j!?uxOd_$Y&eBI;o?UKj|MzLRR^ZGFE
zX%Mi=969nvdvgh^gy-5<%*@jdT?|GEG`wyqg(940?p3%<N+vo;nvsfhWeLR193IR5
z?xzg=SJy=s5E`0ypS*YMJ?H9OQGvOoK;pGe+qV0rLN`HT%O%F7OqBE&kZ-X(t$yEi
zg|0xEn9fz^;OyOw*H4t4tQ`%;d}|a1T+1%1ed4+jfqOs0W#)Hr)SZhZIro`^?$U}7
zQTo2{96(^Ws~=wIJswdd;0pZQSd?|2;9gk%#DD+mT1JzK@q>z?ipr2FP5tt&fX``P
zb2=%+BlTK$PubuEd?VI=hy8BcurQ=ERH-hO*6N^9hm%fGPQRjj!T7rFSKptNo}8H<
z7JGXgKk#84MjQs&dp|PpYxK{hKd3G*sKaqCEz~ZdtSIzNH-C^YQ*KMZgQ!Sg7OAlP
zVxp=Ts(O9*nNX3o{d2tpQ?cqu$;#ntBC-~tB)IEMwgp>~vU%pT6Ky}-xD&G`S5hmg
zjDOs44Q;6JF)7PQUqHC*pEVng(-@v84k!;kjOjt8HB3=nb#DT}emPgpL|ofg(o7?M
z7-Qb6w{-GM&U-JOsp=FO{i~s>j#}ljHRJf1JJ@w;tTAfOOe}rmtu-u-MVX%!E{mIX
zaXluhjH%RqoGn5^YpHXy_e%I|y)&M*ce_t(<7>1d)!wG}{WYSb3uAZz*oi!++ovgq
z?mrfg+#h?~_K{z}$Hjhv)@ACoQRer7_OSD_rJZd&ALG+Yu2+@$UQ>8U`()#%yT6zH
z%##hxuGU8*_yR5kyXjsf0yR?Q;a==DRieEvE{)5T8>*%Z7M3^mMFYPc_$Pkk6$rRK
zF;TYZyJlYLT-B1nW%%IhHw#|XhSHYoCdSNZNwWpKjw7KSJB`p@41X<U=8(5YN|dQP
ze{GnVNMh@PfzY*pO;a`7R~DJu`w=4trn&nyt9NRuL*&IXue3Hk&VFWK_^7`0XSygk
zpZKHZ_NAtDlW{#8wS+SjuZ%1{>j$(3Ef2>S&XPZ>6<*znFRu}J4rKkN-VPMjZ@;`Y
z^mOcUj1CliI!n!&`S#UO1b+L%??58MB95+2Lj7eeg?Q(Mg|K@B2cPyY1-N}?jlF)$
zbK6VK!TiEcgiB;s;LCC9X9O1hFIhKg0vvyc5`EawZQWUXii!WL@#CkhD{JTdD;b)1
z8QYC}g9>Q7=#uJvx|8_$#0lv-w<;npes<hlig01vf8hXnZLt)~@R!7Q1jh4}ipH9l
zbI<9>7tVTV+E==s1IGr<?8wkQ=mA~r&JD7%wCJ%WklFHl7pqmXZMsTh$UA;-t<>*z
zyVH2&`9z~zTc5%W@l8BN5vEe|NF`7b9D0#f&`t>t(JgbK+V|EE(WEGg#f3=k@3{BO
zmkp)9ewsbQXnyX~BK3KKySEW&H3x2kXHpFr`CWC$3AY>~$8NR0$T=QGCi*46R;Gv9
zBJb^IERD3@=u9=g3pnq#_$74KT=dqnRk=$a8C#ny#})a|KdfEal|JZk55QvoLZ7yI
zfBc5BM@#-Rf6oDdd1&evx5m2^q{Qu5xi~%BVmArW+@_c3Sj9?|+)^Ib8EUE4^xWRO
zB-_=)%|~QN@cZZN4-VefhFY6iqT`RMojV@lIvf39t@&NFNNj!Z#Z89&2#cCS6j9WR
z*X7q*Ywz;ZO}x=Nw|)Jt`K;nEg8S^F&KhZ7z7{mN(l>r@m!ajSZ4BuCB;ZSMan4(-
zFtX4QG4A5#k+@j?5>?j^z2qDISW=J}DrrZevRsmG@i*L|&C@9pzb0B=B@TS0CVS@X
z=HJDPgZ(R#gGKqpS^SIZhEmZ(bb^xm+2d%>u(n#A=63EfW(j)Px)zxK(72~~-}&Y_
zarz{E0x=2tb7rWm_;L1MdyTY^zM&cZ&yS1F%@@o@2`cu|bmmnxzBjI9<m;nheWW4I
z8b8BT;^%1AQcD%~0a_y|u6)JjT|39p@jNQdl{H~+d5(Q8i(TwFsjnFx^SlYRRB3n;
zzS>+}P%XYxF{>wmD55TC+}2#KUMk^KkFmL|F#OGY$2{~=Ara-RO`5EEQNf4dN>K~6
z3|Z}tfpx!y_3rD>oEM$px!)35Is3^?=8Ucj(#_=?IF>%b%&(ut$9yv@o9AcpeOk>b
z2CEGe%NYqxeV6mE8RB1@c5u_F>COqVCN{i1ZTQYF%&0zYFoX>cdkhC#>J^_zi;I!#
zv!vxHZ=B%|q$#1E;w%{NlPshV319F>*GN)c@o_b6M5Wc>mix**GVP*zy!nB32Q%!g
zIdz)n%W?D9x2%4z#HV9uxH9lNgnm7vnjj%hr&%fYS$6-X2Q?l5l*5u@gS({6G?i}H
zraD*YHj|bJr~7)pE8hq`|CQRe)_ZW<)ta+ie#Mw2k<}CD(ga^?yQy*;yW~q@;RRvg
zS%Jrcx72RwWR9otTdSNZASESf59jbCiv37JQ5oqNmS?T)8})%cZ|)3Bo%bz}R0l_!
z#M)blta0e_{`!pkpQxy9qa`PMZC}@3?%Mt|eVH(a$J42+XgZ%}OXJIU-_oM2eBceG
z+@thPvHqd8`>^QIzWb5$oMV^CR)t6FI!(Hoq}dt5%8vx5-oM@iWD=-s2o;x^x;<cT
zohDtp9N?9w6veLL8_xC>S7V(#@5KdPYNbBE2=*`d;tQ<1WpsY%oQ3!aTrWP?g#`%-
zWoRdzkK`kXYz!J4<l0(0>qxNY`iq55=uXe-!`}6MEJ|}x$*=8L1{yCMN3YM`HmRG4
zR=7U-!qkY;A%4nu+3lQ2N7a!A%0vnDYt1$vZPL_#p1-b^KCHFAl}r9C;_8ODNVDG>
zj+#*$dwrkqP8d7<S<=f)8sIO`&ltpivL+T7u8niby4+lDs>6j@pJ*sM3|FcmfKy1U
z+0RWx_URigDZ1V|Z)N|FNqrO%4A$G`ioT-0?ufFvjL26c9n}FVq2X9OJ7x<l^0aBA
zucq^T>eu5ly|Wnjx3<cT2KO%d$UACYKTkvn7s6_u5+1s0=ew2VicVddolCX*A8HAn
z5s6O+-nuFM<~{!+q1vqn_I9QB;p7YQR4bKn<m`uWd?8R<r_7rakZik7g{s-aI_YKa
z)oAD@`!qkywP!mcib~Bcjs0g51q-36B12tVbdw~*b!zgh3%8KoFvr=(YSXZW%Z_{9
zi$l*O8*eYYEk)gmCmxQmcb{)!{5m0-D9Ug6U}|Q~ZK&qVez%dv@$vsvx_8CCW`N<k
z;g?lad+skE9Q2=Id|VS3d1R_w$KE(Xs%=Mo=X&%=OBkgWPPKe(7<1lM4ROXZzTz?^
zH}|LcOL;vCzFceMInWm1*3GBgwo+(kiG2w!Psv*GBm{(d>?aI<Aq+rG^owNZdCX^R
z5pVH=IC*MkoO5$<CUNXeU>V0{?vcRIkYQKPZ*JVm{QCF*?s0-c?e1ahMP%4E<+bpk
z-sXZpV<oxvdI!SL^1{{YT_n^QZ*()XH8KV<)xP6gR+xxj=IwCMx_OUeo>=c!Na8o5
zv5$-?&jq-M+&^QV!nB{cAXxeBQ_cq&@r)!oHOFRlHZ{DcFvb@7w_d>!af4sz;gU4C
z7{)%bz&<%~wraDUB--#&r|(Y+mtfsg-En<>!y-we`(v#wbk$dE?>rPVNJZXcDA5l5
zTCdJjv<;N6pGg~bFaLH^&z!Nb=vmVD4>I8yNu+AG^4OQM*jW&yw|SYq%S(S!QFBXX
zFYdlxz{Rwy*OIj3D&}0!XzHlq&6l&rkn>tftj6!tHbc+6uUKj1=BtA6hjOu<a!=o&
zejG>BK=*6BRVU|Y{Y36#()UV6W5JJF2=|g<k**BHEBu*~y>|awt=UHik})ErgQLt1
zW|Md``>aB`xV~{iMY-X+e5%RqzOM%%6y~SDJKcLzlrirAWKH79ptG7|9SG%<q-T6w
zEkB}O<n`=5l*MIZa?MjUlTBnAZ20L)!fwv0hQ^|K6GxyfjNDZAvLkcxVAL(FrxXIt
z*b0p6d_^?viez7j655w0`j?vxRxdO;v}TJiW8BeyfMFQ=yH;}glX1;yTTx`Z!9(a%
zS7c?K!Msa)QQd4gE}ipaa|JD$_bxr%^Rrw6Ol+@7^Q@yKoulJE(&WvtvK1+Pa`$N|
zyBEUF_KeiHEP$KT+OELfF4*2Kk0F6Jp*hM^O}>I5h21k+a+Y2A`2{1EdVh?q>v0V6
z&DLwQWH-LB;=N^PeoF=R`7T{jujP&#_hJ4nY1T%Jr}I-sB;H-IkcRhhksEpq6;*~B
zoY^xwYZV8Sl0Pc)y&lRE8Tab&*=m|7<~4@B^@$2Qho3RdtEOBr+ww_7!&gC;AO`co
z=}V{E<3^@Yiw%u#x740~iHP-+PkS>b+Bis>b{%JAi`4ARnH4Xbu`iChESPGJ!R(zQ
z!tIhw!VQ-PKLjU^-M;SPo~L`mMbrfqufD?MM`7XDeZI`8lI$j|4u4CY0q4Uzpv{}>
z;IE3F<MAu<5ShK8r`?d<*|a{;og0Ap_#6J{CQZhSsN@6FTRMqRt$B;?QV1PiChZ?v
zy;pyI!xi{FL7MT>-mcnSFTvh3!(KhZ-m}`?^ASZ7>FsG!ir4HS6a_BI{?C%;stY39
z!xX%5)EdJ|j97MwGv?Vv9-1nvwv5Z~cDl&xJR59vO%?)O#m9QK@tbfM1T)0eyPjvw
zfC+lTYDlzi_sZI@S|>gG^pjVcwLJHoo1=MWrOX!2NG4%NSMeR9Jxmgis`EA6_U0F=
zw>)KRxE<0xa^b0FoBJj-x<00ZFDezQK2m#(lV;md=Q>1>G=<S$ifnJ~E@IeeWRwbv
znF>rb!6W7?Sa{0n+*UySQf|sGte9mNUy<!4X^taKbVHZ|mb{{OeAEY;JSyT82I7=?
zDG_q_V#j?RVd{b(Wnm1gr+MWH+ws-bDAH!nvQ;{8EevmvdcGjdD)Olx3qxsnGXa~}
zXJ^vO%!Jnw;jl}zaHAh_W8j*2^2YRSHSKS1Gw+vhdlJ%T9;pGFE>f&jK7G6Uwr=Kv
zna0ig2xt9@=@O1>QURm2Xy%dkjaf+flDCsCJPZ}yN9X*8uM$C3AI8`a=ETf2Eue&5
z71UkyOR+>o+*pyWUjB*~b-*O4Z@r7-@0q~S4?BbR4HM=9<&>``UfTNkD$CZ8XwUym
zQtnH}?}g8ziUJO@op3I%ljj8LYxQ(T7G1}U?sC_gUF}ig^%iL5xA{S^SeMbYIZJ0<
zz%3khV|P)9!7p;a;`d<6eB`z8?1g$4fhf0W8TENO+$R&oo5S;E*;h>n$?m9KxPO>+
zIohlm2L3cxgM=$TV-@MLXLU3?)I>#i4C{106B+*Q8Yj;r_|@oO<)1jXoKcIvCF2#i
zetI;X+`rJp?Y6X01-s5|H$e**5#FbyI^%qjHA+URuambk6Js`nJZn}TnLlKZ@_aeC
z`$UoM17+)S%s9OvW}t-C_@gt7V;w&7Gx5P~=OYFz8S8%R4@wzEvVCEsdB*u^DwyP+
z1<9iuR^MMe=_UMzmq0+3=SZD_+7NJHQhMQT{RF{#6+^_!(ze3RA3hTa3wEU@idVqP
z?z-yOJ43{KuePm9`e2a((j(c=Nj8=yUt<&ms3ot*AOo@@-=87E3FvA4Qj6vn;r4jn
zljvDGBEggTw)#QIU4)eE<d3+)4~$u_E{K``7+9jlczb_bbl2#cwG$d^;y3)nhPWs~
z?57(HK0HiiWroUE?iJi4pz7Rt_mtk(-vSX^IX!|{|ERWc?`P|};el$KlV_a$;JXaw
z$ZCSouFsbUE{|#p)M#J2&0^n;Fs-2yxjw!!oq4{T)1d76<LA6`wvF1inw}dJI5=(w
zDP@et)LT2z7Ic{D4;!OR=+^|=PQ-{repsw`iW#YB>)0G099Tj+)GL*O$SC4GV)d%d
zSB|T%9E*(uKT9_tN;c<S$EIg{x9&HOdu0;Lzr1lv_2Va0wW!}3(gMkD+HyCgm93?f
z^VlV4NU5(=Q@c=;UylxJe9|2D)(CaVPm#@X+sNY}>DRBwz^}g?QW<m1e!Rd8|J3WS
z9!_6P!f1bBHJx|nW6Z;)vEq;Tn!jewzL(>4I0*2XD)U*N{nYp2o4?0%-3yBR*S>G~
ziaI82mEPCwAdCi=cZRjTTbN7bvzybp_CboRk)pJbqBjDu3I~&>v6-}~hAV-q-Ct|H
z>03>1?R(FH-=#jh;U8{HCysGs)=Q)#%8xk6zSASGXD!b?i83|5xoNyIa9{m|xb}7t
zckH7?+2+ppeqI4a2FV>M7FFLcaxVh)kCYzYV`}aHUr}cs4|Vs({a?3aNrs9R8kLHy
zB|~9|u_Rf-nCxZW$<7#L8<i!6sUbqL3}YL+Atd{5kZnx%oh*Z4Jl}5j^E~tK_w|~2
z&G%gAoa_30-sd`sn`dn^aVSj(AL58JT!R%JugmuX*TX14iwJbNM4;|}`IvT2%UMK6
zRx78jCa!Nu{B+P!TUUYrL8xFAE?xJ|nI)E57bzF(mIB7x9B(+A4Q@Jqy}<P~SVxxn
zT^0M52ZW1$0}>KNqx1Uhli4Zt3kYSaoy!DjS=Lm__*Z!`-6SUm!%8D#oVQSEnG&(G
zdSl{(N5S4^7CFGK86|#0bD}`LK<^wi*Y(tD%_1e!l6xp%R;S-%;GLf)1Aojj@EBQE
z4%hwBLW2YAjZ8T1$MtA#Ru|}csD<vgE?H2RllC)ig1>qS910!%(a6Q|p6vBV<>-!M
zL19DiyDc+*4`jIY4s%r1^@D!CLywtcr@0I4rQaSA3paK@hN~%E2$WGMkW$P^2wwzQ
z#+q{mO#Y!spVEG;>6zQz{yE4ukQSRdEP2yNMHn)dy+5ABBnlg(`Wu~0w5@jLI!^iy
z-cY{$0c6I&QF}QP%EAeXS}9XS!yf|qE}JkRjBf~PQgoQ|q=XGR#(yW1+7osHR(nyV
z#KtRACVOBB?VP5e8`1sXpaDPT1z#-Go$}5xX3DQ!pf?2ttd=DF5;Dy>5)rQ6pzJmN
zyyc41sZMxfLb-VHkKvG_EG_&NmARD}C=;ozdRH16Gf}C)L1gA@^kzV<bJ|#GY2@+;
zc7!3Mm16AEm*cA7`FlWv-C=s*t5Fx;QhE;8LaH$-uVTM`EzsMzCp{@5sPBk!TLI-#
zpOq=}&5&4Vh;n_RUq|lbgWle+&`sr@o!AaKZ8qV%AE~Dq>wd7h=2&;BDBXCtEJgd)
z!k?~^@iNxq;v%r=Z>0PJbSoO1|NZs_*Mw(E8X_<D_QmxCb}oM&g9zf+BEL?AvL8);
z`pTj<;F5*?lv#U3)fPLQJhn;qabZo}n$8_ZCybck!TvLE*FcB6bDXD#Y^7%ex0jb0
zK=O4i_BC%ja<dQ+GX;n0nXXC<S`D?7nmL}v!>74;clP8lDs{K=JQ#m#<xG-yweHMg
z&0l7I+mZaHp(C@#Z$=t7>nq3AX1sa4zAm+lqnde_&;9xJ{ktX^6)@G{neb&m80Qgm
zwrC5B!~}WluATrD)VZ|OU@!rk#<)c5Y}wRk9=GPGEP-Zg=?C5yGJ^;Tw(aVr^5%@u
z(1T7U?g<HtCF=~T7gFSyxc|EO*SF!gP4cVF%w9;1)IV%8-oqk=<+OuN1VmWx_D;OW
z!Gzy1<2q=17pvuxrz8A^Wd0Lh8PGz&sfkqIwL{g>CXVX$KFobX@V(4#m36KImoCn|
zC^5)NoUy#h)Q?gAEN6tXS$-L?R={)WBz^&E)z1~z%b;fSEaIkNM5Yg)sq!%e_C)3r
zT3E9Cto|S*ee7%;FGpa7wv}hycjC~=!2Ny!pZo{-on(W!55H?=J+~o26M<9jGKSbR
zY9PD)YAMEUUmjk`)}bB=?B%AS4q~Y>O&H0W2!xFgmo?&ueuEZMC|VARsa=Q*lUHP7
zP~|%|(-!3ZI%a==*mzSC=)Uo|RQZ-;=QXhIS&o3dKl2+WD3uH$>|^)+o9oI31JVYV
zib&FINp4Mzj(9$9YG_Nk@Y?v@_4?P{t}P?xS&0I;RCHbqtu<5lY|Mq*34K=GFLMt4
z7JHBK_Ejevmeic<yr(Bp8h4(7WqPcA-Miz$p?t#Mj>+L$fk5YoAXjZLK0w3G3sZPm
z<CzVnXLy3Larh6&M8TrFJM}?fmag;tZ}fw$GFOF)*$7&?%jIMg>76C{;?|xxLsmfI
zbQBH|Tl>*}O5EVU(Miz>&%mHwh<k=+MNuaqb)Tr?$oF;kfDZS)>WT0EGYVxu5ut5w
zwdN?Sq65jAajl7Q8;NnRvFWGfx$dOPJa5T)MG^1^?JXxZOVw1?Z4~N$0Hsvf&l8M8
zLFQgTKSe{^Tml65$_n9Y%Xu*_20ZQqKH!hC^9o6rA2!p1$k+18Dyg;y>%HZ8u;gYj
zrz2C;@Pw?JIr-h!6B(NXvMyW4f9~Ziz%0vLThaum1Ygk5{KfY9Z1A-OB16eOPy@@E
zaDGZ`5dowNNveUJHT7;YO(Efz!1c7|FXKa}Ru9Pn)HM;kr4s!g!_%$@_6tWm*!>T^
za0Gi-)$dnVUKBXDI_e_Z2R;Wuck{{4Y)1$SgG?FyXZ{tcR~&RSrbu6cY)w$jbe>gN
z?|wbI-w)NOZV+K~T4`NWQTksy`DNqqE#f+$rWryYuor1@w=%yJVT*{;5CYJhb>>w%
zy*?Zf2Cnhz_$h#xS$UbwnA53nv2vX!c9r;hf-o9^7+-(h*V%}P9<`13&IQ%!C|oX{
zuALinZj*;+5A2L>b#K10cuWdAvqz3GvDs@M6ISw>_*1?WT(4Hem}yGaue8?DO+r?j
zV%N&}H(u-oJS9MgXJ(j4360^`!M(RpsZW-n65pD8#u1Dw^xi4t;B@Zi%*8$J$F4O#
zzk<mw#MRym2Bv26#fmAiN6d}ET*$A*uDYf`nz-?Ga~Z55jy+ZGuq~GX7n74M192hl
zPcWcq<CV0wryIm0>@ly{=Xa+}U0mifTDW7V{CudE7vIZbA02P1nzuQ)Lf*=3V%DKl
z1OZ*&!8`Je`|d$$E*Indn~167m&@G7>ap55(k8C0PBx%*E!C{_I#E(H2jsnmM3TC?
zJxFnvxgHeE0})a!SGf2yOBc_J>W~o0(RdVdQxe_%Z@1$gUrYQdVi=?TmM*1H2kEqP
zH2-M%9;ok-b-ire1Akh7`yX$Eocx;(KXwVYHFNS>N+&sRxh3?2ZrNvjq~n0F?10a8
zkO`8Cos_n)5K5947Tn$L=Ti;%SXiX9B8Je`D%dsX>7r9;|6I>F-brOZKcyB_1UB8Q
z?G(NWx?(}?{S%S};XqEl{C6WimBl1?o^)8-9e8LlLU>k6A?#mG+uN}nG?R5&@M;{S
zujh2eipSDSax@`}wLTz|&B?q`KI59J`4WaXL82pv?Y$q!rh4z+C|=PEx`^rDPJ=)r
zR>A+vhlsRFNaioK{Bz93TJ$Z*nV9l>h^D<xTt}Izt}V&SR3V2cwbz*NEaZ)q<_p@<
zFO`K$B@l<UpDjBCNa8C`-@buIg|Opxn;bWwd?PaJ6Pg(c9nik)9Rtb39X`jpyVFy3
zU9#Y;feDB0a;`yFg;a-2y%cieF_zos9_8G38qGj+&f0Jb&oaI~CCaG=3DN^3Lc7;=
z4<N%AzABmH<NMRPz7h(Ks&<&K=j<0wJfF?*m{^pxx{$!wop<~5#krBOuk6B*oye+d
zo~_ogBD<-!<suz$^~caU{CpMDw?oQW^|!#Z9U+J)Y<$lpZYFKT^pwgrdp9dH6ffI*
zJP47BwnzZGET7cXc>e0<Gn$6w_m(jiiXT)-Vjs=BEbCdHN*>*wO?i{h<d6kNjeIS;
zPqKYXtXUi8yA?1Z>Z^fCW5Qnyyl-K!{quS$@d<QSYcQB*aJc-*dGiD5l`4c^<<Q<H
z<EEU!IX^(+Fg;$9HiZ8Uz3rwOW0*k7h8vergVwW#O_8{q#1>_ZM-~N<mWXJfHEEIZ
zrE!`oQiSpvK6uIAK`&uMKfg7<JHbdFpE7|xoC;c5p?`m~)Zjz^Ju^)GO)9&!-5}+q
zvEH?G%6WI?^ljnxfkmV30UNIsOBN`@6is#34p<g@>#nFDZ;YNY7_{)!E#GoZMpM;k
zBc-$|iE3p)I7#q1b9;p|enP>D_I*-CA<zXix%Jf+fl(lSvm1CbzdnPm+bd^0<VP5(
z2KF9(s!4&p58QgvRmgHF!zN{yVrf6bsEWE5Fl8zpbl1k9_oGVL(Itfa>qo~2kASUl
z^ecdk$aI&VXK2vnB>4K4(UtIQ<BbU;TzxLeHsqdj3^1*&0Kr;v2JrXg_JfYN4tL+T
zWg+6}UMdsWT%SN4!^p#rO^L`s5O6Eln|JfZsjq2`@lh|{=F;VgHmcrDyHH(foz`cO
zS?3wW9cqwm3rVT!)gsqBCAP9>;xbOe?fYCi7T_YafEgH`$#k;WGxk33o!KwePx1h{
z>SlVw*}h@OuIEu9VIowX@4nrf7tGuI<ys6q$V_^&J{-ko*yA|=6C8&Y3DR8LSY~O5
zRUYz*E^anM5#!}`WTLus#H<NV#Z)nkdt7q9BnkGr3Vp+<p`T#;2dGhS$IISt1TYoe
zYRyvG*qK{TGj|S7{Nw`4HkQ|!N68j|I@RLd{%&eK#QjuE$I^w5!?ZXU3M@0cx!NsO
z?L+g5by?WP{DQ6~1)A=*)xyfXs>P>f@8Zp1F=rwlEpwF-)z)L$VI@eA{NT*1aTGde
zWGe3FA-Vv3$AV`40$oaVJEKmJ!~T~hjcpX5PbU&48@vnrD%yY=y7U#TD*91z)SIHH
zH%phXy--1%nvOrUN8GPMGHx1e`S6)PW-=Qb_Y}$(yDD?5^{nA@mV)B2;eSGwn4(0M
zppwL+FY)bs>eYYZ@{E->>#lry`Rg6*Q0W6Qrh~wyV8PN(U=yYde#j-G3>o-3sw|$h
zYGyoUVpq8DwvKlVx8AB!82K}YLZ!&Pir6YUaF-+Z2;A6dLnn49^msO8UXCBnaY)8H
zpxvc}FmQ;pBB$)KQL*L+3vZGWTx$Lf%rWSaCG@X``8%RW)1MLq!kpu&`c{HXC`*u)
z%(sTKTDVM5u&(I*%Xd6&V>vgV*JF(dL*J8>lspaz%f1GX-zen-e0{hnEQTqJuT)vp
zSXI@Ltj*RvIMK?bZ*j@J#&&q)RqV_Ti~I=Eu7OL@5E0$7;6<hI9YBs|Bl%I_U!L$`
zdM(USl*(<wlXEI8-khed9^2EHsOG)R8%LI&S0=xUH%@_itNchgp_saTxfq9-Ogq7O
zi9vO4o4LF6By7@psqZdq%-9qb>jhHmiEvw$H}APC*LXI?;*wvU?W5J;Ya0k?MZiH~
zu^c9s8-x*gvr6epHkl*V{LL=xZ_;<%Ah(S(9q>=Z1oRQF^)$!Ld|;EatFRrwwvrC?
z5RhBz=wDtKxhsj&cx3R<Ek+@RdAyPJhUaNvHfAUnhtaVG1}}J5JaH{+KP-9qg6HGY
z^#U}e3)`n#*X~}&8N1nF-aX0A4yO2xN6c(rd_V5kQe^h3lK78@f9#_ro{xRfcZfdE
zZKziz<G47|xpw+FPkgrbs}NalkzO?{T<@>ye+;kC|D5ZQEtHk3Ixs_6z&-<UJZI-!
zekK}eW4Z8`vHJs`r=R8n^pMPDG19cI7+Mc93fIeUaPfSQ#1k)*GtigO<*F)Hcl}RE
zt>te~O9|0fzVfguC1KN^r@I!pfydfc+{^ewo=V@y2lUa0c8?!E!X~nhb0rT!cYR|g
zErA8!|5O&0y>0%AXI^)t<)NCDDffFXYvrAUj1s08xj}JB9Bus|_?jOIroF||y>u=v
zGrTapmYLE_Q?=S*e=s6@12Cp_sb8jDUgex<>=$X&6K(8I^Ck?A|InshU9sEg<Wtjl
z2B^7dH?NPLjUQH6ev3l~9Sjbpci40`S~tGGpU0}vYt>J$8IAJlyJDtA#=JSs5i2kL
z6@naeyI5!PLb!2dIVL!4F_A7CmxPa&8xUT$!>o&FDA(>>h2My&9APlwG#m+CO>6Gv
z51UR!%wIMdfP5X6-HN(D!>^pOd?_&9XZN+)3l(N4>@=r;*!inhdx3|7eW`ua#p$Ng
zK(xbdm)&7wi#n|5*Fdb4!3E(N@o<_dOyvV^*hW;BJ!y8d*d8pFclLZS>=#x)<5vCO
z5$cm*QwzU<`Q8}rJT^lRRwFv#;ho!J=n}=8DJh6}oA-F+9x<Yz<m6gO*bhV18Kdj&
zqG{NyoNz_t<#vr%$+F29dBtFdMIOVxApM2l-YmD}b5Ge`l0*fy&tnjR%jaIEYb(E4
zTMsdNu?K~1`iD*XU-Sg!&mZ|Qu3)Y=#~Z3%FlzXXj0li<zMfZJ{<+0FS7;@ZgFUN6
z3uw{qK`b7HP!mrc=R8MKN46Eb)@_Ep)9xwW*~zycE*jfs8WG!<2}GZk-rydmLnfcc
z1oD_7b7y(jjG>Z8m%y}9$Xn6+o1$l~F^*u)H0lL}6<YCKlWaVzn+<&~{z7>p2)3@y
zckN{Ud1IwF2Ny%S`PrDC?5>8sO>`;{aW=4Khi6?*g2PLMyeys)q}?ucyH)<@0U3q<
zC$QtnUP)J*M7J5@cp+_R$O@AYo@)kK*?e+k^pQB^eoPc7vSWG2*Z%uQT}=sl1^MBI
z;0DGN*6Fc&jj)T?m}S~*gRNxvQ<W{wh!?Z<_Y+}mFEKjVdFPBclK5E(93PJ|%f>?0
zsABGdWhXxu0<plEIOzIg4xmBqEcEC8lPLu7R*AKW<^UCZ7jM)2$yMa|jLE;E95(N!
zX6MWq{H#P)+soY7vJS57W{~IeSq%K|X#jQ*C9(?kV@<RDkz>XwfK*ADmy#%0%AOKs
z_cK-F_KKG4?F;^s(O(^-zQLXtr-lk^i4TsPIzb6%Hf>-XgAGMqU*q5~9QLw$WezKE
z*<?mUGzC%9_TH8yq!4mHNWpvcE#Whrx%xRmzy$>TX?_*F|M|NAzB`KB)uB|dSQZ?4
zWI%K$*@4=Zz<AZHHfJ3^J}3HYp*Ehks#JTDf^Yl)^jvqj^qvJpa-QDcj<|QWT`w$|
z-&c_1o@aE6g2tU62|G+$VejN#`wHUjrRg{@hRt2`WNB9^3<ImJ+i8WUk;MWd<zDzn
zRwL(M(_h#F609HT(BqbKPKUjIvv6{>*v$8~`-`64mKk&*v6V9%KP8Ya@&tkT0YIDd
zpa>241AWbC2YHH4Gj?G5a{`&Ca(1?5{1DAIf9d0}rLRpn<pDD^VrGjM+i&SxWv!fk
z^L|;=wV!9*htIkfHc<+1N_L&Syv84PbC<P6#)3uGDQsQvp6BcPzwbR$+A&r-y!5=T
zDUG}?N)DQCOpw)Z+#+k|c|Znb+b=t*Jcc`xb>o2obOCV2&un_5ck)$^wa&zU%{3hQ
z^f#VT1QeLmL=Dn>U4jW{V{m=|%x`pQW`FPt<B)t6eS{N@XVIwhwyF>AnM(YwtfAxd
zmSKyesLklUI(btmio^fAEpuelp#C{Yt}XcdwWo$gtiR=96~@f6yX48<WaRohMTJfA
zE~@d5%SDgH#JEq=XK2f_Omp1_dH8`$t<mk&<(DIpAPkQCZF)Q$`2yQc?cV*LrOJP1
z<k3A7{F_?<VURrYct#RewB&)Wb+sr5T05cEyKtc(vrFfLtaZ*dkoe!@S(I<on$Ooy
zyr3ChZlG?nlgDK(5E`)*Buzz?`ZjWt9o1-w3X9~=4yi&l_)uRT)VTft^U_pSS7hC(
zzhaDFbP%e+*t15;s?*u0uE@?(HDSm2P20CaBMUfjJFJoA_J3Gn+JDSmcO&Twc8Nfh
zBgvitAw-P`GNqW$u3B!Wpq{9u)ubR2!%~62)!cStjLF?)og)rS^X=Z5egvN;0BzJ8
zM{m6y%XhrdJr(>ENsAs~Sh=y!dizjq^}~5$)LaoTQT^4sGko5<Z#m9is48d<rJa%w
zm~W$%o1&-<JgeCIC=d0_GC=@>|7GtX!()Q?7ZuC{nnM<Mh5Wy5WVDeq_FUXiKfz!o
z@99YSl+9WPO}%H@_!P>wF=G>tv|1>Q&8ym>crgz_Yi4;s`SlAkp_nrli@!F#XbP@(
zWMVT?c;53f@rtyWyw&Cmtjrfpk9FDNlG^gKb52DYP?2_~Wc1KhkT0rEZIIp93U;J6
z^m#iQGEH?eY>ydIC|<`Gf(BPQgvxV_vWjzVp>ti`ABK_~fq-QCSi4Md|8<;}|6kJ)
zFC%(Ce}w0hL#en>m4m5P^?1%7+`!^trUEGWAcIok!t<w9G*;|zXMI~5WE|9VRny$`
zTYDBaFYrnODZJPpQ^QAbr9JvO24I=RKZ;3WJT>*S;WY|G$71#=4rhEn2~`)-&Sx6b
z*ppw*K7KI%0v9M@QLoK+MZpoJsu(TgdPmNL-8NK@Buk*CjwF?m_g+m)aE~zjzkmcT
zg|O!dK;>u9JwKEf<uvZ?lwaWcRQ$lTZ&vSInZD+*$=f?G^;Uj#l7MAw>b|!IY1Ek0
z!N@xgiF~`V(y1v5a&<1-XIpbBrLnm>7i%>6lu7c}RFhua@lMjaK2h(K4Gm*S5+bJ%
zrSrc}e9=$nG@L7x!kuFBEZosk@NR4*<(aUr%>De__5XbffCN;RGil2uw$?nQDJA0u
zXB?c|?Zt1l<QlAr$sg1whEU5BG>4zbTWfTF%`c@7B5Y5)x)Ao*-a85jpX4;MQHi};
zIZ>Z6oXN80R7NbSS{#RD2{_;1rp%^G&#gwc;fKtaC^}LYAk-YaA<s>*@%ey$b(`rc
z_kRTKcR-UzXO#Uibo7!Ocz|`}9YJ<!%K$ETo1<=XlD<m`H!E*0$7?Oos~Z)>rW4^w
zhdl1Qa~I@t&9^3d$0}igAB0LBwR=dzaMP0ZMFPyJl0Y^uzK!@W`zu6M^}B;?S}`y4
z&#J#x*;mHM)P^LD8Q>IW{on-kt6#-pQv8l|zI!Gs7G4IwQsSUsnV%z)sebE+F<5T8
z8F324*f(3BfxI9+{jj-;pfj&8ki2+)D<1}jtx1h;HJ2{?_khP82DcJ-sLEBvf1xpr
z;J?t=jNL;wNolDE%Y!y*L>TEl0n?4B*3axyO3;NoCZ+T`=-8|X45S9F7rMO+RWlZ4
zA!+7*Qzt=g;}{&;Ph44+Fssc(0_-jI?mx$`Y41Ayw(G$PB}6FLq2U`IGVL@FSlJC<
z(%F_Gv1!7;>A%+Ck|o{7$mBbUg8bGK>P-U!tk<(g!69lOahLCGmIilQxvJvBWAgPn
z&xlo%tepoZs%|QJxGr?J9V3q>*Tr6;+wq4^sXJyKN&PSS<5L=4JdBbE&1EZ{Bb%e!
z>?=hsof|WK16V!16LVZWzqn7GAGC_dZ#wb&<nL{{5Zkwb%wW+J{)Z<<ll_5|g+TsO
zU*+H;qU;62tWHaWR#g3){8{`x3Ify`hNeb#QekM*$}e9WOmn&0+H$drkXVGr=VC~<
zYErJF!5KkcvwBls!kr4?cTylQs=5LI=Sc(EmpSrs>%U!f%-<I-C#aSGAcpVtG<>SN
z@h?nq7Jw-(I6a6jX=N4@yn~}ZL4~$6UNM;Jt1+6{XV}i#ax;P;92+_&hSM{~b1Pfe
z#I-a+#<NEozChC26B3y&r5=T#Pp>A|_kOJ;bk+PG;4qenxd#@zcYI<cS-Lpif6C1+
zR)yBu7~Us^;g%#uOcn~;e%_H114bj-+qxv@RuWxJnOXGEFXP^RuDX5?0_=sFNqg9J
zrAE1>G6e1IpuS!Rj1Ul3kP7VbW7?8aIDN=4+pxnUV+W&5Ixr^>2B}~oiroL!Wg7x?
z;OzED7m!PD>isl+x@~?GXI_c-tP)Dtk?^;=Hf-cS0H)>I+q;pL@ZiIOR8iLXd)W12
z4}374kopCh>zXSj60%XQtm)qR!NgnCj;^-h*6Q%@bWn*rYTyC%Y-}lcxj$JDYhqvK
zC?4Jeo^tp;JCTQ7&b_3@{69@L;6e!{%*p#C$TN+YcTdc9&(oQ~tczpy87@goe!otI
y3IE3SYZ$Bamt@`+Jz1_GsB8K6+v%z~M<8g&j-ORWV)XxjkGhJMGG6I<$o~O|S%P2y


From baea27f588d2845398e7fed081209330e08f5844 Mon Sep 17 00:00:00 2001
From: Alekhya Jupudi <89069896+alekyaj@users.noreply.github.com>
Date: Mon, 18 Apr 2022 10:34:44 +0530
Subject: [PATCH 079/123] Windows: Minecraft for EDU updates

The updates here are made as per Task: 5959100. Thanks!
---
 education/windows/school-get-minecraft.md | 19 +++++++++++--------
 1 file changed, 11 insertions(+), 8 deletions(-)

diff --git a/education/windows/school-get-minecraft.md b/education/windows/school-get-minecraft.md
index 38b068d300..6c05523c6c 100644
--- a/education/windows/school-get-minecraft.md
+++ b/education/windows/school-get-minecraft.md
@@ -20,27 +20,30 @@ ms.topic: conceptual
 
 **Applies to:**
 
--   Windows 10  
+- Windows 10  
 
 When you sign up for a [Minecraft: Education Edition](https://education.minecraft.net) trial, or purchase a [Minecraft: Education Edition](https://education.minecraft.net) subscription. Minecraft will be added to the inventory in your Microsoft Store for Education which is associated with your Azure Active Directory (Azure AD) tenant. Your Microsoft Store for Education is only displayed to members of your organization.
 
 >[!Note]
 >If you don't have an Azure AD or Office 365 tenant, you can set up a free Office 365 Education subscription when you request Minecraft: Education Edition. For more information see [Office 365 Education plans and pricing](https://products.office.com/academic/compare-office-365-education-plans).
 
-## Settings for Office 365 A3 or Office 365 A5 customers
+## Settings for Microsoft 365 A3 or Microsoft 365 A5 customers
 
 Schools that purchased these products have an extra option for making Minecraft: Education Edition available to their students:
-- Office 365 A3 or Office 365 A5
-- Enterprise Mobility + Security E3 or Enterprise Mobility + Security E5
+
+- Microsoft 365 A3 or Microsoft 365 A5
 - Minecraft: Education Edition
 
-If your school has these products in your tenant, admins can choose to enable Minecraft: Education Edition for students using Office 365 A3 or Office 365 A5. On your Office 365 A3 or Office 365 A5 details page in **Microsoft Store for Education**, under **Settings & actions**, you can select **Allow access to Minecraft: Education Edition for users of Office 365 A3 or Office 365 A5**. 
+If your school has these products in your tenant, admins can choose to enable Minecraft: Education Edition for students using Microsoft 365 A3 or Microsoft 365 A5. From the left-hand menu in Microsoft Admin Center, select Users. From the Users list, select the users you want to add or remove for Minecraft: Education Edition access. Add the relevant A3 or A5 license if it hasn't been assigned already.  
 
-When this setting is selected, students in your tenant can use Minecraft: Education Edition even if they do not have a trial or a direct license assigned to them. 
+> [!Note]
+> If you add a faculty license, the user will be assigned an instructor role in the application and will have elevated permissions.
 
-If you turn off this setting after students have been using Minecraft: Education Edition, they will have 25 more days to use Minecraft: Education Edition before they do not have access. 
+After selecting the appropriate product license, ensure Minecraft: Education Edition is toggled on or off, depending on if you want to add or remove Minecraft: Education Edition from the user (it will be on by default).
 
-## Add Minecraft to your Microsoft Store for Education 
+If you turn off this setting after students have been using Minecraft: Education Edition, they will have up to 30 more days to use Minecraft: Education Edition before they don't have access.
+
+## Add Minecraft to your Microsoft Store for Education
 
 You can start with the Minecraft: Education Edition trial to get individual copies of the app. For more information, see [Minecraft: Education Edition - direct purchase](#individual-copies). 
 

From d63f6ab56b1fadbcad791354565eb9eaeaa82619 Mon Sep 17 00:00:00 2001
From: Alekhya Jupudi <89069896+alekyaj@users.noreply.github.com>
Date: Mon, 18 Apr 2022 11:01:24 +0530
Subject: [PATCH 080/123] Alt text fixes as per suggestion

---
 education/windows/school-get-minecraft.md | 45 +++++++++++++----------
 1 file changed, 25 insertions(+), 20 deletions(-)

diff --git a/education/windows/school-get-minecraft.md b/education/windows/school-get-minecraft.md
index 6c05523c6c..1870717145 100644
--- a/education/windows/school-get-minecraft.md
+++ b/education/windows/school-get-minecraft.md
@@ -76,6 +76,7 @@ Now that the app is in your Microsoft Store for Education inventory, you can cho
 If you need additional licenses for **Minecraft: Education Edition**, see [Purchase additional licenses](./education-scenarios-store-for-business.md#purchase-additional-licenses).
 
 ### <a href="" id="volume-license"></a>Minecraft: Education Edition - volume licensing
+
 Qualified education institutions can purchase Minecraft: Education Edition licenses through their Microsoft channel partner. Schools need to be part of the Enrollment for Education Solutions (EES) volume licensing program. Educational institutions should work with their channel partner to determine which Minecraft: Education Edition licensing offer is best for their institution. The process looks like this: 
 
 - Your channel partner will submit and process your volume license order, your licenses will be shown on [Volume Licensing Service Center](https://www.microsoft.com/Licensing/servicecenter/default.aspx), and the licenses will be available in your [Microsoft Store for Education](https://www.microsoft.com/business-store) inventory. 
@@ -83,13 +84,17 @@ Qualified education institutions can purchase Minecraft: Education Edition licen
 - Sign in to [Microsoft Store for Education](https://educationstore.microsoft.com) to distribute and manage the Minecraft: Education Edition licenses. For more information on distribution options, see [Distribute Minecraft](#distribute-minecraft)
 
 ## Minecraft: Education Edition payment options
+
 You can pay for Minecraft: Education Edition with a debit or credit card, or with an invoice. 
 
 ### Debit or credit cards
+
 During the purchase, click **Get started! Add a way to pay.** Provide the info needed for your debit or credit card.
 
 ### Invoices
+
 Invoices are now a supported payment method for Minecraft: Education Edition. There are a few requirements:
+
 - Admins only (not supported for Teachers)
 - $500 invoice minimum for your initial purchase
 - $15,000 invoice maximum (for all invoices within your organization)
@@ -112,6 +117,7 @@ After you've finished the purchase, you can find your invoice by checking **Mine
 > After you complete a purchase, it can take up to twenty-four hours for the app to appear in **Apps & software**.
 
 **To view your invoice**
+
 1. In Microsoft Store for Education, click **Manage** and then click **Apps & software**. 
 2. Click **Minecraft: Education Edition** in the list of apps. 
 3. On **Minecraft: Education Edition**, click **View Bills**.
@@ -120,7 +126,7 @@ After you've finished the purchase, you can find your invoice by checking **Mine
 
 4. On **Invoice Bills**, click the invoice number to view and download your invoice. It downloads as a .pdf.
 
-   ![Minecraft: Education Edition app details page with view bills link highlighted.](images/mcee-invoice-bills.png)
+   ![Minecraft: Education Edition app details page with view invoice bills link highlighted.](images/mcee-invoice-bills.png)
 
 The **Payment Instructions** section on the first page of the invoice has information on invoice amount, due date, and how to pay with electronic funds transfer, or with a check. 
 
@@ -154,21 +160,21 @@ For Minecraft: Education Edition, you can use auto assign subscription to contro
 
 1. Sign in to [Microsoft Store for Education](https://educationstore.microsoft.com)
 2. Click Manage.
-    
+
     You'll see Minecraft: Education Edition product page.
-     
+
     ![Minecraft Education Edition product page with auto assign control highlighted.](images/mcee-auto-assign-legacy.png)
- 
+
    -Or-
- 
-    ![Minecraft Education Edition product page with auto assign control highlighted.](images/mcee-auto-assign-bd.png)
-    
-3. Slide the **Auto assign subscription** or click **Turn off auto assign subscription**.     
+
+    ![Minecraft Education Edition product page with auto assign control highlighted-2](images/mcee-auto-assign-bd.png)
+3. Slide the **Auto assign subscription** or click **Turn off auto assign subscription**.
 
 ### Install for me
-You can install the app on your PC. This gives you a chance to test the app and know how you might help others in your organization use the app.   
 
-1. Sign in to [Microsoft Store for Education](https://educationstore.microsoft.com). 
+You can install the app on your PC. This gives you a chance to test the app and know how you might help others in your organization use the app.
+
+1. Sign in to [Microsoft Store for Education](https://educationstore.microsoft.com).
 2. Click **Manage**, and then click **Install**.
 
     <!-- ![Minecraft Education Edition product page.](images/mc-install-for-me-teacher.png) -->
@@ -176,20 +182,19 @@ You can install the app on your PC. This gives you a chance to test the app and
 3. Click **Install**.  
 
 ### Assign to others
-Enter email addresses for your students, and each student will get an email with a link to install the app. This option is best for older, more tech-savvy students who will always use the same PC at school. You can assign the app to individuals, groups, or add it to your private store, where students and teachers in your organization can download the app. 
 
+Enter email addresses for your students, and each student will get an email with a link to install the app. This option is best for older, more tech-savvy students who will always use the same PC at school. You can assign the app to individuals, groups, or add it to your private store, where students and teachers in your organization can download the app.
 
 **To assign to others**
-1. Sign in to [Microsoft Store for Education](https://educationstore.microsoft.com). 
+
+1. Sign in to [Microsoft Store for Education](https://educationstore.microsoft.com).
 2. Click **Manage**.
 
     ![Minecraft Education Edition product page.](images/mc-install-for-me-teacher.png)
-3. Click **Invite people**.
- 
+3. Click **Invite people**. 
 4. Type the name, or email address of the student or group you want to assign the app to, and then click **Assign**. 
 
-    You can only assign the app to students with work or school accounts. If you don't find the student, you might need to add a work or school account for the student.    
-   
+    You can only assign the app to students with work or school accounts. If you don't find the student, you might need to add a work or school account for the student.
     ![Assign to people showing student name.](images/minecraft-assign-to-people-name.png)
 
 **To finish Minecraft install (for students)**
@@ -225,14 +230,15 @@ Download for others allows teachers or IT admins to download an app that they ca
 Minecraft: Education Edition will not install if there are updates pending for other apps on the PC. Before installing Minecraft, check to see if there are pending updates for Microsoft Store apps. 
 
 **To check for app updates**
+
 1. Start Microsoft Store app on the PC (click **Start**, and type **Store**).
 2. Click the account button, and then click **Downloads and updates**.
 
-      ![Microsoft Store app showing access to My Library.](images/minecraft-private-store.png)
+      ![Microsoft Store app showing Downloads and updates](images/minecraft-private-store.png)
       
 3. Click **Check for updates**, and install all available updates. 
 
-      ![Microsoft Store app showing access to My Library.](images/mc-check-for-updates.png)
+      ![Microsoft Store app displaying Check for updates.](images/mc-check-for-updates.png)
       
 4. Restart the computer before installing Minecraft: Education Edition.  
 
@@ -241,8 +247,7 @@ You'll download a .zip file, extract the files, and then use one of the files to
 
 1. **Download Minecraft Education Edition.zip**. From the **Minecraft: Education Edition** page, click **Download for others** tab, and then click **Download**.
 
-    ![Microsoft Store app showing access to My Library.](images/mc-dnld-others-teacher.png)
- 
+    ![Microsoft Store app showing the Download.](images/mc-dnld-others-teacher.png)
 2. **Extract files**. Find the .zip file that you downloaded and extract the files. This is usually your **Downloads** folder, unless you chose to save the .zip file to a different location. Right-click the file and choose **Extract all**.
 3. **Save to USB drive**. After you've extracted the files, save the Minecraft: Education Edition folder to a USB drive, or to a network location that you can access from each PC.  
 4. **Install app**. Use the USB drive to copy the Minecraft folder to each Windows 10 PC where you want to install Minecraft: Education Edition. Open Minecraft: Education Edition folder, right-click **InstallMinecraftEducationEdition.bat** and click **Run as administrator**. 

From 61ea1958cba4e119a68efb917b2d875096623844 Mon Sep 17 00:00:00 2001
From: Alekhya Jupudi <89069896+alekyaj@users.noreply.github.com>
Date: Mon, 18 Apr 2022 11:09:39 +0530
Subject: [PATCH 081/123] Acrolinx fix

---
 education/windows/school-get-minecraft.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/education/windows/school-get-minecraft.md b/education/windows/school-get-minecraft.md
index 1870717145..5fc9b496f6 100644
--- a/education/windows/school-get-minecraft.md
+++ b/education/windows/school-get-minecraft.md
@@ -25,7 +25,7 @@ ms.topic: conceptual
 When you sign up for a [Minecraft: Education Edition](https://education.minecraft.net) trial, or purchase a [Minecraft: Education Edition](https://education.minecraft.net) subscription. Minecraft will be added to the inventory in your Microsoft Store for Education which is associated with your Azure Active Directory (Azure AD) tenant. Your Microsoft Store for Education is only displayed to members of your organization.
 
 >[!Note]
->If you don't have an Azure AD or Office 365 tenant, you can set up a free Office 365 Education subscription when you request Minecraft: Education Edition. For more information see [Office 365 Education plans and pricing](https://products.office.com/academic/compare-office-365-education-plans).
+>If you don't have an Azure AD or Office 365 tenant, you can set up a free Office 365 Education subscription when you request Minecraft: Education Edition. For more information, see [Office 365 Education plans and pricing](https://products.office.com/academic/compare-office-365-education-plans).
 
 ## Settings for Microsoft 365 A3 or Microsoft 365 A5 customers
 
@@ -47,7 +47,7 @@ If you turn off this setting after students have been using Minecraft: Education
 
 You can start with the Minecraft: Education Edition trial to get individual copies of the app. For more information, see [Minecraft: Education Edition - direct purchase](#individual-copies). 
 
-If you’ve been approved and are part of the Enrollment for Education Solutions volume license program, you can purchase a volume licenses for Minecraft: Education Edition. For more information, see [Minecraft: Education Edition - volume license](#volume-license). 
+If you’ve been approved and are part of the Enrollment for Education Solutions volume license program, you can purchase a volume license for Minecraft: Education Edition. For more information, see [Minecraft: Education Edition - volume license](#volume-license). 
 
 ### <a href="" id="individual-copies"></a>Minecraft: Education Edition - direct purchase
 

From 351a03e7f86a4b1b91ccd40fb28ceaca8b891f3a Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Mon, 18 Apr 2022 15:30:41 +0530
Subject: [PATCH 082/123] improved acrolinx score

---
 .../upgrade/resolution-procedures.md          | 20 +++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/windows/deployment/upgrade/resolution-procedures.md b/windows/deployment/upgrade/resolution-procedures.md
index 285c935ee6..e5a1284cb1 100644
--- a/windows/deployment/upgrade/resolution-procedures.md
+++ b/windows/deployment/upgrade/resolution-procedures.md
@@ -80,20 +80,20 @@ See the following general troubleshooting procedures associated with a result co
 |0x80244018|Your machine is connected through a proxy server.|Make sure Automatically Detect Settings is selected in internet options. (Control Panel > Internet Options > Connections > LAN Settings).|
 |0xC1900201|The system didn't pass the minimum requirements to install the update.|Contact the hardware vendor to get the latest updates.|
 |0x80240017|The upgrade is unavailable for this edition of Windows.|Administrative policies enforced by your organization might be preventing the upgrade. Contact your IT administrator.|
-|0x80070020|The existing process cannot access the file because it is being used by another process.|Use the MSCONFIG tool to perform a clean boot on the machine and then try to perform the update again. For more information, see [How to perform a clean boot in Windows](https://support.microsoft.com/kb/929135).|
-|0x80070522|The user doesn’t have required privilege or credentials to upgrade.|Ensure that you have signed in as a local administrator or have local administrator privileges.|
-|0xC1900107|A cleanup operation from a previous installation attempt is still pending and a system reboot is required in order to continue the upgrade.|Restart the device and run setup again. If restarting the device does not resolve the issue, then use the Disk Cleanup utility and clean up the temporary files as well as the System files. For more information, see [Disk cleanup in Windows 10](https://support.microsoft.com/windows/disk-cleanup-in-windows-8a96ff42-5751-39ad-23d6-434b4d5b9a68).|
-|0xC1900209|The user has chosen to cancel because the system does not pass the compatibility scan to install the update. Setup.exe will report this error when it can upgrade the machine with user data but cannot migrate installed applications.|Incompatible software is blocking the upgrade process. Uninstall the application and try the upgrade again. See [Windows 10 Pre-Upgrade Validation using SETUP.EXE](/archive/blogs/mniehaus/windows-10-pre-upgrade-validation-using-setup-exe) for more information.<p>You can also download the Windows Assessment and Deployment Kit (ADK) for Windows 10 and install Application Compatibility Tools.|
+|0x80070020|The existing process can't access the file because it's being used by another process.|Use the MSCONFIG tool to perform a clean boot on the machine and then try to perform the update again. For more information, see [How to perform a clean boot in Windows](https://support.microsoft.com/kb/929135).|
+|0x80070522|The user doesn’t have required privilege or credentials to upgrade.|Ensure that you've signed in as a local administrator or have local administrator privileges.|
+|0xC1900107|A cleanup operation from a previous installation attempt is still pending and a system reboot is required in order to continue the upgrade.|Restart the device and run setup again. If restarting the device doesn't resolve the issue, then use the Disk Cleanup utility to clean up the temporary files and the System files. For more information, see [Disk cleanup in Windows 10](https://support.microsoft.com/windows/disk-cleanup-in-windows-8a96ff42-5751-39ad-23d6-434b4d5b9a68).|
+|0xC1900209|The user has chosen to cancel because the system doesn't pass the compatibility scan to install the update. Setup.exe will report this error when it can upgrade the machine with user data but cannot migrate installed applications.|Incompatible software is blocking the upgrade process. Uninstall the application and try the upgrade again. See [Windows 10 Pre-Upgrade Validation using SETUP.EXE](/archive/blogs/mniehaus/windows-10-pre-upgrade-validation-using-setup-exe) for more information.<p>You can also download the Windows Assessment and Deployment Kit (ADK) for Windows 10 and install Application Compatibility Tools.|
 |0x8007002|This error is specific to upgrades using System Center 2012 Configuration Manager R2 SP1 CU3 (5.00.8238.1403)|Analyze the SMSTS.log and verify that the upgrade is failing on "Apply Operating system" Phase: Error 80072efe DownloadFileWithRanges() failed. 80072efe. ApplyOperatingSystem (0x0760)<p>The error 80072efe means that the connection with the server was terminated abnormally.<p>To resolve this issue, try the OS Deployment test on a client in same VLAN as the Configuration Manager server. Check the network configuration for random client-server connection issues happening on the remote VLAN.|
-|0x80240FFF|Occurs when update synchronization fails. It can occur when you are using Windows Server Update Services on its own or when it is integrated with Microsoft Endpoint Configuration Manager. If you enable update synchronization before you install hotfix 3095113, WSUS doesn't recognize the Upgrades classification and instead treats the upgrade like a regular update.|You can prevent this by installing hotfix 3095113 before you enable update synchronization. However, if you have already run into this problem, do the following:<ol><li>Disable the Upgrades classification.<li>Install hotfix 3095113.<li>Delete previously synched updates.<li>Enable the Upgrades classification.<li>Perform a full synch.</ol><p>For detailed information on how to run these steps check out How to delete upgrades in WSUS.|
-|0x8007007E|Occurs when update synchronization fails because you do not have hotfix 3095113 installed before you enable update synchronization. Specifically, the CopyToCache operation fails on clients that have already downloaded the upgrade because Windows Server Update Services has bad metadata related to the upgrade. It can occur when you are using standalone Windows Server Update Services or when WSUS is integrated with Microsoft Endpoint Configuration Manager.|Use the following steps to repair Windows Server Update Services. You must run these steps on each WSUS server that synched metadata before you installed the hotfix.<p>Stop the Windows Update service. <li>Sign in as a user with administrative privileges, and then do the following:<li>Open Administrative Tools from the Control Panel.<li>Double-click Services.<li>Find the Windows Update service, right-click it, and then select Stop. If prompted, enter your credentials.<p>Delete all files and folders under c:\Windows\SoftwareDistribution\DataStore.<p>Restart the Windows Update service.|
+|0x80240FFF|Occurs when update synchronization fails. It can occur when you're using Windows Server Update Services on its own or when it's integrated with Microsoft Endpoint Configuration Manager. If you enable update synchronization before you install hotfix 3095113, WSUS doesn't recognize the Upgrades classification and instead treats the upgrade like a regular update.|You can prevent this by installing hotfix 3095113 before you enable update synchronization. However, if you have already run into this problem, do the following:<ol><li>Disable the Upgrades classification.<li>Install hotfix 3095113.<li>Delete previously synched updates.<li>Enable the Upgrades classification.<li>Perform a full synch.</ol><p>For detailed information on how to run these steps check out How to delete upgrades in WSUS.|
+|0x8007007E|Occurs when update synchronization fails because you don't have hotfix 3095113 installed before you enable update synchronization. Specifically, the CopyToCache operation fails on clients that have already downloaded the upgrade because Windows Server Update Services has bad metadata related to the upgrade. It can occur when you're using standalone Windows Server Update Services or when WSUS is integrated with Microsoft Endpoint Configuration Manager.|Use the following steps to repair Windows Server Update Services. You must run these steps on each WSUS server that synched metadata before you installed the hotfix.<p>Stop the Windows Update service. <li>Sign in as a user with administrative privileges, and then do the following:<li>Open Administrative Tools from the Control Panel.<li>Double-click Services.<li>Find the Windows Update service, right-click it, and then select Stop. If prompted, enter your credentials.<p>Delete all files and folders under c:\Windows\SoftwareDistribution\DataStore.<p>Restart the Windows Update service.|
 
 ## Other error codes
 
 | Error Codes | Cause | Mitigation |
 | --- | --- | --- |
 |0x80070003- 0x20007|This is a failure during SafeOS phase driver installation.|[Verify device drivers](/windows-hardware/drivers/install/troubleshooting-device-and-driver-installations) on the computer, and [analyze log files](log-files.md#analyze-log-files) to determine the problem driver.|
-|0x8007025D - 0x2000C|This error occurs if the ISO file&#39;s metadata is corrupt or if there is an issue with the storage medium, such as a RAM module containing bad blocks during the installation of Windows.|Re-download the ISO/Media and re-attempt the upgrade<p>Alternatively, re-create installation media the [Media Creation Tool](https://www.microsoft.com/software-download/windows10).|
+|0x8007025D - 0x2000C|This error occurs if the ISO file&#39;s metadata is corrupt or if there's an issue with the storage medium, such as a RAM module containing bad blocks during the installation of Windows.|Redownload the ISO/Media and reattempt the upgrade<p>Alternatively, re-create installation media the [Media Creation Tool](https://www.microsoft.com/software-download/windows10).|
 |0x80070490 - 0x20007|An incompatible device driver is present.|[Verify device drivers](/windows-hardware/drivers/install/troubleshooting-device-and-driver-installations) on the computer, and [analyze log files](log-files.md#analyze-log-files) to determine the problem driver.|
 |0xC1900101 - 0x2000c|An unspecified error occurred in the SafeOS phase during WIM apply. This can be caused by an outdated driver or disk corruption.|Run checkdisk to repair the file system. For more information, see the [quick fixes](quick-fixes.md) section in this guide.<br>Update drivers on the computer, and select "Download and install updates (recommended)" during the upgrade process. Disconnect devices other than the mouse, keyboard and display.|
 |0xC1900200 - 0x20008|The computer doesn’t meet the minimum requirements to download or upgrade to Windows 10.|See [Windows 10 Specifications](https://www.microsoft.com/windows/windows-10-specifications) and verify the computer meets minimum requirements.<p>Review logs for [compatibility information](/archive/blogs/askcore/using-the-windows-10-compatibility-reports-to-understand-upgrade-issues).|
@@ -102,7 +102,7 @@ See the following general troubleshooting procedures associated with a result co
 |0xC1900101 - 0x4001E|Installation failed in the SECOND_BOOT phase with an error during PRE_OOBE operation.|This is a generic error that occurs during the OOBE phase of setup. See the [0xC1900101](#0xc1900101) section of this guide and review general troubleshooting procedures described in that section.|
 |0x80070005 - 0x4000D|The installation failed in the SECOND_BOOT phase with an error in during MIGRATE_DATA operation. This error indicates that access was denied while attempting to migrate data.|[Analyze log files](log-files.md#analyze-log-files) to determine the data point that is reporting access denied.|
 |0x80070004 - 0x50012|Windows Setup failed to open a file.|[Analyze log files](log-files.md#analyze-log-files) to determine the data point that is reporting access problems.|
-|0xC190020e<br>0x80070070 - 0x50011<br>0x80070070 - 0x50012<br>0x80070070 - 0x60000|These errors indicate the computer does not have enough free space available to install the upgrade.|To upgrade a computer to Windows 10, it requires 16 GB of free hard drive space for a 32-bit OS, and 20 GB for a 64-bit OS. If there is not enough space, attempt to [free up drive space](https://support.microsoft.com/help/17421/windows-free-up-drive-space) before proceeding with the upgrade. <p><div>**Note:** If your device allows it, you can use an external USB drive for the upgrade process. Windows setup will back up the previous version of Windows to a USB external drive. The external drive must be at least 8GB (16GB is recommended). The external drive should be formatted using NTFS.  Drives that are formatted in FAT32 may run into errors due to FAT32 file size limitations. USB drives are preferred over SD cards because drivers for SD cards are not migrated if the device does not support Connected Standby.</div>|
+|0xC190020e<br>0x80070070 - 0x50011<br>0x80070070 - 0x50012<br>0x80070070 - 0x60000|These errors indicate the computer doesn't have enough free space available to install the upgrade.|To upgrade a computer to Windows 10, it requires 16 GB of free hard drive space for a 32-bit OS, and 20 GB for a 64-bit OS. If there isn't enough space, attempt to [free up drive space](https://support.microsoft.com/help/17421/windows-free-up-drive-space) before proceeding with the upgrade. <p><div>**Note:** If your device allows it, you can use an external USB drive for the upgrade process. Windows setup will back up the previous version of Windows to a USB external drive. The external drive must be at least 8 GB (16 GB is recommended). The external drive should be formatted using NTFS.  Drives that are formatted in FAT32 may run into errors due to FAT32 file size limitations. USB drives are preferred over SD cards because drivers for SD cards aren't migrated if the device doesn't support Connected Standby.</div>|
 
 ## Modern setup errors
 
@@ -110,10 +110,10 @@ Also see the following sequential list of modern setup (mosetup) error codes wit
 
 | Result code | Message  | Description |
 | --- | --- | --- |
-| 0XC1900100 | MOSETUP_E_VERSION_MISMATCH | An unexpected version of Setup Platform binaries was encountered. Please verify the package contents. |
+| 0XC1900100 | MOSETUP_E_VERSION_MISMATCH | An unexpected version of Setup Platform binaries was encountered. Verify the package contents. |
 | 0XC1900101 | MOSETUP_E_SETUP_PLATFORM | The Setup Platform has encountered an unspecified error. |
 | 0XC1900102 | MOSETUP_E_SHUTDOWN_BLOCK | Unable to create or destroy the shutdown block message. |
-| 0XC1900103 | MOSETUP_E_COMPAT_TIMEOUT | The compatibility issues were not resolved within the required time limit. |
+| 0XC1900103 | MOSETUP_E_COMPAT_TIMEOUT | The compatibility issues weren't resolved within the required time limit. |
 | 0XC1900104 | MOSETUP_E_PROCESS_TIMEOUT | The installation process did not complete within the required time limit. |
 | 0XC1900105 | MOSETUP_E_TEST_MODE | The installation process is being used in a test environment. |
 | 0XC1900106 | MOSETUP_E_TERMINATE_PROCESS | The installation process was terminated. |

From af42a1c6b8dabf165fd59ecb75f39e1d2fb634c8 Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Mon, 18 Apr 2022 15:43:19 +0530
Subject: [PATCH 083/123] improved Acrolinx score for the article

---
 .../windows-deployment-scenarios-and-tools.md | 36 +++++++++----------
 1 file changed, 18 insertions(+), 18 deletions(-)

diff --git a/windows/deployment/windows-deployment-scenarios-and-tools.md b/windows/deployment/windows-deployment-scenarios-and-tools.md
index 7f92f7c55f..4bee33faa3 100644
--- a/windows/deployment/windows-deployment-scenarios-and-tools.md
+++ b/windows/deployment/windows-deployment-scenarios-and-tools.md
@@ -18,7 +18,7 @@ ms.collection: highpri
 # Windows 10 deployment scenarios and tools
 
 
-To successfully deploy the Windows 10 operating system and applications for your organization, it is essential that you know about the available tools to help with the process. In this topic, you will learn about the most commonly used tools for Windows 10 deployment.
+To successfully deploy the Windows 10 operating system and applications for your organization, it's essential that you know about the available tools to help with the process. In this topic, you'll learn about the most commonly used tools for Windows 10 deployment.
 
 Microsoft provides many tools, services, and solutions. These tools include Windows Deployment Services (WDS), the Volume Activation Management Tool (VAMT), the User State Migration Tool (USMT), Windows System Image Manager (Windows SIM), Windows Preinstallation Environment (Windows PE), and Windows Recovery Environment (Windows RE). Keep in mind that these are just tools and not a complete solution on their own. It's when you combine these tools with solutions like [Microsoft Deployment Toolkit (MDT)](./deploy-windows-mdt/prepare-for-windows-deployment-with-mdt.md) or [Configuration Manager](deploy-windows-cm/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md) that you get the complete deployment solution.
 
@@ -27,7 +27,7 @@ In this topic, you also learn about different types of reference images that you
 ## Windows Assessment and Deployment Kit
 
 
-Windows ADK contains core assessment and deployment tools and technologies, including Deployment Image Servicing and Management (DISM), Windows Imaging and Configuration Designer (Windows ICD), Windows System Image Manager (Windows SIM), User State Migration Tool (USMT), Volume Activation Management Tool (VAMT), Windows Preinstallation Environment (Windows PE), Windows Assessment Services, Windows Performance Toolkit (WPT), Application Compatibility Toolkit (ACT), and Microsoft SQL Server 2012 Express. For more details, see [Windows ADK for Windows 10](/windows-hardware/get-started/adk-install) or [Windows ADK for Windows 10 scenarios for IT Pros](windows-adk-scenarios-for-it-pros.md).
+Windows ADK contains core assessment and deployment tools and technologies, including Deployment Image Servicing and Management (DISM), Windows Imaging and Configuration Designer (Windows ICD), Windows System Image Manager (Windows SIM), User State Migration Tool (USMT), Volume Activation Management Tool (VAMT), Windows Preinstallation Environment (Windows PE), Windows Assessment Services, Windows Performance Toolkit (WPT), Application Compatibility Toolkit (ACT), and Microsoft SQL Server 2012 Express. For more information, see [Windows ADK for Windows 10](/windows-hardware/get-started/adk-install) or [Windows ADK for Windows 10 scenarios for IT Pros](windows-adk-scenarios-for-it-pros.md).
 
 ![The Windows 10 ADK feature selection page.](images/win-10-adk-select.png)
 
@@ -61,7 +61,7 @@ For more information on DISM, see [DISM technical reference](/windows-hardware/m
 USMT is a backup and restore tool that allows you to migrate user state, data, and settings from one installation to another. Microsoft Deployment Toolkit (MDT) and System Center 2012 R2 Configuration Manager use USMT as part of the operating system deployment process.
 
 **Note**  
-Occasionally, we find that customers are wary of USMT because they believe it requires significant configuration, but, as you will learn below, using USMT is not difficult. If you use MDT and Lite Touch to deploy your machines, the USMT feature is automatically configured and extended so that it is easy to use. With MDT, you do nothing at all and USMT just works.
+Occasionally, we find that customers are wary of USMT because they believe it requires significant configuration, but, as you'll learn below, using USMT isn't difficult. If you use MDT and Lite Touch to deploy your machines, the USMT feature is automatically configured and extended so that it's easy to use. With MDT, you do nothing at all and USMT just works.
 
  
 
@@ -94,11 +94,11 @@ By default USMT migrates many settings, most of which are related to the user pr
 -   Operating system component settings
 -   Application settings
 
-These are the settings migrated by the default MigUser.xml and MigApp.xml templates. For more details on what USMT migrates, see [What does USMT migrate?](./usmt/usmt-what-does-usmt-migrate.md) For more information on the USMT overall, see the [USMT technical reference](./usmt/usmt-reference.md).
+These are the settings migrated by the default MigUser.xml and MigApp.xml templates. For more information on what USMT migrates, see [What does USMT migrate?](./usmt/usmt-what-does-usmt-migrate.md) For more information on the USMT overall, see the [USMT technical reference](./usmt/usmt-reference.md).
 
 ### Windows Imaging and Configuration Designer
 
-Windows Imaging and Configuration Designer (Windows ICD) is a tool designed to assist with the creation of provisioning packages that can be used to dynamically configure a Windows device (PCs, tablets, and phones). This is particularly useful for setting up new devices, without the need for re-imaging the device with a custom image.
+Windows Imaging and Configuration Designer (Windows ICD) is a tool designed to assist with the creation of provisioning packages that can be used to dynamically configure a Windows device (PCs, tablets, and phones). This is particularly useful for setting up new devices, without the need for reimaging the device with a custom image.
 
 ![Windows Imaging and Configuration Designer.](images/windows-icd.png)
 
@@ -108,7 +108,7 @@ For more information, see [Windows Imaging and Configuration Designer](/windows/
 
 ### Windows System Image Manager (Windows SIM)
 
-Windows SIM is an authoring tool for Unattend.xml files. When using MDT and/or Configuration Manager, you don't need Windows SIM very often because those systems automatically update the Unattend.xml file during the deployment, greatly simplifying the process overall.
+Windows SIM is an authoring tool for Unattend.xml files. When using MDT and/or Configuration Manager, you don't need Windows SIM often because those systems automatically update the Unattend.xml file during the deployment, greatly simplifying the process overall.
 
 ![Windows answer file opened in Windows SIM.](images/mdt-11-fig07.png)
 
@@ -142,12 +142,12 @@ The key thing to know about Windows PE is that, like the operating system, it ne
 
 A machine booted with the Windows ADK default Windows PE boot image.
 
-For more details on Windows PE, see [Windows PE (WinPE)](/windows-hardware/manufacture/desktop/winpe-intro).
+For more information on Windows PE, see [Windows PE (WinPE)](/windows-hardware/manufacture/desktop/winpe-intro).
 
 ## <a href="" id="sec07"></a>Windows Recovery Environment
 
 
-Windows Recovery Environment (Windows RE) is a diagnostics and recovery toolset included in Windows Vista and later operating systems. The latest version of Windows RE is based on Windows PE. You can also extend Windows RE and add your own tools if needed. If a Windows installation fails to start and Windows RE is installed, you will see an automatic failover into Windows RE.
+Windows Recovery Environment (Windows RE) is a diagnostics and recovery toolset included in Windows Vista and later operating systems. The latest version of Windows RE is based on Windows PE. You can also extend Windows RE and add your own tools if needed. If a Windows installation fails to start and Windows RE is installed, you'll see an automatic failover into Windows RE.
 
 ![A Windows 10 client booted into Windows RE, showing Advanced options.](images/mdt-11-fig10.png)
 
@@ -158,17 +158,17 @@ For more information on Windows RE, see [Windows Recovery Environment](/windows-
 ## Windows Deployment Services
 
 
-Windows Deployment Services (WDS) has been updated and improved in several ways starting with Windows 8. Remember that the two main functions you will use are the PXE boot support and multicast. Most of the changes are related to management and increased performance. In Windows Server 2012 R2, WDS also can be used for the Network Unlock feature in BitLocker.
+Windows Deployment Services (WDS) has been updated and improved in several ways starting with Windows 8. Remember that the two main functions you'll use are the PXE boot support and multicast. Most of the changes are related to management and increased performance. In Windows Server 2012 R2, WDS also can be used for the Network Unlock feature in BitLocker.
 
 ![Windows Deployment Services using multicast to deploy three machines.](images/mdt-11-fig11.png)
 
 Windows Deployment Services using multicast to deploy three machines.
 
-In Windows Server 2012 R2, [Windows Deployment Services](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/hh831764(v=ws.11)) can be configured for stand-alone mode or for Active Directory integration. In most scenarios, the Active Directory integration mode is the best option. WDS also has the capability to manage drivers; however, driver management through MDT and Configuration Manager is more suitable for deployment due to the flexibility offered by both solutions, so you will use them instead. In WDS, it is possible to pre-stage devices in Active Directory, but here, too, Configuration Manager has that capability built in, and MDT has the ability to use a SQL Server database for pre-staging. In most scenarios, those solutions are better than the built-in pre-staging function as they allow greater control and management.
+In Windows Server 2012 R2, [Windows Deployment Services](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/hh831764(v=ws.11)) can be configured for stand-alone mode or for Active Directory integration. In most scenarios, the Active Directory integration mode is the best option. WDS also has the capability to manage drivers; however, driver management through MDT and Configuration Manager is more suitable for deployment due to the flexibility offered by both solutions, so you'll use them instead. In WDS, it's possible to pre-stage devices in Active Directory, but here, too, Configuration Manager has that capability built in, and MDT has the ability to use a SQL Server database for pre-staging. In most scenarios, those solutions are better than the built-in pre-staging function as they allow greater control and management.
 
 ### Trivial File Transfer Protocol (TFTP) configuration
 
-In some cases, you need to modify TFTP Maximum Block Size settings for performance tuning reasons, especially when PXE traffic travels through routers and such. In the previous version of WDS, it was possible to change that, but the method of do so—editing the registry—was not user friendly. In Windows Server 2012, this has become much easier to do as it can be configured as a setting.
+In some cases, you need to modify TFTP Maximum Block Size settings for performance tuning reasons, especially when PXE traffic travels through routers and such. In the previous version of WDS, it was possible to change that, but the method of do so—editing the registry—wasn't user friendly. In Windows Server 2012, this has become much easier to do as it can be configured as a setting.
 
 Also, there are a few new features related to TFTP performance:
 
@@ -248,14 +248,14 @@ For more information on WSUS, see the [Windows Server Update Services Overview](
 ## Unified Extensible Firmware Interface
 
 
-For many years BIOS has been the industry standard for booting a PC. BIOS has served us well, but it is time to replace it with something better. **UEFI** is the replacement for BIOS, so it is important to understand the differences between BIOS and UEFI. In this section, you learn the major differences between the two and how they affect operating system deployment.
+For many years BIOS has been the industry standard for booting a PC. BIOS has served us well, but it's time to replace it with something better. **UEFI** is the replacement for BIOS, so it is important to understand the differences between BIOS and UEFI. In this section, you learn the major differences between the two and how they affect operating system deployment.
 
 ### Introduction to UEFI
 
 BIOS has been in use for approximately 30 years. Even though it clearly has proven to work, it has some limitations, including:
 
 -   16-bit code
--   1 MB address space
+-   1-MB address space
 -   Poor performance on ROM initialization
 -   MBR maximum bootable disk size of 2.2 TB
 
@@ -264,13 +264,13 @@ As the replacement to BIOS, UEFI has many features that Windows can and will use
 With UEFI, you can benefit from:
 
 -   **Support for large disks.** UEFI requires a GUID Partition Table (GPT) based disk, which means a limitation of roughly 16.8 million TB in disk size and more than 100 primary disks.
--   **Faster boot time.** UEFI does not use INT 13, and that improves boot time, especially when it comes to resuming from hibernate.
+-   **Faster boot time.** UEFI doesn't use INT 13, and that improves boot time, especially when it comes to resuming from hibernate.
 -   **Multicast deployment.** UEFI firmware can use multicast directly when it boots up. In WDS, MDT, and Configuration Manager scenarios, you need to first boot up a normal Windows PE in unicast and then switch into multicast. With UEFI, you can run multicast from the start.
 -   **Compatibility with earlier BIOS.** Most of the UEFI implementations include a compatibility support module (CSM) that emulates BIOS.
--   **CPU-independent architecture.** Even if BIOS can run both 32- and 64-bit versions of firmware, all firmware device drivers on BIOS systems must also be 16-bit, and this affects performance. One of the reasons is the limitation in addressable memory, which is only 64 KB with BIOS.
--   **CPU-independent drivers.** On BIOS systems, PCI add-on cards must include a ROM that contains a separate driver for all supported CPU architectures. That is not needed for UEFI because UEFI has the ability to use EFI Byte Code (EBC) images, which allow for a processor-independent device driver environment.
+-   **CPU-independent architecture.** Even if BIOS can run both 32-bit and 64-bit versions of firmware, all firmware device drivers on BIOS systems must also be 16-bit, and this affects performance. One of the reasons is the limitation in addressable memory, which is only 64 KB with BIOS.
+-   **CPU-independent drivers.** On BIOS systems, PCI add-on cards must include a ROM that contains a separate driver for all supported CPU architectures. That isn't needed for UEFI because UEFI has the ability to use EFI Byte Code (EBC) images, which allow for a processor-independent device driver environment.
 -   **Flexible pre-operating system environment.** UEFI can perform many functions for you. You just need an UEFI application, and you can perform diagnostics and automatic repairs, and call home to report errors.
--   **Secure boot.** Windows 8 and later can use the UEFI firmware validation process, called secure boot, which is defined in UEFI 2.3.1. Using this process, you can ensure that UEFI launches only a verified operating system loader and that malware cannot switch the boot loader.
+-   **Secure boot.** Windows 8 and later can use the UEFI firmware validation process, called secure boot, which is defined in UEFI 2.3.1. Using this process, you can ensure that UEFI launches only a verified operating system loader and that malware can't switch the boot loader.
 
 ### Versions
 
@@ -283,7 +283,7 @@ In regard to UEFI, hardware is divided into four device classes:
 -   **Class 0 devices.** This is the UEFI definition for a BIOS, or non-UEFI, device.
 -   **Class 1 devices.** These devices behave like a standard BIOS machine, but they run EFI internally. They should be treated as normal BIOS-based machines. Class 1 devices use a CSM to emulate BIOS. These older devices are no longer manufactured.
 -   **Class 2 devices.** These devices have the capability to behave as a BIOS- or a UEFI-based machine, and the boot process or the configuration in the firmware/BIOS determines the mode. Class 2 devices use a CSM to emulate BIOS. These are the most common type of devices currently available.
--   **Class 3 devices.** These are UEFI-only devices, which means you must run an operating system that supports only UEFI. Those operating systems include Windows 8, Windows 8.1, Windows Server 2012, and Windows Server 2012 R2. Windows 7 is not supported on these class 3 devices. Class 3 devices do not have a CSM to emulate BIOS.
+-   **Class 3 devices.** These are UEFI-only devices, which means you must run an operating system that supports only UEFI. Those operating systems include Windows 8, Windows 8.1, Windows Server 2012, and Windows Server 2012 R2. Windows 7 isn't supported on these class 3 devices. Class 3 devices don't have a CSM to emulate BIOS.
 
 ### Windows support for UEFI
 

From 08f46ab943838c85c0afa1f436d51ec907ba519f Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Mon, 18 Apr 2022 15:50:09 +0530
Subject: [PATCH 084/123] improved Acrolinx score for article.

---
 .../windows-deployment-scenarios-and-tools.md      | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/windows/deployment/windows-deployment-scenarios-and-tools.md b/windows/deployment/windows-deployment-scenarios-and-tools.md
index 4bee33faa3..7b2c202eac 100644
--- a/windows/deployment/windows-deployment-scenarios-and-tools.md
+++ b/windows/deployment/windows-deployment-scenarios-and-tools.md
@@ -89,7 +89,7 @@ By default USMT migrates many settings, most of which are related to the user pr
 -   Specific file types. USMT templates migrate the following file types: .accdb, .ch3, .csv, .dif, .doc\*, .dot\*, .dqy, .iqy, .mcw, .mdb\*, .mpp, .one\*, .oqy, .or6, .pot\*, .ppa, .pps\*, .ppt\*, .pre, .pst, .pub, .qdf, .qel, .qph, .qsd, .rqy, .rtf, .scd, .sh3, .slk, .txt, .vl\*, .vsd, .wk\*, .wpd, .wps, .wq1, .wri, .xl\*, .xla, .xlb, .xls\*.
 
     **Note**  
-    The OpenDocument extensions (\*.odt, \*.odp, \*.ods, etc.) that Microsoft Office applications can use are not migrated by default.
+    The OpenDocument extensions (\*.odt, \*.odp, \*.ods, etc.) that Microsoft Office applications can use aren't migrated by default.
 
 -   Operating system component settings
 -   Application settings
@@ -248,7 +248,7 @@ For more information on WSUS, see the [Windows Server Update Services Overview](
 ## Unified Extensible Firmware Interface
 
 
-For many years BIOS has been the industry standard for booting a PC. BIOS has served us well, but it's time to replace it with something better. **UEFI** is the replacement for BIOS, so it is important to understand the differences between BIOS and UEFI. In this section, you learn the major differences between the two and how they affect operating system deployment.
+For many years BIOS has been the industry standard for booting a PC. BIOS has served us well, but it's time to replace it with something better. **UEFI** is the replacement for BIOS, so it's important to understand the differences between BIOS and UEFI. In this section, you learn the major differences between the two and how they affect operating system deployment.
 
 ### Introduction to UEFI
 
@@ -274,7 +274,7 @@ With UEFI, you can benefit from:
 
 ### Versions
 
-UEFI Version 2.3.1B is the version required for Windows 8 and later logo compliance. Later versions have been released to address issues; a small number of machines may need to upgrade their firmware to fully support the UEFI implementation in Windows 8 and later.
+UEFI Version 2.3.1B is the version required for Windows 8 and later logo compliance. Later versions have been released to address issues; a few machines may need to upgrade their firmware to fully support the UEFI implementation in Windows 8 and later.
 
 ### Hardware support for UEFI
 
@@ -289,16 +289,16 @@ In regard to UEFI, hardware is divided into four device classes:
 
 Microsoft started with support for EFI 1.10 on servers and then added support for UEFI on both clients and servers.
 
-With UEFI 2.3.1, there are both x86 and x64 versions of UEFI. Windows 10 supports both. However, UEFI does not support cross-platform boot. This means that a computer that has UEFI x64 can run only a 64-bit operating system, and a computer that has UEFI x86 can run only a 32-bit operating system.
+With UEFI 2.3.1, there are both x86 and x64 versions of UEFI. Windows 10 supports both. However, UEFI doesn't support cross-platform boot. This means that a computer that has UEFI x64 can run only a 64-bit operating system, and a computer that has UEFI x86 can run only a 32-bit operating system.
 
 ### How UEFI is changing operating system deployment
 
 There are many things that affect operating system deployment as soon as you run on UEFI/EFI-based hardware. Here are considerations to keep in mind when working with UEFI devices:
 
 -   Switching from BIOS to UEFI in the hardware is easy, but you also need to reinstall the operating system because you need to switch from MBR/NTFS to GPT/FAT32 and NTFS.
--   When you deploy to a Class 2 device, make sure the boot option you select matches the setting you want to have. It is common for old machines to have several boot options for BIOS but only a few for UEFI, or vice versa.
--   When deploying from media, remember the media has to be FAT32 for UEFI, and FAT32 has a file-size limitation of 4GB.
--   UEFI does not support cross-platform booting; therefore, you need to have the correct boot media (32- or 64-bit).
+-   When you deploy to a Class 2 device, make sure the boot option you select matches the setting you want to have. It's common for old machines to have several boot options for BIOS but only a few for UEFI, or vice versa.
+-   When deploying from media, remember the media has to be FAT32 for UEFI, and FAT32 has a file-size limitation of 4 GB.
+-   UEFI doesn't support cross-platform booting; therefore, you need to have the correct boot media (32-bit or 64-bit).
 
 For more information on UEFI, see the [UEFI firmware](/previous-versions/windows/it-pro/windows-8.1-and-8/hh824898(v=win.10)) overview and related resources.
 

