From 9c57fba9d0f8f9eeaac08ecbaa296bad36e61d74 Mon Sep 17 00:00:00 2001 From: Kirill Nikolaev Date: Mon, 21 Aug 2017 15:30:18 +0300 Subject: [PATCH 01/15] Corrected "ISO" definition In this case, ISO does not stand for the organization --- mdop/dart-v8/creating-the-dart-80-recovery-image-dart-8.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mdop/dart-v8/creating-the-dart-80-recovery-image-dart-8.md b/mdop/dart-v8/creating-the-dart-80-recovery-image-dart-8.md index b0f7f20fd2..5753d059e3 100644 --- a/mdop/dart-v8/creating-the-dart-80-recovery-image-dart-8.md +++ b/mdop/dart-v8/creating-the-dart-80-recovery-image-dart-8.md @@ -189,7 +189,7 @@ The available image file types are: - **Windows Imaging File (WIM)** - used to deploy DaRT to a preboot execution environment (PXE) or local partition). -- **International Standards Organization (ISO)** – used to deploy to CD or DVD, or for use in virtual machines (VM)s). The wizard requires that the ISO image have an .iso file name extension because most programs that burn a CD or DVD require that extension. If you do not specify a different location, the ISO image is created on your desktop with the name DaRT8.ISO. +- **ISO image file** – used to deploy to CD or DVD, or for use in virtual machines (VM)s). The wizard requires that the ISO image have an .iso file name extension because most programs that burn a CD or DVD require that extension. If you do not specify a different location, the ISO image is created on your desktop with the name DaRT8.ISO. - **PowerShell script** – creates a DaRT recovery image with commands that provide essentially the same options that you can select by using the DaRT Recovery Image wizard. The script also enables you to add or changes files in the DaRT recovery image. From 319e0789fe42b73699e6a264f1013001df8bb0f5 Mon Sep 17 00:00:00 2001 From: Jeanie Decker Date: Mon, 21 Aug 2017 15:13:31 +0000 Subject: [PATCH 02/15] Merged PR 2785: Publish WCD reference content Successful build report: https://opbuildstorageprod.blob.core.windows.net/report/2017%5C8%5C21%5C679ca0bf-11c4-ca5e-da3d-4e5fe13917f6%5CCommit%5C201708211418134677-jdwpf%5Cworkflow_report.html --- windows/configuration/TOC.md | 58 ++- ...change-history-for-configure-windows-10.md | 8 + .../configuration/images/admx-category.PNG | Bin 0 -> 8637 bytes windows/configuration/images/admx-policy.PNG | Bin 0 -> 15504 bytes windows/configuration/wcd/wcd-accounts.md | 58 +++ .../configuration/wcd/wcd-admxingestion.md | 97 ++++ .../wcd/wcd-applicationmanagement.md | 69 +++ .../configuration/wcd/wcd-assignedaccess.md | 35 ++ .../configuration/wcd/wcd-automatictime.md | 45 ++ windows/configuration/wcd/wcd-browser.md | 86 ++++ .../wcd/wcd-callandmessagingenhancement.md | 36 ++ windows/configuration/wcd/wcd-cellular.md | 43 ++ windows/configuration/wcd/wcd-certificates.md | 71 +++ windows/configuration/wcd/wcd-cleanpc.md | 28 ++ windows/configuration/wcd/wcd-connections.md | 45 ++ .../wcd/wcd-connectivityprofiles.md | 183 +++++++ .../configuration/wcd/wcd-countryandregion.md | 23 + .../wcd/wcd-desktopbackgroundandcolors.md | 22 + .../configuration/wcd/wcd-developersetup.md | 37 ++ .../configuration/wcd/wcd-deviceformfactor.md | 67 +++ .../configuration/wcd/wcd-devicemanagement.md | 92 ++++ windows/configuration/wcd/wcd-dmclient.md | 27 ++ .../configuration/wcd/wcd-editionupgrade.md | 46 ++ .../wcd/wcd-embeddedlockdownprofiles.md | 29 ++ .../wcd/wcd-firewallconfiguration.md | 27 ++ .../configuration/wcd/wcd-firstexperience.md | 16 + windows/configuration/wcd/wcd-folders.md | 23 + windows/configuration/wcd/wcd-initialsetup.md | 30 ++ .../configuration/wcd/wcd-internetexplorer.md | 95 ++++ windows/configuration/wcd/wcd-licensing.md | 30 ++ windows/configuration/wcd/wcd-maps.md | 48 ++ windows/configuration/wcd/wcd-messaging.md | 171 +++++++ .../wcd/wcd-modemconfigurations.md | 22 + windows/configuration/wcd/wcd-multivariant.md | 23 + windows/configuration/wcd/wcd-networkproxy.md | 51 ++ .../configuration/wcd/wcd-networkqospolicy.md | 37 ++ windows/configuration/wcd/wcd-nfc.md | 29 ++ windows/configuration/wcd/wcd-oobe.md | 47 ++ windows/configuration/wcd/wcd-otherassets.md | 27 ++ .../configuration/wcd/wcd-personalization.md | 44 ++ windows/configuration/wcd/wcd-policies.md | 449 ++++++++++++++++++ .../wcd/wcd-provisioningcommands.md | 27 ++ windows/configuration/wcd/wcd-sharedpc.md | 61 +++ windows/configuration/wcd/wcd-shell.md | 23 + windows/configuration/wcd/wcd-smisettings.md | 107 +++++ windows/configuration/wcd/wcd-start.md | 35 ++ windows/configuration/wcd/wcd-startupapp.md | 23 + .../wcd/wcd-startupbackgroundtasks.md | 22 + .../wcd/wcd-surfacehubmanagement.md | 35 ++ windows/configuration/wcd/wcd-tabletmode.md | 29 ++ windows/configuration/wcd/wcd-takeatest.md | 48 ++ windows/configuration/wcd/wcd-theme.md | 35 ++ .../wcd/wcd-unifiedwritefilter.md | 65 +++ .../wcd/wcd-universalappinstall.md | 79 +++ .../wcd/wcd-universalappuninstall.md | 40 ++ .../wcd/wcd-usberrorsoemoverride.md | 27 ++ windows/configuration/wcd/wcd-weakcharger.md | 43 ++ .../wcd/wcd-windowsteamsettings.md | 103 ++++ windows/configuration/wcd/wcd-wlan.md | 24 + windows/configuration/wcd/wcd-workplace.md | 38 ++ windows/configuration/wcd/wcd.md | 77 +++ 61 files changed, 3314 insertions(+), 1 deletion(-) create mode 100644 windows/configuration/images/admx-category.PNG create mode 100644 windows/configuration/images/admx-policy.PNG create mode 100644 windows/configuration/wcd/wcd-accounts.md create mode 100644 windows/configuration/wcd/wcd-admxingestion.md create mode 100644 windows/configuration/wcd/wcd-applicationmanagement.md create mode 100644 windows/configuration/wcd/wcd-assignedaccess.md create mode 100644 windows/configuration/wcd/wcd-automatictime.md create mode 100644 windows/configuration/wcd/wcd-browser.md create mode 100644 windows/configuration/wcd/wcd-callandmessagingenhancement.md create mode 100644 windows/configuration/wcd/wcd-cellular.md create mode 100644 windows/configuration/wcd/wcd-certificates.md create mode 100644 windows/configuration/wcd/wcd-cleanpc.md create mode 100644 windows/configuration/wcd/wcd-connections.md create mode 100644 windows/configuration/wcd/wcd-connectivityprofiles.md create mode 100644 windows/configuration/wcd/wcd-countryandregion.md create mode 100644 windows/configuration/wcd/wcd-desktopbackgroundandcolors.md create mode 100644 windows/configuration/wcd/wcd-developersetup.md create mode 100644 windows/configuration/wcd/wcd-deviceformfactor.md create mode 100644 windows/configuration/wcd/wcd-devicemanagement.md create mode 100644 windows/configuration/wcd/wcd-dmclient.md create mode 100644 windows/configuration/wcd/wcd-editionupgrade.md create mode 100644 windows/configuration/wcd/wcd-embeddedlockdownprofiles.md create mode 100644 windows/configuration/wcd/wcd-firewallconfiguration.md create mode 100644 windows/configuration/wcd/wcd-firstexperience.md create mode 100644 windows/configuration/wcd/wcd-folders.md create mode 100644 windows/configuration/wcd/wcd-initialsetup.md create mode 100644 windows/configuration/wcd/wcd-internetexplorer.md create mode 100644 windows/configuration/wcd/wcd-licensing.md create mode 100644 windows/configuration/wcd/wcd-maps.md create mode 100644 windows/configuration/wcd/wcd-messaging.md create mode 100644 windows/configuration/wcd/wcd-modemconfigurations.md create mode 100644 windows/configuration/wcd/wcd-multivariant.md create mode 100644 windows/configuration/wcd/wcd-networkproxy.md create mode 100644 windows/configuration/wcd/wcd-networkqospolicy.md create mode 100644 windows/configuration/wcd/wcd-nfc.md create mode 100644 windows/configuration/wcd/wcd-oobe.md create mode 100644 windows/configuration/wcd/wcd-otherassets.md create mode 100644 windows/configuration/wcd/wcd-personalization.md create mode 100644 windows/configuration/wcd/wcd-policies.md create mode 100644 windows/configuration/wcd/wcd-provisioningcommands.md create mode 100644 windows/configuration/wcd/wcd-sharedpc.md create mode 100644 windows/configuration/wcd/wcd-shell.md create mode 100644 windows/configuration/wcd/wcd-smisettings.md create mode 100644 windows/configuration/wcd/wcd-start.md create mode 100644 windows/configuration/wcd/wcd-startupapp.md create mode 100644 windows/configuration/wcd/wcd-startupbackgroundtasks.md create mode 100644 windows/configuration/wcd/wcd-surfacehubmanagement.md create mode 100644 windows/configuration/wcd/wcd-tabletmode.md create mode 100644 windows/configuration/wcd/wcd-takeatest.md create mode 100644 windows/configuration/wcd/wcd-theme.md create mode 100644 windows/configuration/wcd/wcd-unifiedwritefilter.md create mode 100644 windows/configuration/wcd/wcd-universalappinstall.md create mode 100644 windows/configuration/wcd/wcd-universalappuninstall.md create mode 100644 windows/configuration/wcd/wcd-usberrorsoemoverride.md create mode 100644 windows/configuration/wcd/wcd-weakcharger.md create mode 100644 windows/configuration/wcd/wcd-windowsteamsettings.md create mode 100644 windows/configuration/wcd/wcd-wlan.md create mode 100644 windows/configuration/wcd/wcd-workplace.md create mode 100644 windows/configuration/wcd/wcd.md diff --git a/windows/configuration/TOC.md b/windows/configuration/TOC.md index f4a06d5d6a..8ccede5240 100644 --- a/windows/configuration/TOC.md +++ b/windows/configuration/TOC.md @@ -58,9 +58,65 @@ ### [Provision PCs with common settings for initial deployment (desktop wizard)](provisioning-packages/provision-pcs-for-initial-deployment.md) ### [Provision PCs with apps](provisioning-packages/provision-pcs-with-apps.md) ### [Use a script to install a desktop app in provisioning packages](provisioning-packages/provisioning-script-to-install-app.md) +### [Create a provisioning package with multivariant settings](provisioning-packages/provisioning-multivariant.md) ### [PowerShell cmdlets for provisioning Windows 10 (reference)](provisioning-packages/provisioning-powershell.md) ### [Windows Configuration Designer command-line interface (reference)](provisioning-packages/provisioning-command-line.md) -### [Create a provisioning package with multivariant settings](provisioning-packages/provisioning-multivariant.md) +### [Windows Configuration Designer provisioning settings (reference)](wcd/wcd.md) +#### [Accounts](wcd/wcd-accounts.md) +#### [ADMXIngestion](wcd/wcd-admxingestion.md) +#### [ApplicationManagement](wcd/wcd-applicationmanagement.md) +#### [AssignedAccess](wcd/wcd-assignedaccess.md) +#### [AutomaticTime](wcd/wcd-automatictime.md) +#### [Browser](wcd/wcd-browser.md) +#### [CallAndMessagingEnhancement](wcd/wcd-callandmessagingenhancement.md) +#### [Cellular](wcd/wcd-cellular.md) +#### [Certificates](wcd/wcd-certificates.md) +#### [CleanPC](wcd/wcd-cleanpc.md) +#### [Connections](wcd/wcd-connections.md) +#### [ConnectivityProfiles](wcd/wcd-connectivityprofiles.md) +#### [CountryAndRegion](wcd/wcd-countryandregion.md) +#### [DesktopBackgroundAndColors](wcd/wcd-desktopbackgroundandcolors.md) +#### [DeveloperSetup](wcd/wcd-developersetup.md) +#### [DeviceFormFactor](wcd/wcd-deviceformfactor.md) +#### [DeviceManagement](wcd/wcd-devicemanagement.md) +#### [DMClient](wcd/wcd-dmclient.md) +#### [EditionUpgrade](wcd/wcd-editionupgrade.md) +#### [EmbeddedLockdownProfiles](wcd/wcd-embeddedlockdownprofiles.md) +#### [FirewallConfiguration](wcd/wcd-firewallconfiguration.md) +#### [FirstExperience](wcd/wcd-firstexperience.md) +#### [Folders](wcd/wcd-folders.md) +#### [InitialSetup](wcd/wcd-initialsetup.md) +#### [InternetExplorer](wcd/wcd-internetexplorer.md) +#### [Licensing](wcd/wcd-licensing.md) +#### [Maps](wcd/wcd-maps.md) +#### [Messaging](wcd/wcd-messaging.md) +#### [ModemConfigurations](wcd/wcd-modemconfigurations.md) +#### [Multivariant](wcd/wcd-multivariant.md) +#### [NetworkProxy](wcd/wcd-networkproxy.md) +#### [NetworkQOSPolicy](wcd/wcd-networkqospolicy.md) +#### [NFC](wcd/wcd-nfc.md) +#### [OOBE](wcd/wcd-oobe.md) +#### [OtherAssets](wcd/wcd-otherassets.md) +#### [Personalization](wcd/wcd-personalization.md) +#### [Policies](wcd/wcd-policies.md) +#### [ProvisioningCommands](wcd/wcd-provisioningcommands.md) +#### [SharedPC](wcd/wcd-sharedpc.md) +#### [Shell](wcd/wcd-shell.md) +#### [SMISettings](wcd/wcd-smisettings.md) +#### [Start](wcd/wcd-start.md) +#### [StartupApp](wcd/wcd-startupapp.md) +#### [StartupBackgroundTasks](wcd/wcd-startupbackgroundtasks.md) +#### [SurfaceHubManagement](wcd/wcd-surfacehubmanagement.md) +#### [TabletMode](wcd/wcd-tabletmode.md) +#### [TakeATest](wcd/wcd-takeatest.md) +#### [Theme](wcd/wcd-theme.md) +#### [UnifiedWriteFilter](wcd/wcd-unifiedwritefilter.md) +#### [UniversalAppInstall](wcd/wcd-universalappinstall.md) +#### [UniversalAppUninstall](wcd/wcd-universalappuninstall.md) +#### [WeakCharger](wcd/wcd-weakcharger.md) +#### [WindowsTeamSettings](wcd/wcd-windowsteamsettings.md) +#### [WLAN](wcd/wcd-wlan.md) +#### [Workplace](wcd/wcd-workplace.md) ## [Lockdown features from Windows Embedded 8.1 Industry](lockdown-features-windows-10.md) ## [User Experience Virtualization (UE-V) for Windows](ue-v/uev-for-windows.md) ### [Get Started with UE-V](ue-v/uev-getting-started.md) diff --git a/windows/configuration/change-history-for-configure-windows-10.md b/windows/configuration/change-history-for-configure-windows-10.md index 9d2b98bf69..76c39cc45d 100644 --- a/windows/configuration/change-history-for-configure-windows-10.md +++ b/windows/configuration/change-history-for-configure-windows-10.md @@ -14,6 +14,12 @@ author: jdeckerms This topic lists new and updated topics in the [Configure Windows 10](index.md) documentation for Windows 10 and Windows 10 Mobile. +## August 2017 + +New or changed topic | Description +--- | --- + [Windows Configuration Designer provisioning settings (reference)](wcd/wcd.md) | New section; reference content from [Windows Provisioning settings reference](https://msdn.microsoft.com/library/windows/hardware/dn965990.aspx) is being relocated here from MSDN. + ## July 2017 | New or changed topic | Description | | --- | --- | @@ -38,6 +44,7 @@ This topic lists new and updated topics in the [Configure Windows 10](index.md) | [Configure cellular settings for tablets and PCs](provisioning-apn.md) | New | | [ Manage connections from Windows operating system components to Microsoft services](manage-connections-from-windows-operating-system-components-to-microsoft-services.md) | Added MDM policies for privacy settings | + ## April 2017 | New or changed topic | Description | @@ -45,6 +52,7 @@ This topic lists new and updated topics in the [Configure Windows 10](index.md) | [Set up a shared or guest PC with Windows 10](set-up-shared-or-guest-pc.md) | Added instructions for using WMI bridge to configure shared PC | + ## RELEASE: Windows 10, version 1703 The topics in this library have been updated for Windows 10, version 1703 (also known as the Creators Update). The following new topics have been added: diff --git a/windows/configuration/images/admx-category.PNG b/windows/configuration/images/admx-category.PNG new file mode 100644 index 0000000000000000000000000000000000000000..465dd53fe3e389431cd223e166e5f1a17d335da8 GIT binary patch literal 8637 zcmb_?c{rP0*Kb=zRn3p6$5a$;rG_dsCbSeaRkg%ps;EY52#vWS)taN!gHmIaqBX|Q zR0S=9n$n7)hR~WKW@1Q!_@dAIp6@#Eb^bW#yUu;x$vPcw4%U0MF@A{E97WtRzIvphPn^OMj>8Nr42~SZBysP# zva@6^UlV)8kt4jVhp(d@@REB+j!54!H8i*#?7W=Q>wVTZ-DpgpeCCUn`)Al^;Js&o zY@P8O94|!mxJB2GW|o_OyDv_mTw8x%nJZKMz7tvl(N$Q#DT-2dHoR`+D3>)5gF4uq z%u}}@US^%%?tD;dL)LNc4df320fFR;@kXphVC3JT1BUjimGhq;FH4NXU&EY}VI8Y% z_&2ev!^;{N&uTgW_$eX!tjOFHmF$8-_VBYFQGabB6|%R|FeU&KKsO&SGo)GfJ&M77 zgzVADggg}Om+HE?k15butY{FMdU(wfR{}9SE3+mKX3~l^v}cWXYU8ltx=-aphAZ|vOAjtWh(figf{v@h^N;FmL`CG zp@p*j3`yzqCfS7+bHt=y1;b}jKLjf+kzD^LA)bVbV+|k2VJCtXFp8}dwz;cL?G+m; zJ3bbcB2wTCHAP(n2;8GyblzPJ)VZHSZ@&y!vkFageVP|*&gwCFcqXgazL0(+(!w>} zzeWgc48L%`)e6XTxdF_jy3MrJ3Jx@c9F8r7hc&iiZ#q8xkCoD~-irr*M`+lf*kZe$*{_Snud*b9+i^D$Pcyzpx{+{`lXp>e8;LLNe>kUfJ zVlj}&zasCK8U0-1<`yW#0K(NIWEP5|+9c3tvQ?oxl(e71huvB@I|7^Jsms!5OpuQi z4z(;9#F|o+4NwpybL-IZmWW}fz+6&3vh>ihk3d1n03+7dGn8|`+k5DL9OT3QMC|U3 z!zW3BL7VFoVsS@yCC>2Gq1P;pJOKa8f9fVn<9>Twy~H1AR{t{9M*n!2!+(pF?VQS$ zVvVdZDaIRxs55-GH$J^JGc;^^14)G+TZ{%frGniyU+nY`r~82RXy6<~)-d0}F05=g zVW;6>cY#ViSos?{qI|Fgo2WdXtFOLPnsTd1RGLdt)uo;+4N#QXnE0`bipMLf3{0X> z=AAX2`Dk|@J@M`nLT%l0!>b4DYhFxw|25U9p)v$oVo7fYPE-B8vIvyVKNSBRp|dfK-e0Ko@)WWB-_ zQvoyCGEOxeFEh}V(79#$lIgO+%^gu)@os_u`h?U9RaDx5q1yIVMMilR5@{Ft$9f@9 z2KWYeo#bfjUb|Y|rsfvwF5Yk{42!C0>m|Q;T3G7(sI5%>ZbvZX{-D*=BeJE|F6miO z=vG5e>JF9#JPz-7=};XO+IQ27Ua6dJZE}>6*+^>;Kt~R~x$qjnTB5P9vqm}dY*LM^ zqUMz{K=W5rjj&Oc9mXB6ngm|dkhG>lN@7!N-*ep;Eao~(IsOH3+V?ONlB%vW;@ zpgE&#r*zN3;Z4k+K@|m;DkM=#Q;@n>h}?C*l4~T#0heA_*jq34AWE_F zf*eOhE?Zb#QU~PF1L4lVH&G|fXO=w3sgVgiH}vLIXRGlu(1Hdgt;!P_?fV92+F;{1 zrRL|`{O2P0ob=9T^XU>!eS6Nof9k+Le6c*=!Y0W}9{d%)@Wz5Sc=XX{t6wd3g4cDv zwA8&P)Crx5lZF-=aSj)(m1Lu~zlYD&#cw&F@de~(d4HWm+2^u*Kjsb9oe9VqubJ>@q&HtW&+!8zcXt=JQ{`rk_;h+_s@{7@|{aE;kH3ocnEo-SQg%l6PO+u_2L+P zurg-drTroYGJfvPxOMsR?J~ZYt>n`qPO*`oy?REuZAF^O!!MUAb6#j0Kk*e1Q5EOP z8|mn>s<=~DdKxzI-jby^rKx5^U~YUP`89PEHvI3A^wlg}US3yI5)hzwkz$SXyUio6 zN@l_?O&;s7Ab!4CtP$UtEh9J&8x(l~-m+)t$N?fg&127NV!wT{1a6GD`&%+nA!k=p zkKvxgxY11#mXvsR&fj9KshQ=r&iCO;VM3n8A~Mr(zZuY!B4rzK!?zdYF$RKVE_#R? zyE_s^L_$h26^y>Y78PoaE@Ks@AKqW8)iu~;`#@>5ck43wBXOL-aQQtxr#Pbw?Guu` zdB&awoyZLb9Q(#6Z~dx(@J$>4!S|;=u2%adLhhLtFYG;+#b~lwjGV`uK=8v#hfy28 zKx5z9( zt)KNlG4HAO9e}F|y=Qtsqm2k6JHo<8hs_C^RjIvNxerzvNa>G$>n;vId>lE*IF(V+ zYvrRXGrF8hTdZOQJ9Mh4toT}aU8>L78S5Vx+iCaTVfHZkIy60p6j~ev zUT6AE)`d4>4>Yh_AWuv12fE}ZBRZLRw`vNZQ>b*LYAV$$fhwH+?5wUpIHelM7>A=dQFh254%Lu+b5c{ZJ-LjmD zq~uq*Z}wDK_n4=@{}*@^&VCoAK76?O9ZB-V(%vIHriAMI0XG6s5XMA| zO!$M^FXujm5Z(=ci-rhF?R+)URxNvJ2fhVN;zKnU>yT^r=jd&MoaU&)d^az)DM;FP zzU5Ky3;EnT4L!@&qW*wSERei*37V|E)Z$u)o{jYW!QSBX`XcDj=vh7F%4kgOvuwc#NG#W* zPcPCzK}}z~S9)RXQLCxzad`0U2GAd4mdU^Fa@A0z)g?CKof=M|tsr#!y59WEjN{gi za|W}cSaBVFP@h{uM2tUJ2o#qvL;Nvp^E%JwX7MyYAVdi(2Vm2Y@UHF#-2oOkF>=G_ z^FW=e8INPgl4y7tax>Tl7SO+Cs@CaSoWor~T=qGwQ)1;(%O??D(+#%`nER$Jc9Q&WM*f%$ycB_H*hw@6y(a&{R+oNH+V}1j#=3oD`OO)^}l( zLec@TE!+C_Na!}e?iS}Pd$cNz7q^V3y%UBgK`EoyL6N-}ssGIHKHLVNK~RdrfR7b`FWg z(~zwVD%Ugv&X5-P?TATLjYCHjH~zxSpeEyE!#pP{Av55?^?Jt0_Z+`&P7%0E?8WVI zYWaqlZ5Ws}5nkzs0Zo>>?A1s+`F&oBQqoPpEwdn)@zK~%#sKCJ{ zB8odyN%KjC5}5B+ids= zSegyQD$Z{(deerPHT$;~GR{T51$JQ3%a1uRLNuIU(<+sR+XAbTojuhWH~C-aiFb;( zdsU3LKJyCgfF`r%?R!KTq9p%t*1@-2`MArskUyKJ(x2DEoUQ{oB6+1{3nfS#m1bkb9vzr&{e!Uo`@BBnDvpzceu@sHC1$9BGURR8MvT^j6M zPfM3C-LQZ8{G6DOm_^qmUMNK^02{Z@_NS{}#)zxK#=AWI2LzbaL%ye<2tN%p8Y3ZX zldPJ_E<-AuHaWnc-UtUm1*CGMP-@`oQuW%+?C#L#dWvQccrB4ky_s7mGypW8gn6cD1^}4u95?oLZ(6H?9x`JAM)i>^c3=YC`tG$ zNWV#M>giAqHNe8o#CKKq(J{s%jtxZ~@U-<76#Ev`F)|Iozv@U#>Pu>VC1ut?QCq&d zbH^hVo`yQ!G)EPv=UllCTxnYKI!6u*u@eJ>YSxeUm-e16N}BMZEmi+hRE+$*-%z6= zdtoZ__3LM^+8!J;)izjr6}l|D)l@b5@vF|1fq7#p#4ArAi3*~SvhemF9@m)YK^Oc- zrEfPhcPxIL30WJVaG~W1pt6l8x?wXT@_LkTyKhS9EstOKFSg$$i-GM;Xw$j63&mj2 zS2U_5(7wxCVl>g5?WIbV{TS`x0dSVwTmirzpBeT`Ig)((=v_GO8n!}7TvY~jImT7B2<`J9^R z9LenGKNDrcQQY;vl^?knMNnr^x*%FH8T)WJfL@lb z_oK_orBnlQTxQEu;R9=qJwhSaU|a4e*bNe}t4dq=UAmEoZOFQ)CwRO#yd$NK{oQ1f zsLO6o@N@zBOh^q6V3JT6^TTGe)nmh?N|-7TO&4~;ynj|X;h^37#|+3Xr&Xz4*4A4a zz*w10skZ4(QiXxsEMDqAn;hXVYt$tUQn}N6hR>>^$GL;{@2}5y_Z5A2FV-ll8Z8qW zZ5wrgXG$}zyl?!jU&LsqYKi06g4BRBg}68~EtEvCA-P z118lNFdm0TOm!$D!Az6Af9AxSJJ^bNYcbSXk4DXXuh?a!O-|Wnx4zLXq-9_jViFXJ z6D3|qx=iPuKepqI_-Ony^V^A#D+v;m%Hr}?_*$BAwc8ySZzFMF)el}YFSP{Kg@W$S zL*{e~y_CdEoXW=JNcXrdliTy?_Px9BD-o|J5ez_x+4ytFagFD6IXQS;e$A^*4x@&_ zX!R@7{WCD?!{5cwBqrGsMfSQe;C`*U{js3-yhIf-EKoEjWkuhFcz@2xPb7@r+DaI$ z$ikS=xD#!KyOQfzMf69rOf*BF5NTcMHsT~_n`aKVd)L)p`vq78e$5_mck-HYUvzlr zuRN-pOz$U3R8}23t-vWPWzsWY+Z16{R(||%ESi3@?V_t&gpy9#YOUFvik(P`a0}y^I=ZhmyWoX54IA?0lxrk_|C39YZVJKVMQ4D%r3nJ5SA4 zm);m+1)mdP*5vfG7jFBrWDvcyCK~4>_9H_Zob^zn}gZlO+ZVi&|VgU$xwLX{+n;<3d3S02d*R^m@vQ z#v8MG|LIWfJ-Lz!mXV`RsTCH5|#fZ(=1rkc^n_h9G0MY}K7 zWa=dEBtX~WtGKX`9@GdZsI~sEtiu!UDC4Kxaj6j8v#4(VIn)siEbxLY5xi3Z|LXA9 z$(|HAmk|pC!^voAj{d01YdtLaF6J`*)@6TYb~KN?LrIlDaHjynb$F=cke<@`7c=w8 zI{nkzLF9V4uqbTTQ)jE>9Tm_f19x#TyNMpZ@E_PO3vA2VB#`@PBaY1GFDMp})p}rd z`tbuAM)Fr<6iO%U9nKa<&GX+((oE{wfWU>Pbhfxv_eyr^!AiWte_;{1Ml;BKNEq9U zucLs0fX>dO<@XiagPcKhifO|WkpE#p*(~wNihjkCj*!xNLQQb+kn0(!zjJ!`;hyp0 zORWMH_{4#!6}n^W-sac6$Z*62Q$k1mYJCV%>LKO9hBMx8AYn7}M?$>=V^$Dt$Gs=Y zAv2o|YlA#7-b0`mB>?0~x?~ZT^zxctx98f4DW7Dqz{QuJ8n;adp{c7wTh=4x2o}61 zZ@jqeI2Q&hkMG9 z21dMgU{XRi?yYxvQb4xe%BJw#56m}rQsR0q{j5)WCvxs+A1Jm&Q^9-ZMF}VMXdB~f z*fFkI!4q#gZtTtA9*j3FU<_r>pL&tVHX04~npnA8_IHeKI;nMsmsv6s&o(1_*gVv)pGm3~7JXc{pDf?^ zjY$rcA1JuU>;w7RDqIlPi>%@*=>UxN!fUu^V+SF2uDxWxhrtbGY`ITOj)i$!pm$>X(anQf zNOY(7dIcVO*Q8O4z!t-!_CTXk$&F|k8l-tuV@NplmqL&KUY~^)$c|HCnxb0X{xLpA zn-p}7x$>f@j1SOHfhWSQYIz4yYwiWS;gIZnXR~tdHMiDDcg`)Y0{bZZ&ADtT9{3%p zIjUu7z_%draTt<~LeDPI={VL9V79c3D002Rt9d~d#nAq9@jcvR>2u8+XR_*??z0(% z#>@hK7uTYQO-Cz4qE7FA8Hy*+?Fd8Xf=Kf2RSeAp&eU>*mOcZz*P4b%$t#v*1wu4} zHINKGHJ*`dOrioO5oiX)kdCHqtW;7l;x}rPfe4Nq)I(jNQAhuu=4tQN#xj>ogdcT8@JPpvwWL;LPz!M$0)Uis_)Gds6>1L#b}1|9M>6KpJD!vVWLh9g8g zSWExoki(g%*TKY|aokrOVLtmb{BsBoZ7+Sz;)RmQzIM=L@R#b{$H+a4&wG>ne~zl0 zEgK62wI@~C(J?9qICHeRp;x-=x=we$(woYC`M#MLy4!YP<(9^s!``HVWC2{BavW^4 z)Qe&*t0flt{?=G~dVw={pU)NK8D8R*Jf|T_EI!;Jv+3RNejQ(BGe zlR0KARI!3+nEhuo)DOoJf$^H^PYYjo^r z+}jfv2)9PtU;l!JGw5;d+ff0i@gRFm7H<7Pt*Lg}=1|4&#&aNEwqQ{B#iCgDqDM_U zVJD5BvX}zH8Lja;2u_aQ{~~}YJ4J4y>oC4!St{s6SOddlZNbsueGd3-a#AMCdNXft z{+mbr4_ftqAl7SPXzSA*F(43di551g_6XwP!IHu)0` zp3%N$(DlrFxnXAKS%xJ1V%-rmiDd4z@+HL`g-=#-ZE^7wAm_t?@U!oTbj%B>fDV%w z+)*#I%W)sFahVa$TG?IHtqYps^Q`X3_!cJ%NuFq7kuF*YkrrrU*s`#E|4ejZ@@32y8@$YZ&O?!+svgavCx`T{R(jSS z=qGCrtUrW$4)farkMVeYc^E&=e3x1!A;t@Z>eiOhuomu>7>~Z+kU%)w@i9PENhlbR94GBADZjc2R zKJ-TC|HbP658UrR?*0GZjgG+IOtj&DP!<1AB2y5ZS@huW+_u`?As=w^m%hC7^`T@X R>n|5aOpPoJE3V#s`d=QDM412p literal 0 HcmV?d00001 diff --git a/windows/configuration/images/admx-policy.PNG b/windows/configuration/images/admx-policy.PNG new file mode 100644 index 0000000000000000000000000000000000000000..c3c7b9a088f40a6f7d361401756c47676260ff20 GIT binary patch literal 15504 zcmbumc|6qb_cvZqq9RMEWJ0#=OR~;{WH+JgQG;YlOk|r8DO>pJH;*Lj}vJm-qKZK8XI)kXva^zSH@Ok>=3E;Q;ElD)+=P2AvSL;YwFW&<2h0#URSo6pcO#G?62giZ$ z%un>J;YW_JwjBN(#d#Gv9XX;dtbbGUj=%jw{+pYbi7KHl>RFFozR#x3@K{3r z&J8D>SEv6xh~#Dezay+GxMCXVTeknY zcPYvPX8y0S$$^!!E;M$jaV@R;jf!r5% zo~2*Hgk3V^fC2-rVJ|>E(`IoN0rp+(D}D8iadao-B>u)lrmf+|28#wZhejl#V_~e? zYYKwg+kp*-C!_1{^xZ-=9?+|1jcQy#;9&n+5ol+Aa=+D52;FJz+|Ln?7~9M#q3?9! zYU_T@aASRBBuZ!hGrmABN%=X$Z%!`}i+;A{9iAt+4$f;H5 z$F~e~Ps-3;wm7`ox*czSq1{C53p7veTj<9u*`3Nd}trI$0t71{2X zE`8nFUl`gX1bIfWK$0+0yvY@uf%xF6P|#=A=x2 z{GuY(%%GOLaY2z^_%l(CAvKoASMNvFrAjd9?~n&WZ8h==3qp zn8{%&Y@}_pj0}8f7B^;rDO4XU4L_qq%%l|e5`2>ql0c;~vm3q{u#T*Pui_@>H~Gu) zy7g0zUR}EcMD3PxKi%{E3={a@XUi&!B4JKQsTuknK539qkBzbe7}9PIY$bp zW=~YRJFI6f&Wh9u1)kUC2y2=XKRvRER)y|+Je+yfULYra{7R-I5lPAw#htM$fdY zyie^I8H?0$UO|%`-C81lbfv%dc#C%mQ3ttv8a2uac3@c1_dM+(xN}=2Z^iBXh}&4R z07lQsr~J-c5#gyfd^9RD-T8hUx=w+?M=*ZFP(-iMc*)&o@eupp*ynV`8O*Vn_f2?@F0y8#IY0;gqZ52WjY zPm5?OP+NICPqN%|Ne>uA?Z{Tu%5-Bn!4>xi1=rqBlE3?0sy8lB`8-K!j{kj)X>-F= zgY?}kn*IG5$DaC0$4#p2pjT{ja8G2<7=lk_&I;8(w%)L)(rLBdPB-$0)H;gimf$w_ zlh?oBemLN6*WhsN#FtT%=QFjJK6&a%2C{hQq@7Zt1t^EPdqSp(d@p8_{K|Av;Ei`* z18!pd3G7ElERj1+X?8b4r)+R5{ov)aUnu}$g;v4Z8`byeo;2_KiSAVhi$j3i*1^tR z)Z|M$s38GYT{4k>B>Llzx#OJ=!P3V;z0yk3>m}LS6rqqN>~+ZPl2`K zR@MqHeN7z>l$f`@Cq2{ONEbInR#d-|TIlx5Q90$4Gl`pOK&YFqVH0X6B>QhyBLR;T~c*C?)Z#(zDd3ZJAmufd#bB#HUpMlCJVSokz z?|wZiUE|>jAz_;-v$e^7V@Rb{E?$Bf6x{#SKr)B(+b>G+QjfV)16m#QCetXq~N6CWViOaWXg{-RwHInJ;sxTz-0gl_fj^Q(62XaZCHVXlbFNu?VNHF&#yZ-%pNnk zFmZ)@w3u35{10Z4Yd2NKvKGQOsIoo!h~@T51$)sG2(Ic~(kLRZ9=2h19A3MUbJ6+;mHQ(>zN#zHmw7riM7Dj&gzVqY?Fvkvf@~Lg3$A!pbk--EO~x!n>deEZ}VoX2@u**YyowWoI7INOB5{w+_#V4H-T^+p%K2CcBV++aRoVAj<;@$Jr_QZZWApe#c;9dObX9ewJ+I|b zxZQ>-(|G75WQpo>EGVg3*Hu_kx+n4QEdsg9dy_U?BknNU`PDV2=<#>dsj~Cv&AGwh zGLYn+&v+vd`Yzmxc%(pKnuP%idSeZ%f+84<6UvRFojRzG}J?%$ahBS(@($y_x6dHG1 z?n`isE=CH_A8d343#^>#gRGpP7ovRbWWJW4Q;;Vr4zifg-nOyO6nF^O-)HRx)yz>w6I~nISv-atqQN8E^0Dbd zVuXpnJytAcGmT&#FH%@S9UxJ5t8Po040%p`>*h%lLIfHygCA}0{$8A=xJa6tm``w_ zn^3sLZQ&J6HIcs7P)DoD3aKjSr>9+R9LylujjYKb!h20JQt3jY_LHq02;G=2L!h#;gr}*2r`vvC3 zqc!#mzzb7d-AVDU-rJ(U)<4DDqzdE$iUkPAVfWShmYvHwg2HMnJzrDC@3zSdYf(an zw5P|qwBob-l*>8OW#pjS>1+I6v)lY3%P;)z^tyyo;SJrK7PZH~vNOawTz7uOcK_F6 zBM5-IYrcXx3+J7JNuR@zJNg!zfFS&UAjj0M(q)$lRh?@rGP|J@MfPe{nMs~$B*)>q z*|R=((EB&CO-|niVF@aI1)MJ|X$hZAP7Q|cwFk#>w&&mB)#@S@9i8!vW!Ns2)hNAU zPVuh$DP5-?OVKt{nX8j@jZ>@4dfj1{?m*ZxO%&&LP-yG3tiCJvHL3%>9O3XH6_GV` z@(U@r1X@ts|xKlWk|gt^cHD0X$c^4G$Bv&Nn~~ zahSPP%pqIf9XM7x9;}_GpMQov0Iv~n@ly~4ZG*lzTrRVScmKX#vR~S7yPv6pR3VOs zJlmQ4WD&6+dr_qU*BGk)R0bcA>CtRUHUqC!(S${aqCxKb(_QSyP`k>MIX}tQY7aI1 z!4@kAG7b%UtJ{TaG*B zFgfk)4cSdxc!O^mD9jrjr*UFk#Uk0nQN+6`@RF+4HuzQl`$~?@pkKQuFHw}dHA9UT zuVVa7{=o1Q-#@m(hk4a=$JSYul_X};*6wrT6|(tdv^jPbLr8PC;o*rH?FT@*86Jr> zSJ`Z}_I_vOWKQ3sQdVGzmiNuuo_u4WBx}$9jF`TrOdK+DjALi&ox~;h)(wQR4Rgfo zzrGFj^Ni1fd6NcQyx9Wc%g?x@@ERck`?H;X3H-YqjYE;m4=w0+gtat<<-); z*bwlnB=oUQj_#*P-?->^QD|mDTF?ciV$O)bSntLi%6?AycB*kh{EZojw@!;qo0W33 zvhN>c5=^A6Cv7Ah^BSui6S&J%%U^$U>w~RRaYIxI}y=mv!n4nV$Wx3@eSoDlEQC3#OrY`B(9|q zkK2n{_7*3~)x=pjU0<6>tMKz#s%(1vE?ZCSouA~}3AUPY=2%0Ytl7T3{^eVsHkF<2 zuUYXs81a1_k6PC*R)J?}UK_Bg2T)g)VsF*U{x3W5iWW@qDPexp+#WWef1v4USHI7a zyvTiN?CIn+w0r!>Sowxj~j#{WX^;KFsHp`G>h9)&^U9eDFK zLS;@J?d$V(pLSjF^NKd-hRK5M)KT%Scn1bzF#pZ6B=TGzZnqXc$eRoD{z@Ia%0#PW zD|6*cMj+Fcz2!9&`ju&}o&p4}Vwzbe-8%r&{#YBOn0-3;-j8Q>3s2Mh%8N|)$KUYb zs#g51Ull#hI7PXaC^rz$D@*i0s{X-_G}w&Z?|;~!+V_Q3Rc^C`0oN7q2>`4DTX^K) zQunn^|7w0?Blm@Z-5W?Gl#dorX8#bm9now7xPNwSTFZPARcn$bH)Qf6%@jf`R66h6 z?&8$x`ccSaTl7VDs{6!Z9d7a#AAitRPi?TVJX`1r9~#+t%Ft&yyatVl@Hx`SuT}#| zFBdQ(_>_K@JannM1XY-++8T==h{mTXS1=*6s2FD{BdQ`z$ePXh&AK$-#48Ey)A6YJ zpz0|Tu3czEo>@Ngwl>(+B4YaEWIAmwl;BJY>Yen8Ss3Djtt@o|BJ^l`&uK1Co5xH2 zU*Z?Uq5rjl>3FTQtxDwUORGdeL5(G$ZtCjPU4%GszoyQLk+vf}cN;H#tbvobaHG++ zY&^7P3%N6{X5xJ#<-y&EgTbPX-qNfJl#gAk275uPa6fGZ%V82>{e~%QO3)>~u?R}r zmZx|~MWjd~OsYv|`*~+C^Naq!z>F$ZSfXq62;3KVGC0UO0X@qQOHoava!{V4&abSA zAXnDN;7DC!@U1imxl8@QTZw4~PW#@VZo8{NkkW6R8~tC!_#H%N({nW2T)-0Z5ukSE zOFek^GSu!7TEO|$MGOOdL%naR3w9wDZ;|qHRw{oSau}|Tj6c5@;XY+8_F1U3Ez+Z< zk`rV5(FA^S@S9v5Z!j7!Z{(YseYYSxvtcr1G_>O`L1ap|=}B$IxT}7Zkzfnz`;#fv zCSGzx@_XlJ{Wa=O0F-m&&*Ss4Pf^6VHk|8Uaze&ZaC!w+!9Bd%4igsGc@YuRR}k`y z{g$_l(65YB6=#z0b_%7(sX_JS1Vzvnw|=|nO&f)FGIUdR!m`nYTIXM~-@SZ^0sQLM zKn`Y_2_9^+owvFM889M`4Fi|N3;F98pibtm9ER=e87b6p#b7jB=;_=M@ z0*cSiiR-@Cb_`>XWW(8p*)B7kiRiWf=kuLkvFa1v9+A@BL`#8K7 z3=Cje!R$NbCgTWx|3bf7m4Blj5Kbdm*Iq#=gaf&c2V}9ed+P@(245>|cbUdo;R_*C z5m4f{bz{0X#7)(AoDpI%hl@dLA-7lG>mOifIl&7!h??@bo|i;QgIm7>JgRz6iq1=6 zM+PI7;|n_+w$-;^+|Aq{=~7w28&bFrxFQZBAP0DNI%Kagn7Td+coWJKfXFk9(ot#| ze9$bP1s8LOc9*)wWW>)JM!P%4jgHGyenxTmBX#K^XKS@h`5*$KJME#dV(ZBflNty~ zpcqUiD8NfeaPNA{E0~8DlC*rU;p?Bo?F`vKJ*pP!1LE}R6>-Zv=<#P!I)zq}@on0X zI+MwPNrK!mn<5jcl_n!bWk=Vtud;q=TFDQesJgsjtC}EvhFZ$FG-T_6w|xp*4488J zrZ{&^Bd8lXsk%d<>rP-ojwV18-|>dvXm!`Dy3D^g4n3@5@~D~+^b+8vCLC)%nU!=% zsMbmo*=riC1{}r^xO_=-4YjAs;2jl8xZrD7)!UEcUmEe+$1mKNxif4RYaL-!CEFbk; zN2}`6ooy5*bmMjLT|){5K@u(TRdMPKU z?Tur)_G0EEW5ny_T}%RM=;+gsm!ypL-RsomO8cEzn{7+{1-a=M%hKvmbGob)dBp8ydEDaW9*GuYy;xMW?hRzXocy8%R`iD2sEwjJ z!+@t{65J!_eaP>+zu6U*`yH(^-Bwka%B|4wx>F0ST!@lD62RN}K=mk~*fp1B#B6??MryWR5s!5sr_>irqY{mP^Q``Z@Mb+inl zY5XvcLuaP%JH)k>%7?XI!uE4eu>N}U)7C?K9eLieSTPIywP^`TZaEI+Y=vd9^-O4Z z{?+v~e3zb^wI=`Accsb#j2em#v~E+FSuFGyol3`5BE!bj{obCd&bbszzPq0mu^(-? z_`Mi%%Dw>N_>z33u*>Qis=Wf1{>zPFbet!F;%3x_=BosM@A^7qQ`}wb5H!|0Kyp0p zJj-DVHVjZK6XjkYtBE|)HR>@PS$;Xu|UrbCesUEoD{EgNYn z@G&D|esTZj^~J1)FUvh{b+ad8Ewk}?RXJ_U4pVj4tzXq0n465?$a-H!??(#^>zqC1 z>G~Q!UawwyN@Yfd(A6+!Fw&Ekg)wm~K<29p4%3|yEhitqM)UYaH(9F#EHarlgMM7R zmpM~8BH3__jR)0Eaf4#IOG!Qy*{j+O7r+F4p2&vM4p@%8K8&>{Ru5mNM>-(3Uys@Jms*7?ZO4Q5R4O?m+ABT}o(KS; z_gXFNSrG-uK>px{jUsTweuc5muY9|e!Z|r(8E8o> zxOuWc)3kS>;0(0SQk>;wsrK`=j2Eg?b%mAzqb03e!#5w-)P{HG%a>2KRpCx_XZph2 z#yH7}y#!T8Dly{)`8T}qKv9N%o@}&uxnMsx2>n8bC~ne-4{9qVG5QFVO9j{a502+n zkeGZNsN-%gHm(tcRtcDrg!r4AU=Wx>#RusJ(Yla!i`G7?EA%fuxu~h@)Q#Y$UWjZi z2z_nEx6Vvd%$;?U$C{g}?rN_&g7c0ok1AD4gXKQ9v2Cx_nRE}neZm2HzpgW|;pNn> zhmeR2gR{fMK4q*~r-C;EQ~0dXkNNEcUp;}69Vn>s_S>L{K$r1-z*aNM;*WcZWV~=* z?fJ2*V4vyvI8eX0YV^q(x|S{W2Pw*1%7?E21MIRTn{V0#b#5b-KHQ=LQ-t4rlhR^- z?Q+5(0)~wLd=JkEPr@-05U+Q;#_K%Y`S=uEz~63w96r~v*|=yfpMQ}yT2L)7vbwTq ziz!)_+RV64?_fmSCF3jm>h*%Na*~+ac2!+i8^HE5sC}@DNn3H;IM?T)(M6w9ME&}t z(KgHK%;KBHbo>Rd#UjS7|H3!9_;$ZUYCz@`h;(;sh@uQu5xr z-HpsFb$Rm6)77fLKkZPJx=lziVkIOKtI+j%cWJB|t7MJ%i5zvA9t>>F%nKxdIeAD=t_Q0( zShc1~BtPSd;roh$gzVpwTxTIii>>Bd(s4W*JNZ@jE;$! z$=L`_i>t3JgWC&|u0y}6OIbRno5&P#l9C~oeBA^>9hut_ROb!`YvQDjw*^H5`?ql0c6942Uo!E=d8yOSGX!0%{* zxrx(Axh7a;O<8j-KM6IwaOFe%02_jfpco$Q$&*#or@c}zS@%(!|(ywFS&S^M+2Vy+|JR9@2Y&1T)9#MJo2Z110eX$j8l!bhOTPZ}E< z+rFAFDj799?W}?;lG-&^G4fqtGiSBit$5flt#XPct3*EbxCsAp!L$n}4G$~H+ut94$~KnFAdX{Q}G8C9ARmT?vLqSoHlLjgUO5@_E)tY7I#isS6)5`=!^i}1qceNn$80M*+w8;bgaF)gp4 z`R^Svc_+?4Own{z<@>{7z+&i}GSm;CzL>tzywV7>MJv9cs^_7Y=Bzh!4al^(X>*@DBCec!> zLG%1T)xXvOz<1w|#G?FuW6{&1nW!9BH;T6^@g?ca4CnelzcTiNIj{E7M|_U+FQ!Tu zsEL>06|B?JEq7GRTevvk=1N8j@yM$#k^{Rn9-MYT7jK2kR3CNZU!~5+ zFL2KVr;(hN3IbQH<|AAi?(!vo<*@$h*qCULk&V*v7NGU_h_wtWMrwyfOzTXG2kIuj1N81f~H ztR#u2kwLSNL+|kd7}(o{?f*;%)?l3vaA@S##>`hM?^K$G%N-nY=w3iAA3RS#}kXNf>VNsIbCbo-08D=yujl{ zxnmCfn4=VuF{}{$YQZ9lW|Ru7BI~&r$Yo*VRdMA)<)%H+xBDSQH=K(2`;HK&nLnS8ZFs!huv z{hx9?p1w)*OaTl|E@DYMBTrp1kw~>DYi5Qg?&)V9asItP7Hr4qw}`PW zTo!0#Caisq*jS*bZBVpFarta02iR?Y6$+(xflOKIjnY)U>yqUj8sICMd`-pQf#I1e z|5$5G+SgZBPDtvVbj!xAFAMkqB}9cDQH)PPtZeE(>J^#V4V;!gi`=PqnCI>aM9c8iK{kLZ*{rKUZbeYPLQyb=E zR|^vFlxfAhC4Kag$Q24mG(Mycbp>T`&JG8PW~2}ijB;%Am9y#b^6)Vfd}hmA;!7@m z+2tKzDtG5aV<0~}7~DCeHr_)#8yF{_3IBes?X@X>*DY1DeD9|VF)466anwz?yYRiI zR&Ccf$a$7)`5-~*J;-r8GGeMDymiRmzOmY>bDhj-=o(X(?`Bsl;j`?%+=> z3cU0FARa>gL{?g}GpeouUOKiu05eVanUbI-TeG^Rq!`g@%XFFWWz_DQlQlBHcMi_+ zY>uE}tYWg(=OX;45JfsRYG-9S6r2v#QggIiRH)#HX*x4v77%evHH?SdH`>aMSv+-^L{<3KjOBzR)=5%ftL)wfrmFS5lyX81y9s_zmYZzJxI`0_WbugF35ouixl|ftC zoSnAFM|#SfCs44I2XgfcSrne7yeq}lkh=w68e)c|KoHXP2U9w$D`}}lvXeg>71R&k3h|2Aa4%T-J z(hIHX;L>Yd%HrJgAnqx8Ds4W<4>|FE};7*yHDr4cr{gUq7oskT6L+%LcD52=4|F=bR)5j z2R@8}+>Et+He)~qG2K8y&tQ$6uW67Tru5W{TNc`-+a$ZbJlG%h5DfFr}=ld%L`ys%O`y3yh}T%JiUHwBZD8s)v>+ zbW-$tky_p#^s=DX$0rLUs)=kYO_qPyia+`MvA(I6``}WB;T?9jmb#vxH+ru1fOD_;^w%r|w0I2(?=+Q{A8jb)Oc#A5 zHHaspdxp&e80dAz&U=qoSMYq(Yo2nYEh-+=_mji9$?I9_rB>>d%oU+Ob21%KH`V&IJ#_Y&d1DqdVxW`9F{*`4xqbbO(PYPEIf$I4X7-V?lP~Q2 zh5fX;7y>(E&hpCK$@wmHoRs!6#jB?{P0YMJz_kV1hT&E^AMclqd-B9kuN9?Y6d)HTr$rQ3&sWTsngT5l+9p?Bjvy%x7B#L` z44L@bw#_wMi))B>uR77MDmytmZ6}YrxxL(X0hnzjnmZ;e`In;QPF@>n*|3RJ`rT%x7+F?|N^2!!tE7WOFp}miRi{qnvGt7B^jGmx84k$& z%qB)+rpe#hp?T)jo{tGBQ$UMDX{9;Of`8itKs|G*^bBfp<0!{$9xC_Xw|!QpTWM&` zmr+A;yf$`LqM>=Q$>+UEpXFvl=we^O4}iN2-ED0hnh_5!*&Tc+Lt!xTZ8h;g-Zw@2 zm6JyiP65oEPT%98kyPf|d<&E3vRu*2QOl*}?_Yy&oa9eQwPsj>W(K>(Z7^;0(>fzo z<7z}CWyB2d5FfOxX{RjFM_ z5fCLvUFDY1`=@z_KQ3^8iWvlh>GF4gdrf5bqIr1$*TV(BJQ4f}{q*c)I z+6j0w+53Ly3rl0o2L73?Z%DJ(j=#kVT`@WC94mCfivs07ht5TjOoFpke_>Os<_5<^P{o_lzXIgE}wuzYjG z!e}i%b-7->KpdZ+JoW)4xvwV*S;zpNWTx|I!MJmi>L#WDOfE-X?-+uNizp(Ds%f ziL;TsLrH|oxMl;%kEmcnNi!7v60y1F?<3fN$mH_VJ#&Sqi|OGBG1~1F@!o4S>r5Q> zkC!m#NLM{~?@$DvkpG<-{L^9m-!)dx zo|`Fl+>`L>)pT%GKx`8*JC>U}mK%0w4kmLArP@ybF#%m}&}-`7QNfo8bDRn-Fwbxt z4NRWM4WPc@@Y$HuD~&?yzwLZ9m7e_AUg$?dqQD4{6H=6z=N;6(l5=Qs%h}Ob1x^2w z*5-?@?~?-VU?P9@!=vY07^xg5wB)d}LpAlXqBtRUqWgwAKxG!#Ya-Q=>y1UTL z=xSp8)p}#(rlWDXwl!tp?yL;%L5C^Kl=b|T4T?u&igBDMMlU^3?k!OPm(zUhX4cI| zTED!mb{;k+0DH#&*iYj!*XI>6$2xyreC$4Wp6;#s{2^hwApaBgxM^`cgQJG2Jzt z$L`{fwi?A%q=W@5F_4tJYI^BIu7UT{N~=~3TT>As=>a(!yAg3uZ)S$1Rc7Dbc-p8h zg3BVT;&3?h85w!;tb!)@?A_?}g!Q6Jpk%Ql^y!G8iM)$5>Qf)vMlfZMngi!fBZV^sg0ppr} zeXHP37;FQ=Q1Ikg+IRJHTK3djhh0rc>eN)Irf5 z2fC8az6GUdb?hs7-=ge*d(*U0wPlER4f(o1clbeJ2$soThx z-8ue;E5FWrN3x-U!!WYd9r^L(Uxy}*BxVk4*qKSrE{-nR9zLhP$ZGGXcq#H`F_ge} z!0&4GJqEdeBaIkN_-0? zezGh%6qC5*?}iaOngY9RbSzetM{SY`vW$oH7}`A{D%+diHpcXM3DeTXj%VWpHO1!9 zwMkrvX-ecDva@}Ctb6=LF7xQQLx)f&1C`)rSN{-p(l$|$NlZcd3`G20MR!%asqI!~ z_{^Quec33Z(Nzhv+#hTYl&Hq2+7stxJfd_+1}GJKBg)&unb7~Hc;2SOzFQzsozx`3 z&Mv!M^ve+v0XP%zI=lVL>rD68VDtKERjh5>sS$h^M}h4|(qZ=wQ7HfrLa*aE$A?G` zj%(tA0y@d5>?V`1o|~!Qf1VmK!_+V|n20n^>Nq_6Obg6*{6$-GKQPFEr{t7lI?8)hxQVYftFedn0vsdp zX0nB?aX4J5Cl?3)gO1*!-78ZuHQ4_&Dd800xP|_tndC9#9;YdFQX*JJoO^9hhIj}` zk5i+upair1NDEX`hh3jPf<^LXdi6IkN}!RWaD!|WF}~UoCP#+1cZ?+qmFJYlKuDW% zNeP*)g8#iiz1s1e#v>WXYb$kq|f)U zySUnW$@>Ltw(3w>)h+$eI*e>ZMyQARX(JNcp-71zFPh#Ni!{HTb?10xevj6|CF&`C zL_w6sPMEun_}cfv5&LeaRSFm5+5p_2Uk3tCsOYLnf4uy1P!49Q*WPixe7WVgWpue? zE38erLJB^6;XVG2OpVD}%9_>|r6PQRyE17i4|%u{0k%0dk}PIEq2atf4|I1iFm}6K z@1Law5BU`EjxeaTsP^r_XnTH#i8-9fqd7=uoZfDChI3`dL#s?8L@N!pJPcd5U- z84T>^SwUv8q^qxX62+398!$wDDB-ck+i~2El<|T;xJG>%8hMtYgm2zeh=|e2&G8c@ zx1fU8e|x3{)4om*<3h_tMM67^$%k=H^4PooNQD2|%>OJO{H5`LMz;UVmH%r5M(e$BTKdShvmslH6cI( zb(V86mU9;Xl7DAgw}Cm;F5!&b2GA6@0DT9Yl8K@|)8xNU9kGY(INXPmMONyZm3RZb zxW<6KZ8HTYrJ42|{GrL#m+~=az;M3?bvHcwN-=b*b*?&+} zHS#}DG(6#dg`xv|e^He48QDCWML=ROTqz%D^voX@0&p`c^kx8Hx$A}hXVIS8^x|EM zsU+O>TBpng@mEvH8ayO>L}_fuV)xYsjk7DY4lA<`IQYQu>Y=|N78F^HADwmC+(aI_ zLI7Fhuuo2N#MGG}3&(a5;Xy!e5uh|Wz=p6KW5Oi!alptdRoZp=Rs+vY&_v(ufJrG1 zhxnS|{uf_c?nv%GPqu)($_GR4zVGHuXEfe-Fy}zbifKnOm*cMdx&rt_sW8cM;zkS}r`x8_EuB^S$l{Md`o;0s++19*8qN|1)+gBk`J|WNVu2RoDJhL zU`1G;=zf_Io-k&SN!V-^Xnwh~uEYZyNm+`N^`h+E(GA|wZ!S<0g*W}nK^j=Wb~e0k zWXJb^HLUy_&d>|3_|m|a4yzjm0k{5LTK(Vo#zQv^^Z}zeVraip;mr{qw0#I7)~NB~ zr$fuy?lq6nY1oc0$JTO1{L??xSr7Cqv1_I|$ey9W<_!UsH}zG(hR)#OJH@>Yj{xm^ zfr@4Ndk@@C&c-yHG&K9ZXReD-70YbBuqn+gtmn)*DQ#MOP#l#2qFRjX9^RH;cbrX# zn=MM5$00YQu~2S*$$+r)jIAU5qZ8n~5Z45SsGsC)S{>oW~H4m;(jw-k1 zjOmV$!+iwF{S!jv*9imfKPvZD%U!s^Oj2;*PA}+`dCpJpEy<74$I(J^KpS~mS?iO( zx~lRQ!<>wiI@maqmo|Iqtmg+oxcAAORlg`L=4wSfRN8LO)?V^$xX6HKRQI85$?j{w zi6PDV`6sz-Jy(vyFev`Ni Authority** and **Azure > BPRT** settings for bulk Azure Active Directory (Azure AD) enrollment can only be configured using one of the provisioning wizards. After you get a bulk token for Azure AD enrollment in a wizard, you can switch to the advanced editor to configure additional provisioning settings. For information about using the wizards, see: + +- [Instructions for desktop wizard](../provisioning-packages/provision-pcs-for-initial-deployment.md) +- [Instructions for the mobile wizard](../mobile-devices/provisioning-configure-mobile.md) +- [Instructions for the kiosk wizard](../set-up-a-kiosk-for-windows-10-for-desktop-editions.md#wizard) + +## ComputerAccount + +Specifies the settings you can configure when joining a device to a domain, including the computer name and the account to use for joining the computer to the domain. + +>[!NOTE] +>If you want to create a provisioning package that joins a device to Active Directory AND sets `HideOobe`, and you want to apply that package during OOBE, we also recommend setting the `ComputerName` and creating a local admin account in the provisioning package. + +| Setting | Value | Description | +| --- | --- | --- | +| Account | string | Account to use to join computer to domain | +| AccountOU | string | Name of organizational unit for the computer account | +| ComputerName | Specify a unique name for the domain-joined computers using %RAND:x%, where x is an integer less than 15 digits long, or using %SERIALNUMBER% characters in the name.

ComputerName is a string with a maximum length of 15 bytes of content:

- ComputerName can use ASCII characters (1 byte each) and/or multi-byte characters such as Kanji, so long as you do not exceed 15 bytes of content.

- ComputerName cannot use spaces or any of the following characters: \{ | \} ~ \[ \\ \] ^ ' : ; < = > ? @ ! " \# $ % ` \( \) + / . , \* &, or contain any spaces.

- ComputerName cannot use some non-standard characters, such as emoji.

Computer names that cannot be validated through the DnsValidateName function cannot be used, for example, computer names that only contain numbers (0-9). For more information, see the [DnsValidateName function](http://go.microsoft.com/fwlink/?LinkId=257040). | Specifies the name of the Windows device (computer name on PCs) | +| DomainName | string (cannot be empty) | Specify the name of the domain that the device will join | +| Password | string (cannot be empty) | Corresponds to the password of the user account that's authorized to join the computer account to the domain. | + +## Users + +Use these settings to add local user accounts to the device. + +| Setting | Value | Description | +| --- | --- | --- | +| UserName | string (cannot be empty) | Specify a name for the local user account | +| HomeDir | string (cannot be ampty) | Specify the path of the home directory for the user | +| Password | string (cannot be empty) | Specify the password for the user account | +| UserGroup | string (cannot be empty) | Specify the local user group for the user | \ No newline at end of file diff --git a/windows/configuration/wcd/wcd-admxingestion.md b/windows/configuration/wcd/wcd-admxingestion.md new file mode 100644 index 0000000000..daa6ca5eb8 --- /dev/null +++ b/windows/configuration/wcd/wcd-admxingestion.md @@ -0,0 +1,97 @@ +--- +title: ADMXIngestion (Windows 10) +description: This section describes the ADMXIngestion settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# ADMXIngestion (Windows Configuration Designer reference) + +Starting in Windows 10, version 1703, you can import (*ingest*) select Group Policy administrative templates (ADMX files) and configure values for ADMX-backed policies in a provisioning package. To see which types of ADMX-backed policies can be applied, see [Win32 and Desktop Bridge app policy configuration overview](https://docs.microsoft.com/windows/client-management/mdm/win32-and-centennial-app-policy-configuration). + +- The settings under [ConfigADMXInstalledPolicy](#configadmxinstalledpolicy) allow you to set values for policies in the imported ADMX file. +- The settings under [ConfigOperations](#configoperations) specify the ADMX file to be imported. + + +>[!IMPORTANT] +>Only per-device policies can be set using a provisioning package. + +## Applies to + +| Setting groups | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| [ConfigADMXInstalledPolicy](#configadmxinstalledpolicy) | X | | | | | +| [ConfigOperations](#configoperations) | X | | | | | + +## ConfigADMXInstalledPolicy + +>[!IMPORTANT] +>Configure the settings to import the ADMX file in [ConfigOperations](#configoperations) first. + +In **ConfigADMXInstalledPolicy**, you provide a policy setting and value for that policy from the imported ADMX. You will need information from the ADMX that you import in **ConfigOperations** to complete **ConfigADMXInstalledPolicy**. + +1. Enter an area name, and then click **Add**. The structure of the area name is the following: + + `AppName (from ConfigOperations)`~`SettingType`~`category name from ADMX` + + See [Category and policy in ADMX](#category-and-policy-in-admx) for more information. A setting may have multiple levels of category names, as in the following example. + + Example: `Office16~Policy~L_MicrosoftOfficemachine~L_Updates` + +2. Select the area name in the Customization pane, enter a policy name from the ADMX, and then click **Add**. For example, `L_HideEnableDisableUpdates`. +3. Select the policy name in the Customization pane, and then enter a value from the ADMX in the text field. For example, ``. + +## ConfigOperations + +Use **ConfigOperations** to import an ADXM file or policies from an ADMX file. + +1. Enter an app name, and then click **Add**. + + This can be any name you assign, so choose something descriptive to help you identify its purpose. For example, if you are importing ADMX for Office 16, enter an app name of **Office 16**. + +2. Select the app name in the Customizations pane, select a setting type, and then click **Add**. + + The choices, **Policy** and **Preference**, have no impact on the behavior of the settings, and are only provided for your convenience should you want to categorize the settings you add. + +3. Select the setting type in the Customizations pane. In the **AdmxFileUid** field, enter the name of the ADMX file or a unique ID for the file, and then click **Add**. + + The **AdmxFileUid** can be any string, but must be unique in the provisioning package. Using the name of the ADMX file will help you identify the file in the future. + +4. Select the AdmxFileUid in the Customizations pane, and paste the contents of the ADMX file in the text field. Before copying the contents of the ADMX file, you must convert it to a single-line. See [Convert multi-line to single line](#convert) for instructions. + + >[!NOTE] + >When you have a large ADMX file, you may want to only include specific settings. Instead of pasting in the entire ADMX file, you can paste just one or more specific policies (after converting them to single-line). + +5. Repeat for each ADMX, or set of ADMX policies, that you want to add, and then configure [ConfigADMXInstalledPolicy](#configadmxinstalledpolicy) for each one. + + + +## Convert multi-line to single line + +Use the following PowerShell cmdlet to remove carriage returns and line feeds from a multi-line file to create a single-line file that you can paste in **AdmxFileUid**. + +```PS +$path="file path" +Get-Content $path -Raw).Replace("'r'n","") | Set-Content $path -Force +``` + +## Category and policy in ADMX + +The following images show snippets of the ADMX file for Office 16 that are used in the examples in the procedures above. The first image highlights the category names. + +![Snippet of ADMX shows category names highlighted](../images/admx-category.png) + +The next image highlights the specific policy. + +![Snipped of ADMX shows policy setting highlighted](../images/admx-policy.png) + + +## Related topics + +- [Policy configuration service provider (CSP): ADMX-backed policies](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-admx-backed) +- [Understanding ADMX-backed policies](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/understanding-admx-backed-policies) \ No newline at end of file diff --git a/windows/configuration/wcd/wcd-applicationmanagement.md b/windows/configuration/wcd/wcd-applicationmanagement.md new file mode 100644 index 0000000000..f032ce168c --- /dev/null +++ b/windows/configuration/wcd/wcd-applicationmanagement.md @@ -0,0 +1,69 @@ +--- +title: ApplicationManagement (Windows 10) +description: This section describes the ApplicationManagement settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# ApplicationManagement (Windows Configuration Designer reference) + +Use these settings to manage app installation and management. + +## Applies to + +| Settings | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| [AllowAllTrustedApps](#allowalltrustedapps) | | | | | X | +| [AllowAppStoreAutoUpdate](#allowappstoreautoupdate) | | | | | X | +| [RestrictAppDataToSystemVolume](#restrictappdatatosystemvolume) | | | | | X | +| [RestrictAppToSystemVolume](#restrictapptosystemvolume) | | | | | X | + +## AllowAllTrustedApps + +Specifies whether non-Microsoft Store apps are allowed. + +| Value | Description | +| --- | --- | +| No | Only Microsoft Store apps are allowed | +| Yes | Non-Microsoft Store apps are allowed | + +## AllowAppStoreAutoUpdate + +Specifies whether automatic update of apps from Microsoft Store are allowed + +| Value | Description | +| --- | --- | +| Disallowed | Automatic update of apps is not allowed | +| Allowed | Automatic update of apps is allowed | + + +## RestrictAppDataToSystemVolume + +Specifies whether application data is restricted to the system drive. + +| Value | Description | +| --- | --- | +| 0 | Not restricted | +| 1 | Restricted | + + +## RestrictAppToSystemVolume + +Specifies whether the installation of applications is restricted to the system drive. + +| Value | Description | +| --- | --- | +| 0 | Not restricted | +| 1 | Restricted | + +## Related topics + +- [Policy configuration service provider (CSP): ApplicationManagement/AllowAllTrustedApps](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#applicationmanagement-allowalltrustedapps) +- [Policy CSP: ApplicationManagement/AllowAppStoreAutoUpdate](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#applicationmanagement-allowappstoreautoupdate) +- [Policy CSP: ApplicationManagement/RestrictAppDataToSystemVolume](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#applicationmanagement-restrictappdatatosystemvolume) +- [Policy CSP: ApplicationManagement/RestrictAppToSystemVolume](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#applicationmanagement-restrictapptosystemvolume) \ No newline at end of file diff --git a/windows/configuration/wcd/wcd-assignedaccess.md b/windows/configuration/wcd/wcd-assignedaccess.md new file mode 100644 index 0000000000..ad5d7551fb --- /dev/null +++ b/windows/configuration/wcd/wcd-assignedaccess.md @@ -0,0 +1,35 @@ +--- +title: AssignedAccess (Windows 10) +description: This section describes the AssignedAccess setting that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# AssignedAccess (Windows Configuration Designer reference) + +Use this setting to configure single use (kiosk) devices. + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| [AssignedAccessSettings](#assignedaccesssettings) | X | | | X | | + + +## AssignedAccessSettings + +Enter the account and the application you want to use for Assigned access, using [the AUMID](https://msdn.microsoft.com/windows/hardware/commercialize/customize/enterprise/find-the-application-user-model-id-of-an-installed-app). When that user account signs in on the device, only the specified app will run. + +**Example**: + +``` +"Account":"domain\user", "AUMID":"Microsoft.WindowsCalculator_8wekyb3d8bbwe!App" +``` +## Related topics + +- [AssignedAccess configuration service provider (CSP)](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/assignedaccess-csp) \ No newline at end of file diff --git a/windows/configuration/wcd/wcd-automatictime.md b/windows/configuration/wcd/wcd-automatictime.md new file mode 100644 index 0000000000..abb8bbd179 --- /dev/null +++ b/windows/configuration/wcd/wcd-automatictime.md @@ -0,0 +1,45 @@ +--- +title: AutomaticTime (Windows 10) +description: This section describes the AutomaticTime settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# AutomaticTime (Windows Configuration Designer reference) + +Use these settings to configure automatic time updates. + +## Applies to + +| Settings | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| [NTPRegularSyncInterval](#ntpregularsyncinterval) | | X | | | | +| [NTPRetryInterval](#ntpretryinterval) | | X | | | | +| [NTPServer](#ntpserver) | | X | | | | + + +## NTPRegularSyncInterval + +Set the regular sync interval for phones that are set to use Network Time Protocol (NTP) time servers. Select a value between `1` and `168` hours, inclusive, The default sync interval is `12` hours. + + +## NTPRetryInterval + +Set the retry interval if the regular sync fails. Select a value between `1` and `24` hours, inclusive. + +## NTPServer + +Change the default NTP server for phones that are set to use NTP. To enumerate the NTP source server(s) used by the NTP client, set the value for NTPServer to a list of server names, delimited by semi-colons. + +**Example**: + +``` +ntpserver1.contoso.com;ntpserver2.fabrikam.com;ntpserver3.contoso.com +``` + +The list should contain one or more server names. The default NTP source server value is `time.windows.com`. diff --git a/windows/configuration/wcd/wcd-browser.md b/windows/configuration/wcd/wcd-browser.md new file mode 100644 index 0000000000..787b6fa65b --- /dev/null +++ b/windows/configuration/wcd/wcd-browser.md @@ -0,0 +1,86 @@ +--- +title: Browser (Windows 10) +description: This section describes the Browser settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# Browser (Windows Configuration Designer reference) + +Use to configure browser settings that should only be set by OEMs who are part of the Partner Search Code program. + +## Applies to + +| Setting groups | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| [Favorites](#favorites) | | X | | | | +| [PartnerSearchCode](#partnersearchcode) | X | X | X | X | | +| [SearchProviders](#searchproviders) | | X | | | | + +## Favorites + +Use to configure the default list of Favorites that show up in the browser. + +To add a new item under the browser's **Favorites** list: + +1. In the **Name** field, enter a friendly name for the item, and then click **Add**. + +2. In the **Available customizations** pane, select the friendly name that you just created, and in the text field, enter the URL for the item. + +For example, to include the corporate Web site to the list of browser favorites, a company called Contoso can specify **Contoso** as the value for the name and "http://www.contoso.com" for the URL. + + +## PartnerSearchCode + +>[!IMPORTANT] +>This setting should only be set by OEMs who are part of the Partner Search Code program. + +Set the value to a character string that corresponds to the OEM's Partner Search Code. This identification code must match the one assigned to you by Microsoft. + +OEMs who are part of the program only have one PartnerSearchCode and this should be used for all Windows 10 for desktop editions images. + + + + +## SearchProviders + +Contains the settings you can use to configure the default and additional search providers. + +Microsoft Bing is the default search provider for Windows 10 Mobile. The default search provider must be set to Bing, except for devices shipping to certain countries where a different default search provider is required as specified in the [Specific region guidance](#specific-region-guidance) section of [Default](#default). + + +### Default + +Use *Default* to specify a name that matches one of the search providers you enter in [SearchProviderList](#searchproviderlist). If you don't specify a default search provider, this will default to Microsoft Bing. + +#### Specific region guidance + +Some countries require specific, default search providers. The following table lists the applicable countries and information for configuring the necessary search provider. + +>[!NOTE] +>For Russia + Commonwealth of Independent States (CIS), the independent states consist of Russia, Ukraine, Georgia, The Republic of Azerbaijan, Republic Of Belarus, The Republic of Kazakhstan, The Kyrgyz Republic, The Republic of Moldova, The Republic of Tajikistan, The Republic of Armenia, Turkmenistan, The Republic of Uzbekistan, and Turkey. + + + +### SearchProviderList + +Use to specify a list of additional search providers. + +1. In the **Name** field, enter a name for the item, and then click **Add**. + +2. In the **Available customizations** pane, select the name that you just created, and in the text field, enter the URL for the additional search provider. + +For example, to specify Yandex in Russia and Commonwealth of Independent States (CIS), set the value of URL to "https://yandex.ru/search/touch/?text={searchTerm}&clid=2234144". + +When configured with multiple search providers, the browser can display up to ten search providers. + +>[!IMPORTANT] +>Microsoft Bing is the default search provider for Windows 10 Mobile. The default search provider must be set to Bing, except for devices shipping to certain countries where a different default search provider is required as specified in the [Specific region guidance](#specific-region-guidance) section of [Default](#default). + + + diff --git a/windows/configuration/wcd/wcd-callandmessagingenhancement.md b/windows/configuration/wcd/wcd-callandmessagingenhancement.md new file mode 100644 index 0000000000..bb07ccc02c --- /dev/null +++ b/windows/configuration/wcd/wcd-callandmessagingenhancement.md @@ -0,0 +1,36 @@ +--- +title: CallAndMessageEnhancement (Windows 10) +description: This section describes the CallAndMessagingEnhancement settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# CallAndMessagingEnhancement (Windows Configuration Designer reference) + +Use to configure call origin and blocking apps. + +## Applies to + +| Setting groups | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| [BlockingApp](#blockingapp) | | X | | | | +| [CallOriginApp](#calloriginapp) | | X | | | | + +## BlockingApp + +| Setting | Value | Description | +| --- | --- | --- | +| ActiveBlockingAppUserModelId | AUMID | The AUMID of the application that will be set as the active blocking app by default. | +| DefaultBlockingAppUserModelId | AUMID | The AUMID of the application that the OS will select as the active blocking app if the user uninstalls the current active blocking app. This app should be uninstallable. | + +## CallOriginApp + +| Setting | Value | Description | +| --- | --- | --- | +| ActiveCallOriginAppUserModelId | AUMID | The AUMID of the application to be set as the active call origin provider app by default. | +| DefaultCallOriginAppUserModelId | AUMID | The AUMID of the application that the OS will select as the active call origin provider app if the user uninstalls the current active call origin app. This app should be uninstallable. | diff --git a/windows/configuration/wcd/wcd-cellular.md b/windows/configuration/wcd/wcd-cellular.md new file mode 100644 index 0000000000..64258bbe02 --- /dev/null +++ b/windows/configuration/wcd/wcd-cellular.md @@ -0,0 +1,43 @@ +--- +title: Cellular (Windows 10) +description: This section describes the Cellular settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# Cellular (Windows Configuration Designer reference) + +Use to configure settings for cellular connections. + +## Applies to + +| Setting groups | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| [AccountExperienceURL](#accountexperienceurl) | X | | | | | +| [AppID](#appid) | X | | | | | +| [NetworkBlockList](#networkblocklist) | X | | | | | +| [SIMBlockList](#simblocklist) | X | | | | | + + +To begin, enter a SIM integrated circuit card identifier (**SimIccid**), and click **Add**. In the **Customizations** pane, select the SimIccid that you just entered and configure the following settings for it. + +## AccountExperienceURL + +Enter the URL for the mobile operator's web page. + +## AppID + +Enter the AppID for the mobile operator's app in Microsoft Store. + +## NetworkBlockList + +Enter a comma-separated list of mobile country code (MCC) and mobile network code (MCC) pairs (MCC:MNC). + +## SIMBlockList + +Enter a comma-separated list of mobile country code (MCC) and mobile network code (MCC) pairs (MCC:MNC). \ No newline at end of file diff --git a/windows/configuration/wcd/wcd-certificates.md b/windows/configuration/wcd/wcd-certificates.md new file mode 100644 index 0000000000..6347a4795d --- /dev/null +++ b/windows/configuration/wcd/wcd-certificates.md @@ -0,0 +1,71 @@ +--- +title: Certificates (Windows 10) +description: This section describes the Certificates settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# Certificates (Windows Configuration Designer reference) + +Use to deploy Root Certificate Authority (CA) certificates to devices. The following list describes the purpose of each setting group. + +- In [CACertificates](#cacertificates), you specify a certificate that will be added to the Intermediate CA store on the target device. +- In [ClientCertificates](#clientcertificates), you specify a certificate that will be added to the Personal store on the target device, and provide (password, keylocation), (and configure whether the certificate can be exported). +- In [RootCertificates](#rootcertificates), you specify a certificate that will be added to the Trusted Root CA store on the target device. +- In [TrustedPeopleCertificates](#trustedpeoplecertificates), you specify a certificate that will be added to the Trusted People store on the target device. +- In [TrustedProvisioners](#trustedprovisioners), you specify a certificate which allows devices to automatically trust packages from the specified publisher. + +## Applies to + +| Setting groups | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| All setting groups | X | X | X | X | X | + + +## CACertificates + +1. In **Available customizations**, select **CACertificates**, enter a friendly name for the certificate, and then click **Add**. +2. In **Available customizations**, select the name that you just created. +3. In **CertificatePath**, browse to or enter the path to the certificate. + + +## ClientCertificates + +1. In **Available customizations**, select **ClientCertificates**, enter a friendly name for the certificate, and then click **Add**. +2. In **Available customizations**, select the name that you just created. The following table describes the settings you can configure. Settings in **bold** are required. + +| Setting | Value | Description | +| --- | --- | ---- | +| **CertificatePassword** | | | +| **CertificatePath** | | Adds the selected certificate to the Personal store on the target device. | +| ExportCertificate | True or false | Set to **True** to allow certificate export. | +| **KeyLocation** | - TPM only
- TPM with software fallback
- Software only | | + +## RootCertificates + +1. In **Available customizations**, select **RootCertificates**, enter a friendly name for the certificate, and then click **Add**. +2. In **Available customizations**, select the name that you just created. +3. In **CertificatePath**, browse to or enter the path to the certificate. + +## TrustedPeopleCertificates + +1. In **Available customizations**, select **TrustedPeopleCertificates**, enter a friendly name for the certificate, and then click **Add**. +2. In **Available customizations**, select the name that you just created. +3. In **TrustedCertificate**, browse to or enter the path to the certificate. + + +## TrustedProvisioners + +1. In **Available customizations**, select **TrustedPprovisioners**, enter a CertificateHash, and then click **Add**. +2. In **Available customizations**, select the name that you just created. +3. In **TrustedProvisioner**, browse to or enter the path to the certificate. + +## Related topics + + +- [RootCATrustedCertficates configuration service provider (CSP)](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/rootcacertificates-csp) \ No newline at end of file diff --git a/windows/configuration/wcd/wcd-cleanpc.md b/windows/configuration/wcd/wcd-cleanpc.md new file mode 100644 index 0000000000..ec1f5eaadc --- /dev/null +++ b/windows/configuration/wcd/wcd-cleanpc.md @@ -0,0 +1,28 @@ +--- +title: CleanPC (Windows 10) +description: This section describes the CleanPC settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# CleanPC (Windows Configuration Designer reference) + +Use to remove user-installed and pre-installed applications, with the option to persist user data. + +## Applies to + +| Settings | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| CleanPCRetainingUserData | X | | | | | +| CleanPCWithoutRetainingUserData | X | | | | | + +For each setting, the options are **Enable** and **Not configured**. + +## Related topics + +- [CleanPC configuration service provider (CSP)](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/cleanpc-csp) \ No newline at end of file diff --git a/windows/configuration/wcd/wcd-connections.md b/windows/configuration/wcd/wcd-connections.md new file mode 100644 index 0000000000..1ce0db8e5b --- /dev/null +++ b/windows/configuration/wcd/wcd-connections.md @@ -0,0 +1,45 @@ +--- +title: Connections (Windows 10) +description: This section describes the Connections settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# Connections (Windows Configuration Designer reference) + +Use to configure settings related to variou types of phone connections. + +## Applies to + +| Setting groups | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| [Cellular](#cellular) | X | X | X | X | | +| [EnterpriseAPN](#enterpriseapn) | X | X | X | X | | +| [Policies](#policies) | X | X | X | X | | +| [Proxies](#proxies) | X | X | X | X | | + +For each setting group: +1. In **Available customizations**, select the setting group (such as **Cellular**), enter a friendly name for the connection, and then click **Add**. +2. In **Available customizations**, select the name that you just created. + +## Cellular + +See [CM_CellularEntries configuration service provider (CSP)](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/cm-cellularentries-csp) for settings and values. + +## EnterpriseAPN + +See [Configure cellular settings for tablets and PCs](https://docs.microsoft.com/windows/configuration/provisioning-apn) and +[EnterpriseAPN CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/enterpriseapn-csp) for settings and values. + +## Policies + +See [CMPolicy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/cmpolicy-csp) for settings and values. + +## Proxies + +See [CM_ProxyEntries CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/cm-proxyentries-csp) for settings and values. \ No newline at end of file diff --git a/windows/configuration/wcd/wcd-connectivityprofiles.md b/windows/configuration/wcd/wcd-connectivityprofiles.md new file mode 100644 index 0000000000..bb7d3366c0 --- /dev/null +++ b/windows/configuration/wcd/wcd-connectivityprofiles.md @@ -0,0 +1,183 @@ +--- +title: ConnectivityProfiles (Windows 10) +description: This section describes the ConnectivityProfile settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# ConnectivityProfiles (Windows Configuration Designer reference) + +Use to configure profiles that a user will connect with, such as an email account or VPN profile. + +## Applies to + +| Setting groups | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| [Email](#email) | X | X | X | X | X | +| [Exchange](#exchange) | X | X | X | X | X | +| [KnownAccounts](#knownaccounts) | X | X | X | X | X | +| [VPN](#vpn) | X | X | X | X | X | +| [WiFiSense](#wifisense) | X | X | X | X | X | +| [WLAN](#wlan) | X | X | X | X | X | + +## Email + +Specify an email account to be automatically set up on the device. + +1. In **Available customizations**, select **Email**, enter a friendly name for the account, and then click **Add**. +2. In **Available customizations**, select the name that you just created. The following table describes the settings you can configure for each account. Settings in **bold** are required. + +| Setting | Description | +| --- | --- | +| **AccountType** | Select between **Normal email** and **Visual voice mail** | +| AuthForOutgoingMail | Set to **True** if the outgoing server requires authentication | +| Domain | Enter the domain for the account | +| HaveAlternateCredentialsForSMTP | Specify whether the user's alternate SMTP account is enabled. If enabled, configure the **SMTPDomain**, **SMTPName**, and **SMTPPassword** settings | +| InboxUpdateFrequency | Specify the time between email send/receive updates, in minutes. Available values are:

- Manual update
- Every 2 hours
- Every 15 minutes
- Every 30 minutes
- Every hour | +| **IncomingMailServerName** | Enter the name of the messaging service's incoming email server | +| **OutgoingServerName** | Enter the name of the messaging service's outgoing mail server | +| Password | Enter the password for the account | +| ReplyAddress | Enter the reply address for the account | +| SenderName | Enter the name of the sender for the account | +| **ServiceName** | Enter the name of the email service | +| **ServiceType** | Select **IMAP4** or **POP3** for service type | +| SMTPDomain | Enter the domain name for the user's alternate SMTP account, if **HaveAlternateCredentialsForSMTP** is enabled | +| SMTPName | Enter the display name associated with the user's alternate SMTP account, if **HaveAlternateCredentialsForSMTP** is enabled | +| SMTPPassword | Enter the password for the user's alternate SMTP account, if **HaveAlternateCredentialsForSMTP** is enabled | +| SSLIncoming | Specify whether the incoming email server uses SSL | +| SSLOutgoing | Specify whether the outgoing email server uses SSL | +| SyncOptions | Specify how many days' worth of emails should be downloaded from the server. Available values are:

- All mail
- Two weeks
- One month
- One week | +| **UserName** | Enter the user name for the account | + +## Exchange + +Configure settings related to Exchange email server. These settings are related to the [ActiveSync configuration service provider (CSP)](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/activesync-csp). + + +1. In **Available customizations**, select **Exchange**, enter a name for the account, and then click **Add**. A globally unique identifier (GUID) is generated for the account. +2. In **Available customizations**, select the GUID that you just created. The following table describes the settings you can configure. Settings in **bold** are required. + +| Setting | Description | +| --- | --- | +| AccountIcon | Specify the location of the icon associated with the account.

The account icon can be used as a tile in the Start list or as an icon in the applications list under **Settings > Email & accounts**. Some icons are already provided on the device. The suggested icon for POP/IMAP or generic ActiveSync accounts is at `res://AccountSettingsSharedRes{ScreenResolution}!%s.genericmail.png`. The suggested icon for Exchange Accounts is at `res://AccountSettingsSharedRes{ScreenResolution}!%s.office.outlook.png`. Custom icons can be added if desired. | +| **AccountName** | Enter the name that refers to the account on the device | +| **AccountType** | Select **Exchange** | +| **DiagnosticLogging** | Select whether to disable logging, enable basic logging, or enable advanced logging | +| Domain | Enter the domain name of the Exchange server | +| **EmailAddress** | Enter the email address associated with the Exchange ActiveSync account. | +| **MailAgeFilter** | Specify the time window used for syncing email items to the device. Available values are:

- All email is synced
- Only email up to three days old is synced
-Email up to a week old is synced (default)
- Email up to two weeks old is synced
- Email up to a month old is synced | +| **Password** | Enter the password for the account | +| **Schedule** | Specify the time until the next sync is performed, in minutes. Available values are:

- As items are received (default)
- Sync manually
- Every 15 minutes
- Every 30 minutes
- Every 60 minutes | +| **ServerName**| Enter the server name used by the account | +| SyncCalendar_Enable | Enable or disable calendar sync | +| SyncCalendar_Name | If you enable calendar sync, enter **Calendar** | +| SyncContacts_Enable | Enable or disable contacts sync | +| SyncContacts_Name | If you enable contacts sync, enter **Contacts** | +| SyncEmail_Enable| Enable or disable email sync | +| SyncEmail_Name | If you enable email sync, enter **Email** | +| SyncTasks_Enable | Enable or disable tasks sync | +| SyncTasks_Name | If you enable tasks sync, enter **Tasks** | +| **UserName** | Enter the user name for the account | +| UseSSL | Specify whether to use Secure Sockets Layer (SSL) | + +## KnownAccounts + +Configure the settings to add additional email accounts. + +| Setting | Description | +| --- | --- | +| KnownAccountsOEM |Enter the source or file location of the KnownAccountsOEM.xml file on your development workstation. | +| OemFilePath | Enter the name of the XML file that defines the new account to be added. The name must be KnownAccountsOEM.xml. | + +## VPN + +Configure settings to change the default maximum transmission unit ([MTU](#mtu)) size settings for Point-to-Point Protocol (PPP) connections or for virtual private network (VPN) connections, or to create a [VPN profile](#vpn). + +### MTU + +| Setting | Description | +| --- | --- | +| PPPProtocolType | Select **VPNPPPProtocolType** | +| ProtocolType | Select **VPNProtocolType** | +| TunnelMTU | Enter the desired MTU size, between **1** and **1500** | + +### VPN + +1. In **Available customizations**, select **VPNSetting**, enter a friendly name for the account, and then click **Add**. +2. In **Available customizations**, select the name that you just created. The following table describes the settings you can configure. Settings in **bold** are required. + +| Setting | Description | +| --- | --- | +| **ProfileType** | Choose between **Native** and **Third Party** | +| RememberCredentials | Select whether credentials should be cached | +| AlwaysOn | Set to **True** to automatically connect the VPN at sign-in | +| LockDown | When set to **True**:
- Profile automatically becomes an "always on" profile
- VPN cannot be disconnected
-If the profile is not connected, the user has no network connectivity
- No other profiles can be connected or modified | +| ByPassForLocal | When set to **True**, requests to local resources on the same Wi-Fi neetwork as the VPN client can bypass VPN | +| DnsSuffix | Enter one or more comma-separated DNS suffixes. The first suffix listed is usedas the primary connection-specific DNS suffix for the VPN interface. The list is added to the SuffixSearchList. | +| TrustedNetworkDetection | Enter a comma-separated string to identify the trusted network. VPN will not connect automatically when the user is on their corporate wireless network where protected resources are directly accessible to the device. | +| Proxy | Configure to **Automatic** or **Manual** | +| ProxyAutoConfigUrl | When **Proxy** is set to **Automatic**, enter the URL to automatically retrieve the proxy settings | +| ProxyServer | When **Proxy** is set to **Manual**, enter the proxy server address as a fully qualified hostname or enter `IP address:Port` | + +## WiFiSense + +Configure settings related to Wi-Fi Sense. + +### Config + +The **Config** settings are initial settings that can be overwritten when settings are pushed to the device by the cloud. + +| Setting | Description | +| --- | --- | +| WiFiSharingFacebookInitial | Enable or disable sharing of Wi-Fi networks with Facebook contacts | +| WiFiSharingOutlookInitial | Enable or disable sharing of Wi-Fi networks with Outlook contacts | +| WiFiSharingSkypeInitial | Enable or disable sharing of Wi-Fi networks with Skype contacts | + +### FirstBoot + +| Setting | Description | +| --- | --- | +| DefaultAutoConnectOpenState | When enabled, the OOBE Wi-Fi Sense checkbox to automatically connect to open networks will be checked. | +| DefaultAutoConnectSharedState | When enabled, the OOBE Wi-Fi Sense checkbox to share networks with contacts will be checked. | +| WiFiSenseAllowed | Enable or disable Wi-Fi Sense. Wi-Fi Sense features include auto-connect to Wi-Fi hotspots and credential sharing. | + +### SystemCapabilities + +You can use these settings to configure system capabilities for Wi-Fi adapters, which is a new functionality in Windows 10. These system capabilities are added at image time to ensure that the information is at its most accurate. The capabilities allow the OS to have a better understanding of the underlying hardware that it's running on. Telemetry data is generated by the system to provide data that can be used to diagnose both software and hardware issues. + +| Setting | Description | +| --- | --- | +| CoexistenceSupport | Specify the type of co-existence that's supported on the device:

- **Both**: Both Wi-Fi and Bluetooth work at the same performance level during co-existence
- **Wi-Fi reduced**: On a 2X2 system, Wi-Fi performance is reduced to 1X1 level
- **Bluetooth centered**: When co-existing, Bluetooth has priority and restricts Wi-Fi performance
- **One**: Either Wi-Fi or Bluetooth will stop working | +| NumAntennaConnected | Enter the number of antennas that are connected to the WLAN radio | +| SimultaneousMultiChannelSupported | Enter the maximum number of channels that the Wi-Fi device can simultaneously operate on. For example, you can use this to specify support for Station mode and Wi-Fi Direct GO on separate channels simultaneously. | +| WLANFunctionLevelDeviceResetSupported | Select whether the device supports functional level device reset (FLDR). The FLDR feature in the OS checks this system capability exclusively to determine if it can run. | +| WLANPlatformLevelDeviceResetSupported | Select whether the device supports platform level device reset (PLDR). The PLDR feature in the OS checks this system capability exclusively to determine if it can run. | + + +## WLAN + +Configure settings for wireless connectivity. + +### Profiles + +**To add a profile** + +1. Create [the wireless profile XML](https://msdn.microsoft.com/library/windows/desktop/aa369853.aspx). +2. In **WLAN > Profiles**, browse to and select the profile XML file. +3. Click **Add**. + +### WLANXmlSettings + +Enter a SSID, click **Add**, and then configure the following settings for the SSID. + +| Settings | Description | +| --- | --- | +| ProxyServerPort | (Optional) Specify the configuration of the network proxy as **host:port**. A proxy server host and port can be specified per connection for Windows 10 for mobile devices. The host can be server name, FQDN, or SLN or IPv4 or IPv6 address. This proxy configuration is only supported in Windows 10 for mobile devices. Using this configuration in Windows 10 for desktop editions will result in failure. | +| AutoConnect | (Optional) Select **True** or **false** to specify whether to automatically connect to WLAN. | +| HiddenNetwork | (Optional) Select **True** or **false** to specify whether the network is hidden. | +| SecurityType | Choose between **Open**, **WEP**, and **WPA2-Personal**.

If you select **WEP** or **WPA2-Personal**, enter the **SecurityKey** required by the WLAN. | \ No newline at end of file diff --git a/windows/configuration/wcd/wcd-countryandregion.md b/windows/configuration/wcd/wcd-countryandregion.md new file mode 100644 index 0000000000..aea53e22de --- /dev/null +++ b/windows/configuration/wcd/wcd-countryandregion.md @@ -0,0 +1,23 @@ +--- +title: CountryAndRegion (Windows 10) +description: This section describes the CountryAndRegion settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# CountryAndRegion (Windows Configuration Designer reference) + +Use to configure a setting that partners must customize to ship Windows devices to specific countries/regions. + +## Applies to + +| Setting groups | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| CountryCodeForExtendedCapabilityPrompts | X | X | X | X | | + +You can set the **CountryCodeForExtendedCapabilityPrompts** setting for **China** to enable additional capability prompts when apps use privacy-sensitive features (such as Contacts or Microphone). diff --git a/windows/configuration/wcd/wcd-desktopbackgroundandcolors.md b/windows/configuration/wcd/wcd-desktopbackgroundandcolors.md new file mode 100644 index 0000000000..1cf770db9b --- /dev/null +++ b/windows/configuration/wcd/wcd-desktopbackgroundandcolors.md @@ -0,0 +1,22 @@ +--- +title: DesktopBackgrounAndColors (Windows 10) +description: This section describes the DesktopBackgrounAndColors settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# DesktopBackgrounAndColors (Windows Configuration Designer reference) + +Do not use. Instead, use the [Personalization settings](wcd-personalization.md). + +## Applies to + +| Setting groups | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| All settings | X | | | | | + diff --git a/windows/configuration/wcd/wcd-developersetup.md b/windows/configuration/wcd/wcd-developersetup.md new file mode 100644 index 0000000000..e7c4378477 --- /dev/null +++ b/windows/configuration/wcd/wcd-developersetup.md @@ -0,0 +1,37 @@ +--- +title: DeveloperSetup (Windows 10) +description: This section describes the DeveloperSetup settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# DeveloperSetup (Windows Configuration Designer reference) + +Use to unlock developer mode on HoloLens devices and configure authentication to Windows Device Portal. + +## Applies to + +| Setting groups | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| [EnableDeveloperMode](#enabledevelopermode) | | | | X | | +| [AuthenticationMode](#authenticationmode) | | | | X | | + + + +## DeveloperSetupSettings: EnableDeveloperMode + +When this setting is configured as **True**, the device is unlocked for developer functionality. + + +## WindowsDevicePortalSettings: Authentication Mode + +When AuthenticationMode is set to **Basic Auth**, enter a user name and password to enable the device to connect to and authenticate with the Windows Device Portal. + +## Related topics + +- [Device Portal for HoloLens](https://docs.microsoft.com/windows/uwp/debug-test-perf/device-portal-hololens) \ No newline at end of file diff --git a/windows/configuration/wcd/wcd-deviceformfactor.md b/windows/configuration/wcd/wcd-deviceformfactor.md new file mode 100644 index 0000000000..dc1e5cd524 --- /dev/null +++ b/windows/configuration/wcd/wcd-deviceformfactor.md @@ -0,0 +1,67 @@ +--- +title: DeviceFormFactor (Windows 10) +description: This section describes the DeviceFormFactor setting that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# DeviceFormFactor (Windows Configuration Designer reference) + +Use to identify the form factor of the device. + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| DeviceForm | X | X | X | X | | + +Specifies the device form factor running Windows 10. Generally, the device form is set by the original equipment manufacturer (OEM), however you might want to change the device form based on its usage in your organization. + +DeviceForm supports the following features or components: + +- Cortana and Bing use the DeviceForm value to determine the accuracy of specific signals, such as location (GPS versus Wi-Fi versus reverse IP address lookup). +- Windows 10 features, such as Bluetooth and camera, may require DeviceForm to be accurately configured for full functionality. + +Select the appropriate form from the dropdown menu. + +| Device form | Description | +| --- | --- | +| Phone | A typical smartphone combines cellular connectivity, a touch screen, rechargeable power source, and other components into a single chassis. | +| LargeScreen | Microsoft Surface Hub | +| HMD | (Head-mounted display) A holographic computer that is completely untethered - no wires, phones, or connection to a PC needed. | +| IndustryHandheld | A device screen less than 7” diagonal designed for industrial solutions. May or may not have a cellular stack. | +| IndustryTablet | A device with an integrated screen greater than 7” diagonal and no attached keyboard designed for industrial solutions as opposed to consumer personal computer. May or may not have a cellular stack. | +| Banking | A machine at a bank branch or another location that enables customers to perform basic banking activities including withdrawing money and checking one's bank balance. | +| BuildingAutomation | A controller for industrial environments that can include the scheduling and automatic operation of certain systems such as conferencing, heating and air conditioning, and lighting. | +| DigitalSignage | A computer or playback device that's connected to a large digital screen and displays video or multimedia content for informational or advertising purposes. | +| Gaming | A device that's used for playing a game. It can be mechanical, electronic, or electromechanical equipment. | +| HomeAutomation | A controller that can include the scheduling and automatic operation of certain systems including heating and air conditioning, security, and lighting. | +| Industrial Automation | Computers that are used to automate manufacturing systems such as controlling an assembly line where each station is occupied by industrial robots. | +| Tablet | A device with an integrated screen that's less than 18". It combines a touch screen, rechargeable power source, and other components into a single chassis with an optional attachable keyboard. | +| Kiosk | An unattended structure that can include a keyboard and touch screen and provides a user interface to display interactive information and allow users to get more information. | +| MakerBoard | A low-cost and compact development board that's used for prototyping any number IoT-related things. | +| Medical | Devices built specifically to provide medical staff with information about the health and well-being of a patient. | +| Networking | A device or software that determines where messages, packets, and other signals will go next. | +| POS | (Point of Service) An electronic cash register or self-service checkout. | +| Printing | A printer, copy machine, or a combination of both. | +| ThinClient | A device that connects to a server to perform computing tasks as opposed to running apps locally. | +| Toy | A device used solely for enjoyment or entertainment. | +| Vending | A machine that dispenses items in exchange for payment in the form of coin, currency, or credit/debit card. | +| IndustryOther |A device that doesn't fit into any of the previous categories. | +| Desktop | A desktop PC form factor traditional comes in an upright tower or small desktop chassis and does not have an integrated screen. | +| Notebook | A notebook is a portable clamshell device with an attached keyboard that cannot be removed. | +| Convertible | A convertible device is an evolution of the traditional notebook where the keyboard can be swiveled, rotated or flipped, but not completely removed. It is a blend between a traditional notebook and tablet, also called a 2-in-1. | +| Detachable | A detachable device is an evolution of the traditional notebook where the keyboard can be completely removed. It is a blend between a traditional notebook and tablet, also called a 2-in-1. | +| AIO | An All-in-One (AIO) device is an evolution of the traditional desktop with an attached display. | +| Stick | A device that turns your TV into a Windows computer. Plug the stick into the HDMI slot on the TV and connect a USB or Bluetooth keyboard or mouse. | +| Puck | A small-size PC that users can use to plug in a monitor and keyboard. | + + + + + diff --git a/windows/configuration/wcd/wcd-devicemanagement.md b/windows/configuration/wcd/wcd-devicemanagement.md new file mode 100644 index 0000000000..9297174468 --- /dev/null +++ b/windows/configuration/wcd/wcd-devicemanagement.md @@ -0,0 +1,92 @@ +--- +title: DeviceManagement (Windows 10) +description: This section describes the DeviceManagement setting that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# DeviceManagement (Windows Configuration Designer reference) + +Use to... + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| [Accounts](#accounts) | X | X | X | X | | +| [PGList](#pglist) | X | X | X | X | | +| [Policies](#policies) | X | X | X | X | | +| [TrustedProvisioningSource](#trustedprovisioningsource) | X | X | X | X | | + +## Accounts + +1. In **Available customizations**, select **Accounts**, enter a friendly name for the account, and then click **Add**. +2. In **Available customizations**, select the account that you just created. The following table describes the settings you can configure. Settings in **bold** are required. + +| Setting | Description | +| --- | --- | +| **Address** | Enter the OMA DM server address | +| **AddressType** | Choose between **IPv4** and **URI** for the type of OMA DM server address. The default value of **URI** specifies that the OMA DM account address is a URI address. A value of **IPv4** specifies that the OMA DM account address is an IP address. | +| **AppID** | Select **w7** | +| Authentication > Credentials | 1. Select a credentials level (CLCRED or SRVCRED). A value of **CLCRED** indicates that the credentials client will authenticate itself to the OMA DM server at the OMA DM protocol level. A value of **SRVCRED** indicates that the credentials server will authenticate itself to the OMA DM Client at the OMA DM protocol level.
2. In **Available customizations**, select the level.
3. For **Data**, enter the authentication nonce as a Base64 encoded string.
4. For **Level**, select **CLCRED** or **SRVCRED**.
5. For **Name**, enter the authentication name.
6. For **Secret**, enter the password or secret used for authentication.
7. For **Type**, select between **Basic**, **Digest**, and **HMAC**. For **CLCRED**, the supported values are **BASIC** and **DIGEST**. For **SRVCRED**, the supported value is **DIGEST**. | +| AuthenticationPreference | Select between **Basic**, **Digest**, and **HMAC** | +| BackCompatRetryDisabled | Specify whether to retry resending a package with an older protocol version (for example, 1.1) in the SyncHdr on subsequent attempts (not including the first time). The default value of "FALSE" indicates that backward-compatible retries are enabled. A value of "TRUE" indicates that backward-compatible retries are disabled. | +| ConnectionRetries | Enter a number to specify how many retries the DM client performs when there are Connection Manager-level or wininet-level errors. The default value is `3`. | +| CRLCheck | Specify whether a CRL Check should be performed. Allows connection to the DM server to check the Certificate Revocation List (CRL). Set to **True** to enable SSL revocation. | +| DefaultEncoding | Select whether the OMA DM client will use **WBXML** or **XML** for the DM package when communicating with the server | +| DisableOnRoaming | Specify whether the client will connect while cellular roaming | +| InitialBackOffTime | Specify the initial amount of time (in milliseconds) that the DM client waits before attempting a connection retry | +| InitiateSession | Specify whether a session should be started with the MDM server when the account is provisioned | +| MaxBackOffTime | Specify the maximum number of milliseconds to wait before attemption a connection retry | +| Name | Enter a display name for the management server | +| Port | Enter the OMA DM server port | +| PrefConRef | Enter a URI to NAP management object or a connection GUID used by the device Connection Manager | +| ProtocolVersion | Select between **1.1** and **1.2** for the OMA DM protocol version that the server supports | +| **Role** | Select between **Enterprise** and **Mobile Operator** for the role mask that the DM session runs with when it communicates with the server | +| **ServerID** | Enter the OMA DM server's unique identifier for the current OMA DM account | +| SSLClientCertSearchCriteria | Specify the client certificate search criteria, by subject attribute and certficate stores. For details, see [DMAcc configuration service provider (CSP)](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/dmacc-csp). | +| UseHardwareDeviceID | Specify whether to use the hardware ID for the ./DevInfo/DevID parameter in the DM account to identify the device | +| UseNonceResync | Specify whether the OMA DM client should use the nonce resynchronization procedure if the server trigger notification fails authentication | + + +## PGList + +1. In **Available customizations**, select **PGList**, enter a LogicalProxyName, and then click **Add**. +2. In **Available customizations**, select the LogicalProxyName that you just created, and then select **PhysicalProxies**. +3. Enter a PhysicalProxyName, and then click **Add**. The following table describes the settings you can configure for the physical proxy and for **Trust**. + +| Setting | Description | +| --- | --- | +| Address | Enter the address of the physical proxy | +| AddressType | Select between **E164**, **IPV4**, and **IPV^** for the format and protocol of the PXADDR element for a physical proxy | +| MatchedNapID | Enter a string that defines the SMS bearer. This string must match the NAPID exactly. The value must contains MVID macro if it is an IPv4 PXADDRTYPE. | +| PushEnabled | Select whether push operations are enabled | +| Trust | Specify whether or not the physical proxies in this logical proxy are privileged | + + +## Policies + +The following table describes the settings you can configure for **Policies**. + +| Setting | Description | +| --- | --- | +| MMS > MMSMessageRoles | Select between **SECROLE_KNOWN_PPG**, **SECROLE_ANY_PUSH_SOURCE**, and **SECROLE_KNOWN_PPG_OR_SECROLE_ANY_PUSH_SOURCE**. If a message contains at least one of the roles in the selected role mask, then the message is processed. | +| OMACP > NetwpinRoles | Select a policy role to specify whether OMA network PIN-signed messages will be accepted. OMA Client Provisioning Network PIN policy determines whether the OMA network PIN signed message will be accepted. The message's role mask and the policy's role mask are combined using the AND operator. If the result is non-zero, then the message is accepted.

Available roles are: **SECROLE_OPERATOR_TIPS**, **SECROLE_KNOWN_PPG**, **SECROLE_OPERATOR_TPS_OR_SECROLE_KNOWN_PPG**, **SECROLE_ANY_PUSH_SOURCE**, **SECROLE_OPERATOR_TPS_OR_SECROLE_ANY_PUSH_SOURCE**, **SECROLE_KNOWN_PPG_OR_SECROLE_ANY_PUSH_SOURCE**, and **SECROLE_OPERATOR_TPS_OR_SECROLE_KNOWN_PPG_OR_SECROLE_ANY_PUSH_SOURCE**.

**Note** IMSI-based NETWPIN and USERNETWPIN may not work for dual SIM phones. The OMA-CP authentication provider only uses the IMSI from executor 0 (the current, active data SIM) when hashing these messages. OMA-CP payloads targeting executor 1 are rejected by the phone. For more information about executors, see Dual SIM. | +| OMACP > UsernetwpinRoles | Select a policy role to specify whether the OMA user network PIN-signed message will be accepted. The message's role mask and the policy's role mask are combined using the AND operator. If the result is non-zero, then the message is accepted.

Available roles are: **SECROLE_OPERATOR_TIPS**, **SECROLE_KNOWN_PPG**, **SECROLE_OPERATOR_TPS_OR_SECROLE_KNOWN_PPG**, **SECROLE_ANY_PUSH_SOURCE**, **SECROLE_OPERATOR_TPS_OR_SECROLE_ANY_PUSH_SOURCE**, **SECROLE_KNOWN_PPG_OR_SECROLE_ANY_PUSH_SOURCE**, and **SECROLE_OPERATOR_TPS_OR_SECROLE_KNOWN_PPG_OR_SECROLE_ANY_PUSH_SOURCE**.

**Note** IMSI-based NETWPIN and USERNETWPIN may not work for dual SIM phones. The OMA-CP authentication provider only uses the IMSI from executor 0 (the current, active data SIM) when hashing these messages. OMA-CP payloads targeting executor 1 are rejected by the phone. For more information about executors, see Dual SIM. | +| OMACP > UserpinRoles | Select a policy role to specify whether the OMA user PIN or user MAC signed message will be accepted. OMA Client Provisioning User PIN policy determines whether the OMA user PIN or user MAC signed message will be accepted. The message's role mask and the policy's role mask are combined using the AND operator. If the result is non-zero, then the message is accepted.

Available roles are: **SECROLE_OPERATOR_TIPS**, **SECROLE_KNOWN_PPG**, **SECROLE_OPERATOR_TPS_OR_SECROLE_KNOWN_PPG**, **SECROLE_ANY_PUSH_SOURCE**, **SECROLE_OPERATOR_TPS_OR_SECROLE_ANY_PUSH_SOURCE**, **SECROLE_KNOWN_PPG_OR_SECROLE_ANY_PUSH_SOURCE**, and **SECROLE_OPERATOR_TPS_OR_SECROLE_KNOWN_PPG_OR_SECROLE_ANY_PUSH_SOURCE**. | +| SISL > ServiceIndicationRoles | Specify the security roles that can accept SI messages. Service Indication (SI) Message policy indicates whether SI messages are accepted by specifying the security roles that can accept SI messages. An SI message is sent to the phone to notify users of new services, service updates, and provisioning services.

Available roles are: **SECROLE_KNOWN_PPG**, **SECROLE_ANY_PUSH_SOURCE**, and **SECROLE_KNOWN_PPG_OR_SECROLE_ANY_PUSH_SOURCE**. | +| SISL > ServiceLoadingRoles | Specify the security roles that can accept SL messages. Service Loading (SL) Message policy indicates whether SL messages are accepted by specifying the security roles that can accept SL messages. An SL message downloads new services or provisioning XML to the phone.

Available roles are: **SECROLE_KNOWN_PPG**, **SECROLE_ANY_PUSH_SOURCE**, and **SECROLE_KNOWN_PPG_OR_SECROLE_ANY_PUSH_SOURCE**. | + +## TrustedProvisioningSource + +In **PROVURL**, enter the URL for a Trusted Provisioning Server (TPS). + +## Related topics + +- [DMAcc configuration service provider (CSP)](https://docs.microsoft.com/windows/client-management/mdm/dmacc-csp) +- [PXLOGICAL CSP](https://docs.microsoft.com/windows/client-management/mdm/pxlogical-csp) \ No newline at end of file diff --git a/windows/configuration/wcd/wcd-dmclient.md b/windows/configuration/wcd/wcd-dmclient.md new file mode 100644 index 0000000000..4efec80320 --- /dev/null +++ b/windows/configuration/wcd/wcd-dmclient.md @@ -0,0 +1,27 @@ +--- +title: DMClient (Windows 10) +description: This section describes the DMClient setting that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# DMClient (Windows Configuration Designer reference) + +Use to specify enterprise-specific mobile device management configuration setting. + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| UpdateManagementServiceAddress | X | X | X | X | X | + +For the **UpdateManagementServiceAddress** setting, enter a list of servers. The first server in the semi-colon delimited list is the server that will be used to instantiate MDM sessions. + +## Related topics + +- [DMClient configuration service provider (CSP)](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/dmclient-csp) \ No newline at end of file diff --git a/windows/configuration/wcd/wcd-editionupgrade.md b/windows/configuration/wcd/wcd-editionupgrade.md new file mode 100644 index 0000000000..cb2fd133b6 --- /dev/null +++ b/windows/configuration/wcd/wcd-editionupgrade.md @@ -0,0 +1,46 @@ +--- +title: EditionUpgrade (Windows 10) +description: This section describes the EditionUpgrade settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# EditionUpgrade (Windows Configuration Designer reference) + +Use to upgrade the edition of Windows 10 on the device. [Learn about Windows 10 edition upgrades.](https://docs.microsoft.com/windows/deployment/upgrade/windows-10-edition-upgrades) + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| [ChangeProductKey](#changeproductkey) | X | X | | X | | +| [UpgradeEditionWithLicense](#upgradeeditionwithlicense) | X | X | | X | | +| [UpgradeEditionWithProductKey](#upgradeeditionwithproductkey) | X | X | | X | | + + +## ChangeProductKey + +Enter a product key, which will be used to update the existing product key on the device. + +## UpgradeEditionWithLicense + +Browse to and select a license XML file for the edition upgrade. + + +## UpgradeEditionWithProductKey + +Enter a product key for an edition upgrade of Windows 10 devices. + +If a product key is entered in a provisioning package and the user begins installation of the package, a notification is shown to the user that their system will restart to complete the package installation. Upon explicit consent from the user to proceed, the package continues installation and changepk.exe runs using the product key. The user will receive a reminder notification 30 seconds before the automatic restart. + +After the device restarts, the edition upgrade process completes. The user will receive a notification of the successful upgrade. + + +## Related topics + +- [WindowsLicensing configuration service provider (CSP)](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/windowslicensing-csp) diff --git a/windows/configuration/wcd/wcd-embeddedlockdownprofiles.md b/windows/configuration/wcd/wcd-embeddedlockdownprofiles.md new file mode 100644 index 0000000000..833b66a43a --- /dev/null +++ b/windows/configuration/wcd/wcd-embeddedlockdownprofiles.md @@ -0,0 +1,29 @@ +--- +title: EmbeddedLockdownProfiles (Windows 10) +description: This section describes the EmbeddedLockdownProfiles setting that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# EmbeddedLockdownProfiles (Windows Configuration Designer reference) + +Use to apply an XML configuration to a mobile device that locks down the device, configures custom layouts, and define multiple roles. + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| AssignedAccessXml | | X | | | | + +1. Create a lockdown XML file, either by using [the Lockdown Designer app](../mobile-devices/mobile-lockdown-designer.md) or [manually](../mobile-devices/lockdown-xml.md). +2. In the **AssignedAccessXml** setting, browse to and select the lockdown XML file that you created. + + +## Related topics + +- [EnterpriseAssignedAccess configuration service provider (CSP)](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/enterpriseassignedaccess-csp) \ No newline at end of file diff --git a/windows/configuration/wcd/wcd-firewallconfiguration.md b/windows/configuration/wcd/wcd-firewallconfiguration.md new file mode 100644 index 0000000000..5e394b2f6b --- /dev/null +++ b/windows/configuration/wcd/wcd-firewallconfiguration.md @@ -0,0 +1,27 @@ +--- +title: FirewallConfiguration (Windows 10) +description: This section describes the FirewallConfiguration setting that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# FirewallConfiguration (Windows Configuration Designer reference) + +Use to enable AllJoyn router to work on public networks. + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| EnableAllJoynOnPublicNetwork | | | | | X | + +Set to **True** or **False**. + +## Related topics + +- [AllJoyn](https://developer.microsoft.com/windows/iot/docs/alljoyn) \ No newline at end of file diff --git a/windows/configuration/wcd/wcd-firstexperience.md b/windows/configuration/wcd/wcd-firstexperience.md new file mode 100644 index 0000000000..b3a53776ff --- /dev/null +++ b/windows/configuration/wcd/wcd-firstexperience.md @@ -0,0 +1,16 @@ +--- +title: FirstExperience (Windows 10) +description: This section describes the FirstExperience settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# FirstExperience (Windows Configuration Designer reference) + +Do not configure **FirstExperience** in provisioning packages at this time. These settings will be available to configure the out-of-box experience (OOBE) to set up HoloLens in a future release. + diff --git a/windows/configuration/wcd/wcd-folders.md b/windows/configuration/wcd/wcd-folders.md new file mode 100644 index 0000000000..bbad0c9cb9 --- /dev/null +++ b/windows/configuration/wcd/wcd-folders.md @@ -0,0 +1,23 @@ +--- +title: Folders (Windows 10) +description: This section describes the Folders settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# Folders (Windows Configuration Designer reference) + +Use to add files to the device. + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| PublicDocuments | X | X | X | X | | + +Browse to and select a file or files that will be included in the provisioning package and added to the public profile documents folder on the target device. You can use the **Relative path to directory on target device** field to create a new folder within the public profile documents folder. \ No newline at end of file diff --git a/windows/configuration/wcd/wcd-initialsetup.md b/windows/configuration/wcd/wcd-initialsetup.md new file mode 100644 index 0000000000..db5b9cee8b --- /dev/null +++ b/windows/configuration/wcd/wcd-initialsetup.md @@ -0,0 +1,30 @@ +--- +title: InitialSetup (Windows 10) +description: This section describes the InitialSetup setting that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# InitialSetup (Windows Configuration Designer reference) + +Use to set the name of the Windows mobile device. + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| DeviceName | | X | | | | + +In **DeviceName**, enter a name for the device. If **DeviceName** is set to an asterisk (*) or is an empty string, a random device name will be generated. + +**DeviceName** is a string with a maximum length of 15 bytes of content: + +- **DeviceName** can use ASCII characters (1 byte each) and/or multi-byte characters such as Kanji, so long as you do not exceed 15 bytes of content. +- **DeviceName** cannot use spaces or any of the following characters: { | } ~ [ \ ] ^ ' : ; < = > ? @ ! " # $ % ` ( ) + / . , * &, or contain any spaces. +- **DeviceName** cannot use some non-standard characters, such as emoji. + diff --git a/windows/configuration/wcd/wcd-internetexplorer.md b/windows/configuration/wcd/wcd-internetexplorer.md new file mode 100644 index 0000000000..d1a2e56c56 --- /dev/null +++ b/windows/configuration/wcd/wcd-internetexplorer.md @@ -0,0 +1,95 @@ +--- +title: InternetExplorer (Windows 10) +description: This section describes the InternetExplorer settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# InternetExplorer (Windows Configuration Designer reference) + +Use to configure settings related to Internet Explorer. + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| [CustomHTTPHeaders](#customhttpheaders) | | X | | | | +| [CustomUserAgentString](#customuseragentstring) | | X | | | | +| DataSaving > [BrowseDataSaver](#browsedatasaver) | | X | | | | +| DataSaving > [ShowPicturesAutomatically](#showpicturesautomatically) | | X | | | | +| [FirstRunURL](#firstrunurl) | | X | | | | + +## CustomHTTPHeaders + +Configure Microsoft Edge to send custom HTTP headers. These will be sent in addition to the default HTTP headers with all HTTP and HTTPS requests. The header is the portion of the HTTP request that defines the form of the message. + +- A maximum of 16 custom headers can be defined. +- Custom headers cannot be used to modify the user agent string. +- Each header must be no more than 1 KB in length. + +The following header names are reserved and must not be overwritten: + +- Accept +- Accept-Charset +- Accept-Encoding +- Authorization +- Expect +- Host +- If-Match +- If-Modified-Since +- If-None-Match +- If-Range +- If-Unmodified-Since +- Max-Forwards +- Proxy-Authorization +- Range +- Referer +- TE +- USER-AGENT +- X-WAP-PROFILE + +1. In **Available customizations**, select **CustomHTTPHeaders**, enter a name, and then click **Add**. +2. In **Available customizations**, select the name that you just created. +3. Enter the custom header. + +## CustomUserAgentString + +The user agent string indicates which browser you are using, its version number, and details about your system, such as operating system and version. A web server can use this information to provide content that is tailored for your specific browser and phone. + +The user agent string for the browser cannot be modified. By default, the string has the following format: + +`Mozilla/5.0 (Windows Phone 10.0; Android 4.2.1; ; ) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Mobile Safari/537.36 Edge/12.10166` + +- is automatically replaced with the OEM name. This is the same as the PhoneManufacturer setting value that is set as part of the customization Phone metadata in DeviceTargetingInfo. +- is replaced with the device name or phone name. This is the same as the PhoneModelName setting value that is set as part of the customization Phone metadata in DeviceTargetingInfo. + + +**Limitations and restrictions:** + +- The user agent string for the browser cannot be modified outside of the customizations listed above. +- The user agent type registry setting cannot be modified or used to change the default browser view from Mobile to Desktop. + + + +## BrowseDataSaver + +Use to set the browser data saver default setting. **True** turns on the browser data saver feature. + +Partners can configure the default setting for the browser data saver feature by turning the browser optimization service (through the BrowserDataSaver setting) on or off. + + +## ShowPicturesAutomatically + +Use to enable or disable whether the **Show pictures automatically** setting is available in Internet Explorer **advanced settings**. + + +## FirstRunURL + +Use to set the home page that appears the first time that Microsoft Edge is opened. This page is only shown the first time the browser is opened. After that, the browser displays either the most recently viewed page or an empty page if the user has closed all tabs or opens a new tab. + +Specify the **FirstRunURL** value with a valid link that starts with http://. It is recommended you use a forward link that redirects the user to a localized page. diff --git a/windows/configuration/wcd/wcd-licensing.md b/windows/configuration/wcd/wcd-licensing.md new file mode 100644 index 0000000000..5b3ebb4f41 --- /dev/null +++ b/windows/configuration/wcd/wcd-licensing.md @@ -0,0 +1,30 @@ +--- +title: Licensing (Windows 10) +description: This section describes the Licensing settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# Licensing (Windows Configuration Designer reference) + +Use for settings related to Microsoft licensing programs. + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| [AllowWindowsEntitlementReactivation](#allowwindowsentitlementreactivation) | X | | | | | +| [DisallowKMSClientOnlineAVSValidation](#disallowkmsclientonlineavsvalidation) | X | | | | | + +## AllowWindowsEntitlementReactivation + +Enable or disable Windows license reactivation. + +## DisallowKMSClientOnlineAVSValidation + +Enable this setting to prevent the device from sending data to Microsoft regarding its activation state. diff --git a/windows/configuration/wcd/wcd-maps.md b/windows/configuration/wcd/wcd-maps.md new file mode 100644 index 0000000000..4a1bfc4a7a --- /dev/null +++ b/windows/configuration/wcd/wcd-maps.md @@ -0,0 +1,48 @@ +--- +title: Maps (Windows 10) +description: This section describes the Maps settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# Maps (Windows Configuration Designer reference) + +Use for settings related to Maps. + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| [ChinaVariantWin10](#chinavariantwin10) | X | X | X | X | | +| [UseExternalStorage](#useexternalstorage) | X | X | X | X | | +| [UseSmallerCache](#usesmallercache) | X | X | X | X | | + + +## ChinaVariantWin10 + +Use **ChinaVariantWin10** to specify that the Windows device is intended to ship in China. When set to **True**, maps approved by the State Bureau of Surveying and Mapping in China are used, which are obtained from a server located in China. + +This customization may result in different maps, servers, or other configuration changes on the device. + + +## UseExternalStorage + +Use to store map data on an SD card. + +Map data is used by the Maps application and the map control for third-party applications. This data can be store on an SD card, which provides the advantage of saving internal memory space for user data and allows the user to download more offline map data. Microsoft recommends enabling the **UseExternalStorage** setting on devices that have less than 8 GB of user storage and an SD card slot. + +You can use **UseExternalStorage** whether or not you include an SD card with preloaded map data on the phone. If set to **True**, the OS only allows the user to download offline maps when an SD card is present. If an SD card is not present, users can still view and cache maps, but they will not be able to download a region of offline maps until an SD card is inserted. + +If set to **False**, map data will always be stored on the internal data partition of the device. + +>[!NOTE] +>SD card performance can affect the quality of the Maps experience when maps are stored on the SD card. When an SD card is used, Microsoft recommends that you test the Maps experience and the speed of map downloads with the specific SD card part that will be used on retail phones to determine if performance is satisfactory. + +## UseSmallerCache + +Do not use. diff --git a/windows/configuration/wcd/wcd-messaging.md b/windows/configuration/wcd/wcd-messaging.md new file mode 100644 index 0000000000..a00378d147 --- /dev/null +++ b/windows/configuration/wcd/wcd-messaging.md @@ -0,0 +1,171 @@ +--- +title: Messaging (Windows 10) +description: This section describes the Messaging settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# Messaging (Windows Configuration Designer reference) + +Use for settings related to Messaging. + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| All settings | | X | | | | + +## GlobalSettings > ShowSendingStatus + +Set **ShowSendingStatus** to **True** to display the sending status for SMS/MMS messages. + +## PerSimSettings > _ICCID + +Use to configure settings for each subscriber identification module (SIM) card. + +### AllowSelectAllContacts + +Set to **True** to show the select all contacts/unselect all menu option to allow users to easily select multiple recipients for an SMS or MMS message. This menu option provides users with an easier way to add multiple recipients and may also meet a mandatory requirement for some mobile operator networks. + +Windows 10 Mobile supports the following select multiple recipients features: + +- A multi-select chooser, which enables users to choose multiple contacts. +- A **select all contacts/unselect all** menu option, which enables users to select or unselect all their contacts. This option is not shown by default and must be enabled by the OEM. + +### AllowSendingDeliveryReport + +Specify whether the phone automatically sends a receipt acknowledgment for MMS messages. Partners can specify whether the phone automatically sends a receipt acknowledgment for MMS messages when they arrive, and they can determine whether users can control the receipt acknowledgments by using the **Send MMS acknowledgment** toggle in **Messaging > settings**. By default, this user setting is visible and turned on. + +| Setting | Description | +| --- | --- | +| AllowSendingDeliveryReport | **True** sets the **Send MMS acknowledgment** toggle to **On** | +| AllowSendingDeliveryReportIsSupported | **True** shows the **Send MMS acknowledgment** toggle, and **False** hides the toggle | + +### AutomaticallyDownload + +Specify whether MMS messages are automatically downloaded. + +| Setting | Description | +| --- | --- | +| AutomaticallyDownload | **True** sets the **Automatically download MMS** toggle to **On** | +| ShowAutomaticallyDownloadMMSToggle | **True** shows the **Automatically download MMS** toggle, and **False** hides the toggle | + +### DefaultContentLocationUrl + +For networks that require it, you can specify the default GET path within the MMSC to use when the GET URL is missing from the WAP push MMS notification. + +Set **DefaultContentLocationUrl** to specify the default GET path within the MMSC. + +### ErrorCodeEnabled + +You can choose to display additional content in the conversation view when an SMS or MMS message fails to send. This content includes a specific error code in decimal format that the user can report to technical support. Common errors also include a friendly string to help the user self-diagnose and fix the problem. + +Set to **True** to display the error message with an explanation of the problem and the decimal-format error codes. When set to **False**, the full error message is not displayed. + + +### ImsiAuthenticationToken + +Configure whether MMS messages include the IMSI in the GET and POST header. + +Set **ImsiAuthenticationToken** to the token used as the header for authentication. The string value should match the IMSI provided by the UICC. + +### MaxRetryCount + +You can specify the number of times that the phone can retry sending the failed MMS message and photo before the user receives a notification that the photo could not be sent. + +Specify MaxRetryCount to specify the number of times the MMS transport will attempt resending the MMS message. This value has a maximum limit of 3. + + +### RcsOptions + +Set options for Rich Communications Services (RCS). + +| Setting | Description | +| --- | --- | +| RcsEnabled | Toggle to enable/disable RCS service. Set to **True** to enable. | +| RcsFileTransferAutoAccept | Set to **True** to auto-accept RCS incoming file transfer if the file size is less than warning file size.| +| RcsSendReadReceipt | Set to **True** to send read receipt to the sender when a message is read. | +| ShowRcsEnabled | Set to **True** to show the toggle for RCS activation. | + + +### RequestDeliveryReport + +Set options related to MMS message notifications. You can specify whether users receive notification that MMS messages could not be delivered, and determine whether users can control this by using the MMS delivery confirmation toggle in **Messaging > settings**. By default, this user setting is visible but turned off. + +| Setting | Description | +| --- | --- | +| RequestDeliveryReport | Set to **True** to set the default value to on. | +| RequestDeliveryReportIsSupported | **True** shows the toggle for MMS delivery confirmation, and **False** hides the toggle. | + + +### TargetVideoFormat + +You can specify the transcoding to use for video files sent as attachments in MMS messages. + +Set TargetVideoFormat to one of the following values to configure the default transcoding for video files sent as attachments in MMS messages: + +| Value | Description | +| --- | --- | +| 0 or 0x0 | Sets the transcoding to H.264 + AAC + MP4. This is the default set by the OS. | +| 1 or 0x1 | Sets the transcoding to H.264 + AAC + 3GP. | +| 2 or 0x2 | Sets the transcoding to H.263 + AMR.NB + 3GP. | +| 3 or 0x3 | Sets the transcoding to MPEG4 + AMR.NB + 3GP. | + + +### UAProf + +You can specify a user agent profile to use on the phone for MMS messages. The user agent profile XML file details a phone’s hardware specifications and media capabilities so that an MMS application server (MMSC) can return supported optimized media content to the phone. The user agent profile XML file is generally stored on the MMSC. + +There are two ways to correlate a user agent profile with a given phone: +- You can take the user agent string of the phone that is sent with MMS requests and use it as a hash to map to the user agent profile on the MMSC. The user agent string cannot be modified. +- Alternatively, you can directly set the URI of the user agent profile on the phone. + +Set **UAProf** to the full URI of your user agent profile file. Optionally, you can also specify the custom user agent property name for MMS that is sent in the header by setting **UAProfToken** to either `x-wap-profile` or `profile`. + + +### UAProfToken + +You can specify a user agent profile to use on the phone for MMS messages. The user agent profile XML file details a phone’s hardware specifications and media capabilities so that an MMS application server (MMSC) can return supported optimized media content to the phone. The user agent profile XML file is generally stored on the MMSC. + +Optionally, in addition to specifying **UAProf**, you can also specify the custom user agent property name for MMS that is sent in the header by setting **UAProfToken** to either `x-wap-profile` or `profile`. + + +### UserAgentString + +Set **UserAgentString** to the new user agent string for MMS in its entirely. + +By default, this string has the format WindowsPhoneMMS/MicrosoftMMSVersionNumber WindowsPhoneOS/OSVersion-buildNumber OEM-deviceName, in which the italicized text is replaced with the appropriate values for the phone. + + +### w4 + +| Setting | Description | +| --- | --- | +| ADDR | Specify the absolute MMSC URL. The possible values to configure the ADDR parameter are:

- A Uniform Resource Identifier (URI)
- An IPv4 address represented in decimal format with dots as delimiters
- A fully qualified Internet domain name | +| APPID | Set to `w4` | +| MS | (optional) Specify the maximum size of MMS, in KB. If the value is not a number, or is less than or equal to 10, it will be ignored and outgoing MMS will not be resized. | +| NAME | (optional) Enter user–readable application identity. This parameter is also used to define part of the registry path for the APPLICATION parameters. The possible values to configure the **NAME** parameter are:

- Character string containing the name
- no value specified

If no value is specified, the registry location will default to . If **NAME** is greater than 40 characters, it will be truncated to 40 characters. | +| TONAPID | Specify the network access point identification name (NAPID) defined in the provisioning file. This parameter takes a string value. It is only possible to refer to network access points defined within the same provisioning file (except if the INTERNET attribute is set in the NAPDEF characteristic). For more information about the NAPDEF characteristic, see [NAPDEF configuration service provider](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/napdef-csp). | +| TOPROXY | Specify one logical proxy with a matching PROXY-ID. It is only possible to refer to proxies defined within the same provisioning file. Only one proxy can be listed. The TO-PROXY value must be set to the value of the PROXY ID in PXLOGICAL that defines the MMS specific-proxy. | + + + +### WapPushTechnology + +For networks that require non-standard handling of single-segment incoming MMS WAP Push notifications, you can specify that MMS messages may have some of their content truncated and that they may require special handling to reconstruct truncated field values. + +| Value | Description | +| --- | --- | +| 1 or 0x1 | Enables MMS messages to have some of their content truncated. | +| 0 or 0x0 | Disables MMS messages from being truncated. | + + + +## Related topics + +- [w4 APPLICATION CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/w4-application-csp) \ No newline at end of file diff --git a/windows/configuration/wcd/wcd-modemconfigurations.md b/windows/configuration/wcd/wcd-modemconfigurations.md new file mode 100644 index 0000000000..dc45dff1ef --- /dev/null +++ b/windows/configuration/wcd/wcd-modemconfigurations.md @@ -0,0 +1,22 @@ +--- +title: ModemConfiguration (Windows 10) +description: This section describes the ModemConfiguration settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# ModemConfiguration (Windows Configuration Designer reference) + +Documentation not available at this time. + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| All settings | | X | | | | + diff --git a/windows/configuration/wcd/wcd-multivariant.md b/windows/configuration/wcd/wcd-multivariant.md new file mode 100644 index 0000000000..37a5519dfd --- /dev/null +++ b/windows/configuration/wcd/wcd-multivariant.md @@ -0,0 +1,23 @@ +--- +title: Multivariant (Windows 10) +description: This section describes the Multivariant settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# Multivariant (Windows Configuration Designer reference) + +Use to select a default profile for mobile devices that have multivariant configurations. + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| DefaultProfile | | X | | | | + +If you will be adding [multivariant settings](https://docs.microsoft.com/windows/configuration/provisioning-packages/provisioning-multivariant) to your provisioning package, you can use the **DefaultProfile** setting to specify which variant should be applied by default if OOBE is skipped. In the **DefaultProfile** field, enter the UINAME from your customizations.xml that you want to use as default. \ No newline at end of file diff --git a/windows/configuration/wcd/wcd-networkproxy.md b/windows/configuration/wcd/wcd-networkproxy.md new file mode 100644 index 0000000000..7eb31bc61c --- /dev/null +++ b/windows/configuration/wcd/wcd-networkproxy.md @@ -0,0 +1,51 @@ +--- +title: NetworkProxy (Windows 10) +description: This section describes the NetworkProxy settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# NetworkProxy (Windows Configuration Designer reference) + +Use for settings related to NetworkProxy. + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| All settings | | | X | | | + + +## AutoDetect + +Automatically detect network proxy settings. + +| Value | Description | +| --- | --- | +| 0 | Disabled. Do not automatically detect settings. | +| 1 | Enabled. Automatically detect settings. | + +## ProxyServer + +Node for configuring a static proxy for Ethernet and Wi-Fi connections. The same proxy server is used for all protocols - including HTTP, HTTPS, FTP, and SOCKS. These settings do not apply to VPN connections. + +| Setting | Description | +| --- | --- | +| ProxyAddress | Address to the proxy server. Specify an address in the format `server:port`. | +| ProxyExceptions | Addresses that should not use the proxy server. The system will not use the proxy server for addresses that begin with the values specified in this node. Use semicolons (;) to separate entries. | +| UseProxyForLocalAddresses | Whether the proxy server should be used for local (intranet) addresses.

- 0 = Disabled. Do not use the proxy server for local addresses.
- 1 = Enabled. Use the proxy server for local addresses. | + + +## SetupScriptUrl + +Address to the PAC script you want to use. + + +## Related topics + +- [NetworkProxy configuration service provider (CSP)](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/networkproxy-csp) \ No newline at end of file diff --git a/windows/configuration/wcd/wcd-networkqospolicy.md b/windows/configuration/wcd/wcd-networkqospolicy.md new file mode 100644 index 0000000000..5906d70cdd --- /dev/null +++ b/windows/configuration/wcd/wcd-networkqospolicy.md @@ -0,0 +1,37 @@ +--- +title: NetworkQoSPolicy (Windows 10) +description: This section describes the NetworkQoSPolicy settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# NetworkQoSPolicy (Windows Configuration Designer reference) + +Use to create network Quality of Service (QoS) policies. A QoS policy performs a set of actions on network traffic based on a set of matching conditions. + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| All settings | | | X | | | + +1. In **Available customizations**, select **NetworkQ0SPolicy**, enter a friendly name for the account, and then click **Add**. +2. In **Available customizations**, select the name that you just created. The following table describes the settings you can configure. + +| Setting | Description | +| --- | --- | +| AppPathNameMatchCondition | Enter the name of an application to be sued to match the network traffic, such as application.exe or %ProgramFiles%\application.exe. | +| DestinationPortMatchCondition | Specify a port or a range of ports to be used to match the network traffic. Valid values are [first port number]-[last port number], or [port number]. | +| DSCPAction | Enter the differentiated services code point (DSCP) value to apply to match with network traffic. Valid values are 0-63. | +| IPProtocolMatchCondition | Select between **Both TCP and UDP**, **TCP**, and **UDP** to specify the IP protocol used to match the network traffic. | +| PriorityValue8021Action | Specify the IEEE 802.1p value. Valid values are 0 through 7. | +| SourcePortMatchCondition | Specify a single port or range of ports. Valid values are [first port number]-[last port number], or [port number]. | + +## Related topics + +- [NetworkQoSPolicy configuration service provider (CSP)](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/networkqospolicy-csp) \ No newline at end of file diff --git a/windows/configuration/wcd/wcd-nfc.md b/windows/configuration/wcd/wcd-nfc.md new file mode 100644 index 0000000000..c03217c87e --- /dev/null +++ b/windows/configuration/wcd/wcd-nfc.md @@ -0,0 +1,29 @@ +--- +title: NFC (Windows 10) +description: This section describes the NFC settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# NFC (Windows Configuration Designer reference) + +Use to configure settings related to near field communications (NFC) subsystem. + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| All settings | | X | | | | + +Expand **NFC** > **SEMgr** > **UI**. The following table describes the settings you can configure. + +| Setting | Description | +| --- | --- | +| CardEmulationState | Configure the default state of **Tap to pay**. Select between **OFF**, **When Phone Unlocked**, **When Screen On**, and **Anytime**. | +| DefaultFastCardSetting | Configure the default fast card usage for NFC payments. Select between **When Phone Unlocked**, **When Screen On**, and **Anytime**. | +| HideFastCardsOption | Show or hide the fast cards options drop-down menu in the **NFC** > **Tap to pay** control panel. | \ No newline at end of file diff --git a/windows/configuration/wcd/wcd-oobe.md b/windows/configuration/wcd/wcd-oobe.md new file mode 100644 index 0000000000..7a72de6bb0 --- /dev/null +++ b/windows/configuration/wcd/wcd-oobe.md @@ -0,0 +1,47 @@ +--- +title: OOBE (Windows 10) +description: This section describes the OOBE settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# OOBE (Windows Configuration Designer reference) + +Use to configure settings for the Out Of Box Experience (OOBE). + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| [Mobile > EnforceEnterpriseProvisioning](#nforce) | | X | | | | +| [Mobile > HideOobe](#hidem) | | X | | | | +| [Desktop > HideOobe](#hided) | X | | | | | + + +## EnforceEnterpriseProvisioning + +When set to **True**, it forces the OOBE flow into using the enterprise provisioning page without making the user interact with the Windows button. This is the default setting. + +When set to **False**, it does not force the OOBE flow to the enterprise provisioning page. + + +## HideOobe for mobile + +When set to **True**, it hides the interactive OOBE flow for Windows 10 Mobile. + +When set to **False**, the OOBE screens are displayed. + + +## HideOobe for desktop + +When set to **True**, it hides the interactive OOBE flow for Windows 10. + +>[!NOTE] +>You must create a user account if you set the value to true or the device will not be usable. + +When set to **False**, the OOBE screens are displayed. \ No newline at end of file diff --git a/windows/configuration/wcd/wcd-otherassets.md b/windows/configuration/wcd/wcd-otherassets.md new file mode 100644 index 0000000000..f5f33e19a2 --- /dev/null +++ b/windows/configuration/wcd/wcd-otherassets.md @@ -0,0 +1,27 @@ +--- +title: OtherAssets (Windows 10) +description: This section describes the OtherAssets settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# OtherAssets (Windows Configuration Designer reference) + +Use to configure settings for Map data. + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| MapData | | X | | | | + +Use **MapData** to specify the source directory location of the map region you want to include. + +For example, if C:\Path\Maps\Europe contains the downloaded map data that you want to preload, set the value to that directory. + +To add additional maps, add a new MapData setting and set the source to the directory location of the map region you want to include. diff --git a/windows/configuration/wcd/wcd-personalization.md b/windows/configuration/wcd/wcd-personalization.md new file mode 100644 index 0000000000..27f82ea825 --- /dev/null +++ b/windows/configuration/wcd/wcd-personalization.md @@ -0,0 +1,44 @@ +--- +title: Personalization (Windows 10) +description: This section describes the Personalization settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# Personalization (Windows Configuration Designer reference) + +Use to configure settings to personalize a PC. + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| [DeployDesktopImage](#deploydesktopimage) | X | | | | | +| [DeployLockScreenImage](#deploylockscreenimage) | X | | | | | +| [DesktopImageUrl](#desktopimageurl) | X | | | | | +| [LockScreenImageUrl](#lockscreenimageurl) | X | | | | | + +## DeployDesktopImage + +Deploy a jpg, jpeg or png image to the device to be used as desktop image. If you have a local file and want to embed it into the package being deployed, you configure this setting and [DesktopImageUrl](#desktopimageurl). + +When using **DeployDesktopImage** and [DeployLockScreenImageFile](#deploylockscreenimage, the file names need to be different. + +## DeployLockScreenImage + +Deploy a jpg, jpeg or png image to the device to be used as lock screen image. If you have a local file and want to embed it into the package being deployed, you configure this setting and [LockScreenImageUrl](#lockscreenimageurl). + +When using [DeployDesktopImage](#deploydesktopimage) and **DeployLockScreenImageFile**, the file names need to be different. + +## DesktopImageUrl + +Specify a jpg, jpeg or png image to be used as desktop image. This setting can take a http or https url to a remote image to be downloaded or a file url to a local image. If you have a local file and want to embed it into the package being deployed, you also set [DeployDesktopImage](#deploydesktopimage). + +## LockScreenImageUrl + +Specify a jpg, jpeg or png image to be used as Lock Screen Image. This setting can take a http or https Url to a remote image to be downloaded or a file Url to an existing local image. If you have a local file and want to embed it into the package being deployed, you also set [DeployLockScreenImage](#deploylockscreenimage). \ No newline at end of file diff --git a/windows/configuration/wcd/wcd-policies.md b/windows/configuration/wcd/wcd-policies.md new file mode 100644 index 0000000000..bc7812d99b --- /dev/null +++ b/windows/configuration/wcd/wcd-policies.md @@ -0,0 +1,449 @@ +--- +title: Policies (Windows 10) +description: This section describes the Policies settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# Policies (Windows Configuration Designer reference) + +This section describes the **Policies** settings that you can configure in [provisioning packages](../provisioning-packages/provisioning-packages.md) for Windows 10 using Windows Configuration Designer. Each setting below links to its supported values, as documented in the [Policy configuration service provider (CSP)](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider). + +## AboveLock + +| Setting | Description | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | --- | :---: | :---: | :---: | :---: | :---: | +| [AllowActionCenterNotifications](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#abovelock-allowactioncenternotifications) | Allow Action Center notifications above the device lock screen. | | X | | | | +| [AllowToasts](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#abovelock-allowtoasts) | Allow toast notifications above the device lock screen. | X | X | | | | + +## Accounts + +| Setting | Description | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | --- | :---: | :---: | :---: | :---: | :---: | +| [AllowAddingNonMicrosoftAccountManually](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#accounts-allowaddingnonmicrosoftaccountsmanually) | Whether users can add non-Microsoft email accounts | X | X | | | | +| [AllowMicrosoftAccountConnection](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#accounts-allowmicrosoftaccountconnection) | Whether users can use a Microsoft account for non-email-related connection authentication and services | X | X | | | | +| [AllowMicrosoftAccountSigninAssistant](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#accounts-allowmicrosoftaccountsigninassistant) | Disable the **Microsoft Account Sign-In Assistant** (wlidsvc) NT service | X | X | | | | +| [DomainNamesForEmailSync](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#accounts-domainnamesforemailsync) | List of domains that are allowed to sync email on the devices | X | X | | | | + + +## ApplicationDefaults + +| Setting | Description | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | --- | :---: | :---: | :---: | :---: | :---: | +| [DefaultAssociationsConfiguration](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#applicationdefaults-defaultassociationsconfiguration) | Set default file type and protocol associations | X | | | | | + + +##ApplicationManagement + + +| Setting | Description | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | --- | :---: | :---: | :---: | :---: | :---: | +| [AllowAllTrustedApps](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#applicationmanagement-allowalltrustedapps) | Whether non-Windows Store apps are allowed | X | X | | | | +| [AllowAppStoreAutoUpdate](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#applicationmanagement-allowappstoreautoupdate) | Whether automatic update of apps from Windows Store is allowed | X | X | | | | +| [AllowDeveloperUnlock](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#applicationmanagement-allowdeveloperunlock) | Whether developer unlock of device is allowed | X | X | X | X | X | +| [AllowSGameDVR](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#applicationmanagement-allowgamedvr) |Whether DVR and broadcasting is allowed | X | | | | | +| [AllowSharedUserAppData](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#applicationmanagement-allowshareduserappdata) | Whether multiple users of the same app can share data | X | X | | | | +| [AllowStore](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#applicationmanagement-allowstore) | Whether app store is allowed at device (?) | | X | | | | +| [ApplicationRestrictions](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#applicationmanagement-applicationrestrictions) | An XML blob that specifies app restrictions, such as an allow list, disallow list, etc. | | | | | | +| [RestrictAppDataToSystemVolume](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#applicationmanagement-restrictappdatatosystemvolume) | Whether app data is restricted to the system drive | X | X | | | | +| [RestrictAppToSystemVolume](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#applicationmanagement-restrictapptosystemvolume) | Whether the installation of apps is restricted to the system drive | X | X | | | | + + + + +## Authentication + +| Setting | Description | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | --- | :---: | :---: | :---: | :---: | :---: | +| [AllowFastReconnect](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#authentication-allowfastreconnect) | Allows EAP Fast Reconnect from being attempted for EAP Method TLS. | X | X | X | X | X | + + +## BitLocker + +| Setting | Description | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | --- | :---: | :---: | :---: | :---: | :---: | +| [EncryptionMethod](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#bitlocker-encryptionmethod) | Specify BitLocker drive encryption method and cipher strength | X | X | | | | + + +## Bluetooth + +| Setting | Description | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | --- | :---: | :---: | :---: | :---: | :---: | +| [AllowAdvertising](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#bluetooth-allowadvertising) | Whether the device can send out Bluetooth advertisements | X | X | X | X | X | +| [AllowDiscoverableMode](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#bluetooth-allowdiscoverablemode) | Whether other Bluetooth-enabled devices can discover the device | X | X | X | X | X | +| [AllowPrepairing](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#bluetooth-allowprepairing) | Whether to allow specific bundled Bluetooth peripherals to automatically pair with the host device | X | X | X | X | X | +| [LocalDeviceName](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#bluetooth-localdevicename) | Set the local Bluetooth device name | X | X | X | X | X | +| [ServicesAllowedList](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#bluetooth-servicesallowedlist) | Set a list of allowable services and profiles | X | X | | | | + +## Browser + +| Setting | Description | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | --- | :---: | :---: | :---: | :---: | :---: | +| [AllowAddressBarDropdown](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-allowaddressbardropdown) | Specify whether to allow the address bar drop-down functionality in Microsoft Edge. If you want to minimize network connections from Microsoft Edge to Microsoft services, we recommend disabling this functionality. | X | | | | | +| [AllowAutofill](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-allowautofill) | Specify whether autofill on websites is allowed. | X | X | X | | | +| [AllowBrowser](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-allowbrowser) | Specify whether the browser is allowed on the device. | | X | | | | +| [AllowCookies](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-allowcookies) | Specify whether cookies are allowed. | X | X | X | | | +| [AllowDeveloperTools](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-allowdevelopertools) | Specify whether employees can use F12 Developer Tools on Microsoft Edge. | X | | | | | +| [AllowDoNotTrack](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-allowdonottrack) | Specify whether Do Not Track headers are allowed. | X | X | X | | | +| [AllowExtensions](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-allowextensions) | Specify whether Microsoft Edge extensions are allowed. | X | | | | | +| [AllowFlash](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-allowflash) | Specify whether Adobe Flash can run in Microsoft Edge. | X | | | | | +| [AllowFlashClickToRun](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-allowflashclicktorun) | Specify whether users must take an action, such as clicking the content or a Click-to-Run button, before seeing content in Adobe Flash. | X | | | | | +| [AllowInPrivate](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-allowinprivate) | Specify whether InPrivate browsing is allowed on corporate networks. | X | X | X | | | +| [AllowMicrosoftCompatabilityList](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-allowmicrosoftcompatibilitylist) | Specify whether to use the Microsoft compability list in Microsoft Edge. | X | X | X | | | +| [AllowPasswordManager](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-allowpasswordmanager) | Specify whether saving and managing passwords locally on the device is allowed. | X | X | X | | | +| [AllowPopups](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-allowpopups) | Specify whether pop-up blocker is allowed or enabled. | X | | | | | +| [AllowSearchEngineCustomization](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-allowsearchenginecustomization) | Allow search engine customization for MDM-enrolled devices. | X | | | | | +| [AllowSearchSuggestionsinAddressBar](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-allowsearchsuggestionsinaddressbar) | Specify whether search suggestions are allowed in the address bar. | X | X | X | | | +| [AllowSmartScreen](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-allowsmartscreen) | Specify whether Windows Defender SmartScreen is allowed. | X | X | X | | | +| [ClearBrowsingDataOnExit](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-clearbrowsingdataonexit) | Specify whether to clear browsing data when exiting Microsoft Edge. | X | | | | | +| [ConfigureAdditionalSearchEngines](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-configureadditionalsearchengines) | Allows you to add up to 5 addtional search engines for MDM-enrolled devices. | X | X | X | | | +| [DisableLockdownOfStartPages](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-disablelockdownofstartpages) | Specify whether the lockdown on the Start pages is disabled. | X | | | | | +| [EnterpriseModeSiteList](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-enterprisemodesitelist) | Allow the user to specify a URL of an enterprise site list. | X | | | | | +| EnterpriseSiteListServiceUrl | This policy (introduced in Windows 10, version 1507) was deprecated in Windows 10, version 1511 by [Browser/EnterpriseModeSiteList](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-enterprisemodesitelist). | X | | | | | +| [FirstRunURL](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-firstrunurl) | Specify the URL that Microsoft Edge will use when it is opened for the first time. | | X | | | | +| [HomePages](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-homepages) | Specify your Start pages for MDM-enrolled devices. | X | | | | | +| [PreventAccessToAboutFlagsInMicrosoftEdge](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-preventaccesstoaboutflagsinmicrosoftedge) | Specify whether users can access the **about:flags** page, which is used to change developer settings and to enable experimental features. | X | X | X | | | +| [PreventFirstRunPage](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-preventfirstrunpage) | Specify whether to enable or disable the First Run webpage. | X | | | | | +| [PreventLiveTileDataCollection](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-preventlivetiledatacollection) | Specify whether Microsoft can collect information to create a Live Tile when pinning a site to Start from Microsoft Edge. | X | X | X | | | +| [PreventSmartScreenPromptOverride](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-preventsmartscreenpromptoverride) | Specify whether users can override the Windows Defender SmartScreen Filter warnings about potentially malicious websites. | X | X | X | | | +| [PreventSmartScreenPromptOverrideForFiles](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-preventsmartscreenpromptoverrideforfiles) | Specify whether users can override the Windows Defender SmartScreen Filter warnings about downloading unverified files. | X | X | X | | | +| [PreventUsingLocalHostIPAddressForWebRTC](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-preventusinglocalhostipaddressforwebrtc) | Specify whether a user's localhost IP address is displayed while making phone calls using the WebRTC protocol. | X | X | X | | | +| [SendIntranetTraffictoInternetExplorer ](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-sendintranettraffictointernetexplorer) | Specify whether to send intranet traffic to Internet Explorer. | X | | | | | +| [SetDefaultSearchEngine](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-setdefaultsearchengine) | Configure the default search engine for your employees. | X | X | X | | | +| [howMessageWhenOpeningSitesInInternetExplorer](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-showmessagewhenopeningsitesininternetexplorer) | Specify whether users should see a full interstitial page in Microsoft Edge when opening sites that are configured to open in Internet Explorer using the Enterprise Site list. | X | | | | | +| [SyncFavoritesBetweenIEAndMicrosoftEdge](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-syncfavoritesbetweenieandmicrosoftedge) | Specify whether favorites are kept in sync between Internet Explorer and Microsoft Edge. | X | | | | | + + +## Camera + +| Setting | Description | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | --- | :---: | :---: | :---: | :---: | :---: | +| [AllowCamera](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#camera-allowcamera) | Disable or enable the camera. | X | X | X | | | + + +## Connectivity + +| Setting | Description | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | --- | :---: | :---: | :---: | :---: | :---: | +| [AllowBluetooth](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#connectivity-allowbluetooth) | Allow the user to enable Bluetooth or restrict access. | X | X | X | | | +| [AllowCellularData](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#connectivity-allowcellulardata) | Allow the cellular data channel on the device. | X | X | X | | | +| [AllowCellularDataRoaming](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#connectivity-allowcellulardataroaming) | Allow or disallow cellular data roaming on the device. | X | X | X | | | +| [AllowConnectedDevices](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#connectivity-allowconnecteddevices) | Allows IT admins the ability to disable the Connected Devices Platform component. | X | X | X | | | +| [AllowNFC](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#connectivity-allownfc) | Allow or disallow near field communication (NFC) on the device. | | X | | | | +| [AllowUSBConnection](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#connectivity-allowusbconnection) | Enable USB connection between the device and a computer to sync files with the device or to use developer tools or to deploy or debug applications. | | X | | | | +| [AllowVPNOverCellular](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#connectivity-allowvpnovercellular) | Specify what type of underlyinng connections VPN is allowed to use. |X | X | X | | | +| [AllowVPNRoamingOverCellular](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#connectivity-allowvpnroamingovercellular) | Prevent the device from connecting to VPN when the device roams over cellular networks. | X | X | X | | | +| HideCellularConnectionMode | Hide the checkbox that lets the user change the connection mode. | X | X | X | | | +| HideCellularRoamingOption | Hide the dropdown menu that lets the user change the roaming preferences. | X | X | X | | | + +## Cryptography + +| Setting | Description | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | --- | :---: | :---: | :---: | :---: | :---: | +| [AllowFipsAlgorithmPolicy](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#cryptography-allowfipsalgorithmpolicy) | Allow or disallow the Federal Information Processing Standard (FIPS) policy. | X | X | | | | +| [TLSCiperSuites](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#cryptography-tlsciphersuites) | List the Cryptographic Cipher Algorithms allowed for SSL connections. Format is a semicolon delimited list. Last write win. | X | X | | | | + +## Defender + +| Setting | Description | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | --- | :---: | :---: | :---: | :---: | :---: | +| [AllowArchiveScanning](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#defender-allowarchivescanning) | Allow or disallow scanning of archives. | X | | | | | +| [AllowBehaviorMonitoring](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#defender-allowbehaviormonitoring) | Allow or disallow Windows Defender Behavior Monitoring functionality. | X | | | | | +| [AllowCloudProtection](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#defender-allowcloudprotection) | To best protect your PC, Windows Defender will send information to Microsoft about any problems it finds. Microsoft will analyze that information, learn more about problems affecting you and other customers, and offer improved solutions. | X | | | | | +| [AllowEmailScanning](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#defender-allowemailscanning) | Allow or disallow scanning of email. | X | | | | | +| [AllowFullScanOnMappedNetworkDrives](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#defender-allowfullscanonmappednetworkdrives) | Allow or disallow a full scan of mapped network drives. | X | | | | | +| [AllowFullScanRemovableDriveScanning](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#defender-allowfullscanremovabledrivescanning) | Allow or disallow a full scan of removable drives. | X | | | | | +| [AllowIntrusionPreventionSystem](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#defender-allowintrusionpreventionsystem) | Allow or disallow Windows Defender Intrusion Prevention functionality. | X | | | | | +| [AllowIOAVProtection](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#defender-allowioavprotection) | Allow or disallow Windows Defender IOAVP Protection functionality. | X | | | | | +| [AllowOnAccessProtection](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#defender-allowonaccessprotection) | Allow or disallow Windows Defender On Access Protection functionality. | X | | | | | +| [AllowRealtimeMonitoring](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#defender-allowrealtimemonitoring) | Allow or disallow Windows Defender Realtime Monitoring functionality. | X | | | | | +| [AllowScanningNetworkFiles](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#defender-allowscanningnetworkfiles) | Allow or disallow scanning of network files. | X | | | | | +| [AllowScriptScanning](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#defender-allowscriptscanning) | Allow or disallow Windows Defender Script Scanning functionality. | X | | | | | +| [AllowUserUIAccess](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#defender-allowuseruiaccess) | Allow or disallow user access to the Windows Defender UI. | X | | | | | +| [AvgCPULoadFactor](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#defender-avgcpuloadfactor) | Represents the average CPU load factor for the Windows Defeder scan (in percent). | X | | | | | +| [DaysToRetainCleanedMalware](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#defender-daystoretaincleanedmalware) | Specify time period (in days) that quarantine items will be stored on the system. | X | | | | | +| [ExcludedExtensions](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#defender-excludedextensions) | Specify a list of file type extensions to ignore durinng a scan. Separate each file type in the list by using \|. | X | | | | | +| [ExcludedPaths](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#defender-excludedpaths) | Specify a list of directory paths to ignore during a scan. Separate each path in the list by using \|. | X | | | | | +| [ExcludedProcesses](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#defender-excludedprocesses) | Specify a list of files opened by processes to ignore durinng a scan. Separate each file type in the list by using \|. The process itself is not excluded from the scan, but can be excluded by using the [Defender/ExcludedPaths](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#defender-excludedpaths) policy to exclude its path. | X | | | | | +| [RealTimeScanDirection](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#defender-realtimescandirection) | Control which sets of files should be monitored. | X | | | | | +| [ScanParameter](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#defender-scanparameter) | Select whether to perform a quick scan or full scan. | X | | | | | +| [ScheduleQuickScanTime](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#defender-schedulequickscantime) | Specify the time of day that Windows Defender quick scan should run. | X | | | | | +| [ScheduleScanDay](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#defender-schedulescanday) | Select the day that Windows Defender scan should run. | X | | | | | +| [ScheduleScanTime](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#defender-schedulescantime) | Select the time of day that the Windows Defender scan should run. | X | | | | | +| [SignatureUpdateInterval](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#defender-signatureupdateinterval) | Specify the interval (in hours) that will be used to check for signatures, so instead of using the ScheduleDay and ScheduleTime the check for new signatures will be set according to the interval. | X | | | | | +| [SubmitSamplesConsent](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#defender-submitsamplesconsent) | Checks for the user consent level in Windows Defender to send data. | X | | | | | +| [ThreatSeverityDefaultAction](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#defender-threatseveritydefaultaction) | Specify any valid threat severity levels and the corresponding default action ID to take. | X | | | | | + +## DeliveryOptimization + +| Setting | Description | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | --- | :---: | :---: | :---: | :---: | :---: | +| [DOAbsoluteMaxCacheSize](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#deliveryoptimization-doabsolutemaxcachesize) | Specify the maximum size in GB of Delivery Optimization cache. | X | | | | | +| [DOAllowVPNPeerCaching](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#deliveryoptimization-doallowvpnpeercaching) | Specify whether the device is allowed to participate in Peer Caching while connected via VPN to the domain network. | X | | | | | +| [DODownloadMode](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#deliveryoptimization-dodownloadmode) | Specify the download method that Delivery Optimization can use in downloads of Windows Updates, apps, and app updates. | X | | | | | +| [DOGroupId](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#deliveryoptimization-dogroupid) | Specify an arbitrary group ID that the device belongs to. | X | | | | | +| [DOMaxCacheAge](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#deliveryoptimization-domaxcacheage) | Specify the maximum time in seconds that each file is held in the Delivery Optimization cache after downloading successfully. | X | | | | | +| [DOMaxCacheSize](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#deliveryoptimization-domaxcachesize) | Specify the maximum cache size that Delivery Optimization can utilize, as a percentage of disk size (1-100). | X | | | | | +| [DOMaxDownloadBandwidth](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#deliveryoptimization-domaxdownloadbandwidth) | Specify the maximum download bandwidth in kilobytes/second that the device can use across all concurrent download activities using Delivery Optimization. | X | | | | | +| [DOMaxUploadBandwidth](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#deliveryoptimization-domaxuploadbandwidth) | Specify the maximum upload bandwidth in kilobytes/second that a device will use across all concurrent upload activity usinng Delivery Optimization. | X | | | | | +| [DOMinBackgroundQos](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#deliveryoptimization-dominbackgroundqos) | Specify the minimum download QoS (Quality of Service or speed) i kilobytes/second for background downloads. | X | | | | | +| [DOMinBatteryPercentageAllowedToUpload](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#deliveryoptimization-dominbatterypercentageallowedtoupload) | Specify any value between 1 and 100 (in percentage) to allow the device to upload data to LAN and group peers while on battery power. | X | | | | | +| [DOMinDiskSizeAllowedToPeer](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#deliveryoptimization-domindisksizeallowedtopeer) | Specify the required minimum disk size (capabity in GB) for the device to use Peer Caching. | X | | | | | +| [DOMinFileSizeToCache](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#deliveryoptimization-dominfilesizetocache) | Specify the minimum content file size in MB enabled to use Peer Caching. | X | | | | | +| [DOMinRAMAllowedToPeer](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#deliveryoptimization-dominramallowedtopeer) | Specify the minimum RAM size in GB requried to use Peer Caching. | X | | | | | +| [DOModifyCacheDrive](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#deliveryoptimization-domodifycachedrive) | Specify the drive that Delivery Optimization should use for its cache. | X | | | | | +| [DOMonthlyUploadDataCap](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#deliveryoptimization-domonthlyuploaddatacap) | Specify the maximum total bytes in GB that Delivery Optimization is allowed to upload to Internet peers in each calendar month. | X | | | | | +| [DOPercentageMaxDownloadBandwidth](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#deliveryoptimization-dopercentagemaxdownloadbandwidth) | Specify the maximum download bandwidth that Delivery Optimization uses across all concurrent download activities as a percentage of available download bandwidth. | X | | | | | + + +## DeviceLock + +| Setting | Description | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | --- | :---: | :---: | :---: | :---: | :---: | +| [AllowIdleReturnWithoutPassword](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#devicelock-allowidlereturnwithoutpassword) | Specify whether the user must input a PIN or password when the device resumes from an idle state. | | X | | | | +| [AllowScreenTimeoutWhileLockedUserConfig](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#devicelock-allowscreentimeoutwhilelockeduserconfig) | Specify whether to show a user-configurable setting to control the screen timeout while on the lock screen. | | X | | | | +| [AllowSimpleDevicePassword](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#devicelock-allowsimpledevicepassword) | Specify whether PINs or passwords such as "1111" or "1234" are allowed. For the desktop, it also controls the use of picture passwords. | X | X | | | | +|[AlphanumericDevicePasswordRequired](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#devicelock-alphanumericdevicepasswordrequired) | Select the type of PIN or password required. | X | X | | | | +| [DevicePasswordEnabled](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#devicelock-devicepasswordenabled) | Specify whether device password is enabled. | X | X | | | | +| [DevicePasswordExpiration](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#devicelock-devicepasswordexpiration) | Specify when the password expires (in days). | X | X | | | | +| [DevicePasswordHistory](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#devicelock-devicepasswordhistory) | Specify how many passwords can be stored in the history that can't be reused. | X | X | | | | +| [MaxDevicePasswordFailedAttempts](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#devicelock-maxdevicepasswordfailedattempts) | Specify the number of authentication failures allowed before the device will be wiped. | X | X | | | | +| [MaxInactivityTimeDeviceLock](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#devicelock-maxinactivitytimedevicelock) |Specify the maximum amount of time (in minutes) allowed after the device is idle that will cause the device to become PIN or password locked. | X | X | | | | +| [MinDevicePasswordComplexCharacters](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#devicelock-mindevicepasswordcomplexcharacters) | Specify the number of complex element types (uppercase and lowercase letters, numbers, and punctuation) required for a strong PIN or password. | X | X | | | | +| [MinDevicePasswordLength](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#devicelock-mindevicepasswordlength) | Specify the minimum number or characters required in the PIN or password. | X | X | | | | +| [ScreenTimeoutWhileLocked](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#devicelock-screentimeoutwhilelocked) | Specify the duration in seconds for the screen timeout while on the lock screen. | | X | | | | + + +## DeviceManagement + +| Setting | Description | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | --- | :---: | :---: | :---: | :---: | :---: | +| DisableMDMEnrollment | Use this setting to prevent the device from enrolling in MDM. | X | | | | | + + + +## Experience + +| Setting | Description | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | --- | :---: | :---: | :---: | :---: | :---: | +| [AllowCopyPaste](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#experience-allowcopypaste) | Specify whether copy and paste is allowed. | | X | | | | +| [AllowCortana](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#experience-allowcortana) | Specify whether Cortana is allowed on the device. | X | X | | | | +| [AllowDeviceDiscovery](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#experience-allowdevicediscovery) | Allow users to turn device discovery on or off in the UI. | X | X | | | | +| [AllowFindMyDevice](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#experience-allowfindmydevice) | Turn on **Find my device** feature. | X | X | | | | +| [AllowManualMDMUnenrollment](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#experience-allowmanualmdmunenrollment) | Specify whether the user is allowed to delete the workplace account. | X | X | | | | +| [AllowScreenCapture](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#experience-allowscreencapture) | Specify whether screen capture is allowed. | | X | | | | +| [AllowSIMErrorDialogPromptWhenNoSIM](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#experience-allowsimerrordialogpromptwhennosim) | Specify whether to display a dialog prompt when no SIM card is detected. | | X | | | | +| [AllowSyncMySettings](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#experience-allowsyncmysettings) | Allow or disallow all Windows sync settings on the device. | X | | | | | +| [AllowTailoredExperiencesWithDiagnosticData](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#experience-allowtailoredexperienceswithdiagnosticdata) | Prevent Windows from using diagnostic data to provide customized experiences to the user. | X | | | | | +| [AllowTaskSwitcher](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#experience-allowtaskswitcher) | Allow or disallow task switching on the device. | | X | | | | +| [AllowThirdPartySuggestionsInWindowsSpotlight](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#experience-allowthirdpartysuggestionsinwindowsspotlight) | Specify whether to allow app and content suggestions from third-party software publishers in Windows Spotlight. | X | | | | | +| [AllowVoiceRecording](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#experience-allowvoicerecording) | Specify whether voice recording is allowed for apps. | | X | | | | +| [AllowWindowsConsumerFeatures](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#experience-allowwindowsconsumerfeatures) | Turn on experiences that are typically for consumers only, such as Start suggetions, membership notifications, post-OOBE app install, and redirect tiles. | X | | | | | +| [AllowWindowsSpotlight](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#experience-allowwindowsspotlight) |Specify whether to turn off all Windows Spotlight features at once. | X | | | | | +| [AllowWindowsSpotlightOnActionCenter](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#experience-allowwindowsspotlightonactioncenter) | Prevent Windows Spotlight notifications from being displayed in the Action Center. | X | | | | | +| [AllowWindowsSpotlightWindowsWelcomeExperience](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#experience-allowwindowsspotlightwindowswelcomeexperience) | Turn off the Windows Spotlight Windows welcome experience feature. | X | | | | | +| [AllowWindowsTips](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#experience-allowwindowstips) | Enable or disable Windows Tips. | X | | | | | +| [ConfigureWindowsSpotlightOnLockScreen](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#experience-configurewindowsspotlightonlockscreen) | Specify whether Spotlight should be used on the user's lock screen. | X | | | | | + + +## Games + +| Setting | Description | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | --- | :---: | :---: | :---: | :---: | :---: | +| [AllowAdvancedGamingServices](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#games-allowadvancedgamingservices) | Currently not supported. | X | | | | | + + +## Location + +| Setting | Description | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | --- | :---: | :---: | :---: | :---: | :---: | +| [EnableLocation](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#location-enablelocation) | Configure whether the the Location Service's Device Switch is enabled or disabled for the device. | X | X | | | | + + +## Privacy + +| Setting | Description | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | --- | :---: | :---: | :---: | :---: | :---: | +| [AllowAutoAcceptPairingAndPrivacyConsentPrompts](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-allowautoacceptpairingandprivacyconsentprompts) | Allow or disallow the automatic acceptance of the pairing and privacy user consent dialog boxes when launching apps. | | X | | | | +| [AllowInputPersonalization](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-allowinputpersonalization) | Allow the use of cloud-based speech services for Cortana, dictation, or Store apps. | X | X | | | | + + +## Search + +| Setting | Description | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | --- | :---: | :---: | :---: | :---: | :---: | +| [AllowIndexingEncryptedStoresOrItems](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#search-allowindexingencryptedstoresoritems) | Allow or disallow the indexing of items. | X | X | | | | +| [AllowSearchToUseLocation](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#search-allowsearchtouselocation) | Specify whether search can use location information. | X | X | | | | +| [AllowUsingDiacritics](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#search-allowusingdiacritics) | Allow the use of diacritics. | X | X | | | | +| AllowWindowsIndexer | The indexer provides fast file, email, and web history search for apps and system components including Cortana, Outlook, file explorer, and Edge. To do this, it requires access to the file system and app data stores such as Outlook OST files.

- **Off** setting disables Windows indexer
- **EnterpriseSecure** setting stops the indexer from indexing encrypted files or stores, and is recommended for enterprises using Windows Information Protection (WIP)
- **Enterprise** setting reduces potential network loads for enterprises
- **Standard** setting is appropriate for consuemrs | X | X | | | | +| [AlwaysUseAutoLangDetection](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#search-alwaysuseautolangdetection) | Specify whether to always use automatic language detection when indexing content and properties. | X | X | | | | +| [DisableBackoff](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#search-disablebackoff) | If enabled, the search indexer backoff feature will be disabled. | X | X | | | | +| [DisableRemovableDriveIndexing](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#search-disableremovabledriveindexing) | Configure whether locations on removable drives can be added to libraries. | X | X | | | | +| [PreventIndexingLowDiskSpaceMB](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#search-preventindexinglowdiskspacemb) | Prevent indexing from continuing after less than the specified amount of hard drive space is left on the same drive as the index location. | X | X | | | | +| [PreventRemoteQueries](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#search-preventremotequeries) | If enabled, clients will be unable to query this device's index remotely. | X | X | | | | +| [SafeSearchPermissions](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#search-safesearchpermissions) | Specify the level of safe search (filtering adult content) required. | | X | | | | + + + +## Security + +| Setting | Description | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | --- | :---: | :---: | :---: | :---: | :---: | +| [AllowAddProvisioningPackage](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#security-allowaddprovisioningpackage) | Specify whether to allow installation of provisioning packages. | X | X | X | X | X | +| [AllowManualRootCertificateInstallation](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#security-allowmanualrootcertificateinstallation) | Specify whether the user is allowed to manually install root and intermediate CA certificates. | | X | | | | +| [AllowRemoveProvisioningPackage](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#security-allowremoveprovisioningpackage) | Specify whether removal of provisioning packages is allowed. | X | X | X | X | X | +| [AntiTheftMode](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#security-antitheftmode) | Allow or disallow Anti Theft Mode on the device. | | X | | | | +| [RequireDeviceEncryption](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#security-requiredeviceencryption) | Specify whether encryption is required. | X | X | X | X | X | +| [RequireProvisioningPackageSignature](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#security-requireprovisioningpackagesignature) | Specify whether provisioning packages must have a certificate signed by a device-trusted authority. | X | X | X | X | X | +| [RequireRetrieveHealthCertificateOnBoot](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#security-requireretrievehealthcertificateonboot) | Specify whether to retrieve and post TCG Boot logs, and get or cache an encrypted or signed Health Attestation Report from the Microsoft Health Attestation Service when a device boots or reboots. | X | X | | | | + +## Settings + +| Setting | Description | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | --- | :---: | :---: | :---: | :---: | :---: | +| [AllowAutoPlay](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#settings-allowautoplay) | Allow the user to change AutoPlay settings. | | X | | | | +| [AllowDataSense](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#settings-allowdatasense) | Allow the user to change Data Sense settings. | | X | | | | +| [AllowVPN](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#settings-allowvpn) | Allow the user to change VPN settings. | | X | | | | +| [ConfigureTaskbarCalendar](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#settings-configuretaskbarcalendar) | Configure the default setting for showing additional calendars (besides the default calendar for the locale) in the taskbar clock and calendar flyout. | X | | | | | + +## Start + +| Setting | Description | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | --- | :---: | :---: | :---: | :---: | :---: | +| AllowPinnedFolderDocuments | Control the visibility of the Documents shortcut on the Start menu. | X | | | | | +| AllowPinnedFolderDownloads | Control the visibility of the Downloadds shortcut on the Start menu. | X | | | | | +| AllowPinnedFolderFileExplorer | Control the visibility of the File Explorer shortcut on the Start menu. | X | | | | | +| AllowPinnedFolderHomeGroup | Control the visibility of the Home Group shortcut on the Start menu. | X | | | | | +| AllowPinnedFolderMusic | Control the visibility of the Music shortcut on the Start menu. | X | | | | | +| AllowPinnedFolderNetwork | Control the visibility of the Network shortcut on the Start menu. | X | | | | | +| AllowPinnedFolderPersonalFolder | Control the visibility of the Personal Folder shortcut on the Start menu. | X | | | | | +| AllowPinnedFolderPictures | Control the visibility of the Pictures shortcut on the Start menu. | X | | | | | +| AllowPinnedFolderSettings | Control the visibility of the Settings shortcut on the Start menu. | X | | | | | +| AllowPinnedFolderVideos |Control the visibility of the Videos shortcut on the Start menu. | X | | | | | +| [ForceStartSize](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#start-forcestartsize) | Force the size of the Start screen. | X | | | | | +| [HideAppList](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#start-hideapplist) | Collapse or remove the all apps list. | X | | | | | +| [HideChangeAccountSettings](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#start-hidechangeaccountsettings) | Hide **Change account settings** from appearing in the user tile. | X | | | | | +| [HideFrequentlyUsedApps](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#start-hidefrequentlyusedapps) | Hide **Most used** section of Start. | X | | | | | +| [HideHibernate](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#start-hidehibernate) | Prevent **Hibernate** option from appearing in the Power button. | X | | | | | +| [HideLock](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#start-hidelock) | Prevent **Lock** from appearing in the user tile. | X | | | | | +| [HidePowerButton](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#start-hidepowerbutton) | Hide the **Power** button. | X | | | | | +| [HideRecentJumplists](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#start-hiderecentjumplists) | Hide jumplists of recently opened items. | X | | | | | +| [HideRecentlyAddedApps](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#start-hiderecentlyaddedapps) | Hide **Recently added** section of Start. | X | | | | | +| [HideRestart](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#start-hiderestart) | Prevent **Restart** and **Update and restart** from appearing in the Power button. | X | | | | | +| [HideShutDown](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#start-hideshutdown) | Prevent **Shut down** and **Update and shut down** from appearing in the Power button. | X | | | | | +| [HideSignOut](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#start-hidesignout) | Prevent **Sign out** from appearing in the user tile. | X | | | | | +| [HideSleep](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#start-hidesleep) | Prevent **Sleep** from appearing in the Power button. | X | | | | | +| [HideSwitchAccount](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#start-hideswitchaccount) | Prevent **Switch account** from appearing in the user tile. | X | | | | | +| [HideUserTile](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#start-hideusertile) | Hide the user tile. | X | | | | | +| [ImportEdgeAssets](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#start-importedgeassets) | Import Edge assets for secondary tiles. For more information, see [Add image for secondary Microsoft Edge tiles](https://docs.microsoft.com/windows/configuration/start-secondary-tiles). | X | | | | | +| [NoPinningToTaskbar](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#start-nopinningtotaskbar) | Prevent users from pinning and unpinning apps on the taskbar. | X | | | | | +| [StartLayout](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#start-startlayout) | Apply a custom Start layout. For more information, see [Customize Windows 10 Start and taskbar with provisioning packages](https://docs.microsoft.com/windows/configuration/customize-windows-10-start-screens-by-using-provisioning-packages-and-icd) | X | | | | | + +## System + +| Setting | Description | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | --- | :---: | :---: | :---: | :---: | :---: | +| [AllowBuildPreview](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#system-allowbuildpreview) | Specify whether users can access the Insider build controls in the **Advanced Options** for Windows Update. | X | X | | | | +| [AllowEmbeddedMode](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#system-allowembeddedmode) | Specify whether to set general purpose device to be in embedded mode. | X | X | X | X | X | +| [AllowExperimentation](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#system-allowexperimentation) | Determine the level that Microsoft can experiment with the product to study user preferences or device behavior. | X | X | | | | +| [AllowLocation](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#system-allowlocation) | Specify whether to allow app access to the Location service. | X | X | X | X | X | +| [AllowStorageCard](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#system-allowstoragecard) | Specify whether the user is allowed to use the storage card for device storage. | X | X | X | X | X | +| [AllowTelemetry](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#system-allowtelemetry) | Allow the device to send diagnostic and useage telemetry data. | X | X | | | | +| [AllowUserToResetPhone](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#system-allowusertoresetphone) | Allow the user to factory reset the phone. | X | X | | | | +| [DisableOneDriveFileSync](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#system-disableonedrivefilesync) | Prevent apps and features from working with files on OneDrive. | X | | | | | + + +## TextInput + +| Setting | Description | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | --- | :---: | :---: | :---: | :---: | :---: | +| [AllowIMELogging](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#textinput-allowimelogging) | Allow the user to turn on and off the logging for incorrect conversion and saving auto-tuning result to a file and history-based predictive input. | X | | | | | +| [AllowIMENetworkAccess](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#textinput-allowimenetworkaccess) | Allow the user to turn on Open Extended Dictionary, Internet search integration, or cloud candidate features to provide input suggestions that do not exist in the device's local dictionary. | X | | | | | +| [AllowInputPanel](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#textinput-allowinputpanel) | Disable the touch/handwriting keyboard. | X | | | | | +| [AllowJapaneseIMESurrogatePairCharacters](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#textinput-allowjapaneseimesurrogatepaircharacters) | Allow the Japanese IME surrogate pair characters. | X | | | | | +| [AllowJapaneseIVSCharacters](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#textinput-allowjapaneseivscharacters) | Allow Japanese Ideographic Variation Sequence (IVS) characters. | X | | | | | +| [AllJapaneseNonPublishingStandardGlyph](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#textinput-allowjapanesenonpublishingstandardglyph) | All the Japanese non-publishing standard glyph. | X | | | | | +| [AllowJapaneseUserDictionary](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#textinput-allowjapaneseuserdictionary) | Allow the Japanese user dictionary. | X | | | | | +| [AllowKeyboardTextSuggestions](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#textinput-allowkeyboardtextsuggestions) | Specify whether text prediction is enabled or disabled for the on-screen keyboard, touch keyboard, and handwriting recognition tool. | X | | | | | +| [AllowLanguageFeaturesUninstall](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#textinput-allowlanguagefeaturesuninstall) | All language features to be uninstalled. | X | | | | | +| AllowUserInputsFromMiracastRecevier | Do not use. Instead, use [WirelessDisplay](#wirelessdisplay)/[AllowUserInputFromWirelessDisplayReceiver](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#wirelessdisplay-allowuserinputfromwirelessdisplayreceiver) | | | | | | +| [ExcludeJapaneseIMEExceptISO208](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#textinput-excludejapaneseimeexceptjis0208) | Allow users to restrict character code range of conversion by setting the character filter. | X | | | | | +| [ExcludeJapaneseIMEExceptISO208andEUDC](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#textinput-excludejapaneseimeexceptjis0208andeudc) | Allow users to restrict character code range of conversion by setting the character filter. | X | | | | | +| [ExcludeJapaneseIMEExceptShiftJIS](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#textinput-excludejapaneseimeexceptshiftjis) | Allow users to restrict character code range of conversion by setting the character filter. | X | | | | | + + +## TimeLanguageSettings + +| Setting | Description | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | --- | :---: | :---: | :---: | :---: | :---: | +| [AllowSet24HourClock](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#timelanguagesettings-allowset24hourclock) | Configure the default clock setting to be the 24 hour format. | | X | | | | + + +## Update + +| Setting | Description | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | --- | :---: | :---: | :---: | :---: | :---: | +| [ActiveHoursEnd](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#update-activehoursend) | Use with **Update/ActiveHoursStart** to manage the range of active hours where update rboots are not scheduled. | X | X | X | X | X | +| [ActiveHoursMaxRange](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#update-activehoursmaxrange) | Specify the maximum active hours range. | X | X | X | X | X | +| [ActiveHoursStart](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#update-activehoursstart) | Use with **Update/ActiveHoursEnd** to manage the range of active hours where update rboots are not scheduled. | X | X | X | X | X | +| [AllowautoUpdate](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#update-allowautoupdate) | Configure automatic update behavior to scan, download, and install updates. | X | X | X | X | X | +| [AllowMUUpdateService](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#update-allowmuupdateservice) | Manage whether to scan for app updates from Microsoft Update. | X | X | X | X | X | +| [AllowNonMicrosoftSignedUpdate](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#update-allownonmicrosoftsignedupdate) | Manage whether Automatic Updates accepts updates signed by entities other than Microsoft when the update is found at the UpdateServiceUrl location. | X | X | X | X | X | +| [AllowUpdateService](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#update-allowupdateservice) | Specify whether the device can use Microsoft Update, Windows Server Update Services (WSUS), or Windows Store. | X | X | X | X | X | +| AutoRestartDeadlinePeriodInDays | Specify number of days (between 2 and 30) after which a forced restart will occur outside of active hours when restart is pending. | X | X | X | X | X | +| [AutoRestartNotificationSchedule](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#update-autorestartnotificationschedule) | Specify the period for auto-restart reminder notifications. | X | X | X | X | X | +| [AutoRestartRequiredNotificationDismissal](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#update-autorestartrequirednotificationdismissal) | Specify the method by which the auto-restart required notification is dismissed. | X | X | X | X | X | +| [BranchReadinessLevel](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#update-branchreadinesslevel) | Select which branch a device receives their updates from. | X | X | X | X | X | +| [DeferFeatureUpdatesPeriodInDays](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#update-deferfeatureupdatesperiodindays) | Defer Feature Updates for the specified number of days. | X | X | X | X | X | +| [DeferQualityUpdatesPeriodInDays](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#update-deferqualityupdatesperiodindays) | Defer Quality Updates for the specified number of days. | X | X | X | X | X | +| [DetectionFrequency](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#update-detectionfrequency) | Specify the frequency to scan for updates, from every 1-22 hours. | X | X | X | X | X | +| [EngagedRestartDeadline](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#update-engagedrestartdeadline) | Specify the deadline in days before automatically scheduling and executing a pending restart outside of active hours. | X | X | X | X | X | +| [EngagedRestartSnoozeSchedule](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#update-engagedrestartsnoozeschedule) | Specify the number of days a user can snooze Engaged restart reminder notifications. | X | X | X | X | X | +| [EngagedRestartTransitionSchedule](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#update-engagedrestarttransitionschedule) | Specify the timing before transitioning from Auto restarts scheduled outside of active hours to Engaged restart, which requires the user to schedule. | X | X | X | X | X | +| [FillEmptyContentUrls](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#update-fillemptycontenturls) | Allow Windows Update Agent to determine the download URL when it is missing from the metadata. | X | X | X | X | X | +| PhoneUpdateRestrictions | Deprecated | | X | | | | +| [RequireDeferUpgrade](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#update-requiredeferupgrade) | Configure device to receive updates from Current Branch for Business (CBB). | X | X | X | X | X | +| [ScheduledInstallDay](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#update-scheduledinstallday) | Schedule the day for update installation. | X | X | X | X | X | +| [ScheduledInstallTime](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#update-scheduledinstalltime) | Schedule the time for update installation. | X | X | X | X | X | +| [ScheduleImminentRestartWarning](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#update-scheduleimminentrestartwarning) | Specify the period for auto-restart imminent warning notifications. | X | X | X | X | X || +| [ScheduleRestartWarning](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#update-schedulerestartwarning) | Specify the period for auto-restart warning reminder notifications. | X | X | X | X | X | +| [SetAutoRestartNotificationDisable](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#update-setautorestartnotificationdisable) | Disable auto-restart notifications for update installations. | X | X | X | X | X | +| [SetEDURestart](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#update-setedurestart) | Skip the check for battery level to ensure that the reboot will happen at ScheduledInstallTime. | X | X | X | X | X | +| [UpdateServiceUrl](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#update-updateserviceurl) | Configure the device to check for updates from a WSUS server instead of Microsoft Update. | X | X | X | X | X | +| [UpdateServiceUrlAlternate](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#update-updateserviceurlalternate) | Specify an alternate intranet server to host updates from Microsoft Update. | X | X | X | X | X | + + +## WiFi + +| Setting | Description | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | --- | :---: | :---: | :---: | :---: | :---: | +| [AllowAutoConnectToWiFiSenseHotspots](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#wifi-allowautoconnecttowifisensehotspots) | Allow the device to connect automatically to Wi-Fi hotspots. | X | X | | | | +| [AllowInternetSharing](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#wifi-allowinternetsharing) | Allow Internet sharing. | X | X | | | | +| [AllowManualWiFiConfiguration](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#wifi-allowmanualwificonfiguration) | Allow connecting to Wi-Fi outside of MDM server-installed networks. | | X | | | | +| [AllowWiFi](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#wifi-allowwifi) | Allow Wi-Fi connections. | | X | | | | +| [WLANScanMode](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#wifi-wlanscanmode) | Configure the WLAN scanning behavior and how aggressively devices should be actively scanning for Wi-Fi networks to get devices connected. | X | X | X | X | X | + +## WindowsInkWorkspace + +| Setting | Description | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | --- | :---: | :---: | :---: | :---: | :---: | +| [AllowSuggestedAppsInWindowsInkWorkspace](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#windowsinkworkspace-allowsuggestedappsinwindowsinkworkspace) | Show recommended app suggestions in the ink workspace. | X | | | | | +| [AllowWindowsInkWorkspace](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#windowsinkworkspace-allowwindowsinkworkspace) | Specify whether to allow the user to access the ink workspace. | X | | | | | + + +## WindowsLogon + +| Setting | Description | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | --- | :---: | :---: | :---: | :---: | :---: | +| [HideFastUserSwitching](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#windowslogon-hidefastuserswitching) | Hide the **Switch account** button on the sign-in screen, Start, and the Task Manager. | X | | | | | + +## WirelessDisplay + +| Setting | Description | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | --- | :---: | :---: | :---: | :---: | :---: | +| [AllowUserInputFromWirelessDisplayReceiver](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#wirelessdisplay-allowuserinputfromwirelessdisplayreceiver) | This policy controls whether or not the wireless display can send input (keyboard, mouse, pen, and touch, dependent upon display support) back to the source device. For example, a Surface Laptop is projecting wirelessly to a Surface Hub. If input from the wireless display receiver is allowed, users can draw with a pen on the Surface Hub. | X | X | | | | \ No newline at end of file diff --git a/windows/configuration/wcd/wcd-provisioningcommands.md b/windows/configuration/wcd/wcd-provisioningcommands.md new file mode 100644 index 0000000000..5ed43d8d18 --- /dev/null +++ b/windows/configuration/wcd/wcd-provisioningcommands.md @@ -0,0 +1,27 @@ +--- +title: ProvisioningCommands (Windows 10) +description: This section describes the ProvisioningCommands settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# ProvisioningCommands (Windows Configuration Designer reference) + +Use ProvisioningCommands settings to install Classic Windows apps using a provisioning package. + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| All settings | X | | | | | + +For instructions on adding apps to provisioning packages, see [Provision PCs with apps](../provisioning-packages/provision-pcs-with-apps.md). + + + + diff --git a/windows/configuration/wcd/wcd-sharedpc.md b/windows/configuration/wcd/wcd-sharedpc.md new file mode 100644 index 0000000000..d771bbee7b --- /dev/null +++ b/windows/configuration/wcd/wcd-sharedpc.md @@ -0,0 +1,61 @@ +--- +title: SharedPC (Windows 10) +description: This section describes the SharedPC settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# SharedPC (Windows Configuration Designer reference) + +Use SharedPC settings to optimize Windows 10 for shared use scenarios, such as touchdown spaces in an enterprise and temporary customer use in retail. + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| All settings | X | | | | | + +## AccountManagement + +Use these settings to configure settings for accounts allowed on the shared PC. + +| Setting | Value | Description | +| --- | --- | --- | +| AccountModel | - Only guest
- Domain-joined only
- Domain-joined and guest | This option controls how users can sign-in on the PC. Choosing domain-joined will enable any user in the domain to sign-in. Specifying the guest option will add the Guest option to the sign-in screen and enable anonymous guest access to the PC.

- Only guest allows anyone to use the PC as a local standard (non-admin) account.
- Domain-joined only allows users to sign in with an Active Directory or Azure AD account.
- Domain-joined and guest allows users to sign in with an Active Directory, Azure AD, or local standard account. | +| DeletionPolicy | - Delete immediately
- Delete at disk space threshold
- Delete at disk space threshold and inactive threshold | - Delete immediately will delete the account on sign-out.
- Delete at disk space threshold will start deleting accounts when available disk space falls below the threshold you set for DiskLevelDeletion, and it will stop deleting accounts when the available disk space reaches the threshold you set for DiskLevelCaching. Accounts are deleted in order of oldest accessed to most recently accessed.
- Delete at disk space threshold and inactive threshold will apply the same disk space checks as noted above, but also delete accounts if they have not signed in within the number of days specified by InactiveThreshold | +| DiskLevelCaching | A number between 0 and 100 | If you set **DeletionPolicy** to **Delete at disk space threshold**, set the percent of total disk space to be used as the disk space threshold for account caching. | +| DiskLevelDeletion | A number between 0 and 100 | If you set **DeletionPolicy** to **Delete at disk space threshold**, set the percent of total disk space to be used as the disk space threshold for account deletion. | +| EnableAccountManager | True or false | Set as **True** to enable automatic account management. If this is not set to true, no automatic account management will be done. | +| InactiveThreshold | Number | If you set **DeletionPolicy** to **Delete at disk space threshold and inactive threshold**, set the number of days after which an account that has not signed in will be deleted. | +| KioskModeAUMID | String | Set an Application User Model ID (AUMID) to enable the kiosk account on the sign-in screen. A new account will be created and will use assigned access to only run the app specified by the AUMID. Note that the app must be installed on the PC. Set the name of the account using **KioskModeUserTileDisplayText**, or a default name will be used. [Find the Application User Model ID of an installed app](https://msdn.microsoft.com/library/dn449300.aspx) | +| KioskModeUserTileDisplayText | String | Sets the display text on the kiosk account if **KioskModeAUMID** has been set. | + + +## EnableSharedPCMode + +Set as **True**. If this is not set to **True**, shared PC mode is not turned on and none of the other settings apply. This setting controls this API: [IsEnabled](https://docs.microsoft.com/uwp/api/windows.system.profile.sharedmodesettings). + +Some of the remaining settings in SharedPC are optional, but we strongly recommend that you also set **EnableAccountManager** to **True**. + +## PolicyCustomization + +Use these settings to configure policies for shared PC mode. + +| Setting | Value | Description | +| --- | --- | --- | +| MaintenanceStartTime | A number between 0 and 1440 | By default, the maintenance start time (which is when automatic maintenance tasks run, such as Windows Update) is midnight. You can adjust the start time in this setting by entering a new start time in minutes from midnight. For example, if you want maintenance to begin at 2 AM, enter `120` as the value. | +| MaxPageFileSizeMB | A number between 1024 and 2048 | Adjusts the maximum page file size in MB. This can be used to fine-tune page file behavior, especially on low end PCs. | +| RestrictLocalStorage | True or false | Set as **True** to restrict the user from saving or viewing local storage when using File Explorer. This setting controls this API: [ShouldAvoidLocalStorage](https://docs.microsoft.com/uwp/api/windows.system.profile.sharedmodesettings) | +| SetEduPolicies | True or false | Set to **True** for PCs that will be used in a school. For more information, see [Windows 10 configuration recommendations for education customers](https://docs.microsoft.com/education/windows/configure-windows-for-education). This setting controls this API: [IsEducationEnvironment](https://docs.microsoft.com/uwp/api/windows.system.profile.educationsettings) | +| SetPowerPolicies | True or false | When set as **True**:

- Prevents users from changing power settings
- Turns off hibernate
- Overrides all power state transitions to sleep (e.g. lid close) | +| SignInOnResume | True or false | This setting specifies if the user is required to sign in with a password when the PC wakes from sleep. | +| SleepTimeout | Number | Specifies all timeouts for when the PC should sleep. Enter the amount of idle time in seconds. If you don't set sleep timeout, the default of 1 hour applies. | + +## Related topics + +- [Set up shared or guest PC](../set-up-shared-or-guest-pc.md) \ No newline at end of file diff --git a/windows/configuration/wcd/wcd-shell.md b/windows/configuration/wcd/wcd-shell.md new file mode 100644 index 0000000000..8d7ad0b7ff --- /dev/null +++ b/windows/configuration/wcd/wcd-shell.md @@ -0,0 +1,23 @@ +--- +title: Shell (Windows 10) +description: This section describes the Shell settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# Shell (Windows Configuration Designer reference) + +Do not use. Use [Start > StartLayout](wcd-start.md#startlayout) + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| All settings | | X | | | | + + diff --git a/windows/configuration/wcd/wcd-smisettings.md b/windows/configuration/wcd/wcd-smisettings.md new file mode 100644 index 0000000000..ce6de17758 --- /dev/null +++ b/windows/configuration/wcd/wcd-smisettings.md @@ -0,0 +1,107 @@ +--- +title: SMISettings (Windows 10) +description: This section describes the SMISettings settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# SMISettings (Windows Configuration Designer reference) + +Use SMISettings settings to customize the device with custom shell, suppress Windows UI during boot and sign-in, and block or allow specific keys. + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| All settings | X | | | | | + +## All settings in SMISettings + +The following table describes the settings in SMISettings. Some settings have additional details in sections after the table. + +| Setting | Value | Description | +| --- | --- | --- | +| AutoLogon | Enable
Domain name
Password
UserName | Allows automatic sign-in at startup so that the user does not need to enter a user name and password. | +| BrandingNeutral | See [BrandingNeutral values](#brandingneutral-values) | Specifies which UI elements display on the Welcome screen. | +| CrashDumpEnabled | See [CrashDumpEnabled values](#crashdumpenabled-values) | Specifies the type of information to be saved in the event of a crash. | +| DisableBootMenu | True or false | Disables the F8 and F10 keys during startup to prevent access to the **Advanced Startup Options** menu. | +| DisplayDisabled | True or false | Configures the device to display a blank screen when the OS encounters an error that it cannot recover from. | +| HideAllBootUI | True or false | Suppresses all Windows UI elements (logo, status indicator, and status message) during startup. | +| HideAutologonUI | True or false | Hides the Welcome screen when automatic sign-in (AutoLogon) is enabled. | +| HideBootLogo | True or false | Suppresses the default Windows logo that displays during the OS loading phase. | +| HideBootStatusIndicator | True or false | Suppresses the status indicator that displays during the OS loading phase. | +| HideBootStatusMessages | True or false | Suppresses the startup status text that displays during the OS loading phase. | +| HideFirstLogonAnimation | True or false | Disable the animation during the first sign-in. | +| KeyboardFilter | See [KeyboardFilter settings](#keyboardfilter-settings) | Use these settings to configure devices to suppress key presses or key combinations. | +| NoLockScreen | True or false | Disables the lock screen functionality and UI elements | +| ShellLauncher | See [ShellLauncher settings](#shelllauncher-settings) | Settings used to specify the application or executable to use as the default custom shell. | +| UIVerbosityLevel | Suppress or do not suppress | Disables the Windows status messages during device startup, sign-in, and shut down. | + +## BrandingNeutral values + +The following table shows the possible values. You can combine these values using bitwise exclusive-OR logic to disable multiple Welcome screen UI elements. + +The default value is **17**, which disables all Welcome screen UI elements and the Switch user button. + +| Value | Description | +| --- | --- | +| 1 | Disables all Welcome screen UI elements | +| 2 | Disables the Power button | +| 4 | Disables the Language button | +| 8 | Disables the Ease of access button | +| 16 | Disables the Switch user button | +| 32 | Disables the blocked shutdown resolver (BSDR) screen so that restarting or shutting down the system causes the OS to immediately force close any applications that are blocking system shut down. No UI is displayed and users are not given a chance to cancel the shutdown process. This can result in a loss of data if any open applications have unsaved data. | + +## CrashDumpEnabled values + +Contains an integer that specifies the type of information to capture in a dump (.dmp) file that is generated when the system stops unexpectedly. + +The .dmp file is typically saved in %SystemRoot% as Memory.dmp. + +Set CrashDumpEnabled to one of the following values: + +| Value | Description | +| --- | --- | +| 1 | Records all the contents of system memory. This dump file may contain data from processes that were running when the information was collected. | +| 2 | Records only the kernel memory. This dump file includes only memory that is allocated to the kernel, kernel-mode drivers, and other kernel-mode programs. It does not include unallocated memory or any memory that is allocated to user-mode programs.

For most purposes, this kind of dump file is the most useful because it is significantly smaller than the complete memory dump file, but it contains information that is most likely to have been involved in the issue.

If a second problem occurs, the dump file is overwritten with new information. | +| 3 | Records the smallest amount of useful information that may help identify why the device stopped unexpectedly. This type of dump file includes the following information:

- A list of loaded drivers

- The processor context (PRCB) for the processor that stopped

- The process information and kernel context (EPROCESS) for the process that stopped

- The process information and kernel context (ETHREAD) for the thread that stopped

- The kernel-mode call stack for the thread that stopped


This kind of dump file can be useful when space is limited. However, because of the limited information included, errors that were not directly caused by the thread that was running at the time of the problem may not be discovered by analyzing this file.

The date is encoded in the file name. If a second problem occurs, the previous file is preserved and the new file is given a distinct name. A list of all small memory dump files is kept in the %SystemRoot%\Minidump folder. | +| 4 | Records the smallest amount of useful information. This value produces the same results as entering a value of 3. | +| 7 | Records only the kernel memory. This value produces the same results as entering a value of 2. This is the default value. | +| Any other value | Disables crash dump and does not record anything. | + +## KeyboardFilter settings + +You can use KeyboardFilter to suppress undesirable key presses or key combinations. KeyboardFilter works with physical keyboards, the Windows on-screen keyboard, and the touch keyboard. + +When you **enable** KeyboardFilter, a number of other settings become available for configuration. + +| Setting | Value | Description | +| --- | --- | --- | +| CustomKeyFilters | Allow or block | Add your own key filters to meet any special requirements that you may have that are not included in the predefined key filters.

Enter a custom key combination in **CustomKeyFilter**, and then select it to allow or block it. The format to add custom filter combinations is "Alt+F9." This also appears as the CustomKey name, which is specified without "+". For more information, see [WEKF_CustomKey](https://docs.microsoft.com/windows-hardware/customize/enterprise/wekf-customkey). | +| CustomScancodeFilters | Allow or block | Blocks the list of custom scan codes. When a key is pressed on a physical keyboard, the keyboard sends a scan code to the keyboard driver. The driver then sends the scan code to the OS and the OS converts the scan code into a virtual key based on the current active layout.

Enter a custom scancode in **CustomScancodeFilter**, and then select it to allow or block it. For more information, see [WEKF_Scancode](https://docs.microsoft.com/windows-hardware/customize/enterprise/wekf-scancode). | +| DisableKeyboardFilterForAdministrators | True or false | Disables the keyboard filter for administrators. | +| ForceOffAccessibility | True or false | Disables all Ease of Access features and prevents users from enabling them. | +| PredefinedKeyFilters | Allow or block | Specifies the list of predefined keys. For each key, the value will default to **Allow**. Specifying **Block** will suppress the key combination. | + +[Learn more about using keyboard filters.](https://docs.microsoft.com/windows-hardware/customize/enterprise/keyboardfilter) + +## ShellLauncher settings + +Use ShellLauncher to specify the application or executable to use as the default custom shell. One use of ShellLauncher is to [create a kiosk (fixed-purpose) device running a Classic Windows application](https://docs.microsoft.com/windows/configuration/set-up-a-kiosk-for-windows-10-for-desktop-editions#shell-launcher-for-classic-windows-applications). + +You can also configure ShellLauncher to launch different shell applications for different users or user groups. + +>[!IMPORTANT] +>You may specify any executable file to be the default shell except C:\Windows\System32\Eshell.exe. Using Eshell.exe as the default shell will result in a blank screen after a user signs in. +> +>You cannot use ShellLauncher to launch a Windows app as a custom shell. However, you can use Windows 10 application launcher to launch a Windows app at startup. + +ShellLauncher processes the Run and RunOnce registry keys before starting the custom shell, so your custom shell doesn't need to handle the automatic startup of other applications or services. ShellLauncher also handles the behavior of the system when your custom shell exits. You can configure the shell exit behavior if the default behavior does not meet your needs. + +>[!IMPORTANT] +>A custom shell is launched with the same level of user rights as the account that is signed in. This means that a user with administrator rights can perform any system action that requires administrator rights, including launching other applications with administrator rights, while a user without administrator rights cannot. If your shell application requires administrator rights and needs to be elevated, and User Account Control (UAC) is present on your device, you must disable UAC in order for ShellLauncher to launch the shell application. \ No newline at end of file diff --git a/windows/configuration/wcd/wcd-start.md b/windows/configuration/wcd/wcd-start.md new file mode 100644 index 0000000000..25fcc57075 --- /dev/null +++ b/windows/configuration/wcd/wcd-start.md @@ -0,0 +1,35 @@ +--- +title: Start (Windows 10) +description: This section describes the Start settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# Start (Windows Configuration Designer reference) + +Use Start settings to apply a customized Start screen to devices. + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| StartLayout | X | X | | | | +| StartLayoutFilePath | | X | | | | + +>[!IMPORTANT] +>The StartLayout setting is available in the advanced provisioning for Windows 10 desktop editions, but should only be used to apply a layout to Windows 10 Mobile devices. For desktop editions, use [Policies > StartLayout](wcd-policies.md#start). + +## StartLayout + +Use StartLayout to select the LayoutModification.xml file that applies a customized Start screen to a device. + +For more information, see [Start layout XML for mobile editions of Windows 10 ](../mobile-devices/lockdown-xml.md)). + +## StartLayoutFilePath + +Do not use. diff --git a/windows/configuration/wcd/wcd-startupapp.md b/windows/configuration/wcd/wcd-startupapp.md new file mode 100644 index 0000000000..06c5b20b7a --- /dev/null +++ b/windows/configuration/wcd/wcd-startupapp.md @@ -0,0 +1,23 @@ +--- +title: StartupApp (Windows 10) +description: This section describes the StartupApp settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# StartupApp (Windows Configuration Designer reference) + +Use StartupApp settings to configure the default app that will run on start for Windows 10 IoT Core (IoT Core) devices. + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| Default | | | | | X | + +Enter the [Application User Model ID (AUMID)](https://docs.microsoft.com/windows-hardware/customize/enterprise/find-the-application-user-model-id-of-an-installed-app) for the default app. \ No newline at end of file diff --git a/windows/configuration/wcd/wcd-startupbackgroundtasks.md b/windows/configuration/wcd/wcd-startupbackgroundtasks.md new file mode 100644 index 0000000000..6b0840c310 --- /dev/null +++ b/windows/configuration/wcd/wcd-startupbackgroundtasks.md @@ -0,0 +1,22 @@ +--- +title: StartupBackgroundTasks (Windows 10) +description: This section describes the StartupBackgroundTasks settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# StartupBackgroundTasks (Windows Configuration Designer reference) + +Documentation not available at this time. + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| All settings | | | | | X | + diff --git a/windows/configuration/wcd/wcd-surfacehubmanagement.md b/windows/configuration/wcd/wcd-surfacehubmanagement.md new file mode 100644 index 0000000000..f2da4a2dd6 --- /dev/null +++ b/windows/configuration/wcd/wcd-surfacehubmanagement.md @@ -0,0 +1,35 @@ +--- +title: SurfaceHubManagement (Windows 10) +description: This section describes the SurfaceHubManagement settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# SurfaceHubManagement (Windows Configuration Designer reference) + +Use SurfaceHubManagement settings to set the administrator group that will manage a Surface Hub that is joined to the domain. + +>[!IMPORTANT] +>These settings should be used only in provisioning packages that are applied during OOBE. + + + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| All settings | | | X | | | + + +## GroupName + +Enter the group name for the administrators group in Active Directory. + +## GroupSid + +Enter the SID or the administrators group in Active Directory. \ No newline at end of file diff --git a/windows/configuration/wcd/wcd-tabletmode.md b/windows/configuration/wcd/wcd-tabletmode.md new file mode 100644 index 0000000000..a8d2ea900a --- /dev/null +++ b/windows/configuration/wcd/wcd-tabletmode.md @@ -0,0 +1,29 @@ +--- +title: TabletMode (Windows 10) +description: This section describes the TabletMode settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# TabletMode (Windows Configuration Designer reference) + +Use TabletMode to configure settings related to tablet mode. + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| All settings | X | X | X | X | X | + +## ConvertibleSlateModePromptPreference + +Set the default for hardware-based prompts. + +## SignInMode + +Specify whether users switch to table mode by default after signing in. \ No newline at end of file diff --git a/windows/configuration/wcd/wcd-takeatest.md b/windows/configuration/wcd/wcd-takeatest.md new file mode 100644 index 0000000000..75613f3b2e --- /dev/null +++ b/windows/configuration/wcd/wcd-takeatest.md @@ -0,0 +1,48 @@ +--- +title: TakeATest (Windows 10) +description: This section describes the TakeATest settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# TakeATest (Windows Configuration Designer reference) + +Use TakeATest to configure the Take A Test app, a secure browser for test-taking. Many schools use online testing for formative and summative assessments. It's critical that students use a secure browser that prevents them from using other computer or Internet resources during the test. For more information, see [Take tests in Windows 10](https://docs.microsoft.com/education/windows/take-tests-in-windows-10). + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| All settings | X | | | | | + +## AllowScreenMonitoring + +When set to True, students are able to record and take screen captures in the Take A Test app. + +## AllowTextSuggestions + +When set to True, students can see autofill suggestions from onscreen keyboards when typing in the Take A Test app. + +## LaunchURI + +Enter a link to an assessment that will be automatically loaded when the Take A Test app is opened. + +## RequirePrinting + +When set to True, students can print in the Take A Test app. + +## TesterAccount + +Enter the account to use when taking a test. + +To specify a domain account, enter **domain\user**. To specify an AAD account, enter **username@tenant.com**. To specify a local account, enter the username. + + +## Related topics + +- [SecureAssessment configuration service provider (CSP)](https://docs.microsoft.com/windows/client-management/mdm/secureassessment-csp) \ No newline at end of file diff --git a/windows/configuration/wcd/wcd-theme.md b/windows/configuration/wcd/wcd-theme.md new file mode 100644 index 0000000000..2d3e643f85 --- /dev/null +++ b/windows/configuration/wcd/wcd-theme.md @@ -0,0 +1,35 @@ +--- +title: Theme (Windows 10) +description: This section describes the Theme settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# Theme (reference) + +Use Theme to configure accent and background colors on Windows 10 Mobile. + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| All settings | | X | | | | + +## DefaultAccentColor + +In the dropdown menu for DefaultAccentColor, select from the list of colors. The accent color is used for the background of the start tiles, some text, the progress indicator, the user’s My Phone web site, and so on. + + +## DefaultBackgroundColor + +Select between **Light** and **Dark** for theme. + + +## Related topics + +- [Themes and accent colors](https://msdn.microsoft.com/library/windows/hardware/dn772323(v=vs.85).aspx) diff --git a/windows/configuration/wcd/wcd-unifiedwritefilter.md b/windows/configuration/wcd/wcd-unifiedwritefilter.md new file mode 100644 index 0000000000..fe65f8413f --- /dev/null +++ b/windows/configuration/wcd/wcd-unifiedwritefilter.md @@ -0,0 +1,65 @@ +--- +title: UnifiedWriteFilter (Windows 10) +description: This section describes the UnifiedWriteFilter settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# UnifiedWriteFilter (reference) + + +Use UnifiedWriteFilter to configure settings for the Unified Write Filter (UWF) in your device to help protect your physical storage media, including most standard writable storage types that are supported by the OS, such as physical hard disks, solidate-state drives, internal USB devices, external SATA devices, and so on. You can also use UWF to make read-only media appear to the OS as a writeable volume. + +>[!IMPORTANT] +>You cannot use UWF to protect external USB devices or flash drives. + +UWF intercepts all write attempts to a protected volume and redirects those write attempts to a virtual overlay. This improves the reliability and stability of your device and reduces the wear on write-sensitive media, such as flash memory media like solid-state drives. + +The overlay does not mirror the entire volume, but dynamically grows to keep track of redirected writes. Generally the overlay is stored in system memory, although you can cache a portion of the overlay on a physical volume. + +>[!NOTE] +>UWF fully supports the NTFS system; however, during device startup, NTFS file system journal files can write to a protected volume before UWF has loaded and started protecting the volume. + +[Learn more about the Unified Write Filter feature.](https://docs.microsoft.com/windows-hardware/customize/enterprise/unified-write-filter) + + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| All settings | X | | | | X | + +## FilterEnabled + +Set to **True** to enable UWF. + +## OverlaySize + +Enter the maximum overlay size, in megabytes (MB), for the UWF overlay. The minimum value for maximum overlay size is 1024. + +>[!NOTE] +>UnifiedWriteFilter must be enabled for this setting to work. + +## OverlayType + +OverlayType specifies where the overlay is stored. Select between **RAM** (default) and **Disk** (pre-allocated file on the system volume). + +## RegistryExclusions + +You can add or remove registry entries that will be excluded from UWF filtering. When a registry key is in the exclusion list, all writes to that registry key bypass UWF filtering and are written directly to the registry and persist after the device restarts. + +Use **Add** to add a registry entry to the exclusion list after you restart the device. + +Use **Remove** to remove a registry entry from the exclusion list after you restart the device. + +## Volumes + +Enter a drive letter for a volume to be protected by UWF. + +>[!NOTE] +>In the current OS release, Windows Configuration Designer contains a validation bug. To work around this issue, you must include a ":" after the drive letter when specifying the value for the setting. For example, if you are specifying the C drive, you must set DriveLetter to "C:" instead of just "C". \ No newline at end of file diff --git a/windows/configuration/wcd/wcd-universalappinstall.md b/windows/configuration/wcd/wcd-universalappinstall.md new file mode 100644 index 0000000000..6ba1b3993a --- /dev/null +++ b/windows/configuration/wcd/wcd-universalappinstall.md @@ -0,0 +1,79 @@ +--- +title: UniversalAppInstall (Windows 10) +description: This section describes the UniversalAppInstall settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# UniversalAppInstall (reference) + + +Use UniversalAppInstall settings to install Windows apps from the Microsoft Store or a hosted location. + +>[!NOTE] +>You can only use the Windows provisioning settings and provisioning packages for apps where you have the available installation files, namely with sideloaded apps that have an offline license. [Learn more about offline app distribution.](https://docs.microsoft.com/microsoft-store/distribute-offline-apps) + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| [DeviceContextApp](#devicecontextapp) | X | | X | | | +| [DeviceContextAppLicense](#devicecontextapplicense) | X | | X | | | +| [UserContextApp](#usercontextapp) | X | X | X | X | X | +| [UserContextAppLicense](#usercontextapplicense) | X | X | X | X | X | + +## DeviceContextApp + +Enter an app package family name to install an app for all users of the device. You can use the [Get-AppxPackage cmdlet](https://technet.microsoft.com/itpro/powershell/windows/appx/get-appxpackage) to get the package family name for an installed app. + +>[!NOTE] +>For XAP files, enter the product ID. + +For each app that you add to the package, configure the settings in the following table. + +| Setting | Value | Description | +| --- | --- | --- | +| ApplicationFile | .appx or .appxbundle | Set the value to the app file that you want to install on the device. In addition, you must also enable the [AllowAllTrustedApps setting](wcd-policies.md#applicationmanagement) and add a root certificate or license file. | +| DependencyAppxFiles | any required frameworks | In Microsoft Store for Business, any dependencies for the app are listed in the **Required frameworks** section of the download page. | +| DeploymentOptions | - None
-Force application shutdown: If this package, or any package that depends on this package, is currently in use, the processes associated with the package are shut down forcibly so that registration can continue
- Development mode: do not use
- Install all resources: When you set ths option, the app is instructed to skip resource applicability checks.
- Force target application shutdown: If this package is currently in use, the processes associated with the package are shut down forcibly so that registration can continue | Select a deployment option. | +| LaunchAppAtLogin | - Do not launch app
- Launch app | Set the value for app behavior when a user signs in. | +| OptionalPackageFiles | additional files required by the package | Browse to, select, and add the optional package files. | + +For more information on deployment options, see [DeploymentOptions Enum](https://docs.microsoft.com/uwp/api/windows.management.deployment.deploymentoptions). + +## DeviceContextAppLicense + +Use to specify the license file for the provisioned app. + +1. Specify a **LicenseProductId** for the app. You can find the license ID in the root header of the license file. Here is an example, `LicenseID="aaaaaaaa-dddd-8848-f8d0-7d6a93dfcccc"`. Enter it in the LicenseProductId field, and click **Add**. + +2. Select the LicenseProductId in the Available Customizations pane, and then browse to and select the app license file. + + +## UserContextApp + +Use to add a new user context app. + +1. Specify a **PackageFamilyName** for the app, and then click **Add**. +2. Select the PackageFamilyName in the Available Customizations pane, and then configure the following settings. + +Setting | Value | Description +--- | --- | --- +ApplicationFile | app file | Browse to, select, and add the application file, +DependencyAppxFiles | additional files required by the app | Browse to, select, and add dependency files. +DeploymentOptions | - None

- Force application shutdown

- Development mode

- Install all resources

- Force target application shutdown | Select a deployment option. +LaunchAppAtLogin | - Do not launch app

- Launch app | Select whether the app should be started when a user signs in. + + +## UserContextAppLicense + +Use to specify the license file for the user context app. + +1. Specify a **LicenseProductId** for the app. You can find the license ID in the root header of the license file. Here is an example, `LicenseID="aaaaaaaa-dddd-8848-f8d0-7d6a93dfcccc"`. Enter it in the LicenseProductId field, and click **Add**. + +2. Select the LicenseProductId in the Available Customizations pane, and then browse to and select the app license file. \ No newline at end of file diff --git a/windows/configuration/wcd/wcd-universalappuninstall.md b/windows/configuration/wcd/wcd-universalappuninstall.md new file mode 100644 index 0000000000..17bbc8f15b --- /dev/null +++ b/windows/configuration/wcd/wcd-universalappuninstall.md @@ -0,0 +1,40 @@ +--- +title: UniversalAppUninstall (Windows 10) +description: This section describes the UniversalAppUninstall settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# UniversalAppUninstall (reference) + + +Use UniversalAppUninstall settings to uninstall or remove Windows apps. + + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| [RemoveProvisionedApp](#removeprovisionedapp) | X | | | | | +| [Uninstall](#uninstall) | X | X | X | X | X | + +## RemoveProvisionedApp + +Universal apps can be *provisioned*, which means that they are available on the device for installation in user context. When a user runs the provisioned app, the app is then installed for that user. + +Use **RemoveProvisionedApp** to remove app packages that are available on the device. Any instances of the app that have already been installed by a user are not uninstalled. To uninstall provisioned apps that have been installed by a user, use the [Uninstall](#uninstall) setting. + +1. Enter the PackageFamilyName for the app package, and then click **Add**. +2. Select the PackageFamilyName in the Available Customizations pane, and then select **RemoveProvisionedApp**. + +## Uninstall + +Use **Uninstall** to remove provisioned apps that have been installed by a user. + +1. Enter the PackageFamilyName for the app package, and then click **Add**. +2. Select the PackageFamilyName in the Available Customizations pane, and then select **Uninstall**. \ No newline at end of file diff --git a/windows/configuration/wcd/wcd-usberrorsoemoverride.md b/windows/configuration/wcd/wcd-usberrorsoemoverride.md new file mode 100644 index 0000000000..7175b5e14b --- /dev/null +++ b/windows/configuration/wcd/wcd-usberrorsoemoverride.md @@ -0,0 +1,27 @@ +--- +title: UsbErrorsOEMOverride (Windows 10) +description: This section describes the UsbErrorsOEMOverride settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# UsbErrorsOEMOverride (reference) + + +Use UsbErrorsOEMOverride settings to . + + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| [HideUsbErrorNotifyOptionUI](#hideusberrornotifyoptionui) | X | X | X | X | | + +## HideUsbErrorNotifyOptionUI + + diff --git a/windows/configuration/wcd/wcd-weakcharger.md b/windows/configuration/wcd/wcd-weakcharger.md new file mode 100644 index 0000000000..f1316bc77a --- /dev/null +++ b/windows/configuration/wcd/wcd-weakcharger.md @@ -0,0 +1,43 @@ +--- +title: WeakCharger (Windows 10) +description: This section describes the WeakCharger settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# WeakCharger (reference) + + +Use WeakCharger settings to configure the charger notification UI. + + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| [HideWeakChargerNotifyOptionUI](#hideweakchargernotifyoptionui) | X | X | X | X | | +| [NotifyOnWeakCharger](#notifyonweakcharger) | X | X | X | X | | + + +## HideWeakChargerNotifyOptionUI + +This setting determines whether the user sees the dialog that's displayed when the user connects the device to an incompatible charging source. By default, the OS shows the weak charger notification option UI. + +Select between **Show Weak Charger Notifications UI** and **Hide Weak Charger Notifications UI**. + +## NotifyOnWeakCharger + +This setting displays a warning when the user connects the device to an incompatible charging source. This warning is intended to notify users that their device may take longer to charge or may not charge at all with the current charging source. + +An incompatible charging source is one that does not behave like one of the following port types as defined by the USB Battery Charging Specification, Revision 1.2, available on the USB.org website: +- Charging downstream port +- Standard downstream port +- Dedicated charging port + +Select between **Disable Weak Charger Notifications UI** and **Enable Weak Charger Notifications UI**. + diff --git a/windows/configuration/wcd/wcd-windowsteamsettings.md b/windows/configuration/wcd/wcd-windowsteamsettings.md new file mode 100644 index 0000000000..b9ee438e22 --- /dev/null +++ b/windows/configuration/wcd/wcd-windowsteamsettings.md @@ -0,0 +1,103 @@ +--- +title: WindowsTeamSettings (Windows 10) +description: This section describes the WindowsTeamSettings settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# WindowsTeamSettings (reference) + + +Use WindowsTeamSettings settings to configure Surface Hub. + + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| All settings | | | X | | | + +## Connect + +| Setting | Value | Description | +| --- | --- | --- | +| AutoLaunch | True or false | Open the Connect app automatically when someone projects. | +| Channel | - 1, 3, 4, 5, 6, 7, 8, 9, 10, 11 (works with all Miracast senders in all regions)
- 36, 40, 44, 48 (works with all 5ghz band Miracast senders in all regions)
- 149, 153, 157, 161, 165 (works with all 5ghz band Miracast senders in all regions except Japan) | Wireless channel to use for Miracast operation. The supported channels are defined by the Wi-Fi Alliance Wi-Fi Direct specification. Integer specifying the channel. The default value is 255. Outside of regulatory concerns, if the channel is configured incorrectly the driver will either not boot, or will broadcast on the wrong channel (which senders won't be looking for). | +| Enabled | True or false | Enables wireless projection to the device. | +| PINRequired | True or false | Requires presenters to enter a PIN to connect wirelessly to the device. | + +## DeviceAccount + +A device account is a Microsoft Exchange account that is connected with Skype for Business, which allows people to join scheduled meetings, make Skype for Business calls, and share content from the device. + +| Setting | Value | Description | +| --- | --- | --- | +| CalendarSyncEnabled | True or false | Specifies whether calendar sync and other Exchange Server services are enabled. | +| DomainName | Domain of the device account when you are using Active Directory | To use a device account from Active Directory, you should specify both **DomainName** and **UserName** for the device account. | +| Email | Email address | Email address of the device account. | +| ExchangeServer | Exchange Server | Normally, the device will try to automatically discover the Exchange server. This field is only required if automatic discovery fails. | +| Password | Password | Password for the device account. | +| PasswordRotationEnabled | 0 = enabled
1 = disabled | Specifies whether automatic password rotation is enabled. If you enforce a password expiration policy on the device account, use this setting to allow the device to manage its own password by changing it frequently, without requiring you to manually update the account information when the password expires. You can reset the password at any time using Active Directory or Azure AD. | +| SipAddress | Session Initiation Protocol (SIP) address | Normally, the device will try to automatically discover the SIP. This field is only required if automatic discovery fails. | +| UserName | User name | Username of the device account when you are using Active Directory. | +| UserPrincipalName | User principal name (UPN) | To use a device account from Azure Active Directory or a hybrid deployment, you should specify the UPN of the device account. | +| ValidateAndCommit | Any text | Validates the data provided and then commits the changes. This process occurs automatically after the other DeviceAccount settings are applied. The text you enter for the ValidateAndCommit setting doesn't matter. | + + +## FriendlyName + +Enter the name that users will see when they want to project wirelessly to the device. + +## MaintenanceHours + +Maintenance hours are the period of time during which automatic maintenance tasks are performed. + +| Setting | Value | Description | +| --- | --- | --- | +| Duration | Duration in minutes. For example, to set a 3-hour duration, set this value to 180. | The amount of time the device will be in maintenance, when the device will continue to download or install updates. | +| StartTime | Start time in minutes from midnight. For example, to set a 2:00 am start time, set this value to 120 | Start time for when device is allowed to start downloading and installing updates. | + +## OMSAgent + +Configures the Operations Management Suite workspace. + +| Setting | Value | Description | +| --- | --- | --- | +| WorkspaceID | GUID | GUID identifying the Operations Management Suite workspace ID to collect the data. Set this to an empty string to disable the MOM agent. | +| WorkspaceKey | Key | Primary key for authenticating with the workspace. | + +## Properties + +| Setting | Value | Description | +| --- | --- | --- | +| AllowAutoProxyAuth | True or false | Specifies if the Surface Hub can use the device account to authenticate into proxy servers requiring authentication. | +| AllowSessionResume | True or false | Specifies if users are allowed to resume their session after session timeout. | +| DefaultVolume | Numeric value between 0 and 100 | Default speaker volume. Speaker volume will be set to this value at every session startup. | +| DisableSigninSuggestions | True or false | Specifies if the Surface Hub will not show suggestions when users try to sign in to see their meetings and files. | +| DoNotShowMyMeetingsAndFiles | True or false | Specifies if users can sign in and have full access to personal meetings and most recently used documents. | +| ScreenTimeout | Select minutes from dropdown menu | The time (in minutes) of inactivity after which the Surface Hub will turn off its screen. | +| SessionTimeout | Select minutes from dropdown menu | The time (in minutes) of inactivity after which the Surface Hub will time out the current session and return to the welcome screen. | +| SleepTimeout | Select minutes from dropdown menu | The time (in minutes) of inactivity after which the Surface Hub will go into a sleep state. | + +## SkypeForBusiness + +| Setting | Value | Description | +| --- | --- | --- | +| DomainName | Domain name | Specifies the domain name of the target server when the Skype for Business server is in a domain that's different from the device account. | + +## Welcome + +| Setting | Value | Description | +| --- | --- | --- | +| AutoWakeScreen | True or false | Specifies whether to automatically turn on the screen using motion sensors. | +| CurrentBackgroundPath | Https URL to a PNG file | Background image for the welcome screen. | +| MeetingInfoOption | 0 = organizer and time only
1 = organizer, time, and subject (subject is hidden for private meetings) | Specifies whether meeting information is displayed on the welcome screen. | + +## Related topics + +- [SurfaceHub configuration service provider (CSP)](https://docs.microsoft.com/windows/client-management/mdm/surfacehub-csp) \ No newline at end of file diff --git a/windows/configuration/wcd/wcd-wlan.md b/windows/configuration/wcd/wcd-wlan.md new file mode 100644 index 0000000000..6b641db70f --- /dev/null +++ b/windows/configuration/wcd/wcd-wlan.md @@ -0,0 +1,24 @@ +--- +title: WLAN (Windows 10) +description: This section describes the WLAN settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# WLAN (reference) + + +Do not use at this time. Instead, use [ConnectivityProfiles > WLAN](wcd-connectivityprofiles.md#wlan) + + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| All settings | | | | X | | + diff --git a/windows/configuration/wcd/wcd-workplace.md b/windows/configuration/wcd/wcd-workplace.md new file mode 100644 index 0000000000..901e30a048 --- /dev/null +++ b/windows/configuration/wcd/wcd-workplace.md @@ -0,0 +1,38 @@ +--- +title: Workplace (Windows 10) +description: This section describes the Workplace settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# Workplace (reference) + + +Use Workplace settings to configure bulk user enrollment to a mobile device management (MDM) service. For more information, see [Bulk enrollment step-by-step](https://docs.microsoft.com/windows/client-management/mdm/bulk-enrollment-using-windows-provisioning-tool). + +## Applies to + +| Setting | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| [Enrollments](#enrollments) | X | X | X | X | X | + +## Enrollments + +Select **Enrollments**, enter a UPN, and then click **Add** to configure the settings for the enrollment. The UPN is a unique identifier for enrollment. For bulk enrollment, this must a service account that is allowed to enroll multiple users. Example, "generic-device@contoso.com" + +| Settings | Value | Description | +| --- | --- | --- | +| AuthPolicy | - OnPremise
- Certificate | The authentication policy used by the MDM service | +| DiscoveryServiceFullUrl | URL | The full URL for the discovery service | +| EnrollmentServiceFullUrl | URL | The full URL for the enrollment service | +| PolicyServiceFullUrl | URL | The full URL for the policy service | +| Secret | - Password string for on-premise authentication enrollment
- Federated security token for federated enrollment
- Certificate thumb print for certificate-based enrollment | Enter the appropriate value for the selected AuthPolicy | + +## Related topics + +- [Provisioning configuration service provider (CSP)](https://docs.microsoft.com/windows/client-management/mdm/provisioning-csp) diff --git a/windows/configuration/wcd/wcd.md b/windows/configuration/wcd/wcd.md new file mode 100644 index 0000000000..38f6061d9f --- /dev/null +++ b/windows/configuration/wcd/wcd.md @@ -0,0 +1,77 @@ +--- +title: Windows Configuration Designer provisioning settings (Windows 10) +description: This section describes the settings that you can configure in provisioning packages for Windows 10 using Windows Configuration Designer. +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +author: jdeckerMS +localizationpriority: medium +ms.author: jdecker +ms.date: 08/21/2017 +--- + +# Windows Configuration Designer provisioning settings (reference) + +This section describes the settings that you can configure in [provisioning packages](../provisioning-packages/provisioning-packages.md) for Windows 10 using Windows Configuration Designer. + +## Edition that each group of settings applies to + +| Setting group | Desktop editions | Mobile editions | Surface Hub | HoloLens | IoT Core | +| --- | :---: | :---: | :---: | :---: | :---: | +| [Accounts](wcd-accounts.md) | X | X | X | X | X | +| [ADMXIngestion](wcd-admxingestion.md) | X | | | | | +| [ApplicationManagement](wcd-applicationmanagement.md) | X | X | X | X | X | +| [AssignedAccess](wcd-assignedaccess.md) | X | X | | X | | +| [AutomaticTime](wcd-automatictime.md) | | X | | | | +| [Browser](wcd-browser.md) | X | X | X | X | | +| [CallAndMessagingEnhancement](wcd-callandmessagingenhancement.md) | | X | | | | +| [Cellular](wcd-cellular.md) | X | | | | | +| [Certificates](wcd-certificates.md) | X | X | X | X | X | +| [CleanPC](wcd-cleanpc.md) | X | | | | | +| [Connections](wcd-connections.md) | X | X | X | X | | +| [ConnectivityProfiles](wcd-connectivityprofiles.md) | X | X | X | X | X | +| [CountryAndRegion](wcd-countryandregion.md) | X | X | X | X | | +| [DesktopBackgroundAndColors](wcd-desktopbackgroundandcolors.md) | X | | | | | +| [DeveloperSetup](wcd-developersetup.md) | | | | X | | +| [DeviceFormFactor](wcd-deviceformfactor.md) | X | X | X | X | | +| [DeviceManagement](wcd-devicemanagement.md) | X | X | X | X | | +| [DMClient](wcd-dmclient.md) | X | X | X | X | X | +| [EditionUpgrade](wcd-editionupgrade.md) | X | X | X | X | | +| [EmbeddedLockdownProfiles](wcd-embeddedlockdownprofiles.md) | | X | | | | +| [FirewallConfiguration](wcd-firewallconfiguration.md) | | | | | X | +| [FirstExperience](wcd-firstexperience.md) | | | | X | | +| [Folders](wcd-folders.md) |X | X | X | X | | +| [InitialSetup](wcd-initialsetup.md) | | X | | | | +| [InternetExplorer](wcd-internetexplorer.md) | | X | | | | +| [Licensing](wcd-licensing.md) | X | | | | | +| [Maps](wcd-maps.md) |X | X | X | X | | +| [Messaging](wcd-messaging.md) | | X | | | | +| [ModemConfigurations](wcd-modemconfigurations.md) | | X | | | | +| [Multivariant](wcd-multivariant.md) | | X | | | | +| [NetworkProxy](wcd-networkproxy.md) | | | X | | | +| [NetworkQOSPolicy](wcd-networkqospolicy.md) | | | X | | | +| [NFC](wcd-nfc.md) | | X | | | | +| [OOBE](wcd-oobe.md) | X | X | | | | +| [OtherAssets](wcd-otherassets.md) | | X | | | | +| [Personalization](wcd-personalization.md) | X | | | | | +| [Policies](wcd-policies.md) | X | X | X | X | X | +| [ProvisioningCommands](wcd-provisioningcommands.md) | X | | | | | +| [SharedPC](wcd-sharedpc.md) | X | | | | | +| [Shell](wcd-shell.md) | | X | | | | +| [SMISettings](wcd-smisettings.md) | X | | | | | +| [Start](wcd-start.md) | X | X | | | | +| [StartupApp](wcd-startupapp.md) | | | | | X | +| [StartupBackgroundTasks](wcd-startupbackgroundtasks.md) | | | | | X | +| [SurfaceHubManagement](wcd-surfacehubmanagement.md) | | | X | | | +| [TabletMode](wcd-tabletmode.md) |X | X | X | X | | +| [TakeATest](wcd-takeatest.md) | X | | | | | +| [Theme](wcd-theme.md) | | X | | | | +| [UnifiedWriteFilter](wcd-unifiedwritefilter.md) | X | | | | | +| [UniversalAppInstall](wcd-universalappinstall.md) | X | X | X | X | X | +| [UniversalAppUninstall](wcd-universalappuninstall.md) | X | X | X | X | X | +| [WeakCharger](wcd-weakcharger.md) |X | X | X | X | | +| [WindowsTeamSettings](wcd-windowsteamsettings.md) | | | X | | | +| [WLAN](wcd-wlan.md) | | | | X | | +| [Workplace](wcd-workplace.md) |X | X | X | X | X | + + From 82dd21e5b6d4a4516275197b05abc0206600f956 Mon Sep 17 00:00:00 2001 From: Maricia Alforque Date: Mon, 21 Aug 2017 17:34:32 +0000 Subject: [PATCH 03/15] Merged PR 2777: Firewall CSP updated --- windows/client-management/mdm/firewall-csp.md | 161 +++++---- .../mdm/firewall-ddf-file.md | 325 ++++++++++-------- .../mdm/images/provisioning-csp-firewall.png | Bin 97404 -> 95637 bytes ...ew-in-windows-mdm-enrollment-management.md | 10 + 4 files changed, 286 insertions(+), 210 deletions(-) diff --git a/windows/client-management/mdm/firewall-csp.md b/windows/client-management/mdm/firewall-csp.md index 71cc5e3867..ea9ebb3cb7 100644 --- a/windows/client-management/mdm/firewall-csp.md +++ b/windows/client-management/mdm/firewall-csp.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 06/19/2017 +ms.date: 08/18/2017 --- # Firewall CSP @@ -33,35 +33,45 @@ The following diagram shows the Firewall configuration service provider in tree **MdmStore/Global**

Interior node.