From fda045301c999e00cb137a9f3070668dbf49f624 Mon Sep 17 00:00:00 2001
From: greg-lindsay <greg.lindsay@microsoft.com>
Date: Tue, 19 Apr 2022 09:27:28 -0700
Subject: [PATCH 085/123] fix typo, again

---
 windows/deployment/do/mcc-isp.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/do/mcc-isp.md b/windows/deployment/do/mcc-isp.md
index ccdf0bbec3..406565ed09 100644
--- a/windows/deployment/do/mcc-isp.md
+++ b/windows/deployment/do/mcc-isp.md
@@ -13,7 +13,7 @@ ms.collection: M365-modern-desktop
 ms.topic: article
 ---
 
-# Microsoft Connected Cached for Internet Service Providers (ISPs)
+# Microsoft Connected Cache for Internet Service Providers (ISPs)
 
 **Applies to**
 

From 2c0b928786d425a11d22d322df9da947d8ac69f8 Mon Sep 17 00:00:00 2001
From: Siddarth Mandalika <v-smandalika@microsoft.com>
Date: Wed, 20 Apr 2022 18:41:13 +0530
Subject: [PATCH 086/123] Acrolinx enhancement

---
 .../mdm/policy-csp-mixedreality.md            |  20 +--
 .../mdm/policy-csp-multitasking.md            |   8 +-
 .../mdm/policy-csp-networkisolation.md        |  10 +-
 .../mdm/policy-csp-networklistmanager.md      |   2 +-
 .../mdm/policy-csp-notifications.md           |  16 +-
 .../client-management/mdm/policy-csp-power.md |  80 +++++-----
 .../mdm/policy-csp-printers.md                |  46 +++---
 .../mdm/policy-csp-remoteassistance.md        |  26 ++--
 .../mdm/policy-csp-remotedesktopservices.md   |  30 ++--
 .../mdm/policy-csp-remotemanagement.md        |  52 +++----
 .../mdm/policy-csp-remoteprocedurecall.md     |  20 +--
 .../mdm/policy-csp-search.md                  |  18 +--
 .../mdm/policy-csp-security.md                |  14 +-
 .../mdm/policy-csp-settings.md                |   4 +-
 .../client-management/mdm/policy-csp-start.md | 138 +++++++++---------
 .../mdm/policy-csp-storage.md                 |  80 +++++-----
 .../mdm/policy-csp-system.md                  | 116 +++++++--------
 .../mdm/policy-csp-timelanguagesettings.md    |  16 +-
 .../mdm/policy-csp-troubleshooting.md         |   8 +-
 .../mdm/policy-csp-update.md                  | 116 +++++++--------
 20 files changed, 410 insertions(+), 410 deletions(-)

diff --git a/windows/client-management/mdm/policy-csp-mixedreality.md b/windows/client-management/mdm/policy-csp-mixedreality.md
index ad02deaa2f..151c91f3ba 100644
--- a/windows/client-management/mdm/policy-csp-mixedreality.md
+++ b/windows/client-management/mdm/policy-csp-mixedreality.md
@@ -71,7 +71,7 @@ Steps to use this policy correctly:
 1. Enroll HoloLens devices and verify both configurations get applied to the device.
 1. Let Azure AD user 1 sign-in when internet is available. Once the user signs-in and Azure AD group membership is confirmed successfully, cache will be created.
 1. Now Azure AD user 1 can take HoloLens offline and use it for kiosk mode as long as policy value allows for X number of days.
-1. Steps 4 and 5 can be repeated for any other Azure AD user N. The key point is that any Azure AD user must sign-in to device using Internet at least once. Then we can determine that they are member of Azure AD group to which Kiosk configuration is targeted.
+1. Steps 4 and 5 can be repeated for any other Azure AD user N. The key point is that any Azure AD user must sign-in to device using Internet at least once. Then we can determine that they're a member of Azure AD group to which Kiosk configuration is targeted.
 
 > [!NOTE]
 > Until step 4 is performed for a Azure AD user will experience failure behavior mentioned similar to “disconnected” environments.
@@ -91,9 +91,9 @@ Steps to use this policy correctly:
 |HoloLens 2|Yes|
 
 <!--/Description-->
-This new AutoLogonUser policy controls whether a user will be automatically logged on. Some customers want to set up devices that are tied to an identity but don't want any sign in experience. Imagine picking up a device and using remote assist immediately. Or have a benefit of being able to rapidly  distribute HoloLens devices and enable their end users to speed up login.
+This new AutoLogonUser policy controls whether a user will be automatically signed in. Some customers want to set up devices that are tied to an identity but don't want any sign-in experience. Imagine picking up a device and using remote assist immediately. Or have a benefit of being able to rapidly  distribute HoloLens devices and enable their end users to speed up sign in.
 
-When the policy is set to a non-empty value, it specifies the email address of the auto log-on user. The specified user must logon to the device at least once to enable autologon.
+When the policy is set to a non-empty value, it specifies the email address of the auto log-on user. The specified user must sign in to the device at least once to enable autologon.
 
 The OMA-URI of new policy `./Device/Vendor/MSFT/Policy/Config/MixedReality/AutoLogonUser`
 
@@ -102,7 +102,7 @@ String value
 
 - User with the same email address will have autologon enabled.
 
-On a device where this policy is configured, the user specified in the policy will need to log-on at least once. Subsequent reboots of the device after the first logon will have the specified user automatically logged on. Only a single autologon user is supported. Once enabled, the automatically logged on user will not be able to log out manually. To log-on as a different user, the policy must first be disabled.
+On a device where this policy is configured, the user specified in the policy will need to sign in at least once. Subsequent reboots of the device after the first sign in will have the specified user automatically signed in. Only a single autologon user is supported. Once enabled, the automatically signed-in user won't be able to sign out manually. To sign in as a different user, the policy must first be disabled.
 
 > [!NOTE]
 >
@@ -122,7 +122,7 @@ On a device where this policy is configured, the user specified in the policy wi
 
 <!--/Scope-->
 <!--Description-->
-This policy setting controls for how many days Azure AD group membership cache is allowed to be used for Assigned Access configurations targeting Azure AD groups for signed in user. Once this policy setting is set only then cache is used otherwise not. In order for this policy setting to take effect, user must sign out and sign in with Internet available at least once before the cache can be used for subsequent "disconnected" sessions.
+This policy setting controls for how many days Azure AD group membership cache is allowed to be used for Assigned Access configurations targeting Azure AD groups for signed in user. Once this policy setting is set, only then cache is used, otherwise not. In order for this policy setting to take effect, user must sign out and sign in with Internet available at least once before the cache can be used for subsequent "disconnected" sessions.
 
 <!--/Description-->
 
@@ -162,7 +162,7 @@ Supported values are 0-60. The default value is 0 (day) and maximum value is 60
 
 <!--/Scope-->
 <!--Description-->
-This policy setting controls if pressing the brightness button changes the brightness or not. It only impacts brightness on HoloLens and not the functionality of the button when it is used with other buttons as combination for other purposes.
+This policy setting controls if pressing the brightness button changes the brightness or not. It only impacts brightness on HoloLens and not the functionality of the button when it's used with other buttons as combination for other purposes.
 
 <!--/Description-->
 
@@ -205,7 +205,7 @@ The following list shows the supported values:
 
 <!--/Scope-->
 <!--Description-->
-This policy controls the behavior of moving platform feature on Hololens 2, that is, whether it is turned off / on or it can be toggled by a user. It should only be used by customers who intend to use Hololens 2 in moving environments with low dynamic motion. For background information, see [HoloLens 2 Moving Platform Mode | Microsoft Docs](/hololens/hololens2-moving-platform#:~:text=Why%20Moving%20Platform%20Mode%20is%20Necessary%20HoloLens%20needs%2csimilar%20pieces%20of%20information%20from%20two%20separate%20sources:).
+This policy controls the behavior of moving platform feature on Hololens 2, that is, whether it's turned off / on or it can be toggled by a user. It should only be used by customers who intend to use Hololens 2 in moving environments with low dynamic motion. For background information, see [HoloLens 2 Moving Platform Mode | Microsoft Docs](/hololens/hololens2-moving-platform#:~:text=Why%20Moving%20Platform%20Mode%20is%20Necessary%20HoloLens%20needs%2csimilar%20pieces%20of%20information%20from%20two%20separate%20sources:).
 
 <!--/Description-->
 
@@ -216,8 +216,8 @@ This policy controls the behavior of moving platform feature on Hololens 2, that
 - Integer value
 
 - 0 (Default) - Last set user's preference. Initial state is OFF and after that user's preference is persisted across reboots and is used to initialize the system.
-- 1 Force off - Moving platform is disabled and cannot be changed by user.
-- 2 Force on - Moving platform is enabled and cannot be changed by user.
+- 1 Force off - Moving platform is disabled and can't be changed by user.
+- 2 Force on - Moving platform is enabled and can't be changed by user.
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -377,7 +377,7 @@ The following list shows the supported values:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting controls if pressing the volume button changes the volume or not. It only impacts volume on HoloLens and not the functionality of the button when it is used with other buttons as combination for other purposes.
+This policy setting controls if pressing the volume button changes the volume or not. It only impacts volume on HoloLens and not the functionality of the button when it's used with other buttons as combination for other purposes.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-multitasking.md b/windows/client-management/mdm/policy-csp-multitasking.md
index 5d7d45779b..1bd998b15e 100644
--- a/windows/client-management/mdm/policy-csp-multitasking.md
+++ b/windows/client-management/mdm/policy-csp-multitasking.md
@@ -60,9 +60,9 @@ manager: dansimp
 
 This policy controls the inclusion of Edge tabs into Alt+Tab.
 
-Enabling this policy restricts the number of Edge tabs that are allowed to appear in the Alt+Tab switcher. Alt+Tab can be configured to show all open Edge tabs, only the 5 most recent tabs, only the 3 most recent tabs, or no tabs. Setting the policy to no tabs configures the Alt+Tab switcher to show app windows only, which is the classic Alt+Tab behavior. 
+Enabling this policy restricts the number of Edge tabs that are allowed to appear in the Alt+Tab switcher. Alt+Tab can be configured to show all open Edge tabs, only the five most recent tabs, only the three most recent tabs, or no tabs. Setting the policy to no tabs configures the Alt+Tab switcher to show app windows only, which is the classic Alt+Tab behavior. 
 
-This policy only applies to the Alt+Tab switcher. When the policy is not enabled, the feature respects the user's setting in the Settings app.
+This policy only applies to the Alt+Tab switcher. When the policy isn't enabled, the feature respects the user's setting in the Settings app.
 <!--/Description-->
 
 > [!TIP]
@@ -85,8 +85,8 @@ ADMX Info:
 The following list shows the supported values:
 
 - 1 - Open windows and all tabs in Edge.
-- 2 - Open windows and 5 most recent tabs in Edge.
-- 3 - Open windows and 3 most recent tabs in Edge.
+- 2 - Open windows and five most recent tabs in Edge.
+- 3 - Open windows and three most recent tabs in Edge.
 - 4 - Open windows only.
 
 <!--/SupportedValues-->
diff --git a/windows/client-management/mdm/policy-csp-networkisolation.md b/windows/client-management/mdm/policy-csp-networkisolation.md
index b7c30247ea..9dbb409924 100644
--- a/windows/client-management/mdm/policy-csp-networkisolation.md
+++ b/windows/client-management/mdm/policy-csp-networkisolation.md
@@ -119,7 +119,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Sets the enterprise IP ranges that define the computers in the enterprise network. Data that comes from those computers will be considered part of the enterprise and protected. These locations will be considered a safe destination for enterprise data to be shared to. This is a comma-separated list of IPv4 and IPv6 ranges.
+Sets the enterprise IP ranges that define the computers in the enterprise network. Data that comes from those computers will be considered part of the enterprise and protected. These locations will be considered a safe destination for enterprise data to be shared to. These ranges are a comma-separated list of IPv4 and IPv6 ranges.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -215,7 +215,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This is the comma-separated list of internal proxy servers. For example "157.54.14.28, 157.54.11.118, 10.202.14.167, 157.53.14.163, 157.69.210.59". These proxies have been configured by the admin to connect to specific resources on the Internet. They are considered to be enterprise network locations. The proxies are only leveraged in configuring the **EnterpriseCloudResources** policy to force traffic to the matched cloud resources through these proxies.
+This list is the comma-separated list of internal proxy servers. For example "157.54.14.28, 157.54.11.118, 10.202.14.167, 157.53.14.163, 157.69.210.59". These proxies have been configured by the admin to connect to specific resources on the Internet. They're considered to be enterprise network locations. The proxies are only used in configuring the **EnterpriseCloudResources** policy to force traffic to the matched cloud resources through these proxies.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -257,7 +257,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This is the list of domains that comprise the boundaries of the enterprise. Data from one of these domains that is sent to a device will be considered enterprise data and protected These locations will be considered a safe destination for enterprise data to be shared to. This is a comma-separated list of domains, for example "contoso.sharepoint.com, Fabrikam.com".
+This list is the list of domains that comprise the boundaries of the enterprise. Data from one of these domains that is sent to a device will be considered enterprise data and protected. These locations will be considered a safe destination for enterprise data to be shared to. This list is a comma-separated list of domains, for example "contoso.sharepoint.com, Fabrikam.com".
 
 > [!NOTE]
 > The client requires domain name to be canonical, otherwise the setting will be rejected by the client.
@@ -300,7 +300,7 @@ Here are the steps to create canonical domain names:
 
 <!--/Scope-->
 <!--Description-->
-This is a comma-separated list of proxy servers. Any server on this list is considered non-enterprise. For example "157.54.14.28, 157.54.11.118, 10.202.14.167, 157.53.14.163, 157.69.210.59".
+This list is a comma-separated list of proxy servers. Any server on this list is considered non-enterprise. For example "157.54.14.28, 157.54.11.118, 10.202.14.167, 157.53.14.163, 157.69.210.59".
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -383,7 +383,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-List of domain names that can used for work or personal resource.
+List of domain names that can be used for work or personal resource.
 
 <!--/Description-->
 <!--ADMXMapped-->
diff --git a/windows/client-management/mdm/policy-csp-networklistmanager.md b/windows/client-management/mdm/policy-csp-networklistmanager.md
index 22a950170a..1e7e152515 100644
--- a/windows/client-management/mdm/policy-csp-networklistmanager.md
+++ b/windows/client-management/mdm/policy-csp-networklistmanager.md
@@ -70,7 +70,7 @@ When entering a list of TLS endpoints in Microsoft Endpoint Manager, you must fo
 
 - The client must trust the server certificate. So the CA certificate that the HTTPS server certificate chains to must be present in the client machine's root certificate store.
 
-- A certificate should not be a public certificate.
+- A certificate shouldn't be a public certificate.
 
 
 <hr/>
diff --git a/windows/client-management/mdm/policy-csp-notifications.md b/windows/client-management/mdm/policy-csp-notifications.md
index f2a1383e75..20823757ce 100644
--- a/windows/client-management/mdm/policy-csp-notifications.md
+++ b/windows/client-management/mdm/policy-csp-notifications.md
@@ -65,13 +65,13 @@ manager: dansimp
 
 <!--/Scope-->
 <!--Description-->
-This policy setting blocks applications from using the network to send tile, badge, toast, and raw notifications. Specifically, this policy setting turns off the connection between Windows and the Windows Push Notification Service (WNS). This policy setting also stops applications from being able to use [periodic (polling) notifications](/windows/uwp/design/shell/tiles-and-notifications/periodic-notification-overview).
+This policy setting blocks application from using the network to send tile, badge, toast, and raw notifications. Specifically, this policy setting turns off the connection between Windows and the Windows Push Notification Service (WNS). This policy setting also stops applications from being able to use [periodic (polling) notifications](/windows/uwp/design/shell/tiles-and-notifications/periodic-notification-overview).
 
-If you enable this policy setting, applications and system features will not be able receive notifications from the network from WNS or via notification polling APIs.
+If you enable this policy setting, applications and system features won't be able to receive notifications from the network from WNS or via notification polling APIs.
 
 If you enable this policy setting, notifications can still be raised by applications running on the machine via local API calls from within the application.
 
-If you disable or do not configure this policy setting, the client computer will connect to WNS at user login and applications will be allowed to use periodic (polling) notifications.
+If you disable or don't configure this policy setting, the client computer will connect to WNS at user sign in and applications will be allowed to use periodic (polling) notifications.
 
 No reboots or service restarts are required for this policy setting to take effect.
 
@@ -130,7 +130,7 @@ Validation:
 <!--Description-->
 Boolean value that turns off notification mirroring.
 
-For each user logged into the device, if you enable this policy (set value to 1) the app and system notifications received by this user on this device will not get mirrored to other devices of the same logged in user. If you disable or do not configure this policy (set value to 0) the notifications received by this user on this device will be mirrored to other devices of the same logged in user. This feature can be turned off by apps that do not want to participate in Notification Mirroring. This feature can also be turned off by the user in the Cortana setting page.
+For each user signed in to the device, if you enable this policy (set value to 1) the app and system notifications received by this user on this device won't get mirrored to other devices of the same signed-in user. If you disable or don't configure this policy (set value to 0), the notifications received by this user on this device will be mirrored to other devices of the same signed-in user. This feature can be turned off by apps that don't want to participate in Notification Mirroring. This feature can also be turned off by the user in the Cortana setting page.
 
 No reboot or service restart is required for this policy to take effect.
 
@@ -182,9 +182,9 @@ The following list shows the supported values:
 <!--Description-->
 This policy setting turns off tile notifications.
 
-If you enable this policy setting, applications and system features will not be able to update their tiles and tile badges in the Start screen.
+If you enable this policy setting, applications and system features won't be able to update their tiles and tile badges in the Start screen.
 
-If you disable or do not configure this policy setting, tile and badge notifications are enabled and can be turned off by the administrator or user.
+If you disable or don't configure this policy setting, tile and badge notifications are enabled and can be turned off by the administrator or user.
 
 No reboots or service restarts are required for this policy setting to take effect.
 
@@ -263,7 +263,7 @@ Validation:
 <!--Description-->
 This policy setting determines which Windows Notification Service endpoint will be used to connect for Windows Push Notifications. 
 
-If you disable or do not configure this setting, the push notifications will connect to the default endpoint of client.wns.windows.com.
+If you disable or don't configure this setting, the push notifications will connect to the default endpoint of client.wns.windows.com.
 
 Note: Ensure the proper WNS FQDNs, VIPs, IPs and Ports are also allowlisted from your firewall settings.
 
@@ -277,7 +277,7 @@ ADMX Info:
 
 <!--/ADMXMapped-->
 <!--SupportedValues-->
-If the policy is not specified, we will default our connection to client.wns.windows.com.
+If the policy isn't specified, we'll default our connection to client.wns.windows.com.
 
 <!--/SupportedValues-->
 <!--/Policy-->
diff --git a/windows/client-management/mdm/policy-csp-power.md b/windows/client-management/mdm/policy-csp-power.md
index 417c2b7bb8..6b1bf6a7d3 100644
--- a/windows/client-management/mdm/policy-csp-power.md
+++ b/windows/client-management/mdm/policy-csp-power.md
@@ -195,9 +195,9 @@ ADMX Info:
 <!--Description-->
 This policy setting manages whether or not Windows is allowed to use standby states when putting the computer in a sleep state.
 
-If you enable or do not configure this policy setting, Windows uses standby states to put the computer in a sleep state.
+If you enable or don't configure this policy setting, Windows uses standby states to put the computer in a sleep state.
 
-If you disable this policy setting, standby states (S1-S3) are not allowed.
+If you disable this policy setting, standby states (S1-S3) aren't allowed.
 
 <!--/Description-->
 
@@ -241,9 +241,9 @@ ADMX Info:
 <!--Description-->
 This policy setting manages whether or not Windows is allowed to use standby states when putting the computer in a sleep state.
 
-If you enable or do not configure this policy setting, Windows uses standby states to put the computer in a sleep state.
+If you enable or don't configure this policy setting, Windows uses standby states to put the computer in a sleep state.
 
-If you disable this policy setting, standby states (S1-S3) are not allowed.
+If you disable this policy setting, standby states (S1-S3) aren't allowed.
 
 <!--/Description-->
 
@@ -289,9 +289,9 @@ This policy setting allows you to specify the period of inactivity before Window
 
 If you enable this policy setting, you must provide a value, in seconds, indicating how much idle time should elapse before Windows turns off the display.
 
-If you disable or do not configure this policy setting, users control this setting.
+If you disable or don't configure this policy setting, users control this setting.
 
-If the user has configured a slide show to run on the lock screen when the machine is locked, this can prevent the display from turning off.  The "Prevent enabling lock screen slide show" policy setting can be used to disable the slide show feature.
+If the user has configured a slide show to run on the lock screen when the machine is locked, this slide show can prevent the display from turning off. The "Prevent enabling lock screen slide show" policy setting can be used to disable the slide show feature.
 
 <!--/Description-->
 
@@ -337,9 +337,9 @@ This policy setting allows you to specify the period of inactivity before Window
 
 If you enable this policy setting, you must provide a value, in seconds, indicating how much idle time should elapse before Windows turns off the display.
 
-If you disable or do not configure this policy setting, users control this setting.
+If you disable or don't configure this policy setting, users control this setting.
 
-If the user has configured a slide show to run on the lock screen when the machine is locked, this can prevent the display from turning off.  The "Prevent enabling lock screen slide show" policy setting can be used to disable the slide show feature.
+If the user has configured a slide show to run on the lock screen when the machine is locked, this slide show can prevent the display from turning off.  The "Prevent enabling lock screen slide show" policy setting can be used to disable the slide show feature.
 
 <!--/Description-->
 
@@ -386,7 +386,7 @@ This policy setting allows you to specify battery charge level at which Energy S
 
 If you enable this policy setting, you must specify a percentage value that indicates the battery charge level. Energy Saver is automatically turned on at (and below) the specified battery charge level.
 
-If you disable or do not configure this policy setting, users control this setting.
+If you disable or don't configure this policy setting, users control this setting.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -441,7 +441,7 @@ This policy setting allows you to specify battery charge level at which Energy S
 
 If you enable this policy setting, you must provide a percentage value that indicates the battery charge level. Energy Saver is automatically turned on at (and below) the specified battery charge level.
 
-If you disable or do not configure this policy setting, users control this setting.
+If you disable or don't configure this policy setting, users control this setting.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -496,9 +496,9 @@ This policy setting allows you to specify the period of inactivity before Window
 
 If you enable this policy setting, you must provide a value, in seconds, indicating how much idle time should elapse before Windows transitions to hibernate.
 
-If you disable or do not configure this policy setting, users control this setting.
+If you disable or don't configure this policy setting, users control this setting.
 
-If the user has configured a slide show to run on the lock screen when the machine is locked, this can prevent the sleep transition from occurring.  The "Prevent enabling lock screen slide show" policy setting can be used to disable the slide show feature.
+If the user has configured a slide show to run on the lock screen when the machine is locked, this slide show can prevent the sleep transition from occurring.  The "Prevent enabling lock screen slide show" policy setting can be used to disable the slide show feature.
 
 <!--/Description-->
 
@@ -544,9 +544,9 @@ This policy setting allows you to specify the period of inactivity before Window
 
 If you enable this policy setting, you must provide a value, in seconds, indicating how much idle time should elapse before Windows transitions to hibernate.
 
-If you disable or do not configure this policy setting, users control this setting.
+If you disable or don't configure this policy setting, users control this setting.
 
-If the user has configured a slide show to run on the lock screen when the machine is locked, this can prevent the sleep transition from occurring.  The "Prevent enabling lock screen slide show" policy setting can be used to disable the slide show feature.
+If the user has configured a slide show to run on the lock screen when the machine is locked, this slide show can prevent the sleep transition from occurring.  The "Prevent enabling lock screen slide show" policy setting can be used to disable the slide show feature.
 
 <!--/Description-->
 
@@ -591,9 +591,9 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies whether or not the user is prompted for a password when the system resumes from sleep.
 
-If you enable or do not configure this policy setting, the user is prompted for a password when the system resumes from sleep.
+If you enable or don't configure this policy setting, the user is prompted for a password when the system resumes from sleep.
 
-If you disable this policy setting, the user is not prompted for a password when the system resumes from sleep.
+If you disable this policy setting, the user isn't prompted for a password when the system resumes from sleep.
 
 <!--/Description-->
 
@@ -637,9 +637,9 @@ ADMX Info:
 <!--Description-->
 This policy setting specifies whether or not the user is prompted for a password when the system resumes from sleep.
 
-If you enable or do not configure this policy setting, the user is prompted for a password when the system resumes from sleep.
+If you enable or don't configure this policy setting, the user is prompted for a password when the system resumes from sleep.
 
-If you disable this policy setting, the user is not prompted for a password when the system resumes from sleep.
+If you disable this policy setting, the user isn't prompted for a password when the system resumes from sleep.
 
 <!--/Description-->
 
@@ -685,7 +685,7 @@ This policy setting specifies the action that Windows takes when a user closes t
 
 If you enable this policy setting, you must select the desired action.
 
-If you disable this policy setting or do not configure it, users can see and change this setting.
+If you disable this policy setting or don't configure it, users can see and change this setting.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -746,7 +746,7 @@ This policy setting specifies the action that Windows takes when a user closes t
 
 If you enable this policy setting, you must select the desired action.
 
-If you disable this policy setting or do not configure it, users can see and change this setting.
+If you disable this policy setting or don't configure it, users can see and change this setting.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -807,7 +807,7 @@ This policy setting specifies the action that Windows takes when a user presses
 
 If you enable this policy setting, you must select the desired action.
 
-If you disable this policy setting or do not configure it, users can see and change this setting.
+If you disable this policy setting or don't configure it, users can see and change this setting.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -868,7 +868,7 @@ This policy setting specifies the action that Windows takes when a user presses
 
 If you enable this policy setting, you must select the desired action.
 
-If you disable this policy setting or do not configure it, users can see and change this setting.
+If you disable this policy setting or don't configure it, users can see and change this setting.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -929,7 +929,7 @@ This policy setting specifies the action that Windows takes when a user presses
 
 If you enable this policy setting, you must select the desired action.
 
-If you disable this policy setting or do not configure it, users can see and change this setting.
+If you disable this policy setting or don't configure it, users can see and change this setting.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -990,7 +990,7 @@ This policy setting specifies the action that Windows takes when a user presses
 
 If you enable this policy setting, you must select the desired action.
 
-If you disable this policy setting or do not configure it, users can see and change this setting.
+If you disable this policy setting or don't configure it, users can see and change this setting.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -1051,9 +1051,9 @@ This policy setting allows you to specify the period of inactivity before Window
 
 If you enable this policy setting, you must provide a value, in seconds, indicating how much idle time should elapse before Windows transitions to sleep.
 
-If you disable or do not configure this policy setting, users control this setting.
+If you disable or don't configure this policy setting, users control this setting.
 
-If the user has configured a slide show to run on the lock screen when the machine is locked, this can prevent the sleep transition from occurring.  The "Prevent enabling lock screen slide show" policy setting can be used to disable the slide show feature.
+If the user has configured a slide show to run on the lock screen when the machine is locked, this slide show can prevent the sleep transition from occurring. The "Prevent enabling lock screen slide show" policy setting can be used to disable the slide show feature.
 
 <!--/Description-->
 
@@ -1099,9 +1099,9 @@ This policy setting allows you to specify the period of inactivity before Window
 
 If you enable this policy setting, you must provide a value, in seconds, indicating how much idle time should elapse before Windows transitions to sleep.
 
-If you disable or do not configure this policy setting, users control this setting.
+If you disable or don't configure this policy setting, users control this setting.
 
-If the user has configured a slide show to run on the lock screen when the machine is locked, this can prevent the sleep transition from occurring.  The "Prevent enabling lock screen slide show" policy setting can be used to disable the slide show feature.
+If the user has configured a slide show to run on the lock screen when the machine is locked, this slide show can prevent the sleep transition from occurring.  The "Prevent enabling lock screen slide show" policy setting can be used to disable the slide show feature.
 
 <!--/Description-->
 
@@ -1145,9 +1145,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to turn off hybrid sleep.
 
-If you set this policy setting to 0, a hiberfile is not generated when the system transitions to sleep (Stand By).
+If you set this policy setting to 0, a hiberfile isn't generated when the system transitions to sleep (Stand By).
 
-If you set this policy setting to 1 or do not configure this policy setting, users control this setting.
+If you set this policy setting to 1 or don't configure this policy setting, users control this setting.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -1203,9 +1203,9 @@ The following are the supported values for Hybrid sleep (on battery):
 <!--Description-->
 This policy setting allows you to turn off hybrid sleep.
 
-If you set this policy setting to 0, a hiberfile is not generated when the system transitions to sleep (Stand By).
+If you set this policy setting to 0, a hiberfile isn't generated when the system transitions to sleep (Stand By).
 
-If you set this policy setting to 1 or do not configure this policy setting, users control this setting.
+If you set this policy setting to 1 or don't configure this policy setting, users control this setting.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -1259,13 +1259,13 @@ The following are the supported values for Hybrid sleep (plugged in):
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to specify the period of inactivity before Windows transitions to sleep automatically when a user is not present at the computer.
+This policy setting allows you to specify the period of inactivity before Windows transitions to sleep automatically when a user isn't present at the computer.
 
-If you enable this policy setting, you must provide a value, in seconds, indicating how much idle time should elapse before Windows automatically transitions to sleep when left unattended. If you specify 0 seconds, Windows does not automatically transition to sleep.
+If you enable this policy setting, you must provide a value, in seconds, indicating how much idle time should elapse before Windows automatically transitions to sleep when left unattended. If you specify 0 seconds, Windows doesn't automatically transition to sleep.
 
-If you disable or do not configure this policy setting, users control this setting.
+If you disable or don't configure this policy setting, users control this setting.
 
-If the user has configured a slide show to run on the lock screen when the machine is locked, this can prevent the sleep transition from occurring. The "Prevent enabling lock screen slide show" policy setting can be used to disable the slide show feature.
+If the user has configured a slide show to run on the lock screen when the machine is locked, this slide show can prevent the sleep transition from occurring. The "Prevent enabling lock screen slide show" policy setting can be used to disable the slide show feature.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -1317,13 +1317,13 @@ Default value for unattended sleep timeout (on battery):
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to specify the period of inactivity before Windows transitions to sleep automatically when a user is not present at the computer.
+This policy setting allows you to specify the period of inactivity before Windows transitions to sleep automatically when a user isn't present at the computer.
 
-If you enable this policy setting, you must provide a value, in seconds, indicating how much idle time should elapse before Windows automatically transitions to sleep when left unattended. If you specify 0 seconds, Windows does not automatically transition to sleep.
+If you enable this policy setting, you must provide a value, in seconds, indicating how much idle time should elapse before Windows automatically transitions to sleep when left unattended. If you specify 0 seconds, Windows doesn't automatically transition to sleep.
 
-If you disable or do not configure this policy setting, users control this setting.
+If you disable or don't configure this policy setting, users control this setting.
 
-If the user has configured a slide show to run on the lock screen when the machine is locked, this can prevent the sleep transition from occurring. The "Prevent enabling lock screen slide show" policy setting can be used to disable the slide show feature.
+If the user has configured a slide show to run on the lock screen when the machine is locked, this slide show can prevent the sleep transition from occurring. The "Prevent enabling lock screen slide show" policy setting can be used to disable the slide show feature.
 
 <!--/Description-->
 <!--ADMXMapped-->
diff --git a/windows/client-management/mdm/policy-csp-printers.md b/windows/client-management/mdm/policy-csp-printers.md
index ce1673fa34..48b7f7722b 100644
--- a/windows/client-management/mdm/policy-csp-printers.md
+++ b/windows/client-management/mdm/policy-csp-printers.md
@@ -105,8 +105,8 @@ manager: dansimp
 <!--/Scope-->
 <!--Description-->
 This policy implements the print portion of the Device Control requirements. 
-These requirements include restricting printing to USB connected printers which match a list of approved USB Vid/Pid combinations or to corporate connected printers while either directly connected to the corporate network or when using a VPN connection to the corporate network.  
-This policy will contain the comma separated list of approved USB Vid&Pid combinations which the print spooler will allow to print when Device Control is enabled.
+These requirements include restricting printing to USB connected printers that match a list of approved USB Vid/Pid combinations or to corporate connected printers while either directly connected to the corporate network or when using a VPN connection to the corporate network.  
+This policy will contain the comma-separated list of approved USB Vid&Pid combinations that the print spooler will allow to print when Device Control is enabled.
 The format of this setting is `<vid>/<pid>[,<vid>/<pid>]`
 
 Parent deliverable: 26209274 - Device Control: Printer
@@ -176,8 +176,8 @@ ADMX Info:
 <!--/Scope-->
 <!--Description-->
 This policy implements the print portion of the Device Control requirements. 
-These requirements include restricting printing to USB connected printers which match a list of approved USB Vid/Pid combinations or to corporate connected printers while either directly connected to the corporate network or when using a VPN connection to the corporate network.  
-This policy will contain the comma separated list of approved USB Vid&Pid combinations which the print spooler will allow to print when Device Control is enabled.
+These requirements include restricting printing to USB connected printers that match a list of approved USB Vid/Pid combinations or to corporate connected printers while either directly connected to the corporate network or when using a VPN connection to the corporate network.  
+This policy will contain the comma separated list of approved USB Vid&Pid combinations that the print spooler will allow to print when Device Control is enabled.
 The format of this setting is `<vid>/<pid>[,<vid>/<pid>]`
 
 <!--/Description-->
@@ -244,14 +244,14 @@ ADMX Info:
 <!--/Scope-->
 <!--Description-->
 This policy implements the print portion of the Device Control requirements. 
-These requirements include restricting printing to USB connected printers which match a list of approved USB Vid/Pid combinations or to corporate connected printers while either directly connected to the corporate network or when using a VPN connection to the corporate network.  
+These requirements include restricting printing to USB connected printers that match a list of approved USB Vid/Pid combinations or to corporate connected printers while either directly connected to the corporate network or when using a VPN connection to the corporate network.  
 This policy will control whether the print spooler will attempt to restrict printing as part of Device Control.
 
 The default value of the policy will be Unconfigured.
 
-If the policy value is either Unconfigured or Disabled the print spooler will not restrict printing.
+If the policy value is either Unconfigured or Disabled, the print spooler won't restrict printing.
 
-If the policy value is Enabled the print spooler will restrict local printing to USB devices in the Approved Device list. 
+If the policy value is Enabled, the print spooler will restrict local printing to USB devices in the Approved Device list. 
 
 
 <!--/Description-->
@@ -320,14 +320,14 @@ ADMX Info:
 <!--/Scope-->
 <!--Description-->
 This policy implements the print portion of the Device Control requirements. 
-These requirements include restricting printing to USB connected printers which match a list of approved USB Vid/Pid combinations or to corporate connected printers while either directly connected to the corporate network or when using a VPN connection to the corporate network.  
+These requirements include restricting printing to USB connected printers that match a list of approved USB Vid/Pid combinations or to corporate connected printers while either directly connected to the corporate network or when using a VPN connection to the corporate network.  
 This policy will control whether the print spooler will attempt to restrict printing as part of Device Control.
 
 The default value of the policy will be Unconfigured.
 
-If the policy value is either Unconfigured or Disabled the print spooler will not restrict printing.
+If the policy value is either Unconfigured or Disabled, the print spooler won't restrict printing.
 
-If the policy value is Enabled the print spooler will restrict local printing to USB devices in the Approved Device list. 
+If the policy value is Enabled, the print spooler will restrict local printing to USB devices in the Approved Device list. 
 
 
 <!--/Description-->
@@ -374,11 +374,11 @@ This policy setting controls the client Point and Print behavior, including the
 
 If you enable this policy setting:
 
-- Windows XP and later clients will only download print driver components from a list of explicitly named servers. If a compatible print driver is available on the client, a printer connection will be made. If a compatible print driver is not available on the client, no connection will be made.
+- Windows XP and later clients will only download print driver components from a list of explicitly named servers. If a compatible print driver is available on the client, a printer connection will be made. If a compatible print driver isn't available on the client, no connection will be made.
 
-- You can configure Windows Vista clients so that security warnings and elevated command prompts do not appear when users Point and Print, or when printer connection drivers need to be updated.
+- You can configure Windows Vista clients so that security warnings and elevated command prompts don't appear when users Point and Print, or when printer connection drivers need to be updated.
 
-If you do not configure this policy setting:
+If you don't configure this policy setting:
 
 - Windows Vista client computers can point and print to any server.
 
@@ -392,9 +392,9 @@ If you disable this policy setting:
 
 - Windows Vista client computers can create a printer connection to any server using Point and Print.
 
-- Windows Vista computers will not show a warning or an elevated command prompt when users create a printer connection to any server using Point and Print.
+- Windows Vista computers won't show a warning or an elevated command prompt when users create a printer connection to any server using Point and Print.
 
-- Windows Vista computers will not show a warning or an elevated command prompt when an existing printer connection driver needs to be updated.
+- Windows Vista computers won't show a warning or an elevated command prompt when an existing printer connection driver needs to be updated.
 
 - Windows Server 2003 and Windows XP client computers can create a printer connection to any server using Point and Print.
 
@@ -457,11 +457,11 @@ This policy setting controls the client Point and Print behavior, including the
 
 If you enable this policy setting:
 
-- Windows XP and later clients will only download print driver components from a list of explicitly named servers. If a compatible print driver is available on the client, a printer connection will be made. If a compatible print driver is not available on the client, no connection will be made.
+- Windows XP and later clients will only download print driver components from a list of explicitly named servers. If a compatible print driver is available on the client, a printer connection will be made. If a compatible print driver isn't available on the client, no connection will be made.
 
-- You can configure Windows Vista clients so that security warnings and elevated command prompts do not appear when users Point and Print, or when printer connection drivers need to be updated.
+- You can configure Windows Vista clients so that security warnings and elevated command prompts don't appear when users Point and Print, or when printer connection drivers need to be updated.
 
-If you do not configure this policy setting:
+If you don't configure this policy setting:
 
 - Windows Vista client computers can point and print to any server.
 
@@ -475,9 +475,9 @@ If you disable this policy setting:
 
 - Windows Vista client computers can create a printer connection to any server using Point and Print.
 
-- Windows Vista computers will not show a warning or an elevated command prompt when users create a printer connection to any server using Point and Print.
+- Windows Vista computers won't show a warning or an elevated command prompt when users create a printer connection to any server using Point and Print.
 
-- Windows Vista computers will not show a warning or an elevated command prompt when an existing printer connection driver needs to be updated.
+- Windows Vista computers won't show a warning or an elevated command prompt when an existing printer connection driver needs to be updated.
 
 - Windows Server 2003 and Windows XP client computers can create a printer connection to any server using Point and Print.
 
@@ -524,11 +524,11 @@ ADMX Info:
 <!--Description-->
 Determines whether the computer's shared printers can be published in Active Directory.
 
-If you enable this setting or do not configure it, users can use the "List in directory" option in the Printer's Properties' Sharing tab to publish shared printers in Active Directory.
+If you enable this setting or don't configure it, users can use the "List in directory" option in the Printer's Properties' Sharing tab to publish shared printers in Active Directory.
 
-If you disable this setting, this computer's shared printers cannot be published in Active Directory, and the "List in directory" option is not available.
+If you disable this setting, this computer's shared printers can't be published in Active Directory, and the "List in directory" option isn't available.
 
-Note: This settings takes priority over the setting "Automatically publish new printers in the Active Directory".
+Note: This setting takes priority over the setting "Automatically publish new printers in the Active Directory".
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-remoteassistance.md b/windows/client-management/mdm/policy-csp-remoteassistance.md
index 69ec854522..64c53af12c 100644
--- a/windows/client-management/mdm/policy-csp-remoteassistance.md
+++ b/windows/client-management/mdm/policy-csp-remoteassistance.md
@@ -71,15 +71,15 @@ manager: dansimp
 <!--Description-->
 This policy setting lets you customize warning messages.
 
-The "Display warning message before sharing control" policy setting allows you to specify a custom message to display before a user shares control of his or her computer.
+The "Display warning message before sharing control" policy setting allows you to specify a custom message to display before users share control of their computers.
 
-The "Display warning message before connecting" policy setting allows you to specify a custom message to display before a user allows a connection to his or her computer.
+The "Display warning message before connecting" policy setting allows you to specify a custom message to display before users allow a connection to their computers.
 
 If you enable this policy setting, the warning message you specify overrides the default message that is seen by the novice.
 
 If you disable this policy setting, the user sees the default warning message.
 
-If you do not configure this policy setting, the user sees the default warning message.
+If you don't configure this policy setting, the user sees the default warning message.
 
 <!--/Description-->
 
@@ -125,9 +125,9 @@ This policy setting allows you to turn logging on or off. Log files are located
 
 If you enable this policy setting, log files are generated.
 
-If you disable this policy setting, log files are not generated.
+If you disable this policy setting, log files aren't generated.
 
-If you do not configure this setting, application-based settings are used.
+If you don't configure this setting, application-based settings are used.
 
 <!--/Description-->
 
@@ -171,19 +171,19 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to turn on or turn off Solicited (Ask for) Remote Assistance on this computer.
 
-If you enable this policy setting, users on this computer can use email or file transfer to ask someone for help. Also, users can use instant messaging programs to allow connections to this computer, and you can configure additional Remote Assistance settings.
+If you enable this policy setting, users on this computer can use email or file transfer to ask someone for help. Also, users can use instant messaging programs to allow connections to this computer, and you can configure more Remote Assistance settings.
 
-If you disable this policy setting, users on this computer cannot use email or file transfer to ask someone for help. Also, users cannot use instant messaging programs to allow connections to this computer.
+If you disable this policy setting, users on this computer can't use email or file transfer to ask someone for help. Also, users can't use instant messaging programs to allow connections to this computer.
 
-If you do not configure this policy setting, users can turn on or turn off Solicited (Ask for) Remote Assistance themselves in System Properties in Control Panel. Users can also configure Remote Assistance settings.
+If you don't configure this policy setting, users can turn on or turn off Solicited (Ask for) Remote Assistance themselves in System Properties in Control Panel. Users can also configure Remote Assistance settings.
 
 If you enable this policy setting, you have two ways to allow helpers to provide Remote Assistance: "Allow helpers to only view the computer" or "Allow helpers to remotely control the computer."
 
 The "Maximum ticket time" policy setting sets a limit on the amount of time that a Remote Assistance invitation created by using email or file transfer can remain open.
 
-The "Select the method for sending email invitations" setting specifies which email standard to use to send Remote Assistance invitations. Depending on your email program, you can use either the Mailto standard (the invitation recipient connects through an Internet link) or the SMAPI (Simple MAPI) standard (the invitation is attached to your email message). This policy setting is not available in Windows Vista since SMAPI is the only method supported.
+The "Select the method for sending email invitations" setting specifies which email standard to use to send Remote Assistance invitations. Depending on your email program, you can use either the Mailto standard (the invitation recipient connects through an Internet link) or the SMAPI (Simple MAPI) standard (the invitation is attached to your email message). This policy setting isn't available in Windows Vista since SMAPI is the only method supported.
 
-If you enable this policy setting you should also enable appropriate firewall exceptions to allow Remote Assistance communications.
+If you enable this policy setting, you should also enable appropriate firewall exceptions to allow Remote Assistance communications.
 
 <!--/Description-->
 
@@ -229,9 +229,9 @@ This policy setting allows you to turn on or turn off Offer (Unsolicited) Remote
 
 If you enable this policy setting, users on this computer can get help from their corporate technical support staff using Offer (Unsolicited) Remote Assistance.
 
-If you disable this policy setting, users on this computer cannot get help from their corporate technical support staff using Offer (Unsolicited) Remote Assistance.
+If you disable this policy setting, users on this computer can't get help from their corporate technical support staff using Offer (Unsolicited) Remote Assistance.
 
-If you do not configure this policy setting, users on this computer cannot get help from their corporate technical support staff using Offer (Unsolicited) Remote Assistance.
+If you don't configure this policy setting, users on this computer can't get help from their corporate technical support staff using Offer (Unsolicited) Remote Assistance.
 
 If you enable this policy setting, you have two ways to allow helpers to provide Remote Assistance: "Allow helpers to only view the computer" or "Allow helpers to remotely control the computer." When you configure this policy setting, you also specify the list of users or user groups that are allowed to offer remote assistance.
 
@@ -241,7 +241,7 @@ To configure the list of helpers, click "Show." In the window that opens, you ca
 
 `<Domain Name>\<Group Name>`
 
-If you enable this policy setting, you should also enable firewall exceptions to allow Remote Assistance communications. The firewall exceptions required for Offer (Unsolicited) Remote Assistance depend on the version of Windows you are running.
+If you enable this policy setting, you should also enable firewall exceptions to allow Remote Assistance communications. The firewall exceptions required for Offer (Unsolicited) Remote Assistance depend on the version of Windows you're running.
 
 Windows Vista and later
 
diff --git a/windows/client-management/mdm/policy-csp-remotedesktopservices.md b/windows/client-management/mdm/policy-csp-remotedesktopservices.md
index 31f36b4007..6519b2d40c 100644
--- a/windows/client-management/mdm/policy-csp-remotedesktopservices.md
+++ b/windows/client-management/mdm/policy-csp-remotedesktopservices.md
@@ -81,9 +81,9 @@ This policy setting allows you to configure remote access to computers by using
 
 If you enable this policy setting, users who are members of the Remote Desktop Users group on the target computer can connect remotely to the target computer by using Remote Desktop Services.
 
-If you disable this policy setting, users cannot connect remotely to the target computer by using Remote Desktop Services. The target computer will maintain any current connections, but will not accept any new incoming connections.
+If you disable this policy setting, users can't connect remotely to the target computer by using Remote Desktop Services. The target computer will maintain any current connections, but won't accept any new incoming connections.
 
-If you do not configure this policy setting, Remote Desktop Services uses the Remote Desktop setting on the target computer to determine whether the remote connection is allowed. This setting is found on the Remote tab in the System properties sheet. By default, remote connections are not allowed. 
+If you don't configure this policy setting, Remote Desktop Services uses the Remote Desktop setting on the target computer to determine whether the remote connection is allowed. This setting is found on the Remote tab in the System properties sheet. By default, remote connections aren't allowed. 
 
 Note: You can limit which clients are able to connect remotely by using Remote Desktop Services by configuring the policy setting at Computer Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Security\Require user authentication for remote connections by using Network Level Authentication. 
 
@@ -129,17 +129,17 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Specifies whether to require the use of a specific encryption level to secure communications between client computers and RD Session Host servers during Remote Desktop Protocol (RDP) connections. This policy only applies when you are using native RDP encryption. However, native RDP encryption (as opposed to SSL encryption) is not recommended. This policy does not apply to SSL encryption.
+Specifies whether to require the use of a specific encryption level to secure communications between client computers and RD Session Host servers during Remote Desktop Protocol (RDP) connections. This policy only applies when you're using native RDP encryption. However, native RDP encryption (as opposed to SSL encryption) isn't recommended. This policy doesn't apply to SSL encryption.
 
 If you enable this policy setting, all communications between clients and RD Session Host servers during remote connections must use the encryption method specified in this setting. By default, the encryption level is set to High. The following encryption methods are available:
 
-* High: The High setting encrypts data sent from the client to the server and from the server to the client by using strong 128-bit encryption. Use this encryption level in environments that contain only 128-bit clients (for example, clients that run Remote Desktop Connection). Clients that do not support this encryption level cannot connect to RD Session Host servers.
+* High: The High setting encrypts data sent from the client to the server and from the server to the client by using strong 128-bit encryption. Use this encryption level in environments that contain only 128-bit clients (for example, clients that run Remote Desktop Connection). Clients that don't support this encryption level can't connect to RD Session Host servers.
 
-* Client Compatible: The Client Compatible setting encrypts data sent between the client and the server at the maximum key strength supported by the client. Use this encryption level in environments that include clients that do not support 128-bit encryption.
+* Client Compatible: The Client Compatible setting encrypts data sent between the client and the server at the maximum key strength supported by the client. Use this encryption level in environments that include clients that don't support 128-bit encryption.
 
 * Low: The Low setting encrypts only data sent from the client to the server by using 56-bit encryption.
 
-If you disable or do not configure this setting, the encryption level to be used for remote connections to RD Session Host servers is not enforced through Group Policy.
+If you disable or don't configure this setting, the encryption level to be used for remote connections to RD Session Host servers isn't enforced through Group Policy.
 
 Important
 
@@ -189,11 +189,11 @@ This policy setting specifies whether to prevent the mapping of client drives in
 
 By default, an RD Session Host server maps client drives automatically upon connection. Mapped drives appear in the session folder tree in File Explorer or Computer in the format `<driveletter>` on `<computername>`. You can use this policy setting to override this behavior.
 
-If you enable this policy setting, client drive redirection is not allowed in Remote Desktop Services sessions, and Clipboard file copy redirection is not allowed on computers running Windows Server 2019 and Windows 10.
+If you enable this policy setting, client drive redirection isn't allowed in Remote Desktop Services sessions, and Clipboard file copy redirection isn't allowed on computers running Windows Server 2019 and Windows 10.
 
 If you disable this policy setting, client drive redirection is always allowed. In addition, Clipboard file copy redirection is always allowed if Clipboard redirection is allowed.
 
-If you do not configure this policy setting, client drive redirection and Clipboard file copy redirection are not specified at the Group Policy level.
+If you don't configure this policy setting, client drive redirection and Clipboard file copy redirection aren't specified at the Group Policy level.
 
 <!--/Description-->
 
@@ -237,7 +237,7 @@ ADMX Info:
 <!--Description-->
 Controls whether passwords can be saved on this computer from Remote Desktop Connection.
 
-If you enable this setting the password saving checkbox in Remote Desktop Connection will be disabled and users will no longer be able to save passwords. When a user opens an RDP file using Remote Desktop Connection and saves his settings, any password that previously existed in the RDP file will be deleted.
+If you enable this setting, the password-saving checkbox in Remote Desktop Connection will be disabled and users will no longer be able to save passwords. When a user opens an RDP file using Remote Desktop Connection and saves their settings, any password that previously existed in the RDP file will be deleted.
 
 If you disable this setting or leave it not configured, the user will be able to save passwords using Remote Desktop Connection.
 
@@ -285,13 +285,13 @@ This policy setting specifies whether Remote Desktop Services always prompts the
 
 You can use this setting to enforce a password prompt for users logging on to Remote Desktop Services, even if they already provided the password in the Remote Desktop Connection client.
 
-By default, Remote Desktop Services allows users to automatically log on by entering a password in the Remote Desktop Connection client.
+By default, Remote Desktop Services allows users to automatically sign in by entering a password in the Remote Desktop Connection client.
 
-If you enable this policy setting, users cannot automatically log on to Remote Desktop Services by supplying their passwords in the Remote Desktop Connection client. They are prompted for a password to log on.
+If you enable this policy setting, users can't automatically sign in to Remote Desktop Services by supplying their passwords in the Remote Desktop Connection client. They're prompted for a password to sign in.
 
-If you disable this policy setting, users can always log on to Remote Desktop Services automatically by supplying their passwords in the Remote Desktop Connection client.
+If you disable this policy setting, users can always sign in to Remote Desktop Services automatically by supplying their passwords in the Remote Desktop Connection client.
 
-If you do not configure this policy setting, automatic logon is not specified at the Group Policy level.
+If you don't configure this policy setting, automatic logon isn't specified at the Group Policy level.
 
 <!--/Description-->
 
@@ -337,9 +337,9 @@ Specifies whether a Remote Desktop Session Host server requires secure RPC commu
 
 You can use this setting to strengthen the security of RPC communication with clients by allowing only authenticated and encrypted requests.
 
-If the status is set to Enabled, Remote Desktop Services accepts requests from RPC clients that support secure requests, and does not allow unsecured communication with untrusted clients.
+If the status is set to Enabled, Remote Desktop Services accepts requests from RPC clients that support secure requests, and doesn't allow unsecured communication with untrusted clients.
 
-If the status is set to Disabled, Remote Desktop Services always requests security for all RPC traffic. However, unsecured communication is allowed for RPC clients that do not respond to the request.
+If the status is set to Disabled, Remote Desktop Services always requests security for all RPC traffic. However, unsecured communication is allowed for RPC clients that don't respond to the request.
 
 If the status is set to Not Configured, unsecured communication is allowed.
 
diff --git a/windows/client-management/mdm/policy-csp-remotemanagement.md b/windows/client-management/mdm/policy-csp-remotemanagement.md
index 7062b9695c..a0059027d9 100644
--- a/windows/client-management/mdm/policy-csp-remotemanagement.md
+++ b/windows/client-management/mdm/policy-csp-remotemanagement.md
@@ -108,7 +108,7 @@ This policy setting allows you to manage whether the Windows Remote Management (
 
 If you enable this policy setting, the WinRM client uses Basic authentication. If WinRM is configured to use HTTP transport, the user name and password are sent over the network as clear text.
 
-If you disable or do not configure this policy setting, the WinRM client does not use Basic authentication.
+If you disable or don't configure this policy setting, the WinRM client doesn't use Basic authentication.
 
 <!--/Description-->
 
@@ -154,7 +154,7 @@ This policy setting allows you to manage whether the Windows Remote Management (
 
 If you enable this policy setting, the WinRM service accepts Basic authentication from a remote client.
 
-If you disable or do not configure this policy setting, the WinRM service does not accept Basic authentication from a remote client.
+If you disable or don't configure this policy setting, the WinRM service doesn't accept Basic authentication from a remote client.
 
 <!--/Description-->
 
@@ -200,7 +200,7 @@ This policy setting allows you to manage whether the Windows Remote Management (
 
 If you enable this policy setting, the WinRM client uses CredSSP authentication.
 
-If you disable or do not configure this policy setting, the WinRM client does not use CredSSP authentication.
+If you disable or don't configure this policy setting, the WinRM client doesn't use CredSSP authentication.
 
 <!--/Description-->
 
@@ -246,7 +246,7 @@ This policy setting allows you to manage whether the Windows Remote Management (
 
 If you enable this policy setting, the WinRM service accepts CredSSP authentication from a remote client.
 
-If you disable or do not configure this policy setting, the WinRM service does not accept CredSSP authentication from a remote client.
+If you disable or don't configure this policy setting, the WinRM service doesn't accept CredSSP authentication from a remote client.
 
 <!--/Description-->
 
@@ -294,11 +294,11 @@ If you enable this policy setting, the WinRM service automatically listens on th
 
 To allow WinRM service to receive requests over the network, configure the Windows Firewall policy setting with exceptions for Port 5985 (default port for HTTP).
 
-If you disable or do not configure this policy setting, the WinRM service will not respond to requests from a remote computer, regardless of whether or not any WinRM listeners are configured.
+If you disable or don't configure this policy setting, the WinRM service won't respond to requests from a remote computer, regardless of whether or not any WinRM listeners are configured.
 
 The service listens on the addresses specified by the IPv4 and IPv6 filters. The IPv4 filter specifies one or more ranges of IPv4 addresses, and the IPv6 filter specifies one or more ranges of IPv6addresses. If specified, the service enumerates the available IP addresses on the computer and uses only addresses that fall within one of the filter ranges.
 
-You should use an asterisk (\*) to indicate that the service listens on all available IP addresses on the computer. When \* is used, other ranges in the filter are ignored. If the filter is left blank, the service does not listen on any addresses.
+You should use an asterisk (\*) to indicate that the service listens on all available IP addresses on the computer. When \* is used, other ranges in the filter are ignored. If the filter is left blank, the service doesn't listen on any addresses.
 
 For example, if you want the service to listen only on IPv4 addresses, leave the IPv6 filter empty.
 
@@ -351,7 +351,7 @@ This policy setting allows you to manage whether the Windows Remote Management (
 
 If you enable this policy setting, the WinRM client sends and receives unencrypted messages over the network.
 
-If you disable or do not configure this policy setting, the WinRM client sends or receives only encrypted messages over the network.
+If you disable or don't configure this policy setting, the WinRM client sends or receives only encrypted messages over the network.
 
 <!--/Description-->
 
@@ -397,7 +397,7 @@ This policy setting allows you to manage whether the Windows Remote Management (
 
 If you enable this policy setting, the WinRM client sends and receives unencrypted messages over the network.
 
-If you disable or do not configure this policy setting, the WinRM client sends or receives only encrypted messages over the network.
+If you disable or don't configure this policy setting, the WinRM client sends or receives only encrypted messages over the network.
 
 <!--/Description-->
 
@@ -441,9 +441,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to manage whether the Windows Remote Management (WinRM) client uses Digest authentication.
 
-If you enable this policy setting, the WinRM client does not use Digest authentication.
+If you enable this policy setting, the WinRM client doesn't use Digest authentication.
 
-If you disable or do not configure this policy setting, the WinRM client uses Digest authentication.
+If you disable or don't configure this policy setting, the WinRM client uses Digest authentication.
 
 <!--/Description-->
 
@@ -487,9 +487,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to manage whether the Windows Remote Management (WinRM) client uses Negotiate authentication.
 
-If you enable this policy setting, the WinRM client does not use Negotiate authentication.
+If you enable this policy setting, the WinRM client doesn't use Negotiate authentication.
 
-If you disable or do not configure this policy setting, the WinRM client uses Negotiate authentication.
+If you disable or don't configure this policy setting, the WinRM client uses Negotiate authentication.
 
 <!--/Description-->
 
@@ -533,9 +533,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to manage whether the Windows Remote Management (WinRM) service accepts Negotiate authentication from a remote client.
 
-If you enable this policy setting, the WinRM service does not accept Negotiate authentication from a remote client.
+If you enable this policy setting, the WinRM service doesn't accept Negotiate authentication from a remote client.
 
-If you disable or do not configure this policy setting, the WinRM service accepts Negotiate authentication from a remote client.
+If you disable or don't configure this policy setting, the WinRM service accepts Negotiate authentication from a remote client.
 
 <!--/Description-->
 
@@ -577,13 +577,13 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to manage whether the Windows Remote Management (WinRM) service will not allow RunAs credentials to be stored for any plug-ins.
+This policy setting allows you to manage whether the Windows Remote Management (WinRM) service won't allow RunAs credentials to be stored for any plug-ins.
 
-If you enable this policy setting, the WinRM service will not allow the RunAsUser or RunAsPassword configuration values to be set for any plug-ins.  If a plug-in has already set the RunAsUser and RunAsPassword configuration values, the RunAsPassword configuration value will be erased from the credential store on this computer.
+If you enable this policy setting, the WinRM service won't allow the RunAsUser or RunAsPassword configuration values to be set for any plug-ins.  If a plug-in has already set the RunAsUser and RunAsPassword configuration values, the RunAsPassword configuration value will be erased from the credential store on this computer.
 
-If you disable or do not configure this policy setting, the WinRM service will allow the RunAsUser and RunAsPassword configuration values to be set for plug-ins and the RunAsPassword value will be stored securely.
+If you disable or don't configure this policy setting, the WinRM service will allow the RunAsUser and RunAsPassword configuration values to be set for plug-ins and the RunAsPassword value will be stored securely.
 
-If you enable and then disable this policy setting,any values that were previously configured for RunAsPassword will need to be reset.
+If you enable and then disable this policy setting, any values that were previously configured for RunAsPassword will need to be reset.
 
 <!--/Description-->
 
@@ -625,17 +625,17 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to set the hardening level of the Windows Remote Management (WinRM) service with regard to channel binding tokens.
+This policy setting allows you to set the hardening level of the Windows Remote Management (WinRM) service regarding channel binding tokens.
 
 If you enable this policy setting, the WinRM service uses the level specified in HardeningLevel to determine whether or not to accept a received request, based on a supplied channel binding token.
 
-If you disable or do not configure this policy setting, you can configure the hardening level locally on each computer.
+If you disable or don't configure this policy setting, you can configure the hardening level locally on each computer.
 
 If HardeningLevel is set to Strict, any request not containing a valid channel binding token is rejected.
 
-If HardeningLevel is set to Relaxed (default value), any request containing an invalid channel binding token is rejected. However, a request that does not contain a channel binding token is accepted (though it is not protected from credential-forwarding attacks).
+If HardeningLevel is set to Relaxed (default value), any request containing an invalid channel binding token is rejected. However, a request that doesn't contain a channel binding token is accepted (though it isn't protected from credential-forwarding attacks).
 
-If HardeningLevel is set to None, all requests are accepted (though they are not protected from credential-forwarding attacks).
+If HardeningLevel is set to None, all requests are accepted (though they aren't protected from credential-forwarding attacks).
 
 <!--/Description-->
 
@@ -679,9 +679,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to manage whether the Windows Remote Management (WinRM) client uses the list specified in TrustedHostsList to determine if the destination host is a trusted entity.
 
-If you enable this policy setting, the WinRM client uses the list specified in TrustedHostsList to determine if the destination host is a trusted entity. The WinRM client uses this list when neither HTTPS nor Kerberos are used to authenticate the identity of the host.
+If you enable this policy setting, the WinRM client uses the list specified in TrustedHostsList to determine if the destination host is a trusted entity. The WinRM client uses this list when HTTPS or Kerberos is used to authenticate the identity of the host.
 
-If you disable or do not configure this policy setting and the WinRM client needs to use the list of trusted hosts, you must configure the list of trusted hosts locally on each computer.
+If you disable or don't configure this policy setting and the WinRM client needs to use the list of trusted hosts, you must configure the list of trusted hosts locally on each computer.
 
 <!--/Description-->
 
@@ -727,7 +727,7 @@ This policy setting turns on or turns off an HTTP listener created for backward
 
 If you enable this policy setting, the HTTP listener always appears.
 
-If you disable or do not configure this policy setting, the HTTP listener never appears.
+If you disable or don't configure this policy setting, the HTTP listener never appears.
 
 When certain port 80 listeners are migrated to WinRM 2.0, the listener port number changes to 5985.
 
@@ -777,7 +777,7 @@ This policy setting turns on or turns off an HTTPS listener created for backward
 
 If you enable this policy setting, the HTTPS listener always appears.
 
-If you disable or do not configure this policy setting, the HTTPS listener never appears.
+If you disable or don't configure this policy setting, the HTTPS listener never appears.
 
 When certain port 443 listeners are migrated to WinRM 2.0, the listener port number changes to 5986.
 
diff --git a/windows/client-management/mdm/policy-csp-remoteprocedurecall.md b/windows/client-management/mdm/policy-csp-remoteprocedurecall.md
index a750b0adde..c2235cdbb4 100644
--- a/windows/client-management/mdm/policy-csp-remoteprocedurecall.md
+++ b/windows/client-management/mdm/policy-csp-remoteprocedurecall.md
@@ -1,6 +1,6 @@
 ---
 title: Policy CSP - RemoteProcedureCall
-description: The Policy CSP - RemoteProcedureCall setting controls whether RPC clients authenticate when the call they are making contains authentication information.
+description: The Policy CSP - RemoteProcedureCall setting controls whether RPC clients authenticate when the call they're making contains authentication information.
 ms.author: dansimp
 ms.topic: article
 ms.prod: w10
@@ -64,15 +64,15 @@ manager: dansimp
 
 <!--/Scope-->
 <!--Description-->
-This policy setting controls whether RPC clients authenticate with the Endpoint Mapper Service when the call they are making contains authentication information.   The Endpoint Mapper Service on computers running Windows NT4 (all service packs) cannot process authentication information supplied in this manner. 
+This policy setting controls whether RPC clients authenticate with the Endpoint Mapper Service when the call they're making contains authentication information.   The Endpoint Mapper Service on computers running Windows NT4 (all service packs) can't process authentication information supplied in this manner. 
 
-If you disable this policy setting, RPC clients will not authenticate to the Endpoint Mapper Service, but they will be able to communicate with the Endpoint Mapper Service on Windows NT4 Server.
+If you disable this policy setting, RPC clients won't authenticate to the Endpoint Mapper Service, but they'll be able to communicate with the Endpoint Mapper Service on Windows NT4 Server.
 
-If you enable this policy setting, RPC clients will authenticate to the Endpoint Mapper Service for calls that contain authentication information.  Clients making such calls will not be able to communicate with the Windows NT4 Server Endpoint Mapper Service.
+If you enable this policy setting, RPC clients will authenticate to the Endpoint Mapper Service for calls that contain authentication information.  Clients making such calls won't be able to communicate with the Windows NT4 Server Endpoint Mapper Service.
 
-If you do not configure this policy setting, it remains disabled.  RPC clients will not authenticate to the Endpoint Mapper Service, but they will be able to communicate with the Windows NT4 Server Endpoint Mapper Service.
+If you don't configure this policy setting, it remains disabled.  RPC clients won't authenticate to the Endpoint Mapper Service, but they'll be able to communicate with the Windows NT4 Server Endpoint Mapper Service.
 
-Note: This policy will not be applied until the system is rebooted.
+Note: This policy won't be applied until the system is rebooted.
 
 <!--/Description-->
 
@@ -116,13 +116,13 @@ ADMX Info:
 <!--Description-->
 This policy setting controls how the RPC server runtime handles unauthenticated RPC clients connecting to RPC servers.
 
-This policy setting impacts all RPC applications.  In a domain environment this policy setting should be used with caution as it can impact a wide range of functionality including group policy processing itself.  Reverting a change to this policy setting can require manual intervention on each affected machine.  This policy setting should never be applied to a domain controller.
+This policy setting impacts all RPC applications.  In a domain environment, this policy setting should be used with caution as it can impact a wide range of functionality including group policy processing itself.  Reverting a change to this policy setting can require manual intervention on each affected machine.  This policy setting should never be applied to a domain controller.
 
 If you disable this policy setting, the RPC server runtime uses the value of "Authenticated" on Windows Client, and the value of "None" on Windows Server versions that support this policy setting. 
 
-If you do not configure this policy setting, it remains disabled.  The RPC server runtime will behave as though it was enabled with the value of "Authenticated" used for Windows Client and the value of "None" used for Server SKUs that support this policy setting. 
+If you don't configure this policy setting, it remains disabled.  The RPC server runtime will behave as though it was enabled with the value of "Authenticated" used for Windows Client and the value of "None" used for Server SKUs that support this policy setting. 
 
-If you enable this policy setting, it directs the RPC server runtime to restrict unauthenticated RPC clients connecting to RPC servers running on a machine. A client will be considered an authenticated client if it uses a named pipe to communicate with the server or if it uses RPC Security. RPC Interfaces that have specifically requested to be accessible by unauthenticated clients may be exempt from this restriction, depending on the selected value for this policy setting.
+If you enable this policy setting, it directs the RPC server runtime to restrict unauthenticated RPC clients connecting to RPC servers running on a machine. A client will be considered an authenticated client if it uses a named pipe to communicate with the server or if it uses RPC Security. RPC Interfaces that have requested to be accessible by unauthenticated clients may be exempt from this restriction, depending on the selected value for this policy setting.
 
 - "None" allows all RPC clients to connect to RPC Servers running on the machine on which the policy setting is applied.
 
@@ -131,7 +131,7 @@ If you enable this policy setting, it directs the RPC server runtime to restrict
 - "Authenticated without exceptions" allows only authenticated RPC Clients (per the definition above) to connect to RPC Servers running on the machine on which the policy setting is applied.  No exceptions are allowed.
 
 > [!NOTE]
-> This policy setting will not be applied until the system is rebooted.
+> This policy setting won't be applied until the system is rebooted.
 
 <!--/Description-->
 
diff --git a/windows/client-management/mdm/policy-csp-search.md b/windows/client-management/mdm/policy-csp-search.md
index 5c7775b5f5..b56f078278 100644
--- a/windows/client-management/mdm/policy-csp-search.md
+++ b/windows/client-management/mdm/policy-csp-search.md
@@ -160,7 +160,7 @@ ADMX Info:
 <!--/ADMXMapped-->
 <!--SupportedValues-->
 
-This is a simple boolean value, default false, that can be set by MDM policy to allow the Cortana Page in OOBE when logged in with an AAD account.
+This value is a simple boolean value, default false, that can be set by MDM policy to allow the Cortana Page in OOBE when logged in with an AAD account.
 
 <!--/SupportedValues-->
 
@@ -194,7 +194,7 @@ This is a simple boolean value, default false, that can be set by MDM policy to
 
 <!--/Scope-->
 <!--Description-->
-Controls if the user can configure search to Find My Files mode, which searches files in secondary hard drives and also outside of the user profile. Find My Files does not allow users to search files or locations to which they do not have access.
+Controls if the user can configure search to Find My Files mode, which searches files in secondary hard drives and also outside of the user profile. Find My Files doesn't allow users to search files or locations to which they don't have access.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -252,7 +252,7 @@ Allows or disallows the indexing of items. This switch is for the Windows Search
 
 When the policy is enabled, WIP protected items are indexed and the metadata about them are stored in an unencrypted location. The metadata includes things like file path and date modified.
 
-When the policy is disabled, the WIP protected items are not indexed and do not show up in the results in Cortana or file explorer. There may also be a performance impact on photos and Groove apps if there are a lot of WIP protected media files on the device.
+When the policy is disabled, the WIP protected items aren't indexed and don't show up in the results in Cortana or file explorer. There may also be a performance impact on photos and Groove apps if there are many WIP-protected media files on the device.
 
 Most restricted value is 0.
 
@@ -302,7 +302,7 @@ The following list shows the supported values:
 
 <!--/Scope-->
 <!--Description-->
-Specifies whether search can leverage location information.
+Specifies whether search can use location information.
 
 Most restricted value is 0.
 
@@ -605,9 +605,9 @@ The following list shows the supported values:
 <!--Description-->
 This policy setting configures whether or not locations on removable drives can be added to libraries.
 
-If you enable this policy setting, locations on removable drives cannot be added to libraries. In addition, locations on removable drives cannot be indexed.
+If you enable this policy setting, locations on removable drives can't be added to libraries. In addition, locations on removable drives can't be indexed.
 
-If you disable or do not configure this policy setting, locations on removable drives can be added to libraries. In addition, locations on removable drives can be indexed.
+If you disable or don't configure this policy setting, locations on removable drives can be added to libraries. In addition, locations on removable drives can be indexed.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -659,7 +659,7 @@ Don't search the web or display web results in Search, or show search highlights
 
 This policy setting allows you to control whether or not Search can perform queries on the web, if web results are displayed in Search, and if search highlights are shown in the search box and in search home.
 
-- If you enable this policy setting, queries won't be performed on the web, web results won't be displayed when a user performs a query in Search, and search highlights will not be shown in the search box and in search home.
+- If you enable this policy setting, queries won't be performed on the web, web results won't be displayed when a user performs a query in Search, and search highlights won't be shown in the search box and in search home.
 
 - If you disable this policy setting, queries will be performed on the web, web results will be displayed when a user performs a query in Search, and search highlights will be shown in the search box and in search home.
 
@@ -711,7 +711,7 @@ The following list shows the supported values:
 <!--Description-->
 Enabling this policy prevents indexing from continuing after less than the specified amount of hard drive space is left on the same drive as the index location. Select between 0 and 1.
 
-Enable this policy if computers in your environment have extremely limited hard drive space.
+Enable this policy if computers in your environment have limited hard drive space.
 
 When this policy is disabled or not configured, Windows Desktop Search automatically manages your index size.
 
@@ -761,7 +761,7 @@ The following list shows the supported values:
 
 <!--/Scope-->
 <!--Description-->
-If enabled, clients will be unable to query this computer's index remotely. Thus, when they are browsing network shares that are stored on this computer, they will not search them using the index. If disabled, client search requests will use this computer's index..
+If enabled, clients will be unable to query this computer's index remotely. Thus, when they're browsing network shares that are stored on this computer, they won't search them using the index. If disabled, client search requests will use this computer's index..
 
 <!--/Description-->
 <!--ADMXMapped-->
diff --git a/windows/client-management/mdm/policy-csp-security.md b/windows/client-management/mdm/policy-csp-security.md
index dc3da9ca62..dcf870fbf8 100644
--- a/windows/client-management/mdm/policy-csp-security.md
+++ b/windows/client-management/mdm/policy-csp-security.md
@@ -199,7 +199,7 @@ ADMX Info:
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 (default) – Will not force recovery from a non-ready TPM state.
+-   0 (default) – Won't force recovery from a non-ready TPM state.
 -   1 – Will prompt to clear the TPM if the TPM is in a non-ready state (or reduced functionality) which can be remediated with a TPM Clear.
 
 <!--/SupportedValues-->
@@ -326,7 +326,7 @@ This policy controls the Admin Authentication requirement in RecoveryEnvironment
 Supported values:  
 -  0 - Default: Keep using default(current) behavior
 -  1 - RequireAuthentication: Admin Authentication is always required for components in RecoveryEnvironment
--  2 - NoRequireAuthentication: Admin Authentication is not required for components in RecoveryEnvironment
+-  2 - NoRequireAuthentication: Admin Authentication isn't required for components in RecoveryEnvironment
 
 <!--/Description-->
 <!--SupportedValues-->
@@ -344,10 +344,10 @@ The process of starting Push Button Reset (PBR) in WinRE:
 1. Open a cmd as Administrator, run command "reagentc /boottore" and restart the OS to boot to WinRE.
 1. OS should boot to the blue screen of WinRE UI, go through TroubleShoot -> Reset this PC, it should show two options: "Keep my files" and "Remove everything".
 
-If the MDM policy is set to "Default" (0) or does not exist, the admin authentication flow should work as default behavior:  
+If the MDM policy is set to "Default" (0) or doesn't exist, the admin authentication flow should work as default behavior:  
 
 1. Start PBR in WinRE, choose "Keep my files", it should pop up admin authentication.
-1. Click "<-" (right arrow) button and choose "Remove everything", it should not pop up admin authentication and just go to PBR options.
+1. Click "<-" (right arrow) button and choose "Remove everything", it shouldn't pop up admin authentication and just go to PBR options.
 
 If the MDM policy is set to "RequireAuthentication" (1)
 
@@ -356,9 +356,9 @@ If the MDM policy is set to "RequireAuthentication" (1)
 
 If the MDM policy is set to "NoRequireAuthentication" (2)
 
-1. Start PBR in WinRE, choose "Keep my files", it should not pop up admin authentication.
+1. Start PBR in WinRE, choose "Keep my files", it shouldn't pop up admin authentication.
 1. Go through PBR options and click "cancel" at final confirmation page, wait unit the UI is back.
-1. Click "TroubleShoot" -> "Reset this PC" again, choose "Remove everything", it should not pop up admin authentication neither.
+1. Click "TroubleShoot" -> "Reset this PC" again, choose "Remove everything", it shouldn't pop up admin authentication neither.
 
 <!--/Validation-->
 <!--/Policy-->
@@ -403,7 +403,7 @@ Most restricted value is 1.
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 (default) – Encryption is not required.
+-   0 (default) – Encryption isn't required.
 -   1 – Encryption is required.
 
 <!--/SupportedValues-->
diff --git a/windows/client-management/mdm/policy-csp-settings.md b/windows/client-management/mdm/policy-csp-settings.md
index 8713e65ba8..1b0e0f8bc4 100644
--- a/windows/client-management/mdm/policy-csp-settings.md
+++ b/windows/client-management/mdm/policy-csp-settings.md
@@ -249,7 +249,7 @@ This policy disables edit device name option on Settings.
 <!--/Description-->
 <!--SupportedValues-->
 
-Describes what value are supported in by this policy and meaning of each value, default value.
+Describes what values are supported in by this policy and meaning of each value, default value.
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -626,7 +626,7 @@ ADMX Info:
 The following list shows the supported values:
 
 -   0 (default) – User will be allowed to configure the setting.
--   1  – Don't show additional calendars.
+-   1  – Don't show more calendars.
 -   2  - Simplified Chinese (Lunar).
 -   3  - Traditional Chinese (Lunar).
 
diff --git a/windows/client-management/mdm/policy-csp-start.md b/windows/client-management/mdm/policy-csp-start.md
index 2fd9258e23..f760f05bc0 100644
--- a/windows/client-management/mdm/policy-csp-start.md
+++ b/windows/client-management/mdm/policy-csp-start.md
@@ -156,7 +156,7 @@ The following list shows the supported values:
 
 -   0 – The shortcut is hidden and disables the setting in the Settings app.
 -   1 – The shortcut is visible and disables the setting in the Settings app.
--   65535 (default) - There is no enforced configuration and the setting can be changed by the user.
+-   65535 (default) - there's no enforced configuration and the setting can be changed by the user.
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -197,7 +197,7 @@ The following list shows the supported values:
 
 -   0 – The shortcut is hidden and disables the setting in the Settings app.
 -   1 – The shortcut is visible and disables the setting in the Settings app.
--   65535 (default) - There is no enforced configuration and the setting can be changed by the user.
+-   65535 (default) - there's no enforced configuration and the setting can be changed by the user.
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -238,7 +238,7 @@ The following list shows the supported values:
 
 -   0 – The shortcut is hidden and disables the setting in the Settings app.
 -   1 – The shortcut is visible and disables the setting in the Settings app.
--   65535 (default) - There is no enforced configuration and the setting can be changed by the user.
+-   65535 (default) - there's no enforced configuration and the setting can be changed by the user.
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -279,7 +279,7 @@ The following list shows the supported values:
 
 -   0 – The shortcut is hidden and disables the setting in the Settings app.
 -   1 – The shortcut is visible and disables the setting in the Settings app.
--   65535 (default) - There is no enforced configuration and the setting can be changed by the user.
+-   65535 (default) - there's no enforced configuration and the setting can be changed by the user.
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -320,7 +320,7 @@ The following list shows the supported values:
 
 -   0 – The shortcut is hidden and disables the setting in the Settings app.
 -   1 – The shortcut is visible and disables the setting in the Settings app.
--   65535 (default) - There is no enforced configuration and the setting can be changed by the user.
+-   65535 (default) - there's no enforced configuration and the setting can be changed by the user.
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -361,7 +361,7 @@ The following list shows the supported values:
 
 -   0 – The shortcut is hidden and disables the setting in the Settings app.
 -   1 – The shortcut is visible and disables the setting in the Settings app.
--   65535 (default) - There is no enforced configuration and the setting can be changed by the user.
+-   65535 (default) - there's no enforced configuration and the setting can be changed by the user.
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -402,7 +402,7 @@ The following list shows the supported values:
 
 -   0 – The shortcut is hidden and disables the setting in the Settings app.
 -   1 – The shortcut is visible and disables the setting in the Settings app.
--   65535 (default) - There is no enforced configuration and the setting can be changed by the user.
+-   65535 (default) - there's no enforced configuration and the setting can be changed by the user.
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -443,7 +443,7 @@ The following list shows the supported values:
 
 -   0 – The shortcut is hidden and disables the setting in the Settings app.
 -   1 – The shortcut is visible and disables the setting in the Settings app.
--   65535 (default) - There is no enforced configuration and the setting can be changed by the user.
+-   65535 (default) - there's no enforced configuration and the setting can be changed by the user.
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -484,7 +484,7 @@ The following list shows the supported values:
 
 -   0 – The shortcut is hidden and disables the setting in the Settings app.
 -   1 – The shortcut is visible and disables the setting in the Settings app.
--   65535 (default) - There is no enforced configuration and the setting can be changed by the user.
+-   65535 (default) - there's no enforced configuration and the setting can be changed by the user.
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -525,7 +525,7 @@ The following list shows the supported values:
 
 -   0 – The shortcut is hidden and disables the setting in the Settings app.
 -   1 – The shortcut is visible and disables the setting in the Settings app.
--   65535 (default) - There is no enforced configuration and the setting can be changed by the user.
+-   65535 (default) - there's no enforced configuration and the setting can be changed by the user.
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -634,7 +634,7 @@ ADMX Info:
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 (default) – False (Do not disable).
+-   0 (default) – False (don't disable).
 -   1 - True (disable).
 
 <!--/SupportedValues-->
@@ -679,13 +679,13 @@ The following list shows the supported values:
 Forces the start screen size.
 
 
-If there is policy configuration conflict, the latest configuration request is applied to the device.
+If there's policy configuration conflict, the latest configuration request is applied to the device.
 
 <!--/Description-->
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 (default) – Do not force size of Start.
+-   0 (default) – Don't force size of Start.
 -   1 – Force non-fullscreen size of Start.
 -   2 - Force a fullscreen size of Start.
 
@@ -730,12 +730,12 @@ Allows IT Admins to configure Start by collapsing or removing the all apps list.
 > There were issues reported with the previous release of this policy and a fix was added in Windows 10, version 1709. 
 
 
-To validate on Desktop, do the following:
+To validate on Desktop, do the following steps:
 
 -   1 - Enable policy and restart explorer.exe
--   2a - If set to '1': Verify that the all apps list is collapsed, and that the Settings toggle is not grayed out.
+-   2a - If set to '1': Verify that the all apps list is collapsed, and that the Settings toggle isn't grayed out.
 -   2b - If set to '2': Verify that the all apps list is collapsed, and that the Settings toggle is grayed out.
--   2c - If set to '3': Verify that there is no way of opening the all apps list from Start, and that the Settings toggle is grayed out.
+-   2c - If set to '3': Verify that there's no way of opening the all apps list from Start, and that the Settings toggle is grayed out.
 
 <!--/Description-->
 <!--SupportedValues-->
@@ -783,15 +783,15 @@ Allows IT Admins to configure Start by hiding "Change account settings" from app
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 (default) – False (do not hide).
+-   0 (default) – False (don't hide).
 -   1 - True (hide).
 
 <!--/SupportedValues-->
 <!--Validation-->
-To validate on Desktop, do the following:
+To validate on Desktop, do the following steps:
 
 1.   Enable policy.
-2.   Open Start, click on the user tile, and verify that "Change account settings" is not available.
+2.   Open Start, click on the user tile, and verify that "Change account settings" isn't available.
 
 <!--/Validation-->
 <!--/Policy-->
@@ -834,19 +834,19 @@ Allows IT Admins to configure Start by hiding most used apps.
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 (default) – False (do not hide).
+-   0 (default) – False (don't hide).
 -   1 - True (hide).
 
 <!--/SupportedValues-->
 <!--Validation-->
-To validate on Desktop, do the following:
+To validate on Desktop, do the following steps:
 
 1.   Enable "Show most used apps" in the Settings app.
 2.   Use some apps to get them into the most used group in Start.
 3.   Enable policy.
 4.   Restart explorer.exe
 5.   Check that  "Show most used apps" Settings toggle is grayed out.
-6.   Check that most used apps do not appear in Start.
+6.   Check that most used apps don't appear in Start.
 
 <!--/Validation-->
 <!--/Policy-->
@@ -883,21 +883,21 @@ Allows IT Admins to configure Start by hiding "Hibernate" from appearing in the
 
 
 > [!NOTE]
-> This policy can only be verified on laptops as "Hibernate" does not appear on regular PC's.
+> This policy can only be verified on laptops as "Hibernate" doesn't appear on regular PC's.
 
 <!--/Description-->
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 (default) – False (do not hide).
+-   0 (default) – False (don't hide).
 -   1 - True (hide).
 
 <!--/SupportedValues-->
 <!--Validation-->
-To validate on Laptop, do the following:
+To validate on Laptop, do the following steps:
 
 1.   Enable policy.
-2.   Open Start, click on the Power button, and verify "Hibernate" is not available.
+2.   Open Start, click on the Power button, and verify "Hibernate" isn't available.
 
 <!--/Validation-->
 <!--/Policy-->
@@ -936,15 +936,15 @@ Allows IT Admins to configure Start by hiding "Lock" from appearing in the user
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 (default) – False (do not hide).
+-   0 (default) – False (don't hide).
 -   1 - True (hide).
 
 <!--/SupportedValues-->
 <!--Validation-->
-To validate on Desktop, do the following:
+To validate on Desktop, do the following steps:
 
 1.   Enable policy.
-2.   Open Start, click on the user tile, and verify "Lock" is not available.
+2.   Open Start, click on the user tile, and verify "Lock" isn't available.
 
 <!--/Validation-->
 <!--/Policy-->
@@ -977,7 +977,7 @@ To validate on Desktop, do the following:
 
 <!--/Scope-->
 <!--Description-->
-Enabling this policy removes the people icon from the taskbar as well as the corresponding settings toggle. It also prevents users from pinning people to the taskbar.
+Enabling this policy removes the people icon from the taskbar and the corresponding settings toggle. It also prevents users from pinning people to the taskbar.
 
 Value type is integer.
 
@@ -993,7 +993,7 @@ ADMX Info:
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 (default) – False (do not hide).
+-   0 (default) – False (don't hide).
 -   1 - True (hide).
 
 <!--/SupportedValues-->
@@ -1036,15 +1036,15 @@ Allows IT Admins to configure Start by hiding the Power button from appearing.
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 (default) – False (do not hide).
+-   0 (default) – False (don't hide).
 -   1 - True (hide).
 
 <!--/SupportedValues-->
 <!--Validation-->
-To validate on Desktop, do the following:
+To validate on Desktop, do the following steps:
 
 1.   Enable policy.
-2.   Open Start, and verify the power button is not available.
+2.   Open Start, and verify the power button isn't available.
 
 <!--/Validation-->
 <!--/Policy-->
@@ -1086,12 +1086,12 @@ Allows IT Admins to configure Start by hiding recently opened items in the jump
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 (default) – False (do not hide).
+-   0 (default) – False (don't hide).
 -   1 - True (hide).
 
 <!--/SupportedValues-->
 <!--Validation-->
-To validate on Desktop, do the following:
+To validate on Desktop, do the following steps:
 
 1.   Enable "Show recently opened items in Jump Lists on Start of the taskbar" in Settings.
 2.   Pin Photos to the taskbar, and open some images in the photos app.
@@ -1101,7 +1101,7 @@ To validate on Desktop, do the following:
 6.   Restart explorer.exe
 7.   Check that Settings toggle is grayed out.
 8.   Repeat Step 2.
-9.   Right Click pinned photos app and verify that there is no jump list of recent items.
+9.   Right Click pinned photos app and verify that there's no jump list of recent items.
 
 <!--/Validation-->
 <!--/Policy-->
@@ -1152,19 +1152,19 @@ ADMX Info:
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 (default) – False (do not hide).
+-   0 (default) – False (don't hide).
 -   1 - True (hide).
 
 <!--/SupportedValues-->
 <!--Validation-->
-To validate on Desktop, do the following:
+To validate on Desktop, do the following steps:
 
 1.   Enable "Show recently added apps" in the Settings app.
 2.   Check if there are recently added apps in Start (if not, install some).
 3.   Enable policy.
 4.   Restart explorer.exe
 5.   Check that "Show recently added apps" Settings toggle is grayed out.
-6.   Check that recently added apps do not appear in Start.
+6.   Check that recently added apps don't appear in Start.
 
 <!--/Validation-->
 <!--/Policy-->
@@ -1203,15 +1203,15 @@ Allows IT Admins to configure Start by hiding "Restart" and "Update and restart"
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 (default) – False (do not hide).
+-   0 (default) – False (don't hide).
 -   1 - True (hide).
 
 <!--/SupportedValues-->
 <!--Validation-->
-To validate on Desktop, do the following:
+To validate on Desktop, do the following steps:
 
 1.   Enable policy.
-2.   Open Start, click on the Power button, and verify "Restart" and "Update and restart" are not available.
+2.   Open Start, click on the Power button, and verify "Restart" and "Update and restart" aren't available.
 
 <!--/Validation-->
 <!--/Policy-->
@@ -1250,15 +1250,15 @@ Allows IT Admins to configure Start by hiding "Shut down" and "Update and shut d
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 (default) – False (do not hide).
+-   0 (default) – False (don't hide).
 -   1 - True (hide).
 
 <!--/SupportedValues-->
 <!--Validation-->
-To validate on Desktop, do the following:
+To validate on Desktop, do the following steps:
 
 1.   Enable policy.
-2.   Open Start, click on the Power button, and verify "Shut down" and "Update and shut down" are not available.
+2.   Open Start, click on the Power button, and verify "Shut down" and "Update and shut down" aren't available.
 
 <!--/Validation-->
 <!--/Policy-->
@@ -1297,15 +1297,15 @@ Allows IT Admins to configure Start by hiding "Sign out" from appearing in the u
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 (default) – False (do not hide).
+-   0 (default) – False (don't hide).
 -   1 - True (hide).
 
 <!--/SupportedValues-->
 <!--Validation-->
-To validate on Desktop, do the following:
+To validate on Desktop, do the following steps:
 
 1.   Enable policy.
-2.   Open Start, click on the user tile, and verify "Sign out" is not available.
+2.   Open Start, click on the user tile, and verify "Sign out" isn't available.
 