-

Supported operations are Get and Replace.

+

Supported operations are Get.

**MdmStore/Global/PolicyVersionSupported** -

DWORD value that contains the maximum policy version that the server host can accept. The version number is two octets in size. The lowest-order octet is the minor version; the second-to-lowest octet is the major version. This value is not merged and is always a fixed value for a particular firewall and advanced security components software build.

+

Integer value that contains the maximum policy version that the server host can accept. The version number is two octets in size. The lowest-order octet is the minor version; the second-to-lowest octet is the major version. This value is not merged and is always a fixed value for a particular firewall and advanced security components software build.

Value type in integer. Supported operation is Get.

**MdmStore/Global/CurrentProfiles** -

DWORD value that contains a bitmask of the current enforced profiles that are maintained by the server firewall host. See FW_PROFILE_TYPE for the bitmasks that are used to identify profile types. This value is available only in the dynamic store; therefore, it is not merged and has no merge law.

+

Integer value that contains a bitmask of the current enforced profiles that are maintained by the server firewall host. See [FW_PROFILE_TYPE](https://msdn.microsoft.com/en-us/library/cc231559.aspx) for the bitmasks that are used to identify profile types. This value is available only in the dynamic store; therefore, it is not merged and has no merge law.

Value type in integer. Supported operation is Get.

**MdmStore/Global/DisableStatefulFtp** -

This value is an on/off switch. If off, the firewall performs stateful File Transfer Protocol (FTP) filtering to allow secondary connections. The value is a DWORD; 0x00000000 means off; 0x00000001 means on. The merge law for this option is to let "on" values win.

-

Boolean value. Supported operations are Get and Replace.

+

Boolean value. If false, the firewall performs stateful File Transfer Protocol (FTP) filtering to allow secondary connections. True means stateful FTP is disabled. The merge law for this option is to let "true" values win.

+

Default value is false.

+

Data type is bool. Supported operations are Add, Get, Replace, and Delete.

**MdmStore/Global/SaIdleTime** -

This value configures the security association idle time, in seconds. Security associations are deleted after network traffic is not seen for this specified period of time. The value is a DWORD and MUST be a value in the range of 300 to 3,600 inclusive. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, use the local store value.<

-

Value type is integer. Supported operations are Get and Replace.

+

This value configures the security association idle time, in seconds. Security associations are deleted after network traffic is not seen for this specified period of time. The value is integer and MUST be in the range of 300 to 3,600 inclusive. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, use the local store value.

+

Default value is 300.

+

Value type is integer. Supported operations are Add, Get, Replace, and Delete.

-**MdmStore/Global/TPresharedKeyEncodingBD** -

Specifies the preshared key encoding that is used. The value is a DWORD and MUST be a valid value from the PRESHARED_KEY_ENCODING_VALUES enumeration. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, use the local store value.

-

Value type is integer. Supported operations are Get and Replace.

+**MdmStore/Global/PresharedKeyEncoding** +

Specifies the preshared key encoding that is used. The value is integer and MUST be a valid value from the [PRESHARED_KEY_ENCODING_VALUES enumeration](https://msdn.microsoft.com/en-us/library/cc231525.aspx). The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, use the local store value.

+

Default value is 1.

+

Value type is integer. Supported operations are Add, Get, Replace, and Delete.

**MdmStore/Global/IPsecExempt** -

This configuration value configures IPsec exceptions. The value is a DWORD and MUST be a combination of the valid flags that are defined in IPSEC_EXEMPT_VALUES; therefore, the maximum value MUST always be IPSEC_EXEMPT_MAX-1 for servers supporting a schema version of 0x0201 and IPSEC_EXEMPT_MAX_V2_0-1 for servers supporting a schema version of 0x0200. If the maximum value is exceeded when the method RRPC_FWSetGlobalConfig (Opnum 4) is called, the method returns ERROR_INVALID_PARAMETER. This error code is returned if no other preceding error is discovered. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, use the local store value.

-

Value type is integer. Supported operations are Get and Replace.

+

This value configures IPsec exceptions. The value is integer and MUST be a combination of the valid flags that are defined in [IPSEC_EXEMPT_VALUES](https://msdn.microsoft.com/en-us/library/cc231523.aspx); therefore, the maximum value MUST always be IPSEC_EXEMPT_MAX-1 for servers supporting a schema version of 0x0201 and IPSEC_EXEMPT_MAX_V2_0-1 for servers supporting a schema version of 0x0200. If the maximum value is exceeded when the method RRPC_FWSetGlobalConfig (Opnum 4) is called, the method returns ERROR_INVALID_PARAMETER. This error code is returned if no other preceding error is discovered. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, use the local store value.

+

Default value is 0.

+

Value type is integer. Supported operations are Add, Get, Replace, and Delete.

**MdmStore/Global/CRLcheck** -

This value specifies how certificate revocation list (CRL) verification is enforced. The value is a DWORD and MUST be 0, 1, or 2. A value of 0 disables CRL checking. A value of 1 specifies that CRL checking is attempted and that certificate validation fails only if the certificate is revoked. Other failures that are encountered during CRL checking (such as the revocation URL being unreachable) do not cause certificate validation to fail. A value of 2 means that checking is required and that certificate validation fails if any error is encountered during CRL processing. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, use the local store value.

-

Value type is integer. Supported operations are Get and Replace.

+

This value specifies how certificate revocation list (CRL) verification is enforced. The value is integer and MUST be 0, 1, or 2. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, use the local store value. Valid valued:

+
    +
  • 0 disables CRL checking
    • +
  • 1 specifies that CRL checking is attempted and that certificate validation fails only if the certificate is revoked. Other failures that are encountered during CRL checking (such as the revocation URL being unreachable) do not cause certificate validation to fail.
    • +
  • 2 means that checking is required and that certificate validation fails if any error is encountered during CRL processing
    • +
+

Default value is 0.

+

Value type is integer. Supported operations are Add, Get, Replace, and Delete.

**MdmStore/Global/PolicyVersion**

This value contains the policy version of the policy store being managed. This value is not merged and therefore, has no merge law.

@@ -72,12 +82,20 @@ The following diagram shows the Firewall configuration service provider in tree

Value type is string. Supported operation is Get.

**MdmStore/Global/OpportunisticallyMatchAuthSetPerKM** -

This value is a DWORD used as an on/off switch. When this option is off, keying modules MUST ignore the entire authentication set if they do not support all of the authentication suites specified in the set. When this option is on, keying modules MUST ignore only the authentication suites that they don’t support. For schema versions 0x0200, 0x0201, and 0x020A, this value is invalid and MUST NOT be used.

-

Boolean value. Supported operations are Get and Replace.

+

This value is bool used as an on/off switch. When this option is false (off), keying modules MUST ignore the entire authentication set if they do not support all of the authentication suites specified in the set. When this option is true (on), keying modules MUST ignore only the authentication suites that they don’t support. For schema versions 0x0200, 0x0201, and 0x020A, this value is invalid and MUST NOT be used.

+

Boolean value. Supported operations are Add, Get, Replace, and Delete.

**MdmStore/Global/EnablePacketQueue** -

This value specifies how scaling for the software on the receive side is enabled for both the encrypted receive and clear text forward path for the IPsec tunnel gateway scenario. Use of this option also ensures that the packet order is preserved. The data type for this option value is a DWORD and is a combination of flags. A value of 0x00 indicates that all queuing is to be disabled. A value of 0x01 specifies that inbound encrypted packets are to be queued. A value of 0x02 specifies that packets are to be queued after decryption is performed for forwarding.

-

Value type is integer. Supported operations are Get and Replace.

+

This value specifies how scaling for the software on the receive side is enabled for both the encrypted receive and clear text forward path for the IPsec tunnel gateway scenario. Use of this option also ensures that the packet order is preserved. The data type for this option value is integer and is a combination of flags. Valid values:

+ +
    +
  • 0x00 indicates that all queuing is to be disabled
    • +
  • 0x01 specifies that inbound encrypted packets are to be queued
    • +
  • 0x02 specifies that packets are to be queued after decryption is performed for forwarding
    • +
+ +

Default value is 0.

+

Value type is integer. Supported operations are Add, Get, Replace, and Delete.

**MdmStore/DomainProfile**

Interior node. Supported operation is Get.

@@ -89,58 +107,79 @@ The following diagram shows the Firewall configuration service provider in tree

Interior node. Supported operation is Get.

**/EnableFirewall** -

This value is an on/off switch for the firewall and advanced security enforcement. It is a DWORD type value; 0x00000000 is off; 0x00000001 is on. If this value is off, the server MUST NOT block any network traffic, regardless of other policy settings. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used.

-

Value type is integer. Supported operations are Get and Replace.

+

Boolean value for the firewall and advanced security enforcement. If this value is false, the server MUST NOT block any network traffic, regardless of other policy settings. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used.

+

Default value is true.

+

Value type is bool. Supported operations are Add, Get and Replace.

**/DisableStealthMode** -

This value is a DWORD used as an on/off switch. When this option is off, the server operates in stealth mode. The firewall rules used to enforce stealth mode are implementation-specific. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used.

-

Value type is integer. Supported operations are Get and Replace.

+

Boolean value. When this option is false, the server operates in stealth mode. The firewall rules used to enforce stealth mode are implementation-specific. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used.

+

Default value is false.

+

Value type is bool. Supported operations are Add, Get and Replace.

**/Shielded** -

This value is a DWORD used as an on/off switch. If this value is on and EnableFirewall is on, the server MUST block all incoming traffic regardless of other policy settings. The merge law for this option is to let "on" values win.

-

Value type is integer. Supported operations are Get and Replace.

+

Boolean value. If this value is true and EnableFirewall is on, the server MUST block all incoming traffic regardless of other policy settings. The merge law for this option is to let "true" values win.

+

Default value is false.

+

Value type is bool. Supported operations are Get and Replace.

**/DisableUnicastResponsesToMulticastBroadcast** -

This value is a DWORD used as an on/off switch. If it is on, unicast responses to multicast broadcast traffic is blocked. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used.

-

Value type is integer. Supported operations are Get and Replace.

+

Boolean value. If it is true, unicast responses to multicast broadcast traffic is blocked. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used.

+

Default value is false.

+

Value type is bool. Supported operations are Add, Get and Replace.

**/DisableInboundNotifications** -

This value is a DWORD used as an on/off switch. If this value is off, the firewall MAY display a notification to the user when an application is blocked from listening on a port. If this value is on, the firewall MUST NOT display such a notification. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used.

-

Value type is integer. Supported operations are Get and Replace.

+

Boolean value. If this value is false, the firewall MAY display a notification to the user when an application is blocked from listening on a port. If this value is on, the firewall MUST NOT display such a notification. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used.

+

Default value is false.

+

Value type is bool. Supported operations are Add, Get and Replace.

**/AuthAppsAllowUserPrefMerge** -

This value is a DWORD used as an on/off switch. If this value is off, authorized application firewall rules in the local store are ignored and not enforced. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used.

-

Value type is integer. Supported operations are Get and Replace.

+

Boolean value. If this value is false, authorized application firewall rules in the local store are ignored and not enforced. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used.

+

Default value is true.

+

Value type is bool. Supported operations are Add, Get and Replace.

**/GlobalPortsAllowUserPrefMerge** -

This value is a DWORD used as an on/off switch. If this value is off, global port firewall rules in the local store are ignored and not enforced. The setting only has meaning if it is set or enumerated in the Group Policy store or if it is enumerated from the GroupPolicyRSoPStore. The merge law for this option is to let the value GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used.

-

Value type is integer. Supported operations are Get and Replace.

+

Boolean value. If this value is false, global port firewall rules in the local store are ignored and not enforced. The setting only has meaning if it is set or enumerated in the Group Policy store or if it is enumerated from the GroupPolicyRSoPStore. The merge law for this option is to let the value GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used.

+

Default value is true.

+

Value type is bool. Supported operations are Add, Get and Replace.

**/AllowLocalPolicyMerge** -

This value is a DWORD used as an on/off switch. If this value is off, firewall rules from the local store are ignored and not enforced. The merge law for this option is to always use the value of the GroupPolicyRSoPStore. This value is valid for all schema versions.

-

Value type is integer. Supported operations are Get and Replace.

+

Boolean value. If this value is false, firewall rules from the local store are ignored and not enforced. The merge law for this option is to always use the value of the GroupPolicyRSoPStore. This value is valid for all schema versions.

+

Default value is true.

+

Value type is bool. Supported operations are Add, Get and Replace.

**/AllowLocalIpsecPolicyMerge** -

This value is a DWORD; it is an on/off switch. If this value is off, connection security rules from the local store are ignored and not enforced, regardless of the schema version and connection security rule version. The merge law for this option is to always use the value of the GroupPolicyRSoPStore.

-

Value type is integer. Supported operations are Get and Replace.

+

Boolean value. If this value is false, connection security rules from the local store are ignored and not enforced, regardless of the schema version and connection security rule version. The merge law for this option is to always use the value of the GroupPolicyRSoPStore.

+

Default value is true.

+

Value type is bool. Supported operations are Add, Get and Replace.

**/DefaultOutboundAction** -

This value is the action that the firewall does by default (and evaluates at the very end) on outbound connections. The allow action is represented by 0x00000000; 0x00000001 represents a block action. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used.

-

Value type is integer. Supported operations are Get and Replace.

+

This value is the action that the firewall does by default (and evaluates at the very end) on outbound connections. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used.

+
    +
  • 0x00000000 - allow
    • +
  • 0x00000001 - block
    • +
+

Default value is 0 (allow).

+

Value type is integer. Supported operations are Add, Get and Replace.

**/DefaultInboundAction** -

This value is the action that the firewall does by default (and evaluates at the very end) on inbound connections. The allow action is represented by 0x00000000; 0x00000001 represents a block action. The merge law for this option is to let the value of the GroupPolicyRSoPStore.win if it is configured; otherwise, the local store value is used.

-

Value type is integer. Supported operations are Get and Replace.

+

This value is the action that the firewall does by default (and evaluates at the very end) on inbound connections. The merge law for this option is to let the value of the GroupPolicyRSoPStore.win if it is configured; otherwise, the local store value is used.

+
    +
  • 0x00000000 - allow
    • +
  • 0x00000001 - block
    • +
+

Default value is 1 (block).

+

Value type is integer. Supported operations are Add, Get and Replace.

**/DisableStealthModeIpsecSecuredPacketExemption** -

This value is a DWORD used as an on/off switch. This option is ignored if DisableStealthMode is on. Otherwise, when this option is on, the firewall's stealth mode rules MUST NOT prevent the host computer from responding to unsolicited network traffic if that traffic is secured by IPsec. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. For schema versions 0x0200, 0x0201, and 0x020A, this value is invalid and MUST NOT be used.

-

Value type is integer. Supported operations are Get and Replace.

+

Boolean value. This option is ignored if DisableStealthMode is true. Otherwise, when this option is true, the firewall's stealth mode rules MUST NOT prevent the host computer from responding to unsolicited network traffic if that traffic is secured by IPsec. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. For schema versions 0x0200, 0x0201, and 0x020A, this value is invalid and MUST NOT be used.

+

Default value is true.

+

Value type is bool. Supported operations are Add, Get and Replace.

**FirewallRules**

A list of rules controlling traffic through the Windows Firewall. Each Rule ID is OR'ed. Within each rule ID each Filter type is AND'ed.

**FirewallRules/_FirewallRuleName_**

Unique alpha numeric identifier for the rule. The rule name must not include a forward slash (/).

+

Supported operations are Add, Get, Replace, and Delete.

**FirewallRules/_FirewallRuleName_/App**

Rules that control connections for an app, program, or service. Specified based on the intersection of the following nodes:

@@ -150,6 +189,7 @@ The following diagram shows the Firewall configuration service provider in tree
  • FQBN
  • ServiceName
    • +

    If not specified, the default is All.

    Supported operation is Get.

    **FirewallRules/_FirewallRuleName_/App/PackageFamilyName** @@ -170,14 +210,17 @@ The following diagram shows the Firewall configuration service provider in tree **FirewallRules/_FirewallRuleName_/Protocol**

    0-255 number representing the ip protocol (TCP = 6, UDP = 17)

    +

    If not specified, the default is All.

    Value type is integer. Supported operations are Add, Get, Replace, and Delete.

    **FirewallRules/_FirewallRuleName_/LocalPortRanges**

    Comma separated list of ranges. For example, 100-120,200,300-320.

    +

    If not specified, the default is All.

    Value type is string. Supported operations are Add, Get, Replace, and Delete.

    **FirewallRules/_FirewallRuleName_/RemotePortRanges**

    Comma separated list of ranges, For example, 100-120,200,300-320.

    +

    If not specified, the default is All.

    Value type is string. Supported operations are Add, Get, Replace, and Delete.

    **FirewallRules/_FirewallRuleName_/LocalAddressRanges** @@ -189,6 +232,7 @@ The following diagram shows the Firewall configuration service provider in tree
  • An IPv4 address range in the format of "start address - end address" with no spaces included.
  • An IPv6 address range in the format of "start address - end address" with no spaces included.
    • +

    If not specified, the default is All.

    Value type is string. Supported operations are Add, Get, Replace, and Delete.

    **FirewallRules/_FirewallRuleName_/RemoteAddressRanges** @@ -209,6 +253,7 @@ The following diagram shows the Firewall configuration service provider in tree
  • An IPv4 address range in the format of "start address - end address" with no spaces included.
  • An IPv6 address range in the format of "start address - end address" with no spaces included.
    • +

    If not specified, the default is All.

    Value type is string. Supported operations are Add, Get, Replace, and Delete.

    **FirewallRules/_FirewallRuleName_/Description** @@ -217,13 +262,13 @@ The following diagram shows the Firewall configuration service provider in tree **FirewallRules/_FirewallRuleName_/Enabled**

    Indicates whether the rule is enabled or disabled. If the rule must be enabled, this value must be set to true. -If not specified - a new rule is disabled by default.

    -

    Boolean value. Supported operations are Add, Get, Replace, and Delete.

    +

    If not specified - a new rule is disabled by default.

    +

    Boolean value. Supported operations are Get and Replace.

    **FirewallRules_FirewallRuleName_/Profiles** -

    Specifies the profiles to which the rule belongs: Domain, Private, Public. . See FW_PROFILE_TYPE for the bitmasks that are used to identify profile types.

    - -

    Value type is integer. Supported operations are Add, Get, Replace, and Delete.

    +

    Specifies the profiles to which the rule belongs: Domain, Private, Public. . See [FW_PROFILE_TYPE](https://msdn.microsoft.com/en-us/library/cc231559.aspx) for the bitmasks that are used to identify profile types.

    +

    If not specified, the default is All.

    +

    Value type is integer. Supported operations are Get and Replace.

    **FirewallRules/_FirewallRuleName_/Action**

    Specifies the action for the rule.

    @@ -235,7 +280,8 @@ If not specified - a new rule is disabled by default.

  • 0 - Block
  • 1 - Allow
    • -

    Value type is integer. Supported operations are Add, Get, Replace, and Delete.

    +

    If not specified, the default is allow.

    +

    Value type is integer. Supported operations are Get and Replace.

    **FirewallRules/_FirewallRuleName_/Direction**

    Comma separated list. The rule is enabled based on the traffic direction as following. Supported values:

    @@ -244,27 +290,24 @@ If not specified - a new rule is disabled by default.

  • OUT - the rule applies to outbound traffic.
  • If not specified, the default is IN.
    • -

    Value type is string. Supported operations are Add, Get, Replace, and Delete.

    +

    Value type is string. Supported operations are Get and Replace.

    **FirewallRules/FirewallRuleName/InterfaceTypes**

    Comma separated list of interface types. Valid values:

    • RemoteAccess
    • Wireless
      • +
    • Lan
    • MobileBroadband
      • -
    • All
    -

    Value type is string. Supported operations are Add, Get, Replace, and Delete.

    - -**FirewallRules/_FirewallRuleName_/IcmpTypesAndCodes** -

    List of ICMP types and codes separated by semicolon. "\*" indicates all ICMP types and codes.<

    -

    Value type is string. Supported operations are Add, Get, Replace, and Delete.

    +

    If not specified, the default is All.

    +

    Value type is string. Supported operations are Get and Replace.

    **FirewallRules/_FirewallRuleName_/EdgeTraversal**

    Indicates whether edge traversal is enabled or disabled for this rule.

    The EdgeTraversal setting indicates that specific inbound traffic is allowed to tunnel through NATs and other edge devices using the Teredo tunneling technology. In order for this setting to work correctly, the application or service with the inbound firewall rule needs to support IPv6. The primary application of this setting allows listeners on the host to be globally addressable through a Teredo IPv6 address.

    New rules have the EdgeTraversal property disabled by default.

    -

    Boolean value. Supported operations are Add, Get, Replace, and Delete.

    +

    Value type is bool. Supported operations are Add, Get, Replace, and Delete.

    **FirewallRules/_FirewallRuleName_/LocalUserAuthorizedList**

    Specifies the list of authorized local users for the app container. This is a string in Security Descriptor Definition Language (SDDL) format.

    @@ -274,10 +317,6 @@ If not specified - a new rule is disabled by default.

    Provides information about the specific verrsion of the rule in deployment for monitoring purposes.

    Value type is string. Supported operation is Get.

    -**FirewallRules/_FirewallRuleName_/FriendlyName** -

    Specifies the friendly name of the rule. The string must not contain the "|" character.

    -

    Value type is string. Supported operations are Add, Get, Replace, and Delete.

    - **FirewallRules/_FirewallRuleName_/Name**

    Name of the rule.

    Value type is string. Supported operations are Add, Get, Replace, and Delete.

    diff --git a/windows/client-management/mdm/firewall-ddf-file.md b/windows/client-management/mdm/firewall-ddf-file.md index 9456acd05e..7a8de5174f 100644 --- a/windows/client-management/mdm/firewall-ddf-file.md +++ b/windows/client-management/mdm/firewall-ddf-file.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 06/19/2017 +ms.date: 08/18/2017 --- # Firewall CSP @@ -30,6 +30,7 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + Root node for the Firewall configuration service provider. @@ -67,7 +68,6 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal - @@ -88,7 +88,7 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal - This value is a DWORD containing the maximum policy version that the server host can accept. The version number is two octets in size. The lowest-order octet is the minor version; the second-to-lowest octet is the major version. This value is not merged and is always a fixed value for a particular firewall and advanced security components software build. + Value that contains the maximum policy version that the server host can accept. The version number is two octets in size. The lowest-order octet is the minor version; the second-to-lowest octet is the major version. This value is not merged and is always a fixed value for a particular firewall and advanced security components software build. @@ -109,7 +109,7 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal - This value is a DWORD and contains a bitmask of the current enforced profiles that are maintained by the server firewall host. See FW_PROFILE_TYPE for the bitmasks that are used to identify profile types. This value is available only in the dynamic store; therefore, it is not merged and has no merge law. + Value that contains a bitmask of the current enforced profiles that are maintained by the server firewall host. See FW_PROFILE_TYPE for the bitmasks that are used to identify profile types. This value is available only in the dynamic store; therefore, it is not merged and has no merge law. @@ -130,8 +130,11 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + + - This value is an on/off switch. If off, the firewall performs stateful File Transfer Protocol (FTP) filtering to allow secondary connections. The value is a DWORD; 0x00000000 means off; 0x00000001 means on. The merge law for this option is to let "on" values win. + FALSE + This value is an on/off switch. If off, the firewall performs stateful File Transfer Protocol (FTP) filtering to allow secondary connections. FALSE means off; TRUE means on, so the stateful FTP is disabled. The merge law for this option is to let "on" values win. @@ -152,8 +155,11 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + + - This value configures the security association idle time, in seconds. Security associations are deleted after network traffic is not seen for this specified period of time. The value is a DWORD and MUST be a value in the range of 300 to 3,600 inclusive. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, use the local store value. + 300 + This value configures the security association idle time, in seconds. Security associations are deleted after network traffic is not seen for this specified period of time. The value MUST be in the range of 300 to 3,600 inclusive. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, use the local store value. @@ -174,8 +180,11 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + + - This configuration value specifies the preshared key encoding that is used. The value is a DWORD and MUST be a valid value from the PRESHARED_KEY_ENCODING_VALUES enumeration. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, use the local store value. + 1 + Specifies the preshared key encoding that is used. MUST be a valid value from the PRESHARED_KEY_ENCODING_VALUES enumeration. Default is 1 [UTF-8]. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, use the local store value. @@ -196,8 +205,11 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + + - This configuration value configures IPsec exceptions. The value is a DWORD and MUST be a combination of the valid flags that are defined in IPSEC_EXEMPT_VALUES; therefore, the maximum value MUST always be IPSEC_EXEMPT_MAX-1 for servers supporting a schema version of 0x0201 and IPSEC_EXEMPT_MAX_V2_0-1 for servers supporting a schema version of 0x0200. If the maximum value is exceeded when the method RRPC_FWSetGlobalConfig (Opnum 4) is called, the method returns ERROR_INVALID_PARAMETER. This error code is returned if no other preceding error is discovered. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, use the local store value. + 0 + This value configures IPsec exceptions and MUST be a combination of the valid flags that are defined in IPSEC_EXEMPT_VALUES; therefore, the maximum value MUST always be IPSEC_EXEMPT_MAX-1 for servers supporting a schema version of 0x0201 and IPSEC_EXEMPT_MAX_V2_0-1 for servers supporting a schema version of 0x0200. If the maximum value is exceeded when the method RRPC_FWSetGlobalConfig (Opnum 4) is called, the method returns ERROR_INVALID_PARAMETER. This error code is returned if no other preceding error is discovered. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, use the local store value. @@ -218,8 +230,10 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + + - This value specifies how certificate revocation list (CRL) verification is enforced. The value is a DWORD and MUST be 0, 1, or 2. A value of 0 disables CRL checking. A value of 1 specifies that CRL checking is attempted and that certificate validation fails only if the certificate is revoked. Other failures that are encountered during CRL checking (such as the revocation URL being unreachable) do not cause certificate validation to fail. A value of 2 means that checking is required and that certificate validation fails if any error is encountered during CRL processing. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, use the local store value. + This value specifies how certificate revocation list (CRL) verification is enforced. The value MUST be 0, 1, or 2. A value of 0 disables CRL checking. A value of 1 specifies that CRL checking is attempted and that certificate validation fails only if the certificate is revoked. Other failures that are encountered during CRL checking (such as the revocation URL being unreachable) do not cause certificate validation to fail. A value of 2 means that checking is required and that certificate validation fails if any error is encountered during CRL processing. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, use the local store value. @@ -282,8 +296,10 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + + - This value is a DWORD used as an on/off switch. When this option is off, keying modules MUST ignore the entire authentication set if they do not support all of the authentication suites specified in the set. When this option is on, keying modules MUST ignore only the authentication suites that they do not support. For schema versions 0x0200, 0x0201, and 0x020A, this value is invalid and MUST NOT be used. + This value is used as an on/off switch. When this option is false, keying modules MUST ignore the entire authentication set if they do not support all of the authentication suites specified in the set. When this option is true, keying modules MUST ignore only the authentication suites that they don’t support. For schema versions 0x0200, 0x0201, and 0x020A, this value is invalid and MUST NOT be used. @@ -304,8 +320,11 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + + - This value specifies how scaling for the software on the receive side is enabled for both the encrypted receive and clear text forward path for the IPsec tunnel gateway scenario. Use of this option also ensures that the packet order is preserved. The data type for this option value is a DWORD and is a combination of flags. A value of 0x00 indicates that all queuing is to be disabled. A value of 0x01 specifies that inbound encrypted packets are to be queued. A value of 0x02 specifies that packets are to be queued after decryption is performed for forwarding. + 0 + This value specifies how scaling for the software on the receive side is enabled for both the encrypted receive and clear text forward path for the IPsec tunnel gateway scenario. Use of this option also ensures that the packet order is preserved. The data type for this option value is a integer and is a combination of flags. A value of 0x00 indicates that all queuing is to be disabled. A value of 0x01 specifies that inbound encrypted packets are to be queued. A value of 0x02 specifies that packets are to be queued after decryption is performed for forwarding. @@ -346,10 +365,12 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + - This value is an on/off switch for the firewall and advanced security enforcement. It is a DWORD type value; 0x00000000 is off; 0x00000001 is on. If this value is off, the server MUST NOT block any network traffic, regardless of other policy settings. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. + 1 + This value is an on/off switch for the firewall and advanced security enforcement. If this value is false, the server MUST NOT block any network traffic, regardless of other policy settings. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. - + @@ -368,10 +389,12 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + - This value is a DWORD used as an on/off switch. When this option is off, the server operates in stealth mode. The firewall rules used to enforce stealth mode are implementation-specific. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. + 0 + This value is an on/off switch. When this option is false, the server operates in stealth mode. The firewall rules used to enforce stealth mode are implementation-specific. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. - + @@ -391,9 +414,10 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal - This value is a DWORD used as an on/off switch. If this value is on and EnableFirewall is on, the server MUST block all incoming traffic regardless of other policy settings. The merge law for this option is to let "on" values win. + 0 + This value is used as an on/off switch. If this value is on and EnableFirewall is on, the server MUST block all incoming traffic regardless of other policy settings. The merge law for this option is to let "on" values win. - + @@ -412,10 +436,12 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + - This value is a DWORD used as an on/off switch. If it is on, unicast responses to multicast broadcast traffic is blocked. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. + 0 + This value is used as an on/off switch. If it is true, unicast responses to multicast broadcast traffic is blocked. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. - + @@ -434,10 +460,12 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + - This value is a DWORD used as an on/off switch. If this value is off, the firewall MAY display a notification to the user when an application is blocked from listening on a port. If this value is on, the firewall MUST NOT display such a notification. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. + 0 + This value is an on/off switch. If this value is false, the firewall MAY display a notification to the user when an application is blocked from listening on a port. If this value is on, the firewall MUST NOT display such a notification. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. - + @@ -456,10 +484,12 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + - This value is a DWORD used as an on/off switch. If this value is off, authorized application firewall rules in the local store are ignored and not enforced. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. + 1 + This value is used as an on/off switch. If this value is false, authorized application firewall rules in the local store are ignored and not enforced. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. - + @@ -478,10 +508,12 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + - This value is a DWORD used as an on/off switch. If this value is off, global port firewall rules in the local store are ignored and not enforced. The setting only has meaning if it is set or enumerated in the Group Policy store or if it is enumerated from the GroupPolicyRSoPStore. The merge law for this option is to let the value GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. + 1 + This value is used as an on/off switch. If this value is false, global port firewall rules in the local store are ignored and not enforced. The setting only has meaning if it is set or enumerated in the Group Policy store or if it is enumerated from the GroupPolicyRSoPStore. The merge law for this option is to let the value GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. - + @@ -500,10 +532,12 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + - This value is a DWORD used as an on/off switch. If this value is off, firewall rules from the local store are ignored and not enforced. The merge law for this option is to always use the value of the GroupPolicyRSoPStore. This value is valid for all schema versions. + 1 + This value is used as an on/off switch. If this value is false, firewall rules from the local store are ignored and not enforced. The merge law for this option is to always use the value of the GroupPolicyRSoPStore. This value is valid for all schema versions. - + @@ -522,10 +556,12 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + - This value is a DWORD; it is an on/off switch. If this value is off, connection security rules from the local store are ignored and not enforced, regardless of the schema version and connection security rule version. The merge law for this option is to always use the value of the GroupPolicyRSoPStore. + 1 + This value is an on/off switch. If this value is false, connection security rules from the local store are ignored and not enforced, regardless of the schema version and connection security rule version. The merge law for this option is to always use the value of the GroupPolicyRSoPStore. - + @@ -544,8 +580,10 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + - This value is the action that the firewall does by default (and evaluates at the very end) on outbound connections. The allow action is represented by 0x00000000; 0x00000001 represents a block action. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. + 0 + This value is the action that the firewall does by default (and evaluates at the very end) on outbound connections. The allow action is represented by 0x00000000; 0x00000001 represents a block action. Default value is 0 [Allow]. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. @@ -566,8 +604,10 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + - This value is the action that the firewall does by default (and evaluates at the very end) on inbound connections. The allow action is represented by 0x00000000; 0x00000001 represents a block action. The merge law for this option is to let the value of the GroupPolicyRSoPStore.win if it is configured; otherwise, the local store value is used. + 1 + This value is the action that the firewall does by default (and evaluates at the very end) on inbound connections. The allow action is represented by 0x00000000; 0x00000001 represents a block action. Default value is 1 [Block]. The merge law for this option is to let the value of the GroupPolicyRSoPStore.win if it is configured; otherwise, the local store value is used. @@ -588,10 +628,12 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + - This value is a DWORD used as an on/off switch. This option is ignored if DisableStealthMode is on. Otherwise, when this option is on, the firewall's stealth mode rules MUST NOT prevent the host computer from responding to unsolicited network traffic if that traffic is secured by IPsec. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. For schema versions 0x0200, 0x0201, and 0x020A, this value is invalid and MUST NOT be used. + 1 + This value is an on/off switch. This option is ignored if DisableStealthMode is on. Otherwise, when this option is true, the firewall's stealth mode rules MUST NOT prevent the host computer from responding to unsolicited network traffic if that traffic is secured by IPsec. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. For schema versions 0x0200, 0x0201, and 0x020A, this value is invalid and MUST NOT be used. - + @@ -630,10 +672,12 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + - This value is an on/off switch for the firewall and advanced security enforcement. It is a DWORD type value; 0x00000000 is off; 0x00000001 is on. If this value is off, the server MUST NOT block any network traffic, regardless of other policy settings. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. + 1 + This value is an on/off switch for the firewall and advanced security enforcement. If this value is false, the server MUST NOT block any network traffic, regardless of other policy settings. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. - + @@ -652,10 +696,12 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + - This value is a DWORD used as an on/off switch. When this option is off, the server operates in stealth mode. The firewall rules used to enforce stealth mode are implementation-specific. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. + 0 + This value is an on/off switch. When this option is false, the server operates in stealth mode. The firewall rules used to enforce stealth mode are implementation-specific. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. - + @@ -675,9 +721,10 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal - This value is a DWORD used as an on/off switch. If this value is on and EnableFirewall is on, the server MUST block all incoming traffic regardless of other policy settings. The merge law for this option is to let "on" values win. + 0 + This value is used as an on/off switch. If this value is on and EnableFirewall is on, the server MUST block all incoming traffic regardless of other policy settings. The merge law for this option is to let "on" values win. - + @@ -696,10 +743,12 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + - This value is a DWORD used as an on/off switch. If it is on, unicast responses to multicast broadcast traffic is blocked. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. + 0 + This value is used as an on/off switch. If it is true, unicast responses to multicast broadcast traffic is blocked. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. - + @@ -718,10 +767,12 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + - This value is a DWORD used as an on/off switch. If this value is off, the firewall MAY display a notification to the user when an application is blocked from listening on a port. If this value is on, the firewall MUST NOT display such a notification. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. + 0 + This value is an on/off switch. If this value is false, the firewall MAY display a notification to the user when an application is blocked from listening on a port. If this value is on, the firewall MUST NOT display such a notification. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. - + @@ -740,10 +791,12 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + - This value is a DWORD used as an on/off switch. If this value is off, authorized application firewall rules in the local store are ignored and not enforced. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. + 1 + This value is used as an on/off switch. If this value is false, authorized application firewall rules in the local store are ignored and not enforced. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. - + @@ -762,10 +815,12 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + - This value is a DWORD used as an on/off switch. If this value is off, global port firewall rules in the local store are ignored and not enforced. The setting only has meaning if it is set or enumerated in the Group Policy store or if it is enumerated from the GroupPolicyRSoPStore. The merge law for this option is to let the value GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. + 1 + This value is used as an on/off switch. If this value is false, global port firewall rules in the local store are ignored and not enforced. The setting only has meaning if it is set or enumerated in the Group Policy store or if it is enumerated from the GroupPolicyRSoPStore. The merge law for this option is to let the value GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. - + @@ -784,10 +839,12 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + - This value is a DWORD used as an on/off switch. If this value is off, firewall rules from the local store are ignored and not enforced. The merge law for this option is to always use the value of the GroupPolicyRSoPStore. This value is valid for all schema versions. + 1 + This value is used as an on/off switch. If this value is false, firewall rules from the local store are ignored and not enforced. The merge law for this option is to always use the value of the GroupPolicyRSoPStore. This value is valid for all schema versions. - + @@ -806,10 +863,12 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + - This value is a DWORD; it is an on/off switch. If this value is off, connection security rules from the local store are ignored and not enforced, regardless of the schema version and connection security rule version. The merge law for this option is to always use the value of the GroupPolicyRSoPStore. + 1 + This value is an on/off switch. If this value is false, connection security rules from the local store are ignored and not enforced, regardless of the schema version and connection security rule version. The merge law for this option is to always use the value of the GroupPolicyRSoPStore. - + @@ -828,8 +887,10 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + - This value is the action that the firewall does by default (and evaluates at the very end) on outbound connections. The allow action is represented by 0x00000000; 0x00000001 represents a block action. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. + 0 + This value is the action that the firewall does by default (and evaluates at the very end) on outbound connections. The allow action is represented by 0x00000000; 0x00000001 represents a block action. Default value is 0 [Allow]. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. @@ -850,8 +911,10 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + - This value is the action that the firewall does by default (and evaluates at the very end) on inbound connections. The allow action is represented by 0x00000000; 0x00000001 represents a block action. The merge law for this option is to let the value of the GroupPolicyRSoPStore.win if it is configured; otherwise, the local store value is used. + 1 + This value is the action that the firewall does by default (and evaluates at the very end) on inbound connections. The allow action is represented by 0x00000000; 0x00000001 represents a block action. Default value is 1 [Block]. The merge law for this option is to let the value of the GroupPolicyRSoPStore.win if it is configured; otherwise, the local store value is used. @@ -872,10 +935,12 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + - This value is a DWORD used as an on/off switch. This option is ignored if DisableStealthMode is on. Otherwise, when this option is on, the firewall's stealth mode rules MUST NOT prevent the host computer from responding to unsolicited network traffic if that traffic is secured by IPsec. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. For schema versions 0x0200, 0x0201, and 0x020A, this value is invalid and MUST NOT be used. + 1 + This value is an on/off switch. This option is ignored if DisableStealthMode is on. Otherwise, when this option is true, the firewall's stealth mode rules MUST NOT prevent the host computer from responding to unsolicited network traffic if that traffic is secured by IPsec. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. For schema versions 0x0200, 0x0201, and 0x020A, this value is invalid and MUST NOT be used. - + @@ -914,10 +979,12 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + - This value is an on/off switch for the firewall and advanced security enforcement. It is a DWORD type value; 0x00000000 is off; 0x00000001 is on. If this value is off, the server MUST NOT block any network traffic, regardless of other policy settings. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. + 1 + This value is an on/off switch for the firewall and advanced security enforcement. If this value is false, the server MUST NOT block any network traffic, regardless of other policy settings. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. - + @@ -936,10 +1003,12 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + - This value is a DWORD used as an on/off switch. When this option is off, the server operates in stealth mode. The firewall rules used to enforce stealth mode are implementation-specific. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. + 0 + This value is an on/off switch. When this option is false, the server operates in stealth mode. The firewall rules used to enforce stealth mode are implementation-specific. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. - + @@ -959,9 +1028,10 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal - This value is a DWORD used as an on/off switch. If this value is on and EnableFirewall is on, the server MUST block all incoming traffic regardless of other policy settings. The merge law for this option is to let "on" values win. + 0 + This value is used as an on/off switch. If this value is on and EnableFirewall is on, the server MUST block all incoming traffic regardless of other policy settings. The merge law for this option is to let "on" values win. - + @@ -980,10 +1050,12 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + - This value is a DWORD used as an on/off switch. If it is on, unicast responses to multicast broadcast traffic is blocked. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. + 0 + This value is used as an on/off switch. If it is true, unicast responses to multicast broadcast traffic is blocked. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. - + @@ -1002,10 +1074,12 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + - This value is a DWORD used as an on/off switch. If this value is off, the firewall MAY display a notification to the user when an application is blocked from listening on a port. If this value is on, the firewall MUST NOT display such a notification. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. + 0 + This value is an on/off switch. If this value is false, the firewall MAY display a notification to the user when an application is blocked from listening on a port. If this value is on, the firewall MUST NOT display such a notification. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. - + @@ -1024,10 +1098,12 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + - This value is a DWORD used as an on/off switch. If this value is off, authorized application firewall rules in the local store are ignored and not enforced. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. + 1 + This value is used as an on/off switch. If this value is false, authorized application firewall rules in the local store are ignored and not enforced. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. - + @@ -1046,10 +1122,12 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + - This value is a DWORD used as an on/off switch. If this value is off, global port firewall rules in the local store are ignored and not enforced. The setting only has meaning if it is set or enumerated in the Group Policy store or if it is enumerated from the GroupPolicyRSoPStore. The merge law for this option is to let the value GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. + 1 + This value is used as an on/off switch. If this value is false, global port firewall rules in the local store are ignored and not enforced. The setting only has meaning if it is set or enumerated in the Group Policy store or if it is enumerated from the GroupPolicyRSoPStore. The merge law for this option is to let the value GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. - + @@ -1068,10 +1146,12 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + - This value is a DWORD used as an on/off switch. If this value is off, firewall rules from the local store are ignored and not enforced. The merge law for this option is to always use the value of the GroupPolicyRSoPStore. This value is valid for all schema versions. + 1 + This value is used as an on/off switch. If this value is false, firewall rules from the local store are ignored and not enforced. The merge law for this option is to always use the value of the GroupPolicyRSoPStore. This value is valid for all schema versions. - + @@ -1090,10 +1170,12 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + - This value is a DWORD; it is an on/off switch. If this value is off, connection security rules from the local store are ignored and not enforced, regardless of the schema version and connection security rule version. The merge law for this option is to always use the value of the GroupPolicyRSoPStore. + 1 + This value is an on/off switch. If this value is false, connection security rules from the local store are ignored and not enforced, regardless of the schema version and connection security rule version. The merge law for this option is to always use the value of the GroupPolicyRSoPStore. - + @@ -1112,8 +1194,10 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + - This value is the action that the firewall does by default (and evaluates at the very end) on outbound connections. The allow action is represented by 0x00000000; 0x00000001 represents a block action. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. + 0 + This value is the action that the firewall does by default (and evaluates at the very end) on outbound connections. The allow action is represented by 0x00000000; 0x00000001 represents a block action. Default value is 0 [Allow]. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. @@ -1134,8 +1218,10 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + - This value is the action that the firewall does by default (and evaluates at the very end) on inbound connections. The allow action is represented by 0x00000000; 0x00000001 represents a block action. The merge law for this option is to let the value of the GroupPolicyRSoPStore.win if it is configured; otherwise, the local store value is used. + 1 + This value is the action that the firewall does by default (and evaluates at the very end) on inbound connections. The allow action is represented by 0x00000000; 0x00000001 represents a block action. Default value is 1 [Block]. The merge law for this option is to let the value of the GroupPolicyRSoPStore.win if it is configured; otherwise, the local store value is used. @@ -1156,10 +1242,12 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + - This value is a DWORD used as an on/off switch. This option is ignored if DisableStealthMode is on. Otherwise, when this option is on, the firewall's stealth mode rules MUST NOT prevent the host computer from responding to unsolicited network traffic if that traffic is secured by IPsec. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. For schema versions 0x0200, 0x0201, and 0x020A, this value is invalid and MUST NOT be used. + 1 + This value is an on/off switch. This option is ignored if DisableStealthMode is on. Otherwise, when this option is true, the firewall's stealth mode rules MUST NOT prevent the host computer from responding to unsolicited network traffic if that traffic is secured by IPsec. The merge law for this option is to let the value of the GroupPolicyRSoPStore win if it is configured; otherwise, the local store value is used. For schema versions 0x0200, 0x0201, and 0x020A, this value is invalid and MUST NOT be used. - + @@ -1200,6 +1288,7 @@ This topic shows the OMA DM device description framework (DDF) for the **Firewal + Unique alpha numeric identifier for the rule. The rule name must not include a forward slash (/). @@ -1349,7 +1438,7 @@ ServiceName - 0-255 number representing the ip protocol (TCP = 6, UDP = 17) + 0-255 number representing the ip protocol (TCP = 6, UDP = 17). If not specified the default is All. @@ -1373,7 +1462,7 @@ ServiceName - Comma Separated list of ranges for eg. 100-120,200,300-320 + Comma Separated list of ranges for eg. 100-120,200,300-320. If not specified the default is All. @@ -1397,7 +1486,7 @@ ServiceName - Comma Separated list of ranges for eg. 100-120,200,300-320 + Comma Separated list of ranges for eg. 100-120,200,300-320. If not specified the default is All. @@ -1428,7 +1517,7 @@ Valid tokens include: A subnet can be specified using either the subnet mask or network prefix notation. If neither a subnet mask not a network prefix is specified, the subnet mask defaults to 255.255.255.255. A valid IPv6 address. An IPv4 address range in the format of "start address - end address" with no spaces included. -An IPv6 address range in the format of "start address - end address" with no spaces included. +An IPv6 address range in the format of "start address - end address" with no spaces included. If not specified the default is All. @@ -1466,7 +1555,7 @@ An IPv6 address range in the format of "start address - end address" with no spa A subnet can be specified using either the subnet mask or network prefix notation. If neither a subnet mask not a network prefix is specified, the subnet mask defaults to 255.255.255.255. A valid IPv6 address. An IPv4 address range in the format of "start address - end address" with no spaces included. -An IPv6 address range in the format of "start address - end address" with no spaces included. +An IPv6 address range in the format of "start address - end address" with no spaces included. If not specified the default is All. @@ -1509,8 +1598,6 @@ An IPv6 address range in the format of "start address - end address" with no spa Enabled - - @@ -1534,12 +1621,10 @@ If not specified - a new rule is disabled by default. Profiles - - - Specifies the profiles to which the rule belongs: Domain, Private, Public. See FW_PROFILE_TYPE for the bitmasks that are used to identify profile types. + Specifies the profiles to which the rule belongs: Domain, Private, Public. See FW_PROFILE_TYPE for the bitmasks that are used to identify profile types. If not specified, the default is All. @@ -1560,13 +1645,7 @@ If not specified - a new rule is disabled by default. - Specifies the action for the rule. - -BLOCK - block the connection. -ALLOW - allow the connection. - - -If not specified the default action is BLOCK. + Specifies the action for the rule. @@ -1584,11 +1663,10 @@ If not specified the default action is BLOCK. Type - - + 1 Specifies the action the rule enforces: 0 - Block 1 - Allow @@ -1611,11 +1689,10 @@ If not specified the default action is BLOCK. Direction - - + IN Comma separated list. The rule is enabled based on the traffic direction as following. IN - the rule applies to inbound traffic. @@ -1640,11 +1717,10 @@ If not specified the detault is IN. InterfaceTypes - - + All String value. Multiple interface types can be included in the string by separating each value with a ",". Acceptable values are "RemoteAccess", "Wireless", "Lan", "MobileBroadband", and "All". If more than one interface type is specified, the strings must be separated by a comma. @@ -1661,30 +1737,6 @@ If not specified the detault is IN. - - IcmpTypesAndCodes - - - - - - - - The icmpTypesAndCodes parameter is a list of ICMP types and codes separated by semicolon. "*" indicates all ICMP types and codes. - - - - - - - - - - - text/plain - - - EdgeTraversal @@ -1760,31 +1812,6 @@ This is a string in Security Descriptor Definition Language (SDDL) format.. - - FriendlyName - - - - - - - - Specifies the friendly name of the rule. -The string must not contain the "|" character. - - - - - - - - - - - text/plain - - - Name diff --git a/windows/client-management/mdm/images/provisioning-csp-firewall.png b/windows/client-management/mdm/images/provisioning-csp-firewall.png index f31e4c749dcd727b3ae9bf6d72e3ea0d59b01554..4720e51cd7e652b2f3194b2dc78aea8289551441 100644 GIT binary patch literal 95637 zcmc$`cR*8J_AZ4Hk{0-+`fihziPrbrQ_OOswg zf=H2$5ITe+y@cMA+#L(z-1*&a=Dl<0`@?b|IcJ}}_gd>&Ydz2QQn+zt`xcHZ5C~+u z%vGtI5C~He1hQ3cGZXkpUfmOE@DJ4X=9P<(g|o-n%U~= zEn5hLrI_&tT4ot{2Lho-%Sc^N#^{Vu$6s-kImT{9(>vYj*rgZUC5#OGs}L-!`#$B~jZXSa!K z?A>az>1Y`92Asr_s>q7%x2dMZCuOy80%+d`Rqp#e81b?R% zbVC^zTmQ+$^(mYuf_q|L*6kBZFC-Ie=LU;|XtN!CWE3^J zOm|hy!-dkHvfA8S=wN)G_DUXYLsx)6^k`n<-QkvGG4yf?7PaE3xbJ|Jv}2E-F1=Q* zEQlM0>86!HAVkz|46$Zn-n5uK+-113J|BJ1ElgsiWgt^F4*Zr$!I9XR@1RRYmBFER z0$u1;&B-4||@qYD8Tj(1tFpP~Z^Az@9JRX=XCm zBlYPN6oPZS;!GTG&(_VIbeUx%$8IZqHJ)jwnN;nrr=%j~hm42s;r+11Q7A-baDtYl zMv$v)Ix(}@*j6|iUiap6%&Q8WJD39n_^c-6qHoMNVNaF{m$90C2EGjKi%%zcaX9IGFxLXz7m{XFh47)=f zm@Du9bUFRKhPM2kmCrG|t9aSN2(Bwx)Upi_h^^;5u9~-)f?o{)58$sSwI$XS-Ob>O zF7afFv0=aaH8CeE(phwzYTr!OxER6Guk7@seUBaQuH-ruQ*3BS-&K|>xy{12tp@cb zP~A(SG<^rP_?-|))e+YPoW|4)Um-PQ=>d0Ku&D!8c_GE^K?K*XxrNwi?ot1&9@8rU zMvqDwOhWTkLs-(_!9$nj`Dd;Ef{V~5CV@4S->5~i8y&~r6;`oJ%X`^mCmt6ez0-UO z7uUkw3F|FQ(8za8*eK+Ldv>cpJWwi)5(}Tq1^Z2_fkNK>RQ97+zQ5YWmi!1m3fzBq z(M{6)kxr%v)ggf;3EAC=3O@PKSpmb%@gTYRps6$$fHYGI-V!7~yaE1HQCw-z5 zTu7`~RwZF~I=og`B;X4h;1aAoGZBxdWotRgbKTCH(cxQF8Q1;fct4x@4R|DI52eJ$CqNSjDuZ(@0q~ zJZ>**YP?z0091~5TSBH^FX>?H{hR!=CvZ{C+g4;-R#OYgFTDtaaBcH#1 zkC}Xa8zgnFGBRSZER_5e%*Eui`DPh-jvF=|U3fNkUcAZa)+w?rT`W3(Hl4pwR%IZ)M!+0fFAQ1Jv z94MmA%KUg@UnOT$&vNN&g7aufnD$DM&A>`5eV)ELYKmQI6I5K8{?-xA?v^{%Hqh_8 zfSsEFPO5_d-bsD4hB$G$yT~1n$CGLE+3l4T-1x=B6dK9d(id%A8{~K1VPcXU28FN% zoIpb4L#e*gxCQ#KZU^x9xQ$GRU?zr7-MS5VdLs(_hixxPZwm(e=j3S&aSvmgsq0PR zPB7eWDzO`?L|e41(q($j8$7q zua#(TZ|}>01n&M)6|p#$9?IJ+!vCyG%whP^kdI*?4;f9()}>Dwy(SnAOOy~YSiOekQhdE4|csFB*P<8R9^dnFZI3mTno02qRYw2g5 zd~|U_0XnDyhG8IvganC>5e|bbeI*0lfuSsihdHAdpO}3&%a;X@TeayErseE_5Ldws zD(31JYF$n_VZjXobyBQPhnc1LsyfWYZfZ9j&2rDZ-7Rr#Z*sw6$|lWrzj-ydMGl8R zYp2-VSSJ^u3|9_#o5WTM6bxYzjAWjBHyHo^Hke4tHp0TRTI9mQ#`0~*9gSl{N-#sn z=(RmtWcO}&a8TBQTk?oop#)q%Q3L%r+0!A86LW?VD`SEyehjDoOnL$0@F3Y>G(*iV z6YgK4S;oJV?Cz9cT7ZW~ROz8^`l{}K*hVQMJW8EJPOfrd)AI98>1V){bfkR?-`XgC zKml%w$V(nQm@sJyQxF_d%u9FRKgf|Ugq*B+G-ydKH2?AGcjDclNmGJ@VNbfq><6w) zL+EZea`H8ro>}6GQQW=b-y+5o9D&?+g`ItdvYB+v@+(aF=@w;& z#m-QytCy}_mTLiGqc_XZc2mvbBU3o;BrLs|+tujT5=&ao^dacW>^`c|S7Q}>F#urD zs4G9WN(~Gt;gYj7AN^>Ru<7a*#ooBtdfEyI!skjHalJnLg&12~^C^k_2eiM**ShwN zoDT|+$is?5Ag99_?n^h@Ex*wEu_gD>;p5CL1@^;5?(hlncCd)29>9;!&(HJexY-^g zSm4T|xTeZd=!2%B$p?V3`&<}d#z3uZ-x@^{s#f$V*Vm zsh7Y&mST%wC!L+0fe-GiuH+mJQ1htGj zi3Psn0fS)k8AhglL)p!XR=~RG zu~_R`#t%3DUwWv2?&_YE!6rI#)6H{eH6-AT-#5g)GONuJ8%J*`~m_Agn=1o6_?b$|15cXxWtOOvS+#1;EG{kmgD#?9tcEsBl7g4 zG2|qI08$7NG)u@=4?QX-*X3jjw%H=lC~;)A}qsDmOt=>p;jUAA$lf?YGnnlRKiL-Olfm z;l(op0HNj*N|L;-MMu-GeXto;h#fFhOZHp;t&k{R1DX;vYuBhewBTh5M*y3YZ7%b* zee1G!%&O8$FJaI`@}pK|Rt%Qky0%5_882AznJb&1di#j5n90SFlmK}7%x8Ivx2~gR z%4T^t6us>3X0mDosVM2YFLQLZq)4#WvF5Gf2@%PnuJ#dwvph~83258Yptjg;CW-Xf z;E#pY_be@Isegg+r3DtZV7_J?yCO{R`^Y1HaWSyRSvRgT!-Rp0s`Ddz!P zN_sgC8DSuyn_6>l65?uFB%e8#^AHXpzQn<~b}vxKgbc@nJR;g$3+;R3RmixK5a@Y|NJ?kRaGr#J};=a{BD39BbCO=Z9-IUNIM9Hi3%F2Yz z>JDT??3Old)@Ew4_68qjQAf4aA`1NNRYrQk8Ff(i{02xR1Zm|`Ku>hQF1BSyy=*Wx z3CPc@VG$=1IMG`5eh3G&q@_(UUUtdmhG<0`&X+LS!f>+wq4@p#G>J3lU!?o*IA=y%3?LJ1%p34}z}vAP ztv2Lu8&z z^vhDld-3czH?=xjO>i+BQQh8}az8(IYb8oOFSxf1>4?bXJuQ!_oX+*qdu zJOEm4gV$xaryy#_L1|##CY{V zc?s;L67ko(jm!?QNQjLr8EZvYVSbaOZK0MmCAJqg+I0C?~!VGQI60}l>xtiR2(B3R*KuTL!q_EGW{ zI{S5xmc3#m;9XsXVEFEEL`NlX3LvdNBsPb`F2{y~{0iiA;m*|8blMDka<;Xsd_rfIRen}|OQNwor_i2MtY1M-pp(-8X1DxKoYk3F*dQO~Bz5%^ND zDcxqjq;#6XAU+$xGx8>J*h1IQ)gkup3$fAbtukZNVP`7QE1nK15-y8%_^XiAd5o8Bdc`%I*0UET;`+Xh||I889Aq1;p^<{@($B@^vPFLvli z+z8nU1<#sxB7!l^ELsyQYQELi95C5tYhsQSKuY_@SDhaG!a(pK#PsQ$h6H259KNWB zDcdOuA59R$dnZ@F5&&pSXXPsfw@WzMbV3-0TY`hN*eBjSvN#O_j8DQ1OM$(KZ3KeY zam^+*hhxR8GnjaktV-_Dq~N2hgRb*9 z28h05X_=$O0vX@}bD)mE(8Foc!PrGoY%O7mT@gPlJ9`D9*w4~SGE=JeSx#!#*3J&- zk`riYOFr??RZEU!h`>xo^IPha!XRuLzTe{cpeH(i9xQOAQ$x_x$6c&0j&i!LHx)=` zo#`hhlhfm;E~LqK=+$}a#f+!Jh;@87p>V%+kY=7DSnEhRsrOIc7l{ zHN^v+aIXoATEtqcDA zp;Zh7ymRhfo4FjYxcs6zJ|l8|`uwfptVZ(?rNv6d3vnCl@+EKs?6qo{= z^45J*Ax^f+4Vxd4)UQ(EvzU4>M8iVK(VZh7FTz8i!wGgq84*Tgj(IZdMmT*cNi&-f zrfgZjC{W2wM4G0wf;zsjhZ#7#ce=|5(<+Du;U zJGO3DacLghZ$?#4BJD&F4oZT^T!mI4!V{z5>a3f z3lp8T{H&0Z8-N*?Pe4aBW&l2@rA4M-W%X{&;DZR$0|Ra2bZYH{9TQF(qJ%@5TjejC)$dsth}fK#x~l+FQ$GXo?nw#z<-yHpP0( zW}6~%zGJjjiwo}vP%ooIrn48KeiDqcJ`}Fb*p#%CuFisjwA@@rx7o@$UqM^{a769u zSaoUVIV<<`Xi@{lDG#&Mc1M z1~)*$>q|kouTy^WW+KD2K0gozHv?rzP+pWG!>^VL49+fblk@BeW81CN+Ak_IrB@8h>lX_|E17toy zEKc-VN$+u=_>YBonr}U(;<7Tq+XpgSAegPdMws{Xxt6vt>5YexdOWHbK1F9Q%>`g^ zI>ZT3=~J(^{j_oJxT**IX?u7A%P~_@0!tjja5ul@;NlaW0UY5ChaP1EY%djajS${fvo1NNnAgOUW}C* zg_0MCQ*;ZQWP`Vc1P#={X8RHvg|pz7dcTg&HTNsA-ymFO%Z5H2wbT}d%^W{^0$)TL zwt=1sqLk?G;uQ_?PIFR<|Lc+Z22q~tbT&lXz!~nC_w7D%+Y`4Sk~%bIpKfv*{A_6% z{64%0X7hj%Mh_HC4p7FHUKmn8Jvz54UKAOqEL>Zf(xmb(fk)NWyeTswe%^VU_N-T? z@y2+A9%bHGJ=Ly5|0Zwqih05)UyRMl#>^yai_UmtlDM@5wLf>8DC%;BMOex5$*C#<0g+2B1hW>WW8?4rZt|5xumkS z6Wl$#7b=GuD#^-dPFSrnF%mAOTYv1G+vAnJr~~Z3%vQ&&UywP$PWUj_=-k4w#(>P* z>@nAy&;!}g8BdeUZ>MGKW@Gj!9*;KfuSP~7N7F2xIJ`(wx*@Dp-=CGRAV()((9Dzx~`&r~}Rwy39}8 z2G3!LJKfj)*x|nMhtAdTg>LATZGXprA?pnv#ELmiHBsn+ZwxqlY{P~hzUg^Az+hs( zM)LpVhW@ku4GhV5AvvEA#{$_1N&tThYO(Ob#mGrl_uLSYL+O>Sds?}F z(b*5wgqsrkxiLj4S%_UUQg(T|PSMv~4 zo<7A)yO`r(Z~x<6Ur2e8n(Ih0Bhwn&TXi^-Ci2eD*Eg7$S*xLQj&u7}je91flhYIG zP9YV@YJJbDteS@gP8{22Xo0j~$udG4%ZSCV4U*_Y6m?r3Wl!naHLzM5ePj;TeQEZ1 zmKnP|3^AE_Z&tZvPjh6`Nd9uNe_Q0Jee9^UqJD83SN2d@bv}#zH#2p6nzgnK|*29EUkgb3fXl|}=Sbm$}?%F1DTVc-px+1@l>VlPS*S2cS z24r2{4e{DD^v6<&pZhrLTJEtOpQt!4W>do*UhqW~t+M-P-@`pl9qlO;z)1Fqsmv)lz7*FKsq^eQvlkr>D-V}l;-|c*Bj8&T|v6$alXRWyB6aP=I9zI1{ zQA*6RmET-d&A z*CPsN)h~O39PC_YUH|$Ok-5LIjdlm+&7rMof7H)@lVYEjRLY&mkN7O4B~L>*Y5w%u z{vg8cU02*$xlJu0DKC!uBU=SZ&($tlU8eo;zQ~1_0uWAY=F}|>Cp7U_{DdM;8$`C5 zZPB^)mtQMvQ{R_64x|2#9|q!|-f5Ez+Ltdb!SOh+feV{e`r5Fw^U$W>?t%C;o?Wo> zBSCCZgJt&vc!q9Ft-7`0sj3Rty|a@4^z+8Y@9BsqXN{N+^(JFfq^h^Wnk`aNli)+V z&JBAT?JRZY9`M{#*1AOv^Xd__7c||RH!Km5gUQ~qDyVc`);wRStled7E8ALRQb#N< z+j1Xg-7!$zQ_?>TQSvi4zONaQ(&)ZLqsn0G`%zR&+kAyfOKeO0gp#-PZO)QdSiR&* zhBcwOQ)6LQLRF7=MA{j<^|#z+NvjFtc5LF;QnyEJmdLfdp=eb6aYQb<_nuGE#X07~ z#mWjQ3ZqPlb0_-P7b7(F`LE1C90F2yhrQJ|n{Hu0`C}!1fQETDqJup4J#w?H@qMq_ zjbDs{Zcd4?+c5q;3EEoRgVpxa6{{9 zjIiFw7E)E^)IQ<6CHSIdQ|`bD^ftF>h{bG5BWKj0@jPyTDq?TiS~-OwUiUngvW7Ii zFRy+~xDzSy9W9{$R9xAB#f2WI=Q0&1kZ0Sf-uBor0Uj8T??}kBIOSZ=j3S~hJJC&9~UBpPFu{;AQso-mKgk3N7Btv57XMV>xUNzM%4+m6M>6gBST4-ImFoS@1>< zopmJrshU&Brna_}_Ug$Ps>prQc3BYomqho^ZcBHP?3-w#>3Xeu(@BWUSQ>JNFyFmN zoYt?r;JE=n{hr^;CLjsGaXC*y&IQZ zlrwT&5Z^%lUmU`%1*#|>{<$JvpBphk8*MKpm#zr-oZ#SO54`LHz>kjdvP$p)gNohw{V- z>=CFdiy(}`%3>y<(mpyQ%$=rzO@T8~O)uYsH~z+iqflM!1T32A)9MOoDq9D0$cg)~ z^=x!Oaul$8p1hnu0&lmPDJAU$aU$(hiydNeWi=5nGM0`&s4Yjwp(P$Qo5q~(dz!pF zG4sl4Z6BU4SUT_Q_VF9SZ8~bm^|{bx_WD3s6GEYC!1-m#cT=_x7B9h7>fIBUGT=hq zPY6-*YhV5pczj{Q#W5<55=Of!zGI+7^fK9XII(`^fU$3GEoEYh^1`az2(r7mZ_;=O z+I9FSjsEg^G3@5r4VVyDBSx~t&dE=$K#%Qk4bgVS#i!i8Q0;&|aDxTWy@}Yfeu>UT znYt+G%iY?Jk_`H`32}P7r`r7u+#{Ua{MQ`Lc>PU54chj8fSo8Q(R8%8dE@oIrqnNh z50D}Ns==ek2>olBqxYQh=AGmTcP}FpWUA#y)~%f6RfqrZ)dd{{2Gkej!(E^5(4QG8 zVV}gET*KcMZmT_{sk;}izBcX4rgY{Hx?Pln{4x&+B;v1M8~;C9Q1~AMJqruVJmkP< zDhBs6VFxHZATbK?pOP%!9`tC@>Of&v=FJy&Gco-b7wE9KP);9ITF6R2wyOJgzcZ#PuAbb*(F>fJK!|s`8)jyY=top!qL0Hviev&Ynd@P3GdJg zX~w5j%WjH?3cDwnQc6BZ&xTKe? zHM&q`C&Sxjw?7l9XHhe{D7u%!@N89KleuVvE$=+U7X24b^7a|2WQ9PG@?Yh8);=<@ zV0ksCrbqv!4}X~mC6Pn3y>Vp?rFNIrbOH{>%1>KIEj4h;7fjxnm1r4UL`HDu_ui3x zp<8<0k=IG}h*EQG>DM6+e59$*+tGn>hXL1(<3-2Qr%hs|H3sT?Z_YQm+GpR$WpUaS zq#u9p<>TTLBCIosa(#*&z59a*@mZMWt}OmeGT+Bxj|K5H50^9jB}^QBYZ{JTQe-?f zSVJY|q(F)OrwocHs0doJ=vtz2_bb8 zECn9ycqrg?)Y{BL5KlNbP0~*&%8BE1Zi@QAgFiJ5K$BL!isLKwRrZWVH=^vveVM^Db7( zuuph@<8b2*wUo6`@bK`+Rc3vj@ZU{bfJ0(b6Zqqqa6N!Ni|MjP* zyZ`1pPx8VX=H@+TbMYa^Z`-o6@Wv{Sc{3%xy@fkl3Pkza6&6= z_H93P6ZsrRZ07!1tk3+%5NyLm;e^<`qWNFKcW^#g+ZGQw&pV7Sy%=OLE<{zspLM~5 zQ0BnXv(+1qnb>&W zuF3}^>39(np~rzMpr|-NP0$dPPYfRkdm!mAtxZ-t9+V&+F*e}$3D)*=(z2u&Wrabe z(4!zN(2w7m@WMUv>gYpl4);n-8UGiRHgRGnPu$@sYYpx4DO~a&Q(ZLxm99X{aiUKe znO(==;+IR2E_kEho+lt7cntreIuv{EEnGQ3c<}(?YF*sD^dq??u!I^XLh_})3?9!( zToV~#lzS}g+d8wWGhThe(bz1IS9jTA*xaoClmV~B67xmj0Q?d~dSTWlW50@vSe@8- z)dH+S7?aIbg@<>lqlx`2zn2;!VEX|s<$IWQ9r(X9&<*wc^D~pUOYr}&@pk0e8gfD| z0tC>pzP|v0+-Edp{>R?LKZg>3x9K6^1i`B9ji_Ptde@I)Qv8yKRFCuHpG9$isJfj! znWu^uSO$MpFaK_3M$h_JtJPC3P$p1xodaKf&M;w_7oiW#xy;Pfd|!Q;Xo^p8#oBdm zw`4|IO|M&etFQZ>;@eUp-x32?Bf3&jCfImz@T%YN0|$R=HXDiyj6{;0I~#_Wkf*P# z|8^wE7TOZV4vI^%n=KrCn4hmFo0Ch9NXKV&H987tS^M60KJC>y()sFu;O`2BnnY{* z;4#_4wB`G=5?6252axz{FFbUzG)YY=lLKWjhpC>20-G8d*z80J4t)oQ#;Tjdyxedb zxK8|d$J?@u%0GrEb1wm&BWoWpl7KIQy%{`lEyq=iBTuHc#y!pTP4FFASxI5m*XP!M z$A!--^7WK0)HYhDk+unO+|=c{2i)JOCo(@%UVk}bd5g@t&_etYv)V`qi|7jJHTQ9v zSb<8vd^Hpr$>h1-!|i^C7h6!4RMVOfN?71l-5yYFI}M=v#=3d+lT8-7NFBic(TYm>Udt9e1%y`QrZ5I6R2)b_U7GV-I>l5njRf~5 z`^$e>w+)+Mh0e==%}E9~^O^NR?}8YibvwUy>q9YZ7UnW1YGqQ_70B{EcSnxQ>>D@7 zm6J@I%`@^6Ijiv-l31j(^?5AAvI0iur>=5GwF)(O9+2I&=AgBf?$m~bpIj;)qzgE4 zYqc%jRY%)DYViO1cwX0ytGcgbN@ z3lUa>xufz|0#WO2Ow@jYHfl&-0Tn<7jqwvB5%5c)$$$`=aVFs7bwzG4MOk~uX^yrR-k zFAlj`vCbX;@WJR-*!888?RMN0lfoj{b+5S<_}2*jjwtWM70Lu$lsQtSAj26K%fjf1 zmccaEfCv*RA_|j<@;(tKav?MMv4;VkM)Sz)5E;9O6{?#&Lr{ERgH(&Xgh*X$$6+K* z*WL@bTT>0n{43--b0@w%y1f0u*V=XaFSs_C42z?p-QHWSbHM*<(tqJHBFDyVcDXbc zunPbH_6ZrBT9?fKNT0v;6np;vTWJFXbq0ItN8PUr|7UXz@UMYn<}-tN>d{i*G_|qN z@c7mr1-EZ=jDp(^^xrGEl^6UX3W)!%@dj4F807GyuXxV8>oI+MDfFB zg!<7RWe9bBM7fQ$gu!a0sZFo&b@H|+jo%Kt!zF*v%a{Y3VO82w)7}MfmzK9UqrTp4 z?>Ozp6P-)54>8+#Q#`x*^8BX!i4TKQ%26E#jmSX!at6;-Ri2_+VWi=?aev3QXXP0} z{yOahj0Q=Alw8_0Xl%-#-DV$`wEM-SdUs!z#st5EE6)TAzP8{O5k47jZ&dUkZUYQ&+nX(V{cG{s*6v>Q3~!%# zbp$*4id&lEj`vnmykAhE+;mXe_)UV|TYVlvWc$#*HztJU33*O62jO?F8sWFHJ%rnN z!>4Xm_9#6oSGFKTWX&Pk+XohcI`a;v$iE=M+G=DPb%QRO{FI4oLrlCw7HP0 z);WJ?pe(wS_8t^X?L^G((~Ulr8VuiBGv!IzE_zsZ4~jVY;pTOc!dGuGcGj!s-4n4kM@Yu>BEUFao1kkw1kwY zw-d*!#C$BA7X86W9}(tyldW>Z?#A1c;Gih`$Iid&^Cv^$L%oWh6U(HhOq1Wt$BTBX ze#}F5DSW*@OMHCop5YUTKK^UQ`|``$s_bhH*}qatSGnGq$!u!Uw{tixnZO_u)CdAH zLDPKpjDJYQLGy7DU)is|Q!=)8c+}fc+g`h^O-kjm`npJec=lb`93&t?OGzz%&| z>zP#`>idJ2#Kpxm29zu5znmrr`#{@=K9>{HWK(2iI2fEFU7S>!$e_=g=9gJvUAzHV8x~HxHos z5W(Bj9@@J;c38+ZoWkv^`LYM0Ao$e5e~Xl9u@!VyX_tn z67nLw$!9RQLK8JsYj55~=7kmk1$pP3iv9bqE-JGR?+a3kd3ympS@Yf)U9s-YX&A}M z^B)Vd&BzNXw-pfgMQuqcZ0=e1`Cmj57S)UsX6D=C^6*+EDo;{34-2>SWZ`e?Ua(7B zC^nz>>@(S}!kt3MF1L9c7yxIDbLnQ?>-xYntc|5#DPKi6VHc~g$atlt%m<}xp|I_& zc=m=Q7d?H?J)NI+j~;cH$(FOwNMNQezREyebsV`qYgXbkQf%%y9qz4p$<6{Fbkr!^ zt;T)L`T*DBN7Hkrmoth|I7=FGRVZ^AYVU@U=E7Y=>?tK(`BoqCn6hR{eNjk0T_|BY zkCT~m?)1oosR5npy8A^MAp|ooc4K>vu}*GHiDV95c^lYxN!(~Re+-7J>HYAEfU&k= zU+d3op_KGFvtU~Pmj%_}y}QQG zv?@vSlTzxYwvZBcgl@@}K?`%7X$J%H_I|BErZ2>vYE!A~sma~4zT}(tOzqgXS-T#(k3;kW?NrHPc1ivmxpy+Ixh3Q9X$`8elI_CukIJ4}T zNW*v)8~4TXB^CE!d3Y=~VJU9;PN=!Jo@>zW!5l=Tq|+9v^3pY+RI7y zs>Pb}5!WyZ@nO>Uxod%VwUIg2H#{$cC1t-4+FeH_lN55!vBq@m*$i_^l9|%9pPTqV zo~?{s_9fxJWMz&n^xBAstIS>IBIJ5%`mj;NJIQJW*3-+*ClX{=R_{%99h&<#fZF4H z#yN#FVC1lDoLL@Wn3;)bn}BAzs+d}67`C?>#kJnhH+*;^uSsywtAvy!&Vq|8;9$cQJK;4DtsYfMCo5Yz+7F1ETr~wfynN3cIRXc`42LwW#8iM1s78?y^%M~ zZl1Wuf_QK3c+|Jpl&;*nuj;t%*L&!}-U(3d`IYX+`*N8vntcneuH_}>p z`VOdm&z{k-QD;4y0sow+q1&mFNj5!WVzc3|TV3mx*XTMK)jh=y@B4C_efOcdQHQ0UmzhCZ3*Yp@$x*MT-_hK+YsAGN(p$hS*) z7aLM!nN}Q9UEJ|H?y>Uz%f&;);wA0A+sphH*I=j~s=KpH4NL7MX?|KQX-y=bqh=1d zTHP>6(7yFLl4-0WH@TsP_2HI55+#D5cEQxu+ljK`Nr5h>afWmRHDggcP9oQc8RBmg z<+!2BbLZ7%8oPw(w^!CZ!m9t3E2H_|NT%7%N}P=~j=yXkaPq2Y|4edfqBm!dCaG-Z zX@xY0{rj8aiSNup@Rr8RlTD}1{cI3Mq4ZQL`@wZ317TV_zk{2Lv1ncn`XX($D$|m% zsLr_SxeWM_{y@NZu_I2j?(oF!Xlvc=HzOA;mObv;HHoVx&PCN$-A5R`U3bF=a4v-G z%nG!mA@yazc+vu_z~UWTNS7w!EZJVjF<|X18qnS@G>V*?Y-3t2{oMM$eHnu@ZVsw1 zgmaB7z*eiefoEc+l3KvUm~u&S>{vb8B%PnazBSTumGwW z9oS^|B0*mmBUy)aHa8t24UA{LNRF{kvL=nHNVQknr&`-Sc1_3_lPzIW+bv$Fo75^z zN_X_jnq)6Fm$$qTKs9f8H>7L6KY1wau5;z8=LCA;m+$Sys2@fg@KWCy@A4#Lt&-jc zMI1Q%Gh%f^ffPjY>YiV_>lqw{d%nhu2*-%rYM>l--= z@c^~J-0&ScaDP`E_3vn`>NDXC{5>(DgB=_RFrDD{F1EIE>;rNjPf;{OVDEecqIZFz z`Efv6(P>nNtWuzU5~l;d@u`FfPZPwi2eLiaGYY zdV9a9!p{w6aNLFSZ&f z%%3g21&|JP7upixVny4gp7Xc`oO-+=a)&R;wc~D{Zl}9;c1mi?n|WM!ji)yUva|O2 zJzLub>Q*3GXJ}=zysxk?Tq(EiKpanu>VVBE>zqS_ZrRp`FB8zN>FWtSy;f+59;jMK zddxui1fkoeAQ@XolGU`8*I`KGo&>;G=IX zt5uc~B^Fax8gg$2vOuS{_W;VEiVEN3a&cm2qpFbr;1UD1so(|&_V?$2_8Xk4krTB2 zhawIrdkV1f&+qS{g&iP1WY`qgj@K%O+D`YKf_|0G*$2+B04sGU3Vs}f_Z4t31yFe2 zRCc~9KdnonY0@VrR2EF2#EZbIJSjj%w9v*Hg7{bEfN^k711qMLl6=6qJyz?qTHbzW z{8HOw3F8zBApT|^Agofe{Wk!2k;BdmVFM?5NZs#&dIRO7DQ4-DU(-*mR#dp__hXHE zIukpXA?jBFRIGmiKdww#n!CcS(^g;wq;hm1r3Gd^2F^FoQI5QNWr_AWC4M)JjHPii zjvpBs_pL?KJMcU|rI_atsT~9?9UKh-^tWzyE{-$PR=b})0*CU9cwlG0ROdTT^3<3h zY2A=zQ494%m@V`Ti`jc8P%MTpXu|CDdIEHs)XtY+?urF-Wx^Jwjr5`Z( zUU%KiUmTzjzVFa9q_a%deIn%;D$D69eDPO!0z$OsXWC%jX$O}sk3p@uQQe={3KdMK z0|v_@&@yn;%=%{CQwGdxh8sAfxB+HEi*iRXKU&IYoI8+InpPd%Y^vN~!8j%)@ipfF zGXgNVL7zW#WUBtOhKUdxV)FMG*9eUT=L(*{_ed+o=EP)|d=0SG=Fs-aoa>sOlD$_) zuDZpa79+2yPyN`b?u5Ub$bS1^N^N?w)VoQ)dMk%3C39X)3c3UWuC(N&${Ke2!D{?= zi(mys7y&vEYI|~QBF3PY7Gu*Mt8!~@G-I^S@p83vfsjcg(gX+v4&8#VENxpW<*-)YULhHNRfQ`rf3x)vl|2{wo)DCk+oNc7Q7Xe2hqqZ*) z|NWd1)qFHp_GWK_+dnMV8R7PP`H2w+ANU4pc5~L_Ft|VAtEC8Q^XTnc!bdvh6yx(R z2G|2eQrMLezLX)ed=3%yen(5#dnUK#J z{s-s;0qwBb4_zQuczyE;Tl3ZVe^fpG*E^_1MMX%6M-DgQ`8xCevk?SNju~HX{)`eL z$iMzh3GpBDFM}^XiII8VJ15&BOAW5BxG5!8zy8USqoPZi3dZfMa>Z zsTtfHsZ;;RzRH=MC}L<}TO8wzHnQ%1k8veHdj!B7DD#0vRp@BKix`@DN>Y1l*%)+< z-#nxI$hM7m;)G}O!0Q31^^^#22e}lso-SJ#?Bqo{<(XuwvH=-kxygUat~(V(W5yR` zoQO3EZ5kLaFP=fhnHw0%OY27&^X{|LTuxg8?`yo&{HY7g^^u)T=QMB4*`*tA8_CN~ zS(aoKzZ?7=9%~_;^DJakC z@f~GGdd|dcNF-_c1muL#9x{}*B*Pdk9*d7%>aQ;`8ayVzQXYhwU>Jz{O zR4vqpYDMptYAr+o{Ovu2! zcRzWO|Cy-9omTU#l3Ifw6ZC^OH8#jZ7N@>&I#3l|A054-MN~ek6o$`>c5b`;>JkPg zTJf1vUw_$uVCPAJGX=NBizeHOZp`66rj49?1(zCs0LSnOdHK0Y{C2l01kx8rZ!%)D z60dJewCaV#p_liRiT)WMAG4CqeE9HPZ}HY?r`t-3J%qs4?n?J=2oD0?+<=V%h*1nj5sN4SveUv zHx%2i=rI#l)e9X+dy|CWz~DMxkQ>auj@KAeee!;-$%Y0J;h)qVD6(#^+P8`gcRwEY z%#&1gt@vbIQD81a*p*V2AeN06`4~`};oMxPV=dfYH>Wt2VA(*7^uMvMD+Af7GoEc6 z7LVK^BQpf$xxCSAb>2qT zlQgaRM~3EnZAUo`fsBM*w01`P(r;cTpo1{jSDrti4;19Ze~%+y*Zi{~()Z!V`DRkS zV&7#MM@+7NOQp)J7v_kNzTfa}-!Re8Jkp*PqB#frR z6i)glznG!Q$G!3^+?NUjWSPfMdO++Dw!RmJh@`+9E3)Pw=`zQ5Y)q*NafT(!tE9pZ zaT50#{$$i?re&V?t#0jMMZTf=z|LouOSS@)ZWMpM-S8=i{R(N)Z2?&A<^?slG(EB^ zL_!+RZDt2oy=kJvt#q!sYaOu@G# zm^pXpnL0MczKu0E)5O}m|4~rzNV++}>@k@uNzkA85|Ym(=!7fu=`Lf5M;+k#_5d#A zYd$LfY^_WI@PW7wAKh~bLVr_O(L;gnG5&{NA45{DaY?N_c@u2{D0d*jCaLoWz=LZS zJ5%=OI795iveL|{UjQe5O`#ltsK49Z`IbMW#Bd7IoK%peJ3l4n-``<@P0dfhRoi~POg2mbgTu&#%s|e9NG_t6*$Z-=U17BF}`l+$D6%AEo}RFguufBByoXdcdsX9f6f1`Zu0+Bx|Vdl zku)w}8WmT6_j@yPhw!dlzlkwE-=KLS@~gj8lr}!7h_2frc4t3{8CL6=wxiL2b`i;9 zyUW(Q0A}5)yZ^Jeyu@12Qx`%^^2F6Y1cZ#0`@^V+!t>+MyJ=dwouLM-RG z*TlX%Ys0Hix$Q9bFDfgT#+({ShYFAUhIlNWUW~~(kH_cSg*}fQ)-g#tu{W~aeWOq{ zy5X9ZNm)zQ)7|TsE&$ZaF56B;G7U%GWYfm-u!?GGMJjWr3_S8-*8KEkZZ0`dT_t;d z*|3i^_t-swpQvo1!eQ>s)atZ(?p(Y4lWdxm(&%lGD(sVhoX=$~d4Jp-uq~C4*H6tR zJe#=HR6Z?&k!|HQ^tt@HMPjbR;}kf{L5p;qqsdsb1g@fs8{Fx%3gzip z^;Gwgb$N;*f^!GHpD8iD8m8x(c!E=9BhS{$GgMrvUx=LOrhxdT1k>H(Ar6Y|8V3^X znvPlO#5P}uJ{z|@wTW68--dYS9g^;L(fdKt#jHR!?!S!=iGDSbx6VbA`QphG?iA}VsjJh;I{!|KAUU8Z7H1GAaUv@ zmw(u?4i3lS*-OX!2Cl!|k-pb5zT}w(LhuQiex27^9&dZM;g9KNtA@=c^&Pss-AedU zP-KGqt;p*t=?t~zB|+7IBhD{0GSpN$QY5p)0;fjaDn58@AKJvUuSrCy#q7F4gV^|F zq^6@nf0s`ypsYlVT@c=XvG}chb^ptUyLX+;Y?B4+kmA@BkmE5}5o5jY*l$hl$(Qiw z&vvuf39JXR&tC&t#d;P-c~udN=mx4P}_C2y=Yok**5V5nlX-&hAM1`;NQ~)KH9RZ%%6B|>!;F5%W=nzALFbB zM$iR{+-&F+chgx0mT9c=F!MD(mw+kf(_{Uj#{$T^8b1bQ&5u;Rs$$=- z5;8K1;6ylX_Sw1SJHWkjZjNI+&8HThBX^)#!rwRz+j06mWKImDUGtV|NEpft2v8|W zYH(xMO=@voIhB<)CO$-|RsCP=oo8H=+1loPG8?XYcdje3~CKL-Oz> z&%M^V@9X+sy2YmA(`UJF?7U?vE$rG&W3n{)pTc|sn`y%2Vp%M753|g*`5Na5HD67a z^-pC;8c1z^-&*=Uj7QT*)P=AFKjQqS>w%F!;|tL}UuQk?py49}$h2V;+O^}LCB2%{ zsLbVQsw;R0n-dV@F6WkF7ebyJed(XBVi3=+@~b`CGq{N3Pds_K-!=mnBookJ$DOvqF{pxh-K2M>2Ol9U` zwa#iB^YlXLyG&20bXV4^U&b?mhT@sH@ls5S8nZPxEmMixU8bi7#baPbB z6~KcS$ZUwPJ3i5smOie!_o0_{Pl(pcTlK96Fhc~|2S2Ft<-8yV{Cz@eb;kiDk}=}_ zXPSW^lj=0`R2}N#+ApK_$koMdGblq7jaKz4vBXsLPEZ+*ohqKG3b8Aj`wCvR)_s<4 zoWCtq+QZ1W&I|K*n74&y){mDnUp!HDVeS~M` zP6sRsdqP<}mFTn#TRMN-4`B;Av0!yHvTTXzdk{K-Id1KgIWi*EmN98De5v!6mh()% zaB&xCmTr=TepZHyM|#04Z!qpf2zIyj(Twq9eex2@#j#)V>K><(ybmCkk6*#N`pBtp zX`4g4q1CdkjHNkFH!-HTq*|J=xd8=(>IcLN0|vsWrK5w&m_)JzM(9$w=*g#JpHx#& zs(Z{iq(Ff{RR2yK3_O<`@(?;PaHR(}er{wCGg^tt#^lIy9WqK|Nb0oB&4_b6-1F|k z?pP)XJ#Qy1P1xvn(ru&^Prky^kfit4J?~rDv$8@}{M`Xzi+VNz9gV~`emM&5^W#sV zuf`sOcf!U8F6>ESR zTM&A9EDCee-?_0RGYFy^X_ypX4srz_So+FO_dQRf+Ol7Puhgu{gln;mHhSRr@$=S; z>XgmPd_V5)rSNZb@~3PR{pncIC`N$3%5g$h3?K_WoJBb|x_0?lT8GHX-isoXd%Y1( zJ*(+&nkj*I3lC;`djX#oOmHF4&9L9SJ#e0pLw7t8w{7;-vlN$Z`*6+=b6xEj*use3 zIgIri4knV-;hNaC8(6zAyL7MPfwv@hs}g*rgYr-2oA_*BF3O?WOp-5679#rg^Ce%ap~f~0w)%i ziZM(wfSc2`@*oZszGestjsM&oZxz6M*L*c-&cPwH75uHUs-|pws%f3okEbhNco$sZ z)X8;#2BYKdIhGa`5|gW4V1g^5I5^%JTWg{do$+PVd=>3e*^}6zmWX(J0&b1vi_hLJ zfU6YdM=P_PrLF5*KX*4H1ClNen;;6*e7@&Q#ArRh5GF4aeukqn z(eFb$PhpKPk&}tBL4;|vlL^Iuzj{}DR(u>y;48sIrdneiq#YFPlHjG0u1~Jk4|ttt zXx`A${~&ajk9EO!=q|w$;4=DzJ!ZaitPx-YrP+GQ@52wh_(Dy3({=-nNl5LM5SoFJ z*)n~tUg41{P(@Wa3{|(RUsJdZ#`@aF*tA@)>Sh`oJT%00&lOBky_xc8hnP_~ZNO8l z2z&z#lTmWIVy;LvN45L?OA*^Whl%=*3EIo5Ob7!+a)F$BF2RY7O>Ms{h9rDK`TE31 zp?Etb-YnJQ)vNsvB~($&zoSB75hU5M@>fL1LQT_PrY@R{%B3Bh&(Ein*W4B{M_nc03Z`aKnp+VR+E2nY1u?LOIRrH=UJ-i)kAO z<8dj{*{M>JFJlJ0W&10LuT8Eb;>IAAnE|jTy(y_lNArh5X*lMF;&cpF=$De_&B6ux zLI2vmC6G3!PPNlQ#PQW!xy|-TrzV*8au7@U>^fSkO(=aJ%tsx@s3K_!y@;~9g6@*h zP(%>OIary>abBFSm1%qGThZ54%mP?(29>YhV^ujIT9utGIfeJV`LXV)RoK%v_3MK~ zRiJvUs*65fsX4RL8X`maKhunD!>~ef>-XHfnD5o%^HvUVMKsf4&QLi~r=!1p>jnVJ zKQIqlznNtCP5$7EOFK>shDU$}wUMvNvS-a=yNB_wt^}0YKl<005C8@5rSUjAKS<5L zg%0_*H@^WlcDof15(Iu~#fPhT|2&Qa+R2T10sP6ajS>!!t8J5B824IZdb2(vqfz|@&Ea<}J4$!DUHNRBIDZU! zx9~(JZ43Kn{!}?{YfMr8DO?_gE(XAof6(-C+tkpj6B2qCU-Zn{Vos!mR0_0Q%%nZ; zFTW^i;~0ML2`~DqgKUz=m7J_h%S*C%U0-uIqZejQleA9Kp^xY)BnF-nIXl-|HohtZ z%`p2hAZ)OPG?YiLFuQv*1=Z4+?GbB%aSEg~eEKY3NSG@>eTjT4>rV2qI_m)IIEfPH z)LO4(qSu&tgwImSh5C{$`s)&jTBYiiy0gtMJma^68DC+u!om-THOe5%j=I;)5nA*3 z@b^Hm=gddKu1qfsR`YfJjXGw{;S_^*ec!|OyRnm1)t;Y3|BBr+bYN4959$%>^4Q@xwlHh zmsJ zro=O4WGr>sg7sche0dH@;`9}!@$tm#`ekIV@US4pvFhX^l@~1tIL@f^?YL$y-(r4v zF?t|V7&%8zWMIF6e@pWHyxp!}=dl6vXs-LR7Ptv7H@vdj{sYQJgOk1GAn)=gUnPIUe44T!{Hgx9 zXL}_6*1k46OiK`B_#>iT)Y28(#+jCSa8;vkd7ww30oq7-hLP^QhHR0u&&wbDB-8)E zGHDK24DN2jgf+5M@h>=tPfTz8pwpmk4qR}|7^*j%j#i5WU#R5MK-y%(l3jrA8Tpm7 zO;1ItWZJTdrb;g9h334{wOKaT5c8WW&prk{bZlI_6uNj5g_J;iHJkC6_EO_B7@_vd z##5Hep%JBTG&S3mbar{3W)@MbdkS_Ps@F5$t+JLWoT^(NW*YtnjnBxflmjg{0^w-O zOR3Jnjr#c3()P%6_zt&E;|j;#D!96NI#UVRIWEnRtJDf>+}o54LqhO<5roxPtb_oI&># zv`0=3y|yWom#>j-u54OOY|V zble}&dL@jn3+Nx%7bg!!6l@hmy(9@eS6j8lU|*Ce0@w=>J2!hJ@#IC9(Fv@u32F}sl*PBBKS0=%L!XFQWHf{{?OzLj74 zdTwjCauGT?zE!mc#_$twS2Y2cYH)-&z!}FYh1Z@9+GT=%)oX70TFUNnSGUshN+Cz- zYBP*o_HPzRrLSN6BiOian^dSrIMP#GF{hENtR9d==q6u&{#|Yjf$<#CbTkWbB>Nt9&*v#D!!^&c+&8-`Pbnla=tZe=S?+gYFiN*w zaM}3m*KM_*+<0FOxs^mkeV8LLviSDUI-k-`Mx#xdRJBNhbDo+lQt*5mTEX`h^wQiF z8Bqj7-%j6=4nrMuRGE`>^R6mjvsXUVG$7GfC4VP3j5Z`lT}1O~z3g_6Ed}V{xPCL} z55-7335;YSoAu0mqlhL_B7AJ3UbGI?iT9EBJ`jfQpO#E(DjFNk^gH-47A==Pa99|D zTO-8`Q~Rk+_Uxb49Jt>r<|4VZ$Mgia;XE-kY(5v^lbodN<_ssuKY~5U;Er1^%T(h( zB_3@nBoWw~#tz_{hu(J65Q4k;u_n~m$Gr9UTfR@7o%j0-hcx)=s5|=DwD=y2VhzOh z1F_O(6OB88c0n-Z_cWdOx^nt7q6rc$ubx@co`nu=8VbBqfbj{>KnbPe+A+dqa|Bg5 zUuQ5e!BJL#*{~zAmLo*!L`<%#8tENvVmqC3MdV3ba0v~Pol`u@;M}9pZ74!UO4PxZ z*W#C#XKw5&Wa@obZ@9Yk_W?9#&1(Xy+v@d#XBfR5dK&QWkGdN5tgyL14INxwLv3x} z{#AhlMN|5ZW&z3+8H5agNEM1Q?%$C&utQx!;rkU+Ni!Gep4ngo03UCW#Y@1@>ebsK zV*YE=K=r*4^>r9$3(NdP3EfCJkhz$=U6dNd^+4{x^Mi0Z$O$u)6agSY2t%KXT5M){ zTfSLsBoCwz0YOA5=d2|GAM4MhL>B_qcKp>R@%@91w%9y}GRj;6mq zgc~lPogQr#!ziwZ2t3{PlF9Iy#>P>I744$etfN&clUl$vo~BsFWRa#)?Gq%wYTR{VLk!_OqK**{q1fZcZ2#Yob5{G>8FtTo#u#Q)M#YH#2r z?NjLc-_*DP8kF9xfak<&J4HCl3hn$t&6ABM)E>aa?Y)h3He=&ZjholeMc>Z2ViDn2 zok&VEsCDDudFr4a&erCsoF;FdAvSblk&6$So7!rc%Le0NJBmTpVf)#SZe7O4hE|lE z>&}dWKy__SUf{Y8cYqc83`y|vj-v|f1-1O(tPjMMNpRboq3m}#Ikl~d=)r|-K|XvZ z=GF&T`T@eH0u|<(<{*O+?L1$@^dfBJ$p|YremabOUT0VOwM(2LpY0-v;yKJRdB-B6 zjVyySpGHal_|$)NJZe@v?6bQd3%=QE#nwxvpxd1(qxK5)Qr`QTI%Bvv-=MkjA2TV# z7~6W&yLeIA*zQCq8DgWB4}yIETgz(H;0KPi4hBHHpU zj%vBX5%orH@a02$_%Wl3Q_6m*(83cZxO+NdJBTaw%<1qVQ7O`cx07D+nbT!;B|(3>-wk<7qj$L z(iiL5>x2dUGG2FkpaynrURwqKJJbN-ylJSe0fhj8#lY5nTFLJ?J1woZq0J}cA@Y#oiRc@_ecQ9mW&j`BtBIkf23)7U2#PqB5`TJG{NBN*4Mz3 zb)Kqio!`zBQ`OTVN#d{<8|*RCP!@qhK>i=U5|2RYdp9Tp7;0~=WFMVZhY2m+QTDcX zA(lKt?M}HFt4|D?#%%DXl_lO5d zD#;A0j!`cOd5b1aU;V{`x?H(irLC#&vdmK}Mp81-ersvcljs98xoDVlhl2S%Z#M@TYy2+1hZ9S5Qq>7a=GV}U?hJdt5=^((Padks=a81A8tXadMLTjCe^-sU zmi-`HiLc<>SxW&nqO|wt=D(QV-sZ@R8hjXn*Wtdv>62X1jxnm~fCe9!pkL4%0xlXkM|$d4$*l z{u9(n^}jkxD~90m`UPrDj?ImIq=`xTm@s_A%l@}6(ImbSRxt>^IZp~ob>zpsXM+{5 zpeSMf!2z%IBw?27S84mvQBnVFnVj+Cg0bm2ci0{%b)g-A4V|1pVj&x=HxoqwN!EPw`aBGwKKUEy>>gt zdlcm*NUZpuD=$l4ZP`lwh2{OA1;B!3RJSqWvwOSY%6Pp~XQdc0!=DW=0A`F|PkP9I zq%lp(D1@!*65&B0vRpE2aRqO?Fs#M-b>btwnS;u z_hy{-3Bc*o?iFQa6foc(%%J^!_oGjv2)qi#?-2 z*4!x*1o3e=*g#r!>au*oUT9hR8D6{Xw|c1mHBC%(2ebMI+9PAlWYUAtb`L+i8J2WE zIn8lM!lTd41EfJ)ir#Bz|3XcUIbp_$e4p%@-%Yw?+?G7;<0KkB&Z4HeEHdX2uYEkc z%M5#7xK`Dk&4L>1Z-2e9IdAPya@clD>QC6K6$Mz_odb|(?k5#7l=Pc@$|Ig?-0&Ab zJXKzR`D)}uGN@+ey74`REixrK?nQm$Rt`JQT(0?mg0;EWet=W>6p0OwX)O&ao{`QW4hODp@&}hdCM_2pvTFHDwYaQ?Am$?f5s64p28>R=9Mc?*& zQ(O+GA)LpCRfzlPxFtdqMgrjT`+5)e>x^f*o$>R%rP^hM>N#rR2*1ym$x-m6@{T~CKzsDr@^Q-)&Wvnu)XWKGHiMij2ko^x?#y|*i!*(3sKWZfE=MNcdSw;S~ z0`(Wt@alf*jVaW~X2PHUS<*8cnq)C4uE)b;Bv=E>XfI^0 z$^jMmo^~t+ohpOBtR!RVZfjs_E)l(QC<^GwHr}+f(7{8O2c5dKLg-eQLr15@$`rT? z=LW)c?ZYafi4MzX2<%eqfab{j9f$>r&(|rFBP78RW0$m~LY4j{`9|CxCH>L+=qr;z zPwa-d&7GwcsCjFKqA}NG=*uk#JyoAkH6}0;RP`3knP%9dbE@MSFJl)!YBcnh?bf*U zAa%TE`@B;wW>Jj)!v1pcxzt{uSC3bln7$fyKjEqdkB`)dI+BIJzq2WpBRT<)CsvFaM)-8gx6P0pMMHf zgvQo#H@C_%Z!`Qu^dT2{lu$2}3mc!>ehil@uVr8qz_TZ!;-~ivomKym(=VjcpXA+k z1e=Nul(40B?sNK0pf#$4<-YQ1i=02Q5X%EN3~Svxx6_43QFIlgtDXWbc_#^VA;mY} zoJ{aj=xf~am3c0%YLyf=h7a`Po^NZs_RBr<`KH29sQ2o5|KZX7;GOKyv;ltb`cUyR zNWLg6Uk?I7JYB(ez0+&zBa)+jvfof7fVSo$sl~Q#yQxt#II+JqH%xdOy(`cHaBdEb zUT?3gjXxz3YWyNHp_?YmTR2@-iuY;Tk%UzAqJ;dD&LklN9E)Okr~b-mp~IPcUaL2Y zNM@HO5^q|1cRC5>=0;@RfP~y5EbNBvxLF4w4GOs2Z@|dbQ%Qb2o!YDQo&l;@r#CJI zKC5!Gc!kTUBrPGrxvzY&+&G>xL~CqRknAsYu}!LYPntG=yjgj33C-Ax?~&$j%Jb5f0NY!4*C<9>7PzQh^idEgJ-vH*F2@m$}99m|F^7$H3j*g8}E zoX`g%EVP~7zATmlyA;(~w~fxsIt+ews%~vf_vz60KQxMg0sh!#13b`5AzFZgA+wbV7cru9d#;ql@IeFu^s8jqm8c#bBUd}8I`;A;|8xbA3*T;1r)QZ>rCuT z;!I1MC7bGMAFo7c?yBO{8BMCnRujaULc7s^J{j39nJ|8G-*wUAdBIBah@k^G zrN-CjgwltBRyRf9U8s9IUo`5V!zIS~z;o@&-CC1l<(WQe?_>Mf{A6;wX~tNc9Uq^) z#14IUXY)$|kUB`nMf%(nYk_XaiH)c9ZV+;FIMW*Fr@B= zc>KD40s`+hUBBl}XwG~O#nY}6dO5DK;_$3*OcKVegZD~sVAIVTqFtRz_*%XuJAe5# zi07ya$YES%U3++|Uv%n4uGs$7vxC$Rjn_9T;Nu^lt`5j>cvH63f&w@o^}IgnrtOcf zkNO~^IDpD-%qISICJ@-vJm3C)QXYh@Wn=KFvI6)o;o2aFL6ND+1gV4y$S4F zkRgD(0XgYIkWnamK|ujX)By4wdp?j|&kGjjk(TwGc7UfDA0G14H7~RqZ#vkR`}@oB z>F=l9GeHV^(=gz82)QqJ_O8dIZ>O(2O!k%17Q3yb){-fN8w!PF);0D^`#P!ekw=!5~(Z#jm z)eVWqU(wZrmx_f*t(M^KZX~p)(}LTkH%Kg}gp$V|xbF12nbECqr6XY+zs(k^aBf@s zK2gk!hc-pI08&v;m)0^Rn)={gsu@Z`GryAun%4rACi~>+b&7#CED?arpZZ;SJZ+M& z2%^2Yw5`)mQq@rMpuyk-ou9}=2WNKl`PiW-Sq7Z16WFl2!q;;tKm$*cyoV)$Ht~Y? zU=V;QQSdEV(8(`dgBFS5Cx#1P(!o2 z#Q0cY?bVt+pg4i!AV_Yfd^JAY=DSX2yZw<#^ao4`9vSOc@{3xGH~_636@(VhQlhur zhY0aIm_iFA3-@JvixoJ`0_1Kkp?^dhO)%g{No%8RgeBIzg3NTLm4sED7;~)UTwo5w z-p@SJ>f^)V;r^2|5y9>jGt*l@p@C#~auJ;Rp4&pUX?@zt8MLs*K-*0fIh09@fe7cD zv;^MorACv$TUb>&MDKF@uw8c*gX>yxhEIp;u|xCup%#J}W1uqY+cqeh~H>@Q++Qv&-q+mo+RUiH27$Y{ z0KR$dk}e$J!ueImg8P$`@_#=fxi5ni>mmkha-86Iz(4LzgS5T07kmYqx%OYCsbktQ$_ZXpz*xVGz4)#WQqrqQFXl5rtYAWHh>u(cA*uaoboWbrl3S^HtoKa2h_vxpd zoogdHq8nlD)gWu#%nzWsufwdqgr+VLcT13M9mN%UX&wr9f)eNR+U)z8F*Bdc(WHR~ z0OxjsK4bqOeFlK-=y9%i%d#>}0eu_L{6HlEd4(@uk%P5$s;?C5b^hVvmG90It`Ey_ zhEx|R!Q>R85G8s{cP+-P{La#A@E}gdRexPikH1J2LWwa4;qOpM7l)yxiurmM9!{zE z?2f2~0jb`iAsrqn^?g77kK;s5Yk=`elgxMzBbTsv`4s*GpgPmWQ6Tv!B8GqCEqfx={7Pv4d+x!PZ!Cb3p+-#xR~ zKT|KI#{RwZG41#sDv$C#z`qZwpmo)M5<9f8&>X%&FfO(x_w{YpeF`FFII#aG>cGR% zR-PS-Mi6bZ#(&oBZq(YPEwIYJD)0m+tId#B+l^cY{oVmSD_(}K?F}rT9@J2DD-Q+? z07gyV+I493@`7o@3fZet)&FOh4F3)15{kUV?T=>?XT~4X?(hPESGl7r(Wm}+2c_r{ zc_U=d(BUM+c=qq04|#G$jdjfYTEFzDRZ=P2TedkM5LX@3OKI@_);1Ny zr|Ylxg{lL2-#ks};)kf~cJrvd&J<@UrRg$B@?$bXjn07}^ma*B2dbJwVE441xvn3> zWJ2tnBjmd})j%(9Bs>6`Ib0;+@Y~mv-i`_MD5FL8#}$-#G<0*P4X_q|Nx|yfR_$VH zGN8k4D4lfXYW$(MLEFusC&3|!R)9aA^@R5FwxkYRC6io=ntyU?{_Bq04|;ii$Mb0E94a*neDg(_0cm1&XS8P1fcqjY;@$$29xW0x-^KSAwQ z>z_K;=`Ebb?r^#;_E?Il1&`{0(-N%?5Cxo3{~bE?qRk>VQpv(UK5Sy^+3ovC$#qz- zQ`JM%bJkNCLb4oknu@=#B*B<`l1B%n1XZ52Rh6DgIGj6m+f203E~6ibE0~v2=q`ok zMK=6?*vH1Fx-0%; z==2z#r@L7w?DR*PLM67Iqjb#)m;L|CUJgXO1o7^c%h=3z%doH>I6dN2ndEP$da5?E z)+Tyzm>3-9LhGw*lu=xIBII*<`A60E2Q>;6I!Y{Af@>BLaPZ(EUBSnv%+oNi?-)$bs`>RnM zs1g8`m~QbF(JOLoU*?BA$JIGf=QdstNC1Aw0?v+C(mePvjsXAe-=6yXms7)k%%ZWl z__t)yEQP6s!K_v?0&238Y1jRppT?6Ui}27cbc z?nd?g;-iebeblf2k61$w3RxbyJzl0B2yvbsPAdUK(us2mnb$ZW&ki{DQOoOhF1`76 zdmR9~lKPnHwR_?v#qsG@3n1Q&@Y8>HD0wdHep=5I>yuW1JyhRE9j_qRdV7d^Sio)G zly)5I5%B|ew6mEwa?Pg0PWWrJ>6C_ei7l7KSg>p15d%?S1bNUZayXN;^7-A45Ad%L z8GpxrqfoO*EImEDJzoA4KpyL zs3?ky^r`4`QJJ1cd1L8E1|r$FftTE2v<~zw#-)@kL%t1Eu{UDQBTF4{1nM#mo<1+0oF=ELFUY|HlH zB-#V5G<)^i)O&!GXAaJC!q(W#B%-jVRz9*z+d;9+5}y#3+D&5^s&W|C-69sQaI^Y+ zekSR(5bmfz+9yn#g4O6D_U-mLcOGqFBG*e?ygfofVDf%-ptEL;K9|p^nWR=aQLZ7O zJxSMi6ySh7Ka=CVAC-PVyNV;VjH0g?eC+<#BE@)71#=pJXiCG%=#KGW+K(S)a|d-@vJK!9F!i}C~^3vNd@|Z^YAL6{nchZ0w7TTmnEk* zcnTWfypladbSk@wXVl}&<@6Jhd1NNxwe*(6{t4lpmqfmJYFO%%oYsK8nfA^XuU`1z z!2yY9aDvOubDKVJJXIJs7MLv)d&ewl>Hfzcu+*m^*$$89gbz?SMl*YH_ValwN0HXU zWU9c2tJhLKu}a<$*R%W)s;%b;!ZnKU0e)bJvnO`ZO?rKV^SBCD(TjN=SzC~Z;(3V| z8+{|3-aHzud>Xdm@OX6yMtZ7PUaKK>w!EZu*V{R&VpnI>09=7kf8V9Wbk1-Nt< z(DH;Op5!!OJxEOcFv~3-{kF6VmX5r$ZrL~0ALc$-d~%%e1Gwh5S{VOarZ$r(296_g z^>pTbh4+@u23T6N-F>F^eKSjC61E^8Yhb)tyZa3i3FSS~}%GjG1_U^V4 zK7m^)9^Fwv!lb@CnOyZ6caw*Z%sH-h2EknIU|W|ceXZcG>7zrY;T&c{@tGzOb`FiH z;)zxhQ?Fg{Xv?fIP%5tHgK-g`UogTc{{mJKvI0Oa=))w z=mzK?Jo+Ux|3DY|Q$lPCt;=A-50hJ+h1SPy$PnNW3QOkcZ!Qa7n;78ryGb!cwr#hsxPO_}5*9o0YvFTeg?!pwmO zO8qr>cZXO>ZZ{p;wh_owRcd6RaWBgY(`NK;QvqF(2dx0ZUS)BYvzRr}fDc8&2eXIr ziJ^t?Z7f32=|2&7EaM1k`JDq(XC=E^AK_sm3 z7HMYA&mqiE9nKBCQK?04Z4O_qssFz7mL()Ao*<6DA=oI0z89CGsMxj$V`67fy4BOF)%joMN|sIeTcRoe+$ z&SD(kOq*@>HU2_vhn^a_2yMulPjp|*v0UNw{L@ubCM(3>7>DiQOQ3B@PtYE+Qy9!Q zkDZT^#rr0<&=BUJsoAG>DCDH2KVgFC)GTfHBgFj;$`xaTQpY<~OUEkvVlqV!^(6 z{57=ps5}b9=rFo-BG^=9f8i@IIjqAHjFw5QOvXI#s5v`QK`>FM>CHc%o8-1o%QwG6 zn_m`QOi7+zCG|=&0+WXVksJ$xUVYcXEy>4+#1oZQVVvgJyqZKw9S$qs{a>eeiw5O~ zcs(U`3f#Jc5VxIk!2AgLDqq|FAR?@-k2&o2MF8b7OstHP!PNB@y`O82S$?lOuD`)^ zZ9g^?Dg6w`vaQ4$=`Egh2a4&+H%=>))&9BgHt&V;%yE-b@<)Jf`NA8`OfxPe40y{Q z6d)ihZajw{M8~-v?zs@G2aBcslud6ULL$xN@^Lu6wiOmwJO0bJZFGnt84>X|fnjNW z_b5Uha}iSti_P-648Y0Dc^x+T*0xi2!55Tx3Pj{eO-=k&Pt=`$ONTRY&MlnkDe_(l zP0?&gya6#5SL){=4ZC?TT6?g^?Akg_s^6q&P3BjeY?FLc6kpa1>Gx9)9qM^HFSf2T zK{Z^JxEqj&)eaFn-b_ql@=YcUd*_g3<}HOQYVQd#KXFAe(%tRJ@ivx7E1!ccqjZoD zV_*e3$QkfiMTzh{f1~x@WPVf(Ze4Oc};T&btuBoA&)Wv!)#EJ|ngw+>3Sq#gsNeFf=ml_2pVqa%Z-9rBjcN zGdMitB~y=#RD~!`8FDd&-*vWHZEbF{THxWEzqH-E_3fwjngxi*EoJ@RQF{MU{rCSC zFn(ouexB;gC&2DMw1u?)-yt$wCN6?B?w(B(2ap9cX>ZCU0Hgh%{V5{=`Vfh7=ZDJp zu}4u7>?0nn>1D=3tT%{lA=`yfM?&v%3+tC>TlfHb@AR+lEg6T-mEoZh zWXJrFjsRj=vWL(+;w0HilOx7jlG5;9?sTB~vG!dIhDP(T!b?RykybKRS!tne)7KIV z!0#6%wxW1sZ;SY+wLXT8v~I_d+vfH(tRXyn?j+FPtnPUIv)_ zt`<@`vl#+srl5_xqyLbnlmCMcQ=C()EC$0UyoM^2YsLCz<$1$fb=_@0q*SU}hm8(r zc`{V$q%U2)T{g`$AIH|KbBe=W$!~n*V<@?&Hq>IILnHw@uIYL02t-a8{rJEsBkgyu zQnQRYdR+JmwoNTtkR6JrgWcU}5Wy!7$O(2wS5(J|u9GLT+tQRBJ?^UKnq8Wd(^NMM zW3vyhQpy+kun0mA`wcYhm3W&FsiB4HAI$k6RV?dJ35V_hM=f-a_t2i@X>>a8j1qp< zXigPA(IJ%J_~_&7^n%4?PN;LNq3%0#%loj}j-s9Dn}aNF=Jg6e-%AzTj^iN1{%#1q z-YN1GXG`W3milq(S_uTZy+X25d{amQiloCa-CVTJ`zec^WK&D3K)*ILw*U|cr;o8O zG?CTG#5liAibP&AvY4vP30v1OK;3_}BTjXX^BnzN317O`>UTDk#fTWtT+WO-xDlGc zS9D3tyMB)iJdyL|bNftn`p3UIN-uxGD8Wf4ruP1|;&9xpv32ZG0Bt~^GLQ7UQtT|7 zHmU37Wa21K|MaZ11)R-LxAZQGC=lL4dFx^7p|fg6g0mhK9Uy0sr_QQsI%@mv#m_uK z_kySxL17TRtZrf!h)Nyjyw{B!4Gqy^J&niq>fQVWcd#>rAoJl5O(pK-r)6YyjO|6N zfwC=@C6iGW{dEeNs*QXIDXHL9a4*t9e7K9Mom%96Bl+lF%iU8FC3pYCk`UYeA`I8i z4CE&&Fjgr00vofmCLWsi~?@bw{3#q02hO|}z=ZMdilZBTbBY%;Ab zzC@+nS?FWRd0$EU&SHvVNzP|dq7|dTRg_6vGl7A*pkS7_D)nBj)$q+-HZ|?j>USb$ z{59jmA2M60G*A1StZHAyaCTaq@smId-*NQNKn!t3(k9mA|K@C1bsmyYw*A!iNHU6) zjvQ0wvf@OMzI+6E}_6?Zy05seh`HzTwf;=J>TfYhHdZG>`r)7#SR64E| z?>wgcvn#`2R{#I6{od#cS(B(YQyObF94YbqWp67P-7n!Z)nywiMJQ=#{=&7}bNh>o zP{n|!c{ghmnPi|1*j|A7B;vfD((!>npmnm(>wc}&^zj>f<|MDgLz`>CgwfX8)Zh#` z@q4VWt2U1}*YMOK!8>Er<@zdaN3?qk)!+FNMSGMu`;MfVnQ7I$Qi(cWox`~*E_+3- zVuM1r@9wje`HX^MKU(fnKV;vtT{JeAjNL1v-gz6$P$3>25e%$4#C6%yiY^`NdP(-q zICj5)c zlOdSU|I4@C07w@;bklSO_7(lkXw<}>#~ga)o`Yh(5;Lq_Wb}ZaS)fGq-0+)FuB~lP zUZ!RRFQ0x=3~S!29dPP7f;p)=+>EoW6=W6t@m!S-)PmXvU9qw;YN0#qEW zTcOL=LOG)YjQC^j-g9MBs>kL`H1Blwlx4>DkH3(+ETpB7mt?XIqq{P6^9P9TTN-)g zzgiGB<(WUGebb+HH2xS`Ec?2~@5FLkMmI7j@N-di_;HI?IEf?8zFWGv1E#uiLzlrh zUE;0=4U(L4=aTzq5fj_IQ8u$@L6=ZIcOV^cPq6Did17U%Gi9A9yJUaWte$w@YxFr- zCwyzAZ8H>BBJxKZiC@t@*|v2IkbRIUUJPe@cKXE;jkhnixjX9yoA+%|2S;+h<@GEu zqTq+G0Bpr#G7&#QT|USuJ5NR5T{)J97G8Q*CD`5q$#8i)?UAL7j%{^qIf}c*5`Rir zDkg(fOUK6Tj-jM-xMqE;Xs39zct8I3Nhj$+Gco`!8HqZ&|G8{OtOgkZ_Z-CM>_%{Z%C@st@Yn zryaTKf}5u2%VseljtnG5IGN6{UH&tJZu7p2pSjw*R(y5kE^|PdAtYmB`Y^sO@7rOUAhL9PW6_3EsJA zAA@!kMyDGe&aW>PNcP@23z4QEYrM_fu&?Wj1)1OojpiRcfD1;jJ9>0%wfH<8f!ydl z2fhkpocV{=^r@{g2|#LaUt3=wM!2`070}nTdf)jkd$rXaSL!JOu(O{GSDKO?q#3pb zCBzl;Q&hhlIdbHuX2!qW57g5WxqKTBPZ#ntpo~+2h8IOTXjtUi6$td5X$7GAd>cBc))ZVtx znsH0Y!3}tL>ElHH_~bqZ7$%p#?bojh5+$wrYth7CpkXJA(09AXTa(bPmtnH`O&wEp z+ee^`8j1>u!)u5pd=9YH!@K?L?U_%vI#>&8waTo#dpzDcKz$g%96oC&=kVd@J<47j zW{4Jc^yTv}Kl1#Dydb(Po!Me=SIYt5w3RD|>06He7Ov5eZDygfrnM~@5w;sA0KG-A z<6O5ziX?zo%!%aZ=gB2iE7&sP;-tfnUvfLczW6g!1YiT1^3Vo;L~3_R0|J@x{>xy{ z{%U0cKNd^1^5K@F)vPL)nE5mJh4R5khsXPI@&wq&{BaGKAgXf`xTn^KQth0ex$#G! z!d%sFy!FM)-`stAXqQiEn^c{H1qufa@6yof>a?5iEMQ7Tw>Z2fB=0iwwZBG2hS%~X z0}!2WFp)P5w?xPv3o0{H_prArOf7%eH%U5QI#of3-qW6dm(%i$EblO7mISh#b^P!8 z)?9-CcH^mNbo?!ZCC0z=AW~@!_N|GztBoK*vd};yrr5@d364N0SntoJ$al;Jp)x^cLFJmcgIz6e`B3mWNJAN)ozP z&aYpMHk1oi<0rLpnt#N06wcjm>p29b^>Cb-E;?$Mxz;AcAXX?rZ&mMEkES-}DKz@N z!p)P;hU*xMh{Q>kpy#{O+P0g6{A=!yza0Ixx?1=HVv!wMykl22G(g%hbf$P1Y_Qjuj?+q`kx+AvsTK{|>02C5cowaPEHaF>gnHt5joLeeTpdAIh zT`cvPFBG-wf3g+rQOtEn@#~+2tyH}N*KZy#GP$p!rJrq|%yD}eSR6!+00cTd@mR>mj&aPepZtY(46yWAGN zTPXk9^X2H-p3&R3`|ZA_W?P=bbYoIF_~M3+T9`F|(NwI$d^@6=&~?FmsC*EMcOtcV zq04v2sMdA}ZSioh*FUfywbK7;u2KGEQMkTn*$ zR)JWRG_|qB^tca)B*nMg-bhF%b%A=EXKUMILF1*pnH{nfpn#wUa z0)5~uJbm}o!yIVe(Fry4U~I?0+&L#~XfT0DJ)Rl*DInii^UWvz@7-|G6xy6SI+3hv zHuxLxr>eH5S9~6_vgNa4{aX8XQh0o5TR5+4(0@d>>EH@af~~0uXjj}K=dhSCzM+Wp z3}Ba@ptVrep@*PPp$#GlIvy)yh1gqhmN)YXIG+m)9!{#j-qAU9h+%@%2ukkP7Y#JW z=qh+DGcB0ic5T-xPY@)O53^a!RP%Ae_!1QxbOP;E@?p<8N4r)Zj?riD1-bL`3PZW0 zw`|^V8VS&VGoW`bWOC3)H{%MQeDyy2udJ4a=(AJP$TtO&`M;?plW))?d=q*!P*)D% zGOVna$@!IhUUHpVcMsHfhBBJ(MCJIDU`tYxQ<$d_T@alBmRmGF&7r);JavH0EWFl~ z&yG|J;@sf$*+Fr{Jt4iY3*PO%+9)Zk47(O8)T-lfwXwJbTdGm~X~51}*-tuv3(^Y! z)j7`@8r|e@+==fIZHtbt344Fu)+W?bW@&9Nqi`!tOoijk%G?pZ-4239{n&>6+f8hT z67dH*5@!lO)khhxsvmUP#$5GL&%6Y@b=+8=yJ<~SQP;l)Q3iE*C|6jwS0uN{();Lr zYs(q&oi!R**ypIue4)gf|0ioSC6#>x{IObxfBg98-RnP6lLZ3)25NF2wSXaI@A{)> z9mXVKXLMB1uy&KNv6+1OT61e*%mC5>3S@&m`v+vB76#d;X6waFE~Bv-{N;C9z9M}E zu^mIflfaiQ8c$WPXm1c)JajkQOYhpQ(`lzJmGwAw-^@-`&VCo@U9TvfZi%GV0c zmVD3#@n&q$>SJ`~XBy(3dUz`m)(|;K6%kMPhK^l)@Q#ycAS`h{EoIJ9o4*U@^z6z* zFdXzxF5jJv$5kObNOTdj6DD2m1oYCj(sgqYcpUZp0>ES?kQT#qwP zcpaW74xJY-2~QA-dHBpooD=mXH|Kw`_ug?$b=%f(B4X@Ok*)!;fb?D@6ctcG=>bBQ zDqTQIsIdW31eD$dX$eI_?Cbd(yJK&S%J-;GG|x#vFL`OZ1_ci%tW|1=~!D|@ds z*PLUHG1eV=`Y@ygOY{UK;H5`O*t~A@s_FKQ?L`Z4H2roG^kVk_lby3%2a+>O&yLnc z_t_73a?8p!TZ~^*4MnB+>HCV1k# zu1xiZfI-J^`=gHyJmJ>`b0fZtCv7{09Pm8?cl~i z@NRC0mzZzwX#y6yLb`i`xb>Ti88hc~0+!dn28tZ0tmUBEuZ(Ha_+G*?S*vW|;*|vJ z$CB+ZLW6?Rmk$Fuh{b)4x{3t!Gf&E0#XyalEcn11>4|pK-_}QqzUpC4VSPT;*?8zJoeNjG9+%&xYgFKKy*- zRz-{l*Pq_u=GTvcUtHM7^#18Q^QS9Nw9njqeWRItb730V0F5Y*D2GnUa~L)NhSKU;eIx?pVxnj4(e56w$19Rs`HR-rN#KA}B&&HuH4z|C`~9~M zrKP1rAYONO_tnxfM?p|Dpi6_E6#{{@Z|z+KLY2-E{;L2nL#fdPOX0b0+U zZwJL}{CjT(207ayXrW1|PWR$`{tf$;rbxj*#-ok5n)zt04HdhSKxU z&QOMS4C*NXgZh8sen8-8zgl9b2LKuW`WAGkUw zahj2ZBCgC`gN9r%RcQk`2g+#r*r7uIQJ4-6k|x?6#HwUb;TH~7W4ei<4CgR~sVtY7 z>VR4@dvwu7x~SLLZ#Z5*GJg)KIJEP8>_s00;-*)ylgeu>L;_;D=XJ5YQ&dKsa@nn< zx_9%B=n8e8jC?w+%aWX?VNo~6U1y8efh*{bU9#xU>geyjVBp0J8|EOR{o1%Vj>pN^ z6P^`g!;%NU8D&JYN8x3+N5TE5A+tGJcHh#^(IilNbtPH^4IE!K$qG!Y8 zsDA$uPX|ggn?W^vo+=p|W7_GM)iZ+ej@4|qwpJL(<2dCY+RHlsz#%8)N@t^z%{5&x zk_PV)k!Zffp~R!RKS57exI{!oGpu|O*{E0%>e}Q-NCNJ4%jM`;Ay;D*I#8Y5Tj#o! zD)bR!pT1*;sw25uqlY(NpultMsp$lrJ63Ll#`v&Hs0dx=XkOMl6e1I_Q{SEl{(%e| zhfOuRdr0WV*j$#XHVpeuG`OlzI^i?Y1xq1cqm8e!PKG+svffV}U%le__B&X*Szs1q z$cs-dAbNNqMYwO`(39<}7HrIc9s%O}?WNJV;v{NzwduH8IdPgdgES!EJjO85kp&z! z>uAA@rNckaZyLDZm|q*A6hGemxL{{cU3L=&05Hxx3p#oTI*W$1DJJ7WYM%|a8C{f% zm=F>r%QSt8T{Jl};7U@H)xf2QYvw!x}9XK7m0F{V*nl`=v$)Tt&( zrD&X9#3xuW^tkuB2!Ad(%(kQ=e4FzB}qO zocViGga{^DGyH6SLV_;6JpnrdFpZy;5y1iJ#(e-S+xxly^asU$pzAwVn^U9JG(>J6 zt+lemucxZz{&2l?2DGzK=p4#=3+?PcWfEIs;D%(Q^b8@}qNkY3Yygf%^IGdXSV@u>T98=%0@1 ze~Dp05fM~S7b7DLvCQ~4QP{?$#a3jQ9j__JUK#nt%%V~80Od#61 zhlE8?+W zp9M~mDHwTglXf2ssgY{Gbu;B~M~#lXJ}ez#n(C2?YF9ifZepj8vNjNkSvg660`^&W z=W((#!L*gUtg!3OsWbG{2-%L7BB3?2D1;KKH<>CGqdSGYAuHx%W%91ORir4Rm|;`X0lCl3rTBq7%`sLI&e$8(;CORYA3%`$8 zps+F}3fPoU@uq^~cI4gMMYcj6x{k23CfQadCFgou;j`-*1aODWFoScEfum9jme8SC z)suoij(r$?`6%qOMu;#MkKs=-u9~W$D_>!<7j%Ox6H;H_aNgV3AG!&NX7guv-`n)+ zOCzaLqys#CLS6|gnJEM|GeSG)e5s=<8Q>$cbsu>V*|CXJei!p1WPNxHdEJwSt0$Rp z;~hozx@J+<3^ZzNVy!RC3rQzWMw_}Na2c@5>o*wnlGp=}`1cl2Zd%F~ki;I%Az8_Ii4G$pH=82v;MSQ^O{FQ&r7INkh}rS=2w2*2E(^l9>~o=0yuy`pq}fyrf!JepdWfMQ`YeCvzw|LiR0J)y?O&PGvvGF{ErlxxYaQ77fOotRuQN=5^m7ZB7Q9V)b8$Wn5TKh;`3!Jt4 zkt6zUd6tjiHNa8mcNG3C4W%VWje?~w3tZcK5e@O1dj^U4n-~00WyPiIc)YUtk&23#iWjYKV+JD_2aed=3<9g>*ie-<^04g!k=#)#du|@wdY$G;mgYW(8n$1on5= zT{jYuKeC(1wLW|br%gv;u0-D=mL3InM3bbgkbF9(!*&e%=;ZGDO(;L)AX={VL4?GxTEv*#X?NV^Y#9s;_*?Z zR$qJ7C-uDT%*mrm=xNz0Io=M}2QBK5{gHr$M1^^e+giS|_#r3WGM>IV9Em;Wx6JKT ztf8ODcNu5Qs7p{hWz-Cc@hPgH7_iM^A&*5uFPbtFm#IAGcz$EaiPsR2O-E4u+N2Z8p8=7mPS1A6xvO`IQeQr>irFCsc^;9Sy3X9dziCNj+2YKTF%p#MhWk3Y z|1!Bjm!x-tIs3)5Vk>T#+V@lU5>~j51&bGecD!eu_Bea1U`&v~q zJm1*wwE8r2dA&EYUnqB}t1724!2)S|7|`i&zy)h_(<} z3Dt_;a%I(;q`7cmJQxBR-A>p-UO?6d35|)Yo2{KuKLZr}?tXIGY9Q~_D#AqsD79%L+#P(a#AnQP=j3x+82he

    e$Wwl#U(Ua#F z`qz9YR5gko;>4vC{e;rE)KnhT0U zTQlM_3RIeJbefW0w`GK#EZhh*Gf~yGFF7Kho;!|u-EWh>d2ggp#>EzIB~xkzV#foI zUu+cYtCdd~GCjiQy0iv~bRgj~CvIPyr+_j{WEEg70t|C0uuT%WyoTk{T)FHgas-RM z8TUgU)2B?SrezLp-b`^Kypl2d(YYuC0yXe&7h@<--zSp(@%o`jz9<GKsG@C`N^^inc8AFZkZKn6T;G?w) zW3^cJR>M&@nv$*Im(hYF?pc@m9ak4NutI%jK|2>NfE?{ZZKWDI`noRgMcYoCxffEp zLCAe^_yVvt$&Z0X0StS4Z64iROARlUB6q>9Iww;3e;;#{adolTXaK?jUK&)U{tQ5c zNajIL^M0)3zgnc3soM{&UlxJe^%EJ+tSr5awv;>{DqG?@>NWI2WPPn^Wpg1o-F#|l zYJ4wHL_qYu0Z9L7WB8EHkGg>`Kp;7C|0PfZ4!tPd`sfHOg_iWgpoZ(f59cs~h8U%} z{-C$Cnig4$aybp!tqjnR|EWUnz?E-{LGu7JlG7jxKyv(j3r-7A+qVnOe^9a#zUD6e zQLda zpFwnHgFMP%iXp5Pjo18j{L%h|f zzR`Cs7Jej3*({$nXr4t6UEVNOa49wqMj$@f(D-AR0*sbG{;Mc4+{j2|ruj%m>~qO{ z7vTJ=-7M!{$9Mh?7`m+vwV(agNyG05y>z9Xi=3wX080G_IE=Eekl7+X1pZ%ye}E+F zzkpEcC0|_4H@;1*Qr@~7b-q2;~6i2Vh1&`ySqk01ndrU1I+m5E^?R zvyI)I=OwL4nMFJ|dH}>);qHQqGu9{6W#&QmjtQ81S2 z>xv{@(3pZfT9_qJF0%2RX}`wzE0m-XW zOMPtT0Z}|SC(STdm2x7ongW6Ix=>s(vS*m8Pr_L%XY1ga&@R=pYSwIWXGfd>h=&B4 zw3j&pb1FOedIqotbL%97H0Z*EXeS@_MYZRr;OZs~+8?#s=xVh;r85r51ib29?R6dH z+7=#kz_YQ9L5%&x?2;vq&Z`b^^Rgy5`RaD{atp;6&1GKPi-Gp~CNdEbr9Zo=ZxJ6_ z_|#L0S^^<_GqHNb*_)C=OtGs*!ZJ$3PYf5$3lw}8gjb|fabaKGY)GeBaYpt8hm`6i zI9-SFNQcwaf<)B7itbmUl*$^pRr|)J1}+StN%6o}<;{*(cds04o_Kk}YXscAHe_pN z`zDwhOA)T{s_ndTZ?zL90hb<_Dh}g=dm(iIkmGr_vdOpNX2-hI-B0U}wX0z53;EU; z@HS+~C)5^mnG`#};#Xa5id!ZwS*Z9rbW^)y)#Su-2^#Yl1E;o;T56y|NDqLk7)W(J zJSP-F+_UdC&xS3klrupbQy}Mk^qVu_Wk$L1GL?6pj#HWYG5pM;T13R!iW53g(nygd z@VKf(5O@3`%zIKE=JeOL`q^va-Fo;8@{c1g^E|S>6ZU`^%5oyymlA}zr-O*L%WiG7 z9g)l;zA!{ny~N1#`$!tJYuMz{E~81Dg=0LX)VaxW-bK|t75{EV(f0wilEr`A5$10R z7ZoDQ9Fbvx*4XMTwT0^yE>UEEa2j>1YzEAe_c~fhK7dny3TJ5WZ6s~Iu=t>&zOacR z&8uKt@knahHROl_p(;CFP8}i8wu_*|{{sX?k{B04s4S_7n9qpH2WH4#5%{+qw7>4U z|1?bNo(G#9$WIq}yaWS6f+4H08$=AegP@)j8i-u(FW}4*J9^#9W_BK+r0ti1Fggbi zsO-f~Gv+^xT^~qk4qo}JkhZI-I|z6DjgD#O_jzaV+GY{!!Zh{qSX1ggzjmuc84j7& zu7u5D#ovhpGVqH`ncFgP52=leW-lp4E77pVVXkh!FGLZy%u%Af2j6Rth5#%y|BkE%wGq5d)M`fKM(wKud&7UGOY~@qM~lZBf57Wv;8y;hGg+4(^f1-%nbC#sC) zeK$SbxR6<#Kl~)bKS@FFf=3g8Nf1JTrSyA=v0K2j6=maz%cqT(o(#fc3IxA{#WU13 zx}zSFex{rWNZ8LL8!{l{L9JTXuFatzB~Lfaqm$DO&lzo9+FxHzj_87k_T0mDsT-QT zjd}~_)=O@;M!}I!&6&+vYADt)r=Q$t%i)&RBqY!;Pd5oC^~FpnG<8gY@eS9Hc$(`( zF4Dh$c&@wa$>~W=4-VznuUPtgOEjK|bIePLc7Gu+D&)5#77UJ+rcDfiDKa)3w)GUS0VSTmFdKvLZ_hETWwS@} z?KbjO&M;b6ErQNEZjz*kRSN;GMJ_w(U-^)e^oIgOpbzd4DRJDU3%d7C^EK+!I>m}_ z*`5)Nc}Zr>ej_)qZ#&al$7$ctC@$KkZdNKby30y5BZV%llvN#?S_Wl0cM*I`&uz2` zRaNO<+3yYm&%7ovD(sTHA}6*4Bh~zk$dj_|!6L3|I5SzeDGS*aAwH;F-blyi2I+e1 zwe-<|a3eDjHUIq0LYLY_3;xYBp5p>S^kOVkD#j&oRpnVaO(GqVKNRrl`bK};?jjVr z$R?sX4P0PQBd@r0T`~Y;jKqH^>{iefN7k{*FD&6a!$}#iuf@G@Br3)vXe4Ba_GCXG z&0)r5m`8Tc7O7dvR`xA)Ux3QS;htjzUxW!{@{mj6q&>3Rtk`_qk)@-S%CWl9Smx~d zyT2(102e2O9!g8{TBEI&VsDNC3554W_&~+qzHpF~!dhDRHZpoPMKcdrwK~5`^k3Tq z^#S(E&I^6y2iZP<%~jC%5~nSC8>AXaPl!z%2=!ngi zRpuV%nTk&?UZ20RD1K)oVPcg~MFRT-oGrb_?*X|!N#-q`=5=+t1$|8ORR&SaU2tl( zgY!uA>aAyak zFZ;KdCfCzTs%t%2q02j}yAmK2wL$%<9@;8+^*(@q6O_s8(o?<06l&JJkSOCMZ zoggz&5K!l{5i%GhNOOfm`FeWwCYD*{r|N|pCRVBGDQC`% zUf$b8{<>ZLPtZ;NZi58i2o;xU3)sXa`pg@B8v;-=9S2ZIV1e)K=C?r~1o-(sZ@m-+ z?Y#^Fk?az*{(X|kf0L-&?_U{!9_{*EC+h~zU3y=Wt(-nJGc&n$ix#v8OacuENVD?> z(5N|c3kSEJ;{aqOyFUUjNCzA@3;@TCy&CK9;>cgJ^*`x`N%it}cHHBFJ~!&s;^IxQ6H=zs51Llzb+yiS59%h z;u8vsZfS4p!UCKIRoV3>l$lQBTR30DtLp4)UiN^gaHn4%5 z3%OI0H280-3(+{2wbAIty;WDP?tnJ$*7#1rLSL(6U)JHNa@$f$J3@bL)ni4*^^;AN zpiL%VWcYhh*T4q^Wr|o}hex|lP!r}r3%oY@h>lNFH@dP8+q5Kq&6Er!{oW+Xr)ptO z4J05b-#@cAbA)4BM{mz3>T6g;Nk+XWvdo+SUsO0fWv!y|yjy;$L85jmn~$fdBkx52 zy3I!By(f+vgPo<{6i)4-YU(a_^nxOC^CMd8T`NNTkzELSFXofT_BORtz7Jk{2(j(N zMDq3Yx9$rail0*ewn;aAI(Oig_%VM%nv*<~EuaOLJImDZ8N_h2lfn3B9znM8h zJQ`l=G*S{+YU=`(rf*-B!-FxE>w4-uD1lr|fIy%}R3i<goEs51lELx0i*TLdFTK zZwo68Ut`DT>6Fh=`ReaYgL|ifR(UAg6Lftri)fAs%ZGA43w&(JD_J$do57C9_o9>g zr1k0wD07`cP2cSC46Hs18CQ1PNKdwca9?(~lo z@!MAg+2z1_5{prrqgPQfxT%Cu5ecya+}IFhs2>Xoi7`jC-)cXC@bP4ncNHm{jx&7g zv)EqQ6`3f;Gd09boc^vC`A#U)MtV45(AE-Pj5^iMh0O7g%ZAB1#!e~R2wek9w1Kb5 zf%j%fh}1T}q<^h_LY|BsOPgF@y`9N;^UdhbcPr8us$!qpPhFRLP$+9slNhMbPS%+c z4*QZt-hHQ^LfIW@cfPyTlw)bw#^iBFoEk1lr*u&&TRPxTuvDrDA!l|&W6gMqf!XT)X!ZM_s*jBVVD;lO+FruxL!tRm9x zZs$h2#g*`gDIyNu#UOpNdIOU_FV-z-S4v%fiDq25_-B8XDFcj--i?L5?DROd$2;zn1%Z~1_+Ey+MzEm>dJ#j zB;y}9p$yrn%w|r{fp(r%`F#g;QNVd({NdbX!s^&X`}ta#2se%MUJ+v1=EedVQz*S` z;ko>CK+v}18T9181mH5#(fWgw_GO=TXyxw6A0QMM<0(5QTFHtX8A&j0p3ydJXPUf@ z4K~h7)2F^hel||5c_JxcX?@g{Eba{tA(kP{Hjt-NOOv%eVuid1`*eAG#3iAA8Iwv%C%xYo1cw#?2DUl@%+d~h+wnddcyt8l4269V`+TZ-DA3@t$C+FH+!X4D~@E9C;g)HE9cn>&-_o z^VL;JbIJ^ASrmcRyle)5uj?*l|4&9Vg~)uT!yL8Nra^Q1^AY@K*_u-PD(2IkEJUDa&D$z9KUOFxdT-HS1m7ZgVN;ELGI5ctsamZgnpoT4>ZN znfIwKnO=u^!;qwP$KUIyGY3@;D8fF&QTmEV$FQD7;3Na21-y`f44Kw31{RM$f5OkX zf+7E&lAut9@Px5fF~37bvoM)i5?tTB#iP%BF+<2xlNq;aH}}*5RJBf~kvW({p$lg)SKT=y827 zwJ9O5P~Zs7-?`AkDtK9{7oEPDwehP-uztJIENEu98z0sT=FXwM&iL7W(hhnhJ#R^F zJOig^aIr$u){#hAvhGuQhm!Kq#rd|U!)u)KskqVOjf%hn|2_v=?BbvJLPTYVo$8E& z%PiG13ty~2f= z*e+u`CIj0mq7ptVuf^L17Lvq0iGn$J+gaG6-`(vfmDi^}{XWOAJVF>MYr^DQIScZ) zR1S#@rRyV#(BA)j9ew0?DUi1q#iidTM_%!IXu+62L3%M^e^g~eRi|O>Tp1RZ6tlEF z_hu%*m6`(7Y3EmB?=Nh+D(qeGPszz&i_pJG9s%;UdP&FM_ssyJPaz;tSrvgE{mnoA zU)QJnmlmX{`m~V!^dvN**!|3#kx(z+Ip^oQo0&QQ^0^=5C|^EZy;mOmvvm3L`;KM5 z@$jDCl%nu(gRGP5^Z{#u!ET|-}=W`r&wZ^+Qsj-GFny#F>`!onnXx?(LtJ8X2 zW7+zT?%=I*i%pTHnU67D78J_5ZLr0!@buf5B)!ts%>H?Yb4Zc8{zWT=OO%z0RS|*J zqY*p=+)sh*iimeBkG%uCoF~Xyv+NvAOLL2_4tZyH>RMpbqO#fIR$Y=nylJ!iZfL*E;VQ*ZV+@h;cFHuCOb<#P}MYVf_siyZp==oZ@{3a`hjUk6toNd#>x(#&L&b&Et~QTljsU_YPvVz{WAQp5*QP9=W?^ya;BCCxEjv z5!<`xNR8Ykk@tS+dbB)7G@R~|$?E~|g;$Hyqr-fCj2a!3w7x!r)A~kSQFvOH6f4=z znh^bH!yg2)LERI(sc1RFXqD2{L#dZ|_eoQq4j+9+QzBfXLkP{>JwLoQ8J|u;xpmk1 z&X~khn@TvxyReF%)#q~{-ubt>hsYe8b?Ek|i0bAHahruP_DQ>==#pAVLeKTLHLjiY z8RBOVTx0RKPAT7Ra2QQCvsuG*z^t*6v4`?)G~TB)+ISiDI0`5QHKaW6syDZg<#-o6 zizSi&wVia=FYCV_yjwld&7D|H)TWD1@`-+$q5McDDiOuuzmMvfErTc*>s14u!YgO& z3YU@&g~qS@uvL*oQ_9YSME|x>@xSTt{NpQcs~YPjJAY^?LeLSB zk$+YWWy`0|4ZWD5_TCjD{>?7=_uDJl_*Vxfasp3wO%KH)k_Gtd>`Jki3xMk2&gI+- z63ghO(b-3K@d`#z-$F%8<{JQGt38uScS_!Fxxzi!PMPv5R4Gel)ZTDky7gfIM(f$F zEtMo{(QTgPIeF}a9#8AS_GVC3orG=?0Sh_n00Z- zPp|4bDp(5HB+P)3LcCB+SlMlba^;HTuYKx_U)O{z-`A4}_J!{E2bgh?n)#ID59es5 ztSu3pjjL6KC8u*tiVCP$Ct{siZ`uNG=waR8Y-iHM!-9<+%I;OGp70Czt|YI1bIS7c z18&dq^a~b*Llwt?B0!d-C8WQ=&p_!1bI)X_2+3X|15nPUH%4e^O0BrqU0s*za-)C7 zE;xRu^lukemPESL6^@@GmPcI96vEyc?Q*ejl&ZL>HU=0hA$r=6`^2kC%?q1{d|-$_ zrOR}}ZzlXa{T=g0u{%%>sEDg6O*+rJjC*088l9)S7!%E?gsJzxmAo%65|BC~SF7D4 z`=0|zI=A>)#`^HP&QBZIrZa8v&k8RvVcKHYdg>2Fkj{inv~!0em8f-^Mp+SB+|-NN zmffe^k(nU;FooK}rH((hOvNLM%WhVzHrF6F=Mi`{C~(I%j7f>x57&*Ao%Z z4h+s1!%f;bWodo0aWa}g1NWTb4LN&nKgJ6gW?=nwp{Bb^6BGItP;DOaTnvZEQ+^o` zYN|sh=6XVs$dvi1+?yr#626CWA~dqsZ;205=895r)nw=>82XWlv~W4%;nBl~VcN`b z-k6t_#*SjEf-Qtx*#_0n-B#*N4DoZSXn(pKEWNk#> zCK%-V`pp^AFp{AJeIsRJ`SYJ*0{}joL~Y6(V0t>NXiykYF%RN->;!$JX?Xwqh%5@yj$a2q`iTH^KwZXb5OoBlM zQxKJ!A`ha#`%S1BOB}svSmUE+JF^C$-5<1wLnRwb*l~9}B=h+ak+PC{$;t%PZVsqx zY;Sq$8A?o7&ZFyI;hGK4-WgEcryHrXEfd!q<62o;kUZo~rDff0u(Thf?Ln0Efl})~ zEo}#lKbr0*U9%ugiQ!1p#=XsB25vK3eEU1fzswH>8sOQ=X{I1_V^h=X|9fI$+42dH z;(rO#1Hj2WKqLHA)&K7t`7cB|uL1Bc7+QMK@Zm#GI7eBnC*QC9pwK$Q6r zzk1p3l5}trkW1SpUDIj@f+BZ)t7FQ^fJ8+gD5hLH(6bJOcyMxcon!p0mP3sv>&%}= zJCS3~(WD<*@neU6(27}u&772oBlO;jY=5!8^ntelNjFkk?-kXL`lazo8&)A&rm9gC z_Q3$AZI*QIkeLN*AYmhlKN^UKSm2PZU0TM%Fc=5NoH<_rKQUfsM6CE zygUIJoL?^$JjQ@Gx3|#5-!0y=X-HCoRbr7ZttWH&CT{#{q&DSJH#@+Gdt-GMAIh9V zm6*h@+s!a`*i*vt4WX)s*n{+Rq4Pt>SPqe6@|&Jf;*R*$#0z^MCjf=_X>HEUG4T;C z_^{f z=hV7b?H3W@sdZR{rXD2&U9(%R_ac>;aOI4}rRJ<{t^VVrz{} z!@ow|Y2sayrxp?wQF@ysKXxBGgmlX<P4m1CCz`XGk2j-Gc-k@KBZNt<5}E!WRL1r0>k!#m)!?!HaAZ9M zHvfLke}ukJo*Nsf;GVLC%ff!SDyb+p27nrIA?@~no2V6IriL`#2?R$t6~7y#%}Kb- zo7JUb+PjUVyf5->bLe&Vyn5{Yw6&V!8fhIAffkL?REF8#8GtBUt6woWU2=x*K{?5O zj0bu@4HNS3lY-3&*Bvp>f-70+jZNjO6g4=KCD)=kAA*7%*|GrpN)&dC=S*eU~6tQ>+4$ zMX|gVJht260J!=M^=pR~A{&Szs*p7=ELxb3u^T%zn!P*Nm)9oa#KN?-hN^wJO0mQ& z`x9^goaslo2+B8|jOMA5QJenP0`%WA0vmJt^7a^kfMw?YX2=GB890Sm)mJ)C_4wo4LSN zPWt^&PP`22#qHR2)b;(c>v+;o?3;PT5wmUBp--n;rFw4>-T>sOd%e{UGb>mV1!q^y zPJvy&j#b0pd%yfTH~>N-KqDG?obf(Ept0CcL0_mnm6&qj^c|aIeaF_}MTJ_DKtA&V z7_EhF(sRab=MFzMgh)FJkMvtR2HTb*jP0KI6vhet31GID6lvMF9_r8TAhxDz6KP^z zIw_2@C5Vp9p;+~R+WA93X4{R|xrNPWBEkUY%5+!-v`^20LJNA5v2hND@0cgV`2;Fb zQ@ZgOz47GXGtL7*OHqiGT(?nak#XC}V+>9q)4N%niXrUZm_D_wumesWIsBw|0VfYE zTA#3@P*0RHT%djamj8K}cEej5f1wI?n14bobx-75d;@bXnas#Zpfi9fL`m92EXWF* zsehPJ%o5n?I?*x7tsd*rTRs5KZ$7u8&=^`Hcc4+_E<79jumhm>9S+& z+21f#9s^y$`de4M9%M7tdwf!u0pn!#!@WZhadJtX59V)j$dK`K7}Sr4*;gUZ z<|d0yz>T;>OKNpzE5PIflT3A$NgtV1cO#MM5pqJ&^C@G;8>+Fa#B=p9+clJz%`x-) z(=b!Qa3g7MS6negoM*75#ucfSM%5y&+k|IxXz|}38Nh*WFYf>6JAVI9;qgzKq&%MZ zFTu}p>bK~FfABZ6;_mDHs(Ap65@6%h%vRIr77hgK&Dobxcz!+&w7wHRQ0D&xLBbB= zE(2{E@x;34e}0(6>m;^gM3`W-9RgiclUKU#ynvJ$?Gn#rwO-jN-;j`cAf^G&k+JrS z?3mdI;p{#H^~=3o(VC&eS#`G2>_Cu9N|x^sa<$noF4d=X9}m(o%?{VNOt^uuEzmi6 zy;D1dKKvcmXXliw?b(wLRw5+2&DFgPF;nniLU_k2ppP~6uY3-#I;2;a4|7&uI+m{S z!4APix|fRnDdO1fM=e&Dd|!u|x*Ed=ERjzY+Z7Rv{fs7>me8^S8o&0`DNBxb?J8s7 z_Si>ebtdoAp5ZiRT8x9SoSqIG;Zrk89a9;TV4K1kzVF?*H|l(9?V;Ypdd}XLt)dDx zs#V$#*f{O*@&2bAiuOevQBHGTii+82X*^CSFck>D8Uh@ATCGpR%R(FNG1Hp9!EVdB^OpA zE`&6E__+?u@olMnr?apq;i^_Dmvy-goK)GC%lzlq?Oy?FF-tmlH(-4*L~!jRvSmbi zEB@lFz8ZlGv1(V??j}G~a_idfOfDv*3}NJO0YQ~1DK85udPZbL%o*Kd0p92sQL5Ce zj&D0rvW9o=5Sa;=8$~@6zTj?9Y`C-c(#h--RYYaPyM8|ZY%k?6bs_*&{}nZSm{-*$1~Rt1H|(XNJ^UN7}G12D49XV{uLr;=vyq=zxaJ|d(sTQsFWxT6R4J`(jn zb~;=Jz{%^za^``h>5ChBamVX!gykBRHfGi_rVAqC5H{Y<2#9BroH+}(4r4uoLA^)EV@Y}mXW6 zjFT5Siq1SBDLBz;m@s-W`q7bYl?c7BM4q}0oK0Ena*5DApt<1#01_th3f8)|e6{%$ zA}Q89O2*YvjWNT_BS$`}4qKLIQoKyO05}FEV3d9YT*MItlVCDN8%ECruG>e7ll6v? zTck8vpB~Yj+;&4U%hib-eB1c>NmYY5##`Vo&OU@?;x;x11l(I|2xr)lWOWG2E|IKq zRZML0`thiLD1Bp#;$`bo37@%8ux))b{fY5<(`>B)zdzs_M97%DurDuS_lhP-F-Mf< z)gM<}pJ>L$Y0yszJMeZtsu6P@hBv}w`HEbG<}EpjtoR=w8mE#OzbWNkpV&ZiR>81i zAI$GA-KxnQ4sVj!cs)OCn3rtm?AS_)1(_dy-N1#3Qe&ZGd4$@SysZ_Z)0 zG~SQGWE*0pMF2zAg>3>^Pl|O*2&sTI<)4DN1dPGOJSS#@`e;>{AE9O{nXlHCz+wDw zrQwuU?$WrRyZ(<8E!^+gS+9}1cRzNMVZXgZYoS=3)_IL4*ib&fs3(DoWM3WrC>>JM zUx@;gbz5J8dE%xN)(e!cG6K@N^&s6!i>)DRJVq#eWW;nngYjH}uZNuTvGHF;YtQ~#2`t7 zHg{O{RcbTn8KaP#xrW302xrfC@O$T4K%saA(4g)!w>dRu(Yqq4UzU^q<%NSLm_UBO zCMYtvvQc>g2u}t(d5M@({11{3D+5bgGyPp7>ut#5ZASg?Z{8-*KYjIa?a&MU-Bncf z{RrJzj{oQ-ZhQMH$$fXF{r8l!^;AE(sk{U3iiGgsh6R+uV8Nx)VcIOA+vNH>d zVf8YZZl@+V#0-KbCe7w&IMbT6bH)c3VcO1w&l%Xd8#P;vU%kwm_%=Ke#dA#+8s8Y3 zL&r~7!t`}FI?p%S92m)GqG8=QZSvrs5;TbOKARYszI;Y7N+z@GD}vXNiw>K>*&*HT zmrzV?ZLr9%mY>$x4X?a1GFxPT-IyqtW==Np#r5)wR4OiMj{Yvm4nadspI8z2IONbN ziL}&@PuEZXVSWO9-DEcx|w4N(I=>i>-%u0{E zt%4MVv)#PT-=0eTW^PTro8{eif9a%E=24KxMtX^$`kJU>F22W{AwjJY@~MkzzWgHtAUBJqhln$`N}dWZR?w2=l37?7!#3 zVHo?xS#(iT?ND&AF>=duQzu2?{D^4*ovKh{jj+U^#Vpz?ucg$ei3GsC#)!OmD7cbz zn+>g%ofJa5DqH_$HnND85ndTyrP2JFm$kXRnmGpa&`b0Ix5-lb!5QVw<`gq^z>o!BIiQu7rr?*Ps$=?9!ziso0d zx7}AFdT#f;O&6L=Cg&@NcA9_X@)4vBcyQ2qc)(~e^}xWT2SdZRi^7~6qt9EfKDM`a zv7Z)xXR^vegznz1+vyz8NvyF|{0MqUJ;DV_f14+OH%R+4)k!d*@X!B1XpB$keLD=J zrQ0_t0<3S!%gYyCW=v$9>aGjO$tw%0;lYJWktxl9xh)0b=Oa-2pUaWUA_M)WK@G=% zF8bMeB69%qGbeB)_Ekty8;{Mw*!ymLeayV=F$1`}j4PksGcw{c|7QOqKKjPuH6>${ z#Fj2fZ@1o(q6;GDph}siC)}Qv==Q7Gn&eREs246fBBOhrBBOQeMs)xKX=%>!Nn2}| zHI<3w_|-8&)p`bixr=04CMRkMfI=(*0`QQvNO4rMsP?|4P)b*JW)Fi`0pbq9?$nd) zpk;!!)cA5vuGkazgjKWYTzgYqrGE07>eqO%jn{eKMjL5nYU*vvAd>CNg_pY2CyyuA zR|v)A2{)Of%E`t<0>qUoSmGz#K4MY|yM;hm$gxYUFU4a-SkI0B57=7}jYo zMY8~!Xag$p_>Y6L&$2(3qDWL z_L?thuN{dQmzCz}*g(fFsp-mCio~#5X*-eH1J1}mQSyTc0^$Npty4ue3O{BabIu-k zB}7|zBmHE{2udo*bwyEesJE|-xl4&fnS2EAh%T;0_GLsvlbZR{9?!3@uh5)wr`dgm zJ)f}Q&jA5RFEBH7IywugFc6OjlJqcmX~a=!vwa;G zp)4f&-rV2n4KBk<{j62V*7~-zz5d9rQJD?Cl@Uf+#tFU?xhkeJQo1=^m|i;P>C*UX zs>g^IEjEQixB7}7(-Ug>To=A)OO4HJyL_>OLY#p+dlp#K%9`J|_4JABenIaGH``LT z=K2@0#2{-h3`Dr4Zep&EyiME_w7rhF$dz+)+*fT5p-})KyTkJFH!zp{;h%H&H735H8wyTADaKf(J;#4d$Kiolx>gURqBmJWj;u*MSn*+ z1k`ZZ9@GF@TU!(4s$rU0ujg}}tLxvIez4)x@!60DGzvJ~Y0Il`jmt!@eV<&8c9s!= zfF9AeDsjYh#PRvnM)L1A-(Ev6SL{OxMV!?)jND)Me z(xfX$4Ui~SilB&~GzFy#(nU(JP^9-x=%DnDl)yK4LO7oHzU92%@7z1?7Y8(1%ji5+p4sm0D zclo(s&C#1Z*JTuh7+DaQTFCVrA~$Eg*5M|-fT#9n@fjguQz?Y8&t+tI7l9W~RG!S- z35NgpN?o>37}Q?5TiE)B1`RD4*WZ$bI&2&)I-8+(;*x?g{0$k`uah(zCvV#7GA5)j zV{9Z5@FlFp_wi`X4?)8f4-~~)oyU?m1mYiEI!iW0C4tbe;QkKB9C)_T-m*ncWqXrd zroGoy_Qr%!DHYf2wQM96_t9xiGqPW`)G0%c#4|-20wH&8&e)#0hO3e%q*qcQ?&dOB{KrLpaeNzo#kURxjU>2FP_lRjdM z&+6{@aci7m^F&A*C}boyNwsytE~Pars_@OYU^K;g><1K@kG48-bsR7Yw0Zf(bQjOo z3AwbfRkCAgn}c#GI_CyRq^S%`YFaDRSJ`qK*!dF8?vBx+LMvN$?K*k! z6Rk0#m)*{E**Ga_c*YElNiPnay>!KoT`sFW$i|(b;XkTk%NO6)o!nrK0U60b2?M5a z1=pGSv}1={@z1Y`M6om|8$CH0658SyA~oIifYT*XN1Rmaid=dbR4)>zHG>EOIx2If z*+xIS4mIx3 z)`&1uS;6gS;^Q5VXptZLUMz9|HU94H$?Bm)9782u!PMGGnaptFYSd+rs2AK1IlEnW zuCu}R3!g!b>}KD2^II;g@j%cz^D>w-8>L_i|*OZ)vEx zyAzUd?kpKeXQPy>vkqR=Zs?!7Z}XBVhLe5LC6+Zh;`z?5fR|;(3CO5{;PlG{Zq#)t zFbnH$P_gmU?+upXli>$#?^W%Oe_zv?DABm5{H&UopXdXVRI_J+SIU&5g6=!9WC%@b z@@M59j@|RkYUoNw|3ZyTqc!jC?`+653JZ3C|V60aYB`SQ#O=r{i z^AFAhyygC37Y;oG?gMeJlQwHA-;xU?rt;KXxbmdV;rOA<$n1~vF&DMe46N-3CAtG^ z_Yi7%(meB68+kr$X0cZ8d?9`i4Dui_AunxsH3>#6=~H(M2jZM4eB(ARnl5u19ZSiE z4aX1-#zEwR^W0Q=N`7GU@y6#sLqb#>=OTqN+yW2Yvxz+nHlqf=*2NwH?evk^2eUKhKCP!Y zFsRdCKRumKkP>o<5|Gp3YcbGtLusPGgT5P*EVY1No)1JdY znbaXoPM4qUG^YVIxC*wtBj>6yCpI~DPnz~qDO-9u9U|vk7oDbx5Ul+vd@|fqa_1hja)X z$}o=Y?XO+BU#(m^9$~Sy@W}K(3!I8b5-+A~+J}o=&HuaYB}vzc)7b`so4wq*gU<_X zp=`SjU5Zg}xW`Gp@}eNd7?ERUW+s+v$abxHmAB|Bw@_d}Z4+R9?NpbOWNbM0b>@@> zB{Pb+dg)4wV@=q*Om}+)7Fz4H)d}DBiwJF`hRaT=u>FMaq$6Qe=U9uNSyUY_x#^IqC1M_=#CjoO3_0Q}1=%P8yyPsSUbTwGbIIGce^644ZoMkzU-$ zcX^qto1OQUe|gPCx~+1Sw)s+$C4Dz*XAA4H&lPH}S|4Dz7aWNUKn(vf7>Jh$lxeZa z@R}z?ksJq8om%_JT9T7sehBtMJ@HZe4ii?|AcQild%%hK%wUE~G$_$CO-CKH$_~zU zug6Tf+;+$vZaBg*QxqXxM|994o0V?>hwU^#C^pvlfr)YfeN=H(BM~1~Lc}3=qbf7~ z?p)%}kuUtz#G{h1*0|Phl9EM?!2Gwq>7Zz#fESwBpP;D;61I7qn@s4hA&!R8fB;m< zIIvO36%MfnH_5X3=V`KT`8L}1u3$HUV5L;rO$%+x4*xX##2hC`?w+S!JQ_f|N(Ed6 zeBjlr{_YtotbIdd7DeMN7Lt~y{TX|buBD~r;Mk1AOl(eZ@0?NgPYAp%$#bWuW3qF! zbASfuCvb=te@+F!lSzTpCxq3R$}b97kg#n$%m{kpQ7mE6F$+}*tV`aEECWGtYyogQ ziHok&2X$ID#!eHUJ&hrsQJD<2T3*qHU_mId&R)#KcltSkgLgLcFS3i{VTDg|za#PstMMpptk`zm}6xDQoe$Vo@q&_EwW(krMpXzYk96OtT+ z7h_L?{t@AbdKMVP`8G6Ul>XOKC*YA`3nL#~?2$RJnd&DBJ$NUux7n92_oy2!YDsYd zz0}fa^wab*aG)VRn0=7LynNc-yAiJc4&;7hk0A!F=@W9bfBJRtJtjtR7{h1*(XbXy zWzK{h@oC2B^KWNG8r*Eq)4zk$6%aVv@I0mjN!})ASy~>{;5WZW1GaC#wMDSvyxCI$ zDz3sScoqBbik;#B8j<0G&c-N|2Nn)c#oa(4-``nSom26ziq&!NQ+7U%`>+QF6&1J+ zpQGq5C95Uc&oS1$GNA^MQ-2RUe#&V}|D%)Nn&c8CH%_D(qbpkm=G0ch(z2o_7_KkE!9PZ3ID0?QqZGZP=L;5Ldh!e7N}@ll{;6 zF996@JS01RuOV$-u3w7C42dO<%q*iNd zm&~7B=_{9Z(YHpq^A4q1f8q&WRQ;n0ZuXU?mnCP;=4qZB=MI6rp7w&v{1$(#zv&X% z3<{XV8WE>GeDXf;W%gBaO}cE#UXAaoRI^Ru(->SAeeNS`-H)iJzLm4x!evgEvHP4q zZ)8q#&33Y@Q%-t1DwXqlu1-ID;mYVJ)(SzVIeTI}gO81}JZDkq1=b2qaPIn2DRqK}K zd(uPP1qjfaOamUlqAs_EwGNmTC5!utd#$d{aLV|fz1wi<);RH`yWpac zQe6>yaQgH=`5M+O1oaeBZWz(Hv#m{baicxV6~rclsN+yzT>gh<#HsfT;NX?bA3q;HGIPxG`0pjIDyT?)DXH!BZ%@jzl zhvVbplN=oSW7HP&$GlAjiHYXV`^H9rxnh%WFs{wBLrdWz zg-1}?-c>x^?Je{4B;mYJvIxU2Ph;?&sZ9Qp+Tnfc)dIQgNee_2>Br8qEV#DYWlZ+l z%(0Qg@oWm_*>5Z>gXhpImbV(bXP(~VNtYCgS2wy(k93boJp|bFph~w6*`G#^H12q| z_F3Aj&8N6&6gBO)#9&bBRrFizC|Mx|^AqJS2(MOd3bh%xv>KSOT-=Po89{AkSj_+K zYo6x_lE5sdqk^0a0mv)j>dd7LQSks41=}BZr~iBR%zr-l;pz~kr7pOSzdtanH=$n|8T1WgKz3_*NfYmTfZg5Z~Z)CKiKiaKJ@12CYiLodq-} z?e^$9(dS)txigQR66eZerll8*6oUL)3SPbw7&7RRB06AlKD-*9-i{TduzNp$72G&j z>+P_5X+*|{iQKL1-?Jv;>ttq?PdnD7;fAF9SRTDlD50Vv+&a<7gyw`57=pci)|1JD zC?o6afx-&Hwdvl@tNk`1Sno?SkmMRmSjc(RjXocO&B6QzzoUCbN8XlV28aS}6zuP| zbGfx0sc77*Z{eAA;KcA|iGRDf6xno&3K(W z#p~)~&~Kbr-LeDPg7FUK>pRHDT_sq5GZCM`3vF65A4b~vS3>*b<0D(M3{3lfZ0-V& z&kD9QNIKG-;GVBY{_?6_N@eiQ=)U;X5B6ECXTU}z^s^yGPw%$Ou^qm zEc=9_C0O>5V8>}%j3-0w@shD0vr~BDZ=&DgTT@}Lr|nyuiLw)U;E+&O_)h6WcYSDc zp;E){lhoAk&4aEkRb9D}iLQg_#H^pc9nb!D0+cmbi-|5TN;OaAlX!P=2(%r;tliPwPeJ3+!vyXRnKfO9y+=2x zn#SNRXlvGKH8kal$#-@cvex+x$1#cNDfXcAWLbMWyUCnfrV*g! ztbM50K%Iv#auOQ+#Hkt#y2Y8;vbCs7rVE{AcS(}F?2e<=dOFZMCne8A6@+oa*{B!V zbXN%pkl2J6CvHQ#Z)F@cLdsoo&yXfhAZbYRvLO1>J%ns55ZZ*hj*vhic`B!Y04u}1 z6AzE~ZWTNpEFq*LD1Bu+IztvFa(Qb)y;@ISJAdOc0p5%*#{_4dPR&V zV%ZQ*E)r`Z+Y`V){>|62O^Hjo?(gXOV5rLX?{Qp3gOP~XgY9Wn7&e-D1?YoA`k>hc z#n&sg@Ych?(h^@IDBn`uBS15I*ZCWEBMnzT+q-=~W4^jxO(Q3oXKB2zZsDgK{m!4k z--E9S_MPgK=tR3CTd1+U{@|{5bgTWuyScJ#_NQc**`URr-&5ijX3K&kDjNN})ud~E z)z=<9zb5{N27mo|sTSKk+dCDT`WR0|Oq#t7*oB$G`0TdoN3|z?DLdub<1>$z4>w%C zV0(kvR=KRkcd+jPHZLT#g>iQPf>k@%@?oJO5QzCsP=R@lPs z+ZsQ+?`4}D=r#UsoXT0Z6{~&@X6@-OpB+(;=ncn^%?xp*K!%4lUf@U}l5l_NYcThX zc{2!Ll#LhK)2^eb5Yy%b6fNVmIgv6Ovu}*6-*9t!7;!bC(g(Rf*p|4UN`=e{R5E0w z|Gp2qtc6AZg~B}UYZP)SyTF2s1mvcW?MKjQ_y$OQA;}UX z?*KGJ+AaWj2Sfqv-+ax*n6&!f8PO-WP#1s?+AD_6MpWX0KV!OFm7ZL+s~L1~D=_f0 zevD{*Y!IUJW|2YOn1JUZA9~d{{Ydqdqv@y1Q&3NHib5?foQKtpInG{o(Btlvjx7gI zzP+s0gBNrGJ4h(a;gC5!^l|#RX;aZh%~pqXAcg7vU1(scTh%37SW#LriK)7DKL?X@ zx@nC?v-gGR&0`Ba;rCM}2?o92e)`b4UZ~2Eg2q#yVRxVqw>wSN5r?WDJ&YPhsje7z z>U@_$SczaVAH!C@#=Xs-6YsL!<2JNI&GbT=h8(z#n$JGDQ->eTG| zmEw>1(KEOrXAS4QbR~b(oA!JGGjYJ8&DdedQ@%RRpQ5&GQtm{LJ+1q&0)meG$U8k| za$D7evrkJ~S7|rrAD+Zr2&#IV@Ou%qQ0tNjd8iW?rLH(tJ#zmHojwd1Y(PZ5B?(E8?g>--GV&JRj#||yN!u65ihJ?2h(YN&g zKdU_vp2(Y_X%J}8uXW@gG=%wzAvEG^pVS&{za&Oy2SE0G>p03rI5x~Zgf~`;6Z;c=&KyaRmarRYs-Mt;nDmPNNw3b)B?#YXG1zFBZ6}vtkeYZ!WWiL=(<*M&=V^tiJ3K+KGwsX%%0|~6 zGD{2pIER$3-CG|iEl~1yvU#@B1w{JQ^lX(U=f3h@XsMXMia0XniW(uOUQS|n#0Wje z4?9Y3mQZ*+N{ZTUHnD6Qx)FuDj)RVt8lr}KG!`r=+P8!R8cg$FdgeYhAvoe+Wt01U zS-s<*MB-}2E_Qye&bpgPPLH~3PStK`P|w-Vuu=0r@A0>zmBtpSL>(%9^YICHjA`ag z6J|XUj9=NY{}Y;CZr zg`U0apteagvS>Z5-@9N1`#);T1$gb@2)%qxNsO+!4-08(k$~3vSiIKgZF*!#C8kfl z^R85mnEH5Remds`Hk+i%xyNrk0(YNYUbYQ0fv-MZi&N{kiRX%W=8!SaIS}g9nC$nG zH?HGFdMU<(>Q>De+l@AHX^B``yq@_N4Yyw!VXV39=}h(PvC;3l*|QBjWlAx(M5W53 zUPccU+Dg5*6*!OMsyvd^kM`XmjEgm^v)+&qAol`blxDaVoxFPEmV|=a24N|medrWL zl=1ZdCU2jUXJlVXKBk_7#tln*ieUdu3*HZx1=|?|ZJ#p`vEb?PgANErQtgnCLkN|~ zo{r?{5S;Lzz6PhQygy#5nu^wl1g?WC(+OG@ACw|KO-)U0Wb<-$#Zb4Ppl=Y2<3spy z1g*RXf0{2vI)BdxI;svUGk;<6t%mw;1W|)UgM=mc6xSS3twPEE?S%VuAA{CHBa=ku z%l_9sM^6)GNxQ$oZ>jN5lD!E34aO=Iv6nTnwogV{dOgUWL}?Ud8G6Ge-0rU0-9Wiw zC9y=W1Rv;_1Ib>Ze(d?U3N#*GfNl5O^0xb47RMzYyRVC;Mrmoo2h{|HQSFnJjQ8|{ zDfY_8o76Cwd-@{_`7x&KfjbWwZi9@*z`RAe2FY_OQM=Yo#5B6u-SG;(T*~pi{gKpb5mWiy-h|%c1UvrjF(3GSXn`{pnW$(?Y>j;PA`6t4vvKZ za+&}99Jn|$I-HJ!eB{|X$~<{zKvJsG7aGHC^W?pr8pAgid!&%9rD1y{Cx^3sLUMoF zkPmBJ=tU88tB>MRo?jAd-&{1mxj~0@Y+l{OOMZ|q5`4fxzzX8 zExk4G{LHmP+f8<=h-}ur;_kiEgT(ZCQb{tOgZQb2-s#c7qdvb#xog>c^PeeZVlJ{YD%O1OkQ=O)e?$#_A2?6 zCX#Qi=jV-7RqGe|HkG)!NIfQ6F$LGlU)s(-Ex7G*Oatbt-t-Z-KofJl zik)9|CQ-c`^i_%i4!O?iLWenW``m9e z?0cZ18NF@y-1q1!c2|IYA@1XlHd^~!(JGWNc;=At-1D|UKY{h?vE}Wal>W$C=Tps{ zZ-3Z{o_#jci#&9u?q7B3X^4t-8j)9;#k_toClm?=ay#JI&+;q6oMY6Rt0uVehV3}d zlX5hd{n0Md8Kgx|D*Kssw7HD2y(}K_P`;@A;vcALQpRd+Btyq_i!=d)pL0vG@eGaL z0KvqYQPLK+A64DIWq9vVV;OskH2#SOOc)hkPd17Sc}vZgL_6ml}^# zf`eY1En1`a((F*Fzr*w5l>wUh+M351_OTfAzl5BhJya`I&KJgKs_ri=3aH?ZF_Lrk z72XeS!)uz`aPm-0)JtJPMZm@!cIox6R0 zH#&1-*{ldN*1}H#GF8@IHrA>8lFp636Pq*)RroI*;(e=Wb0W7exUf=nzfGUud}Y<0>ZO%I>LKNX=F zzzFzWuMF9ua_OVor-MTGne@B)E&ZGWwVo+*OkHCwI*=Ig@z!%6j=J*DJC~uMwNHwn zZ+Mu{#drA*@||atB}?qyDBNiUOQRQzkGQ;iN^W0pRbEDOMairBzI@r(hW;3U`~FNq z>$UrBVM0Q9$u7T_B|61i!G-y`3IQUj0979P-o^dQ)9Q3eE}^n|XHsb&=YgM6Iej{% zGDD4HXQCMfCA7f?Sg;{7Jn0NttZ7m>ZCPoS=0WbTHDX9|^D3qA+-x+&=!$c2eAie=e6p~2SVI(dP zoYNnEOwPi>!mkMr4^Xm$zDqP@lGE_Wiu=Pm9{;0*_Aeg%*RTEcuqi~tnrPxI<>N0*d2!e8_`_AuTH zxHmb@&@-%?A8jM9?OgP#m9O<|d8O_|^%mPz*MhVC&mSpVne7U|b|1M+GXdddw+A8{=^hh_bzQN`Z| z8=8aZtU@rW2c|8Yh9c_7qu(_FL@uzKNS%;uCC)FUxHpIAVE~`S`LN%N&mrB{Ks_Zg zc=9bfwwy7=*(R*-OkSF?)vqX#{%zw8nVkAfI24X%*h3dGj%w%xMGu_xy8+L2LbY2D z|7vs`J(V#xvrjxAojHsH_Z|q+;8#OCrTJj8$K0BXSY39dNmaJS#6to((F#TtHM8|| z=-iE++Q&u>?`n*Bu9-X-YXc&&v{?i1{WMF4RT*J<>2N{OUJMea$X5Mu2Og!c1i1N6 zQNXXW3F)RiOc|UO)kV|v#<-V5X%uNA@?>z%@>Ty^K0vq*+@J5{*u^&dfsNG3tSl+& z@uk>99k*1K|Mc&|nO`5|Pr(nD*pf1QA)OAS00bsVMP%B*kyM5k_hlymas7{M+bXWL zJ`XcOT1|U7pn2BftMHb3_Y>nQfFxp9|B;$jff%tr=(bCeZoO8Dh$`j8^#M!J=B{7t z&W4ojwYI&u_aA6y0{GuuCVV|rcJ=4QTn;ubx-nURl zX~^F{Z=bV*R;oU+h8+j#Vh>1tMR$X$85I?#ISxJV6eMx)bC73Pg$MQWSCk@AeA@|V z_Pw(gVxp&BHE@E@w7X+#!FX^?I;^)CLB)_~&4@qHUo2!|I-pmsv!%UkEq}lFp7?1% zBeTu?j#a-vTPHgSs5Nv-^k2*K|HrBTB#1%%x@p)lXNA?=l=&|+2!(nMQG zxvvMBP6BwwnB(wFmldw&u#e~}#<`U~-(wn?K}FnL0Uf$t_>GqZuVsWm_BkJL-dZ05 zR%S<1fn-LVA-B7$5_(!t_uHR_ZVDBKZ6SPn$*@w$p zrEUN%4V?+Sw0ayMVU_r65(?!?VUuZG3n)6eRF==%-_At8s{SGr0w()-S4M^0<-``v4` zcWo_SF?mKdj7Tx3;M)SoGZT))L7<5IGQ7(PGxihBNBDr_`q^6-H?Kpc-d7eX2<&cBbm{5nW=9gD zF&pT|0ITB0jrTVV1_4+8U1h^zQ3k7G#%Kj}2!sL*0MwDNsHm=Xad=1vSqDe&wrgch z>?F#INg(dw)y+6AF+4tVp(my+UZ%+Nb~=rA5nr|_;}<{aAgQ~Vb~kGrWb=R*xQ_#Y zsLxg^5+?@IaAJhAD?O54G9xLzArhX}KAgcB!>@<1+KuWhAFAiRhw)P@kD1Z7_7hTE z$FE3JKHTgC_IbwP4@dlFrWb#{6nns~ojs6Tb_)1ejW@))TA3h!0bYvWN~}L&NYg<% z@Jm33-J~_ihh~OGNH>6Oyo3^M2Z}gQb&-_OXCQhb5D=&X--V_)Vsy6`4n&Se+*IU1 zI3C&Xkptm)1U`Tq2*)Fd<3F7kI>YTy$0OE5+i~fvfPhL(OM?L-e{{KjKt*JhqoXE& z=_G(v7uzmfO}#yCPSzhvN2`B-@b&Beb$DCJEFnS-~5J! zd!=Czx%MD;C98!9HHIne$>7_O)*FgEF#Yg_C6{#pkC&2?GbPHoM|){dO*0JW2&WBUT9Vm1L7cgM#3 zycXMKq^IsG@9yCmqLN(7_Khdz0ld9CS36B!ynK&NO79nIGsu|2)k?{WZ!6E1t#ik+BR(1WTu@ zy)ARD(}?qy+t=-HU?q1XQa)r)+slrIlO9)?iy}EEyabI8gu5@eHNGx)0iGX z-s`P=9hyFRFWQKWeYN?J_tqt z-beBShe^`x2hn+``?4XBT>81X(Y{3VL%`F%LBXlrK{&XtpD1xX872;@Y8CR;WHySn zA;QQ{k(dr3$Y&Uda@-O=XFo_90S-q;dJ&7zs}86z{vYAA@wv+DS6BhH=+Pxkx_9;W z)Jx#*{-FQ^^B2S)U=6U$DPi&H_`PWTp>d!c(e%3h zWu@p}hE{*nmDG4%PQ^FkCwZ!T91V@emFNsz6&}f zvSIcbS%Z*JmC8sL($P3dR>LwImJ)bP7wz62j2V7qX;IR5v-1=a)Nbe5?$jK-4+`%2 zQ_5+?Y`=3G*6n!Y?0#)IAC8nwluH$Z7AIfVWsk)Oh}ndi-{eg`o5iHhFOesOVXZhS zWz%F6nDtC?PD)e2ZHEB_W439U1V*ZFBwO~&+zM4}!BD;5lO5aEir`Q@2%PRn8#-|h zdCl-7>1Dsm5WqU=+wy$I(edLBo;Y1{d~5Z=`$l11_&kpJJcaIJL*lsgDv&&(SuGgB z;-iJ_uAaK)zQ$sD1(@8hu5v3nL9x6@3vrg!vDMk_!nL* zFz0>+zu3#tu`dv=jP!%?gx!-bsU7uUN(e z{S1DcyRKD;h2~NKkO!J{u3Tye{@=%yM+_WHZyni;uz$|KVPISYGjLq}6KeU!9?v1J zzrG5PGbPVH(;9h;6BzRw%8LraYnM_BtBewdp6*;ubY9?WM{oI{osW4%^Hl}eL7X-d zI~#O6yF0k0ENwW?ucppSAns>wJ%Tsm=XlU0j4?gcFql7ZEN>JwQ~ll(8V^aae#zw) zd!YR0s+9v~mt{zYzRZ24TANVGVipat%di5&*8?a*74Bg zG6CY#$(|Z$< z0mf*|6J(W24fM;-?qLI3PPIYW&35hLy;E;zj|?6Q2f$}o=3@a1{>ZIkmk*|VX{Z)V zFBOa1xcqA;f~?wS17ChqBQ*neeW@(mEBBkV#QK&aqWk#^tcnlnn@Gv>*YD7t>BY+R z?JYAb(A!Y}8$KQQRUF4utk}$FuW8!I$lIf_r*WNI?m*Zsw-jYZ?TX2!DlYu-#eV{e zLD=zqvJPpkdq734F8C8Bbg4W}f&hcC+CBeQ;L8cHGs<)?2SpO09SBV9zvTne--(y( z548`kJ;lHZWE)+FR$c3I>3rS^RJNTxn%=sLX6^pdll=;sJK%=&8UXTKmDni;D{nue zAnA|6emC3Tb#m7(o5_V|2zE`_s5B{~@+M&~;DGySKCAdBNsrljgi2DmXIl&k?npV;;1Ag96xk?7pV)cQFkc$F)$GwhbI>+WJt5YKCjQAzpYzGinz!{W-@s z*V|I)u+8=^Q}JQMZ9uSSYp@TW5~oK@b!KYVA>O$s7J~hKBFR?ufQ>QBWXir5W21lz zGV?p8ducTDnOaL|2ijo0+LJHiS{y+J+-bJ2ZCjEB2$xMA@r84{-KNuJzSqKAcY=2_4UVbIqY!f@4}WNG&yT!+p`} z!PQuQ8^mGx(hOZbI_1o;``oT;+zMLo-43m5McDakpH3796JU~0?35o}IQHf72uXwH zix&^~{$_AqIBrg^<`Rx;t;u<#P5n}HCJG(sv%(%(4-=X+vj)c&PE=*TlzMgH!TlZW zORvIz3$`GBSar-Qrig6v#LFh5sx>kr8t)h2mdJ1I!K7XlO$^p;yr22fuJ6`h_JDDc zl7rh+;~ziAV8xVFHVLnF0>YN~GQ>x20@Zo8rDlcIXU294JKsXUV%M8rjK^u15C1m( z2C;e=Ih*F}AG8R}|7C>%FO`YS3+b%7<^L2I1|h}M0NhuA=)bU#4cu%7sBL4eu6gG? zozVgKZ+ib!SZYw*`Y)H>mjOpcue?-&r4+e>)YATyx4iWk)7BlhXTDP-EVv7-cM9CN z+`mWhteZxOAOGH74}Ala6v)iW&|fi;YpI`V*Th8(W|g@z*_ZMx<59Q!ARRr9Dqbkn zBglHdBm?zA{}srx;(o#u$y~0)HZIY0Jx$&?WgK#IEj48q3`ze^0J=1*|~J;KcFw84eyG zJ(@ttkqWhX#&{%ehn&K<95imvs$rtj&}X@b(+{g1NYR=Oa!*(b4uqb};7!)pv4mMo zHSw=HUwbTR!Z5*BKUOfN*6@tTl*M_2cZKPVsdZsfzSw606WOuC1yfe5?6%fmR0zdA zW)f^kEkWhIXd9zgL$m`USxVOUwUq72RIe%&b1^Zzw$6+XAgni|)%J(UDFo|?_TIGH zJ*%%c?yD~4{t( zUrISNCVJn2)(8n5DU!k|Z+o|6YXb9o&1ku^Uj)yFUH0uncXNwwJzjODJOEHq7KyC+ zb_YI2NXSHtlIA@cijo+m#&cgV`kM;%Y7|&wa(*9l&^T;(A%svir}4UCyKB;o5+V<_E0KFO0XKvQ*h5MXa`tchvXX2isV$t&TP~>RQ4$2bDw)< zGIQ3t{)ZF089Dd+X9%bl!;As{FKG(@Ji-5emEpM*kBwV*@X5WxnomUt7wZ?l9{3uj z9KDE?l}04qdh}4X(Z02`wHwL=O)Qvy&$bi$tKk1X<-y;B;)c|=9Z~CMec!$LgFzrz zxz*z&5a{|wFWRN0#Wwn-ojj$vBTUmdZ$QL|Vc17VhsO+afa8(ci4IhGC6VG z@-13ak=y6eznKm5*V*}ab_Xz1gZnh_rIL`xOw4Pbw+Ntg8b(mO1 z?qVm#ls{D~Ju8aM`ZF{xCO^)Z4wu*PoPB`NNQoOob%wAO1QugXRC8=REJV~pEnzm> z#?kAasAkfMu?t<(7>|Oy1~qzTb)?+8ZzrFlQi11Me&);>W9cGHwXbtK+EBD;T_OjH z73)te`=jVV+NzNrV>jS#hqjV0kdb}$(R}LGO#CgOp~dOv-D=(FO2NdFFUIaO8g2av zFZvgP#Xr?u|40t}@-`+pv_k%I}O)%3y!OZLPV#3iKT8veXnLRVa`M|nNvHda z*hC+PKqp4Ic6(_zE;!h=?BAT^pV=34=UpMW9S!L_J4d(t7ifJOttQ#p^HU94KOz@; z0(XKMW`eOA;~ewfr;q;uz7Xq%N;;*`@Zd>=<)^0Qmy-D*LFY<8YIhOymsK}18JAW6Eh5$nILuOISb=nNi*HpiG44_Dac7T z6FFu=5jgMG;xf%HDU`E3L~;W`<(Lyz3FU`GOP0!zf=$JqOx|0TATvqpaqs;ZKXygZ zel#GpU=xj^M=SRgi_mC!G*I=wJRCX#rM0$_R(4GdHZ7HdQ7AS<(*&i9Wb6O>AHEge b7qKT&6yKkEX0aE3hdLvta3b!Q?w$V+ZMd^ZqB@_#y(uDxh6$`!h012QXBA_CIbU~>?C_?A~ z5l}kPdy_7m&_a?sV?owFXYaetKIfkA`(wF&FL}$X;~7sG(??lRcIS5X?GOlL=e4Vs zZ$KanDG&%_!d3?G7g^K2;oyHz+Z(bMA*rjBB?xgX?WpS8v)v zAWWt7|DY9?33nh6+PiC)FQ_@`eWy$Z9?*yw3Fx6&aLqi}ik!jub?08#rC0Mw_kh#B z{g3?$GnYesI&KP8>*VD3MF>rC%2zn?a~!F;)}TXF-8~4eU!` z^b6MiLhs$@Ij^v`q>(0nnu0Cj*@1>5_VOLtv zOGfjjOj1|HTbI;)zc_tk@17CKpWuMs@>Q5bg6kV zFZSYkVgZDU+9@O%*MeFv(rJ8HF59lNezmuqag`IDVNtGgK9q`0V4-_2;=rte>Ed_6 zPAfEJ*`QVJ1r{uPyx*xT@lS;Z%jk;x%W84U=WDnmcg_X+MSO;_$BVF14xg_S>d#`C zVsaHt^GmwaX7oxedBW#*RGXdW%9n>D7TtMwX(yqO;*W1649JyfL|Qy9wMFkClVGg< z2?5Ey!a@1R1NF+XSi19#rwRGg7G?(fN|3C*URfofE zuzDnRY03TVn}t`+YRzTi*R@(n(VqKcK9s>?Ze#5bk2#V}CWjOE)sI5Y-J4z1WG*X; zLRzh^AuM_djDPpIZxxTHka8=)oAizdemORELyyH^+EcQKOF3?k49#M3Y3^9)O*!|$ z1?M<#(2wdH(Z6t$L(4bspmL#F+tiL} zql)($i|6JCE5EWWOboxSp-+h2f=IyE<6BnK#e=4ytJb+%g}gjRsWZoY6nKJ!h|6Os z4M&TN!1}jtKw8nL6uC~;7{c2wrX*}L968$;#+@0Yuf34iH2_l1YceYyY6!<7J`wPD*{8fjt>(KR3R zZMY_EX}Z^ub_@)@Pe?y>=39I334{|FK^uq!UFYBJRJ>yb;IroK85~<56s+z~eNfS2 z@RNa03G5yY;8`)V7rYt*5EplJ3nByx#sea^11Sun1Ny7|D1$9vlp*{l*I#tcskqb| zv9xmvQJsq9qdGp6S{*%18lRu^gg~mUC&OLWW-D5;Zsw+^y1LHAGP})IkAD-=Uv3~$ zqKG=}(`>8Wtwg*YrIjE~!0+fSoUL^$x(k|Gnp+|Riz@qDUNz0cL@KF`bx24j;N(rTnOLW58@djayAr}xbK z3SVnBQqpylN&+KudjKU}_{LJVXrVb+a!+CRp0BT_&D{qH(}kuq3i#dg$M4Am(x_kL z=gjQ$ZXeFiaPcb?*{!OArmjeB1=fQ7hY{TGFDTf{!;rV2SU4&I@U~BLVwM?$+fD!= zxsP)aO0ei&1-J%w&C#o>V`VU#;bbAVd*r!4K#X@NSBk9qb+Di1}y~4M}Ivs&F$_oDOi%DkSKIv zcm@}JPd1AE46IEpMp^TtQ4S$_;GC1{n8)Dru{~1+*RGt9qn~Z@Zuc#f5`j79KTINMUcfKU^g(8;JzEx*Flo^DrjT<(s*y7}naXS)?3Ha}rH1`JgH z6Q^Q={z@e_@PtZ~%p< zRO)aGTajZ(^`0Wf{Sbq*2`K5=x_sh!TWd}h?y=+B+FS+?^`6=aR^}#T^s^M%o&*pfIGG#?v9TP$>3 zIRoa=*k}e)1sFl9zmTQhqcH9J)PB;mROW0=bG5i4jY6BB?pd4SQ<9xb4zvx9q^-2@ zbp{i9s5RP-(>?YyN$`dfMkGiT*ieg0OJJ+Veo30+(qFC_DWXlZR&eEvBv(v!5>|XY z!0xZyfxz+9Q5BtwJF&~GO9#NiKE?kY%KU4%>T^Q%1u9A29FppBJ(RGgwpVTo1bnDI z5#B|_(jt0`3f-KSR~LtQv9B9_E=O3+Q?8W~u=B564t4=zlXe?m;Akz3j_Nw>5ws~K zTBC;ks{F!H;7^S`$a@F?+c}qFFs^mFE|N(SZ#7mb=4tZ? zY@5B%en@c!0Br79ILdX|3b0Up>{zBs|CsKTQrX6St)?82m2tVK_B>Y~KvoT8z^FWH zfC2X43`j&wQloK;LwrD7qinucf*YMv!Y91ax`(zR({hXAkDX!*Fwtfepwm|__s@V% zYHkDbaAyHGK`dHq9YF?MSB$qt?qVgCIGyW0AM$M;BHCYjVt%=)+=C-|Nl*3J!_NR* z^UoE1*As)_-T`xR;R>P+Y0f!MJ8r}~yIOwX=351|*HW7LonJZix>mZcd z*>|pBw?YkA=*_Ky0o&_nz2Kr|mgk@HX;l@1|CW5^-DZ_oM?-8zx~dDVsGcie0qaZN zK5j!CRcCQ;Ja~NNuJ|6p7s~~SOFN^?o_=Te{=r-#Kxjl(iilZC#moXz#tLReX{~hU z5OfYTTRL%HAA6QpOt(V!Ik|PBY_J|C-)-OAp-!oUeXN)o#7bo1cdzdA>>2NM+6urX zUpOp@VS4)L6dSqH`mXInHI-UKmIW510L<&t|p^LN{$Eovdn4%GTKm5KdtuQ48+Z}L@A4u^AVt8+MzyZ zMaAM!3Vr)0^w_cEnZva5wOIxQr{E!KOUO+~D+Y1Mnkz7;*;m#)ZvB|m!9k7lgYk6| zyMw|N2Q_X}GTO!otYbeHvs{fZFC zd!$pbk2QI55;&-hBiNZAbdj5Z?g9ho-sSPboH#)q7X#9^j~(1kr*Vusk&r`x*x?>- zK|po`hE{yh3y#|gR*=D)k`1pJ*#E{GsXV_FP5x=7^zLXVx^GVT(kOTLNR=?h-TdV#d#y|viT8{&wDF}Mf@DL7c^T^kr z`Tf$^xgl05x7Ck`9`_}UDHaCYQPAPtKY&vxTfFJ6k=m2bJ|kGOwGsWvwXcPWkTiZU zD2MPr@cnC0E0Oy3{tw)w&;2xw`UsN+3>6r_%X)|$>VzrQZE7}QaY4#7{|D5atWNav z8gtrvI!>e_oF@=)PpOq}dzL(*#lQ)`J${O`0`m>bUqF%~KE`zZL-ifQMpJz@#4_Mi z`nh5@cs9T{L2o~gLcsuH*77~P(vv6vJ2URux>=sn5e?9&gsF)UYQIlU=LheE>^lJF z>DwF*jzI2^WhDYWsPbj(njL!aD0g*|bFpYxuPe=Q?G>c>1rB^(2Wd6Yk`krkB$y;# z=u^b@EMeeQP0LZ@^7rCy;p3>{F14*vszw}N?<1D0qSn3yi4(f{;1EV8ums-23n<>$ z-NV7e6$&6oSV-Yvan{Ws=rj7x+A1 zXV)R4GYV@cz+C{uZFdxzs-5&i%6ZZ8BWh`$usQ)$?i}Er6-T z4bpF3H0hDpZ8bk!1NPM}mav{rUCjurlJYlbk>-OJ>ARL-MPOQiSFqka8|UI5l<9Rs z&%*J=7u~8J_YlGliSK*!x=AOGH7t{%9`KOh)XfE9JI+;ne&b6={lF0FK&(B1L0?+uf?e!PNg1= zloc$vhQ}8zyiQ<$zUPa66lU$~(7bB}ckvBR@IgUT@f^Ub{d&1GU8cQbv%$NCoL_oV zCi(Pxfq(YlY40|OraFClM!=6FQBG+Df}_2wGX_HjTspz?gJ%2w$dy?k_qDl)QI{tf zp99}MTL=OCHYNfT@`?kDmfbj1(s8OwWwUX54wXt<85&8&j>J#rjWBK&|6$P}mk)%& z`43sr`t_T>IM02b?y`m8s9-R*qPXe)CIwE%Flh#WUaJT?uHiNTL|fqcfpyye%8g2a z{uaZS0rJ&je_-MffQHeuA2@jxII+^SAE5UPxUo3u4mo=uy6J`U(nHhxExi`umdY);U`3wnrU5Hav8VhwqQ zt_9dw49ocW3lu4R)v*L-^Sdkm>PlFN&b%DpDu>U0dHN_It~4tl9lQQ)$#xf<;CQ1* zpkGbSC5ead@QyQQKI|Gz2N2^DtH$r25yBfbfhoJT9}qM$7s{aQhpl*KAR`fdJjyHL z3yPO}7NVLSqr0P=EeZb#w!pCHp!mANByx{nf^7PsKM#~i7}UPt&v#w&P5t82D(og| zkjineVh;*(53H3R^U>#w%l+u!Smnj8%CxP*g;JH$BMVu*=jF_vMNqsksg`1raWaE2 zrBKpx7eA^lKUCA0ZPP7@95Xx>R@q^xm2~=LI>k30or0b;F>{N|UbIOz*DyYRidgr) zG*PlD#O!+?G)fzp{-syGFdW^I>F_*{~uYcIL6H-DV zq=tGp?+tv}(>HFHi+feIbo-=FP?$oQW?^E}^NakR94v8IU%1+Q2txJiWLexJ^h0lT z3jvoautM7bg1G$Gx;|*`ukmsk3|L(Ioax;Ek%1a%pdyzPdVf%3B1sv|lAJ3xq1CKL zE_A@k&K@y|Uo=j0B%k7MJ7;k+F=&D!)@;wJnoIHQXpu6*J2bRJo{6H)=`bLS&hw~X zCN)>tP~5C^C`DIFc&XQwgow4;elxWiN4Ju%tP~c7yyyN9? z`VzXq-hBSu<@k4+OC>ettsQRc#(B9{l9wl%52(z{`HeTp}#4A`!xFOe4_djLwcdBboj6 zCdhg_#hArm!!g|%oX+p9v$uhiXx8dhki25^SX@0=nuxvGX~*Tp!ht@aYJuXZ;FFgt00}VBnK%DtD4gZjm)L%btn)*sZ24PneqjZt7 zW9g)mG~MWXz`<56Xsf)>tTthC^-Rmev{C|}X{n(6>-X4dOF3gU?aq(4jd}Q)w|aNV zbykK+NK3RBcJG=#q#Yk_k`q^Dj-C#q61}n=!phNO<)2|s^7N33gJ);+Hk(e^ulFO( z6It(U=ktVjAckkbr+xC%X2j=TYs^V{@gP2LL4oD`S1TZ zc|Q>5fgS6=aRn>}U+WdTMMP)Uxl3Eqb93CNEh*Z60U1D(KwjhER0ZtLI`BXs=jgoW z{~`8m1XVT(dgRy~hO0B0pl4(@Lf~@Ig^MvWZeG7O3IxIZHh+E9{g*^%7xw&%^(1{+_KHp4|x~A2?Z&!uQuF69>OjX>g#$ z9erZSK`}@v;2^2vJ7I^zF7-^J!B+_j^=Cwch;CSgHb+!$lTO=ZCFT{VUpmGSOOkM`kaW@V6POx@vknbD&!s5a zFJjbL^2%W2WRtGvY*XyrsG$e_)itFxCHp3M1g`P0tS=2s#PUFZJNaXC*hihVq7O01 zU9OLjWv?a&jQgPO%}*nfLI$*&wA?g$gKlWsbx+wz2wpeS3>(}>$#HHi@h`AA)=$CN zT(lg1Wgl1jW&5AyTFQa_Fd`dS!^k>=)4GA|>%RCnvSmb#^Lu0VHm@X0!zV7UGxEI2 zbN7sTLKkr@_T$d}E8<67ey!ji@bm2H60FuTWt@UbaM<$P38!CXFYkTHMY`=a^Aw*K z{8Xx{jM81Ljw8k^Uh6aCF2yaU#hZFPl?=V>G78PCEa)kFk_6c>$f)$-GQEc8sF$)w z8+EzrMxb#$37BvF1OHzllAIHH_YAEF~R?* zSAf{Jrs{WZ!9D9FSmysR{a1h+HVWJ-;B@^D5Rr|W@&C$j=uN`9)lg*YA;;T#dmW_? zaszq;umaGT;-#I;%nzqIs(*tVnlzu3`$xyA+@{ElV*lme~|un{7v zVlK8B|NeQ!cc|B_T^_-<5~V(`c16TAx+=UI$+h!Rx3RyJ_F(n=lm*+L)rc~vZSs9> zaaNPdNx&OK5Ick#N8abm@4GhywLK91pWc6JuP7d=p$+!8wMGGN%-(eoe7ikc|@e12WV$?#(AL zcR_=s&_qu?>t>1Mai{%=nJce9k-jdRs5z{6r_|lFn;A1U=PuouE_8DpV2h{W)vsM1 zHVXI!HDA%V9?K9{|H?jf#a+6sq9%@m!bd6}bq%E|}{NnJ2viCXWseATj$56+TbV%D$%XA0t7*_1lKr`}i9M(F=HeRR`#=}odrB2dFj*DI38>1T z%?6tfIlI^gwfY%V0kq_EIvjz!^xIwdSLFSl{{{k_IS!O@F~|eD>;L~3;BX~Eq$BcOn;vDoelX+aCeHlVZrdElxvjvWr1 zO~^hiZ|W!YfbPy%-s(fgc4_bbI?&c|09q95rBSjsUW5^hZR!0nLh zmKMbS*nyjpk$%(E@>&H_`W#|?lg{7<{ffBi)t*xFmzotkqir;}j?0TVbfBW0kzsl8 zy#g-i!RI%_I5cbb+>|qMzwzfuu)X`+9bazWIv-41uAnWTxHByNi4>U=8^9a7(p(+!wXRuD1V_})k2RHHhj zS8Mr1te6Ye5x)kR4?{0H@Obo)zofF!nhrO${sMZT&qQ((>UU^h+Gu#~?XRAu9i@8? z7^yzf_+C}S1Lyv%2K|C%%h;t0U)gP=db?Q?rdGn5B#QAB{f+gof@|_?w4(>T;ctg| zNb3M2-E3)Z6ZvfkrpUc2mcIy5)vxjlopzTFKY%RWi7VY;A&RZ9v@S<~3e8}5!U=xa zi8Saa4TGOXY?UJ7WyhhJ8(#|IsKcYY6BbDttu1AE#*p%eTY>PGL;81f;<#ERq|08K zwAL)xO_CzrtHP1dFG8c5Hq7teUsQkhPR|1545;skJV)Mt@YC>+Z`~mD=1=Diq(llZ zgAt(KL%(rvIvO90c{h~DFr$fvpft%($c4T|+`S9QD7IHD~k5!ua z`&YR4XS1w@IRj$KnSPfc$$YseM1A%r=D>?7?wDF=phr7Jr>vI4aq!XDHqO0aTMX^_ zn;V@)+g>}xUwl_}PFFxLD)sPt2ak2M@I)`+Vz$1%cwECHkOWaxN3_825^`e^w5zZH zW)y_!cN9l@R!#q!uiWxA7o59Qla~8MWZK&L_n}B-lmPJeLd>4FEGT0lm?rS zKj-axO|a-dX93>C%v^Q)&kCG?>N_oRzGL{fR<^oa7ll3K!u8$O6;U6cYn}1#vyfq2 z0gFWPi^K_4Lt{HXy@o8ATKoCM^GijZiv}-mI%hQ=5|}r#K7kpR1Q?|Qm++BGR};Nf z+P^pK$x3tF>~V`(|EgX!?E+KF&fqCa)^@v(VD?A&?)p%?h;E@MHJ(E@@dU@`x=*rq>OQaFG}S8PxGya zmh&IjeDSF0Tlyt!X?2G-{d8l^d;kyl)Pq>=7+Y$B-O_V1U&vyWVl6~0p4Hnu*Qgoh zW>|mX+-PmwyQGYrW$z`gRl#M9q-@1b*s7iWyzHGMuJ;Q>5{Lbkti#k zi!doyS4sidRFI2!whkysr&@+@4#~C(H1k-iXlHQ^yGzSq3{N!sm6;`;?u^(XH#tp# zh$_7mVcfd`xK#`t16@=!Kzr zxxTRb(0AyPSlPX4}VKJ*9I6>83WdFtmJooVra1EnD5C8|e@Mtj%fYxgt(XA`%zY zaT@<9rbDV*^T9d}|9yX%8~>x$iJoQIn(n+ZFz+P2?`PBm(0}nB?9%wM$icVOVT0mR zJ%tk+fdT@FKKwhr^7lib|1QRXASno%68G@IGzRA1dw77>RYD!fW4uMh!#dg8h!%VG?)2>rwOYASQ zF~p^d9as^Po%Z636aye+&eo&TYr2dp-rJh<74B!UMZ2R$b_e>X;PlB+-ThKCi=Agu zT+HP1n;A5QCs9L3nrCij-6Pf>DbRh!y}mwk=1Phrq;Af|ORecGNahU8GQM@!Vfo&t zE#Yep(N%**ye&42Y= zJEm*T*7PVw*U1IUxQDP1Wk4i~@iG|6T+MM$lW)<-zvdYPm-mVEkmPKF91vE7?Yv)% z!qr)AP|?ZjdteqEK+JFwA^^Ahr)0QI1c%;3g2uXl@tW zQ@*cTBzxdh6t|jcdl*g6PKkK6Q>82(meN@3CKavY{Wnpf9om4{3RCmza14cz+!tTN6`>rS5U5s;F7faYp7wzZV+l5%bfKPSh-NxtJBM;20>^>Z+O|6_R;fD0U3#;rM&ot%_xIEJca?)cRAK_%LjD( zC6Iq_RBt=oVjPjntm5lWR} zDMY+bv%5>GvV9ia6UJ^fVI2q$S=DvTiGEtL@Ij`#X1d#H>p4tjmSPMSH&k}}PyeNj zcPLW&a}Z*&>Y`vBk=B6q0Uijis6?@DMzWg515-lBj>dk zk`h06ZQQ2)wjO(G!lM{N_((B};!e^x2fdDBrW7UCNT z0%`;kw-Qijd{OP1OUEOzX!|0!T@-Nek`)~YN>`v0Mv!*i!_eBD>Uq$uJ zHl$_yg8DDcfVEeLHz9Uyw6?O_@MR;sUoxs33w`PP)mO}`Uu)%M_~i}D%kHHELRh11 zYTh$iG5FHQbUm6)^3rZxQM*CpmC2Mqwe#rYP`X247n>U#-TdYsGK|BkyY9%WFFj8_ zuJ4`mfk*Xqu)Ho@I_=AMHKiOLHopA&Xwl%Rj!Pj`>zHQ%#18Jr0n`r*8HM+dWk=qL zw@EfLc=n^8lpRsG5MwbU9aEB3NBta{TXHWk3m% zJoD+$QTx1u|9E32JY?=>_Jm|lv#S?8gn42K@%Dm#jx3ADQt$b#7R;9eos5?tN}TjQ z`oll`buLYu_o^zJdz$F(q^EZ&+w61A+a6MlqWcZqV;P1}sfyl6gY|^mEUsk(l4>@6 z=$Yh^_=RBfm^f~;!UBiq+o%n;GcDvK5w1+eu3hb2pD6~^Um4s#zXJY!+Tu7NvVHm3 z!B6+*zgBHz#GufA4`eI7*z*5d$KH*cO_oc7C|gbUNG$DPU|6T@u64T(sw_vo`4uY# z#(%lz*2T4%!qWeKV$C=7NBV2u=|%qaMWcBFvH!a~QXwAg056LJ6qVXoeX}z{5|ns1 zalFI46u^KS+ZmQY6?0RX7yLc*PkebF4p$>N0m=&!Y_BW2U2ut-KqW*}nby^DJ6h$> zM0>zEuJV2>Li6a)j%nUPe72F1yuTJ>YBO+JzIVstrf)~Q;L<;<(YAqL+E1p4*J;x` zf)I8rtKyrBVH)H6K6^FT+_n^z^m2H$(>#OaDk&V)X6|(8zF9YzcqO+YL4qGcGDZ)) zwvSD9m8rAoV4MHI`P|s}cwshn_Cr!ulCED$U1N)$Mb;#*x%cqWiQuL)^)!CNjC9bK zT|fJxvtrOocd|1_ia3Dh%R4&_KehLsw!6+rMqfgY+WZ!6T7k*iKeYr%wEW#g%_hS- zH4{;B-4YCPS9NS>ciZA&-uH)cRCXipjY6AI!}4*Rz6v|#k~p=jxOq#Yr^A;gcLpv9 zZ$t^e0oEq&yHg(C@1@tYJXo0vNR=w0M#V0b=#?cOKc{z>cj8&jTW2J?j- z3R%6TOYwfm`JwfaDRu9)KZZ^Q)j1^&&9KSd;U(xRcdmL*n$MG~EOcMA#$WA&nvWbY z!E?$X*2#`1L1TFdCa-I~*;o)EOzAG%6m$=fu*f`_>YB8O4w^So49vc5%%Q-g!88O) zMO&2l6M2xz5j#1$r9#tYHC^^?@O!ekYZf8+%!@*0?nrV61q3oFrVDww zr)qUB3&{sm4npJV`cctZ4%(R8*LHfV&*S23nX|;X{GM+2G|8=<0WWX9b2(+EQ|f9QwTwb1CaoDwYB0sCtT>Q zf@C#rtxKjKC9)MPm~H`G<@?p@NYuGqw8Ry-gAvQjJz>0|wTM0WdF|Qt42FLNY@yR= zvM?k4BxbFnUdEpsqx(`Io>J(D_M^MRiJ)aw=YVxO9}F zr$(he#^+tF%PkNY+Og{4cuaw;vhmGjFs+{Fq{6%8BK&qQm+1W0$*CFp!OB<2Rw*N1 zSB(HgkmHLsEE)$t9(vnq;N7|S$Zd0TSr3A6cE5k}X*IV3YR{o6HZ66eTJ)TUhQY$- zRA-a(FO??Mn-i|9HMM;ZA|6dw?EdN`rnaCbPnh%Y;k;qTsPsOptEN{h*EsRm!l2Su z7w(}%(S}Txi9`f}vl7c|v9mdsq!$|Pws;n?4j>F5MthzT>B3#ji1!PXD0Us~?1MIw zqTIq9rptQrtuhLoDq5!-O2YDKr;>K^x|m^d=f*G04(rv_+m&dA5zTy9jUCv(cXMe= zrn2)X*}x{t5+?eD;+zh&ylp3o80+32Y~LEUQ}Jrr`RPyNr@p6K&t1&)teUcVNIm(e zaf=dZFb*rwGqW6Z{bZ7sHsEO?ZncAdR@PcR7oB5bS4*d5roGOsayBOKx{&Xtu~Y7< z{n6I1$d>(h?1Cl_FUxHB8~CX#vgqiSQf71%G4bAqx9M-4_lzIS?RL&&;Y><#L5dzx z31nY-*H}>7l6h-2n5S3!*6phwD()z;6si#~R`99eFWT{T9iucEeR3@w#PagqyXZ#i zjmkFC5b!=f^2>YrNm7CNNeG=?BY>c$IesgG8OS^*@yGizxF=IACnD%MB zX-P9mN2my8)xDoOe_Y&oTRe%iFW%f~O-ZIK>VlLY)0-AOi87c!{HJ&6{{?1eW`3Nx zz`o<7vcuNx(p8ozn9R+p%{^Tyo(XC}(Fe}!G-^*`+-$9H1SGRZbNEKQ!X(yAH}9}~ z?%rka{3<_-_;e|CikN{}6od${pMoeE*M@j=Uvvy;}IcW9h0u zsyxJBRwcHUo|>EDHmQziDGW5+kOIV&gIc(NI8~w2EUl=shvp#N@mh2t)s!&bO_a3K zfWV;9$SwPIG6TXhCp%zFE%2D)D zgGBvQx0#5>B1oFCyX3L0?K@x4j;fCEF}d1&>(o;wRCw=cWE@T8Pj+X$5|~ww!)>yx z4j?TfyXs_RoJRQD~L`k+q#JXfr0~Ve?Xiu^p#1I`WMd+>XOsj^OJI{bJ1?7x&)oK zw`6&ni`Xl(+sXc~AeK8b7mqLDS~k8a`*JRi@?f%1!4j!)`iJV_PhL@{9*F$yPR>^@ z_M?h9jF^{vzUJV!oM^y^yM4?!H;qhgUTwI4FB^WU7TZRx+Vy+K`FjVgP;djrnqMjx zTgXs7LOm>02pc95ZLYs_KBq9Oa?(81F~G&i9O`a3VD^s>!%@W_CaR2jVN4`4)E%gF zJBprAP0YZBL(=V5(Zx}&toGm~-^~pu>h_xJU2)F-MyXV}4IjTd53%*iyNXU{M{$oz zwYRakWI1P?{My`P&YS8|_{1o`ok`51Hcct$m0M!lfJqE|HTiUYf{WO6!#?WmoXN48 zL>u9goKL9DE&ZWL?QB9dc9hDvo?!9!zB>nb@tEa#rT10LZ@@l-1bOV3-`HV=>VrPG z{CjEjITgdU`uv`_;#nMg7xQ|E35ZCzkF29u1q_tmucsURy~VLB<)99ytH`Z$J-GJw zl~N!>^o4^N0OkTDRl1z|MK zo2M&+x}0d;DGf6~xJzE-({~2qUApdkl(FI}EB#~w^nL9ia6Evd)anXQ`YbIibtf}G z*aPU4T!-P`maDr zWjj)v+&Qw$A5B=Xq%DjPT_=*(l~z{}%B-Q|HmbUISF*gD=<@ed=+|aukNonz=8R>} zI*zT-E09`uK=#p<9Kd-%NOkGb%CG@Rwa-=6Dn;n{)kQB-$Y=IuWZb?|(5};)yhZ)I z1QN0QN5cAQ%g=}TEG_OAu=%MernZexa=nbatnTeR%4!5{dkg!()L z1yVVb8x^in`26jg<1Lo)6N$+XeAA-AMk{8SShZITbmXQW#zVHNipx<+?Ti|2@ z*3^a?RmJ_aT_}{?59y+dVbyOb(nptKMh(mDnbt$y_pyt1YL-W~`Nk;Rv{Ufo&kn6L z;d__TMKyFxPbI4b_hnaiR+RWZsmR`vKgZ>tLb7bjy56~6;UgJ3^q{A@#ELR@sfFVp zed;H7BOz%=K;-(P3l7ywoeirqa}`Yzf3ZB2eYGE2GBTluAxZOu97NtI!)KH|linMX zo)?fWzm$wgn^VWNEVsMd_ zd?Vf@oYAdw?GnY>k=IV^9GHSb`1b%)oQCX++qeZ0g5g3%j6S=wi_gWPiSrv!+fQzF&{6j23m%%tOc2BckTGK*jizGf&Q>O zznbk6&;X)-{`L;X{&YhSK7@>^>nZ^R-$XVar-=N#=$DApx zt%Ck~*r}}PwdQuIs^y?hcka>md(=5{TW`@E2`CzSi%@H&T+3zBxObaDN4uSIGVR4Z zJv~6fTR1l?c7Q9Gelh?N)J@Shs|Ew)6_6ocwwr`9*3dQlpqvavJ`a@q(b)gJG|7hY zte@qTN#rUTL^+K}oc>1=21Z+KRbBd``q}t8S|2zKG7DIybt@FF}+W51FPaT1d>YG#>C)$t(3Y0yPa`UgZK+et$UE#66LV9-^L9n(mwB> zgaR3t7Wv@eMO+RD58eK4>wre>*-1AN&TuEP?@!5qlXUq9CtS*eS9-n%u*W;ZSe9n0 z5WBU=-gmRC&1}a=?9Cqn{Tf#FPJ_s5zsG3M_sQ@KRS8MLeX~Y~3fAk;;2zA_hWx_Q?T4Wo&n}r3KSjA@uqJR`h=1r%*{5A5xWrA$WU=-h+n) zl67&+4?jv>DJ|4xY30$n?KJD`xb^8U#R-(l&P60nDqt=0o6Dc5t|QN_QiF@NMiw=Tg% zhU<~hRcRX8h!JRybYM#^#{P{xrn_Cno+&V!4 znnE^EN243*hB(s%g#Ks4;UDS-Ulk@-5#5v2F~SE3Tb~gBH1rC=6XIn0W|-1u!dcBcT&n-c%aEYeD~i|8UeEO zHx)|2;(~JeE~{&{ZrI;{jbt@2U!v!uabKHX!8o4LPa4o3`~B|YIejW;;J5jvxbUZe|cl82oj z)jx#z^zt;r7i3|MW-2!f<+MJa2gBmfEXl3&iU95s!TdH~ULAArdxj zcf;|c>VyN?wdmbWxFR-X-mA~pVE5l0&5WbY{9tIry!d$h>`9bU_HN{RZ2t7fWVRpFL$-jBi7({n7l-`#up3I z`Jg<3m?`6v0RlFunJcFxk}71PZpUA^DPVRuXL|r^yI6s>M9H8PGRPpy#WbC{wNYwj zz8T6mRP*gWUH_wXQm=x29~ro1?tkOuhv@xe)x=YKHCijMCUM*G zL0&So>=uK;Z8lDm2Bpm|j?=!8d0rA$5^vZz_D(N9!de$J9ICRI7jWPG3!SsC=kn~j zJ^ec=6?`RFeaaT9+Ar_CIR0u1q(_+gp*_d22T|0-6kDv`!tC{U{15*zhOc6V(o2sDROm}JxSWe&3LN`z~K^8qIr z`R-ZVTpRc^q+l89Jm=f<@=MHtafX|u6O8dE=Cd2tt`{Ja$Gh$r-rKh3MP9m8F=WA>|C?=%uiri2l)mKiQ*5lMa_TZ(n?OHiqB)<_LAP_rnV#fctVEmuN zibPzB3o%QJQ0`9v$#(#n^rM8NI4C(*gHUU35pnQAn@*P`cA`b#uQ}mqVUQE<>0j5+ z{M)?b^eM^Ns$vK*pIM7EDq%4fkxtT$ZQ0asSJzS2BdK@%8|uq6eBo%`8W-So zrmMW(L@wpGDN<)|Y#7XNr-ce=_PylMJkzR~14x5aHN!$Rq=Dq1BhjI63fkt}QJziW zk=?c)D4)SeUJf>Qv@I&w7gYh%AT{nhnW;y5wfo%-W{;!8(|4H&Q$Hx9I zQi_$xH}ped7!X$h#i5s7#QcwxUHl6jv{Bu!`o+AT^~f<-{)Dxj8N5bGw+<&p^=oCJ zSxJ}FEuO=h&R54X$!d-iuzim)HI7>-iiFJ&2 zaDC4jj7@NggWR<*!=4OmugB`_lao ze)@ohTT*+6ghAxlX6a^yl+2X}ALL^=I%{t=GM*f{u7jZ*A=Fx3T;C=oFEGW7c?|8Q zE`(-Lm{7J(Zak1k#^lrvmy(iFH@Q8DSbdmX6q0r{M90!(|9<(@j*8fF`z?8@$GRdE zDYj5ibk)IA)okz2q7Kg9@Kq?;)s5tjHm2sP58OCko_#l5bA79UN&o|`uTj3NELT~B zGDcTb6LZ=JnBT2BofguOZ(~+W#e=hzlJc@zr8w}Z;s?~+pm8?IUyW4ver~yxP}lB$ zv4G?qriIA7MZNU?(^1LtmcP9G384uHA7x;FxFx*VZlysgySIER$cA+^yd{ket*?lXzE1b0F z#tt)qVq?TiC&<#SXbeP_SG46l-Sa04@Tv{A(0I8<`2^ohW&N6W_xqtkJBH(2(1uUi z<)e(WI7IK?T&}Sqey-_<_J2!qD`?D7B!9SSt?UwMW%_MrCgRQ0Fj4D^)wc`Y?K^KG zQO!+VvrYLVL8=W>=oC@hP+kOz)CvB+4^9_1@6de$WT`$P=o&FaF^5O@-t)>W9?CMp zC*|mSnA!6WHlK}U*g1JFWwXe8^SHG3kn%YDj(!=!Ty$k2Yo-j+;7Yrf$+-uQ&Q69_ z9o@`xMAIZIxTVxgZ@z%fdRtwP!r)&%dkn$N$-_T>$A5hd)2p=qp#u9^E;xVepMhjf z5vC%N%UQ3`3B-&)ZFDt%mE2YjZw57KzpChOCDZHvTm}D?4^eL)N^Pmh_(aQ>etTk_ zDi_1PHlSTQls|X(lEMasTCy;>l}_jG$H}v6Zg|oEI2~95Sv8he2dFBRA%^9Xey z9u0PU;4SH>W@UPvwX?i&E-bLpa+^uJoHm9ubZywzKS_Z^^7ivaJpcy-{yApBPA74Z zIF;?>dKK}Q%UemIa3Rl6w&Vd?342r~#u&ZOQCXQZ&|*yV#jAfWr0mnyUPLY|-A~4Y zT+hm`SBEza*@^K$LF2_(sP1irvdS^2!n=k50{#(#JRx&RCu}Ub_5ZN<-eFB{+uApX z8p~2_fPw~fDIii*nqVjvEc6z76#)soLqbzQl!z=vdKIK4bV%r3K?j`Usv(%%_G zz_s^Y*M860d!P4Q-}fgHd7eCF%rVCp_wSAK zjvU>SqKRN6R=(A=%{1<{Ldji9Qx7ek;K5w%hm}K=sd?*7j|Ol3a+Ush!Qj8)lYn8_ zhV4cIlpGK{R*ACjmTH1F4QdbB1+cbT{EsFVt7=-#KvE1d-F+4Xi~l~+L)6a>Z^c%J z7iKS$J$xymHv$Y5Au4GdbfcI72FkXfd?%l;=p`54$J|c?Q!@h<31R59P^O?HNDBu( z-2yXytve;ccE}nGdfssUJ!r1ODqu7i5sp{1VQnKJ^;?QI1 zmCDxfo;JoWmOK^nW#`y+cNWm&bF;=h8N}+`&WhXRAb)E3jYmF5^tVe{J`YuUy zUfij_Rg99a8;yc8gzExdOZr}mx{)@c$TVRj$Sw*YU8FJu9bZ}{hqkOk+vA5|s&i~Y zcEn4HbFz_Nv!~*=?a?uVX%$R}^@nwnj94ptliH_2lTi~!vxzFV?p1SogYC029eCk@ za!mQwy)m2*#$3w0l15vGi!`xO?X>pJYNhhW7t{R8e9ku8C2{D-gyAKVWjmu|IC1p@ zgLMe=82RoFIuch@H1|sAvYeVRKD1&7tmH5Kl(pa$OI3RLMqF2GZReDtE<+ znTkh6RacHa@l5uHDm3|B+Z(AQ>4&9-&6i{_1U14x%w#zUA86~ch|(^SrKv( z5YCX8=?~Txf(2;af|JtZ+mSJ@V1uVcN)6L@>eMBRB}H2y-WQ9#xf0g{M^1{#5xmEs?KSI!(UY{~i-7Lgp0@&%F!!`*O{);Mq zj{h#H!wfXUK;jDaVJ_c$QEvauI&Pr|vS4e&6=MIR0wv z#R38_dRqhY4=HPX-(xh-_ANLnZoH?U6kPh)kb*XUrzSUs_ldY1^gvq$tN+YsD5Oq~RQJQBL66!3u;`W^6n9Rtp~4 z8j^+dFYQsr>zGq+QDQaYi&cW=F7b`Rk+RN}ln9oXu4_`&i%RsuN%M zyd2<~6cra}J$=PS+GBFK$e-9%_FdNUe2sr>xzQA!aW%!@;GLuw!2#i!`CcG=&^ z-r02|*e98g=oYOO-5y<#Tdy3i+7Jc4ziBm4h=mC;#;M>>+g@g6;Sl%A79U_z3+h;9 zotT-v5ueROGZNnT%uI^&Fh#!Lk%&#t-HIaPR-0i4QU9@jj_X4s=f4_7%P39EZ1g; z8)tJV2R$8C*t=(lw@_y1;^=Fp$gB8O7;Pl6(oyw((MA*MS7saXz?~o}rb zBw3XyUk@DRL8IlwbJAMI;UWIu3k0T)5%_rQ29CVocMp z;?t<1;A8f;ay9(~vv;#6~*e`h?*^h6C9w%bg!`BrRH9*AyK$He>{D2TG3Sa3zOO}c+SAbDU`P;ZIRDO5_ z)pXkl7e#B11z&}I|4@D>t8c)_NL|wRk{E18XRfHfiRx{U(5F zDEL>?1n%a=aGG@MJ968)fR!zLC(vHbcTw!`9~Re8K=%gN!5$nri4vM=`4D>7H=S30 zI2`%b#`{pl-K%tTG#1|)8Nc3$cNeUwtMF>E%43wQioVjdVhx*#z;?m znUby4HX*G8Vj4n$M+YbZeM&edJKw|)He%zMpPI#XBxxJD2WlH}BO6dDDGk*1n>r;cm=WYm>O(YBI-OXlmlxCgLdn$O=mc|s-X{c2pucX9`JD)ITGS?O1Aw}h*(y3ZVE!70MTYNd?+>)i>ztl z1*91mQ+6XpvnIbNOwa7jiR}~Gq&EFAmTlAcb*U(I3P$2!+b=z6-dJ5?3}3u0J>PDr zYO;#PV_u%CqNrSj6A|;yeP-SfC};OcZEFProx{BWTEkI@qJV^*kkS=`^q2tRRo5rV zh9j}`(k&<0*!ct*Ea+p!)1#5U@rRk=!Av|l^(;TLgLCWl9eSRQT3aDs zj_*!9!hDhP+SJNq>_$sqQ=(oKPW&6W@cbqDeTay1Wa(qgmp5}_v+ZkyPwU2zei%O>J_#`xuTB8zl;zydsxf4%9N&OZ0CED?BMAaw(N z5fR7ckAKltQD~~l@iApO@MOK*fzH{=)~gExkpmBhMq9b{iYO|zr($xQC@d1M1?4>7U@f0R(0+|+l3;S#E!`F0ftJn3n-nbk!$!7AZ!GmRsJ zx+b+w@u~<>$LpBk)(mvLf--eOh7Ao$s^rFa>|y>0)%S1HWA*KDUM4F%XZ0&G5qykQ z7E!Q*xOn8mk0qn4BHjyDV7RknTm+ea{RhN=a+=~3wk414Ux3Ijf1#JvC4hR@^4UZF zgsXmHZ3Dl(hX3;e^S^#_Qzyp#i%#rs#^-?p*Z)_?=RqVNd;K_5ARyl`vAi{BJ z5W|G2ksDFi9$PtFI#u)UL*MxenzT2G#B(P7dm0Y`l49gzOmc?R$Evt-B|J}}(}nHp0^+)7;>Ln2mdABz z{i?}o33>yN>&DG2t<1b-d_zaskfP5x313XoxxUhG2JX+=fv_+gymGeE$Mi)vh;TXaJEy)p~EP&8#*c(y%to-k+Z2ACp0(d zq@UF--jn0iZ^Zg?ubT+_6rCCtgVC>-SDolzc&^+i2+y*FaD8IZOmLE-F>2FAx1)z!2h}m5#YmxsJ>|p| zhzwnQAAeoBxLA4s#Lq|Zrm`FR{hgbI0e#`CcXWFF(}j>6AiOq!8R5`TeZiaT47@H7 z+lrXS2(8Sv!N+F>66*8D2a`Pxn?_(n68nzusN`-;gb$K?C`@-9oLBC9+|6fyef$1A zry@FM@L}W@(^cHDu`-S*c$@e$IoBkXNJw$A!VNl*M04|dcPB6&gcbZ2)J@Um3lKQ^ zi48dsnMYF%8wXES(*IVcg2gU?iIMSx zSF~&1bcyzm<4#hA)ZBPiK-_7~C=zP+eYw!Ewr2M`xw?l*hF+@e?sz%)XySyRQ@Gk^ zBK4hxv|^APl%DlfV^UBBntHRtB#^c*9Cb(aw^Oj{~VbL2dk%A2*hrqjKc z%4sX&o{5PdOxuIIRszj@x3G*m9AXwP$ndP8h}=>^RBlE9TG>XSL+#^Bt}fMRA1YC& z;jnC+tx&O{8OpqwnN<`XOz_T9e={BS*M`Oge=hCDWKTCB(y+fQxS z(We!9clGrH<3Gxk&FC4ZW6}-0%wyH5(q7v{^Z7-yR@7#j(p0HC81ZxP4PY<>T#}Qy zd)3_@%bC8PfD!DT-f}m+%y+w{j|F#B@Y#>s?!qelW27dfgYtVIhl%5WYgzbWp*A|< zBK#4@Bbw#~gn}FcT!9o(W7rb%H8RzA(+Q)lkG)-CAuzRAGzHWkQ4FCp9sE z2b=bhE;)rU$5rXvussW^CqYQ^h19t=2Jg}fy_1+r)o*w{(YD{PyM9eEC;dSxVI}m| z9mb`^UcgT!9szTpm887T-h%H)IV#>ft7s=8MX| zS~ZSA^N%tAaz7Q1Qchz<{ZrISanYmtheE^^B|sGZ=9kq+#qsAT%&f~QN;rHiKUV6u zWSZU$_-a;Z}# zip+Kf1}kPW3(QIQvy1~H->GxoktLS$bWrp4Zol1trRBncfw=g7UpiSuZ*Y5;ZX2d~ zJS7Yo=6i0{#AB(!_rF&E__b2adLz!`pPn`2zMKdETe{#(G8_d8nWBm{t7&)t}#O06R1{(i=}3dm&?tX$3! zizzJokH2}qo~JFzm%M%VG^v1h2X7QvjkJx9Z~lNppo`|UqXt8odf}Ln%5bOz;V`9? zDD70WRrn}6G1%ww&V-tL2Zd?{;H??xzhXvltfWPEj0B-V^&a)g@dNj{ihH<9-1}ua z#octE15-~zo@_Oc-sg>d)n&Lj;dDn8=V+|!O z3~ra@7fWj(2wmKEb8^e~s61{ZLx$T=4~CUPgmdRh>6S|ZSO{xsTo zMsx-avzy)vt5yCy`LjjZbt{_P^_G{FskLRFxyNUPc+(7E#N=s)@eHkH11`6G|*oI@3>0%p(ir7LQ(~Ws2R>_=ku;?wyshGmtX~f(Ko|QU+KY^jl9y+ z9xyTnD4DQ^j-COwJX90wSFB!F-zBD56~@Ze4egGoekT*C(sLJ0HMokC+s)W&9lMwY*0)d`^nr zW2K+G=SK&|c~hhH6sMXq8dC)96W=+fFaWb8ZP zr9Ef$>j{EZj%EqJkYM~FZ#HfsCNAQTBmiOF(c!V<2)v&tG+q0;_dw^B)5 zM_&ESEC`Bkm>E15x^CF1ln@+pve&vE(_&IWK3g7@h;54qwks8(rS8CE@^<18c9=Zt zCDm(8%GDU19GM~Fyzz^`?jV~$LoTie%gDGxaQKkwzIc(~N4&L{6lKPOdgTzUULMkQ zCsd!KyviW$H|psD5ZfHNa%~%t^)2~wB`Q! z=AIpY&oAVYvY!@FAfVYUmfixcaR)Exbe+xL)IjVeM*XMzcqD&r2eRoN&qG^KR+2jw z@R23NTL5!dFn~>yUemo>LQA6Lb>9*Ld^($(TYS2Iezg0~pM0<>YyTzORR;rXRl^Ju zV*KXT48*0>?cEPhuQLtl3}USTQvSgWvOqA7{PDorG+C$l-oQFE&CS~9JDIGlkerPN zb)|HVPIK9S#2DO38YUEPk#np0(E-l`l+F=9^!en_TGiKpSFJ93S57UcHJTp;#YKS# zv4sMP`H5ph%LMOAvwNa++X){KUBH<$hD;JPiamduKh`YsHs0p2!4t&?RT9m)7YMXD z#FjJrwVN3gWn{D4+^2i=q|`gXpD&eDd@3{8(|3ckp0kOpKA9dDq_wODB9d@2#oa7s?c=gVT8AOgg^G$x%5AKm(y*-2JDU? zK^=D*_0GWPEkDb;cBF6Ai&-KMa*yA)fFis#CwlOxi%rs`?bu<{*Kd=Nw2NgFVN^dx zD7Q5ih-BCJfjtTjsG{pB-t7HgHI^|2`G7J3QETh0a9=~4K8?4UXN7CWh2Yt4T8&a) z-R=n#P|#xJ;FXrQ-AB{V%o0@qCgtDxt;&!#_p!WjJ!QFFk@!eo=llw}E_(?g!e52j zD<&f=(55*5biI@}@luqYX;ve2qLM?tKB?z3hI(f_vVg*JsZKcIp`tfBTqTO>VIE{} zdU;i1Q?@w1FF-o$gM3LG#x>#d%Yj;cHiP0^TE{l-?H<6?UVi6*!h1k z3MXGoAz^e@tSlm?PRGb*`6>kr1O_BAS^kx=8+KpH zS?8QV-uC$NnTomNu!3NpwwS`|d+GFXltl|?{3F_`1bCI|tIh}@r+@k*-gW{BoM6~KUHvb2_vn4yRjw9 zZ}jLYaB@ksel6^SmAR@f;3m#~uVT-tHIGIA8F_!F{hc!YvhWf@CD?BBe={#+ZNP_| zk=_oBN!Os77*~fx8j|9QnX(1EwjCh1hUT~M)scveNY=}|iMSNMbdu9+MSrY|YE zUKq1Tnh%o?TyLx7FmhfS2ZmkaJrJKcWfgdN{ zETK95E!w{Ch3@2&isLo=D(P~sK)V7nw#8{)VJ3w z6%^qMv-&H2xwyz`t<^he;-}f;d}e>6H-357uHbA#wd&AMJTMqcxClHB9k6!&3CvPU zO&UO^Cb2n$Ug!0CaM-SmKTLmHrPhWC=x&h9=tRf@1PMHczo|y6;n>QZVb5>v)%WM# zx}Va^h}W|~wVyGVcjk@qknGuYv0SIg)*4ZP2~-kO4yuAo-OE+Nh|PKQbqgY!My2lZ zy@s}God{O*^&92&?Kg6C_?PwVPW6J!7|wdrbWO2J9(Dv)F!^O_gnPt#=(?^}NhK?q za>0+!4csbwCQ1m;9j=3EB_;JKDpyZm(4D4T>#z6t z2#HA(Ye(vC!%NQJ7UXxHXK$hizkg%*yz>|PKfwZ@+R970e`Eg!Zh>-144g|E-$t9mLittd^lhBk$xr`nQYGYY(@)d{Dy01Ly#hy>g=(^) z=_U!N3FELK^1(49_o*8RH9hGWy;ZP)yD#|Mn=y~TC6 zZDF!Xe=J!o6I*2+V*VasE1g>9sHW!W(};i2IT;*kjxlAg*e>t^8qX?!;VhEpA>7O= zGErk?H2h{)-3clA8D&X$NG@iCN=@T<(Xe}-jTC%rfp?Rlzm%KEYdyxIFzn&(BgcQ_ zCHBMJqS!v;og|Xf+jy) zZfsd$K|wnrJVwug>iY1=gT=NSONw z3tRGCExznJ^!ZlT=%w#&Zy*IfyvI#pajzh8GDUsjN4ItM0E(tL@*MJT_ZhROO_S;W z4EX;ZC=g`e?<2trX2QCr7|4#9?*{k+J8aI)3eSJRX#FqnL1#T7_Oo9Zfe4@8VgB8U zL3r(TU}vAq*Grl@X9ovm2L~N)B>AXsOnTS=Gh&VIu8t1AIm$#Q!R7Gd_0o=f_R_)A zfEm=5n9!AFRgnweFK@thHvD%=+war8kbI}9`r%bT{IJS1S=>7Z9P7scT`1e!$daVE zZzC%pITQoD2uX*pkYKddL)cg*fk?_v@V+B~NHjVHc$TIYfAwK+qN9QLz7{#o+sed< z8Y$X9ZY=V2jO`_>AlVmy$^K$D%0$)nJA06U3NP7Lr&M@4v0L`l;FlhY-D}yQN5b0x zF@62}JvMvlNpQ~q43L`^mv(B;MsG|>=C6<0BTcSWkqfz_MF&K0P6j zML#xgwD5^`THa7+csf7PX-!!rf3FSC0z6`)v0JpUin}`h{X%cTHa8#Qc|f)Hbfk%*qa;~FwxVK&S(uB6aGFNh z-7W`20ZlL4SD78`Q#_Tbk4#rS>Kn9Cv@M44*pe00lXlQ5C7mb9%ZQmm{w@$XE`hv| zCU_He0N8*MuP5IMFt~gMn6FKpDIVHGRzZ?x0|$3Nb*NE83SfAYZYU7B4q{`o-W(M; zkaQVu&$qbd%xn>VX>QF~V%Ar1$?K|#xgeS5qaVPZYa87?Noc`~oZx@WpfF{q>|*}> zOAu(7n*uN$9UMN16r79yTshAAyPtg&ByEacdwo*xMfb+sRL4~a+2Ny`M|bW6mbYuf z%(960zt`9k6c~qN6D#_kEkm8NTS2J1B9b!mA}RGsX+pHS*XvA$$8rS>*WQ51@<{L{ z=9U)*8AI*+)VawNO~F|1yE+Oved&D+%)FmW{>JlN?%7hH)3S)1?L#M$rTcQp!hRkK zGM|GWyaIhYfcF@x<$ecGR3@MVg?yWLr56)e&D~~c0RxMs8c&ZVH7@5B}?1p4N!G;EwATrig*5ti0Qrc0c<1~!h9Dc%9+Smz2MxwubP zn{+!mpyt{W?IY3b7cN;0vOCQ(ZcHyPrgvw|&y>+;H}5C&A$g2hek1ph6j=H;(Vc^H zup0xW??Kt~t0cRUGOr=^mFmGJe_;8ZkdwJq_kfrtbehqyP8a;sNmq{aw$SJZrG<1>~2`FNn6y>TB}zMnW!e=D;(;er`~F*PJ~- z(>jf$*7@!^nNm)|NNvOD0j2K0Xi2;5yH)RM`~fw-=iz|P|Kh4>8vQeU+T;QOQ}>9G z#tPH;CcU?>U_y&C&0#BJ2R-AV{ksr9z$*F8f-}$#$FKcy93|8N6p}l&e}EqH%R?3< z@28ypx#|k-ft}Y@h7~js3tKv|p@xS01Km;I2iy(-dSgo4O?)Om<{;X>mOgbz49L_9 znHHKC0R`*USm4we5qV#GhD>m~sPe;gXx30Y1Ee0p($N`F=_U2v7HYI=uW`h#g&9%Z z+U`mv_T(r@>Bnm+or=iZ`&b&S3yC$UvG+a#OHfl2g%aZHCMk{leCN`VxUGseSFqU5`AWD>HV^mslohrdV?3YOkLC1HPrU8`^ekMSHa=NHD%&| zJ?=ktSNP{^MZbRXe}gN7El5xR%k1Qxa@7?A0kt^!ixpW*-VOWZj+2tX4sVV8*EzeYVvw6A2b=;tA0q#Ze?~`Hl zg%ln7u^zNPw;m|r9C)_CMn7Kq0m&wZ>0?*UDa3S6su&Zs+B18K7j&{ zo)6@6NqgM1=5xqyGtRK<#1mMRqbfs~12CcP-(G#Y>$Yg-l7`)P!zuFjS4=t)gVRmrEN`%7-+^=h0oN&Ax0ZjaXZynV5Hj2s2SuHfoV zH!_=G6HKFEC@ay$G!F*1X)==!uX#RyCK)p;K6z|gjC|gUdl5WBuA@z`V55B1MnO3( z|MUd?%Hy4i27vh>BJ0u`nV(Xr)xSC9_g=m!DV*=6H`jQ-Zi5F0`*ZAJGjGi^M#X{6 z5%j*r25uZ~ke2#96{B*bpr+l=y*-He;EB<1l+3*YzZ#@|`S57M-!p6;0bX<|(6uy} zI{-M@!3tpVsZ^2_lu5T{QCZ?yopx`O6t7!U^wI3B0HCbi@2=_}CPqCVMe_wn@NSCx zr+W-4^Z^Op5J`f!B$jP6F-D~zdsK~{Dsh?n2#d(bn_ls;x(T4~8}uI`fA_%!8U|9X zQWN&Y$iYU>&PpS+#{Blh{B`p6U-Q%d5}yUSseIHw1hD+u#CEmKTfwV8=Vxxhx7Cvq z`}X z+D04=eND|j`J-m1U&(K0p`a;2S!;8AwdI00R z+Bu2@GINx%LO1;&|=A#|_WVa;SNz@{y-Phi2IAy}P+P4`PiaL+UceSvu*q$plH^z^a z4Zy0j+gH5qZr9QF{_|b#|LP~t@b{GC>aZ$9091VJjvGzgwufx~<9^LE>)HRfQQxlc@>gI|H;>;IF==+QL;i~XU(q4|E4z8 z%MA>KWoA!@z3j(Ga;aoPDmkKQW3pncxI_Q&d1R^G&TELgFsS<4ATjh?(-{e-?Y)Ph zIi>Awh4U!!DLhiQr^M$fN%}8;s=3uZL!ICq2BiP_wM{f9@q4|-#E($C_zGXKZOo_^ zvMG1TZioeS&L{*gAknXCj`1|c?=*?PfYRew3`H}X&YF2cc;I|2ou*qQ7hciV;GA-iES?Yt{&0?UH$5kCfj zY4Gg5EHfKy$Mkov z3YL~sq1>m;7j4!CzoV@{8)4mAoyWart+jBFICKztZTI{`y&3eF!mYJ3gTuc6Evy)*6r7U{ZGsmb9gV>_LBnw+;gsXb&X!kq^%BqnpJtOyinhy?qK(RDLeup>#(NPe}PhKN47&c4F$|v zBB1Qh*HiSB^~%b!=Nk7*U(+HqXgqrNRGBIlpOS*fuxgv?!&0G4@=Kb0av^JLt)pW$ z9uEY5Vc|Gix-Wkc4On|BpI?)t?8^sJD0>dHhJTF5fV5IGJz}o?{iz$mb`Q zDh%*HHOl$rT7Np9V2nU!fC6D92zsnp`=pv`6(L6)$Bw#?&?jP&`|3VaGn&@(Xg|3J z%5&LQlCC-N;>|yuMb7dQ#5ZI3G&qAbWE-=va;m?S&?i4tQpgp;z4w%3Mk>br2Gm?C?)Fwr9luCEyAs60n@ z%fi9#_QA!)1o~{1+Qeom9-A5|?VG-zk_i!Q zaF82btQHZ{jq~fSOkb%tV9N4_a|dysHRyxS)KaKww}?mEO)(GT6&1%N=3BjAI{M39 z``4Esel1A+)lZ~}wuxne5!r#(?rxjiT%Z4}Y`TDA+nAk1By=Qq=CjY=-66dFg1EEF|fbjuLaBIccn0lW}5d6COW*6G%3 z0~3MOLEja{?Xx0jnpf*gG%}E~e)+s}g9_@lEI>>V;sP(bPqSZztFx(xV*Cc)J%fZZ z{FYJuBKXnWeK>$K92F3bjP+*Y@ig`vh{!{0D)WD8!*w+dl8d8eqEmEkSe=?l32f>i zn#C$NB6E}j{i@DBH;xNl_`Dh~Y92VcNj3tj$<~d(mNWB!Bx!E!-cXwtu!Y4od+w*a z#=34&N|6097bdc_Njba`v1}Xpg_R+wEc^Rg9`Eb}%eE8CX6=To6Lp7*{jtKM)}5?| z`sy!ip0X9j+^6)5fcjDs_?%YWw@IQWy&N+=fv+uTT>XcA7+8nwhsFts00i;lkd*nW zwklReucn}5A^5s)$DlnPH)5$O@F(Eya+7^b`w}Dh!H_X6s|{`J?-`YBIOb}Oy_?+G+rYo`7cR@ovWgj9BgDjAtXiZf5-{fOY*AIq>AWl= zSHbpHW?H!|g6bs)Wayqrz_>S0S9`ORpcfoX3#dpQjLfje&JN1y$495{0Z;EQTl@gg z5%T5O#XOBfHn`cLL+>-~H?xtIY4vEos`=MZNBCmOUY{V~52wC-tjrJBHp6vx{DIFM z7MLu};H`{`NRpg*T=X@t=~#Rjt|bJKUnP1(;sc^t)JS0B_0q}c%VzJP_vb{3$T((JFuN2V9MyUCg0PN^Cwg|IuUxY6W8}Td z)>;NRk8IC(MfCNax-S>iOn~WO6sU{s8av#S)G#oRi_IPcqsfq6H*rI09uHY^iD)}S ztcC#7nki7pCHrwr4uhv(MuzIm-HtBGF%9#cUPeJnWfETojp%GLPji_YMmP*xM8XQN zle$G#R(D9dK8L0cdOhS3d(G*yA=DxD4Pjwps2G(RPe1p8gfNv8naz}YBo;9(5G>-B${a;X1|s` z%tRwBAJA0CEgDzb->oU-C7L#$IBRYzl_h;nuI1*`ArC`u{)&Y`uhtz`*IlE}t7RJN zZceL@ffV@myh(gC_c(Zoc}R!kG_E zaJsXP2eNWuOitrZGt#krR_GxRa%q1+C9*0Xz#Bqae}E+h_ZH_Fa;0s`nt`Zc_IUjLZQLLZ-^U`RJb017WL86qDc7I|H= zy)9SfTeJhD$ca9t zjKN5tA(t4_J?R`N!*HFVO3wyWob1mFmmKjd@*rGpu$Dprk5cU`v4`@NRAet$R&YRM z#w$c~%a^at%T8^BBd$_D4UWfmo6cUGK#%MUZ7Z@+K4lS9AHfZDpLR|#QZM16N{(TR zvTuTEHhr^}%S5My;nT+SjnHp9)sQp;O-U-e7MIBRbPerTqN_6{!tpj`U4g*OI1T5H>mcJpF`(8q(y5dls^qU9HeP^FqVqf8*gp?cxJrnlT>a> zaq`Xuu-)VcF>Hb(&T4P}PiF`TJM=7E<3oSWM)yt%_GewiKdu`6FM{i@tt>A74P4*g zKLXcJs)Z&21GBVSuV{<6YT(+;7L|7PGc*lYSF2MFZ)ClJw{VXB?d=8mx$CrZIPA0V z-Tk1QZ3toEz>YLCV7#Z3#8Ec^T!4~tL$}Mcx2FJt z`)${}74CF`f0;$&wPeUCPw^#QOS?dAS2oO$twOBxt+bS6v+EBe9Nx1uV7||tolre< z5_42TGRFJj%?k_N#a+NmM3D<*b-<@{I1@7bxOV-m;DaNej)LEF4#DirEC00b8-u#h z%Hy|woA{%HL%ijg_0XQ&ra!L^TWjvxg7cYyOL6>Juc#LzE6@*Bl&Zw{1rJ}uX}uEE zLm3%#_>Nv{Jss6H8y;3$FDpZc=>)^p*U_Z)HE4(N!aa^dXy%a0ZL(5KQKEk{8?h zKX8S~*OZ@{OP|DQnLBZ}U&yF1il~s`{itr*%BcPZ*^y=AjfmqrYeDmQAx`2>Mo3H~ zKBwh3Imk+5cPu(2+A(32M1h-eo(>zA!9M5TIP@Z<PPl#q`|qypF%akLZ=V`9w+SCP6|0o`qXSp*YNMm&6=`;1+!+G9J;s4i_&-J z865nKAFjPB0vx)!rR)AH4~>2j=v)-obwCcDN+4a3fnn(piprhv6SEvIQSHUQwnnzr zG}XMH>K(*y(P6RCX*B>43iwQ;=%rS6!*=}$M11M^O6i{XhB>Rc&yfOLw1$nZNNNg*` zc((mr90!ARPV-o@&T%ddn#iKxc`Cj-BfJtbCZk(erRw0=8^Ynw}# z;4cN(=m+(gU5xDp$Ej9k>&-t|5Df!4ddUZqLEfMLEK}jMg!(6k-JGL5l=EA=RC%4S zhfC|wCaCOrBaDqb7k)L@%sXt*pII?&DueI1Z|LB~x{Sn^qff^YCZh)HF6Wvv?M`C}fRS!i?(k!E{T*4~(w)AluejqYvQfGSt8*C4MfRI^Dw*E$3eQ<;5d zYM==a>UMBJn#Wp&eORciN4w`)5r@ z{%EEkS?|f}(f{t!l4Cz(2iuW7|F!))8Ce)`(jrBoU4;*42$|4E;U)-lm#rH)^uNt4 z1r?Qlz{WEj82v@fxC=!JETsU7^xl6TMM@5p`ms$QK{ej7Bo4XZ&u%}ag&0%;@MWR( zEgpwnYw?HiDbhE#4ZQZnye%Q=yyxS}=un9Mo?5pNYX!PUN_m`(#V^313`opl?k+g< zHPyp(FZz&Q_9)fN*Z~UNss1y}JwzH?A=^=?lh(BmiN&K?d|j?PDXe_kCQ{=}1KboK zHQL?B-dU_dHOG>jq=*M7tA5i^h&BeoJ%Ru&=6AKR@n7&pI+V2ot*44+pNXT)xSFdb zOS7|&9yQ3xq-7fmU$4DwV=&|VvbAsFTLQezcNA5iRkr_dZD3A`Z`otFdu~y*gx==2 z>09g!nd=0_j;vZ;`308tz~=m8JJ$v9lYwwy&UK?dzN~q}0%ZIB!=ru7k!*qlwRxXC z`j~g!#s=>NtvNf|;jhcM?Sv`}an`AKOkxY)zxPyOU=h`?XldIsKg2NbwN52|IOD>4 zFO6q${}G0HZhhHovT2IuD13?W}$Tx^YCoh1J~%NdxFoJ7+k+} z)Be^Y)0`O>1o?tK?u0L3!7c1SfPTbf`2`E|e=%4H`u}r<{sC8LV8i5(vllzNLwQd0 z5Wc@eaie#*TcCpz(#SS5$Jizuw-3Docm)6ccKFuZB+t^V%01m1COfYWa3$Ww$o{LJ zz=Zoh1lz|fW*-DD#Mw4A|Dy$!@u{io{7;9-_WkGB_VR@kKkCoKGJdfd-{|@css-kq z!U;DhoY0H+-|_CGAX#UUJTbFjt-b+oyIlFy*Z}fA<1T**2B<5~>ev~3;+`#kz$_S7 zj~?6^h!Pzn$5g%n1kT@@i%N4!tYTqdEv~VjQ{iE!FU~nn??bM-lJt?chDYNn~s7IgUqV3(IALDd^7=}c(YS<0;$tzVDNLv1(Z~Hh zmalYN^okdq@sBVU;`LHGMuWp=-?U2C9hCDJz2xTMaaihVkl~vT6S1Xzm!2+NMfps` zj|uL8#(S10&!HT@E%DUk5KD;BB)HBS$1xinvF4W;#brSGF%)s_Ha`6F??%fuXy7Av z_(*QE@92r~Y8Acy8;EQJrBn@(iVIyWQD1Rk9}F7K#YtpJua~3CjIhME_=9lt!F%xm zsYcr%977U&{#!X@MdyO=&`;<-joSY5L()`Gs>H{3o@g|xeNyd+f;Rl%8BaMB{G8E} zArq@nD%Xe6o9l*EqC{&W88!m;Irq$@9Aqv{=M0i&GQ1U=7_WCfS{07V8T^{-TQDZ| z=8!~6a5NvK(Szd&_ZWwjf+CxG8MhqDfABRUmsEum-eErZe?l9ea95eVFjuo)(8|cs zG*~t>Qgkx7D-#WVaoH19sbuGeB4xW+stKw$f^6 zVK4$o>Q zo?1iD5I%1O^)iOVye75FcXG&y{NPGNQSk86NhqrG(U7Ht7V{|VfD7BknGPOjp}G6 z#@>vb&9Tn%#(rNOpoAwO_$T2^IU?k$ETf*UR(g=)Id(9eTkuk!_>q5nm{F61V5+sfP~<% z-P>P>o@(*h?H46XIW6+`N`XbATI+yGW&^{8({GB~cw78q5PYdIZnDH8ipKY)*%rYu z%Y6pXI*)eV4XVYh{vd65c~_;t#1$L9p{^k%nVWD*Fspn+n$;rylOxoJYkN5?-y)?Ib#$1OYQWU7IGA*Y-;zbb32k%ZHfHFJAIhjQ)Alxd@{ zGA>=b3+62#E!;0LPQJ|jk~e1d_Hh&P5}8if=K3B^VK;M{3GC=jd+txhBMzbs-cOa@ zi0@;@k0RyOKVWYtsfD!%JfZhJx!*$^D#dP_kRl)P95^Qqa}p#J&Q&oUhD)<&k6bX* z!Fi6o?~SUz+wp8gwiT($%HS723Gdot7&;8ImF!*UW!B>LtHTo;p#|P(bngR8|kw9d9o%TpZH(s^~(u77guz$JbLf3hNzHK*{ya@Sh*GdqR2O zP$~_NeFCp|QHYwY5GVY5W5=^;iC4E6iTg6{4Sn1sbQJvbo(NMhtV3kl5~N+D=gEF2 z*AYL_N%<6E=3!Bze`0|}p+#99-o^kb_7W1;EUI+Nt68Ht`9??e$DYeZhu3WH49GXS z!xlyLvRWFkDQ}r!fY5Q+`v;-p4t$f)VOVKsBpPsCkIP%h?t1yk8W{)157vgN_+~_< zu=sz7d+)d=yDe=v7&Z2&bdZ2psM0&3sDO$JQUU~|NN<9G^cEW;MMMm}C`b#T1w(I& z^Z+6R2vw;{=vDf6BM3ZaX3jU~dC$!J=MR%R``%^kwXSuoYfVoqxcghA)VZB*5f@9e z400N#=d#dx(1lsv?OTeC2Xq)T&SUB_-iA&q#fgPXw$_p_lK&w;28dY!YA^NkkOf}*7**;QN>f&$z~ z{TnJy6`|a(&EH;Djc%j8()I=S-e*70^P9&(Af_VGkNf*>}U)Te{Xz7Bo#NqJPjc2kT7tsDk5EtJc6d(}gJ}8Q13Iqj2 zE86pX3>! z4sL6lPj3N=zubR@dQza^8%1{c_Go2m1|LH{|9QLe)SO}|35FNPiqa;MjLuctI7e4y z=d|`P9$!`(c-k__6zEp3bWVKl;|7O{Yg~vnjwU1O2VYeVP#Cdak%Y_UMt?FL><6DQ zuiEo;l$tY|CP3v|MMjW+j7Hiz)&-?CV&IMqF5>!2>fl5B64w+IG?r_`shr&j$by> z#wqXvIi>TbAOHKiPqJgJeHvvKvqRO}Gen0R7)*-n_+wLXv#;`Ok>pA1<2mv)&>6a; zuf~Vn=Ilsp#ZDi45e-1$mex0lllx)c&d#D_JQtk%FB`;eGz>?(lndharD9Ss>ZORb z;(i#)QHCW=hcsY#B`v!VjFE5deA9ki_kc-JZvv4=(}Zf?P=wT%jwKnjgGZf$ZNKK2 zTqv-~#R$?Lty!kKHVAiI3ChOMABCOVUah;!Yc@_^@q;%vemOTzeq5+dRpl&zy zDHQkl6$+29P*nCZ)?;d1)FK4Ms`YFHk`WwkBGEjXUk^OG5K~Axvh%{!GN-pk;r!AR zYE`vqa&R=Gr>(-SuH~nm@msi;7YF^o^U+^Q1Nz>Hzt>L(+dyZ?of$x8Mf%w+@OKKf z^3Xv+KpV_|^-zJ%hU~5{U?l&$r}323x3B2+%=V`AjJUH;jSKSaU{GJ6O#SjV3K*+f z`NxkRc|aX!V6f4RD=eU`Vad&bK&Zoi4h9I+2_(liKMvH7n#*jNvrQCpZEI@-y(~}* zPqt6d-~2Ezkom>l5`m8MPpMozA1ndr<^Phc`fpEbg`rEisg{k$n|v~424C_!Hd+Z$J{CUVyg9_DfmhhQ_t2Dx5n#VUWN zSpJ}{;F#-!^R!Jg%3}`U$Mj6Iu_<13@KI(4`r~ZP>$?(|!5e18hEET1?B^S)w}Nzm zPPw72M*PZ1*gh*`{$hb9JJ`2ScKoN3?*u^6m0k%DDcb(-y^C&=)+SW*HmqG zUvxPG@>nKeU>-G2oh_Uh$r*1xp3ZICfQ1OfeK-CH?gUhkHka765=^jEu|bz*&aW9K z9I2Ct%rh%%$f@JZltd&T90NQN5Wf@^n@d9O%g;q~Y2~H*j2qO7I;~S@bU_J&{tE97 zC>aeH)=5rPOoSrG;r`qj7c^A8PmuL|eGY_=yA5{=ato{j;3Dzi| z_Ka#b>!x#t=^8c-n(^+DkXV^qsdDXrGl@a%)=ivl_@2l*ttdPv`Al2!$=j5LM_bI2 zhL6RWA0%l-8+U>Ij0ggaABZZ+&>c%c$bzKMB#TJadN+4DehOEVYZ|5zY_7)K$IKvy zK57rzRpih;OFp9~-jRgSn0v#71BX#!vWE%7C()}eG4eD$k+inh28Rd ziN#-Unu?s)s^EgSV|FLh zW@sjL+Nw}hEU<52=JIr!KG38Pc8BnGLI%)Ooh7L=n{{Fxn!~BZ9q8qM-Uk$$U`rpw zj<~~ulQ5=C`5xS+^>Ny;SK~EfsiL(`5O zKAk@)-h0*p%XGea|IQz$KmvMGsFr{72Lb4>7NAiVY`+NCv^H(vXwOXmrbrE6pELD8Nve3==#pTUO!PU)5thWc4P0zPE-$7@3U zL_tpW?+l=Y0!k<8vET)?j{o!VEEbr->a^sk72abnqgbGP>$3Mk#k`kzSY{ps$c$gB z`{U~wNN~S`3<@iw2h~!_ffrqN_$2IoMeOnzAaMlr`PlNN${%XULd}02U8pu~grkIZ z-lpZ=cPUw2n)dEA(aw3<3UF(C*I=K?-I$No%@t&+^5xEVMw)2HR~u1zv^~+b%cqq6 zZAeLx7l_@kFHC+?bydrm9FgQbBY6v{saE*N!!sQyjbUe4L&Oz3Aok6~nr7#vSudE% zY1}r!#$e9gb{8EcjN0Ye>qh0c`rWAe?%JTSLUimwsH72BzmzRiJr(UbnN@lMkJ(U0878&dr@Tu<`#n6KU@0Mt`DO6PxgwBf3 z^iFkb(=c{F6s7k2>IRl7T4D9?nr>H z1Mu6v>>aTKkdXk|Q~jAFpoC6ocLIPML-gJcKNZ{EUx32IKiS+YpAY{r=Sdahjfbva zkhM);Y5K;|M?eokAk+eZ!Y%$s|6%wQ_F%HNBudn_bb5iv^`s%NA$C2jpYI-z?zlhY zdQqQ#UteE)=6(=?1DG&=acDlE2O_gE(Sr{>+7#>E&)Xz5_k#o}onK{^)E85@_+~P8 zDPHXRMmz7uDtbO_C9GX$X^?Ua11j&{bkitjP~HWOIeD(%CpF5*t!x5otE8iGD<+c# z-fm<+KEbsaQ2Ck74~9%_#)RwklM%M?MT=yX;HOJXWxtk}(f*s!q5M9S>t^^A?_NHY z0F5o1qD(#%EHcQew_1FMV&Vvh0F)o@Kh+KfnlX5n*iBe9dDW%LzQ6GM5i%u?@@3i} zK3c$ek&}ap!Qo?Ny_B>uO5-=e5+{1izc@3Pgyvnl*2R=;XCGX|xEUOx7dUv%)feEC zZGpwn7X*cS0*k^L5Am35UZ}HO_g8ady_lIaFO26Ia6yd?a8$ANSzJitk{pt?a=roo zrqi@By*wQGN@NX3Q68|ljW>N=G9zUPy@5tUW7~rO%$ZuSQf`ala!G=UEmG$8Bn4~t zX;3)Z=Ffye&YU@OcdTrW~*cZ*PtaMMsHe`Lhc0f&uAO_56uxq)Xrp>`5_n$q?8>9Tm zy`KYhE<2XMtH6E|=@X-jL!?Vpn4ISD22xfF;S%BT_zB*;&P8zdVXmT3vUR@qNiKc& z1vN%bILJT=2*`a2;7_w_w0hpfD^i=!;>?i88cvolzp@pW7;UFABDZ*$FgR%|B^r%u ze*WEczlf#1QG<)fi4>(x(o7Uqp5hvY!D{lHn6TWy5Z=0QCv&l#V2AA_C@5;Wm3 z?A7*-qveIWlG`rr*&7C5y_H|d9rji}Y0$ViPrfh~MSpg_c!Joo=N~vf5uaxNY(EAv z-2`R;wB|8zqGpGB1(m*^9j|q6@|gZgbhJ4LB2aFff&G)757v^)mL92jU1yxxd`+jH zctBU|`@Iqts4*W5^p+L+a@v{slv040G%ATF+_B+jkmQ8C(f}YH)T`QER}HvcE&|ujwkKW=^alC|GnIXxpH`gmXsr33=lO;=woRD} z34GPbn4>>;8OE{_ZuM$y=&4#-wF?TsH+P=Ks^C`MtC;-N>(hRBR2Kw#9Y`DO{%2A; zjF0$@0_ZBfGg9AhAeB4nX7+ZH2rWu$OIn3_O<%lX<9#)Fbh-QXj~myvoJ0q$a;ao)MhT z=;z`;8xqPPy_Anaz$9=cA6M z=n}5%PMTZ$hVUPE)V!4Wl?*;3xt`8wd>vzNrd*G+Y_sU8o(k~ur<>1@zMW(TEASbE zp|rva#e>sHNSz47wVhcCMsTd{x6Wri$E)H3>A}QTM#6C&t_mT+y|EpHERJY%`Jfh*=9F2k8pV=OJT~D zmWysr4qoO5^oRcX1@#7zi4gK~&o>H1U81 zEvocH5<}fW3HoJ^*R3fK9pj(5#M@cE$9PvvSS~!QgMFb7P>|HQIhq}w%pF~Q9DcEK zst#W5iqa`29$EBpkp=Q}+nX2#X-(2LG^xKqz8e98z7ho=Igo8nC?8PWg=!X0Q>!#C zYJ}!Zp(6iy!$5lAPE_P+tJVSgG^{b{0?y(v?&a_}GNzt0t=L8*P(v3GQDkC|R}lBl zcKfF|&7zo3&!rY{B#lhh&e3>I0Iv^LPadK^L`buu9U+0$r5ZC{&$lge&0~E>lb7Jg z;FcI-(N86*#+5-ye4V8YV;dsBs3z$F3N+#uAUx($s@-ixpLKBdlBw_YL%TB(aag3u+X2b|@^DBpv%u}W1~wHY1HJTsOJyCW1T zRXqbr?g7H9XPgt+O}i%ga;vSKJ?#4|g%f9@3SOPloF4i0&5@MX8m(Ey5}jz`M1omJ zV71=zy!p#JxiGObxw+Rq;Hp_mbMtreoX;t&C@EFIBKZ4Bc5g z#gDP=DKCBl6D+oo!j*K}_Q0#%Q0Fe>LVVe&YYcN~S57l>pNG~zi_Gk z*GB3eZsUHpa-$KL7vLa0eZ|eI>%p)WquvV*yLx-;{~w#Q6DLkMQIsoej8NR$F|2nB zzi!Mg7ZB$Kf$`IdHue=d-u%ljH@UT90JqlY53K%AosoYwZ*S9)qZ5G#J(KOaxov}9 z=1M9h+$wVx8oeYL7#saT22d&3NyN!=;R6m?<~{B0*!i!8FSo%j=p!;7;^c$FICR(~GGJ7ZvYJSsrN#+G4ynW6@ z$xDVsS3m6a&> zID?%hk-75?Oa0m&XP{qt{1{i{nG>$6G!iwI^23w8tR1}V`}h37UlXnWaMAs@b3y>n zvL~7J8E6^RD76aU4TsJm^$LFp!A@?5CO~p}Zwh&4`P)oSk@LLw*^@xEIMRp zKmC&e{(nzc?{OUd3zr1&8@_!rpaofJ&$>uTnVCUBTXUXfoOwGTLXLFHt2rYC^xZG#aitL3k-FJ>w*u}5PE8wmuY{NOh zk|Fyv?oq(AxD2~9&KD~YZ5T6?0h_n(O8*PQJ1e5953tu?4#l7;mVQkbQj&(me>V7WBnJd#b{rSnwTWM2%6vOK6A;=gdY%qb>xf-2jY zP0dqZ_BQdsAz=q?t6XK@qE?R(VYytLqbX6|So9C|m)REdwYvuD=m-U-a--Bm?~$xk79~i!xLI6Noxv?eXtkX=3bknG%16x6~|E&1OQ4NGh-4S)F zfaMhmCuXTA>kpi2rySZj?L`LSbF*bb$yg=5GNptk*S+o#2k^_ZYQoG{=%vi&pALc< zk7o6O2|#jLW?gYkZIO;KEEp)-+}_W?nzO{YS^8X8sl_g1c%&Sl?51}_iS-O2O-ajQ zEv70CG|%*pi~4ud!3>mnIw3lEG9h-j7OL22Wb0V`{nu6Y_>sBjlXyC#)TNgU&=x=O z4K1!_$O%??&{@JHm?n<}Jab`=c9B(P#aLphMzgrn$sLsvbgjmBH7 z1P%XawCbZsr--V37VRR44qQrAp`&TVtWD)*YWF5H2e@ot-3iRZNy}kE+go9Y#0Hwa@dU0w}Mj_{eOB#UyLa% za}?y|2egM$_h#nTYdEDb9D~b~%YoCh19aI(3bhOs$fYF2On4 z*IS319a(1lI!4iK9}T&+DLz!adlsia-neD;OKDe*jw!6zj?*6y$b2w5+E=P#ODmJ` z#75{j-H?V-Y~JMjL9~TD7N5#{M%9XZOrcVgjk@o2YgSm&!c2WgD=iZ`3Pa9gRCYN8 zbmrN`F;<%sJ68+4R;Le3m3vytAm+dR5c#1)87kF)9<)oM4z}XrO!L(Dt$!CBiH>u^26Wska$Ik^BpYSyOMkZ>Nl>~y5NxhB~?MPD*q*GRN1A0$-*BrQ@WK2B23TI*$foV*y=EUV=(w4Y~ zN^wW+PU*U($+u3UtTC52&cp5$IVXEhe{fo3rTB+oFegZ-G8E|26oRSWYckGpQ`(~AusbqxmQP9d zvrK4Igzw>fhl%YG8t+Z-&sbD~aS>_tIg0rO&P!T-Uo|~vDzI4nfcw#(ug{((T-(|9 zo6FpmTwF{|n@MV^JCMQYh_rY!lwJj%=}gtZ-X40;!#>h}X*6VsR658oV;EDNNQiv^=#f1zBICJv~ls(@SvUB1Pt`}+soGa+ZW#7{i2J!gb>gT}RPN);l}oo-~{#Q&yhvn2l=!Aeg*@1h5@>A;ltT1b`3n z&!F*Ti*4{dH|OjCg#!MLJkR@!OMY|N^Y+D$N4qNJR7WUm>h0_i=D%{wXf3$DaaV_V@L-)1s?Pc9+$9KYt zKUB9gnKfmAf%fxrh6K|1UJWLx*Rtf1?)fypM?}Zxf7?*iX_DACFyP z40|t%fR?Qf#csnGavJf#72;~-UY64TXvsOKZ2nta!saO6Ys*-|W%1#00cjU`M>Nm^ z$)}rh3QQE{_!Wco0;GcMrpIkKo$k%^cMc6Ckr+B-s5=G2{NIe@qIy)z4i0>Ih*iPE z_!OjgxG{F?!xx0(Xh_u?_R4@v(dMPU1#xh<0jP#ZzH^XC6INwtKg=LNHI=G9=`@0* zKGrXEAoE>MM4i_twv=s-wUVxnag3KM zx@);+u}GK{zZ4r1o$OK&vrxP13k+9-jbrN7bZ#0yV_%^{UnPD60FV>_07*0f01&(y zp7Fx@%v=3-deV*$m+T~j-mo|E;21IunSHZU^SG^aM095L9xgdA*VFk6xrJUjZpD6) z;2t_F_{QJ13;-}PlesZE zJ+TM`XBzE#pTO}bAYJpDXq;74B)K0H1<1pa|BuOg?#y?~ev|hKmWR<#o`Bc%5AEL_ zrd{e{N5OMusTI)K^Yu4r9pNpTSchc;+ z?XVkjha;dr7L5;!n`FZq!H+L8^Ews*$vUE|VI%iV7umD=x+MOCqldYy$kxYAR(chy zZQ{^7muE$Q8;YIr$$b??_j>egd^Wj{ANJsDt#WXuE|vcWP4{K>k%-R(jC$PN1Md%` zpYyW4QT!e~+h`!vNn-4$*q)MzIgl#{$C0YTHj`cRO_EcCA#q~Ii`Z$zUs(3E+81`r z)>wM>J6wR5r%YIWqPDvN(Eg&O>puxjp`LAX!XqH7KLIUe=)T#RXMsOmP{kmGe2U9k z!!Y8Ey;|;wb5_nMdj1XZrm%K9?s$m5uS&d`qq>^A*Q|`cN^PW*3YBJ2T_l;8H*BcG zUdgfNuKJhNjx!O`YO^zhTIP^SpyoIrFAR zY~l#onp(<#VL3#6mj+&u*f(i9!lqcdItY#KdqU~EipU_B%)@e;c~sp{0lIlOLxVR$ zMTFMd8KTq)#&%z4ML!f(_yYn@TJN*9g> zERP@1l@TBGDg5sHGhB+1g(boB-0eop_!d>99+Ef5_XJ7JAz8v6=83pZ^Gy*DbYg^; zOQ%?;ntX(LKhtPhed=Ba#s{A}O^@a~Pq2{s00vN2+?eXR8 z$YiW&EU=pBo*&>i(A>#JbAfPprjQ8#&TulQq?TH9$M+60s2S>Vi(Jhj$6iKB6wNXBPR{d*8Tk zOq-jm$cyP94r?f#!!umvrG?naTYF+qBiOe#`CweGI39qLaHB#lDCe0myM_@ELsuXb zwR!P;5#+Vz-4*sZEu=us2}54@l1E$@OulPcrExuVa~+kP@uW}HKsr1##YjaB&$*!7 ztj{?91SB>P3s%ap$-B$D>4=0vT0@x==1hn5=~3AG3Y7?I{!AW>hX(vxer=9QC6C|Z z&M!R44cf-Io+W1$YkU#4pyX+mgescq_|a(BR@TZ#^>k6Ap+Zj9{^2fa>mo}9 zxB)=T2;drT!O_E0Q+NIXIREdb`ZCHEC(s`+o_$|Keo_xG75+o!9$+~9YR-Y4yn-u! zIBijC#(o5dwKr>H$P^xvd}mF6^?v`?XD8eOsEN61f&WuTJoSK$WD+ksELlq}7Y;l5u+ty$)< zSBSTiw=W1(9YK8P&QH6qN8nJ4IbZjIbpf6%t_k#bZr8q@&#F|j2^g9oT@J#s47Ng) zcRjENx5Trpg1F zPT!2%X{1bD-@LurS^7%#s%UieaJ29^?iXM=qTek&2tapuj?%PzaCWyY%gedcAAoN+ zvc>4c;&~I6VGi%BFq;OVwSC#NHmrw$7zzqh8OXeoYtGL(Vy$=U{mwuto;l0ZHY&gI z_{qG{xFkhKp3bSJoR+|-nH2WUOJD}Ad2-Dx?h{VG(PFXLi|Ze+C&d{7S^iG1|qm6WhE=G;hX zY?|eNdJ#|p%B{a$b}khlE4h;ciMiHT${cRHIv1EJvz9gM&c{B}{z1o<;Gc{0iD?A4 zuA0na=25G55iRa0-?0QI%{E3?xk?6{IyB2=?Ds{H5bF8)WWfzs5=>Q!wFtN<9K6)4 zq`z|ixgtK*hkac@b&@b#Z!UG(53+AiDD0wCcdh0}z=N4yIU>IMT~W&=nQ@UpfffyJ z8v0$2;VePX=hYt7rNk=|d6MiVIqk6>o%F`Z*B>_a8j7-IHzvbn+N4n2q?y4La$+VO z{l<0AYaRWjS1@fbhqRdZeFcuX@39Sz{uZ6? z;u@g@?30dqJ=;6{@8YM@C{;BN&Cj%w>K9Gkf4^QmN)k%02Dcgwqy)x2%GNaheR%*a zCH~~Z?k|Gq=j*lKJc3tFIu|XZ?2AZT4dkt&iDRVAwv5F*c3lb0ptM;^ zxRp>PR$sbRGo$Tgz6b5pdI$s!FBNRW112b9(!V!vlDl9q=hS|!hdw=sG&A9<4uC)Q z0;)EdA)pAun#U2Q8+Vy#_dZI=QssQiz4NFS*JDoIPDxW^nKVMNWP}I^QlUujMnO7~ zC*GM!JZUyJvsJB@blCA9o z8_Lz3?KW(dY4^)|8{sv+peRETsI`X=UwUeH_-oCX@9mYAAv8WeTZQg1`< z=WC|VuZmGW*EMtrUxlK&Vy`udET}d_w}MA$?qK`iuj*bMoV3%(h%ZC{$WZ>LW-$+u z-D&h+UP39J;ylunf8cBQ<(Je^5>K$dUc{0ZN0!b5d}Skg6ZK2n8any`8c$9QD@D2 zvxxIm{7IU`hnb>$il%`Op~j2J0$oGrLm?@T2Ha(5ag0@MmsrRw^$xCIyT4cIjSb*0 z3bE2^M6=RQ$LE{fcyF;YF8~@#(*hH^E*C{@o(3fl9ALe!Ps zcuM<=?Q0+1HJS0Hys}E+wS94#rwv+vMY@aR?C$b%aE(~%-TvyJoTHjYO$B#e90hsB z&pJsUE6*tN33_alZQsMc>#YA~{ugkz^){0089@fWsk3`Aj{jvFxwk$XNQwvMWsa7m zoB)Xz75%kt^54dy<9-a;wT<;*Y+u)@b9c#@e73MJKvj4573v$x z8r1zvOjiP+kaWF^^gsaac?-AlWVXPaSk-3fh@8kh@s$~jrH){rlOk(NvI)?+J5mRp z(M?hGC_XZH^%K0@>k-T?X|n)w;i97k16yU_=4pZ-mV1N_JTPSmM&@} zUF1=kYK7+KqX4z#w{7&`Q69ry+yiEZKx$^Nit5uWHy!K{wD{$W{L(9UtKveXOPrw| zEtj3F0KOfm+i5aGo*|S|!k^2rfR5OgZ`srfsf`bN_}HYwtYQw8bffNUpc$^iGCICL zz$77>lAWRQMlPcjEsKWO*ut~%7gek0uP<@A(ToR@{(Vxl zE?_Zs|o| zn0<&)KtI=TvfBJ1PFy8Euu2gaw``4fyQ=B<-YK` z-ScsZ*uyo%6`QdMeXDLh{PUkq8y|gc`40^zhfafl?W; zvN?KTm-F?FBIgxy9<*{=#w&VB_mVl#*k>og4}V5Tfz+7jY+(7lI_>{m1{x?GFagTF zoSgq}nM!+HVxXG7R3G%V4(J8_7tRu>PxQJkWvMOSb^_sV`}O7ED#Fad5A*W^V;O}} zF9XjM_1G~an5GtqGR(zP-AL+_WS9?)QBd6_pK?b+ehY3?T5kz%3~52LG#&kz@D*U= z0gixcJYJt--|T{WS-wCe`WXbOI;H4dSXreK`RQB1EGsiJD|XD!Z26v83^j};RHy?+ zmP63$i(hg8ME$qlN$Uah%O!x#l#qBaevGLrS-euIx_d?JCNA0X5u`@vV!R0!t=?2o zylc^?Kr69jg(Aeo5yzO2s}FDT=XN$^csoU?OX~9bP|X5_L}7&53EG>MkuBZsB8WD% z9_?5BlMmFxv~xvo>&c+uDy{>eWQrLPABmLy%P=E~CDnPg9@POM*XM?`4QZBubkX(> z{EHQqo?RA=b1h$z>d0-?eL+*Hg?Q_chBd2{FJKQDI^d=ef~&54s$moZQ9l}+fgNH` z>lvUBaKx)=UYl>cf^7A-vG>(M=2RnUzo^xoT`q4(#kt+(sftV=MO5v>NjJLk#TKpw z=^(mxqrDRHMr2GJJ97Csvv?V#izazr>LAR3Itwf1ZRv_a-=z(>!v6XbIKXx09PT+? z)w!=iu2+j3?4u)w+WJ$Y@0nR~*orErzI1@q{T9RU6WLCH?K-OqV`y8c75R}xgRXuJ z!{B(0T1bCHMa6t*8*VKC+@hSOAvk?#c5F2^t zF}hF&5*?9L4`tqF$cw&|O7`o?(Yj}Zq_&7Ge%B)| z-bSE~;*b!HRvk&%lIqwQ-KNXf4IXU4-KjNHORp1%pK5hSajTOq8krK!sW65i9(M>K z@(pbt-UDsZl2y5yuF=Oq?Q%QhVIHt4%MOpkaI>kzq^of*gg1B)6fJ4G zKVWiqGk`SBVB_QU1L`Kacl_xR8-G}IAJmMC1|&NyF$%ScNE!^T@#hikPzki*TR;5! zD)I5u&p1Gfpx03MF=I#(L`Txq0q~>Ed8<|6J%}Q{@P#Z`B3yeG58Ly{-ELIHLdmRULq;(BZ$QD)bNYmfZLsY+iNacA*EQ z(l&2mFn`C{0mEK}&9V+4iiqeKHF{Z^AV|QwL*r8*lKqjWV1MX?w|nGszELRkAhh`u z9zlzwd7QM*XDdDSlyd<^AN*7IF^_fu6g)n(%C%M+tq3J|SgiF1afDm~ zL^mYm;7nE*jLtN7@3C#DNKTWUS+s)iqx2Ej39m%Mm8fAmKGe+_Je*^|lu+ru+++btJ+zP&-i@uCq0l6k;4I@xA}Uqjev_h+|5 z@ol8FV_giPcwrH=Sb>V)F=d7v_S#T$&R!GuY;AX1p9bFmQMC9Ihp~wy!)x|FG3kks zXI-O>xZ^~4@?8-*+eww+-|iu9We=jfp&Yjo4WJ8asT%#bSiqirYW2%dju(pn>{&Dz z`oL5$79)AG>f`7@I*)9%c-2g57c&&4u!UZ+jOK}n2Td)3k}q&sAE(V1h!>-Vy*>Xn zMW>~d`Oa8LHr8)@SVI>bw9)Zq6+i7?W_xtz8}y|{rSI8DchnN=3@;vit(NR4XNOq? zAqlwKRRl~kyJ_XcrMKbLy@R~Hj)2*6uhk?Iy0hq%E73gxjO$CUew!_+^p*>M%+?r^ z7_f_wPJxhK#=-SQnnT4uXljqX{z=i6Za?4bR>F~%Z~2Bh(S)DN>K#wElXz=TRNXss zW~Y@US@P-P4x@QlOWJ|-{L0RNvsE*7`8=-^f0!~SNL?L&JPmsAM^Ws5g7x)JspI6y z68GQgW1H0R_4U$q-u?S_h+aSm{>iQE&wp-VAn?B_CG?-$E}-@eDEA)QhYDP80)N^W zMgGIY4f4E08rckBSMbG;uAl0dhA9A=*ODS@=!lvNO8OES zxEbGB_v!rX7_T-CuykIneet?B`g;omYRLRt!=UYNS4$+YO3ySFvY{hb5UtD}b4(xmvNS=MU#Fp-00+dhcVQ7vRUdU1aYO`it zqzv5UtsByk{MfbKx$1QU$rKG{VgQYIVH-$BPJ?o^-{=fYT6xNlQXX$stdVSIvA8<2 z644yNWTa1g#A^9Q=P00*@I7!`UZqJCIop~cqJ#0EEoWbfS22Io(vcrNb7D2C$V5Z3 ziPazR0^J%{QAitqkHWMlwqW6ye}K#rYmSCgY`@_!pu@#vpZ(3pg0bn=ogJU=o+(@w z;XmeF(yQ&wWPyI_5j&2d-D?>n~c)yf$I`0A+*N;CR%PBDB*n~bo^TXWf#Q9$n6 zHH*fzdx~4(JI8a)6S=7vYAKWFW936nEwSP`;&K;c^vr_g^M)%Kt!AUIE_Jw_jlB4< zD_zU%m$9Hw48KD#r;!plwj5aEKb$Mm6;FzJe?4mGKv@1*gfJ$$92}s+sd4y}il^UW zvrAtEi%q54rs_Vz$Q1HMBnNKjgHHeC27l4EVaewco4PwiS&Dvw9yofXK?N@@r}cg&GI zT^m0)nYRJi)uZBA#@8h$XD%%z<*1Y;z?bN4Mv;BJ534Mt3<4~AC|&kcJ=}6Zd04JS zW>6^&EarRMSsm4+O)Y>>38t(x4cRVvh!CqIM96oAOywKzDyXT4+O6TTIg_wO?Q?3>IPsT zD_8L-53JwQiF1bPeT9!)KZ=>U^tc(j7xWdnzMKbLQ?!PjtgUo`FE~ffMgax z3;!ncPyevD=)Je2mzHfr*=zOXok!)xg-)k-MTG!jg@?<^hRVo@wo~X8oZI(JKKyn` z`)@ux=hztR?#eIdcO-eX6m(YO&!OUD`sMLg;TBYOh1n$Sg+KTNpnlU&QN>(FnZ5Dp zTmIo0&;XRm^u=u0v>9wH40+!acppkfkzL_vVJBBv8_L6)YOMcs z-;V^p_-6h2T1m|dERz;A?nQN`whG2X^{UQPhOZx-jT*5qGp=^LcvN!u`!lia)_8s0 z_LvL8<0`p~Bgx@)z4h>&W7%@=tPGph-AQc@t_U0AAMU>E-jg! zRL#B$kljy+E{iq*iXi5z9;obtMh6|omaH2Ur$A!Dzb_nM$-MPt(Y0f}D_KQE!MgXH zfyg=89CnO0AU_cApu&MRrm6^JLiZ3@W5%;5`dEH6vdy5Dp-WviaZNAmiid9SLFu6= z%0E&?C!t#JJ1V21;k#Q5=n-}RdT56hoCJpPIe!FS*`1_+RKVIR5(H#feRueQw}4Z1 zl5NkE|GK&VqDpiKsNuKw$V;PU>54iTk9Uw;3S& ziVq|Lm8!}m3s*<{6>6T&)b~2{Kh0cp*X%2{-_%TT12kARML_^vp^A!%KJTd_{5o)O zmbyIpY(A}4=jeM)e+mi90Ca#B=dHk?*-iTUtxub^{?0!~mnqBEWl9&ulB02QuLq0F zN`H|99V&vPzhs^S5l#X7;ZzU!>3*z!Df^KiHNWefhuGZLKPmUFd@J;d0U784zL{@6 z?177m%g<4X(_cD^yWNNNZF*WWX+VSno8N8+ZxW4yyoh#|Pz&YK>F(rqk*2;PXXP>j z5Z?;$u7LbdzQahPtw`bQas+CV3Yx1P-T(3DX+V@{V}!SCZ9&rZ#~!5@TbtuR)SaaU z@QT|SgHIu^g%!H1T}r{jzK|Fqk9Lu?>pG=wOi-|ntYmhVxNDYK?+5__54<~>={ZoK zEO~)Van#bxYEw5TWFDzYqQ82e^BaYX>(ENY_vg!KFp7SYx@qWI&KBpfIp0bpFVG^b zjRR5!#g4h(wO~>!<>-$|UPB;*D!^g))q*`3s0vKhTY0BuYnYhp#1IJ7>2{3Q*H53D zHV`JiwW0eVxlm$~XX<~p3h!PPHlNBAKF{G~#*;(>51xNgY9l(57nJCwkMZucAux0G zxvd9@in#BLLjZcHX;I&04WJcAyHRpEjblaX;%$g3E4pCa^dZlc?$gU9G51gPyi4_p zTDb&^3M4Kbn8_Y+k?movG;)Zctgou_Sw9TgdMVi5C9~xCI3CJHRR6MACSKt(8g_?9 z_f*~+4CBEx+=S^ONUoV_PToi(YCQ7(XYScR*c~1Mb+8fqtyeJVNw%~--DyC($fg|p zmioPy{@YOsdDpg6Ova?pt8&4i2qb~!T5Y4kVdpBqS1Ei_n9nMu9Hi?+nBP{@zxRmJvu$?6W4 z|KgnL5!5e!h|k>CCNe)T+IM{6;@q{Tfbuzs=xXB2)6|7qtxt|W4U|Wje$2HjC}d~u z1CQNqoO!wCA?sOX_bg=OTG^<_)c2J?6PwFNDm$m18m9CPFC{C7Kzcfta97~$yEMlu zlem!(G>`*zW`$<)_T|iE4u=gDk5aHY`o9Tz6Nn!0JGuVy(e${@;&gZ@6Zz};v7O`#0K9!Mv95HI)r2`S9T|ggv0WNr^e!;Kbs!1~M zFSsszqWpdIwhqq+e?STde{*D`zp_b^+V^~uTIO0$(PT-2J{u^Ub_!(9bmhQu=Hj}| ze323pYw8T}7=Uv~c;25SN=QjR) zt)9G@fW%XvmHYKyx5-|qwSA!SRiNGLEk7&f zjqeUJ9xK5)#px$N;|HLiaH?(4-9UA_k{EU4(Uzn(=ptaDHU+i+%_{pk zl=e=(m~9f}|Ac+AIqq85@)${Ho{~~KoAIAz@WofNw?7(NE_LR_ogUFY^b!4W_~XY% zUiU$!$A3S&25hso=)H7%BW!b$V{mf+UvKXj)>OK-4JQ*dDry*|h-kn{7eo-0s)#x& zAksTZ@6tm}EQnGB1Ox>EL3)#pbPK(S(z{fplNc~S$a}AZsPlY#X7A_yX1~WVKQc?! z%F0^zebw_i&+Fp=L8;rn)(jGAZy%WHcIuzKMXZl^D%itU0w<+s!wx+@HNxy>GRj(Z z5tg?V4HM!4jBemtz4O}0;ENpm7%k-PZ3h?GX~$UA1fJ1VKdQwows)KDYsGf*$h?#y z`LoJkzY=$n@4%b3VqjG-0Z5a>E595cMHyj==>#*&lD&Xl8x_6F=-93A-v|T(ma(@#bq@@Hg)O3` z(0MtxS64E4w)3rVLE*HkLdNHU-yP>>dVG%sCKu^SK6lse(=2zKd<4v@HsCN8;yL7A zHSdijQ&z@fC5TA}Yr9(NlR?P6#fxzJLEbC-PK#aHfzievSO*%|Vf90ozb|HUtbR!d z`o@R+;J)#z2K)C(y3E~39u#?*1i$rzFmoyBofi`*Xz%rlI*Rf#dNJ&M2&bol*V|{x z7Iavb72Qtq8Yu6ozWaPu-@9C2_kAOByefA`sgXbV48uvQw4UZ}pB^yId^%bBiDy`U zScmt}_KutQWc6}EmtKtNqh`8cM)#zKD6JU2@oTD| z1|5`j{TZCJ)PbT-9@?L&H1Be%N_+Y7>-s&@OZT0hA=5cniQXB^X~|CxjYU0cZOS1< zMO2dKh_3Xv#x`8OoGnwa0@(1{tFvyM8D}nZ*Hyn*x=Fi!`y{^eTJw{@$Dz}1yak_v zgKoM`c&8^8Y2Gh5qSf;JiswLOiK2(%QO1Gz!JvY3Y;G?*6q?N@x+O_dLvu4*{b7+i z!Lnd8#9}GH#65RcVNHMgHB6&>$%x$k;kT2yjDFL@*6G4Ho6!OHgy6;oo59WUVm~YSOhCm`0UHh zTH(!rmM6?nJ7PvFw*S;V4fEJdSFSZF1Oj26^?aeG{oplQFMy3JBSTqM>;Mku2OT3$ z3y2a%vH`|Q>~a(9^S5%npQ!0Aq(_lb|_ne6N!N4atv52UTC!gVm!RvCc_KR zKL-IfB{o>G(pxh%RJLX_xASEKxO#>-g>^MsZ*^8@c^;5w?ySlHrmKn9b*|rSc|`({ z-W}Wo%&+P3N=*sETRZ*lG#Yl4| zF!{%xI_2hhfxx@M!$O_l*0E5P;`Av;m(F{)0=RPf#D@P(D-& zrme_iFY;qq9q`yVcLK7%&lfo|Y+@*-9rNB$SZcs>HR&k@v(%WKQMm?O)N8R1rl3N4 z>D>{@;e~~T-cmbhkI&n7#7U8+4Llvm4e}K)asbyq3{X5^s;2F9S1L<~?57z2h>`L5 z?8qvHy}Lbs52(z3WE?m3gUE8h+RZeY>14s`%SVjX~LWx8#K;Sy1F``(j=?TG(nqH`vW_2dH-e zsLblQV%Kt)qg5PC4*}kFDu&X*r8BfCasT zQ)gWwcr{iVC)lWV9Oy{>Up;YfdEE@;x zJNSo$_dcwxW^7G*TF*BvNT~JEhGGbdI!QwlLQO#sg)tJ)WhQqwoeSuL;cH}-+f6)_ zM-vZ)&F{mUYQ7pHMS0&GB}PQS^I_24Eoh{3YzIMi>{?fmzMe-j A)kDS%VDw{OaPJv6_LzY%1Ie9z)r0kHXB0KQ@rPvS-ZNT zZ+==&Nhi%LdB=dE+r z@Jqi6UXFF{&3O^iMeApQk`*iE%Y&6!2B*xC8&}>s=sg)oAw-<~o_x5R1f@K+C+wG1kShb%&{~)bQjaWqmZLh{&)d6Ka8q04VUAOv<|8 z0FgDiS5A9(h4m}i!v2Eh{C;bd9O2R0RIPXWbpvI9+!8J(M$*3R0wPP-g5SAv5g;ImzJl7mb@6^iEr;R-X!HR`mhJl#A!S%A-bv($a zuH}G$_!c`PtpII74_P430BjZh3&9RMS}!KuO_~Ssa8=j#RsgVoy}V(G7D|xJ$7hMl zh%JBbS`yNNb{7IY4026C`3-)|0t^T?fQklKf;i;&HweQs(3Q7HR)KH`(13%R8-{x? zz#?}+mjjdocac?2G((32JgA_G0-kmiVr>{Mbl_iHI!AICn0tWHHej=U?9&j{wZ+K$ zHT|6TcpSuk?6e3`lghI2TCq=}Ksf|;8;D;}@8;nbIN&;dOS*0-y!^TwyA#}v`d#QI zFI@uPWiEjMw}8912^=o`^WoUn3%CukPBTur76W7f<7UCHdF+A9@JToXfevp3T>XHU z8JFkjb13Km+-9jd5o_#TwHy@jUhfL2slo~c~2P44X z4seUmA2cAS(8K5P@vTpgVQh_vLXG!r%tf1^KM1{z{BDthOqn+IlB+1=ETpoU1IyFE z{&nZc6lu58OD@Rx3P-tt%-LuG{dK!ReWyHI2PQ{t)ROucH>8`vd8v*AE9Ex@!-=XI z!gIp=T3i2s)*y6ek|~mLfFUp2Yt1+KTb2#wTL;$3@4fg522f{ac+9U{eYB$OV)*fd z%BfJ-tV^;3J91^Gq;o3|!b$n^Y=uac#b#?3BV~g;+uR`K3IBuRnp$7|4+%`RszT#=%;%m* zM+Fi{!AeZvo%ilS51W1Es$`y=lqp+Sg(hGgQx^JVD88|kBTNtNKWcUxzYw;(rEWEQ z=h;QQ-UeHjqv_AjhW}ACaz;um_qujv*~C+&X?UX2-kUdEK19sVxm&6WS0MKy)cll3 zp`8Y;6N{cn1U`jVEiCbVI_c0#uD%Oj;i=}hhL<{|spRlftr*vd`0^YWd(=#Q-e;1) z_R{2lXyam|{w6!k`tRs#*gCH5VA0zkQ41#-&~dy)Sp_S(;?u`!(xgph!}3fLvn;kK zGZ0lxGc20h`Lpe9MwtzbLQlTd_N?$OP4?4%`Q=)Ed-nf$via?Z+;kl+CV9ZNn1@Nf z6Csb{my(ST>v(OkB|)!dpJw5-yH;u0{ikwLvd($h{kzf@q6D1z*j(8Zd_CjAj{V>Q zHgdg`VS}>ICvJ?b#npXU6NmfLV03ri1ogn-q^EEQ zLnGz;o2DO!B~hF}DS)=jhT%t!fW4o805S=(=jdzUm%~bc@Y;F06HFa~=&J6V2}tJ$ z%X7Rj;Hx21!}SEY)#b)wvBz?jHz^3QVNw7$7$DsJ?^vCGZP37Nb^}uNFWGigciJk; z>?!MBWVvBb7oeKBn{EJZR~-3ybqkzoBo<)1LCuM}B#|i2gLK>Rmxq-$xXVviZp@fR zC(>Vw{|r30DJY=su^@w^@@nlO%;WJ5*N)j?Q0s*W-2m^+e-3W@R3;ob=5M`amj6Sakk7~Rw?Dvlw- zDMw!3{$E5Qy0T$g|&K4U2!I1 zoK0#=G+8wkE-W7B;+fwQ$y4?wTDSV6kMBx(5}P)lK&3v#NwCBoiOVR@AthZVGE|Oe z$6Qu(0TLNP)8$t?*fYfC7GPuw4E9Mrj2p9`K$d}+|=C&hF-_e_guh?xfmhv6Qj5$uJ zj@s-FiX9uzd}nA0D<6-2I?oEjxd1Epa2)PAGz_?D*f;%8@A(%__0NY7nQXvEN#JX# z*6=P;#Kg_RNklkz!2V448^og@(E~2&5=uO2DeBM1hT)@hgYyRQ?D{-}QCN9?XE4{Z zU#Bxl7=RAGb%K2|B+W(Nd=>aHyJ`}ter2b9{5gCm!#t(=ilDgs%_Nmccy7vMpq53E zWE?l)dFG9ZddmpMxlE^T!EVqSx48%{s&}k0#m8EdG9;+s$bTwNMZ|O1}iu`hys(g)tw`SaCF>{ zvxmPuEsgi~qZXUk3Bf}#|i)XaE_!QC{Q9;g4QQ$$g9i5 zUm~n=I1F6;|7A${%i0BN5L9zJvG!<|Z2$pHH50&FEO_1ZXREMd{LhW=zckf=pzBp$fpI~!XUtRT@_>A~AfROqOVnteAIvQvI&H(_ z5|m$Wk(8we$&Mp%ylK^|Qf&*R-_?j3_v8S#(E^N`Y=H2$=@S`OqMe@gmAJaOdUMGa z$(g0R<=dmh5wWhb8piDYqa%J#^ZJaJ8F8k3rF&3}=m8nA( zfF+dX#SKWcLw*E8D3N{Syw4aH>mX&lhxPfP6CHIWeCY{`HD$a{-QaW9I|(;q!*voK zG~~#?4o}GaBVffw;bM7+Y1O8 zw~K!^={y&o)WpY?*s(lVc_tO^)49(7A|qRyGeFsdoK-RZLHzXz-Y$kdAPrd1ul*Q| zx?~Uc{JiP;nSQT1VpNy(x}2eVS0T3DtAS^?#UcMh-l?gxE}?M`(hAg2+}WAaSu?XY zqZ92N^8BV7UAqv`Ia~yoQJkM6rwS02fb2-*E*n69NUAQ+cvcY6D2fht%__Gru+Cf( z)5fc&eZN&({4}-$f0OmbGJ@{ruKMPqInz`1+|_dO2NlEsOI6y+ob|Fxz_fP)T1Vxf z%Osee$l#6H$;3J*?>`QAI10(!9KOs#b4@}A9uJ{{3si=9#j+y_!Wp5=?e3^+%w1`@ zF7g_p68^Rs&->XD87g}YWy+)2T#DSe7GWVP8&8vZ!|n#StB|n=_5#YE{6X0tTD%}7 z!d35}|13-ukZq!dpdj5cq{mkvgL)OYVcTK~FEUS096VgOeLxfiS#vP=K`2QUo`DrY@D)pC_v|Yl4W3B^^#y%s*xNIy}hv=#z8TRNh*-t24N$ zC>7~#14xy^GgMRnsGb=Opk$Wc6&Z~;%B((C;nHSTbN6TRsl;zNTWMx>w&#sNw}O<0 zhD#cU^j>VQ3l07OYDa^tnmuLqv!gQij2GT;wNgx*d3M_<%DsM$Ll)2SVqo3CNCa<@ z<}ft-4P8Zs?WGpBz-(|T24~6R-k=QVksFNcT6a-rceueYlwVb!L$?AX1M3HIKx~QnuP_`V%?ZIiZ22cYK$GI2ReGEs zy)y1AwDDz-M#=@O7obYfO402X$3l1pIT##zviCJ1#y-Ifo)IWsgUSmKVh-A0py~iY ziT>uWtntR0trw@SZ_~P81|EHobx2y_fxr~fczkmIthK=D1E%y0CuEGfC zq6)%ZKwiSyW(HsZ>1&==F`hA|(A?UoT`LYRvU(6jHBR4DTw3=RSXbD~9qEUCk zUVeU95afgOB&SY8(s4(I+!o6zv#IF@WRh9*ncq)1qvI|c>f4(%0P zX|8ol`MyQm9Osi+y`#c)D5(Z9b~M|5v##!&Amz=?J$}L&mYyM=6G`R8K_*jDac7bb z7@c^+5muVj?mbW|bv-9$CiU~qP#O{m_A$6z@KvtcDA1|dT0eYOsYS2&3)915z~^5) z>t@`+f7!vUs2>k2^=rK60cOz}w<*UGqT zkw0njG4e+D059LPJ(_c*&;Ki2>$a<_<*xed7Iv0TPBK+eo<_-+H#aD}77G(t+MYne zBEl>p527^3xVH%nMhUHP(yzWn((u?wzv`_5P9U$gv49OPTz4f@ZlOE#ydV!TukA|BEz`@IG8X~Ubq5qfI?*$rL`m~*U>FscTG?tv;tH)yrOYu=|_4*Q>*8DE2eV<0*M4)kaqew6tPsnt`yFEh{ z+85M>?7Nu!>qf8nP4Ukg{e1mhiqQ9|R+-WEhoMRC>HWM#qRb-c{y@e}ImG9UkY-uO3U2@dI8% z2IJhvGnw2{NomtDAoZ|DpRxZ~=Mb)!+$*1dz5M)QV@w0DriN%IS)706SKk+a*X9v{du-0)1BIfb*y0Al?biR86vDi6?a)L zi|AL#y+|uGQG6KzU{31pLpfm~p_@`+8(vUIB6g3eMpMUS$wx@zaACU$uV}q6rKqLr zD%EO|C%fEmIR+sscMBwCo3mE|u^GltDJpqUvmsz~`ykzU3M|7`@2D{suD$KbSOi)x zb4kcEYAPLiJz2=kxx{+J`DdmsQgOKnHFv{j-CF<*h?}qz9o(F-+PGIDQ-bC6E9-o9 z44!^98v@MXBdCiw)#k)Lq%V&ugsD`E!e$MIV>Hr9DA0-|w^xRocuqeL10{%m>)C+| zcPAIrmJS_e2=6F}SoqU6Z@b8`^Ts0M_LN^@J{adFTA%>ShyRlwz>T=LxO_8s<|97> z#k*WEFdG8aQ;sBVo=v+6aP88flHVaEdi^ROpYfkYDZj=vfb4#wKk((s#z>f!WE6`y zeTA`0#?gQ*s=e<<-EkS?`X?^|LEDAuG(1p1KYgH={-|%fkd&1?VC~Teu(8~`uz-3$ zX@lStW}(T63O=gNgr~M7ib}!(RxlYOc-Vq&{aL_-V>fBQArHnrYf_#uZ{4Z-nw40L ziAy;CrlabHYvb`HV$>PLVt%a6J{OI=mYqNtF}TRAR?}k9UDjEkNO zqjYNZ`)Hb)AnaQk?yv#m$#@Dm+s=F3%;474d+}5POsxd(zh_=Gas2TYl?sJr9#n=^mET&{Xzxv!YV;A-dbk*v#3bus&V zUiXhxkOf)67AkeWaa88`m0izRqg^H5^lr#rz+S#coM#Ym!vTgA_0ssTClPf%$nJv9 zFQZq@rEU7d1e3bQX7rBEb4sK?iQii)Q1dz6%9WtnzF#8`8JSqlP2tk%dq}sdO_4~Z z@y!00SM-$kHTO86>U?$N{Ddv8n$H#4s}QW^uZTJn4{+J#>>83}A=ta=0+}|Q8Kt7a z9Qp*DUXIUOvd`a1=QB;vQjc2k-o;u z{6?8+(jD&6MdH2&{qM}hvrK{J;J_zthqQt~dZhM30OYIIXuW*Z@y46sVhK`$b~QVu z?ve|UVc{JQ_Qmt2WGx;lHz9Qk-Ct2qLoq6ktGlX`_Fkmn0 zAv=C`VxUGxN4g$#X#j;4cZyWvPR3RpgwRl0MfretHnudh-0ZQzx zA0ffN4Rt|6SiasnIxrvN(?EwZQ^R-0nVFd#pu&%(RQ&M5=fSN2!?yniu4IRx|yljTP0 zw50(dck!(Jb&PDE(mpgJ3bKPjYN&3Vuf|Fs%R6S!@uaBSdEn6($?l~m1XZ-qK&Z<{ zx=pr_9KI*N;&l4WapQ-~KAzOFDxXf?k!4(Jbbcs3vik`uc>D$#n~|k=%kLhW-5;Tw z#Vc3!nA%$mkEG?U4V9IDIW?1I>h-MVSzz@eOOJ-Sf>h~h!~y4RSt~%c*Ci)==!m)m zC{8I}dP+Hy5<{2rG=;a;;Q$tx3gnlp{EGifZ+AdN-o53ryak5c9qiz@JW zg5u8c57a)YDl}x5sqr*4Mzsl~o5_2Hi}HXd;RQ8HxNssp^_i$gThzCkV{d0xGJPZc z7p)yiPD=%nwI!~n7VdZb=%>R<3P}ToWUtvD=Z{~lOujZ}K2sn{f4Z2Pvqs8qE7#kJ z)c)Um+4sRB^(=4VWUT$v`QNonRRuIo@FwawpRaC+Y51td<2+?y&oNkja7gl{y?&Fv6BrCtpW~i) z2|yNCuRB@g{V+7cLkuZ=1M!9tZ0``c_$Nh;(k;gul6QLK_?fWur~pG#A82K+d^R&z zyQp3}@A9WMw$#qivcyHeH##A4o$Jj!d?e?DQjAJwGi^!*WJ3*z83qNl;P%9{%L)ph zb2OlUa=QFH>qB+bvvSQ(6CqccCj?CymBvSJCM!gxp*gR+I^h``E}VYZJ0fLa8KPxI zM6s-)4T*x29IiH`BS4ap=44d}u*X7)J;piA2WetaPzCwbR{J@=Vr@nmc?)D>Gy~cz z2)pU42@Fwy_94wkQQLDS&%;1ZC~$pcYK1NL+UsIa|9bG-M&0QSD1qr|N5Dg+dLLohk;L)ePaF_6BCz(|-wiK%whTg$~cwYhbPe zET{7*Fc8WrM5CAc^Kbi$pZv?=cl$l6pqX{!q$1s~dw3wS(l(dmk8`bGFBI_6D@)NJ zaW$bz{h0V-*wW)A0Qj$pTJz$6w86hG+^pJl5=qZNSO7plTd#-5Zd*#@;*`!7vOY=u z&XX+($uX}^G7`R3TgNLan$KKuViAa!J9VV*`Ri;4wWXB!yQFm=YmRTvd$eiHf&jBc zz=b!nLnYozTR1!&=HALDUwWx9KrG@Q1DItC?S`7NLq*bRSL!STBk-bZ)w}n{wbbg%4(#&)IlcloVWDl7Sp-6U+yFM z0aY!)+q6h=R!$0zdcQr+*DbH=74B1L-Nf)J?UR;Mf%KBM?1}fq5!cGtZanccI#3oajdEuFmQwpnv3@4-QDe6gQAEHvwAb)Bi;g6*$UrkL6QT(0Sdt@sS#m zPLb_bj^DOYQDg4`J_%sHL2LelpbQ{$q$SAz#VrLiJ18|e6elq9&BD9E+xYWlaM0vI zAR#Em3($Q)B4aetMo?F7Ljd02%{yqM5dT?8QufwH7e0(GwPmm|C~ZyScL9|P`6V1p ztJk4qUjS&c{Z36UKrbF-?3Y)!L7g|+A<*|@{8vgGnY+4>l z#g+MHJ5cp>>!cMw*CJTZ2hsWtj9)vUrV6iuwc-J)G24R6!>lU1pbvgHwW zn5u`M{(QbAFR$PTM>=T{=R<{1@RuO>icJyr^#ko&EU{<(BjWymw|aF)(%Q=40xm{D!Fk5)$;DQHUj`O>5|z53E@%OCL68xfd9CX{A(~C4^@>#Ad+gn z*}emLCM`dmsN1$|!7(EfXOrap#q9%pRx)Uq5w$C_0LxPa0*T4Wx4q{9T&+`S5he~m z%8*ljb;Wt3zLaxlL&YAT_m0v2(R=~6Xb9;@Yud4-Sb33m-Kl_6rRjrCzgR3b%?K!q z2rd$Gci@&P{Sn9D`6q%GYG6m z^PA7NXKr>w#aU;}*lzjx3IICl{~O2r;?#c)Z~pyZ&?*7_3H{1SI71!82L@ab)$jv& z671fF3;1WUD1dYSA88qI7XTfw8U-!kb2+7@zXm+tE8bM^pouO2XBPNh7n=MhsO6TB zr-Kf!ok6Ap@+PL|hfU6XDm+AwZw|TRlpk+M8JchI8w6d>T528%XrY`Mf!c=oHYI04 z0*$O4TF)4BXA`c4M)toh$5wikgB}??T z%NHef4=LG6zP9!3rI_A+(wi&fjozMsv&K~J%C41(&J47ew-c!TG}#^0oV{5r7366x z$iTNPdRL7K+KJ1@`+)dlWqETNI(Q&Q@UVmklQr=FP`}=S z@u)5a7Q3g(_N|9h+(b$2DxChP?sx$H119_h)T^N`J4@DgdCCsx(VgB#$quG@m88=M zNy8AT>GuBupP2Pp9mTl4$pRWRyrl8&c*XROF^P;mBVL<2Zenl)mHiUvS6^smnE=}@ z_D`>AEX5n^h+qi@16u!&nggIyt*0pjCXk7Zs2kKD21aH<7$4Y71f$KyFMtT>+W**L z8vsC{!27>%4&ag?`qK*#s<`wa6WzX^W`p=%@)L}`(-@2wTFcIoaO}s^n1umbhJo%xhKW~+^H1Iul z<=JdCbLC!;)B~Q=(Ob!;hO^wIN)9LAUv! zS+6wXNr&pAecy=3Tq{Y|@p?pyUY|Lm%!@4Z@lB1l0qn{Bewkj&wc{B#@R6~m5WNev z<8;5a1dKP(O?{+pw7YJ*1tHU`Xs(2KePBzlQX(?!y@^=IO~1GA>0Ya;4Pby3xQaQhy`KhP5f&XKj7-(#4nQdz=iG)T1t-&U<#S{7Q6H+sr)6erpGJkT7@sy} z6)r%>vCQnsUL*J(at<{+IhM1__$~c6gGDsKHOE|*DLP9}>~Y8=L5tho@MEeD(cC?* zJw$D2oeTTpz`qZc{<@(@StpAPt|ar_RRC>#uUk|_ZAMub6d`~R3nmN3Jt4yjGe`WB zA3%q(|FxqTD+`K@m)pDXWgwojOQ@_U@xITmN~d4?i5q}&?F}mT|81^~Kz}It=5aA$ zF!vLtkm4QK3NvUI)su`No#(f7P{~;Y3gMoX$@#z3fin8%s zxjB76e@e~q{#@OQcAJe?Ia2db??s>lsYF?y5w$Xvt9hYIgNW(Y>j+J`Jz~+;+<#;g zgHth((2*mypM01jl$YCZE~;p9PeV_8g&)#w>_|<{UcwdUI`$&Jk>>|I25S}GJ)TO& z?@E>M1K1;46=p5jz>`~&Q@tV|9|wW?m0ti3IEG|%jiW;8&rI}~3V8VfT?ATrqq8z{ zVLHTCkQ|Wwg!yaJqGlCBH5nQc52hC<@fn9acV2Xn&?K-=i%p6>D)L_E?|eL_Dtbj! z>AA#Mal&4@H+i=Q3}r{v4z2%+tHG{+>&RYTJE{0w{FI4Lmf)pM(Hymw%&5WKI<|&>=YXZ(H^ z?!OS=wlt2;GYQ&G57k_MZ?F}1cL>>ny0xp!a|$ib zwyZlY#h!eoM>&9FBNKli4