 <!--/Validation-->
 <!--/Policy-->
@@ -1344,15 +1344,15 @@ Allows IT Admins to configure Start by hiding "Sleep" from appearing in the Powe
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 (default) – False (do not hide).
+-   0 (default) – False (don't hide).
 -   1 - True (hide).
 
 <!--/SupportedValues-->
 <!--Validation-->
-To validate on Desktop, do the following:
+To validate on Desktop, do the following steps:
 
 1.   Enable policy.
-2.   Open Start, click on the Power button, and verify that "Sleep" is not available.
+2.   Open Start, click on the Power button, and verify that "Sleep" isn't available.
 
 <!--/Validation-->
 <!--/Policy-->
@@ -1391,15 +1391,15 @@ Allows IT Admins to configure Start by hiding "Switch account" from appearing in
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 (default) – False (do not hide).
+-   0 (default) – False (don't hide).
 -   1 - True (hide).
 
 <!--/SupportedValues-->
 <!--Validation-->
-To validate on Desktop, do the following:
+To validate on Desktop, do the following steps:
 
 1.   Enable policy.
-2.   Open Start, click on the user tile, and verify that "Switch account" is not available.
+2.   Open Start, click on the user tile, and verify that "Switch account" isn't available.
 
 <!--/Validation-->
 <!--/Policy-->
@@ -1441,16 +1441,16 @@ Allows IT Admins to configure Start by hiding the user tile.
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 (default) – False (do not hide).
+-   0 (default) – False (don't hide).
 -   1 - True (hide).
 
 <!--/SupportedValues-->
 <!--Validation-->
-To validate on Desktop, do the following:
+To validate on Desktop, do the following steps:
 
 1.   Enable policy.
-2.   Log off.
-3.   Log in, and verify that the user tile is gone from Start.
+2.   Sign out.
+3.   Sign in, and verify that the user tile is gone from Start.
 
 <!--/Validation-->
 <!--/Policy-->
@@ -1486,7 +1486,7 @@ To validate on Desktop, do the following:
 > [!NOTE]
 > This policy requires reboot to take effect.
 
-Here is additional SKU support information:
+Here's more SKU support information:
 
 |Release |SKU Supported  |
 |---------|---------|
@@ -1494,7 +1494,7 @@ Here is additional SKU support information:
 |Windows 10, version 1703 and later |Enterprise, Education, Business |
 |Windows 10, version 1709 and later |Enterprise, Education, Business, Pro, ProEducation, S, ProWorkstation |
 
-This policy imports Edge assets (e.g. .png/.jpg files) for secondary tiles into its local app data path which allows the StartLayout policy to pin Edge secondary tiles as weblink that tie to the image asset files.
+This policy imports Edge assets (for example, .png/.jpg files) for secondary tiles into its local app data path, which allows the StartLayout policy to pin Edge secondary tiles as weblink that ties to the image asset files.
 
 > [!IMPORTANT]
 > Please note that the import happens only when StartLayout policy is changed. So it is better to always change ImportEdgeAssets policy at the same time as StartLayout policy whenever there are Edge secondary tiles to be pinned from StartLayout policy.
@@ -1503,7 +1503,7 @@ The value set for this policy is an XML string containing Edge assets.  For an e
 
 <!--/Description-->
 <!--Validation-->
-To validate on Desktop, do the following:
+To validate on Desktop, do the following steps:
 
 1.   Set policy with an XML for Edge assets.
 2.   Set StartLayout policy to anything so that it would trigger the Edge assets import.
@@ -1552,13 +1552,13 @@ The following list shows the supported values:
 
 <!--/SupportedValues-->
 <!--Validation-->
-To validate on Desktop, do the following:
+To validate on Desktop, do the following steps:
 
 1.   Enable policy.
 2.   Right click on a program pinned to taskbar.
-3.   Verify that "Unpin from taskbar" menu does not show.
+3.   Verify that "Unpin from taskbar" menu doesn't show.
 4.   Open Start and right click on one of the app list icons.
-5.   Verify that More->Pin to taskbar menu does not show.
+5.   Verify that More->Pin to taskbar menu doesn't show.
 
 <!--/Validation-->
 <!--/Policy-->
@@ -1622,8 +1622,8 @@ To validate on Desktop, do the following:
 <!--SupportedValues-->
 The following list shows the supported values:
 
-- 1 - Force showing of Most Used Apps in Start Menu, user cannot change in Settings
-- 0 - Force hiding of Most Used Apps in Start Menu, user cannot change in Settings
+- 1 - Force showing of Most Used Apps in Start Menu, user can't change in Settings
+- 0 - Force hiding of Most Used Apps in Start Menu, user can't change in Settings
 - Not set - User can use Settings to hide or show Most Used Apps in Start Menu
 
 On clean install, the user setting defaults to "hide".
@@ -1664,7 +1664,7 @@ On clean install, the user setting defaults to "hide".
 > [!IMPORTANT]
 > In addition to being able to set this node on a per user-basis, it can now also be set on a per-device basis. For more information, see [Policy scope](./policy-configuration-service-provider.md#policy-scope)  
 
-Here is additional SKU support information:
+Here's more SKU support information:
 
 |Release |SKU Supported  |
 |---------|---------|
@@ -1674,7 +1674,7 @@ Here is additional SKU support information:
 
 Allows you to override the default Start layout and prevents the user from changing it. If both user and device policies are set, the user policy will be used. Apps pinned to the taskbar can also be changed with this policy
 
-For further details on how to customize the Start layout, please see [Customize and export Start layout](/windows/configuration/customize-and-export-start-layout) and [Configure Windows 10 taskbar](/windows/configuration/configure-windows-10-taskbar).
+For more information on how to customize the Start layout, see [Customize and export Start layout](/windows/configuration/customize-and-export-start-layout) and [Configure Windows 10 taskbar](/windows/configuration/configure-windows-10-taskbar).
 
 <!--/Description-->
 <!--ADMXMapped-->
diff --git a/windows/client-management/mdm/policy-csp-storage.md b/windows/client-management/mdm/policy-csp-storage.md
index 77b5ec67b9..d600b89da2 100644
--- a/windows/client-management/mdm/policy-csp-storage.md
+++ b/windows/client-management/mdm/policy-csp-storage.md
@@ -107,7 +107,7 @@ ADMX Info:
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 - Do not allow
+-   0 - Don't allow
 -   1 (default) - Allow
 
 <!--/SupportedValues-->
@@ -128,7 +128,7 @@ The following list shows the supported values:
 |Enterprise|Yes|Yes|
 |Education|Yes|Yes|
 
-Note: Versions prior to version 1903 do not support group policy.
+Note: Versions prior to version 1903 don't support group policy.
 
 <!--/SupportedSKUs-->
 <hr/>
@@ -145,11 +145,11 @@ Note: Versions prior to version 1903 do not support group policy.
 <!--Description-->
 Storage Sense can automatically clean some of the user’s files to free up disk space. By default, Storage Sense is automatically turned on when the machine runs into low disk space and is set to run whenever the machine runs into storage pressure. This cadence can be changed in Storage settings or set with the Storage/ConfigStorageSenseGlobalCadence group policy.
 
-If you enable this policy setting without setting a cadence, Storage Sense is turned on for the machine with the default cadence of "during low free disk space." Users cannot disable Storage Sense, but they can adjust the cadence (unless you also configure the Storage/ConfigStorageSenseGlobalCadence group policy).
+If you enable this policy setting without setting a cadence, Storage Sense is turned on for the machine with the default cadence of "during low free disk space." Users can't disable Storage Sense, but they can adjust the cadence (unless you also configure the Storage/ConfigStorageSenseGlobalCadence group policy).
 
-If you disable this policy setting, the machine will turn off Storage Sense. Users cannot enable Storage Sense.
+If you disable this policy setting, the machine will turn off Storage Sense. Users can't enable Storage Sense.
 
-If you do not configure this policy setting, Storage Sense is turned off by default until the user runs into low disk space or the user enables it manually. Users can configure this setting in Storage settings.
+If you don't configure this policy setting, Storage Sense is turned off by default until the user runs into low disk space or the user enables it manually. Users can configure this setting in Storage settings.
 <!--/Description-->
 <!--ADMXMapped-->
 ADMX Info:  
@@ -185,7 +185,7 @@ ADMX Info:
 |Enterprise|Yes|Yes|
 |Education|Yes|Yes|
 
-Note: Versions prior to version 1903 do not support group policy.
+Note: Versions prior to version 1903 don't support group policy.
 
 <!--/SupportedSKUs-->
 <hr/>
@@ -200,15 +200,15 @@ Note: Versions prior to version 1903 do not support group policy.
 
 <!--/Scope-->
 <!--Description-->
-When Storage Sense runs, it can delete the user’s temporary files that are not in use.
+When Storage Sense runs, it can delete the user’s temporary files that aren't in use.
 
-If the Storage/AllowStorageSenseGlobal policy is disabled, then this policy does not have any effect.
+If the Storage/AllowStorageSenseGlobal policy is disabled, then this policy doesn't have any effect.
 
-If you enable this policy setting, Storage Sense will delete the user’s temporary files that are not in use. Users cannot disable this setting in Storage settings.
+If you enable this policy setting, Storage Sense will delete the user’s temporary files that aren't in use. Users can't disable this setting in Storage settings.
 
-If you disable this policy setting, Storage Sense will not delete the user’s temporary files. Users cannot enable this setting in Storage settings.
+If you disable this policy setting, Storage Sense won't delete the user’s temporary files. Users can't enable this setting in Storage settings.
 
-If you do not configure this policy setting, Storage Sense will delete the user’s temporary files by default. Users can configure this setting in Storage settings.
+If you don't configure this policy setting, Storage Sense will delete the user’s temporary files by default. Users can configure this setting in Storage settings.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -245,7 +245,7 @@ ADMX Info:
 |Enterprise|Yes|Yes|
 |Education|Yes|Yes|
 
-Note: Versions prior to version 1903 do not support group policy.
+Note: Versions prior to version 1903 don't support group policy.
 
 <!--/SupportedSKUs-->
 <hr/>
@@ -260,15 +260,15 @@ Note: Versions prior to version 1903 do not support group policy.
 
 <!--/Scope-->
 <!--Description-->
-When Storage Sense runs, it can dehydrate cloud-backed content that hasn’t been opened in a certain amount of days.
+When Storage Sense runs, it can dehydrate cloud-backed content that hasn’t been opened in a certain number of days.
 
-If the Storage/AllowStorageSenseGlobal policy is disabled, then this policy does not have any effect.
+If the Storage/AllowStorageSenseGlobal policy is disabled, then this policy doesn't have any effect.
 
 If you enable this policy setting, you must provide the minimum number of days a cloud-backed file can remain unopened before Storage Sense dehydrates it. Supported values are: 0–365.
 
-If you set this value to zero, Storage Sense will not dehydrate any cloud-backed content. The default value is 0, which never dehydrates cloud-backed content.
+If you set this value to zero, Storage Sense won't dehydrate any cloud-backed content. The default value is 0, which never dehydrates cloud-backed content.
 
-If you disable or do not configure this policy setting, then Storage Sense will not dehydrate any cloud-backed content by default. Users can configure this setting in Storage settings.
+If you disable or don't configure this policy setting, then Storage Sense won't dehydrate any cloud-backed content by default. Users can configure this setting in Storage settings.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -305,7 +305,7 @@ ADMX Info:
 |Enterprise|Yes|Yes|
 |Education|Yes|Yes|
 
-Note: Versions prior to version 1903 do not support group policy.
+Note: Versions prior to version 1903 don't support group policy.
 
 <!--/SupportedSKUs-->
 <hr/>
@@ -322,13 +322,13 @@ Note: Versions prior to version 1903 do not support group policy.
 <!--Description-->
 When Storage Sense runs, it can delete files in the user’s Downloads folder if they haven’t been opened for more than a certain number of days.
 
-If the Storage/AllowStorageSenseGlobal policy is disabled, then this policy does not have any effect.
+If the Storage/AllowStorageSenseGlobal policy is disabled, then this policy doesn't have any effect.
 
 If you enable this policy setting, you must provide the minimum number of days a file can remain unopened before Storage Sense deletes it from the Downloads folder. Supported values are: 0-365.
 
-If you set this value to zero, Storage Sense will not delete files in the user’s Downloads folder. The default is 0, or never deleting files in the Downloads folder.
+If you set this value to zero, Storage Sense won't delete files in the user’s Downloads folder. The default is 0, or never deleting files in the Downloads folder.
 
-If you disable or do not configure this policy setting, then Storage Sense will not delete files in the user’s Downloads folder by default. Users can configure this setting in Storage settings.
+If you disable or don't configure this policy setting, then Storage Sense won't delete files in the user’s Downloads folder by default. Users can configure this setting in Storage settings.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -365,7 +365,7 @@ ADMX Info:
 |Enterprise|Yes|Yes|
 |Education|Yes|Yes|
 
-Note: Versions prior to version 1903 do not support group policy.
+Note: Versions prior to version 1903 don't support group policy.
 
 <!--/SupportedSKUs-->
 <hr/>
@@ -381,7 +381,7 @@ Note: Versions prior to version 1903 do not support group policy.
 <!--/Scope-->
 <!--Description-->
 Storage Sense can automatically clean some of the user’s files to free up disk space.
-If the Storage/AllowStorageSenseGlobal policy is disabled, then this policy does not have any effect.
+If the Storage/AllowStorageSenseGlobal policy is disabled, then this policy doesn't have any effect.
 
 If you enable this policy setting, you must provide the desired Storage Sense cadence.
 
@@ -394,7 +394,7 @@ The following are supported options:
 
 The default is 0 (during low free disk space).
 
-If you do not configure this policy setting, then the Storage Sense cadence is set to “during low free disk space” by default. Users can configure this setting in Storage settings.
+If you don't configure this policy setting, then the Storage Sense cadence is set to “during low free disk space” by default. Users can configure this setting in Storage settings.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -431,7 +431,7 @@ ADMX Info:
 |Enterprise|Yes|Yes|
 |Education|Yes|Yes|
 
-Note: Versions prior to version 1903 do not support group policy.
+Note: Versions prior to version 1903 don't support group policy.
 
 <!--/SupportedSKUs-->
 <hr/>
@@ -446,15 +446,15 @@ Note: Versions prior to version 1903 do not support group policy.
 
 <!--/Scope-->
 <!--Description-->
-When Storage Sense runs, it can delete files in the user’s Recycle Bin if they have been there for over a certain amount of days.
+When Storage Sense runs, it can delete files in the user’s Recycle Bin if they've been there for over a certain number of days.
 
-If the Storage/AllowStorageSenseGlobal policy is disabled, then this policy does not have any effect.
+If the Storage/AllowStorageSenseGlobal policy is disabled, then this policy doesn't have any effect.
 
 If you enable this policy setting, you must provide the minimum age threshold (in days) of a file in the Recycle Bin before Storage Sense will delete it. Supported values are: 0–365.
 
-If you set this value to zero, Storage Sense will not delete files in the user’s Recycle Bin. The default is 30 days.
+If you set this value to zero, Storage Sense won't delete files in the user’s Recycle Bin. The default is 30 days.
 
-If you disable or do not configure this policy setting, Storage Sense will delete files in the user’s Recycle Bin that have been there for over 30 days by default. Users can configure this setting in Storage settings.
+If you disable or don't configure this policy setting, Storage Sense will delete files in the user’s Recycle Bin which have been there for over 30 days by default. Users can configure this setting in Storage settings.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -506,9 +506,9 @@ ADMX Info:
 <!--Description-->
 This policy setting configures whether or not Windows will activate an Enhanced Storage device.
 
-If you enable this policy setting, Windows will not activate unactivated Enhanced Storage devices.
+If you enable this policy setting, Windows won't activate unactivated Enhanced Storage devices.
 
-If you disable or do not configure this policy setting, Windows will activate unactivated Enhanced Storage devices.
+If you disable or don't configure this policy setting, Windows will activate unactivated Enhanced Storage devices.
 
 <!--/Description-->
 > [!TIP]
@@ -556,7 +556,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-If you enable this policy setting, write access is denied to this removable storage class. If you disable or do not configure this policy setting, write access is allowed to this removable storage class. 
+If you enable this policy setting, write access is denied to this removable storage class. If you disable or don't configure this policy setting, write access is allowed to this removable storage class. 
 
 > [!Note]
 > To require that users write data to BitLocker-protected storage, enable the policy setting "Deny write access to drives not protected by BitLocker," which is located in "Computer Configuration\Administrative Templates\Windows Components\BitLocker Drive Encryption\Removable Data Drives."
@@ -616,7 +616,7 @@ See [Use custom settings for Windows 10 devices in Intune](/intune/custom-settin
 
 <!--/Scope-->
 <!--Description-->
-This policy will do the enforcement over the following protocols which are used by most portable devices, e.g. mobile/IOS/Android:
+This policy will do the enforcement over the following protocols that are used by most portable devices, for example, mobile/IOS/Android:
 
 - Picture Transfer Protocol (PTP) over USB, IP, and Bluetooth
 - Media Transfer Protocol (MTP) over USB, IP, and Bluetooth
@@ -624,10 +624,10 @@ This policy will do the enforcement over the following protocols which are used
 
 To enable this policy, the minimum OS requirement is Windows 10, version 1809 and [KB5003217 (OS Build 17763.1971)](https://support.microsoft.com/en-us/topic/may-20-2021-kb5003217-os-build-17763-1971-preview-08687c95-0740-421b-a205-54aa2c716b46).
 
-If enabled, this policy will block end-user from Read access on any Windows Portal devices, e.g. mobile/iOS/Android.
+If enabled, this policy will block end-user from Read access on any Windows Portal devices, for example, mobile/iOS/Android.
 
 >[!NOTE]
-> WPD policy is not a reliable policy for removable storage - admin can not use WPD policy to block removable storage, e.g. if an end-user is using an USB thumb drive under a WPD policy, the policy may block PTP/MTP/etc, but end-user can still browser the USB via explorer.
+> WPD policy is not a reliable policy for removable storage - admin can not use WPD policy to block removable storage, for example, if an end-user is using an USB thumb drive under a WPD policy, the policy may block PTP/MTP/etc, but end-user can still browser the USB via explorer.
 
 Supported values for this policy are:
 - Not configured
@@ -678,7 +678,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy will do the enforcement over the following protocols which are used by most portable devices, e.g. mobile/IOS/Android:
+This policy will do the enforcement over the following protocols that are used by most portable devices, for example, mobile/IOS/Android:
 
 - Picture Transfer Protocol (PTP) over USB, IP, and Bluetooth
 - Media Transfer Protocol (MTP) over USB, IP, and Bluetooth
@@ -686,7 +686,7 @@ This policy will do the enforcement over the following protocols which are used
 
 To enable this policy, the minimum OS requirement is Windows 10, version 1809 and [KB5003217 (OS Build 17763.1971)](https://support.microsoft.com/en-us/topic/may-20-2021-kb5003217-os-build-17763-1971-preview-08687c95-0740-421b-a205-54aa2c716b46).
 
-If enabled, this policy will block end-user from Read access on any Windows Portal devices, e.g. mobile/iOS/Android.
+If enabled, this policy will block end-user from Read access on any Windows Portal devices, for example, mobile/iOS/Android.
 
 >[!NOTE]
 > WPD policy is not a reliable policy for removable storage - admin can not use WPD policy to block removable storage, e.g. if an end-user is using an USB thumb drive under a WPD policy, the policy may block PTP/MTP/etc, but end-user can still browser the USB via explorer.
@@ -740,7 +740,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy will do the enforcement over the following protocols which are used by most portable devices, e.g. mobile/IOS/Android:
+This policy will do the enforcement over the following protocols that are used by most portable devices, for example, mobile/IOS/Android:
 
 - Picture Transfer Protocol (PTP) over USB, IP, and Bluetooth
 - Media Transfer Protocol (MTP) over USB, IP, and Bluetooth
@@ -748,7 +748,7 @@ This policy will do the enforcement over the following protocols which are used
 
 To enable this policy, the minimum OS requirement is Windows 10, version 1809 and [KB5003217 (OS Build 17763.1971)](https://support.microsoft.com/en-us/topic/may-20-2021-kb5003217-os-build-17763-1971-preview-08687c95-0740-421b-a205-54aa2c716b46).
 
-If enabled, this will block end-user from Write access on any Windows Portal devices, e.g. mobile/iOS/Android.
+If enabled, this policy will block end-user from Write access on any Windows Portal devices, for example, mobile/iOS/Android.
 
 >[!NOTE]
 > WPD policy is not a reliable policy for removable storage - admin can not use WPD policy to block removable storage, e.g. if an end-user is using an USB thumb drive under a WPD policy, the policy may block PTP/MTP/etc, but end-user can still browser the USB via explorer.
@@ -802,7 +802,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy will do the enforcement over the following protocols which are used by most portable devices, e.g. mobile/IOS/Android:
+This policy will do the enforcement over the following protocols that are used by most portable devices, for example, mobile/IOS/Android:
 
 - Picture Transfer Protocol (PTP) over USB, IP, and Bluetooth
 - Media Transfer Protocol (MTP) over USB, IP, and Bluetooth
@@ -810,7 +810,7 @@ This policy will do the enforcement over the following protocols which are used
 
 To enable this policy, the minimum OS requirement is Windows 10, version 1809 and [KB5003217 (OS Build 17763.1971)](https://support.microsoft.com/en-us/topic/may-20-2021-kb5003217-os-build-17763-1971-preview-08687c95-0740-421b-a205-54aa2c716b46).
 
-If enabled, this will block end-user from Write access on any Windows Portal devices, e.g. mobile/iOS/Android.
+If enabled, this policy will block end-user from Write access on any Windows Portal devices, for example, mobile/iOS/Android.
 
 >[!NOTE]
 > WPD policy is not a reliable policy for removable storage - admin can not use WPD policy to block removable storage, e.g. if an end-user is using an USB thumb drive under a WPD policy, the policy may block PTP/MTP/etc, but end-user can still browser the USB via explorer.
diff --git a/windows/client-management/mdm/policy-csp-system.md b/windows/client-management/mdm/policy-csp-system.md
index 9e31c3a67b..a824fde8d4 100644
--- a/windows/client-management/mdm/policy-csp-system.md
+++ b/windows/client-management/mdm/policy-csp-system.md
@@ -144,7 +144,7 @@ manager: dansimp
 
 This policy setting determines whether users can access the Insider build controls in the Advanced Options for Windows Update. These controls are located under "Get Insider builds," and enable users to make their devices available for downloading and installing Windows preview software.
 
-If you enable or do not configure this policy setting, users can download and install Windows preview software on their devices. If you disable this policy setting, the item "Get Insider builds" will be unavailable.
+If you enable or don't configure this policy setting, users can download and install Windows preview software on their devices. If you disable this policy setting, the item "Get Insider builds" will be unavailable.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -201,9 +201,9 @@ To enable this behavior, you must complete two steps:
 
 Windows diagnostic data is collected when the Allow Telemetry policy setting is set to 1 – **Required (Basic)** or above.
 
-If you disable or do not configure this setting, Microsoft will be the controller of the Windows diagnostic data collected from the device and processed in accordance with Microsoft’s [privacy statement](https://go.microsoft.com/fwlink/?LinkId=521839) unless you have enabled policies like Allow Update Compliance Processing or Allow Desktop Analytics Processing.
+If you disable or don't configure this setting, Microsoft will be the controller of the Windows diagnostic data collected from the device and processed in accordance with Microsoft’s [privacy statement](https://go.microsoft.com/fwlink/?LinkId=521839) unless you have enabled policies like Allow Update Compliance Processing or Allow Desktop Analytics Processing.
 
-Configuring this setting does not change the Windows diagnostic data collection level set for the device or the operation of optional analytics processor services like Desktop Analytics and Update Compliance.
+Configuring this setting doesn't change the Windows diagnostic data collection level set for the device or the operation of optional analytics processor services like Desktop Analytics and Update Compliance.
 
 See the documentation at [ConfigureWDD](https://aka.ms/ConfigureWDD) for information on this and other policies that will result in Microsoft being the processor of Windows diagnostic data.
 
@@ -248,11 +248,11 @@ To enable this behavior, you must complete three steps:
  2. Set **AllowTelemetry** to 1 – **Required (Basic)** or above
  3. Set the Configure the Commercial ID setting for your Desktop Analytics workspace
 
-This setting has no effect on devices unless they are properly enrolled in Desktop Analytics.
+This setting has no effect on devices unless they're properly enrolled in Desktop Analytics.
 
 When these policies are configured, Windows diagnostic data collected from the device will be subject to Microsoft processor commitments.
 
-If you disable or do not configure this policy setting, devices will not appear in Desktop Analytics.
+If you disable or don't configure this policy setting, devices won't appear in Desktop Analytics.
 
 The following list shows the supported values:
 
@@ -289,7 +289,7 @@ The following list shows the supported values:
 
 <!--/Scope-->
 <!--Description-->
-This policy allows the device name to be sent to Microsoft as part of Windows diagnostic data.  If you disable or do not configure this policy setting, then device name will not be sent to Microsoft as part of Windows diagnostic data.
+This policy allows the device name to be sent to Microsoft as part of Windows diagnostic data.  If you disable or don't configure this policy setting, then device name won't be sent to Microsoft as part of Windows diagnostic data.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -385,7 +385,7 @@ The following list shows the supported values:
 <!--/Scope-->
 <!--Description-->
 > [!NOTE]
-> This policy is not supported in Windows 10, version 1607.
+> This policy isn't supported in Windows 10, version 1607.
 
 This policy setting determines the level that Microsoft can experiment with the product to study user preferences or device behavior.
 
@@ -430,11 +430,11 @@ The following list shows the supported values:
 
 <!--/Scope-->
 <!--Description-->
-Boolean policy setting that determines whether Windows is allowed to download fonts and font catalog data from an online font provider. If you enable this setting, Windows periodically queries an online font provider to determine whether a new font catalog is available. Windows may also download font data if needed to format or render text. If you disable this policy setting, Windows does not connect to an online font provider and only enumerates locally installed fonts.
+Boolean policy setting that determines whether Windows is allowed to download fonts and font catalog data from an online font provider. If you enable this setting, Windows periodically queries an online font provider to determine whether a new font catalog is available. Windows may also download font data if needed to format or render text. If you disable this policy setting, Windows doesn't connect to an online font provider and only enumerates locally installed fonts.
 
-This MDM setting corresponds to the EnableFontProviders Group Policy setting. If both the Group Policy and the MDM settings are configured, the group policy setting takes precedence. If neither is configured, the behavior depends on a DisableFontProviders registry value. In server editions, this registry value is set to 1 by default, so the default behavior is false (disabled). In all other editions, the registry value is not set by default, so the default behavior is true (enabled).
+This MDM setting corresponds to the EnableFontProviders Group Policy setting. If both the Group Policy and the MDM settings are configured, the group policy setting takes precedence. If neither is configured, the behavior depends on a DisableFontProviders registry value. In server editions, this registry value is set to 1 by default, so the default behavior is false (disabled). In all other editions, the registry value isn't set by default, so the default behavior is true (enabled).
 
-This setting is used by lower-level components for text display and fond handling and has not direct effect on web browsers, which may download web fonts used in web content.
+This setting is used by lower-level components for text display and fond handling and hasn't direct effect on web browsers, which may download web fonts used in web content.
 
 > [!NOTE]
 > Reboot is required after setting the policy; alternatively you can stop and restart the FontCache service.
@@ -458,7 +458,7 @@ The following list shows the supported values:
 <!--Validation-->
 To verify if System/AllowFontProviders is set to true:  
 
--  After a client machine is rebooted, check whether there is any network traffic from client machine to fs.microsoft.com.
+-  After a client machine is rebooted, check whether there's any network traffic from client machine to fs.microsoft.com.
 
 <!--/Validation-->
 <!--/Policy-->
@@ -513,9 +513,9 @@ ADMX Info:
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 – Force Location Off. All Location Privacy settings are toggled off and grayed out. Users cannot change the settings, and no apps are allowed access to the Location service, including Cortana and Search.
+-   0 – Force Location Off. All Location Privacy settings are toggled off and grayed out. Users can't change the settings, and no apps are allowed access to the Location service, including Cortana and Search.
 -   1 (default) – Location service is allowed. The user has control and can change Location Privacy settings on or off.
--   2 – Force Location On. All Location Privacy settings are toggled on and grayed out. Users cannot change the settings and all consent permissions will be automatically suppressed.
+-   2 – Force Location On. All Location Privacy settings are toggled on and grayed out. Users can't change the settings and all consent permissions will be automatically suppressed.
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -531,7 +531,7 @@ This policy setting configures an Azure Active Directory joined device so that M
 
 For customers who enroll into the Microsoft Managed Desktop service, this policy will be enabled by default to allow Microsoft to process data for operational and analytic needs. For more information, see [Privacy and personal data](/microsoft-365/managed-desktop/service-description/privacy-personal-data.md).
 
-This setting has no effect on devices unless they are properly enrolled in Microsoft Managed Desktop.
+This setting has no effect on devices unless they're properly enrolled in Microsoft Managed Desktop.
 
 When these policies are configured, Windows diagnostic data collected from the device will be subject to Microsoft processor commitments.
 
@@ -575,7 +575,7 @@ Most restricted value is 0.
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 – SD card use is not allowed and USB drives are disabled. This setting does not prevent programmatic access to the storage card. 
+-   0 – SD card use isn't allowed and USB drives are disabled. This setting doesn't prevent programmatic access to the storage card. 
 -   1 (default) – Allow a storage card.
 
 <!--/SupportedValues-->
@@ -611,7 +611,7 @@ The following list shows the supported values:
 <!--Description-->
 Allows the device to send diagnostic and usage telemetry data, such as Watson. 
 
-For more information about diagnostic data, including what is and what is not collected by Windows, see [Configure Windows diagnostic data in your organization](/windows/privacy/configure-windows-diagnostic-data-in-your-organization).
+For more information about diagnostic data, including what is and what isn't collected by Windows, see [Configure Windows diagnostic data in your organization](/windows/privacy/configure-windows-diagnostic-data-in-your-organization).
 
 The following list shows the supported values for Windows 8.1:  
 -   0 - Not allowed.
@@ -623,19 +623,19 @@ In Windows 10, you can configure this policy setting to decide what level of dia
 
 The following list shows the supported values for Windows 10 version 1809 and older, choose the value that is applicable to your OS version (older OS values are displayed in the brackets):
 
-- 0 – **Off (Security)** This turns Windows diagnostic data off.
+- 0 – **Off (Security)** This value turns Windows diagnostic data off.
 
     > [!NOTE]
     > This value is only applicable to Windows 10 Enterprise, Windows 10 Education, Windows 10 IoT Core (IoT Core), HoloLens 2, and Windows Server 2016 (and later versions). Using this setting on other devices editions of Windows is equivalent to setting the value of 1.
 
 - 1 – **Required (Basic)** Sends basic device info, including quality-related data, app compatibility, and other similar data to keep the device secure and up-to-date.
 
-- 2 – (**Enhanced**) Sends the same data as a value of 1, plus additional insights, including how Windows apps are used, how they perform, and advanced reliability data, such as limited crash dumps.
+- 2 – (**Enhanced**) Sends the same data as a value of 1, plus extra insights, including how Windows apps are used, how they perform, and advanced reliability data, such as limited crash dumps.
 
     > [!NOTE]
     > **Enhanced** is no longer an option for Windows Holographic, version 21H1.
 
-- 3 – **Optional (Full)** Sends the same data as a value of 2, plus additional data necessary to identify and fix problems with devices such as enhanced error logs.
+- 3 – **Optional (Full)** Sends the same data as a value of 2, plus extra data necessary to identify and fix problems with devices such as enhanced error logs.
 
 Most restrictive value is 0.
 
@@ -689,7 +689,7 @@ To enable this behavior, you must complete three steps:
 
 When these policies are configured, Windows diagnostic data collected from the device will be subject to Microsoft processor commitments.
 
-If you disable or do not configure this policy setting, devices will not appear in Update Compliance.
+If you disable or don't configure this policy setting, devices won't appear in Update Compliance.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -771,7 +771,7 @@ To enable this behavior, you must complete three steps:
 
 When these policies are configured, Windows diagnostic data collected from the device will be subject to Microsoft processor commitments.
 
-If you disable or do not configure this policy setting, devices enrolled to the Windows Update for Business deployment service will not be able to take advantage of some deployment service features.
+If you disable or don't configure this policy setting, devices enrolled to the Windows Update for Business deployment service won't be able to take advantage of some deployment service features.
 
 <hr/>
 
@@ -810,16 +810,16 @@ The following list shows the supported values:
 <!--/Scope-->
 <!--Description-->
 This policy setting allows you to specify which boot-start drivers are initialized based on a classification determined by an Early Launch Antimalware boot-start driver. The Early Launch Antimalware boot-start driver can return the following classifications for each boot-start driver:
--  Good: The driver has been signed and has not been tampered with.
--  Bad: The driver has been identified as malware. It is recommended that you do not allow known bad drivers to be initialized.
--  Bad, but required for boot: The driver has been identified as malware, but the computer cannot successfully boot without loading this driver.
--  Unknown: This driver has not been attested to by your malware detection application and has not been classified by the Early Launch Antimalware boot-start driver.
+-  Good: The driver has been signed and hasn't been tampered with.
+-  Bad: The driver has been identified as malware. It's recommended that you don't allow known bad drivers to be initialized.
+-  Bad, but required for boot: The driver has been identified as malware, but the computer can't successfully boot without loading this driver.
+-  Unknown: This driver hasn't been attested to by your malware detection application and hasn't been classified by the Early Launch Antimalware boot-start driver.
 
-If you enable this policy setting you will be able to choose which boot-start drivers to initialize the next time the computer is started.
+If you enable this policy setting, you'll be able to choose which boot-start drivers to initialize the next time the computer is started.
 
-If you disable or do not configure this policy setting, the boot start drivers determined to be Good, Unknown or Bad but Boot Critical are initialized and the initialization of drivers determined to be Bad is skipped.
+If you disable or don't configure this policy setting, the boot start drivers determined to be Good, Unknown or Bad but Boot Critical are initialized and the initialization of drivers determined to be Bad is skipped.
 
-If your malware detection application does not include an Early Launch Antimalware boot-start driver or if your Early Launch Antimalware boot-start driver has been disabled, this setting has no effect and all boot-start drivers are initialized.
+If your malware detection application doesn't include an Early Launch Antimalware boot-start driver or if your Early Launch Antimalware boot-start driver has been disabled, this setting has no effect and all boot-start drivers are initialized.
 
 <!--/Description-->
 > [!TIP]
@@ -921,9 +921,9 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting determines whether a device shows notifications about telemetry levels to people on first logon or when changes occur in Settings. 
+This policy setting determines whether a device shows notifications about telemetry levels to people on first sign in or when changes occur in Settings. 
 If you set this policy setting to "Disable telemetry change notifications", telemetry level notifications stop appearing.
-If you set this policy setting to "Enable telemetry change notifications" or don't configure this policy setting, telemetry notifications appear at first logon and when changes occur in Settings.
+If you set this policy setting to "Enable telemetry change notifications" or don't configure this policy setting, telemetry notifications appear at first sign in and when changes occur in Settings.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -1075,7 +1075,7 @@ ADMX Info:
 <!--/Scope-->
 <!--Description-->
 This policy setting controls whether users can enable and launch the Diagnostic Data Viewer from the Diagnostic & Feedback Settings page.
-If you enable this policy setting, the Diagnostic Data Viewer will not be enabled in Settings page, and it will prevent the viewer from showing diagnostic data collected by Microsoft from the device.  
+If you enable this policy setting, the Diagnostic Data Viewer won't be enabled in Settings page, and it will prevent the viewer from showing diagnostic data collected by Microsoft from the device.  
 If you disable or don't configure this policy setting, the Diagnostic Data Viewer will be enabled in Settings page.
 
 <!--/Description-->
@@ -1126,7 +1126,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting blocks the Connected User Experience and Telemetry service from automatically using an authenticated proxy to send data back to Microsoft on Windows 10. If you disable or do not configure this policy setting, the Connected User Experience and Telemetry service will automatically use an authenticated proxy to send data back to Microsoft. Enabling this policy will block the Connected User Experience and Telemetry service from automatically using an authenticated proxy.
+This policy setting blocks the Connected User Experience and Telemetry service from automatically using an authenticated proxy to send data back to Microsoft on Windows 10. If you disable or don't configure this policy setting, the Connected User Experience and Telemetry service will automatically use an authenticated proxy to send data back to Microsoft. Enabling this policy will block the Connected User Experience and Telemetry service from automatically using an authenticated proxy.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -1169,13 +1169,13 @@ ADMX Info:
 <!--Description-->
 Allows IT Admins to prevent apps and features from working with files on OneDrive. If you enable this policy setting:
 
-* Users cannot access OneDrive from the OneDrive app or file picker.
-* Microsoft Store apps cannot access OneDrive using the WinRT API.
-* OneDrive does not appear in the navigation pane in File Explorer.
-* OneDrive files are not kept in sync with the cloud.
-* Users cannot automatically upload photos and videos from the camera roll folder. 
+* Users can't access OneDrive from the OneDrive app or file picker.
+* Microsoft Store apps can't access OneDrive using the WinRT API.
+* OneDrive doesn't appear in the navigation pane in File Explorer.
+* OneDrive files aren't kept in sync with the cloud.
+* Users can't automatically upload photos and videos from the camera roll folder. 
 
-If you disable or do not configure this policy setting, apps and features can work with OneDrive file storage.
+If you disable or don't configure this policy setting, apps and features can work with OneDrive file storage.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -1194,11 +1194,11 @@ The following list shows the supported values:
 
 <!--/SupportedValues-->
 <!--Validation-->
-To validate on Desktop, do the following:
+To validate on Desktop, do the following steps:
 
 1.   Enable policy.
 2.   Restart machine.
-3.   Verify that OneDrive.exe is not running in Task Manager.
+3.   Verify that OneDrive.exe isn't running in Task Manager.
 
 <!--/Validation-->
 <!--/Policy-->
@@ -1234,11 +1234,11 @@ Allows you to disable System Restore.
 
 This policy setting allows you to turn off System Restore.
 
-System Restore enables users, in the event of a problem, to restore their computers to a previous state without losing personal data files. By default, System Restore is turned on for the boot volume.
+System Restore enables users, in case of a problem, to restore their computers to a previous state without losing personal data files. By default, System Restore is turned on for the boot volume.
 
-If you enable this policy setting, System Restore is turned off, and the System Restore Wizard cannot be accessed. The option to configure System Restore or create a restore point through System Protection is also disabled.
+If you enable this policy setting, System Restore is turned off, and the System Restore Wizard can't be accessed. The option to configure System Restore or create a restore point through System Protection is also disabled.
 
-If you disable or do not configure this policy setting, users can perform System Restore and configure System Restore settings through System Protection.
+If you disable or don't configure this policy setting, users can perform System Restore and configure System Restore settings through System Protection.
 
 Also, see the "Turn off System Restore configuration" policy setting. If the "Turn off System Restore" policy setting is disabled or not configured, the "Turn off System Restore configuration" policy setting is used to determine whether the option to configure System Restore is available.
 
@@ -1287,14 +1287,14 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-When filing feedback in the Feedback Hub, diagnostic logs are collected for certain types of feedback. We now offer the option for users to save it locally, in addition to sending it to Microsoft. This policy will allow enterprises to mandate that all diagnostics are saved locally for use in internal investigations.
+When feedback in the Feedback Hub is being filed, diagnostic logs are collected for certain types of feedback. We now offer the option for users to save it locally, in addition to sending it to Microsoft. This policy will allow enterprises to mandate that all diagnostics are saved locally for use in internal investigations.
 
 <!--/Description-->
 <!--SupportedValues-->
 The following list shows the supported values:  
 
-- 0 (default) - False. The Feedback Hub will not always save a local copy of diagnostics that may be created when a feedback is submitted. The user will have the option to do so.
-- 1 - True. The Feedback Hub should always save a local copy of diagnostics that may be created when a feedback is submitted.
+- 0 (default) - False. The Feedback Hub won't always save a local copy of diagnostics that may be created when feedback is submitted. The user will have the option to do so.
+- 1 - True. The Feedback Hub should always save a local copy of diagnostics that may be created when feedback is submitted.
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -1326,9 +1326,9 @@ The following list shows the supported values:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting specifies whether diagnostic log data can be collected when more information is needed to troubleshoot a problem.  It is sent only if we have permission to collect optional diagnostic data, and only if the device meets the criteria for additional data collection.  
+This policy setting specifies whether diagnostic log data can be collected when more information is needed to troubleshoot a problem.  It's sent only if we have permission to collect optional diagnostic data, and only if the device meets the criteria for more data collection.  
 
-If you disable or do not configure this policy setting, we may occasionally collect advanced diagnostic data if the user has opted to send optional diagnostic data.
+If you disable or don't configure this policy setting, we may occasionally collect advanced diagnostic data if the user has opted to send optional diagnostic data.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -1375,11 +1375,11 @@ The following list shows the supported values:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting limits the type of dumps that can be collected when more information is needed to troubleshoot a problem.  These dumps are not sent unless we have permission to collect optional diagnostic data.
+This policy setting limits the type of dumps that can be collected when more information is needed to troubleshoot a problem.  These dumps aren't sent unless we have permission to collect optional diagnostic data.
 
-By enabling this policy setting, Windows Error Reporting is limited to sending kernel mini dumps and user mode triage dumps only. 
+With this policy setting being enabled, Windows Error Reporting is limited to sending kernel mini dumps and user mode triage dumps only. 
 
-If you disable or do not configure this policy setting, we may occasionally collect full or heap dumps if the user has opted to send optional diagnostic data.
+If you disable or don't configure this policy setting, we may occasionally collect full or heap dumps if the user has opted to send optional diagnostic data.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -1441,11 +1441,11 @@ To enable this behavior, you must complete two steps:
     - For Windows 10 version 19H1 and later: set **AllowTelemetry** to Optional (Full)
 
  
-When you configure these policy settings, a basic level of  diagnostic data plus additional events that are required for Windows Analytics are sent to Microsoft. These events are documented here: <a href="/windows/privacy/enhanced-diagnostic-data-windows-analytics-events-and-fields" data-raw-source="[Windows 10, version 1709 enhanced telemetry events and fields used by Windows Analytics](/windows/privacy/enhanced-diagnostic-data-windows-analytics-events-and-fields)">Windows 10, version 1709 enhanced telemetry events and fields used by Windows Analytics</a>.
+When you configure these policy settings, a basic level of diagnostic data plus other events that are required for Windows Analytics are sent to Microsoft. These events are documented here: <a href="/windows/privacy/enhanced-diagnostic-data-windows-analytics-events-and-fields" data-raw-source="[Windows 10, version 1709 enhanced telemetry events and fields used by Windows Analytics](/windows/privacy/enhanced-diagnostic-data-windows-analytics-events-and-fields)">Windows 10, version 1709 enhanced telemetry events and fields used by Windows Analytics</a>.
  
-Enabling enhanced diagnostic data in the Allow Telemetry  policy in combination with not configuring this policy will also send the required events for Windows Analytics, plus additional enhanced level telemetry data. This setting has no effect on computers configured to send Required (Basic) or Optional (Full) diagnostic data to Microsoft.
+Enabling enhanced diagnostic data in the Allow Telemetry policy in combination with not configuring this policy will also send the required events for Windows Analytics, plus enhanced level telemetry data. This setting has no effect on computers configured to send Required (Basic) or Optional (Full) diagnostic data to Microsoft.
    
-If you disable or do not configure this policy setting, then the level of diagnostic data sent to Microsoft is determined by the System/AllowTelemetry policy.
+If you disable or don't configure this policy setting, then the level of diagnostic data sent to Microsoft is determined by the System/AllowTelemetry policy.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -1486,9 +1486,9 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Allows you to specify the fully qualified domain name (FQDN) or IP address of a proxy server to forward Connected User Experiences and Telemetry requests. The format for this setting is *&lt;server&gt;:&lt;port&gt;*. The connection is made over a Secure Sockets Layer (SSL) connection. If the named proxy fails, or if there is no proxy specified when this policy is enabled, the Connected User Experiences and Telemetry data will not be transmitted and will remain on the local device.
+Allows you to specify the fully qualified domain name (FQDN) or IP address of a proxy server to forward Connected User Experiences and Telemetry requests. The format for this setting is *&lt;server&gt;:&lt;port&gt;*. The connection is made over a Secure Sockets Layer (SSL) connection. If the named proxy fails, or if there's no proxy specified when this policy is enabled, the Connected User Experiences and Telemetry data won't be transmitted and will remain on the local device.
 
-If you disable or do not configure this policy setting, Connected User Experiences and Telemetry will go to Microsoft using the default proxy configuration.
+If you disable or don't configure this policy setting, Connected User Experiences and Telemetry will go to Microsoft using the default proxy configuration.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -1531,9 +1531,9 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to turn off File History.
 
-If you enable this policy setting, File History cannot be activated to create regular, automatic backups.
+If you enable this policy setting, File History can't be activated to create regular, automatic backups.
 
-If you disable or do not configure this policy setting, File History can be activated to create regular, automatic backups.
+If you disable or don't configure this policy setting, File History can be activated to create regular, automatic backups.
 
 <!--/Description-->
 <!--ADMXMapped-->
diff --git a/windows/client-management/mdm/policy-csp-timelanguagesettings.md b/windows/client-management/mdm/policy-csp-timelanguagesettings.md
index c1f1785f9d..09a8420d64 100644
--- a/windows/client-management/mdm/policy-csp-timelanguagesettings.md
+++ b/windows/client-management/mdm/policy-csp-timelanguagesettings.md
@@ -65,11 +65,11 @@ manager: dansimp
 
 <!--/Scope-->
 <!--Description-->
-This policy setting controls whether the maintenance task will run to clean up language packs installed on a machine but are not used by any users on that machine.
+This policy setting controls whether the maintenance task will run to clean up language packs installed on a machine but aren't used by any users on that machine.
 
-If you enable this policy setting (value 1), language packs that are installed as part of the system image will remain installed even if they are not used by any user on that system.
+If you enable this policy setting (value 1), language packs that are installed as part of the system image will remain installed even if they aren't used by any user on that system.
 
-If you disable (value 0) or do not configure this policy setting, language packs that are installed as part of the system image but are not used by any user on that system will be removed as part of a scheduled clean up task.
+If you disable (value 0) or don't configure this policy setting, language packs that are installed as part of the system image but aren't used by any user on that system will be removed as part of a scheduled cleanup task.
 
 <!--/Description-->
 <!--SupportedValues-->
@@ -119,7 +119,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Specifies the time zone to be applied to the device. This is the standard Windows name for the target time zone.
+Specifies the time zone to be applied to the device. This policy name is the standard Windows name for the target time zone.
 
 > [!TIP]
 > To get the list of available time zones, run `Get-TimeZone -ListAvailable` in PowerShell.
@@ -165,9 +165,9 @@ Specifies the time zone to be applied to the device. This is the standard Window
 <!--Description-->
 This policy setting controls which UI language is used for computers with more than one UI language installed.
 
-If you enable this policy setting, the UI language of Windows menus and dialogs for systems with more than one language is restricted to a specified language. If the specified language is not installed on the target computer or you disable this policy setting, the language selection defaults to the language selected by the local administrator.
+If you enable this policy setting, the UI language of Windows menus and dialogs for systems with more than one language is restricted to a specified language. If the specified language isn't installed on the target computer or you disable this policy setting, the language selection defaults to the language selected by the local administrator.
 
-If you disable or do not configure this policy setting, there is no restriction of a specific language used for the Windows menus and dialogs.
+If you disable or don't configure this policy setting, there's no restriction of a specific language used for the Windows menus and dialogs.
 
 <!--/Description-->
 <!--SupportedValues-->
@@ -217,11 +217,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting restricts standard users from installing language features on demand. This policy does not restrict the Windows language, if you want to restrict the Windows language use the following policy: “Restricts the UI languages Windows should use for the selected user.”  
+This policy setting restricts standard users from installing language features on demand. This policy doesn't restrict the Windows language, if you want to restrict the Windows language use the following policy: “Restricts the UI languages Windows should use for the selected user.”  
 
 If you enable this policy setting, the installation of language features is prevented for standard users.  
 
-If you disable or do not configure this policy setting, there is no language feature installation restriction for the standard users.
+If you disable or don't configure this policy setting, there's no language feature installation restriction for the standard users.
 
 <!--/Description-->
 <!--SupportedValues-->
diff --git a/windows/client-management/mdm/policy-csp-troubleshooting.md b/windows/client-management/mdm/policy-csp-troubleshooting.md
index d04526eee3..b19352d765 100644
--- a/windows/client-management/mdm/policy-csp-troubleshooting.md
+++ b/windows/client-management/mdm/policy-csp-troubleshooting.md
@@ -66,17 +66,17 @@ ADMX Info:
 
 <!--/ADMXMapped-->
 <!--SupportedValues-->
-This is a numeric policy setting with merge algorithm (lowest value is the most secure) that uses the most restrictive settings for complex manageability scenarios.
+This setting is a numeric policy setting with merge algorithm (lowest value is the most secure) that uses the most restrictive settings for complex manageability scenarios.
 
 Supported values:  
--   0 (default) - Turn this feature off.
--   1 - Turn this feature off but still apply critical troubleshooting.
+-   0 (default) - Turn off this feature.
+-   1 - Turn off this feature but still apply critical troubleshooting.
 -   2 - Notify users when recommended troubleshooting is available, then allow the user to run or ignore it.
 -   3 - Run recommended troubleshooting automatically and notify the user after it ran successfully.
 -   4 - Run recommended troubleshooting automatically without notifying the user.
 -   5 - Allow the user to choose their own recommended troubleshooting settings.
 
-By default, this policy is not configured and the SKU based defaults are used for managed devices. Current policy values for SKU's are as follows:
+By default, this policy isn't configured and the SKU based defaults are used for managed devices. Current policy values for SKUs are as follows:
 
 |SKU|Unmanaged Default|Managed Default|
 |--- |--- |--- |
diff --git a/windows/client-management/mdm/policy-csp-update.md b/windows/client-management/mdm/policy-csp-update.md
index 7b40a61a6b..46fceb630a 100644
--- a/windows/client-management/mdm/policy-csp-update.md
+++ b/windows/client-management/mdm/policy-csp-update.md
@@ -263,7 +263,7 @@ ms.collection: highpri
 
 <!--/Scope-->
 <!--Description-->
-Allows the IT admin (when used with **Update/ActiveHoursStart**) to manage a range of active hours where update reboots are not scheduled. This value sets the end time. There is a 12-hour maximum from start time.
+Allows the IT admin (when used with **Update/ActiveHoursStart**) to manage a range of active hours where update reboots aren't scheduled. This value sets the end time. there's a 12-hour maximum from start time.
 
 > [!NOTE]
 > The default maximum difference from start time has been increased to 18 in Windows 10, version 1703. In this version of Windows 10, the maximum range of active hours can now be configured.  See **Update/ActiveHoursMaxRange** below for more information.
@@ -358,7 +358,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Allows the IT admin (when used with **Update/ActiveHoursEnd**) to manage a range of hours where update reboots are not scheduled. This value sets the start time. There is a 12-hour maximum from end time.
+Allows the IT admin (when used with **Update/ActiveHoursEnd**) to manage a range of hours where update reboots aren't scheduled. This value sets the start time. There's a 12-hour maximum from end time.
 
 > [!NOTE]
 > The default maximum difference from end time has been increased to 18 in Windows 10, version 1703. In this version of Windows 10, the maximum range of active hours can now be configured.  See **Update/ActiveHoursMaxRange** above for more information.
@@ -411,7 +411,7 @@ Enables the IT admin to manage automatic update behavior to scan, download, and
 
 Supported operations are Get and Replace.
 
-If the policy is not configured, end-users get the default behavior (Auto install and restart).
+If the policy isn't configured, end-users get the default behavior (Auto install and restart).
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -427,15 +427,15 @@ ADMX Info:
 The following list shows the supported values:
 
 - 0 – Notify the user before downloading the update. This policy is used by the enterprise who wants to enable the end users to manage data usage. With these option users are notified when there are updates that apply to the device and are ready for download. Users can download and install the updates from the Windows Update control panel.
-- 1 – Auto install the update and then notify the user to schedule a device restart. Updates are downloaded automatically on non-metered networks and installed during "Automatic Maintenance" when the device is not in use and is not running on battery power. If automatic maintenance is unable to install updates for two days, Windows Update will install updates immediately. If the installation requires a restart, the end user is prompted to schedule the restart time. The end user has up to seven days to schedule the restart and after that, a restart of the device is forced. Enabling the end user to control the start time reduces the risk of accidental data loss caused by applications that do not shut down properly on restart.
-- 2 (default) – Auto install and restart. Updates are downloaded automatically on non-metered networks and installed during "Automatic Maintenance" when the device is not in use and is not running on battery power. If automatic maintenance is unable to install updates for two days, Windows Update will install updates right away. If a restart is required, then the device is automatically restarted when the device is not actively being used. Automatic restarting when a device is not being used is the default behavior for unmanaged devices. Devices are updated quickly, but it increases the risk of accidental data loss caused by an application that does not shut down properly on restart.
+- 1 – Auto install the update and then notify the user to schedule a device restart. Updates are downloaded automatically on non-metered networks and installed during "Automatic Maintenance" when the device isn't in use and isn't running on battery power. If automatic maintenance is unable to install updates for two days, Windows Update will install updates immediately. If the installation requires a restart, the end user is prompted to schedule the restart time. The end user has up to seven days to schedule the restart and after that, a restart of the device is forced. Enabling the end user to control the start time reduces the risk of accidental data loss caused by applications that don't shut down properly on restart.
+- 2 (default) – Auto install and restart. Updates are downloaded automatically on non-metered networks and installed during "Automatic Maintenance" when the device isn't in use and isn't running on battery power. If automatic maintenance is unable to install updates for two days, Windows Update will install updates right away. If a restart is required, then the device is automatically restarted when the device isn't actively being used. Automatic restarting when a device isn't being used is the default behavior for unmanaged devices. Devices are updated quickly, but it increases the risk of accidental data loss caused by an application that doesn't shut down properly on restart.
 - 3 – Auto install and restart at a specified time. The IT specifies the installation day and time. If no day and time are specified, the default is 3 AM daily. Automatic installation happens at this time and device restart happens after a 15-minute countdown. If the user is logged in when Windows is ready to restart, the user can interrupt the 15-minute countdown to delay the restart.
-- 4 – Auto install and restart without end-user control. Updates are downloaded automatically on non-metered networks and installed during "Automatic Maintenance" when the device is not in use and is not running on battery power. If automatic maintenance is unable to install updates for two days, Windows Update will install updates right away. If a restart is required, then the device is automatically restarted when the device is not actively being used. This setting option also sets the end-user control panel to read-only.
+- 4 – Auto install and restart without end-user control. Updates are downloaded automatically on non-metered networks and installed during "Automatic Maintenance" when the device isn't in use and isn't running on battery power. If automatic maintenance is unable to install updates for two days, Windows Update will install updates right away. If a restart is required, then the device is automatically restarted when the device isn't actively being used. This setting option also sets the end-user control panel to read-only.
 - 5 – Turn off automatic updates.
 
 
 > [!IMPORTANT]
-> This option should be used only for systems under regulatory compliance, as you will not get security updates as well.
+> This option should be used only for systems under regulatory compliance, as you won't get security updates as well.
 
 
 <!--/SupportedValues-->
@@ -471,7 +471,7 @@ The following list shows the supported values:
 <!--Description-->
 Option to download updates automatically over metered connections (off by default). Value type is integer.
 
-A significant number of devices primarily use cellular data and do not have Wi-Fi access, which leads to a lower number of devices getting updates. Since a large number of devices have large data plans or unlimited data, this policy can unblock devices from getting updates.
+A significant number of devices primarily use cellular data and don't have Wi-Fi access, which leads to a lower number of devices getting updates. Since a large number of devices have large data plans or unlimited data, this policy can unblock devices from getting updates.
 
 This policy is accessible through the Update setting in the user interface or Group Policy.
 
@@ -540,7 +540,7 @@ The following list shows the supported values:
 - 1 – Allowed. Accepts updates received through Microsoft Update.
 
 > [!NOTE]
-> Setting this policy back to **0** or **Not configured** does not revert the configuration to receive updates from Microsoft Update automatically. In order to revert the configuration, you can run the PowerShell commands that are listed below to remove the Microsoft Update service:.
+> Setting this policy back to **0** or **Not configured** doesn't revert the configuration to receive updates from Microsoft Update automatically. In order to revert the configuration, you can run the PowerShell commands that are listed below to remove the Microsoft Update service:.
 
 ```
 $MUSM = New-Object -ComObject "Microsoft.Update.ServiceManager"
@@ -589,7 +589,7 @@ This policy is specific to desktop and local publishing via WSUS for third-party
 The following list shows the supported values:
 
 - 0 – Not allowed or not configured. Updates from an intranet Microsoft update service location must be signed by Microsoft.
-- 1 – Allowed. Accepts updates received through an intranet Microsoft update service location, if they are signed by a certificate found in the "Trusted Publishers" certificate store of the local computer.
+- 1 – Allowed. Accepts updates received through an intranet Microsoft update service location, if they're signed by a certificate found in the "Trusted Publishers" certificate store of the local computer.
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -643,7 +643,7 @@ ADMX Info:
 <!--SupportedValues-->
 The following list shows the supported values:
 
-- 0 – Update service is not allowed.
+- 0 – Update service isn't allowed.
 - 1 (default) – Update service is allowed.
 
 <!--/SupportedValues-->
@@ -689,10 +689,10 @@ The PC must restart for certain updates to take effect.
 
 If you enable this policy, a restart will automatically occur the specified number of days after the restart was scheduled.
 
-If you disable or do not configure this policy, the PC will restart according to the default schedule.
+If you disable or don't configure this policy, the PC will restart according to the default schedule.
 
 If any of the following two policies are enabled, this policy has no effect:
-1. No autorestart with logged on users for scheduled automatic updates installations.
+1. No autorestart with signed-in users for scheduled automatic updates installations.
 2. Always automatically restart at scheduled time.
 
 <!--/Description-->
@@ -743,11 +743,11 @@ Value type is integer. Default is 7 days.
 
 Supported values range: 2-30.
 
-Note that the PC must restart for certain updates to take effect.
+The PC must restart for certain updates to take effect.
 
 If you enable this policy, a restart will automatically occur the specified number of days after the restart was scheduled.
 
-If you disable or do not configure this policy, the PC will restart according to the default schedule.
+If you disable or don't configure this policy, the PC will restart according to the default schedule.
 
 If any of the following two policies are enabled, this policy has no effect:
 1. No autorestart with logged on users for scheduled automatic updates installations.
@@ -897,7 +897,7 @@ This policy setting allows you to configure if Automatic Maintenance should make
 
 If you enable this policy setting, Automatic Maintenance attempts to set OS wake policy and make a wake request for the daily scheduled time, if necessary.
 
-If you disable or do not configure this policy setting, the wake setting as specified in Security and Maintenance/Automatic Maintenance Control Panel applies.
+If you disable or don't configure this policy setting, the wake setting as specified in Security and Maintenance/Automatic Maintenance Control Panel applies.
 <!--/Description-->
 <!--ADMXMapped-->
 ADMX Info:  
@@ -948,7 +948,7 @@ Supported values:
 
 <!--/Scope-->
 <!--Description-->
-Allows the IT admin to set which branch a device receives their updates from. As of 1903, the branch readiness levels of General Availability Channel (Targeted) and General Availability Channel have been combined into one General Availability Channel set with a value of 16. For devices on 1903 and later releases, the value of 32 is not a supported value.
+Allows the IT admin to set which branch a device receives their updates from. As of 1903, the branch readiness levels of General Availability Channel (Targeted) and General Availability Channel have been combined into one General Availability Channel set with a value of 16. For devices on 1903 and later releases, the value of 32 isn't a supported value.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -1000,7 +1000,7 @@ The following list shows the supported values:
 
 <!--/Scope-->
 <!--Description-->
-Allows admins to specify the number of days before feature updates are installed on the device automatically. Before the deadline, restarts can be scheduled by users or automatically scheduled outside of active hours, according to [Update/ConfigureDeadlineNoAutoReboot](#update-configuredeadlinenoautoreboot). After the deadline passes, restarts will occur regardless of active hours and users will not be able to reschedule.
+Allows admins to specify the number of days before feature updates are installed on the device automatically. Before the deadline, restarts can be scheduled by users or automatically scheduled outside of active hours, according to [Update/ConfigureDeadlineNoAutoReboot](#update-configuredeadlinenoautoreboot). After the deadline passes, restarts will occur regardless of active hours and users won't be able to reschedule.
 <!--/Description-->
 <!--ADMXMapped-->
 ADMX Info:  
@@ -1052,7 +1052,7 @@ Default value is 7.
 
 <!--/Scope-->
 <!--Description-->
-Allows admins to specify the number of days before quality updates are installed on a device automatically. Before the deadline, restarts can be scheduled by users or automatically scheduled outside of active hours, according to [Update/ConfigureDeadlineNoAutoReboot](#update-configuredeadlinenoautoreboot). After deadline passes, restarts will occur regardless of active hours and users will not be able to reschedule.
+Allows admins to specify the number of days before quality updates are installed on a device automatically. Before the deadline, restarts can be scheduled by users or automatically scheduled outside of active hours, according to [Update/ConfigureDeadlineNoAutoReboot](#update-configuredeadlinenoautoreboot). After deadline passes, restarts will occur regardless of active hours and users won't be able to reschedule.
 <!--/Description-->
 <!--ADMXMapped-->
 ADMX Info:  
@@ -1104,7 +1104,7 @@ Default value is 7.
 
 <!--/Scope-->
 <!--Description-->
-When used with [Update/ConfigureDeadlineForQualityUpdates](#update-configuredeadlineforqualityupdates),allows the admin to specify a minimum number of days until restarts occur automatically for quality updates. Setting the grace period might extend the effective deadline set by the deadline policy. If [Update/ConfigureDeadlineForQualityUpdates](#update-configuredeadlineforqualityupdates) is configured but this policy is not, then the default value of 2 will be used.
+When used with [Update/ConfigureDeadlineForQualityUpdates](#update-configuredeadlineforqualityupdates),allows the admin to specify a minimum number of days until restarts occur automatically for quality updates. Setting the grace period might extend the effective deadline set by the deadline policy. If [Update/ConfigureDeadlineForQualityUpdates](#update-configuredeadlineforqualityupdates) is configured but this policy isn't, then the default value of 2 will be used.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -1158,7 +1158,7 @@ Default value is 2.
 <!--/Scope-->
 <!--Description-->
 
-When used with [Update/ConfigureDeadlineForFeatureUpdates](#update-configuredeadlineforfeatureupdates), allows the admin to specify a minimum number of days until restarts occur automatically for feature updates. Setting the grace period may extend the effective deadline set by the deadline policy. If [Update/ConfigureDeadlineForFeatureUpdates](#update-configuredeadlineforfeatureupdates) is configured but this policy is not, then the value from  [Update/ConfigureDeadlineGracePeriod](#update-configuredeadlinegraceperiod) will be used; if that policy is also not configured, then the default value of 2 will be used.
+When used with [Update/ConfigureDeadlineForFeatureUpdates](#update-configuredeadlineforfeatureupdates), allows the admin to specify a minimum number of days until restarts occur automatically for feature updates. Setting the grace period may extend the effective deadline set by the deadline policy. If [Update/ConfigureDeadlineForFeatureUpdates](#update-configuredeadlineforfeatureupdates) is configured but this policy isn't, then the value from  [Update/ConfigureDeadlineGracePeriod](#update-configuredeadlinegraceperiod) will be used; if that policy is also not configured, then the default value of 2 will be used.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -1424,12 +1424,12 @@ Update:
   - Update - CD5FFD1E-E932-4E3A-BF74-18BF0B1BBD83
   - Driver - EBFC1FC5-71A4-4F7B-9ACA-3B9A503104A0
 
-Other/cannot defer:
+Other/can't defer:
 
 - Maximum deferral: No deferral
 - Deferral increment: No deferral
 - Update type/notes:
-  Any update category not specifically enumerated above falls into this category.
+  Any update category not enumerated above falls into this category.
       - Definition Update - E0789628-CE08-4437-BE74-2495B842F43B
 
 <!--/Description-->
@@ -1562,7 +1562,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Do not allow update deferral policies to cause scans against Windows Update. If this policy is not enabled, then configuring deferral policies will result in the client unexpectedly scanning Windows update.  With the policy enabled, those scans are prevented, and users can configure deferral policies as much as they like.
+Don't allow update deferral policies to cause scans against Windows Update. If this policy isn't enabled, then configuring deferral policies will result in the client unexpectedly scanning Windows update.  With the policy enabled, those scans are prevented, and users can configure deferral policies as much as they like.
 
 For more information about dual scan, see [Demystifying "Dual Scan"](/archive/blogs/wsus/demystifying-dual-scan) and [Improving Dual Scan on 1607](/archive/blogs/wsus/improving-dual-scan-on-1607).
 
@@ -1582,8 +1582,8 @@ ADMX Info:
 <!--SupportedValues-->
 The following list shows the supported values:
 
-- 0 - allow scan against Windows Update
-- 1 - do not allow update deferral policies to cause scans against Windows Update
+- 0 - Allow scan against Windows Update
+- 1 - Don't allow update deferral policies to cause scans against Windows Update
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -1629,7 +1629,7 @@ IT admins can, if necessary, opt devices out of safeguard protections using this
 >
 > The disable safeguards policy will revert to “Not Configured” on a device after moving to a new Windows 10 version, even if previously enabled. This ensures the admin is consciously disabling Microsoft’s default protection from known issues for each new feature update. 
 >
-> Disabling safeguards does not guarantee your device will be able to successfully update. The update may still fail on the device and will likely result in a bad experience post upgrade as you are bypassing the protection given by Microsoft pertaining to known issues.
+> Disabling safeguards doesn't guarantee your device will be able to successfully update. The update may still fail on the device and will likely result in a bad experience post upgrade as you're bypassing the protection given by Microsoft pertaining to known issues.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -1644,7 +1644,7 @@ ADMX Info:
 The following list shows the supported values:
 
 - 0 (default) - Safeguards are enabled and devices may be blocked for upgrades until the safeguard is cleared.
-- 1 - Safeguards are not enabled and upgrades will be deployed without blocking on safeguards.
+- 1 - Safeguards aren't enabled and upgrades will be deployed without blocking on safeguards.
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -1679,7 +1679,7 @@ The following list shows the supported values:
 <!--Description-->
 To ensure the highest levels of security, we recommended using WSUS TLS certificate pinning on all devices. 
 
-By default, certificate pinning for Windows Update client is not enforced. 
+By default, certificate pinning for Windows Update client isn't enforced. 
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -1694,7 +1694,7 @@ ADMX Info:
 The following list shows the supported values:
 
 - 0 (default) - Enforce certificate pinning
-- 1 - Do not enforce certificate pinning
+- 1 - Don't enforce certificate pinning
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -1732,15 +1732,15 @@ For Quality Updates, this policy specifies the deadline in days before automatic
 The system will reboot on or after the specified deadline. The reboot is prioritized over any configured Active Hours and any existing system and user busy checks.
 
 > [!NOTE]
-> If Update/EngagedDeadline is the only policy set (Update/EngagedRestartTransitionSchedule and Update/EngagedRestartSnoozeSchedule are not set), the behavior goes from reboot required -> engaged behavior -> forced reboot after deadline is reached with a 3-day snooze period.
+> If Update/EngagedDeadline is the only policy set (Update/EngagedRestartTransitionSchedule and Update/EngagedRestartSnoozeSchedule aren't set), the behavior goes from reboot required -> engaged behavior -> forced reboot after deadline is reached with a 3-day snooze period.
 
 Value type is integer. Default is 14.
 
 Supported value range: 2 - 30.
 
-If no deadline is specified or deadline is set to 0, the restart will not be automatically executed and will remain Engaged restart (for example, pending user scheduling).
+If no deadline is specified or deadline is set to 0, the restart won't be automatically executed and will remain Engaged restart (for example, pending user scheduling).
 
-If you disable or do not configure this policy, the default behaviors will be used.
+If you disable or don't configure this policy, the default behaviors will be used.
 
 If any of the following policies are configured, this policy has no effect:
 1. No autorestart with logged on users for scheduled automatic updates installations
@@ -1793,9 +1793,9 @@ Value type is integer. Default is 14.
 
 Supported value range: 2-30.
 
-If no deadline is specified or deadline is set to 0, the restart will not be automatically executed and will remain Engaged restart (for example, pending user scheduling).
+If no deadline is specified or deadline is set to 0, the restart won't be automatically executed and will remain Engaged restart (for example, pending user scheduling).
 
-If you disable or do not configure this policy, the default behaviors will be used.
+If you disable or don't configure this policy, the default behaviors will be used.
 
 If any of the following policies are configured, this policy has no effect:
 1. No autorestart with logged on users for scheduled automatic updates installations
@@ -1848,7 +1848,7 @@ Value type is integer. Default is three days.
 
 Supported value range: 1-3.
 
-If you disable or do not configure this policy, the default behaviors will be used.
+If you disable or don't configure this policy, the default behaviors will be used.
 
 If any of the following policies are configured, this policy has no effect:
 1. No autorestart with logged on users for scheduled automatic updates installations
@@ -1901,7 +1901,7 @@ Value type is integer. Default is three days.
 
 Supported value range: 1-3.
 
-If you disable or do not configure this policy, the default behaviors will be used.
+If you disable or don't configure this policy, the default behaviors will be used.
 
 If any of the following policies are configured, this policy has no effect:
 1. No autorestart with logged on users for scheduled automatic updates installations
@@ -1954,7 +1954,7 @@ Value type is integer. Default value is 7 days.
 
 Supported value range: 2 - 30. 
 
-If you disable or do not configure this policy, the default behaviors will be used.
+If you disable or don't configure this policy, the default behaviors will be used.
 
 If any of the following policies are configured, this policy has no effect:
 1. No autorestart with logged on users for scheduled automatic updates installations
@@ -2007,7 +2007,7 @@ Value type is integer. Default value is seven days.
 
 Supported value range: 2-30.
 
-If you disable or do not configure this policy, the default behaviors will be used.
+If you disable or don't configure this policy, the default behaviors will be used.
 
 If any of the following policies are configured, this policy has no effect:
 1. No autorestart with logged on users for scheduled automatic updates installations
@@ -2103,10 +2103,10 @@ The following list shows the supported values:
 
 <!--/Scope-->
 <!--Description-->
-Allows Windows Update Agent to determine the download URL when it is missing from the metadata.  This scenario will occur when intranet update service stores the metadata files but the download contents are stored in the ISV file cache (specified as the <a href="#update-updateserviceurlalternate">alternate download URL</a>).
+Allows Windows Update Agent to determine the download URL when it's missing from the metadata.  This scenario will occur when intranet update service stores the metadata files but the download contents are stored in the ISV file cache (specified as the <a href="#update-updateserviceurlalternate">alternate download URL</a>).
 
 > [!NOTE]
-> This setting should only be used in combination with an alternate download URL and configured to use ISV file cache.  This setting is used when the intranet update service does not provide download URLs in the update metadata for files which are available on the alternate download server.
+> This setting should only be used in combination with an alternate download URL and configured to use ISV file cache.  This setting is used when the intranet update service doesn't provide download URLs in the update metadata for files which are available on the alternate download server.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -2164,7 +2164,7 @@ Specifies whether to ignore the MO download limit (allow unlimited downloading)
 <!--SupportedValues-->
 The following list shows the supported values:
 
-- 0 (default) – Do not ignore MO download limit for apps and their updates.
+- 0 (default) – Don't ignore MO download limit for apps and their updates.
 - 1 – Ignore MO download limit (allow unlimited downloading) for apps and their updates.
 
 <!--/SupportedValues-->
@@ -2217,7 +2217,7 @@ Specifies whether to ignore the MO download limit (allow unlimited downloading)
 <!--SupportedValues-->
 The following list shows the supported values:
 
-- 0 (default) – Do not ignore MO download limit for OS updates.
+- 0 (default) – Don't ignore MO download limit for OS updates.
 - 1 – Ignore MO download limit (allow unlimited downloading) for OS updates.
 
 <!--/SupportedValues-->
@@ -2333,7 +2333,7 @@ ADMX Info:
 <!--SupportedValues-->
 The following list shows the supported values:
 
-- 0 (default) – Deferrals are not paused.
+- 0 (default) – Deferrals aren't paused.
 - 1 – Deferrals are paused.
 
 <!--/SupportedValues-->
@@ -2368,7 +2368,7 @@ The following list shows the supported values:
 <!--/Scope-->
 <!--Description-->
 
-Allows IT Admins to pause feature updates for up to 35 days. We recomment that you use the *Update/PauseFeatureUpdatesStartTime* policy if you are running Windows 10, version 1703 or later.
+Allows IT Admins to pause feature updates for up to 35 days. We recomment that you use the *Update/PauseFeatureUpdatesStartTime* policy if you're running Windows 10, version 1703 or later.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -2383,7 +2383,7 @@ ADMX Info:
 <!--SupportedValues-->
 The following list shows the supported values:
 
-- 0 (default) – Feature Updates are not paused.
+- 0 (default) – Feature Updates aren't paused.
 - 1 – Feature Updates are paused for 35 days or until value set to back to 0, whichever is sooner.
 
 <!--/SupportedValues-->
@@ -2476,7 +2476,7 @@ ADMX Info:
 <!--SupportedValues-->
 The following list shows the supported values:
 
-- 0 (default) – Quality Updates are not paused.
+- 0 (default) – Quality Updates aren't paused.
 - 1 – Quality Updates are paused for 35 days or until value set back to 0, whichever is sooner.
 
 <!--/SupportedValues-->
@@ -2567,7 +2567,7 @@ This policy is deprecated. Use [Update/RequireUpdateApproval](#update-requireupd
 <!--Description-->
 Available in Windows 10, version 2004 and later. Enables IT administrators to specify which product they would like their device(s) to move to and/or stay on until they reach end of service or reconfigure the policy to target a new product. 
 
-If no product is specified, the device will continue receiving newer versions of the Windows product it is currently on. For details about different Windows 10 versions, see [release information](/windows/release-health/release-information).
+If no product is specified, the device will continue receiving newer versions of the Windows product it's currently on. For details about different Windows 10 versions, see [release information](/windows/release-health/release-information).
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -2589,11 +2589,11 @@ Value type is a string containing a Windows product, for example, “Windows 11
 
 <!--/Validation-->
 <!--/Policy-->
-By using this Windows Update for Business policy to upgrade devices to a new product (for example, Windows 11) you are agreeing that when applying this operating system to a device, either:
+By using this Windows Update for Business policy to upgrade devices to a new product (for example, Windows 11) you're agreeing that when applying this operating system to a device, either:
 
 1. The applicable Windows license was purchased through volume licensing, or
 
-2. That you are authorized to bind your organization and are accepting on its behalf the relevant Microsoft Software License Terms to be found here: (https://www.microsoft.com/Useterms).
+2. That you're authorized to bind your organization and are accepting on its behalf the relevant Microsoft Software License Terms to be found here: (https://www.microsoft.com/Useterms).
 
 <hr/>
 
@@ -3212,7 +3212,7 @@ The following list shows the supported values:
 
 <!--/Scope-->
 <!--Description-->
-This policy allows the IT admin to disable the "Pause Updates" feature. When this policy is enabled, the user cannot access the "Pause updates" feature.
+This policy allows the IT admin to disable the "Pause Updates" feature. When this policy is enabled, the user can't access the "Pause updates" feature.
 
 Value type is integer. Default is 0. Supported values 0, 1.
 
@@ -3253,7 +3253,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy allows the IT admin to remove access to scan Windows Update. When this policy is enabled, the user cannot access the Windows Update scan, download, and install features.
+This policy allows the IT admin to remove access to scan Windows Update. When this policy is enabled, the user can't access the Windows Update scan, download, and install features.
 
 Value type is integer. Default is 0. Supported values 0, 1.
 
@@ -3570,7 +3570,7 @@ The following list shows the supported values:
 <!--Description-->
 Available in Windows 10, version 1607 and later. By default, HTTP WSUS servers scan only if system proxy is configured. This policy setting allows you to configure user proxy as a fallback for detecting updates while using an HTTP-based intranet server despite the vulnerabilities it presents.
 
-This policy setting does not impact those customers who have, per Microsoft recommendation, secured their WSUS server with TLS/SSL protocol, thereby using HTTPS-based intranet servers to keep systems secure. That said, if a proxy is required, we recommend configuring a system proxy to ensure the highest level of security.
+This policy setting doesn't impact those customers who have, per Microsoft recommendation, secured their WSUS server with TLS/SSL protocol, thereby using HTTPS-based intranet servers to keep systems secure. That said, if a proxy is required, we recommend configuring a system proxy to ensure the highest level of security.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -3731,9 +3731,9 @@ ADMX Info:
 <!--/Scope-->
 <!--Description-->
 > [!IMPORTANT]
-> Starting in Windows 10, version 1703 this policy is not supported in IoT Mobile.
+> Starting in Windows 10, version 1703 this policy isn't supported in IoT Mobile.
 
-Allows the device to check for updates from a WSUS server instead of Microsoft Update. This setting is useful for on-premises MDMs that need to update devices that cannot connect to the Internet.
+Allows the device to check for updates from a WSUS server instead of Microsoft Update. This setting is useful for on-premises MDMs that need to update devices that can't connect to the Internet.
 
 Supported operations are Get and Replace.
 
@@ -3810,12 +3810,12 @@ This setting lets you specify a server on your network to function as an interna
 
 To use this setting, you must set two server name values: the server from which the Automatic Updates client detects and downloads updates, and the server to which updated workstations upload statistics. You can set both values to be the same server.  An optional server name value can be specified to configure Windows Update agent, and download updates from an alternate download server instead of WSUS Server.
 
-Value type is string and the default value is an empty string, "". If the setting is not configured, and if Automatic Updates is not disabled by policy or user preference, the Automatic Updates client connects directly to the Windows Update site on the Internet.
+Value type is string and the default value is an empty string, "". If the setting isn't configured, and if Automatic Updates isn't disabled by policy or user preference, the Automatic Updates client connects directly to the Windows Update site on the Internet.
 
 > [!NOTE]
 > If the "Configure Automatic Updates" Group Policy is disabled, then this policy has no effect.  
-> If the "Alternate Download Server" Group Policy is not set, it will use the WSUS server by default to download updates.  
-> This policy is not supported on Windows RT. Setting this policy will not have any effect on Windows RT PCs.
+> If the "Alternate Download Server" Group Policy isn't set, it will use the WSUS server by default to download updates.  
+> This policy isn't supported on Windows RT. Setting this policy won't have any effect on Windows RT PCs.
 
 <!--/Description-->
 <!--ADMXMapped-->

From f31faa51060444e84d28ae1e0b6510feb2529bc4 Mon Sep 17 00:00:00 2001
From: gkomatsu <gkomatsu@microsoft.com>
Date: Wed, 20 Apr 2022 08:41:26 -0700
Subject: [PATCH 087/123] Description update for auto-subscription policy

Added warning to clarify the policy is in preview state.
Fixed description of auto-subscription policy. It was mistakenly copying the description of LoadAadCredKeyFromProfile policy
---
 windows/client-management/mdm/policy-csp-remotedesktop.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/windows/client-management/mdm/policy-csp-remotedesktop.md b/windows/client-management/mdm/policy-csp-remotedesktop.md
index 5941d52099..8098c08682 100644
--- a/windows/client-management/mdm/policy-csp-remotedesktop.md
+++ b/windows/client-management/mdm/policy-csp-remotedesktop.md
@@ -18,6 +18,8 @@ manager: dansimp
 
 <!--Policies-->
 ## RemoteDesktop policies  
+> [!Warning]
+> Some information relates to prerelease products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
 
 <dl>
   <dd>
@@ -64,7 +66,7 @@ manager: dansimp
 <!--/Scope-->
 <!--Description-->
 
-This policy allows the user to load the DPAPI cred key from their user profile and decrypt any previously encrypted DPAPI data in the user profile or encrypt any new DPAPI data.
+This policy allows to set the default connection URL for Remote Desktop Application. If you define this policy the specified URL is configured as the default subscription URL to Azure Virtual Desktop work spaces. 
 
 <!--/Description-->
 

From 79224a7e657d3482503873a64fb37694035c90a1 Mon Sep 17 00:00:00 2001
From: Diana Hanson <v-dihans@microsoft.com>
Date: Wed, 20 Apr 2022 11:52:43 -0600
Subject: [PATCH 088/123] Update
 windows/security/threat-protection/auditing/monitor-the-use-of-removable-storage-devices.md

---
 .../auditing/monitor-the-use-of-removable-storage-devices.md    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/auditing/monitor-the-use-of-removable-storage-devices.md b/windows/security/threat-protection/auditing/monitor-the-use-of-removable-storage-devices.md
index 2e7159f3d2..42a29f7d54 100644
--- a/windows/security/threat-protection/auditing/monitor-the-use-of-removable-storage-devices.md
+++ b/windows/security/threat-protection/auditing/monitor-the-use-of-removable-storage-devices.md
@@ -57,7 +57,7 @@ After you configure the settings to monitor removable storage devices, use the f
 5.  Expand **Windows Logs**, and then click **Security**.
 6.  Look for event 4663, which logs successful attempts to write to or read from a removable storage device. Failures will log event 4656. Both events include **Task Category = Removable Storage device**.
    
-    For more information, see [Audit Removable Storage](audit-removable-storage.md)
+    For more information, see [Audit Removable Storage](audit-removable-storage.md).
 
     Key information to look for includes the name and account domain of the user who attempted to access the file, the object that the user is attempting to access, resource attributes of the resource, and the type of access that was attempted.
 

From 9b9dfe61f15dd9a75f636d4c742c3428bb6fbcae Mon Sep 17 00:00:00 2001
From: joshgingras <joshgingras@users.noreply.github.com>
Date: Wed, 20 Apr 2022 13:52:08 -0500
Subject: [PATCH 089/123] Update windows-11-requirements.md

Clarifying 2004 as a hard requirement to perform upgrade from Win10 to Win11. Refer to Gabe Frost email thread, 3/11/2022. Modified text to align with https://docs.microsoft.com/en-us/windows/release-health/status-windows-11-21h2.
---
 windows/whats-new/windows-11-requirements.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/whats-new/windows-11-requirements.md b/windows/whats-new/windows-11-requirements.md
index 6be3ca4505..8384e85778 100644
--- a/windows/whats-new/windows-11-requirements.md
+++ b/windows/whats-new/windows-11-requirements.md
@@ -46,7 +46,7 @@ For information about tools to evaluate readiness, see [Determine eligibility](w
 
 ## Operating system requirements
 
-For the best Windows 11 upgrade experience, eligible devices should be running Windows 10, version 2004 or later.
+Eligible Windows 10 devices must be on version 2004 or later, and have installed the September 14, 2021 security update or later, to upgrade directly to Windows 11.
 
 > [!NOTE]
 > S mode is only supported on the Home edition of Windows 11.

From 9035215ffa677befb5637e131cafb425b3759a68 Mon Sep 17 00:00:00 2001
From: Qikuan Zhou <54120054+qizho@users.noreply.github.com>
Date: Wed, 20 Apr 2022 14:45:51 -0700
Subject: [PATCH 090/123] minor fix to close tag

---
 windows/client-management/mdm/policy-csp-mixedreality.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/client-management/mdm/policy-csp-mixedreality.md b/windows/client-management/mdm/policy-csp-mixedreality.md
index ad02deaa2f..2ffbcbc142 100644
--- a/windows/client-management/mdm/policy-csp-mixedreality.md
+++ b/windows/client-management/mdm/policy-csp-mixedreality.md
@@ -36,7 +36,7 @@ manager: dansimp
     <a href="#mixedreality-fallbackdiagnostics">MixedReality/FallbackDiagnostics</a>
   </dd>
   <dd>
-    <a href="#mixedreality-headtrackingmode">MixedReality/HeadTrackingMode/a>
+    <a href="#mixedreality-headtrackingmode">MixedReality/HeadTrackingMode</a>
   </dd>
   <dd>
     <a href="#mixedreality-microphonedisabled">MixedReality/MicrophoneDisabled</a>

From f9632b8bc5e88fd359f42b76865d79c274fee805 Mon Sep 17 00:00:00 2001
From: gkomatsu <gkomatsu@microsoft.com>
Date: Wed, 20 Apr 2022 16:02:32 -0700
Subject: [PATCH 091/123] Update policy-csp-remotedesktop.md

Update to reflect feedback from David
---
 .../mdm/policy-csp-remotedesktop.md           | 32 +++----------------
 1 file changed, 4 insertions(+), 28 deletions(-)

diff --git a/windows/client-management/mdm/policy-csp-remotedesktop.md b/windows/client-management/mdm/policy-csp-remotedesktop.md
index 8098c08682..a673c8f950 100644
--- a/windows/client-management/mdm/policy-csp-remotedesktop.md
+++ b/windows/client-management/mdm/policy-csp-remotedesktop.md
@@ -30,17 +30,10 @@ manager: dansimp
   </dd>
 </dl>
 
-> [!TIP]
-> These are ADMX-backed policies and require a special SyncML format to enable or disable.  For details, see [Understanding ADMX-backed policies](./understanding-admx-backed-policies.md).
-> 
-> You must specify the data type in the SyncML as &lt;Format&gt;chr&lt;/Format&gt;. For an example SyncML, refer to [Enabling a policy](./understanding-admx-backed-policies.md#enabling-a-policy).
-> 
-> The payload of the SyncML must be XML-encoded; for this XML encoding, there are a variety of online encoders that you can use. To avoid encoding the payload, you can use CDATA if your MDM supports it.  For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
-
 <hr/>
 
 <!--Policy-->
-<a href="" id="remotedesktop-autosubscription"></a>**RemoteDesktop/AutoSubscription<**  
+<a href="" id="remotedesktop-autosubscription"></a>**RemoteDesktop/AutoSubscription**  
 
 <!--SupportedSKUs-->
 
@@ -59,26 +52,17 @@ manager: dansimp
 [Scope](./policy-configuration-service-provider.md#policy-scope):
 
 > [!div class = "checklist"]
-> * Device
+> * User
 
 <hr/>
 
 <!--/Scope-->
 <!--Description-->
 
-This policy allows to set the default connection URL for Remote Desktop Application. If you define this policy the specified URL is configured as the default subscription URL to Azure Virtual Desktop work spaces. 
+This policy allows administrators to enable automatic subscription for the Microsoft Remote Desktop client. If you define this policy, the specified URL is used by the client to silently subscribe the logged on user and retrieve the remote resources assigned to them. To automatically subscribe to Azure Virtual Desktop in the Azure Public cloud, set the URL to <https://rdweb.wvd.microsoft.com/api/arm/feeddiscovery>.
 
 <!--/Description-->
 
-<!--ADMXBacked-->
-
-ADMX Info:  
--   GP Friendly name: *Customize warning messages*
--   GP name: *AutoSubscription*
--   GP path: *System/Remote Desktop*
--   GP ADMX file name: *remotedesktop.admx*
-
-<!--/ADMXBacked-->
 <!--/Policy-->
 
 <hr/>
@@ -109,7 +93,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy allows the user to load the DPAPI cred key from their user profile and decrypt any previously encrypted DPAPI data in the user profile or encrypt any new DPAPI data.
+This policy allows the user to load the DPAPI cred key from their user profile and decrypt any previously encrypted DPAPI data in the user profile or encrypt any new DPAPI data. This policy is needed when using FSLogix user profiles from Azure AD-joined VMs.
 
 <!--/Description-->
 
@@ -121,14 +105,6 @@ The following list shows the supported values:
 
 <!--/SupportedValues-->
 
-<!--ADMXBacked-->
-ADMX Info:  
--   GP Friendly name: *Allow DPAPI cred keys to be loaded from user profiles during logon for AADJ accounts*
--   GP name: *LoadAadCredKeyFromProfile*
--   GP path: *System/RemoteDesktop*
--   GP ADMX file name: *remotedesktop.admx*
-
-<!--/ADMXBacked-->
 <!--/Policy-->
 
 <hr/>

From d7eac987b4f82486574dbac4c3870b2d6c140602 Mon Sep 17 00:00:00 2001
From: Venkat Akkinepally <veakkine@microsoft.com>
Date: Wed, 20 Apr 2022 17:04:24 -0700
Subject: [PATCH 092/123] Change incorrect information in MCC for ISP doc

---
 windows/deployment/do/mcc-isp.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/do/mcc-isp.md b/windows/deployment/do/mcc-isp.md
index 406565ed09..dd4a7afbbc 100644
--- a/windows/deployment/do/mcc-isp.md
+++ b/windows/deployment/do/mcc-isp.md
@@ -27,7 +27,7 @@ ms.topic: article
 
 Microsoft Connected Cache (MCC) preview is a software-only caching solution that delivers Microsoft content within Enterprise networks. MCC can be deployed to as many physical servers or VMs as needed, and is managed from a cloud portal. Microsoft cloud services handle routing of consumer devices to the cache server for content downloads.
 
-MCC is a hybrid (a mix of on-prem and cloud resources) SaaS solution built as an Azure IoT Edge module; it is a Docker compatible Linux container that is deployed to your Windows devices. IoT Edge for Linux on Windows (EFLOW) was chosen because it is a secure, reliable container management infrastructure. EFLOW is a Linux virtual machine, based on Microsoft's first party CBL-Mariner operating system. It’s built with the IoT Edge runtime and validated as a tier 1 supported environment for IoT Edge workloads. MCC will be a Linux IoT Edge module running on the Windows Host OS. Azure IoT Edge consists of three components that the MCC infrastructure will utilize:
+Microsoft Connected Cache is a Hybrid (mix of on-prem and cloud resources) solution composed of a Docker compatible Linux container deployed to your server and a cloud management portal. Microsoft chose Azure IoT Edge (more information on IoT Edge [in the appendix](#iot-edge-runtime)) as a secure and reliable control plane, and even though your scenario is not related to IoT, Azure IoT Edge is our secure Linux container deployment and management infrastructure. Azure IoT Edge consists of three components that the Microsoft Connected Cache infrastructure will utilize:
 
 1. A cloud-based interface that enables secure, remote installation, monitoring, and management of MCC nodes.
 2. A runtime that securely manages the modules deployed to each device.

From 104d54bee3dfe01df86f72b595e0d7147f8fad0b Mon Sep 17 00:00:00 2001
From: Venkat Akkinepally <veakkine@microsoft.com>
Date: Wed, 20 Apr 2022 17:13:54 -0700
Subject: [PATCH 093/123] Modify important onboarding information

---
 windows/deployment/do/mcc-enterprise.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/deployment/do/mcc-enterprise.md b/windows/deployment/do/mcc-enterprise.md
index 8078d99554..2622d23564 100644
--- a/windows/deployment/do/mcc-enterprise.md
+++ b/windows/deployment/do/mcc-enterprise.md
@@ -114,7 +114,7 @@ For questions regarding these instructions contact [msconnectedcache@microsoft.c
 As part of the MCC preview onboarding process an Azure subscription ID must be provided to Microsoft. 
 
 > [!IMPORTANT]
-> [Contact Microsoft](mailto:mccforenterprise@microsoft.com?subject=[MCC%20for%20Enterprise]%20Please%20add%20our%20Azure%20subscription%20to%20the%20allow%20list) and provide this information if you have not already. You'll not be able to proceed if you skip this step.
+> [Take this survey](https://aka.ms/MSConnectedCacheSignup) and provide your Azure subscription ID and contact information to be added to the allow list for this preview. You will not be able to proceed if you skip this step.
 
 For information about creating or locating your subscription ID, see [Steps to obtain an Azure Subscription ID](#steps-to-obtain-an-azure-subscription-id).
 
@@ -122,7 +122,7 @@ For information about creating or locating your subscription ID, see [Steps to o
 
 The MCC Azure management portal is used to create and manage MCC nodes. An Azure Subscription ID is used to grant access to the preview and to create the MCC resource in Azure and Cache nodes. 
 
-Send email to the MCC team ([mccforenterprise@microsoft.com](mailto:mccforenterprise@microsoft.com)) with your Azure subscription ID to get access to the preview. The team will send you a link to the Azure portal which will allow you to create the resource described below. 
+Once you take the survey above and the MCC team adds your subscription id to the allow list, you will be given a link to the Azure portal where you can create the resource described below. 
 
 1.  On the Azure Portal home page, choose **Create a resource**:  
     ![eMCC img02](images/emcc02.png)

From 837570d921797150c917254bf88916f11475f900 Mon Sep 17 00:00:00 2001
From: Siddarth Mandalika <v-smandalika@microsoft.com>
Date: Thu, 21 Apr 2022 16:18:20 +0530
Subject: [PATCH 094/123] Acrolinx enhancement

---
 .../mdm/policy-csp-userrights.md              | 42 ++++++-------
 .../policy-csp-windowsconnectionmanager.md    |  6 +-
 ...olicy-csp-windowsdefendersecuritycenter.md | 62 +++++++++----------
 .../mdm/policy-csp-windowslogon.md            | 40 ++++++------
 .../mdm/policy-csp-windowssandbox.md          | 24 +++----
 .../mdm/policy-csp-wirelessdisplay.md         | 24 +++----
 windows/client-management/mdm/proxy-csp.md    | 14 ++---
 .../client-management/mdm/pxlogical-csp.md    | 20 +++---
 .../mdm/reclaim-seat-from-user.md             |  2 +-
 ...ree-azure-active-directory-subscription.md |  2 +-
 .../client-management/mdm/remotefind-csp.md   | 16 ++---
 .../client-management/mdm/remotewipe-csp.md   |  4 +-
 .../client-management/mdm/reporting-csp.md    | 12 ++--
 .../mdm/rootcacertificates-csp.md             | 14 ++---
 .../mdm/secureassessment-csp.md               |  2 +-
 .../mdm/securitypolicy-csp.md                 | 14 ++---
 .../mdm/server-requirements-windows-mdm.md    |  4 +-
 windows/client-management/mdm/sharedpc-csp.md | 16 ++---
 .../structure-of-oma-dm-provisioning-files.md |  6 +-
 windows/client-management/mdm/supl-csp.md     | 28 ++++-----
 .../client-management/mdm/surfacehub-csp.md   | 26 ++++----
 .../mdm/understanding-admx-backed-policies.md | 26 ++++----
 .../mdm/unifiedwritefilter-csp.md             | 20 +++---
 windows/client-management/mdm/update-csp.md   | 14 ++---
 ...-scripting-with-the-wmi-bridge-provider.md |  6 +-
 25 files changed, 222 insertions(+), 222 deletions(-)

diff --git a/windows/client-management/mdm/policy-csp-userrights.md b/windows/client-management/mdm/policy-csp-userrights.md
index 7c468e27a5..3d13322718 100644
--- a/windows/client-management/mdm/policy-csp-userrights.md
+++ b/windows/client-management/mdm/policy-csp-userrights.md
@@ -19,9 +19,9 @@ manager: dansimp
 
 User rights are assigned for user accounts or groups. The name of the policy defines the user right in question, and the values are always users or groups. Values can be represented as SIDs or strings. For reference, see [Well-Known SID Structures](/openspecs/windows_protocols/ms-dtyp/81d92bba-d22b-4a8c-908a-554ab29148ab).
 
-Even though strings are supported for well-known accounts and groups, it is better to use SIDs, because strings are localized for different languages. Some user rights allow things like AccessFromNetwork, while others disallow things, like DenyAccessFromNetwork.
+Even though strings are supported for well-known accounts and groups, it's better to use SIDs, because strings are localized for different languages. Some user rights allow things like AccessFromNetwork, while others disallow things, like DenyAccessFromNetwork.
 
-Here is an example for setting the user right BackupFilesAndDirectories for Administrators and Authenticated Users groups.
+Here's an example for setting the user right BackupFilesAndDirectories for Administrators and Authenticated Users groups.
 
 ```xml
 <SyncML xmlns="SYNCML:SYNCML1.2">
@@ -219,7 +219,7 @@ For example, the following syntax grants user rights to a specific user or group
 
 <!--/Scope-->
 <!--Description-->
-This user right is used by Credential Manager during Backup/Restore. No accounts should have this privilege, as it is only assigned to Winlogon. Users' saved credentials might be compromised if this privilege is given to other entities.
+This user right is used by Credential Manager during Backup/Restore. No accounts should have this privilege, as it's only assigned to Winlogon. Users' saved credentials might be compromised if this privilege is given to other entities.
 
 <!--/Description-->
 <!--DbMapped-->
@@ -258,7 +258,7 @@ GP Info:
 
 <!--/Scope-->
 <!--Description-->
-This user right determines which users and groups are allowed to connect to the computer over the network. Remote Desktop Services are not affected by this user right.
+This user right determines which users and groups are allowed to connect to the computer over the network. Remote Desktop Services isn't affected by this user right.
 > [!NOTE]
 > Remote Desktop Services was called Terminal Services in previous versions of Windows Server.
 
@@ -340,7 +340,7 @@ GP Info:
 
 <!--/Scope-->
 <!--Description-->
-This user right determines which users can log on to the computer.
+This user right determines which users can sign in to the computer.
 > [!NOTE]
 > Modifying this setting might affect compatibility with clients, services, and applications. For compatibility information about this setting, see [Allow log on locally](https://go.microsoft.com/fwlink/?LinkId=24268 ) at the Microsoft website.
 
@@ -430,7 +430,7 @@ This user right determines which users and groups can change the time and date o
 > 
 > | Error code  | Symbolic name | Error description | Header |
 > |----------|----------|----------|----------|
-> |  0x80070032 (Hex)|ERROR_NOT_SUPPORTED|The request is not supported.|  winerror.h  |
+> |  0x80070032 (Hex)|ERROR_NOT_SUPPORTED|The request isn't supported.|  winerror.h  |
 
 <!--/Description-->
 <!--DbMapped-->
@@ -469,7 +469,7 @@ GP Info:
 
 <!--/Scope-->
 <!--Description-->
-This security setting determines whether users can create global objects that are available to all sessions. Users can still create objects that are specific to their own session if they do not have this user right. Users who can create global objects could affect processes that run under other users' sessions, which could lead to application failure or data corruption.
+This security setting determines whether users can create global objects that are available to all sessions. Users can still create objects that are specific to their own session if they don't have this user right. Users who can create global objects could affect processes that run under other users' sessions, which could lead to application failure or data corruption.
 > [!CAUTION]
 > Assigning this user right can be a security risk. Assign this user right to trusted users only.
 
@@ -510,7 +510,7 @@ GP Info:
 
 <!--/Scope-->
 <!--Description-->
-This user right determines which users and groups can call an internal application programming interface (API) to create and change the size of a page file. This user right is used internally by the operating system and usually does not need to be assigned to any users.
+This user right determines which users and groups can call an internal application programming interface (API) to create and change the size of a page file. This user right is used internally by the operating system and usually doesn't need to be assigned to any users.
 
 <!--/Description-->
 <!--DbMapped-->
@@ -549,7 +549,7 @@ GP Info:
 
 <!--/Scope-->
 <!--Description-->
-This user right determines which accounts can be used by processes to create a directory object using the object manager. This user right is used internally by the operating system and is useful to kernel-mode components that extend the object namespace. Because components that are running in kernel mode already have this user right assigned to them, it is not necessary to specifically assign it.
+This user right determines which accounts can be used by processes to create a directory object using the object manager. This user right is used internally by the operating system and is useful to kernel-mode components that extend the object namespace. Because components that are running in kernel mode already have this user right assigned to them, it's not necessary to specifically assign it.
 
 <!--/Description-->
 <!--DbMapped-->
@@ -588,7 +588,7 @@ GP Info:
 
 <!--/Scope-->
 <!--Description-->
-This user right determines if the user can create a symbolic link from the computer he is logged on to.
+This user right determines if the user can create a symbolic link from the computer they're signed in to.
 > [!CAUTION]
 > This privilege should be given to trusted users only. Symbolic links can expose security vulnerabilities in applications that aren't designed to handle them.
 > [!NOTE]
@@ -631,9 +631,9 @@ GP Info:
 
 <!--/Scope-->
 <!--Description-->
-This user right determines which accounts can be used by processes to create a token that can then be used to get access to any local resources when the process uses an internal application programming interface (API) to create an access token. This user right is used internally by the operating system. Unless it is necessary, do not assign this user right to a user, group, or process other than Local System.
+This user right determines which accounts can be used by processes to create a token that can then be used to get access to any local resources when the process uses an internal application programming interface (API) to create an access token. This user right is used internally by the operating system. Unless it's necessary, don't assign this user right to a user, group, or process other than Local System.
 > [!CAUTION]
-> Assigning this user right can be a security risk. Do not assign this user right to any user, group, or process that you do not want to take over the system.
+> Assigning this user right can be a security risk. Don't assign this user right to any user, group, or process that you don't want to take over the system.
 
 <!--/Description-->
 <!--DbMapped-->
@@ -672,7 +672,7 @@ GP Info:
 
 <!--/Scope-->
 <!--Description-->
-This user right determines which users can attach a debugger to any process or to the kernel. Developers who are debugging their own applications do not need to be assigned this user right. Developers who are debugging new system components will need this user right to be able to do so. This user right provides complete access to sensitive and critical operating system components.
+This user right determines which users can attach a debugger to any process or to the kernel. Developers who are debugging their own applications don't need to be assigned this user right. Developers who are debugging new system components will need this user right to be able to do so. This user right provides complete access to sensitive and critical operating system components.
 > [!CAUTION]
 > Assigning this user right can be a security risk. Assign this user right to trusted users only.
 
@@ -833,7 +833,7 @@ GP Info:
 
 <!--/Scope-->
 <!--Description-->
-This user right determines which users can set the Trusted for Delegation setting on a user or computer object. The user or object that is granted this privilege must have write access to the account control flags on the user or computer object. A server process running on a computer (or under a user context) that is trusted for delegation can access resources on another computer using delegated credentials of a client, as long as the client account does not have the Account cannot be delegated account control flag set.
+This user right determines which users can set the Trusted for Delegation setting on a user or computer object. The user or object that is granted this privilege must have write access to the account control flags on the user or computer object. A server process running on a computer (or under a user context) that is trusted for delegation can access resources on another computer using delegated credentials of a client, as long as the client account doesn't have the Account can't be delegated account control flag set.
 > [!CAUTION]
 > Misuse of this user right, or of the Trusted for Delegation setting, could make the network vulnerable to sophisticated attacks using Trojan horse programs that impersonate incoming clients and use their credentials to gain access to network resources.
 
@@ -919,9 +919,9 @@ Assigning this user right to a user allows programs running on behalf of that us
 > [!NOTE]
 > By default, services that are started by the Service Control Manager have the built-in Service group added to their access tokens. Component Object Model (COM) servers that are started by the COM infrastructure and that are configured to run under a specific account also have the Service group added to their access tokens. As a result, these services get this user right when they are started. In addition, a user can also impersonate an access token if any of the following conditions exist. 
 1) The access token that is being impersonated is for this user.
-2) The user, in this logon session, created the access token by logging on to the network with explicit credentials.
+2) The user, in this sign-in session, created the access token by signing in to the network with explicit credentials.
 3) The requested level is less than Impersonate, such as Anonymous or Identify.
-Because of these factors, users do not usually need this user right.
+Because of these factors, users don't usually need this user right.
 > [!WARNING]
 > If you enable this setting, programs that previously had the Impersonate privilege might lose it, and they might not run.
 
@@ -971,7 +971,7 @@ GP Info:
 -   GP path: *Windows Settings/Security Settings/Local Policies/User Rights Assignment*
 
 > [!WARNING]
-> If you remove **Window Manager\Window Manager Group** from the **Increase scheduling priority** user right, certain applications and computers do not function correctly. In particular, the INK workspace does not function correctly on unified memory architecture (UMA) laptop and desktop computers that run Windows 10, version 1903 (or later) and that use the Intel GFX driver.
+> If you remove **Window Manager\Window Manager Group** from the **Increase scheduling priority** user right, certain applications and computers don't function correctly. In particular, the INK workspace doesn't function correctly on unified memory architecture (UMA) laptop and desktop computers that run Windows 10, version 1903 (or later) and that use the Intel GFX driver.
 >
 > On affected computers, the display blinks when users draw on INK workspaces such as those that are used by Microsoft Edge, Microsoft PowerPoint, or Microsoft OneNote. The blinking occurs because the inking-related processes repeatedly try to use the Real-Time priority, but are denied permission.
 
@@ -1006,9 +1006,9 @@ GP Info:
 
 <!--/Scope-->
 <!--Description-->
-This user right determines which users can dynamically load and unload device drivers or other code in to kernel mode. This user right does not apply to Plug and Play device drivers. It is recommended that you do not assign this privilege to other users.
+This user right determines which users can dynamically load and unload device drivers or other code in to kernel mode. This user right doesn't apply to Plug and Play device drivers. It's recommended that you don't assign this privilege to other users.
 > [!CAUTION]
-> Assigning this user right can be a security risk. Do not assign this user right to any user, group, or process that you do not want to take over the system.
+> Assigning this user right can be a security risk. Don't assign this user right to any user, group, or process that you don't want to take over the system.
 
 <!--/Description-->
 <!--DbMapped-->
@@ -1086,7 +1086,7 @@ GP Info:
 
 <!--/Scope-->
 <!--Description-->
-This user right determines which users can specify object access auditing options for individual resources, such as files, Active Directory objects, and registry keys. This security setting does not allow a user to enable file and object access auditing in general. You can view audited events in the security log of the Event Viewer. A user with this privilege also can view and clear the security log.
+This user right determines which users can specify object access auditing options for individual resources, such as files, Active Directory objects, and registry keys. This security setting doesn't allow a user to enable file and object access auditing in general. You can view audited events in the security log of the Event Viewer. A user with this privilege also can view and clear the security log.
 
 <!--/Description-->
 <!--DbMapped-->
@@ -1166,7 +1166,7 @@ GP Info:
 <!--Description-->
 This user right determines who can modify firmware environment values. Firmware environment variables are settings stored in the nonvolatile RAM of non-x86-based computers. The effect of the setting depends on the processor. On x86-based computers, the only firmware environment value that can be modified by assigning this user right is the Last Known Good Configuration setting, which should be modified only by the system. On Itanium-based computers, boot information is stored in nonvolatile RAM. Users must be assigned this user right to run bootcfg.exe and to change the Default Operating System setting on Startup and Recovery in System Properties. On all computers, this user right is required to install or upgrade Windows.
 > [!NOTE]
-> This security setting does not affect who can modify the system environment variables and user environment variables that are displayed on the Advanced tab of System Properties.
+> This security setting doesn't affect who can modify the system environment variables and user environment variables that are displayed on the Advanced tab of System Properties.
 
 <!--/Description-->
 <!--DbMapped-->
diff --git a/windows/client-management/mdm/policy-csp-windowsconnectionmanager.md b/windows/client-management/mdm/policy-csp-windowsconnectionmanager.md
index 95b888306a..dd72a9ae8b 100644
--- a/windows/client-management/mdm/policy-csp-windowsconnectionmanager.md
+++ b/windows/client-management/mdm/policy-csp-windowsconnectionmanager.md
@@ -65,10 +65,10 @@ Automatic connection attempts
 - When the computer is already connected to a non-domain-based network, automatic connection attempts to domain-based networks are blocked.
 
 Manual connection attempts
-- When the computer is already connected to either a non-domain-based network or a domain-based network over media other than Ethernet, and a user attempts to create a manual connection to an additional network in violation of this policy setting, the existing network connection is disconnected and the manual connection is allowed.
-- When the computer is already connected to either a non-domain-based network or a domain-based network over Ethernet, and a user attempts to create a manual connection to an additional network in violation of this policy setting, the existing Ethernet connection is maintained and the manual connection attempt is blocked.
+- When the computer is already connected to either a non-domain-based network or a domain-based network over media other than Ethernet, and a user attempts to create a manual connection to another network in violation of this policy setting, the existing network connection is disconnected and the manual connection is allowed.
+- When the computer is already connected to either a non-domain-based network or a domain-based network over Ethernet, and a user attempts to create a manual connection to another network in violation of this policy setting, the existing Ethernet connection is maintained and the manual connection attempt is blocked.
 
-If this policy setting is not configured or is disabled, computers are allowed to connect simultaneously to both domain and non-domain networks.
+If this policy setting isn't configured or is disabled, computers are allowed to connect simultaneously to both domain and non-domain networks.
 
 <!--/Description-->
 > [!TIP]
diff --git a/windows/client-management/mdm/policy-csp-windowsdefendersecuritycenter.md b/windows/client-management/mdm/policy-csp-windowsdefendersecuritycenter.md
index 2644d6a52a..f7a519d956 100644
--- a/windows/client-management/mdm/policy-csp-windowsdefendersecuritycenter.md
+++ b/windows/client-management/mdm/policy-csp-windowsdefendersecuritycenter.md
@@ -118,7 +118,7 @@ manager: dansimp
 
 <!--/Scope-->
 <!--Description-->
-The company name that is displayed to the users. CompanyName is required for both EnableCustomizedToasts and EnableInAppCustomization. If you disable or do not configure this setting, or do not have EnableCustomizedToasts or EnableInAppCustomization enabled, then devices will not display the contact options.
+The company name that is displayed to the users. CompanyName is required for both EnableCustomizedToasts and EnableInAppCustomization. If you disable or don't configure this setting, or don't have EnableCustomizedToasts or EnableInAppCustomization enabled, then devices won't display the contact options.
 
 Value type is string. Supported operations are Add, Get, Replace and Delete.
 
@@ -162,7 +162,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Use this policy setting to specify if to display the Account protection area in Windows Defender Security Center. If you disable or do not configure this setting, Windows Defender Security Center will display this area.
+Use this policy setting to specify if to display the Account protection area in Windows Defender Security Center. If you disable or don't configure this setting, Windows Defender Security Center will display this area.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -177,7 +177,7 @@ ADMX Info:
 Valid values:
 
 - 0 - (Disable) The users can see the display of the Account protection area in Windows Defender Security Center.
-- 1 - (Enable) The users cannot see the display of the Account protection area in Windows Defender Security Center.
+- 1 - (Enable) The users can't see the display of the Account protection area in Windows Defender Security Center.
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -210,7 +210,7 @@ Valid values:
 
 <!--/Scope-->
 <!--Description-->
-Use this policy setting if you want to disable the display of the app and browser protection area in Windows Defender Security Center. If you disable or do not configure this setting, Windows Defender Security Center will display this area.
+Use this policy setting if you want to disable the display of the app and browser protection area in Windows Defender Security Center. If you disable or don't configure this setting, Windows Defender Security Center will display this area.
 
 Value type is integer. Supported operations are Add, Get, Replace and Delete.
 
@@ -227,7 +227,7 @@ ADMX Info:
 The following list shows the supported values:
 
 - 0 - (Disable) The users can see the display of the app and browser protection area in Windows Defender Security Center.
-- 1 - (Enable) The users cannot see the display of the app and browser protection area in Windows Defender Security Center.
+- 1 - (Enable) The users can't see the display of the app and browser protection area in Windows Defender Security Center.
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -324,7 +324,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Use this policy setting if you want to disable the display of the Device security area in the Windows Defender Security Center. If you disable or do not configure this setting, Windows Defender Security Center will display this area.
+Use this policy setting if you want to disable the display of the Device security area in the Windows Defender Security Center. If you disable or don't configure this setting, Windows Defender Security Center will display this area.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -339,7 +339,7 @@ ADMX Info:
 Valid values:
 
 - 0 - (Disable) The users can see the display of the Device security area in Windows Defender Security Center.
-- 1 - (Enable) The users cannot see the display of the Device security area in Windows Defender Security Center.
+- 1 - (Enable) The users can't see the display of the Device security area in Windows Defender Security Center.
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -372,10 +372,10 @@ Valid values:
 
 <!--/Scope-->
 <!--Description-->
-Use this policy if you want Windows Defender Security Center to only display notifications which are considered critical. If you disable or do not configure this setting, Windows Defender Security Center will display critical and non-critical notifications to users.
+Use this policy if you want Windows Defender Security Center to only display notifications that are considered critical. If you disable or don't configure this setting, Windows Defender Security Center will display critical and non-critical notifications to users.
 
 > [!NOTE]
-> If Suppress notification is enabled then users will not see critical or non-critical messages.
+> If Suppress notification is enabled then users won't see critical or non-critical messages.
 
 Value type is integer. Supported operations are Add, Get, Replace and Delete.
 
@@ -391,8 +391,8 @@ ADMX Info:
 <!--SupportedValues-->
 The following list shows the supported values:
 
-- 0 - (Disable) Windows Defender Security Center will display critical and non-critical notifications to users..
-- 1 - (Enable) Windows Defender Security Center only display notifications which are considered critical on clients.
+- 0 - (Disable) Windows Defender Security Center will display critical and non-critical notifications to users.
+- 1 - (Enable) Windows Defender Security Center only display notifications that are considered critical on clients.
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -425,7 +425,7 @@ The following list shows the supported values:
 
 <!--/Scope-->
 <!--Description-->
-Use this policy setting if you want to disable the display of the family options area in Windows Defender Security Center. If you disable or do not configure this setting, Windows Defender Security Center will display this area.
+Use this policy setting if you want to disable the display of the family options area in Windows Defender Security Center. If you disable or don't configure this setting, Windows Defender Security Center will display this area.
 
 Value type is integer. Supported operations are Add, Get, Replace and Delete.
 
@@ -442,7 +442,7 @@ ADMX Info:
 The following list shows the supported values:
 
 - 0 - (Disable) The users can see the display of the family options area in Windows Defender Security Center.
-- 1 - (Enable) The users cannot see the display of the family options area in Windows Defender Security Center.
+- 1 - (Enable) The users can't see the display of the family options area in Windows Defender Security Center.
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -475,7 +475,7 @@ The following list shows the supported values:
 
 <!--/Scope-->
 <!--Description-->
-Use this policy setting if you want to disable the display of the device performance and health area in Windows Defender Security Center. If you disable or do not configure this setting, Windows Defender Security Center will display this area.
+Use this policy setting if you want to disable the display of the device performance and health area in Windows Defender Security Center. If you disable or don't configure this setting, Windows Defender Security Center will display this area.
 
 Value type is integer. Supported operations are Add, Get, Replace and Delete.
 
@@ -492,7 +492,7 @@ ADMX Info:
 The following list shows the supported values:
 
 - 0 - (Disable) The users can see the display of the device performance and health area in Windows Defender Security Center.
-- 1 - (Enable) The users cannot see the display of the device performance and health area in Windows Defender Security Center.
+- 1 - (Enable) The users can't see the display of the device performance and health area in Windows Defender Security Center.
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -525,7 +525,7 @@ The following list shows the supported values:
 
 <!--/Scope-->
 <!--Description-->
-Use this policy setting if you want to disable the display of the firewall and network protection area in Windows Defender Security Center. If you disable or do not configure this setting, Windows Defender Security Center will display this area.
+Use this policy setting if you want to disable the display of the firewall and network protection area in Windows Defender Security Center. If you disable or don't configure this setting, Windows Defender Security Center will display this area.
 
 Value type is integer. Supported operations are Add, Get, Replace and Delete.
 
@@ -542,7 +542,7 @@ ADMX Info:
 The following list shows the supported values:
 
 - 0 - (Disable) The users can see the display of the firewall and network protection area in Windows Defender Security Center.
-- 1 - (Enable) The users cannot see the display of the firewall and network protection area in Windows Defender Security Center.
+- 1 - (Enable) The users can't see the display of the firewall and network protection area in Windows Defender Security Center.
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -575,7 +575,7 @@ The following list shows the supported values:
 
 <!--/Scope-->
 <!--Description-->
-Use this policy setting if you want to disable the display of Windows Defender Security Center notifications. If you disable or do not configure this setting, Windows Defender Security Center notifications will display on devices.
+Use this policy setting if you want to disable the display of Windows Defender Security Center notifications. If you disable or don't configure this setting, Windows Defender Security Center notifications will display on devices.
 
 Value type is integer. Supported operations are Add, Get, Replace and Delete.
 
@@ -592,7 +592,7 @@ ADMX Info:
 The following list shows the supported values:
 
 - 0 - (Disable) The users can see the display of Windows Defender Security Center notifications.
-- 1 - (Enable) The users cannot see the display of Windows Defender Security Center notifications.
+- 1 - (Enable) The users can't see the display of Windows Defender Security Center notifications.
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -628,7 +628,7 @@ The following list shows the supported values:
 Hide the recommendation to update TPM Firmware when a vulnerable firmware is detected.
 
 Enabled:
-Users will not be shown a recommendation to update their TPM Firmware.
+Users won't be shown a recommendation to update their TPM Firmware.
 
 Disabled:
 Users will see a recommendation to update their TPM Firmware if Windows Security detects the system contains a TPM with vulnerable firmware.        
@@ -689,7 +689,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Use this policy setting if you want to disable the display of the virus and threat protection area in Windows Defender Security Center. If you disable or do not configure this setting, Windows Defender Security Center will display this area.
+Use this policy setting if you want to disable the display of the virus and threat protection area in Windows Defender Security Center. If you disable or don't configure this setting, Windows Defender Security Center will display this area.
 
 Value type is integer. Supported operations are Add, Get, Replace and Delete.
 
@@ -706,7 +706,7 @@ ADMX Info:
 The following list shows the supported values:
 
 - 0 - (Disable) The users can see the display of the virus and threat protection area in Windows Defender Security Center.
-- 1 - (Enable) The users cannot see the display of the virus and threat protection area in Windows Defender Security Center.
+- 1 - (Enable) The users can't see the display of the virus and threat protection area in Windows Defender Security Center.
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -739,7 +739,7 @@ The following list shows the supported values:
 
 <!--/Scope-->
 <!--Description-->
-Prevent users from making changes to the exploit protection settings area in the Windows Defender Security Center. If you disable or do not configure this setting, local users can make changes in the exploit protection settings area.
+Prevent users from making changes to the exploit protection settings area in the Windows Defender Security Center. If you disable or don't configure this setting, local users can make changes in the exploit protection settings area.
 
 Value type is integer. Supported operations are Add, Get, Replace and Delete.
 
@@ -756,7 +756,7 @@ ADMX Info:
 The following list shows the supported values:
 
 - 0 - (Disable) Local users are allowed to make changes in the exploit protection settings area.
-- 1 - (Enable) Local users cannot make changes in the exploit protection settings area.
+- 1 - (Enable) Local users can't make changes in the exploit protection settings area.
 
 <!--/SupportedValues-->
 <!--/Policy-->
@@ -789,7 +789,7 @@ The following list shows the supported values:
 
 <!--/Scope-->
 <!--Description-->
-The email address that is displayed to users.  The default mail application is used to initiate email actions. If you disable or do not configure this setting, or do not have EnableCustomizedToasts or EnableInAppCustomization enabled, then devices will not display contact options.
+The email address that is displayed to users.  The default mail application is used to initiate email actions. If you disable or don't configure this setting, or don't have EnableCustomizedToasts or EnableInAppCustomization enabled, then devices won't display contact options.
 
 Value type is string. Supported operations are Add, Get, Replace and Delete.
 
@@ -833,7 +833,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Enable this policy to display your company name and contact options in the notifications. If you disable or do not configure this setting, or do not provide CompanyName and a minimum of one contact method (Phone using Skype, Email, Help portal URL) Windows Defender Security Center will display a default notification text.
+Enable this policy to display your company name and contact options in the notifications. If you disable or don't configure this setting, or don't provide CompanyName and a minimum of one contact method (Phone using Skype, Email, Help portal URL) Windows Defender Security Center will display a default notification text.
 
 Value type is integer. Supported operations are Add, Get, Replace, and Delete.
 
@@ -883,7 +883,7 @@ The following list shows the supported values:
 
 <!--/Scope-->
 <!--Description-->
-Enable this policy to have your company name and contact options displayed in a contact card fly out in Windows Defender Security Center. If you disable or do not configure this setting, or do not provide CompanyName and a minimum of one contact method (Phone using Skype, Email, Help portal URL) Windows Defender Security Center will not display the contact card fly out notification.
+Enable this policy to have your company name and contact options displayed in a contact card fly out in Windows Defender Security Center. If you disable or don't configure this setting, or don't provide CompanyName and a minimum of one contact method (Phone using Skype, Email, Help portal URL) Windows Defender Security Center won't display the contact card fly out notification.
 
 Value type is integer. Supported operations are Add, Get, Replace, and Delete.
 
@@ -899,7 +899,7 @@ ADMX Info:
 <!--SupportedValues-->
 The following list shows the supported values:
 
-- 0 - (Disable) Do not display the company name and contact options in the card fly out notification.
+- 0 - (Disable) Don't display the company name and contact options in the card fly out notification.
 - 1 - (Enable) Display the company name and contact options in the card fly out notification.
 
 <!--/SupportedValues-->
@@ -1143,7 +1143,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-The phone number or Skype ID that is displayed to users.  Skype is used to initiate the call. If you disable or do not configure this setting, or do not have EnableCustomizedToasts or EnableInAppCustomization enabled, then devices will not display contact options.
+The phone number or Skype ID that is displayed to users.  Skype is used to initiate the call. If you disable or don't configure this setting, or don't have EnableCustomizedToasts or EnableInAppCustomization enabled, then devices won't display contact options.
 
 Value type is string. Supported operations are Add, Get, Replace, and Delete.
 
@@ -1187,9 +1187,9 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-The help portal URL this is displayed to users. The default browser is used to initiate this action. If you disable or do not configure this setting, or do not have EnableCustomizedToasts or EnableInAppCustomization enabled, then the device will not display contact options.
+The help portal URL that is displayed to users. The default browser is used to initiate this action. If you disable or don't configure this setting, or don't have EnableCustomizedToasts or EnableInAppCustomization enabled, then the device won't display contact options.
 
-Value type is Value type is string. Supported operations are Add, Get, Replace, and Delete.
+Value type is string. Supported operations are Add, Get, Replace, and Delete.
 
 <!--/Description-->
 <!--ADMXMapped-->
diff --git a/windows/client-management/mdm/policy-csp-windowslogon.md b/windows/client-management/mdm/policy-csp-windowslogon.md
index 5fd902e1a7..4998d7eaf9 100644
--- a/windows/client-management/mdm/policy-csp-windowslogon.md
+++ b/windows/client-management/mdm/policy-csp-windowslogon.md
@@ -83,15 +83,15 @@ manager: dansimp
 <!--Description-->
 This policy setting controls whether a device automatically signs in and locks the last interactive user after the system restarts or after a shutdown and cold boot.
 
-This occurs only if the last interactive user did not sign out before the restart or shutdown.​
+This scenario occurs only if the last interactive user didn't sign out before the restart or shutdown.​
 
 If the device is joined to Active Directory or Azure Active Directory, this policy applies only to Windows Update restarts. Otherwise, this policy applies to both Windows Update restarts and user-initiated restarts and shutdowns.​
 
-If you do not configure this policy setting, it is enabled by default. When the policy is enabled, the user is automatically signed in and the session is automatically locked with all lock screen apps configured for that user after the device boots.​
+If you don't configure this policy setting, it's enabled by default. When the policy is enabled, the user is automatically signed in and the session is automatically locked with all lock screen apps configured for that user after the device boots.​
 
 After enabling this policy, you can configure its settings through the [ConfigAutomaticRestartSignOn](#windowslogon-configautomaticrestartsignon) policy, which configures the mode of automatically signing in and locking the last interactive user after a restart or cold boot​.
 
-If you disable this policy setting, the device does not configure automatic sign in. The user’s lock screen apps are not restarted after the system restarts.
+If you disable this policy setting, the device doesn't configure automatic sign in. The user’s lock screen apps aren't restarted after the system restarts.
 
 <!--/Description-->
 
@@ -142,17 +142,17 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting controls the configuration under which an automatic restart, sign on, and lock occurs after a restart or cold boot. If you chose “Disabled” in the [AllowAutomaticRestartSignOn](#windowslogon-allowautomaticrestartsignon) policy, then automatic sign on does not occur and this policy need not be configured.
+This policy setting controls the configuration under which an automatic restart, sign in, and lock occurs after a restart or cold boot. If you chose “Disabled” in the [AllowAutomaticRestartSignOn](#windowslogon-allowautomaticrestartsignon) policy, then automatic sign in doesn't occur and this policy need not be configured.
 
 If you enable this policy setting, you can choose one of the following two options:
 
-- Enabled if BitLocker is on and not suspended: Specifies that automatic sign on and lock occurs only if BitLocker is active and not suspended during the reboot or shutdown. Personal data can be accessed on the device’s hard drive at this time if BitLocker is not on or suspended during an update. BitLocker suspension temporarily removes protection for system components and data but may be needed in certain circumstances to successfully update boot-critical components.  
+- Enabled if BitLocker is on and not suspended: Specifies that automatic sign in and lock occurs only if BitLocker is active and not suspended during the reboot or shutdown. Personal data can be accessed on the device’s hard drive at this time if BitLocker isn't on or suspended during an update. BitLocker suspension temporarily removes protection for system components and data but may be needed in certain circumstances to successfully update boot-critical components.  
 BitLocker is suspended during updates if:
-    - The device does not have TPM 2.0 and PCR7
-    - The device does not use a TPM-only protector
-- Always Enabled: Specifies that automatic sign on happens even if BitLocker is off or suspended during reboot or shutdown. When BitLocker is not enabled, personal data is accessible on the hard drive. Automatic restart and sign on should only be run under this condition if you are confident that the configured device is in a secure physical location.
+    - The device doesn't have TPM 2.0 and PCR7
+    - The device doesn't use a TPM-only protector
+- Always Enabled: Specifies that automatic sign in happens even if BitLocker is off or suspended during reboot or shutdown. When BitLocker isn't enabled, personal data is accessible on the hard drive. Automatic restart and sign in should only be run under this condition if you're confident that the configured device is in a secure physical location.
 
-If you disable or do not configure this setting, automatic sign on defaults to the “Enabled if BitLocker is on and not suspended” behavior.
+If you disable or don't configure this setting, automatic sign in defaults to the “Enabled if BitLocker is on and not suspended” behavior.
 
 <!--/Description-->
 
@@ -207,7 +207,7 @@ This policy setting allows you to prevent app notifications from appearing on th
 
 If you enable this policy setting, no app notifications are displayed on the lock screen.
 
-If you disable or do not configure this policy setting, users can choose which apps display notifications on the lock screen.
+If you disable or don't configure this policy setting, users can choose which apps display notifications on the lock screen.
 
 <!--/Description-->
 
@@ -249,13 +249,13 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to control whether anyone can interact with available networks UI on the logon screen.
+This policy setting allows you to control whether anyone can interact with available networks UI on the sign-in screen.
 
-If you enable this policy setting, the PC's network connectivity state cannot be changed without signing into Windows.
+If you enable this policy setting, the PC's network connectivity state can't be changed without signing into Windows.
 
 If you disable or don't configure this policy setting, any user can disconnect the PC from the network or can connect the PC to other available networks without signing into Windows.
 
-Here is an example to enable this policy:
+Here's an example to enable this policy:
 
 ```xml
 <SyncML xmlns="SYNCML:SYNCML1.2">
@@ -320,16 +320,16 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to control whether users see the first sign-in animation when signing in to the computer for the first time. This applies to both the first user of the computer who completes the initial setup and users who are added to the computer later. It also controls if Microsoft account users are offered the opt-in prompt for services during their first sign-in.
+This policy setting allows you to control whether users see the first sign-in animation when signing in to the computer for the first time. This view applies to both the first user of the computer who completes the initial setup and users who are added to the computer later. It also controls if Microsoft account users are offered the opt-in prompt for services during their first sign-in.
 
 If you enable this policy setting, Microsoft account users see the opt-in prompt for services, and users with other accounts see the sign-in animation.
 
-If you disable this policy setting, users do not see the animation and Microsoft account users do not see the opt-in prompt for services.
+If you disable this policy setting, users don't see the animation and Microsoft account users don't see the opt-in prompt for services.
 
-If you do not configure this policy setting, the user who completes the initial Windows setup see the animation during their first sign-in. If the first user had already completed the initial setup and this policy setting is not configured, users new to this computer do not see the animation.
+If you don't configure this policy setting, the user who completes the initial Windows setup see the animation during their first sign-in. If the first user had already completed the initial setup and this policy setting isn't configured, users new to this computer don't see the animation.
 
 > [!NOTE]
-> The first sign-in animation is not displayed on Server, so this policy has no effect.
+> The first sign-in animation isn't displayed on Server, so this policy has no effect.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -385,7 +385,7 @@ This policy setting allows local users to be enumerated on domain-joined compute
 
 If you enable this policy setting, Logon UI will enumerate all local users on domain-joined computers.
 
-If you disable or do not configure this policy setting, the Logon UI will not enumerate local users on domain-joined computers.
+If you disable or don't configure this policy setting, the Logon UI won't enumerate local users on domain-joined computers.
 
 <!--/Description-->
 
@@ -427,7 +427,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to hide the Switch account button on the sign-in screen, Start, and the Task Manager. If you enable this policy setting, the Switch account button is hidden from the user who is attempting to sign-in or is signed in to the computer that has this policy applied. If you disable or do not configure this policy setting, the Switch account button is accessible to the user in the three locations.
+This policy setting allows you to hide the Switch account button on the sign-in screen, Start, and the Task Manager. If you enable this policy setting, the Switch account button is hidden from the user who is attempting to sign-in or is signed in to the computer that has this policy applied. If you disable or don't configure this policy setting, the Switch account button is accessible to the user in the three locations.
 
 <!--/Description-->
 <!--ADMXMapped-->
@@ -446,7 +446,7 @@ The following list shows the supported values:
 
 <!--/SupportedValues-->
 <!--Validation-->
-To validate on Desktop, do the following:
+To validate on Desktop, do the following steps:
 
 1.   Enable policy.
 2.   Verify that the Switch account button in Start is hidden.
diff --git a/windows/client-management/mdm/policy-csp-windowssandbox.md b/windows/client-management/mdm/policy-csp-windowssandbox.md
index b3c4462090..02edfd6f6e 100644
--- a/windows/client-management/mdm/policy-csp-windowssandbox.md
+++ b/windows/client-management/mdm/policy-csp-windowssandbox.md
@@ -75,9 +75,9 @@ This policy setting allows the IT admin to enable or disable audio input to the
 > [!NOTE]
 > There may be security implications of exposing host audio input to the container.
 
-If this policy is not configured, end-users get the default behavior (audio input enabled). 
+If this policy isn't configured, end-users get the default behavior (audio input enabled). 
 
-If audio input is disabled, a user will not be able to enable audio input from their own configuration file. 
+If audio input is disabled, a user won't be able to enable audio input from their own configuration file. 
 
 If audio input is enabled, a user will be able to disable audio input from their own configuration file to make the device more secure.
 
@@ -142,9 +142,9 @@ Available in the latest Windows 10 insider preview build.
 <!--Description-->
 This policy setting allows the IT admin to enable or disable sharing of the host clipboard with the sandbox.
 
-If this policy is not configured, end-users get the default behavior (clipboard redirection enabled. 
+If this policy isn't configured, end-users get the default behavior (clipboard redirection enabled. 
 
-If clipboard sharing is disabled, a user will not be able to enable clipboard sharing from their own configuration file. 
+If clipboard sharing is disabled, a user won't be able to enable clipboard sharing from their own configuration file. 
 
 If clipboard sharing is enabled, a user will be able to disable clipboard sharing from their own configuration file to make the device more secure.
 
@@ -209,9 +209,9 @@ Available in the latest Windows 10 insider preview build.
 <!--Description-->
 This policy setting allows the IT admin to enable or disable networking in Windows Sandbox. Disabling network access can decrease the attack surface exposed by the Sandbox. Enabling networking can expose untrusted applications to the internal network.
 
-If this policy is not configured, end-users get the default behavior (networking enabled).
+If this policy isn't configured, end-users get the default behavior (networking enabled).
 
-If networking is disabled, a user will not be able to enable networking from their own configuration file.
+If networking is disabled, a user won't be able to enable networking from their own configuration file.
 
 If networking is enabled, a user will be able to disable networking from their own configuration file to make the device more secure.
 
@@ -274,9 +274,9 @@ Available in the latest Windows 10 insider preview build.
 <!--Description-->
 This policy setting allows the IT admin to enable or disable printer sharing from the host into the Sandbox. 
 
-If this policy is not configured, end-users get the default behavior (printer sharing disabled). 
+If this policy isn't configured, end-users get the default behavior (printer sharing disabled). 
 
-If printer sharing is disabled, a user will not be able to enable printer sharing from their own configuration file. 
+If printer sharing is disabled, a user won't be able to enable printer sharing from their own configuration file. 
 
 If printer sharing is enabled, a user will be able to disable printer sharing from their own configuration file to make the device more secure.
 
@@ -343,9 +343,9 @@ This policy setting allows the IT admin to enable or disable virtualized GPU for
 > [!NOTE]
 > Enabling virtualized GPU can potentially increase the attack surface of Windows Sandbox. 
 
-If this policy is not configured, end-users get the default behavior (vGPU is disabled). 
+If this policy isn't configured, end-users get the default behavior (vGPU is disabled). 
 
-If vGPU is disabled, a user will not be able to enable vGPU support from their own configuration file. 
+If vGPU is disabled, a user won't be able to enable vGPU support from their own configuration file. 
 
 If vGPU is enabled, a user will be able to disable vGPU support from their own configuration file to make the device more secure.
 
@@ -412,9 +412,9 @@ This policy setting allows the IT admin to enable or disable video input to the
 > [!NOTE]
 > There may be security implications of exposing host video input to the container.
 
-If this policy is not configured, users get the default behavior (video input disabled). 
+If this policy isn't configured, users get the default behavior (video input disabled). 
 
-If video input is disabled, users will not be able to enable video input from their own configuration file. 
+If video input is disabled, users won't be able to enable video input from their own configuration file. 
 
 If video input is enabled, users will be able to disable video input from their own configuration file to make the device more secure.
 
diff --git a/windows/client-management/mdm/policy-csp-wirelessdisplay.md b/windows/client-management/mdm/policy-csp-wirelessdisplay.md
index d61b982f66..ac5e6d69fd 100644
--- a/windows/client-management/mdm/policy-csp-wirelessdisplay.md
+++ b/windows/client-management/mdm/policy-csp-wirelessdisplay.md
@@ -84,7 +84,7 @@ This policy setting allows you to turn off the Wireless Display multicast DNS se
 <!--SupportedValues-->
 The following list shows the supported values:
 
-- 0 - Do not allow
+- 0 - Don't allow
 - 1 - Allow
 
 <!--/SupportedValues-->
@@ -124,7 +124,7 @@ This policy setting allows you to turn off discovering the display service adver
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 - Do not allow
+-   0 - Don't allow
 -   1 - Allow
 
 <!--/SupportedValues-->
@@ -160,9 +160,9 @@ The following list shows the supported values:
 <!--Description-->
 This policy setting allows you to disable the infrastructure movement detection feature.
 
-If you set it to 0, your PC may stay connected and continue to project if you walk away from a Wireless Display receiver to which you are projecting over infrastructure.
+If you set it to 0, your PC may stay connected and continue to project if you walk away from a Wireless Display receiver to which you're projecting over infrastructure.
 
-If you set it to 1, your PC will detect that you have moved and will automatically disconnect your infrastructure Wireless Display session.
+If you set it to 1, your PC will detect that you've moved and will automatically disconnect your infrastructure Wireless Display session.
 
 The default value is 1.
 
@@ -171,7 +171,7 @@ The default value is 1.
 
 The following list shows the supported values:
 
-- 0 - Do not allow
+- 0 - Don't allow
 - 1 (Default) - Allow
 
 <!--/SupportedValues-->
@@ -211,7 +211,7 @@ This policy allows you to turn off projection from a PC.
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 - your PC cannot discover or project to other devices.
+-   0 - your PC can't discover or project to other devices.
 -   1 - your PC can discover and project to other devices
 
 <!--/SupportedValues-->
@@ -251,7 +251,7 @@ This policy allows you to turn off projection from a PC over infrastructure.
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 - your PC cannot discover or project to other infrastructure devices, although it is possible to discover and project over WiFi Direct.
+-   0 - your PC can't discover or project to other infrastructure devices, although it's possible to discover and project over WiFi Direct.
 -   1 - your PC can discover and project to other devices over infrastructure.
 
 <!--/SupportedValues-->
@@ -287,7 +287,7 @@ The following list shows the supported values:
 <!--Description-->
 Allow or disallow turning off the projection to a PC.
 
-If you set it to 0 (zero), your PC is not discoverable and you cannot project to it. If you set it to 1, your PC is discoverable and you can project to it above the lock screen. The user has an option to turn it always on or always off except for manual launch. In PCs that support Miracast, after the policy is applied you can verify the setting from the user interface in **Settings** &gt; **System** &gt; **Projecting to this PC**.
+If you set it to 0 (zero), your PC isn't discoverable and you can't project to it. If you set it to 1, your PC is discoverable and you can project to it above the lock screen. The user has an option to turn it always on or always off except for manual launch. In PCs that support Miracast, after the policy is applied you can verify the setting from the user interface in **Settings** &gt; **System** &gt; **Projecting to this PC**.
 
 Value type is integer.
 
@@ -303,7 +303,7 @@ ADMX Info:
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 - projection to PC is not allowed. Always off and the user cannot enable it.
+-   0 - projection to PC isn't allowed. Always off and the user can't enable it.
 -   1 (default) - projection to PC is allowed. Enabled only above the lock screen.
 
 <!--/SupportedValues-->
@@ -343,7 +343,7 @@ This policy setting allows you to turn off projection to a PC over infrastructur
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 - your PC is not discoverable and other devices cannot project to it over infrastructure, although it is possible to project to it over WiFi Direct.
+-   0 - your PC isn't discoverable and other devices can't project to it over infrastructure, although it's possible to project to it over WiFi Direct.
 -   1 - your PC is discoverable and other devices can project to it over infrastructure.
 
 <!--/SupportedValues-->
@@ -419,7 +419,7 @@ The following list shows the supported values:
 <!--Description-->
 Allow or disallow requirement for a PIN for pairing.
 
-If you turn this on, the pairing ceremony for new devices will always require a PIN. If you turn this off or do not configure it, a PIN is not required for pairing. In PCs that support Miracast, after the policy is applied you can verify the setting from the user interface in **Settings** &gt; **System** &gt; **Projecting to this PC**.
+If you turn on this policy, the pairing ceremony for new devices will always require a PIN. If you turn off this policy or don't configure it, a PIN isn't required for pairing. In PCs that support Miracast, after the policy is applied you can verify the setting from the user interface in **Settings** &gt; **System** &gt; **Projecting to this PC**.
 
 Value type is integer.
 
@@ -435,7 +435,7 @@ ADMX Info:
 <!--SupportedValues-->
 The following list shows the supported values:
 
--   0 (default) - PIN is not required.
+-   0 (default) - PIN isn't required.
 -   1 - PIN is required.
 
 <!--/SupportedValues-->
diff --git a/windows/client-management/mdm/proxy-csp.md b/windows/client-management/mdm/proxy-csp.md
index 8cea583448..33a8847c7f 100644
--- a/windows/client-management/mdm/proxy-csp.md
+++ b/windows/client-management/mdm/proxy-csp.md
@@ -22,9 +22,9 @@ The PROXY configuration service provider is used to configure proxy connections.
 
 This configuration service provider requires the ID\_CAP\_CSP\_FOUNDATION and ID\_CAP\_NETWORKING\_ADMIN capabilities to be accessed from a network configuration application.
 
-For the PROXY CSP, you cannot use the Replace command unless the node already exists.
+For the PROXY CSP, you can't use the Replace command unless the node already exists.
 
-The following shows the PROXY configuration service provider management object in tree format as used by OMA DM. The OMA Client Provisioning protocol is not supported by this configuration service provider.
+The following example shows the PROXY configuration service provider management object in tree format as used by OMA DM. The OMA Client Provisioning protocol isn't supported by this configuration service provider.
 
 ```
 ./Vendor/MSFT/Proxy
@@ -62,9 +62,9 @@ Root node for the proxy connection.
 <a href="" id="proxyname"></a>***ProxyName***
 Defines the name of a proxy connection.
 
-It is recommended that this element name is specified as a numbered node beginning at zero. For example, to provision two proxy connections, use "PROXY0" and "PROXY1" as the element names. Any unique name can be used if desired (such as "GPRS-NAP"), but no spaces may appear in the name (use %20 instead).
+It's recommended that this element name is specified as a numbered node beginning at zero. For example, to provision two proxy connections, use "PROXY0" and "PROXY1" as the element names. Any unique name can be used if desired (such as "GPRS-NAP"), but no spaces may appear in the name (use %20 instead).
 
-The addition, update, and deletion of this sub-tree of nodes have to be specified in a single atomic transaction.
+The addition, update, and deletion of this subtree of nodes have to be specified in a single atomic transaction.
 
 <a href="" id="proxyname-proxyid"></a>***ProxyName*/PROXYID**
 Specifies the unique identifier of the proxy connection.
@@ -93,7 +93,7 @@ Node for port information.
 <a href="" id="proxyname-ports-portname"></a>***ProxyName*/Ports/_PortName_**
 Defines the name of a port.
 
-It is recommended that this element name is specified as a numbered node beginning at zero. For example, to provision two ports, use "PORT0" and "PORT1" as the element names.
+It's recommended that this element name is specified as a numbered node beginning at zero. For example, to provision two ports, use "PORT0" and "PORT1" as the element names.
 
 <a href="" id="proxyname-ports-portname-portnbr"></a>***ProxyName*/Ports/*PortName*/PortNbr**
 Specifies the port number to be associated with the parent port.
@@ -104,7 +104,7 @@ Node for services information.
 <a href="" id="proxyname-ports-services-servicename"></a>***ProxyName*/Ports/Services/_ServiceName_**
 Defines the name of a service.
 
-It is recommended that this element name is specified as a numbered node beginning at zero. For example, to provision two services, use "SERVICE0" and "SERVICE1" as the element names.
+It's recommended that this element name is specified as a numbered node beginning at zero. For example, to provision two services, use "SERVICE0" and "SERVICE1" as the element names.
 
 <a href="" id="proxyname-ports-services-servicename-servicename"></a>***ProxyName*/Ports/Services/*ServiceName*/ServiceName**
 Specifies the protocol to be associated with the parent port.
@@ -117,7 +117,7 @@ Node for connection reference information
 <a href="" id="proxyname-conrefs-conrefname"></a>***ProxyName*/ConRefs/_ConRefName_**
 Defines the name of a connection reference.
 
-It is recommended that this element name is specified as a numbered node beginning at zero. For example, to provision two connection references, use "CONREF0" and "CONREF1" as the element names.
+It's recommended that this element name is specified as a numbered node beginning at zero. For example, to provision two connection references, use "CONREF0" and "CONREF1" as the element names.
 
 <a href="" id="proxyname-conrefs-conrefname-conref"></a>***ProxyName*/ConRefs/*ConRefName*/ConRef**
 Specifies one single connectivity object associated with the proxy connection.
diff --git a/windows/client-management/mdm/pxlogical-csp.md b/windows/client-management/mdm/pxlogical-csp.md
index 8a68f85050..cc8752d76b 100644
--- a/windows/client-management/mdm/pxlogical-csp.md
+++ b/windows/client-management/mdm/pxlogical-csp.md
@@ -21,7 +21,7 @@ The PXLOGICAL configuration service provider is used to add, remove, or modify W
 > This configuration service provider requires the ID\_CAP\_CSP\_FOUNDATION and ID\_CAP\_NETWORKING\_ADMIN capabilities to be accessed from a network configuration application.
 
 
-The following shows the PXLOGICAL configuration service provider management object in tree format as used by OMA Client Provisioning for initial bootstrapping of the device. The OMA DM protocol is not supported by this configuration service provider.
+The following example shows the PXLOGICAL configuration service provider management object in tree format as used by OMA Client Provisioning for initial bootstrapping of the device. The OMA DM protocol isn't supported by this configuration service provider.
 
 ```console
 PXLOGICAL
@@ -46,7 +46,7 @@ PXLOGICAL
 ```
 
 
-The following shows the PXLOGICAL configuration service provider management object in tree format as used by OMA Client Provisioning for updating the bootstrapping of the device. The OMA DM protocol is not supported by this configuration service provider.
+The following example shows the PXLOGICAL configuration service provider management object in tree format as used by OMA Client Provisioning for updating the bootstrapping of the device. The OMA DM protocol isn't supported by this configuration service provider.
 
 ```console
 PXLOGICAL
@@ -74,17 +74,17 @@ PXLOGICAL
 <a href="" id="pxphysical"></a>**PXPHYSICAL**  
 Defines a group of logical proxy settings.
 
-The element's mwid attribute is a Microsoft provisioning XML attribute, and is optional when adding a NAP or a proxy. It is required when updating and deleting existing NAPs and proxies and must have its value set to 1.
+The element's mwid attribute is a Microsoft provisioning XML attribute, and is optional when adding a NAP or a proxy. It's required when updating and deleting existing NAPs and proxies and must have its value set to 1.
 
 <a href="" id="domain"></a>**DOMAIN**  
 Specifies the domain associated with the proxy (for example, "\*.com").
 
-A Windows device supports only one proxy that does not have a DOMAIN parameter, or has an empty DOMAIN value. That is, the device only supports one default proxy. All other proxy configurations must have a DOMAIN parameter with a non-empty value. A query of this parameter returns a semicolon-delimited string of all domains associated with the proxy.
+A Windows device supports only one proxy that doesn't have a DOMAIN parameter, or has an empty DOMAIN value. That is, the device only supports one default proxy. All other proxy configurations must have a DOMAIN parameter with a non-empty value. A query of this parameter returns a semicolon-delimited string of all domains associated with the proxy.
 
 <a href="" id="name"></a>**NAME**  
 Specifies the name of the logical proxy.
 
-When a list of proxies is displayed to the user they are displayed together in a single line, so the length of this value should be short for readability.
+When a list of proxies is displayed to the user they're displayed together in a single line, so the length of this value should be short for readability.
 
 <a href="" id="port"></a>**PORT**  
 Defines the bindings between a port number and one or more protocols or services.
@@ -94,7 +94,7 @@ This configuration service provider can accept a maximum of two ports per physic
 <a href="" id="portnbr"></a>**PORTNBR**  
 Specifies the port number associated with some services on this proxy.
 
-If the PORTNBR is 80 or 443, or the PORT characteristic is missing, it is treated as an HTTP proxy.
+If the PORTNBR is 80 or 443, or the PORT characteristic is missing, it's treated as an HTTP proxy.
 
 <a href="" id="service"></a>**SERVICE**  
 Specifies the service associated with the port number.
@@ -104,7 +104,7 @@ Windows supports accepting WAP push connectionless sessions over a Short Message
 <a href="" id="pushenabled"></a>**PUSHENABLED**  
 Specifies whether or not push operations are enabled.
 
-If this element is used in PXLOGICAL, it applies to all of the PXPHYSICAL elements embedded in the PXLOGICAL element. A value of "0" indicates that the proxy does not support push operations. A value of "1" indicates that the proxy supports push operations.
+If this element is used in PXLOGICAL, it applies to all of the PXPHYSICAL elements embedded in the PXLOGICAL element. A value of "0" indicates that the proxy doesn't support push operations. A value of "1" indicates that the proxy supports push operations.
 
 <a href="" id="proxy-id"></a>**PROXY-ID**  
 Used during initial bootstrapping. Specifies the unique identifier of the logical proxy.
@@ -120,12 +120,12 @@ Specifies whether or not the physical proxies in this logical proxy are privileg
 <a href="" id="pxphysical"></a>**PXPHYSICAL**  
 Defines a group of physical proxy settings associated with the parent logical proxy.
 
-The element's mwid attribute is a Microsoft provisioning XML attribute, and is optional when adding a NAP or a proxy. It is required when updating and deleting existing NAPs and proxies and must have its value set to 1.
+The element's mwid attribute is a Microsoft provisioning XML attribute, and is optional when adding a NAP or a proxy. It's required when updating and deleting existing NAPs and proxies and must have its value set to 1.
 
 <a href="" id="physical-proxy-id"></a>**PHYSICAL-PROXY-ID**  
 Used during initial bootstrapping. Specifies the identifier of the physical proxy.
 
-When a list of proxies is displayed to the user they are displayed together in a single line, so the length of this value should be short for readability.
+When a list of proxies is displayed to the user they're displayed together in a single line, so the length of this value should be short for readability.
 
 <a href="" id="physical-proxy-id"></a>***PHYSICAL-PROXY-ID***  
 Used during bootstrapping updates. Specifies the identifier of the physical proxy.
@@ -150,7 +150,7 @@ If **TO-NAPID** is used, the NAP whose **NAPID** is referred to by **TO-NAPID**
 
 The following table shows the Microsoft custom elements that this configuration service provider supports for OMA Client Provisioning.
 
-These features are available only for the device technique. In addition, the parameter-query and characteristic-query features are not supported for all PXPHYSICAL proxy parameters for all PXADDR types. All parameters can be queried when the PXPHYSICAL proxy PXADDRType is IPv4. For example, if a mobile operator queries the TO-NAPID parameter of a PXPHYSICAL proxy and the PXADDR Type is E164, a noparm is returned.
+These features are available only for the device technique. In addition, the parameter-query and characteristic-query features aren't supported for all PXPHYSICAL proxy parameters for all PXADDR types. All parameters can be queried when the PXPHYSICAL proxy PXADDRType is IPv4. For example, if a mobile operator queries the TO-NAPID parameter of a PXPHYSICAL proxy and the PXADDR Type is E164, a noparm is returned.
 
 |Feature|Available|
 |--- |--- |
diff --git a/windows/client-management/mdm/reclaim-seat-from-user.md b/windows/client-management/mdm/reclaim-seat-from-user.md
index 5f8bb0e5da..89bfa7164d 100644
--- a/windows/client-management/mdm/reclaim-seat-from-user.md
+++ b/windows/client-management/mdm/reclaim-seat-from-user.md
@@ -37,7 +37,7 @@ The following parameters may be specified in the request URI.
 
 ### Response body
 
-The response body contain [SeatDetails](data-structures-windows-store-for-business.md#seatdetails).
+The response body contains [SeatDetails](data-structures-windows-store-for-business.md#seatdetails).
 
 |Error code|Description|Retry|Data field|Details|
 |--- |--- |--- |--- |--- |
diff --git a/windows/client-management/mdm/register-your-free-azure-active-directory-subscription.md b/windows/client-management/mdm/register-your-free-azure-active-directory-subscription.md
index f799b48992..0d32ea3135 100644
--- a/windows/client-management/mdm/register-your-free-azure-active-directory-subscription.md
+++ b/windows/client-management/mdm/register-your-free-azure-active-directory-subscription.md
@@ -29,7 +29,7 @@ If you have paid subscriptions to Office 365, Microsoft Dynamics CRM Online, Ent
 
     ![screen for registering azure-ad](images/azure-ad-add-tenant11.png)
 
-3.  On the **Admin center** page, under Admin Centers on the left, click **Azure Active Directory**. This will take you to the Azure Active Directory portal.
+3.  On the **Admin center** page, under Admin Centers on the left, click **Azure Active Directory**. You're taken to the Azure Active Directory portal.
 
     ![Azure-AD-updated.](https://user-images.githubusercontent.com/41186174/71594506-e4845300-2b40-11ea-9a08-c21c824e12a4.png)
 
diff --git a/windows/client-management/mdm/remotefind-csp.md b/windows/client-management/mdm/remotefind-csp.md
index c559340720..51ce1f0fd5 100644
--- a/windows/client-management/mdm/remotefind-csp.md
+++ b/windows/client-management/mdm/remotefind-csp.md
@@ -17,7 +17,7 @@ ms.date: 06/26/2017
 
 The RemoteFind configuration service provider retrieves the location information for a particular device.
 
-The following shows the RemoteFind configuration service provider management object in tree format as used by OMA Client Provisioning.
+The following example shows the RemoteFind configuration service provider management object in tree format as used by OMA Client Provisioning.
 ```
 ./Vendor/MSFT
 RemoteFind
@@ -35,26 +35,26 @@ RemoteFind
 <a href="" id="desiredaccuracy"></a>**DesiredAccuracy**  
 Optional. The node accepts the requested radius value in meters. Valid values for accuracy are any value between 1 and 1000 meters.
 
-The default value is 50. Replacing this value only replaces it for the current session. The value is not retained.
+The default value is 50. Replacing this value only replaces it for the current session. The value isn't retained.
 
-Supported operations are Replace and Get. The Add command is not supported.
+Supported operations are Replace and Get. The Add command isn't supported.
 
 <a href="" id="timeout"></a>**Timeout**  
 Optional. Value is DWORD in seconds.
 
-The default value is 7, and the range is 0 to 1800 seconds. Replacing this value only replaces it for the current session. The value is not retained.
+The default value is 7, and the range is 0 to 1800 seconds. Replacing this value only replaces it for the current session. The value isn't retained.
 
-Supported operations are Replace and Get. The Add command is not supported.
+Supported operations are Replace and Get. The Add command isn't supported.
 
 <a href="" id="maximumage"></a>**MaximumAge**  
 Optional. The value represents the desired time window in minutes that the server will accept a successful location retrieval. The node enables the server to set the requested age value in 100 nanoseconds. Valid values for accuracy include any integer value between 0 and 1440 minutes.
 
-The default value is 60. Replacing this value only replaces it for the current session. The value is not retained.
+The default value is 60. Replacing this value only replaces it for the current session. The value isn't retained.
 
-Supported operations are Replace and Get. The Add command is not supported.
+Supported operations are Replace and Get. The Add command isn't supported.
 
 <a href="" id="location"></a>**Location**  
-Required. Nodes under this path must be queried atomically in order to succeed. This is to prevent servers from querying incomplete sets of data.
+Required. Nodes under this path must be queried atomically in order to succeed. This condition is to prevent servers from querying incomplete sets of data.
 
 <a href="" id="latitude"></a>**Latitude**  
 Required. Provides the latitude of the last successful remote find.
diff --git a/windows/client-management/mdm/remotewipe-csp.md b/windows/client-management/mdm/remotewipe-csp.md
index 3b2af238ea..1ff78fcccf 100644
--- a/windows/client-management/mdm/remotewipe-csp.md
+++ b/windows/client-management/mdm/remotewipe-csp.md
@@ -17,7 +17,7 @@ ms.date: 08/13/2018
 
 The RemoteWipe configuration service provider can be used by mobile operators DM server or enterprise management server to remotely wipe a device. The RemoteWipe configuration service provider can make the data stored in memory and hard disks difficult to recover if the device is remotely wiped after being lost or stolen.
 
-The following shows the RemoteWipe configuration service provider management object in tree format as used by both OMA DM and OMA Client Provisioning. Enterprise IT Professionals can update these settings by using the Exchange Server.
+The following example shows the RemoteWipe configuration service provider management object in tree format as used by both OMA DM and OMA Client Provisioning. Enterprise IT Professionals can update these settings by using the Exchange Server.
 ```
 ./Vendor/MSFT
 RemoteWipe
@@ -60,7 +60,7 @@ Added in Windows 10, version 1709.  Exec on this node will perform a remote rese
 Added in Windows 10, version 1809. Node for the Autopilot Reset operation.
 
 <a href="" id="doautomaticredeployment"></a>**AutomaticRedeployment/doAutomaticRedeployment**  
-Added in Windows 10, version 1809. Exec on this node triggers Autopilot Reset operation. This works like PC Reset, similar to other existing nodes in this RemoteWipe CSP, except that it keeps the device enrolled in Azure AD and MDM, keeps Wi-Fi profiles, and a few other settings like region, language, keyboard.
+Added in Windows 10, version 1809. Exec on this node triggers Autopilot Reset operation. This node works like PC Reset, similar to other existing nodes in this RemoteWipe CSP, except that it keeps the device enrolled in Azure AD and MDM, keeps Wi-Fi profiles, and a few other settings like region, language, keyboard.
 
 <a href="" id="lasterror"></a>**AutomaticRedeployment/LastError**  
 Added in Windows 10, version 1809. Error value, if any, associated with Autopilot Reset operation (typically an HRESULT).
diff --git a/windows/client-management/mdm/reporting-csp.md b/windows/client-management/mdm/reporting-csp.md
index 196633a0c4..3167a33adc 100644
--- a/windows/client-management/mdm/reporting-csp.md
+++ b/windows/client-management/mdm/reporting-csp.md
@@ -48,13 +48,13 @@ Interior node for retrieving the security auditing logs. This node is only for m
 -->
 
 <a href="" id="retrievebytimerange"></a>**RetrieveByTimeRange**  
-Returns the logs that exist within the StartTime and StopTime. The StartTime and StopTime are expressed in ISO 8601 format. If the StartTime and StopTime are not specified, then the values are interpreted as either first existing or last existing time.
+Returns the logs that exist within the StartTime and StopTime. The StartTime and StopTime are expressed in ISO 8601 format. If the StartTime and StopTime aren't specified, then the values are interpreted as either first existing or last existing time.
 
 Here are the other possible scenarios:
 
--   If the StartTime and StopTime are not specified, then it returns all existing logs.
--   If the StopTime is specified, but the StartTime is not specified, then all logs that exist before the StopTime are returned.
--   If the StartTime is specified, but the StopTime is not specified, then all that logs that exist from the StartTime are returned.
+-   If the StartTime and StopTime aren't specified, then it returns all existing logs.
+-   If the StopTime is specified, but the StartTime isn't specified, then all logs that exist before the StopTime are returned.
+-   If the StartTime is specified, but the StopTime isn't specified, then all that logs that exist from the StartTime are returned.
 
 <a href="" id="retrievebycount"></a>**RetrieveByCount**  
 Interior node for retrieving a specified number of logs from the StartTime. The StartTime is expressed in ISO 8601 format. You can set the number of logs required by setting LogCount and StartTime. It returns the specified number of logs or less, if the total number of logs is less than LogCount.
@@ -64,7 +64,7 @@ Contains the reporting logs.
 
 Value type is XML.
 
-Supported operations is Get.
+Supported operation is Get.
 
 <a href="" id="starttime"></a>**StartTime**  
 Specifies the starting time for retrieving logs.
@@ -81,7 +81,7 @@ Value type is string. Use ISO 8601 format.
 Supported operations are Get and Replace.
 
 <a href="" id="type"></a>**Type**  
-Added in Windows 10, version 1703. Specifies the type of logs to retrieve. You can use this to retrieve the WIP learning logs.
+Added in Windows 10, version 1703. Specifies the type of logs to retrieve. You can use this policy to retrieve the WIP learning logs.
 
 Value type is integer.
 
diff --git a/windows/client-management/mdm/rootcacertificates-csp.md b/windows/client-management/mdm/rootcacertificates-csp.md
index 643e41cb54..3b298a1606 100644
--- a/windows/client-management/mdm/rootcacertificates-csp.md
+++ b/windows/client-management/mdm/rootcacertificates-csp.md
@@ -21,7 +21,7 @@ The RootCATrustedCertificates configuration service provider enables the enterpr
 > The **./User/** configuration is not supported for **RootCATrustedCertificates/Root/**.
 
  
-The following shows the RootCATrustedCertificates configuration service provider in tree format.
+The following example shows the RootCATrustedCertificates configuration service provider in tree format.
 
 Detailed specification of the principal root nodes:
 ```
@@ -82,7 +82,7 @@ Node for trusted publisher certificates.
 Node for trusted people certificates.
 
 <a href="" id="rootcatrustedcertificates-untrustedcertificates"></a>**RootCATrustedCertificates/UntrustedCertificates**  
-Added in Windows 10, version 1803. Node for certificates that are not trusted. IT admin can use this node to immediately flag certificates that have been compromised and no longer usable.
+Added in Windows 10, version 1803. Node for certificates that aren't trusted. IT admin can use this node to immediately flag certificates that have been compromised and no longer usable.
 
 <a href="" id="certhash"></a>**_CertHash_**  
 Defines the SHA1 hash for the certificate. The 20-byte value of the SHA1 certificate hash is specified as a hexadecimal string value. This node is common for all the principal root nodes.  The supported operations are Get and Delete.
@@ -90,19 +90,19 @@ Defines the SHA1 hash for the certificate. The 20-byte value of the SHA1 certifi
 The following nodes are all common to the **_CertHash_** node:
 
 <a href="" id="-encodedcertificate"></a>**/EncodedCertificate**  
-Specifies the X.509 certificate as a Base64-encoded string. The Base-64 string value cannot include extra formatting characters such as embedded linefeeds, etc.  The supported operations are Add, Get, and Replace.
+Specifies the X.509 certificate as a Base64-encoded string. The Base-64 string value can't include extra formatting characters such as embedded linefeeds, etc.  The supported operations are Add, Get, and Replace.
 
 <a href="" id="-issuedby"></a>**/IssuedBy**  
-Returns the name of the certificate issuer. This is equivalent to the **Issuer** member in the CERT\_INFO data structure.  The only supported operation is Get.
+Returns the name of the certificate issuer. This name is equivalent to the **Issuer** member in the CERT\_INFO data structure.  The only supported operation is Get.
 
 <a href="" id="-issuedto"></a>**/IssuedTo**  
-Returns the name of the certificate subject. This is equivalent to the **Subject** member in the CERT\_INFO data structure.  The only supported operation is Get.
+Returns the name of the certificate subject. This name is equivalent to the **Subject** member in the CERT\_INFO data structure.  The only supported operation is Get.
 
 <a href="" id="-validfrom"></a>**/ValidFrom**  
-Returns the starting date of the certificate's validity. This is equivalent to the **NotBefore** member in the CERT\_INFO data structure.  The only supported operation is Get.
+Returns the starting date of the certificate's validity. This date is equivalent to the **NotBefore** member in the CERT\_INFO data structure.  The only supported operation is Get.
 
 <a href="" id="-validto"></a>**/ValidTo**  
-Returns the expiration date of the certificate. This is equivalent to the **NotAfter** member in the CERT\_INFO data structure.  The only supported operation is Get.
+Returns the expiration date of the certificate. This date is equivalent to the **NotAfter** member in the CERT\_INFO data structure.  The only supported operation is Get.
 
 <a href="" id="-templatename"></a>**/TemplateName**  
 Returns the certificate template name.  The only supported operation is Get.
diff --git a/windows/client-management/mdm/secureassessment-csp.md b/windows/client-management/mdm/secureassessment-csp.md
index 1911fa064d..bdc2932777 100644
--- a/windows/client-management/mdm/secureassessment-csp.md
+++ b/windows/client-management/mdm/secureassessment-csp.md
@@ -16,7 +16,7 @@ ms.date: 06/26/2017
 
 The SecureAssessment configuration service provider is used to provide configuration information for the secure assessment browser.
 
-The following shows the SecureAssessment configuration service provider management objects in tree format as used by Open Mobile Alliance Device Management (OMA DM), OMA Client Provisioning, and Enterprise DM.
+The following example shows the SecureAssessment configuration service provider management objects in tree format as used by Open Mobile Alliance Device Management (OMA DM), OMA Client Provisioning, and Enterprise DM.
 ```
 ./Vendor/MSFT
 SecureAssessment
diff --git a/windows/client-management/mdm/securitypolicy-csp.md b/windows/client-management/mdm/securitypolicy-csp.md
index b92b03ae67..5664077e3e 100644
--- a/windows/client-management/mdm/securitypolicy-csp.md
+++ b/windows/client-management/mdm/securitypolicy-csp.md
@@ -22,9 +22,9 @@ The SecurityPolicy configuration service provider is used to configure security
 
  
 
-For the SecurityPolicy CSP, you cannot use the Replace command unless the node already exists.
+For the SecurityPolicy CSP, you can't use the Replace command unless the node already exists.
 
-The following shows the SecurityPolicy configuration service provider management object in tree format as used by both OMA DM and OMA Client Provisioning.
+The following example shows the SecurityPolicy configuration service provider management object in tree format as used by both OMA DM and OMA Client Provisioning.
 
 ```console
 ./Vendor/MSFT
@@ -65,7 +65,7 @@ The following security policies are supported.
 
 - **PolicyID**: 4111 | Hex:100f
   - **Policy name**: OTA Provisioning Policy
-  - **Policy description**: This setting determines whether PIN signed OMA Client Provisioning messages will be processed. This policy's value specifies a role mask. If a message contains at least one of the following roles in the role mask, then the message is processed. To ensure properly signed OMA Client Provisioning messages are accepted by the configuration client, all of the roles that are set in 4141, 4142, and 4143 policies must also be set in this policy. For example, to ensure properly signed USERNETWPIN signed OMA Client Provisioning messages are accepted by the device, if policy 4143 is set to 4096 (SECROLE_ANY_PUSH_SOURCE) for an carrier-unlocked device, policy 4111 must also have the SECROLE_ANY_PUSH_SOURCE role set.
+  - **Policy description**: This setting determines whether PIN signed OMA Client Provisioning messages will be processed. This policy's value specifies a role mask. If a message contains at least one of the following roles in the role mask, then the message is processed. To ensure properly signed OMA Client Provisioning messages are accepted by the configuration client, all of the roles that are set in 4141, 4142, and 4143 policies must also be set in this policy. For example, to ensure properly signed USERNETWPIN signed OMA Client Provisioning messages are accepted by the device, if policy 4143 is set to 4096 (SECROLE_ANY_PUSH_SOURCE) for a carrier-unlocked device, policy 4111 must also have the SECROLE_ANY_PUSH_SOURCE role set.
     - Default value: 384 (SECROLE_OPERATOR_TPS | SECROLE_KNOWN_PPG)
     - Supported values: SECROLE_KNOWN_PPG, SECROLE_ANY_PUSH_SOURCE, SECROLE_OPERATOR_TPS
 
@@ -74,7 +74,7 @@ The following security policies are supported.
   - **Policy description**: This setting indicates whether Wireless Session Protocol (WSP) notifications from the WAP stack are routed.
     - Default value: 1
     - Supported values: 
-      - 0: Routing of WSP notifications is not allowed.
+      - 0: Routing of WSP notifications isn't allowed.
       - 1: Routing of WSP notifications is allowed.
 
 - **PolicyID**: 4132 | Hex:1024
@@ -83,13 +83,13 @@ The following security policies are supported.
     - Default value: 0
     - Supported values: 
       - 0: The device prompts a UI to get user confirmation when the OTA WAP provisioning message is signed purely with network pin.
-      - 1: There is no user prompt.
+      - 1: There's no user prompt.
 
 - **PolicyID**: 4141 | Hex:102d
   - **Policy name**: OMA CP NETWPIN Policy
   - **Policy description**: This setting determines whether the OMA network PIN signed message will be accepted. The message's role mask and the policy's role mask are combined using the AND operator. If the result is non-zero, then the message is accepted.
     - Default value: 0
-    - Supported values: SECROLE_KNOWN_PPG, SECROLE_ANY_PUSH_SOURCE , SECROLE_OPERATOR_TPS
+    - Supported values: SECROLE_KNOWN_PPG, SECROLE_ANY_PUSH_SOURCE, SECROLE_OPERATOR_TPS
 
 - **PolicyID**: 4142 | Hex:102e
   - **Policy name**: OMA CP USERPIN Policy
@@ -201,7 +201,7 @@ The following table shows the Microsoft custom elements that this Configuration
 |Elements|Available|
 |--- |--- |
 |parm-query|Yes|
-|noparm|Yes. If this is used, then the policy is set to 0 by default (corresponding to the most restrictive of policy values).|
+|noparm|Yes. If this element is used, then the policy is set to 0 by default (corresponding to the most restrictive of policy values).|
 
  
 
diff --git a/windows/client-management/mdm/server-requirements-windows-mdm.md b/windows/client-management/mdm/server-requirements-windows-mdm.md
index 3880906b71..76c6a97981 100644
--- a/windows/client-management/mdm/server-requirements-windows-mdm.md
+++ b/windows/client-management/mdm/server-requirements-windows-mdm.md
@@ -21,13 +21,13 @@ The following list shows the general server requirements for using OMA DM to man
 
 -   The OMA DM server must support the OMA DM v1.1.2 or later protocol.
 
--   Secure Sockets Layer (SSL) must be on the OMA DM server, and it must provide server certificate-based authentication, data integrity check, and data encryption. If the certificate is not issued by a commercial Certification Authority whose root certificate is pre-installed in the device, you must provision the enterprise root certificate in the device's Root store.
+-   Secure Sockets Layer (SSL) must be on the OMA DM server, and it must provide server certificate-based authentication, data integrity check, and data encryption. If the certificate isn't issued by a commercial Certification Authority whose root certificate is pre-installed in the device, you must provision the enterprise root certificate in the device's Root store.
 
 -   To authenticate the client at the application level, you must use either Basic or MD5 client authentication.
 
 -   The server MD5 nonce must be renewed in each DM session. The DM client sends the new server nonce for the next session to the server over the Status element in every DM session.
 
--   The MD5 binary nonce is send over XML B64 encoded format, but the octal form of the binary data should be used when the service calculates the hash.
+-   The MD5 binary nonce is sent over XML B64 encoded format, but the octal form of the binary data should be used when the service calculates the hash.
 
     For more information about Basic or MD5 client authentication, MD5 hash, and MD5 nonce, see the OMA Device Management Security specification (OMA-TS-DM\_Security-V1\_2\_1-20080617-A), available from the [OMA website](https://go.microsoft.com/fwlink/p/?LinkId=526900).
 
diff --git a/windows/client-management/mdm/sharedpc-csp.md b/windows/client-management/mdm/sharedpc-csp.md
index fb2d0fb906..7f8d360143 100644
--- a/windows/client-management/mdm/sharedpc-csp.md
+++ b/windows/client-management/mdm/sharedpc-csp.md
@@ -17,7 +17,7 @@ ms.date: 01/16/2019
 
 The SharedPC configuration service provider is used to configure settings for Shared PC usage.
 
-The following shows the SharedPC configuration service provider management objects in tree format as used by Open Mobile Alliance Device Management (OMA DM), OMA Client Provisioning, and Enterprise DM.
+The following example shows the SharedPC configuration service provider management objects in tree format as used by Open Mobile Alliance Device Management (OMA DM), OMA Client Provisioning, and Enterprise DM.
 ```
 ./Vendor/MSFT
 SharedPC
@@ -133,12 +133,12 @@ Configures when accounts are deleted.
 
 The supported operations are Add, Get, Replace, and Delete.
 
-For Windows 10, version 1607, here is the list shows the supported values:
+For Windows 10, version 1607, here's the list shows the supported values:
 
 -   0 - Delete immediately.
 -   1 (default) - Delete at disk space threshold.
 
-For Windows 10, version 1703, here is the list of supported values:  
+For Windows 10, version 1703, here's the list of supported values:  
 
 - 0 - Delete immediately
 - 1 - Delete at disk space threshold
@@ -154,7 +154,7 @@ Sets the percentage of disk space remaining on a PC before cached accounts will
 
 The default value is Not Configured. Its default value in the SharedPC provisioning package is 25.
 
-For example, if the **DiskLevelCaching** number is set to 50 and the **DiskLevelDeletion** number is set to 25 (both default values). Accounts will be cached while the free disk space is above 25%. When the free disk space is less than 25% (the deletion number) during a daily maintenance period, accounts will be deleted (oldest last used first) when the system is idle until the free disk space is above 50% (the caching number). Accounts will be deleted immediately at sign off of an account if free space is under half of the deletion threshold and disk space is very low, regardless of whether the PC is actively in use or not.
+For example, if the **DiskLevelCaching** number is set to 50 and the **DiskLevelDeletion** number is set to 25 (both default values). Accounts will be cached while the free disk space is above 25%. When the free disk space is less than 25% (the deletion number) during a daily maintenance period, accounts will be deleted (oldest last used first) when the system is idle until the free disk space is above 50% (the caching number). Accounts will be deleted immediately on signing out from an account if free space is under half of the deletion threshold and disk space is low, regardless of whether the PC is actively in use or not.
 
 The supported operations are Add, Get, Replace, and Delete.
 
@@ -166,7 +166,7 @@ Sets the percentage of available disk space a PC should have before it stops del
 
 The default value is Not Configured. The default value in the SharedPC provisioning package is 25.
 
-For example, if the **DiskLevelCaching** number is set to 50 and the **DiskLevelDeletion** number is set to 25 (both default values). Accounts will be cached while the free disk space is above 25%. When the free disk space is less than 25% (the deletion number) during a maintenance period, accounts will be deleted (oldest last used first) until the free disk space is above 50% (the caching number). Accounts will be deleted immediately at sign off of an account if free space is under the deletion threshold and disk space is very low, regardless whether the PC is actively in use or not.
+For example, if the **DiskLevelCaching** number is set to 50 and the **DiskLevelDeletion** number is set to 25 (both default values). Accounts will be cached while the free disk space is above 25%. When the free disk space is less than 25% (the deletion number) during a maintenance period, accounts will be deleted (oldest last used first) until the free disk space is above 50% (the caching number). Accounts will be deleted immediately on signing out from an account if free space is under the deletion threshold and disk space is low, regardless whether the PC is actively in use or not.
 
 The supported operations are Add, Get, Replace, and Delete.
 
@@ -187,7 +187,7 @@ Value type is string. Supported operations are Add, Get, Replace, and Delete.
 > If used, this value must set before the action on the **EnableSharedPCMode** node is taken.
 
 <a href="" id="kioskmodeusertiledisplaytext"></a>**KioskModeUserTileDisplayText**  
-Added in Windows 10, version 1703. Specifies the display text for the account shown on the sign-in screen which launches the app specified by KioskModeAUMID. This node is optional. 
+Added in Windows 10, version 1703. Specifies the display text for the account shown on the sign-in screen that launches the app specified by KioskModeAUMID. This node is optional. 
 
 Value type is string. Supported operations are Add, Get, Replace, and Delete. 
 
@@ -195,14 +195,14 @@ Value type is string. Supported operations are Add, Get, Replace, and Delete.
 > If used, this value must set before the action on the **EnableSharedPCMode** node is taken.
 
 <a href="" id="inactivethreshold"></a>**InactiveThreshold**  
-Added in Windows 10, version 1703. Accounts will start being deleted when they have not been logged on during the specified period, given as number of days.
+Added in Windows 10, version 1703. Accounts will start being deleted when they haven't been logged on during the specified period, given as number of days.
 
 The default value is Not Configured. Value type is integer. Supported operations are Add, Get, Replace, and Delete.
 
 The default in the SharedPC provisioning package is 30.
 
 <a href="" id="maxpagefilesizemb"></a>**MaxPageFileSizeMB**  
-Added in Windows 10, version 1703. Maximum size of the paging file in MB. Applies only to systems with less than 32 GB storage and at least 3 GB of RAM. This node is optional. 
+Added in Windows 10, version 1703. Maximum size of the paging file in MB. Applies only to systems with less than 32-GB storage and at least 3 GB of RAM. This node is optional. 
 
 > [!NOTE]
 > If used, this value must set before the action on the **EnableSharedPCMode** node is taken.
diff --git a/windows/client-management/mdm/structure-of-oma-dm-provisioning-files.md b/windows/client-management/mdm/structure-of-oma-dm-provisioning-files.md
index ee78eb1927..573988546e 100644
--- a/windows/client-management/mdm/structure-of-oma-dm-provisioning-files.md
+++ b/windows/client-management/mdm/structure-of-oma-dm-provisioning-files.md
@@ -29,7 +29,7 @@ The following table shows the OMA DM versions that are supported.
 
 ## File format
 
-The following example shows the general structure of the XML document sent by the server using OMA DM version 1.2.1 for demonstration purposes only. The initial XML packages exchanged between client and server could contain additional XML tags. For a detailed description and samples for those packages, see the [OMA Device Management Protocol 1.2.1](https://go.microsoft.com/fwlink/p/?LinkId=526902) specification.
+The following example shows the general structure of the XML document sent by the server using OMA DM version 1.2.1 for demonstration purposes only. The initial XML packages exchanged between client and server could contain extra XML tags. For a detailed description and samples for those packages, see the [OMA Device Management Protocol 1.2.1](https://go.microsoft.com/fwlink/p/?LinkId=526902) specification.
 