    }tB$w!QgOm+z(PE2zP&TFU9jnqZon6n)c($HaQ1}Q zqjcLI-p(BVu~nOxsUsJaE$rx9^+OU?kh9TPdFgy9?^8h3z8c@pA4=Q|lz#n(jkt1H z)MGOmN@5%LgcuP@=kWG{$P^=y!Iwf$!lXo91T>DuHXM{Mm1Okldf}F~81x(J5*2c2 z-c!l0IxgUED|s8)j%6}P>_oKhFfBFPt#%%0mG#=4k_^%`p4HzUn*yXjOw*r^kB$_d zpV5mTuurCWPJce4ViLuBF~k*3uPT96|A49V{Uf$z{IY5&KaIhcnj^#95^eSW7=?48 zHu{FIs?eOi-4y*@C~;X4q_X zmu_uHU|{I~MdtRq6d20Iva$rddnZTU^8^2L>(;GTZ3bYXQjUd}Rjh>|B}co@|9@>p z{}DKOuq~x%Mx;e~V^F|;JKerdR8b*9ZFQIQ%4HIfU?#EYDS>KqKo_g&3}gv!C`t}@ zzuoUC!>RV-z)4IML=^yLw{T!5x6?ZWk!C1Oy`DB#yzhX(J4C~h=d|Ui_kbELd`syE zmn}C{Wuj`ubRP+KsZU*+t>FFCu)XLue2QM7>S?oh9ASY}7X3ZYfp`Q~YZ;Q)e2_+0LGuEwM0I z%J0Pcwa;%wMLI(TQK*C9(m+Zj%%ic>G>A`9Fu->z{w{F*Jzs%Amuk_Mv@4DYTQq=w zt?Af%h1aq&$G^tw^rwbocWXI6==LCBs6}Mo^5$sNrZAt=Nsdvzh#f@MO`a+ZJzVwrP)%y z2lw@4RxQ6})_tJVxAC04Ww^Ml((DHW(<<;VjXGUXWy}hy@N9gFStND9o^gUm{FrYU6x?eTS=Bbfn)iZT6VbiBm zV;yBG$yUoIN>PCgD*0V=KTh8dsw(k*Dayl*%M5iE^yHF19=TUzDvKp}gU}vyl0{Gp zLu*`I^!(u!1}zIvrGJZ1`^&Z+z~rp~?t=TTFk3gb|5B`gF;c7UV0-?v$Wm}45)u+C zg3WIaQHO7SZn~=F9RjA`V_wig#RpUno*_-_>u=C@zt%{8VDs+x5UGqlF0~fc1{+1d zX!nicUjQBWa^oWvz%!fa#5?<$M>39gQwZ}}mNpfoy>oDf`ybxrNX6mfqrF*w*tA>L z@2&67?$K51^N0m#@o1$VgCnhesb_uulbPeLsHnb36xB$(7L#S)4aS8kr z&V_BZ5g#olp@KttY@+TTv(Z$t9{;z3`+Nt~dbqo?lX%fg?;5A{fx=y{^-e9N6ONrJ z$pXjfC8D_A=v{CVzkb>8AVk49Bxy2v!*v?epQVk;Z+n~{=cfOp&%To~P_OQajQ41| z3?)E?Yf4hKBeN{NZo4sya)KUnZ^okrmVuuADQF$hrmx4WUTC@JX-WvIN2*!n9bxw< zO3GCq*R|=JR$gsDHYm6obnY|uIDNM?U<#flW$Jk9fPc@N;uiw0fC?>-NTe z>(uaG+MKM|j=|}P=J6i2vh->$yxF48lx!I;tUWeHa&|gX;zer8WvN=a1qk=TpJ2fwB+$9x2|(Ia8tMo(6f+o$1&=GYur4C$N0JOo)BQOKLt z!Ytnwoyo1Jt`~Mfus^Vl+^NSGVZZ$qh{^gd;CgL&vC04<8VtuAl5A{|2e`#GD$>RLii@DVUenT*!>$}7YcZ55e;&- z!uOLx z<)X_G$DOqTMg*p9+iY1h)TA2~Ol*#?v_H8}us0#t%xHWt@HvZr$h#;>+4ruyr=+T+ zqdnaUYH!BuarNn7O|)QjXY2g^>mRxF+YeoW2@la-&cDa|{RKuF1nJ*atb$xCFS78` zmAR>2To!QfoV-^(`YTlDcPSW55t?%QuYl8m^mg^VO1}L-*@+512lfM$s7^9bam)WV zO@n`3vcllP0SLG4%O#T!+15vCLa*Q#V{jo<(N^v2L4Xac+@zy|%2u;?VCtl4(P^5H z8dNC@3lRgAaJ8ZXsD+%Hsb~bQxCh>6;amwL%Lsep|3`r8FG<;a1m;3qJz; zg|%A6(=yIayw_?puD`_=jBGdU!j zYy8d5`&la<=4@hs!Syr?-<{baTa7TKOPCpPM?cI--Z`-;GBxrr7F8>8EF_4RcC5%=}= z{Q)xjZ?4>NIQS;JNeFr)$#hg84E5n1CogsAEZLI`!V%{@_#NHxHNm*%tiy0$J=)9Xro%@iotHb0$ zo#6 z{6m3K6Ezk6{wUVY_&kiInh9b1;H&}G-k{Sv58HE)b+gd}=7eA!|DqKS^~9if%o#B0 zOLGxQ8D9KT%U!W0>vcWLa`@-0L#snEB`Y1V*qYQmDwp(3q&gA&&exVc%)lp%R#RV3 z#|KA6Ok6;Ek!&+Nwdx;ARqah5*^g(U-(=JLBw`JHt=wrB(7t&*+x{&1dbO`ab+e~h zoqx<5FaSk2DVpa&4Opx7(+u45)M!j)F+Ph3Ber*Ie~nw>J7X;H1X-sC=u)SGZuZi* z6cEEckAIwT*e|^n;fK$5Z>S}r<1T0k*!o(>l*tbwK72~U-oGV`VoXKL=U7~(p9XRj zZ6>XWPeagXIUP*Sd9z7r>+zq{5uEyCdhUeuO)T`H%Kx$l0*JhRnKAl_H0Olow|%Nd zAtl>Q8}+DoB&;fx)}Z{SDR@9j?{8Dn;o;$bZm0glzyNIlC`C+Y1NyBUxdS{gyJ?zb zP=#yw2m#C`+Vxn!LF}V167ct`9R^?L!l8jgr5`V)>S5LjS>OIj)e`RLi>*`lZ@aa| zQJKuB1h+Qbdd(}wsRyLr(ci2v>etaDGyPI9IH7e_pQ!dmeS8S0Ac%jFkg6VSg5{QE z*>FxDTLlTKD%Mdkq^0viw@5nuD(jyFrJ2x-dIheAn9&j#Z z0QF&39Xnd_7HXAu&caVLyw(x&pr0F~x%z!ba((Gf`-hO6O~Zb@Z>mliS-}saP3Jyg z6PQ<$A!gHv0DSl&<6vYqI4zKs|kIw0L*`*yl`OHp=Qp;CK5(JEp5QmxI$@d5d zxj^HH?ZTEXcU68*Qn^&Of2>vidp~JC`}?yuwD!~&^es@I4&<|<@*S?6oj5jxnfsJ& zy>=4|*lfobX(RQckP8u{(UKLb4gG&;*J>mi?fvSE|v4+<)dPyplRxzG%vsMdwEx9KS> zG>l@_D)Twa?`b1`$^4aoYFv?S&)E5IBHJk-@-Ui2dplai8F+7{{!ZY_m3N=NaqDt* z0BGJ{+=t_zy6bI{exMJ*asndloF)(cI?@6RV)sn*O4M&)v|YW|AL-UUzJ5u*kX?x& z_PeDm>dUU`OrNWQXGXSb7obYhwN`gb0#Owy!Wv zLjD_0^mOY|`JATS&%8|Obo1+j^`p#pQJf%sELf8y(1Qiwp(=_=`iTTR7u_< zm%C!W@hzu4Ycg2}EUE_XUUHQSj8KV<0AR~ED3|BKijGz}SrsEE~(j#}zXXrhJo@8X#EZY7n-2rvK6%c<`LESaJD z28k4|XA6zp1!l@l1{)4``?#ye3)l5(eH#v;L5tEU3icsW9dtt znBzNpx=%wC5JG)xN{yi0`rt8Tah_7ov)eJaVf8opSqcXP`fMvO0MnlG9BxLk(gG4p zvlE}Fd>BG~y5w8)cHZT)U>hFtcaW(n&JfF*mqK4Fei9;epJ)@`OHgBf5f zfvE`IzY2GRP-3tn48-}(#tCJ`g3`-eQp4TAkD7o*3Jd1%tYi<1WfAGiTZPxId%#27 zR=J=KA?(sb2V!b;aG_|3RTBuXLzm`8rK~Z?LYHHSlE=feh(wtKBHGYpG<8{~z2J`l zgAEL}jW!z(lLg|U5R(xM%py~V>tRQLU12&3X9;X>^je%61=oc6gA@e@dsPg5!GHWe e4d&k{$lK?qR|b<9SHO9&Kjan9XPq;=^M3&6s9Pfd diff --git a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md index a0b85c5d11..2960668bda 100644 --- a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md +++ b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md @@ -1368,6 +1368,16 @@ The DM agent for [push-button reset](https://msdn.microsoft.com/windows/hardware [BitLocker CSP](bitlocker-csp.md) Added information to the ADMX-backed policies. + +[Firewall CSP](firewall-csp.md) +Updated the CSP and DDF topics. Here are the changes: +

      +
    • Removed the two settings - FirewallRules/FirewallRuleName/FriendlyName and FirewallRules/FirewallRuleName/IcmpTypesAndCodes.
      • +
    • Changed some data types from integer to bool.
      • +
    • Updated the list of supported operations for some settings.
      • +
    • Added default values.
      • +
    + [Policy CSP](policy-configuration-service-provider.md)

    Added the following new policies for Windows 10, version 1709:

    From 3d2f92432b913df0ffb51f1517fd316f7ddfe7a6 Mon Sep 17 00:00:00 2001 From: Maricia Alforque Date: Mon, 21 Aug 2017 17:34:37 +0000 Subject: [PATCH 04/15] Merged PR 2779: Device update management article - fixed broken link to SyncServerWebService --- windows/client-management/mdm/device-update-management.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/mdm/device-update-management.md b/windows/client-management/mdm/device-update-management.md index 7b74bff2f6..1edda04b19 100644 --- a/windows/client-management/mdm/device-update-management.md +++ b/windows/client-management/mdm/device-update-management.md @@ -54,7 +54,7 @@ This section describes how this is done. The following diagram shows the server- MSDN provides much information about the Server-Server sync protocol. In particular: - It is a SOAP-based protocol, and you can get the WSDL in [Server Sync Web Service](http://go.microsoft.com/fwlink/p/?LinkId=526727). The WSDL can be used to generate calling proxies for many programming environments, which will simplify your development. -- You can find code samples in [Protocol Examples](http://go.microsoft.com/fwlink/p/?LinkId=526720). The sample code shows raw SOAP commands, which can be used. Although it’s even simpler to make the call from a programming language like .NET (calling the WSDL-generated proxies). The stub generated by the Server Sync WSDL from the MSDN link above generates an incorrect binding URL. The binding URL should be set to https://fe2.update.microsoft.com/v6/ServerSyncWebService/serversyncwebservice.asmx. +- You can find code samples in [Protocol Examples](http://go.microsoft.com/fwlink/p/?LinkId=526720). The sample code shows raw SOAP commands, which can be used. Although it’s even simpler to make the call from a programming language like .NET (calling the WSDL-generated proxies). The stub generated by the Server Sync WSDL from the MSDN link above generates an incorrect binding URL. The binding URL should be set to https://sws.update.microsoft.com/ServerSyncWebService/serversyncwebservice.asmx. Some important highlights: From 8475ec4c1266d8d2762ffc9a3bc210bf5fdbaa7a Mon Sep 17 00:00:00 2001 From: Jeanie Decker Date: Mon, 21 Aug 2017 19:28:48 +0000 Subject: [PATCH 05/15] Merged PR 2792: Fix typo, add note --- .../provisioning-packages/provisioning-apply-package.md | 3 +++ windows/configuration/wcd/wcd-policies.md | 6 +++--- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/windows/configuration/provisioning-packages/provisioning-apply-package.md b/windows/configuration/provisioning-packages/provisioning-apply-package.md index c12120567c..baa60ac6fd 100644 --- a/windows/configuration/provisioning-packages/provisioning-apply-package.md +++ b/windows/configuration/provisioning-packages/provisioning-apply-package.md @@ -18,6 +18,9 @@ ms.localizationpriority: high Provisioning packages can be applied to a device during the first-run experience (out-of-box experience or "OOBE") and after ("runtime"). +>[!NOTE] +>Applying a provisioning package to a desktop device requires administrator privileges on the device. + ## Desktop editions ### During initial setup, from a USB drive diff --git a/windows/configuration/wcd/wcd-policies.md b/windows/configuration/wcd/wcd-policies.md index bc7812d99b..72357237a0 100644 --- a/windows/configuration/wcd/wcd-policies.md +++ b/windows/configuration/wcd/wcd-policies.md @@ -46,10 +46,10 @@ This section describes the **Policies** settings that you can configure in [prov | [AllowAllTrustedApps](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#applicationmanagement-allowalltrustedapps) | Whether non-Windows Store apps are allowed | X | X | | | | | [AllowAppStoreAutoUpdate](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#applicationmanagement-allowappstoreautoupdate) | Whether automatic update of apps from Windows Store is allowed | X | X | | | | | [AllowDeveloperUnlock](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#applicationmanagement-allowdeveloperunlock) | Whether developer unlock of device is allowed | X | X | X | X | X | -| [AllowSGameDVR](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#applicationmanagement-allowgamedvr) |Whether DVR and broadcasting is allowed | X | | | | | +| [AllowGameDVR](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#applicationmanagement-allowgamedvr) |Whether DVR and broadcasting is allowed | X | | | | | | [AllowSharedUserAppData](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#applicationmanagement-allowshareduserappdata) | Whether multiple users of the same app can share data | X | X | | | | | [AllowStore](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#applicationmanagement-allowstore) | Whether app store is allowed at device (?) | | X | | | | -| [ApplicationRestrictions](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#applicationmanagement-applicationrestrictions) | An XML blob that specifies app restrictions, such as an allow list, disallow list, etc. | | | | | | +| [ApplicationRestrictions](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#applicationmanagement-applicationrestrictions) | An XML blob that specifies app restrictions, such as an allow list, disallow list, etc. | | x | | | | | [RestrictAppDataToSystemVolume](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#applicationmanagement-restrictappdatatosystemvolume) | Whether app data is restricted to the system drive | X | X | | | | | [RestrictAppToSystemVolume](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#applicationmanagement-restrictapptosystemvolume) | Whether the installation of apps is restricted to the system drive | X | X | | | | @@ -94,7 +94,7 @@ This section describes the **Policies** settings that you can configure in [prov | [AllowFlash](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-allowflash) | Specify whether Adobe Flash can run in Microsoft Edge. | X | | | | | | [AllowFlashClickToRun](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-allowflashclicktorun) | Specify whether users must take an action, such as clicking the content or a Click-to-Run button, before seeing content in Adobe Flash. | X | | | | | | [AllowInPrivate](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-allowinprivate) | Specify whether InPrivate browsing is allowed on corporate networks. | X | X | X | | | -| [AllowMicrosoftCompatabilityList](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-allowmicrosoftcompatibilitylist) | Specify whether to use the Microsoft compability list in Microsoft Edge. | X | X | X | | | +| [AllowMicrosoftCompatibilityList](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-allowmicrosoftcompatibilitylist) | Specify whether to use the Microsoft compatibility list in Microsoft Edge. | X | X | X | | | | [AllowPasswordManager](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-allowpasswordmanager) | Specify whether saving and managing passwords locally on the device is allowed. | X | X | X | | | | [AllowPopups](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-allowpopups) | Specify whether pop-up blocker is allowed or enabled. | X | | | | | | [AllowSearchEngineCustomization](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#browser-allowsearchenginecustomization) | Allow search engine customization for MDM-enrolled devices. | X | | | | | From 2ac69b52b526e21164189e4886a53f057b5510fc Mon Sep 17 00:00:00 2001 From: Jeanie Decker Date: Tue, 22 Aug 2017 14:31:58 +0000 Subject: [PATCH 06/15] Merged PR 2804: Fix link to download in Surface Hub content --- devices/surface-hub/surface-hub-downloads.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/devices/surface-hub/surface-hub-downloads.md b/devices/surface-hub/surface-hub-downloads.md index 0adb44a4fc..10a0151d96 100644 --- a/devices/surface-hub/surface-hub-downloads.md +++ b/devices/surface-hub/surface-hub-downloads.md @@ -23,7 +23,7 @@ This topic provides links to useful Surface Hub documents, such as product datas | [Surface Hub User Guide (PDF)](http://download.microsoft.com/download/3/6/B/36B6331E-0C63-4E71-A05D-EE88D05081F8/surface-hub-user-guide-en-us.pdf) | Learn how to use Surface Hub in scheduled or ad-hoc meetings. Invite remote participants, use the built-in tools, save data from your meeting, and more. | | [Surface Hub Replacement PC Drivers](https://www.microsoft.com/download/details.aspx?id=52210) | The Surface Hub Replacement PC driver set is available for those customers who have chosen to disable the Surface Hub’s internal PC and use an external computer with their 84” or 55” Surface Hub. This download is meant to be used with the Surface Hub Admin Guide , which contains further details on configuring a Surface Hub Replacement PC. | | [Surface Hub SSD Replacement Guide (PDF)](https://www.microsoft.com/surface/en-us/support/surfacehubssd) | Learn how to replace the solid state drive (SSD) for the 55- and 84-inch Surface Hub. | -| [Microsoft Surface Hub Rollout and Adoption Success Kit (ZIP)](http://download.microsoft.com/download/F/A/3/FA3ADEA4-4966-456B-8BDE-0A594FD52C6C/Surface%20Hub%20RASK.zip) | Best practices for generating awareness and implementing change management to maximize adoption, usage, and benefits of Microsoft Surface Hub. The Rollout and Adoption Success Kit zip file includes the Rollout and Adoption Success Kit detailed document, Surface Hub presentation, demo guidance, awareness graphics, and more. | +| [Microsoft Surface Hub Rollout and Adoption Success Kit (ZIP)](http://download.microsoft.com/download/F/A/3/FA3ADEA4-4966-456B-8BDE-0A594FD52C6C/Surface_Hub_Adoption_Kit_Final_0519.pdf) | Best practices for generating awareness and implementing change management to maximize adoption, usage, and benefits of Microsoft Surface Hub. The Rollout and Adoption Success Kit zip file includes the Rollout and Adoption Success Kit detailed document, Surface Hub presentation, demo guidance, awareness graphics, and more. | | [Unpacking Guide for 84-inch Surface Hub (PDF)](https://www.microsoft.com/surface/support/surface-hub/surface-hub-unpacking-guide-84) | Learn how to unpack your 84-inch Surface Hub efficiently and safely. [Watch the video (opens in a pop-up media player)](http://compass.xbox.com/assets/75/2b/752b73dc-6e9d-4692-8ba1-0f9fc03bff6b.mov?n=04.07.16_installation_video_03_unpacking_84.mov) | | [Unpacking Guide for 55-inch Surface Hub (PDF)](https://www.microsoft.com/surface/support/surface-hub/surface-hub-unpacking-guide-55) | Learn how to unpack your 55-inch Surface Hub efficiently and safely. [Watch the video (opens in a pop-up media player)](http://compass.xbox.com/assets/a9/d6/a9d6b4d7-d33f-4e8b-be92-28f7fc2c06d7.mov?n=04.07.16_installation_video_02_unpacking_55.mov) | | [Wall Mounting and Assembly Guide (PDF)](https://www.microsoft.com/surface/support/surface-hub/surface-hub-wall-mounting-assembly-guide) | Detailed instructions on how to safely and securely assemble the wall brackets, and how to mount your Surface Hub onto them. [Watch the video (opens in a pop-up media player)](http://compass.xbox.com/assets/bf/4d/bf4d6f06-370c-45ee-88e6-c409873914e8.mov?n=04.07.16_installation_video_05_wall_mount.mov) | From e4b2e3e70cedd4898bf26f94ad998fa9348be06c Mon Sep 17 00:00:00 2001 From: Jeanie Decker Date: Tue, 22 Aug 2017 14:42:15 +0000 Subject: [PATCH 07/15] Merged PR 2805: Add topic for Authenticator app --- devices/surface-hub/TOC.md | 1 + .../surface-hub/change-history-surface-hub.md | 9 +- devices/surface-hub/images/approve-signin.png | Bin 0 -> 33063 bytes .../surface-hub/images/approve-signin2.png | Bin 0 -> 33650 bytes devices/surface-hub/images/attendees.png | Bin 0 -> 46865 bytes devices/surface-hub/images/mfa-options.png | Bin 0 -> 62968 bytes devices/surface-hub/images/sign-in.png | Bin 0 -> 123100 bytes devices/surface-hub/manage-surface-hub.md | 1 + .../surface-hub-authenticator-app.md | 78 ++++++++++++++++++ 9 files changed, 87 insertions(+), 2 deletions(-) create mode 100644 devices/surface-hub/images/approve-signin.png create mode 100644 devices/surface-hub/images/approve-signin2.png create mode 100644 devices/surface-hub/images/attendees.png create mode 100644 devices/surface-hub/images/mfa-options.png create mode 100644 devices/surface-hub/images/sign-in.png create mode 100644 devices/surface-hub/surface-hub-authenticator-app.md diff --git a/devices/surface-hub/TOC.md b/devices/surface-hub/TOC.md index 240bcc485e..74d61c7720 100644 --- a/devices/surface-hub/TOC.md +++ b/devices/surface-hub/TOC.md @@ -33,6 +33,7 @@ ### [Install apps on your Surface Hub](install-apps-on-surface-hub.md) ### [Set up and use Whiteboard to Whiteboard collaboration](whiteboard-collaboration.md) ### [End a Surface Hub meeting with End session](i-am-done-finishing-your-surface-hub-meeting.md) +### [Sign in to Surface Hub with Microsoft Authenticator](surface-hub-authenticator-app.md) ### [Save your BitLocker key](save-bitlocker-key-surface-hub.md) ### [Connect other devices and display with Surface Hub](connect-and-display-with-surface-hub.md) ### [Miracast on existing wireless network or LAN](miracast-over-infrastructure.md) diff --git a/devices/surface-hub/change-history-surface-hub.md b/devices/surface-hub/change-history-surface-hub.md index 60353013ed..6fc60ccb51 100644 --- a/devices/surface-hub/change-history-surface-hub.md +++ b/devices/surface-hub/change-history-surface-hub.md @@ -18,9 +18,14 @@ This topic lists new and updated topics in the [Surface Hub Admin Guide]( surfac ## August 2017 -New or changed topic | Description ---- | --- + +| New or changed topic | Description | +| --- | --- | [Accessibility](accessibility-surface-hub.md) | Added information about Narrator +[Sign in to Surface Hub with Microsoft Authenticator](surface-hub-authenticator-app.md) | New + + + ## July 2017 diff --git a/devices/surface-hub/images/approve-signin.png b/devices/surface-hub/images/approve-signin.png new file mode 100644 index 0000000000000000000000000000000000000000..7736b95431c377f0500be39ece51d7bb7ffcd70e GIT binary patch literal 33063 zcmdqH<9j8++C7|1Y}>Xuv2ELv?AW%giJcuA6HYiWC&`X&+s1FsInQ74etbXF)pgg^ zU0uDdu2rj6-O(ya(n#?5@L*tINU|~#YG7dCW&a8UEcCyYfWktfe-}tAQAJTOu*O7$ zcT=c;F`Sc(t}7TA^5B08cp3vT!M{dyH%T2gbw^7#Pg9p4VA3u>emJ-S9NmmGVgEf6 zR4pqZs^MjHkq1?Xd9XBGaIu-==E)NSh5oIGJSG@6WMgB)5VwL9yC|rrFeJu}?qAq; z<#FXX)!CVWV21GZvHxyzIn{OdIGKASn3A2p)Ps>IxfdiA>J=BzmqH2~LQ1I2$w|d2 zGk1}Vvd6k=-B;MZ=Zr=ziVC?C2zH{(cur&5VQNSC$QKpa9c9}**3#b?l&g06WDMNF zigdOpp;#)28cbaE?EeZx@BE5xPn;0)=Vb$&klafFI<~mkjM{y%xc%>7IbZjEb}|dY z=%hGmz79NOm?CM8@HTbT^)v%MC8Uvezo=gX=#ZkQ zVfP}J9;p8+v+(~zfMg&MUy>Yc(9BQv*r|WV$>nmIte^59Xzvs{sXBi2S~ai%@8M7} zrpfe7Op@{VT&VFV2!I&sFPg_fClI8ECqy7RI_J{m1nO;i+oivLPL;A!3U z`o&NBp)4Wd|86!>rlp~Qsqg*dJ6))bgdy=meR+9lzn_(N-tvFi$+oQv1_8p9%H_+R z{UtL0GuXg5qk8S~Yn`|%t=gEY-Y+9>`J-G{ui)5j!)4V;skS)rGN8r70c`k2U{5B~<&QZG_7FzaGq= z4uEIq`IB&#^>^3$E<8HXsq2?w z&(H02YPAg9K#~nQj5bDLvj33fWp1E7I6T~)Qx+b|7xXo0T1kby$@3!oyq{AZFk!7& z8~;KiR|p}6?H3M#qB&qA@-BwhLQPIi26j~m$NnEuFHM^>1)~4$Pln-V|6oCNQ6SA} zIVIFTP`>EkkmRO3d)>|6w=W-bJ}y3Hk{GCW@3+DnBS3SkgO>B8nDG>-FSS=E#Qe_z zgv4+waUyZp@5zH#y{a%%Id_f6;CWgQfxHPaas8iChwIu>L?(;2s3kq{QeQ?yznQf{ zv4yH)jUS$R=d?thS^AeM*y$IgJHbiB=T186cXbzetDplU5Zx%pfOiF9b}j6)uB|X2 zR_#O^529zu`@q}Fzk!H2;vPl|rbC~oHIzw6O%GASTs9lR;ZJ%T7d>Zp1GI31pbqxl zj98CH;isul_I74!d%{c7hIJDFuv3Id7f@~xw{6*v_ zQEr>nn$0-~gNU9|`yC-QY2oU&5ryF~g7v&#VSPs6_pamhOc$=vdn2a*+S>I)`2OyP zzsKcBJs&)`ZM3 z>L*7-#!pc(RP&?}_w-hV(PLa!NCY99Jdy7l?c`T5S6|s3S8-35l@F{=Rj!KU@^Urd)4@^-d4%TF4oBMh}`tiTWB8 z;K(fWB{6a;OjI@mLU6z4^7snwzcY}TkiAzAR$9rhkIC;M{94x@!wL-6Fhrc+I!|@+ z*SY_ca);azM&XyhW>?C2q7FMTW``5&7#J>yr}F(~+Jkk;8;hP&1+j%SiZT7AUz8fM zHf+C7{Yj)M_h%F70OPPn4*ElK*><biemgi|e2 zrGKAlB-fN;^f({?$8^ta-vjz3pn2=K$SEkq6~}35v_Eim9#7&He?6uvT0#_oco`E0 zf9aNgr|w5flm@aL1Jx)j}z6#eI6LOZ4H1SA|x;Bf%=?g^OP~ zl&CR*y6kPHsM4+tLM+G9%)akyBQO}9bTc`yLIG-}$TyOig$xz$FuyLDD9cJ0S*!~| zr_s0eA1kU_=pbS;?^42wy}BBNMgIlncSX($#y0pIXxY7a;c}~HYSzovSm<;;H)DJd z^FgKQ2?-z*EPL7b(<`ydz3^5(aON1e(<&(DCTN%StD~iq>{jz?^e3NS>_iTj`ZOVB z`*S#pPRBN~pM8sa_rO0?e8WaD4B)G|K^=~T#;aMyqrnP z-GFQbT_)tu9dXHzm+*Z+^){=-T@GTVLC6}(X_YA|;yvnwiM52113O}Ej{>45 zc+n(cz(!*5Ds6Q#vI5CB#j2j);@N~qeWYru^b%D3mqVkIv-P%1ZbS0bo{RBu6J<#5JJ6yA3m1rIJs05!yrokLdQd&5 z0HN_s`61l+QkiGU7l=^bU{&#B2jD2E5PSqvrBhqOpe?I0sQuX~e#WwVf=kf@JoS*Wq$|6HIDYr!Z@>=twJnzpIviy5V=bt<$X>fEcUV3}~2`>?<# zuF3DpJn%CQVE$YA226c_u$?q`*W zk?`~@MDW%v4B)RswiyS2Pas1!Sf0YJ`yGHGc0GFdark+cbGY7zb%Wr{`dvqWWj4PLx9Sl^RELhxHA+?^Jjku=aUo)G?4C2$-}3A?9Hoq zo7wgO1lx7?8>{nz=&~#;$GJn-+w})-Q%Po6l(P3wA%~6$O5FfOn?T%O5Tb=8FWP!1 zp*V3T#0N_!qNji$p)ZBjvJB*JbrflNA2~BrW-%Qm>Fqn8of|J%(y?OpEY$`}_ z9WJEMThFM6b{+$wAxh(hhc8b4oO&4dI}f-nUvoNo3jOjgM=V|>(@2J4ArQUW(fsxO zr4V&PYkN3<04<{R=4|qo|513t`4|+c@x-@c zGESrVvm{{3(5PoI(3p!*BJ=8IjfL0_V_Lno|fqJc<$3{>`?fcNX2wf3u>k?V_F zwcOPU!g;QXL5Pf}z9f>iew$L>O^D}!=R2?K=(a|6eF!ES?Xd7c%ZdFR-tv)no$|_v zOTms}byuSNo*I_?S3A7IYQ*VRI9xt6^rC&L?{~f;ZT8=od(Tzv+>)PwOX(Qpyx#e2Zk>m!&BCnkg3!XTFZ`j=1Vp1Bszv2I z{Y~z45s4qf0huOES&gRsd&jPK6R?{6P*zXJuv@n*P9JGYCWB81qN;_7zBdynB)f}e z4ui{3L%av)cPb2BkPs{#;CGKhCZ!-L@8J25gs0v| zD3`Sdi6?C2F4qClE>>>>J4%Or{j}(uf5Px9#+*d~pQt7qRZ2h*5vjfdPq7wLrwO5h zoAJ-GBX-IVm-xWx54S?K6Xevx$3F-x!pg*RSnVI-Xt>T#zj5D&8AgjOJUSuz`tw*h zdtmFkZW-%{1yB=v+3=?g*S?W--D3-2j);=$=p2UwAAWm%mf~D5r*)gS)ej&{BZ{y2 zZVkgs3y1Y-BM(1#c1N)}8idpv`QpaP2iacrfPc1Znd%CSmU8x?E+^n@Wk=*}`4d~7 z|G}8%l8~z03tt#aqeZ#s#3k9PO2j^b9_T)9hZ1I1FNi)(y=$c12FCYKKe% z!uUF^NbBppa8%yNyWZc6aTSc#=12mf5vptcykTIASy4amO&$Qf(cdT6?UF3%?)~uD z^+V4t@j}+>+7Xuoc_9a`0Alv9h|E9PAPR^vf1v-{22QeJQ9mL-mqi}eWqBRE!5RfV z+p!16VR#z&l4&VFW9AIt>$qveN0In4J~)rWcbiJX*8NoTf>6z!Z^Frz@HG7lki$k4 z(XM2w>n!3xy(cZET%`!_yWyCt&jtMAN&1Zg=xqD>Fk6Re-XusU$ zKzr;^)zgbnL-7_9WFDZ?rOM2VuI3nBnEv}#i-UmIqJGN(JAE4c}yb$zf_C=?I zA!_oP+VATD2baT=vFF8sdR?RU1%XGTcwx2#e|Ws4F6%|kaAt`QiK48gFM^K6^d{*O zuyEj0L${c8<$qjR{4azjfQG(^Oh7WO#4@Au|j%eeY(Pc?hiw7xqvkv|kHd#E|=A7$L zF&Mh>9zEy#HCA0{p+UoRP#dlK-5JAfMG8HHJjMVifoTR4cKQ|EAw5Sq(uM_wv@MF zEAljr-YEevR|``_U}>g46I&X~1N3c6(QMDUva4Q%tq*v`6Z+a^h$G-ZHuitu8ut4X zsuM1U`UcMZ5UId_pSN6A3G9Uol&1crK z$4JuqhRF9uhfVH;rzM$l-6Vf}Ky++HSeo5K_r+x{loa-4hz*09+XK29X{b725QX5q z{p+S2)Gh63u=vGp;Grvg&v*50-F-w;=j~FZ#*!vFtf;IJ6GiBan;R=^XL2+M)J^2r zbIoV-*bZes>JE2u-XM{&*ODRB{~4sap@J&ZfIlt#^nKO9mEc7{BuS7(jpm2l*mFcz zfCk@#nt?_!X4}>aUyP~hQq}n(t(5R5Y^&yZ!ktoObdYe+WZA|{TMJR5kt^CFPY(o6 zt_GfvoTIHPvJcmKqOGGZ%*%dwqaw;nOk==b_H!2a6qs~ad66P%;>qD~js~}pfa5qz zUPA76l)B-h=|Hhi4ke}a!zp4kI$B@G_|8YkyA9)=#>68E2WQfO9g&;G?_QtLi91{? z$Q$@do7?qVVH~eaKTJVD_aD_`cl_ja9Xr8k2LF_^BCk~cV1yC`gYLFH0GBus!S65;G$?j0 z?dm*Y>$q34TR+q7>v?|`2=$u3hF4%$8?SBbkE`hh4mm&;#`V3uXbUe>`doVEiiY!g@>8yrsrX-5wP@z zKA!-CL2M=fUq2%6Zi;oJ&!|D_9qh1>aWGEqb96cQ zTM&AC_6Y~r=1-AsHx)`(%%06{8^WlL+1F0I%#W0je~0Oi)d^;QduYCpkIw62TP!>G zdKv*IY@8D9)963ppkXtQsDvcEJRY8`lUX|x9@F6P;6vyHW7=#9{E@Rb$}X{uM48V$ z3wU7dk6)N*16rPOH@N!Pzz{f7lqUM#H3ob@V|t0PuDZ@NsES+YaZ(y#(o`z?*(el) zerjX(1skq4*cy|;g+fosae=yI1v87lA!YE2HU;biQAGxPxEAR6VmA_Y4Q(4N?}Q*t z#fn?Y$sHHfy-X}{_j&^G@Pf(hHd`^$$K6#{EJbM1$-p@aou;YV@6%Mve}%e5LDGBg zFd+-x6PRqya;RB(k$a_wUN z=^E$Y>GRaUKaaRQFJyI_i-k0Ml@#J*5%)4FBWWOl_?c5g)=urcE~AX1=?2aAx_CGs z>JSYJnZikbGVVPkBBMgay&vq-U&90hhRCrAphD64LfArRwcXD>J)$@tBD|9%pEdDQ zd+2w3lG=O{%LVZf9<3Rdux?6s3`uhIrAWsT6VdoEUcrM(Oqv^d5~5Nb6`vmO5M>;f z4RVlpQ7U;_BE5XMW^IBb9rK8`w@U(L2sBdvyb?A<@k$vn_o2G|J0aHA0nd9j@^gOx zOn~2=OW5edeosubK#|;gyOIyY1IddB8hR;j3xy`uBP$nv6+{aaHavygi;M7?J6l+2 zbo)HqKR|j7$rYU2VG`|P|Dn=&C}S#@ePIsX8$weDNiHF!E>7-Fc`n!p7B=8VPWST3 z?LJ|M3f@cdNg6$18c}ddVP3P(fi9A?3rQy!Ne2#;6_?^4G}SPYOU3Oe%^4!YMEs+C z@~w|_6hwzXCDk1hH46jLC+n9#F_k)l7%9811xI z=AKp6j2AgpJ@a&|XmDt_$dvw0#Q-bvEo?|tLKZcQa|ah5LmWD@CXdhmi9o8Jkrz97 z=|VIpt_1$zi=L_8f+Zx*i4zjV8<}2?{fF)+-Oq`GP_>fXbj7jj+f?H~%7dj3tz1m$ z*oiqZ^t%!~))l*%Bc{Rlk7>#BggnsAWL^7H?NIy8-)U#>PDZcyzF*CeN2+zX`!3$& ziL(-lVb6M z>QgDZcWA3-i;YsXV86eSeC2S<#?xlwYUri&Jx?G}Qt%W0>+JRmr^Ge~<3Wy@kS3v$ z)!AGv&yc(Fx_41dDNQCr=d+s7DAHovm@>_1AtFG{JFVc8F7h;U^i5{GA0u#{{fmCS z!zBe?uI`N@LB{u-w<~ur)!;#Rw|)K~iv77wpt3={m$S6>Y>PTeD9xDtN?5!KId`N$ zL9Ar<9pdMS=F8YtuS)ROQpswzjqhqwRZ8|x(~)3v8ilIRhtbhdUOyK;(?T`#^-+t^ zL^+qd>}Kq=DbrcfbQv!|o}5x|*LM^IdGuJaIu6S5R(v|_z~Q`N>RnZy%vX(0sg$Ucda;1w_leHrw|=g0zFl zh5?i2N^ZR7RGzlv*;S2I@eez$Q^1B}>WEVoRorGYS9aGJf&(r5jAJEo2+>j^`4qrS9+ogQF=#u z{fD*50!vG%i;?lSAMU~K+!v)Z0>g-@sWbx(mR7*!%wQHV z*VV7<`WNU$^7ocXqm7+)>Obh{GskV4g<( zlBgqRADUj|*|Z?a);V`_V<|*J9Bcg^glIHGAadwuqq9<&dggc{vO*pl_ZGK+i*H~T zk0;MLbuqoT{K4rcYng{%!bHKsc69vjadlt7rWF6*ki@H@78GRZq{D|~T({S-?d~rf zWkh{6O&IhgX}oPp1C)3vn9x43(EL?->-+m^&HnV~=J4!elV&~6=hxCTr?nZn27aP> zp6F-3mFjIUL`Ivb~R!6P@|tLcJt3xq=Nl{_{iI1J>`4r(n4aaML=$RQ%-f_uD_LAyd+BM zLPTFK0aE5g0$BNsEDP9NR7|O08CwCa*~ZH?JiJ8o~%e5cb-e zEY@3ve)FyKYG0N1>8z`{8QfT9VQIUnM!C$5%FcwE^dB~+ZPqsn4Zfh(0qM5X5G>9$4+0i&wx_lqhb6U8U5O1>UReX-pqIpm-ni1}EI78q(r(TR&0-j_< zgs^T@Cr!_^pjdiVUtL5}@&EpsuHKph~!4Wne7$7lvXc zr>0@>_WC|Z{^qkw&~06}LSa=|&3|Hq!b-yF&3o(6U*bUeY`hgAEfsf=JvXA2BCY%u z_&n}V@eu8=eV}g1!wWY(SASY>;bWw-mi=05*GV~XD5Q2UL#RyHk5}>vT<KlK)PTR)1ju;`cgsD#eVjR;sVDz(!mC#ge9>$@m*|FIT+t8@<@PIZ|4CRvIP=E!_OAjwwLVODdt3>XKJ+_uc3=f&XuVtML z9)w=Fawn_W^8xEKkr~<(R~T_u;in~GwAd#nV<+}Q{V9zJPm0P$K{F8_*&!6t@gx*< zHdUDj!%`S}^!TmI$%oJg2~LzU3NxY-+eP(dU9OdCEL2wh zfjb+3Nqp0{mzZp#V^S16K6<8aYE-R#y{RY&(7=_d2x|=F;4_jU76?le*=YU9`Rn6VsX!m}NJn%LK&IK6|61<_0tj56o2|c2ne$d!Qkx}% zUGxT=2I8yeOj7ojwqM4@&b+@g0ytjCyHamhdjhxZ!YE831)0Nkp>K_9VBa7(XUtf5 zt5(Z^uR|x92i&eyMRouYXCiPvr;n6n&(}0BKPL*r-`x7{fo3~#e{5eOEKi#TpJDCkT!L_zn@(c`SMb>!UT z&{?-b@Lqno^M$UvikgnxNON?8CdT9{YmA`i>LVvBm-?34iw_@hoJCi+1Ih#23b>7W z9Q1(m>6!>_S*xu8Hqd^0L?;fq9sAha)T=Tc`WFPXf9~TF?ZMbXY~RIg-?>xOJsO{f zX2z@#pwR!j*qSgg1sbqJy5h>dxmM7q;PtfiuVtw{D&^YHh*;d?*x(AL-0W`bpQ*JNc{SQ`9j|GsGWKD$OA@Gm9 z_l%H?bLA0QVQ?hK4CY<(S~A{gdAUrL1oSz$Hl^%u0_*?{lfRAnBCK%!5`?zL6yP?cIluE4%eT(kKY z2-Qvzq{sgR9g29QV<6vxv9rhhJLwrE&1}5Qp>Y~}*_gSjnZgxv6^@T1jAoMM&-jb~ zCqvmF`f|f}cYLH*Y;=Ff>S;Y;L6t9Pl*8*}Ret98T&dT=!qIhqlK1>h=gl|+ipe~T za-sf`1MgRKy(ut{u@UFkREli4`;!^_9Ins}wATLF*yi-L0Wnkh^pGi6tPvajh|66T z?2pTJ4`&CvY8q=llJ`;H&$n!{%0*Hv?H2{rWVxG{?AmyEgmUvaseH4)hqAlo9-uMG zW`36YKgP;q} zh)Z2NqB570ii+z@M=liX^fcWVAF^5Pu|@G9VjOPGgSw9Brrh=2jyWh?3*S)bumRU% z)QkA04ug2Qh#bDgV=}iWIJ(3o)!Rd)^2-&Y^XxRfxyB|jX-PZuq-^{_2WKAU3uXQ~y#Y+EHHJZo)q%tLAHEI3!X*5jSAY5q zq32;Q{@@hE4W4f}*sZmLHOUkfapHn98EHvPSKHsM>dL0%^+H_|@j@Xf-{7i_5Hx`KeB|&!Yz;6l8xW93pc>~V(aGuc9JUzLN88IjKO)O%g>TY}B zX=`w~Kx!vAqgO-+X8?s|D?;e#QDjSqXXmK9IdL{=Tx@tmB9tU_1sMU4qs-zH_x@@D zORyt1c4VX`l&TAgrR#>vK$Tqvis5>YNZHhOJz}N~&uh1s&S~U6RV%U9Rd~d9PiQb_ zdNTsJWiO_*U~^sffuCsX0ex!pOiNA)i5!Xa7WfL5;c*&#sl6FttuMDzvKJ&hPR$O; zspxSGXv9zM3irBgq+#9vedgpa^60f48QQRNvHUavFxb3vbL)5ppEPXwcGb;_Ik)A5 z?AiTF2md%d)TF%`#&5kLokDH)Y+G-hGXWV%m2g5L5PfoXn~H>cHyF=bFK?CWyH)+{ zu}<5?;Ymo`d&2C;<_$F*{{iOO`fANT%yto)<5*&olGyZ0#BwS^m%}B5}#m)1Cc_9VCA*(m*PE#anKmpRHdx4qB z7V+^)H-QoE2M1E&`Lp+Vlb89d)Q^$J+U$r7A!ArY0LEs=9k+nr!G@R5u>wFA>|PJO zKa-?haFc|k_my($1cb2E^NjVaxtl2KchrI7P!fNg*ilNhxl0e860sjnec#5%YmxMm z>&(|qB3hA0xOPJM#|Z^uU=2!#+ewV}A?6&|7Mwi@T7WI;acT2tJ4?AzVfD&;2E7=V zn$}@{yXLtQk}o(@e6+DFHKGsLQ}#OP%eYxo_bk+or1moPK}(ZuZ8G_O*>gyk>%P)AghjV4DpPul^WG>rNkuveRI^zo=M4R*VjkO0!Bo!X6tuCZF377u#9^!E_QBfDad z3M_+kS46$Lw%JRUY6bTbnO}4G{MPVruz|Kc>KP96kdZbd=;Q7NWX0k9mtWXqUNg(< zF5XiWpR0Nft93GlR-hfm-0D)qZVS2Q{l(RU;WTQ{BDkvY-sxt1aC`-1J9Wek*+UQ+KehuyLIf1AZPFXcuW&vjOfc+YsC;JiFq8vq-B9 ztMlo+zwAQ4!F`0=ZlxuyjA;3nKL8tHwV7b zvP$0OLj8+D*V?Tl*lNw^xvi$JuC&+We57D67DX5c>Vk&2^2YOb^dVfqvLSPPGD^k7 zOo{4Hm7|#dfI+yKf56!TR{QR)B6OM@hao-NJQCY2>qez7m{$~>g>!UL7iE=;sRJ?I z>u?3a9oiAr+ncw-kLT)1pbfv{wi!6HIs7(7ow{&AZ>}?($*_xD+zo2IJedJ$C|s;| zyFwuouSdmBImSm`36Vg&<;9R3P7Tv+`Ngi>;q0X1Kg zi>TO!kienzTU5%}gS{2PU05tA%b046V5D&E_8J7S63bh$%Q z$J?B{uJZx!eDVpnqDax;HcZ<*ofi)jwjX(gyE66NH>)YRaI$~094&YtuJf`+DPu8; zF>}B!qRp$!_{E%bYO^nsp|Rl6Lfi>S;%_?frzk6QD64e;=x7Ij3Up&q-~=iU!OS zdfO{xy+bXgC+#)bez#26jD_ygJ@z|N=;BR=_POhk+SEqbt(Am96A*cuRBB_d*bLdw z>G@s&ITbn`ksuu}iefryenfG3OP{zTF>;J@6&PQ;0By4KGaS%+#v~wMMpm<;Gzk>l zTT%9p3pa<^sWU?P$6>+wCKYgpm73g?ByNs=4c;G94_h~SGJQXX^0K`)y7vb#|9T+n zy15;w@ID*Sxt<`vUHD=ir$SLSbY)?mA`bp7j3izAM+p-vh2Nd&MY|Ui0gLiarWGY58?Ge-woeYa}GYv81^voxPGCUaml9hu>$CcCL%$i6ijE0}02$ z_BxHqiPa85865p5OB*qVQuqhSXZV0MBxQqj%m%Gt+43J|JFn!wMoTQD>0^!Ok7EPI&n|2-MQ#ou0SL-N&nFH$O?LrExA z%cCKEPBk^7X0v|oYJ%Se(5EiBGIHzLrWbAklwmED-XR5`}QWpIB(p02aUhhe-> zVo+gFi&-rP-~molnKN&hUp{UO#+=wB~- zypb!N9Pjj^i%dAmqH(nMk_visJl>|PH+?p2+uM=lPsVE;P+sI@cf^HWfBQx~eKT+b zUo?eh7<56hyGkPkwD~Ky%x)#b*^}n=TGx4V7)G}&{|0AGZ$BlWZzd{~h9Sji6!x;; z?eW_O74Zhvroay_n-g|NBv{(;NLHj@V)Ly^Q(nb!1`D7-hGx%%=-rMdl&2bJd9>Ki zQte@KcHeUR=H$75RS^B-F86q`gsY|uaEmVz204yk%qVduin&U^og2)PbcK@Z>R?#2 z)=k8Z{kPxd)-7_=oxuoK`pqgC8Rn(K+J)dOj`~1S%8!||(+hRVTHHua%l5vu4QHZT zk*)Af_WAsf;QBKLV$^LGz=tX}bEVqp#aSWx@3>*61|LeA!fi71=bJ!5zWa;`O$ggG zbALR`I-KvIvcC=vwoNaKj$CNvAe$L$3XJT?Qf?kI`opFT!P2=K@~MW0*+oKkMbZlN zl3_slc#~%FBkj6gQ0qnq>DQ6A^Hx%2sudLOLziO~>ci}|V-B8nvi9J{T+JS7uBC2# zJQeY>e(Uf7j$5%GBVeWu{uTgMQTjoHUWlaA&0klK{U?>HvoT8|I=It-rVo67c0kySx3AVqeuSkc(+`ZFZF2?u0y;bySH7HM|sbXgjzvcd(Yzb?et zeTd~&RM)m-6Plp;XfpOnwA|y$b?A4;ed%+K#CWf>64@}qy*rV)2WSTITzcWX0b;Y8{qja62=b7@gf^qR z$n0Uqm8J9Q$PS)fctc_34EBM^rmtAd+Jmx)-!OT^V#x|f(0K3=vyVEr-^qwp3v@|r z-`5(!m@&AeuM8 zB~a?|?lYMPTCpij&eV;Mc*)jH>LMjBT_d9Gu;gI3^HbsxGm~-#kibe7v1Xz#kxr&g z*>Hi7iKNy=CicO@$D%T=kB%TlNea8-4kZXGj6Z_G`u#4L2-TJrd07O97UuehV5Lx( zRE3AdFo5w=c=Yc%MSzcL{Lk>c!EseX zeK>C`gp|MyCMj?HlsznCQD}B+&avU#i?VdS9+$aKufx*vo9m{5>$!|J^RFnJ>yy`x z=j}WzXYbyW(dE=Xi~IkwYEL0@iHw45w{Szn;`0+ua(dWh+-xfBzm_X z|6!}=vU{=hm3jv503M|3GYg7pBSXNbtsJ2$+wCu|c^XP;#0N*(^krdrLDl8arrD$= zwMJDEf!9e_ufu~j*0V?}6~TRRR$a8I$a36|mSMlbji_tjADqaH){$_Y?oiKyix}fg zZ&~k&af$=~+?*kQJfL}4%FN?bg^7qI_g}TOk8n3TwGACInTZN#?A6P4F?`%xwu5bR zdNz|?cwFzKz8~tnq}Ze=A#bscP9Tb7`FlrFjj&mC9-G|nu*E{&81bHdu?$ZE1E;Hhf1unC9Tr%cO`;Pq zpRR%R`JsPEP=-(I%Z%hB-J4{qK-fY3WOGks>@9^Qr_ z8AzEHNOTk;i01EHiX6cT8nYg{Tp`&jPW0S8Jc`)O;-4!1jHE&P;0Y!sx8_kI?j zMg)=8mXoe3cfa^ruTjQdI`6i_s^?1d@4;0NkX0d)Qmww+4zjhM4|(a<-lygAS!jwe%&@a8@2qpD7;T1S7+ZgUzPJw(!H`t!jIvG zAALu-e1|Z8{O_t=SXBwJ`il~xrera4F{(%7ZO-HSzSoms2RhuYgi?R?P|PEUC6{BV z<^qBC&lDkgG>;1Y=+lW?@$2cDs_l*(e8%4VoUuZ~)fk7SH}|r*@)3+;&^!ltBgcQ9 zUgdTqv7zsUVAKn`@QjtRVu8xt(25>`oRhzP-q4nQWI%4{$C$N|5KUdejO;(%%pM7w z3?H|#KJOvpF0x>_D^*4!ZFPs>CEx=@i~X0DwHqhrFuU>bWS>`5T;=~(sQiYU>wO99 z@!iW!zqr`|+*oRXL{F}jLl#ie7@=# z{Mm);?Lrtif~4nFOSRl#!7UVEjR;5Ry}UzeKG6$C$V7a~UpoLFt!~-Rv(i8nO5&%EBypPA#qxqk zmY=*x1h?nyXAd->Wz3Mscz)p~3&ub9C+ZC@=8zdeZa7L+cA>)n@mlWkoq3LFQK=hp zg@QBbk*O6OT@4fnW*g)jGMvBoJd)VHT8nm^fEjcoc54Ym3QwU8^X4B#0ZmdB$8Mz6 zdgh$f#;O6dXM?bS%liN!+w*>5G|rrp!>jSvr%MB%UQAY zoQ;JJk6nep0oCxG%;K%xC4WR!LPw;Ub6PSd zrPA!nf;ZdB+u}{-75mt)*U6x_P>1|<`OU)pIK&6bx}1|s?5asgJPpxgZ`|04lqF`) z=TS^toG$KRwRmn!F-gA#n_e%5)qD&)HS7VfaHf{4HXQ_Edt~;~aWPuAg)jJeFZIFa zz5q3E|0Xc=&!V3Ss-7v4;%>g&xIW5{OZZDrC|3s;n^7yNRopbQ+=vrw)9tL)$=9Hg z`=IafN2i!;s(as$vlPD8um_F*PF|(c-tk_z8tN2ZaJjfPhS{o_N_jf*<3)-SU`(QP z1Mz+uJhr+%S?0<{prJHj>-oY~Vk40npzFj!JLU-8ih! z?iS)}o*2xHPHC`dg0{*FL{>U;rvDaOZob$->tpE2#@Fl+Hy%N1>Hk1==v%d02}3Lu zKb{6^iAUN}e1;>4AqTihp)^-X?2dYRHj)*omN%LGm@nL`G0K@!6|ctmCtcdxMvM%63}2Ljfu>dut6N@>Va1F3l-Z z-OxA|>-}ivzcApeE7A6}2Pwrj42QfjRhb@TdtWc>7a88IR;YJ=&(>_AklPgZcsM+s zX~*Mht_-ur=;pSup&u|5??9p?SI>U99)p$zn;QNh;oiY+BE;HcIPa zjY15fq&~nPe$|j=Sks^HPqrq)ZzzJs8eHCDe+G*qE%EN*2NTvDP?r%=O#vI6H`dxt zcJRkcg%sAjLm;t@Esxph{L75CeH^mAKG1uOUPs80s%9Y@=-s4OVOWivowp80bK+@s zpLmBhZ6C^ii65kJ%7U9)F;_xXrQJ-f-$b5XzUIttR;as(2XX)Kuk3l8= zL;`r6;;~}c58h`X6xs%$5fl1xE9?iKFmZ0%ETd}@>D^Y@Rp=+)jy2L;4s+^_cD9;r zWY;Hq&k7!Iup@vbeR#_?nJqt_A+#j1%X(|PY88x$V2R9;8s62CYTkC1I8WIj zG&CpOJZ(3+wwLtfoQ?UI7Tc5cv!S^bzkGnEzDXsjT8#J}19Q2v7q6?ls@ zCY2(3^YTIYXJ0DC{Nhe}enZI5m%m@%X{gZ3X|cQB#HlmpG&?+T)wV^gzz2|uv(&fK zTvd*KR!U<`)7*dM>+P3LO{a0OM-W*={lX%4$cLJc(w-bNS zE$Sm|xdq2wIlLCg9`c$}7Np?(tIb-Zakzd&VzdLlp_j8o62avodV~a z(dag+Z$B*tZL%(O;abrx^pVYe#i={jEqP=e& z`v8u|F+GL7(^7kiajC6*2)>+S*7M-{x^}Z6>6nccTTJO zh;Iqn*X5*G1;M(Q@k@n!@c!~QPiOd=65yZkyFwSeHfv3K4vhcWBiye47;=%NbHYO4 z1}=9^uYTFj(Xzb8MstVOms_An=8PR>MLI;fy2oqfiW=R2CFT6)Xy2w2&?2zB2lJ=o zgN#s7>SwKd_~Veryt5$xGaeGQchnIXRsQm*o`Qmgo z{kxLr6&_LZc1y$^0JlGU20}I2Z$GD>OqRJ8J)t2|ryGdk=sYHFP0*m_l@>o|h-+K& zyd}I%%I!)*+uHoq2Kf<=e&4O<)5to{d?JvU+FG=cDK1Z>|H!fw3*ZE62fSslB00fT zPrk;g&|R0N=u-zg3n@%;^?L#WqJ(hX-->LNI;%E=BDE}GZ=21(f}c7>y7Dd^eHMHS zidKie{F`TbZ)AmiCR=tbwmmzIn@?)FRuHiIx1^u&Uq@U#fWX43cR|{5gJy8dZl%T_ z_?>oo=5Ij{-|St9IYjo4FRk@~nA1Hz8O8Eig&LEF`#lQYr?q8VdNGHh0MO^!T6w4> zV6js2Um`U)5xZWL1MS=T*U2=o!%-&aA5Buh$UG4-l1m}BpiUSsDbwN1y?)Q=uOri> zXi)#@G05Nr-f;6qVB6ltha)d8o{6gzkv1ghaVrMXWUhQmo|3y^1(%-jtXH3=MtPEt zNJQKJe)M3M3jf)G0p~=H;aBW5L;8(&b?zNvk9mEBLMKkP`_;nn0taeIi3Ra%yp^^f zBsP5FeSyw%YI%mV1ugXkNT-xd!K3cz`VfqI3X4FZQLZ>;9wVD{oqA<`@d%-3Nqfn& zyES#|@n;)^x7*+<`My1CsTWQ_P3k3AZS8Q=d0gZffe?*1#1kv7DR?l_vSQv6w^9$ zWgj^JW|BI(trNZDC-I+?%TY&W6C+W0kB%H2X3oX+T7SEbI|YyhWpBM3ACd6;skai; z{P#6d&ahJIRkSN0u9N4PNsnA8Yb@Z1XB^9aMJ13TV-T!xIzC}VhtLiiXBiS9y6_$F zdg}JL*Wjf{Oa>An#lF3NXI0Cs3HGMx#wGJoq>jD&Vn>Kw?Te(WaOaSyFLdB787GSw z1gF|=yn?Q){O0&9*QNOG00*+X4iC4YDYa&SLD`zXaX^@vqDd)!)lX?iafvnq(19v9 z#+^aYnesWA`_a%nvR7xMs6>h)sAfa4@3!=7ZyMC~Xc~BZfq&0za{F0NM6qHbai{C) z^e5G7Zjj#e7Mr5dkEO1zSoExH5y?lk);i_Nk+JjQyoa@>7E zmsPf~o2aa=SRKI*|9y7my%NzxR;i#b_chpgYSWbQQQ_u1 zUi1&%+u$uGcRlTodTw-*yUK0TopL#@YM(}=*gW5^L{`dtwE)aj#Rs(>7ov~2qq z;XG*ZZpn#KuL*WxBJKL-7AYf>wt+{mh{{TDl{ml8|{WA7d zvGl1XJB}nxgzxFtOF7kR-V1bXdcg7n_yqoPEIda?aZ_cJs<}|t5`KXI}j%~ z1RmPuD&Z`rJ z3zCQeb`G4p{Zk-NaYw_OqN*8$6MlVD<${~J#bdrw|3@_tiaVxsa@jqMH0F5T9`X&1CYkeg9S-z)b6sy+{5 zemM){;&nY-V$&93TdzI0)$!68*3V;C`X%<)z{_W8SAH%LFsKH~6OEhhbwd)`wT)@Q{Zy$B>NdU2 zKl@W36|4Opp#wF}v(E?>GycVfdW^lN<%%8q6KHX29s-ZV_iwwjw}d-oH=96j+g zo^izIUxg+&hql7_te~dT*859UR;^HMHfj8!PQQtgB}qRonRl$Mb5 zNOW><>_dNVv0uV9)S_OU=yN^~3pM2iS;!o*S0N>2Gk>s}KX0H=*ZCsjhhhS{y-0^$ zq9Bgqk)XN`B1q8P0Qq{%NNy)8T-o6yMVn3?uBt?Dy*tN8vHX{WgIWwr7iwyK7Sqyx zv~KSEuLW=qbnw4lux;-7ru5w(@FN56)$o|Z-W|S* zqujQ|_1DXzZf`XZSaQZ}XUqb&Cs#?rx@gEMTOln=>%lLiQX%oVrN;;ZvPOP<|KwJzxV5!y)<&(+A7@a;+2 z<>j_6{;naCF?+rfGG-5@hBaD&ZX zrsPV+2|0wOz!;f1( z0K8wUg(P!?F{jPV5p6cfLg{LZ18}4P>mjFgUAW8=LIh2RQ-hq?b~|8FgSQr(rRv7W zNdIhZ3t3?<@-%e!YxO=7QUJ(DwnhfD0p6Q*m|i@IbalonJyR@oJmtgf@PrKs{Z@;i z1nx}39`f;g;aex46L9HE#j=uPBL|7F2m9Q5pudO>c_~gWWty2ce;{qJQ7<-e1Yqf3e9NtN$8m|;Nfvndd-%d86kTxb zMrK5G#bK^l@B#M>l;rfONdA$l{21Ivi9u)3ME;Pyft~T|%h$iF)WoWEMv~Wr{*RD< z?T_Qp?iUG;3|~9zmz-rzN$hvBlbWpOPRk|mVKyjVC63-2MF$QZJ_*9$DO@;kh;vj8 z5WdcqEKg1ZK8c1+Z0B(S9dUXZxDw%Po(mfh-$y&2-Zndky_srr=_}kd9~JLLWiu_ z*%U@1?9GT=xi+*}XI~niy7`etfVedfpAYEw)#|?FCEG1Kxc|GMU@Mp7>-^g%UBHo# z#8o_UCrwb=0*vc-tMf}1H;#@*o0~lry5>p#FnftfKpuFLnK|mJ_RAp<-Gcm4BKDyS z-h{*2elWTE=>m6eF77Hl4)BqAAo3wJaxiAJx;WUP+lt_F{~rJHM}p&Cqz>?DSUm8a zeoJm#aQD4l{l6i`5oH$G)UMi$ycc7?U`FM3cE79D??L7Ct7`(aoJ%COaB(z6<1-cs zpae&fwdi0E zM$I`Z4?35ql$_M)`)(G_`Xcou-FllX8a3lyva)r5VyDGNY;u^q5LoY=Z@n_=Y|t>Zx#cty7W z5|80W$&ImoF9jy&SKLV&BW#dz3K1d*+e-7DrIRAvyMEL&KFLzHcv-EXnXQ@N37lVp zcfT_Ge%}4ke71s>!}XJc|NhmuSIIY9&54)o0wf;@iu7={E ztk%4*JPbL#f+E)0Y|@Bj>eXVCHo65Kk&wNN7QsB$Nqt|F;u~tqaULue&}A=vVp{rN zV@F^E(I>9=W|~F@$ATO#{yp4~h&zKmj~ zQq~ie+8sTCf)hN^x5?w2B=-kSB>hg+l-AxDi;YS@TCqgn69)?O@#M>pM6 zIjip#hStsY4Jw0~Za)uv*fcj_43xGL{NYROQK>Kg_aP-gyPK85aOUGdV@vtswTW4v zovcx#Q;|MSz4rmz8Tag7Os;*QN+~h9{^vsFiHMm9n6hRLP8W9a{f~j@uAt5TvJ02&p zw_xl$l`-dWr{Cl?XTbEfkGK^7dPop8YLIK1P*xXaY&LfnSkUEWA7Xx$XZ-!3P*Pbw zSIGO*ON`i*bb8=nN=&=svAg{!TXdh=NxLYJsj~GC7)QOTzp|y!ab#|`))*V=@*GLQ zUI>KK^5yA+V8d^v@m@@+deho}SVucHpR6kG=78Lhx@c|(v|jFTdiQx1hBtP3==VLU z(!4~gnQlK0zF7#rfa(l`#Q}FAuq;_PA_D-`pSH8c6JwcsFK6t6xky5|$wF7kwYO^G z9b=R8EV_$RwjOf)@IP{l=e*n4TYat+ZU zc&@-JdljFlE*3dl6C5I!MNwKSeKj^p2K*@LngHcZ?M^1zXN9Vo7Byp!Tey)QX+|cH zjvigjJL*atxEc&p^?V}5>8H+rDemE~Nc&!yJ+I1tZ>scUf-mK2*mF0smHx53*SuMx zJwTxekx3%u6kU2`%jx%(>IcM`%hQm_u8q;Pk}jYXJ=y>mVeM+~mB28NCCNTe5aX~! zF9QsGNsB6x3pK3z3fiT4Vep27H7ExlH(k@b&Pq1T7cY5YNATpdPRqzX1kEh|9iK_ZT3l6m9~j_#@TD|m9HlFzl)Av>Rh>OsG$qafF;^jVP*l*TR= zUQh}9`#L85mmMH8Q;N<(8ZCM5lfKuHrAl7Ng!=r>=+nGOX5l_7#mxQP(dBMSH=bKs zrQs8E)V6Q3#saf8(<|q<4egF69fs7T1NTnC;O6W~MLw<(-3c@9T!Ma90w6O~DP^j> zD~S*lU?BO-)M{DSMFf5Vir}|ZbKaPy8o(ia<{q8eK%N}AQ{NGre8ogj4=H`C3H*C( z{89miovF)Ytp6lmgYoA6Q-}TkMy~&VCFW=QUbYqLY@t1x6I}T|*yy-V9Qm<4U;GE0 z;?R=ZWcmR$`*p~s_f_M~{{W@*2TJ}(+NfC&bkGnC_3gmh;@|}h_nHVflNZ{;#mJbL zn611o1}d-iayob#RB;oeUyyf#VjpC<|8Dv>Y0nMxx`wS%z9?DCGC{l_e_Ly>^NXMs%K3t!$9g2TD4F2|7swlHa(Ew zdXxwcfa-qKpfZ&@31+2$B>It;1oEM8`uP4dGsXaTg6Y1m&SnCCqTv_~LUkj(e| z4c4nQwVEA$P#)=(1KN%f(yRj!{sU*0Qt%gV!k%vjf&RR8Z-lB6_tjCtLlR`dlwq2X z!lEV0??3*MT}?U*U+h+0CBaGKDTE*N%F4(vzlizAqVNS2uIuKNV%U!~B|3;Kzq0Y4M{k z;#Z?XJfJ6)n?X~8FeLa^3ZjffVWO_L{)MC_rG<`*Lmq4W&r<33bOdS+;(wFnqyL zzCT%!N8rN0%iWdKAtZSJ0b!c$Ub*<%s9+{h zX}>MuT~S{aIA?O*uO&7+$Sxjya9wb|6^5TLBGIokAL)qy6SZ6qR|4!S}uA5+Vutn_B?wO^-m&Xf}jpRXR z7Gj{VvquTZ>X9D71a0?UNo_wx7_@gu6U6Rwu8*tI#YYCJlV_lP$q5T?>j9lA#wnIf zq75BTQV^71^KTtTHvuvuk~E~S4~_7&y~rG_W`-KRK|IdpmxfsdvmJmh z8)RnoD61AwoK>H5Fh>nwXaA36=xo&U>7i9!EmNk!#D`E_)ZP0d7X^iSB<*fuoV~#H z^As@X zn_XV3dFx`?So}n^GmOl!OO1eVF~S7ae!jvLKapp*|G&j18U^EAKB#ODjwooX?{G02P(THOXSli6T@@y@5Sjnx5*UYo!?!&;b`F;io)2@}iMVM>e7V}qExa&c7yb7?_00%Mppy8} zS^`*UYuKdVAHJ#~mm~kZRV3p{*6y^L3RAB*9BgvCI`bEpDoz1(wV9l!p>e>v8o@>*}RA^T}d;@aH~UC#Uy+HP;gi;IqMpj^Y0!!Tx`T|7TZ2 zeidC;JU4w@i7O44AZ}pxftA?XXuILSH;ox>ASk|>pwu^ptr&4KVxNyvq_Q9-wWV3( zY{T^f_0aR+b7_f%&U5ma7zlmlvtF`P#O|PQUGK_l_OEMsa2_F!iV54xuthhh}BS){G2VZ^+D>wLs1DgAaMU_=Sp~v9s+x>KwW~V*x+r6h7eV{L)`r7wg;`pT`G-OrjJ=>j7h&BuHr}~Fl~)P&q%wo zn<%R3*BIjsr4?xIduv~cB>Etz)jn6L>&Q~Uwj_6N;+w3Qs;8QGrdOM~Xsixy{K5th z>iZs7U6(ShbIJm+AU)z^=?Uc!1+B13#Z3c6IEfU1>0if$yT0r|%l*d{H3=qjV{@SV z4g~HTL>l_xvk4AabJfA%EX7mx=3g1rq-~%*Tj87f`zPOzX83nHLm~hd(${x6igH!K z8M~g{`hm$Asq9M2dO3v8BM1Hx-DvFH?omYskp3&j#zdornd1sqy;p6~BB6ImCgWSm zYa@0`)+g(9F{@<7fjcDdTlSOJ*9DWifX2X_%H#RpU>4Jd*LNs zXlvpDIPZ2l&8_vu=L>#HM!D;~y01ZaG7DKG$-)zfXxS--i(?Ul9X9c?tzY6;PV{E2 zU%4tz`J6_2$SCG{^6Aj~E2*V9Rse&x<3;lNh&Vc8Tc#v^l5DTvRYNtLIY#LUViKBH zlx|p97tEul)e)yCGo0o#f574h6i@y>N@6#$>5@cfX@;l}k#f(&Zf^CoJ5IK$ID+DZm;|XEB#<+Us z!Zul)*?zo;=BfMM^_GBwx`V(a9@SL?I#9c*>vT$;=dI2T5T?`kI1H2dp+!frS14r>hHR)ZP20O_)m>1@l;&j$^g?`-jEOO zTdzX6$&8f>17wN=Y8%o~$>kC7mA7Pk4g=ad?Uh~cif8%V+PwAZD-JgRt6!W##Lpc)J?JqG@ z*;&L8C8z@1`>%zr=7eV%6t;?V%bq+Mw+nr{Z(RNw;Y*mNYw5@Zsu_g_oAbGCIvP7T z(z`mFzM+hgaj-NFwZ!pjaIvSt*7&_s^@nC&as&KLqirv7qG`64C$gjSBM+IEaNci= zwcjf4>!T8ki19v?ed;+>4xi~YS${Zypn9X8&1D+*88_{)7_6Hz-}u%=tD#D?uk%cn zdhuMb71>-X<(69!bDjdiZ7swp(5Lo5S*)@J<_lIx45D6J1CYXOaRuyjC+wuvDYQSL z)mZc9;(~v>8`Hz>(}>#o#^hVfgREsZ*g*@*fuBDt9jZd1_zFVtS)ieP7kMF3Dv%OdWRL020r_V==!C#uXv@ZyJ-4rRq^~x$+PM5^vU|lNyOGg8!Bj z+>Fm8^ze?aIfdVA`R7P{2LlrmK^k(E1e#te{$6D*Mt=Wp`-}G}%E%Q!i){3UARO8ZO@eiHT#=8;0ZO#O!zD za11cw`z=o(-n}H6<~rC%YxKSWv6v;cldkR66c*L^gGY0SqZPJ;hus!W>2(nKnw*&w z*cHXWQgI>qROOq!)THqY^~ggY&ss^patanhmpc?~g^{<=Scu0PkrlDUYdY?Y-M(T9 z3zL&-!W-lYga)#bf>xNZGnnPMF^srVnPIv-EYUm`c4$xPt=;wG1C~paT}6drlLOIh zmayAJ2F^|So3pjO{-5dit_e$D1G&&Yu>##%V$16%K=)kZ=|s+FOj1#Lc@>3lx!V`M zKYP51@1hgiY$`qu)o*&oJTn2zBdGh5zQw{a#Y>EY!+eY1*%xj>z_9dv8*BVYau4KqrDl~@i?;oY~D_iZ4L#ymJ;ba|J%L2Wm@-&!yXmf z7A4SBm4^y{q0pP)+fFuN7+|0xy{V0vlc32~c0LuD1@#AbYOUZa8blxnR_i4>kahp6 z39AhRtm@=pZIBMhV^8gm4W+b|xfnC_J1GE9izxJp8$HH4K6-hHVwGnV4YjJ%WIvv} zm|f~3wcU-$s5g;xXQp2+F75B6nD9L6pw4iJB45ODyBxM+zPdMyuz+7Y3wtHvv#Vw| z=tgm|#A4i+{&e|wd>{GJv6E*ZzMH&L99kiOEmAR)XZWiPi-_eeuF0lN~3>6ku zgle8sy^4$}8N&rcZQw)Fgr;-h z!?hzMDw*p8UEyGyIG;pYPHMXu2?=&e6{9={ZJDy{ZI#;9$|G3Im;$;eOr3W=|Ks1+ zgzQo*0(Q0#aq)3Qa1)B?IX{6dSA2J|Fld(T7LRj^vOIg2cBtUqNr-bGnY4}@szXtP zl96l;W=0_eo1vskmvPX~F9BbKIj{dnN2vkRZ@~i6Ce?CR14Mbq*#*^bSFAwNz_Y=R zzbp8a;MO3lvEob-)ns|^_C7N!B%$b^*?t*=UU|gGL6jmAAz#MkzDPqOgsb_;7pMp- z`LyX|JG=rVO#=2tK0uL9=-+bJ?4f2GeQi`et4y%IP0+SuJ@j9O8S*0*Gom-pLdJ1p zhL^9EWCBpTwd1KeNrd?NQk1bi>b)na=XqWoO|Varws#G7m6=JP)hm7Y@zO8<>5AHu zc#MDiBLbszj5c|4G7^jXH=h_MLj9l$e}W%qHPadGYl=s9(Xt@8PbRD=l&70o|Xu>zv{Pn#;RQz|yjj6Hzt*GWNR@#N*p61=w*k?rV(pt$s6|D|MvY>}t`dFE!STMx0QO@Ck(J3d2Yb1yi z5KQ6}T~ydOCWqgX$Jdq2i-?dS;~Eb4RiZ%kgt^q4vEmvYI0> zWWkk>T62d-tHzro!s0xPQ{yA4O7*svnfjewJI$v*BGVqX2X0(hn*6DC@ln%FPPyzu zD^UG>TmNxpeZ#m3SHEpog|HdQw|KC>4p6((K>}3v`wFXU=dBSQ@I}kgL0^=3*jZ`# zK&S+I^rYjp`?4$CHTi7O^Y=u`9-cP1e6J*Btuhc%^F@@8qhm5TJ}tyvc86^JoW)FF zTyyn-FD_;}`2cba&WHTw>5^2thj(zU4B|}dl@v);h^Jd}UhBDt$lo8(AL#;%wXDI$ z^2XWwPl?3?ab|`j8vF;>_B!_|Q)!lm6=p`pz8yUOxzWk2V$4asJK(=`WNJ-)Ep4#f z%PM^8`cGT<;xdnjDMC}Wg0k(jgqSM?pmYn z7EHunMFAH5G=_&f&Q_^@LgLS4kK3coiR=ikQUu34ys! zpY)R^6|%4QZl273Z?*jK|0XC^?zBx)q}HBW(G@ec^oE+fL&;x1l_~QGHSj*x$1LyF z)s3>96Mnk(Dw?1Z_9D)IS(FCETHp5Lr5=oEjkCYCu4a!+G9EXG|tPe@ZH}b4>(CFyRTj2v6dJWF%D>i zsW3cu3M+Q3{M$=J76!wJ-ZLkrk|^jY@ejA2r(smok~ZD$ju(zNyUO+q=#ksYPfq3? z(d#S@;YkH|*J%#GB9CWv zy@=S=aj!zUiPehn{Pwd%j{w+2_ZfJl;zC&BAL|mRw|L@tEMUUbc!_z>O-zr9Ev@$@ zD|1Pk8p|wIsP^Gk@v5SAbM7AT-@BbPb8FjGR{Bab;&<@<$o~5Tv(-BqMc3}YCPfm_ z2F2D!OP8J^@v6=CWR`9ujEa)n#2l;l3yzhsJ60wwxpWfAup3p@Ske_~1dj-Jr3HDi ze1ujvZ}4PZa95UHN=&)kk`?aI&a~0wD*3PmL8aY_AJQK~)nS3-XxgnR=?L}caw(aQ zc#2$8pttyEKA&g0O3|@BzAkrE5WQD}_Uk|*4~wzrS&KZY{#;#K7)WwDW!^7H+QyzpMKEr;qpsdwwd+U>?u?EWN5(={J_Aaf@K^I@}@>Djr%$?~`NIIdVOC#L{h1?||@JVuKCGAZJ{ zlpNl#6;2EY#eSZsj6dNL=!Dr&%X)QsYr5&d{Lo>_fzE40hvm_bpT?rglO|Nl`jMu+ zG22hNoJM?|Z*V!{ib6yp?WH(FYFiMURS=IKlqExK4-Tt6t)Uj2T&{L93>2Y@<)QYU z(On+<6cF`knfiyC=z-q^7;kxE{1>q6K%$GXfhl1TS~GN%~Q2J7FE1lITT^q z0M{jZM1rC}qEPtP`22ROD`o>@?a+fW*W^mk5HPm6J*`XL`7cLv#oI|sqwiobb%(e& z8n0bwPn%sURp#lY4ui-odoaHWTvg?EjhZhqHEKEk<$gaEACxWJn;D!t%=q4Ye->Chn)^&bagqjSq2B4^`+KT#(H!T-vQv`JXQ`~Pvo(@k-pHr$?1Y#N zLc5j^{meC{2InLy_nHhSy6VSKyK}L;8RDu>?BsA@^~;1Z z(%MKuHfR%=Ax4et5q_Mvk%{()ZO1c3vDn>}nU~8M{UBo+b~`K zq7A5g8Xn`1I=yW_KBHQf{kTw-LXxG7U#N%MtshVMYibxZlx+t~9WB}ib_Hv5X+ASX zkY)AX?~5{O>p~k6r`qJv^OebbB(@nDt z%S<&y+%pOjbqujdc*^(r$;@oAuiQdlVhQ+_+;3eiz{kcE)lYBM>azuwYM}SK-XGLO zsE1bTedEVgxO?577$VaQ2Te)!`Vw-5xi4b9`SzG%56wIkq)Soon~a+P{B+O>8?|V0 zNs9iYx%ge8?hUT`6@w(E^l+U3ncM^iJJnM#0|6PF%WetUxj0;D#I_}(M@!IN*EA5u zQ|~epK*j`Yjgv6qR^tRsqiKgJi^H08MNfw}3+KYbD9LzSdr+%dMAtV4BWpSl(O_N< z>h~bl?gvr!689vfl*VY~+Yb>43&NgkYqn};iXV%r_M*8<-gWVGpmA&7S`Ax33(Ivl zig7?R8QB@QZnGW;Kt6n(ZM%;Bj&M4(xvrtnyza=tV_t= zv({xV;|CfgFDt}{l$wQZbHfMRdzGiET@vt{NSw?n8sXYEp)cVj*2$Nbo3=xkW#ra$ zxbOPzVnf){r;Loxi+JKA-Z!jZqh|*ii(V_R?ZYmJ9jwT}Z%8tobT38AuMBlRj88LBBv!Y5idx zRJjGMm(0wquGiMVrXXuWy*|X)W}eycLCV<*fBmC&Ki=wJrLxHCNE7972azLZZw7lBF$-rER6<9ErWE6lg*`;=s7MU!p+3n zMyqhjHTIRuU*W_&BPqRzn4{L!sOjXbztGJ#uds4{`pqO8jZL{Q zQaqpLwB)Bm)O6!u6|?vKBw5(N1;e@y+)B?0Jz4?sd#uhMZr2_A`8Izjl!Im+Gs7>B z^h)r2KKl@0-n6~&P50)nk=QMoL3PjIp6)Mh6r=e`Zo-x6S9YrOzg~F&@oH@SKR;lt zBn!ZWC$bbSE5y3_)J+o14X*wBr4&#$#sFk=niC4AlV^6bCf(Z6W}ymT>_=W{o$AV| zsq&-vk45_NF%Kwb8~D;F=tTB*Jg3&5*t4AFRdtEl0*%8Y_9d=HuJlqF$h8!#j&U?!=k?# zevl}_=d2>TT8#NPxlExDVUC*Rfvj8&%cLrC-QdIwfJoj@xxWcj0Q8xvhSVp_e9HJy zM#w5ur5lNKyKhHc{};M_QU|^4CxP0^P-HJMqTa4cW=rt_0wgC!TGOdDzY6TWT%o!T z9lsUldmpp*U=ZSM$je2M1X3MI%U66f%g(SKAkO*gdlKE<{di zv6~w&Xi?9_s2P63N=V+s3RXAaZcEEDH(lizwbg|~rN3F6M8Bdb7LHyIY4?{JwtZr6 zpt~p)M%(|P&3#p`SV(_G_ioo;Ig9;=k+wTVHy2LYdyE`#*chH-0Xs(1!W+tP(sszc z{&AwsLjMKE$52v-54WC)!UtNw@jXv@D_ZUPq_)8_vU`%#eC8-YM*R87MTmw%mMh_O z5uXPOP2L^*oxF9v=)r0W3k%xEBzBE~LdDJ~xJ>t^s7KPGZWcdPaxM|KOfE&VMjvT# z^oiwIX*d&Ae^e;%C39h>K5su&6m5JLNl#V6v_G^$EtTai6ZWvONQ;gP6fXwUn|zIY zgcxa)$(z;5@0lT%S1$YV6xUuYxSeQ+u9CZjH&hC1FQukn?RQ_92l9RqA(O|y_1vQx z&+gLb7K-y%F$}*zVrX;BlZqJkCh#)HTEkJ;ekWZsoyTbBO9_wGG7ucOd+z1Zg|dYd z;lzU7BiCh%t0BLhl&lNunMB^U1Rin08YD~N1VcH6)&OTX9oq%P5g&--|4q1zSu>Ik ztYxuIfo-osgOVjp0$?;Cil2_SYLcX?)evFCW>92atBw(|{I(0MMcuM4tEH}Jz8d5g zYt}ILDYWXT9jGTA1hQ~*h)mn>#1Q3mqi{u?_FuvHkIi_FvQ!{4!C7o+g*~GM|OU?4Kq2tnV?w;4J7!a>sx8zlsh0Ixs)jOeTlIbffa24 zUBd)Z7o*npEuXLQ#85S1P)j1odQ4va{w`U%siI`w=~t0|&nI9irf#yPD&aJ9VRAHt zDk_jnaq(!>Bk2`4`k$%0FYkh#JYV)+YTawWJ^gRY5Vrw{cR?4=m6gq)NvHF!do}-_mHb!n;r%~{PnTaA6c?HCQ!%8HOZ~eBp>=zgYWH0_ zJK}k}m;dt+v{ce27;~=DOzIm5BNn;|f%i8Qe^UNK)_~pD6dqoX!WB5N?Z5HX?rYBf vl%`*u|JNhF8D86m_uwh9|NlJ{cng!do3U{wGH5h<1OF(?Ysl5gScUvQ^^)Ez literal 0 HcmV?d00001 diff --git a/devices/surface-hub/images/approve-signin2.png b/devices/surface-hub/images/approve-signin2.png new file mode 100644 index 0000000000000000000000000000000000000000..2ccfc40eccd117958465422bf3300fdeab485b34 GIT binary patch literal 33650 zcmb@tRa9J0_$`P-&=5#)cY?bUg1bxO?v1+>g44LWyK4xV;O_3hY1|u~{{8REU2E3d znTL7k)92Kx?(_9`zN*@L*X~FaC20&)LR1(S7z|k%2{jlPSm-J2Ulb(h8;ly>3iOCz zC8j6_1Je+P_F{qvz5d`N18{|b!R-I<1)K5}lL*@Q$xTwnP2JJb&C|ri0!G@!!otDT z+R@EW69xK_ANR5nVj5nCXF15mxRQ85Mm{JXeJ<$XD5Eg2aS^dkyG-zi?pZt2i>VIe9B~x(lY@O)#znI8c;cyO(;v)VMC%l_{o{gYzQBVPi-8??8scz{^J(fcP{ zSD5A3s2E~Et4WnB9Hulg?5^Vmo2G6lU78cz0P#1q@7W4~bc%PTVq(Fz z#@%m~nFBT@pXz)<9oP+U8axN=Y$1%_1AueWH1W-p)dw<{<)(!I|>H2$oF z&D&PP8@6#TGnuw0D#(w=DssMNcP)^Q94Bxkv(1{eMvp7y$$idE8`9{|M+<1S54B%3 zl2t}PU5o!=4@0`^TMHNXdoV#H-$o*UJMx2e?c|QgVla<$L1%8%DAo9gyDBN0Y01DX za~-nn+I>@&u6V?K0WbKA_h|2z^X zb3j|8l6bq${M$cj^5JMzHX!S%O#mffW2Oz@I?)|98NFMMW54h_l*yA z85$Ise_g6hqEhP6r>;S#`Zmnp&aq#my}u{#nABcbOcM+E;-kd7$)*oq@Y`h$h-F9d zm&-W+v=YHlNJMS5#g;|=Et6qs{XSwUBefN)buE)Bulqj!bh@_X{QKvTk7WbO$-cQh z2Af`Y@YpG;%N8Gyu4lvtz}zOGyQ38!SzwuSL%eAN{tH6+bsm<#x!0w=(a~ zIrgMgk2CS#Ps0~$$K{xhrPgqqmsMPYiy3C!+s+%ONIQm)B9kokPu#uOrbJMSecLA0 zL~CM6yHqq;mYbn^1Ay<(``_@<_kQju4!}h&YSewd5wUcoL7_$FKOWzG(~*g0E|y zIxM24)bP6neuX@&$-g~$##X1-rKF6uqA)9Gu4=9wDBi_i4YC{*Wo5T%X(k-_*-x@QkO;QkXb1eReRxX#2Lm_Bh(N@-U%OT}ounF9Zg^nK{Ur4HTd83>HeTK_ z8ur+CK%a&lPzm}8pIdii)rrjl?1BQ4tjmvP=Xq!6!B zEGyMzKL2%p8vaRUjAYd=mj^T&BA`y0DZs!`=~XGTLu$m$DWB5|9ZBPm=UF5`t8I;b z;F}7+-Lh<9feK`DD4G$crQX~z1un%qb@3-_=S_R(!=8c542=~*3FdFdWTm=+?J-f&K=VulNB?V3wZ@PG(}d|gHY?}+4A*=_ zc>xcn)mw#9S^CwX+*IyHvE3nNBaPnFoWnV*`qJc?`5_BQ$#X18agG#9^;QEA&88sC zdQ@q`VXRK{gY$>P)XYjuE?Ji*4r)=mr2c(}nI{&-e{hV9@RQCrU%anYeD^@%jwu_S z#|NDD_cnIc)5m-@GVf2f2#<^~Pb&r$P6%9V^Y~Mt`mwDkrAj3OS)cM0@@atX~R_=@|THhDp zpNBBlH|D(}U3)jYq?~k5J=&zx<=jRV6(;RIN(>soKgEJ;wbL$>S4U`V74QBj&{c$g zJzGE!x{_9YmtM8ba+yBXwr=8Dn1>0^_OEH49{wi{`lz;$J}SYg(8$<_NJqw?H-GuC zW~RMTc9APGfPx&Ap20xHB49veYBcYJ6RQGhlxdI)aaZX-)xRr)=<1jrw+rd@@*6u(QUAYRc8(P~P+gy%f$EU?yayKBSIKCf+!98j%Jb zdGl}AH|<9?DPM92N6^3E+A_ZmmYJFNr%>&yfs~%}{33;(^T3j~tF>G8vR|VmY}&?@ z*4!i?1W)(+_QSW{7zrwp#k}mQ$So%U`Mm)2(P!K=ugk>Y)oVmY3oP2Z)I z$*4og=fXX?^K#S5WohB?dGzyS`%(KvKKJy8aAI=lJkKI@fjd-!&aKTx@TTyX2PLt% z`upocsy`RHf|7z-U@|Ml$zqEC{g(9oitiF|)DYGAsZJ&3pl=3;`$us*)%Ec&GR3*k z=9I6fa&;{`?P;5pOCFgoPZ0UUa&IHMB(vUb-%%yxTuRY5wwBw2L_)kl?@hqcut~^$ zQeZPuRhq8!{l$j7*7&1Tz|$@nf%gzSu(V>v3$&$Nc(Sk_DsNtUvcAqA?dFrwKi6LI zWC{wbn#qA#PAh#7A*HJ8xy^MZ<*Nx>mB^}jF1m46c1P`SJEr!oWF3ejVFiG-Kx~9&h%1$b99cM7vLl3aU3`~A^s6K7W$wp$U6|DarKa4Z#d zf63iJ4f)3okG+cWR8cPDi&hQE)TP0&$`Der(pY@Wvln<~O)(E;bX|Px_U|i|c}m!o z<+JH1K{l?t+it*%B1`)#Hott9rYj!HU5>g11+}t#(tGSL?OdN-D)qt7mB!K}{<-!8 zPUUB#KQd)LKkq+u$3ttMdd_MhX=xtclhiMaNwp8xcGURD8wZ2gpnLStoU0P>+btBg zT_Y(PTTFphwtWGv%t2-e z;WeF{;o_GJ&K(2b+mSO|U5FtOF^gi1fyW6GYd54p$Z3vd*72JWh>&M^6JBWsc)QNc z(Ybr#y8pZCeAdI4YPUK8+#F~*#vXo;2WVX9`d)5(tT9v?>_KO=SFJh-a+?)_L~)fkmf|j;NqJ#@>zY~JuPS+%!5jAMQAk>_ z;~ni_)cF}LD zbB;0gMOt%OTr2mCiIo`?6oPoytWJ2INqr0I`odRh(POAUUz4rQ+qD8_{IL@@y!Y9R z$^if;)01^F?<-jTi()GCfy@@$8;0wRpYO7+7-beoWfQuD_;IP6@)m+JMLFF*6DOZ) z%0H$3;xSyF^jK`jU9|5Y+;!CceWhnjYn|oGLSnkAHI(4@_D6eGA~%x&Q&LMc%_yLJsjBwn<$3G+6n<*B8gOIrE9@38 z+ozbd5Lhggp2Iw~?w_-MbtGRJ5*NR5lu39LDAh$BPWG$LPw z$6WZJW)0xILn=1!1}hzUmx7e=V>YqKsgJCzqT2pclI(>r0|Rco2HnT9-N#;yVs@$#30Kz2=zlrzxi(tKz-_#&uF(_^~V9uetIbE0e)pGk}Evxo6=+bDgSXn*SB5PM$@dNUC?_jucrKf_5 zPxXWc$PDq;r2sa`lbvL9aBwP?n5>=)C~u_(8!hB$fE<2_dt76O?6s7g&$@0(hUEps z5K9+VO`iTrVoefTeIqNyUaaIM@}DqKUdxelKb`6sDSsEC!V-OId|~%bt!sS{@0k+3 z@T>jpnXm73|KX&3>ng_z5oHS&rj6v%>9&*y$dm!*9fhScvK7cv8N6t*tgVwXJGVoo z&<2@rzjaxh4T3l+Yb|bof6*nf(Aq%67THs5+^J|`ThwKF z-k@sT-)g!%c9iesbRs9i!7kSCn;chZqJG>FyndXc$!4o>S#9RvLOx(CFriG7pmZwR z?1_`d(jlQKR#1bm+4jo|aWfD9&QI}TV6^4n_J==PZ*J9{l_n0~{eBp(`Pmd21}rn2 zWK?+n5aXZbFC`@4d+A7RE4&kUY_RE4_+7=}65^BGR4XFrN&gC$XlZgo|J_Z?sL6;s-B@fbnXd4&JmJQ(=Y?S@Cosyd`ZN8rV#zf< z-G1OFwvQN*;EIp5-LJpcD+BRZ5(=!04t>i9qJ7qV&pUM|g^$^c;yge6Q#hR3u`;4k z_f8+kbpsq-VF?+N9dC7{876}`{O^Sz0WZoTf4pbPcQi1pF6LJg!&Ov7V;|17clYC8 zeTWcg1S+a>egExk?H7XI!BwCdoEhCvk@$RBww9&YLb8Mu^tA#BWD@&U-sCBWu>R)mHJgwe7?kylI z`lbh6cI*E`LdFf;ofC0v$3)IIkE#AC(-uulp|K1sO z1z`w1u4i#QD&mx&7;IKqY2U05^j`!rcPqH>)>FLhZ$Y9hYNg^7GkH^AeJ*J8{H{U# zo0@p&Dbl%tYh|vRV4MazSn&d>^v&XgPPcaqj+6Zd^Vztb&#ZjpUc&7;8U%h(7gG-* zH^W+W9oAPaMrUfI0}H!EPK5L8e;g1iFYlp* zc`e8Vuju^wZIK>)uu8$gM}$HNkKsFitbPwxA0v z(dghA97#mZfM|!jTGUxXs+8U`N*uQi09xA9le*lRG+(*G?5%FL>nQd$HBhBie%qZH zBL#cuZaCy=bgKz(c)dN^T$;Ptf-#MmtLaAy*1+_<^jf#bE|$TKYwZ|Ror%Pud(L*3 z93Dy7T=n~X6tmkLyIh&p@2U9fWL-@vuk4+3?U1e0=`7+po-_96?wZgOf9F%xZ!1dd z4lLr2(JL(J=+iW#*b0k6ho%B`+y&qx4rQxG5sral#8ssfK^QhUMXZJ|gKo8m!Qa)6 zR8%f|r-k)j@M`CQ*!DI^x@Rjw72906Z zOFk2Clcayop7ThpL+&k@T}+H-kA~mR=+<54&F7E$0&&xEq`sgOcSd4_?04X9*!b#e zQ~q>Ps|S8f{EltEQ7)e?<0P#m1gGNt)-AVJmy)TOfYQ6;G%pkZquW1nJ|XD>uL}|* z{#NkP@_o%tbJ@?Gk9Z*>({(EK!wJkkIX)O}h{{LUUweu2GkM?Dqo6V_aSO>I3~?;} zAU{kvRhTno?@olt|H!-e|A*#G%sTU%FGe%s&k0lLUNg(yernL(lFxsC?@AkRDYX>5;goaKG*;}LeAZ3kNX=P zzu(2evRep3vNbjbALgCTp&GJP;2lL=_hVG0$mc*>+cX|wOtk6DS#U>lxxv81C&qhy%VD3)rm2b@cC z+Hv3h=m@X132RNEz7Ri`_>bCnOU$Is&)8*GEAFrKk5f2)=Q^a>W``g1vN1`XWxzxl zBA2!tWT}#gkjFi*T~8Oj?pmwSZKE$~#B?K9SBYJkQ=-NML?yIWvOGDKY29p6%7do{ zOLyON0 z?+HmB@@ch-Ns1-EZPmLwAwyCt$&&48`^yGIGI3u<1`n1TCezv$f~&_g9ILW0Pqeh} z9kOgiGEys$UIt<&t}mi$5{nO=06k&X7nQ^i(fe3KOP>LoEZX$U-S>!}^~9vy(3uUtnini^Tl7-&5y*!_*<`65f{rc3hNWON}9Y7%VRb zN@7HbpdwA=yH5L^#5ma+4@B~~gS6@^jpKIxMpP%kch<~$W*A~1@MK|rm=bVhzgk+AizY@wf`N*mn zXKHu5ld%6h8UC^`CQVn9WEHqcjuy$GT8N_Njhw%lotsJy`GW50(pgD z4z`Xtv2%AigO%$(HGLeTU{;qXU8WXZo{@dFvVY12A`4hFlwR+CGqhJ%gZ!HhXS&`8 zhj)VoIjz3_Haf~1$)dB){rCY3V|9gKBWPqTd$~aM{U0JA^W{y9F@?iB2kN0a1>QA4 zNF^JJq}@Z#d;`;ZI#pcNj!-ehO`qA)uzXJ~FVd2HQBY^KAE2GV$j6qGfuuD;!0M#K}1|qFO*}V(*<8_ifG1ahhH}m z3X#}IvM6HM>THG0YKR{_57o`6h!~Qnz}sY(a(Dcm7h--`Tcrk617E2PJd`ew2-&GK ztb;b69$G%Id1|(vvnow47X`c7XII}FS+5@B99oP#xN=OG+-roh{gM~vRMZ2NN*e%4 zg@jCUZjW`OF^_eX#edy32Ds*O&C47&27t`}b~0bTR!_{TJ$Mh29;>nP8;UGtzAp`| zl*ZJ|;?T(FVB}<|r`o5~SsgV{Qm{(96+ES$Um%#Hk35t)CazR5PNS=oskXGi*5J@% zC8$^mv$RRGjiR4}o8&u;3{sOnvf9oy%I1iP)?>z$iK03WaegXnZ(@k+NVawk!nYVo=_|h{*k5ykkK`cJ9 z>(hX)p++!7+r6J&Qb0}2fPMg0Ck154_K_-`Jn@6R<)O1fFj(6wgZ6@>!(qD_z-vqj z_h7d~F;xv7^XO-j6!@1HN3MAUW6yn%D9@rPqKT0b_^BRW3{~IV!jsPw-Yg2%Lo?Uu z8*kMt9jrfMk#j*$s4kmYu;_|+n!Zbg>4=@YWGs1a;#V02;-Ia|E1A;xHOn@d38xX7 zG{$%#kK(2Q60vV_hKS|G@cA&h_`3yuN!{jXR!Mz3<@k$XLX*7$aGbkFT4IdOMDg%o zfj2U;)2O|v?NqH9N5HcyAMx7d8m4Dx)HxwQu<^cRL}N!1=TGDd@LS-{i>OFCh0P9| z7il>6*j*e$(_|WoqrS^XN#X~+tBk}33Nv{HTnlTpbnYZcoc+=t*f7X*`)_$bWV)%m z5!p*{AxwBtc6kl%!pkypHY_5` z{1&D3_Omk|u~=_ub-~<<)nUPMCp(vs>Fnc=!pMIT>#!;xef{d_*pM!=m@+5VDHF?{ zS)3vSZCNnh{OL?T(&>-O$G0#JqbVIzfO^vHKVJs~GF zbLFU;HPTw4lRjS)buWELcNe-r%2|49^96gYbXX8z!l2&VP}9*#e{~WmY{0lT(3$V% z1=t?`4!h`a)GhN%>4bdBt2S(rGxT~xTycL89(Lm+HsN@!vvHXO9Lh9(nTTn>qGbp> ze7>8=Vt6&XiJ4(=zH;`Mt;VUF5m$4GLi+6YUdd;uZ4xmzO~uX+NK{j!;V)5Am7^?q zO3GPs_q$<8Je^XeWnIa06Ue&U+Hp#bKFtj29UFHM^^?u7=t0Jxb7F=T(@`YpIU!aA7?o!7@zI_ehFC_8TwSVJ>#2A zqfcvVHi>;Z^rFEYxasw(f@dv#y*8h~U$}ALP)=Y@9gVLKvaBh{r?SY?hoFz%Vz-6F z&TdmfMMZ@R<4-C4%@6G6C`$va2U>ZyqE_$V9?bBfe_m(w=|IF)z&1zLsUI6Oe)OEr z$ER)ZpW+`?N}Uk`;{FN*=hDmvek;=<)0pfZR?V z@1{;3nz6Ki4a&OrM#))lnVfA@T?oZ`a%QIODmnB{e#Z67@n_pr3XBt&@?5Zq5ICSq zd@PFM;|hZ*jlN49)Q8>o zznV2qV7zL{`)`nA*>t*mS^^ob%`GkEw6szKS%j`{HnMVBK#Z<1F{{tdvlETR2CbrW z9N8YLHU|`u?XHJUuC{dVZ_jmHj+^>Q0>{*WN_)d&V@Y3_b!84Gb6)vNZXS2zvUtb5 zDvAxEJJSbQj!$WPg*lAQF!=BN?L-zMryz?!gHGbTgM-l}qd;c&llg?hyui&oJ;CGE zmMWo#byt@q15b!6C34tH&-<&gq3;=YpprGMLOOYxQ9ygP*S|;(;40Tj;QOn^a=l5T z@gKN%!dPqCf0*Rl>`Jr~Q}Kam4%o5>cgF8OP`*uw;|rJ%fAogzr@gj|491dtW$k_} zWCAow)V3cGw(qCvna`CfzLl6Rl8FX%zCdGlxf;OB(w%7ZzOnRv+zH>m=y^}2%k}!6 z>vt{t{wV>^&`WGm^xe<89Pa)SqDKIm1bvdiUy9M)QE*h^pU*Oa^8-+TcLrlD@9%QH-4!^3RP=39cN^&#U~ zyi?T=eORLD@x;h|0XiO2!VklWyc_1|h0q`EGE5OZj7;W7ZWI71Ar5%lq3yTKkVG{x%B3_;yL8K_`z&FUD zOD`<440y3-q8*2X+j{z&jkhtH=RvU>#3#w?b95dTxlb%s?gL))g0ovNF00e_R%l_})7EN?HzbCdlr9G={?7k_SUPO*I( zI^Bp8%x9Nq2J4EDyw+95fme?~5=>UPjN%hM>K%C6L;=Ke?wY)de zE#f+KilBY^`$5na8QU2qy`wVirNONU#Supf)=gKH=u>x_?ZW8KfuE19ti548n|hjV z9@zIf)qmj!Sg8PnFn#$N^MjihAV(0+5kS{ayFE-V$=UyDm6e;pYc#-;^ zvL_v;AhJ2OwLQ0TAQBt(g<<4eEpbr(gZZbaoNBcvBNodTD{VuGnB(at;4B}*mbIGq zk;Lj7A1eLVFmZacc|&MvB$0To&y0s?AAcxfx6H)(6H}qr=1^L(9qPS^y!wJn;ue35 zTjU{fnC+?{V(~XV;)}@Zt@<3Cez81p$@~xE)Mi=Kv8!SwBrvoo<)p?tJ~hHu z2%5biSR&TAxtrbs)wLbx0&_{q_;1kJ{j>YI3H^Gh&+}QE;t+n0o!d`X6A>hjolv~Y z$?v&z`Qi!nnU{Gof50dX9cMi1f)~)@A0)RS-Bw{kKx^x>oXTZBTWv`azP|+de;Xp1 z4C+RHg4^`k#b~M)5684@#~YPj%N2pMwOTW2TXX0jIF!h+?|0txJ|vKqX|EVi7J=*) zM!*bx(Fy4AH&%2sX>S{RsEwX8UhNS58<_c-%YwKiJVF9yolPgLWK;vOMU;YD&J&7h zA6;9Wp%Zyle8xvSv%loA0w?tCr;TF@zFE3y`^I(_f1R^spaVGi2{}klAHOct&}DV^ z=NX>9Q*gWBHw=ZXAEEWR-l@KSRGsx=C%K3}V*b_h)%&I1D?n@ob&8g9CdBfN##~+5 zt?l1pZ)@nhLq|6I^>#L!#$=AW4I$tNYuWoSM_d4AGEPa=Sg=)^=i6MFbR6kHY)B}k zIB}`Lkg8z$EwJ|o959P^Xyj{>w%mc1JKQhaRtm{S9%CEhc`ju8GGp?ef0|8>$D^c< zUg-)O68golgw3_zkssf+yq-aEJe6%k1bmP__lv*4 zBHj&4P&6EIY&p3pCb@E75J}d20+Iym8YwxHO>n12@WTvGevPN{;ks)1p#O2(Y2J(S z1g8F3Akx{zYijT(!sG{Nx9kW3m|;!U=}NIEbathnf`L~wXgnaQf0!^X*Jvf~K8?3) z9Tmki+9MRuc7$>c@VF-3Gw<`UYQb#33y@|%XuokAYW2sB^?eZTYnXUz3KP)y+i za__6}&X}mAEaya8P^-Tz^<@=h0g9(^c%LeNbq!(@|MmA3Q+DKDBL5C9<#;O3Dk|wa zg}V|1b$1a>jyCfwWz>XI-oq{iwm5I8)twuY|KQ=J4Xd5>ANw&uGRCQ_PBS4dh65Ns z)|-C$re-f2H7h;a%+!2AdbUAgM%8WOn}i^2PY9Ce?&{U6AJPK~;*ag+{m`=@>=Jx#Xwk%Dm2le{W?kKTl+%K<#2bk#h@znR>2F#+>P(vMm7i1tv;(g;z5MwqD!QZx&t5N7ZkifbeL|&@$?Yx z&x2R26R=ueklrq1#dHiGUwpRX|Lq3{s}UepP_o5;cv4-f=h4ipLCnG&N0ZWUgDXsq zSr?xeXWd<656jIt*uxKToG(|kEC)(0S?D+-&DK-xayX%|+4B^^v8zOcUYv5~qfCal z^E#|sr*Z;6M_oMimw4f##jfB&C3={SC>&SD*uZgg^|C3+(`uxEAY#zbB z-SN)UgjDZyXKSXg$4(Cgrf)V<|-xB6cQq zF1ACkc*LvOfkSxZ+I6`ELZR%KBkz#IJjJ(aK$8Lh^6#|kVbkt99?$H{rySV9DQEot z{sZ=)56^!ZTtJ=mA{J6oF{=nMF}M9V%IU{Mj-5019b+sV>2?TZ*)CB8r68AO4!y-1 zJ#8)@uKoI@{}48>cWk0WDEzl8{GYBDT@O4V{v3p?sFJ^8O*!1~cQ4sJM0dV!O$`C^ z$zw<&uKe#7v@PvL2X_Nsu7)P8(wJk0rkvJr=#;pk24ENhY!$=w>twnqlvy9}y6|W`pU?Ft+BCB2M3+>kDC@$S;ej z7-lm=|2)Wnq$2!uR5Wp)y?ebs22wB#e09$d4eTaJN;t^iwnxI0bkL`|4tPG}<$Pp# zK5Uwg$sdO)O4V~{FOiYb=OxBE{PEJRgkCq;I*gJ51L1=m4NfW?|FS44RS#tcoXPDQ zxz_@6pFU#-WfGUX?}U>nU?>a5sRoq`!wj^>Pvz&veC8Bhh05v1!lRQc?Ew- zj*R{E4OW%u8#{p;ZjpukH%jD~kb<5rOc-QSJA!O9q(>-5BPv6Pu^ktQV8W-Hjy;th zwtXgIQ$WvcbjdwUa@n~J3Klzt|Ffd%>Qj*IF>i{V-tT>BM-r5ReJEaokxjRY47YDe zbkY6W^TJ^eUc!M7p^$lW$jO`!UP|UZwi_M)7l~!g>N+OfZnxM3++P1vH&LoGbm5byimdfz^MnUf9@7rO%FU2gpC&5%Iu zy~1Z-UM&1}Hpb2_qGxIR&Lcr5V7%2@%?0no<>6mQXsbVpR~<*G@`d`|4CAk$Y2w4n z>D9{S==577aam~a>P^FbQAG&T+5ML~rsK9h0G)U;rM~aY-xL*#zt2lFMbQ7)HEovg z{I;@EH$a+nciPaK%Ud6iuRu%_iHaO_^&cvCEdkr4C^th` zFvpxdKEF$`O~K%QEtAbv zM?0%T&%V?T_CuDhaQH_>3}P=9^zA^}?j-T*Rd8agJb|!uS|R z1O7$QWp?98IhP76Az0Ws_QI-6zP~;6(Dok^M>f-o&cN-6EM*T53#g~AtY+KEx>*-6 z@u_~BY_(5L84bC@CD7ey0GW!1>~Mb|0@h$hEG4blv^LBw?j}nAGi7fTJ^MG>8%n!p z`F@HAU+f>J#)i%VX}+@Olk3Rfp&6BVgAxg=RnUB|>)|AK)KLvKtXY0vv=T?mRM^4% z0S`4TE-lv(ftMZWw;k&TQ>RwEoXcd2Q3f<_LM61_`sYDD>kz#RHF1suvO%dHWR-x` zdOmKn3D}s#k0fj;=AhuhTjD;%nk|^bpj_rM(A+xMN*aon9~9nwRD3cZao37 z;{ib;u-EKzZa*#28YQecooaNJHkDppZl)$6Y^5gT%_{`gFA-F+Yzau1Fo%l$u>WzR z>%zF7cKzH|!fru8=Tt4N~e?<(qSW%L61O(vm=rxO=9%t$}!kv{kffTSQYg-{Q`hg zxG@t!p!+}KpdzWh*Faz7UTp9G*UjAj^VYBI(Mr>y%zJY%Z{&|IMTAZp^DSCbo{2g< zLol(BSH1UZbLCFo=gz~)=ND?jg#8rNZAJQPdaA8Yd(4vE%Y9$V?EAhp?p^sX)V*J$ zvXH^-Ea+~!q5HWnqt&Hfck_dRZWZ}z!$Hg^u)4W-Y1ToA^P3a=jF z`q<&P$3SjmZ@hR1Dqqu7E@KZKta^H29l#(oW9F7??!2C4)Y?@kA~37a-p$6K?h4}G+Z z-&pYTH^}n#3l|TwLXtt(Y*Y7Mj$hG?i6~K9cXRB)I*%V2*3^_l^2JDvCjayTNiFKh zE_+R`6op4kE&kyBc>Kh2IN-d}^IFa@B(7Dh>^)q@#4{x&S}mQSgPg%OF{C0c`6IS+ z$RDd0elTRVFq;}ZyC2V<4gHhUxKN~xV`uyO^$6L9fu|8EI`e!ND5xr_aJHAg-fC*8rn966G!x~|>}0sXrDqFtI; z6yaOV;`kQCc1QXmK9n|b~0^rB%?0g=SRR`1ClmPIEB%q6`eV)>BP8d)bZ zygxmg3I{NtJ@3sK4@dgvdLLv+Zf(2HI~2~s8W)e7@h!sUk5m6O2g9&Q#31fk7{nx> zu^}zCtf}oHyTSy)_p+7Ku=8YfVg}u<@ILp$vf+P-4R3@CyKsl`>%f9<**{F%-G)Kg zg_M#?$%`T)*^JqV2V^4bH3foUmPwI&+g|C>p6MEDmSE$Dx}jDWvZp;E=ged(9sJ{R ze~AH2sRDMTgW>Lujbwc=++VcuwMkb!*!BW`dVlN=i-xPljz6U=8h+4l+8g2fd zXu2stnUzl0Agm&iWz}}*l^iM2y^#hiT5*TwtUzIt!^v>drCxNBti4_sd<_;xT8nqQ zNpD?Sd-W+hbCEuyV-$crK09cdxt)g3LzGUa*oT}84gC{*O%5hZU5(L=QFb-!mw>5O zRvgQx%qELcYVL)o*)?K~DidWGA&p;-2K(#vS!N>GBcF!z@C**u2%tyQXV&4F6?@cU z#|~Jvt(<4OPO`5}&kX0M??IWlb1AK*@bj^wNc04MJy|9OaaQA1wDX*~vEH72n}rwK z^&>U!noI3}jCi_5^qmU80 zymZ!n(<6MW!O6D|;l~Jlmo-7@hd48SUx*Q{^uK|LWllrbi2Am*NG%59Kg1CTN7yVj zsfH>?2~YR$j@qMkBqN3ozAeXXu+G_ANu#^ilU0KGgUTUHk5EC!$^pnOfiJF+ zf;{-CA8KV!{$t#WVrzmPP3q(@#8142#>?`b_WTQKlEIWt`QL@;|C>JDpA7HiJc<-a z^j5Zq_a)GHWG6z?bQG4_8H0k5~sym-)YPt)|0YO9%G6iw0&fwjD|GNC&CGP%o zc&D?#@ILu@ei)GeXQ(Kc_3#iJXM+xfqkgMIUKj6;V=P~v(vkF`XzKb5FHc5yLnAP@ zZzrf6n(6v$DBs~SnhTa^?V9)dx}B`9#D3$s>0Kst)sN%y-=Yq&%Jm-XO!OO_PO^CY zjnOG@b4`LNjVllYW!LkaH$vva@uoL^Cum6M_{IUy)hF;~tS?Efa;L(?-{ zf<_)b_A7k2J$9Nwp_z#jxJST>S&*s{cM2uq9^QF#cX|mZx{?cGyrC^joB|G^>!j1lv=EJ3&x}hh1 z;E(gaTus6sj-2=^iT@84r~mV+`2W!-_5c5ueDb+J<)0M=M#RPOGT?`XhJM1s!*j_r zV$I@pO#KsrEDsfmU-@HC_G%mK_G)Yhu2*6dExYZSaBl=XfvxL8mLR`tnB=oixVXN zU-AYyH^*X{oVK$9fL03a-*)`@-|o)t9T$fMb>FbwH>pKgCliHNi{)~Py&%4lt?Q*@ zB8xZAZkDCh8`-QKZA#p0!gn`5-ZrCB5S6K&@KC^Pk!0h%@>LGr`s1B#I|QuRDA#tp zH9{ASZB(6n>X!g@h-G>II%rBsOeAI%Wm=|GR^B8hvmp@4NnjwWK*u`MQvS62l_hO| zENu*`MwU2i{2pwzhqKGu6naM6v_WeHK)1Y1GooQ^**ya~q~27Dl$0WpigI=7pGDex z_oe`8bW?uqa%HFsI{&CO)0Q+P-%j%;T)_Q11JNE6N0yWgsR>?a66Sn_wcUN(arUISH+i&QsGw%4EQ{l|x35zbA$$%?NG@dp zU9k_7?2uvmqb&JxuJLIzk?QBud3xF0j84@}^$hMx999OO>b?Gx1X*e)%=|Anb(?RA z{)EFg(rw9|Lq5Y(mA6LL7@9^PgA=;po1vD(p*ULx)|_Rzd#FRo4!MP1^QfS5IsOM_ zS${MV-1Q6qXp!mALrtYE<=><9$?cg4nTH#!i9A(4)9PR(ePS~+G__`btzc0qVlDAb zd%bNkVR2oOQw%)(eO;c)Dy*qpokkva3~_#wzc^(Kd`qDKH(rCp`D%Ur+b^aMIF1Wr zXTRG)uuAPFYOw#5wzM~T>?!@88cg(e^aSuZMk{3ZNRsjuwwtp|q?Y)+T{frE85HGV zVkA);ksLQ{fNcnLht-FglMiDZ_md28w~4<2rQDrdm4Y)ARP0s&AhX+^jKs>8!oA4s zhd(auN4uY0_RGGG3$%NOaui$nue6zw)SRWs6loagWY<7|vq^jD0igYK?Jr|BMs*2G z$`zZI8}K-bqkYn?@kt)aX}(;|ZQBSgXnu-QAi^S6K)a>@msZhjjt6$0jjQxLJ<-yP z>nyPGHhbH#2BK{{SK!%!OCadkblMogy4Tk1kjJ<+xk8z*N5pl;Tj(QX#&)7@)2&t2;JcLHBAUx>=u zTAtk+zsL%UX33I_NhP5;I4qK*SsOmkVc}+K)E>|zBCWK^ZQwvKuQ6z=m{WwL@H44a z>125bPj0<^u6QRjaD<|RJAUVxE3wA=1h&;S>*0qejl(h-hd#;DJIk^4eOhJgcIXE? z>hl+y#<4rjz4N)%;cb>Xb2F{rgoHE%pyT0V*GS20<}jydH7}+!c$B!kTvF;vJr9U;(@2>P-O1_T6+!BOu+~-3>}3E!`j?En7mm zJEU8>Te?KL5h=+{NvD*07vFc!y?2Z=#u@jF<9{+h+3#NOyVjiZH=ms!nftCL`{w3# zMlJ5pCMRbJt-RWAMN#%cMx|CP`-@+Cl{*W4EBBHv*}OksqnyeOFheH=-|7n(@l1d_ zq&XdqTx+M%o^)qkFKzhma?MnGYt~5VP*2f)bLU5XE^93;{djug`MIE{ zwqIGc`cH>_6CUPdpn&+%cLp7`X`8{HfBi$Pu}|1~IG0#*-u>0nwSm3*2KrCkJD;Rg ztrV+|)h`tB>l7=k4BEIAk+ zSXT>vzl_n6k(Q>{gdH9Izl}HlpKjafEbk$&UafTV9J&bg(+V$LGVii{Rw9>r^CmNf zQgTgl4}96WKLqV{sT%n|qwl!qQ$f7g0v|zU|GLND4}c-umtMkiSmD8&Uws7zIhg_d z!o$NuC;n6LCZJjI)A`6dJTHRCsUXEwxJA>tF(EGfqTkMkE?-3!o>y&NI59b?b|9%_f(1$#LJ!Jyr)XgkoU=tOq#lmS^^w<-AgWvaQ zYv$D1f>db+^E+Oo+lbfBtcZ2wg2Q2CGp>JiwE?ZIM9SuhXBYJ86>w4Bj`;`e1pWa$ zJAI$-5oe3V9{1ZU+t~Gvaf>t*JX{pWLVnvR}y{hl?`$T)tFOhg3)H8^-Iq!ent<-cBg#zjv3QB?Hxes4cJ{ z`co9sTN4<~;GYjszYDPIG4j^<3AFk1zXWamCw=q(_q(;Wf~nR_ z!T%##M+wh-9WCX{{n@f~a<=UfE2$Q&cG~+VK>>B&8xBIcoFMAy1U!+j@X~Cly5zyi zyN@H2BjTC2p8Gyt{(}{=ip_}*J(-{U*L-6 zA=V<0kld^^PWDXxRH0a+?0w}z7S=Z5wg%@v$gfmXm9sUbof!lORm#roz4mBLn)tObc_R3RP{2|mbx`>Xu;Fqs;(akQm|KMfh}<>)rhZn zQ1!Y`J>y=Hn=t_MQl}myue8r*53|G+?F4KblPEtv8sOoz2*Wu%`W$~(&UBE6F_AmI z9~Z=*w@Hq{WZi)f)4}os|4ek!@}Xuj^tNvI@HS`YLCdeP#p?1zg5Y^iQL%WGUq+;% z;rmb9QT3!_-U-@CeVjvd;b9}k^gsG?I&MZ~EgZlj3WtH-f|ixjMj$3_f{MU7{bhU? zWo3ch6do4R2~SOVCsXHSd_f=m!&$jV1x14xW+5a~(5!{y>dKx?Fn}P8G-sS=G@$iX z@z%?*1VN)`E3ZQ2>_p(Z0*+fo5C@}422`s_i?9J*p6f30EyCuqQ%1u=z_=tK6i1+y z&8}!sn^dzos*E5pOV4I4B_#!B$|@qQHe4x!${>mNp1SZSZb+r8wP*k;M*j)6y!@gE zPd5N_o@lC(Idw_$YjiTU#ZvL-MAFy+s{p*96Wci>eY5N^+xpJ54QyD2KhQ!F2;JnnQ*mh(q(fyz4yzhrz$Z?4S`H=ZdCpe1 z52rn2K%&$69My+E?Q@#PF9(`exH2J$=YTW2zdqdQemF@M|GlaeCw`;<#4$lduoyMK zCh|&I`LdQgG(ST@TN*|Phg;amM2G$`uciK~>%%pyFq$KYS*v9DXsK}rAP|YHHD6?& zD61*Sf1OVjz)WSY^iFXGOs^kdS~>0muy|;-wv4U$%;2q2Xyxl63J>WieDk^Ju#vU6 zokl=v?xD*>{@L!CtePc|A;1ww`}#*+JCng$;aSBj6+Z0!Ss#irfB`2EoOQ$YndX39 z9pB{eL#@Se$pS_`hn4@DTMvSIyX;V#ibXDxey|8_ue;!pgRrV^St#x|KFw>^1OpD4|F7L*u?>4a;g$FcZxxwjgra z`38-<9mdY%0T)OjQi0{8#$9p@JC`>B-W`%po9@C5tCwCqH))ny zmUsfmF7RxYBD}m>4Gj(B9;(4Sg&zf$F6&(=R^ee}b}Sl~bK1`s4jatYkEU2zS7IzP zCK$P$#7ZFnu-RYO!`~wk*;O0MR6mqM= z@+djDBg#7}Mpjn9ve|D`#=FI}lvt zo~IyK%R+}@Nf`xydL&2UeCe6UAtaN6ntz-Rx|+yu@?cnA#*p8+IsUF^%KmWDQR@pJ z9fp5kIdYRHUez_mIDPqU_#NGdM2PXjKae@Tb7$NDH)rx%mrvH;@}KY5e+r4jtcyfn z1Xb;8%Tb6q1oR<19L^RiCsw%#eJYBVSay`vx=Xi=V{XpCL(4{pu;60Dq?GRfBo(al za*~(-2XNZh09aY*inyagaWnFF-{okrzR2Tv`8#ohCnRJLgNTFA4|lZ>bd7(iNL-2@ zHzj9$vva`%5TbJEsD`l%2jHfX5wOLkub#P_N{WgaQutkI-T_cBhK&X9ug_8^w9&PH zILOb{Pl)6039gcyv(uwwAwD9Pe?SM*IuSqyLZsLDINElXN4vJuFO@PKFxK9K} zwQ#HY!Rl58k0s6}pVKZ?b)mW#Ij4~vvJ?_|WU`Rz1I??H6oTZpZ;#&<*hpN@Ywd*K zt8poe3cHG4gQuS0-kT-VZ=-VpgNsBx#J8}KWL273_&9$1Svvek9QF<3s_kkPa8+cg zEV>^r#!7P9K?Lo-@(Vl?latjY+WNm?Gm%9NZP#7Fomr7#yA*t8lTAd^iWfZ*YTF3H zfPp(wu$f`($kkP4)tUA+Rc2YaTEK;yVdjgE0F5a57s3EHX$H>CyXR(B#w4^>hCZZ; zndD1UvbpP2Ux)6dXYA6jNqFQqx~^W&g*X6?wwN}d!3B$IREnCLWjR8uHI8Q{j0_;L z&;%s<3MOKfQKjQ}*-dHMLbQ{#lKl@tz+6>dW)t%C6DBQnz}%Xthc!aa$*ZM-nYe3QP2ALy1+7=`13|(8Fw| zAVh-&zu%b?N7ck6Fos-EdWv~)9D#>zm@`2-`2MhovzDfga%E0^KbE!^?aagab8W2C z@8!eZddG+<9?tnUbaAJ~Hm#iR+Vuadyz5E64RM;Hq-tGVbriPS2z>MW{)LKHoB7A= zX!`Wks_X;A;*SC03lTLeg~@>p7L-TpqjMP6n_mc1vj#u?8>{W+9x|64?{I}HB&+1= zR2h`t^)l5VmaJ2+451@6UbJ3=RRfKjs<~Cs`zbU|H72tZuDTB?*p^v;AzvEdquSm1 zXfUD)^aK9gqi*XeScLEza-G6m=U4Z03zC=Pyc0Yr>6r}r6?S`s==(Y{r=2-By9P>z zEnW3ItM7XL#Ek#F%=?$_TXIk-rOReZu}@5wcgiNkq^S9#0EV0XE)7~*iLnPMMD2h5 zb`|U;W8i0OoCjT3nDh$`(i;{GzO;oGAHCfZ$u@}3S+=qOf zneBTs_rT2}8#|4~f!b9F0_N*Ip`gH^!kATy?Y`7xHIb3k8w?fLr6(!He8Ka|m&ZCQ zy#Z+TD^2#6G1>OHwi_J;tN%{dx;mh{fh+GiQR)C2o!KI};o-oFChl`Xc916!wpgNS zXund^m4U3*t(-<4CGvsh89zbTlY3Xi{lX=bS;;p^DzX{a* zqVbyo&Z~>CqTu1k;iw-WcQ#04ZO;7FoU~-qsY~v=8JC4e0~>?*c7q@WQBNF`-Dop(JF_)<=RPMtk=LlV{8K2toRHx+$PAq6)-p2Qh zFF<}e_VVQDo)5Ejq}TIC8j+k%j?`U!oxbYLX?7vADSr>QD6N1@$+SqLNa31pP}(3~ z*Nh7b=>=%Jvi)pR#^=wU@6&ESSv!MbnL*ahv}}0#iucvLNK|mPo4ec2;fy66J^w@} z!FDQsEm^HWqf(s6#aY?yWbX~cN0H6c_dJ!3{zu}KM;@kf2Zlxk0_218-gqv(`|c#Y z5HB=tiwhMYx7DzfVz$MJbUU((Y5)micMRZIzQ18PWXb`U_;_33sM_(eR4pfX)MX@z zo@YDnBV7;G`Un@|ur4kn@*I=i^B+gKW z#l9BLatmC|HgXUMm5KjXM4Dg2;biXY&3Sn`)oS1b&4fK8jG~rZ{#Wzo#S6xPm%S?= z2d(wX)ui&yiIf1N?@`Jyh8xh*ODD*w_leWgo+2Gx+bj?BvRL&{7w_Gglsh^ZD$lqU z31H$owMkmuewRtYOV$oj3+w9@w?EfJE2tB!yVgOz?GdbPQN!Z8tx54)xPz z?T-vbrqCe36$-LU^<2F@ooLd7qB)>oEvlz3hSnAbj!(C`;xlBtWAe6s`9jF-Um;Y{ zj_bC5o8g6@Y*=dhv;8h7C&Crb1G}ZsIGdg??Zt64O!GyH$qphG0^;F6e;dI&*=7JL z)uh)YB)Y;L$F-nUEow6``_an;GtVfP%>|L(sDphDuFUjYU58y@yfSu^TqaH%J4#Q@ zy4a2`sR2D)%0RyHsPjqcjAmkmRv-t?sns*LGnb1Yeemyl+kAn?RNC;GkEJ2zs6!X$NHS-(>sC-uY`LaZC*cR8k(^NRo zj3@nH!yqmw+PUT(<)5fR&Xd;mdbtM947iAJYyM#MFAuQ^*XmieE9+1@X=Kjz` zt2+o{^9$NF1$w&@Tpb*!yhh0U{(R6Am;T{84+hSe%!$NZznkXNcyV88<7t~@zVfFR zgM5qEy!;?aOLB>u_V>@j7-!ETO{49U075wznUE!-7}%W{>Lpg>Nx_v}!pe_QTQi9P zXUKlky!Qu1n$v-Z;wZ^P8SY>wNQN?%fCj~Ey`>^=g{m1%jMG{tGzH7P*bSX#;N^ap zlWq(#cYn-)BoMz)fJer%B@((>vq@zl3Ppk~`lnoJaV({V7Mh;P$^;xv7`t)1HpPd1 zYFaZfPMP?t^NNbcf=%ziSdJv?IzQf<0ow67-DfIH?pGu|@ktjf=(Q}E51;#~$4k-V z*(Kl3GbP7&-qKrGWV-$#Aw2_?B7qNY8pL$et>Z~fZp^RBv~%!q@3*0p-WzcCv!5d~ z;^=&(k}!sAk&4bfc%1rfGz{Ykli1kUWSVBGe5%mZxU5&};jO>eOy`q766;BH7t$$p z_Yl}7dkUQAU`^lN;U^67gke<<|3*0uSMFM&retMh73^3QRhNm|XUB>@xS&{9^ya}F zfRlT!7KU%>y$eK921cLMr}@8$A(mX3C+XalDva2ds2{)~yM%Uvg-v{y%{G^3n#{Z_ zGm2d5`x=szW>o_si}B}lVfT_dGNQ0xl|aiHgGL3L@pN+n|C80WZ^H7EXmZaDIqnsi zPB;33C&YLfd79i1CsVaepl)PguBNTd#+rk{&NBx>wv%Ly|G@i|v7ff>`uHULB7&`9 zn*sZnKzp33YRmZR80nSis_xMVNfZ16LWGx5A->u8IrHKvI5Ing4Lg6YNIf8a0BGz) zsFWs&1ZiLL7mcejUZCpV-hm_igoo+?OP!9=@@+3_tL0D}e^1H^iw+&kKK@l!x`|sh zeS=KB>!&G+hpG%4acA|y#c{pV23=$y4vgn)T=z504tl)m|B+Kq{jnK&nBBAb&b>Zv zu0?Fg$Lam7@3j7HqQNl%GdZT-n@E=Xx{NbAEu}&2zt?{&e2YhujsxzID z+;%f;U&!xLum#1@ks%a)TX{ldSAUTRIO=O&21PqKs4vieZM;Oyu&-p}$EATR*Is2z z>lO<>fcra*Hcm)Jv0=CH3nNe#EZ%Q5jb3?x#M zifC|aTYV!>PNY>F1tQ9(a0c*{KjeZ4J>mJLTs{%=-iHMm{)E2)w~N*tfSAX{4i_cJ z$=GJl-ZSohhJB)&c-~TrKJ>;3E1_^J?ssOBWMrm@)b}s0| z*yQe99sRvod3SMG+mjiWTX9jN(>I#RI&r7z{H?ABOi>w6zqv9gEiMKSi?2nP{vH|Y zHe!%d_>s$JaFaIxe_)bW>2s~Aj`Y$D65jjllg>-EC#5qUY&)Dl@iCiGEwyAKfm(Ll zsV_Mmimh_{ymkp>{OFh8zwIST~L` z?r)z;hTWqlTJCUcWXa1(r5Ma8&BQY(LA$y*PAhi3EYz*4oSkPfbI(hWix%2}>{Crf zFO{l}Imf>ah;1Lm_`ym%{K@s|pl9e@jja$>JTZ5IP@tZGzpM0A|ncAg8L zc3#4s3Q|s|`08Ra*+g-0o%aM-#J9OVC-yZcZoLH_2eZXY==9jOQm}Jyxzb(;*E>Vw zO(`k{;TB(fN+8?JuL_V7>eCp-W9i{r49iUL!k-Iyt!LyKs%eK9Ig96i4BBNjB)Kob zHRcMAm{froI^pL?Fu!0Y;MzUh0%|cOIl``6az#cviACaAf6$Et`?XqHBe!3Rw%E<| zH#v08BzwMiTt0q_o-&w=9Y?th?w^MktPj=^{?pQ+Tqld)K36a#uoGxm5G*tb`etMM z`uS|r!Ze8|KRdFz;T|AliL8E_MkshQ4Zq{mKbO0qm?1qWDbk`&(2@CU+5>*QD2r$K zfx*{ds9l|-7)DYuOv`^)_vq(`#+Gl0u)s+61$y|pOD2T59dR2^^Vm6-3LU&GMjRa3j zW~f!=WO@)EihL7Gl*l3dy}g>~YGF6e;f0?-^jAw?A4zPp&BbWcwt$7f?NkzV<4JGEm04!hj|@Vw`RT! zP)cN=aI^hck^cr@$^G8K1a23w5eBgw0jD>b7P&s>^S9YdmyW?wEWfT@;F-1p;1FUE z%yL6CMr_xOxZWZz+m6%Pi3FzCywcxk#>Hn&*$VR0&2MV4wy%3P3)-ztZ)IxWnkD(~ z)kKf27NkE7V-?v7^Bm6y$+!m!^HItg^&Gou=*1B@I{a-!qAd= zIC)G}gv2y&NgKcF;DFmzPWXmh3pM8_cOx?RhCPwR&We2SMuhHu-Zv^xB&;1Xd>fLs z_LW`qL#-XPoQ5F|I+F4{+bT(2kkn>*Y!^{Up?2|E1qRHb zh;|uvb&sIddy~3oPsZ%z3VWqh!Nb#pZa}&r#>GVQ>B%FTKNHgSz+a-4WmP_@nTC6r zd>w#*#f5DA)2*y#TSplmLf>SLef~{uy>qi5yqCQlBMGsRwu{B5PqN7E zhR_su-7JrZL4SkgO=57liaLR`P&>h+0>I|dsR`z6?<@hQVyBK9n->~o9L8Q;mpbgI z{kkVp?(2NZog9Umjo&Z#IH&89_O}0E5WLNu%n`laV?l1%doi7|MIkW71-S$jm*tBy z>?t^|*mFhNVQ?r5#oHrULPkfwD0VN6TNbOz#(E<>iyMwmoQGyyl$MLt0qn4)PNLpm zv6;7zd=55K8Mc|TDS3DF%Fo9dtd(P&KQLcr1vGtpa%@-#k%tP7twlQuHKDlw!>UzVje?f4(7e2AuWU4W)*l)caNl8zqYlGfcW-C}BTYcdVCldE1 ze-9MlNSfo&?!wWL#kWZ-ikvJKQyAHk{uvofu$At2O)p+UGDFG8;<5g7&(8x(=-cHD zzTy#y8bD<;Y;1(BaBmmuth6L09YNDftkavJ(N)GBN?0Ox0c}!hVf4~JzC2tWFP_hS ze&r5orMJoXOBL~BpV$C4hnnrGOYtX`@9n(yukW?CyZ^Tm|7M>h z`K|^kvCiy_s?8SpDsr~jLGV(*D1WcG6?(oU&+~qgOeoWUwzLgDk!)C#;|m4a&z;d8w2Dq_o0f-|$SG zm*qDGW+~`c+_(jHs=2R4A>Yed&JpIp)cGK_C(Zt7XDeRC#h^U3{LQ5PgZw?A8BZ9V*OYm z_$la9zHKKi`OhS{|H6?BRT2;x^pkgKj7<^ZTXfvqSGV57lMltjiY`YOY<*`V2^~yo z*s_5~-W0v81EW8Y+0OhPx-7%Js5w=}i`+)WCQ^|w($atEAnaI~P9IEn=g^fUYpC9E zx)KyzjOcBfe6g$NzA|ft!@xiO@vdLpiKbbozdbizlS8oK=nq1P zh3Y+r4H$nZq$zre`V3jp zdG&o#rCM@$Ad4?4&bd1^n{K@^OGW@E{5dC%X)dSaVhhI|-Yp%mQP?n1(362-5QA{7 zo~DrT9xl6)9lN4LI#*Nr-OnP{|3`-B@PsLUc}hehq7$Z_i1l){4SVs!w`0eG^%NE^ ze;~K%gjUJmDup!%f)GswMM_f2TDq)Bb~LN-(jtYeQ8*qo2mL|DpgP98BVm%l-^oNf zxGc!zH!7M&{R1|=?1!l$t=}!UH9tQ=i30X&!Z9U=$9-0aH~S@USk~W|f{_Kd9!yo! z(6o%&#wUAN^EyyN55pt2`^?`u zDM7Deq)2Qgti{T@Y82-VYMq{!#|XwS2ezV&VLZs7EMX%AaH({W|H`gsCfQCnhv=6U ziu8!ri|_zV&fal4P%*CeXdHklETd3)2b%li2`UA%wLO2|hGA#%*(V7n+QIV|d<_ki zCJ3ui`jyyKmywaNo4kSfVuZ_qiKCT>1f zn-GI+ssC5U^L)J}xg*Zt&OabB^)~gGqNIWeQw$aP1#qdEB zv5s*TxR7OJ87D1Q8d_P0@nX-@$@S7A8nR`;*zW{^v+mS7JpxewFi45&q z(XmaAj`CcX<;juINs#P0IoD-xwvy~OcMjFOE!$z%D*Me-H8YDFK~czP4V-e4`@uGR z9V*rul(7Wr2l=??SC}O3Lk@QrJMtpmINfCZkHVewdKc zbvY?ITcn8Hcp6UeVc1CDr|KAPNWs+=f|;wtE&ysyMQj4Esr%^Dj4V>lpNatMVXU>h zJNiNjR#8U@JK&h^l#-&hdN5Z?Bs>FVu)Ywc$t%tCUuI&n-b!CJDI(jP&;9-ikZP)T zb`(ehpHgu{GHeKT8>F6lSm6)4b?;NP+9wXSdmh5-hbVY|gg*lFW_^DNTtbzP2tW2O zrz8a%=<<#!p)g#0KQp2$z5G0*_;5=9#bKeO_Aful0>shOo==LNid`DwVhE z2W%p=lDB0^DPq4TMtvwd4~!nTUv=%(-<`^PcR|FaZ$^epP4zqE6{?>P2)Vy_T#$Qj z1YUrn{fNZFk!5bJ8IyxTyS292w|2>=Nb@NQ4Kpwi!kRLr8UmsA2z5A_#fccm_#Mfg zZD?!05pe-9y)z9qLHfh5m@5^=og1&*=MIa*F+7{|0S)!z43pT~mMPXENRdJPaO90@ z)sUOvh6Y}aoj427as)3U6vd1cEE zVTj?%WCrih_%=kSK8gurWy2mVr!4X8LaI8F=1pKhnGx}Z%v?9EX5-8y#v_N(7mcSR zc&=$<66v81y{T)1tXf*D1FyiP8%W)nHV2t-!pY?D01Du?HJZp1BDJ}8A5D$25--^0 zgJBoD3omd4EOF|(c5I~mhqs@~ISO(l>tO0cQTTq4svJ8QS5wE_8f!BeyT(ce1$!)G9LjR`t96FAlYAmxs%n_rQfj7U6LigSYr{{*?RNY=fm&N#%8wyUHO)I zi{Ts|-OzsB=N>yx5*@q5m1F+PRVh#!OX&9@F35br5p|vGKd_M=3TS9AtUk_zxtShZ z$G-R3#BAS2;cX`@Pp%qqoHU^IG21xzMaf6l+k4A1g3Z9rQHp-fu43|;{Fm3vTeZyP z)LhFCmMBu{OSw)2BSaVR;X-j}$e?E6`hZY&-l?EfkLRP2r? zpYOZS@s9IIzO)B1c)JD-E6V+u%5ahdgre*NaQ|4UxP}QW&vSpDbeuYi6xj{oog{1M zcVOY7B1=)!#b=`Kg*v-XfQMR;YsE0Z-V}b|)iX^rD$#p^{?I+W{jR;`4V(yuNTEe+ z5%oNRu(-HqAj>!LJs-3n#JC^kM_ftcfnHeQ6XthZoi3^!y-dsxC3y-xr~earPQHIY z{qn`Q{YZn2t{ij0aLWlQ8K8k1udj(Bm9d|{C66VlUbs51$gZnFHtm>@VhtS6SKP&m z6e0oeTq*bpD(v<7RHh>Df0Z?qE&3x!d!=Mdu1Waar%#$;E-LU}{o2NyR$boP+?Pzm zRwt&Ry-{VP5s|a{dc7S7PYyMrj2mRvfen5*B86TuwR*mgbKxT?W8(G|VN4YKQN-sb zhw>yRCxicR^;nHq7_>M>&Zu&(u-DMTcIj~Zt^2l-`y**R{L2%$ygP+ekvMopkDkT1 z*?HTyY^FK2dmX>|yt;xv*|&gYq(Ul?M2Sg&sZS|Wt@q+6Pcb@?YZ?EPshfBW|12R%4D#M8MLvl22o8#LC}7~$3;i~Y_T%e$ zE^f9OvnLfujd`Y8ZUpFg6m28-Bc8v!!k25e*Ez=OMNi6ARhyMa)FBB)BNW#kgb7sz zC$tgcFv)dbp9*}=gjmbFzMMxK#yX`?0{gL}>@gf+Dtm(rvdNC38Z22T>^;d4bx+|? zr4kc9vMRfZVmZId2HBD4P~^?!CBS@Q0!D4g%?fO2r6%knf5|_RBY5|PMu8=@}@2Viove-6L zbxL#*Mcyz`=1yuM%Ws(Oq6s$G7sYuIC2_6DwXu$Ar~z1XG!PN~eZ=xeYD-lF6e;h~ z?ayM_UlABOg$9#9jDsyVaTg9ho0VK|_1cV-ab?SF`s!Y5tmvZ{pZr7SjS$wS-1j2U zZTKONZ$-_qG5dY##Hb(gWuv`_A4=2O1p@3YF3_!xzM#EOD@liLkYQY4SWV~u6*(TO zWIDoNlp+W%T(-Sz6S$Jna?q@tA)WG!R@hc_{*MpA=;)J`FgH9g@d>1(Wqa!D;UhH! zA&*xLmuKn6yalxBC2+sbi*)=`GD=kBkde)86TKk4{!C;Wi4F)6B^Bh5I!RbKJPLw* z+-_Z-gn3To7H@;>5t$N%)H zjQm)e@o@m)K*dP*F(#wr_yiRTe(#2%2;s7-C2f2n!|kiNtjbVMvbkLXwbR*D53$q9 zTkp*sb_JB(HYnr3wEn=yf5Gv^(!pUi?fn28APF+U0 z`u=P5I9gpoUBze>C*s`wd(oYgLOd9(s!c7iJ(c)M@{tahrh-%9-qMsr<5{eKZcbS} zU%#g1u`+fVAnqBpUcEh^Z807yObcT=3DXFB8w|gXh zVt?}-YL3BU)Z!62o+W9D?)`<%tW8#vuG$$xoGkf0Nu~ zb1s~u(PFJ3wb>fK2O1LHQ8xFENWba>=REuMM6$n^lRamNAPn)2L{E=wbfxePc_@)um5@H&?>P55`u_S$O;OM z2Y)|9P zH^a0R`Xm0;s1o2k>=ByFr$0p7Cy4W>p3*qV$}@4CVPgaQyOT;i&*%?H-0SlL^AIvA zBeG-8bv1J9KopJxHeBP+gF{FR=436^wwHw&W(`{@zV}4-%nLSPt1i)@+n-Q*}G>;y3Bsz6$Ubi~E%Rw|zpv<^y3Q13h3)OQ8s!i+^nUr&HxGh<8ke2%8LeJZsztT3585M zutAQ)Cqs?=Ow3b+QM{vKRlWpb}i@2{)M{peCgJms&K0YMnwPd~b_9IaMem?Rx z0?ujILmV9gA>|J-vWv@$V%Y~Q9k2d_H0FK6y*8_GyOX7O4pn2 zdH{*xuG&eI87I}PJe)A=8|FBk&RqiSZH{@aD8-F{f($nqh%)Po4KI&urKr90=aCpH zr13yybS12jN1>AUSA9lNdOAnR4?F+feEt*NCEp^L^i;ihjCr?r+M}%cQ9aLu=H2~O zkJZdpXcB>R@lx&+W?NEXD<*~NTSXk+i?ii(+??i`4Mv|_aJnLb54>Aj6}|vu$nY3v z7ZYdqS!d_Xa^+j59;FI}IJVy+i_0%#Js{pt3fs=Z$raV($nbB`iC>rm$Y5B<`59Kc8nXJ>P)cs4}XO8Nak_9J6 zUc7y17@5pFC8n$p*Qre5yN?TfjAYbVTjKeZ7(QW`yuj0c`P0420;~JudZ2j|DDsoOiQ~zMBPRu z`S+@b&tX9Yq*7Q1^W}|q^n8CG@_J&oP%gV?F!u)bmR>PoMTO#piKr`}*en46f5O)( zSy3mUp!pA&bY=w{huJc7TH(L9_~TcYPX4oG)rNwq65jvF+s=aA`EwYFOg##~NY*tY zjO>elYyPq|om*~q$F1dVlS{Uv@&lYHhR)qHSK@=^_%C0*;>WtHVC9@ccT6|RKd2To zNo!wOLYrqok?J_y45vu=Ua3d)P*I*ncU|~VHH!fZkLWmW`e7p3@8SE?{}7De{p)Kw zY>Gh*-#g;!A5vUw-lG-lakwCCZDc(S3m54Jh#Cel_ zr^2TiylgaQek&&^1ozs0I$AYEYIsB-?o2v-nl+DMusrvizsfg*%Rd|7-Krox#4Oj7 zH0J0$qXD!_xo?reky8m)&pw|0OkpvmFpSH7siK(8v_&Q9b&}`9xy`zsv1heN+Kt=n zh-|TOhu6gzr=+ry)ReF1>mo8pl;4Esk1Rv|f|Tq`msXRGv5D5T3a4@zC~Onuv*xzK zMV`-TT8V1b_t6*FpHQyjTyrj35h z=yS%E5>_X{d?LWm`liajZErX+DJhc; z1zTd#`*6ABEE{`t4rK2|0bu>Jey`K30rgjYfQ;sCqhhbiN?nPw8#a7}X^a^nOw8b{ z3z^Wqmq5_VKlWMs2E(`R_H5ZSji=)HC&KHv0JIncD>akC6yc=OhdcGLw0| zM)5M&oB+dCn^%oC6W`HR-_YQh3I9Qi7rRJU{csuEKK^5_otam*rt6*sdN?82EWXph zuAfyGHYqDEG$QQ2n|`O^(vk2c0ws(prO3sxNbODLuh;D$`q5`i!@PqfWAhg}viy91 zV(w8Pf4R%!u-k)|mu|Kos}5WzDyKKCiLi#us%5gn`SRpQ8n@=4Uo(xRN1rDmoqu`> zY*Q6(uPEC(q#!`@@E6}^_r?nTbVO8LR7b%;;~W(UF~8NlxJ4v7yp@4<7J72SZ%Y*# z{i}w%48VSxiu{Po65F-I2L$h&)&7s#yo~oD-_}&`VB7IKkwcWJfRxv(X}>@pS1~gH!HAcPKnfx6PSSKr)-z4kp_B)#u;7@XVPv?`(!&BOtF0` z`)Mj;3i9i^&YNGX7kv+>0If4(0ehZFvt-RlG59c`GvPosdk|zANp9J=uXm_sdHrJd zi=0fpIbI=}Xmwgy7*FnDpK8T25#tdE{)F!Fg= z^n{P6WUt$L?77>i-*07LUC@b&4r%Kfw|j7dkCCF`tkn?l+NT2M2ahJH>f8gR_sjdM zB|ZNZFw-G5Hm1NOfjsX(k`aq1gHF z*1Io&ANY`VyYb@L3%-}YQse}5NM$w{kFqPGkc^OD_Wh0n^83v1ey2l7%vuRiiIQN< zi6niueHNxN%>%RloROHQX+?BIEC0J$n!M4o{n-nF6rn$@{(nRo<3^O#1zQ{7d{&y6 zwSKE25w)k z#r|B)G4zzSa7*6r)4EU4Q1|=_QPwfWg2;?8rcWXo{;1hARxsJgrsz|7IW7OVueYADLbp8!8?k{)$rV zV{+>1?d*j{3re~y-Q<50g$xO35WkgiK8>Z6GJmHCjR0E%gEHE;ciB=(Ix@4Jyp{MCLA{iDZXroXsd~row3pp1h z+X0gTn2;4WRIwDH{~e+Ng5&Px!S@gS#nU5- zQ}4+jq6R(YT}N|SiW)x+t&97*et;3wqn%KUiE0tf&Ybs)1t?kJYGlO&vO=bQ*Rk`J zrt5jz!D;z`D`Sd%!O!zvn5?hQ23ohDW?Gtwon_WY_z~yj`%jJhh9&?0lwK{ig?}A- z=c77X|16swd!Ox1lN|6uI9|b-a_yQ|2)o;it@+#}!3aFzClf!(g+^qTsQoeaTC7)| zk!Aa|x+-?*x)?{kLZbLfP9N`=?+IigomI07COH@n{ONCETql)mHvt%Y4$nC7TFSW- zWwzZjt1xYVWe0LLF8nJ4nwzU=yp4X{PtYU4jXfHPumL^OFx}XEPR;}KK@J=}J_GJc z?~ni#CQM8$K^eG%p`jKAS4K$mjXOatD6!x!w`7!nWe@Tw6qu%JfSZ(Tz9dAVn=3`~ zX&3T8=FEsW0y<(saLg!u$7LQXLMe^Spi1?QUc|WbYM_o&eirXIyD_We)8kN!XX;^^Uj ZaQ)t1L&O?X{1EWxmAslVvdbU7uwOo=^BX|}Peua?sJ ztcM3%&hE3)8yJqmMjk~c7BuKd@0lQoL|aFqzL6wJYW$hzyi6v5ry=c!kX&#H3$^)i@GxS+K+>bV@FitvKtoqL!q zLL{-|XMA(#a2v0ts99jT%W-$r#?UP+mz}M#BUhlLr|~sOrS*9JrGUlTW#N8fh9o)K zwr{b4uWT02u(c0;o6w~m?D7^{32e~s-hKSQ-t;gJ9)BmKulI?Vg(l##UuEpXf3roN zGtKf?lp4L@{>3RS>Y3HK@#kB5iM0DUB*dCdg+nPk*LLI}Kz@$D0z!Qw*E2dkPLGZr zUe(Ful+?(;S5V@Uw^0Xs%{31Zu+QB&FL6_zBC2An%epM5EL9b=`SM1K%#}c31m8bD zl*WbJrp(Ht1Z$SezDmq0A6Z%rDmhIv$B+L}#2F_eBN<Zf?~M`YK~{s}_-d)^K!`;2>1WVBfhl&>Gf$2u^mM#s?_o zSYP}*0|WaWlCIXGa@^kQ(V;VRmS-rz!$_2UBO_@M5fT5cQ62w`(f*o%VREc8?A3z9 z6jsB-!{NW2{FRsd&QuZITmdvta@WYa%euA{m-WAjs;V)hjfFvZzkmO(TJ)UnD-XQ4 zOXs&u)S~7f#6&|mM2-!L=B!^q5jv`0w>Vwvmiv67AS)Z*o#THwt6^xEwXq{Qr4-4{ z6&`Swv7GFGwWt$;N5Lw%=$5b#a->_~vNnmEG3+`iZO?-$Zqinq?W zeus9(NhxeP{lu*&=t)BRrPVO?9C7&G&+>0f&&@3P@i8~P=jKWhaT+j}H^V>s9l7Q3 zZQC8UT%}TYExdm?lX$H5&?~3AOX#a9=F_1DGiB3wu%#*}uYdmS8|fVwzijBW$gqqU z_SygiUWXcZ&RX(%9(<&0$0B6xg=}XrjYvE;52o|=H2>wOThLGwJ(UrO;HK$DMt%0R zCo;`@^1XatBmvzQOcxL10E8u?i%Fb@PCl03iMN*a`f!ASrI`psz*1kJO)YikiT}Z;}1TA{;`65=20`GbPdjs#M0~Ol> z?gxJ!EH>4l$NFCES;C&rywK6mFx%bOB(b_$b$z-zIwq(n3f+iETTSfZL&HX*^2XiS zNL>Q6ri=4b<9D!IBuNm>Ak9(rh`8%|j9~x$)w0vZU%$2e@-|LFCN=&lb`Fjdp!+98 zWw&s7;jfX=WCWM-0_^VWkT%fw0&AY zi)#ntWNeS*IAOO2*e!n>ogz0|%FDU;FSOWr;5}O%u-Fy3QZ^;y@@mId7&O$17>TE$ z$AZL=^8LkWTKmk#9@D25iCYeWYTuT)rFN+hu zDfW;h)#zdg1=pX26YR{5jxW%ohs##21Aw%7R;a9b(HuKOBmFL(bcrgOmP9HTO;p@5 zAF;_5X#3Z|@3dPk7AL$9m4Fsw47qkkipa3n+aTVQ8s7#q4E`cO%>L2jZq+0v1btz5 zqKIs}lucMB63LvJoryy*)?7O$?(G^T*#ut^W`k5R=k{$`PuzSG78*)$Et33-ijv8{g!AI6`%NB<>|CJ&;3%!F3)})a~{e4!qB~zuy^bTL8#TqhL zz_5hO^XdDJou|5HksH=qly-Y`#iuJC_>F&>y*I$a$z^~95m*$Ln(wvG@EaE=y%UUs zhLR!p{5jlW7p~W^qpobRTB;+nmv&;f#m48hFV`Q}Ruz|7KN2qk%v>~qzz<~~S&EEr zez4!1yy~+nRUp!W!>4ZZ{=4Jk=*+vE(sT>rq^6D9jHhQH#}6X`zz{109~FRbDSR`a z&j!AwWZ%OnNz?}Y4-Ri`zNZyFeG)n+^E1kw1 zaYTV@xIQ4Z=e=CqIuOF^U-&lCt+N%)P=Zwn4do&Qm;I_U0g%qRG+7FK^dD&QL%50< zRhoqx1Ryq_uyN)zLJ~mo1@{Tntz5{THMRn1^8ltEc!O6C>y}fG z1Fo8$N<`PWsHE`BOu2Czy;bLTuj3^RBcmlwnt)wpxI zrF1gJB_7IOseKoTE6Vm!GV(i>Z8-UZo%B^JXoW;=834yE%az0P-HD!v*~ic>R z@e7Ibi`k4)@BaIlM(({5ELWzbrR55saX%_Zl-j8kQD|S;O*AFs_FhMa2_$h>k;3D9 zX&>G6_;71^FjHAbJeVb-^Kf1y(FYWan4q37q;x<*gojeywMW2kFzh~k8k{&SeVKk$=o)jOgzP zI3ER5u%yLBCdDDTyq5i^&jYVlp`OD7{r!pL!IC4AF_(`b*#_)yQm`4y3kq+EwWyP+ z?sw$ngxy&qSFnw*LlTH&LUbZGieEL1^sRMAt3La4v%w@`OD`vX{{*5N3QXY#)GzEm zHoEVAasm~dfz^PabEQv=OC1T6=lx0s>wJ#C(^eVN_Wnid(e-Iu zVCH)+Y9T#zhVO%|w?`Rcc#b`Dro6z3267@96puI4ZNv6$_m}Ci(L}Q@%F59W9hpLI zynBn5l#mSq5pCLj=8oBb*L%M#Cp8C(1g9@;mNKwUNvi9}^^L`XfC~&_F=d+EN-DDC zTco^St2Ae@O=6;aSNCv#Yn^Ozcs-Hx;4TMUsRbQ19k+h*si+MEhO^%NI?K^&cvOD_qt6o!0 zsJmH`L4*v24@WhWh6QZt7@Vg{u5`p}))lGEm6|88BybvJdbQ+x>;NIfTmLu4Sc8$h z<`j6Ve-?`j-U-DM?%hNG*qbM2J5Y0#83D={%JE)Q%JqCe+J5GH(hj_Y2+`YYrPRR2 zWc>NP758^rg|T9nAB7&S*Eb{SVk=C^lTN5rBOHSB=DLZE?ScD?m}c`5@APJ!Kt(C= zDYDL2LP10qYMUpWpt@Cl7^W?6TqLdoE(WrU^ZA&3w2v(#M!KW{wV~SUnYD`$`tdWz z%pbN$la6PiMoPktRQTLC~rk^Ed8WvSmanV zgQ|;e)+)n+oq{%h{bo)28~JVxd*ljDRq=S8lX1h%-p`~-t#(4w)|dt<3?n*0WihkH~Z!Dw9%mm>E@LvLMA;LYrdn9V-6Uy2idkg=&Jdz`|*EQ}E#TL4l)O2`59JjYE@z~Jqzpuaii2*Z0lbw@#WW&EvlP3@4!qWgE7+*cj zb?sO~fqAb*G4&q@KKklMHr!v%s}iIA`OKB|Fs{t?Ti>q?m?wz9$K%J@9~>q-*r#hT zJmgkm^u#k!P{mf@+aqu!QMHIP?~e--Sf*7r?lY#)zC0-9C$NF2J`p>$(B5O<<5i&c zvyJ3vGROLk=3SsBO=-v1%{z)z=Y-?6)4mK-AZ0%vU8-S=ej8sx2o$rY}_RdSR`@(XO4?bLaTrOT7)s(+JleJq9D&2b8@yqoZgKLCMtSR&`u^B&TSWUwaQ!={RbQmG!Z-xquKfm|EX|wNy=>6fdq(Q2gX9nrI}&hNZG~~$kWIb0p02^^!;CR9D~}ADP?M*GzX4j`}9n9YZx|2!u38e#A$6cT;y+H7|(&#W&^!xYj;EEwN9Qj!QTsts&9dg0lcIy z+(rT=%D!?eU+tm6$1J6IC2V%n^=iUmtW<}-yz=|)F?a#rgkaQA zrkxQCEc>8l?yU`<@#;qQ+!NmCTUP#@o~l2agC$qiXV{^GLE(gL1PyF`_|9(b>a^hY zKhLrGCeyZmhvJ|HU-VdkpJ;GJ>;I4x|BsmTeOU!&VHSs=(JeLeQ}{MgkwI{n`9?M)MTy zx5pfEXu9d_ZEX{_wzlXQfrn|taK_F1N$_(pSkfd374M^$$^iP4I8c32s^$JB1YeM^ z%S@ZP;%EktH~pipbPQ9;sn$oI{R26@fV09(XftKsS)a zl?J5>m?3Hqjt1(EI^fCR+1>J|a_BQY0*-@uoiISp*#wwrrlzKp%8gn!ej4BZ@VlK~ zP6evn(3*cpa%?7JyS`J47Nze&2zD#3TJph9nYFZJOIp%N3?estC zz^DSayRxZi9=h-XU7RTGM3H)$juAxGDDd86HsJQ~P|is-lR-IE0dN-%jOcn@_9jbs z&Hv(%iu=_A+Cl!P_0|z`HY8{{RjOOHnX0d(s2G*<1`q`U5?)6J5CF7G^Apve^bZZ& z*?juU*eLD!W-NjI$t-dP-ZC>6WAapeUwO=7#l^k-^#EezF(;5L^kCeb{`D{eONk+(V;q3%i$bczc z5P}-)f$X1b=RIxc^@hpLup{o0LX%k8V-uy%u4J)-l9mFhh8{J>LoK$}+?fT`u`MA{ zK*U;(tQb{H|KsZQ#W75IRtI;@@7>%kZizbz#=0p=6)=H@051~pEkGw=jyVpj_j zn9#SF-T-Y&e1g^~l7)9_={qcJY)SdC!b+4rJ2Z64MvZiOCxkpOd{N_pa57H>)8 z%TOsMqobApS!L+C1hH-aZZuf^jn6tZfmuM>22YJu{YsK|$A2}P_{p2RTn}l%Aa@Q* zPEDQT_P)D5bp<%XYnpWzserrdcSM%WKt+`+zN>iGQ|lPp!xqMVN{gV$RYew@bmJmE z1eJiTGSk|C@}vQntl6TlFT|J?32uKuWEZQ@=eKVKXa0h)9MoT59#(YX$%X9P)&<@Q z3IQTq)rop^qCyHQ0q;4)rAUY(L`@!}Ykk)DxMj%g8(^gpVDjR>T%yS$(D=jGuo^-3 zh5K}C$In{`n1WD<+3xmh8mvgdk;LIRPGR0`2AT67iHEUssl*xCyRIn0814$w42N2t zCb>9D2e4>lg7bEkmtIfAU}Z-zlX4MMrV{+TAZ_5ZaLqXy; z8&Nt?=q4QS1#76#MLGAR$u}kK@kzS6hf3lJ!&L8We_o2Z2XNc0XE-+YHOtta{qJrQ)311^kCPnrkE9!+(4Jns^Rx0CzGek7BH+VHLw_sTrc}6>v`SYBU01-~!(x zn1$4Q`+_CaJDxGfD17RTr*R!uWJ*tyg~ElHuB=Y%{e&nW7`sp96T-8Q70`iB{1HQS z02YiF0eEi=+%lcjVPPi*&UG|eT!f_OQd4SWtqiyt!hkb8WZrna7Cm&ULYEe4z;qgR ze)l@pzV`|kdvAQd>THtyQBK2-szR?py_6cnU!AqiaR^gvuA?~-E*T|JESAa?^AfkmNl z*i18al%NC})%olSKV98y7<(klKN7{v*(`q@F^VH?evNs8cKTxXV^58$zDMm6m%g zl}ou}M%mT!#y8IQop36B^4gzS5#wt0B_#>{HPF);7$|vnfKacB3W#tIYCgg$>^O<%mn7Y> zh*l$_b!^xqqQi)A?czi80D%&ned9YEg?Zepri}wzhIT81R_M`3U8Z!cNeP}}g*O@L zXPwcq#KLYJ&Xnq(8+x9UzML?UZp2VKv_Y*9N4C-pki*r8p8uR?QG61#7`1U4R!mmh zLI&z8V?Z#=WwP@IKj|m;`y;QmYEKh!d{c7>j6*?S*C%t3Squ}KYcTYufm0~g^=0)4k&sfYlJfRqyB^tMwAg$5S zwqAEj&<9;kT>i2XLk-3akCA?&N~44XPoAQHA~*WPza3X;i;ph>hj9_B(5x}kuJJBr z*7yOQHZ*!OYm-+wl zGyezFZHGwOpw>Pe@Z1E2_Kf)7ywTNV(++AT#@oLvD?;Q!g`#95m3gD{^MIyxQ1$x|5YH0oaawK&k?Ks>;VWr z>M|i)=~Xskv~-o_0T(~vF;0G9AhogK^^>v#!X7vvS8D?PBs-OB>*x&JA$1RG<&3>Twucx4g-KhC(6oIY1ea%QwE5N~i?&6`LJbq&)Y1%(c zE3-LbgQ`+8%*P#N$&`ycsXG={)%Tp2 zbD~OLa_OPi1Wc#|AhR%{^j<;M1+3Zwpwj%8-8nYyGM@3bU9}vO3IYENhF{J*&10M% z1N@Ipd|dtQD%!vqU<6LN-vcZ)<@4v~vw-tABy!&Y3NTrYdAMDEdB82XPvjNj`{NX4Qq)kHU71Zq=Un+1s;#e4?3Lj&8d0>;^4;n*(<9fAJH3Zh4Ani9z7~_A1I0S& zq&#Laa?t5?pnQw*`CU6tc+6U+S>9aiTQ??K@HHLQ>dWgMt=1G19`Zo4@!Zq?h|`vZVu2pkTgCh7e$J^X`>cCG!up0?iZ5r?j*J*ju3pKIYxN ziK49R)(Ljbpo;Ltbb6NhwNarmbdam%JaI5vO#k`w=N5g53|lNqp7Rc=Q*D8P0Q=w@ zu^-Kq+G4>Y;cky;!f`o;KLwqLhpRRxxKgqJ?EWcKQ-ZmUN@1k4e|cDiQuQOYbGU$J zXJrCTQ!T?GP$C4ll2@<2+HMV>tY?n;l|1pglg|IDU(8N7U042x@mCCB!1t<2A;Uy_ z@BoYw?|)i4q_Y)TMRh!kX_B_2-WT*qXI`v}!VY2qXv>KA}=R~vsiV;+~DCJ2OuPsU6P zdEMM6HabaB!QMDT>ytAKuWP$kJ!;sdqyulgm<_qP@nJ(<3mtSXW`6?kO`W!zlpz9b zEv-I)xjD%A0vScd5ujnlMBi`m>4yImr^p@v>JF>dqDPv6OZThqV0%))oSX&l?&0^C zWi)FkIarC<*sl_YlvhScNy$DTt`Cidzg-to{Ju)4SQ|OR`++iXtK*%7?lFmc1Y_>517uVa2#{lH5`Z}HY@=pE&FCJ(fk-Y`Lck28J)(x0~~BMiIlf z)nPR<7ADJ5yguitu4|;$eJ(}WocVRLjD530PZ2yE(7e)1{#S;xt^*vKfFW9ST;R?y zI>dx|T{eJ>K~4?eRA6G&b0Fr(^yf{fi#XGE6ff)E23_Y)t#pJQ;E7mOu7nx`o=B7b-#7S}774c@GmdmJ zMu;|x2Nm7(ONoL!s|NnbXqAl9*1LoL49oXgE$6IUgtnhj_g=BVWbP*e7z%iOe*W6% z(J|uib+4L$XIYDb+nKPhNyMqLxAjM!LK%1a)mwJI5TuY(4w$q;pnAAE;W@yNT7RP; z3-O#f5Vh|9ftJK?^I@3x#J*YVy%o$-e7rvnbfTJB<9qH$i=2i3Lijoi*`m)Hw70kS zWrbR)SxmgV9pf62jBI&&%HAJxeQibq8B=bUiD@2?Y)wWV4L?k7a9)+Z{fjG%h{d(Q zkut}IAo*0HuN8;`3q1-a96WEab{OL^MpHLXyXXdpboWMhHsAFC1kE%Q-%Pgq1>&Bo zJRY>{3&vY;OZ-CFkixFptO7tk5yW;5sf>f^Gy~^P%Ncx_{K|yKuvBA}n zP0EKnEEEHC_k_n^JQ3X`VOm6}2Z%^)QzU?@Ge{&})DMNzaP~(;W=h7RcY*oiM~U?9 zO_xJy`~mypl7`d0dgRKc0!#ON)ezqBK~ys``W%?VW9KpCLgOfwQV}x>vv(hxPydox z30}gbIL;;ey}#`g{krZYhTl1#ph{*)R^XG?N`2b6YK(_A*DzcPk!r|amW2BD+|{3G zbpvlDZ(f4tX;F^X;<*UqbhmAQ{P5%S@+kt4Y8 zfNYMCLF-vV(&j=EC;=JuR^buuS2BU;_ivgrxunjzZF_-0Qo)aT4=9zj{_~{cxnS^1 z_m8#sC=^SfR7po2n^@Tq9UsAoYb@WT6-EX{F#>kh4CI43XHd=YysDjh)dSae)@_- zwO|bY%&TGajf|2q!+#Y_*Q!i)5Rn|%f9xcyx5UNbsj=4#`%0BufQG<(nQ=renVpIdAE z?JIennrfLtgZ?U-s5eH(h!dh@FDpA|3Nr#nCvWV((|m0ynX|-evBJ$VxlYh2-$#^R zo4V9;qwEq;Ihc)TW&ikrW>bT`<#+Wzc3svXwx1T|6T=EMWN9Ei}}{#rXxtiA-&jrxu6$8JJf_*_~{v__`BF# z%_bHRUy`^s{@{;e;r$8DrN-T&U6~E$vkmi^Y@Cks|Q4;gulRiiFk4f4+_L* z{&2ru^!xitKdWX`s$m8vou}@t|Bd@Z$F@m2TliNRfqq&l@FHMB3`b1Cs*7bra#8iK z6FMmOdc?sFd$HnsvZA*$!D4{&K$V!<9f|iWfxf+16@k?jYV`Z2D5t+LgH+<>_3Odv za}{5|)`zuLDuVMTe`3tce3_msr6`g8@rle*$}+mqM|je%Pa(>)%!mO2hZ`R!#tA#? z4=*&hZ9dtKqVQfiUd#TM8CM}Msp*+Gg_)2;{&dpdg@h_#9??{)H~P9F>7L`OQ%-|L zU0^~pS5=t3bo<%lH?vnkc>SkU3s!I`cl-ojeY7Rb@T2E))iJx5%?Rn_cGKpAd!1ZVq{B@kJ~a_WDuoy0qhJ`T{{3gidhR3hbBOed!u zF5v!)(fHjgdvm$VMHk_~;_>_6mIn@%fIOM$~mN@Xsu$KHptkk<18u5{?%LqYeC)lwpFD3Z(-P`Jsv=wN(B zeZlU{913GP>55<`BYJppsCAUl7W=(t>XR}Ur4Yh^t-$flk(s!f1u!GKamPO2hLnCJZN^Q>nW$IUc>cgs#T(9%@b!_w}#5#DgbcxGQx$hT({ z0%^8Pr1W%kBy>Y_v)Z4a2CdT2U#zze^4J@BEF%h)K53!fCi4fm5~PQw>#O8EC5~(m zTVhwrM$*)FC|O@)50|DQ!hB`axXH-yDQhJQZFvuHsKUmUlL$ikfoIPL_5uE&>u{jK-ac zLVTZFvnBeA=S*`m%B5c_#cF#axj40J)iJ%nLP-tQuy-n;ILa-DIpm5k*;sFmC%h8?&*;>|Fc01?K>&h9>@BY$ForQsP04#ev8jo#x$tp z6c({l)`#!w=Nw6^|7OESTJ$vc%xMi}&@|vw)~@ZnQ%dmK{@3p|K|Dan)yy^UvwpQw zwnd8K@9sO+iOd$_vWnbyK3AMcdKa|BA9hCh%4PN79=)lyWAR)bdxy9SpV(M5)C>7` z6fg{y)xKrqtb6>Mo%M6*E4Q0njLH6_1FY9<90VKGx>p*Uq^S32l&ep#y0n&lG@|=` z0U7_0%thx*+|LAB(q}ww%|E9S{Yb?Ak=bd)Tj!IG0JH8?FUD~oJ>Qa_encvr@nT4wZ_%%>6!j}d9LH>OasL(B8sMMt?)ZGuHHq^ zonf}mt|6(gcf8+GsV3}4l@iggKCNW|x{r$`OpOcX#)*iv=LwjHC0};n_C0z0&3Ett z&n8^ryrfvdF!d9+_dcQ&#JZPa*Wp8{{3yf%*cb~ogQ@121f;^^*et!3_#L=|3n72Z zaBg-ilGTN?Vw=@8@TqSqpy)4%*zW>l?agzVlRJqZ?p4PE72VI^@mqDzD+^Q{x!`cI zci9;5_#BQNfHoy7lEd4h63q`JBm75{PrS3?rcx1&zPXM&7Bq~8Ag)diSX@GpO1Xq( zLYjHqqQk`{Y*943F<#Eu-@e7qf_&lYaP`iNqP_;D;P?D#r_W3h+hH7#DD!A>dpb~$ zTI3`uq&6Gsi6ebLx{~QJA2Yk1eFo{{I$+?qS=TqvDDKjx5BC|1Arq5kR9Vm?jktaM zY_Xu$)ZcbLzr7J3dX=EucK@c~eB5bZ{6-JrHO$V!%(=qww#opPLc;d@fzJv}p|5I? z-%;CRfNyX+kn`Aetr2HEzOH7FjL7~gyT7};Qq^!uxiIh6;I2^A6cDElttkpJ&?_47 zHmaMAo49ck!%Oqhole2aPMu0pQyze=PxMf3*A^UJc`q}?4+~_atstgfj(ZILQ#Ozv zA3xn)LCiE7=*9IEtX5@j(PVMeweCvl`Stj2u9&GG}a(frjq!WVUtb5fwBVF6e z^Tic3cBVnOgmvj%B#B3QOx}xpIX1-ga;adxGZnB5+6So1kCP-0-z3VVZ_q97f5{4R zx0ied0WC42jT>Otwofo)=$7aA_=;4j`x{DZR(H#-HB%x%>`j^XHVF&_g~hyevm+?% z4Rd-592B>=Nkj}lE&&HF3?fr?mvVXRIUVT_(7ta{vV*ZTH8 z5VcU+l^VJ&Ef`|N*t4_pb$C<#&xytJ^3CsOys%5t-`lbhOWfrmU6K3Dfo z0WTM<4)RsX>3V8Fuua>UQ1(kRXitG6?qY9lT2&=9kGou(E~Y3BC=pJVqnG%|r#s)( zc1-p+6LWm(W6+$a)`FbIdg3UqL|^nwq91+U@d)5o4=u5+c ziA1@oc@t&$;rxU=%k(_28kIuqFb$6o946Ne?W-)wQ~7^*%4(Y;P{=@w4>#owwWLhT zO$YN;iG()gq@n<+P$`aI<4uQsK7hyp$0Nq?r<}9QAhB zQ(?ecau}6&w@Nh2zZ~1e5kPBfdwXSxj`^2alnZhwyt_UP6t?~iKKCTE3+L{y0TrM2 z_|{wh1=6M&6+#qri?&umhMcv;ICFSGo6TGAmE|h*ogv5ri1<*R*u(etw_MnUJ6#o3s@o-LUdKdb0>v zlnI_%O-ss%1T0L8GsK}8<1`uir4BpT zeWL|8k}k_%n4i8^+~fSN_pM9(a>CR;ay>Z0;*8m*ah-sRL`@O%f_J% z^L>YoNlr5fVrTAs?Y+;oesv!-FERdg?70E`RvPF zRKlJ^aB^oRb-O?>g~n=vm_=m1IhcH7{Xu#zQdl~>Mr1RO49-Ns3pQSiUx#Sl$6Clx@n3|FIztd)#dv;q9?Ae7kj1J!^$j(%s3#mdS12u%rY(}#l z2246kGnJIa<>C5g{xg1awnYp)W)hM+)RM1v(BogRmDCV;jutkfd~rji#-E!DtjXja3+CuGr#f{c zhEFDV2QVw-8^ltu*Ni^w$WnO}aj<~CpI!b@?va}#*T@%@oWFt4a@{P1VjK{T{FWjE zN7M*esFHi+-AAF$?87i-zi05Wv5|XPkTRNn#tFyZ}GRM;}QqjYM_~okIp6Ahow)ZdU|MiAg6BQ2l1>{ zo?C8)E=!L5%_QpsX2QQ`Dt4On(LfMbjeefm$4o;+tT^T_hWc)ZWh(4)c zq0Ancw!iy-J5S^-^z@SPqf_v8dJVm}5*ezE`J@dTQql!SPHSVIu9azOU>&F4jx*6c$rk>CBu$mc2)Kj)XquFhHrMzFr1?{x)gVmr}?AW=W&on6~&itUi*Dba9LLw7cD&yf<-vPuNgg zBIo$##w&!yc;b20GM-V+4X`2SNFE4-v#4G$bAI?U5vZliwsCJ;K2T$wlblv4%3Lmn zC~iLc!^eBo;#H7W_&2gtAqt0f7sth-PqA)jHZEy;`h&8ER!Zr|+7EjCcyj&xKkICS zPbaS_%PIHUQVXqYOUozV*E`;qWbKTylqq%QDYj+hT84gJg7>EIu6?jJ>M{k-qAKqA z%)4?Q{_?+X>iCu1z@hw;mJ-;X8VMenm%@)hNwgTS>^b+)2&1T&Z~fZK>E*cf{49mpMJ< zih`O;>?Vl)>wU1_$=1L)46Vj&_Jz=GTOhM6Ljh)AP#ztuzJ~l;;w$Ae1x^3ZMCafS zTAbZB41axQt+p43nov`Ei(B*vQ_3supD{E#c+E~wB7!GhC#xV^4L_O`PL`Ewlxv=W zy%B!YtqQ3e+2!5V$;CSTWf)X+2tCH#NeBNqAz+24h;!pk&jpZcU&2277q=SS3|t>R z>kE1aSCX3@ZsZKYajAU%`T3yc?aHs|jYXYo%{Ye!h%-d#1io>RBFMfz1WI7Rfj#-?;|iLb z(}eX0Wz|jTgspF77x<=&W*5EGP+P7$P1dd9_i@a|&riNheJ4cC`1ZQsUCR$1kt23< z&zadsRHuZ7`dUc{gWgieELHy*XxZFosp}qZD$gqlZqdqqvje7pTPgm~X?sXC{$MY> zJ($V)n~l|BM#OoC*@1*&@~6s_ei$4MBX!cgKrN`VuL;TH#`vvN*hKZ6GDm>5XNXn# zRmv7jGOkb8z<{-S*;m=YCPDB1{o4b=Z9CtW-$WZjfsI@-p_igvoEhM*2{z^p58)K} zjix5BYwYUqLfAXx-RC}Lf=NMsB~^!(NfyW(0RdgnAo9=26<Dn>+Z_BLg;l{0@(7x~dVS4)6Bd*6J2^`5e*iRx}( z9{qa(+FzZm`t4T+eY>Y9T9uq|Ka`X?Z0LFW4&LP)j+@=I#aAngCB)N!S;rnZb9B zc}wRF)2XHevg@aMq|fuo#9BO%rb*ZH|h0rB%m?e7L#VG5`@GIy9Hb#bD|_UvNVGiYQP6q=VEyp}X? za7h{Op?Es!uXOK~B1_}JTOZ7he4PgV#EFl>iDu27H?sXcpturxD`FuqA+kISV3D2V zqn#aIrLw5ZjYr;#Kk~<|1sfXW79W#g%r#-c9PT4g^L-`IW2QPWeysqnedEn(!DS9U ztC56}EY~kM6f^33ZV@93w{Y;=rU=%%Jb3SXH_ zm`7S28non4PjQAC3jWqA<|dq2h%H(Wip~BzEi5f{)TK9L$PB02=#3_~tcL%>nDvX| zY(noPkRic5R{%C#N@EV@{3`yDxQR_X@2AgeX#-d_o5i7?%d(UKd+6!#KWrM>2CNqz z7q0h-oV9KVC`w14?t zQNg;5&6cPokQh>ptOV1Ei3p6%+~NybZj>O)0Y8#>J$~km1W9RQMZf9}^HarsOzN<9oSN_c5usUw(dRYlo41O^` z6d0)T?0nz+6weV#%5DGkz;l#`+rra+DZ*g}Deo0q!W*7JSv4W3EUvkA)z|G}uvu>; zI^I1Cw~-R&=kT;2o39v^&i~9(&FpuRwmP+}504i;N@gh6Af(UPs<2sf`7?BiMSips zc^w4E+*iH};kWTqwMeVa8HkHi=ugbE* zITTBu6hxRw{>w#pe@7EI#teVwnd)4xn}P8x z>8(BO@I;cgy`AcIUt+U#lXYT|s`rnAWYcP&tc9XpX)ir-!JV7~?cehf93!H=^hElgL;_1q8>eUB>(xYi^YWC4 zO5)+=jCyTOb6oc(Q|F$xYrcw@Bd(&~RD?ZZ;S955uH|#>9-gTNA#P0))YER;Hp<|q z-*bw{E6Bh?ZlHF!K@IUTXZ+z8Kk8A`c(=YXL7MSy-Ih(Pl<#YQrVwv1u8uEQxl%^5 z{c3OymgOIuZ(CeD#Xtl9>Xw-VCEm)$&RK(mwt~bQ0yqWBJ@r`*{|z(?3v*lk#`<5Z zop(6f;s5T=m(~5#y*7oo{qlVq5P#w*NGIbvdKRZ8iMeqo-09?IAanA%ej7qCv&pPKz$bt6v>@-FDcEi3WI1)( zKHZ;Pd%;;y@OA0$XsO9(!IgRXN*)-km)6bsJy!3+rf(Dlw3sP%*>h(pt#@zY2`}qF zA7?NmI_62>mTXgJNK2)}>~2_BDm@&t^P+a#*>G)YJ^V%7RzYEn%?^9o&R=bl&xI+% z=8IGB_KzCIiuLk*e|#s}ml^He{ZuCxwD*h~_Oix@co1o~9rgDvv0zuhc>5mx?Xh(( z((Vhs?AtFg`Y7?oR9 zsCrPcG?rUiydN-2}3#Qsc?D-spN^ zpsD_BWO&uy|Izn+ueIh|k{6$qh7dl<*7P`?e7?g+55KnjLHiKxnEGh6u6%mainYqc)a{F?X3YC81TY3}-`Au%jW9Q&rTUbpGX*qzQucQ*CF&_4(z zu8#I~BMC+C8z`lK6dKT&V6$$s2}~7p3*r@-!h9cNY8u&-UgjaTS_-%*LMkM(S!W>r z+{sk*k#eu?6lvm$o**aMH*^r@590QV1z%Z9XF7b$fNc;pT*U@m?>WXkUDbH8Ui19R zUk$@2js;4#xQnj~ShB#71KkeA!yx8WOSv`oj9@{nq>e%5vkNPgX5|}+dD&)e-e#8H zIB`QPqo9~+PMQ8<){3y&(cnc3g@Zh0ukwZF6W1mBQS4(jYQq6}xK9QwJvw;svK8BIWPsB# zV-n3bliD0m!0rz?F7`y7SL?;K`+-tPs?Gt@BVVYjlwYS6*rlRM(f+|dFLJ0xRvm>= zPBAig%wO{SEqEXW-~827j_l($yR9}KrxA3qUpM({dQt1&HXE+vQ)Zs$r=(IVtLJs{ z#=wzgqnD`Jzze3-u8Y zN(!RgqF4`=4maYITNme}xpmFXLLr*PeS65BNRmmpzFR^BJ6Fyg?(IJS5xA z;%TqL62_UeT=)lW{`Jj|XP~czEsZ&1@)=S88t?jiab%(ifK>%oGTLO_`}S>_&7%$d zylS#tyXWSO+Q=Vfy9QU;C(r`{MZWxNx#N$Wp6EW%n(pR1m@@R8SP~GyKbK@=-}L#$ z3eER6gZtn@58F)(2lzt z@EOUX9N#u&(Bm5K>hK!4f~8eJy8^26s<4oU4`#SiN;>Wfb{~Jf<4e7)Fi1&0k(| zcOTr2Kj`@fEMmW&+hldWh;n{)A(rlT%F}KP>+i~~l9A&4ZR<-sdd8pTz%Vbf3z zP>Y$9(5DSY4a7AIYKg*JhaIDMP5u@$UH`512fHshWb^r{%rQ2#ARBOMf?A&uwHv@BNVB%?CZ?x*`#o%E(1+KVbAhdvGM`%2gz z1UZ+AAu;1gK2;uTh6zb_Gj|3tI6_{MMpjV9w6=;5ks$~9=OZl@&ozqyd3n(mgPfL^ z#zj2z9#@umnKHIH{ewqmA-*Rp8~=*OJNc!y~D# ze=ILE@wB1T=%%)PSYEW%mZ$X+Av?aM@v83W0D8=K$JP|40xf6Oi>=w5h~ar@%I5s! zJIE>E7yGZSK}kjZuHCs*Yp%$QW7?owxoxZ19{Cz7-G`Upxqsle)o0&w;-Z4`o(kUh z)%%^@>PjuAMo(jr$W5*+3>&pc_2ZxvNRx$xNjX;kKW*_P4kq7&ZYnfuLDgFh3?wU;}c(2)@ zY2n8@vW;H%-@+TPnet4e?{^>CLfQE)$8}xqce9Tzn|Qrz5M%!yv(*>}dwfWgNS<8!Sn`E9C-a{v<@auir9T|cG-R9QOP8G( z*elESyW&KLuQETSw6Xr@l~3Q9rk&ch?&qm%FDha05O~prj*ccmeIn(vi8Xz1)CMj? zF5SNW$?#wM`OBSY*REUiBe!k7tqVzaf4io$EAkF7bW%E&mV$QyXY=Np1iBe8NqdPD zQNc#L8(n%g&+nnc??r(x+6>r}`eXP;&x<_g%gJxzpH;Q~z?3@cl-SG6*p4Qm;v%1< z`I7A!?#RsuRX5pu!+fd{ayxK;Z1LsZmww)01*bYtSeuqs;M>%C-VAZf9k1V(4J_t? z`x}ls2uR=a53XV0mjM|ZRbI)ao_8g2qP8U9JZX}z{yf~j8=AyO-sct-v?Oj z>?{a>4ZV4^X7WUUZP}loPhYu4|1x+N(8C{aWiX%TZQ4$*|4&v>jasyn1>gzKP?@l8 z9G!GUDm$BVS3j;C8M{jh0Ur1h1aoS0k@Ndq{Vch7OT%JD+N@vRj&9u7B4%W?w2@o> zJo5Z>`~G*p6}>P}*Ehg!Tfk17yC2PXO{@E`r9LVX^Uvs0*@FMLkoI}tr+D`CLG111 zo~75)8k|1^G|AU)SG|?53rYO5t;a^({$F4uQS%o4e$1cJC+cv^N2aHxxO2JQKdjEM z=u+MEd6MYAg&X}Bi@QxYM}BKi5?7;k5wBkNYn6>156~fp?jNIUN zcXM*8KoAL0s^_4#hQB9kMQ*=aq+j%1HEr-L>Mqe}4yJ3+R6bc2O!x=9(t`nj8Du{E z<;xeBUMXib9$7U3w9NBZv06!mp3Prh#$M8N^E3hYDC&muI9Q3w*{91_u5<(GBG+2+ zXBDd1=eAfmw`?H6WC3_TWCdGFYbWjl+n!QbPsr-0lCPPTzT;gzkeLk+#qkqmN}j=g zQ(gn6%{pttC8&{+k(wS8KYUrk;_HQX zjpu293ODNaEda4t=+@c}=uHBzbI66~G`p&<)KZ6DW5L4T6+>0-&?>c+p63ZU4{4butsKPw_1<7B_D#|pvQgtXGxIUGOk zXUND$;sH`L@ozaG<}jRk%bJDBb$|$%e(r@mPeYkc0b$uveR^sl1>4);^hdp!fH~Oz zvCUMyhn6Qn>soDP7a&XmAfZdaTQkiLN858%lder^X8gyK~& z0n%b(Dk{PwU27cld-i}SbFG)}e+Eg!0~$K=S#uKV{+>J*`RIbqOX&YFkzeWgOAOWh zd-JvGlSh5Y->a@4ZyJ^-GX6XBlHTZ|b2zbkjXu$=E-F*D{(Nhx*Y`B*I$iK;l*y># zDQz=y_B@_paD3SM&oYFZkds=HdeA69Pt_SVHh+(nKn$MqpoHE9@!G!`qs^m;rZi;d z(@PP*>vmB!7tKpv_94=usZP;CaRXAFl<}A7VjiT+bVo9a*TMCo`*W$%nV2Kv(Ahy<9`#zZ(84)?=}CE4ESGsO z_+F173pc!&g;%3*Brd=e;0$UN1D0s5h=X}U3#rom1s2OqaGAwP9xQnHwaz?-%l?RB z!=`t!TM(rpvGuw_rEp)=a&K?% z&kHaa%zd4UAHd8RIO;hg6?%r?(36KCS(`7Dv|+^k_{gPYlD4w<_3-9$Kq&1V1QEiS z*;-jUcC_NvI0yUzNQ5x8LVgOl+0r>yE&Kv^9w5|lH-KzY49S?kgRBb$tT|jF;z|B@ z&+J1Ur}_5(t(s(+>@DM{O>Ch)>CJ|I75n@tu`#_1Z($-(zuLCRNeuH6H|8AXBSjoz!iKw!77xh>S)SB)zDP= z0|ffEp=wE>vsE%(4;YPfq3PKVT8?-xplQGT49r81+YnIM2iLRUhZ4lGYDzmq`ek25 zhLP@YY&=)i2;*tDMq`3to)WjAcCsh1hiA5g+LwJfGTJ;DwW|6U5|7KJl(wC{Cn9k( z8FedC$Hy{nPedeHlSLSN+y2 z9)}VQgQT)mw%4n$!4!7=yHnx~V~EgD=%yF2^*9lBo#nw0CF9mvv}^(v=mo3WUmBz&F{J zyK#Kdej?zRzqv`CLJnuA^x{i9yTc)x7+vgsj05V zQRqrPP$I9@IJq>7eJbYy&tmNj^56U}Y44q8>Bi#+&Z~+B*T|>$sk3ek zU+=xWw!q=Id9$cX)1(MQ3@iE9L`peGV4^X4dPD4fW;yJvqA%!-o7>1jgz>lk6D`#A zV}qj~VrJ^tV#O8ARCshsWYmI(x7A@LFT&c}hT^#Z-4u_f1cQkUzyFvTh7P7pPdEg_ z4uA#rdp#OO$(0eg0^A2+HHd!C+f;&I6ECl#LglTW$|_fZQBc%B(% zCoN!~<5-91!Pz6S%aU=1N1vkN-9XU+Fn{i(UrNl!5yu};T!sHG3iLOc?F;kR&!Q`( zeJ6vxWh}+LmN0pnldG|OmJG1$DYVw6hhJV(&vTvG4$H`iEH!i4Z@;tv@5vhg|FZ#M zN_njkSfxK@TlVM?=DOQYYw+Xy@A7A?y%-I3M_##oP6@byIk_;sTJgEER_mI8nv(0s z;pZtV-RbG%qN*0n)pvn<#{cF_WNi`yP~*>C{Mr-|P)Qm4<@+|veNyIB9crj8CR~Cr zgvu+Ksep2!mJW{zstZGdJnQHdjT^c%XX^xgE+>mtmIf7z`B{BqBGp`zTkQ%j64;2cl;VXyk}WjeZ44ifAP+t?u#Kh zX#o|%vw$JfjKWW81{Q)3;%*le#iW29_4cGERaGT(@yv?69ArsJc`DlbqWKo}s!HOU zBL4e1Et)3EK^2Lp8MUb4adXQ?>K6BSmKLW_zpi{*57A@+y>y9u?+YQl2Ck|qs(yh2 zrKN+WJWxh>0W++ymxV@F+j}KATFz?U%ip)>m&q79K5aL-JC{r;ogeg8M&}!e%b~Eg zK{Jxc;%32x{SQ6w-s?{s28par8@{`!_lxm!^7wE`^dkrRBix*{?;nK!(s3QBLLx-( z1jU_`Sm8T6zEjU@KX<#Ng?Mqhb{ik$aK$akB_JYYE-%paE4|kM-^>TrBCrl}`eD8( zJvDmsP>h|mvT93CwwiTn*!FR9;MH-zNpw3)ZKs_gX~iGyl@UyM&s3ADcc6 z{4C=dNRWwIyZ2+a;zobi`$@yb-Wo2P-suOFDzEt=6(!c$QaqN)Ur9w)utT==cU`Af z8UEk`AX{1ft<5kt-@3W0oGN~|S0!;GVBgG4+T@AJt^HMICXl>NE$`j?PaetXn*Po+ znK6ut4Gz$It`^^y`AzlK7tQ3y{qcX5iyP%V{3I2exgFEK<7U)ZGp?FTwC8hC#6(~_>m~n@DCYdUX zIn08!vX`N<=BtJ8%&E=($)e7D&#jf=Ce+BU?H}A5BX@i4*IckTOjj={JR)`^ye}c$ z;W3%OI7~`HAx7)&zhg}91$a?j$2}4MlAJ6Quj0utF#r|0X|6-fo>zcRTOoP-5;KD` z~V>zL{>iECb(VK|XSXJpp2r-CMzm zj*tvu6tU$H>Z8yeP{L?D;}{x5?o~kx8k}Hi zM&xjzE%!mxJ%w9sGf+(M!!x`sckVq?3rh*jG*0ePD?8_6-IGsK|1ABQ0NMqYa60q? z6udQ4P~8fUk4BHP;CLEscdF~?$jm@d@eV0IP7{jF?uva?E8Ls@2TOKADh@1DNtaasaKxB^n>?I@Kr04}q7>sFb|A9MmQDLpLLtQ`?btT|6hd}q~M9l`Y zY(O_1zBbI;vUy$A#x76qX_^Z1J?8IJf%I-%38{HSqI*h#UsqSzie-S|@Wb=w(;ni) z3)2Y`;ih$;TwcV{Too{L3HvM3;kJ>Ao03~wYu5i7n{i3tt9(p`5n#~U4)YWWS|v{<(KfGH@7RcR|glq z^x-7`2#GWI+>=ewuNZLgW52-0cJD0=%H3a(fPlEEhL9UU#4Mb=?;C1@f$9Y%Hqp~g zV@HT~Pthi#s)k23rw-yP(A&Zx8SwG&oU>ByI={;t))uK+S0??M*IybQTUj+NPKT?{ zIzYE;X!j=D)g{ao)Fuvb2zNhG+z?UZ_x_q0vf0{gj0L^wDDt5NsPf=)vg6g2LUqT2 z;i0hjxzsuCmA+E7Xyto?Gu>~wG>*`$gLzq^gB@%20@U<$<1V%1KkTo9s!a5)yit6L zqdk!pS7kr2QiX{M6zt4n&7qXn)gZpl?*JZZ9<*j_0;7bX0FqTXk5PgCsu908n|7AK zHF~7HJx*Hz4t}vW3^G8FupxkLY(uS~CN2R|Ya+e_xUSx6hj{OFXjpa|o(e>T^w_Cb zYQxna?Ic%twilD3nfkr8Y{SdX#f~?Bt7es4?c@XD$i|0H1RI}7=Slm zg}%)%_|XdR{~OW~lxw*o8_!i!G*$^-yGs9+`J8%`{T}JthU}RWnHwK!P^8A~0>HT> zL8QDo@-a&OL8OfayJlcv63=h$3|y12G>uwhSoZtZ4C?DIC57G&UTr)VHtE!&*C;T& zi!J9a;fVhZmi}M##Q%4~`v2ug=cG2&?VZQamPc5}yT{VzfH=B$8ICUB+%Yv!*6ltF zJLAX-u2(-%A@9aHDMwu-+8F{;_R;D&{Z8!g_v_aGNL>H`w-l)8YXRyvX^Q7ktD}Rm8hztYvQhhUvFVHbB@5 z9t5ef^MOGm0jLg}VG1khH-P)_1QG5_S((3-H-{=;>H#)pH919sLk=UGr~j4gh%TxE)Ffx_=2m zCh{S1Ur90(up>K|E9$V+w)w(Bg6#CoA>= zluNZ?PW}=Ap}9M74Q+5-bA|s+i7Rg_V8yScbrpOY_-6-O*YlON`vO%4qo-2mo6088 z>y>wlEuI9Dan;%KObp>93>k-wa=aG>M=^zA1vN^t&ItpR+DP8<=O#kGfx-=vqsnR8 zLYUFje02df4y)@L&N`6_eLzph#9x3NwQ-fZ$Bt2L&KPW{Dp%DP_(98R&kf+}Kj9>i z0n%*Es0$!R3P&;dw1?a0_-`ToNH}2dfhkR0gxHCa5ldL` z`ZjExqavmXhEQSsXv`l1J-#F$?tQ{G!f;i6 z=lNaI965W8fpIePURYq1t4d?A@`#ek8*Fu#aL-P|10uub751Ch<_G-OG=NCLBN$0@V#g1ox+6oFf ziYYJ6rp>wdUN*SEMvg@ZIx1g}oGJH;u$Ngyzy{mga4>$A4G zdx#?WvF1_eFhniEmT{75qTPpmDPWr=MzFlxmSf9YwXwrz)?r?xv2-K?F)(kwXe`1Q z{D)qxjO2jJIdG*8d+kFillJ2Vd$vxWGc2>v{Y%?O|2`>fswBHs7MR2VKk=_qIL$ya@`kT zF|89E1C=+?A(h1V@U@FS5(ZrM5fXI4g$+t&IbOq{c3>eC1&TDlREPTbP=Ou&`nU_M z+W__*ou?5saevoXo6q5Jweo7m>PzwEHW2h8Ox*g@#=B7QH-X=jEgraWH+t$Z-EQoZ z`nM8$-PO>HwZnbl4XpqP_S3B$T;rhUsVycpVluTFIp@$%Io5$G+6(5_a1d+`JO`J^4J-?7>IL$g}B@PhF@aNR)rkTi{9Y zeV?Z^tXFXUAQ#2cM7e^9Xkm4(F0z`syy2f(M_og?Z_jwNgZma&x|N`1)#Kd^SJ09( zPZ7)(+kc_Qy-Y{4n|miu+P-S3Jguy6dL*?^@vo0%nUxVTL zL;oZint}$CSU_}ho{UW9PhYx*5pW*tUPcW%{S3yD}wn%ABYZ8ek*d6RW5 zTMPM&)17%arF1DfK#CJ^C%I`Oz4l8M7|_MPkK#%}7%SYVGB`_)55_lM)12KeWljVf zBhli5_ar@t_jV=gm-*OkWM2_#M?<;L0xN9MfkrcV&k&}Q1%WtxS~u(Vn~L_OL3)Hf zT7pvjfHr2&f(P63pw}*^H(nwuMdr;KMP~_hCyL1&Y02t9imdrNRhrT+wZ97uNdJd3 zikxKf^jW+>oHnQh$@^ApIS6h!T#`4SOUYAqb!!lcOHj?wndk^=oohV}w4 zYDr5`UHhsgp>_~%^7dO+b1G6NXFbeaA`TW(Ag>xJv)VSSSvYK^FM(+CXu513odSs= zP!TB_ojArA2v`G*aR>=G$V?dxprPVnoc{ZU0Njx$VVXJA1%ed|#6y;Z3p?T((BtLA zK1JWROq5$x_M0E(Zt}μd+8j7EhbJ}ARAkx0Yb0*)k%&^|yUCO9XHJhpxKF?J4(?7FO%dVW?!Qh=YG|~bM?pQ#+ z!499JgJY!;ZZq-I4|l<@T-_CVmQqW%PCWvCFAN_87c_r~nxg#2lBInY^V1bHPpfcR zE!9Djh3j;*UdP7nEOcVR5PQ6nKJiX$>5X)~`1$*}`m2c+c2Y5FC|P+$$f?rl__55s zjai~blpW#(Q8Lo^$_iBZK^NUV9&DioS8j4mBc#e$C%22IZhH@06wni3;q$hF@$RwJ zA5Scu;O2K${O=sHi|~8e#EP$KK|K>=`4Hbh(IqhZ$}49rIc1DkP%7tk&}PvkwBK2x zrXt7S(&_SHu(!>tlc)}dPpH5mlA2tH7aslmZ;Ct~(?W<8FXyUd!$pB=v-~OD1qLlc zc^da=D_O*SXIinZ*8HcHN%TX5;Go9|{TEXo60JHp4CLFPJ&hFX4z9@O+zXPwvC3H- zsyBH#Se*ycL~<^)bHeizhVvNEtmM9|cmoRW0D82v1*g0z8rvOOnm`GDAWsAT&O#ho z!V;pC;oIQ5jk+2vO$x=X@Jb%jHYxwCkCZFQZ;Q`{9oP-6h`3l+vaO0w-h*IVZ?ZI4 zrY^yIkHb)a)#Y6Xve{rHg{*^BCIhJ&=4m3hxZRejZbVXTAlQY;#eZ65HzbJG72xpI zfMq=p9BUWJEkMS4)U?4bUV7yZrkTg^-J!%LK#Dzh%Or$7dxNV;RfiS+v}NnWv1KA= zrs+Qouk0YkwOLU-_&on>U6@|E<}HGvgz*+l}kYrwS!C0JN(} z6gGPf{v{9pn3C>tWE6NvA0Kgfm1gI9xMf(|k9z?do=x3n$hfEVVC zg1(8LCuFD^&+ZgbP>}@5LEI?ACu9aAW%KT+ydw)pA#O?G_;Oq151>bgv{I5&YZyr0 zAR$BDxKsf6=mGZwmFdreaU}~anAx?!TO6@`F;qn9`^#i7FW_X;IcRe3{>k|L z=ZARagG)gvCn~^`&T;*^`iJ4K(!A!zus|n*-S29ay&&(5sH4B9TfG3`l=Uq_NH> z!ylyr@WA_6l)oc4f>c2mz^o%Xg7vLMLp9C-czLHXJt_)ExAsX;8of~0vM+Ypc6uYl z!j}KllHmCa{?R{ndC~588O&$gjRdz&?SXOcZ*Z16JC)U+IR!%H>Zhy?$jh`Gf z1=d>MK>a0wSJ?VFO z%mF|XW33VYo@eQE$CD{zLwroZ^y|F>{&DQT@}^B_Q+CU4)>i7wxw=&wqFn!ENIOL9 zen_y1VVU8oR#tSuOpTZU%|TxHt2bT-&BTXwYZv;>>t27%X8aoi$*%bB850*98k;0$ z^SfR1d$&U>eHcLJ1eEYQWz7d>=QUoAt+?g+RHVT;;mr(CPttwv?n&_2Q3Bd`e4l%@ z8>ULC0UXy-IP8hI8Ib`;E_Jl8NQ?cznA)#_EgT;F#Qj-4$O4m1rz(r{)L;6+SX`a^ z3TS$Jfl9b6L}@zwsUk{dRaKd^QcsWvTGmdFl>C=v5DnfzJ#$`P;m2yZ593kfk17F! zG1KdU+K?itke(mP z{dYZZ=MBS8xbOmc#D-D8Y-65K)M8Ob&@q?#rLHhCKAEr^PQ4AFgv}-;uW_q{V8$;m z%X_Lk`n>?U4%ywo^4D2Qh?mLCc}RH;c^P}CQ9wWT4m#6YEL*&_`|-YV{##gVd@KUs z>-xrfgw=Dk({8o)SisrB5-79Mkl(v>cx%-R2tPHWEWO$5!n}!}1i55YIr++>pq^pF zQXd6(I{ky2hrt?(^#-*y+*LE6PA`3)$}RgvbF!cw-;mz1x4^3EX}lI+JYn(TmQ&@4umf=1N##BT`bJh&w+7#_S^?8)2kW(iONKnh z{@*!~XBLPMqR7~Q)cy^d+fV_m5cEenmp+C3G8+1c*Uxmc=}s7y?}5--=AQ3G$F6M9 z#H#>{iQAmfaoX}uQC9L_u|n&{a{50 zO+pg$P3eHpAuin$0FXXP6O4pgH#>(v)#EB+`;n!D z0jbu$T^cWMHd~|3?m;8ny!kixQ{jTVh8+8yy59ZN{^E{TKNR0it{6lz^LB6;Q?rey8v<|RE zo0wcSUG6Ip@GqE7bxYvHvmhza5|?Og$e7>>cf3&@&_=8M9|m`yqq3a?4HOBSAn9>E zPF>3@2&D5-g<8C4N&pH86?X;X$NSB9JW7of&l%O^4GSpV_b6i+8DEQgFe97k z$I4r>VZRmt>@~^7E@}{=#8E@#y7q;jj7cldm{sH2HhQ#6Rt)8`Vpo3qbVim2@^W^C zq_^hFM}t%nw=^6>^?Uzg_^Q}AqG7L@*1#GmnCaaXLloKq8uMgDpJ$^u?l%rxsiOK> z7&!6eZIJxj*HJ0aXFNy09F!xi&7Z{WnAICSo9+PVBwGjUov<+sGNcg}pMuP%8E3gB z-2CTkNhw!tOVFp*B>hHd%JZt-}3g%en#)^ z5BKF^0s6f3mI!NaKtu{GVts^Ruy|AIn8@iMRYifDE5dUU+UeiaQiT}YglvQb@Wnfd zr+V859}P6TXu)qRO${n1F3iaIPh}Lt;lBRAO}I!?FLJ0C2re{Vc(cvvU%5Ch_IAN)GHyr`5}yBbl(}` zu0N_DOdX~qbZQRJ>N>u7)~U=T+1eR0ciPn>weJwS!BjMarPa5jJRV~GWJAq&)gSuC zdbuGN4u=3Pv;cgSGtY7j??XeKILt`Sb7`M9>*tzS!Xe8A1;q4VY%ocUf5Gm~3a)_e z%&KMb!(Yl=K3E*Tz*z4fGI)<27yuwn#GA36(NWJTnWveOVh+i?nTmB$jq$A9DGqBJ zks+<17{@UBGa7P0aDyza_gnjR4h-j>LU9sv$ghdVzoieeWjqGoA}MgOiAk?ua7LUv zIH~-6@sSi~`nq;5odo?=6pPY-+DJLc?oFaT-?Sq+?ztN$CZM? zeJv@|*}Rk9xiFOBBxAIfB}o22MmyklFN8GO6`#E075Oz~%RkzSFI%N_cn<5*&9+ok zhC)a7+QqI>WV5QCpf^QIGTH43nt-3>En)jI9>RLmjSaV9Pvv+oN{XiYAt7m>9ymu$ zME7pwI_KtCzgiR?>Jk%alYoVs9q;={0K_oP9U7t%QmkqP5emXjUM!;{7we1L6OZ?Q zP|v;5gisDJ9BF2Ki46tSx^iHhPdyKtk*?KaJls9IjT~Em+PQ5{V2=W3=kdl6`}p0` zwYgMSiw`%|3aFyn#c)lxPC}LgCgHrInz?pBR;qWcEo|toVQOqv#?|v~*Un>(6}$xI zkLg`mXRiigrZEH6JpqU64^Y&qj z+R}>RKQy6PZ1oB9JEVES0!&G+J}3|@*DMx@m(IO&qR39sNZ9(?kF0qOC9PVSpO%YF zhxhtC3bCXPwRP{#wW-TGJ+4Ed*jnBK(f9PEi=^R6tlxj@|KLfZuH84} z9L%cBny_rUM(Ms&eX;wcjGTnVGOmE*bO?J(+@<}UaI8A6(xEJ|vHow36|o{*?AUbY z#w>XF1+L)?XG7YPXx1QqhzKP2YO*FEjHrxo4|9j35zo#B;-=S(&E^p+nXC8{36%*E=3BR zI30R^Myu87Y)FZ?Q;a{UjIe_;uHa71pN9TJ2+TWFqqJ9K6UOG7HQd)dmiGh4>8IQc zjtjxm1c>~UI665GR!fMYTi^Lg+@;op`fQV9fN#K~gAHufi4wwKYM5Om1f~z;0sP+Z zM=x=7m#YNh2ldh3-QY4~IF(h34E|&s`=Tx!L6p}*b!@o^#l2!vly?iU1|Opx`4Q&E zwRN|*y@?_nE`nKhwTLy>s3k^V8?f;MPKTP@5u${=kL@&s2SU)^cszt(eZdxbK(KRR z@o<@SV26RdfHX(C@=lk(xa={M`Sab?lthCHjc5uVlAzt$S&A}8M7VB8f)lHvW zSyealgTQHmCsKr3VC_Vw#A@A+ZVa--p6AwuY7QZMya(4K;Rl}YhG4fMF04l)sj!rzN7BrA7zrKS`-fgR-gK9yu?cfe; z$3gtTEjb2yB_+f700vyqJl?-Dt6wc0+te}@TuU>i;Ybbzlw{Qwi>9;GStwz#=aRP0 zn*Nd>cWsD1aN1+X>U^rR8w5&09?k~9>VMK4C_DvOD9af_3th0FiK+Ra_T)dVjP7JI zhUQ@M;!2f*!Q>iLNxXT0(?%mVa8OJldg196X_ChcdSt@HjIKU*w-<{Jw^n=2QX|;b z)UHRgRi~qDwkSk!ti)c+zp&1MnG);6H>+chZ}$jNp(S54gUw(@;aTpV0dT=INz4YKqogLiR%ze+o3$g;)zvDx43 zknklZAbI()Yl~St`LmA=RvsH3IMZ#mlGKau*fH)4vqCG=?A%yM=n|%$s69Y{x4Llu z^urIHf_TU_I}KF)AdfY$5=9=0RU#cCJA3bcy5o;9rnp^5(1R>t8B8Z)?4lzYtdK(} z7O0YglxylQ3w^dI&YQ2R&bCu)YQmjsI>Kr-baH7Zr> zf*R9K)O4qSGq92?>uYEAmW!&@0P9CaKP7iDTMh~6fe6EE4d@uVON7$;Lu(`wn*!sz?mQ^}EHjin?Vibf%c8afzYA(v= z(SjYEhDdkAb~~=noyQ!J>X9?0B#GLRs0ze7@I#edrfvma55_)4c0(J*(W<_N(*#6e#h3ytbP7>xJKK;l(IrlKIWb8`|P7|5(wY|JkB= z_N`wB0g6lIegJ%vF&EqmGs85Q4Mnrcjyqz1f zN5V-xlkkSNuVO3iS=b>@>T85HBjNCTw$vU7e`+N$ zrdKL2W)C15T`>`y9QgMH9}PDCc+Igj(D-w~-9Intbc3;ts1G5J^=L%{oi}9EuDYds z<<>267;qoe%!(0Fh*oxE z`wBpQ{xaxwBrO|D`j?KiTxSxIRIdT2JKNx&e3p%UMV+Uo+3 zAW!17YriV>(!W+mAg?2M7ygwZo&-R&Pr z^SLw8#>q{D>JsscEu)wDvcZ|yLZ+SI`>0LU#lWWVbrdg%+C3>!UD?iVjMc;?kN8@s z3Z;V1V&CeDqhOA&%g;$_`;&~b1#YPqo3AS9uB4`sQe9wWR_QWUhY2d>Wnxla2e7LL zqAKqCccZm}17KfthW)`RQC-+S)Ci>}IN3j}jN`vpv_6txGmyWKdI^&3pj2Y-Kj|mI zh${*zh}4pbUo;lLQNF0z4omQKaw_pCUb%q=bH$vi)Y0owzjA{)R{t#H3icDW81ej_ z)=Tzj*v{dN_%EOs(0Gx&_Nh%5nBIYIBQ(Olv4{C>R^Idt=Fc0aOAwtGcYbMqGCzYL z*(bW+vW!=~#ex93?HFhHNaCTS9@YnwRY3Mt9{5uj(Bqr%|IhBr|IY)18*F1P%UZvU z-`e0;VJ4u7QttNRUj{?@)Lt&;iy^_>RX-rXgY5UlT%-u*TCTDi_yxpQ%Ks=_@$>cu z>|YvIO>`4$U0~N*J=o!FuUOD9_K^8Tv!9k%9NOT%n6Ob-n!i3w{aRab8ejk6)uPvQ zx{Ewse<|MuIs5Cwbba~lS-SI~{Tr42^?v%GqJ@XjZ##`I$)E$m3la$qk^=+D-1XHD zo>;Qn?N!7$j5}pHOxtt`c|hg#l^bVsq%g{^x}U&Ol;W^R2@I7 zMn^XlfwR8KI{Tnfk1_kLt{jj^-tO_M^DvjCmS3Q(QhJXiDOz6rxoY<8nT-mefxf&0 z2ng)na>KG6bmSAvLlhX}sIZCj?!l5Tass(Rnexg(Da^B;c}r5v>=VgkpI&0tc!h3CoP)I%qF!}R#*hs zyEL`BU)^~90LZ5C4Z7B*o7uZoSJ$p9Q`6UTMhplgZ!dsoi`4SQzoe0?kHBC!vf-j;sB;xfZ2UR7|swtk{Xf&+{#m`$wx(q`$Q&+%D;4#yMrY6 zMHkw8cl}m_I$o&T;kjX{7Lia14Z;dis=<1~F^DEINU@U2J+CG)+<$CF*>vJI7%D#2 zt1VR&&uZ8j&~qm*?h=ZLJ>E|d?dxXgJF0_Z^LMPRs%ADi|7rqIILKZ-I6^}`)-S1Z zYL~djQl_oHaB*b$QudXO>@Px3^p||vywqAnizhc8u5A2atS*Ll6_OK6YH$Pab3b1W z@3#zRwuLig1K#yOAp5-JyC;_!zD*8cmlclakm0`SsOe<4%Hk*x2Wr95a$o1yo5rL`nZ~=8 zjBb4*WI&73& zX;$Q{o9RcHL7^!XRljc}?6RS9t0PUJkdmi}Gbhs|c z9_c<-POR#O@t?Eg%!X_Ct6Q> z+@KM=JDHdeNkl~i4noHD5Av@19#)7}+x(4IC6JclxIH@R_G`am^j)*HOjUgBATYLb z*A>SS;}v*F1@~jSgx64VvoyERS^AZD**%K7AR&j2`1QI*f5JXhqCdZyK!8K)L^0)h zX59-=KTo9#>8-5gvHrstN`*He$1SPLX2(+4|7w&Opeymzn|uz6l%CwutY_<^Rn6_y zYyd7_X%G{A56urKR^%j)k*OMv|-c!3+I3M&+ z;iChLrF$7Ti?LA*Zdko;8g71D)+1LPkt?k)UkB81JOuu6;~zq09q;>GtYMwRET}xW zWVe3)`k5z8H}>lV^hS1F!%F?n)z{*O?lQei1FS2_G>|93tQawBJ_l4Ii>#~ft3P@C z=(Ds%y83n-JhN0MvZ6-Zp0@;dzj2bsE)a1uzR}P8Ut`kf876Wx5I=U&!%%WkS_>>ifd1%?3Xx zCQ`sZC7nw<$L~<{=yIQ9Q;|FwU3b3%YiWJ?SFBYidc&)cC;ge@Suo_0>`={+bU#Tg zyM_J6@PTsOEwhoIb&4IH@-DD^Ov$o%BC9J2gY-jp)ccRYiS({1fyABqS(coKx->mU zFNENay7{=N7uwk%?N9L(?)L)38QC;b}2jsFJ)Y3Y?#bHp#uUs0W zWI;37%_+Ndz{hI0jq>CpW+vDJ1s8a%1rK#Iv9`(FVUDEiPUK_egtbQ9*^Kr?Q7su{ z&)^EHPhz*P2$5VM^$lmeINBsyf?r5ED)%1Hh`KD){J~)n8ZIc)td~blwb@QtFZK!Z zY5T#eoi+EYDVV&nDGRep?lghniTDquCJLm-yqIy^d~DYI&RWx=3;R3}q$$)Ur4|gn zx^vLi(0V|0aHpXgR3t}0%n`{I?5(Np5f@ZHx&shrA}8kBt}aorjQCy^Vf>ehzv(0` zsRK*nQzfUD;r!Wi&VF9h#o4w?QcX{x%;Vj;g53$2MCkH-5 zRJIe?2+6KDI_x7XU793 zsD|SubMf<L;}aubz22&0VdkYjZB$48o@)GWI{=qr!L$IsnMI)o`(2@w{RFAuF$(9LBtqxFSiv4 zvs`(iXI~x?zq= zL&m<730dFW3_?-mP-T{35@qmE%`duk3E(NLiCnTBtzByMAU5XkQp1~h1c< zhNJ|g2s>!c20aU>TDk7-I=SU4gMa0c>D%gnO)*n<{eH7R&6d)#iI^jeJ%l+9m)Qvw zyYoGSC#*u_jSUa_uDx!5hb}*!LPdH$4SP*)*LW`iD%dWwH$u(~)tBbaPBcbb=qE@X zo(q8zO4_T1REWb!c*2*3+(DEd3b9~mXn-fM%Y@sKq0vx$*Vgs!p!uk@4VABnygy7{ z!4Yk7c)OVC?FxKYMIzbBkI&YdtE8*}I@q6Zy|CjOPW5S#{{@!b!(-=(de|^|{X2z? z+pbK*jNm`Sp{GieV5t&+$&%kmnv3s<*A5@J9(ut4WEoQ0K-8HX*ndM51<_^n8|kl= zDb08=TBczcN1C9PyNu=FLv&q!I9mHBntp0WYC7x=mSyyh*4U}^&(I>6TR=i+6U36nu~a?B;lnLhSoqTv+fy&{HPqBCrBu6eooTP zLNak=Eod_mn*_UJQsg z;e88{1bl7)4dTs{;?lNoKU@IPIsw{B@NNFvllCJr5ukC9PTW@+Avv@%bUC00c+=ld zAWwm&cS3w-)&Bzz{~Puoks^Wc)XdZ>XiQTV21ZV+tqGiC511P#f|xaa~=HtmwT@ z%&TVEy2bGS4qr-93!6vboS0uh4as?_jCz=A|D3Nnc((xgyh;fCo{r-RnJ9`No#cI4 z^Yo-F*7O8&@Zf-nr}VbFXIz!{!nmKirEJ^`_bEVuj-iu{&u9f-hW3}7hkFZ z3(QOVVtsCwI{U|1__|6Jm~LyT+3 z@pIAvEkmtSos^txvM^ck2%2G#)CtER7;&CaQEOF{BwUTTj^3H!wY2d>Ihn;;nm>MI z$bqGjdr)yTgU6%n31VNHTVMmKK=4gq3+u%RFONR5|98o41^OYYV47WYnl$)U#nWN$ zNg3vTdTG57S1$|KvhXtyiR+||vLF37KrjA|z@!3aR1y0E6DCbD`;)x;Jz2%rA-86= zD%EA0wP=9#xel5)m$~Vo(tM%->I1gG=dJ84K9v1S?0-v3swctlb;E!@!=4Z+g|v#T zJT-nh<_SUqxD=5MS)3JgCjv1fVzr|7WuKCxX^geaV-QzT;vxAK7Y?Y*nl6df$Iv zr<)XzRXc=DfeO$Wv)9?3w*T@kTTAeyjh;M7^eS)dx?{VAtfM6Kqyr({%pYHGzsqw1fkZ}^LX zBhK-6@6u_j)f?*bT`*R>IrbTG>Wv4mD@3tAIJi2y*Z7UlbFl^j$_BvlN&u3JN^& z@0|5>Qu-af1uQu^d;lVnB=OyET;Lqi8AE`2?9he#cwJ)3WB-Dub26$}zy9{)hhmf> zPYwIExXc!C=cx<0ZSvozm7Z&qIntQ<9k~=WYBm|KyUc*ww6%QFO3!G7rzK9{HJUo zvPYR)#fou9ncJMh>%_@?P%|=6iBCLZZpA!)vgJIZ=vV%sGKsh5CN!bn4GGm}JLa9f zZA}tP26{)OX57=LV^#-Q<#pc@iLQ)SetY-el#jb=l?$r5lLLu z5$XNh0$xDG*(|##GBEVSY7kQLz^t*-9eF(eMV{PDnu7yTFbNsTa)&pRudL#J_u7N z`=Tp-T7o=zFeu|xdG9BAj^&dn@G5DFU-F=_RsVGKV2NIDxHa>st?PslLvpU0Hhsz_5--so&X3_%oinZV;4_n3MA8EE`THxY2mQ;L8EsnHzi;G$oU`eN8=t$yX zvTIgh?=l*C%CNY>0>ddEeioh9QWAMOWKHtn;*nYs-=yfnQpW(BEPQ^AY(tr${RUQ; zbuvsnXYHBD>QYBZ(?_{YTasLxCpFX2Vv1cpA1`9aV?bj1boqH6cj-g!ZwmiVw&Sjq zYLj+#oPVP9!S0XzVn%o|VP_Rhu3^cXE6+OQka)$ut%jY>gj0W==~1M5xO$n4k9;!u z0pT-4;<*&tKCGry%{FHergU@7?j%2Ta$6P$<7~N(<4*vJ6i|_<&n=v~iPE#b0ri{( zGZ;z^RajrUJpRQF3nPyQs?anY92^qn+=}Kgf0mkkwb5ua&G=+sQf*M#{ zS;iCjzj*cNXmm(pfCp)uvff$I6rr^IX=-vZ1B3kW2n^`WyH+X39clrl_*kGr(Zt7P z->(tx7^u`bzDGyb2dGh8!@xxE?%m1`tn-K1kh`0P7SL9&KC|S- zq^D5*X%chQKU>rm6`2T()df01M}8_2FHPY8Xf*5jP*9*O(6q^hKJ4Wh{E(^erbQ=P z`k7RTiI$euKtDT6MLZ64_bLS5>@!Pu81l5D<&$f;dV)(va`^ zhNTG-*P45Gk0o3raXE~2QJ=2pv3^AbCsfm7Eh9sPUd6telvE^@1d4B0kDQ{+x7aD~ ze%VyeSivNYPC_a)dD8%$?9W9-MSE5{qdu|Av>~+uC-xU0EE*rn%XJ05Ub{JuzL+g;DXI_7TeW?k_R$=Enlh-8G$WdA{8G9vgBC^P&W z2kE=~Ok9_h6JFD^a@EDJew?O8NMwGgezRi^VwuQ!aeaHLLBBVVUj3MLvTEW%VPJ2 zLkxeVi z;f=k24d`@DVtzf-CJS2uDwNpu<$ZE}e@k8bz)t#K9G*Y<>N3ww!S^mhG|b%{vY+GnA! zZ?@>3)LAnSRh%SFnmB}nXBUXZt2q|!0io}@P7GKanHFzvV^d7wz+g%X5exG|rGoAi zsRx9$VTh^3(Kx+h#k3^SQEKi)Yn*Ohm>&@HrGyWuw@&bK@DxeNB2*qAp>GiC>k3F2UFU)j$2x|h!!_R_U29Z=~}$c z7sf{?uMWEGXssHqI1!iv$t3z)!ItG%blaETP5n5r9tuON{7}@{YMLG*HZGt47l<{e z_Cd~!enQ|ayrUp&CfY?ypa_bQb<;)a7J<0k$n!PBi-2$z-%Z`>>YP(WG9WZ7)-CyL zPhCSyj0_I-$AVT5Cu=?vAEk|R!v8fyxGY28WC<2RWju$5{wcqBkYv;Q?8>?AXT0_n zGOO&Lsi=U0AX^X;BT8)e;Cu7eOtWig;A;^a2-tXwUSau{AG zdUINn+Y8LYeJ>^}0yy>LPLi^K(N5jU^`E^r-|1f5Z^{AMebwAiDBag63@T<55fqXy z-VR@Z3ir8B-zc48Y-H$c+F5yDwxMQIZz{Eb+JtK#@-_;iTFZ#gdh^p zEJU&8@L7>hoLrUCYV=con?#Q?l$RK7(<`W5ruKewEiM(dRELkQrpcgUQ=?zwfr9g^ zI?V>^N8LXhMMlpiC->4oqXe3~d}Sh^+fW{p{CMo#_hG>0QAp>jlzd^>vxso$E^y~@ ze%O7}_Homhfw)O6W&SJt&8{9RD$)*KeGQhCGy+EFTVA-SoRl?=RH0Ktpn{v?aMXo4Z%z(Te~ei^bcAxQpV-_1*oI_D zM^Dw(1}4_&oaX}!^*@TtQ5r627uCkO^w;3I8uZF(XF0QbCrd4b-`}KeZEv$aRE>Dd zAfLL~ZW+rU^7B(w8NL!e$=g={pa5-3m?h$t^Edxc5IYOYDzTJuUXNlOQ|a0$M%Kna zV2Rzm$AZc^iV08oxX!j*z<1BG@UG~zrjmK_UD2nSnlXPh4*cBI2+q!`8uArP{RoN! zp-Ao1cL{!QLb9Mk$2agZRVKX(#lZK|@??2G9!o7GS;MSWeyG@VMAI6Ie1 z0vSaX)Y=0q&I>pj@_!9PjXdp46_j`mMKi_P_D5Y28!`M@7KLvVC;#*5wTBvG`7#BuJl{=UeP&c&=)7v(C8Z);&ha)qmjlNyhn0O zzUsptL_y-@jgyq4!ujN)Wlzp`9H?+=B%`yzmX!&#f{}wXT+nT(I2X)3>;u2}KVt+7 zdrl7Zy_`a{`>eIBVGl^eDW8wMorb-OuZlPSeL$9$ubH?CF^zA{)q5&HU0t;o8$H&A z>%lt}EeZ)lLhiC72lD(%i^d1^pVjkgX_*Kb498T{5SSnR#&*8MxO#FseHhbv!556U zqwSSTC6}zBZIDh=$U>jY*!y|E`EHL0v^j;1P6Z2G@(EOOTZ5(+aO#yJWKFzX_Gb(J z1*30J<#AXKO#{PJ<7hP$*l}66I&<(5R>o8=6Wr|vz<_3+A7IP2261|%RXlq244kU# z2gkApbzooL&p8i$k0?5d2vu2Rn`|lSAcp$9k5SPVoQ%Y6N+?vYpUT@~ktkPz0;Vy| zhm-y|<;lWhgoMwNums530X}KTZT>R;bV$XkY^(P0BANo9s%+JdBE&v~&!1aR zw{GA72saKhV)Pa)_Ea$Gx{0^9;?rG+vMH2HyXO5~?nvs|-)31X+rO+s)4e$ktDi5W zIq!+rTDyGjEtj0PSCo^Ydv$*I9fijvxVB=4hje4vIis5Io$y}TVim!k#1kuDDn@}& z|L};UQ(7KYKEo-lZ64)l%_T9*-myDoHgMVP$#ZfCpu&Mn%jH!1FHw9(F=GpmA_zc*9J0eNE>!Tx5Ly|-(E$d-1Yt2xa6)H%_bP_04u??u1 z#|Bd~bznA1mgpp8VWK#rhc7iFI_Wfs4WA|izeb+x7-?vSH=YKe2Zt#p(Q0tc1mhBz z&1B+B!}3cXO}In)>a38&!DbS<39bs<^o;6qB=d7PL7izi<+8IFgKyvEdx4WXQBS#Y z@&{QRH*YZjr9iyX_|6Kz(D5!7+LGX70-_)^`q=TL1fB*I{S+2;j6=Jad!1pRR2ma; ztvIov-%mQoRN$I?FOOF5DJ77;bJKw+*s!@OY2MRIKxs^oHfbCw70lo6z9lC6^MV}`jwV)7Am9UbnMFu=!TxbzQflIZ41KPRc zF*K`a+R|qWvvgEo;B~6Jy4Oq0;9lgm{)SP>QHmTx)}M51k}je$3F^MWtekXv`!~bf zmKbZ5qX9s$r3AEILJ0I+m9#%1PJPoflB9xMc|vk5jX;!UGKR+CbpVK2%ZZWr%f6P7 zS&Z#=Tij>9!n`TJ>*1{$$sW)*YYp;?16=iN-sul!8rL(O1cj>NM2ab`?8zETAz%w5&o-L~nn9QNAK+ zV!p?eHj>@m;FK_?&+dqGDKGhx&u+~vtpM3V-#8c^FW>dS@R`X`w*S`Z3VH7EdWXJim)Q z5miW3?;#gtbHhd;`VsW2OXD#n-bf@w02nH5?!bOoMHt9QzKjuHF$_MQcS4>Ijz~il zl&eY}aj45Ta(3gC!d9`6GlrC3@^BuH)KgVCq=EA4QkFnb)qkR|?GL|n?^NXA(G#{K zvzG%N;Ex?*Dn-Nk6iBJC9*uGR_aR}%4ib7!EMcv$$$u3qzZ_KmyY!yezd2nn#Pi_p zXB<9&c^;92?fhcg82Mi@+J+_U3%OoQ#Kd^}mq%71mHX>S9X>qi)IL=GG)2^$t7;jv zIeW0IA}V8%rx)(YT#zRv4r+M=3@i6|NuQJ_Q+RnnX&)#$0SnBNN&F?S1BhPuUC;)v z%xgFK`jUD$ZbZ6!(<87~*z6_006WD6N6dwWM#^%{u=>h9Msv=!*R=nc<2FXOIB60t zWY>urZ+Evi6olB4@$*GUlJXu(963a8yeDfTlW=2We~-rIJ2 zWAzHG^%9)Ks137HOKJUto%+(kLicR~!S<2KOLIZ}MI)nA`^9+fJpL);RAcXE=eY$% z3`fk*>9EiBzptiNuJyD62m)J-&5Z@8WMaH&&xcT+!4XU&M(zFR+#^7E(iD$aTFP}2k# z1zUj9yd9@#4pX~B_EZ-pqd>YFO!a5~+Q!27KWghy1z4arHD+J%5UR%H>Vyau7! zNh8-Anb}15!|`-?UN4NC*@|Oqc{^Y6PvvbgRg>o;uykX6@5aRe#tL^d8GYpO9#?u0 zL5&+Tk2W})-cSJf0y;V9CDP=HOQp2&YO6l1srSGi6G%z1oL|84f&mlXj*t#76n5Z@Ta7kiF{vz#C(Kb+Y%6 zvy+p#Lfd!5_QUkcS1nA&&s7*=4B#`egL7+3!hgj7_$x6^1W Qy#@Ses_LqgD_aErKde&ft^fc4 literal 0 HcmV?d00001 diff --git a/devices/surface-hub/images/mfa-options.png b/devices/surface-hub/images/mfa-options.png new file mode 100644 index 0000000000000000000000000000000000000000..c91a2a5517ab0af3a7a195781fa9628a7e13d0d2 GIT binary patch literal 62968 zcmaI7b8u!+x9HEO!}cX60Kj9Eq==x3yWYhogfmbw`#NT8 z*->s_YX$rGV}Hx}x4E0A`EN5QH?uac^kOfp;=Gv)ro^aqMMZ)!A>=WAZ*HzC=V5--P>=Z~7acVbNFjkC9~s->1Q5KDKRSI|p!o@1{HZ z>(IE2oQ`k0k3zSqUVZKB6Zx(WWUf8U%{fM`!+hknYroJZfdaFeL3DkAP$b*YBr^tz znV8#NC_kTbhX80d2$KcXLP+7^6n)=XSOIB6IG5>?p2%OiH$DXV!g3!<7mDAMLvtVL z`J@?NzO?v3qj>-|2ci}B`H2R9<0^p?>u zt!+v0ey%qVgGO(WGDgg`k;>x`_bBOJFI$W55ek7DA>I$9##uYN?&32Wo(C3xhC}*u+ zb_D<-Z6K}xZTmsccnc;J93lr)qfn&^?lYOQUZnUWj0+FCQLmco)6Y{N`$Z)p6fo+~ z=1K+eff`oGRI5PqOMrc#MER4?SAs?~)K|hceyyc;XSqc(cRAIrVrw@mqRtK50e-J$ zBe~=v`(>}z13MY-;ErRI`r)s~H zQziDeX4&805BBvt2T(5vhAR}T79!;@kSF{on4pI6N1zmnyaT06A%7nDgADa%w|ceU z@K(;92vbuh6d!E~a<^KAh%4X+s#Tgod17xCmB!q!n?)wR4fqMMV5RZ}jEQ1X@5U*B zpC~9^+Zp&P9Iv9ZsF+IYf|Lh2au;ArV&E7$7K)-S^VTKL@pt*K^DPbYjv^hX`w5r4 zR*K;yzN7EOo@H{1j`JsFwQhlDVQ;l#Ldyr%sp|5vkGaawFXgI?fmLgq`0qI?Gizz- zLSj-LQkq7B0^6M$T=Ap z`8w?J_sayr`;_M%vBiA1p*wfhfZS4SE(xG2iD=yth(>nCa(2%*Pt6)juLFdEFqM@q zXXcerqJI*Xds8hrH+^YyT$-{*4_3Ag=#EIU2H_^Db2ff-ag+*sW_jK%_`rVQO>+T) zDZRSl`QNHfe4H~@B4XnG{rx;3QNYpuwfF_f+dFx`l=wE=+6wXs=!f?o=eM%9P~e=j zwx?Qyb){&-QwDV_g$h=K=L42zl5FthIO!+%$rygnGM!TATt`yMAm4$5WafVG&MK=jP>*y_ALeiyg>6;cZin|QA&&s&~u4D4|nBwu^=-R+urj8cwv zY=TdI=e&uUK7Sx-|C*JBp$M$EF_qY%q_X&ZKcE1jyIwAoTka$1XE>X?zHo4&d_M@O zT)2?4H@q-jZ;NwclM?B>8$-IcKlh!D&b37gy7 zyJN+4;~j|-k7M_Ndd8pPc2Wg;#?}pM16knW%gqpHi&4rRYLq^EQuZX<%mz68Q8=63 z_hyJcJ3a8fmaoHj`6*6Vf58+=#&{+#Xf135m4HDJB2`Oa!9oUPZ&^QF#OeW80j8*N zB0vFN=Yfn96Rm`y9|KC2N>7QFR}tXW`((EX-cicR zW5xlXtlS+dWXe=5SXfvR!vZ0=9oQYA`nv+QR{re~=fdjdy7qWHA~7z3-N^l28Rx>! zH7s$Mu8TuSh?Tffp@nCOaOz&_IsPIGo6aROP9$ef3!!`nh&x4p?uB2@FSXOqHPW&+ z+DJfnAbwP9ijv|lz+B0EKnVp`5pUX-QpvXSW@4O>&Vx3GBI@d7{>jX$081Ek#v8OQ zgLjlC(yvgGBJoUOA#N6+MEgzgNKQ^J1{RJDLpsJrf}Esbxl=)9ctwPEGe8l4(tZ*E z8mB^ZFgj>dn2J@0AOraYEl(E@{X#Ca3QZ2RNWm(iy)+sI?pdyoH%dvwCts}@lA+QV zfdS^{GN2qTm*|3++_uOm7eY1=&2;*Nez(2JI!gM z5_4=o_n(cR2X)4A?BP*J)~K?20w8yHSq#qu@E$Ji%p~UIv?b0UY@4LY3x4xZk<+SG z3s?YC#*XrU6}5|(B`R4sNE!%|?%Q?JLRN&0M$XdSsGFe+6^@$hRb&gwOop4?N(K_( zp$h|OtM3aNryYmq$E#K?m@{jp`-xDKx0J3nMV`<_mAicN`1p8xOW2$TDl=Yk?B#|m ztAbcKy#W4Z)>r}~j65b@b?VVdn7iyiO3_$oJi zWKE2M^4%bzRBSDaQxNGW%IsqwK1(*VkxIma zKgJ?B=N|GmhTw?N0*0ZgWg!l{iZccA(EzSWUygSM;_meoc-dMjsayUhI)=!0jyL~; z$2|TkD z-H)&2gM7>Vs+^qRd9wV_o%U-A$w|toNv*gR5nu&57pBj)mtPmG-?Qhwfx$>q=@l&7zMz7%X7=X#O$uCOJ6obhjV+rK2E=|4FHKoH4rGWGX^so` zhB!NJT>i(`yY|T2R|i??3EI(x0hxbX04B4OV8=FEc>$!8? zRc)@yDo|E>B;xZ2vNSl-46_8iDuq#2NOy9l>2r8gj6lnU+U@iVNt@GNB-Ty&i7XP_ zotrmL%gSZ1cH7zl?P@!cFKYzPnQZp0ACoRG)U{9>V+|GZmh38KV@yN?rAVglHi?7z zWU!%JEZgm#DDHK$DR8jA;}Bfb!WL_~3y(D& zov6rsi#{Fdn^3GOjZfyJ57NhS4SBH1N6b!2np{pLsV^}!cCJZY_S6>fP^rIsq9XO7~1c}mH8$-uF-Uem! z<2s%6Iu>JlwFQ!GFb+RW|A}kZ4xnkY$QqjnEaUH@ICWPlxZT5h#-`bsOZ{drKstr1 zH_-;fjzMVWBF1QzndI?I4S|8up^Ci6pbMm#+lzU_x_BOB(oRuSMTl#df(>{HDsQ1| z{dT$r)>YQI-1r%%`;IP#F3aVmGREl9uTaBDoBBGkXi_zAC;zbcblNrIQ8xM zsUr!hlxH(P^UydJQj0Hv-GU>~d>fTmns7 z@w%b|sHi*^NGwszl<@-6nOPD-kh-3Fs=3DGIwNL9A@z0$sTJc0+E-pnMQ(2Hyk1qS z;1&yvG>j`$KxePY=tQW#Ah>@dlydy%pH5r`W#%!tG%DCiIEn35LC;b1#^B}a3u!?a ztrR6=nh`=zQ9MIe`IvmnoOs~fkQWC^JR|(C}}XQg7$oS{1OlTmI^Ho zJ|SM{wpRicRkgXR%>%RmW~?Sjn&$|NXo zs{r{&q8WsDyv{;D$KaxzdN3;DeR@T8~PNBLnIjB(^aw^H(&@IXi{tE}t z?O!bWVt0C41pf~_gbW4cDZ>Q3P}RRV&!K`~B75tQHJAwDzWld7Qt7y~Mr>X+67)FP z)qZkr1wn?#Ri4;-fg(htc8`b?e-(TVz6X8orDwyxv~P!MZLZe?+hJyZ7R?Pg_O-ns z?EryL#5PfNxLi!qWacW6^{<0+3x0H?2Z`^3IKn7-pf8k3qA zl|^fs$d%XFv)yV*PS;R0ddLBmX-hi_^XL!I@}t!N3ntBA^W+)0k+el?ky(qlbTfFX z`+Wd|6O7Z4Wwhf&)1CqQvBZKTLTS#S$6Qh0pSrwtLO&L2V&cI16oonE+KT&8?1PC> zp%radZ;ZZ{SD4$*c*=>0K_Z3&NEYlnAxo*)_$`H>nuZId2UyBRX0>{ie_?57N)okN z2LQoDaahArjgSle6v-o#TuB;{Z4B?0blS!?VIujemJMVCXc4kvPAip?M2dlhTD2IH zQ47|r$fZ&=s_B!SwL;qZ@sx2TDpZZmvn@Jggo8wA(i4#IyMNHWkl*#R@ya8MC3t9} zB$d>8uDCvxC(p@pJ7(z!5*$0=sZPD3JcP0XUI}Y|L>ePu4ZGIPxd9Az#pC0VVPys! z7*S+`-LbPu`ew(Zu4Dbd(n<~ClbWU8TZOySWWv_yED0CBT~5dzTq_21u5M4zCWY`puO*U-}Su%k^{BvjD4RVw5So{XB(d< zkM-m1Mx@B^BkZq)L)AiH3}R>6L1-neGu&P7C&^# zX24dykL(BdSZ>++kt)BSBu|kl7%wHE3yg+wWVSQ?9MKIX-Z;$cp1ol6n6!e^M062qalytQk&It(s69HxOeH{ zU?P)dBOQ>%+F~2X<{#yk2+WuL&`XV-b+eVoER@p*XuOMGqGbO4Wlo3`+wHE*BznLP(_T&*F(KO|CX{l9G?p3@|;I7-(q!i6X$w@^-!(u~6Vx zay2aUoz4zYJmf^t>%1FoA<8*VxOfqnFfQfbk3BW1%>JXwIrk6!?0<9L*#Kdq@A!@KaC_5bq z1)cfOvZHBU9CkmvPet(n6A1%99tVjX%zvP#CSmClU9Hcsc>VVAk_CAt2Sr7O%{ zxF|;0N^F+>EOS?V3R#$;TDVoX^5R2rjOL?q4dVM5-{P~k2T!x{SX_(~J;cNvEIq1C z3YCX`ue9@K~w(uZuv+=u$FNGRo4v<(NczFkTV;1sOR-kC?Vl$MMM&%zd&W#R`Hycg?#X zP)sC9TqAa}M|oHr4v4znR6i7tO|B~L-!2EcWw$?a34UC>g!VAi4oWy!zMgRak7>Q9e zN9OvrsATIWh2}BqF>5x1jBdH2VY14Hdi=Zb1I-gwRH1(=-!H^knVT*xT z9Ok0BpbHmpuk(8`K+_SVfvksRMLi?&w}RwjyAzrsYkMJJHB}&;0ULQ=&NkH$4;B^q z(8JQ7zio4PbYzSPz@U=lYId&0ppu#u@Eecbg>4!JWX8n&7>rH$5iB)R|FX3rU;pZ(v>j`^)(o;}L)2tjV^ex!Gx6C48QGRA@e~6Wn z7Wu~#aG%Z#u=HV@i1I~l;hRD*nDvK~d(GT{;AzPi;Wu(K7Lk&oKxK&=s7Hz+5scrJ z<6sco2vauA2sm|*=%i=hZ_*CsCbRr)oClpDL8?Dic>k-xMz1ZNBi5=C!vk($4yv}P zp8F@uq90=|7LTC+%Ev3$2*M_kSz&z15uE|3^$CrS8<<$g_<=t_$DS`1u&~FMi<%x< zA7HU%a|Ytn(00Ny&b+-Hb{Yive!#^T$m?o}0<;Y`6xX^qY# z07XXH%?~RvI|DqN45;Pl-r7hEI>N2dEY!L%-WhST3 zKyXK!QZ8OyUH$v_N7j|Mzp^2pmE&6aHP;#Kg6q6@{v90bpaDE)L~zR+c;M#J$Vc=E z_ml2B3V)35hW`%|Rm27JD-+;= zt}1QrF*_6yU#fU@3UM}NE#08KO-tT+ZeHo*GgBvNkG8z!Ez4(~Rzac4!<5MJHDOl~->p z&Xn%#+A$^ZC;>)9ki%jMaNFkR9( ze*C6OXXst=-DUd**8K>dpM-%#MIu!mr6n#7Y3}yyeuU)Ri{ywNiHc-sn09%ROykn5 zce_-VG)BvRn1%?)f*0?PTA`2!cZ^%U>Td@kXIZQ?6?he{`Y}KQWWwl=7_0zAKO$A> zAO;jhSUHg!6ZcUOTr9rveMOYM7ot)rN@lA=rYK4O4|aS!$pP=P6KMUCBv=pcT0P36 z+nFALMwKxXsRx)i9iX_p(NcJU)r;+@N6!t;AF)yvkO1&X<$jbrkgicwXR$1u0+Bz< zyVR)xct>XBOr$*bK`~NJSivG?b0dEp=UYiH&9a2@g}$Hc$3&(Mw8iM;;Gt~2IlF~R$8>Y&l6n%UF;f7>j^O;dUjs@@-$e+|T*$AE{^a=q z7v6Jrn%8I?rUNSt>f^!!@6rksS(cEi!T8E5BkxyRo`y z$|SY(RdnEuz)RL)W!Kud5yHl#oYvaKA{})7$Ro~oyRp`F)o1;ryCTXVerhrI$mHoK zV$Flq_u-SPM9!*}{S9GA#@qSEmSAM_{???hkE)J{Fhh#$zvKMG)3_=y8Q8P$7Sm8#V12ey( zq)5p_L^6Nx>G@$Dh5eKEQ%0aQ8(gj@=lDMmAQSF0+VApR0N@ZnU+-=I8@o6 zlfuwT(0VlgLLWy1i{IkX8DO>~L;L`MsEZ6Z=U4wQJ=#}@$J&WMB?kp~+cG!o;Cy4p zZ8~Ap*7)$S%?v3+D46j6oE7E$7{$Xs5RX6zGO<8TBxl>!2R?Z3H%IGQ9g*7 z7%)|*YeSQFLZd<`PBW;_?`Q!J8AyhM`x~X8kku}9&&L|znm=F*S!oxv#-B`0^pqYO zb$e$_!Ux2I7o)qm)#fIsC^B^5b9DaCj^_#)*<4J(kR1*0(vS?v8)UazFw#`j6WDrZ zV#V-LE%6$CN|$Y--t&57l3^Xitzso;?dkFG(alPZbb`Z%G5}_xNs}P63pfQoQ9OHs zxhKcWR;kX8dw5V(BxK~|-ZF)*0&dK-@Y_U1-#A1IT_Q8Bhzft-2Gqk+y#Z>^h0y^A z3^neaJ9{RGJ$MVK6`35$=ivs~0oMt}Ks|zqh(MUIv^30REs=`VSZ6Q_rKd z)rKYqp5=ZDD2cH5KlB_V46?Du7e?X2#dB~xa;k3LDnvKLUHm^xI1r)Th9g{-=3>(`6hA7g&IpHmkE@Q)k?`px;d05b$L41D)|Bj7VQ(2iW z@z)+t0z16&l)X8_!itxsK8+s7*I7E1hQ+*jRl*#}ygVOMK0rx{k79O)Olj%JSm|)G z+g%7|9A8j;kbd>dI*thXrH4Ha9Rqs2!X7+cnjm?vMLxuyS|5v%6K~O!p)?|kEcV@G zhi3|Hu5k#bL>G98)v$28ugS}<8j#%SMU*c~g&W_jj7I89#6vfHRZa0Uo&)`G=jet& zk;YF4G+jMFU|LCF7MUeqm_GJL>EfRlgB}6Nc;tmJEI$Ns=(ZnX;IuW82pU4JNEeiX z!R(RtmzRw)qy;h(F#L_hg+*n&z#loFE{T$sW~u$Lq-7}a^6K8=<=!`07I}hV5MqUk za+X^RHu7`)91<1z{QNwwIM(Zj0;g+vC{oHQBaKp%vz5`x{NyI=s4pMcsFRQy<_;pg z%>#hpGHID_QL7JIWRkF>>*9&ED<+5k!y$XCtA^$LJOT>{SYZj9iI3sq>jGdXQuH?b z3<)~=$r*rr^>BZi?4%C*@tK(Mr>ypDpHa;QvaI3V{T&BXxvraiM!H}4V?^eQbw6pm zR)5{*A_+EZ84U-S9pe8*FggzMWt`uxR8<;$j@|ouhq(I1K>6f0xHF4qr;PmMv#%@1 z-SP8|dc$a9NjP?;4FI|oPJzVE)G6|r}AKZ)96nwJSoijeQ(zhXh}d^J(%FBG`o-Ymqq zd?TGOU`?9UtWA%ZAWAKgC1|c^9O7=*2xbrAPu)e*ZJ|)fkO58n9yNfWqk9H+$SM#W z5OE?__q;Y5o%1kY58~~-n}lL0q|gH355)0xLb8-gyr32w{HNIVCc7CE|qA|t?z|te!E)*GsvP%!lO&5 z;y5K9bMxzFCyIdU!R@pTYZSq?RbAt?!FMmlwW3C`+!ROQZZ9`I@NTLHDdGB00bpn` zaCtRLLZ0h$C{t#;;Eb>o#uw#t?S;n>TLbG1g}<|xId!ru0b<#U?Su!#yRlND9d0in zcUh+HSr8@uCwY|`V*Al=7qj}=+|;v?`Y0i5QUNpAin%}@YA-YwvfQK#NbmctrnCPf z1Vf4{(o;{g6A{8kmk@B6LggOuGA-y_vP?kZ0M)!qgUat^>Kz}+`z70l@%5GV9wy<$ zqPn`2h?B1GsC~NoQ6z4nWm4+A%?x!h!UJM_-A6>Ol`_cM-cLL<|JNg_J1TD*i_skZ zwOzx~FL9Cg?XNR1eJra?zeFm6lslMh`I(vyW)A44ku7Gxwg-6l>o8O?&hrtc30%*o z0;;V@^DX7)*Xsz|Oku~K464nvpG!RcGBQxCt&2fRHT7`+>SgsE-wheMzpx`vDOmD; zM^>9~_RcfJGW185mo2+1_5y`*@iHuWGQe4(e{M!^=Uh zYuODk&fnn!)L7WEmAl_vGuDM!jt(+`-?C%B>5m}B#f#yNNwPfF(@sW+;PA5YxKh2@ zK`T)R&%$6!JqFfz1CMq#U}5x)Jxuai%Htfiqq+?urHVgpWT|gUsdUOmgWU*Iq!rA| zY8ny6J6Y9R^259Ql~reKsue}`=Wv%UN;#jE*`xxw=?3m*Y2IPWMu>D{=R1UQZg%w% zX^QbK9lepY6tlp}j6^&IQA3(?oho2p4+7YpDaehs_fg2lpcSXMHpnYi!FIi)qAI-< zMLGXuBWrY>+#*)%8u>|&Tq6uDkmDJ)i5}ECp`Sx6k@2E`Tf+75~w7vQxy2z(l{|BNb8ZIrQq(-+HE}1x`aNb|6)=Xs`25 z7}t$y2J^}NCKWcZ|Ml~?=$ks<+<>}kro4cXoF*mn()Kxc3JqC1tR0Dc-Aj?5( zx3G?91ymWW1HXFtY!8M%SZWmpuOv+A)89idXhv6+K)1BK=EIeMvlrR9i+#gq78y=i zYQ!iM~ zE)RW*P2`}*#+$f?q^aq+kYD-!_BS^}cUP4Mr2mz?@GMh5wXLE)glOo2dg9Q=JHH?K zkOB7N_SdQUmt?T%X+Zb;e2y=6X!;D%mG28fRSOCGT-m_`v5}rEUTHX?*%cd>LG`6| znf=L05|&J8{iR0|SQa?0uI{e&>6%I*l?& zk5K8gm;U+|VNG4zbY`NUs&|}>E3w53%J=gp2Q!2BT`BXgSj8!y{V0VJm}`1|-1eEi zRV3T{CG}@Xc^lix_2emAfwLE9LAmdjb##Qq`4PFHf9aH~q-Uh=_mdKBcL89Onhr8Zdf&|9O}AH`1Httg{01JflM`Eqs)G*1m! z9fBjd>?aIZF|m{=$o^i1)wAH}IdMYG^Vb=^U|n^;^XhIh`q2PA_j7gomLfD~td*;& zUItGgRd3%in7?)uSI^yF-Sfi|4hpFJ-<(Pi3RB;Y`o2hdI?C$VDVy;3;lTIqw=`p_ z@}{b-Q)7K2Mda`j`)gB`g_I-lucJ$cRP_rM@bC5OZW{Z&8rXO+>zRqd&92Dpk4HgU zy$~J5HR5Z(JAyo>ddO0uM5SP1T-C1d<~QXc8Tr_Nq>&6T2u&;< zk6~e9r;GKY7C$NtGRT#tg zz3rq4Rw#kp>Dwc>|y9~F%r)ccQ=rG-TgVNO`|1#5U=6pW8~v(9{gJ! z6jPFb-#dA`nia9n&5(LMde|Y6>_R&g;ox+&bmI&IFcroN;| zSCX99cQv0!q)dvW%~V2fs;{c3pzv3fhp9&+InJA_SSu$*+hy(D*67g&Y*5HU)DINO zlb@@LFx|S6^BjeFLWQk59U=XGbn;5*XcgQ{%p2k%C?Tf@_}hSi9u8LZA!RmfHEGDn z^J6Q_$ghQ~(JXwWce+Bvn49Yklq`CNN4ob{x#OPqCGM<-r4eTgGtPX0WBu8Qzd%7rvsWaK;f?+5wskLmA^ zA#D2|S^jS4^F8!aid_3-4=PqO0<6(${R8;AnHt1?MQvl_=@l3T3bYsn^G7Ci6SW`7 z6x5hyNsq#S$aCX_8)ifownl`>-p=w)_^7B!EaDwIJNoEG9Ds+HwDUI)XLdisY;2s4 zBI%5OLU3N7Lv?nlF-4l$XjnD z1KY#WA*tM*45L5qWUs7joFI^=42_8P{G6VV0RfrtWMcf=qcN}a(k4KS(*8Y`dvRf* zj4}04oH{dP=!(*W#;~EdvC9jGZ_7a1nAqIg%T&$+5MJp40r+TyMg?G_;L6HgmJqA7 zw)60=@Vl9;WdypF#=vjS1|-FW95u-~#p&PnO0?)}Jnu2iTs5dE;u z|HK#?YTl_D{c4Jyoo$?jH#o|6KtJPz50WJU_p?=~fLK4@SI!LieS#Vw#DQjkztuSa zHP#st5|TZ8&v}HcO&zhBSvBf&QfXlfiif+N3|8-9_3U1g#N1AvHw9);&s=QfP+VIG z)|GDM=j-WiVI+@$u+z>miEphUPR)&MfNbkDDRw#A7pBI)wK6luW#W&>zcy}pk_6V1 zb&X|by-OXdN|JR3@C_=WG^z2j_Av_Yx5O13y*hh3(oy$W?t%2qF3hu&^OP0hRN`rxc8A;NlV_c6nGqnb5McoFN7#Ei@3?~!szm{dy9!&ZCmT=(m z$;A)xeNQv>({uE|2c*x%Qh<5CFAlW}iUuye)dwH8Yrrva;Wd%I&K5zFGhljYy)cbh zNOBu?SFn$($^0;`?A}{gcx40{0U+&)oC#YiHEg0SHP}mz$B$X5U3ZCfYBnbuM(z^H z)d(#j)qD?gO$wt#H>e2n9~`=hY;d}|$ky31SPbhqh2Y#k2%2mPn0c+i{9EsSHk3uW zKU7)cY}n7yuWdvx2S&|3@ch0vaxhcZOR=dhv_K9n>tf;B{653AvztJbb1@mCbeTJK$mCXUJik3>T1 z7Fs~x0JL>vX;DMhB`+ClPe=wW4#;D{x#Z(wa%nK2?-vWSFAXx!u9y_Xg?YN?i$EdV z$`)iU)V^dq-bnjCe{MVe1cK0FDwDf2?B;@`4ZXFdHbO}5t1u|BYn5~XMW5y9`LR@^j)&{4a zY~%i{ja|Yyk!G$c8$0y_D@dul#igg7$uKwhwsAwNh1>2aP4Jh%0tvTr6>J4Q-&W$W zo$)?U-Hj~O)?ASec47Vf_((D*Mzp9{#`Qht?Fovi z%R@01j6_^qDPD4>XYdOsuVX-c*9@r$-?|oqx4RBHx>`Hyq<4$d0{G7CE6%gv0Xik_8uPw^scGBcS0yelU&blO-D zP9rH?)vYYqiEX#+Z~6^og<1IWh(e?=vlkb@#KKXGbgzhIiJbk}Xt=hr|K@4BGI##T zYvG2d#&xDa3);lRE!nv<^a)vFK&;wcq7l{Ri;hp3dFeVSbcC}5gbM+1ltVw4A z8ZL19N8?cx-=9V)pz?#?uN28TsahhfXaXu!z-Pn<=NQR+Zeq1j)f>$~JElmEH~{39 zQsHmtkXytWv@x$%DZR=L-ycCrb zIb!AKV)E;1aS93=82CwLY_T!)J?w@bc4@LXBB>a0S%EkbqGJ!!DTcC1_pj;_7RprfBgI zuAb(h&dtx6iG*H;Ifi*~PT=M~KN_7G>@7^vjZBZ*t`WLA@+e+ssDcex`#QD;Ll|Bl zl!x#>Op zeEK&;i^5A;kg=2~{-7&`|DqoOg49ziu&2ruo4d+_U6r7#bSwH@vz!LdF!3@u?XpXz zC#L?kPMD>`rROB8Eg_&R|2dem(c{kwjgcSRFb43eYsyWP+=s(}F#hUw(em92gPFOT zR)L|KGiHhiN67~RVSpSk|AjV}Ak85_-Gm?q6n67SQS*&Wke8R2NdZEX}4*wUCF6IR+h<;u0HMc;2&e0>l2 z-#zmGpX~oH9eB@E#&I&Xx@Yb0!A{){W%qPcjK}W_Kmc%`AM{;uUl^7tzd{(Uq!W4; zxLQBrs`zn2-t*Qfh)SZSw}!;J$~ln=bR}S%T;l#@84xY%hiY#}=P3Q^J^XjrUf3z| z>iVH)b&@`}p_^dO9|MC~Eo=Aq@-j)o9NeI^a%FmZoIC#~o}sx|3m5l0WN-!u1-{_X zaN)Z#2w&G$7vH3_1;^-?*8HBDS4~W_y%MTn!AE9ewh}!)z2A2#D>RlKtB$@0g96O; z9{#WrU?v{>WbfqQ@~{+~=Qll;D{yxj{O$dp73)|OS7;VhW^4!~-&kJfW{I$MTT`{$#8MOZEshNnCBPRT^h%0|(FyKn>4Y{;gnW=A}Hbvn!Ir&a1?+_V*^O z1dZy&q5gZ2CZKBy?-467uc*kz!O6_Z+m9o9o84~|3q>V{hyYpkJ{_ty>BzOzYAstl zG=#niUyS<#U^z(2nO4N1&*Wl4Tvk`e03@n4_F}6J{6ZqujkbC}a=+iSAj1eV;VZTi z1)k~5#S5*|PnGb)U-(%0|TBA zjM!yr?~`L#1e!9HqQ#b@=lTrw99hOGuU3P|>8Gl&5XA4SLp{WyP&I9iNU${4^~8>I z2*feRsNotpDWS-R#fLlkB4H>esMWCL60U-+rcMhu{@O9qS0_(%b8&4*R*KD&4TtZC zYZdM2ic!s}yK?~|C(}+t#l>%WS34Q1%FFYSn_5FVQ1mc?FlKZV)db5U0I!DzyL!tA zF9!;a>=NsC2Xwfhc=d`VULAG0R)*A+A?l)k4Jj1h|JtBxlo(azF|?LtxXi~3LmtzJ znX9BE_iYE?86;iB6`{!RYVxesPb#pTJPNeg%X8P4LdTh}9iCD&$7A}iReoju8!DNO zC($sbq6Y_46H0W*Fa{#?!9e%#a zI|?H#T_y#U5Q_Nn+UjzmR{-^cm4J;2_c0UcNOA|!&$Xq4g1N>jYWRsi{*M)zR*6?- zd3wSTzh?y17}Xl3l_@}5lZzhzJz5o7*l`4S>cPEIoR>h)A0jtH7r z$AcNiITF>k+RpX8phAMxPEd1*q8Q~WJ=mwo8q_vcik4`#FFrr_W-_kq*&y_ z(0;a-gLw8fRaWY1@Y(+RHBng&q=Dx-9@=5!(8d-OEt!Xi?SOk;N9O`KmTah}n3f4k zKXL0;U*9^7#f6JiH}Lu-*a0c=Sy_2`c@Zo%W)`f*dwpS$la0mJWN#$8)#T>1h#ggT z8vefY+b$rir=-wz9Po3vb;D~17xJD>AIr22;}0j;GW9>BLPsrFsZ^)Ej}$utW8!?$ zR5daxOEW^G}N~?Qyi;- ze+A@qF(aA3Avaayc^wttX2L4yw!IGHOXv-&Y2-=8@d%77a<}8E;%gHaAH<_^dngh# zQjEn>e=-+bXVB=;T;PG!I5A|Bx?Dy^!ro6pdPLq6qq>e}&ZQ{rs!3;ITpQ5)LGhvS z&kVJrlcy8Rx`?Qz6f|V0rdL;GM3|rwgVIvUO-W;rsaSC6q#A(jbuBoIw#KNYb594s zEM9yxKQ3tW{MflArK7cHjsFu#Zon`-aKF?srO8!_u_0v?$m_#D1-vowfnxEE0%X+G}XZ%Px@jvwQB+ z?+V)RN`Wq31(lVy7M>9gC}$Q0z_@Y%RK4xx5;)g)_4c*j~=^paVXh`owrk=ra* zuk*PM;6eFc{^MGBhlVt_QO~6{jE&-A0z!7HnwHE;EZ{=+l1gm%LntQ@$NuGXObk9Q z?xo(&j=}coYdR`7W9o9!xz#!#*4iZ9B*WuXbjDG)Q)p-Zf=V=Ns_4Q$UK*0M`L|&h z#6&Y%&vw&BP0(4~)tk}Y2&zeFC~~8oQ|yL&lfcoV#M3bjwhb7CR@7B8n*k!GJ{`Dx6A)b(`JUUKJX{xz&yyr z!vDqEHw9-;`F(_w`RhdeO&H2K5)GZ#RER!76j3r2wIto2Vq((RK}X?4SphMcEG=p2|HdilSSx=cQJL zWl4ig1eYzu9{f?9oXdLEGev%eYx}7vRW`DDl;HLS45w(xpuM@8W+^Gx%F2p{zP72U z2q~wp_#l5oRH)AA0#po}QP;9uH=CcfPu7W>WCmnIu8hNg?fx$8Vn8~sn3i7KJ&yPw zYlwk;ekBk4Oo@$s2xzhj%;zLyv-WhR%{2@AtCW(JoccRs#wmBc2^f{kQ={^G?uTl1 z=mc|Z!{$J38AXzM1s2kG-nlw815?d*;@w0gwNV;7Jg65)`6Wq;C{*31qBWauG4%A* zMbEWnJw~d`=@QDLgA0!Tjo0nY$DjLch-j+$Ia-<#nExbOE|W5@ z(WtntI+uA7|2W9gE!9;~WVL!;qh~a8)gF%pZm(&qXnm!7~1c^AMkDEceEHmy44uBc)wIQ4UW{JJlBErV=EA z+i3jzaYE$$hd&usj{IQ|ZWFDsr?^)2HZl1uHDiiJt5a^K&mBS(NtdxoqIX5-kmF$u z{Qysy@scxSL}eG4OJlTSl7XNi zD16>mvk@!TJ}9tT7i(+SR}^}Uhj#ltv`mO-8f*#Pa$e@dD8z~KZW}FU-)#@ZD!dmy zo!@H2X6D#VhV)UWZNZ(g@3RR;=Ig7AJ=AR@-}c_c4t#0b-|!}BqI0cfpDHek7nRjM zexpHNZv35N>W?Zdua~|8gYA5(w0$!g%?(!qY43^0VuWv(#KCanv;