 ```xml
 <SyncML xmlns='SYNCML:SYNCML1.2'>
@@ -107,7 +107,7 @@ SyncBody contains one or more DM commands. The SyncBody can contain multiple DM
 
 **Code example**
 
-The following example shows the body component of a DM message. In this example, SyncBody contains only one command, Get. This is indicated by the &lt;Final /&gt; tag that occurs immediately after the terminating tag for the Get command.
+The following example shows the body component of a DM message. In this example, SyncBody contains only one command, Get. This command is indicated by the &lt;Final /&gt; tag that occurs immediately after the terminating tag for the Get command.
 
 ```xml
 <SyncBody>
@@ -124,7 +124,7 @@ The following example shows the body component of a DM message. In this example,
 </SyncBody>
 ```
 
-When using SyncML for OMA DM provisioning, a LocURI in SyncBody can have a "." as a valid segment name only in the first segment. However, a "." is not a valid segment name for the other segments. For example, the following LocURI is not valid because the segment name of the seventh segment is a ".".
+When SyncML for OMA DM provisioning is being used, a LocURI in SyncBody can have a "." as a valid segment name only in the first segment. However, a "." isn't a valid segment name for the other segments. For example, the following LocURI isn't valid because the segment name of the seventh segment is a ".".
 
 ```xml
 <LocURI>./Vendor/MSFT/Registry/HKLM/Security/./Test</LocURI>
diff --git a/windows/client-management/mdm/supl-csp.md b/windows/client-management/mdm/supl-csp.md
index 32af3e680b..61cb297fdf 100644
--- a/windows/client-management/mdm/supl-csp.md
+++ b/windows/client-management/mdm/supl-csp.md
@@ -27,14 +27,14 @@ The SUPL configuration service provider is used to configure the location client
       - H-SLP server certificate.
       - Positioning method.
       - Version of the protocol to use by default.
-    - MCC/MNC value pairs which are used to specify which networks' UUIC the SUPL account matches.
+    - MCC/MNC value pairs that are used to specify which networks' UUIC the SUPL account matches.
   - **V2 UPL**: 
-    - Address of the server — a mobile positioning center for non-trusted mode.
+    - Address of the server—a mobile positioning center for non-trusted mode.
     - The positioning method used by the MPC for non-trusted mode.
 
 The SUPL or V2 UPL connection will be reconfigured every time the device is rebooted, a new UICC is inserted, or new settings are provisioned by using OMA Client Provisioning, OMA DM, or test tools. When the device is in roaming mode, it reverts to Mobile Station Standalone mode, in which only the built–in Microsoft location components are used.
 
-The following shows the SUPL configuration service provider management object in tree format as used by OMA DM and OMA Client Provisioning.
+The following example shows the SUPL configuration service provider management object in tree format as used by OMA DM and OMA Client Provisioning.
 
 > [!NOTE]
 > This configuration service provider requires the ID\_CAP\_CSP\_FOUNDATION capability to be accessed from a network configuration application. 
@@ -76,12 +76,12 @@ SUPL
 Required for SUPL. Defines the account for the SUPL Enabled Terminal (SET) node. Only one SUPL account is supported at a given time.
 
 <a href="" id="appid"></a>**AppID**  
-Required. The AppID for SUPL is automatically set to `"ap0004"`. This is a read-only value.
+Required. The AppID for SUPL is automatically set to `"ap0004"`. This value is a read-only value.
 
 <a href="" id="addr"></a>**Addr**  
 Optional. Specifies the address of the Home SUPL Location Platform (H-SLP) server for non-proxy mode. The value is a server address specified as a fully qualified domain name, and the port specified as an integer, with the format *server*: *port*.
 
-If this value is not specified, the device infers the H-SLP address from the IMSI as defined in the SUPL standard. To use automatic generation of the H-SLP address based on the IMSI, the MNC length must be set correctly on the UICC. Generally, this value is 2 or 3.
+If this value isn't specified, the device infers the H-SLP address from the IMSI as defined in the SUPL standard. To use automatic generation of the H-SLP address based on the IMSI, the MNC length must be set correctly on the UICC. Generally, this value is 2 or 3.
 
 For OMA DM, if the format for this node is incorrect the entry will be ignored and an error will be returned, but the configuration service provider will continue processing the rest of the parameters.
 
@@ -92,9 +92,9 @@ Optional. Determines the major version of the SUPL protocol to use. For SUPL 1.0
 Added in Windows 10, version 2004. Optional. Determines the full version (X.Y.Z where X, Y, and Z are the major version, the minor version, and the service indicator, respectively) of the SUPL protocol to use. The default is 1.0.0. If FullVersion is defined, Version field is ignored.
 
 <a href="" id="mccmncpairs"></a>**MCCMNCPairs**  
-Required. List all of the MCC and MNC pairs owned by the mobile operator. This list is used to verify that the UICC matches the network and SUPL can be used. When the UICC and network do not match, the device uses the default location service and does not use SUPL.
+Required. List all of the MCC and MNC pairs owned by the mobile operator. This list is used to verify that the UICC matches the network and SUPL can be used. When the UICC and network don't match, the device uses the default location service and doesn't use SUPL.
 
-This value is a string with the format "(X1,Y1)(X2,Y2)…(Xn,Yn)", in which `X` is a MCC and `Y` is an MNC.
+This value is a string with the format "(X1, Y1)(X2, Y2)…(Xn, Yn)", in which `X` is an MCC and `Y` is an MNC.
 
 For OMA DM, if the format for this node is incorrect the entry will be ignored and an error will be returned, but the configuration service provider will continue processing the rest of the parameters.
 
@@ -146,7 +146,7 @@ When the location toggle is set to Off and this value is set to 1, the following
 
 However, if `privacyOverride` is set in the message, the location will be returned.
 
-When the location toggle is set to Off and this value is set to 0, the location toggle does not prevent SUPL network-initiated requests from working.
+When the location toggle is set to Off and this value is set to 0, the location toggle doesn't prevent SUPL network-initiated requests from working.
 
 For OMA DM, if the format for this node is incorrect the entry will be ignored and an error will be returned, but the configuration service provider will continue processing the rest of the parameters.
 
@@ -159,7 +159,7 @@ This value manages the settings for both SUPL and v2 UPL. If a device is configu
 Optional. Integer. Defines the minimum interval of time in seconds between mobile originated requests sent to the server to prevent overloading the mobile operator's network. The default value is 60.
 
 <a href="" id="rootcertificate"></a>**RootCertificate**  
-Required. Specifies the root certificate for the H-SLP server. Windows does not support a non-secure mode. If this node is not included, the configuration service provider will fail but may not return a specific error.
+Required. Specifies the root certificate for the H-SLP server. Windows doesn't support a non-secure mode. If this node isn't included, the configuration service provider will fail but may not return a specific error.
 
 <a href="" id="rootcertificate-name"></a>**RootCertificate/Name**  
 Specifies the name of the H-SLP root certificate as a string, in the format *name*.cer.
@@ -265,7 +265,7 @@ When the location toggle is set to Off and this value is set to 1, the following
 
 However, if `privacyOverride` is set in the message, the location will be returned.
 
-When the location toggle is set to Off and this value is set to 0, the location toggle does not prevent SUPL network-initiated requests from working.
+When the location toggle is set to Off and this value is set to 0, the location toggle doesn't prevent SUPL network-initiated requests from working.
 
 For OMA DM, if the format for this node is incorrect the entry will be ignored and an error will be returned, but the configuration service provider will continue processing the rest of the parameters.
 
@@ -283,7 +283,7 @@ Optional. Integer. Defines the minimum interval of time in seconds between mobil
 ## Unsupported Nodes
 
 
-The following optional nodes are not supported on Windows devices.
+The following optional nodes aren't supported on Windows devices.
 
 -   ProviderID
 
@@ -299,14 +299,14 @@ The following optional nodes are not supported on Windows devices.
 
 -   AddrType
 
-If the configuration application tries to set, delete or query these nodes, a response indicating this node is not implemented will be returned over OMA DM. In OMA Client Provisioning, the request to set this node will be ignored and the configuration service provider will continue processing the rest of the nodes.
+If the configuration application tries to set, delete or query these nodes, a response indicating this node isn't implemented will be returned over OMA DM. In OMA Client Provisioning, the request to set this node will be ignored and the configuration service provider will continue processing the rest of the nodes.
 
-If a mobile operator requires the communication with the H-SLP to take place over a specific connection rather than a default cellular connection, then this must be configured by using the [CM\_CellularEntries configuration service provider](cm-cellularentries-csp.md) and the [CM\_ProxyEntries configuration service provider](cm-proxyentries-csp.md) to map the H-SLP server with the required connection.
+If a mobile operator requires the communication with the H-SLP to take place over a specific connection rather than a default cellular connection, then this configuration must be done by using the [CM\_CellularEntries configuration service provider](cm-cellularentries-csp.md) and the [CM\_ProxyEntries configuration service provider](cm-proxyentries-csp.md) to map the H-SLP server with the required connection.
 
 ## OMA Client Provisioning examples
 
 
-Adding new configuration information for a H-SLP server for SUPL. Values in italic must be replaced with correct settings for the mobile operator network. A valid binary blob must be included for the root certificate data value.
+Adding new configuration information for an H-SLP server for SUPL. Values in italic must be replaced with correct settings for the mobile operator network. A valid binary blob must be included for the root certificate data value.
 
 ```xml
 <?xml version="1.0" encoding="utf-8"?>
diff --git a/windows/client-management/mdm/surfacehub-csp.md b/windows/client-management/mdm/surfacehub-csp.md
index f900bbac72..1e276239dd 100644
--- a/windows/client-management/mdm/surfacehub-csp.md
+++ b/windows/client-management/mdm/surfacehub-csp.md
@@ -16,7 +16,7 @@ ms.date: 07/28/2017
 
 The SurfaceHub configuration service provider (CSP) is used to configure Microsoft Surface Hub settings. This CSP was added in Windows 10, version 1511.
 
-The following shows the SurfaceHub CSP management objects in tree format.
+The following example shows the SurfaceHub CSP management objects in tree format.
 ```
 ./Vendor/MSFT
 SurfaceHub
@@ -147,12 +147,12 @@ SurfaceHub
 4. Execute the ValidateAndCommit node.
 
 <a href="" id="deviceaccount-domainname"></a>**DeviceAccount/DomainName**
-<p>Domain of the device account when you are using Active Directory. To use a device account from Active Directory, you should specify both DomainName and UserName for the device account.
+<p>Domain of the device account when you're using Active Directory. To use a device account from Active Directory, you should specify both DomainName and UserName for the device account.
 
 <p>The data type is string. Supported operation is Get and Replace.
 
 <a href="" id="deviceaccount-username"></a>**DeviceAccount/UserName**
-<p>Username of the device account when you are using Active Directory. To use a device account from Active Directory, you should specify both DomainName and UserName for the device account.
+<p>Username of the device account when you're using Active Directory. To use a device account from Active Directory, you should specify both DomainName and UserName for the device account.
 
 <p>The data type is string. Supported operation is Get and Replace.
 
@@ -208,7 +208,7 @@ SurfaceHub
 
 <a href="" id="deviceaccount-errorcontext"></a>**DeviceAccount/ErrorContext**
 
-If there is an error calling ValidateAndCommit, there is additional context for that error in this node. Here are the possible error values:
+If there's an error calling ValidateAndCommit, there's another context for that error in this node. Here are the possible error values:
 
 | ErrorContext value | Stage where error occurred | Description and suggestions |
 | --- | --- | --- |
@@ -242,7 +242,7 @@ The data type is integer. Supported operation is Get.
 <p>Added in Windows 10, version 1703. Node for the Skype for Business settings.
 
 <a href="" id="inboxapps-skypeforbusiness-domainname"></a>**InBoxApps/SkypeForBusiness/DomainName**
-<p>Added in Windows 10, version 1703. Specifies the domain of the Skype for Business account when you are using Active Directory. For more information, see <a href="/SkypeForBusiness/set-up-skype-for-business-online" data-raw-source="[Set up Skype for Business Online](/SkypeForBusiness/set-up-skype-for-business-online)">Set up Skype for Business Online</a>.
+<p>Added in Windows 10, version 1703. Specifies the domain of the Skype for Business account when you're using Active Directory. For more information, see <a href="/SkypeForBusiness/set-up-skype-for-business-online" data-raw-source="[Set up Skype for Business Online](/SkypeForBusiness/set-up-skype-for-business-online)">Set up Skype for Business Online</a>.
 
 <p>The data type is string. Supported operation is Get and Replace.
 
@@ -255,7 +255,7 @@ The data type is integer. Supported operation is Get.
 <p>The data type is boolean. Supported operation is Get and Replace.
 
 <a href="" id="inboxapps-welcome-currentbackgroundpath"></a>**InBoxApps/Welcome/CurrentBackgroundPath**
-<p>Download location for image to be used as the background during user sessions and on the welcome screen. To set this, specify an https URL to a 32-bit PNG file (only PNGs are supported for security reasons). If any certificate authorities need to be trusted in order to access the URL, please ensure they are valid and installed on the Hub, otherwise it may not be able to load the image.
+<p>Download location for image to be used as the background during user sessions and on the welcome screen. To set this location, specify an https URL to a 32-bit PNG file (only PNGs are supported for security reasons). If any certificate authorities need to be trusted in order to access the URL, ensure they're valid and installed on the Hub, otherwise it may not be able to load the image.
 
 <p>The data type is string. Supported operation is Get and Replace.
 
@@ -273,17 +273,17 @@ The data type is integer. Supported operation is Get.
 <p>Node for the Whiteboard app settings.
 
 <a href="" id="inboxapps-whiteboard-sharingdisabled"></a>**InBoxApps/Whiteboard/SharingDisabled**
-<p>Invitations to collaborate from the Whiteboard app are not allowed.
+<p>Invitations to collaborate from the Whiteboard app aren't allowed.
 
 <p>The data type is boolean. Supported operation is Get and Replace.
 
 <a href="" id="inboxapps-whiteboard-signindisabled"></a>**InBoxApps/Whiteboard/SigninDisabled**
-<p>Sign-ins from the Whiteboard app are not allowed.
+<p>Sign-ins from the Whiteboard app aren't allowed.
 
 <p>The data type is boolean. Supported operation is Get and Replace.
 
 <a href="" id="inboxapps-whiteboard-telemetrydisabled"></a>**InBoxApps/Whiteboard/TelemeteryDisabled**
-<p>Telemetry collection from the Whiteboard app is not allowed.
+<p>Telemetry collection from the Whiteboard app isn't allowed.
 
 <p>The data type is boolean. Supported operation is Get and Replace.
 
@@ -430,21 +430,21 @@ The data type is integer. Supported operation is Get.
 <p>The data type is boolean. Supported operation is Get and Replace.
 
 <a href="" id="properties-proxyservers"></a>**Properties/ProxyServers**
-<p>Added in <a href="https://support.microsoft.com/help/4499162" data-raw-source="[KB4499162](https://support.microsoft.com/help/4499162)">KB4499162</a> for Windows 10, version 1703. Specifies FQDNs of proxy servers to provide device account credentials to before any user interaction (if AllowAutoProxyAuth is enabled). This is a semi-colon separated list of server names, without any additional prefixes (e.g. https://).
+<p>Added in <a href="https://support.microsoft.com/help/4499162" data-raw-source="[KB4499162](https://support.microsoft.com/help/4499162)">KB4499162</a> for Windows 10, version 1703. Specifies FQDNs of proxy servers to provide device account credentials to before any user interaction (if AllowAutoProxyAuth is enabled). This FQDN is a semi-colon separated list of server names, without any extra prefixes (for example, https://).
 
 <p>The data type is string. Supported operation is Get and Replace.
 
 <a href="" id="properties-disablesigninsuggestions"></a>**Properties/DisableSigninSuggestions**
 <p>Added in Windows 10, version 1703. Specifies whether to disable auto-populating of the sign-in dialog with invitees from scheduled meetings.
 
-<p>If this setting is true, the sign-in dialog will not be populated. If false, the dialog will auto-populate.
+<p>If this setting is true, the sign-in dialog won't be populated. If false, the dialog will auto-populate.
 
 <p>The data type is boolean. Supported operation is Get and Replace.
 
 <a href="" id="properties-donotshowmymeetingsandfiles"></a>**Properties/DoNotShowMyMeetingsAndFiles**
 <p>Added in Windows 10, version 1703. Specifies whether to disable the &quot;My meetings and files&quot; feature in the Start menu, which shows the signed-in user&#39;s meetings and files from Office 365.
 
-<p>If this setting is true, the “My meetings and files” feature will not be shown. When false, the “My meetings and files” feature will be shown.
+<p>If this setting is true, the “My meetings and files” feature won't be shown. When false, the “My meetings and files” feature will be shown.
 
 <p>The data type is boolean. Supported operation is Get and Replace.
 
@@ -452,7 +452,7 @@ The data type is integer. Supported operation is Get.
 <p>Node for the Microsoft Operations Management Suite.
 
 <a href="" id="momagent-workspaceid"></a>**MOMAgent/WorkspaceID**
-<p>GUID identifying the Microsoft Operations Management Suite workspace ID to collect the data. Set this to an empty string to disable the MOM agent.
+<p>GUID identifying the Microsoft Operations Management Suite workspace ID to collect the data. Set this GUID to an empty string to disable the MOM agent.
 
 <p>The data type is string. Supported operation is Get and Replace.
 
diff --git a/windows/client-management/mdm/understanding-admx-backed-policies.md b/windows/client-management/mdm/understanding-admx-backed-policies.md
index ea7fed9759..da5516f990 100644
--- a/windows/client-management/mdm/understanding-admx-backed-policies.md
+++ b/windows/client-management/mdm/understanding-admx-backed-policies.md
@@ -26,11 +26,11 @@ Depending on the specific category of the settings that they control (OS or appl
 - OS settings: Computer Configuration/Administrative Templates
 - Application settings: User Configuration/Administrative Templates 
 
-In a domain controller/Group Policy ecosystem, Group Policies are automatically added to the registry of the client computer or user profile by the Administrative Templates Client Side Extension (CSE) whenever the client computer processes a Group Policy. Conversely, in an MDM-managed client, ADMX files are leveraged to define policies independent of Group Policies. Therefore, in an MDM-managed client, a Group Policy infrastructure, including the Group Policy Service (gpsvc.exe), is not required.
+In a domain controller/Group Policy ecosystem, Group Policies are automatically added to the registry of the client computer or user profile by the Administrative Templates Client Side Extension (CSE) whenever the client computer processes a Group Policy. Conversely, in an MDM-managed client, ADMX files are applied to define policies independent of Group Policies. Therefore, in an MDM-managed client, a Group Policy infrastructure, including the Group Policy Service (gpsvc.exe), isn't required.
 
-An ADMX file can either be shipped with Windows (located at `%SystemRoot%\policydefinitions`) or it can be ingested to a device through the Policy CSP URI (`./Vendor/MSFT/Policy/ConfigOperations/ADMXInstall`). Inbox ADMX files are processed into MDM policies at OS-build time. ADMX files that are ingested are processed into MDM policies post-OS shipment through the Policy CSP. Because the Policy CSP does not rely upon any aspect of the Group Policy client stack, including the PC's Group Policy Service (GPSvc), the policy handlers that are ingested to the device are able to react to policies that are set by the MDM.
+An ADMX file can either be shipped with Windows (located at `%SystemRoot%\policydefinitions`) or it can be ingested to a device through the Policy CSP URI (`./Vendor/MSFT/Policy/ConfigOperations/ADMXInstall`). Inbox ADMX files are processed into MDM policies at OS-build time. ADMX files that are ingested are processed into MDM policies post-OS shipment through the Policy CSP. Because the Policy CSP doesn't rely upon any aspect of the Group Policy client stack, including the PC's Group Policy Service (GPSvc), the policy handlers that are ingested to the device are able to react to policies that are set by the MDM.
 
-Windows maps the name and category path of a Group Policy to a MDM policy area and policy name by parsing the associated ADMX file, finding the specified Group Policy, and storing the definition (metadata) in the MDM Policy CSP client store. When the MDM policy is referenced by a SyncML command and the Policy CSP URI, `.\[device|user]\vendor\msft\policy\[config|result]\<area>\<policy>`, this metadata is referenced and determines which registry keys are set or removed. For a list of ADMX policies supported by MDM, see [Policy CSP - ADMX policies](./policy-configuration-service-provider.md).
+Windows maps the name and category path of a Group Policy to an MDM policy area and policy name by parsing the associated ADMX file, finding the specified Group Policy, and storing the definition (metadata) in the MDM Policy CSP client store. When the MDM policy is referenced by a SyncML command and the Policy CSP URI, `.\[device|user]\vendor\msft\policy\[config|result]\<area>\<policy>`, this metadata is referenced and determines which registry keys are set or removed. For a list of ADMX policies supported by MDM, see [Policy CSP - ADMX policies](./policy-configuration-service-provider.md).
 
 <!-- [!TIP] -->
 <!--  Intune has added a number of ADMX administrative templates in public preview. Check if the policy settings you need are available in a template before using the SyncML method described below. [Learn more about Intune's administrative templates.](/intune/administrative-templates-windows) -->
@@ -62,14 +62,14 @@ The following diagram shows the settings for the "Publishing Server 2 Settings"
 
 ![Group Policy publisher server 2 settings.](images/group-policy-publisher-server-2-settings.png)
 
-Note that most Group Policies are a simple Boolean type. For a Boolean Group Policy, if you select **Enabled**, the options panel contains no data input fields and the payload of the SyncML is simply `<enabled/>`. However, if there are data input fields in the options panel, the MDM server must supply this data. The following *Enabling a Group Policy* example illustrates this complexity. In this example, 10 name-value pairs are described by `<data />` tags in the payload, which correspond to the 10 data input fields in the Group Policy Editor options panel for the "Publishing Server 2 Settings" Group Policy. The ADMX file, which defines the Group Policies, is consumed by the MDM server, similarly to how the Group Policy Editor consumes it. The Group Policy Editor displays a UI to receive the complete Group Policy instance data, which the MDM server's IT administrator console must also do. For every `<text>` element and id attribute in the ADMX policy definition, there must be a corresponding `<data />` element and id attribute in the payload. The ADMX file drives the policy definition and is required by the MDM server via the SyncML protocol.
+Most Group Policies are a simple Boolean type. For a Boolean Group Policy, if you select **Enabled**, the options panel contains no data input fields and the payload of the SyncML is simply `<enabled/>`. However, if there are data input fields in the options panel, the MDM server must supply this data. The following *Enabling a Group Policy* example illustrates this complexity. In this example, 10 name-value pairs are described by `<data />` tags in the payload, which correspond to the 10 data input fields in the Group Policy Editor options panel for the "Publishing Server 2 Settings" Group Policy. The ADMX file, which defines the Group Policies, is consumed by the MDM server, similarly to how the Group Policy Editor consumes it. The Group Policy Editor displays a UI to receive the complete Group Policy instance data, which the MDM server's IT administrator console must also do. For every `<text>` element and ID attribute in the ADMX policy definition, there must be a corresponding `<data />` element and ID attribute in the payload. The ADMX file drives the policy definition and is required by the MDM server via the SyncML protocol.
 
 > [!IMPORTANT]
 > Any data entry field that is displayed in the Group Policy page of the Group Policy Editor must be supplied in the encoded XML of the SyncML payload. The SyncML data payload is equivalent to the user-supplied Group Policy data through GPEdit.msc. 
 
 For more information about the Group Policy description format, see [Administrative Template File (ADMX) format](/previous-versions/windows/desktop/Policy/admx-schema). Elements can be Text, MultiText, Boolean, Enum, Decimal, or List (for more information, see [policy elements](/previous-versions/windows/desktop/Policy/element-elements)). 
 
-For example, if you search for the string, "Publishing_Server2_Name_Prompt" in both the *Enabling a policy* example and its corresponding ADMX policy definition in the appv.admx file, you will find the following occurrences:
+For example, if you search for the string, "Publishing_Server2_Name_Prompt" in both the *Enabling a policy* example and its corresponding ADMX policy definition in the appv.admx file, you'll find the following occurrences:
 
 Enabling a policy example:
 ```XML
@@ -85,7 +85,7 @@ Appv.admx file:
 
 ## <a href="" id="admx-backed-policy-examples"></a>ADMX policy examples
 
-The following SyncML examples describe how to set a MDM policy that is defined by an ADMX template, specifically the Publishing_Server2_Policy Group Policy description in the application virtualization ADMX file, appv.admx. Note that the functionality that this Group Policy manages is not important; it is used to illustrate only how an MDM ISV can set an ADMX policy. These SyncML examples illustrate common options and the corresponding SyncML code that can be used for testing your policies. Note that the payload of the SyncML must be XML-encoded; for this XML encoding, you can use favorite online tool. To avoid encoding the payload, you can use CData if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
+The following SyncML examples describe how to set an MDM policy that is defined by an ADMX template, specifically the Publishing_Server2_Policy Group Policy description in the application virtualization ADMX file, appv.admx. The functionality that this Group Policy manages isn't important; it's used to illustrate only how an MDM ISV can set an ADMX policy. These SyncML examples illustrate common options and the corresponding SyncML code that can be used for testing your policies. The payload of the SyncML must be XML-encoded; for this XML encoding, you can use favorite online tool. To avoid encoding the payload, you can use CData if your MDM supports it. For more information, see [CDATA Sections](http://www.w3.org/TR/REC-xml/#sec-cdata-sect).
 
 
 ### <a href="" id="enabling-a-policy"></a>Enabling a policy
@@ -231,13 +231,13 @@ The following SyncML examples describe how to set a MDM policy that is defined b
 
 This section describes sample SyncML for the various ADMX elements like Text, Multi-Text, Decimal, Boolean, and List.
 
-### <a href="" id="how-a-group-policy-policy-category-path-and-name-are-mapped-to-a-mdm-area-and-policy-name"></a>How a Group Policy policy category path and name are mapped to a MDM area and policy name
+### <a href="" id="how-a-group-policy-policy-category-path-and-name-are-mapped-to-a-mdm-area-and-policy-name"></a>How a Group Policy policy category path and name are mapped to an MDM area and policy name
 
-Below is the internal OS mapping of a Group Policy to a MDM area and name. This is part of a set of Windows manifest that when compiled parses out the associated ADMX file, finds the specified Group Policy policy and stores that definition (metadata) in the MDM Policy CSP client store.  ADMX backed policies are organized hierarchically. Their scope can be **machine**, **user**, or have a scope of **both**. When the MDM policy is referred to through a SyncML command and the Policy CSP URI, as shown below, this metadata is referenced and determines what registry keys are set or removed. Machine-scope policies are referenced via .\Device and the user scope policies via .\User. 
+Below is the internal OS mapping of a Group Policy to an MDM area and name. This mapping is part of a set of Windows manifest that when compiled parses out the associated ADMX file, finds the specified Group Policy policy and stores that definition (metadata) in the MDM Policy CSP client store.  ADMX backed policies are organized hierarchically. Their scope can be **machine**, **user**, or have a scope of **both**. When the MDM policy is referred to through a SyncML command and the Policy CSP URI, as shown below, this metadata is referenced and determines what registry keys are set or removed. Machine-scope policies are referenced via .\Device and the user scope policies via .\User. 
 
 `./[Device|User]/Vendor/MSFT/Policy/Config/[config|result]/<area>/<policy>`
 
-Note that the data payload of the SyncML needs to be encoded so that it does not conflict with the boilerplate SyncML XML tags. Use this online tool for encoding and encoding the policy data [Coder's Toolbox](http://coderstoolbox.net/string/#!encoding=xml&action=encode&charset=us_ascii)
+The data payload of the SyncML needs to be encoded so that it doesn't conflict with the boilerplate SyncML XML tags. Use this online tool for encoding and encoding the policy data [Coder's Toolbox](http://coderstoolbox.net/string/#!encoding=xml&action=encode&charset=us_ascii)
 
 **Snippet of manifest for AppVirtualization area:**
 
@@ -306,7 +306,7 @@ The `text` element simply corresponds to a string and correspondingly to an edit
 
 ### <a href="" id="multitext-element"></a>MultiText Element
 
-The `multiText` element simply corresponds to a REG_MULTISZ registry string and correspondingly to a grid to enter multiple strings in a policy panel display by gpedit.msc.  Note that it is expected that each string in the SyncML is to be separated by the Unicode character 0xF000 (encoded version: `&#xF000;`)
+The `multiText` element simply corresponds to a REG_MULTISZ registry string and correspondingly to a grid to enter multiple strings in a policy panel display by gpedit.msc.  It's expected that each string in the SyncML is to be separated by the Unicode character 0xF000 (encoded version: `&#xF000;`)
 
 ```XML
 <policy name="Virtualization_JITVAllowList" class="Machine" displayName="$(string.Virtualization_JITVAllowList)"
@@ -347,12 +347,12 @@ The `multiText` element simply corresponds to a REG_MULTISZ registry string and
 
 ### <a href="" id="list-element"></a>List Element (and its variations)
 
-The `list` element simply corresponds to a hive of REG_SZ registry strings and correspondingly to a grid to enter multiple strings in a policy panel display by gpedit.msc. How this is represented in SyncML is as a string containing pairs of strings. Each pair is a REG_SZ name/value key. It is best to apply the policy through gpedit.msc (run as Administrator) and go to the registry hive location and see how the list values are stored. This will give you an idea of the way the name/value pairs are stored to express it through SyncML.
+The `list` element simply corresponds to a hive of REG_SZ registry strings and correspondingly to a grid to enter multiple strings in a policy panel display by gpedit.msc. How this element is represented in SyncML is as a string containing pairs of strings. Each pair is a REG_SZ name/value key. It's best to apply the policy through gpedit.msc (run as Administrator) and go to the registry hive location and see how the list values are stored. This location will give you an idea of the way the name/value pairs are stored to express it through SyncML.
 
 > [!NOTE]
-> It is expected that each string in the SyncML is to be separated by the Unicode character 0xF000 (encoded version: `&#xF000;`).
+> It's expected that each string in the SyncML is to be separated by the Unicode character 0xF000 (encoded version: `&#xF000;`).
 
-Variations of the `list` element are dictated by attributes. These attributes are ignored by the Policy Manager runtime. It is expected that the MDM server manages the name/value pairs. See below for a simple write up of Group Policy List.
+Variations of the `list` element are dictated by attributes. These attributes are ignored by the Policy Manager runtime. It's expected that the MDM server manages the name/value pairs. See below for a simple write-up of Group Policy List.
 
 **ADMX file: inetres.admx**
 
diff --git a/windows/client-management/mdm/unifiedwritefilter-csp.md b/windows/client-management/mdm/unifiedwritefilter-csp.md
index 186d8823ae..1904740772 100644
--- a/windows/client-management/mdm/unifiedwritefilter-csp.md
+++ b/windows/client-management/mdm/unifiedwritefilter-csp.md
@@ -19,7 +19,7 @@ The UnifiedWriteFilter (UWF) configuration service provider enables the IT admin
 
 > **Note**  The UnifiedWriteFilter CSP is only supported in Windows 10 Enterprise and Windows 10 Education.
 
-The following shows the UWF configuration service provider in tree format.
+The following example shows the UWF configuration service provider in tree format.
 ```
 ./Vendor/MSFT
 UnifiedWriteFilter
@@ -114,12 +114,12 @@ Setting the value
 
 To “move” swapfile to another volume, set the SwapfileSize property on that other volume's CSP note to non-zero.
 
-Currently SwapfileSize should not be relied for determining or controlling the overlay size, 
+Currently SwapfileSize shouldn't be relied for determining or controlling the overlay size, 
 
 <a href="" id="currentsession-maximumoverlaysize"></a>**CurrentSession/MaximumOverlaySize** or <a href="" id="nextsession-maximumoverlaysize"></a>**NextSession/MaximumOverlaySize**
 should be used for that purpose.
 
-:::image type="content" source="images/overlaysetting.png" alt-text="This is the overlay setting.":::
+:::image type="content" source="images/overlaysetting.png" alt-text="The overlay setting.":::
 
 > [!NOTE]
 > Only single swapfile is supported in current implementation and creating swapfile on specific volume will disable any other swapfile created on other volumes.
@@ -141,12 +141,12 @@ Required. Indicates the maximum cache size, in megabytes, of the overlay in the
 The only supported operation is Get.
 
 <a href="" id="currentsession-persisitdomainsecretkey"></a>**CurrentSession/PersisitDomainSecretKey**  
-Required. Indicates if the domain secret registry key is in the registry exclusion list. If the registry key is not in the exclusion list, changes do not persist after a restart.
+Required. Indicates if the domain secret registry key is in the registry exclusion list. If the registry key isn't in the exclusion list, changes don't persist after a restart.
 
 The only supported operation is Get.
 
 <a href="" id="currentsession-persisttscal"></a>**CurrentSession/PersistTSCAL**  
-Required. Indicates if the Terminal Server Client Access License (TSCAL) registry key is in the UWF registry exclusion list. If the registry key is not in the exclusion list, changes do not persist after a restart.
+Required. Indicates if the Terminal Server Client Access License (TSCAL) registry key is in the UWF registry exclusion list. If the registry key isn't in the exclusion list, changes don't persist after a restart.
 
 The only supported operation is Get.
 
@@ -180,7 +180,7 @@ Required. Indicates the type of binding that the volume uses in the current sess
 The only supported operation is Get.
 
 <a href="" id="currentsession-volume-volume-driveletter"></a>**CurrentSession/Volume/*Volume*/DriveLetter**  
-Required. The drive letter of the volume. If the volume does not have a drive letter, this value is NULL.
+Required. The drive letter of the volume. If the volume doesn't have a drive letter, this value is NULL.
 
 The only supported operation is Get.
 
@@ -203,7 +203,7 @@ Required. This method deletes the specified file and commits the deletion to the
 Supported operations are Get and Execute.
 
 <a href="" id="currentsession-shutdownpending"></a>**CurrentSession/ShutdownPending**  
-Required. This value is True if the system is pending on shutdown. Otherwise, it is False.
+Required. This value is True if the system is pending on shutdown. Otherwise, it's False.
 
 The only supported operation is Get.
 
@@ -243,12 +243,12 @@ Required. Indicates the maximum cache size, in megabytes, of the overlay for the
 Supported operations are Get and Replace.
 
 <a href="" id="nextsession-persisitdomainsecretkey"></a>**NextSession/PersisitDomainSecretKey**  
-Required. Indicates if the domain secret registry key is in the registry exclusion list. If the registry key is not in the exclusion list, changes do not persist after a restart.
+Required. Indicates if the domain secret registry key is in the registry exclusion list. If the registry key isn't in the exclusion list, changes don't persist after a restart.
 
 Supported operations are Get and Replace.
 
 <a href="" id="nextsession-persisttscal"></a>**NextSession/PersistTSCAL**  
-Required. Indicates if the Terminal Server Client Access License (TSCAL) registry key is in the UWF registry exclusion list. If the registry key is not in the exclusion list, changes do not persist after a restart.
+Required. Indicates if the Terminal Server Client Access License (TSCAL) registry key is in the UWF registry exclusion list. If the registry key isn't in the exclusion list, changes don't persist after a restart.
 
 Supported operations are Get and Replace.
 
@@ -286,7 +286,7 @@ Required. Indicates the type of binding that the volume uses in the next session
 Supported operations are Get and Replace.
 
 <a href="" id="nextsession-volume-volume-driveletter"></a>**NextSession/Volume/*Volume*/DriveLetter**  
-The drive letter of the volume. If the volume does not have a drive letter, this value is NULL.
+The drive letter of the volume. If the volume doesn't have a drive letter, this value is NULL.
 
 The only supported operation is Get.
 
diff --git a/windows/client-management/mdm/update-csp.md b/windows/client-management/mdm/update-csp.md
index c57a52f15f..c728cdb027 100644
--- a/windows/client-management/mdm/update-csp.md
+++ b/windows/client-management/mdm/update-csp.md
@@ -19,7 +19,7 @@ The Update configuration service provider enables IT administrators to manage an
 > [!NOTE]
 > The Update CSP functionality of 'ApprovedUpdates' is not recommended for managing desktop devices. To manage updates to desktop devices from Windows Update, see the [Policy CSP - Updates](policy-csp-update.md) documentation for the recommended policies.
 
-The following shows the Update configuration service provider in tree format.
+The following example shows the Update configuration service provider in tree format.
 
 ```
 ./Vendor/MSFT/Update
@@ -62,9 +62,9 @@ The following shows the Update configuration service provider in tree format.
 > [!NOTE]
 > When the RequireUpdateApproval policy is set, the MDM uses the ApprovedUpdates list to pass the approved GUIDs. These GUIDs should be a subset of the InstallableUpdates list.
 
-<p>The MDM must first present the EULA to IT and have them accept it before the update is approved. Failure to do this is a breach of legal or contractual obligations. The EULAs can be obtained from the update metadata and have their own EULA ID. It&#39;s possible for multiple updates to share the same EULA. It is only necessary to approve the EULA once per EULA ID, not one per update.
+<p>The MDM must first present the EULA to IT and have them accept it before the update is approved. Failure to do this presentation is a breach of legal or contractual obligations. The EULAs can be obtained from the update metadata and have their own EULA ID. It&#39;s possible for multiple updates to share the same EULA. It's only necessary to approve the EULA once per EULA ID, not one per update.
 
-<p>The update approval list enables IT to approve individual updates and update classifications. Auto-approval by update classifications allows IT to automatically approve Definition Updates (i.e., updates to the virus and spyware definitions on devices) and Security Updates (i.e., product-specific updates for security-related vulnerability). The update approval list does not support the uninstallation of updates by revoking approval of already installed updates. Updates are approved based on UpdateID, and an UpdateID only needs to be approved once. An update UpdateID and RevisionNumber are part of the UpdateIdentity type. An UpdateID can be associated to several UpdateIdentity GUIDs due to changes to the RevisionNumber setting. MDM services must synchronize the UpdateIdentity of an UpdateID based on the latest RevisionNumber to get the latest metadata for an update. However, update approval is based on UpdateID.
+<p>The update approval list enables IT to approve individual updates and update classifications. Auto-approval by update classifications allows IT to automatically approve Definition Updates (that is, updates to the virus and spyware definitions on devices) and Security Updates (that is, product-specific updates for security-related vulnerability). The update approval list doesn't support the uninstallation of updates by revoking approval of already installed updates. Updates are approved based on UpdateID, and an UpdateID only needs to be approved once. An update UpdateID and RevisionNumber are part of the UpdateIdentity type. An UpdateID can be associated to several UpdateIdentity GUIDs due to changes to the RevisionNumber setting. MDM services must synchronize the UpdateIdentity of an UpdateID based on the latest RevisionNumber to get the latest metadata for an update. However, update approval is based on UpdateID.
 
 > [!NOTE]
 > For the Windows 10 build, the client may need to reboot after additional updates are added.
@@ -74,7 +74,7 @@ The following shows the Update configuration service provider in tree format.
 <a href="" id="approvedupdates-approved-update-guid"></a>**ApprovedUpdates/_Approved Update Guid_**
 <p>Specifies the update GUID.
 
-<p>To auto-approve a class of updates, you can specify the <a href="/previous-versions/windows/desktop/ff357803(v=vs.85)" data-raw-source="[Update Classifications](/previous-versions/windows/desktop/ff357803(v=vs.85))">Update Classifications</a> GUIDs. We strongly recommend to always specify the DefinitionsUpdates classification (E0789628-CE08-4437-BE74-2495B842F43B), which are used for anti-malware signatures. These are released periodically (several times a day). Some businesses may also want to auto-approve security updates to get them deployed quickly.
+<p>To auto-approve a class of updates, you can specify the <a href="/previous-versions/windows/desktop/ff357803(v=vs.85)" data-raw-source="[Update Classifications](/previous-versions/windows/desktop/ff357803(v=vs.85))">Update Classifications</a> GUIDs. We strongly recommend to always specify the DefinitionsUpdates classification (E0789628-CE08-4437-BE74-2495B842F43B), which are used for anti-malware signatures. These GUIDs are released periodically (several times a day). Some businesses may also want to auto-approve security updates to get them deployed quickly.
 
 <p>Supported operations are Get and Add.
 
@@ -130,7 +130,7 @@ The following shows the Update configuration service provider in tree format.
 <p>Supported operation is Get.
 
 <a href="" id="installableupdates"></a>**InstallableUpdates**
-<p>The updates that are applicable and not yet installed on the device. This includes updates that are not yet approved.
+<p>The updates that are applicable and not yet installed on the device. These updates include updates that aren't yet approved.
 
 <p>Supported operation is Get.
 
@@ -193,7 +193,7 @@ Added in Windows 10, version 1803. Roll back latest Quality Update, if the machi
 - Condition 2: Device must be in a Paused State
 - Condition 3: Device must have the Latest Quality Update installed on the device (Current State)
 
-If the conditions are not true, the device will not Roll Back the Latest Quality Update.
+If the conditions aren't true, the device won't Roll Back the Latest Quality Update.
 
 <a href="" id="rollback-featureupdate"></a>**Rollback/FeatureUpdate**
 Added in Windows 10, version 1803. Roll Back Latest Feature Update, if the machine meets the following conditions:
@@ -206,7 +206,7 @@ Added in Windows 10, version 1803. Roll Back Latest Feature Update, if the machi
 > [!NOTE]
 > This only works for General Availability Channel Targeted devices.
 
-If the conditions are not true, the device will not Roll Back the Latest Feature Update.
+If the conditions aren't true, the device won't Roll Back the Latest Feature Update.
 
 <a href="" id="rollback-qualityupdatestatus"></a>**Rollback/QualityUpdateStatus**
 Added in Windows 10, version 1803. Returns the result of last RollBack QualityUpdate operation.
diff --git a/windows/client-management/mdm/using-powershell-scripting-with-the-wmi-bridge-provider.md b/windows/client-management/mdm/using-powershell-scripting-with-the-wmi-bridge-provider.md
index dc580c2252..7dee32b407 100644
--- a/windows/client-management/mdm/using-powershell-scripting-with-the-wmi-bridge-provider.md
+++ b/windows/client-management/mdm/using-powershell-scripting-with-the-wmi-bridge-provider.md
@@ -1,6 +1,6 @@
 ---
 title: Using PowerShell scripting with the WMI Bridge Provider
-description: This topic covers using PowerShell Cmdlet scripts to configure per-user and per-device policy settings, as well as how to invoke methods through the WMI Bridge Provider.
+description: This topic covers using PowerShell Cmdlet scripts to configure per-user and per-device policy settings, and how to invoke methods through the WMI Bridge Provider.
 ms.assetid: 238D45AD-3FD8-46F9-B7FB-6AEE42BE4C08
 ms.reviewer: 
 manager: dansimp
@@ -14,7 +14,7 @@ ms.date: 06/26/2017
 
 # Using PowerShell scripting with the WMI Bridge Provider
 
-This topic covers using PowerShell Cmdlet scripts to configure per-user and per-device policy settings, as well as how to invoke methods through the [WMI Bridge Provider](/windows/win32/dmwmibridgeprov/mdm-bridge-wmi-provider-portal).
+This topic covers using PowerShell Cmdlet scripts to configure per-user and per-device policy settings, and how to invoke methods through the [WMI Bridge Provider](/windows/win32/dmwmibridgeprov/mdm-bridge-wmi-provider-portal).
 
 
 ## Configuring per-device policy settings
@@ -89,7 +89,7 @@ class MDM_Policy_User_Config01_Authentication02
 
  
 
-If accessing or modifying settings for a different user, then the PowerShell script is more complicated because the WMI Bridge expects the user SID to be set in MI Custom Context, which is not supported in native PowerShell cmdlets.
+If accessing or modifying settings for a different user, then the PowerShell script is more complicated because the WMI Bridge expects the user SID to be set in MI Custom Context, which isn't supported in native PowerShell cmdlets.
 
 > **Note**   All commands must executed under local system.
 

From 59e207f77644faba43d6b989bee3d8d20ce23294 Mon Sep 17 00:00:00 2001
From: gkomatsu <gkomatsu@microsoft.com>
Date: Thu, 21 Apr 2022 09:13:48 -0700
Subject: [PATCH 095/123] Update policy-csp-remotedesktop.md

Changed URL format from link to non-link
---
 windows/client-management/mdm/policy-csp-remotedesktop.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/client-management/mdm/policy-csp-remotedesktop.md b/windows/client-management/mdm/policy-csp-remotedesktop.md
index a673c8f950..b4b1b65ef8 100644
--- a/windows/client-management/mdm/policy-csp-remotedesktop.md
+++ b/windows/client-management/mdm/policy-csp-remotedesktop.md
@@ -59,7 +59,7 @@ manager: dansimp
 <!--/Scope-->
 <!--Description-->
 
-This policy allows administrators to enable automatic subscription for the Microsoft Remote Desktop client. If you define this policy, the specified URL is used by the client to silently subscribe the logged on user and retrieve the remote resources assigned to them. To automatically subscribe to Azure Virtual Desktop in the Azure Public cloud, set the URL to <https://rdweb.wvd.microsoft.com/api/arm/feeddiscovery>.
+This policy allows administrators to enable automatic subscription for the Microsoft Remote Desktop client. If you define this policy, the specified URL is used by the client to silently subscribe the logged on user and retrieve the remote resources assigned to them. To automatically subscribe to Azure Virtual Desktop in the Azure Public cloud, set the URL to 'https://rdweb.wvd.microsoft.com/api/arm/feeddiscovery'.
 
 <!--/Description-->
 

From 1204ee761c4771c2c3d9130211c8a508e2fbdeb9 Mon Sep 17 00:00:00 2001
From: gkomatsu <gkomatsu@microsoft.com>
Date: Thu, 21 Apr 2022 14:18:34 -0700
Subject: [PATCH 096/123] Update policy-csp-remotedesktop.md

Updated URL with `
---
 windows/client-management/mdm/policy-csp-remotedesktop.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/client-management/mdm/policy-csp-remotedesktop.md b/windows/client-management/mdm/policy-csp-remotedesktop.md
index b4b1b65ef8..7d2559655b 100644
--- a/windows/client-management/mdm/policy-csp-remotedesktop.md
+++ b/windows/client-management/mdm/policy-csp-remotedesktop.md
@@ -59,7 +59,7 @@ manager: dansimp
 <!--/Scope-->
 <!--Description-->
 
-This policy allows administrators to enable automatic subscription for the Microsoft Remote Desktop client. If you define this policy, the specified URL is used by the client to silently subscribe the logged on user and retrieve the remote resources assigned to them. To automatically subscribe to Azure Virtual Desktop in the Azure Public cloud, set the URL to 'https://rdweb.wvd.microsoft.com/api/arm/feeddiscovery'.
+This policy allows administrators to enable automatic subscription for the Microsoft Remote Desktop client. If you define this policy, the specified URL is used by the client to silently subscribe the logged on user and retrieve the remote resources assigned to them. To automatically subscribe to Azure Virtual Desktop in the Azure Public cloud, set the URL to `https://rdweb.wvd.microsoft.com/api/arm/feeddiscovery`.
 
 <!--/Description-->
 

From 81eee54fb1a065291e854d7e533d94bb957d6350 Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Thu, 21 Apr 2022 16:40:53 -0700
Subject: [PATCH 097/123] Update policy-csp-mixedreality.md

---
 windows/client-management/mdm/policy-csp-mixedreality.md | 1 -
 1 file changed, 1 deletion(-)

diff --git a/windows/client-management/mdm/policy-csp-mixedreality.md b/windows/client-management/mdm/policy-csp-mixedreality.md
index 2ffbcbc142..777d491a93 100644
--- a/windows/client-management/mdm/policy-csp-mixedreality.md
+++ b/windows/client-management/mdm/policy-csp-mixedreality.md
@@ -7,7 +7,6 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: dansimp
-ms.date: 1/31/2022
 ms.reviewer: 
 manager: dansimp
 ---

From 189020cf4d60119767a23709c2dcd66a27498719 Mon Sep 17 00:00:00 2001
From: Alekhya Jupudi <89069896+alekyaj@users.noreply.github.com>
Date: Fri, 22 Apr 2022 10:47:26 +0530
Subject: [PATCH 098/123] CSP improvement-part 4

This PR contains updates from Policy-CSP and Admx backed Policy article updates. The updates are mostly improvements. Thanks!
---
 .../mdm/policies-in-policy-csp-admx-backed.md |  2 +-
 ...in-policy-csp-supported-by-group-policy.md |  2 +-
 ...ed-by-hololens-1st-gen-commercial-suite.md |  2 +-
 ...by-hololens-1st-gen-development-edition.md |  2 +-
 ...es-in-policy-csp-supported-by-hololens2.md |  2 +-
 ...ies-in-policy-csp-supported-by-iot-core.md |  2 +-
 ...-in-policy-csp-supported-by-surface-hub.md |  2 +-
 ...in-policy-csp-that-can-be-set-using-eas.md |  2 +-
 .../policy-configuration-service-provider.md  | 93 ++++++++---------
 .../mdm/policy-csp-abovelock.md               |  5 +-
 .../mdm/policy-csp-accounts.md                |  8 +-
 .../mdm/policy-csp-activexcontrols.md         |  6 +-
 .../policy-csp-admx-activexinstallservice.md  |  5 +-
 .../mdm/policy-csp-admx-addremoveprograms.md  | 39 ++++----
 .../mdm/policy-csp-admx-admpwd.md             |  9 +-
 .../mdm/policy-csp-admx-appcompat.md          | 33 ++++---
 .../mdm/policy-csp-admx-appxpackagemanager.md | 20 ++--
 .../mdm/policy-csp-admx-appxruntime.md        | 23 +++--
 .../mdm/policy-csp-admx-attachmentmanager.md  | 29 +++---
 .../mdm/policy-csp-admx-auditsettings.md      |  7 +-
 .../mdm/policy-csp-admx-bits.md               | 47 ++++-----
 .../mdm/policy-csp-admx-ciphersuiteorder.md   |  8 +-
 .../mdm/policy-csp-admx-com.md                | 17 ++--
 .../mdm/policy-csp-admx-controlpanel.md       | 16 ++-
 .../policy-csp-admx-controlpaneldisplay.md    | 99 ++++++++++---------
 25 files changed, 266 insertions(+), 214 deletions(-)

diff --git a/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md b/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md
index 40aa9ba5d3..da3f1feee3 100644
--- a/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md
@@ -1,6 +1,6 @@
 ---
 title: ADMX-backed policies in Policy CSP
-description: ADMX-backed policies in Policy CSP
+description: Learn about the ADMX-backed policies in Policy CSP.
 ms.reviewer: 
 manager: dansimp
 ms.author: dansimp
diff --git a/windows/client-management/mdm/policies-in-policy-csp-supported-by-group-policy.md b/windows/client-management/mdm/policies-in-policy-csp-supported-by-group-policy.md
index 86d72e7cfe..fe99b88a1c 100644
--- a/windows/client-management/mdm/policies-in-policy-csp-supported-by-group-policy.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-supported-by-group-policy.md
@@ -1,6 +1,6 @@
 ---
 title: Policies in Policy CSP supported by Group Policy
-description: Policies in Policy CSP supported by Group Policy
+description: Learn about the policies in Policy CSP supported by Group Policy.
 ms.reviewer: 
 manager: dansimp
 ms.author: dansimp
diff --git a/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens-1st-gen-commercial-suite.md b/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens-1st-gen-commercial-suite.md
index c4bd9e3c6b..4241ee2ff7 100644
--- a/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens-1st-gen-commercial-suite.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens-1st-gen-commercial-suite.md
@@ -1,6 +1,6 @@
 ---
 title: Policies in Policy CSP supported by HoloLens (1st gen) Commercial Suite
-description: Policies in Policy CSP supported by HoloLens (1st gen) Commercial Suite
+description: Learn the policies in Policy CSP supported by HoloLens (1st gen) Commercial Suite.
 ms.reviewer: 
 manager: dansimp
 ms.author: dansimp
diff --git a/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens-1st-gen-development-edition.md b/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens-1st-gen-development-edition.md
index f2ee79c529..ce8155a947 100644
--- a/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens-1st-gen-development-edition.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens-1st-gen-development-edition.md
@@ -1,6 +1,6 @@
 ---
 title: Policies in Policy CSP supported by HoloLens (1st gen) Development Edition
-description: Policies in Policy CSP supported by HoloLens (1st gen) Development Edition
+description: Learn about the policies in Policy CSP supported by HoloLens (1st gen) Development Edition.
 ms.reviewer: 
 manager: dansimp
 ms.author: dansimp
diff --git a/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens2.md b/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens2.md
index 9529b0aec4..142d9058c1 100644
--- a/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens2.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-supported-by-hololens2.md
@@ -1,6 +1,6 @@
 ---
 title: Policies in Policy CSP supported by HoloLens 2
-description: Policies in Policy CSP supported by HoloLens 2
+description: Learn about the policies in Policy CSP supported by HoloLens 2.
 ms.reviewer: 
 manager: dansimp
 ms.author: dansimp
diff --git a/windows/client-management/mdm/policies-in-policy-csp-supported-by-iot-core.md b/windows/client-management/mdm/policies-in-policy-csp-supported-by-iot-core.md
index c06fa67c0e..0c5f378ed9 100644
--- a/windows/client-management/mdm/policies-in-policy-csp-supported-by-iot-core.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-supported-by-iot-core.md
@@ -1,6 +1,6 @@
 ---
 title: Policies in Policy CSP supported by Windows 10 IoT Core
-description: Policies in Policy CSP supported by Windows 10 IoT Core
+description: Learn about the policies in Policy CSP supported by Windows 10 IoT Core.
 ms.reviewer: 
 manager: dansimp
 ms.author: dansimp
diff --git a/windows/client-management/mdm/policies-in-policy-csp-supported-by-surface-hub.md b/windows/client-management/mdm/policies-in-policy-csp-supported-by-surface-hub.md
index 6b96be2e18..5ab411d317 100644
--- a/windows/client-management/mdm/policies-in-policy-csp-supported-by-surface-hub.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-supported-by-surface-hub.md
@@ -1,6 +1,6 @@
 ---
 title: Policies in Policy CSP supported by Microsoft Surface Hub
-description: Policies in Policy CSP supported by Microsoft Surface Hub
+description: Learn about the policies in Policy CSP supported by Microsoft Surface Hub.
 ms.reviewer: 
 manager: dansimp
 ms.author: dansimp
diff --git a/windows/client-management/mdm/policies-in-policy-csp-that-can-be-set-using-eas.md b/windows/client-management/mdm/policies-in-policy-csp-that-can-be-set-using-eas.md
index 774b575293..4f12cf7aec 100644
--- a/windows/client-management/mdm/policies-in-policy-csp-that-can-be-set-using-eas.md
+++ b/windows/client-management/mdm/policies-in-policy-csp-that-can-be-set-using-eas.md
@@ -1,6 +1,6 @@
 ---
 title: Policies in Policy CSP that can be set using Exchange Active Sync (EAS)
-description: Policies in Policy CSP that can be set using Exchange Active Sync (EAS)
+description: Learn about the policies in Policy CSP that can be set using Exchange Active Sync (EAS).
 ms.reviewer: 
 manager: dansimp
 ms.author: dansimp
diff --git a/windows/client-management/mdm/policy-configuration-service-provider.md b/windows/client-management/mdm/policy-configuration-service-provider.md
index db53557678..1b20cab90f 100644
--- a/windows/client-management/mdm/policy-configuration-service-provider.md
+++ b/windows/client-management/mdm/policy-configuration-service-provider.md
@@ -1,6 +1,6 @@
 ---
 title: Policy CSP
-description: Learn how the Policy configuration service provider (CSP) enables the enterprise to configure policies on Windows 10.
+description: Learn how the Policy configuration service provider (CSP) enables the enterprise to configure policies on Windows 10 and Windows 11.
 ms.assetid: 4F3A1134-D401-44FC-A583-6EDD3070BA4F
 ms.reviewer: 
 manager: dansimp
@@ -16,27 +16,29 @@ ms.collection: highpri
 
 # Policy CSP
 
-The Policy configuration service provider enables the enterprise to configure policies on Windows 10. Use this configuration service provider to configure any company policies.
+The Policy configuration service provider enables the enterprise to configure policies on Windows 10 and Windows 11. Use this configuration service provider to configure any company policies.
 
 The Policy configuration service provider has the following sub-categories:
 
--   Policy/Config/*AreaName* – Handles the policy configuration request from the server.
--   Policy/Result/*AreaName* – Provides a read-only path to policies enforced on the device.
+- Policy/Config/*AreaName* – Handles the policy configuration request from the server.
+- Policy/Result/*AreaName* – Provides a read-only path to policies enforced on the device.
 
 <a href="" id="policy-scope"></a>
 
 > [!Important]
-> Policy scope is the level at which a policy can be configured. Some policies can only be configured at the device level, meaning the policy will take effect independent of who is logged into the device. Other policies can be configured at the user level, meaning the policy will only take effect for that user. 
+> Policy scope is the level at which a policy can be configured. Some policies can only be configured at the device level, meaning the policy will take effect independent of who is logged into the device. Other policies can be configured at the user level, meaning the policy will only take effect for that user.
 >
-> The allowed scope of a specific policy is represented below its table of supported Windows editions.  To configure a policy under a specific scope (user vs. device), please use the following paths:
+> The allowed scope of a specific policy is represented below its table of supported Windows editions. To configure a policy under a specific scope (user vs. device), please use the following paths:
 >
 > User scope:
-> -   **./User/Vendor/MSFT/Policy/Config/_AreaName/PolicyName_** to configure the policy.
-> -   **./User/Vendor/MSFT/Policy/Result/_AreaName/PolicyName_** to get the result.
+>
+> - **./User/Vendor/MSFT/Policy/Config/_AreaName/PolicyName_** to configure the policy.
+> - **./User/Vendor/MSFT/Policy/Result/_AreaName/PolicyName_** to get the result.
 >
 > Device scope:
-> -   **./Device/Vendor/MSFT/Policy/Config/_AreaName/PolicyName_** to configure the policy.
-> -   **./Device/Vendor/MSFT/Policy/Result/_AreaName/PolicyName_** to get the result.
+>
+> - **./Device/Vendor/MSFT/Policy/Config/_AreaName/PolicyName_** to configure the policy.
+> - **./Device/Vendor/MSFT/Policy/Result/_AreaName/PolicyName_** to get the result.
 >
 > For device wide configuration the **_Device/_**  portion may be omitted from the path, deeming the following paths respectively equivalent to the paths provided above:
 >
@@ -65,89 +67,88 @@ Policy
 
 
 <a href="" id="--vendor-msft-policy"></a>**./Vendor/MSFT/Policy**  
-<p>The root node for the Policy configuration service provider.
+The root node for the Policy configuration service provider.
 
-<p>Supported operation is Get.
+Supported operation is Get.
 
 <a href="" id="policy-config"></a>**Policy/Config**  
-<p>Node for grouping all policies configured by one source. The configuration source can use this path to set policy values and later query any policy value that it previously set. One policy can be configured by multiple configuration sources. If a configuration source wants to query the result of conflict resolution (for example, if Exchange and MDM both attempt to set a value,) the configuration source can use the Policy/Result path to retrieve the resulting value.
+Node for grouping all policies configured by one source. The configuration source can use this path to set policy values and later query any policy value that it previously set. One policy can be configured by multiple configuration sources. If a configuration source wants to query the result of conflict resolution (for example, if Exchange and MDM both attempt to set a value,) the configuration source can use the Policy/Result path to retrieve the resulting value.
 
-<p>Supported operation is Get.
+Supported operation is Get.
 
 <a href="" id="policy-config-areaname"></a>**Policy/Config/_AreaName_**  
-<p>The area group that can be configured by a single technology for a single provider. Once added, you cannot change the value.
+The area group that can be configured by a single technology for a single provider. Once added, you cannot change the value.
 
-<p>Supported operations are Add, Get, and Delete.
+Supported operations are Add, Get, and Delete.
 
 <a href="" id="policy-config-areaname-policyname"></a>**Policy/Config/_AreaName/PolicyName_**  
-<p>Specifies the name/value pair used in the policy.
+Specifies the name/value pair used in the policy.
 
-<p>The following list shows some tips to help you when configuring policies:
+The following list shows some tips to help you when configuring policies:
 
--   Separate substring values by the Unicode &\#xF000; in the XML file.
+- Separate substring values by the Unicode &\#xF000; in the XML file.
 
-> [!NOTE]
-> A query from a different caller could provide a different value as each caller could have different values for a named policy.
+    > [!NOTE]
+    > A query from a different caller could provide a different value as each caller could have different values for a named policy.
 
--   In SyncML, wrap this policy with the Atomic command so that the policy settings are treated as a single transaction.
--   Supported operations are Add, Get, Delete, and Replace.
--   Value type is string.
+- In SyncML, wrap this policy with the Atomic command so that the policy settings are treated as a single transaction.
+- Supported operations are Add, Get, Delete, and Replace.
+- Value type is string.
 
 <a href="" id="policy-result"></a>**Policy/Result**  
-<p>Groups the evaluated policies from all providers that can be configured.
+Groups the evaluated policies from all providers that can be configured.
 
-<p>Supported operation is Get.
+Supported operation is Get.
 
 <a href="" id="policy-result-areaname"></a>**Policy/Result/_AreaName_**  
-<p>The area group that can be configured by a single technology independent of the providers.
+The area group that can be configured by a single technology independent of the providers.
 
-<p>Supported operation is Get.
+Supported operation is Get.
 
 <a href="" id="policy-result-areaname-policyname"></a>**Policy/Result/_AreaName/PolicyName_**  
-<p>Specifies the name/value pair used in the policy.
+Specifies the name/value pair used in the policy.
 
-<p>Supported operation is Get.
+Supported operation is Get.
 
 <a href="" id="policy-result"></a>**Policy/ConfigOperations**  
-<p>Added in Windows 10, version 1703. The root node for grouping different configuration operations.
+Added in Windows 10, version 1703. The root node for grouping different configuration operations.
 
-<p>Supported operations are Add, Get, and Delete.
+Supported operations are Add, Get, and Delete.
 
 <a href="" id="policy-configoperations-admxinstall"></a>**Policy/ConfigOperations/ADMXInstall**  
-<p>Added in Windows 10, version 1703. Allows settings for ADMX files for Win32 and Desktop Bridge apps to be imported (ingested) by your device and processed into new ADMX-backed policies or preferences. By using ADMXInstall, you can add ADMX-backed policies for those Win32 or Desktop Bridge apps that have been added between OS releases. ADMX-backed policies are ingested to your device by using the Policy CSP URI: <code>./Vendor/MSFT/Policy/ConfigOperations/ADMXInstall</code>. Each ADMX-backed policy or preference that is added is assigned a unique ID. For more information about using Policy CSP to configure Win32 and Desktop Bridge app policies, see <a href="win32-and-centennial-app-policy-configuration.md" data-raw-source="[Win32 and Desktop Bridge app policy configuration](win32-and-centennial-app-policy-configuration.md)">Win32 and Desktop Bridge app policy configuration</a>.
+Added in Windows 10, version 1703. Allows settings for ADMX files for Win32 and Desktop Bridge apps to be imported (ingested) by your device and processed into new ADMX-backed policies or preferences. By using ADMXInstall, you can add ADMX-backed policies for those Win32 or Desktop Bridge apps that have been added between OS releases. ADMX-backed policies are ingested to your device by using the Policy CSP URI: <code>./Vendor/MSFT/Policy/ConfigOperations/ADMXInstall</code>. Each ADMX-backed policy or preference that is added is assigned a unique ID. For more information about using Policy CSP to configure Win32 and Desktop Bridge app policies, see [Win32 and Desktop Bridge app policy configuration](win32-and-centennial-app-policy-configuration.md).
 
 > [!NOTE]
 > The OPAX settings that are managed by the Microsoft Office Customization Tool are not supported by MDM. For more information about this tool, see [Office Customization Tool](/previous-versions/office/office-2013-resource-kit/cc179097(v=office.15)).
 
-<p>ADMX files that have been installed by using **ConfigOperations/ADMXInstall** can later be deleted by using the URI delete operation. Deleting an ADMX file will delete the ADMX file from disk, remove the metadata from the ADMXdefault registry hive, and delete all the policies that were set from the file. The MDM server can also delete all ADMX policies that are tied to a particular app by calling delete on the URI, <code>./Vendor/MSFT/Policy/ConfigOperations/ADMXInstall/{AppName}</code>.
+ADMX files that have been installed by using **ConfigOperations/ADMXInstall** can later be deleted by using the URI delete operation. Deleting an ADMX file will delete the ADMX file from disk, remove the metadata from the ADMXdefault registry hive, and delete all the policies that were set from the file. The MDM server can also delete all ADMX policies that are tied to a particular app by calling delete on the URI, <code>./Vendor/MSFT/Policy/ConfigOperations/ADMXInstall/{AppName}</code>.
 
-<p>Supported operations are Add, Get, and Delete.
+Supported operations are Add, Get, and Delete.
 
 <a href="" id="policy-configoperations-admxinstall-appname"></a>**Policy/ConfigOperations/ADMXInstall/_AppName_**  
-<p>Added in Windows 10, version 1703. Specifies the name of the Win32 or Desktop Bridge app associated with the ADMX file. 
+Added in Windows 10, version 1703. Specifies the name of the Win32 or Desktop Bridge app associated with the ADMX file. 
 
-<p>Supported operations are Add, Get, and Delete.
+Supported operations are Add, Get, and Delete.
 
 <a href="" id="policy-configoperations-admxinstall-appname-policy"></a>**Policy/ConfigOperations/ADMXInstall/_AppName_/Policy**  
-<p>Added in Windows 10, version 1703. Specifies that a Win32 or Desktop Bridge app policy is to be imported.
+Added in Windows 10, version 1703. Specifies that a Win32 or Desktop Bridge app policy is to be imported.
 
-<p>Supported operations are Add, Get, and Delete.
+Supported operations are Add, Get, and Delete.
 
 <a href="" id="policy-configoperations-admxinstall-appname-policy-uniqueid"></a>**Policy/ConfigOperations/ADMXInstall/_AppName_/Policy/_UniqueID_** 
-<p>Added in Windows 10, version 1703. Specifies the unique ID of the app ADMX file that contains the policy to import.
+Added in Windows 10, version 1703. Specifies the unique ID of the app ADMX file that contains the policy to import.
 
-<p>Supported operations are Add and Get. Does not support Delete.
+Supported operations are Add and Get. Does not support Delete.
 
 <a href="" id="policy-configoperations-admxinstall-appname-preference"></a>**Policy/ConfigOperations/ADMXInstall/_AppName_/Preference**  
-<p>Added in Windows 10, version 1703. Specifies that a Win32 or Desktop Bridge app preference is to be imported.
+Added in Windows 10, version 1703. Specifies that a Win32 or Desktop Bridge app preference is to be imported.
 
-<p>Supported operations are Add, Get, and Delete.
+Supported operations are Add, Get, and Delete.
 
 <a href="" id="policy-configoperations-admxinstall-appname-preference-uniqueid"></a>**Policy/ConfigOperations/ADMXInstall/_AppName_/Preference/_UniqueID_**  
-<p>Added in Windows 10, version 1703. Specifies the unique ID of the app ADMX file that contains the preference to import.
-
-<p>Supported operations are Add and Get. Does not support Delete.
+Added in Windows 10, version 1703. Specifies the unique ID of the app ADMX file that contains the preference to import.
 
+Supported operations are Add and Get. Does not support Delete.
 
 ## Policies
 
diff --git a/windows/client-management/mdm/policy-csp-abovelock.md b/windows/client-management/mdm/policy-csp-abovelock.md
index 53f46805cf..f23dbf7f6b 100644
--- a/windows/client-management/mdm/policy-csp-abovelock.md
+++ b/windows/client-management/mdm/policy-csp-abovelock.md
@@ -14,8 +14,6 @@ manager: dansimp
 
 # Policy CSP - AboveLock
 
-
-
 <hr/>
 
 <!--Policies-->
@@ -123,3 +121,6 @@ The following list shows the supported values:
 
 <!--/Policies-->
 
+## Related topics
+
+[Policy CSP](policy-configuration-service-provider.md)
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-accounts.md b/windows/client-management/mdm/policy-csp-accounts.md
index ffbfabf801..2a640df633 100644
--- a/windows/client-management/mdm/policy-csp-accounts.md
+++ b/windows/client-management/mdm/policy-csp-accounts.md
@@ -1,6 +1,6 @@
 ---
 title: Policy CSP - Accounts
-description: Learn about the Policy configuration service provider (CSP). This articles describes account policies. 
+description: Learn about the Accounts policy configuration service provider (CSP). This article describes account policies. 
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@@ -169,4 +169,8 @@ The following list shows the supported values:
 
 
 
-<!--/Policies-->
\ No newline at end of file
+<!--/Policies-->
+
+## Related topics
+
+[Policy CSP](policy-configuration-service-provider.md)
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-activexcontrols.md b/windows/client-management/mdm/policy-csp-activexcontrols.md
index 352549f4d0..6c81fc9eb0 100644
--- a/windows/client-management/mdm/policy-csp-activexcontrols.md
+++ b/windows/client-management/mdm/policy-csp-activexcontrols.md
@@ -67,7 +67,8 @@ If you enable this setting, the administrator can create a list of approved Acti
 
 If you disable or do not configure this policy setting, ActiveX controls prompt the user for administrative credentials before installation. 
 
-Note: Wild card characters cannot be used when specifying the host URLs.
+>[!Note]
+> Wild card characters cannot be used when specifying the host URLs.
 
 <!--/Description-->
 
@@ -85,3 +86,6 @@ ADMX Info:
 
 <!--/Policies-->
 
+## Related topics
+
+[ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-admx-activexinstallservice.md b/windows/client-management/mdm/policy-csp-admx-activexinstallservice.md
index 01c897def4..caad440929 100644
--- a/windows/client-management/mdm/policy-csp-admx-activexinstallservice.md
+++ b/windows/client-management/mdm/policy-csp-admx-activexinstallservice.md
@@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_ActiveXInstallService
-description: Policy CSP - ADMX_ActiveXInstallService
+description: Learn about the Policy CSP - ADMX_ActiveXInstallService.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@@ -89,3 +89,6 @@ ADMX Info:
 
 <!--/Policies-->
 
+## Related topics
+
+[ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-admx-addremoveprograms.md b/windows/client-management/mdm/policy-csp-admx-addremoveprograms.md
index cda9438358..28216b6769 100644
--- a/windows/client-management/mdm/policy-csp-admx-addremoveprograms.md
+++ b/windows/client-management/mdm/policy-csp-admx-addremoveprograms.md
@@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_AddRemovePrograms
-description: Policy CSP - ADMX_AddRemovePrograms 
+description: Learn about the Policy CSP - ADMX_AddRemovePrograms.
 ms.author: dansimp
 ms.topic: article
 ms.prod: w10
@@ -93,7 +93,7 @@ The policy setting specifies the category of programs that appears when users op
 
 To use this setting, type the name of a category in the Category box for this setting. You must enter a category that is already defined in Add or Remove Programs. To define a category, use Software Installation.
 
-If you disable this setting or do not configure it, all programs (Category: All) are displayed when the "Add New Programs" page opens. You can use this setting to direct users to the programs they are most likely to need. 
+If you disable this setting or don't configure it, all programs (Category: All) are displayed when the "Add New Programs" page opens. You can use this setting to direct users to the programs they're most likely to need. 
 
 > [!NOTE]
 > This setting is ignored if either the "Remove Add or Remove Programs" setting or the "Hide Add New Programs page" setting is enabled.
@@ -150,7 +150,7 @@ ADMX Info:
 
 This policy setting removes the "Add a program from CD-ROM or floppy disk" section from the Add New Programs page. This prevents users from using Add or Remove Programs to install programs from removable media.
 
-If you disable this setting or do not configure it, the "Add a program from CD-ROM or floppy disk" option is available to all users. This setting does not prevent users from using other tools and methods to add or remove program components.
+If you disable this setting or don't configure it, the "Add a program from CD-ROM or floppy disk" option will be available to all users. This setting doesn't prevent users from using other tools and methods to add or remove program components.
 
 > [!NOTE]
 > If the "Hide Add New Programs page" setting is enabled, this setting is ignored. Also, if the "Prevent removable media source for any install" setting (located in User Configuration\Administrative Templates\Windows Components\Windows Installer) is enabled, users cannot add programs from removable media, regardless of this setting.
@@ -207,7 +207,7 @@ ADMX Info:
 
 This policy setting removes the "Add programs from Microsoft" section from the Add New Programs page. This setting prevents users from using Add or Remove Programs to connect to Windows Update.
 
-If you disable this setting or do not configure it, "Add programs from Microsoft" is available to all users. This setting does not prevent users from using other tools and methods to connect to Windows Update.
+If you disable this setting or don't configure it, "Add programs from Microsoft" is available to all users. This setting doesn't prevent users from using other tools and methods to connect to Windows Update.
 
 > [!NOTE]
 > If the "Hide Add New Programs page" setting is enabled, this setting is ignored.
@@ -265,9 +265,9 @@ ADMX Info:
 
 This policy setting prevents users from viewing or installing published programs. This setting removes the "Add programs from your network" section from the Add New Programs page. The "Add programs from your network" section lists published programs and provides an easy way to install them. Published programs are those programs that the system administrator has explicitly made available to the user with a tool such as Windows Installer. Typically, system administrators publish programs to notify users that the programs are available, to recommend their use, or to enable users to install them without having to search for installation files. 
 
-If you enable this setting, users cannot tell which programs have been published by the system administrator, and they cannot use Add or Remove Programs to install published programs. However, they can still install programs by using other methods, and they can view and install assigned (partially installed) programs that are offered on the desktop or on the Start menu. 
+If you enable this setting, users can't tell which programs have been published by the system administrator, and they can't use Add or Remove Programs to install published programs. However, they can still install programs by using other methods, and they can view and install assigned (partially installed) programs that are offered on the desktop or on the Start menu. 
 
-If you disable this setting or do not configure it, "Add programs from your network" is available to all users.
+If you disable this setting or don't configure it, "Add programs from your network" is available to all users.
 
 > [!NOTE]
 > If the "Hide Add New Programs page" setting is enabled, this setting is ignored.
@@ -322,9 +322,9 @@ ADMX Info:
 <!--/Scope-->
 <!--Description-->
 
-This policy setting removes the Add New Programs button from the Add or Remove Programs bar. As a result, users cannot view or change the attached page. The Add New Programs button lets users install programs published or assigned by a system administrator.
+This policy setting removes the Add New Programs button from the Add or Remove Programs bar. As a result, users can't view or change the attached page. The Add New Programs button lets users install programs published or assigned by a system administrator.
 
-If you disable this setting or do not configure it, the Add New Programs button is available to all users. This setting does not prevent users from using other tools and methods to install programs.
+If you disable this setting or don't configure it, the Add New Programs button will be available to all users. This setting doesn't prevent users from using other tools and methods to install programs.
 
 <!--/Description-->
 
@@ -379,7 +379,7 @@ ADMX Info:
 
 This policy setting prevents users from using Add or Remove Programs. This setting removes Add or Remove Programs from Control Panel and removes the Add or Remove Programs item from menus. Add or Remove Programs lets users install, uninstall, repair, add, and remove features and components of Windows 2000 Professional and a wide variety of Windows programs. Programs published or assigned to the user appear in Add or Remove Programs. 
 
-If you disable this setting or do not configure it, Add or Remove Programs is available to all users. When enabled, this setting takes precedence over the other settings in this folder. This setting does not prevent users from using other tools and methods to install or uninstall programs.
+If you disable this setting or don't configure it, Add or Remove Programs is available to all users. When enabled, this setting takes precedence over the other settings in this folder. This setting doesn't prevent users from using other tools and methods to install or uninstall programs.
 
 <!--/Description-->
 
@@ -432,9 +432,9 @@ ADMX Info:
 <!--/Scope-->
 <!--Description-->
 
-This policy setting removes the Set Program Access and Defaults button from the Add or Remove Programs bar. As a result, users cannot view or change the associated page. The Set Program Access and Defaults button lets administrators specify default programs for certain activities, such as Web browsing or sending e-mail, as well as which programs are accessible from the Start menu, desktop, and other locations. 
+This policy setting removes the Set Program Access and Defaults button from the Add or Remove Programs bar. As a result, users can't view or change the associated page. The Set Program Access and Defaults button lets administrators specify default programs for certain activities, such as Web browsing or sending e-mail, as well as which programs are accessible from the Start menu, desktop, and other locations. 
 
-If you disable this setting or do not configure it, the Set Program Access and Defaults button is available to all users. This setting does not prevent users from using other tools and methods to change program access or defaults. This setting does not prevent the Set Program Access and Defaults icon from appearing on the Start menu. See the "Remove Set Program Access and Defaults from Start menu" setting.
+If you disable this setting or don't configure it, the Set Program Access and Defaults button is available to all users. This setting doesn't prevent users from using other tools and methods to change program access or defaults. This setting doesn't prevent the Set Program Access and Defaults icon from appearing on the Start menu. See the "Remove Set Program Access and Defaults from Start menu" setting.
 
 
 <!--/Description-->
@@ -488,9 +488,9 @@ ADMX Info:
 <!--/Scope-->
 <!--Description-->
 
-This policy setting removes the Change or Remove Programs button from the Add or Remove Programs bar. As a result, users cannot view or change the attached page. The Change or Remove Programs button lets users uninstall, repair, add, or remove features of installed programs.
+This policy setting removes the Change or Remove Programs button from the Add or Remove Programs bar. As a result, users can't view or change the attached page. The Change or Remove Programs button lets users uninstall, repair, add, or remove features of installed programs.
 
-If you disable this setting or do not configure it, the Change or Remove Programs page is available to all users. This setting does not prevent users from using other tools and methods to delete or uninstall programs.
+If you disable this setting or don't configure it, the Change or Remove Programs page is available to all users. This setting doesn't prevent users from using other tools and methods to delete or uninstall programs.
 
 <!--/Description-->
 
@@ -543,9 +543,9 @@ ADMX Info:
 <!--/Scope-->
 <!--Description-->
 
-This policy setting prevents users from using Add or Remove Programs to configure installed services. This setting removes the "Set up services" section of the Add/Remove Windows Components page. The "Set up services" section lists system services that have not been configured and offers users easy access to the configuration tools.
+This policy setting prevents users from using Add or Remove Programs to configure installed services. This setting removes the "Set up services" section of the Add/Remove Windows Components page. The "Set up services" section lists system services that haven't been configured and offers users easy access to the configuration tools.
 
-If you disable this setting or do not configure it, "Set up services" appears only when there are unconfigured system services. If you enable this setting, "Set up services" never appears. This setting does not prevent users from using other methods to configure services.
+If you disable this setting or don't configure it, "Set up services" appears only when there are unconfigured system services. If you enable this setting, "Set up services" never appears. This setting doesn't prevent users from using other methods to configure services.
 
 > [!NOTE]
 > When "Set up services" does not appear, clicking the Add/Remove Windows Components button starts the Windows Component Wizard immediately. Because the only remaining option on the Add/Remove Windows Components page starts the wizard, that option is selected automatically, and the page is bypassed. To remove "Set up services" and prevent the Windows Component Wizard from starting, enable the "Hide Add/Remove Windows Components page" setting. If the "Hide Add/Remove Windows Components page" setting is enabled, this setting is ignored.
@@ -603,7 +603,7 @@ ADMX Info:
 
 This policy setting removes links to the Support Info dialog box from programs on the Change or Remove Programs page. Programs listed on the Change or Remove Programs page can include a "Click here for support information" hyperlink. When clicked, the hyperlink opens a dialog box that displays troubleshooting information, including a link to the installation files and data that users need to obtain product support, such as the Product ID and version number of the program. The dialog box also includes a hyperlink to support information on the Internet, such as the Microsoft Product Support Services Web page.
 
-If you disable this setting or do not configure it, the Support Info hyperlink appears.
+If you disable this setting or don't configure it, the Support Info hyperlink appears.
 
 > [!NOTE]
 > Not all programs provide a support information hyperlink.
@@ -658,9 +658,9 @@ ADMX Info:
 <!--/Scope-->
 <!--Description-->
 
-This policy setting removes the Add/Remove Windows Components button from the Add or Remove Programs bar. As a result, users cannot view or change the associated page. The Add/Remove Windows Components button lets users configure installed services and use the Windows Component Wizard to add, remove, and configure components of Windows from the installation files.
+This policy setting removes the Add/Remove Windows Components button from the Add or Remove Programs bar. As a result, users can't view or change the associated page. The Add/Remove Windows Components button lets users configure installed services and use the Windows Component Wizard to add, remove, and configure components of Windows from the installation files.
 
-If you disable this setting or do not configure it, the Add/Remove Windows Components button is available to all users. This setting does not prevent users from using other tools and methods to configure services or add or remove program components. However, this setting blocks user access to the Windows Component Wizard.
+If you disable this setting or don't configure it, the Add/Remove Windows Components button is available to all users. This setting doesn't prevent users from using other tools and methods to configure services or add or remove program components. However, this setting blocks user access to the Windows Component Wizard.
 
 <!--/Description-->
 
@@ -687,3 +687,6 @@ ADMX Info:
 
 <!--/Policies-->
 
+## Related topics
+
+[ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-admx-admpwd.md b/windows/client-management/mdm/policy-csp-admx-admpwd.md
index 4701b9088a..f8dee79bd9 100644
--- a/windows/client-management/mdm/policy-csp-admx-admpwd.md
+++ b/windows/client-management/mdm/policy-csp-admx-admpwd.md
@@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_AdmPwd
-description: Policy CSP - ADMX_AdmPwd
+description: Learn about the Policy CSP - ADMX_AdmPwd.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@@ -73,7 +73,7 @@ manager: dansimp
 
 When you enable this setting, planned password expiration longer than password age dictated by "Password Settings" policy is NOT allowed. When such expiration is detected, password is changed immediately and password expiration is set according to policy.
 
-When you disable or not configure this setting, password expiration time may be longer than required by "Password Settings" policy.
+When you disable or don't configure this setting, password expiration time may be longer than required by "Password Settings" policy.
 <!--/Description-->
 
 <!--ADMXBacked-->
@@ -160,7 +160,7 @@ ADMX Info:
 
 When you enable this setting, planned password expiration longer than password age dictated by "Password Settings" policy is NOT allowed. When such expiration is detected, password is changed immediately and password expiration is set according to policy.
 
-When you disable or not configure this setting, password expiration time may be longer than required by "Password Settings" policy.
+When you disable or don't configure this setting, password expiration time may be longer than required by "Password Settings" policy.
 <!--/Description-->
 
 <!--ADMXBacked-->
@@ -225,3 +225,6 @@ ADMX Info:
 
 <!--/Policies-->
 
+## Related topics
+
+[ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-admx-appcompat.md b/windows/client-management/mdm/policy-csp-admx-appcompat.md
index f77ed606ef..c4a14678bd 100644
--- a/windows/client-management/mdm/policy-csp-admx-appcompat.md
+++ b/windows/client-management/mdm/policy-csp-admx-appcompat.md
@@ -98,7 +98,7 @@ This policy setting specifies whether to prevent the MS-DOS subsystem (**ntvdm.e
 
 You can use this setting to turn off the MS-DOS subsystem, which will reduce resource usage and prevent users from running 16-bit applications. To run any 16-bit application or any application with 16-bit components, **ntvdm.exe** must be allowed to run. The MS-DOS subsystem starts when the first 16-bit application is launched. While the MS-DOS subsystem is running, any subsequent 16-bit applications launch faster, but overall resource usage on the system is increased.
 
-If the status is set to Enabled, the MS-DOS subsystem is prevented from running, which then prevents any 16-bit applications from running. In addition, any 32-bit applications with 16-bit installers or other 16-bit components cannot run.
+If the status is set to Enabled, the MS-DOS subsystem is prevented from running, which then prevents any 16-bit applications from running. In addition, any 32-bit applications with 16-bit installers or other 16-bit components can't run.
 
 If the status is set to Disabled, the MS-DOS subsystem runs for all users on this computer.
 
@@ -151,7 +151,7 @@ This policy setting controls the visibility of the Program Compatibility propert
 
 The compatibility property page displays a list of options that can be selected and applied to the application to resolve the most common issues affecting legacy applications.
 
-Enabling this policy setting removes the property page from the context-menus, but does not affect previous compatibility settings applied to application using this interface.
+Enabling this policy setting removes the property page from the context-menus, but doesn't affect previous compatibility settings applied to application using this interface.
 
 <!--/Description-->
 
@@ -247,13 +247,13 @@ ADMX Info:
 <!--Description-->
 The policy setting controls the state of the Switchback compatibility engine in the system.
 
-Switchback is a mechanism that provides generic compatibility mitigations to older applications by providing older behavior to old applications and new behavior to new applications.
+Switchback is a mechanism that provides generic compatibility mitigation to older applications by providing older behavior to old applications and new behavior to new applications.
 
 Switchback is on by default.
 
-If you enable this policy setting, Switchback will be turned off. Turning Switchback off may degrade the compatibility of older applications. This option is useful for server administrators who require performance and are aware of compatibility of the applications they are using.
+If you enable this policy setting, Switchback will be turned off. Turning off Switchback may degrade the compatibility of older applications. This option is useful for server administrators who require performance and are aware of compatibility of the applications they're using.
 
-If you disable or do not configure this policy setting, the Switchback will be turned on.
+If you disable or don't configure this policy setting, the Switchback will be turned on.
 
 Reboot the system after changing the setting to ensure that your system accurately reflects those changes.
 <!--/Description-->
@@ -298,13 +298,13 @@ ADMX Info:
 <!--Description-->
 This policy setting controls the state of the application compatibility engine in the system.
 
-The engine is part of the loader and looks through a compatibility database every time an application is started on the system. If a match for the application is found it provides either run-time solutions or compatibility fixes, or displays an Application Help message if the application has a know problem.
+The engine is part of the loader and looks through a compatibility database every time an application is started on the system. If a match for the application is found it provides either run-time solutions or compatibility fixes, or displays an Application Help message if the application has a known problem.
 
-Turning off the application compatibility engine will boost system performance.  However, this will degrade the compatibility of many popular legacy applications, and will not block known incompatible applications from installing. For example, this may result in a blue screen if an old anti-virus application is installed.
+Turning off the application compatibility engine will boost system performance.  However, this will degrade the compatibility of many popular legacy applications, and won't block known incompatible applications from installing. For example, this may result in a blue screen if an old anti-virus application is installed.
 
-The Windows Resource Protection and User Account Control features of Windows use the application compatibility engine to provide mitigations for application problems. If the engine is turned off, these mitigations will not be applied to applications and their installers and these applications may fail to install or run properly.
+The Windows Resource Protection and User Account Control features of Windows use the application compatibility engine to provide mitigations for application problems. If the engine is turned off, these mitigations won't be applied to applications and their installers and these applications may fail to install or run properly.
 
-This option is useful to server administrators who require faster performance and are aware of the compatibility of the applications they are using.  It is particularly useful for a web server where applications may be launched several hundred times a second, and the performance of the loader is essential.
+This option is useful to server administrators who require faster performance and are aware of the compatibility of the applications they're using.  It's particularly useful for a web server where applications may be launched several hundred times a second, and the performance of the loader is essential.
 
 > [!NOTE]
 > Many system processes cache the value of this setting for performance reasons. If you make changes to this setting, reboot to ensure that your system accurately reflects those changes.
@@ -350,7 +350,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting exists only for backward compatibility, and is not valid for this version of Windows. To configure the Program Compatibility Assistant, use the 'Turn off Program Compatibility Assistant' setting under Computer Configuration\Administrative Templates\Windows Components\Application Compatibility.
+This policy setting exists only for backward compatibility, and isn't valid for this version of Windows. To configure the Program Compatibility Assistant, use the 'Turn off Program Compatibility Assistant' setting under Computer Configuration\Administrative Templates\Windows Components\Application Compatibility.
 
 <!--/Description-->
 
@@ -395,9 +395,9 @@ ADMX Info:
 <!--Description-->
 This policy setting controls the state of the Program Compatibility Assistant (PCA). The PCA monitors applications run by the user. When a potential compatibility issue with an application is detected, the PCA will prompt the user with recommended solutions. To configure the diagnostic settings for the PCA, go to System->Troubleshooting and Diagnostics->Application Compatibility Diagnostics.
 
-If you enable this policy setting, the PCA will be turned off. The user will not be presented with solutions to known compatibility issues when running applications. Turning off the PCA can be useful for system administrators who require better performance and are already aware of application compatibility issues.
+If you enable this policy setting, the PCA will be turned off. The user won't be presented with solutions to known compatibility issues when running applications. Turning off the PCA can be useful for system administrators who require better performance and are already aware of application compatibility issues.
 
-If you disable or do not configure this policy setting, the PCA will be turned on. To configure the diagnostic settings for the PCA, go to System->Troubleshooting and Diagnostics->Application Compatibility Diagnostics.  
+If you disable or don't configure this policy setting, the PCA will be turned on. To configure the diagnostic settings for the PCA, go to System->Troubleshooting and Diagnostics->Application Compatibility Diagnostics.  
 
 > [!NOTE]
 > The Diagnostic Policy Service (DPS) and Program Compatibility Assistant Service must be running for the PCA to run. These services can be configured by using the Services snap-in to the Microsoft Management Console.
@@ -449,7 +449,7 @@ Steps Recorder keeps a record of steps taken by the user. The data generated by
 
 If you enable this policy setting, Steps Recorder will be disabled.
 
-If you disable or do not configure this policy setting, Steps Recorder will be enabled.
+If you disable or don't configure this policy setting, Steps Recorder will be enabled.
 
 <!--/Description-->
 
@@ -496,9 +496,9 @@ This policy setting controls the state of the Inventory Collector.
 
 The Inventory Collector inventories applications, files, devices, and drivers on the system and sends the information to Microsoft. This information is used to help diagnose compatibility problems.
 
-If you enable this policy setting, the Inventory Collector will be turned off and data will not be sent to Microsoft. Collection of installation data through the Program Compatibility Assistant is also disabled.
+If you enable this policy setting, the Inventory Collector will be turned off and data won't be sent to Microsoft. Collection of installation data through the Program Compatibility Assistant is also disabled.
 
-If you disable or do not configure this policy setting, the Inventory Collector will be turned on.
+If you disable or don't configure this policy setting, the Inventory Collector will be turned on.
 
 > [!NOTE]
 > This policy setting has no effect if the Customer Experience Improvement Program is turned off. The Inventory Collector will be off.
@@ -519,3 +519,6 @@ ADMX Info:
 
 <!--/Policies-->
 
+## Related topics
+
+[ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
diff --git a/windows/client-management/mdm/policy-csp-admx-appxpackagemanager.md b/windows/client-management/mdm/policy-csp-admx-appxpackagemanager.md
index 158948b963..7dc13ae3e1 100644
--- a/windows/client-management/mdm/policy-csp-admx-appxpackagemanager.md
+++ b/windows/client-management/mdm/policy-csp-admx-appxpackagemanager.md
@@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_AppxPackageManager
-description: Policy CSP - ADMX_AppxPackageManager
+description: Learn about the Policy CSP - ADMX_AppxPackageManager.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@@ -63,16 +63,16 @@ manager: dansimp
 <!--Description-->
 This policy setting allows you to manage the deployment of Windows Store apps when the user is signed in using a special profile. 
 
-Special profiles are the following user profiles, where changes are discarded after the user signs off:  
+Special profiles are the following user profiles where changes are discarded after the user signs off:  
 
-- Roaming user profiles to which the "Delete cached copies of roaming profiles" Group Policy setting applies
-- Mandatory user profiles and super-mandatory profiles, which are created by an administrator
-- Temporary user profiles, which are created when an error prevents the correct profile from loading
-- User profiles for the Guest account and members of the Guests group
+- Roaming user profiles to which the "Delete cached copies of roaming profiles" Group Policy setting applies.
+- Mandatory user profiles and super-mandatory profiles, which are created by an administrator.
+- Temporary user profiles, which are created when an error prevents the correct profile from loading.
+- User profiles for the Guest account and members of the Guests group.
 
 If you enable this policy setting, Group Policy allows deployment operations (adding, registering, staging, updating, or removing an app package) of Windows Store apps when using a special profile.
 
-If you disable or do not configure this policy setting, Group Policy blocks deployment operations of Windows Store apps when using a special profile.
+If you disable or don't configure this policy setting, Group Policy blocks deployment operations of Windows Store apps when using a special profile.
 
 <!--/Description-->
 
@@ -89,4 +89,8 @@ ADMX Info:
 <hr/>
 
 
-<!--/Policies-->
\ No newline at end of file
+<!--/Policies-->
+
+## Related topics
+
+[ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-admx-appxruntime.md b/windows/client-management/mdm/policy-csp-admx-appxruntime.md
index 4cc5ed5e0b..4095c01ad1 100644
--- a/windows/client-management/mdm/policy-csp-admx-appxruntime.md
+++ b/windows/client-management/mdm/policy-csp-admx-appxruntime.md
@@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_AppXRuntime
-description: Policy CSP - ADMX_AppXRuntime
+description: Learn about the Policy CSP - ADMX_AppXRuntime.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@@ -72,7 +72,7 @@ manager: dansimp
 <!--Description-->
 This policy setting lets you turn on Content URI Rules to supplement the static Content URI Rules that were defined as part of the app manifest and apply to all Windows Store apps that use the enterpriseAuthentication capability on a computer.
 
-If you enable this policy setting, you can define additional Content URI Rules that all Windows Store apps that use the enterpriseAuthentication capability on a computer can use.
+If you enable this policy setting, you can define more Content URI Rules that all Windows Store apps that use the enterpriseAuthentication capability on a computer can use.
 
 If you disable or don't set this policy setting, Windows Store apps will only use the static Content URI Rules.
 
@@ -117,11 +117,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting lets you control whether Windows Store apps can open files using the default desktop app for a file type. Because desktop apps run at a higher integrity level than Windows Store apps, there is a risk that a Windows Store app might compromise the system by opening a file in the default desktop app for a file type.
+This policy setting lets you control whether Windows Store apps can open files using the default desktop app for a file type. Because desktop apps run at a higher integrity level than Windows Store apps, there's a risk that a Windows Store app might compromise the system by opening a file in the default desktop app for a file type.
 
-If you enable this policy setting, Windows Store apps cannot open files in the default desktop app for a file type; they can open files only in other Windows Store apps.
+If you enable this policy setting, Windows Store apps can't open files in the default desktop app for a file type; they can open files only in other Windows Store apps.
 
-If you disable or do not configure this policy setting, Windows Store apps can open files in the default desktop app for a file type.
+If you disable or don't configure this policy setting, Windows Store apps can open files in the default desktop app for a file type.
 
 <!--/Description-->
 
@@ -164,9 +164,9 @@ ADMX Info:
 <!--Description-->
 This policy setting controls whether Universal Windows apps with Windows Runtime API access directly from web content can be launched.
 
-If you enable this policy setting, Universal Windows apps which declare Windows Runtime API access in ApplicationContentUriRules section of the manifest cannot be launched; Universal Windows apps which have not declared Windows Runtime API access in the manifest are not affected.
+If you enable this policy setting, Universal Windows apps that declare Windows Runtime API access in ApplicationContentUriRules section of the manifest can't be launched; Universal Windows apps that haven't declared Windows Runtime API access in the manifest aren't affected.
 
-If you disable or do not configure this policy setting, all Universal Windows apps can be launched.
+If you disable or don't configure this policy setting, all Universal Windows apps can be launched.
 
 > [!WARNING]
 > This policy should not be enabled unless recommended by Microsoft as a security response because it can cause severe app compatibility issues.
@@ -211,11 +211,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting lets you control whether Windows Store apps can open URIs using the default desktop app for a URI scheme. Because desktop apps run at a higher integrity level than Windows Store apps, there is a risk that a URI scheme launched by a Windows Store app might compromise the system by launching a desktop app.  
+This policy setting lets you control whether Windows Store apps can open URIs using the default desktop app for a URI scheme. Because desktop apps run at a higher integrity level than Windows Store apps, there's a risk that a URI scheme launched by a Windows Store app might compromise the system by launching a desktop app.  
 
-If you enable this policy setting, Windows Store apps cannot open URIs in the default desktop app for a URI scheme; they can open URIs only in other Windows Store apps.
+If you enable this policy setting, Windows Store apps can't open URIs in the default desktop app for a URI scheme; they can open URIs only in other Windows Store apps.
 
-If you disable or do not configure this policy setting, Windows Store apps can open URIs in the default desktop app for a URI scheme.
+If you disable or don't configure this policy setting, Windows Store apps can open URIs in the default desktop app for a URI scheme.
 
 > [!NOTE]
 > Enabling this policy setting does not block Windows Store apps from opening the default desktop app for the http, https, and mailto URI schemes. The handlers for these URI schemes are hardened against URI-based vulnerabilities from untrusted sources, reducing the associated risk.
@@ -236,3 +236,6 @@ ADMX Info:
 
 <!--/Policies-->
 
+## Related topics
+
+[ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-admx-attachmentmanager.md b/windows/client-management/mdm/policy-csp-admx-attachmentmanager.md
index c73a012b15..a54fcdbac7 100644
--- a/windows/client-management/mdm/policy-csp-admx-attachmentmanager.md
+++ b/windows/client-management/mdm/policy-csp-admx-attachmentmanager.md
@@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_AttachmentManager
-description: Policy CSP - ADMX_AttachmentManager
+description: Learn about the Policy CSP - ADMX_AttachmentManager.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@@ -77,13 +77,13 @@ This policy setting allows you to configure the logic that Windows uses to deter
 
 Preferring the file handler instructs Windows to use the file handler data over the file type data. For example, trust notepad.exe, but don't trust .txt files.
 
-Preferring the file type instructs Windows to use the file type data over the file handler data. For example, trust .txt files, regardless of the file handler.  Using both the file handler and type data is the most restrictive option. Windows chooses the more restrictive recommendation which will cause users to see more trust prompts than choosing the other options.
+Preferring the file type instructs Windows to use the file type data over the file handler data. For example, trust .txt files, regardless of the file handler.  Using both the file handler and type data is the most restrictive option. Windows chooses the more restrictive recommendation that will cause users to see more trust prompts than choosing the other options.
 
 If you enable this policy setting, you can choose the order in which Windows processes risk assessment data.
 
 If you disable this policy setting, Windows uses its default trust logic, which prefers the file handler over the file type.
 
-If you do not configure this policy setting, Windows uses its default trust logic, which prefers the file handler over the file type.
+If you don't configure this policy setting, Windows uses its default trust logic, which prefers the file handler over the file type.
 
 <!--/Description-->
 
@@ -126,17 +126,15 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to manage the default risk level for file types. To fully customize the risk level for file attachments, you may also need to configure the trust logic for file attachments.
 
-High Risk: If the attachment is in the list of high-risk file types and is from the restricted zone, Windows blocks the user from accessing the file. If the file is from the Internet zone, Windows prompts the user before accessing the file.
-
-Moderate Risk: If the attachment is in the list of moderate-risk file types and is from the restricted or Internet zone, Windows prompts the user before accessing the file.
-
-Low Risk: If the attachment is in the list of low-risk file types, Windows will not prompt the user before accessing the file, regardless of the file's zone information.
+- High Risk: If the attachment is in the list of high-risk file types and is from the restricted zone, Windows blocks the user from accessing the file. If the file is from the Internet zone, Windows prompts the user before accessing the file.
+- Moderate Risk: If the attachment is in the list of moderate-risk file types and is from the restricted or Internet zone, Windows prompts the user before accessing the file.
+- Low Risk: If the attachment is in the list of low-risk file types, Windows won't prompt the user before accessing the file, regardless of the file's zone information.
 
 If you enable this policy setting, you can specify the default risk level for file types.
 
 If you disable this policy setting, Windows sets the default risk level to moderate.
 
-If you do not configure this policy setting, Windows sets the default risk level to moderate.
+If you don't configure this policy setting, Windows sets the default risk level to moderate.
 
 <!--/Description-->
 
@@ -183,7 +181,7 @@ If you enable this policy setting, you can create a custom list of high-risk fil
 
 If you disable this policy setting, Windows uses its built-in list of file types that pose a high risk.
 
-If you do not configure this policy setting, Windows uses its built-in list of high-risk file types.
+If you don't configure this policy setting, Windows uses its built-in list of high-risk file types.
 
 <!--/Description-->
 
@@ -224,13 +222,13 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting allows you to configure the list of low-risk file types. If the attachment is in the list of low-risk file types, Windows will not prompt the user before accessing the file, regardless of the file's zone information. This inclusion list overrides the list of high-risk file types built into Windows and has a lower precedence than the high-risk or medium-risk inclusion lists (where an extension is listed in more than one inclusion list).
+This policy setting allows you to configure the list of low-risk file types. If the attachment is in the list of low-risk file types, Windows won't prompt the user before accessing the file, regardless of the file's zone information. This inclusion list overrides the list of high-risk file types built into Windows and has a lower precedence than the high-risk or medium-risk inclusion lists (where an extension is listed in more than one inclusion list).
 
 If you enable this policy setting, you can specify file types that pose a low risk.
 
 If you disable this policy setting, Windows uses its default trust logic.
 
-If you do not configure this policy setting, Windows uses its default trust logic.
+If you don't configure this policy setting, Windows uses its default trust logic.
 
 <!--/Description-->
 
@@ -273,11 +271,11 @@ ADMX Info:
 <!--Description-->
 This policy setting allows you to configure the list of moderate-risk file types. If the attachment is in the list of moderate-risk file types and is from the restricted or Internet zone, Windows prompts the user before accessing the file. This inclusion list overrides the list of potentially high-risk file types built into Windows and it takes precedence over the low-risk inclusion list but has a lower precedence than the high-risk inclusion list (where an extension is listed in more than one inclusion list).
 
-If you enable this policy setting, you can specify file types which pose a moderate risk.
+If you enable this policy setting, you can specify file types that pose a moderate risk.
 
 If you disable this policy setting, Windows uses its default trust logic.
 
-If you do not configure this policy setting, Windows uses its default trust logic.
+If you don't configure this policy setting, Windows uses its default trust logic.
 
 <!--/Description-->
 
@@ -294,3 +292,6 @@ ADMX Info:
 
 <!--/Policies-->
 
+## Related topics
+
+[ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-admx-auditsettings.md b/windows/client-management/mdm/policy-csp-admx-auditsettings.md
index c0329444bd..ba5bd6916e 100644
--- a/windows/client-management/mdm/policy-csp-admx-auditsettings.md
+++ b/windows/client-management/mdm/policy-csp-admx-auditsettings.md
@@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_AuditSettings
-description: Policy CSP - ADMX_AuditSettings
+description: Learn about the Policy CSP - ADMX_AuditSettings.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@@ -65,7 +65,7 @@ This policy setting determines what information is logged in security audit even
 
 If you enable this policy setting, the command line information for every process will be logged in plain text in the security event log as part of the Audit Process Creation event 4688, "a new process has been created," on the workstations and servers on which this policy setting is applied.
 
-If you disable or do not configure this policy setting, the process's command line information will not be included in Audit Process Creation events.  
+If you disable or don't configure this policy setting, the process's command line information will not be included in Audit Process Creation events.  
 
 Default is Not configured.
 
@@ -88,3 +88,6 @@ ADMX Info:
 
 <!--/Policies-->
 
+## Related topics
+
+[ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-admx-bits.md b/windows/client-management/mdm/policy-csp-admx-bits.md
index db8592a2d7..e3301c9321 100644
--- a/windows/client-management/mdm/policy-csp-admx-bits.md
+++ b/windows/client-management/mdm/policy-csp-admx-bits.md
@@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_Bits
-description: Policy CSP - ADMX_Bits
+description: Learn about the Policy CSP - ADMX_Bits.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@@ -102,9 +102,9 @@ manager: dansimp
 <!--Description-->
 This setting affects whether the BITS client is allowed to use Windows Branch Cache. If the Windows Branch Cache component is installed and enabled on a computer, BITS jobs on that computer can use Windows Branch Cache by default.
 
-If you enable this policy setting, the BITS client does not use Windows Branch Cache.
+If you enable this policy setting, the BITS client doesn't use Windows Branch Cache.
 
-If you disable or do not configure this policy setting, the BITS client uses Windows Branch Cache.
+If you disable or don't configure this policy setting, the BITS client uses Windows Branch Cache.
 
 > [!NOTE]
 > This policy setting does not affect the use of Windows Branch Cache by applications other than BITS. This policy setting does not apply to BITS transfers over SMB. This setting has no effect if the computer's administrative settings for Windows Branch Cache disable its use entirely.
@@ -152,7 +152,7 @@ This policy setting specifies whether the computer will act as a BITS peer cachi
 
 If you enable this policy setting, the computer will no longer use the BITS peer caching feature to download files; files will be downloaded only from the origin server. However, the computer will still make files available to its peers.
 
-If you disable or do not configure this policy setting, the computer attempts to download peer-enabled BITS jobs from peer computers before reverting to the origin server.
+If you disable or don't configure this policy setting, the computer attempts to download peer-enabled BITS jobs from peer computers before reverting to the origin server.
 
 > [!NOTE]
 > This policy setting has no effect if the "Allow BITS peer caching" policy setting is disabled or not configured.
@@ -201,7 +201,7 @@ This policy setting specifies whether the computer will act as a BITS peer cachi
 
 If you enable this policy setting, the computer will no longer cache downloaded files and offer them to its peers. However, the computer will still download files from peers.
 
-If you disable or do not configure this policy setting, the computer will offer downloaded and cached files to its peers.
+If you disable or don't configure this policy setting, the computer will offer downloaded and cached files to its peers.
 
 > [!NOTE]
 > This setting has no effect if the "Allow BITS peer caching" setting is disabled or not configured.
@@ -251,9 +251,9 @@ This policy setting determines if the Background Intelligent Transfer Service (B
 
 If BITS peer caching is enabled, BITS caches downloaded files and makes them available to other BITS peers. When transferring a download job, BITS first requests the files for the job from its peers in the same IP subnet. If none of the peers in the subnet have the requested files, BITS downloads them from the origin server.
 
-If you enable this policy setting, BITS downloads files from peers, caches the files, and responds to content requests from peers. Using the "Do not allow the computer to act as a BITS peer caching server" and "Do not allow the computer to act as a BITS peer caching client" policy settings, it is possible to control BITS peer caching functionality at a more detailed level. However, it should be noted that the "Allow BITS peer caching" policy setting must be enabled for the other two policy settings to have any effect.
+If you enable this policy setting, BITS downloads files from peers, caches the files, and responds to content requests from peers. Using the "Do not allow the computer to act as a BITS peer caching server" and "Do not allow the computer to act as a BITS peer caching client" policy settings, it's possible to control BITS peer caching functionality at a more detailed level. However, it should be noted that the "Allow BITS peer caching" policy setting must be enabled for the other two policy settings to have any effect.
 
-If you disable or do not configure this policy setting, the BITS peer caching feature will be disabled, and BITS will download files directly from the origin server.
+If you disable or don't configure this policy setting, the BITS peer caching feature will be disabled, and BITS will download files directly from the origin server.
 
 <!--/Description-->
 
@@ -296,15 +296,15 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting limits the network bandwidth that BITS uses for peer cache transfers (this setting does not affect transfers from the origin server).
+This policy setting limits the network bandwidth that BITS uses for peer cache transfers (this setting doesn't affect transfers from the origin server).
 
-To prevent any negative impact to a computer caused by serving other peers, by default BITS will use up to 30 percent of the bandwidth of the slowest active network interface. For example, if a computer has both a 100 Mbps network card and a 56 Kbps modem, and both are active, BITS will use a maximum of 30 percent of 56 Kbps. 
+To prevent any negative impact to a computer caused by serving other peers, by default BITS will use up to 30 percent of the bandwidth of the slowest active network interface. For example, if a computer has both a 100-Mbps network card and a 56-Kbps modem, and both are active, BITS will use a maximum of 30 percent of 56 Kbps. 
 
 You can change the default behavior of BITS, and specify a fixed maximum bandwidth that BITS will use for peer caching.
 
 If you enable this policy setting, you can enter a value in bits per second (bps) between 1048576 and 4294967200 to use as the maximum network bandwidth used for peer caching.
 
-If you disable this policy setting or do not configure it, the default value of 30 percent of the slowest active network interface will be used.
+If you disable this policy setting or don't configure it, the default value of 30 percent of the slowest active network interface will be used.
 
 > [!NOTE] 
 > This setting has no effect if the "Allow BITS peer caching" policy setting is disabled or not configured.
@@ -354,7 +354,7 @@ If you enable this policy setting, you can define a separate set of network band
 
 You can specify a limit to use for background jobs during a maintenance schedule. For example, if normal priority jobs are currently limited to 256 Kbps on a work schedule, you can further limit the network bandwidth of normal priority jobs to 0 Kbps from 8:00 A.M. to 10:00 A.M. on a maintenance schedule.
 
-If you disable or do not configure this policy setting, the limits defined for work or non-work schedules will be used.
+If you disable or don't configure this policy setting, the limits defined for work or non-work schedules will be used.
 
 > [!NOTE]
 > The bandwidth limits that are set for the maintenance period supersede any limits defined for work and other schedules.
@@ -399,13 +399,13 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting limits the network bandwidth that Background Intelligent Transfer Service (BITS) uses for background transfers during the work and non-work days and hours. The work schedule is defined using a weekly calendar, which consists of days of the week and hours of the day. All hours and days that are not defined in a work schedule are considered non-work hours.
+This policy setting limits the network bandwidth that Background Intelligent Transfer Service (BITS) uses for background transfers during the work and non-work days and hours. The work schedule is defined using a weekly calendar, which consists of days of the week and hours of the day. All hours and days that aren't defined in a work schedule are considered non-work hours.
 
 If you enable this policy setting, you can set up a schedule for limiting network bandwidth during both work and non-work hours. After the work schedule is defined, you can set the bandwidth usage limits for each of the three BITS background priority levels: high, normal, and low.
 
 You can specify a limit to use for background jobs during a work schedule. For example, you can limit the network bandwidth of low priority jobs to 128 Kbps from 8:00 A.M. to 5:00 P.M. on Monday through Friday, and then set the limit to 512 Kbps for non-work hours.
 
-If you disable or do not configure this policy setting, BITS uses all available unused bandwidth for background job transfers.
+If you disable or don't configure this policy setting, BITS uses all available unused bandwidth for background job transfers.
 
 <!--/Description-->
 
@@ -451,7 +451,7 @@ This policy setting limits the maximum amount of disk space that can be used for
 
 If you enable this policy setting, you can enter the percentage of disk space to be used for the BITS peer cache. You can enter a value between 1 percent and 80 percent.
 
-If you disable or do not configure this policy setting, the default size of the BITS peer cache is 1 percent of the total system disk size.
+If you disable or don't configure this policy setting, the default size of the BITS peer cache is 1 percent of the total system disk size.
 
 > [!NOTE]
 > This policy setting has no effect if the "Allow BITS peer caching" setting is disabled or not configured.
@@ -495,11 +495,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Available in the latest Windows 10 Insider Preview Build. This policy setting limits the maximum age of files in the Background Intelligent Transfer Service (BITS) peer cache. In order to make the most efficient use of disk space, by default BITS removes any files in the peer cache that have not been accessed in the past 90 days.
+Available in the latest Windows 10 Insider Preview Build. This policy setting limits the maximum age of files in the Background Intelligent Transfer Service (BITS) peer cache. In order to make the most efficient use of disk space, by default BITS removes any files in the peer cache that haven't been accessed in the past 90 days.
 
 If you enable this policy setting, you can specify in days the maximum age of files in the cache. You can enter a value between 1 and 120 days.
 
-If you disable or do not configure this policy setting, files that have not been accessed for the past 90 days will be removed from the peer cache.
+If you disable or don't configure this policy setting, files that haven't been accessed for the past 90 days will be removed from the peer cache.
 
 > [!NOTE]
 > This policy setting has no effect if the "Allow BITS Peercaching" policy setting is disabled or not configured.
@@ -551,7 +551,7 @@ By default BITS uses a maximum download time of 90 days (7,776,000 seconds).
 
 If you enable this policy setting, you can set the maximum job download time to a specified number of seconds.
 
-If you disable or do not configure this policy setting, the default value of 90 days (7,776,000 seconds) will be used.
+If you disable or don't configure this policy setting, the default value of 90 days (7,776,000 seconds) will be used.
 
 <!--/Description-->
 
@@ -593,11 +593,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-This policy setting limits the number of files that a BITS job can contain. By default, a BITS job is limited to 200 files. You can use this setting to raise or lower the maximum number of files a BITS jobs can contain.
+This policy setting limits the number of files that a BITS job can contain. By default, a BITS job is limited to 200 files. You can use this setting to raise or lower the maximum number of files a BITS job can contain.
 
 If you enable this policy setting, BITS will limit the maximum number of files a job can contain to the specified number.
 
-If you disable or do not configure this policy setting, BITS will use the default value of 200 for the maximum number of files a job can contain.
+If you disable or don't configure this policy setting, BITS will use the default value of 200 for the maximum number of files a job can contain.
 
 > [!NOTE]
 > BITS Jobs created by services and the local administrator account do not count toward this limit.
@@ -646,7 +646,7 @@ This policy setting limits the number of BITS jobs that can be created for all u
 
 If you enable this policy setting, BITS will limit the maximum number of BITS jobs to the specified number.
 
-If you disable or do not configure this policy setting, BITS will use the default BITS job limit of 300 jobs.
+If you disable or don't configure this policy setting, BITS will use the default BITS job limit of 300 jobs.
 
 > [!NOTE]
 > BITS jobs created by services and the local administrator account do not count toward this limit.
@@ -695,7 +695,7 @@ This policy setting limits the number of BITS jobs that can be created by a user
 
 If you enable this policy setting, BITS will limit the maximum number of BITS jobs a user can create to the specified number.
 
-If you disable or do not configure this policy setting, BITS will use the default user BITS job limit of 300 jobs.
+If you disable or don't configure this policy setting, BITS will use the default user BITS job limit of 300 jobs.
 
 > [!NOTE]
 > This limit must be lower than the setting specified in the "Maximum number of BITS jobs for this computer" policy setting, or 300 if the "Maximum number of BITS jobs for this computer" policy setting is not configured. BITS jobs created by services and the local administrator account do not count toward this limit.
@@ -744,7 +744,7 @@ This policy setting limits the number of ranges that can be added to a file in a
 
 If you enable this policy setting, BITS will limit the maximum number of ranges that can be added to a file to the specified number.
 
-If you disable or do not configure this policy setting, BITS will limit ranges to 500 ranges per file.
+If you disable or don't configure this policy setting, BITS will limit ranges to 500 ranges per file.
 
 > [!NOTE]
 > BITS Jobs created by services and the local administrator account do not count toward this limit.
@@ -766,3 +766,6 @@ ADMX Info:
 
 <!--/Policies-->
 
+## Related topics
+
+[ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-admx-ciphersuiteorder.md b/windows/client-management/mdm/policy-csp-admx-ciphersuiteorder.md
index d5f0761d38..91b1d7c6aa 100644
--- a/windows/client-management/mdm/policy-csp-admx-ciphersuiteorder.md
+++ b/windows/client-management/mdm/policy-csp-admx-ciphersuiteorder.md
@@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_CipherSuiteOrder
-description: Policy CSP - ADMX_CipherSuiteOrder
+description: Learn about the Policy CSP - ADMX_CipherSuiteOrder.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@@ -146,4 +146,8 @@ ADMX Info:
 <hr/>
 
 
-<!--/Policies-->
\ No newline at end of file
+<!--/Policies-->
+
+## Related topics
+
+[ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-admx-com.md b/windows/client-management/mdm/policy-csp-admx-com.md
index 7666143850..45c2e3e28b 100644
--- a/windows/client-management/mdm/policy-csp-admx-com.md
+++ b/windows/client-management/mdm/policy-csp-admx-com.md
@@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_COM
-description: Policy CSP - ADMX_COM
+description: Learn about the Policy CSP - ADMX_COM.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@@ -66,11 +66,11 @@ manager: dansimp
 <!--Description-->
 This policy setting directs the system to search Active Directory for missing Component Object Model (COM) components that a program requires.
 
-Many Windows programs, such as the MMC snap-ins, use the interfaces provided by the COM components. These programs cannot perform all their functions unless Windows has internally registered the required components.
+Many Windows programs, such as the MMC snap-ins, use the interfaces provided by the COM components. These programs can't perform all their functions unless Windows has internally registered the required components.
 
-If you enable this policy setting and a component registration is missing, the system searches for it in Active Directory and, if it is found, downloads it. The resulting searches might make some programs start or run slowly.
+If you enable this policy setting and a component registration is missing, the system searches for it in Active Directory and, if it's found, downloads it. The resulting searches might make some programs start or run slowly.
 
-If you disable or do not configure this policy setting, the program continues without the registration. As a result, the program might not perform all its functions, or it might stop.
+If you disable or don't configure this policy setting, the program continues without the registration. As a result, the program might not perform all its functions, or it might stop.
 
 This setting appears in the Computer Configuration and User Configuration folders. If both settings are configured, the setting in Computer Configuration takes precedence over the setting in User Configuration.
 
@@ -118,11 +118,11 @@ ADMX Info:
 <!--Description-->
 This policy setting directs the system to search Active Directory for missing Component Object Model (COM) components that a program requires.
 
-Many Windows programs, such as the MMC snap-ins, use the interfaces provided by the COM components. These programs cannot perform all their functions unless Windows has internally registered the required components.
+Many Windows programs, such as the MMC snap-ins, use the interfaces provided by the COM components. These programs can't perform all their functions unless Windows has internally registered the required components.
 
-If you enable this policy setting and a component registration is missing, the system searches for it in Active Directory and, if it is found, downloads it. The resulting searches might make some programs start or run slowly.
+If you enable this policy setting and a component registration is missing, the system searches for it in Active Directory and, if it's found, downloads it. The resulting searches might make some programs start or run slowly.
 
-If you disable or do not configure this policy setting, the program continues without the registration. As a result, the program might not perform all its functions, or it might stop.
+If you disable or don't configure this policy setting, the program continues without the registration. As a result, the program might not perform all its functions, or it might stop.
 
 This setting appears in the Computer Configuration and User Configuration folders. If both settings are configured, the setting in Computer Configuration takes precedence over the setting in User Configuration.
 
@@ -141,3 +141,6 @@ ADMX Info:
 
 <!--/Policies-->
 
+## Related topics
+
+[ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-admx-controlpanel.md b/windows/client-management/mdm/policy-csp-admx-controlpanel.md
index 4d63de3739..0ff16b2feb 100644
--- a/windows/client-management/mdm/policy-csp-admx-controlpanel.md
+++ b/windows/client-management/mdm/policy-csp-admx-controlpanel.md
@@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_ControlPanel
-description: Policy CSP - ADMX_ControlPanel
+description: Learn about the Policy CSP - ADMX_ControlPanel.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@@ -82,7 +82,9 @@ To hide a Control Panel item, enable this policy setting and click Show to acces
 If both the "Hide specified Control Panel items" setting and the "Show only specified Control Panel items" setting are enabled, the "Show only specified Control Panel items" setting is ignored.
 
 > [!NOTE]
-> The Display Control Panel item cannot be hidden in the Desktop context menu by using this setting. To hide the Display Control Panel item and prevent users from modifying the computer's display settings use the "Disable Display Control Panel" setting instead.  Note: To hide pages in the System Settings app, use the "Settings Page Visibility" setting under Computer Configuration.
+> The Display Control Panel item cannot be hidden in the Desktop context menu by using this setting. To hide the Display Control Panel item and prevent users from modifying the computer's display settings use the "Disable Display Control Panel" setting instead.  
+>
+>To hide pages in the System Settings app, use the "Settings Page Visibility" setting under Computer Configuration.
 
 <!--/Description-->
 
@@ -130,7 +132,7 @@ If this policy setting is enabled, the Control Panel opens to the icon view.
 
 If this policy setting is disabled, the Control Panel opens to the category view.
 
-If this policy setting is not configured, the Control Panel opens to the view used in the last Control Panel session.
+If this policy setting isn't configured, the Control Panel opens to the view used in the last Control Panel session.
 
 > [!NOTE]
 > Icon size is dependent upon what the user has set it to in the previous session.
@@ -177,7 +179,7 @@ ADMX Info:
 <!--Description-->
 Available in the latest Windows 10 Insider Preview Build. Disables all Control Panel programs and the PC settings app.
 
-This setting prevents Control.exe and SystemSettings.exe, the program files for Control Panel and PC settings, from starting. As a result, users cannot start Control Panel or PC settings, or run any of their items.
+This setting prevents Control.exe and SystemSettings.exe, the program files for Control Panel and PC settings, from starting. As a result, users can't start Control Panel or PC settings, or run any of their items.
 
 This setting removes Control Panel from:
 
@@ -260,4 +262,8 @@ ADMX Info:
 <!--/Policy-->
 <hr/>
 
-<!--/Policies-->
\ No newline at end of file
+<!--/Policies-->
+
+## Related topics
+
+[ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
\ No newline at end of file
diff --git a/windows/client-management/mdm/policy-csp-admx-controlpaneldisplay.md b/windows/client-management/mdm/policy-csp-admx-controlpaneldisplay.md
index 4ffc124899..a55a90e3b1 100644
--- a/windows/client-management/mdm/policy-csp-admx-controlpaneldisplay.md
+++ b/windows/client-management/mdm/policy-csp-admx-controlpaneldisplay.md
@@ -1,6 +1,6 @@
 ---
 title: Policy CSP - ADMX_ControlPanelDisplay
-description: Policy CSP - ADMX_ControlPanelDisplay
+description: Learn about the Policy CSP - ADMX_ControlPanelDisplay.
 ms.author: dansimp
 ms.localizationpriority: medium
 ms.topic: article
@@ -130,9 +130,9 @@ manager: dansimp
 
 <!--/Scope-->
 <!--Description-->
-Disables the Display Control Panel.
+This policy setting disables the Display Control Panel.
 
-If you enable this setting, the Display Control Panel does not run. When users try to start Display, a message appears explaining that a setting prevents the action.
+If you enable this setting, the Display Control Panel doesn't run. When users try to start Display, a message appears explaining that a setting prevents the action.
 
 Also, see the "Prohibit access to the Control Panel" (User Configuration\Administrative Templates\Control Panel) and "Remove programs on Settings menu" (User Configuration\Administrative Templates\Start Menu & Taskbar) settings.
 
@@ -176,7 +176,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Removes the Settings tab from Display in Control Panel.
+This setting removes the Settings tab from Display in Control Panel.
 
 This setting prevents users from using Control Panel to add, configure, or change the display settings on the computer.
 
@@ -222,9 +222,9 @@ ADMX Info:
 <!--Description-->
 This setting forces the theme color scheme to be the default color scheme.
 
-If you enable this setting, a user cannot change the color scheme of the current desktop theme.
+If you enable this setting, a user can't change the color scheme of the current desktop theme.
 
-If you disable or do not configure this setting, a user may change the color scheme of the current desktop theme.
+If you disable or don't configure this setting, a user may change the color scheme of the current desktop theme.
 
 For Windows 7 and later, use the "Prevent changing color and appearance" setting.
 
@@ -269,9 +269,9 @@ ADMX Info:
 <!--Description-->
 This setting disables the theme gallery in the Personalization Control Panel.
 
-If you enable this setting, users cannot change or save a theme. Elements of a theme such as the desktop background, color, sounds, and screen saver can still be changed (unless policies are set to turn them off).
+If you enable this setting, users can't change or save a theme. Elements of a theme such as the desktop background, color, sounds, and screen saver can still be changed (unless policies are set to turn them off).
 
-If you disable or do not configure this setting, there is no effect.
+If you disable or don't configure this setting, there's no effect.
 
 > [!NOTE]
 > If you enable this setting but do not specify a theme using the "load a specific theme" setting, the theme defaults to whatever the user previously set or the system default.
@@ -315,7 +315,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Prevents users or applications from changing the visual style of the windows and buttons displayed on their screens.
+This policy setting prevents users or applications from changing the visual style of the windows and buttons displayed on their screens.
 
 When enabled on Windows XP, this setting disables the "Windows and buttons" drop-down list on the Appearance tab in Display Properties.
 
@@ -360,11 +360,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Enables desktop screen savers.
+This policy setting enables desktop screen savers.
 
-If you disable this setting, screen savers do not run. Also, this setting disables the Screen Saver section of the Screen Saver dialog in the Personalization or Display Control Panel. As a result, users cannot change the screen saver options.
+If you disable this setting, screen savers don't run. Also, this setting disables the Screen Saver section of the Screen Saver dialog in the Personalization or Display Control Panel. As a result, users can't change the screen saver options.
 
-If you do not configure it, this setting has no effect on the system.
+If you don't configure it, this setting has no effect on the system.
 
 If you enable it, a screen saver runs, provided the following two conditions hold: First, a valid screen saver on the client is specified through the "Screen Saver executable name" setting or through Control Panel on the client computer. Second, the screen saver timeout is set to a nonzero value through the setting or Control Panel.
 
@@ -415,9 +415,10 @@ This setting lets you specify the default lock screen and logon image shown when
 
 To use this setting, type the fully qualified path and name of the file that stores the default lock screen and logon image. You can type a local path, such as C:\Windows\Web\Screen\img104.jpg or a UNC path, such as `\\Server\Share\Corp.jpg`.
 
-This can be used in conjunction with the "Prevent changing lock screen and logon image" setting to always force the specified lock screen and logon image to be shown.
+This can be used with the "Prevent changing lock screen and logon image" setting to always force the specified lock screen and logon image to be shown.
 
-Note: This setting only applies to Enterprise, Education, and Server SKUs.
+>[!NOTE]
+> This setting only applies to Enterprise, Education, and Server SKUs.
 
 <!--/Description-->
 
@@ -459,11 +460,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Prevents users from changing the size of the font in the windows and buttons displayed on their screens.
+This setting prevents users from changing the size of the font in the windows and buttons displayed on their screens.
 
 If this setting is enabled, the "Font size" drop-down list on the Appearance tab in Display Properties is disabled. 
 
-If you disable or do not configure this setting, a user may change the font size using the "Font size" drop-down list on the Appearance tab.
+If you disable or don't configure this setting, a user may change the font size using the "Font size" drop-down list on the Appearance tab.
 
 <!--/Description-->
 
@@ -504,11 +505,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Prevents users from changing the background image shown when the machine is locked or when on the logon screen.
+This setting prevents users from changing the background image shown when the machine is locked or when on the logon screen.
 
 By default, users can change the background image shown when the machine is locked or displaying the logon screen.
 
-If you enable this setting, the user will not be able to change their lock screen and logon image, and they will instead see the default image.
+If you enable this setting, the user won't be able to change their lock screen and logon image, and they'll instead see the default image.
 
 <!--/Description-->
 
@@ -549,11 +550,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Prevents users from changing the look of their start menu background, such as its color or accent.
+This setting prevents users from changing the look of their start menu background, such as its color or accent.
 
 By default, users can change the look of their start menu background, such as its color or accent.
 
-If you enable this setting, the user will be assigned the default start menu background and colors and will not be allowed to change them.
+If you enable this setting, the user will be assigned the default start menu background and colors and won't be allowed to change them.
 
 If the "Force a specific background and accent color" policy is also set on a supported version of Windows, then those colors take precedence over this policy.
 
@@ -598,9 +599,9 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Disables the Color (or Window Color) page in the Personalization Control Panel, or the Color Scheme dialog in the Display Control Panel on systems where the Personalization feature is not available.
+This setting disables the Color (or Window Color) page in the Personalization Control Panel, or the Color Scheme dialog in the Display Control Panel on systems where the Personalization feature isn't available.
 
-This setting prevents users from using Control Panel to change the window border and taskbar color (on Windows 8), glass color (on Windows Vista and Windows 7), system colors, or color scheme of the desktop and windows.
+This setting also prevents users from using Control Panel to change the window border and taskbar color (on Windows 8), glass color (on Windows Vista and Windows 7), system colors, or color scheme of the desktop and windows.
 
 If this setting is disabled or not configured, the Color (or Window Color) page or Color Scheme dialog is available in the Personalization or Display Control Panel.
 
@@ -645,7 +646,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Prevents users from adding or changing the background design of the desktop.
+This setting prevents users from adding or changing the background design of the desktop.
 
 By default, users can use the Desktop Background page in the Personalization or Display Control Panel to add a background design (wallpaper) to their desktop.
 
@@ -653,7 +654,8 @@ If you enable this setting, none of the Desktop Background settings can be chang
 
 To specify wallpaper for a group, use the "Desktop Wallpaper" setting.
 
-Note: You must also enable the "Desktop Wallpaper" setting to prevent users from changing the desktop wallpaper. Refer to KB article: Q327998 for more information.
+>[!NOTE]
+>You must also enable the "Desktop Wallpaper" setting to prevent users from changing the desktop wallpaper. Refer to KB article: Q327998 for more information.
 
 Also, see the "Allow only bitmapped wallpaper" setting.
 
@@ -696,7 +698,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Prevents users from changing the desktop icons.
+This setting prevents users from changing the desktop icons.
 
 By default, users can use the Desktop Icon Settings dialog in the Personalization or Display Control Panel to show, hide, or change the desktop icons.
 
@@ -745,9 +747,9 @@ ADMX Info:
 <!--Description-->
 Available in the latest Windows 10 Insider Preview Build. This policy setting controls whether the lock screen appears for users.
 
-If you enable this policy setting, users that are not required to press CTRL + ALT + DEL before signing in will see their selected tile after locking their PC.
+If you enable this policy setting, users that aren't required to press CTRL + ALT + DEL before signing in will see their selected tile after locking their PC.
 
-If you disable or do not configure this policy setting, users that are not required to press CTRL + ALT + DEL before signing in will see a lock screen after locking their PC. They must dismiss the lock screen using touch, the keyboard, or by dragging it with the mouse.
+If you disable or don't configure this policy setting, users that aren't required to press CTRL + ALT + DEL before signing in will see a lock screen after locking their PC. They must dismiss the lock screen using touch, the keyboard, or by dragging it with the mouse.
 
 <!--/Description-->
 
@@ -788,7 +790,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Available in the latest Windows 10 Insider Preview Build. Prevents users from changing the mouse pointers.
+Available in the latest Windows 10 Insider Preview Build. This setting prevents users from changing the mouse pointers.
 
 By default, users can use the Pointers tab in the Mouse Control Panel to add, remove, or change the mouse pointers.
 
@@ -833,9 +835,9 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Prevents the Screen Saver dialog from opening in the Personalization or Display Control Panel.
+This setting prevents the Screen Saver dialog from opening in the Personalization or Display Control Panel.
 
-This setting prevents users from using Control Panel to add, configure, or change the screen saver on the computer. It does not prevent a screen saver from running.
+This setting also prevents users from using Control Panel to add, configure, or change the screen saver on the computer. It doesn't prevent a screen saver from running.
 
 <!--/Description-->
 
@@ -876,7 +878,7 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Prevents users from changing the sound scheme.
+This setting prevents users from changing the sound scheme.
 
 By default, users can use the Sounds tab in the Sound Control Panel to add, remove, or change the system Sound Scheme.
 
@@ -921,11 +923,11 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Forces Windows to use the specified colors for the background and accent. The color values are specified in hex as #RGB.
+This setting forces Windows to use the specified colors for the background and accent. The color values are specified in hex as #RGB.
 
 By default, users can change the background and accent colors.
 
-If this setting is enabled, the background and accent colors of Windows will be set to the specified colors and users cannot change those colors. This setting will not be applied if the specified colors do not meet a contrast ratio of 2:1 with white text.
+If this setting is enabled, the background and accent colors of Windows will be set to the specified colors and users can't change those colors. This setting won't be applied if the specified colors don't meet a contrast ratio of 2:1 with white text.
 
 <!--/Description-->
 
@@ -966,13 +968,13 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Determines whether screen savers used on the computer are password protected.
+This setting determines whether screen savers used on the computer are password protected.
 
-If you enable this setting, all screen savers are password protected. If you disable this setting, password protection cannot be set on any screen saver.
+If you enable this setting, all screen savers are password protected. If you disable this setting, password protection can't be set on any screen saver.
 
 This setting also disables the "Password protected" checkbox on the Screen Saver dialog in the Personalization or Display Control Panel, preventing users from changing the password protection setting.
 
-If you do not configure this setting, users can choose whether or not to set password protection on each screen saver.
+If you don't configure this setting, users can choose whether or not to set password protection on each screen saver.
 
 To ensure that a computer will be password protected, enable the "Enable Screen Saver" setting and specify a timeout via the "Screen Saver timeout" setting.
 
@@ -1020,16 +1022,13 @@ ADMX Info:
 <!--Description-->
 Specifies how much user idle time must elapse before the screen saver is launched.
 
-When configured, this idle time can be set from a minimum of 1 second to a maximum of 86,400 seconds, or 24 hours. If set to zero, the screen saver will not be started.
+When configured, this idle time can be set from a minimum of 1 second to a maximum of 86,400 seconds, or 24 hours. If set to zero, the screen saver won't be started.
 
 This setting has no effect under any of the following circumstances:
 
 - The setting is disabled or not configured.
-
 - The wait time is set to zero.
-
 - The "Enable Screen Saver" setting is disabled.
-
 - Neither the "Screen saver executable name" setting nor the Screen Saver dialog of the client computer's Personalization or Display Control Panel specifies a valid existing screen saver program on the client.
 
 When not configured, whatever wait time is set on the client through the Screen Saver dialog in the Personalization or Display Control Panel is used. The default is 15 minutes.
@@ -1073,15 +1072,15 @@ ADMX Info:
 
 <!--/Scope-->
 <!--Description-->
-Specifies the screen saver for the user's desktop.
+This setting specifies the screen saver for the user's desktop.
 
 If you enable this setting, the system displays the specified screen saver on the user's desktop. Also, this setting disables the drop-down list of screen savers in the Screen Saver dialog in the Personalization or Display Control Panel, which prevents users from changing the screen saver.
 
-If you disable this setting or do not configure it, users can select any screen saver.
+If you disable this setting or don't configure it, users can select any screen saver.
 
-If you enable this setting, type the name of the file that contains the screen saver, including the .scr file name extension. If the screen saver file is not in the %Systemroot%\System32 directory, type the fully qualified path to the file.
+If you enable this setting, type the name of the file that contains the screen saver, including the .scr file name extension. If the screen saver file isn't in the %Systemroot%\System32 directory, type the fully qualified path to the file.
 
-If the specified screen saver is not installed on a computer to which this setting applies, the setting is ignored.
+If the specified screen saver isn't installed on a computer to which this setting applies, the setting is ignored.
 
 > [!NOTE]
 > This setting can be superseded by the "Enable Screen Saver" setting.  If the "Enable Screen Saver" setting is disabled, this setting is ignored, and screen savers do not run.
@@ -1127,7 +1126,7 @@ ADMX Info:
 <!--Description-->
 Available in the latest Windows 10 Insider Preview Build. Specifies which theme file is applied to the computer the first time a user logs on.
 
-If you enable this setting, the theme that you specify will be applied when a new user logs on for the first time.  This policy does not prevent the user from changing the theme or any of the theme elements such as the desktop background, color, sounds, or screen saver after the first logon.
+If you enable this setting, the theme that you specify will be applied when a new user logs on for the first time.  This policy doesn't prevent the user from changing the theme or any of the theme elements such as the desktop background, color, sounds, or screen saver after the first logon.
 
 If you disable or do not configure this setting, the default theme will be applied at the first logon.
 
@@ -1176,7 +1175,7 @@ This can be a local computer visual style (aero.msstyles), or a file located on
 
 If you enable this setting, the visual style file that you specify will be used. Also, a user may not apply a different visual style when changing themes.
 
-If you disable or do not configure this setting, the users can select the visual style that they want to use by changing themes (if the Personalization Control Panel is available).
+If you disable or don't configure this setting, the users can select the visual style that they want to use by changing themes (if the Personalization Control Panel is available).
 
 > [!NOTE]
 > If this setting is enabled and the file is not available at user logon, the default visual style is loaded.
@@ -1228,7 +1227,7 @@ Forces the Start screen to use one of the available backgrounds, 1 through 20, a
 
 If this setting is set to zero or not configured, then Start uses the default background, and users can change it.
 
-If this setting is set to a nonzero value, then Start uses the specified background, and users cannot change it. If the specified background is not supported, the default background is used.
+If this setting is set to a nonzero value, then Start uses the specified background, and users can't change it. If the specified background isn't supported, the default background is used.
 
 <!--/Description-->
 
@@ -1244,4 +1243,8 @@ ADMX Info:
 <hr/>
 
 
-<!--/Policies-->
\ No newline at end of file
+<!--/Policies-->
+
+## Related topics
+
+[ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
\ No newline at end of file

From e4e6b686e22bfd5d95d2ff7de0708c44f83eaae5 Mon Sep 17 00:00:00 2001
From: Siddarth Mandalika <v-smandalika@microsoft.com>
Date: Fri, 22 Apr 2022 18:04:39 +0530
Subject: [PATCH 099/123] Acrolinx enhancement

---
 windows/client-management/mdm/vpnv2-csp.md    | 86 +++++++++----------
 .../mdm/w4-application-csp.md                 |  6 +-
 .../mdm/w7-application-csp.md                 | 26 +++---
 windows/client-management/mdm/wifi-csp.md     | 18 ++--
 .../mdm/win32appinventory-csp.md              |  6 +-
 .../mdm/windows-mdm-enterprise-settings.md    |  6 +-
 .../windowsadvancedthreatprotection-csp.md    |  4 +-
 .../windowsdefenderapplicationguard-csp.md    | 18 ++--
 .../mdm/windowslicensing-csp.md               | 12 +--
 .../client-management/mdm/wirednetwork-csp.md |  6 +-
 10 files changed, 94 insertions(+), 94 deletions(-)

diff --git a/windows/client-management/mdm/vpnv2-csp.md b/windows/client-management/mdm/vpnv2-csp.md
index 4f5fc988ac..07dbd492dc 100644
--- a/windows/client-management/mdm/vpnv2-csp.md
+++ b/windows/client-management/mdm/vpnv2-csp.md
@@ -20,20 +20,20 @@ The VPNv2 configuration service provider allows the mobile device management (MD
 Here are the requirements for this CSP:
 
 - VPN configuration commands must be wrapped in an Atomic block in SyncML.
-- For best results, configure your VPN certificates first before pushing down VPN profiles to devices. If you are using Windows Information Protection (WIP) (formerly known as Enterprise Data Protection), then you should configure VPN first before you configure WIP policies.
+- For best results, configure your VPN certificates first before pushing down VPN profiles to devices. If you're using Windows Information Protection (WIP) (formerly known as Enterprise Data Protection), then you should configure VPN first before you configure WIP policies.
 - Instead of changing individual properties, follow these steps to make any changes:
 
   - Send a Delete command for the ProfileName to delete the entire profile.
   - Send the entire profile again with new values wrapped in an Atomic block.
 
-    In certain conditions you can change some properties directly, but we do not recommend it.
+    In certain conditions you can change some properties directly, but we don't recommend it.
 
 The XSDs for all EAP methods are shipped in the box and can be found at the following locations:
 
 - `C:\Windows\schemas\EAPHost`
 - `C:\Windows\schemas\EAPMethods`
 
-The following shows the VPNv2 configuration service provider in tree format.
+The following example shows the VPNv2 configuration service provider in tree format.
 
 ```
 ./Vendor/MSFT
@@ -332,7 +332,7 @@ Supported operations include Get, Add, and Delete.
 Optional node. List of applications set to trigger the VPN. If any of these apps are launched and the VPN profile is currently the active profile, this VPN profile will be triggered to connect.
 
 <a href="" id="vpnv2-profilename-apptriggerlist-apptriggerrowid"></a>**VPNv2/**<em>ProfileName</em>**/AppTriggerList/**<em>appTriggerRowId</em>  
-A sequential integer identifier that allows the ability to specify multiple apps for App Trigger. Sequencing must start at 0 and you should not skip numbers.
+A sequential integer identifier that allows the ability to specify multiple apps for App Trigger. Sequencing must start at 0 and you shouldn't skip numbers.
 
 Supported operations include Get, Add, Replace, and Delete.
 
@@ -340,35 +340,35 @@ Supported operations include Get, Add, Replace, and Delete.
 App Node under the Row Id.
 
 <a href="" id="vpnv2-profilename-apptriggerlist-apptriggerrowid-app-id"></a>**VPNv2/**<em>ProfileName</em>**/AppTriggerList/**<em>appTriggerRowId</em>**/App/Id**  
-App identity, which is either an app’s package family name or file path. The type is inferred by the Id, and therefore cannot be specified in the get only App/Type field
+App identity, which is either an app’s package family name or file path. The type is inferred by the Id, and therefore can't be specified in the get only App/Type field
 
 <a href="" id="vpnv2-profilename-apptriggerlist-apptriggerrowid-app-type"></a>**VPNv2/**<em>ProfileName</em>**/AppTriggerList/**<em>appTriggerRowId</em>**/App/Type**  
-Returns the type of **App/Id**. This value can be either of the following:
+Returns the type of **App/Id**. This value can be either of the following values:
 
-- PackageFamilyName - When this is returned, the App/Id value represents the PackageFamilyName of the app. The PackageFamilyName is the unique name of the Microsoft Store application.
-- FilePath - When this is returned, the App/Id value represents the full file path of the app. For example, `C:\Windows\System\Notepad.exe`.
+- PackageFamilyName - When this value is returned, the App/Id value represents the PackageFamilyName of the app. The PackageFamilyName is the unique name of the Microsoft Store application.
+- FilePath - When this value is returned, the App/Id value represents the full file path of the app. For example, `C:\Windows\System\Notepad.exe`.
 
 Value type is chr. Supported operation is Get.
 
 <a href="" id="vpnv2-profilename-routelist-"></a>**VPNv2/**<em>ProfileName</em>**/RouteList/**  
-Optional node. List of routes to be added to the routing table for the VPN interface. This is required for split tunneling case where the VPN server site has more subnets that the default subnet based on the IP assigned to the interface.
+Optional node. List of routes to be added to the routing table for the VPN interface. This information is required for split tunneling case where the VPN server site has more subnets that the default subnet based on the IP assigned to the interface.
 
 Every computer that runs TCP/IP makes routing decisions. These decisions are controlled by the IP routing table. Adding values under this node updates the routing table with routes for the VPN interface post connection. The values under this node represent the destination prefix of IP routes. A destination prefix consists of an IP address prefix and a prefix length.
 
-Adding a route here allows the networking stack to identify the traffic that needs to go over the VPN interface for split tunnel VPN. Some VPN servers can configure this during connect negotiation and do not need this information in the VPN Profile. Please check with your VPN server administrator to determine whether you need this information in the VPN profile.
+Adding a route here allows the networking stack to identify the traffic that needs to go over the VPN interface for split tunnel VPN. Some VPN servers can configure this route during connect negotiation and don't need this information in the VPN Profile. Check with your VPN server administrator to determine whether you need this information in the VPN profile.
 
 <a href="" id="vpnv2-profilename-routelist-routerowid"></a>**VPNv2/**<em>ProfileName</em>**/RouteList/**<em>routeRowId</em>  
-A sequential integer identifier for the RouteList. This is required if you are adding routes. Sequencing must start at 0.
+A sequential integer identifier for the RouteList. This value is required if you're adding routes. Sequencing must start at 0.
 
 Supported operations include Get, Add, Replace, and Delete.
 
 <a href="" id="vpnv2-profilename-routelist-routerowid-address"></a>**VPNv2/**<em>ProfileName</em>**/RouteList/**<em>routeRowId</em>**/Address**  
-Subnet address in IPv4/v6 address format which, along with the prefix will be used to determine the destination prefix to send via the VPN Interface. This is the IP address part of the destination prefix.
+Subnet address in IPv4/v6 address format which, along with the prefix, will be used to determine the destination prefix to send via the VPN Interface. This subnet address is the IP address part of the destination prefix.
 
 Supported operations include Get, Add, Replace, and Delete. Value type is chr. Example, `192.168.0.0`
 
 <a href="" id="vpnv2-profilename-routelist-routerowid-prefixsize"></a>**VPNv2/**<em>ProfileName</em>**/RouteList/**<em>routeRowId</em>**/PrefixSize**  
-The subnet prefix size part of the destination prefix for the route entry. This, along with the address will be used to determine the destination prefix to route through the VPN Interface.
+The subnet prefix size part of the destination prefix for the route entry. This subnet prefix, along with the address, will be used to determine the destination prefix to route through the VPN Interface.
 
 Value type is int. Supported operations include Get, Add, Replace, and Delete.
 
@@ -388,7 +388,7 @@ Supported operations include Get, Add, Replace, and Delete.
 <a href="" id="vpnv2-profilename-domainnameinformationlist"></a>**VPNv2/**<em>ProfileName</em>**/DomainNameInformationList**  
 Optional node. Name Resolution Policy Table (NRPT) rules for the VPN profile.
 
-The Name Resolution Policy Table (NRPT) is a table of namespaces and corresponding settings stored in the Windows registry that determines the DNS client behavior when issuing queries and processing responses. Each row in the NRPT represents a rule for a portion of the namespace for which the DNS client issues queries. Before issuing name resolution queries, the DNS client consults the NRPT to determine if any additional flags must be set in the query. After receiving the response, the client again consults the NRPT to check for any special processing or policy requirements. In the absence of the NRPT, the client operates based on the DNS servers and suffixes set on the interface.
+The Name Resolution Policy Table (NRPT) is a table of namespaces and corresponding settings stored in the Windows registry that determines the DNS client behavior when issuing queries and processing responses. Each row in the NRPT represents a rule for a portion of the namespace for which the DNS client issues queries. Before name resolution queries are issued, the DNS client consults the NRPT to determine if any extra flags must be set in the query. After the response is received, the client again consults the NRPT to check for any special processing or policy requirements. In the absence of the NRPT, the client operates based on the DNS servers and suffixes set on the interface.
 
 > [!NOTE]  
 > Only applications using the [Windows DNS API](/windows/win32/dns/dns-reference) can make use of the NRPT and therefore all settings configured within the DomainNameInformationList section. Applications using their own DNS implementation bypass the Windows DNS API. One example of applications not using the Windows DNS API is nslookup, so always use the PowerShell CmdLet [Resolve-DNSName](/powershell/module/dnsclient/resolve-dnsname) to check the functionality of the NRPT.
@@ -407,9 +407,9 @@ Used to indicate the namespace to which the policy applies. When a Name query is
 Value type is chr. Supported operations include Get, Add, Replace, and Delete.
 
 <a href="" id="vpnv2-profilename-domainnameinformationlist-dnirowid-domainnametype"></a>**VPNv2/**<em>ProfileName</em>**/DomainNameInformationList/**<em>dniRowId</em>**/DomainNameType**  
-Returns the namespace type. This value can be one of the following:
+Returns the namespace type. This value can be one of the following values:
 
-- FQDN - If the DomainName was not prepended with a**.** and applies only to the fully qualified domain name (FQDN) of a specified host.
+- FQDN - If the DomainName wasn't prepended with a**.** and applies only to the fully qualified domain name (FQDN) of a specified host.
 - Suffix - If the DomainName was prepended with a**.** and applies to the specified namespace, all records in that namespace, and all subdomains.
 
 Value type is chr. Supported operation is Get.
@@ -420,7 +420,7 @@ List of comma-separated DNS Server IP addresses to use for the namespace.
 Value type is chr. Supported operations include Get, Add, Replace, and Delete.
 
 <a href="" id="vpnv2-profilename-domainnameinformationlist-dnirowid-webproxyservers"></a>**VPNv2/**<em>ProfileName</em>**/DomainNameInformationList/**<em>dniRowId</em>**/WebProxyServers**  
-Optional. Web Proxy Server IP address if you are redirecting traffic through your intranet.
+Optional. Web Proxy Server IP address if you're redirecting traffic through your intranet.
 
 > [!NOTE]  
 > Currently only one web proxy server is supported.  
@@ -430,7 +430,7 @@ Value type is chr. Supported operations include Get, Add, Replace, and Delete.
 <a href="" id="vpnv2-profilename-domainnameinformationlist-dnirowid-autotrigger"></a>**VPNv2/**<em>ProfileName</em>**/DomainNameInformationList/**<em>dniRowId</em>**/AutoTrigger**  
 Added in Windows 10, version 1607. Optional. Boolean to determine whether this domain name rule will trigger the VPN.
 
-If set to False, this DomainName rule will not trigger the VPN.
+If set to False, this DomainName rule won't trigger the VPN.
 
 If set to True, this DomainName rule will trigger the VPN
 
@@ -439,7 +439,7 @@ By default, this value is false.
 Value type is bool.
 
 <a href="" id="vpnv2-profilename-domainnameinformationlist-dnirowid-persistent"></a>**VPNv2/**<em>ProfileName</em>**/DomainNameInformationList/**<em>dniRowId</em>**/Persistent**  
-Added in Windows 10, version 1607. A boolean value that specifies if the rule being added should persist even when the VPN is not connected. Value values:
+Added in Windows 10, version 1607. A boolean value that specifies if the rule being added should persist even when the VPN isn't connected. Value values:
 
 -   False (default) - This DomainName rule will only be applied when VPN is connected.
 -   True - This DomainName rule will always be present and applied.
@@ -452,18 +452,18 @@ An optional node that specifies a list of rules. Only traffic that matches these
 > [!NOTE]
 > Once a TrafficFilterList is added, all traffic are blocked other than the ones matching the rules.
 
-When adding multiple rules, each rule operates based on an OR with the other rules. Within each rule, each property operates based on an AND with each other.
+When multiple rules are being added, each rule operates based on an OR with the other rules. Within each rule, each property operates based on an AND with each other.
 
 <a href="" id="vpnv2-profilename-trafficfilterlist-trafficfilterid"></a>**VPNv2/**<em>ProfileName</em>**/TrafficFilterList/**<em>trafficFilterId</em>  
 A sequential integer identifier for the Traffic Filter rules. Sequencing must start at 0.
 
 <a href="" id="vpnv2-profilename-trafficfilterlist-trafficfilterid-app"></a>**VPNv2/**<em>ProfileName</em>**/TrafficFilterList/**<em>trafficFilterId</em>**/App**  
-Per app VPN rule. This will allow only the apps specified to be allowed over the VPN interface. Value type is chr.
+Per app VPN rule. This property will allow only the apps specified to be allowed over the VPN interface. Value type is chr.
 
 <a href="" id="vpnv2-profilename-trafficfilterlist-trafficfilterid-app-id"></a>**VPNv2/**<em>ProfileName</em>**/TrafficFilterList/**<em>trafficFilterId</em>**/App/Id**  
 App identity for the app-based traffic filter.
 
-The value for this node can be one of the following:
+The value for this node can be one of the following values:
 
 - PackageFamilyName - This App/Id value represents the PackageFamilyName of the app. The PackageFamilyName is the unique name of a Microsoft Store application.
 - FilePath - This App/Id value represents the full file path of the app. For example, `C:\Windows\System\Notepad.exe`.
@@ -511,17 +511,17 @@ A list of comma-separated values specifying remote IP address ranges to allow.
 Value type is chr. Supported operations include Get, Add, Replace, and Delete.
 
 <a href="" id="vpnv2-profilename-trafficfilterlist-trafficfilterid-routingpolicytype"></a>**VPNv2/**<em>ProfileName</em>**/TrafficFilterList/**<em>trafficFilterId</em>**/RoutingPolicyType**  
-Specifies the routing policy if an App or Claims type is used in the traffic filter. The scope of this property is for this traffic filter rule alone. The value can be one of the following:
+Specifies the routing policy if an App or Claims type is used in the traffic filter. The scope of this property is for this traffic filter rule alone. The value can be one of the following values:
 
 - SplitTunnel - For this traffic filter rule, only the traffic meant for the VPN interface (as determined by the networking stack) goes over the interface. Internet traffic can continue to go over the other interfaces.
 - ForceTunnel - For this traffic rule all IP traffic must go through the VPN Interface only.
 
-This is only applicable for App ID-based Traffic Filter rules.
+This property is only applicable for App ID-based Traffic Filter rules.
 
 Value type is chr. Supported operations include Get, Add, Replace, and Delete.
 
 <a href="" id="vpnv2-profilename-trafficfilterlist-trafficfilterid-direction"></a>**VPNv2/**<em>ProfileName</em>**/TrafficFilterList/**<em>trafficFilterId</em>**/Direction**  
-Added in Windows 10, version 2004. Specifies the traffic direction to apply this policy to. Default is Outbound. The value can be one of the following:
+Added in Windows 10, version 2004. Specifies the traffic direction to apply this policy to. Default is Outbound. The value can be one of the following values:
 
 - Outbound - The rule applies to all outbound traffic
 - Inbound - The rule applies to all inbound traffic
@@ -531,27 +531,27 @@ If no inbound filter is provided, then by default all unsolicited inbound traffi
 Value type is chr. Supported operations include Get, Add, Replace, and Delete.
 
 <a href="" id="vpnv2-profilename-edpmodeid"></a>**VPNv2/**<em>ProfileName</em>**/EdpModeId**  
-Enterprise ID, which is required for connecting this VPN profile with a WIP policy. When this is set, the networking stack looks for this Enterprise ID in the app token to determine if the traffic is allowed to go over the VPN. If the profile is active, it also automatically triggers the VPN to connect. We recommend having only one such profile per device.
+Enterprise ID, which is required for connecting this VPN profile with a WIP policy. When this ID is set, the networking stack looks for this Enterprise ID in the app token to determine if the traffic is allowed to go over the VPN. If the profile is active, it also automatically triggers the VPN to connect. We recommend having only one such profile per device.
 
-Additionally when connecting with Windows Information Protection (WIP)(formerly known as Enterprise Data Protection), the admin does not have to specify AppTriggerList and TrafficFilterList rules separately in this profile (unless more advanced config is needed) because the WIP policies and App lists automatically takes effect.
+Additionally when a connection is being established with Windows Information Protection (WIP)(formerly known as Enterprise Data Protection), the admin doesn't have to specify AppTriggerList and TrafficFilterList rules separately in this profile (unless more advanced config is needed) because the WIP policies and App lists automatically takes effect.
 
 Value type is chr. Supported operations include Get, Add, Replace, and Delete.
 
 <a href="" id="vpnv2-profilename-remembercredentials"></a>**VPNv2/**<em>ProfileName</em>**/RememberCredentials**  
-Boolean value (true or false) for caching credentials. Default is false, which means do not cache credentials. If set to true, credentials are cached whenever possible.
+Boolean value (true or false) for caching credentials. Default is false, which means don't cache credentials. If set to true, credentials are cached whenever possible.
 
 Supported operations include Get, Add, Replace, and Delete.
 
 <a href="" id="vpnv2-profilename-alwayson"></a>**VPNv2/**<em>ProfileName</em>**/AlwaysOn**  
-An optional flag to enable Always On mode. This will automatically connect the VPN at sign-in and will stay connected until the user manually disconnects.
+An optional flag to enable Always On mode. This flag will automatically connect the VPN at sign in and will stay connected until the user manually disconnects.
 
 > [!NOTE]
 > Always On only works for the active profile. The first profile provisioned that can be auto triggered will automatically be set as active.
 
 Preserving user Always On preference
 
-Windows has a feature to preserve a user’s AlwaysOn preference.  In the event that a user manually unchecks the “Connect    automatically” checkbox, Windows will remember this user preference for this profile name by adding the profile name to the value AutoTriggerDisabledProfilesList.  
-Should a management tool remove/add the same profile name back and set AlwaysOn to true, Windows will not check the box if the profile name exists in the below registry value in order to preserve user preference.
+Windows has a feature to preserve a user’s AlwaysOn preference.  If a user manually unchecks the “Connect automatically” checkbox, Windows will remember this user preference for this profile name by adding the profile name to the value AutoTriggerDisabledProfilesList.  
+Should a management tool remove/add the same profile name back and set AlwaysOn to true, Windows won't check the box if the profile name exists in the below registry value in order to preserve user preference.
 Key: `HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan\Config`
 Value: AutoTriggerDisabledProfilesList
 Type: REG_MULTI_SZ
@@ -569,13 +569,13 @@ Device tunnel profile.
 
 Valid values:
 
-- False (default) - this is not a device tunnel profile.
-- True - this is a device tunnel profile.
+- False (default) - this profile isn't a device tunnel profile.
+- True - this profile is a device tunnel profile.
 
 When the DeviceTunnel profile is turned on, it does the following things:
 
 - First, it automatically becomes an "always on" profile.
-- Second, it does not require the presence or logging in of any user to the machine in order for it to connect.
+- Second, it doesn't require the presence or logging in of any user to the machine in order for it to connect.
 - Third, no other device tunnel profile maybe is present on the same machine.-
 
 A device tunnel profile must be deleted before another device tunnel profile can be added, removed, or connected.
@@ -587,7 +587,7 @@ Allows registration of the connection's address in DNS.
 
 Valid values:
 
-- False = Do not register the connection's address in DNS (default).
+- False = Don't register the connection's address in DNS (default).
 - True = Register the connection's addresses in DNS.
 
 <a href="" id="vpnv2-profilename-dnssuffix"></a>**VPNv2/**<em>ProfileName</em>**/DnsSuffix**  
@@ -599,7 +599,7 @@ Value type is chr. Supported operations include Get, Add, Replace, and Delete.
 Reserved for future use.
 
 <a href="" id="vpnv2-profilename-trustednetworkdetection"></a>**VPNv2/**<em>ProfileName</em>**/TrustedNetworkDetection**  
-Optional. Comma-separated string to identify the trusted network. VPN will not connect automatically when the user is on their corporate wireless network where protected resources are directly accessible to the device.
+Optional. Comma-separated string to identify the trusted network. VPN won't connect automatically when the user is on their corporate wireless network where protected resources are directly accessible to the device.
 
 Value type is chr. Supported operations include Get, Add, Replace, and Delete.
 
@@ -657,7 +657,7 @@ Added in Windows 10, version 1607. Enables the Device Compliance flow from the
 Value type is bool. Supported operations include Get, Add, Replace, and Delete.
 
 <a href="" id="vpnv2-profilename-devicecompliance-sso"></a>**VPNv2/**<em>ProfileName</em>**/DeviceCompliance/Sso**  
-Added in Windows 10, version 1607. Nodes under SSO can be used to choose a certificate different from the VPN Authentication cert for the Kerberos Authentication in the case of Device Compliance.
+Added in Windows 10, version 1607. Nodes under SSO can be used to choose a certificate different from the VPN Authentication cert for the Kerberos Authentication if there's Device Compliance.
 
 <a href="" id="vpnv2-profilename-devicecompliance-sso-enabled"></a>**VPNv2/**<em>ProfileName</em>**/DeviceCompliance/Sso/Enabled**  
 Added in Windows 10, version 1607. If this field is set to True, the VPN Client will look for a separate certificate for Kerberos Authentication.
@@ -683,7 +683,7 @@ Required for plug-in profiles. Semicolon-separated list of servers in URL, hostn
 Value type is chr. Supported operations include Get, Add, Replace, and Delete.
 
 <a href="" id="vpnv2-profilename-pluginprofile-customconfiguration"></a>**VPNv2/**<em>ProfileName</em>**/PluginProfile/CustomConfiguration**  
-Optional. This is an HTML encoded XML blob for SSL-VPN plug-in specific configuration including authentication information that is deployed to the device to make it available for SSL-VPN plug-ins. Contact the plugin provider for format and other details. Most plugins can also configure values based on the server negotiations as well as defaults.
+Optional. This property is an HTML encoded XML blob for SSL-VPN plug-in specific configuration including authentication information that is deployed to the device to make it available for SSL-VPN plug-ins. Contact the plugin provider for format and other details. Most plugins can also configure values based on the server negotiations and defaults.
 
 Value type is chr. Supported operations include Get, Add, Replace, and Delete.
 
@@ -708,7 +708,7 @@ You can make a list of server by making a list of server names (with optional fr
 Value type is chr. Supported operations include Get, Add, Replace, and Delete.
 
 <a href="" id="vpnv2-profilename-nativeprofile-routingpolicytype"></a>**VPNv2/**<em>ProfileName</em>**/NativeProfile/RoutingPolicyType**  
-Optional for native profiles. Type of routing policy. This value can be one of the following:
+Optional for native profiles. Type of routing policy. This value can be one of the following values:
 
 - SplitTunnel - Traffic can go over any interface as determined by the networking stack.
 - ForceTunnel - All IP traffic must go over the VPN interface.
@@ -716,7 +716,7 @@ Optional for native profiles. Type of routing policy. This value can be one of t
 Value type is chr. Supported operations include Get, Add, Replace, and Delete.
 
 <a href="" id="vpnv2-profilename-nativeprofile-nativeprotocoltype"></a>**VPNv2/**<em>ProfileName</em>**/NativeProfile/NativeProtocolType**  
-Required for native profiles. Type of tunneling protocol used. This value can be one of the following:
+Required for native profiles. Type of tunneling protocol used. This value can be one of the following values:
 
 - PPTP
 - L2TP
@@ -726,7 +726,7 @@ Required for native profiles. Type of tunneling protocol used. This value can be
 Value type is chr. Supported operations include Get, Add, Replace, and Delete.
 
 > [!NOTE]
-> The **Automatic** option means that the device will try each of the built-in tunneling protocols until one succeeds. It will attempt protocols in following order: SSTP, IKEv2, PPTP and then L2TP. This order is not customizable. 
+> The **Automatic** option means that the device will try each of the built-in tunneling protocols until one succeeds. It will attempt protocols in following order: SSTP, IKEv2, PPTP and then L2TP. This order isn't customizable. 
 
 <a href="" id="vpnv2-profilename-nativeprofile-authentication"></a>**VPNv2/**<em>ProfileName</em>**/NativeProfile/Authentication**  
 Required node for native profile. It contains authentication information for the native VPN profile.
@@ -735,14 +735,14 @@ Required node for native profile. It contains authentication information for the
 This value can be one of the following:
 
 -   EAP
--   MSChapv2 (This is not supported for IKEv2)
+-   MSChapv2 (This method isn't supported for IKEv2)
 
 Value type is chr. Supported operations include Get, Add, Replace, and Delete.
 
 <a href="" id="vpnv2-profilename-nativeprofile-authentication-machinemethod"></a>**VPNv2/**<em>ProfileName</em>**/NativeProfile/Authentication/MachineMethod**  
 This is only supported in IKEv2.
 
-This value can be one of the following:
+This value can be one of the following values:
 
 -   Certificate
 
diff --git a/windows/client-management/mdm/w4-application-csp.md b/windows/client-management/mdm/w4-application-csp.md
index 026dcfb003..fca8b3674b 100644
--- a/windows/client-management/mdm/w4-application-csp.md
+++ b/windows/client-management/mdm/w4-application-csp.md
@@ -54,12 +54,12 @@ If no value is specified, the registry location will default to `<unnamed>`.
 If `Name` is greater than 40 characters, it will be truncated to 40 characters.
 
 <a href="" id="to-proxy"></a>**TO-PROXY**
-Required. Specifies one logical proxy with a matching PROXY-ID. It is only possible to refer to proxies defined within the same provisioning file. Only one proxy can be listed.
+Required. Specifies one logical proxy with a matching PROXY-ID. It's only possible to refer to proxies defined within the same provisioning file. Only one proxy can be listed.
 
 The TO-PROXY value must be set to the value of the PROXY ID in PXLOGICAL that defines the MMS specific-proxy.
 
 <a href="" id="to-napid"></a>**TO-NAPID**
-Required. Specifies the network access point identification name (NAPID) defined in the provisioning file. This parameter takes a string value. It is only possible to refer to network access points defined within the same provisioning file (except if the INTERNET attribute is set in the NAPDEF characteristic). For more information about the NAPDEF characteristic, see [NAPDEF configuration service provider](napdef-csp.md).
+Required. Specifies the network access point identification name (NAPID) defined in the provisioning file. This parameter takes a string value. It's only possible to refer to network access points defined within the same provisioning file (except if the INTERNET attribute is set in the NAPDEF characteristic). For more information about the NAPDEF characteristic, see [NAPDEF configuration service provider](napdef-csp.md).
 
 <a href="" id="addr"></a>**ADDR**
 Required. Specifies the address of the MMS application server, as a string. The possible values to configure the ADDR parameter are:
@@ -71,7 +71,7 @@ Required. Specifies the address of the MMS application server, as a string. The
 -   A fully qualified Internet domain name
 
 <a href="" id="ms"></a>**MS**
-Optional. The maximum authorized size, in KB, for multimedia content. This parameter takes a numeric value in string format. If the value is not a number, or is less than or equal to 10, it will be ignored and outgoing MMS will not be resized.
+Optional. The maximum authorized size, in KB, for multimedia content. This parameter takes a numeric value in string format. If the value isn't a number, or is less than or equal to 10, it will be ignored and outgoing MMS won't be resized.
 
 ## Related topics
 
diff --git a/windows/client-management/mdm/w7-application-csp.md b/windows/client-management/mdm/w7-application-csp.md
index c69b5612ca..139c2e3cfd 100644
--- a/windows/client-management/mdm/w7-application-csp.md
+++ b/windows/client-management/mdm/w7-application-csp.md
@@ -15,7 +15,7 @@ ms.date: 06/26/2017
 # w7 APPLICATION CSP
 
 
-The APPLICATION configuration service provider that has an APPID of w7 is used for bootstrapping a device with an OMA DM account. Although this configuration service provider is used to set up an OMA DM account, it is managed over OMA Client Provisioning.
+The APPLICATION configuration service provider that has an APPID of w7 is used for bootstrapping a device with an OMA DM account. Although this configuration service provider is used to set up an OMA DM account, it's managed over OMA Client Provisioning.
 
 > **Note**  This configuration service provider requires the ID\_CAP\_CSP\_FOUNDATION and ID\_CAP\_DEVICE\_MANAGEMENT\_ADMIN capabilities to be accessed from a network configuration application.
 
@@ -77,7 +77,7 @@ Required. The PORTNBR parameter is used in the PORT characteristic to get or set
 This characteristic is used in the w7 APPLICATION characteristic to specify authentication information.
 
 <a href="" id="appauth-aauthdata"></a>**APPAUTH/AAUTHDATA**  
-Optional. The AAUTHDATA parameter is used in the APPAUTH characteristic to get or set additional data used in authentication. This parameter is used to convey the nonce for digest authentication type. This parameter takes a string value. The value of this parameter is a base64-encoded in the form of a series of bytes. Note that if the AAUTHTYPE is DIGEST, this is used as a nonce value in the MD5 hash calculation, and the octal form of the binary data should be used when calculating the hash at the server side and device side.
+Optional. The AAUTHDATA parameter is used in the APPAUTH characteristic to get or set more data used in authentication. This parameter is used to convey the nonce for digest authentication type. This parameter takes a string value. The value of this parameter is a base64-encoded in the form of a series of bytes. If the AAUTHTYPE is DIGEST, this value is used as a nonce value in the MD5 hash calculation, and the octal form of the binary data should be used when calculating the hash at the server side and device side.
 
 <a href="" id="appauth-aauthlevel"></a>**APPAUTH/AAUTHLEVEL**  
 Required. The AAUTHLEVEL parameter is used in the APPAUTH characteristic to indicate whether credentials are for server authentication or client authentication. This parameter takes a string value. You can set this value.
@@ -111,7 +111,7 @@ Required. The APPID parameter is used in the APPLICATION characteristic to diffe
 <a href="" id="backcompatretrydisabled"></a>**BACKCOMPATRETRYDISABLED**  
 Optional. The BACKCOMPATRETRYDISABLED parameter is used in the APPLICATION characteristic to specify whether to retry resending a package with an older protocol version (for example, 1.1) in the SyncHdr (not including the first time).
 
-> **Note**   This parameter does not contain a value. The existence of this parameter means backward compatibility retry is disabled. If the parameter is missing, it means backward compatibility retry is enabled.
+> **Note**   This parameter doesn't contain a value. The existence of this parameter means backward compatibility retry is disabled. If the parameter is missing, it means backward compatibility retry is enabled.
 
  
 
@@ -130,8 +130,8 @@ The valid values are:
 <a href="" id="init"></a>**INIT**  
 Optional. The INIT parameter is used in the APPLICATION characteristic to indicate that the management server wants the client to initiate a management session immediately after settings approval. If the current w7 APPLICATION document will be put in ROM, the INIT parameter must not be present.
 
-> **Note**   This node is only for mobile operators and MDM servers that try to use this will fail. This node is not supported in the enterprise MDM enrollment scenario.
-This parameter forces the device to attempt to connect with the OMA DM server. The connection attempt fails if the XML is set during the coldinit phase. A common cause of this failure is that immediately after coldinit is finished the radio is not yet ready.
+> **Note**   This node is only for mobile operators and MDM servers that try to use this will fail. This node isn't supported in the enterprise MDM enrollment scenario.
+This parameter forces the device to attempt to connect with the OMA DM server. The connection attempt fails if the XML is set during the coldinit phase. A common cause of this failure is that immediately after coldinit is finished the radio isn't yet ready.
 
  
 
@@ -147,7 +147,7 @@ Optional. The NAME parameter is used in the APPLICATION characteristic to specif
 The NAME parameter can be a string or null (no value). If no value is specified, the registry location will default to &lt;unnamed&gt;.
 
 <a href="" id="protover"></a>**PROTOVER**  
-Optional. The PROTOVER parameter is used in the APPLICATION characteristic to specify the OMA DM Protocol version the server supports. No default value is assumed. The protocol version set by this node will match the protocol version that the DM client reports to the server in SyncHdr in package 1. If this node is not specified when adding a DM server account, the latest DM protocol version that the client supports is used. In Windows Phone this is 1.2. This is a Microsoft custom parameter. You can set this parameter.
+Optional. The PROTOVER parameter is used in the APPLICATION characteristic to specify the OMA DM Protocol version the server supports. No default value is assumed. The protocol version set by this node will match the protocol version that the DM client reports to the server in SyncHdr in package 1. If this node isn't specified when adding a DM server account, the latest DM protocol version that the client supports is used. In Windows Phone, this version is 1.2. This parameter is a Microsoft custom parameter. You can set this parameter.
 
 Possible values:
 
@@ -159,32 +159,32 @@ Possible values:
 Optional. The PROVIDER-ID parameter is used in the APPLICATION characteristic to differentiate OMA DM servers. It specifies the server identifier for a management server used in the current management session. This parameter takes a string value. You can set this parameter.
 
 <a href="" id="role"></a>**ROLE**  
-Optional. The ROLE parameter is used in the APPLICATION characteristic to specify the security application chamber that the DM session should run with when communicating with the DM server. The only supported roles are 8 (mobile operator) and 32 (enterprise). If this parameter is not present, the mobile operator role is assumed. The enterprise role can only be set by the enterprise enrollment client. The enterprise client cannot set the mobile operator role. This is a Microsoft custom parameter. This parameter takes a numeric value in string format. You can get or set this parameter.
+Optional. The ROLE parameter is used in the APPLICATION characteristic to specify the security application chamber that the DM session should run with when communicating with the DM server. The only supported roles are 8 (mobile operator) and 32 (enterprise). If this parameter isn't present, the mobile operator role is assumed. The enterprise role can only be set by the enterprise enrollment client. The enterprise client can't set the mobile operator role. This parameter is a Microsoft custom parameter. This parameter takes a numeric value in string format. You can get or set this parameter.
 