    (o zq$|fQ*0y{2BT#0>B-VU0TRf4Q&@y$)Efo5UM^qFUO|hOp4-q}#-OEe4R)$>7i^s__ z;4fFIJYRiD6B*m& zKrS3J_KH9qVv~2FW(6$)pV_hK;LG>H;{j2&ViCqo-TMSw0*xB#D zbG`F;j1~}rj3UYe$J9pWE?_mjk1wCkod8)5TB#&VZOab1qJO&!7` z8-j9IBW0|@)Fo;R{s@f@mx1h)CQx8RSe(lmV9{%BOHK*0RDhb+e~_hfX&NX{vZOoN zrJOrBeLxdM(Y6L|h$cP!tPl6xtsKjQnj*LiGPpm8VeYECUNz|z(nM>S0`M!#Ud}B}W=ONUWUK(&<$WJ)?RUV6^>+x~Z;twV z^|xfeJoU&=v{)V#hCGe0GT<+d68=(dF|R+jV=j|qxay%kH5OiNQ5ucc_dSpKE$^*rpH}~Hw zTppQ~khBr5kPPq%Vu6+~$EI)-onNEud>=v^y&-a#_Ibu5--c3icwr7QaR<+3-89;` z2JN%5mIGi2v!ux8J{OB~e6DAT_5E%J%m?aWg_!nmBx8D8`fYynf5~%Rf7|>2=Ni*N zJV^0aIyMLS_w6=H`;wW@iD;X8?t$C=@B8go_2nVQge{wd&)dk>*7I4|H4(8ORsJYW zTR}fb7~|i6Z%y@EZ#$l?rn1y7$N#1IN#NJjyQT|tMVypUC1Wh- zTngn&xAE4-)A3fG0Kb3U#>C;8{NH~()e#x9`$zu}eOmtd!U&G2PZ(h?+afdIkRc0W z@S=CgHE&z<`~r;02?iCl<)Q_)|1YkxCElfNJt8x#L~9g|`$W(+rvQc=ft3kCqx=RexD#fqTtpws zzl1ZraO+2){;@KpGLcOm7gkIUpHvzb%oK8I`Wq1Y@o+6*+)tOy z*LJ0L3T~HRFGKRdrQ;97oA)!|K^j!!1OYR6s%m3>g3LYj5ktBbv5(S>`Rp-P_u`$P zoE=+M4=ciu#9cyl{=E6V;)I34m7?Z6s}`whzb#T8HVSX;TqgVnYw`nkG)2o18pOLQ$vyl-iV(-b#l>`;hP@;n73V?wv8V(|) zo|6tK*kKk^D>MyejJoN=W||J)>)dl;?v*UayFQX!JpEr&%l=42^VM}2zu3m9ihPTU zhuSsjv23M(sRu)9474eF^1+c!@)IMpV^%>DGPu4$2>Q$g2>hE1gEeo>Svh~atmMyE z?Wx;#VTibfMdD3$YLdqJN9>>dqbvJI&xs0}8Od9J-t_H{ID+@-Z$Aot{(JQIClkPr zw3%J`Jiz+&UOdxxqyyBh65ww-+Cf^@&HgnAbP|1GK^taX+>$`6YW{dZ9oZ5f`bCZ2 zU&mlLKg?++L7Udvg={0>_3Hj`#w5v3WUq%UhYchpyuPL_UN4q8Y%3Uo=)PDBgALi! zVsn~#leD+=i#*Hnw*UO7H{H$4Rzic9-Lb?TM7Kt!5V$T0PO#55Oy1;jcKDu3`OW=~ zmke+-`MwTcZ8Z9C|3b9^r>6i=yN|9T&c#5^vvOuxF(!l1br;7d@TPrg3^3GUnB?*O z#|m-&zH`^DvnzX+4__K8u#@$dpu@>_hcT%f#8sUos|qvCs4?kH3TpWk1&Wv5dSA_| z4l@N)+0LN3DbooRE_3stJ<9Fto8keCRPSjdAY5ye9KcNY+eMal-l9rYZ>SCK zkmWkhmGAcx8Zl+WpWVof`V5jE^S(LsN@yG!Xjpu4fDA~%lP&I?NAmOUceJ7s3{v^0 zE)Rpnsbb!lt`E?!4UKv3D;COM{3713#k5-kWb8@@YlnS z+0fgRr=_P6oqXn9+1gXSvf;JfS(qGQwB5(+mPKp23jsZ}+M`64NdRfXjVu`fcD#M( zlkmEx@GxN0=kRv(rqP zoC>VvO-L6>(ISzjj|fBvtEip(;Mr-pYrd*oidSYyJ^?ucYv(JuKK68A8gF8`m5&A> zAFSR9ktt66q5&*dKHOe-VHou;XMZ=f007c#N!cteS@Wghmh$s0uEa3{jWwkw+Q|2%c`S>^?-@A(u^PCKVIUH+_t-D9S01@W+$dFN!tb%RB^FGP zdD;aS8#vifM`51rk>ZXxGK#|_Km44r4=!md(rdfBNPQev5`RTPCP3`+#>W+FC+fM+ z5uC_h|5ZTZeYPHS8`;a(ynMQYR;}a|ONe2jI1E`$W#)-XE7&Jc5{ocUMpb^lTi0+- zK?bsnd?O4ps?+#m%3X>&sV8NgtO4u2C4rZY8qLkyhMA;-aYPA?EsMD(kOpKytY5*o z>879w)*CSj36uD?7^(Csr!5$U)0FTGY=vt#Vp1ng5-viAT7944)U_JE*KS($`|J`G zD5z-2r&{hSt${SfQ$X`?OZHSm8@YNnOrOtCd)ba!3$3^<1NSKEKAOrw@g_ahAzljz z;Zw7;bW^ebH$?O+W*y+COIB4&N86d>>hwICVm7I&+(GhlU+YX7z)`X4);j1+tMA=6 zoQ7;~84s#cGBYZS(-((*ju!`hJ~dk&aSKfU_&jlc)j*3op!27wSto0?%Ylv)+>uHZ zoOz`b`FD-5$@gBmpT6}8#~7Sp_?MIMqt*|PPZ14gTpped4q*`D{}h7M<lw}30Tqu9~ntPc71S!O{gIzZl14szxa z{xpeiy<)Yn#mN4g$uz1qkI`Jk(kUWOrB*Nul@KgXzW>|whcg>Zs0@X&Whw6|J55U| zpd-j)->E>DGI4al>fi+Qw>ww0^q!(XtyJ)0W1%$pnx<7r)b5PULitZClTaX-K$8yA z6mOQIISWmMtP@WHT!qH_j&kMCJa)W^SNhMI$hp$#S#Yg?2**(MKdS<^AaxzR$iq`w z8pVs%$4c{Lyejc76{+ZpA&m6c=>R=dWyLz%HEq_IV3t34AjMr)E+ci28z}Ktl0~gz ze*Ilm;%!3=Xya(DvC1r8IA!B4_+fje)oA5-Ve{{7Z@B`_XNmbwThl)`1=97TN|pEB zsjU>Xr7f?cRBA{coULB}8{!=9qZ^EuKa0nldnK;^yA=Xf0x)|gIZLDQ={GC0+xngF zai?XY$FFiah|5=FFV)SLDyk{|Z$qCIdL3MHa-Of1pK{d}!;ucQz+I2y3&F289g}nK z=UrS?4HU<6_UqGDM_*M{2391`DB0HMc((4yCgfrN)~C@aPFd8^ZPeEC--o!m)3&LP zH*p_WFX0n|H^!}6YUBEiN zbpj(QV2{Sw^L;Ia9IXu2ilv3F`#1ZtR?CB4k5Nj+-8bTU*-=FD<-X4k$b)&=_xC6; zs)%9zkD+T)MZvzp4Fk>0ProASXG-{nCn9B&^Haok{-51_ z&BE)}B?>Q<)OGvEt1U=M+dhg~s#3D9?y$}0JDlf#zuoEkYpE$~XAl!*aLP#T9+`u{U>08gdYwg? zlxaW!g%^RVpmYDH1Yciz-rm6j1=zz;QNQOyb=StmiuLaE>^Vy;6r!UlV-sccwTt&H zPWbJ+j7-6o=g#go9=Djd3D~d_y9y+a*O-vewp&k)R{hVlzg@aYijYxiQhx=L`>QvB zzWD&~a$-l~w-@8BHnpaxF?YAmX9=o^^h`#+#Gj|Mw_9&}Yj`@T9?7-wP|*xle?&@E z@W#a}kp?BLlzlVKab2uJAug4073(Y(%Sv~HM@rOtA&*6zhR~-=4@3fms6d%n)hW_Y z4sjYk=Vd2;=3N_gC`E+Q@Ux?9RfDWb#a0UABX?AlS~He8%D>5r8I|@Jt^5dQT8lA_*_|+|1QfsenLFj)pVW&l`!?dL#5hb};E(ZYDJ^AJ?tTo}SCcFyf7q zb^|q(JG=m3V2{TCW4Mm|X;fmLEW!QN0UD*HiP-sIr-K`p?h!%r0{Z_)S9JQ73GM7L zjA_FtBO^n1QNYax^T$CQ3d{VfaW@!h6*c0#Zk%9ZZ|UP>l&w{=?$gl9#LZmmA%y2L zQz;W8D)D7E!p$M;a{GH8d#a*x0jJY-Q5OffQIkJw!p|zs4#Y4__nN>T{tW6^7aN~ z`eAv+fy*KtFsAl+ZoHKbF*z-n@YK24z&D4ogiQ&0nU+P6J}kLF4+5>1Hk{duR-vdx z)&Pi(18k_G*I65!oxM`1i%_lkhfSq=b7o}{7ZkkQ=)z`Uo2L~l%w13mRYYIeC<8t7 z#HwIB;m4wCR^=6A3BG0s$UshUt(`v^68rldyQ|4#5Y^e5?o}l*dZ|KCmsX=tMN0)5 zG4hg01?u42es6)A+9Ilp6weE1llCbuTmA(pI~8HjYm+pt==C=#Sy$G0`-6f%q@?xd zP4&rE62omFY7}WUv;^2%t54kqU9i}|TIF6bX6@G1lZ;ge!iJV^-~5KZIteW9g~8C2 zpKP8GWXaZGv9Osq&6N=L|GcYYLm{GMrGUnk8_t7d^TpUFk6gnA6m=hNSX~DuVvI@GEL^F{rsP{{{5U zhj6HR;0WqA@C!1KGGM~`zYjW$aJ3p8otTQ~j;s+44_BDp0s!CR%*&^JDAt zHRtm==kw_EE$7R0xxBnwsWgel2ep6%Fzk;@(l~#JB^lT)*l>9uIW(QH_EV0=SD+2X zK4~FnqxTS=b^)EB8et06O^PT~uEzJR@Z8IAFThDx$c@GE*=$OVG^=j>R(ZP)u)Di! zkZ|JvUi}FTyb=5u`W&8^P%Tw~0B2TQMZ0;CoG2pA&4Aw^;1PuhAyq_FK%?#3K+OCF ziMjmyj3cAx_B!Z0*ybUD=fcfsg%E7RXn`zsybThE1J@a)SAD|P`Z`~2Ib>U6X~arX z_P|E%BaB?9Py_?>@nWw{Fuu84pz!z(TZ3D61{`>Ip)xxMyZh9g++qp^cP?74#KN!fZPW3tX|w zn97BL%a_N?aR#vC_=shtfn=eI+a?oI_d#&O~=63o;N7W+sOAA4b6UMoT z4>A{hbBl2%LXOMR)61JtMI#IoS22$+KLcz3w3d4MbyOHH0M^2$xLd?eg_hE=leIRG zb?Z9`uYX@pqJa@scP6kh)fWqDqW|7;*Rm=(ie|LA1=Bd!B|5$$NZTlw4DsfGw(5D@ zos?6S9YQF&jD3%|yc!2K7P=mV(_9-k*xA`0d*&8Xu)wC{T}Wa%rfX)R(?j(!B zbEKYBrF|$9JI?-LnO|=nPdDVIjtDUwRxMnvSdlvpxn_|4(EI2!%IQbAy+?QT7X<^S z$=x+%|D-C=B->$48rZOx4|;RyA|!YFDlbx2(Pz8BOUAyF67B&F&pkskqsCo_F?68` zqpoSX90X77K&Sz`r{G{vwTrlv5W*quNInK=c|zS0$XW{ly9Tg0&P!$M>LDb8^UhMp zkE;c73C!%@7<&h?Kgyr(w$vc%)mobcey>*Y>aCG`UyBg?6UHfAr<(QojLcw16;EXpjJRf!B#=!1? zF8-#;-ObHFO#b#h#66wH4edm@MVs&5D-<<`h4=uf)4x7F-F%*42pB@sW9ND1#L6Go z@k2%Eu}Wz{M4kg@KQ>{)0XcaTN0n?u#%?adp^Aazi#d5cMwld*{0kEayndOq$u)o2 zlPL5)uFq6z*n|Zp*ip@Md1K?^_?ToPj^%)*c{i^ipTMzCN9eL?v)7)%R2Jxo1+QeDCO^gQ@j zc%6QgP`eIT=v92r#0ut}>VJp%I@^EWSLBPq2J2Y!b|HXy3y5qPPB*JcD%7 zW5QsQ`3CB^^)~3|SopP~b~y$EpZ4I)e|nIS97&Q#q~gr8!>u(SGXNqL%!3l}H;2Pj zcavU?{}Y;ZdtIaT6Z>~?G9jPA>BJ$e0?VXX?*1>6T5fidW_1D0HY=EwhvRbF81)|e zB>Pmjfb znbvnd#c39Ol{;TA@aXm&xx$E_UKM=)4uTpAW)topw=3uco@bb8VP; zy9z_l=ifAG4HQ)|depB#xt*QMLnlU~)HWEGKg-@Tu!VCmYLit&b_q^DYqkwa2OoC& z;%`F@wbt3nuEKXOc?Dct?KV-6vBTQEUI1SIx<%ytO04D1c7?5JI-+b@!aCH(>D`@O zV-Q>U`(RzEAFCJ`)Etu?{GsW|mRCmDEAHpZ4izJ1lgiKfEEYNFoH;TLtc&#zMKZw8X%pooOyXjboyz z(Yw8m6Dy}C*w~zl2+12GOR#pWFp$B$YkeCFCwgZD$=M8!Mp;=|_1ahf;{j>$IVRTr zoj_+7tr;pX+~&kQ01WQ4`9tCTt<;Cgj}wGw_|)%gu48_a{=NIcdGlSA{c&S zgA44mOj4Bc0X%}vDlgBc3fSgH`IErYNa7T0z|Fiu&*Qhr zSb-0=VRU(qllgsdWd;pC<0J)!$iDLcstmqQHT<>dtr5AX5u@hb-z85xyyegS*I zV;~JZJv|*h>qSVOECvpa#|%TcDWyFxExlhk)$~(Owbzt>EU7?66&0~ox%8Zz)RAyM zVt7DARqTmnsbSv8+Ugw9OtBE{vH*&9Ln=xM=&uw<&`7?SN%k`^cTG>wddAmGhG*do z+z{v8jAWHyL_ps$K%|B{kI(w3BewLVEXLYPXKE(uv2JatBnJMPQ>{>4^jwpv>`yij zett0Ks1A^ypHH;Ou%CNA&Rf%NAWuEd6%AK6tKl5FtFGw)vc7MO$Ac#6q zv3oD;T5)O0O@g7^{fO2r>9SD1Y>dI5^-}q>-=F!?U+9Q%Rji=jAe0)x(k?G%a7{mP~>z1H>IRgStaE0D`)=|;{E zm?DqQe0;~zo-KfJTexodrZ>XNoPEHCmoAQ^58nyzW9_0KdH=68$%;B|Dm5p|LS-zd z91GZselIHn6R6`EG%0pPCX{ENLc)%}uf*>2tyZZTL)iYA2mK!N2Wji1%_0p@sT9Qz z1A-aVewtH7D!iI9=*mE8jGg89&$I!IIHV(KH1gD>sZ>&Gs&bX`udp!8$a2g5R={jQ zdih*(L`=C?@;Jxux>UM#JI8Q4u=WSjsE)k17CoYA%T?)OjNOF%Rm+=`#C)_BBlBlE zCPmP(mUh)oYwiGCAN`wvaK&+m4AHAxs(-yJjV8r;O?&_mdx&>WxHA~i(@qMW)jMkn zg9eiUvvf5Yv{ShN6S`(E5T6(c&7=W%BFi|(mw2ladStJ7A}!mpklKR2Z%VCnhJN8k z^d)4E8mD=x2N#I}23rQuo3x}oW6UN4G9dLr)|ae~Zzb~p>9ch`D&U3oCo(upXqIch zJOYTtd3X+N+0{vU28^8^?ID3&9`@K4U!r0e;dG~5+#ukzP=fTFUQgZ1W2E;+#&$1b zmZJnsJn*eh2NUIG)%zGRfN+=17b4|s7blTqO8|bLXilD6#(5bvF#T6c26XP+qlxvQiD4mb@I!7L*$^Lm|V>J7jK$ZmAR!~PBA2o>6_V0-IbX$_jCmiz3Oe_ z3X_(j@mjMQ1u-<8%s8frw7JEsWpld)J)~feQbzHcCXnlRy4Av@3FZJRBbV$FNwR2L zCxD@1gf2rPla(7MUm>}tm9<_*#&w)u#D?t*djngPwZ9scD89UV=pqt#M9Wv_< zn@@K77>G+ipsJd32%EIu$Wc=hx6!bt6(DlUo5J1L{|~`8PZbXrgA$(*(IS4?PwL5z z5!Ta!BZ%ZM#3xgcQ#v%oB58q-i*tSacsre1>fUDDv1IKB%ZpoE6b?Ua;_gXn-=QkQ z3Sl`ld}I&^Cm+Z_9pK?Euui%BjpI1k7uK5>R>EiR=Rpz%OsyOf?>1_Nqz*&^6U$hD z9G*@b%m_6$H#DRP56^Oo9Flgx&!~{i$AiJAs%tklw;xW%J_N?WltnYRLS4w@v|z>q zF`}<)*9`NLVV49i+i-uAiD3Tv=+WZcG|VftnJR_W%{au(fXJ*$$d{?lLF%Twry} z$Lfr$$Yq=7a=sdq7Is$`=lT-l7@k8ziXVA8J&KYt6G#Zry4eP0`I$PsC}inWB^N7r zSCO`db_>6Vq;juYo)ZXEy^G-J_o=C=?V!I4%VwzG4c=k=V~~cZYj4-q)txY5p{1q8 z$1i>Q8w6O{XpEPGkCf$`!EMZ63C|sV`x2UHlHu%VS2n2>xZ=4VPn6FZHpwfI#$dG# zvj$a~eUk8S_bal2FjJEf@vt_%Y~-FPpcjFW+E^;Aw%Ksd(|aSf^wW$m&@+Kjd#;>f zJ{i0A?4bvT2NLZb6&4MR>7KyxWmiNhxi~ti+|&hmd~D4EGN8f*#=&ePt8PrTCXqJ_o(!l(g7j& z-IGMN@&qi3ehiF#br&W6s+fk5==}VBNk$w^W2M>1@5h!EJh{o9gNNN=QkC4=1_qqe z)TQy+DFdg>1dL+)M@(};8U@x_K<6#}t}oEpJTih0LH2Hx)bSJY#Kx||sJ2L5ZAJke~$J+ze>=fE1UGMUDe&c;b?1!$LePMKM)EoB?6Lfil^=2qfC&fw|6|BjMzdH22`i># zabNGzMLE)MSu6DggzRy++WgRmn!p6b%=5e~hb7$P2uq7BP1Oh$i} z%s|%6t8MQbU}h*)vV(UMSJ@LFxgZB9GIiNFl~*sXEDWrT`A;Lz{7O(oYBV6{S>9S3 zbKccJGT|*H1>fB4()GrxS$W?MtS>KC*E-vz;?Jx}t+M^|!_(V43{dxN4W(m!IOA_Z!~0_`n0dYf!N+Yr=g701kJ*nq|=d^e|BrFuhUhuWCPdT&GYzhFKexopa>iN z?D<&Bxi@c0I0B(pEs2J;rjCtsaBa_UfJBQ*)}IY$ckh5G+n>Cm$=D8n?HqAYM`I$} zZ=z*rKN<^@&W~^5)GS3?mVpL&BF0h~#)Sw_iSFAu}e= zB1!nbdyVjm0!znONY-&F=!KDHahXOL+4f5ila^HJuvo~BQ5b<{CGt(l)PbbDxdgWS z#S^sS@(@u$%JQP@(HZ#X8h?-)jsSl!v8TTUNt*?jRM-WuhzS2QYD1?th7JUA5tuwF zo{f@vjJ>m81lQLm{;BQZL*&A_Iwq586Oy_f57710+qGgSRf2HT6Txp?(NuIL{hek> zk^%`FDItIf>+^gs9x@-*N@WYGBn23WpuKi0WczdlOgq4#xQCA7q;(aY6=q`%9I8FPv|78d43A~1V; z_~=1UtzP6w{RyaSY6{pQG#UhH()$C-t-=yNFkO-RrCeVz4xn;#P2n8Elvk zS&c}R@%YAokGb8qB?mmD{EenHFIj{-vKefe*+L+a(y1xZTS0_FJOkhs8wCMp40rxN9w-H6*+`#mAkZ-R|||6Ybwkiiu8aGbpB( zf=aEVG%l^ckPB~`zpEjg$gOsY6gr|)U_dwwH6o3uyAOwY0mu}cK`8mc zb33GVRFiN4OmvY?=Yj}zAz+#h@*Waz^1%6jTa?L5TM0QR#A}#>bt_pk`ZP^!+~(4$~Y9Omzytg;rMC0LR1dNJy5tb6}Sm7YI3PA%K|_)T^tb zt-qD2H`)?M)(}4LOHhZ(QWavauh>m=XnH}m+ZzmjWv{1TwImDaqIT+ckr+A zn7=a?Nx{UZ1N}%zF}1)lj^V&j)4ziqo}ybYE3VzK`uTO$4u~3L*E1?5EEzEYus~FX zZt~3JU?@fR*@ZLZ-6P{!-O;P7tL-BjUu7ofU}K{KF%) zyl#ZQ;b(y+w@Wy^MZYJ6xV&pJuK-n{sk8r#eVHGe(bTMF>T*dg=klasQD5`fL_=eN zzG@~*=sD_fx)^Z4zG`5>&2ihD(wLUD+EkTP4|0__bg_;&p?jWPkfh<>UioWz)R5uV zoU6Kt;}Gw{Gh1-QAICUgbU6-bc8qF35qD7`E3KdD2qmoiLEB~~IPmA$(!Bx&gkXsD ztvd8JR$|PHN!kiwfLim|`^n(7aOE|;R#)lnj)cr$yJ8Ee%oT}7l7jo`-+|v%M(%lB zK%Qe`4EwpPmHs&mQeZF6Hc(=&QohT(s7gjD4yrsl%3q+0B3iza89v=I#vn(Z1xPX4 zXo0J5si%juHW0bn@3`6R;`iwBi)_o^nhv7ubURaHdwX|4plRaXar=|5Zb6o%FMj2S z+S8S}iygXO&_#Bp_ml1HcepP}lkRiO@bRD|^DPHo{`d2z8Cc}l)nf-r{^hYz&Z?x5 znecXa%h<)I%c`iJo1YT+*o(HSSvD7!P$neu-&jO-PkedbgxkIvY6b&njo3J+$6Bfq$AZUl$i~JAIh68hU~cs1Xh`qrR3r zlLi`2H1NLw{lzcr>gsZX?#yQU71Go3p_3wJVgfj5>mGsQzzlvabKJM;MCAW;;8xSQHM5S^gRDA!HbfX zy|HnF+`79E5xxp6{{s|j+OTDEK8!d;Z4hOMY1)#~XBmKm)@bwFolAA7D%GOw^qWyTjxpXNkq?}-h3?>SoNPKH;)szF+xM8tsDuAOekN8Vq=!7 zWHF>ZBRH~Jg=wv{?*U(&gZPtt%&tp^LK;()bR_r4+>}C;OEoVQ#%_z85gguhdSs(< z2tSE~sty_kw;=?XvYt1%1)*3*Z_Tc)!DHCN{i}RVF(Wf27!Lbr&lSE_FW*YQsS)e& zA7UACW%IJLj&BtWDFk49rc%+<=8yZdgqfBNhBOY7WUSvmIEv#OOqen}SY2(Y9`wy+ zC9TU6;2eXMaFjY16N&2c#K;YQyG=}M^IbyR^?iL4_p8l^R)`#b&r}DoBf(|Y9 z-Oy`&n6gwi`t(8EBTi@Z+LWC3#D9nyfFTvsVD8z<&9DviGUl-6zo!Xqoe&NW95vAd z5tveQ%dS(lAL^I{c?4qt7`@MkqY*vpbbbV1ePYg(F;GoYlUrwykU_1@mr@kZSrbiN zD{~%(FBkGodAANQ3G0#;7|WZYv|`PnZyS=##F|*=e5a&5_xeQL4vzgCXf-0=HZkbH zf6!}?oiPRqkBrSMr{-b?d!G@L!#xGI6zK8}eg6PwyZ~OVm`@5VSnjF9#-^g9U@SoKy?fG2z7X>EPe{j{4g?)0b6CLJFaxqB zUA5J&MWidXo}n@N5}*Kf4JmiIWTdHy8PR^dM(alxO~Z+c@cJ zj9J*w9#`zGgSn@y6@wO12It22{#zJ|XR(}UO1sosE`E24H59J1TSM;{%c(v}@FR@V z>KC*Y4`k&JK~*d(2<=O^r=7$Wn4yt+OPeQ7j##XQd4;zYDZ1>j=`p3LwH{T0U-L_1 zvq5ic0fl7`iCC#bIG!~;L9=6Jt*uQ-m)>KpA<>i#^;?;O6{YvJu@Oo3qMIKFVZRPw zhm^6m(Dkv?Hd^sR1JlEbNBL^lpa(A4Q_rpnz?4P|4S-YJo*F?Mmxl1)Q4b#jT|Yf- zH5%BPdmpWyvLBxGfILFK61Q|r%^hOv;BVvDZA;$!s-5|i^ZFZpI}7lXe%gLhDKT;J z>!*^FOxB0=nAfEz>2Z}I3AK1%&ke|SkzU8h^J|5QMd=o)7-=EOXoNf4D~syitrpU6 znG?D$)vb#VPIt`b1k|}p4a3g$HS+RGW?urQ?;)pFB6Wq#mr$ds5u(qdb~K%8HOPc-Ho4TaW;-j`aWL@; z%xdfGj6|#Ftm04X3dG1#O23pWKM~~BP69_zax`tG@$aon%9nEk{lYP?Rq8d%X2%MR zl4I-s*-lf!S* zT4jR7Z&JfUW4+u_LJUL`7c;@Fqqljs?Dpgxe%LmP9E=16ay8Z|LiX963Pp?fGG?sN ze^y819g^VyM=2s(;u^a4^qX(PH`niggBU zSPlr^S@3Dq(AB8@)906ekBH=yW60Tjisx+w^MzuA5V^w*wWtTeguE8*CXuE{ai(#h-zKh-LEv#gG-8m~jNCASUm_h8|k$ zG`3#Yf4b2MQv8_LaE+u*9I$A<>={<&vF&HMDrch*6rgL&uE8Xm(9=PdIICWlxl623~IbQs}}nnVHf3N54XWP91Ua){m8|ylO^% z#`Ob;D1jfdkAFDCjMU_P7iQ39PFE{EXVaAVvlm0eenU@Rd!y)Qa-yo@#-2Cgk7o%5 zv^-a)t7YQ+#tQ3t9fjsL52kwS=MF(=>0QjPy^nx^fQG)bq@;x=;-;>FR3(@R`-g@* z;jmcZLEeq&zyNh(yBWz<%(n@x&DF>1O&DHw*)fT*f&)`$gI3D8eMP;D zV_)ea$cpih!@P$CqXuzBBNY!#PfeESF0be25kd!fxyfgPwY25?^n!`r5*Zxca>$N9 z2HbzYjShA!6Y8rBhfDq3AMH`n$4eZLxp_8I20vx}nk$ihuYsH<4KQcUMIOpD(O@9s zTN@8Af#ex*AEDZrDo}@b5Q&$^iyElF)tIet;~JWl#);0Xm8H6R1HaUA{mxfOA;9u` zpv>+MOc{cycp-L*#E*U=aNTfkgkaT-jNU~E%}7-RxWx2$h2jLjLAKks~z?l>ZbwzB%$B_LpVzJ0@bxU#Lq&^*Sw{O-uTxbz zYAn?uqB9B9!@m{1Twdd5*KNi-g&)j~jwuzabcs6YGA$u7hx^KGP+t{qF!$aUt?O&F zbrne>>Y^cYS`Jt$@aFyw$dtAO`Z}^$ge=@dfeO0W55INaz*(*@(5-K9=uq=o7Y^yv zZX(Q&MZpiX{|41F)SYc#Dq80VAXB_gR&84WmkZIxD>Ew--hEMtvZso;_?Dr~_EytT zEyt~gl6A;$&u9*Q}OfCH+Rf(>LgB6Ijb}N+=28;5MJLV6Mjh@6;@bGsE9;TM)Hka_U_PSX_1H zaSzbq7|W2b%`63f(g^}7KBaKZ4UJV-SGW3#nAzIeS|`uwB{b8)?go3o4#AFFy6XEC z##AC2i!`aBeewePfS?5qR**-DW=b>z2qnG)n2h3Aa%cLouUr3siT|E8h1lkZ@ zV(y?qQ*J~YvfcbuL+j?tNfvDCiBL_O5M^WhyiRiPPYtq+wo^U_I{cW8hb)2M|T0d{t_F2@q|)Q5{Fw=K4D75p+Wi@ zSm*|Py3FNJGLs=$Hc*#yPQGJ5k@Xf|&{!dR09n&F{14W?`m3!b>Y7rd6f5r1BEg}> z-QC@xxVr?WxJ!#$vEo+TNh$75aCb`~c#t>G`~3yqTJJBpD{JmuGnqSc&Sal+_BM<0 ztr~QBk^`+6ECv65EB2M4U{kV;>qIX+iUL4R-~N zF8hs3EhF2Pe#RPfjDs7NzA4w-?>ZHE%udS@D~mGb;j~9li;f{$dWK~QPquR=o4XyT~Y1yQ^pv*@y(r{oB=Kf`}-lk+gYyREs zt%$ttn}zKDB4NZy%7rsQE=Kf+3-l+B1-YgZ5IP*Ht7ZzFD;_uJO-u09%u6ajd`b)IM=lMrH(*$0}exF_7>ItWOwe~}zKFjCd*)mjbzCkEf5hJfqRJHze z5#<|HWwD-1KZNn+%t-x=YTt&R^7g#sO2G5<*clG14A9M!Tvt=k{BmTyv&0%5#6O0% zkkvQYm-fw*T!y9{6(~R2SH67{yZzBpN4pMSs;S3i>NmX|4H?K8-lCq8BV=jS8hAuPil8i5xA*&{s$_0%CQg-V<)%=cpJX#6 z;PwWAX8%SOfu)Jydk#UCSx-;l+`kblzXPQA3w|!pP@^iNb6R)o;R{=I?9!8GWK{Fr zNxd;HrMq@x@i%W~_RCv1jd0E(5Qt&u_=YDh7_nF=G66-6fcF0W0SON~u6#5mT29F_ zE%A?0C?VnYb{YyE?!J+}yi9V2?%AcC4dp>3{C`&_(VwpuC`qHdX^mFsaM_Q~b%=Vn z>~Hc$#S++&th-ml;Hmy7|BD0se|_-k;`)`8^B;jhw{?OaM7?!382z>fJ;|!t8Z0id z%{o;Fs|lPi@gsdZ9-;;Z1_lNrQ=6QjBNbtp87RP($<61yPCLB$Tje2Y0+t&s!t_NY zO5?n?Tgf8+%p-HoQA2v(%O{obu|xVpyq#OPR2^McjAAB>$UwQ~6*jn4m2Jt0PW?Qo zbq@tehR755HZLD@Zo@q={yEB-AT?wxBT2uQkAG!d=!H>F^s_xdQD4FYJmo79UfTaG z>NPChIO2>2PmrKr(qG04o4d>@v-N>>OK%5#beqT#9Y(O}miV)OK_1I8?o9J5F1Ltp zvwSUGKF&^%cwBKiZ47X~YSA=}9l&II_IMt;T+ampf+opITTDeN2MTkM098A>CA80h z$&MK5kuMYNCzV;zIa#Vlw6F=^Maa-K!g`XS1A<}Lb-8QKxc8X05&Z0)ne#(6H)B=B zIB6JQ8O166o$8^nqNG{XS4MCu<2(D5B}&&F_j8nDbHXWJ6TU7PA$QrW*B*=1Jj_BH zC%j?&^z~5^`Dkhv zjp6$hqRaic@7fzniMi5#hl`6xm&gWbWfQbdE{l|`bW*zQ0-J*$2UL2+!381qGsm{ z%a*xhpz*}tSvVM%LuGb2{1YCaV-=|Rw(O_o#4twN-NgFzPA|=6#Fu87u1(^rq0Wf7 zF9{KL`0tBHIaC{8cJrD<3O@u1y>;=gtZVM6D5BP2m(Q6P)fjWAmTv3$TWLxIM8 zW2dxCVAQD!B|i%+zS27rQ1S2xR91H{hjtq#n(4nC($$pcyY$hF%*bo@5K~asccQs& ztPlN8a^iaTQ_*u^Z!$t_;g@b5;pQupV&%`uS7n*QBJCU(k_9u~r#rPPeWw^i)t zKgbs6=T{l9fu(*+GEgQ#f!y!>qTaAis8t*vsfx36Vp zmq&AL^$19wZV!B{Sn$VtOEHm9Gf>gPrn2cnuhsllEyQFItm^1+eI&lfyjv}FG1P(+ zw`aU(8B20tWwF0Sl4oM1J+~HJWGY<6z`r)}m}qP%z1ebN9+#y)l0VW3jp~fgdKR~C zN-ERUlMqMltZ%RA>G;IEG6gRp$ZHU|Rq~m=R?QvS$2&bA5vO{+8@i*>nE9bin7L?= z{`YL-VQprJx!mX3{j|a-HGS*iYrd#Qp|~Gt=5_bqQ(=Xy*B5qtzu@!JK2p(BBOj?i ziQj_a*s$T&D|PHUF*~tt@SuaO#Qi5<5Zjf+gmz^c$mO0;b6? z(=jddg91egd06lTx~%f}sd0_(5gKZ?8-6DlSE4ma5|Xnv4+uZifu8z!ggR3EOJEZ1 zbKftX&vi|diJa(}7RTOpp9@JSWYm&aQJ)RFwFVJSo(Og$9^g4Bbtd&ZUeEc@EEJ>a zIv4IXkc-|6Y?qLT}My~9Z8RN*}QTR;4-cLc!ohFBfDhf6iiM}p za9G!U{pDq%FL$z?`34&ivz2pnUvOyn$ISX1fP*Q*UmsYtM$6D|8#v#>}B7s_lXZ4;5IQe&^KgFf=%);H3pl=Qv~+} zNHp+AU&Wk00@AZ-@-{p7N85v*z9kASr&`|ikdc)}T7IqQC_Z!iYo5)+J{S{cTXtmD z`$AdG|7C;*8Ux%!H>-)MQxw`ZytWCt^8UIpd*a(toO0H>w^|Ueqww0l5b&4J@cvIP zfX8J|ANFCZRcBZ#U}O8@c5(2;(*+oGe-6YG9N&^K@8;G*fX0m9Rt-k5AL99?GzdO4 z0=xCb)=oLmV#8!aQK$agrz^Y9mE(`kR&V&RSN<$(X9G;@?w_5daBzgzGs!J>3eoChsBnd1;Ofzjvw0JHWxqRclwswVo#?iX-22XV1im zVfT5GqfAqkdsOU_cq%46tT>mYUfnQ5>UjuqCkl`?k17XDF3>TgK1T}-Tc|r?E|hiX z2i{(ELIQ)vZq3BZbxfoc5C1%cGy$eo=sq^OP-a1-yZ#02Tt4HigrTW~o}*HF8J0ct zBaY3y#BIKAPq~1eZwgy0|UQD+H?@$g1X0UY&+~< z8em?!_Ml>GxjWp<)E;UwU|Ows-E(*8PZjXAoN;?0j$;=en_ZjL9x;-3;CXt7E11uo z&ta#eIFRV_(5N$@O3cuyL+Q0S#MqcI&Y&hD-WoJlYAaRQu95ZaPe2hXoRR}6Z8u;C zFoB(}de$58i3RxeMEw~L8ezizG2h3ab_&om#@+kI#H3!?5KI>vCArL2h>ce{OlY2| zT0lEX@A1txJNQ%5DBxFEiO2Tm*3fClPx?WMV=%}HGE#kL8N~4@?nwY z*DtG^j@e(OyoWDg!{aZ=V*!6VY%kRx!rglQyjUH;`vrn7ldKX8Z7qXX`j17$L_QlI zJf*p)DMRqcU`nCIy+%_>jvA3@u{+v@R&$ePjRkezupyneK0vG&V~5Qhc*2lzL1MZ$lw49k3wB$2&gnT6im49KDFFx8+#<><2f7$)`32~T(>&<9H$xm zWmvXXdf3SW1*O_&sXAg4AR%uiRe@F-JxYTAIuc^a1V8egcBKmsEEMotrJQ?=@wc`4 z#`&q_!sQPmsaW!<6%Tn@yn9E^mRUn2(8p!MROr@nPZ?t0W0+f`1i*l=e;NRbfa}n- zj(C5nHF@%lG%`&3nt*)&B8}p||Kg?q-(0JyH_l(W5&XcVVzr;i5>SeFd>ks%vIq&( zH8OAxa!IqKngzdSCYBvb!+Aa5{HhVu$mQBy8bwv%S>nF27l@H+<*^E6>w^?Z(8mg~}Wf0(oTRF8%Y z$FUVG3Sd8Q>{Dhl2H0B1^4Fiiu6FD)AA?zYhr3fe`N^cnGYacv9o0@I#EdXe+TNop7v^^zY6y);pQn(%$pHKqn;|m>Ct=3#w8yfrp9*?^^i{S{MAe}4`&29s zAi9{k)@i{Whv499#AT4p)`&c?{WiCa0L+lYTNk9{pDFQZAM}_08vM+3ln61k2hLXW z0>U>yyCzNVm@8z$3>q4P5iLFnxi?dhxd|B(o_T|3m|LPb8#>sv>?W*J)Lqoj+N+B5 zq-QAaY69PP+OUOVP69Yo`z)@|7A`)75mHG~HOeKa@arFsPhP23lx-{^x z-xr>*8v-xZn%!c@Z8K>WXEf_te|>h($^(zz&%FnCR&q)RpI2Y3b$A_K2$KPbky(&6D$XbuXZpLPF zaQI)P-~4h@w~1D!;|}ZvqWY9yWjaf4-0BGDxj9hMeo++gqej- z)GOvDP|i&h;}tE>k4BpN!nW<^(o9sAy;g0HmC^gFnlF1)?zS>OhxlVhnf%|KxVJl>#6OMvX7%p*md2*L=RnVR04x_3kpua!&YW@&5!Z+&aHts-V#F;}0 zP1*kZ07qYYzjE;9!!r+v$1QsQ-*-w>`1&KpK!NhPiiE(MGlxQ;Xc+K2g|Oh33f^+y zwiU2bVxe|PbW$w&*H(D7!=c8w%REzAOh})CjBwz{bZ=Mu2F_cFJqa)o@S_7p=6%31 zo^P${vbfP-%+LLI90jmq{R4%y8PXIeMRm{l@=5xD4zLtZ+P3%eba2|gT+THA#v6N z74AKq#FM*7CXZR%U5S)Ye;|^;*L1fsLB+-&=H_s8+QQs?&i>Hy