 <a href="" id="to-napid"></a>**TO-NAPID**  
 Optional. The TO-NAPID parameter is used in the APPLICATION characteristic to specify the Network Access Point the client will use to connect to the OMA DM server. If multiple TO-NAPID parameters are specified, only the first TO-NAPID value will be stored. This parameter takes a string value. You can set this parameter.
 
 <a href="" id="usehwdevid"></a>**USEHWDEVID**  
-Optional. The USEHWDEVID parameter is used in the APPLICATION characteristic to specify use of device hardware identification. It does not have a value.
+Optional. The USEHWDEVID parameter is used in the APPLICATION characteristic to specify use of device hardware identification. It doesn't have a value.
 
--   If the parameter is not present, the default behavior is to use an application-specific GUID used rather than the hardware device ID.
+-   If the parameter isn't present, the default behavior is to use an application-specific GUID used rather than the hardware device ID.
 
 -   If the parameter is present, the hardware device ID will be provided at the **./DevInfo/DevID** node and in the Source LocURI for the DM package sent to the server. International Mobile Subscriber Identity (IMEI) is returned for a GSM device.
 
 <a href="" id="sslclientcertsearchcriteria"></a>**SSLCLIENTCERTSEARCHCRITERIA**  
-Optional. The SSLCLIENTCERTSEARCHCRITERIA parameter is used in the APPLICATION characteristic to specify the client certificate search criteria. This parameter supports search by subject attribute and certificate stores. If any other criteria are provided, it is ignored.
+Optional. The SSLCLIENTCERTSEARCHCRITERIA parameter is used in the APPLICATION characteristic to specify the client certificate search criteria. This parameter supports search by subject attribute and certificate stores. If any other criteria are provided, it's ignored.
 
 The string is a concatenation of name/value pairs, each member of the pair delimited by the "&" character. The name and values are delimited by the "=" character. If there are multiple values, each value is delimited by the Unicode character "U+F000". If the name or value contains characters not in the UNRESERVED set (as specified in RFC2396), then those characters are URI-escaped per the RFC.
 
-The supported names are Subject and Stores; wildcard certificate search is not supported.
+The supported names are Subject and Stores; wildcard certificate search isn't supported.
 
-Stores specifies which certificate stores the DM client will search to find the SSL client certificate. The valid store value is My%5CUser. The store name is not case sensitive.
+Stores specifies which certificate stores the DM client will search to find the SSL client certificate. The valid store value is My%5CUser. The store name isn't case sensitive.
 
 > **Note**   %EF%80%80 is the UTF8-encoded character U+F000.
 
  
 
-Subject specifies the certificate to search for. For example, to specify that you want a certificate with a particular Subject attribute (“CN=Tester,O=Microsoft”), use the following:
+Subject specifies the certificate to search for. For example, to specify that you want a certificate with a particular Subject attribute (“CN=Tester,O=Microsoft”), use the following syntax:
 
 ```xml
 <parm name="SSLCLIENTCERTSEARCHCRITERIA" 
diff --git a/windows/client-management/mdm/wifi-csp.md b/windows/client-management/mdm/wifi-csp.md
index fecd686326..c88fc017ab 100644
--- a/windows/client-management/mdm/wifi-csp.md
+++ b/windows/client-management/mdm/wifi-csp.md
@@ -17,18 +17,18 @@ ms.date: 06/18/2019
 > [!WARNING]
 > Some information relates to pre-released products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
 
-The WiFi configuration service provider provides the functionality to add or delete Wi-Fi networks on a Windows device. The configuration service provider accepts SyncML input and converts it to a network profile that is installed on the device. This profile enables the device to connect to the Wi-Fi network when it is in range.
+The WiFi configuration service provider provides the functionality to add or delete Wi-Fi networks on a Windows device. The configuration service provider accepts SyncML input and converts it to a network profile that is installed on the device. This profile enables the device to connect to the Wi-Fi network when it's in range.
 
 Programming considerations:
 
--   If the authentication method needs a certificate, for example, EAP-TLS requires client certificates, you must configure it through the CertificateStore configuration service provider. The WiFi configuration service provider does not provide that functionality; instead, the Wi-Fi profile can specify characteristics of the certificate to be used for choosing the right certificate for that network. The server must successfully enroll the certificate first before deploying the Wi-Fi network configuration. For example, for an EAP-TLS profile, the server must successfully configure and enroll the required client certificate before deploying the Wi-Fi profile. Self-signed certificate works for EAP-TLS/PEAP-MSCHAPv2, but it is not supported in EAP-TLS.
--   For WEP, WPA, and WPA2-based networks, include the passkey in the network configuration in plaintext. The passkey is encrypted automatically when it is stored on the device.
--   The SSID of the Wi-Fi network part of the LocURI node must be a valid URI based on RFC 2396. This requires that all non-ASCII characters must be escaped using a %-character. Unicode characters without the necessary escaping are not supported.
+-   If the authentication method needs a certificate, for example, EAP-TLS requires client certificates, you must configure it through the CertificateStore configuration service provider. The WiFi configuration service provider doesn't provide that functionality; instead, the Wi-Fi profile can specify characteristics of the certificate to be used for choosing the right certificate for that network. The server must successfully enroll the certificate first before deploying the Wi-Fi network configuration. For example, for an EAP-TLS profile, the server must successfully configure and enroll the required client certificate before deploying the Wi-Fi profile. Self-signed certificate works for EAP-TLS/PEAP-MSCHAPv2, but it isn't supported in EAP-TLS.
+-   For WEP, WPA, and WPA2-based networks, include the passkey in the network configuration in plaintext. The passkey is encrypted automatically when it's stored on the device.
+-   The SSID of the Wi-Fi network part of the LocURI node must be a valid URI based on RFC 2396. This condition requires that all non-ASCII characters must be escaped using a %-character. Unicode characters without the necessary escaping aren't supported.
 -   The \<name>*name\_goes\_here*\</name>\<SSIDConfig> must match \<SSID>\<name> *name\_goes\_here*\</name>\</SSID>.
--   For the WiFi CSP, you cannot use the Replace command unless the node already exists.
+-   For the WiFi CSP, you can't use the Replace command unless the node already exists.
 -   Using Proxyis in Windows 10 client editions (Home, Pro, Enterprise, and Education) will result in failure.
 
-The following shows the WiFi configuration service provider in tree format.
+The following example shows the WiFi configuration service provider in tree format.
 
 ```console
 ./Device/Vendor/MSFT
@@ -48,14 +48,14 @@ The following list shows the characteristics and parameters.
 For user profile, use ./User/Vendor/MSFT/Wifi path and for device profile, use ./Device/Vendor/MSFT/Wifi path.
 
 <a href="" id="profile"></a>**Profile**
-Identifies the Wi-Fi network configuration. Each Wi-Fi network configuration is represented by a profile object. This network profile includes all the information required for the device to connect to that network – for example, the SSID, authentication and encryption methods and passphrase in case of WEP or WPA2 networks.
+Identifies the Wi-Fi network configuration. Each Wi-Fi network configuration is represented by a profile object. This network profile includes all the information required for the device to connect to that network – for example, the SSID, authentication and encryption methods and passphrase if there's WEP or WPA2 networks.
 
 Supported operation is Get.
 
 <a href="" id="-ssid-"></a>**<em>\<SSID></em>**
 Specifies the name of the Wi-Fi network (32 bytes maximum) to create, configure, query, or delete. The name is case sensitive and can be represented in ASCII. The SSID is added when the WlanXML node is added. When the SSID node is deleted, then all the subnodes are also deleted.
 
-SSID is the name of network you are connecting to, while Profile name is the name of the Profile which contains the WiFi settings information. If the Profile name is not set right in the MDM SyncML, as per the information in the WiFi settings XML, it could lead to some unexpected errors. For example, \<LocURI>./Vendor/MSFT/WiFi/Profile/<*MUST BE NAME OF PROFILE AS PER WIFI XML*>/WlanXml\</LocURI>.
+SSID is the name of network you're connecting to, while Profile name is the name of the Profile that contains the WiFi settings information. If the Profile name isn't set right in the MDM SyncML, as per the information in the WiFi settings XML, it could lead to some unexpected errors. For example, \<LocURI>./Vendor/MSFT/WiFi/Profile/<*MUST BE NAME OF PROFILE AS PER WIFI XML*>/WlanXml\</LocURI>.
 
 The supported operations are Add, Get, Delete, and Replace.
 
@@ -88,7 +88,7 @@ The format is *host:port*, where host can be one of the following:
 -   IPV4 address
 -   IPv6/IPvFuture address.
 
-If it is an IPvFuture address, then it must be specified as an IP literal as "\[" (IP v6 address / IPvFuture ) "\]", such as "\[2441:4880:28:3:204:76ff:f43f:6eb\]:8080".
+If it's an IPvFuture address, then it must be specified as an IP literal as "\[" (IP v6 address / IPvFuture ) "\]", such as "\[2441:4880:28:3:204:76ff:f43f:6eb\]:8080".
 
 Supported operations are Get, Add, Delete, and Replace.
 -->
diff --git a/windows/client-management/mdm/win32appinventory-csp.md b/windows/client-management/mdm/win32appinventory-csp.md
index 428ed3f3cf..a537048478 100644
--- a/windows/client-management/mdm/win32appinventory-csp.md
+++ b/windows/client-management/mdm/win32appinventory-csp.md
@@ -17,7 +17,7 @@ ms.date: 06/26/2017
 
 The Win32AppInventory configuration service provider is used to provide an inventory of installed applications on a device.
 
-The following shows the Win32AppInventory configuration service provider management objects in tree format as used by Open Mobile Alliance Device Management (OMA DM), OMA Client Provisioning, and Enterprise DM.
+The following example shows the Win32AppInventory configuration service provider management objects in tree format as used by Open Mobile Alliance Device Management (OMA DM), OMA Client Provisioning, and Enterprise DM.
 
 ```
 ./Vendor/MSFT/Win32AppInventory
@@ -69,9 +69,9 @@ The supported operation is Get.
 <a href="" id="win32installedprogram-installedprogram-regkey"></a>**Win32InstalledProgram/_InstalledProgram_/RegKey**
 A string that specifies product code or registry subkey.
 
-For MSI-based applications this is the product code.
+For MSI-based applications, this string is the product code.
 
-For applications found in Add/Remove Programs, this is the registry subkey.
+For applications found in Add/Remove Programs, this string is the registry subkey.
 
 The supported operation is Get.
 
diff --git a/windows/client-management/mdm/windows-mdm-enterprise-settings.md b/windows/client-management/mdm/windows-mdm-enterprise-settings.md
index 579d50e4c2..ccd2424347 100644
--- a/windows/client-management/mdm/windows-mdm-enterprise-settings.md
+++ b/windows/client-management/mdm/windows-mdm-enterprise-settings.md
@@ -36,12 +36,12 @@ To facilitate security-enhanced communication with the remote server for enterpr
 
 The DM client configuration, company policy enforcement, business application management, and device inventory are all exposed or expressed via configuration service providers (CSPs). CSPs are the Windows term for managed objects. The DM client communicates with the server and sends configuration request to CSPs. The server only needs to know the logical local URIs defined by those CSP nodes in order to use the DM protocol XML to manage the device.
 
-Here is a summary of the DM tasks supported for enterprise management:
+Here's a summary of the DM tasks supported for enterprise management:
 
 -   Company policy management: Company policies are supported via the Policy CSP allows the enterprise to manage various settings. It enables the management service to configure device lock related policies, disable/enable the storage card, and query the device encryption status. The RemoteWipe CSP allows IT pros to remotely fully wipe the internal user data storage.
--   Enterprise application management: This is addressed via the Enterprise ModernApp Management CSP and several ApplicationManagement-related policies. It is used to install the enterprise token, query installed business application names and versions, etc. This CSP is only accessible by the enterprise service.
+-   Enterprise application management: This task is addressed via the Enterprise ModernApp Management CSP and several ApplicationManagement-related policies. It's used to install the enterprise token, query installed business application names and versions, etc. This CSP is only accessible by the enterprise service.
 -   Certificate management: CertificateStore CSP, RootCACertificate CSP, and ClientCertificateInstall CSP are used to install certificates.
--   Basic device inventory and asset management: Some basic device information can be retrieved via the DevInfo CSP, DevDetail CSPs and the DeviceStatus CSP. These provide basic device information such as OEM name, device model, hardware version, OS version, processor types, etc. This is for asset management and device targeting. The NodeCache CSP enables the device to only send out delta inventory settings to the server to reduce over-the-air data usage. The NodeCache CSP is only accessible by the enterprise service.
+-   Basic device inventory and asset management: Some basic device information can be retrieved via the DevInfo CSP, DevDetail CSPs and the DeviceStatus CSP. These provide basic device information such as OEM name, device model, hardware version, OS version, processor types, etc. This information is for asset management and device targeting. The NodeCache CSP enables the device to only send out delta inventory settings to the server to reduce over-the-air data usage. The NodeCache CSP is only accessible by the enterprise service.
 
  
 
diff --git a/windows/client-management/mdm/windowsadvancedthreatprotection-csp.md b/windows/client-management/mdm/windowsadvancedthreatprotection-csp.md
index c8bd5266d0..2d7afd2ff5 100644
--- a/windows/client-management/mdm/windowsadvancedthreatprotection-csp.md
+++ b/windows/client-management/mdm/windowsadvancedthreatprotection-csp.md
@@ -17,7 +17,7 @@ ms.date: 11/01/2017
 
 The Windows Defender Advanced Threat Protection (WDATP) configuration service provider (CSP) allows IT Admins to onboard, determine configuration and health status, and offboard endpoints for WDATP.
 
-The following shows the WDATP configuration service provider in tree format as used by the Open Mobile Alliance (OMA) Device Management (DM).
+The following example shows the WDATP configuration service provider in tree format as used by the Open Mobile Alliance (OMA) Device Management (DM).
 
 ```console
 ./Device/Vendor/MSFT
@@ -114,7 +114,7 @@ The following list describes the characteristics and parameters.
 <a href="" id="devicetagging"></a>**DeviceTagging**  
 <p>Added in Windows 10, version 1709. Represents Windows Defender Advanced Threat Protection configuration for managing role based access and device tagging.
 
-<p>Supported operations is Get.
+<p>Supported operation is Get.
 
 <a href="" id="group"></a>**DeviceTagging/Group**  
 <p>Added in Windows 10, version 1709. Device group identifiers.
diff --git a/windows/client-management/mdm/windowsdefenderapplicationguard-csp.md b/windows/client-management/mdm/windowsdefenderapplicationguard-csp.md
index e489b9b6cd..febc8bed02 100644
--- a/windows/client-management/mdm/windowsdefenderapplicationguard-csp.md
+++ b/windows/client-management/mdm/windowsdefenderapplicationguard-csp.md
@@ -15,7 +15,7 @@ manager: dansimp
 
 The WindowsDefenderApplicationGuard configuration service provider (CSP) is used by the enterprise to configure the settings in Microsoft Defender Application Guard. This CSP was added in Windows 10, version 1709.
 
-The following shows the WindowsDefenderApplicationGuard configuration service provider in tree format.
+The following example shows the WindowsDefenderApplicationGuard configuration service provider in tree format.
 ```
 ./Device/Vendor/MSFT
 WindowsDefenderApplicationGuard
@@ -139,7 +139,7 @@ This policy setting is supported on Microsoft Edge on Windows 10 Enterprise or W
 
 The following list shows the supported values:  
 - 0 (default) - Non-enterprise content embedded in enterprise sites is allowed to open outside of the Microsoft Defender Application Guard container, directly in Internet Explorer and Microsoft Edge.
-- 1 - Non-enterprise content embedded on enterprise sites are stopped from opening in Internet Explorer or Microsoft Edge outside of Microsoft Defender Application Guard.
+- 1 - Non-enterprise content embedded on enterprise sites is stopped from opening in Internet Explorer or Microsoft Edge outside of Microsoft Defender Application Guard.
 
 > [!NOTE]
 > This policy setting is no longer supported in the new Microsoft Edge browser. The policy will be deprecated and removed in a future release. Webpages that contain mixed content, both enterprise and non-enterprise, may load incorrectly or fail completely if this feature is enabled.
@@ -160,7 +160,7 @@ Value type is integer. Supported operations are Add, Get, Replace, and Delete.
 This policy setting is supported on Microsoft Edge on Windows 10 Enterprise or Windows 10 Education with Microsoft Defender Application Guard in Enterprise mode.
 
 The following list shows the supported values:  
-- 0 - Application Guard discards user-downloaded files and other items (such as, cookies, Favorites, and so on) during machine restart or user log-off.
+- 0 - Application Guard discards user-downloaded files and other items (such as, cookies, Favorites, and so on) during machine restart or user sign out.
 - 1 - Application Guard saves user-downloaded files and other items (such as, cookies, Favorites, and so on) for use in future Application Guard sessions.
 
 <!--ADMXMapped-->
@@ -181,8 +181,8 @@ This policy setting is supported on Microsoft Edge on Windows 10 Enterprise or W
 If you enable this setting, Microsoft Defender Application Guard uses Hyper-V to access supported, high-security rendering graphics hardware (GPUs). These GPUs improve rendering performance and battery life while using Microsoft Defender Application Guard, particularly for video playback and other graphics-intensive use cases. If you enable this setting without connecting any high-security rendering graphics hardware, Microsoft Defender Application Guard will automatically revert to software-based (CPU) rendering.
 
 The following list shows the supported values:  
-- 0 (default) - Cannot access the vGPU and uses the CPU to support rendering graphics. When the policy is not configured, it is the same as disabled (0).
-- 1 - Turns on the functionality to access the vGPU offloading graphics rendering from the CPU. This can create a faster experience when working with graphics intense websites or watching video within the container. 
+- 0 (default) - Can't access the vGPU and uses the CPU to support rendering graphics. When the policy isn't configured, it's the same as disabled (0).
+- 1 - Turns on the functionality to access the vGPU offloading graphics rendering from the CPU. This functionality can create a faster experience when working with graphics intense websites or watching video within the container. 
 
 > [!WARNING]
 > Enabling this setting with potentially compromised graphics devices or drivers might pose a risk to the host device.
@@ -196,14 +196,14 @@ ADMX Info:
 <!--/ADMXMapped-->
 
 <a href="" id="savefilestohost"></a>**Settings/SaveFilesToHost**  
-Added in Windows 10, version 1803. This policy setting allows you to determine whether users can elect to download files from Edge in the container and persist files them from container to the host operating system. This also enables users to elect files on the host operating system and upload it through Edge in the container. 
+Added in Windows 10, version 1803. This policy setting allows you to determine whether users can elect to download files from Edge in the container and persist files them from container to the host operating system. This policy setting also enables users to elect files on the host operating system and upload it through Edge in the container. 
 
 Value type is integer. Supported operations are Add, Get, Replace, and Delete. 
 
 This policy setting is supported on Microsoft Edge on Windows 10 Enterprise or Windows 10 Education with Microsoft Defender Application Guard in Enterprise mode.
 
 The following list shows the supported values:  
-- 0 (default) - The user cannot download files from Edge in the container to the host file system, or upload files from host file system to Edge in the container. When the policy is not configured, it is the same as disabled (0).
+- 0 (default) - The user can't download files from Edge in the container to the host file system, or upload files from host file system to Edge in the container. When the policy isn't configured, it's the same as disabled (0).
 - 1 - Turns on the functionality to allow users to download files from Edge in the container to the host file system.  
 
 <!--ADMXMapped-->
@@ -226,7 +226,7 @@ If you enable this setting, certificates with a thumbprint matching the ones spe
 Here's an example:  
 b4e72779a8a362c860c36a6461f31e3aa7e58c14,1b1d49f06d2a697a544a1059bd59a7b058cda924
 
-If you disable or don’t configure this setting, certificates are not shared with the Microsoft Defender Application Guard container.
+If you disable or don’t configure this setting, certificates aren't shared with the Microsoft Defender Application Guard container.
 
 <!--ADMXMapped-->
 ADMX Info:  
@@ -251,7 +251,7 @@ If you enable this policy setting, applications inside Microsoft Defender Applic
 If you disable or don't configure this policy setting, applications inside Microsoft Defender Application Guard will be unable to access the camera and microphone on the user’s device.
 
 The following list shows the supported values:  
-- 0 (default) - Microsoft Defender Application Guard cannot access the device’s camera and microphone. When the policy is not configured, it is the same as disabled (0).
+- 0 (default) - Microsoft Defender Application Guard can't access the device’s camera and microphone. When the policy isn't configured, it's the same as disabled (0).
 - 1 - Turns on the functionality to allow Microsoft Defender Application Guard to access the device’s camera and microphone.
 
 > [!IMPORTANT]
diff --git a/windows/client-management/mdm/windowslicensing-csp.md b/windows/client-management/mdm/windowslicensing-csp.md
index 20530b3267..0789764ab1 100644
--- a/windows/client-management/mdm/windowslicensing-csp.md
+++ b/windows/client-management/mdm/windowslicensing-csp.md
@@ -19,7 +19,7 @@ ms.date: 08/15/2018
 
 The WindowsLicensing configuration service provider is designed for licensing related management scenarios. Currently the scope is limited to edition upgrades of Windows 10 client devices, such as Windows 10 Pro to Windows 10 Enterprise. In addition, this CSP provides the capability to activate or change the product key of Windows 10 client devices.
 
-The following shows the WindowsLicensing configuration service provider in tree format.
+The following example shows the WindowsLicensing configuration service provider in tree format.
 
 ```console
 ./Vendor/MSFT
@@ -41,7 +41,7 @@ WindowsLicensing
 --------Status (Added in Windows 10, version 1809)
 ```
 <a href="" id="--device-vendor-msft-windowslicensing"></a>**./Device/Vendor/MSFT/WindowsLicensing**  
-This is the root node for the WindowsLicensing configuration service provider.
+This node is the root node for the WindowsLicensing configuration service provider.
 
 The supported operation is Get.
 
@@ -70,7 +70,7 @@ If a product key is entered in a provisioning package and the user begins instal
 
 After the device restarts, the edition upgrade process completes. The user will receive a notification of the successful upgrade.
 
-This node can also be used to activate or change a product key on a particular edition of Windows 10 desktop device by entering a product key. Activation or changing a product key does not require a reboot and is a silent process for the user.
+This node can also be used to activate or change a product key on a particular edition of Windows 10 desktop device by entering a product key. Activation or changing a product key doesn't require a reboot and is a silent process for the user.
 
 > [!IMPORTANT]
 > The product key entered must be 29 characters (that is, it should include dashes), otherwise the activation, edition upgrade, or product key change on Windows 10 desktop devices will fail. The product key is acquired from Microsoft Volume Licensing Service Center. Your organization must have a Volume Licensing contract with Microsoft to access the portal.
@@ -117,7 +117,7 @@ The supported operation is Get.
 Provides a license for an edition upgrade of Windows 10 devices.
 
 > [!NOTE]
-> This upgrade process does not require a system restart. 
+> This upgrade process doesn't require a system restart. 
 
 The date type is XML.
 
@@ -152,7 +152,7 @@ The data type is a chr.
 The supported operation is Exec.
 
 <a href="" id="changeproductkey"></a>**ChangeProductKey**  
-Added in Windows 10, version 1703. Installs a product key for Windows 10 desktop devices. Does not reboot.
+Added in Windows 10, version 1703. Installs a product key for Windows 10 desktop devices. Doesn't reboot.
 
 The data type is a chr.
 
@@ -191,7 +191,7 @@ Supported values:
 -  1 - User Blocked: The admin has blocked the user from switching their device out of S mode. Only the admin can switch the device out of S mode through the SMode/SwitchFromSMode node.
 
 <a href="" id="smode-switchfromsmode"></a>**SMode/SwitchFromSMode**  
-Added in Windows 10, version 1809. Switches a device out of S mode if possible. Does not reboot. For an example, see [Execute SwitchFromSMode](#smode-switchfromsmode-execute)
+Added in Windows 10, version 1809. Switches a device out of S mode if possible. Doesn't reboot. For an example, see [Execute SwitchFromSMode](#smode-switchfromsmode-execute)
 
 Supported operation is Execute.
 
diff --git a/windows/client-management/mdm/wirednetwork-csp.md b/windows/client-management/mdm/wirednetwork-csp.md
index fc6a7c7176..62808bc9bb 100644
--- a/windows/client-management/mdm/wirednetwork-csp.md
+++ b/windows/client-management/mdm/wirednetwork-csp.md
@@ -1,6 +1,6 @@
 ---
 title: WiredNetwork CSP
-description: The WiredNetwork configuration service provider (CSP) is used by the enterprise to configure wired Internet on devices that do not have GP. Learn how it works.
+description: The WiredNetwork configuration service provider (CSP) is used by the enterprise to configure wired Internet on devices that don't have GP. Learn how it works.
 ms.author: dansimp
 ms.topic: article
 ms.prod: w10
@@ -16,9 +16,9 @@ manager: dansimp
 > [!WARNING]
 > Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
 
-The WiredNetwork configuration service provider (CSP) is used by the enterprise to configure wired Internet on devices that do not have GP to enable them to access corporate Internet over ethernet. This CSP was added in Windows 10, version 1809.
+The WiredNetwork configuration service provider (CSP) is used by the enterprise to configure wired Internet on devices that don't have GP to enable them to access corporate Internet over ethernet. This CSP was added in Windows 10, version 1809.
 
-The following shows the WiredNetwork configuration service provider in tree format.
+The following example shows the WiredNetwork configuration service provider in tree format.
 ```
 ./User/Vendor/MSFT
 WiredNetwork

From 9cc11d14c167a080a49e48cd4c98013fb45514e1 Mon Sep 17 00:00:00 2001
From: Jeff Borsecnik <36546697+jborsecnik@users.noreply.github.com>
Date: Fri, 22 Apr 2022 08:17:03 -0700
Subject: [PATCH 100/123] Update policy-csp-mixedreality.md

Acrolinx fixes
---
 windows/client-management/mdm/policy-csp-mixedreality.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/client-management/mdm/policy-csp-mixedreality.md b/windows/client-management/mdm/policy-csp-mixedreality.md
index 777d491a93..7257df3ca2 100644
--- a/windows/client-management/mdm/policy-csp-mixedreality.md
+++ b/windows/client-management/mdm/policy-csp-mixedreality.md
@@ -90,9 +90,9 @@ Steps to use this policy correctly:
 |HoloLens 2|Yes|
 
 <!--/Description-->
-This new AutoLogonUser policy controls whether a user will be automatically logged on. Some customers want to set up devices that are tied to an identity but don't want any sign in experience. Imagine picking up a device and using remote assist immediately. Or have a benefit of being able to rapidly  distribute HoloLens devices and enable their end users to speed up login.
+This new AutoLogonUser policy controls whether a user will be automatically logged on. Some customers want to set up devices that are tied to an identity but don't want any sign-in experience. Imagine picking up a device and using remote assist immediately. Or have a benefit of being able to rapidly  distribute HoloLens devices and enable their end users to speed up login.
 
-When the policy is set to a non-empty value, it specifies the email address of the auto log-on user. The specified user must logon to the device at least once to enable autologon.
+When the policy is set to a non-empty value, it specifies the email address of the auto log-on user. The specified user must log on to the device at least once to enable autologon.
 
 The OMA-URI of new policy `./Device/Vendor/MSFT/Policy/Config/MixedReality/AutoLogonUser`
 
@@ -101,7 +101,7 @@ String value
 
 - User with the same email address will have autologon enabled.
 
-On a device where this policy is configured, the user specified in the policy will need to log-on at least once. Subsequent reboots of the device after the first logon will have the specified user automatically logged on. Only a single autologon user is supported. Once enabled, the automatically logged on user will not be able to log out manually. To log-on as a different user, the policy must first be disabled.
+On a device where this policy is configured, the user specified in the policy will need to log on at least once. Subsequent reboots of the device after the first logon will have the specified user automatically logged on. Only a single autologon user is supported. Once enabled, the automatically logged on user will not be able to log out manually. To log on as a different user, the policy must first be disabled.
 
 > [!NOTE]
 >

From 119757ec7c37b199dbb1092805a86e96dc9ecc24 Mon Sep 17 00:00:00 2001
From: Jeff Borsecnik <36546697+jborsecnik@users.noreply.github.com>
Date: Fri, 22 Apr 2022 08:52:11 -0700
Subject: [PATCH 101/123] Update policy-csp-admx-controlpaneldisplay.md

fix old typo
---
 .../mdm/policy-csp-admx-controlpaneldisplay.md                | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/client-management/mdm/policy-csp-admx-controlpaneldisplay.md b/windows/client-management/mdm/policy-csp-admx-controlpaneldisplay.md
index a55a90e3b1..8195202ff8 100644
--- a/windows/client-management/mdm/policy-csp-admx-controlpaneldisplay.md
+++ b/windows/client-management/mdm/policy-csp-admx-controlpaneldisplay.md
@@ -605,7 +605,7 @@ This setting also prevents users from using Control Panel to change the window b
 
 If this setting is disabled or not configured, the Color (or Window Color) page or Color Scheme dialog is available in the Personalization or Display Control Panel.
 
-For systems prior to Windows Vista, this setting hides the Appearance and Themes tabs in the in Display in Control Panel.
+For systems prior to Windows Vista, this setting hides the Appearance and Themes tabs in the Display in Control Panel.
 
 <!--/Description-->
 
@@ -1247,4 +1247,4 @@ ADMX Info:
 
 ## Related topics
 
-[ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)
\ No newline at end of file
+[ADMX-backed policies in Policy CSP](./policies-in-policy-csp-admx-backed.md)

From 9667fb435663bacd9e254d7900686750ffbbdbbb Mon Sep 17 00:00:00 2001
From: Jeff Borsecnik <36546697+jborsecnik@users.noreply.github.com>
Date: Fri, 22 Apr 2022 08:52:49 -0700
Subject: [PATCH 102/123] Update policy-configuration-service-provider.md

remove extraneous comma
---
 .../mdm/policy-configuration-service-provider.md                | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/client-management/mdm/policy-configuration-service-provider.md b/windows/client-management/mdm/policy-configuration-service-provider.md
index 1b20cab90f..2c89a44f21 100644
--- a/windows/client-management/mdm/policy-configuration-service-provider.md
+++ b/windows/client-management/mdm/policy-configuration-service-provider.md
@@ -72,7 +72,7 @@ The root node for the Policy configuration service provider.
 Supported operation is Get.
 
 <a href="" id="policy-config"></a>**Policy/Config**  
-Node for grouping all policies configured by one source. The configuration source can use this path to set policy values and later query any policy value that it previously set. One policy can be configured by multiple configuration sources. If a configuration source wants to query the result of conflict resolution (for example, if Exchange and MDM both attempt to set a value,) the configuration source can use the Policy/Result path to retrieve the resulting value.
+Node for grouping all policies configured by one source. The configuration source can use this path to set policy values and later query any policy value that it previously set. One policy can be configured by multiple configuration sources. If a configuration source wants to query the result of conflict resolution (for example, if Exchange and MDM both attempt to set a value) the configuration source can use the Policy/Result path to retrieve the resulting value.
 
 Supported operation is Get.
 

From da9a32af53c87b01efdf48c2c001940e27549c28 Mon Sep 17 00:00:00 2001
From: Office Content Publishing 4
 <87501895+officedocspr4@users.noreply.github.com>
Date: Fri, 22 Apr 2022 15:25:15 -0700
Subject: [PATCH 103/123] Uploaded file: education-content-updates.md -
 2022-04-22 15:25:14.8524

---
 education/includes/education-content-updates.md | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/education/includes/education-content-updates.md b/education/includes/education-content-updates.md
index 6a7469a644..0f7ca6f332 100644
--- a/education/includes/education-content-updates.md
+++ b/education/includes/education-content-updates.md
@@ -2,12 +2,9 @@
 

 
 
-## Week of March 14, 2022
+## Week of April 18, 2022
 
 
 | Published On |Topic title | Change |
 |------|------------|--------|
-| 3/18/2022 | Educator Trial in a Box Guide | removed |
-| 3/18/2022 | Microsoft Education Trial in a Box | removed |
-| 3/18/2022 | IT Admin Trial in a Box Guide | removed |
-| 3/18/2022 | Microsoft Education Trial in a Box Support | removed |
+| 4/21/2022 | [For IT administrators get Minecraft Education Edition](/education/windows/school-get-minecraft) | modified |

From 29d81ae1ae80616c8ddc3a2f671c94d9f6611a9c Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Fri, 22 Apr 2022 17:21:06 -0700
Subject: [PATCH 104/123] Update using-event-viewer-with-applocker.md

---
 .../applocker/using-event-viewer-with-applocker.md               | 1 -
 1 file changed, 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md b/windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md
index a2ac228302..0274a768dd 100644
--- a/windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md
+++ b/windows/security/threat-protection/windows-defender-application-control/applocker/using-event-viewer-with-applocker.md
@@ -14,7 +14,6 @@ manager: dansimp
 audience: ITPro
 ms.collection: M365-security-compliance
 ms.topic: conceptual
-ms.date: 09/21/2017
 ms.technology: windows-sec
 ---
 

From 5b5f7b5941eef33d108a9bc38932f2ffdf7199b0 Mon Sep 17 00:00:00 2001
From: Siddarth Mandalika <v-smandalika@microsoft.com>
Date: Mon, 25 Apr 2022 16:43:40 +0530
Subject: [PATCH 105/123] Acrolinx

---
 .../system-failure-recovery-options.md        | 20 ++++----
 .../troubleshoot-event-id-41-restart.md       | 30 ++++++------
 .../troubleshoot-inaccessible-boot-device.md  | 16 +++----
 .../troubleshoot-stop-errors.md               | 44 ++++++++---------
 .../troubleshoot-tcpip-connectivity.md        | 28 +++++------
 .../troubleshoot-tcpip-netmon.md              | 10 ++--
 .../troubleshoot-tcpip-port-exhaust.md        | 48 +++++++++----------
 .../troubleshoot-tcpip-rpc-errors.md          | 32 ++++++-------
 .../troubleshoot-windows-freeze.md            | 22 ++++-----
 .../windows-10-support-solutions.md           |  8 ++--
 10 files changed, 129 insertions(+), 129 deletions(-)

diff --git a/windows/client-management/system-failure-recovery-options.md b/windows/client-management/system-failure-recovery-options.md
index 3fa7f1b6c8..777b9fa6ec 100644
--- a/windows/client-management/system-failure-recovery-options.md
+++ b/windows/client-management/system-failure-recovery-options.md
@@ -18,7 +18,7 @@ This article describes how to configure the actions that Windows takes when a sy
 
 - Write an event to the System log.
 
-- Alert administrators (if you have set up administrative alerts).
+- Alert administrators (if you've set up administrative alerts).
 
 - Put system memory into a file that advanced users can use for debugging.
 
@@ -92,9 +92,9 @@ Select one of the following type of information that you want Windows to record
 
 #### (none) 
 
-The option does not record any information in a memory dump file.
+The option doesn't record any information in a memory dump file.
 
-To specify that you do not want Windows to record information in a memory dump file, run the following command or modify the registry value:
+To specify that you don't want Windows to record information in a memory dump file, run the following command or modify the registry value:
 
 - ```cmd
   wmic recoveros set DebugInfoType = 0
@@ -123,7 +123,7 @@ To specify that you want to use a folder as your Small Dump Directory, run the f
 
 #### Kernel Memory Dump
 
-The option records only kernel memory. This option stores more information than a small memory dump file, but it takes less time to complete than a complete memory dump file. The file is stored in %SystemRoot%\Memory.dmp by default, and any previous kernel or complete memory dump files are overwritten if the **Overwrite any existing file** check box is selected. If you set this option, you must have a sufficiently large paging file on the boot volume. The required size depends on the amount of RAM in your computer However, the maximum amount of space that must be available for a kernel memory dump on a 32-bit system is 2 GB plus 16 MB. On a 64-bit system, the maximum amount of space that must be available for a kernel memory dump is the size of the RAM plus 128 MB. The following table provides guidelines for the size of the paging file:
+The option records only kernel memory. This option stores more information than a small memory dump file, but it takes less time to complete than a complete memory dump file. The file is stored in %SystemRoot%\Memory.dmp by default, and any previous kernel or complete memory dump files are overwritten if the **Overwrite any existing file** check box is selected. If you set this option, you must have a sufficiently large paging file on the boot volume. The required size depends on the amount of RAM in your computer. However, the maximum amount of space that must be available for a kernel memory dump on a 32-bit system is 2 GB plus 16 MB. On a 64-bit system, the maximum amount of space that must be available for a kernel memory dump is the size of the RAM plus 128 MB. The following table provides guidelines for the size of the paging file:
 
 |RAM size	|Paging file should be no smaller than|
 |-------|-----------------|
@@ -146,7 +146,7 @@ To specify that you want to use a file as your memory dump file, run the followi
 
 - Set the **DumpFile** Expandable String Value to \<filepath\>.
 
-To specify that you do not want to overwrite any previous kernel or complete memory dump files, run the following command or modify the registry value:
+To specify that you don't want to overwrite any previous kernel or complete memory dump files, run the following command or modify the registry value:
 
 - ```cmd
   wmic recoveros set OverwriteExistingDebugFile = 0
@@ -156,9 +156,9 @@ To specify that you do not want to overwrite any previous kernel or complete mem
 
 #### Complete Memory Dump
 
-The option records the contents of system memory when the computer stops unexpectedly. This option is not available on computers that have 2 or more GB of RAM. If you select this option, you must have a paging file on the boot volume that is sufficient to hold all the physical RAM plus 1 MB. The file is stored as specified in %SystemRoot%\Memory.dmp by default.
+The option records the contents of system memory when the computer stops unexpectedly. This option isn't available on computers that have 2 or more GB of RAM. If you select this option, you must have a paging file on the boot volume that is sufficient to hold all the physical RAM plus 1 MB. The file is stored as specified in %SystemRoot%\Memory.dmp by default.
 
-The extra megabyte is required for a complete memory dump file because Windows writes a header in addition to dumping the memory contents. The header contains a crash dump signature and specifies the values of some kernel variables. The header information does not require a full megabyte of space, but Windows sizes your paging file in increments of megabytes.
+The extra megabyte is required for a complete memory dump file because Windows writes a header in addition to dumping the memory contents. The header contains a crash dump signature and specifies the values of some kernel variables. The header information doesn't require a full megabyte of space, but Windows sizes your paging file in increments of megabytes.
 
 To specify that you want to use a complete memory dump file, run the following command or modify the registry value:
 
@@ -176,7 +176,7 @@ To specify that you want to use a file as your memory dump file, run the followi
 
 - Set the DumpFile Expandable String Value to \<filepath\>.
 
-To specify that you do not want to overwrite any previous kernel or complete memory dump files, run the following command or modify the registry value:
+To specify that you don't want to overwrite any previous kernel or complete memory dump files, run the following command or modify the registry value:
 
 - ```cmd
   wmic recoveros set OverwriteExistingDebugFile = 0
@@ -194,11 +194,11 @@ To view system failure and recovery settings for your local computer, type **wmi
 
 ### Tips
 
-- To take advantage of the dump file feature, your paging file must be on the boot volume. If you have moved the paging file to another volume, you must move it back to the boot volume before you use this feature.
+- To take advantage of the dump file feature, your paging file must be on the boot volume. If you've moved the paging file to another volume, you must move it back to the boot volume before you use this feature.
 
 - If you set the Kernel Memory Dump or the Complete Memory Dump option, and you select the **Overwrite any existing file** check box, Windows always writes to the same file name. To save individual dump files, click to clear the **Overwrite any existing file** check box, and then change the file name after each Stop error.
 
-- You can save some memory if you click to clear the **Write an event to the system log** and **Send an administrative alert** check boxes. The memory that you save depends on the computer, but these features typically require about 60 to 70 KB.
+- You can save some memory if you click to clear the **Write an event to the system log** and **Send an administrative alert** check boxes. The memory that you save depends on the computer, but these features typically require about 60-70 KB.
 
 ## References
 
diff --git a/windows/client-management/troubleshoot-event-id-41-restart.md b/windows/client-management/troubleshoot-event-id-41-restart.md
index c1d7a706b0..48678bf786 100644
--- a/windows/client-management/troubleshoot-event-id-41-restart.md
+++ b/windows/client-management/troubleshoot-event-id-41-restart.md
@@ -23,7 +23,7 @@ ms.collection: highpri
 
 The preferred way to shut down Windows is to select **Start**, and then select an option to turn off or shut down the computer. When you use this standard method, the operating system closes all files and notifies the running services and applications so that they can write any unsaved data to disk and flush any active caches.
 
-If your computer shuts down unexpectedly, Windows logs Event ID 41 the next time that the computer starts. The event text resembles the following:
+If your computer shuts down unexpectedly, Windows logs Event ID 41 the next time that the computer starts. The event text resembles the following information:
 
 > Event ID: 41  
 > Description: The system has rebooted without cleanly shutting down first.
@@ -41,15 +41,15 @@ This event indicates that some unexpected activity prevented Windows from shutti
 
 ## How to use Event ID 41 when you troubleshoot an unexpected shutdown or restart
 
-By itself, Event ID 41 might not contain sufficient information to explicitly define what occurred. Typically, you have to also consider what was occurring at the time of the unexpected shutdown (for example, the power supply failed). Use the information in this article to identify a troubleshooting approach that is appropriate for your circumstances:
+By itself, Event ID 41 might not contain sufficient information to explicitly define what occurred. Typically, you've to also consider what was occurring at the time of the unexpected shutdown (for example, the power supply failed). Use the information in this article to identify a troubleshooting approach that is appropriate for your circumstances:
 
 - [Scenario 1](#scen1): The computer restarts because of a Stop error, and Event ID 41 contains a Stop error (bug check) code
 - [Scenario 2](#scen2): The computer restarts because you pressed and held the power button
-- [Scenario 3](#scen3): The computer is unresponsive or randomly restarts, and Event ID 41 is not logged or the Event ID 41 entry lists error code values of zero
+- [Scenario 3](#scen3): The computer is unresponsive or randomly restarts, and Event ID 41 isn't logged or the Event ID 41 entry lists error code values of zero
 
 ### <a name="scen1"></a>Scenario 1: The computer restarts because of a Stop error, and Event ID 41 contains a Stop error (bug check) code
 
-When a computer shuts down or restarts because of a Stop error, Windows includes the Stop error data in Event ID 41 as part of the additional event data. This information includes the Stop error code (also called a bug check code), as shown in the following example:
+When a computer shuts down or restarts because of a Stop error, Windows includes the Stop error data in Event ID 41 as part of more event data. This information includes the Stop error code (also called a bug check code), as shown in the following example:
 
 > EventData  
 > BugcheckCode 159  
@@ -78,43 +78,43 @@ After you identify the hexadecimal value, use the following references to contin
 
 ### <a name="scen2"></a>Scenario 2: The computer restarts because you pressed and held the power button
 
-Because this method of restarting the computer interferes with the Windows shutdown operation, we recommend that you use this method only if you have no alternative. For example, you might have to use this approach if your computer is not responding. When you restart the computer by pressing and holding the power button, the computer logs an Event ID 41 that includes a non-zero value for the **PowerButtonTimestamp** entry.
+Because this method of restarting the computer interferes with the Windows shutdown operation, we recommend that you use this method only if you've no alternative. For example, you might have to use this approach if your computer isn't responding. When you restart the computer by pressing and holding the power button, the computer logs an Event ID 41 that includes a non-zero value for the **PowerButtonTimestamp** entry.
 
 For help when troubleshooting an unresponsive computer, see [Windows Help](https://support.microsoft.com/hub/4338813/windows-help?os=windows-10). Consider searching for assistance by using keywords such as "hang," "responding," or "blank screen."
 
-### <a name="scen3"></a>Scenario 3: The computer is unresponsive or randomly restarts, and Event ID 41 is not recorded or the Event ID 41 entry or lists error code values of zero
+### <a name="scen3"></a>Scenario 3: The computer is unresponsive or randomly restarts, and Event ID 41 isn't recorded or the Event ID 41 entry or lists error code values of zero
 
 This scenario includes the following circumstances:
 
 - You shut off power to an unresponsive computer, and then you restart the computer.  
-   To verify that a computer is unresponsive, press the CAPS LOCK key on the keyboard. If the CAPS LOCK light on the keyboard does not change when you press the CAPS LOCK key, the computer might be completely unresponsive (also known as a *hard hang*).  
-- The computer restarts, but it does not generate Event ID 41.
+   To verify that a computer is unresponsive, press the CAPS LOCK key on the keyboard. If the CAPS LOCK light on the keyboard doesn't change when you press the CAPS LOCK key, the computer might be unresponsive (also known as a *hard hang*).  
+- The computer restarts, but it doesn't generate Event ID 41.
 - The computer restarts and generates Event ID 41, but the **BugcheckCode** and **PowerButtonTimestamp** values are zero.
 
 In such cases, something prevents Windows from generating error codes or from writing error codes to disk. Something might block write access to the disk (as in the case of an unresponsive computer) or the computer might shut down too quickly to write the error codes or even detect an error.
 
 The information in Event ID 41 provides some indication of where to start checking for problems:
 
-- **Event ID 41 is not recorded or the bug check code is zero**. This behavior might indicate a power supply problem. If the power to a computer is interrupted, the computer might shut down without generating a Stop error. If it does generate a Stop error, it might not finish writing the error codes to disk. The next time the computer starts, it might not log Event ID 41. Or, if it does, the bug check code is zero. Conditions such as the following might be the cause:
-  - In the case of a portable computer, the battery was removed or completely drained.
+- **Event ID 41 isn't recorded or the bug check code is zero**. This behavior might indicate a power supply problem. If the power to a computer is interrupted, the computer might shut down without generating a Stop error. If it does generate a Stop error, it might not finish writing the error codes to disk. The next time the computer starts, it might not log Event ID 41. Or, if it does, the bug check code is zero. The following conditions might be the cause:
+  - In the case of a portable computer, the battery was removed or drained.
   - In the case of a desktop computer, the computer was unplugged or experienced a power outage.
   - The power supply is underpowered or faulty.
 
-- **The PowerButtonTimestamp value is zero**. This behavior might occur if you disconnected the power to a computer that was not responding to input. Conditions such as the following might be the cause:
+- **The PowerButtonTimestamp value is zero**. This behavior might occur if you disconnected the power to a computer that wasn't responding to input. The following conditions might be the cause:
   - A Windows process blocked write access to the disk, and you shut down the computer by pressing and holding the power button for at least four seconds.
   - You disconnected the power to an unresponsive computer.
 
-Typically, the symptoms described in this scenario indicate a hardware problem. To help isolate the problem, do the following:
+Typically, the symptoms described in this scenario indicate a hardware problem. To help isolate the problem, do the following steps:
 
 - **Disable overclocking**. If the computer has overclocking enabled, disable it. Verify that the issue occurs when the system runs at the correct speed.
 - **Check the memory**. Use a memory checker to determine the memory health and configuration. Verify that all memory chips run at the same speed and that every chip is configured correctly in the system.
-- **Check the power supply**. Verify that the power supply has enough wattage to appropriately handle the installed devices. If you added memory, installed a newer processor, installed additional drives, or added external devices, such devices can require more energy than the current power supply can provide consistently. If the computer logged Event ID 41 because the power to the computer was interrupted, consider obtaining an uninterruptible power supply (UPS) such as a battery backup power supply.
+- **Check the power supply**. Verify that the power supply has enough wattage to appropriately handle the installed devices. If you added memory, installed a newer processor, installed more drives, or added external devices, such devices can require more energy than the current power supply can provide consistently. If the computer logged Event ID 41 because the power to the computer was interrupted, consider obtaining an uninterruptible power supply (UPS) such as a battery backup power supply.
 - **Check for overheating**. Examine the internal temperature of the hardware and check for any overheating components.
 
-If you perform these checks and still cannot isolate the problem, set the system to its default configuration and verify whether the issue still occurs.
+If you perform these checks and still can't isolate the problem, set the system to its default configuration and verify whether the issue still occurs.
 
 > [!NOTE]  
-> If you see a Stop error message that includes a bug check code, but Event ID 41 does not include that code, change the restart behavior for the computer. To do this, follow these steps:
+> If you see a Stop error message that includes a bug check code, but Event ID 41 doesn't include that code, change the restart behavior for the computer. To do this, follow these steps:
 >  
 > 1. Right-click **My Computer**, then select **Properties** > **Advanced system settings** > **Advanced**.
 > 1. In the **Startup and Recovery** section, select **Settings**.
diff --git a/windows/client-management/troubleshoot-inaccessible-boot-device.md b/windows/client-management/troubleshoot-inaccessible-boot-device.md
index 490b24075a..3437793da8 100644
--- a/windows/client-management/troubleshoot-inaccessible-boot-device.md
+++ b/windows/client-management/troubleshoot-inaccessible-boot-device.md
@@ -37,11 +37,11 @@ Any one of the following factors might cause the stop error:
 
 * Corrupted files in the **Boot** partition (for example, corruption in the volume that's labeled **SYSTEM** when you run the `diskpart` > `list vol` command)
 
-* If there is a blank GPT entry before the entry of the **Boot** partition
+* If there's a blank GPT entry before the entry of the **Boot** partition
 
 ## Troubleshoot this error
 
-Start the computer in [Windows Recovery Mode (WinRE)](/windows-hardware/manufacture/desktop/windows-recovery-environment--windows-re--technical-reference#span-identrypointsintowinrespanspan-identrypointsintowinrespanspan-identrypointsintowinrespanentry-points-into-winre). To do this, follow these steps.
+Start the computer in [Windows Recovery Mode (WinRE)](/windows-hardware/manufacture/desktop/windows-recovery-environment--windows-re--technical-reference#span-identrypointsintowinrespanspan-identrypointsintowinrespanspan-identrypointsintowinrespanentry-points-into-winre) by following these steps.
 
 1. Start the system by using [the installation media for the installed version of Windows](https://support.microsoft.com/help/15088).
 
@@ -92,7 +92,7 @@ If the `list disk` command lists the OS disks correctly, run the `list vol` comm
 
 ### Verify the integrity of Boot Configuration Database
 
-Check whether the Boot Configuration Database (BCD) has all the correct entries. To do this, run `bcdedit` at the WinRE command prompt.
+Check whether the Boot Configuration Database (BCD) has all the correct entries. To do this step, run `bcdedit` at the WinRE command prompt.
 
 To verify the BCD entries:
 
@@ -150,7 +150,7 @@ If the files are missing, and you want to rebuild the boot files, follow these s
    Bcdboot <**OSDrive* >:\windows /s <**SYSTEMdrive* >: /f ALL
    ```
 
-   For example, if we assign the `<System Drive>` (WinRE drive) the letter R and the `<OSdrive>` is the letter D, the following is the command that we would use:
+   For example, if we assign the `<System Drive>` (WinRE drive) the letter R and the `<OSdrive>` is the letter D, we would use the following command:
 
    ```console
    Bcdboot D:\windows /s R: /f ALL
@@ -159,7 +159,7 @@ If the files are missing, and you want to rebuild the boot files, follow these s
    >[!NOTE]
    >The **ALL** part of the **bcdboot** command writes all the boot files (both UEFI and BIOS) to their respective locations.
 
-If you don't have a Windows 10 ISO, format the partition and copy **bootmgr** from another working computer that has a similar Windows build. To do this, follow these steps:
+If you don't have a Windows 10 ISO, format the partition and copy **bootmgr** from another working computer that has a similar Windows build. To do the formatting and copying, follow these steps:
 
 1. Start **Notepad**.
 
@@ -197,7 +197,7 @@ After you run this command, you'll see the **Install pending** and **Uninstall P
 
 6. Expand **HKEY_LOCAL_MACHINE\OfflineComponentHive**, and check whether the **PendingXmlIdentifier** key exists. Create a backup of the **OfflineComponentHive** key, and then delete the **PendingXmlIdentifier** key.
 
-7. Unload the hive. To do this, highlight **OfflineComponentHive**, and then select **File** > **Unload hive**.
+7. Unload the hive. To do this unloading, highlight **OfflineComponentHive**, and then select **File** > **Unload hive**.
 
    > [!div class="mx-imgBorder"]
    > ![Unload Hive.](images/unloadhive.png)![Unload Hive](images/unloadhive1.png)
@@ -229,7 +229,7 @@ After you run this command, you'll see the **Install pending** and **Uninstall P
 
    If these keys exist, check each one to make sure that it has a value that's named **Start**, and that it's set to **0**. If it's not, set the value to **0**.
 
-   If any of these keys don't exist, you can try to replace the current registry hive by using the hive from **RegBack**. To do this, run the following commands:
+   If any of these keys don't exist, you can try to replace the current registry hive by using the hive from **RegBack**. To do this step, run the following commands:
 
    ```console
    cd OSdrive:\Windows\System32\config
@@ -270,7 +270,7 @@ Check whether there are any non-Microsoft upper and lower filter drivers on the
 
 ### Running SFC and Chkdsk
 
- If the computer still doesn't start, you can try to run a **chkdisk**  process on the system drive, and then also run System File Checker. To do this, run the following commands at a WinRE command prompt:
+ If the computer still doesn't start, you can try to run a **chkdisk**  process on the system drive, and then also run System File Checker. Do these steps by running the following commands at a WinRE command prompt:
 
 *	`chkdsk /f /r OsDrive:`
 
diff --git a/windows/client-management/troubleshoot-stop-errors.md b/windows/client-management/troubleshoot-stop-errors.md
index e9f150cb37..a0f5f57b42 100644
--- a/windows/client-management/troubleshoot-stop-errors.md
+++ b/windows/client-management/troubleshoot-stop-errors.md
@@ -27,9 +27,9 @@ A Stop error is displayed as a blue screen that contains the name of the faulty
 - `igdkmd64.sys`
 - `nvlddmkm.sys`
 
-There is no simple explanation for the cause of Stop errors (also known as blue screen errors or bug check errors). Many different factors can be involved. However, various studies indicate that Stop errors usually are not caused by Microsoft Windows components. Instead, these errors are generally related to malfunctioning hardware drivers or drivers that are installed by third-party software. This includes video cards, wireless network cards, security programs, and so on.
+There's no simple explanation for the cause of Stop errors (also known as blue screen errors or bug check errors). Many different factors can be involved. However, various studies indicate that Stop errors usually aren't caused by Microsoft Windows components. Instead, these errors are related to malfunctioning hardware drivers or drivers that are installed by third-party software. These drivers include video cards, wireless network cards, security programs, and so on.
 
-Our analysis of the root causes of crashes indicates the following:
+Our analysis of the root causes of crashes indicates that:
 
 - 70 percent are caused by third-party driver code
 - 10 percent are caused by hardware issues 
@@ -45,7 +45,7 @@ To troubleshoot Stop error messages, follow these general steps:
 
 1. Review the Stop error code that you find in the event logs. Search online for the specific Stop error codes to see whether there are any known issues, resolutions, or workarounds for the problem.
 
-2. As a best practice, we recommend that you do the following:
+2. As a best practice, we recommend that you do the following steps:
 
     1. Make sure that you install the latest Windows updates, cumulative updates, and rollup updates. To verify the update status, refer to the appropriate update history for your system:
 
@@ -72,12 +72,12 @@ To troubleshoot Stop error messages, follow these general steps:
 
 4. Run [Microsoft Safety Scanner](https://www.microsoft.com/security/scanner/en-us/default.aspx) or any other virus detection program that includes checks of the Master Boot Record for infections.
 
-5. Make sure that there is sufficient free space on the hard disk. The exact requirement varies, but we recommend 10–15 percent free disk space.
+5. Make sure that there's sufficient free space on the hard disk. The exact requirement varies, but we recommend 10–15 percent free disk space.
 
 6. Contact the respective hardware or software vendor to update the drivers and applications in the following scenarios:
   
    - The error message indicates that a specific driver is causing the problem.
-   - You are seeing an indication of a service that is starting or stopping before the crash occurred. In this situation, determine whether the service behavior is consistent across all instances of the crash.
+   - You're seeing an indication of a service that is starting or stopping before the crash occurred. In this situation, determine whether the service behavior is consistent across all instances of the crash.
    - You have made any software or hardware changes.
 
      >[!NOTE]
@@ -105,7 +105,7 @@ To configure the system for memory dump files, follow these steps:
 
 6. Stop and disable Automatic System Restart Services (ASR) to prevent dump files from being written. 
 
-7. If the server is virtualized, disable auto reboot after the memory dump file is created. This lets you take a snapshot of the server in-state and also if the problem recurs.
+7. If the server is virtualized, disable auto reboot after the memory dump file is created. This disablement lets you take a snapshot of the server in-state and also if the problem recurs.
 
 The memory dump file is saved at the following locations:
 
@@ -118,7 +118,7 @@ The memory dump file is saved at the following locations:
 | Automatic memory dump file | %SystemRoot%\MEMORY.DMP |
 | Active memory dump file | %SystemRoot%\MEMORY.DMP |
 
-You can use the Microsoft DumpChk (Crash Dump File Checker) tool to verify that the memory dump files are not corrupted or invalid. For more information, see the following video:<br/><br/>
+You can use the Microsoft DumpChk (Crash Dump File Checker) tool to verify that the memory dump files aren't corrupted or invalid. For more information, see the following video:<br/><br/>
 
 >[!video https://www.youtube.com/embed/xN7tOfgNKag]
 
@@ -144,7 +144,7 @@ You can use the tools such as Windows Software Development KIT (SDK) and Symbols
 ## Advanced troubleshooting steps
 
 >[!NOTE]
->Advanced troubleshooting of crash dumps can be very challenging if you are not experienced with programming and internal Windows mechanisms. We have attempted to provide a brief insight here into some of the techniques used, including some examples. However, to really be effective at troubleshooting a crash dump, you should spend time becoming familiar with advanced debugging techniques. For a video overview, see [Advanced Windows Debugging](https://channel9.msdn.com/Blogs/Charles/Advanced-Windows-Debugging-An-Introduction) and [Debugging Kernel Mode Crashes and Hangs](https://channel9.msdn.com/Shows/Defrag-Tools/DefragTools-137-Debugging-kernel-mode-dumps). Also see the advanced references listed below.
+>Advanced troubleshooting of crash dumps can be very challenging if you aren't experienced with programming and internal Windows mechanisms. We have attempted to provide a brief insight here into some of the techniques used, including some examples. However, to really be effective at troubleshooting a crash dump, you should spend time becoming familiar with advanced debugging techniques. For a video overview, see [Advanced Windows Debugging](https://channel9.msdn.com/Blogs/Charles/Advanced-Windows-Debugging-An-Introduction) and [Debugging Kernel Mode Crashes and Hangs](https://channel9.msdn.com/Shows/Defrag-Tools/DefragTools-137-Debugging-kernel-mode-dumps). Also see the advanced references listed below.
 
 ### Advanced debugging references
 
@@ -153,25 +153,25 @@ You can use the tools such as Windows Software Development KIT (SDK) and Symbols
 
 ### Debugging steps
 
-1. Verify that the computer is set up to generate a complete memory dump file when a crash occurs. See the steps [here](troubleshoot-windows-freeze.md#method-1-memory-dump) for more information. 
+1. Verify that the computer is set up to generate a complete memory dump file when a crash occurs. For more information, see the steps [here](troubleshoot-windows-freeze.md#method-1-memory-dump). 
 
 2. Locate the memory.dmp file in your Windows directory on the computer that is crashing, and copy that file to another computer.
 
 3. On the other computer, download the [Windows 10 SDK](https://developer.microsoft.com/windows/downloads/windows-10-sdk).
 
-4. Start the install and choose **Debugging Tools for Windows**. This installs the WinDbg tool.
+4. Start the install and choose **Debugging Tools for Windows**. The WinDbg tool is installed.
 
 5. Open the WinDbg tool and set the symbol path by clicking **File** and then clicking **Symbol File Path**.
 
-    1. If the computer is connected to the Internet, enter the [Microsoft public symbol server](/windows-hardware/drivers/debugger/microsoft-public-symbols) (https://msdl.microsoft.com/download/symbols) and click **OK**. This is the recommended method.
+    1. If the computer is connected to the Internet, enter the [Microsoft public symbol server](/windows-hardware/drivers/debugger/microsoft-public-symbols) (https://msdl.microsoft.com/download/symbols) and click **OK**. This method is the recommended one.
 
-    1. If the computer is not connected to the Internet, you must specify a local [symbol path](/windows-hardware/drivers/debugger/symbol-path).
+    1. If the computer isn't connected to the Internet, you must specify a local [symbol path](/windows-hardware/drivers/debugger/symbol-path).
 
 6. Click on **Open Crash Dump**, and then open the memory.dmp file that you copied. See the example below.
 
    :::image type="content" alt-text="WinDbg img." source="images/windbg.png" lightbox="images/windbg.png":::
 
-7. There should be a link that says **!analyze -v** under **Bugcheck Analysis**. Click that link. This will enter the command !analyze -v in the prompt at the bottom of the page.
+7. There should be a link that says **!analyze -v** under **Bugcheck Analysis**. Click that link. The command !analyze -v is entered in the prompt at the bottom of the page.
 
 8. A detailed bugcheck analysis will appear. See the example below.
 
@@ -219,7 +219,7 @@ There are many possible causes of a bugcheck and each case is unique. In the exa
 
 The problem here is with **mpssvc** which is a component of the Windows Firewall. The problem was repaired by disabling the firewall temporarily and then resetting firewall policies. 
 
-Additional examples are provided in the [Debugging examples](#debugging-examples) section at the bottom of this article.
+More examples are provided in the [Debugging examples](#debugging-examples) section at the bottom of this article.
 
 ## Video resources
 
@@ -247,7 +247,7 @@ Use the following guidelines when you use Driver Verifier:
 
 - Enable concurrent verification on groups of 10–20 drivers.
 
-- Additionally, if the computer cannot boot into the desktop because of Driver Verifier, you can disable the tool by starting in Safe mode. This is because the tool cannot run in Safe mode.
+- Additionally, if the computer can't boot into the desktop because of Driver Verifier, you can disable the tool by starting in Safe mode. This solution is because the tool can't run in Safe mode.
 
 For more information, see [Driver Verifier](/windows-hardware/drivers/devtest/driver-verifier).
 
@@ -263,16 +263,16 @@ VIDEO_ENGINE_TIMEOUT_DETECTED or VIDEO_TDR_TIMEOUT_DETECTED<br>Stop error code 0
 DRIVER_IRQL_NOT_LESS_OR_EQUAL <br>Stop error code 0x0000000D1 | Apply the latest updates for the driver by applying the latest cumulative updates for the system through the Microsoft Update Catalog website.Update an outdated NIC driver. Virtualized VMware systems often run “Intel(R) PRO/1000 MT Network Connection” (e1g6032e.sys). This driver is available at [http://downloadcenter.intel.com](http://downloadcenter.intel.com). Contact the hardware vendor to update the NIC driver for a resolution. For VMware systems, use the VMware integrated NIC driver (types VMXNET or VMXNET2 , VMXNET3 can be used) instead of Intel e1g6032e.sys.
 PAGE_FAULT_IN_NONPAGED_AREA <br>Stop error code 0x000000050 | If a driver is identified in the Stop error message, contact the manufacturer for an update.If no updates are available, disable the driver, and monitor the system for stability. Run Chkdsk /f /r to detect and repair disk errors. You must restart the system before the disk scan begins on a system partition. Contact the manufacturer for any diagnostic tools that they may provide for the hard disk subsystem. Try to reinstall any application or service that was recently installed or updated. It's possible that the crash was triggered while the system was starting applications and reading the registry for preference settings. Reinstalling the application can fix corrupted registry keys.If the problem persists, and you have run a recent system state backup, try to restore the registry hives from the backup.
 SYSTEM_SERVICE_EXCEPTION <br>Stop error code c000021a {Fatal System Error} The Windows SubSystem system process terminated unexpectedly with a status of 0xc0000005. The system has been shut down. | Use the System File Checker tool to repair missing or corrupted system files. The System File Checker lets users scan for corruptions in Windows system files and restore corrupted files.  For more information, see [Use the System File Checker tool](https://support.microsoft.com/en-us/help/929833/use-the-system-file-checker-tool-to-repair-missing-or-corrupted-system-files).
-NTFS_FILE_SYSTEM <br>Stop error code 0x000000024 | This Stop error is commonly caused by corruption in the NTFS file system or bad blocks (sectors) on the hard disk. Corrupted drivers for hard disks (SATA or IDE) can also adversely affect the system's ability to read and write to disk. Run any hardware diagnostics that are provided by the manufacturer of the storage subsystem. Use the scan disk tool to verify that there are no file system errors. To do this, right-click the drive that you want to scan, select Properties, select Tools, and then select the Check now button.We also suggest that you update the NTFS file system driver (Ntfs.sys), and apply the latest cumulative updates for the current operating system that is experiencing the problem. 
-KMODE_EXCEPTION_NOT_HANDLED <br>Stop error code 0x0000001E | If a driver is identified in the Stop error message, disable or remove that driver. Disable or remove any drivers or services that were recently added. <br><br>If the error occurs during the startup sequence, and the system partition is formatted by using the NTFS file system, you might be able to use Safe mode to disable the driver in Device Manager. To do this, follow these steps:<br><br>Go to **Settings > Update &amp; security > Recovery**. Under **Advanced startup**, select **Restart now**. After your PC restarts to the **Choose an option** screen, select **Troubleshoot &gt; Advanced options &gt; Startup Settings &gt; Restart**. After the computer restarts, you'll see a list of options. Press **4** or **F4** to start the computer in Safe mode. Or, if you intend to use the Internet while in Safe mode, press **5** or **F5** for the Safe Mode with Networking option.
-DPC_WATCHDOG_VIOLATION <br>Stop error code 0x00000133 | This Stop error code is caused by a faulty driver that does not complete its work within the allotted time frame in certain conditions. To enable us to help mitigate this error, collect the memory dump file from the system, and then use the Windows Debugger to find the faulty driver. If a driver is identified in the Stop error message, disable the driver to isolate the problem. Check with the manufacturer for driver updates. Check the system log in Event Viewer for additional error messages that might help identify the device or driver that is causing Stop error 0x133. Verify that any new hardware that is installed is compatible with the installed version of Windows. For example, you can get information about required hardware at Windows 10 Specifications. If Windows Debugger is installed, and you have access to public symbols, you can load the c:\windows\memory.dmp file into the Debugger, and then refer to [Determining the source of Bug Check 0x133 (DPC_WATCHDOG_VIOLATION) errors on Windows Server 2012](/archive/blogs/ntdebugging/determining-the-source-of-bug-check-0x133-dpc_watchdog_violation-errors-on-windows-server-2012) to find the problematic driver from the memory dump.  
-USER_MODE_HEALTH_MONITOR <br>Stop error code 0x0000009E		| This Stop error indicates that a user-mode health check failed in a way that prevents graceful shutdown. Therefore, Windows restores critical services by restarting or enabling application failover to other servers. The Clustering Service incorporates a detection mechanism that may detect unresponsiveness in user-mode components.<br>This Stop error usually occurs in a clustered environment, and the indicated faulty driver is RHS.exe.Check the event logs for any storage failures to identify the failing process. Try to update the component or process that is indicated in the event logs. You should see the following event recorded:<br>Event ID: 4870<br>Source: Microsoft-Windows-FailoverClustering<br>Description: User mode health monitoring has detected that the system is not being responsive. The Failover cluster virtual adapter has lost contact with the Cluster Server process with a process ID ‘%1’, for ‘%2’ seconds. Recovery action is taken. Review the Cluster logs to identify the process and investigate which items might cause the process to hang. <br />For more information, see ["Why is my Failover Clustering node blue screening with a Stop 0x0000009E?"](https://blogs.technet.microsoft.com/askcore/2009/06/12/why-is-my-failover-clustering-node-blue-screening-with-a-stop-0x0000009e) Also, see the following Microsoft video [What to do if a 9E occurs](https://www.youtube.com/watch?v=vOJQEdmdSgw).
+NTFS_FILE_SYSTEM <br>Stop error code 0x000000024 | This Stop error is commonly caused by corruption in the NTFS file system or bad blocks (sectors) on the hard disk. Corrupted drivers for hard disks (SATA or IDE) can also adversely affect the system's ability to read and write to disk. Run any hardware diagnostics that are provided by the manufacturer of the storage subsystem. Use the scan disk tool to verify that there are no file system errors. To do this step, right-click the drive that you want to scan, select Properties, select Tools, and then select the Check now button. We also suggest that you update the NTFS file system driver (Ntfs.sys), and apply the latest cumulative updates for the current operating system that is experiencing the problem. 
+KMODE_EXCEPTION_NOT_HANDLED <br>Stop error code 0x0000001E | If a driver is identified in the Stop error message, disable or remove that driver. Disable or remove any drivers or services that were recently added. <br><br>If the error occurs during the startup sequence, and the system partition is formatted by using the NTFS file system, you might be able to use Safe mode to disable the driver in Device Manager. To disable the driver, follow these steps:<br><br>Go to **Settings > Update &amp; security > Recovery**. Under **Advanced startup**, select **Restart now**. After your PC restarts to the **Choose an option** screen, select **Troubleshoot &gt; Advanced options &gt; Startup Settings &gt; Restart**. After the computer restarts, you'll see a list of options. Press **4** or **F4** to start the computer in Safe mode. Or, if you intend to use the Internet while in Safe mode, press **5** or **F5** for the Safe Mode with Networking option.
+DPC_WATCHDOG_VIOLATION <br>Stop error code 0x00000133 | This Stop error code is caused by a faulty driver that doesn't complete its work within the allotted time frame in certain conditions. To enable us to help mitigate this error, collect the memory dump file from the system, and then use the Windows Debugger to find the faulty driver. If a driver is identified in the Stop error message, disable the driver to isolate the problem. Check with the manufacturer for driver updates. Check the system log in Event Viewer for other error messages that might help identify the device or driver that is causing Stop error 0x133. Verify that any new hardware that is installed is compatible with the installed version of Windows. For example, you can get information about required hardware at Windows 10 Specifications. If Windows Debugger is installed, and you have access to public symbols, you can load the c:\windows\memory.dmp file into the Debugger, and then refer to [Determining the source of Bug Check 0x133 (DPC_WATCHDOG_VIOLATION) errors on Windows Server 2012](/archive/blogs/ntdebugging/determining-the-source-of-bug-check-0x133-dpc_watchdog_violation-errors-on-windows-server-2012) to find the problematic driver from the memory dump.  
+USER_MODE_HEALTH_MONITOR <br>Stop error code 0x0000009E		| This Stop error indicates that a user-mode health check failed in a way that prevents graceful shutdown. Therefore, Windows restores critical services by restarting or enabling application failover to other servers. The Clustering Service incorporates a detection mechanism that may detect unresponsiveness in user-mode components.<br>This Stop error usually occurs in a clustered environment, and the indicated faulty driver is RHS.exe.Check the event logs for any storage failures to identify the failing process. Try to update the component or process that is indicated in the event logs. You should see the following event recorded:<br>Event ID: 4870<br>Source: Microsoft-Windows-FailoverClustering<br>Description: User mode health monitoring has detected that the system isn't being responsive. The Failover cluster virtual adapter has lost contact with the Cluster Server process with a process ID ‘%1’, for ‘%2’ seconds. Recovery action is taken. Review the Cluster logs to identify the process and investigate which items might cause the process to hang. <br />For more information, see ["Why is my Failover Clustering node blue screening with a Stop 0x0000009E?"](https://blogs.technet.microsoft.com/askcore/2009/06/12/why-is-my-failover-clustering-node-blue-screening-with-a-stop-0x0000009e) Also, see the following Microsoft video [What to do if a 9E occurs](https://www.youtube.com/watch?v=vOJQEdmdSgw).
 
 ## Debugging examples
 
 ### Example 1
 
-This bugcheck is caused by a driver hang during upgrade, resulting in a bugcheck D1 in NDIS.sys (a Microsoft driver).  The **IMAGE_NAME** tells you the faulting driver, but since this is Microsoft driver it cannot be replaced or removed. The resolution method is to disable the network device in device manager and try the upgrade again.
+This bugcheck is caused by a driver hang during upgrade, resulting in a bugcheck D1 in NDIS.sys (a Microsoft driver).  The **IMAGE_NAME** tells you the faulting driver, but since this driver is Microsoft driver it can't be replaced or removed. The resolution method is to disable the network device in device manager and try the upgrade again.
 
 ```console
 2: kd> !analyze -v
@@ -343,7 +343,7 @@ ANALYSIS_SESSION_HOST:  SHENDRIX-DEV0
 ANALYSIS_SESSION_TIME:  01-17-2019 11:06:05.0653
 ANALYSIS_VERSION: 10.0.18248.1001 amd64fre
 TRAP_FRAME:  ffffa884c0c3f6b0 -- (.trap 0xffffa884c0c3f6b0)
-NOTE: The trap frame does not contain all registers.
+NOTE: The trap frame doesn't contain all registers.
 Some register values may be zeroed or incorrect.
 rax=fffff807ad018bf0 rbx=0000000000000000 rcx=000000000011090a
 rdx=fffff807ad018c10 rsi=0000000000000000 rdi=0000000000000000
@@ -442,7 +442,7 @@ In this example, a non-Microsoft driver caused page fault, so we don’t have sy
 *******************************************************************************
 
 PAGE_FAULT_IN_NONPAGED_AREA (50)
-Invalid system memory was referenced.  This cannot be protected by try-except.
+Invalid system memory was referenced.  This can't be protected by try-except.
 Typically the address is just plain bad or it is pointing at freed memory.
 Arguments:
 Arg1: 8ba10000, memory referenced.
diff --git a/windows/client-management/troubleshoot-tcpip-connectivity.md b/windows/client-management/troubleshoot-tcpip-connectivity.md
index fd6540824c..56573160e6 100644
--- a/windows/client-management/troubleshoot-tcpip-connectivity.md
+++ b/windows/client-management/troubleshoot-tcpip-connectivity.md
@@ -25,7 +25,7 @@ You might come across connectivity errors on the application end or timeout erro
  
 When you suspect that the issue is on the network, you collect a network trace. The network trace would then be filtered. During troubleshooting connectivity errors, you might come across TCP reset in a network capture that could indicate a network issue.  
  
-* TCP is defined as connection-oriented and reliable protocol. One of the ways in which TCP ensures reliability is through the handshake process. Establishing a TCP session would begin with a three-way handshake, followed by data transfer, and then a four-way closure. The four-way closure where both sender and receiver agree on closing the session is termed as *graceful closure*. After the 4-way closure, the server will allow 4 minutes of time (default), during which any pending packets on the network are to be processed, this is the TIME_WAIT state. After the TIME_WAIT state completes, all the resources allocated for this connection are released.  
+* TCP is defined as connection-oriented and reliable protocol. One of the ways in which TCP ensures reliability is through the handshake process. Establishing a TCP session would begin with a three-way handshake, followed by data transfer, and then a four-way closure. The four-way closure where both sender and receiver agree on closing the session is termed as *graceful closure*. After the four-way closure, the server will allow 4 minutes of time (default), during which any pending packets on the network are to be processed, this period is the TIME_WAIT state. After the TIME_WAIT state completes, all the resources allocated for this connection are released.  
  
 * TCP reset is an abrupt closure of the session; it causes the resources allocated to the connection to be immediately released and all other information about the connection is erased.  
  
@@ -33,13 +33,13 @@ When you suspect that the issue is on the network, you collect a network trace.
  
 A network trace on the source and the destination helps you to determine the flow of the traffic and see at what point the failure is observed.  
  
-The following sections describe some of the scenarios when you will see a RESET. 
+The following sections describe some of the scenarios when you'll see a RESET. 
  
 ## Packet drops
  
-When one TCP peer is sending out TCP packets for which there is no response received from the other end, the TCP peer would end up retransmitting the data and when there is no response received, it would end the session by sending an ACK RESET (this means that the application acknowledges whatever data is exchanged so far, but because of packet drop, the connection is closed).  
+When one TCP peer is sending out TCP packets for which there's no response received from the other end, the TCP peer would end up retransmitting the data and when there's no response received, it would end the session by sending an ACK RESET (thisACK RESET means that the application acknowledges whatever data is exchanged so far, but because of packet drop, the connection is closed).  
  
-The simultaneous network traces on source and destination will help you verify this behavior where on the source side you would see the packets being retransmitted and on the destination none of these packets are seen. This would mean, the network device between the source and destination is dropping the packets. 
+The simultaneous network traces on source and destination will help you verify this behavior where on the source side you would see the packets being retransmitted and on the destination none of these packets are seen. This scenario denotes that the network device between the source and destination is dropping the packets. 
  
 If the initial TCP handshake is failing because of packet drops, then you would see that the TCP SYN packet is retransmitted only three times. 
     
@@ -47,7 +47,7 @@ Source side connecting on port 445:
 
 ![Screenshot of frame summary in Network Monitor.](images/tcp-ts-6.png)
 
-Destination side: applying the same filter, you do not see any packets.
+Destination side: applying the same filter, you don't see any packets.
 
 ![Screenshot of frame summary with filter in Network Monitor.](images/tcp-ts-7.png)
 
@@ -59,22 +59,22 @@ For the rest of the data, TCP will retransmit the packets five times.
 
 **Destination 192.168.1.2 side trace:**
      
-You would not see any of the above packets. Engage your network team to investigate with the different hops and see if any of them are potentially causing drops in the network.
+You wouldn't see any of the above packets. Engage your network team to investigate with the different hops and see if any of them are potentially causing drops in the network.
     
-If you are seeing that the SYN packets are reaching the destination, but the destination is still not responding, then verify if the port that you are trying to connect to is in the listening state. (Netstat output will help). If the port is listening and still there is no response, then there could be a wfp drop.  
+If you're seeing that the SYN packets are reaching the destination, but the destination is still not responding, then verify if the port that you're trying to connect to is in the listening state. (Netstat output will help). If the port is listening and still there's no response, then there could be a wfp drop.  
  
 ## Incorrect parameter in the TCP header
  
-You see this behavior when the packets are modified in the network by middle devices and TCP on the receiving end is unable to accept the packet, such as the sequence number being modified, or packets being replayed by middle device by changing the sequence number. Again, the simultaneous network trace on the source and destination will be able to tell you if any of the TCP headers are modified. Start by comparing the source trace and destination trace, you will be able to notice if there is a change in the packets itself or if any new packets are reaching the destination on behalf of the source.  
+You see this behavior when the packets are modified in the network by middle devices and TCP on the receiving end is unable to accept the packet, such as the sequence number being modified, or packets being replayed by middle device by changing the sequence number. Again, the simultaneous network trace on the source and destination will be able to tell you if any of the TCP headers are modified. Start by comparing the source trace and destination trace, you'll be able to notice if there's a change in the packets itself or if any new packets are reaching the destination on behalf of the source.  
  
 In this case, you'll again need help from the network team to identify any device that's modifying packets or replaying packets to the destination. The most common ones are RiverBed devices or WAN accelerators. 
  
      
 ## Application side reset
  
-When you have identified that the resets are not due to retransmits or incorrect parameter or packets being modified with the help of network trace, then you have narrowed it down to application level reset.
+When you've identified that the resets aren't due to retransmits or incorrect parameter or packets being modified with the help of network trace, then you've narrowed it down to application level reset.
     
-The application resets are the ones where you see the Acknowledgment flag set to `1` along with the reset flag. This would mean that the server is acknowledging the receipt of the packet but for some reason it will not accept the connection. This is when the application that received the packet did not like something it received.  
+The application resets are the ones where you see the Acknowledgment flag set to `1` along with the reset flag. This setting would mean that the server is acknowledging the receipt of the packet but for some reason it will not accept the connection. This stage is when the application that received the packet didn't like something it received.  
  
 In the below screenshots, you see that the packets seen on the source and the destination are the same without any modification or any drops, but you see an explicit reset sent by the destination to the source.
     
@@ -86,14 +86,14 @@ In the below screenshots, you see that the packets seen on the source and the de
 
 ![Screenshot of packets on destination side in Network Monitor.](images/tcp-ts-10.png)
 
-You also see an ACK+RST flag packet in a case when the TCP establishment packet SYN is sent out. The TCP SYN packet is sent when the client wants to connect on a particular port, but if the destination/server for some reason does not want to accept the packet, it would send an ACK+RST packet.  
+You also see an ACK+RST flag packet in a case when the TCP establishment packet SYN is sent out. The TCP SYN packet is sent when the client wants to connect on a particular port, but if the destination/server for some reason doesn't want to accept the packet, it would send an ACK+RST packet.  
 
 ![Screenshot of packet flag.](images/tcp-ts-11.png)
 
 The application that's causing the reset (identified by port numbers) should be investigated to understand what is causing it to reset the connection. 
  
 >[!Note]
->The above information is about resets from a TCP standpoint and not UDP. UDP is a connectionless protocol and the packets are sent unreliably. You would not see retransmission or resets when using UDP as a transport protocol. However, UDP makes use of ICMP as a error reporting protocol. When you have the UDP packet sent out on a port and the destination does not have port listed, you will see the destination sending out  **ICMP Destination host unreachable: Port unreachable** message immediately after the UDP packet
+>The above information is about resets from a TCP standpoint and not UDP. UDP is a connectionless protocol and the packets are sent unreliably. You wouldn't see retransmission or resets when using UDP as a transport protocol. However, UDP makes use of ICMP as a error reporting protocol. When you've the UDP packet sent out on a port and the destination does not have port listed, you'll see the destination sending out  **ICMP Destination host unreachable: Port unreachable** message immediately after the UDP packet
  
  
 ```
@@ -103,7 +103,7 @@ The application that's causing the reset (identified by port numbers) should be
 ```
  
  
-During the course of troubleshooting connectivity issue, you might also see in the network trace that a machine receives packets but does not respond to. In such cases, there could be a drop at the server level. To understand whether the local firewall is dropping the packet, enable the firewall auditing on the machine.
+During the troubleshooting connectivity issue, you might also see in the network trace that a machine receives packets but doesn't respond to. In such cases, there could be a drop at the server level. To understand whether the local firewall is dropping the packet, enable the firewall auditing on the machine.
  
 ```
 auditpol /set /subcategory:"Filtering Platform Packet Drop" /success:enable /failure:enable
@@ -113,6 +113,6 @@ You can then review the Security event logs to see for a packet drop on a partic
 
 ![Screenshot of Event Properties.](images/tcp-ts-12.png)
 
-Now, run the command `netsh wfp show state`, this will generate a wfpstate.xml file. After you open this file and filter for the ID that you find in the above event (2944008), you'll be able to see a firewall rule name that's associated with this ID that's blocking the connection.
+Now, run the command `netsh wfp show state`, this execution will generate a wfpstate.xml file. After you open this file and filter for the ID that you find in the above event (2944008), you'll be able to see a firewall rule name that's associated with this ID that's blocking the connection.
 
 ![Screenshot of wfpstate.xml file.](images/tcp-ts-13.png)
diff --git a/windows/client-management/troubleshoot-tcpip-netmon.md b/windows/client-management/troubleshoot-tcpip-netmon.md
index 7bbb4f70f3..aed2257b4d 100644
--- a/windows/client-management/troubleshoot-tcpip-netmon.md
+++ b/windows/client-management/troubleshoot-tcpip-netmon.md
@@ -15,10 +15,10 @@ ms.collection: highpri
 
 # Collect data using Network Monitor
 
-In this article, you will learn how to use Microsoft Network Monitor 3.4, which is a tool for capturing network traffic.
+In this article, you'll learn how to use Microsoft Network Monitor 3.4, which is a tool for capturing network traffic.
 
 > [!NOTE]
-> Network Monitor is the archived protocol analyzer and is no longer under development. Also, Microsoft Message Analyzer (MMA) was retired and its download packages were removed from microsoft.com sites on November 25, 2019. There is currently no Microsoft replacement for Microsoft Message Analyzer in development at this time.  For similar functionality, consider using another, non-Microsoft network protocol analyzer tool. For more details, see [Microsoft Message Analyzer Operating Guide](/message-analyzer/microsoft-message-analyzer-operating-guide).
+> Network Monitor is the archived protocol analyzer and is no longer under development. Also, Microsoft Message Analyzer (MMA) was retired and its download packages were removed from microsoft.com sites on November 25, 2019. There is currently no Microsoft replacement for Microsoft Message Analyzer in development at this time.  For similar functionality, consider using another, non-Microsoft network protocol analyzer tool. For more information, see [Microsoft Message Analyzer Operating Guide](/message-analyzer/microsoft-message-analyzer-operating-guide).
 
 To get started, [download Network Monitor tool](https://www.microsoft.com/download/details.aspx?id=4865). When you install Network Monitor, it installs its driver and hooks it to all the network adapters installed on the device. You can see the same on the adapter properties, as shown in the following image:
 
@@ -36,13 +36,13 @@ When the driver gets hooked to the network interface card (NIC) during installat
 
     ![Image of the New Capture option on menu.](images/tcp-ts-4.png)
 
-3. Reproduce the issue, and you will see that Network Monitor grabs the packets on the wire.
+3. Reproduce the issue, and you'll see that Network Monitor grabs the packets on the wire.
 
     ![Frame summary of network packets.](images/tcp-ts-5.png)
 
 4. Select **Stop**, and go to **File > Save as** to save the results. By default, the file will be saved as a ".cap" file.
 
-The saved file has captured all the traffic that is flowing to and from the selected network adapters on the local computer. However, your interest is only to look into the traffic/packets that are related to the specific connectivity problem you are facing. So you will need to filter the network capture to see only the related traffic. 
+The saved file has captured all the traffic that is flowing to and from the selected network adapters on the local computer. However, your interest is only to look into the traffic/packets that are related to the specific connectivity problem you're facing. So you'll need to filter the network capture to see only the related traffic. 
  
 **Commonly used filters**
  
@@ -58,7 +58,7 @@ The saved file has captured all the traffic that is flowing to and from the sele
 >[!TIP]
 >If you want to filter the capture for a specific field and do not know the syntax for that filter, just right-click that field and select **Add *the selected value* to Display Filter**. 
  
-Network traces which are collected using the **netsh** commands built in to Windows are of the extension "ETL". However, these ETL files can be opened using Network Monitor for further analysis. 
+Network traces that are collected using the **netsh** commands built in to Windows are of the extension "ETL". However, these ETL files can be opened using Network Monitor for further analysis. 
 
 ## More information
 
diff --git a/windows/client-management/troubleshoot-tcpip-port-exhaust.md b/windows/client-management/troubleshoot-tcpip-port-exhaust.md
index 638044c3aa..938136edad 100644
--- a/windows/client-management/troubleshoot-tcpip-port-exhaust.md
+++ b/windows/client-management/troubleshoot-tcpip-port-exhaust.md
@@ -19,16 +19,16 @@ TCP and UDP protocols work based on port numbers used for establishing connectio
  
 There are two types of ports:
 
-- *Ephemeral ports*, which are usually dynamic ports, are the set of ports that every machine by default will have them to make an outbound connection.
+- *Ephemeral ports*, which are dynamic ports, are the set of ports that every machine by default will have them to make an outbound connection.
 - *Well-known ports* are the defined port for a particular application or service. For example, file server service is on port 445, HTTPS is 443, HTTP is 80, and RPC is 135. Custom application will also have their defined port numbers.
  
-When connecting to an application or service, client devices use an ephemeral port from the device to connect to a well-known port defined for that application or service. A browser on a client machine will use an ephemeral port to connect to `https://www.microsoft.com` on port 443.
+When a connection is being established with an application or service, client devices use an ephemeral port from the device to connect to a well-known port defined for that application or service. A browser on a client machine will use an ephemeral port to connect to `https://www.microsoft.com` on port 443.
  
-In a scenario where the same browser is creating a lot of connections to multiple websites, for any new connection that the browser is attempting, an ephemeral port is used. After some time, you will notice that the connections will start to fail and one high possibility for this would be because the browser has used all the available ports to make connections outside and any new attempt to establish a connection will fail as there are no more ports available. When all the ports on a machine are used, we term it as *port exhaustion*. 
+In a scenario where the same browser is creating many connections to multiple websites, for any new connection that the browser is attempting, an ephemeral port is used. After some time, you'll notice that the connections will start to fail and one high possibility for this failure would be because the browser has used all the available ports to make connections outside and any new attempt to establish a connection will fail as there are no more ports available. When all the ports on a machine are used, we term it as *port exhaustion*. 
  
 ## Default dynamic port range for TCP/IP
  
-To comply with [Internet Assigned Numbers Authority (IANA)](http://www.iana.org/assignments/port-numbers) recommendations, Microsoft has increased the dynamic client port range for outgoing connections. The new default start port is **49152**, and the new default end port is **65535**. This is a change from the configuration of earlier versions of Windows that used a default port range of **1025** through **5000**. 
+To comply with [Internet Assigned Numbers Authority (IANA)](http://www.iana.org/assignments/port-numbers) recommendations, Microsoft has increased the dynamic client port range for outgoing connections. The new default start port is **49152**, and the new default end port is **65535**. This increase is a change from the configuration of earlier versions of Windows that used a default port range of **1025** through **5000**. 
  
 You can view the dynamic port range on a computer by using the following netsh commands: 
 
@@ -51,13 +51,13 @@ The start port is number, and the total number of ports is range. The following
 - `netsh int ipv6 set dynamicport tcp start=10000 num=1000`
 - `netsh int ipv6 set dynamicport udp start=10000 num=1000`
  
-These sample commands set the dynamic port range to start at port 10000 and to end at port 10999 (1000 ports). The minimum range of ports that can be set is 255. The minimum start port that can be set is 1025. The maximum end port (based on the range being configured) cannot exceed 65535. To duplicate the default behavior of Windows Server 2003, use 1025 as the start port, and then use 3976 as the range for both TCP and UDP. This results in a start port of 1025 and an end port of 5000.
+These sample commands set the dynamic port range to start at port 10000 and to end at port 10999 (1000 ports). The minimum range of ports that can be set is 255. The minimum start port that can be set is 1025. The maximum end port (based on the range being configured) can't exceed 65535. To duplicate the default behavior of Windows Server 2003, use 1025 as the start port, and then use 3976 as the range for both TCP and UDP. This usage pattern results in a start port of 1025 and an end port of 5000.
  
-Specifically, about outbound connections as incoming connections will not require an Ephemeral port for accepting connections.
+Specifically, about outbound connections as incoming connections won't require an Ephemeral port for accepting connections.
  
-Since outbound connections start to fail, you will see a lot of the below behaviors:
+Since outbound connections start to fail, you'll see many instances of the below behaviors:
  
-- Unable to sign in to the machine with domain credentials, however sign-in with local account works. Domain sign-in will require you to contact the DC for authentication which is again an outbound connection. If you have cache credentials set, then domain sign-in might still work.
+- Unable to sign in to the machine with domain credentials, however sign-in with local account works. Domain sign in will require you to contact the DC for authentication, which is again an outbound connection. If you've cache credentials set, then domain sign-in might still work.
 
     :::image type="content" alt-text="Screenshot of error for NETLOGON in Event Viewer." source="images/tcp-ts-14.png" lightbox="images/tcp-ts-14.png":::
 
@@ -79,9 +79,9 @@ Reboot of the server will resolve the issue temporarily, but you would see all t
 
 If you suspect that the machine is in a state of port exhaustion: 
  
-1. Try making an outbound connection. From the server/machine, access a remote share or try an RDP to another server or telnet to a server on a port. If the outbound connection fails for all of these, go to the next step.
+1. Try making an outbound connection. From the server/machine, access a remote share or try an RDP to another server or telnet to a server on a port. If the outbound connection fails for all of these options, go to the next step.
 
-2. Open event viewer and under the system logs, look for the events which clearly indicate the current state: 
+2. Open event viewer and under the system logs, look for the events that clearly indicate the current state: 
 
     1. **Event ID 4227**
 
@@ -95,12 +95,12 @@ If you suspect that the machine is in a state of port exhaustion:
 
     ![Screenshot of netstate command output.](images/tcp-ts-20.png)
 
-    After a graceful closure or an abrupt closure of a session, after a period of 4 minutes (default), the port used by the process or application would be released back to the available pool. During this 4 minutes, the TCP connection state will be TIME_WAIT state. In a situation where you suspect port exhaustion, an application or process will not be able to release all the ports that it has consumed and will remain in the TIME_WAIT state.
+    After a graceful closure or an abrupt closure of a session, after a period of 4 minutes (default), the port used by the process or application would be released back to the available pool. During this 4 minutes, the TCP connection state will be TIME_WAIT state. In a situation where you suspect port exhaustion, an application or process won't be able to release all the ports that it has consumed and will remain in the TIME_WAIT state.
      
-    You might also see CLOSE_WAIT state connections in the same output; however, CLOSE_WAIT state is a state when one side of the TCP peer has no more data to send (FIN sent) but is able to receive data from the other end. This state does not necessarily indicate port exhaustion.
+    You might also see CLOSE_WAIT state connections in the same output; however, CLOSE_WAIT state is a state when one side of the TCP peer has no more data to send (FIN sent) but is able to receive data from the other end. This state doesn't necessarily indicate port exhaustion.
      
     > [!Note]
-    > Having huge connections in TIME_WAIT state does not always indicate that the server is currently out of ports unless the first two points are verified. Having lot of TIME_WAIT connections does indicate that the process is creating lot of TCP connections and may eventually lead to port exhaustion.
+    > Having huge connections in TIME_WAIT state doesn't always indicate that the server is currently out of ports unless the first two points are verified. Having lot of TIME_WAIT connections does indicate that the process is creating lot of TCP connections and may eventually lead to port exhaustion.
     >
     > Netstat has been updated in Windows 10 with the addition of the **-Q** switch to show ports that have transitioned out of time wait as in the BOUND state.  An update for Windows 8.1 and Windows Server 2012 R2 has been released that contains this functionality. The PowerShell cmdlet `Get-NetTCPConnection` in Windows 10 also shows these BOUND ports.
     >
@@ -112,7 +112,7 @@ If you suspect that the machine is in a state of port exhaustion:
    Netsh trace start scenario=netconnection capture=yes tracefile=c:\Server.etl
    ```
 
-5. Open the server.etl file with [Network Monitor](troubleshoot-tcpip-netmon.md) and in the filter section, apply the filter **Wscore_MicrosoftWindowsWinsockAFD.AFD_EVENT_BIND.Status.LENTStatus.Code == 0x209**. You should see entries which say **STATUS_TOO_MANY_ADDRESSES**. If you do not find any entries, then the server is still not out of ports. If you find them, then you can confirm that the server is under port exhaustion.
+5. Open the server.etl file with [Network Monitor](troubleshoot-tcpip-netmon.md) and in the filter section, apply the filter **Wscore_MicrosoftWindowsWinsockAFD.AFD_EVENT_BIND.Status.LENTStatus.Code == 0x209**. You should see entries that say **STATUS_TOO_MANY_ADDRESSES**. If you don't find any entries, then the server is still not out of ports. If you find them, then you can confirm that the server is under port exhaustion.
  
 ## Troubleshoot Port exhaustion
  
@@ -120,30 +120,30 @@ The key is to identify which process or application is using all the ports. Belo
  
 ### Method 1
 
-Start by looking at the netstat output. If you are using Windows 10 or Windows Server 2016, then you can run the command `netstat -anobq` and check for the process ID which has maximum entries as BOUND. Alternately, you can also run the below PowerShell command to identify the process:
+Start by looking at the netstat output. If you're using Windows 10 or Windows Server 2016, then you can run the command `netstat -anobq` and check for the process ID that has maximum entries as BOUND. Alternately, you can also run the below PowerShell command to identify the process:
 
 ```powershell
 Get-NetTCPConnection | Group-Object -Property State, OwningProcess | Select -Property Count, Name, @{Name="ProcessName";Expression={(Get-Process -PID ($_.Name.Split(',')[-1].Trim(' '))).Name}}, Group | Sort Count -Descending 
 ```
 
-Most port leaks are caused by user-mode processes not correctly closing the ports when an error was encountered. At the user-mode level ports (actually sockets) are handles. Both **TaskManager** and **ProcessExplorer** are able to display handle counts which allows you to identify which process is consuming all of the ports.
+Most port leaks are caused by user-mode processes not correctly closing the ports when an error was encountered. At the user-mode level, ports (actually sockets) are handles. Both **TaskManager** and **ProcessExplorer** are able to display handle counts, which allows you to identify which process is consuming all of the ports.
  
 For Windows 7 and Windows Server 2008 R2, you can update your PowerShell version to include the above cmdlet. 
  
 ### Method 2
 
-If method 1 does not help you identify the process (prior to Windows 10 and Windows Server 2012 R2), then have a look at Task Manager: 
+If method 1 doesn't help you identify the process (prior to Windows 10 and Windows Server 2012 R2), then have a look at Task Manager: 
 
 1. Add a column called “handles” under details/processes.
 2. Sort the column handles to identify the process with the highest number of handles. Usually the process with handles greater than 3000 could be the culprit except for processes like System, lsass.exe, store.exe, sqlsvr.exe.
 
     ![Screenshot of handles column in Windows Task Maner.](images/tcp-ts-21.png)
 
-3. If any other process than these has a higher number, stop that process and then try to login using domain credentials and see if it succeeds.
+3. If any other process than these processes has a higher number, stop that process and then try to sign in using domain credentials and see if it succeeds.
  
 ### Method 3
 
-If Task Manager did not help you identify the process, then use Process Explorer to investigate the issue.
+If Task Manager didn't help you identify the process, then use Process Explorer to investigate the issue.
  
 Steps to use Process explorer: 
 
@@ -160,9 +160,9 @@ Steps to use Process explorer:
 
     :::image type="content" alt-text="Screenshot of Process Explorer." source="images/tcp-ts-22.png" lightbox="images/tcp-ts-22.png":::
 
-10. Some are normal, but large numbers of them are not (hundreds to thousands). Close the process in question. If that restores outbound connectivity, then you have further proven that the app is the cause. Contact the vendor of that app.
+10. Some are normal, but large numbers of them aren't (hundreds to thousands). Close the process in question. If that restores outbound connectivity, then you've further proven that the app is the cause. Contact the vendor of that app.
  
-Finally, if the above methods did not help you isolate the process, we suggest you collect a complete memory dump of the machine in the issue state. The dump will tell you which process has the maximum handles.
+Finally, if the above methods didn't help you isolate the process, we suggest you collect a complete memory dump of the machine in the issue state. The dump will tell you which process has the maximum handles.
  
 As a workaround, rebooting the computer will get it back in normal state and would help you resolve the issue for the time being. However, when a reboot is impractical, you can also consider increasing the number of ports on the machine using the below commands:
 
@@ -170,10 +170,10 @@ As a workaround, rebooting the computer will get it back in normal state and wou
 netsh int ipv4 set dynamicport tcp start=10000 num=1000
 ```
 
-This will set the dynamic port range to start at port 10000 and to end at port 10999 (1000 ports). The minimum range of ports that can be set is 255. The minimum start port that can be set is 1025. The maximum end port (based on the range being configured) cannot exceed 65535.
+This command will set the dynamic port range to start at port 10000 and to end at port 10999 (1000 ports). The minimum range of ports that can be set is 255. The minimum start port that can be set is 1025. The maximum end port (based on the range being configured) can't exceed 65535.
  
 >[!NOTE]
->Note that increasing the dynamic port range is not a permanent solution but only temporary. You will need to track down which process/processors are consuming max number of ports and troubleshoot from that process standpoint as to why its consuming such high number of ports. 
+>Note that increasing the dynamic port range is not a permanent solution but only temporary. You'll need to track down which process/processors are consuming max number of ports and troubleshoot from that process standpoint as to why it's consuming such high number of ports. 
 
 For Windows 7 and Windows Server 2008 R2, you can use the below script to collect the netstat output at defined frequency. From the outputs, you can see the port usage trend.
 
@@ -196,5 +196,5 @@ goto loop
 ## Useful links
 
 - [Port Exhaustion and You!](/archive/blogs/askds/port-exhaustion-and-you-or-why-the-netstat-tool-is-your-friend) - this article gives a detail on netstat states and how you can use netstat output to determine the port status
-- [Detecting ephemeral port exhaustion](/archive/blogs/yongrhee/windows-server-2012-r2-ephemeral-ports-a-k-a-dynamic-ports-hotfixes): this article has a script which will run in a loop to report the port status. (Applicable for Windows 2012 R2, Windows 8, Windows 10 and Windows 11)
+- [Detecting ephemeral port exhaustion](/archive/blogs/yongrhee/windows-server-2012-r2-ephemeral-ports-a-k-a-dynamic-ports-hotfixes): this article has a script that will run in a loop to report the port status. (Applicable for Windows 2012 R2, Windows 8, Windows 10 and Windows 11)
 
diff --git a/windows/client-management/troubleshoot-tcpip-rpc-errors.md b/windows/client-management/troubleshoot-tcpip-rpc-errors.md
index 6601c0c57d..b5ef8d16f6 100644
--- a/windows/client-management/troubleshoot-tcpip-rpc-errors.md
+++ b/windows/client-management/troubleshoot-tcpip-rpc-errors.md
@@ -19,7 +19,7 @@ You might encounter an **RPC server unavailable** error when connecting to Windo
 
 ![The following error has occurred: the RPC server is unavailable.](images/rpc-error.png)
 
-This is a commonly encountered error message in the networking world and one can lose hope very fast without trying to understand much, as to what is happening ‘under the hood’. 
+This message is a commonly encountered error message in the networking world and one can lose hope fast without trying to understand much, as to what is happening ‘under the hood’. 
 
 Before getting in to troubleshooting the <em>*RPC server unavailable</em>- error, let’s first understand basics about the error. There are a few important terms to understand:
 
@@ -29,7 +29,7 @@ Before getting in to troubleshooting the <em>*RPC server unavailable</em>- error
 - UUID – a well-known GUID that identifies the RPC application. The UUID is what you use to see a specific kind of RPC application conversation, as there are likely to be many.
 - Opnum – the identifier of a function that the client wants the server to execute. It’s just a hexadecimal number, but a good network analyzer will translate the function for you. If neither knows, your application vendor must tell you.
 - Port – the communication endpoints for the client and server applications.
-- Stub data – the information given to functions and data exchanged between the client and server. This is the payload, the important part.
+- Stub data – the information given to functions and data exchanged between the client and server. This data is the payload, the important part.
  
 >[!Note]
 > A lot of the above information is used in troubleshooting, the most important is the Dynamic RPC port number you get while talking to EPM.
@@ -47,10 +47,10 @@ Remote Procedure Call (RPC) dynamic port allocation is used by server applicatio
  
 Customers using firewalls may want to control which ports RPC is using so that their firewall router can be configured to forward only these Transmission Control Protocol (UDP and TCP) ports. Many RPC servers in Windows let you specify the server port in custom configuration items such as registry entries. When you can specify a dedicated server port, you know what traffic flows between the hosts across the firewall, and you can define what traffic is allowed in a more directed manner.
  
-As a server port, please choose a port outside of the range you may want to specify below. You can find a comprehensive list of server ports that are used in Windows and major Microsoft products in the article [Service overview and network port requirements for Windows](/troubleshoot/windows-server/networking/service-overview-and-network-port-requirements).
+As a server port, choose a port outside of the range you may want to specify below. You can find a comprehensive list of server ports that are used in Windows and major Microsoft products in the article [Service overview and network port requirements for Windows](/troubleshoot/windows-server/networking/service-overview-and-network-port-requirements).
 The article also lists the RPC servers and which RPC servers can be configured to use custom server ports beyond the facilities the RPC runtime offers. 
  
-Some firewalls also allow for UUID filtering where it learns from a RPC Endpoint Mapper request for a RPC interface UUID. The response has the server port number, and a subsequent RPC Bind on this port is then allowed to pass.
+Some firewalls also allow for UUID filtering where it learns from an RPC Endpoint Mapper request for an RPC interface UUID. The response has the server port number, and a subsequent RPC Bind on this port is then allowed to pass.
  
 With Registry Editor, you can modify the following parameters for RPC. The RPC Port key values discussed below are all located in the following key in the registry:
  
@@ -58,11 +58,11 @@ With Registry Editor, you can modify the following parameters for RPC. The RPC P
 
 **Ports REG_MULTI_SZ**
  
-- Specifies a set of IP port ranges consisting of either all the ports available from the Internet or all the ports not available from the Internet. Each string represents a single port or an inclusive set of ports. For example, a single port may be represented by **5984**, and a set of ports may be represented by **5000-5100**. If any entries are outside the range of 0 to 65535, or if any string cannot be interpreted, the RPC runtime treats the entire configuration as invalid.
+- Specifies a set of IP port ranges consisting of either all the ports available from the Internet or all the ports not available from the Internet. Each string represents a single port or an inclusive set of ports. For example, a single port may be represented by **5984**, and a set of ports may be represented by **5000-5100**. If any entries are outside the range of 0 to 65535, or if any string can't be interpreted, the RPC runtime treats the entire configuration as invalid.
  
 **PortsInternetAvailable REG_SZ Y or N (not case-sensitive)**
  
-- If Y, the ports listed in the Ports key are all the Internet-available ports on that computer. If N, the ports listed in the Ports key are all those ports that are not Internet-available.
+- If Y, the ports listed in the Ports key are all the Internet-available ports on that computer. If N, the ports listed in the Ports key are all those ports that aren't Internet-available.
  
 **UseInternetPorts REG_SZ ) Y or N (not case-sensitive)**
  
@@ -72,7 +72,7 @@ With Registry Editor, you can modify the following parameters for RPC. The RPC P
  
 **Example:**
 
-In this example ports 5000 through 6000 inclusive have been arbitrarily selected to help illustrate how the new registry key can be configured. This is not a recommendation of a minimum number of ports needed for any particular system.
+In this example, ports 5000 through 6000 inclusive have been arbitrarily selected to help illustrate how the new registry key can be configured. This example isn't a recommendation of a minimum number of ports needed for any particular system.
 
 1. Add the Internet key under: HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc
 
@@ -108,13 +108,13 @@ If you would like to do a deep dive as to how it works, see [RPC over IT/Pro](ht
  
 ### PortQuery
 
-The best thing to always troubleshoot RPC issues before even getting in to traces is by making use of tools like **PortQry**. You can quickly determine if you are able to make a connection by running the command:
+The best thing to always troubleshoot RPC issues before even getting in to traces is by making use of tools like **PortQry**. You can quickly determine if you're able to make a connection by running the command:
 
 ```console
 Portqry.exe -n <ServerIP> -e 135
 ``` 
  
-This would give you a lot of output to look for, but you should be looking for <em>*ip_tcp</em>- and the port number in the brackets, which tells whether you were successfully able to get a dynamic port from EPM and also make a connection to it. If the above fails, you can typically start collecting simultaneous network traces. Something like this from the output of “PortQry”:
+This command would give you much of the output to look for, but you should be looking for <em>*ip_tcp</em>- and the port number in the brackets, which tells whether you were successfully able to get a dynamic port from EPM and also make a connection to it. If the above fails, you can typically start collecting simultaneous network traces. Something like this from the output of “PortQry”:
 
 ```console
 Portqry.exe -n 169.254.0.2 -e 135
@@ -138,7 +138,7 @@ The one in bold is the ephemeral port number that you made a connection to succe
  
 ### Netsh
 
-You can run the commands below to leverage Windows inbuilt netsh captures, to collect a simultaneous trace. Remember to execute the below on an “Admin CMD”, it requires elevation.
+You can run the commands below to use Windows inbuilt netsh captures, to collect a simultaneous trace. Remember to execute the below on an “Admin CMD”, it requires elevation.
  
 - On the client
 
@@ -164,30 +164,30 @@ Open the traces in [Microsoft Network Monitor 3.4](troubleshoot-tcpip-netmon.md)
 
 - Look for the “EPM” Protocol Under the “Protocol” column.
 
-- Now check if you are getting a response from the server. If you get a response, note the dynamic port number that you have been allocated to use.
+- Now check if you're getting a response from the server. If you get a response, note the dynamic port number that you've been allocated to use.
 
   :::image type="content" alt-text="Screenshot of Network Monitor with dynamic port highlighted." source="images/tcp-ts-23.png" lightbox="images/tcp-ts-23.png":::
 
-- Check if we are connecting successfully to this Dynamic port successfully.
+- Check if we're connecting successfully to this Dynamic port successfully.
 
 - The filter should be something like this: `tcp.port==<dynamic-port-allocated>` and `ipv4.address==<server-ip>` 
 
   :::image type="content" alt-text="Screenshot of Network Monitor with filter applied." source="images/tcp-ts-24.png" lightbox="images/tcp-ts-24.png":::
 
-This should help you verify the connectivity and isolate if any network issues are seen.
+This filter should help you verify the connectivity and isolate if any network issues are seen.
 
 
 ### Port not reachable
 
-The most common reason why we would see the RPC server unavailable is when the dynamic port that the client tries to connect is not reachable. The client side trace would then show TCP SYN retransmits for the dynamic port.
+The most common reason why we would see the RPC server unavailable is when the dynamic port that the client tries to connect isn't reachable. The client side trace would then show TCP SYN retransmits for the dynamic port.
  
 :::image type="content" alt-text="Screenshot of Network Monitor with TCP SYN retransmits." source="images/tcp-ts-25.png" lightbox="images/tcp-ts-25.png":::
  
-The port cannot be reachable due to one of the following reasons:
+The port can't be reachable due to one of the following reasons:
 
 - The dynamic port range is blocked on the firewall in the environment. 
 - A middle device is dropping the packets. 
-- The destination server is dropping the packets (WFP drop / NIC drop/ Filter driver etc).
+- The destination server is dropping the packets (WFP drop / NIC drop/ Filter driver etc.).
 
 
 
diff --git a/windows/client-management/troubleshoot-windows-freeze.md b/windows/client-management/troubleshoot-windows-freeze.md
index 9d73bacae3..c5605425da 100644
--- a/windows/client-management/troubleshoot-windows-freeze.md
+++ b/windows/client-management/troubleshoot-windows-freeze.md
@@ -25,7 +25,7 @@ This article describes how to troubleshoot freeze issues on Windows-based comput
 *   Which computer is freezing? (Example: The impacted computer is a physical server, virtual server, and so on.) 
 *   What operation was being performed when the freezes occurred? (Example: This issue occurs when you shut down GUI, perform one or more operations, and so on.) 
 *   How often do the errors occur? (Example: This issue occurs every night at 7 PM, every day around 7 AM, and so on.) 
-*   On how many computers does this occur? (Example: All computers, only one computer, 10 computers, and so on.) 
+*   On how many computers does this freeze occur? (Example: All computers, only one computer, 10 computers, and so on.) 
 
 ## Troubleshoot the freeze issues  
 
@@ -36,7 +36,7 @@ To troubleshoot the freeze issues, check the current status of your computer, an
 If the physical computer or the virtual machine is still freezing, use one or more of the following methods for troubleshooting: 
 
 *   Try to access the computer through Remote Desktop, Citrix, and so on. 
-*   Use the domain account or local administrator account to log on the computer by using one of the Remote Physical Console Access features, such as Dell Remote Access Card (DRAC), HP Integrated Lights-Out (iLo), or IBM Remote supervisor adapter (RSA). 
+*   Use the domain account or local administrator account to sign in to the computer by using one of the Remote Physical Console Access features, such as Dell Remote Access Card (DRAC), HP Integrated Lights-Out (iLo), or IBM Remote supervisor adapter (RSA). 
 *   Test ping to the computer. Packet dropping and high network latency may be observed. 
 *   Access administrative shares (\\\\**ServerName**\\c$). 
 *   Press Ctrl + Alt + Delete command and check response. 
@@ -50,7 +50,7 @@ If the physical computer or virtual machine froze but is now running in a good s
 
 *   Review the System and Application logs from the computer that is having the issue. Check the event logs for the relevant Event ID:
 
-    - Application event log : Application Error (suggesting Crash or relevant System Process)
+    - Application event log: Application Error (suggesting Crash or relevant System Process)
     - System Event logs, Service Control Manager Error event IDs for Critical System Services
     - Error Event IDs 2019/2020 with source Srv/Server
 
@@ -88,7 +88,7 @@ If the computer is no longer frozen and now is running in a good state, use the
 > If you have a restart feature that is enabled on the computer, such as the Automatic System Restart (ASR) feature in Compaq computers, disable it. This setting is usually found in the BIOS. With this feature enabled, if the BIOS doesn't detect a heartbeat from the operating system, it will restart the computer. The restart can interrupt the dump process.   
 
 
-1. Make sure that the computer is set up to get a complete memory dump file. To do this, follow these steps: 
+1. Ensure that the computer is set up to get a complete memory dump file. To do this setup, follow these steps:
 
    1.  Go to **Run** and enter `Sysdm.cpl`, and then press enter.
     
@@ -108,9 +108,9 @@ If the computer is no longer frozen and now is running in a good state, use the
 
        Additionally, you can use the workaround for [space limitations on the system drive in Windows Server 2008](#space-limitations-on-the-system-drive-in-windows-server-2008). 
 
-   6.  Make sure that there's more available space on the system drive than there is physical RAM. 
+   6.  Make sure that there's more available space on the system drive than there's physical RAM. 
 
-2. Enable the CrashOnCtrlScroll registry value to allow the system to generate a dump file by using the keyboard. To do this, follow these steps: 
+2. Enable the CrashOnCtrlScroll registry value to allow the system to generate a dump file by using the keyboard. To do this enablement, follow these steps: 
 
    1. Go to Registry Editor, and then locate the following registry keys: 
 
@@ -144,7 +144,7 @@ If the computer is no longer frozen and now is running in a good state, use the
 
 ### Method 2: Data sanity check 
 
-Use the Dump Check Utility (Dumpchk.exe) to read a memory dump file or verify that the file was created correctly. You can use the Microsoft DumpChk (Crash Dump File Checker) tool to verify that the memory dump files are not corrupted or invalid. 
+Use the Dump Check Utility (Dumpchk.exe) to read a memory dump file or verify that the file was created correctly. You can use the Microsoft DumpChk (Crash Dump File Checker) tool to verify that the memory dump files aren't corrupted or invalid. 
 
 - [Using DumpChk](/windows-hardware/drivers/debugger/dumpchk)
 - [Download DumpCheck](https://developer.microsoft.com/windows/downloads/windows-10-sdk)
@@ -194,7 +194,7 @@ The Performance Monitor log is located in the path: C:\PERFLOGS
 If the physical computer is still running in a frozen state, follow these steps to enable and collect memory dump: 
 
 
-1. Make sure that the computer is set up to get a complete memory dump file and that you can access it through the network. To do this, follow these steps:   
+1. Ensure that the computer is set up to get a complete memory dump file and that you can access it through the network. To do this setup, follow these steps:   
    > [!NOTE]
    > If it isn't possible to access the affected computer through the network, try to generate a memory dump file through NMI interruption. The result of the action may not collect a memory dump file if some of the following settings aren't qualified.   
 
@@ -222,11 +222,11 @@ If the physical computer is still running in a frozen state, follow these steps
         > [!NOTE]
         > If the size isn't reflected in the Registry, try to access an Administrative share where the page file is located (such as \\\\**ServerName**\C$). 
 
-   3. Make sure that there's a paging file (pagefile.sys) on the system drive of the computer, and it's at least 100 MB over the installed RAM. 
+   3. Ensure that there's a paging file (pagefile.sys) on the system drive of the computer, and it's at least 100 MB over the installed RAM. 
 
-   4. Make sure that there's more free space on the hard disk drives of the computer than there is physical RAM. 
+   4. Ensure that there's more free space on the hard disk drives of the computer than there's physical RAM. 
 
-2. Enable the **CrashOnCtrlScroll** registry value on the computer to allow the system to generate a dump file by using the keyboard. To do this, follow these steps: 
+2. Enable the **CrashOnCtrlScroll** registry value on the computer to allow the system to generate a dump file by using the keyboard. To do this enablement, follow these steps: 
 
    1.  From a remote computer preferably in the same network and subnet, go to Registry Editor \> Connect Network Registry. Connect to the concerned computer and locate the following registry keys: 
 
diff --git a/windows/client-management/windows-10-support-solutions.md b/windows/client-management/windows-10-support-solutions.md
index ef2b5a09cc..2c423bfbc7 100644
--- a/windows/client-management/windows-10-support-solutions.md
+++ b/windows/client-management/windows-10-support-solutions.md
@@ -16,7 +16,7 @@ ms.topic: troubleshooting
 
 Microsoft regularly releases both updates for Windows Server. To ensure your servers can receive future updates, including security updates, it's important to keep your servers updated. Check out - [Windows 10 and Windows Server 2016 update history](https://support.microsoft.com/en-us/help/4000825/windows-10-windows-server-2016-update-history) for a complete list of released updates.
 
-This section contains advanced troubleshooting topics and links to help you resolve issues with Windows 10 in an enterprise or IT pro environment. Additional topics will be added as they become available.
+This section contains advanced troubleshooting topics and links to help you resolve issues with Windows 10 in an enterprise or IT pro environment. More topics will be added as they become available.
 
 ## Troubleshoot 802.1x Authentication
 - [Advanced Troubleshooting 802.1X Authentication](./advanced-troubleshooting-802-authentication.md)
@@ -24,12 +24,12 @@ This section contains advanced troubleshooting topics and links to help you reso
 
 ## Troubleshoot BitLocker
 - [Guidelines for troubleshooting BitLocker](/windows/security/information-protection/bitlocker/troubleshoot-bitlocker)
-- [BitLocker cannot encrypt a drive: known issues](/windows/security/information-protection/bitlocker/ts-bitlocker-cannot-encrypt-issues)
+- [BitLocker can't encrypt a drive: known issues](/windows/security/information-protection/bitlocker/ts-bitlocker-cannot-encrypt-issues)
 - [Enforcing BitLocker policies by using Intune: known issues](/windows/security/information-protection/bitlocker/ts-bitlocker-intune-issues)
 - [BitLocker Network Unlock: known issues](/windows/security/information-protection/bitlocker/ts-bitlocker-network-unlock-issues)
 - [BitLocker recovery: known issues](/windows/security/information-protection/bitlocker/ts-bitlocker-recovery-issues)
 - [BitLocker configuration: known issues](/windows/security/information-protection/bitlocker/ts-bitlocker-config-issues)
-- [BitLocker cannot encrypt a drive: known TPM issues](/windows/security/information-protection/bitlocker/ts-bitlocker-cannot-encrypt-tpm-issues)
+- [BitLocker can't encrypt a drive: known TPM issues](/windows/security/information-protection/bitlocker/ts-bitlocker-cannot-encrypt-tpm-issues)
 - [BitLocker and TPM: other known issues](/windows/security/information-protection/bitlocker/ts-bitlocker-tpm-issues)
 - [Decode Measured Boot logs to track PCR changes](/windows/security/information-protection/bitlocker/ts-bitlocker-decode-measured-boot-logs)
 - [BitLocker frequently asked questions (FAQ)](/windows/security/information-protection/bitlocker/bitlocker-frequently-asked-questions)
@@ -110,7 +110,7 @@ This section contains advanced troubleshooting topics and links to help you reso
 - [Windows Update log files](/windows/deployment/update/windows-update-logs)
 - [Windows Update troubleshooting](/windows/deployment/update/windows-update-troubleshooting)
 - [Windows Update common errors and mitigation](/windows/deployment/update/windows-update-errors)
-- [Windows Update - Additional resources](/windows/deployment/update/windows-update-resources)
+- [Windows Update - More resources](/windows/deployment/update/windows-update-resources)
 - [Get started with Windows Update](/windows/deployment/update/windows-update-overview)
 - [Servicing stack updates](/windows/deployment/update/servicing-stack-updates)
 

From b4a0cc7e713080593ebb4599b438a50f075a852b Mon Sep 17 00:00:00 2001
From: Diana Hanson <v-dihans@microsoft.com>
Date: Mon, 25 Apr 2022 11:03:35 -0600
Subject: [PATCH 106/123] Update
 windows/deployment/update/waas-servicing-channels-windows-10-updates.md

---
 .../update/waas-servicing-channels-windows-10-updates.md        | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/update/waas-servicing-channels-windows-10-updates.md b/windows/deployment/update/waas-servicing-channels-windows-10-updates.md
index 7bb54c0c01..7e049263a6 100644
--- a/windows/deployment/update/waas-servicing-channels-windows-10-updates.md
+++ b/windows/deployment/update/waas-servicing-channels-windows-10-updates.md
@@ -63,7 +63,7 @@ The **Branch Readiness Level** settings allow you to choose between preview flig
 * Group Policy: **Computer Configuration/Administrative Templates/Windows Components/Windows Update/ Windows Update for Business** - *Select when Preview Builds and feature updates are received*
 * MDM: **Update/BranchReadinessLevel**
 
-For more information, see [Windows Insider Program for Business](/windows-insider/business/register)
+For more information, see [Windows Insider Program for Business](/windows-insider/business/register).
 
 ## Block access to Windows Insider Program
 

From a4d0b5286868609ed07873f71ff273d3cd1083b6 Mon Sep 17 00:00:00 2001
From: Diana Hanson <v-dihans@microsoft.com>
Date: Mon, 25 Apr 2022 11:04:09 -0600
Subject: [PATCH 107/123] Update
 windows/deployment/planning/windows-10-deprecated-features.md

---
 windows/deployment/planning/windows-10-deprecated-features.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/planning/windows-10-deprecated-features.md b/windows/deployment/planning/windows-10-deprecated-features.md
index 96e006950e..febbb80275 100644
--- a/windows/deployment/planning/windows-10-deprecated-features.md
+++ b/windows/deployment/planning/windows-10-deprecated-features.md
@@ -46,7 +46,7 @@ The features described below are no longer being actively developed, and might b
 | Wi-Fi WEP and TKIP | Since the 1903 release, a warning message has appeared when connecting to Wi-Fi networks secured with WEP or TKIP (which are not as secure as those using WPA2 or WPA3). In a future release, any connection to a Wi-Fi network using these old ciphers will be disallowed. Wi-Fi routers should be updated to use AES ciphers, available with WPA2 or WPA3. | 1903 |
 | Windows To Go | Windows To Go is no longer being developed. <br><br>The feature does not support feature updates and therefore does not enable you to stay current. It also requires a specific type of USB that is no longer supported by many OEMs.|  1903 |
 | Print 3D app | Going forward, 3D Builder is the recommended 3D printing app. To 3D print objects on new Windows devices, customers must first install 3D Builder from the Store.| 1903 |
-|Companion device dynamic lock APIS|The companion device framework (CDF) APIs enable wearables and other devices to unlock a PC. In Windows 10, version 1709, we introduced [Dynamic Lock](/windows/security/identity-protection/hello-for-business/hello-feature-dynamic-lock.md), including an inbox method using Bluetooth to detect whether a user is present and lock or unlock the PC. Because of this, and because non-Microsoft partners didn't adopt the CDF method, we're no longer developing CDF Dynamic Lock APIs.| 1809 |
+|Companion device dynamic lock APIS|The companion device framework (CDF) APIs enable wearables and other devices to unlock a PC. In Windows 10, version 1709, we introduced [Dynamic Lock](/windows/security/identity-protection/hello-for-business/hello-feature-dynamic-lock), including an inbox method using Bluetooth to detect whether a user is present and lock or unlock the PC. Because of this, and because non-Microsoft partners didn't adopt the CDF method, we're no longer developing CDF Dynamic Lock APIs.| 1809 |
 |OneSync service|The OneSync service synchronizes data for the Mail, Calendar, and People apps. We've added a sync engine to the Outlook app that provides the same synchronization.| 1809 |
 |Snipping Tool|The Snipping Tool is an application included in Windows 10 that is used to capture screenshots, either the full screen or a smaller, custom "snip" of the screen. In Windows 10, version 1809, we're [introducing a new universal app, Snip & Sketch](https://blogs.windows.com/windowsexperience/2018/05/03/announcing-windows-10-insider-preview-build-17661/#8xbvP8vMO0lF20AM.97), that provides the same screen snipping abilities, as well as additional features. You can launch Snip & Sketch directly and start a snip from there, or just press WIN + Shift + S. Snip & Sketch can also be launched from the “Screen snip” button in the Action Center. We're no longer developing the Snipping Tool as a separate app but are instead consolidating its functionality into Snip & Sketch.| 1809 |
 |[Software Restriction Policies](/windows-server/identity/software-restriction-policies/software-restriction-policies) in Group Policy|Instead of using the Software Restriction Policies through Group Policy, you can use [AppLocker](/windows/security/threat-protection/applocker/applocker-overview) or [Windows Defender Application Control](/windows/security/threat-protection/windows-defender-application-control) to control which apps users can access and what code can run in the kernel.| 1803 |

From 8291a28ab52bb635eb12029b30ee82a7495a32d2 Mon Sep 17 00:00:00 2001
From: Diana Hanson <v-dihans@microsoft.com>
Date: Mon, 25 Apr 2022 11:04:29 -0600
Subject: [PATCH 108/123] Update windows/deployment/add-store-apps-to-image.md

---
 windows/deployment/add-store-apps-to-image.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/add-store-apps-to-image.md b/windows/deployment/add-store-apps-to-image.md
index e8e2967811..abc9024b85 100644
--- a/windows/deployment/add-store-apps-to-image.md
+++ b/windows/deployment/add-store-apps-to-image.md
@@ -35,7 +35,7 @@ This topic describes the correct way to add Microsoft Store for Business applica
 * A Windows Image. For instructions on image creation, see [Create a Windows 10 reference image](deploy-windows-mdt/create-a-windows-10-reference-image.md).
 
 >[!NOTE]
-> If you'd like to add an internal LOB Microsoft Store application, please follow the instructions on **[Sideload line of business (LOB) apps in Windows client devices](/windows/application-management/sideload-apps-in-windows-10.md)**.
+> If you'd like to add an internal LOB Microsoft Store application, please follow the instructions on **[Sideload line of business (LOB) apps in Windows client devices](/windows/application-management/sideload-apps-in-windows-10)**.
 
 ## Adding a Store application to your image
 

From c3fb9da4ede1fb802a22d9489e74f945a1430ef1 Mon Sep 17 00:00:00 2001
From: Diana Hanson <v-dihans@microsoft.com>
Date: Mon, 25 Apr 2022 11:06:22 -0600
Subject: [PATCH 109/123] Update windows/deployment/add-store-apps-to-image.md

---
 windows/deployment/add-store-apps-to-image.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/add-store-apps-to-image.md b/windows/deployment/add-store-apps-to-image.md
index abc9024b85..def6469305 100644
--- a/windows/deployment/add-store-apps-to-image.md
+++ b/windows/deployment/add-store-apps-to-image.md
@@ -78,7 +78,7 @@ Now, on the machine where your image file is accessible:
 * [Customize and export Start layout](/windows/configuration/customize-and-export-start-layout)
 * [Export-StartLayout](/powershell/module/startlayout/export-startlayout)
 * [Import-StartLayout](/powershell/module/startlayout/import-startlayout)
-* [Sideload line of business (LOB) apps in Windows client devices](/windows/application-management/sideload-apps-in-windows-10.md)
+* [Sideload line of business (LOB) apps in Windows client devices](/windows/application-management/sideload-apps-in-windows-10)
 * [Prepare for Zero Touch Installation of Windows 10 with Configuration Manager](deploy-windows-cm/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md)
 * [Deploy Windows 10 with the Microsoft Deployment Toolkit](./deploy-windows-mdt/prepare-for-windows-deployment-with-mdt.md)
 * [Windows Assessment and Deployment Kit (Windows ADK)](windows-adk-scenarios-for-it-pros.md)

From 7251e8fcf77b002c0deba706300873939ffc6613 Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Tue, 26 Apr 2022 15:00:22 +0530
Subject: [PATCH 110/123] updated the comment from the PubOps team

---
 education/windows/deploy-windows-10-in-a-school-district.md | 2 +-
 windows/deployment/windows-10-enterprise-e3-overview.md     | 2 +-
 windows/whats-new/ltsc/whats-new-windows-10-2015.md         | 4 ++--
 windows/whats-new/ltsc/whats-new-windows-10-2019.md         | 2 +-
 4 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/education/windows/deploy-windows-10-in-a-school-district.md b/education/windows/deploy-windows-10-in-a-school-district.md
index ea0316377b..9df02d9c27 100644
--- a/education/windows/deploy-windows-10-in-a-school-district.md
+++ b/education/windows/deploy-windows-10-in-a-school-district.md
@@ -1252,7 +1252,7 @@ Table 19 lists the school and individual classroom maintenance tasks, the resour
 |Task and resources|Monthly|New semester or academic year|As required|
 |--- |--- |--- |--- |
 |Verify that Windows Update is active and current with operating system and software updates.<br>For more information about completing this task when you have:<li>Intune, see [Keep Windows PCs up to date with software updates in Microsoft Intune](/mem/intune/protect/windows-update-for-business-configure)<li>Group Policy, see [Windows Update for Business](/windows/deployment/update/waas-manage-updates-wufb).<li>WSUS, see [Windows Server Update Services](/windows/deployment/deploy-whats-new).<br>Neither Intune, Group Policy, nor WSUS, see “Install, upgrade, & activate” in Windows 10 help.|✔️|✔️|✔️|
-|Verify that Windows Defender is active and current with malware Security intelligence.<br>For more information about completing this task, see [Turn Windows Defender on or off](/mem/intune/user-help/turn-on-defender-windows)and [Updating Windows Defender](/mem/intune/user-help/turn-on-defender-windows).|✔️|✔️|✔️|
+|Verify that Windows Defender is active and current with malware Security intelligence.<br>For more information about completing this task, see [Turn Windows Defender on or off](/mem/intune/user-help/turn-on-defender-windows) and [Updating Windows Defender](/mem/intune/user-help/turn-on-defender-windows).|✔️|✔️|✔️|
 |Verify that Windows Defender has run a scan in the past week and that no viruses or malware were found.<br>For more information about completing this task, see the “How do I find and remove a virus?” topic in [Protect my PC from viruses](https://support.microsoft.com/help/17228/windows-protect-my-pc-from-viruses).|✔️|✔️|✔️|
 |Download and approve updates for Windows 10, apps, device driver, and other software.<br>For more information, see:<li>[Manage updates by using Intune](#manage-updates-by-using-intune)<li>[Manage updates by using Microsoft Endpoint Configuration Manager](#manage-updates-by-using-microsoft-endpoint-configuration-manager)|✔️|✔️|✔️|
 |Verify that you’re using the appropriate Windows 10 servicing options for updates and upgrades (such as selecting whether you want to use Current Branch or Current Branch for Business).<br>For more information about Windows 10 servicing options for updates and upgrades, see [Windows 10 servicing options](/windows/deployment/update/).||✔️|✔️|
diff --git a/windows/deployment/windows-10-enterprise-e3-overview.md b/windows/deployment/windows-10-enterprise-e3-overview.md
index fca6734c29..c01e69f256 100644
--- a/windows/deployment/windows-10-enterprise-e3-overview.md
+++ b/windows/deployment/windows-10-enterprise-e3-overview.md
@@ -132,7 +132,7 @@ Now that the devices have Windows 10/11 Enterprise, you can implement Device Gu
 
 For more information about implementing Device Guard, see:
 
-- [Windows Defender Application Control and virtualization-based protection of code integrity](/windows/security/threat-protection/device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md)
+- [Windows Defender Application Control and virtualization-based protection of code integrity](/windows/security/threat-protection/device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control)
 - [Device Guard deployment guide](/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-deployment-guide)
 
 ### AppLocker management
diff --git a/windows/whats-new/ltsc/whats-new-windows-10-2015.md b/windows/whats-new/ltsc/whats-new-windows-10-2015.md
index 2163c9e4fa..9d97b2053c 100644
--- a/windows/whats-new/ltsc/whats-new-windows-10-2015.md
+++ b/windows/whats-new/ltsc/whats-new-windows-10-2015.md
@@ -76,7 +76,7 @@ In Windows 10, security auditing has added some improvements:
 In Windows 10, two new audit subcategories were added to the Advanced Audit Policy Configuration to provide greater granularity in audit events:
 -   [Audit Group Membership](/windows/device-security/auditing/audit-group-membership) Found in the Logon/Logoff audit category, the Audit Group Membership subcategory allows you to audit the group membership information in a user's logon token. Events in this subcategory are generated when group memberships are enumerated or queried on the PC where the logon session was created. For an interactive logon, the security audit event is generated on the PC that the user logged on to. For a network logon, such as accessing a shared folder on the network, the security audit event is generated on the PC hosting the resource.
     When this setting is configured, one or more security audit events are generated for each successful logon. You must also enable the **Audit Logon** setting under **Advanced Audit Policy Configuration\\System Audit Policies\\Logon/Logoff**. Multiple events are generated if the group membership information cannot fit in a single security audit event.
--   [Audit PNP Activity](/windows/security/threat-protection/auditing/audit-pnp-activity.md) Found in the Detailed Tracking category, the Audit PNP Activity subcategory allows you to audit when plug and play detects an external device.
+-   [Audit PNP Activity](/windows/security/threat-protection/auditing/audit-pnp-activity) Found in the Detailed Tracking category, the Audit PNP Activity subcategory allows you to audit when plug and play detects an external device.
     Only Success audits are recorded for this category. If you do not configure this policy setting, no audit event is generated when an external device is detected by plug and play.
     A PnP audit event can be used to track down changes in system hardware and will be logged on the PC where the change took place. A list of hardware vendor IDs are included in the event.
 
@@ -165,7 +165,7 @@ Event ID 4826 has been added to track the following changes to the Boot Configur
 
 Event ID 6416 has been added to track when an external device is detected through Plug and Play. One important scenario is if an external device that contains malware is inserted into a high-value machine that doesn’t expect this type of action, such as a domain controller.
 
-[Learn how to manage your security audit policies within your organization](/windows/security/threat-protection/auditing/security-auditing-overview.md).
+[Learn how to manage your security audit policies within your organization](/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/dn319078(v=ws.11))
 
 ### Trusted Platform Module
 
diff --git a/windows/whats-new/ltsc/whats-new-windows-10-2019.md b/windows/whats-new/ltsc/whats-new-windows-10-2019.md
index 95920c2b66..40ec8d231c 100644
--- a/windows/whats-new/ltsc/whats-new-windows-10-2019.md
+++ b/windows/whats-new/ltsc/whats-new-windows-10-2019.md
@@ -200,7 +200,7 @@ New features in [Windows Hello for Business](/windows/security/identity-protecti
 
 - You can now reset a forgotten PIN without deleting company managed data or apps on devices managed by [Microsoft Intune](https://www.microsoft.com/cloud-platform/microsoft-intune).
 
-- For Windows desktops, users are able to reset a forgotten PIN through **Settings > Accounts > Sign-in options**. For more details, check out [What if I forget my PIN?](/windows/security/identity-protection/hello-for-business/hello-feature-pin-reset.md).
+- For Windows desktops, users are able to reset a forgotten PIN through **Settings > Accounts > Sign-in options**. For more details, check out [What if I forget my PIN?](/windows/security/identity-protection/hello-for-business/hello-feature-pin-reset).
 
 [Windows Hello](/windows/security/identity-protection/hello-for-business/hello-features) now supports FIDO 2.0 authentication for Azure AD Joined Windows 10 devices and has enhanced support for shared devices, as described in [Kiosk configuration](#kiosk-configuration). 
 

From dff95a4ca41729d6ba3aee4b4a6cd75504cce49d Mon Sep 17 00:00:00 2001
From: "Daniel H. Brown" <32883970+DHB-MSFT@users.noreply.github.com>
Date: Tue, 26 Apr 2022 09:43:45 -0700
Subject: [PATCH 111/123] Remove duplicate SCT article

\windows\security\threat-protection\security-compliance-toolkit-10.md
---
 .openpublishing.redirection.json              |   7 +-
 .../security-compliance-toolkit-10.md         | 101 ------------------
 2 files changed, 6 insertions(+), 102 deletions(-)
 delete mode 100644 windows/security/threat-protection/security-compliance-toolkit-10.md

diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json
index b359a5d989..6ba49fc316 100644
--- a/.openpublishing.redirection.json
+++ b/.openpublishing.redirection.json
@@ -5167,7 +5167,7 @@
     },
     {
       "source_path": "windows/device-security/security-compliance-toolkit-10.md",
-      "redirect_url": "/windows/security/threat-protection/security-compliance-toolkit-10",
+      "redirect_url": "/windows/security/threat-protection/windows-security-configuration-framework/security-compliance-toolkit-10",
       "redirect_document_id": false
     },
     {
@@ -19505,6 +19505,11 @@
      "redirect_url": "/education/",
      "redirect_document_id": true
     },
+    {
+      "source_path": "windows/security/threat-protection/security-compliance-toolkit-10.md",
+      "redirect_url": "/windows/security/threat-protection/windows-security-configuration-framework/security-compliance-toolkit-10",
+      "redirect_document_id": false
+    },
     { 
      "source_path": "windows/education/developers.yml",
      "redirect_url": "/education/",
diff --git a/windows/security/threat-protection/security-compliance-toolkit-10.md b/windows/security/threat-protection/security-compliance-toolkit-10.md
deleted file mode 100644
index c56d9a43c6..0000000000
--- a/windows/security/threat-protection/security-compliance-toolkit-10.md
+++ /dev/null
@@ -1,101 +0,0 @@
----
-title: Microsoft Security Compliance Toolkit 1.0
-description: This article describes how to use the Security Compliance Toolkit 1.0 in your organization
-keywords: virtualization, security, malware
-ms.prod: m365-security
-ms.mktglfcycl: deploy
-ms.localizationpriority: medium
-ms.author: dansimp
-author: dulcemontemayor
-manager: dansimp
-audience: ITPro
-ms.collection: M365-security-compliance
-ms.topic: conceptual
-ms.date: 11/21/2019
-ms.reviewer: 
-ms.technology: windows-sec
----
-
-# Microsoft Security Compliance Toolkit 1.0 Usage
-
-## What is the Security Compliance Toolkit (SCT)?
-
-The Security Compliance Toolkit (SCT) is a set of tools that allows enterprise security administrators to download, analyze, test, edit, and store Microsoft-recommended security configuration baselines for Windows and other Microsoft products.
-
-The SCT enables administrators to effectively manage their enterprise’s Group Policy Objects (GPOs). Using the toolkit, administrators can compare their current GPOs with Microsoft-recommended GPO baselines or other baselines, edit them, store them in GPO backup file format, and apply them broadly through Active Directory or individually through local policy.
-<p></p>
-
-The Security Compliance Toolkit consists of:
-
-- Windows 10 security baselines
-    - Windows 10, Version 21H1 (May 2021 Update)
-    - Windows 10, Version 20H2 (October 2020 Update)
-    - Windows 10, Version 2004 (May 2020 Update)
-    - Windows 10, Version 1909 (November 2019 Update)
-    - Windows 10, Version 1809 (October 2018 Update)
-    - Windows 10, Version 1607 (Anniversary Update)
-    - Windows 10, Version 1507
-
-- Windows Server security baselines
-    - Windows Server 2022
-    - Windows Server 2019
-    - Windows Server 2016
-    - Windows Server 2012 R2
-
-- Microsoft Office security baseline
-    - Microsoft 365 Apps for enterprise, Version 2104
-
-- Microsoft Edge security baseline
-    - Version 93
-    
-- Windows Update security baseline
-    - Windows 10 20H2 and below (October 2020 Update)
-
-- Tools
-    - Policy Analyzer tool
-    - Local Group Policy Object (LGPO) tool
-    - Set Object Security tool
-    - GPO to PolicyRules tool
-
--   Scripts
-    -   Baseline-ADImport.ps1
-    -   Baseline-LocalInstall.ps1
-    -   Remove-EPBaselineSettings.ps1
-    -   MapGuidsToGpoNames.ps1
-
-
-You can [download the tools](https://www.microsoft.com/download/details.aspx?id=55319) along with the baselines for the relevant Windows versions. For more details about security baseline recommendations, see the [Microsoft Security Baselines blog](https://techcommunity.microsoft.com/t5/Microsoft-Security-Baselines/bg-p/Microsoft-Security-Baselines).
-
-## What is the Policy Analyzer tool?
-
-The Policy Analyzer is a utility for analyzing and comparing sets of Group Policy Objects (GPOs). Its main features include:
-- Highlight when a set of Group Policies has redundant settings or internal inconsistencies
-- Highlight the differences between versions or sets of Group Policies
-- Compare GPOs against current local policy and local registry settings
-- Export results to a Microsoft Excel spreadsheet
-
-Policy Analyzer lets you treat a set of GPOs as a single unit. This makes it easy to determine whether particular settings are duplicated across the GPOs or are set to conflicting values. Policy Analyzer also lets you capture a baseline and then compare it to a snapshot taken at a later time to identify changes anywhere across the set. 
-
-More information on the Policy Analyzer tool can be found on the [Microsoft Security Baselines blog](https://techcommunity.microsoft.com/t5/microsoft-security-baselines/new-tool-policy-analyzer/ba-p/701049) or by [downloading the tool](https://www.microsoft.com/download/details.aspx?id=55319).
-
-## What is the Local Group Policy Object (LGPO) tool?
-
-LGPO.exe is a command-line utility that is designed to help automate management of Local Group Policy. 
-Using local policy gives administrators a simple way to verify the effects of Group Policy settings, and is also useful for managing non-domain-joined systems. 
-LGPO.exe can import and apply settings from Registry Policy (Registry.pol) files, security templates, Advanced Auditing backup files, as well as from formatted “LGPO text” files. 
-It can export local policy to a GPO backup. 
-It can export the contents of a Registry Policy file to the “LGPO text” format that can then be edited, and can build a Registry Policy file from an LGPO text file.
-
-Documentation for the LGPO tool can be found on the [Microsoft Security Baselines blog](https://techcommunity.microsoft.com/t5/microsoft-security-baselines/lgpo-exe-local-group-policy-object-utility-v1-0/ba-p/701045) or by [downloading the tool](https://www.microsoft.com/download/details.aspx?id=55319).
-
-## What is the Set Object Security tool?
-
-SetObjectSecurity.exe enables you to set the security descriptor for just about any type of Windows securable object (files, directories, registry keys, event logs, services, SMB shares, etc.). For file system and registry objects, you can choose whether to apply inheritance rules. You can also choose to output the security descriptor in a .reg-file-compatible representation of the security descriptor for a REG_BINARY registry value.
-
-Documentation for the Set Object Security tool can be found on the [Microsoft Security Baselines blog](https://techcommunity.microsoft.com/t5/microsoft-security-baselines/new-amp-updated-security-tools/ba-p/1631613) or by [downloading the tool](https://www.microsoft.com/download/details.aspx?id=55319).
-
-## What is the GPO to Policy Rules tool?
-
-Automate the conversion of GPO backups to Policy Analyzer .PolicyRules files and skip the GUI. GPO2PolicyRules is a command-line tool that is included with the Policy Analyzer download. 
-
-Documentation for the GPO to PolicyRules tool can be found on the [Microsoft Security Baselines blog](https://techcommunity.microsoft.com/t5/microsoft-security-baselines/new-amp-updated-security-tools/ba-p/1631613) or by [downloading the tool](https://www.microsoft.com/download/details.aspx?id=55319).

From a0a7d3f2cc169a7941bef28a9f8ddab7c9cdbf53 Mon Sep 17 00:00:00 2001
From: "Daniel H. Brown" <32883970+DHB-MSFT@users.noreply.github.com>
Date: Tue, 26 Apr 2022 09:52:19 -0700
Subject: [PATCH 112/123] Remove Office 2016 reference

In Security Compliance Toolkit article
---
 .../security-compliance-toolkit-10.md                            | 1 -
 1 file changed, 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-security-configuration-framework/security-compliance-toolkit-10.md b/windows/security/threat-protection/windows-security-configuration-framework/security-compliance-toolkit-10.md
index 3525284dcd..3058486461 100644
--- a/windows/security/threat-protection/windows-security-configuration-framework/security-compliance-toolkit-10.md
+++ b/windows/security/threat-protection/windows-security-configuration-framework/security-compliance-toolkit-10.md
@@ -46,7 +46,6 @@ The Security Compliance Toolkit consists of:
 
 -   Microsoft Office security baseline
     -   Microsoft 365 Apps for Enterprise Version 2112
-    -   Office 2016 
     
 -   Microsoft Edge security baseline
     -   Edge version 98

From e05308970009202724be86f2bbdbc1794651f9a7 Mon Sep 17 00:00:00 2001
From: Angela Fleischmann <v-angelaf@microsoft.com>
Date: Tue, 26 Apr 2022 17:22:17 -0600
Subject: [PATCH 113/123] Line 902: Fix typo

include --> includes
---
 education/windows/deploy-windows-10-in-a-school-district.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/education/windows/deploy-windows-10-in-a-school-district.md b/education/windows/deploy-windows-10-in-a-school-district.md
index 016f8d986a..3672175155 100644
--- a/education/windows/deploy-windows-10-in-a-school-district.md
+++ b/education/windows/deploy-windows-10-in-a-school-district.md
@@ -899,7 +899,7 @@ Deploying a new Configuration Manager infrastructure is beyond the scope of this
     Create a Microsoft Endpoint Manager driver package for each device type in your district. For more information, see [Manage drivers in Configuration Manager](/mem/configmgr/osd/get-started/manage-drivers).
 4. Add Windows apps.
 
-    Install the Windows apps (Windows desktop and Microsoft Store apps) that you want to deploy after the task sequence deploys your customized image (a thick, reference image that include Windows 10 and your core Windows desktop apps). These apps are in addition to the apps included in your reference image. You can only deploy Microsoft Store apps after you deploy Windows 10 because you cannot capture Microsoft Store apps in a reference image. Microsoft Store apps target users, not devices.
+    Install the Windows apps (Windows desktop and Microsoft Store apps) that you want to deploy after the task sequence deploys your customized image (a thick, reference image that includes Windows 10 and your core Windows desktop apps). These apps are in addition to the apps included in your reference image. You can only deploy Microsoft Store apps after you deploy Windows 10 because you cannot capture Microsoft Store apps in a reference image. Microsoft Store apps target users, not devices.
 
     Create a Configuration Manager application for each Windows desktop or Microsoft Store app that you want to deploy after you apply the reference image to a device. For more information, see [Deploy and manage applications with Configuration Manager](/mem/configmgr/apps/deploy-use/deploy-applications).
 

From 32daaf2451d8f30ad8cf20c956db2f20162a7108 Mon Sep 17 00:00:00 2001
From: Angela Fleischmann <v-angelaf@microsoft.com>
Date: Tue, 26 Apr 2022 17:26:06 -0600
Subject: [PATCH 114/123] Fix typo line 131

Line 131: This problem occurs when the size of the icons are not (size --> sizes or icons --> icon and are --> is)
(1st option)
---
 .../app-v/appv-release-notes-for-appv-for-windows.md            | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/application-management/app-v/appv-release-notes-for-appv-for-windows.md b/windows/application-management/app-v/appv-release-notes-for-appv-for-windows.md
index 61513db3b9..130251c08a 100644
--- a/windows/application-management/app-v/appv-release-notes-for-appv-for-windows.md
+++ b/windows/application-management/app-v/appv-release-notes-for-appv-for-windows.md
@@ -128,7 +128,7 @@ When you run Repair-AppvClientConnectionGroup, the following error is displayed,
     3.  If the package is currently published, run **Repair-AppvClientPackage** on that package.
 
 ## Icons not displayed properly in Sequencer
-Icons in the Shortcuts and File Type Associations tab are not displayed correctly when modifying a package in the App-V Sequencer. This problem occurs when the size of the icons are not 16x16 or 32x32.
+Icons in the Shortcuts and File Type Associations tab are not displayed correctly when modifying a package in the App-V Sequencer. This problem occurs when the sizes of the icons are not 16x16 or 32x32.
 
 **Workaround**: Only use icons that are 16x16 or 32x32.
 

From 3e7e357962081d069c262bfe8ba4ecc38f186b51 Mon Sep 17 00:00:00 2001
From: Angela Fleischmann <v-angelaf@microsoft.com>
Date: Tue, 26 Apr 2022 17:28:13 -0600
Subject: [PATCH 115/123] Fix capitalization

Line 134: The user has not accepted Eula (Eula --> the EULA)
---
 windows/deployment/upgrade/resolution-procedures.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/upgrade/resolution-procedures.md b/windows/deployment/upgrade/resolution-procedures.md
index e5a1284cb1..d2bec5e3f1 100644
--- a/windows/deployment/upgrade/resolution-procedures.md
+++ b/windows/deployment/upgrade/resolution-procedures.md
@@ -131,7 +131,7 @@ Also see the following sequential list of modern setup (mosetup) error codes wit
 | 0XC1900113 | MOSETUP_E_EULA_DECLINED | The user has declined the license terms. |
 | 0XC190011e | MOSETUP_E_FLIGHTING_BVT | The installation process has been halted for testing purposes. |
 | 0XC190011f | MOSETUP_E_PROCESS_CRASHED | The installation process crashed. |
-| 0XC1900120 | MOSETUP_E_EULA_TIMEOUT | The user has not accepted Eula within the required time limit. |
+| 0XC1900120 | MOSETUP_E_EULA_TIMEOUT | The user has not accepted the EULA within the required time limit. |
 | 0XC1900121 | MOSETUP_E_ADVERTISE_TIMEOUT | The user has not accepted Advertisement within the required time limit. |
 | 0XC1900122 | MOSETUP_E_DOWNLOADDISKSPACE_TIMEOUT | The download disk space issues were not resolved within the required time limit. |
 | 0XC1900123 | MOSETUP_E_INSTALLDISKSPACE_TIMEOUT | The install disk space issues were not resolved within the required time limit. |

From f51a53dc07f7d601cad6da95b329df03afcdf194 Mon Sep 17 00:00:00 2001
From: Angela Fleischmann <v-angelaf@microsoft.com>
Date: Tue, 26 Apr 2022 17:32:36 -0600
Subject: [PATCH 116/123] Fix "find/replace" accident
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

windows-1...overview.md
https://microsoft-ce-csi.acrolinx.cloud/api/v1/checking/scorecards/67bf32c7-d246-49a1-9603-531cf8904857#CORRECTNESS

Line 140: Group Policy requires that the you have AD DS and that the Windows 10/11 Enterprise devices  (delete "the" between "that" and "you")

Line 140: are joined to the your AD DS domain. (delete "the" between "to" and "your")

Line 146: The primary App-V components that the you must have are as follows: (delete "the" between "that" and "you")

Line 161: client-side components that you you’ll need to download, activate, and install. (delete "you" between "that" and "you'll)
---
 windows/deployment/windows-10-enterprise-e3-overview.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/deployment/windows-10-enterprise-e3-overview.md b/windows/deployment/windows-10-enterprise-e3-overview.md
index c01e69f256..b21f910bb4 100644
--- a/windows/deployment/windows-10-enterprise-e3-overview.md
+++ b/windows/deployment/windows-10-enterprise-e3-overview.md
@@ -137,13 +137,13 @@ For more information about implementing Device Guard, see:
 
 ### AppLocker management
 
-You can manage AppLocker in Windows 10 Enterprise by using Group Policy. Group Policy requires that the you have AD DS and that the Windows 10/11 Enterprise devices are joined to the your AD DS domain. You can create AppLocker rules by using Group Policy, and then target those rules to the appropriate devices.
+You can manage AppLocker in Windows 10 Enterprise by using Group Policy. Group Policy requires that you have AD DS and that the Windows 10/11 Enterprise devices are joined to your AD DS domain. You can create AppLocker rules by using Group Policy, and then target those rules to the appropriate devices.
 
 For more information about AppLocker management by using Group Policy, see [AppLocker deployment guide](/windows/security/threat-protection/windows-defender-application-control/applocker/applocker-policies-deployment-guide).
 
 ### App-V
 
-App-V requires an App-V server infrastructure to support App-V clients. The primary App-V components that the you must have are as follows:
+App-V requires an App-V server infrastructure to support App-V clients. The primary App-V components that you must have are as follows:
 
 -   **App-V server**. The App-V server provides App-V management, virtualized app publishing, app streaming, and reporting services. Each of these services can be run on one server or can be run individually on multiple servers. For example, you could have multiple streaming servers. App-V clients contact App-V servers to determine which apps are published to the user or device, and then run the virtualized app from the server.
 
@@ -158,7 +158,7 @@ For more information about implementing the App-V server, App-V sequencer, and A
 -   [Deploying the App-V Sequencer and Configuring the Client](/windows/application-management/app-v/appv-deploying-the-appv-sequencer-and-client)
 
 ### UE-V
-UE-V requires server- and client-side components that you you’ll need to download, activate, and install. These components include:
+UE-V requires server- and client-side components that you’ll need to download, activate, and install. These components include:
 
 - **UE-V service**. The UE-V service (when enabled on devices) monitors registered applications and Windows for any settings changes, then synchronizes those settings between devices.
 

From 52538a226a6b5cd0d392c4c58a3e0681db807849 Mon Sep 17 00:00:00 2001
From: Angela Fleischmann <v-angelaf@microsoft.com>
Date: Tue, 26 Apr 2022 17:36:19 -0600
Subject: [PATCH 117/123] Fix Correctness issues

whats-new...-10-2015.md
https://microsoft-ce-csi.acrolinx.cloud/api/v1/checking/scorecards/8f55af84-4ab1-4a66-8fa3-483592f16206#CORRECTNESS

Line 44: A new AppLocker configuration service provider was add to allow you to enable AppLocker rules by using an MDM server. (add --> added)

Line 81: A list of hardware vendor IDs are included in the event. (are --> is)

Line 129: TargetDomainName String The domain of the target user.. (Delete extra period.)

Line 199: For more info about how manage UAC, see UAC Group Policy Settings and Registry Key Settings . (add "to" between "how" and "manage" and check space before punctuation)
---
 windows/whats-new/ltsc/whats-new-windows-10-2015.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/windows/whats-new/ltsc/whats-new-windows-10-2015.md b/windows/whats-new/ltsc/whats-new-windows-10-2015.md
index 9d97b2053c..3c1c1c14e2 100644
--- a/windows/whats-new/ltsc/whats-new-windows-10-2015.md
+++ b/windows/whats-new/ltsc/whats-new-windows-10-2015.md
@@ -41,7 +41,7 @@ AppLocker was available for Windows 8.1, and is improved with Windows 10. See [R
 Enhancements to AppLocker in Windows 10 include:
 
 -   A new parameter was added to the [New-AppLockerPolicy](/powershell/module/applocker/new-applockerpolicy) Windows PowerShell cmdlet that lets you choose whether executable and DLL rule collections apply to non-interactive processes. To enable this, set the **ServiceEnforcement** to **Enabled**.
--   A new [AppLocker](/windows/client-management/mdm/applocker-csp) configuration service provider was add to allow you to enable AppLocker rules by using an MDM server.
+-   A new [AppLocker](/windows/client-management/mdm/applocker-csp) configuration service provider was added to allow you to enable AppLocker rules by using an MDM server.
 
 [Learn how to manage AppLocker within your organization](/windows/device-security/applocker/applocker-overview).
 
@@ -78,7 +78,7 @@ In Windows 10, two new audit subcategories were added to the Advanced Audit Poli
     When this setting is configured, one or more security audit events are generated for each successful logon. You must also enable the **Audit Logon** setting under **Advanced Audit Policy Configuration\\System Audit Policies\\Logon/Logoff**. Multiple events are generated if the group membership information cannot fit in a single security audit event.
 -   [Audit PNP Activity](/windows/security/threat-protection/auditing/audit-pnp-activity) Found in the Detailed Tracking category, the Audit PNP Activity subcategory allows you to audit when plug and play detects an external device.
     Only Success audits are recorded for this category. If you do not configure this policy setting, no audit event is generated when an external device is detected by plug and play.
-    A PnP audit event can be used to track down changes in system hardware and will be logged on the PC where the change took place. A list of hardware vendor IDs are included in the event.
+    A PnP audit event can be used to track down changes in system hardware and will be logged on the PC where the change took place. A list of hardware vendor IDs is included in the event.
 
 #### <a href="" id="bkmk-moreinfo"></a>More info added to existing audit events
 
@@ -126,7 +126,7 @@ The logon event ID 4688 has been updated to include more verbose information to
 2.  **TargetUserName** String
     The account name of the target user.
 3.  **TargetDomainName** String
-    The domain of the target user..
+    The domain of the target user.
 4.  **TargetLogonId** String
     The logon ID of the target user.
 5.  **ParentProcessName** String
@@ -196,7 +196,7 @@ User Account Control (UAC) helps prevent malware from damaging a computer and he
 
 You should not turn off UAC because this is not a supported scenario for devices running Windows 10. If you do turn off UAC, all Universal Windows Platform apps stop working. You must always set the **HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\EnableLUA** registry value to 1. If you need to provide auto elevation for programmatic access or installation, you could set the **HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\ConsentPromptBehaviorAdmin** registry value to 0, which is the same as setting the UAC slider Never Notify. This is not recommended for devices running Windows 10.
 
-For more info about how manage UAC, see [UAC Group Policy Settings and Registry Key Settings](/windows/access-protection/user-account-control/user-account-control-group-policy-and-registry-key-settings).
+For more info about how to manage UAC, see [UAC Group Policy Settings and Registry Key Settings](/windows/access-protection/user-account-control/user-account-control-group-policy-and-registry-key-settings).
 
 In Windows 10, User Account Control has added some improvements:
 

From d5ca65ffe78e31f0e182509dbcca2db7f2bf1156 Mon Sep 17 00:00:00 2001
From: Angela Fleischmann <v-angelaf@microsoft.com>
Date: Tue, 26 Apr 2022 17:39:42 -0600
Subject: [PATCH 118/123] Fix Correctness issues

whats-new...-10-2019.md
https://microsoft-ce-csi.acrolinx.cloud/api/v1/checking/scorecards/a62b6f4c-59ce-4191-bd64-8bcec05ff77d#CORRECTNESS

Line 365: polices (policies)

535: cleanup (clean up)

581: which both reduces the time to connect and provides a very stable stream. (which --> that)
---
 windows/whats-new/ltsc/whats-new-windows-10-2019.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/whats-new/ltsc/whats-new-windows-10-2019.md b/windows/whats-new/ltsc/whats-new-windows-10-2019.md
index 40ec8d231c..40a615660a 100644
--- a/windows/whats-new/ltsc/whats-new-windows-10-2019.md
+++ b/windows/whats-new/ltsc/whats-new-windows-10-2019.md
@@ -362,7 +362,7 @@ Until now, Windows logon only supported the use of identities federated to ADFS
 
 1. Azure AD Join your Windows 10 PC. (Web sign-in is only supported on Azure AD Joined PCs).
 
-2. Set the Policy CSP, and the Authentication and EnableWebSignIn polices to enable web sign-in. 
+2. Set the Policy CSP, and the Authentication and EnableWebSignIn policies to enable web sign-in. 
 
 3. On the lock screen, select web sign-in under sign-in options.
 4. Click the “Sign in” button to continue.
@@ -532,7 +532,7 @@ In Windows 10 Enterprise LTSC 2019, we continue our work to improve the diagnost
 
 ### Application Virtualization for Windows (App-V)
 
-Previous versions of the Microsoft Application Virtualization Sequencer (App-V Sequencer) have required you to manually create your sequencing environment. Windows 10 Enterprise LTSC 2019 introduces two new PowerShell cmdlets, New-AppVSequencerVM and Connect-AppvSequencerVM, which automatically create your sequencing environment for you, including provisioning your virtual machine. Additionally, the App-V Sequencer has been updated to let you sequence or update multiple apps at the same time, while automatically capturing and storing your customizations as an App-V project template (.appvt) file, and letting you use PowerShell or Group Policy settings to automatically cleanup your unpublished packages after a device restart.
+Previous versions of the Microsoft Application Virtualization Sequencer (App-V Sequencer) have required you to manually create your sequencing environment. Windows 10 Enterprise LTSC 2019 introduces two new PowerShell cmdlets, New-AppVSequencerVM and Connect-AppvSequencerVM, which automatically create your sequencing environment for you, including provisioning your virtual machine. Additionally, the App-V Sequencer has been updated to let you sequence or update multiple apps at the same time, while automatically capturing and storing your customizations as an App-V project template (.appvt) file, and letting you use PowerShell or Group Policy settings to automatically clean up your unpublished packages after a device restart.
 
 For more info, see the following topics:
 - [Automatically provision your sequencing environment using Microsoft Application Virtualization Sequencer (App-V Sequencer)](/windows/application-management/app-v/appv-auto-provision-a-vm)
@@ -578,7 +578,7 @@ Users attempt to connect to a Miracast receiver as they did previously. When the
 - Users do not have to change how they connect to a Miracast receiver. They use the same UX as for standard Miracast connections.
 - No changes to current wireless drivers or PC hardware are required.
 - It works well with older wireless hardware that is not optimized for Miracast over Wi-Fi Direct.
-- It leverages an existing connection which both reduces the time to connect and provides a very stable stream.
+- It leverages an existing connection that both reduces the time to connect and provides a very stable stream.
 
 #### Enabling Miracast over Infrastructure
 

From 8730f6efaf973a072b8ec20bc3171d198ce25e2e Mon Sep 17 00:00:00 2001
From: Shesh <56231259+sheshachary@users.noreply.github.com>
Date: Wed, 27 Apr 2022 12:07:12 +0530
Subject: [PATCH 119/123] updated the comments received from the pubops team

---
 windows/application-management/app-v/appv-reporting.md      | 2 +-
 windows/configuration/guidelines-for-assigned-access-app.md | 3 ++-
 windows/deployment/windows-10-poc-mdt.md                    | 2 +-
 3 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/windows/application-management/app-v/appv-reporting.md b/windows/application-management/app-v/appv-reporting.md
index 2f45c2a76c..baa49987dc 100644
--- a/windows/application-management/app-v/appv-reporting.md
+++ b/windows/application-management/app-v/appv-reporting.md
@@ -28,7 +28,7 @@ The following list displays the end–to-end high-level workflow for reporting i
    * Windows Authentication role (under **IIS / Security**)
    * SQL Server installed and running with SQL Server Reporting Services (SSRS)
 
-     To confirm SQL Server Reporting Services is running, enter `https://localhost/Reports` in a web browser as administrator on the server that will host App-V Reporting. The SQL Server Reporting Services Home page should appear.4
+     To confirm SQL Server Reporting Services is running, enter `https://localhost/Reports` in a web browser as administrator on the server that will host App-V Reporting. The SQL Server Reporting Services Home page should appear.
 2. Install the App-V reporting server and associated database. For more information about installing the reporting server see [How to install the Reporting Server on a standalone computer and connect it to the database](appv-install-the-reporting-server-on-a-standalone-computer.md). Configure the time when the computer running the App-V client should send data to the reporting server.
 3. If you are not using an electronic software distribution system such as Configuration Manager to view reports then you can define reports in SQL Server Reporting Service.
 
diff --git a/windows/configuration/guidelines-for-assigned-access-app.md b/windows/configuration/guidelines-for-assigned-access-app.md
index 0df2b5310b..13779d0100 100644
--- a/windows/configuration/guidelines-for-assigned-access-app.md
+++ b/windows/configuration/guidelines-for-assigned-access-app.md
@@ -82,7 +82,8 @@ Restart on Idle Time | Specify when Kiosk Browser should restart in a fresh stat
 > 
 > 1. Create the provisioning package. When ready to export, close the project in Windows Configuration Designer.
 > 2. Open the customizations.xml file in the project folder (e.g C:\Users\name\Documents\Windows Imaging and Configuration Designer (WICD)\Project_18). 
-> 3. Insert the null character string in between each URL (e.g `www.bing.com,`&#xF000; `www.contoso.com`). 
+> 3. Insert the null character string in between each URL 
+(e.g `www.bing.com` and `www.contoso.com`). 
 > 4. Save the XML file.
 > 5. Open the project again in Windows Configuration Designer.
 > 6. Export the package. Ensure you do not revisit the created policies under Kiosk Browser or else the null character will be removed.
diff --git a/windows/deployment/windows-10-poc-mdt.md b/windows/deployment/windows-10-poc-mdt.md
index 8b61c8fdc5..f22ca0e63d 100644
--- a/windows/deployment/windows-10-poc-mdt.md
+++ b/windows/deployment/windows-10-poc-mdt.md
@@ -394,7 +394,7 @@ This procedure will demonstrate how to deploy the reference image to the PoC env
 
 2. On the **Monitoring** tab, select the **Enable monitoring for this deployment share** checkbox, and then click **OK**.
 
-3. Verify the monitoring service is working as expected by opening the following link on SRV1 : `http://localhost:9800/MDTMonitorEvent/`. If you do not see "**You have created a service**" at the top of the page, see [Troubleshooting MDT 2012 Monitoring](/archive/blogs/mniehaus/troubleshooting-mdt-2012-monitoring).
+3. Verify the monitoring service is working as expected by opening the following link on SRV1: `http://localhost:9800/MDTMonitorEvent/`. If you do not see "**You have created a service**" at the top of the page, see [Troubleshooting MDT 2012 Monitoring](/archive/blogs/mniehaus/troubleshooting-mdt-2012-monitoring).
 
 4. Close Internet Explorer.
 

From 8b48c6234d6b6d82dc6cefb1941c9083d1c2a075 Mon Sep 17 00:00:00 2001
From: Aaron Czechowski <aczechowski@users.noreply.github.com>
Date: Thu, 28 Apr 2022 11:06:03 -0700
Subject: [PATCH 120/123] typo in link

---
 .../app-v/appv-deploying-microsoft-office-2013-with-appv.md     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/application-management/app-v/appv-deploying-microsoft-office-2013-with-appv.md b/windows/application-management/app-v/appv-deploying-microsoft-office-2013-with-appv.md
index 949dab5704..51d45f4112 100644
--- a/windows/application-management/app-v/appv-deploying-microsoft-office-2013-with-appv.md
+++ b/windows/application-management/app-v/appv-deploying-microsoft-office-2013-with-appv.md
@@ -423,7 +423,7 @@ This section describes the requirements and options for deploying Visio 2013 and
 ### Additional resources for Connection Groups
 
 * [Managing Connection Groups](appv-managing-connection-groups.md)
-* [Connection groups on the App-V team blog](/archive/blogs/gladiator/app-v-5-more-on-connection-group)
+* [Connection groups on the App-V team blog](/archive/blogs/gladiator/app-v-5-more-on-connection-groups)
 
 ### Additional resources for Dynamic Configuration
 

From df3e9402bdcd8fd26f9cc7ea2b577d12028280bc Mon Sep 17 00:00:00 2001
From: Thomas Raya <v-thraya@microsoft.com>
Date: Thu, 28 Apr 2022 14:58:53 -0700
Subject: [PATCH 121/123] update manager metadata

---
 browsers/edge/docfx.json                             | 2 +-
 browsers/internet-explorer/docfx.json                | 2 +-
 devices/hololens/docfx.json                          | 2 +-
 devices/surface-hub/docfx.json                       | 2 +-
 devices/surface/docfx.json                           | 2 +-
 education/docfx.json                                 | 2 +-
 windows/deployment/do/delivery-optimization-proxy.md | 2 +-
 7 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/browsers/edge/docfx.json b/browsers/edge/docfx.json
index bc99fd3bd8..d786e0bbfb 100644
--- a/browsers/edge/docfx.json
+++ b/browsers/edge/docfx.json
@@ -33,7 +33,7 @@
       "ms.technology": "microsoft-edge",
       "audience": "ITPro",
       "ms.topic": "article",
-      "manager": "laurawi",
+      "manager": "dansimp",
       "ms.prod": "edge",
       "feedback_system": "None",
       "hideEdit": true,
diff --git a/browsers/internet-explorer/docfx.json b/browsers/internet-explorer/docfx.json
index 9a7a5d7e4a..37391cc166 100644
--- a/browsers/internet-explorer/docfx.json
+++ b/browsers/internet-explorer/docfx.json
@@ -30,7 +30,7 @@
       "ms.technology": "internet-explorer",
       "ms.prod": "ie11",
       "ms.topic": "article",
-      "manager": "laurawi",
+      "manager": "dansimp",
       "ms.date": "04/05/2017",
       "feedback_system": "None",
       "hideEdit": true,
diff --git a/devices/hololens/docfx.json b/devices/hololens/docfx.json
index 464a472b2f..2908606c60 100644
--- a/devices/hololens/docfx.json
+++ b/devices/hololens/docfx.json
@@ -35,7 +35,7 @@
       "ms.technology": "windows",
       "ms.topic": "article",
       "audience": "ITPro",
-      "manager": "laurawi",
+      "manager": "dansimp",
       "ms.date": "04/05/2017",
       "feedback_system": "GitHub",
       "feedback_github_repo": "MicrosoftDocs/windows-itpro-docs",
diff --git a/devices/surface-hub/docfx.json b/devices/surface-hub/docfx.json
index 2e2fb12b63..1e0f65ecc7 100644
--- a/devices/surface-hub/docfx.json
+++ b/devices/surface-hub/docfx.json
@@ -30,7 +30,7 @@
       "ms.technology": "windows",
       "audience": "ITPro",
       "ms.topic": "article",
-      "manager": "laurawi",
+      "manager": "dansimp",
       "ms.mktglfcycl": "manage",
       "ms.sitesec": "library",
       "ms.date": "05/23/2017",
diff --git a/devices/surface/docfx.json b/devices/surface/docfx.json
index eba515451e..da410e3263 100644
--- a/devices/surface/docfx.json
+++ b/devices/surface/docfx.json
@@ -28,7 +28,7 @@
       "ms.technology": "windows",
       "audience": "ITPro",
       "ms.topic": "article",
-      "manager": "laurawi",
+      "manager": "dansimp",
       "ms.date": "05/09/2017",
       "feedback_system": "GitHub",
       "feedback_github_repo": "MicrosoftDocs/windows-itpro-docs",
diff --git a/education/docfx.json b/education/docfx.json
index 7cac8a75b9..04a27cb629 100644
--- a/education/docfx.json
+++ b/education/docfx.json
@@ -31,7 +31,7 @@
       "audience": "windows-education",
       "ms.topic": "article",
       "ms.technology": "windows",
-      "manager": "laurawi",
+      "manager": "dansimp",
       "audience": "ITPro",
       "breadcrumb_path": "/education/breadcrumb/toc.json",
       "ms.date": "05/09/2017",
diff --git a/windows/deployment/do/delivery-optimization-proxy.md b/windows/deployment/do/delivery-optimization-proxy.md
index cd25705e12..d2a8c14908 100644
--- a/windows/deployment/do/delivery-optimization-proxy.md
+++ b/windows/deployment/do/delivery-optimization-proxy.md
@@ -1,6 +1,6 @@
 ---
 title: Using a proxy with Delivery Optimization
-manager: laurawi
+manager: dansimp
 description: Settings to use with various proxy configurations to allow Delivery Optimization to work
 keywords: updates, downloads, network, bandwidth
 ms.prod: w10

From 7482576ec7fe5f581a670e6754dbbff1b6557cef Mon Sep 17 00:00:00 2001
From: Office Content Publishing 4
 <87501895+officedocspr4@users.noreply.github.com>
Date: Fri, 29 Apr 2022 16:39:23 -0700
Subject: [PATCH 122/123] Uploaded file: education-content-updates.md -
 2022-04-29 16:39:22.9880

---
 education/includes/education-content-updates.md | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/education/includes/education-content-updates.md b/education/includes/education-content-updates.md
index 0f7ca6f332..5ea1eba566 100644
--- a/education/includes/education-content-updates.md
+++ b/education/includes/education-content-updates.md
@@ -2,6 +2,14 @@
 

 
 
+## Week of April 25, 2022
+
+
+| Published On |Topic title | Change |
+|------|------------|--------|
+| 4/25/2022 | [Deploy Windows 10 in a school district (Windows 10)](/education/windows/deploy-windows-10-in-a-school-district) | modified |
+
+
 ## Week of April 18, 2022
 
 

From fce855bebcb2973dc6b7e97a78191bc77917460f Mon Sep 17 00:00:00 2001
From: Office Content Publishing 4
 <87501895+officedocspr4@users.noreply.github.com>
Date: Fri, 29 Apr 2022 16:39:33 -0700
Subject: [PATCH 123/123] Uploaded file: store-for-business-content-updates.md
 - 2022-04-29 16:39:32.8916

---
 .../store-for-business-content-updates.md        | 16 ++--------------
 1 file changed, 2 insertions(+), 14 deletions(-)

diff --git a/store-for-business/includes/store-for-business-content-updates.md b/store-for-business/includes/store-for-business-content-updates.md
index d14bc10108..1e43b5882c 100644
--- a/store-for-business/includes/store-for-business-content-updates.md
+++ b/store-for-business/includes/store-for-business-content-updates.md
@@ -2,21 +2,9 @@
 

 
 
-## Week of December 13, 2021
+## Week of April 25, 2022
 
 
 | Published On |Topic title | Change |
 |------|------------|--------|
-| 12/13/2021 | [Microsoft Store for Business and Education release history](/microsoft-store/release-history-microsoft-store-business-education) | modified |
-| 12/13/2021 | [Change history for Microsoft Store for Business and Education](/microsoft-store/sfb-change-history) | modified |
-| 12/14/2021 | [Manage user accounts in Microsoft Store for Business and Microsoft Store for Education (Windows 10)](/microsoft-store/manage-users-and-groups-microsoft-store-for-business) | modified |
-| 12/14/2021 | [Troubleshoot Microsoft Store for Business (Windows 10)](/microsoft-store/troubleshoot-microsoft-store-for-business) | modified |
-
-
-## Week of November 15, 2021
-
-
-| Published On |Topic title | Change |
-|------|------------|--------|
-| 11/16/2021 | [Microsoft Store for Business and Microsoft Store for Education overview (Windows 10)](/microsoft-store/microsoft-store-for-business-overview) | modified |
-| 11/19/2021 | [Microsoft Store for Business and Microsoft Store for Education overview (Windows 10)](/microsoft-store/microsoft-store-for-business-overview) | modified |
+| 4/28/2022 | [Prerequisites for Microsoft Store for Business and Education (Windows 10)](/microsoft-store/prerequisites-microsoft-store-for-business) | modified |