    8{h{!s@vkt(% zbs-r1FcI8!2@QrNnFd;>%nFPMavyzNJZ^t$C4MJ*4}mkROa)!7qbkqOa!=(0faje*g;TqpMRpk zuOq;Z1Yv7qC`v5fojnf+mjdoHOka0wUS9^`H1ON47YlRrdiP~&PItOP%TLc!pn%=Y zjr#$}#=|Iov752vqDu>(2wN~L_yzQOh0+V}4{F+VIoRrp&P;GY6>xnDmpBRr+`XRJ zyk3>@ijIENaX(dg>|+;2cgPl?2ThFFJKTr8`fYyiF4o_rUFwD%1ovD*L|^xVg9&oi zyREX$k0Lm|Dk$@N?p9y#?_Ob$*P9mO4^=(g>|^_z!FM_L;&T<>b=P0u;Ug$7WeI&J!vfg8U5KR4@ZEbW{|Lt;h^OU$!*u=mA}D(yjx$; zHr6(NhUpwt{vZz_5;^)Z3FOjhy{+zevN;_+(v^Aa9N@HbSd{woeU7_G6tK~!zxYfQ z_^KKg(Snz>N%ihth^J=ps|S5L_&SGnJwg;VlP^kJN5bk%<%*56=I(ZU9{g|^?8~$! zlM-?w^?==THzeva%~ve4o&ePoi3i=v249O-4JE1S9>i1$P#VLAUOh_OP>gFwi$&}3 zzV~fcmWjf)RbOk8>#c!#KF^Q&`ayYyFhI|8Tzf^n9Ek`U;NfmaTV1pcTcBixBrzqG2TozN;eh%JY{a zMzg<-#5Lm)RWTcbI%CR2}q= z{UsUKTl|eZ9;cns>n8~nD)f>Zd?5d=#{_N~4WFbIL6fH|)t={+B+3K0+bCIS#EdAC z?JRoAe+6wmH=3?bjQM6kzlf`tY|rI@9;+ZvN02(*!ifmi2H{IE9nGkRpsrta)h|@h zmy6BR$uI?WzQl8!{O4WKz|_7R)$3zflR316^0QsgE6i{yq!qI5&7mC(H3dEQQ3ZPf zK-9b>I3LoU{^o%0i#K7K4jzTWq_#rce9% zPYa-puKfI0rv6+ac2mozXUMZC=(R0yEK|>12Q=s#1f2@LwEXw<7cy!0l<@j+IZ?V1 zHjkF9?{d=rqPAQEd0m&yZH!afqaXkWJ?et(`vnU6BJ*zHv#`$G-(B#UI{-Y<|6{Fzm)rzP5#0|CuvESks=pRm(2aOjKmi*pT_uFFV9;={q?hdbu5;S|PG57%rdfcYkwEg+HNFPxA zvU3P0cp6&T=FYnfh^BTkP^3F#*Hp;DQNNn9Nf(KB z5+dxqlBWWso+(Tv&G(5@`SvHUBW8yx7?Phu>hVH8Ur@n(Fvn~HM(eL1@$oyKdObJ< zj^Lr>6P<6pF90^IrqFz@)ixiH6@APJp0sgn7ZwpciS6hlw~kuPAMWBs6BtK{TRyl9 z)r%^|Y1LUbzK24dmIJ@PAo)zkjn%@}{L7W^?!R97PiD56CP`z~?moqJ4XbU8!w-9~ z;5%q~ge$&f+7Ow7=SM$l`PP?hm)8gRxh4{P1kvFxY;X*g=cR9w>dMP8HVE2%8m`_x zLV*$Tiu{)HyrJM>G3f-sPJM|#@>iw3H?rO9J#yRnN zg#s6~Pxbl{pjAs(r?7a9dtpLK2PEZmLm%D?nXkFt5}Z7h>Mu1Q{>2SW)76?^T;S!} z(eL}SQ6#wiME`DSAJ2*R^_)HUJ`56YD7g9ZlK-^Ne!+9gN{YKWMT?ftw}^bh`?_Bj zeBTWTf*Ec;z9a=*W9wdky(XDbIyVsVj+h@NTVG0oE}R0*w=-ReUR-+a;7FH&sDI`L z5YOwBj`j7i#)TkucBo#J%g`88HTZH)^qDI7J`WObhZ+obDlgxb*hN(s&4(-VtQI$( zhD4v=xIRy|2LH1Web@vA%?MC)7g@iuN_oqWQkp)%r}(v7^u7=BH1m3Y{MxQQnzJA? z8yVF7*o^g*68yT1-2+42e4GS=?)pGaFjJGdgGt*b8%=>O1AW;MK=9?c=>6^8>plC= z-vl9hEdevdXgV*lqAz`L;|O`V4z}^4l2E?Z-ya7ylpR!wiQKGsU$y~9 z8AzKi7k9x=*r3VYcm^>tKuxX~buxPzx)&niLlGLqC?C8r3^cxXyp5{-VHk{84qqZs zwzTEO2MvBQL}2{Nx92m3<`!<>^n6bbMW1IjgER!4`5YF-sgvu7)Bx0`xb?&J=IJWs z!~Wif-rkE7IY3Gw=H5nG?;D#uw-4|3PT$R=y+c9_F+%!3zs9iR#S}CJG6aO`oIi5p zhdSBWR@c?kz+(>EO66yT{a6LjeiHprz3N7V`BbFWK5gL zSQ}v7<8V#_&bnqs4x+e@twhov9R1|4*JlU~r-;4zD9}=ilAvrHDD0)Nj~&*AbUj-! zd7HkH-I0Bgjl$C7F%aIrkoS-luv|!!MT%4psf~5zzh7>w$w}xw@85{=^29#=W1K`0;T3OT_!&`UFEo~X?gmL0z)czKJ4N#r# z*PCBeGpx+B(0Hf3wg5Fmm7;q>k%2U<#5ilVe37eR`EXH^tC6XTgu&)wewr4jGSuGx zr%7E;ad6)4eMwt`ev`MQ0A7aA7nN;S;_vA7)%tWDVIkI5Qo}_P#~R?=hL7}6zrj1l ziauKE>V(8ESIM(`V%QWX6Z$3;wW`sF&U9BFOZ3Y$`+jp;iaaM5fXNWqcFfLX+Ud>0u&r2(*Hj5Ar_1P<4M>N>9AAR%Ry6NfC z1nl^YAmz_19h)ZG#jE5WF72=Hz$@~atUb{W!?G@%#ShOMyg!I9`Yt7^9|wIvbI7oM z@G0f;dcn^L-=sOC(D;QlS3jXC*hvpqsOZzg8qjVMPg_H-T{8IaopiEXjvh+TL{zH&y- zgm`3ujpZE|R-GIK7@M2vP1Lz^qEPwy?|yMB8UVf>11NklR2-A81i}MX3#?pYD_Wm; zti`OvYu2_|G9=5edaUP?Y#4|)raO4TsozXo@m1CP3JD{8Gy6Go@XkiNqR(TA=twKQ zT=jP4)*AMt(4~iRQE7sU-Y#V4H};1|?-^mPyHHq#qAWU(*t^|JTNp+OY*1yAo@U6g z;o`y~NoFvBw#MVxNkWa+X6k#*NI2%zTa6c%#WqE77x4gzMloW2v00QN37{=;>{))& zBCl&Dwk4eY60W2Mxwr}_no*q5j{>0c>)N_Fb9Gf^ym0OrP=Ur)lz50p^FZay)rJ@D z*KT%=1#q}(qy0&=WbW>1N9VObuAa#+4Q~I2!?VZxd_R{pw?#0Yo#f;aqbkK?MlX48 zcg>#5!?lF5O6KNw+$GrS{9Q4+zq-43nGRdtPMn`^e2#Z8HTPJ}K4sjgec6sd3| zF%e1NZV5h<=2gYgZ;?SgqBS6T=U{H`?q@H?B_cKDgbQ(4`@?lgFoq{AX;D5jbBXgN zjE7k^iW|dyzos{QT9RpO5jUrBIpJ@0o6 z{8nWi#!o+%yJI{H7_&}JEw6?au^eOGAm^-cNexWU)d~;Pt&*Oa&H8rl#yn+Z=Vp-~ zk(ABvP1EnEBj9@2@(@KnMh=DSF5O3GN}i@0ghGhhLg4P8?uX(KU}LgZ378?qhiX3u z`Qx8_1bj@!@>vxsk>uhpk*5gya0%33LT82OTBjFM!k=-$%9jOfd=YU|&;Ss-#H$*K zxd)i{pU|@t4y67_kVr$G0po2dtO~#l_>lW)wh3mn30;=)Z831U>+e6av}QuzfLzb z*uZE>LvvuTY}wqow`V6>{uCfh0SE+2e)RmTmmniqs0L?9DN=9q`fuYr5xU2yWGc~r zm*Wx;cps#yto*zO5Pe{O-3LAW$1V3d7yPLDdINd^Cy6}TIyf-n##~=tBe1@~{c(Lm z87@pXLS0)KxZ&4gH+8wFq#6uvT8SfH$;6lh(=B6CSz-Y|o%g4M3Q^YiK>@Ie^a( zfc_iRw(I>$v%~8%==JXPcJpQRH4WjYpX#ZX3LhUILAMT^lau4nSOPH)#Bp1FndB(U zWjr4DpVXvz*`q8@95DG3wnXDW;|(S6EH6^MxxKqtYj4tp?Ktcb8BVvho7j8It@lDm z{+4BaRIMbt_yWpL0G67As=f{98GQy|i9BsUFz#lB5W410{Rei}iMlyeDqcmWB6vCD zxwSc>?!+ke@(Ny_qv9yy1+Gq4JMu66QrWtWSIIXowgZ0K$P%Goi>(U}p}38CT?Jf? z8$NY;@2s1d96;k+`O61gF-U>e)L!>&8wWSnYn@lytX&tkEphDsUP<0R!PYKY(-b`= z*fLV&X!Ee<&%T$Gl;l63*%Sz0QoZiNPeZTUq6odi!@~$fwCsK6^+Q8LXsQ`FyrVXL z@504daV1(Zu@ySGH>A2pUI_EVLV2E%C^XfLjf{-7AG*3Ir%3o)mL_&tNwmXa5`Jif zrbk716=8CR-luYgIdP|Y$7@cetWcO4sUj1{vdWtOppVu?!W}k#}m})mu1JfpHwk3kH*S9$A)n_ z;J))a6c{rVnGE<>U0&Yfe?I(GR3FzPXOvP~M>``!mq=&pF>$;eO2>>l?X0rJO!ZB% zl8L$g?PyA-^LK+e19goEJ4bq;%31!A)mtN_K$>Xv=SI@CA}w_Mg`lPxN#>ebhw|F0 zDR##!-k}fs`0W*2i_cN2`DvU;9-TT;AkZJc!a}h;Ba<_s^BBePs;IO?&+}&u%y%vI zh4)xSQynz8Or zi>X zQ*`ZmVI{-mVjNg#pE|X#sv1>%fC6MC=iPBV0tiy+S9?N;v;yb# zvLb`M3wwv50n8QElXfMHEY4hn=8krX%Dz?}!avze)H7St4bdAt#5F1_SL`OHuI!2x zy0K@*(F_$S2^O@#^Q~$&7&DFGxwa*F{eNND7eYQJ5q%gJ)FQjRYW`00UUnotVydHL znZ|Q$o4&hSo8~|4?PJlInHB0&Hxg+21G}XBA4A#W25~@MS?Z<+>Y0Y>+DR_umCm(( zqb3Lgq5>;^C7Dt~+)X?>!rf`Q0~dP!fuihaH{P7O9lH{a4ibLPc{|?XhE{gc3v)_p zKCB^gHLE!NR_ZrDOhr0?P<3Z7%pfg1*G!DSrqYh93~lX&0qKP_q{Zr8S}(Wv;P?5l ztik%KCA_KWsr$k{A$j!!G;;U-T+H@WwQNj?Bsyy9x+=%~0*RqVl}P+kIps@()<(uJ zyJg7D@o4+2Jb0R_$+q`J+1`Xb4P8xLC;D%!`=c+uxKP&C4bEq1@$h_IHdeIXv-L<+ zdnm7bkDpqZyXLp@#b+CvP6?$arZI%N-eOe?y34E`5crN5Sy`2}*}~T(uuV9T(N|3i zovFs_+RaJm{cQV}KQ2S_VDJLLA{UO7=Ty$X%EIom zG0s)6Kh`SaTvN`VE&M=puif!+bMd$ zJSr-RpPzpV<33Nw_w$O?o2usQMsg@jh%L$kBWGsX;WJF^Ay666&-7K>8f_uZ&_K2l zhiX~@(1z(12y?Rn+ELojw9(ifjNh2K1*TZ6R-xvY;|B5Qmjp%Fg=~y(O*j_d61tKc zv<;+5aIGzD%-Y;35NjGn6>`XBF0_qRKHfjpz<{`GogRYue0HA1t!3>>EI?$6teD5X ztJ+A}JC6~M_j$s^i87OPy!de{EjHUIHO|TSLx{%n!XhyjHwo4TwB)%iQ-3gg^K67Y zhN5QKWVB)T?L3)wKUc<2GT}^mj%DX+YImn(%Xhe+I|A>#z1f1kzD_6kXhV&av0W^! zHhThjVLERdXb?8ayDv1p00VG{pQ23!LjwcOt^cm(3BpSXC+&C6kEYfS`!CL1di){I zx99%)U{SUrIZLemW?mNix;>W?HgV7A8@lRC$)q5~VY7N9hodS)PeIbGPu5LX9nW^! z9%1hFVaWg^MT$?Q+b0SKdyyjF_;?R97qG>Q8eP`A?|%Q*q?GZ5riLC))mOeW=3Vc;!cO#F!X9 zBMlWZH*gTS`fd8cKSH4LNRh)#EwH(Ji#-exC&zy3Q#@Z68nnjX;4{P0%z3|bS#^DW z3mW(?31_uKP0X3_ya-_N{YdC@qt~z4vAfyqqhAES{9!v?6}u8w!XQKEbhbwl1RiiurXqt0%8K zJmuk$$>eBx>NmZ2`m%6zDzY zWSHA?G$(SgeY<<8eIV(_1MHO6)>fOyIBh9;&uvYStTW-lDQ!97$4iDSGeSJ1ohJ>` zaWjafqZ@*J;?-4%BFL-V8EpvfN=nO$z6raapQImKrn`Ox=>O>sx?|WD2;z#hwOJX< z?je&)Qg`A2iST#b7 zKlj2~{nS5%I~GO#X?vLOIOwy--~o?3YI)r;5(i09wm)*eTQ_nbi_Sg<0hC`#1k|gu-w>tpB)h87NrA(^0S^hDFM#rYdD}TO{}y(m%UYw zpADXN((&Fjdn&B&t|f*mOC)QroCl0HjYizJO5dNHFm0Ej=3=(rMMQvehH_u7FMy4H z?KLmXpB*@T+x`Zn%93;P^A6p!-k&&=L^}-E|Cs=3(`uniJ~0xtHF=M_8a(cz_n+z1 z6CTBRw?ye?fa%HKV#6^&vqQqPecn6%?mw{b|AcD#{vI3$p;pGZ7c?;b^^OWpGo@XL>z_5bx7cUNpOMQEJ9p%3 z8Dkw~GOzKOM!;FG{7s-aD9ny$bCe%>0TY9U!R2#l%f2M)Jq5QdN`Zh=5=L4C%|fouQa+BOlP_ZjLAYDy+x zpsmM>;?dp5>r^-s)k@gFbv5kb2kvC-V4{I(lB3u#^#_~H*}m#5TAc-*Ex?SQ_c$bX z(B{C^5`fb$Ff-dvo~up&>0GN~sW~gD9rqex_{;~Ef-*WT!qD>O=8EM(8ofCzUWQjd zwz87VCzeW=Zl#3L9I(jh93&ovIKPxlMYPk;B)QUu?wgm=rnDwC9M&Q-^)BnKtU|iA zf;pyG`(^CRZzb^r$;~m^z`=w0F*OD{L$@DzD)rO1+S!In}3 z5ythNh$k4bkb01x7ZQE@-9%`5G~u78mpUq(^)$SV?EJCSI0~L%1avWVyRMY>Ow?O) zQip^xBPbLD$kBi5VG!o5<}f`MC>(vc09>FsGlBJIvNfh{<`~7D&qnUB;^}J^PZae! zzKs=WJ3=a&b*>NG^7p^8ll+@(8FY7dUcJ;4I`~2ty1qOUc4+77Bc@|$Rcw4Ou@bKQ z^ST@e=(Nn$c#|Vei|KT_*SS^dUIR@y$rf*>?H9I)*C&WMTb^s*QJ;5VadkxW{oUBe zp5YL0ows<9L^DK~hA5;m&7^%yLCIAduqerugUc(NNUNwdea=CG%~~!v>oxYFtv)a0>U~+G{TVA^)a^F;2%p5Gztbq*cC={cY=N z3iC}2(-r?tFJ75R2>o0p$F4}6OnXu!bxOs}q!d5jP>ghq0Cz%)_6P$Y`r+EYny_)kYjIM^)m)fkx%=fE?(K>b zeK)Hav-tCP!ee}wP8#y#oA(zl7e7bC(_h=bMY@pU_O}X8g#*un=%jFXl*QWNlf!O( z^i-*E(*vG0hmYfYIj#s0Kf7-pMufd2{!tJudE_jyFu%>%Vkf~I!)g!=npxb$EKm`{&Bd(Gf01+dzR&I>fm}Uy zPUK{{y>Oxo>y92W{sZ}o<$V)_gW}Qw-{25NX-Ehh{Y*|t(S(z^(x;S_mgY_ZgY2>X z7ZgEc1INHOaa)^QiH5F@&Y8C$pVCikBt$WOYiny;u9XAp6Gfu`aQ&xrIOOo{Kq5F; zG*3m90)$xyjvLx7D=Sl_+mi@oTVI?lfD1WG;lzgT!j5#KP4TJbSBYaHv2|d&*njK! z%yq_V&dK#O^N)jRz6n>ES|G9&n|qn}B?~-#`pkS#Mo6fg!J+|AwocNgqd5Qm6Gjiq z3lNSq6vAzSsHj3#5Vv`IE<*!E*k;hC)oktU5fzdJg2*m?*6f?p)6)3Ki2`svVjY5W z`~F@YYEl(`oJ4k?IiJ0~k%SUyuH<^q3T4r)@$vE=Q{0Dbs0Yvo&7;3x@pJJd18S8j z^9R!KZBP{bAS1zpbOw#O{D@WrSak(_Y;#ItCU&m&to zG1BwH?R=$dD$cF=(1x=n?)2)XNvGTMVA@%i%nAlaZ6U80Vjj1rdpTvlP>(weGxO=e zM0_?|4tF#;yT(d6`8H{CzD3-RP1oXhc2%WKLs}lU!(S_NXvX5LzCZJHk&Gm5S%)|x z>Po#?E|8MT%`D0vHp;-9jSUdXozk_S`MV7@hY4sExYl?qNMAaWBZNU3=o|4MBOO;&12s{MrJUqOXvmVAKCJ@u4tP-GxXrb zfolJ&%)y3rA6S}TAgRuz)9*$FClO?g!Jp2@ZtCi@bY{qF-!VZb>dq(W zjh=mfNT?}3Gd^qRF4FBS4E4L6D@zDF%2i1AJ#T#%X56;Zu;!5eBGCCew$m0#W-Pd? zZ(?LO(QS-M7?g53!Vb-O1pk-|n&TrbXWWe~PvEA*t_!#t*`3XH_H;L3!PSaUpxl_~ z$@1Dgk&UR?McW3J0}jfE2cD5KoMKZ3poNmyq*ueeDSkP=S@j*;!^r7WPl9-Xp#^~gvnG>I>a;-cL$H|akenA9uG2t{*gp5I^VcQQ; z`FH#zm4|&ZJO|~=7x9@1$NglJg9aJxjy6^95wivD~_fzkaG>C3l7 zBRM9ozv7EEK#LY1u4D#3^KukF-wz=taf-a$tqt}p?7bDPxA!|0L8feUwl?vV`T(#o zJ4&}kO7&L`?WI@y+fZlfbmrDma*{nA6Z)x_ul4B?T}>q@4K-AHEbUYc3=Sv>8DSqE z9o=OScy>EA(v{peX9l~hwOvt{WwVN#&m>pUuxB*e^P!No^U7D-RUT)d-j3V2W0+qF zrp+ADLYKo};5yT8cTj9IgQWJF*}^;0X$?xeDg~_%c8XA}tr5QPE)J$|`V?idbRNW+N2k<;4$wZ5zbjGesq|>H+-yS;r?&V?* zmZdA&qdQ@^F73}#EkM$}vs=a6=xnvlV(xU0=kc`%18yHdo1*;uaHNCMmz(TBS&Z`& zJG+a&KP=Q?)+a}W7$s*F)k@&uq9A&T%CGrJl5dA>aDzVHV9n0yO};k&C{qpL8C}^- zC8|AhrltXOaxGO(EGvkcOz>cJpD-PbM>(jU#_R{l(@)(~pnJ>4l`<78w@!auRGdHYP$)D0oOij#4?8CXO zvO|(lMroCJlGS%zt;GsCVhYdh3V}#DChVw*oZLr2AZ6=BcgGUf+{@Me`FPIq9bAap zgBdz{E<12dN87{BFk&-l7=ZRUmAyfcYK^H+3Dhk4r&r6c*XM=?Dxr!Ka9GM%svs)`EcTba8>IGD&0*!h>odF0D>SRh zTJ;NSgFI=3QkMK=abSdXd2RS?(qyCbXO|ju*QvIVeU4ug?W#XFQ1tz7Ql46VD*KDI zjt_Uc3znUF7UJycdCWWyS)IX!xG6#>EzoG{s#TFgo#?Tl_70r~hfP;~HzFuO=3svz zX$EsAlz@s0%-t{fVpfSx*=K_!GH%l5UwHid5at$}8&a5#um-w*(?v18iP^juAM45* z%WWwYh@4)Nvxvz}I0aLMg!_O8{qE<(w+j2i{&a~@E0OC>mF^?QH_RM#f+4L~KW}WE zFuCza)^q$oexSI2nGN?$0n(<*jDdP3Nw5V?76UvdVuEK|mfs^&>^n|=Ms{^Bf2eb; zv~`Lc-t=>=(+xCb1#%i7B(**Y*dkr6IhfXETF2aAe78iMPt1j#1i44Z`7#O0zD-ab zpYNbx{HCI`(~v!2;9sN$iOJF;vivo-cDZDPggG>NeKtSzW`ayY`+?%(KH zZ0lJxUZsk^GuZcNYIt9df|i7P(UP=`ShbrgZeq+`md{&H(NgQB)07~cyrgydYzStS zj+Ej-a532ba4=HG*>LgZVq>i5 zJ?;d9WFM_{Z6hf-!;eEpw4e5PKNuVG5wP)nQEB`)&CL}l;gTL{u(zyNo2viANH^j} zh6s7U1E04LCHUBr91AsW0IrKe3oJy?V@c1-BEdkJTUfXW5>}Bnxe@Gcct-70=I2k# z<@Rik2vhg-(4^5!_X}@{i1e4HfF)ixg98Zn89J+b09LKdG?@G2ZVB>@0^-iqf0XSt z>MjzGmKzt{ifLl`4jIqK6W{on$7&i#2IO6C(Yg7ca_6WlAk=pxe{uGe1kmHB7X*Z@ z=9;c|W(1^0cYwB#OM$N+x_12~ch|BdPQHS-f~ZgQ=<&^0#>VcWWDeVjHXSrQbvJAC zmAVYfDhj&r`@Wy$-ZJ$kjAB~b@tExabv!ke*PYH3?Eo;a;aBqo9$Jg%fJ>2C z`4{@OgjG7TBzcs|b_EF4J0aL?DL+MfiwVj1ePqK2z#fs4H^uET4*C0^W$&iAxI7&V zwg}RIOevL-)eW(Vzt`Xlb+O1d6v(&-83q--xBaQ zpJnN0rPH#O!i<+R$gR&lbjLW9be_2BLq58i6mA4c5NpyaXx_VabawwwYiAkMRu}dA zBE_BJuEE{iDHfo(Yl}Msr?|Tor?|Vjy9IZ5C|VraH+}BhFZbh}_k7tiNoLQSlVt5B zzyDf|#pmRogjWyoHp)olS4lTN5JU~RJLJ}+5XUZvR-3cXVKo%^jQg4Rdd`Q{y;+%V3|B#I+?fVk@X;i*KgysNRh89YH=_0P$h|7)0*boT9MEAw zq0+zS@TzQgKhSv?o@3pdVh2*=#M{)t%&)D`bAPOQvC@>g|1gTeRkpRe6zH`jRSz>} z_Jcx8XriD9xAH@ z1Q4~*XsyJf*I6>nWzm)znQ4j8XUZSic*JRHN}uYrP&VHah?J@PP_c5IsxJ+uw_XT? zo4oqV<3BZ$ip|5&I((XY4n1)~0?FhunaCRL5zjNi^M48#iOVy5pJj9Iwma0_WyeR^ z8YeOeuy`(CVoq;P{Zucf#PQvPz>Q-)PqzwWdC%9Wy8l2x3l;TPgF3 zc8T2#x5AVIGU|$KuF*YsIvsb@6onh{rJWDbi{zqn5sKYG*rjkON^-1RE6xsog9eUO z@q+o%4}{r$KYTSbWG8$s23y$&07-P87_x_mSD>DK9~kn2m2Gbq!E!oh;(U)KGDWYr zg0;Nj6>@XRv`ON%u5bO9k^Jl(F^q&sMT?f=UTB(d!L}R`gXh>008L!YPo&hi zsWZq&hZHIRo>3XRr30DYA|@>sHb3N{D1tt7(k73QQuo$5IXG2+mk!ZPp$zx+4sNL> zL+I|VlotBbVvABo;EEA!>8vP3x5>R`W*GLZxFrSw`eR-8Jf#!YWUZB%BFdiB&v-d~ z@ohrO0hpcv$#dC17`l``VI6A1lOW3U{sYhyEp8sa?BLJUjGe?EfzyXl@Ckl$gJxg) zd?N;P+F*pe-k&d|0=?wE^F~QfV-XnaD};@(_kesYUFSoysuN7sGfDUIRP*Ck^>>}~ zgH9~FqGo<3MieIe3Ak*lx*vSW45$?s=!Mm2t#fN6b@gfGBd1Il`^1sXa+0+oXq1AW z3o4OqC4XG?@!PI6_u{&dN-KS|yddRJ`%Kl85Nvj5y)Z2EHqsFoh$Z6yhzS@@=4~ri zsFZPHq0jgkN(dJvy?@tBQ<+nSBm8nXv^NUoNE^vZkUL070AH?dGIxzRtY+;rCei0T z)p_%RUo)15HubS0K2y8JPSRn2!ImXEVRN^iArp&9SF7Xi;cK_zBOzL1c5X#cSrS`9 znKrH#$1%n2L-f^8@}Ea<@->8<3yB!OPDQEfLIVW)hOCUy}6JN zMrgms!i+)DxB6YAx;4Sj_ZC1JA&^qR*ia$AkUV0ldbcz?n<3)SUJpmU$3s#X8}lo_ z#l;pqu9Af2ycuf#@@Tw&j_AAr-nC+0*cIBrQ66p5fv;Y)FHf~siJp2qeDd+dSpck} z$iK~AqUgq;_ozuT_wl2yn5oHt3_7Y59&=;%1OvKtH)fh2DFx@+1Z*%3?r8$koXyZ*!EY&qCcZGubKuh_|=_RA~7>1U_B zUSX+UHQ}#un=)IdsbDfK1(``3s_$>LU4KhM_gNcQ8V&|gygMs%xX>p*1aRNUaoMgU zS65b&6mjQ#fkh#rdMCafcN7#H;$(D5^0rqQUNE3ZL7@m6J_`IYL6EcA@{_{*R}Oe- z64VEq0=HEU+S^GaHK?Y$oE;xt**S!#4Wig;F4n^CHWm>BK={iHX;V#`tDm$Qh@Ua< z$*!(%Z#@J{6k57tf&$JcUrKMUQGdOW&|=-{-6IvrS80~1&nMRtPZu&&%^=+_V#Ud* z_XkQWMJ_oR-udu6V$i|}W>*sXk^FDdGylK)JteyKlVjcvFW*leR3|`{$Z!CQ8b$yB z+SG&U0UAsTpT%$9E;YUAJFf7(2k6&VV0k=*r9aPs@6L#&n(%PLcnhH}>+%prXjE$~ zZ87J1EgJw{VDTFftSAUPiXE&zLG%HQ$Wh;}k+zdX+Itp8i4)1VHz*~bJe=3N?C4#u zE;Mu^&8cUMw;9;y{v|53g}_EFxh>~X)F*fF5+<(bw_JM^xx5&$!&oxRxTw!vr0&ph z@L8f=e7I;K5`D&eSijrj0t(1BU%4-2yM_xAKJ%HzPeab z`vB;B$PEF1j1OF?ZnY^-jJc3lZm2IEFCO3|ES$U;Eoq;C`}-nth3to+Qj)vIy?D{X zVry#4#6gYJ1BwU1hsHM1IzZw(PjQjwKyr>9U9SC^MrO3VtY~z3%IUFAvCX}mh%8vK ztatLc-e>&aD+OqZE`6Lygs$c~K=9!w+;lf3K`{@eH(UuC^k*)V;E!4Q)QdMX-o;W% zt98r-N8B!2s&aBGi!}25-)}yrIl7LQywYj!1v7kDpbQu}y)9^-VM&XAc$~fz$nPx; z3lhl%M%$gOH|J6lQNklj8Yr%XqiLjn?kCOfV>$h8S<620P#Zrhk-Z3Sipe$mnahJ~ ztkUL6UnNs@TeC}I_PP~%0Ds**ET~i}l&b(@{CW#HR<$1BFb{=t6{*obGbflUN{Xjh zBdBeOberAe;}J90)K=sysg_EPo9j}7dxJY4GsAT)Z z5n%2vkbgT|tlM2+IbrJH4jd-*mYM2fp9g#b5YK^s7WoZoo9)umilo^_`nylyk@-UX z7OQD|dLp)ZM1Mv=XfbKq6y^s*Dv`|1LsuG8I7m8`tXJ?go5|&k#cxKe-;@IUA^)<> z_Doa=jVjzPbowGAo&cMrgb&UJL9(67I4_n4Mu?@!;#EIPSssAJv)s_aLukDW_hs>P?rshyTgYA;6^8Gop@W`ujnHAdxlQmg#f38A;WA%F{;YuP za?)y2tXW}Om$%wCS&V^xTR_KG^)zRX5EJ5=PrxbbUgaJo;hCEJselEVO@Cl~0MOP_ zoMjyE<+?Rz**ECIDC_bFOEw@lXlWc@B&^{mhMI#s0_5J78JrEP48Rq^FJ&D@wI%Kc zqd^!={#Ik3e)`OdLk>6`1T2BoqvhSB%Fp;s7V87a56znGmOkc|*U>){>U7e^C3@uE8Vx`#JQ7?62hbt~Qnu08%4r z3-3>?jJoY3r;hJqF5!)`KS=p#77SsFPsQ6gp`8rQ!Jh|{dNj+GNUIxLR9QVR;i3%t zdnP*zdUkb{D8>AkXk-`^nJSplV~TjG2Xf2}02d)}af!S+z2WOaaSZR^hG2mYlu>86bHUjLN zE>^j!IH1PjhR^Na&0dX#2tYBVi}OrZGh9M9E#E!edz&?e_FJ$zJG;0jL{`*p5Tr2j z|FJgG$;cp0%DJl2F=+->jV0l}OV#mj&Tla*@a278MKxgbk{l101^%A!{gHpn3eLN` zi<}@(bB1?}BCD|QMm%KA?V4mRtt>#X=i8fzZoj-w2Kv*Ljhy1Jk{;t~?T^IzhgJm| z7r~iX`%w6p>SJP$-(vS29UQ0dxK9yu(aR2&tHsQ+@2@SGBzBcmliplUufJqt!J>}K z;TH29eJPP5zbf@1MNy8DADV@DNIT z8H&?t(Cg(~BK%6aRDG;e4OzlBCpN|(x|MJ~L9p7}T}a&^er9@iLxQ))?!_+K5(Dz$ z6x7)u-f-VSv_CjY#25n8l5dOU0ew`n(6$O=_Wl)nc+pF-A)kb9L-=1_!`)AV%_>S* zSW6neN~H_jME;5m1T1>oc&&+`*I>#<(10q!Ju3A!-h2W!($>aaBoSUslU62|*zayC zhI)Ds)Tx9}y6bJ$NjNeGt8@lK7M_=HTB~5H((SOp+ApEl2z%VNkDL>kFR@=n@L)LL z4p8)O5FzAx5QJP`;qf9U>>SZBN3t7A5eOq+ihzSld&1&m>#0`G_QIa>fRBpFmB$Cx zxMgZ-uapT{=&`aT9cP)2aRV~`bfL7|gs{^|~Tb~atP>CVW+HgNxppKT>`Bb9s z38kaSiMlPSI8<+*ql}nRLoGy@NR!%JME9fwA#`bZx$sNb4|U}X)%6&GO@yNM`f_~M zwRjTis%ksnY7V~y82n!#MrYHx%wl~YwzJ-aTN-#Te}jARzHp%fo+H;KTe*#GnbkBy7=Wqt%q8S z>N|yH<$TZWK5~;1EBNM~j5G}_hX(KLK6IM9X)qXAEZ|)ihS|^N;1?#*F`I>bo=q;s z#+@2|S-X8X0-@(h6x1z=TX!{!Ox^=RerAQuGPN)Id}9 zP$^+cPE*ly@@nOw$f{O2klNVixyCS3VZP7dcjc#d(WXPDb+3X0iZkqWHa3?IfPLHRo;VU73KI)#wHo$ARHyLC&_RkM5W^%uODqE=mT{ zL)fXG?4m4T`K8~c%mzTb3CmrraFj=C_Q1KdGe`gC;(T~k%K|u7X9UxUK_%;XH%j9b zf}P!UM|>Y|8#h&PH?`v|;k_30-Fiy}gv1T=-{vWDrq^E0ar%)ani@7ew4~cdxT5rB zL&mkRLa}1xJFt5nL)e{e=qoM&u;3#!jCSmFbE)uO8im9kGA}Hu`e_zd{pu)6faCNG zr%O^0rz3N?h2xbrS$wc!oAhf_6SmG~QqsILb|7&qkEVuZ^0LV~ST+E_CMcaqMNOCi znUX~N28;*AKf@=oi&SS%pJo~AZ}51{XAsv?p+KZyy@GD0O+jK*k1Qlq;oF@wlQWa8 z$_6rTy?M5`)@x6jL_C8vn}>V3M;Nb_xIv^tN3nTCj%TzXD9%*h`+Tt+`G2ij?PE6+ zQ0CAQueErg!>=~6j^lqx8nfiec)3<462xn?Kk$$pw5%9(8zTl~%WzLKb-Fcq4xS-O z`+}lW9o%v*s!%}j=U&ZNPKu@m#(2E@9VJW38{>$;8qD z*+RN_JGl!kOI2`Pz;VXz_e74$N6HLUw3OKFSxTsa?wb2=raq=guZ4{Uogb{%&eC&= zZxfOFvKR>+U0d`!HaENrmok1$n;0r#$Fx+%j8qD~Pu?DhGz!--O|}_GCfSWneVeW3 zSU2cyjH$rBa62&7Ny66a#xPx|oL|quX+~R9lF0`1%~X0wkns>If6>Z^CC;Ir+tj}u z+)e1~=AXT7&1*B0Kb75sN|Ux=TaBh2_^=CQ#`9^D&}yQh>O9@BPH)O98*J+WpPh89zvJ|PfR~y z=(6(sekW-IH zzZ^U9HWCRIu@r8U``~nd+-r{U{1+`Z#;ew+ldxyHy2nMtV|%=870JV2I?4cs%#_#W z&ri(qn5e@Kg7QeuSXu~9lh?H7A~Gf>`ZwhT-;40UFimiSP)E*NP#qni;j7@M%giTvbh`Nv7;L#8iopM^MNM%%%ZptbH%w^_)4 z;6ULBEBpG{$GS$W3*EGhlDe1O?9T{QyrIUn|kk=vOvw4liNx7n6~ z6~*Y8N`%dHhw>p3EX#uZ5pE^<5YTJNk{?(#{K=8<_d^n!*Qc9yC0z_gj6(UUCR*GD z$@utn+uF7_C3jNO^C4;<=38|!QWok3=3!(gH8b~4a=m@DVU%p_)jlf({<0FOm zh-?ppp>JCd6aDAJGC^#IyB}WWlQEsSPHw>`-kCPDo2Pw+9``^s#DCipjTQ+|(ARtr zz|^Q2OU(QWnDSL=;Ty82z78vj=qlfK_!BJKA;3d@c0$d)h$Aw?&>tS$KRpe0Q@GeL zZ$(DX{oO%yH#gv3wRMBqTaY~MaB()P2>k^Svh zc}5e;Ss*lLH#s}unDz6yaWQ_&dovc+>om*%$96)ur`3UWP5cB8FAvXQ#vpI8Nzc9G zV=t-HSNgL###lw33MKB<7zd{E-O1907Z*pZWn*I{`4|2D!(dC5{lIj!t+$Pf%kk_P z+~Z@%B)lL|X-jstFgC`76r}0$yNI!OzjQ)#o!LfEvOAGR4Gkm`k4Xx#t z(Lr+B{dm>59l>=a8-GxOIR}+rrk{fgHmVx!e2FQJ2v3GBZgyYZI*iq38d)}C$~Gu( zO>)1ZK!_u^7n2rZB?ZV z{V_rI^<0lwX=!h(`l?9JM}QIr5g$mt)6XJBu1ZBj}Ar3N@6by*g*_KcKnZI99rT$r2@CNr^xc0ggbpG*{e%y>D8eh z&hg6v<{Qf4p|QYKXvQvAEs6#6uOIX(-z2`sI?wGe_KPe_o!?gywL-Zg93(qoEk_Qy zRlj09_Svq_XS$zzq4#MV5ln8W6TW;v1YTC*WB3bPjpCJbpxF zt{?^xXB^>e4gi0uA*GG2GH2J5aJH_L{Ww&$L4bJ))`D0(&mjwvT)vs(Sw!Q?Z>8>f z9UyeKU4OE7+wt=|crdLPQy|^5^sPCmbie4=g} z2j=+~_QcVyArrl2J;bJvXkA+-jFbXUNrqv%2U~QuuxBU3W&3wHhC1`O0e7AnBSP(i zvV14^q2ES7#yN=6DvrgaM6x6O3>5alNAFM^kz7&SNM_}kPf)<9wp2W+g2;Bk4=tNT z@?z1)Yxd2NZtzFOY)*JJtk>nKf06bby-Cy>E1~2~x04>!Y6r?xK7@{?BFXe9CeVJO zsByt^Ph!Klr#}BX!WhIQlWBQATA=eS=pmTL2{%~RXe4WmtENWzw?X%$kmr0U8w?6&?Cds5BdFxc+!W5G}0PU!%xHDvGUeKC*XV_ zDx!B7I}PjFX+<&iU{Q{V`euj5%ED4h_HCB2O)J5&O!^j#=%$x~!@vl$S_0kLiOyG{ z-rD2BykXLL2OuV6t_V|2DIIGK9rMvtj#PBLA6j*NYh`|GVRbB}p_>=wcpuM>zK%wU z*2<{CYSYufeBjZ>1pp^y5i-pzG|^}&j`%g zb@Vu6(6FX&XM(YUVO*XpmD^=_xr?3JbSwMk!6B$vbA0YGB_#n4FW@DZ*P`PL$-axJ zhKZH2#zR|nlg|~ZsD1{6O-l2aVNDO7lKy9x$F!Q1>E~Yd33~>*nHk0kIz|>-T1UL( zF^qq<6$kHB>g}$k;++QwBaHms|Elk`s>5XzcOyu$l{wKBa^H}R^VKdnnT1_j2bL#&HH!b?i1BCYq^(@n$U z&f!EFS{T(KD)ckMzZ!@SCM5GRF)@L2(p`eL+f-n17e^}Ux9wz$a1aFr@rZAw9ovAN z=N&7h3UymSL)fPS83x z+R8DAtqXUYlKFi!LrV`!(`V7YuMPIc9Cn+Go2>f&&?2-cjdy9J^Y~U2vZ8fZtI?)q zcE`7!nS^O}wX{L@U3kL*4ZS3~s(wY6Ro*zODjSrFuEBsLdPed3Am?LQDU)nIK!Nz> zx_dSIhcO=d36H=zf|Sg*>Rvwj4^fl#ldrpmTMSl1oJWaC_q{z0$*xLK5Y~>SDow5u4haUe)8s$JG*B57e(AkU;p_P!IzIE>>b>9 z=<{WmAP1b=Fnm>mZIf+h`*4tF-hlU5s9UL^eeashw?S&h{B|NQb97%R_!uQ{7(geW zQ_XYyrv$>1zWxSL*n3!O0S;4B!;`}$w7vg=mhPh&b2l6=R>^WN@Dd1NGs)vW^R?15 zb-VF0-mRs?MOkJdDG#;|TXp{(YdYuUXt>%ORPMpG#kBVzgq@(Lzmz%Vg;{!f_C&A# zX0G3nXrRANFMU2H?(SH54+k>+;V63C*A(}+>jP(fO2%<2IcXG2;+06J@4MG}MjQKp#LyFUKpgifAGDt3xf)^Ky&eZ$F*zsLiw`5wNh zZ6{D+UIXzWCJU#E89zoQ-}ui`X;H6XXA}W-xtj&~-I&|wb+jjSoZ2y;UG<0}cxWVN zyo6&hC7`_Tsk6q__oXZZV?^>rAZYgu|H9#cj(NzR58G99aQ8OQNOf-H{Icw%AbXBm zBu}~QlfD*JtE3ZWn(&dlbGva`<{_-4IisICR|WeF(#Sg&gJi@GW40&D0$`ld1DJbt zudB*w8_kC%E%#qpz_=5w2Z`FZyC8uSQ4@rAuFWd<_0YF6&tJ0dQ_Pcn1dHoLxsa|v@vMOpZu#}~9Bz&j zy>y*DKqeZI=*W;sU8k?A$lY9F4VKrG;kL&rck9v;2>+F+Qh<=6EJoeT3N>@e_srauy$*ErH@6q-5!!CU}PH;%9;TBnQ! zNlIy9@k3uS7wzb+w<@63c-q9rr){TQ+${gb*|y&+i@T61D{aGJO)Oq|)VuQWGT(A5Li77?RS;TQ?@?{nj)C!C`}%3^lzCMA!C^JgFcu$W}x>Q(=r}W2%@{!HT#Q z97=s4zc;UjNlUDjMk7M8I#ljAdH*Vw!z=2d<*v1tR{surWXf@K5IPw7irwS`wDMj4CvldkVHNvZFA>~E(s&Ffp4dB0i#%wVC=BJwPM^oM_CoBs{T3bVC zU0S-NDdM&&hJkt<_V6b9S(Pn@PnKz{ILd?@@8AUA3WFTh*8-L+jM$9@98y-1sMkyp zsktyR!cPY;o5k5i3Rj4TzOI29+k^z`t6)T_`hNIC3O9XEeDdmLBGS{>-Ik4UpvGDu zbpSL%v_%_vle?1GL~LX3se=ZRK|aK>vp~v79HdEU83|oJC?IHZ^<(<{UQq8 zNV_(*P>%mdGh2rR?-xdr;_I^F7Z3CJCX}BlT=jenc_0|n)SJl2Qwcx8kZ1?HuV|HL zzbug_>@^?F>Jd7}njao`gm766A6vojX*t!L5S`JV(kX^-k0NC z*!84yY|58)QSl6i&5vmBa(DOfe9O3g>=vm*2OQHTnXc40%JMPQN58g0b2*0tU2)iMfZd(bBMjSx3>kdakzMR7F*L77Z)3E{cn@MT{ShAyra$j z>;FPDd??`5CnD|C18JKXRrK&#=#Ss_kRNGx9;7(T=}XY7A1c<}reBSHcvuR25(XSE zErz!(V4GXJFuRF5{r0;9d=mc3r+f9Zs>zp7`aR}GD6ZiWlug#{!#KQX&r_DrbO22% z2@(9*KkR$EJDRO;23reQ2(Y*9`67CgpeeHvOHZYVuMJUh*QH_^A^DC4S3XFu-DSmY zYQMS8^?$^-SZNK^%RS<5iUSdYMm3TbLcyjqnl)^={3c;ZE*ymh_ zuxRIg{MS~=6Fs}M6jowq{a|Ct$~G!()y`3ny6SXWbFD8hm`| zOcNs=6UIgR`;{5>JVNW6S*zk(<730GIf6Kwb_Mx1#;`F07b6OjFqaTD?YXAEh5~iM z3sR;Lg=KB9MgZdSAyS`9=?T!&MGmGdtqJYD20J7Nc63eg4#bRe%8@&ao}MtMsmi+E z5`aq1H|ou60;Xde3{ssl%ve-CgU5`^!J76n8*|;u=Zlx}UOH3J{ES#}N*E3GcaAU< z>x9bqs*_G_)V9mG?HRM(c`OaxHp(VQN)MWxaW!q;~}1T5E+GyvmY!&H9dNKRZ0|c8L@;BFCJP%ERV|3KFR7lyFvA?j{VX)MJUT<82H*g_) zoa*5lHkUxklTeqqHHi4KIUg8FOYA1Lhb$PU?qWCNAVL`#*J#~=zDkz=X@S>OnOVn9 z^LY=ermE9NDs&LDsP^nKJMBl#q44|oha!qc9sauSOT}MCR~B1r;8POBUY3jhNQSiD zI4w2k{`_Qa#QGq2c_(m|uXw48pU2&@5W(wvljj|s^je$qy;S9VDm8^gf<1z>#XTBA zu|6FVJUXAicx7vrTn!0T|H{(xj-QRy78}4mHn8-j{D~caum{ly3XU9o^~zmtVI{cC z<3gj>EwX?W8bQk(bGp#{ybK#m3?`*B9o1hS@OGD{Q($!NFe_7-jby!A6BK{@!|i2% zlr3>qs94lscP&RFb=$j@)=-EGdn?#~Oqk1e2;&NkI0ksKg;s4WB5<%WhLVhVc()v8 z`-;yL#GHdqKuAbPnxh*(&RpkVTP_^McEKkHY!TEwa2{)|Hc&xze;KaL6Lt!$o;S~+ z;b!w%Qokj!0u+V2+wa@vdi@MiFmn_f0lW(0uN2oq1mTSUQ%mnaD*oC6Z1hHCVwScp zWzt&#xVoYNF}yF?r=)Ut0pcVZ^K0(kR+`+X%7#=>VKi_mPwfU)=P*SozC~Zxeq~90 zNa*n_D5)%Ec)E_2^2vQ7K<=u7&W55v;AKP{ z7X=-C=5yiMGVKjSjewb+kAsRZ-PtorUxWX7ieVv~F@0YEM?e;%D}A|`)S)McMA9Fq zp6tq`Bee67bI&3YH7=E=81b@sP9iNGxanw$yUFNt_HLpnJuhXdsjt7Tr#YQQy3&ht z*`@UxKjs>CYaJ?@SYP6NSt`pExuW^8DNc!<$cPXKgtf zPsjDe_a`TD-c3o;R#Y=k>=7?ad_rhZf^W)NA>znwwBiVpBy=Q)pCN$w!K^&9!cj> zW)jwFH}B(q>VTv5Tp^pm`&giS(Ht5riShumB~18C&oo1;n*2pZx?y}}c*GMS+IL`P zmIgYc{TdY{ydLYEbz%UAdcp79#vk^LP zc9Z`7K7Od|dD!P!oo}&K#`u1+9|L^E|F0nVe|hZ?kN-=yj{7E7rV|bI0dmPn1Es1Z Hj067%?W<8Q literal 0 HcmV?d00001 diff --git a/devices/surface-hub/images/sign-in.png b/devices/surface-hub/images/sign-in.png new file mode 100644 index 0000000000000000000000000000000000000000..bd34f642a7ec991c945df2b66cc698afd6f24b2b GIT binary patch literal 123100 zcmV)ZK&!urP)31^@s6QJh-7A)H_eVr)UqqiGEsFQIDpWc_CR75U;ec$N-%nUm#%r{RP)`VfUJ-FsJqSG_WTA!` z5^l9!gO_NYMK!V`fq3*`BTt54Zwr+d@@4xA z_V7Tz4W)qe(yv6bZYxooWTP`BN8PQ;@2mT+w_SXMYTHs2W9T$=B9ENp+ZDEmM}IL! z+Q~;AxQzJN&<#sG;ytx}wxeC?UZs_lz#g)ZZIKMB`X$pQNjU(Ic>mq+A?LjxhyElgXVHzC|-$DC(SC4rQ`GkW5nYGI4>2Ob~x|@XgOLAlKd74 zX6K41lMV>DFhGHo4xy~UujTT4=2XStusj=R#^!PJX8)(*_Zx!8ORX$ZkP8vV5Z>s(P|Ju!B5N8wZm7 zx~_huTU9x-#IXxo)8QaSS)kB)l+P0jyt+P%F;=oM)Pn-jBE)(m*RDKNbc>NimG&{q zI_hY<%A$*Y%(MtJPR{V_c&}uM;ylao1nOj_T@Adt`3;ovm=2I}b%c%bR$?@#A8Nop zQ3iFx=||exLqEH5fOZg9h`iY)P(fZZDB8>~c~%Wd9YdAd6)3YWpgwHjr0x34E=Wen zB;HhM%lvu;37^h{m^fKh%vO)2oZTXn4WTFjU%ir(N>Nq?OgIKKomHY1-EB~9>J)W~ zdhwXlBL=)Z0+p926%3are)eN&G<9Qxq7+L91Y04itcIwV^a=TUZtMV9y_NRlN=_kN zL0!3;RKzPh>_||*f^?=tgv=sNp31c7IOB}cSt-qqqBWHwScC?7*&#J3XI&6!__YjU z3MWS~$n_IaCQo+o`9m4T8zF=)NKx#n3W)&mCRn7ARm#?Jf{fNemhTbM^8g06W`>nM zl!1*PjTY3FG#k6!;3A&KThV$dRd5??S*rx7t&290C)Yxb;+6wt`JJNHlPKbilehDX zQhpae6v7sqC84`06Rv}Jlg@OIb-W=*=uUGd<{7mV7|vi(PE?Vd1Vk3FioJn#(8yld zmCk`i0WybBo=(Yde#sN;&_S+x4dm-G=*fXr=EGAyEX0uUc?3}i)GBrhZVo_i*}T-9 z6)CNZT;VB>^TDT#7tC|{=sp;^~M6hoRxyJ;^} zaRzt_avrG7>?U%|DP)Du3AXGC#yn08f01cXUcC_?IWCVh3?M!nka2zy&-#hfX&=fR z7XAO~rfkqVU{odew&$*7_Yz^koK2dR*iqgOL7N_=nOYO`H+ z;~2;pb!Jm#Ow0z45MU?inuk+qWH*jLjk+FIQ#dF>WQPLfT?MdQ$!kWbtGR4CyPAnv zxdp9x4BB-5*rT`|WI7UrYrf^lay+4Sxm=^o?yI`Z$+r%dg_p}Kfi&d2GDJ>s_kW`; zbzPaX9-~=@^#I!hECYxGmjNzQ!sT5K5OB}i%gZY+ClM$Bxoo`y6=RXTXjF@n6LXb$DN`HWC#@IDmxPcl-c5^ z1A_|vL!y+c<9Wl$$4z|9=&DjFh71mRcbud}d|dGl*q(awpw=jK4euaTfWloEr7#V! zl3@(VPE{Tk-?=H_70v+zEu{{VZLH(i0}ILnSlW`zN+#L0VBTroN1zJWBtYEVSDL}9 z&}o+bnN}eNqOS$o)*;~mL_UNvR|HA}tiwD2kF@&@kS=9_tt}>2I&ALdtp@!wH z(|QRlYo61kEbVq(#Np-sPUQ9wcirwM0H3m!6T!;yfUH99;8P@vD&IpRZx|_qF`ipM z%1aMBCe)z^H00|Lu?Gsa!Psft<#8wltppzNp_I6BZY)5yl(!xq!(GAlP|kX5eFV&t zJZ$=dkKtxu!wC;%;}F1X>)}#QlR48@!vw?lp$e z53jD9Ghc3vMR~16>;~0o1~s-S7&r^=BT| zoP7`=EDw4qPn^muZ#h7EC^VNZ;dH43S?qG%z~zSmGLSpMWvs*cJfcYxmU4g&w7hi! zmnZE`b{?o@2^u#A1jYy}ctSfr$am6nJ6_jG*}MT(l&4B|0v=yQ)&T|eP@n5GHKV~( zpK~(K0wt^jH0K$mj6u2_W1v}PXBetX9Vej6nLl1!z{``=9)NP5hq+@YiTolyG?bYR zM$r!SWNzmaFUjzj%}Greh3Ozo2MVgILDWMC2r<0OcivFg9hu#P&G5m4IG{Mgk#$Jg zR90#E2CNJksxM1n=a+IW3#`NNY&Q>G%{+s2smn0mph4DS9WK{g79dmB)toNNIbP38{my%m<{c%PTR<0+&Um9xn|U>LdisdO@iJ-9oxE$Y)&mUY?-x2ccYN3b>!P=E-1On+k=uw5vsWf~~@iB%yEviW8s zTWs>!o!}f@#Mitn=fm2#S(S;ZOr6z0ISy!Juf|euZ;#5Vo!S0MUu#|iXo>drcGce! zEo~Z0`d5~xe%r)hp=)asGLMjxIE!+CY}o}3`|HqUN;Jzn;J^S8H)?4|+G9hT!<}Gf z**kZTZ~*Eq2O$F( zr^q1g(;yz90Xt^I$mnRt8Ma0n16Q&P@LtU*WKzDTE4sUTGOwefLle3^2Yo{~ZLsZb z8)>(V5EF)zarsgn&|j28p0H}h!0fR;gZxq-7^*CJ=8=!QkB#Mk%Q~bSM3-e>FJMsr2R&_2#5$X^f|y zo^Cnw)*Mgm9V2Cb)n41riK1Ixp;vOWvq$~J7|OAvF~>N{lQFuh>KZmeZbM!^6Va4X zjyOE>$|+_YV7T}L3Mv-SeZITiB}3_>%%VZ0l}9$mAh8F=?%YATR}96=O2}pqV21}8 z*%*`{+yi5F8&nLkV!<{6j;`x<{(b@zx4XN$nuPTrZtoZo?QQKbZrr$-bI_bP^svKY z`qarWX6%F*Gj4p0ki+ci?20X0H^ur5>tg-7HL-HVidb>?(%7DXxV#4^*F@EC27&~@i_HnPA z%GOOAVuSi~^XAQQ|NSfCp1bdgHTU0NIawX6K6$D3;$)O?yX$1bc6)^;*i^(B_q4~4 z!2#MvlVLD9;UkBC&&gT~@>WyMBT=iA^x*Kiy3%RlBzQL)ir=^5N&WAvq*DS z*WKV%B`ZvHkcTWLmyXo(*7u;G?new@RnEzXYxmg18$?9vy+rN=63Fi+cD==J&L!<$ z0;HjOfF~ZT-m)za_U%VIIJ0+lcFGxQ(vBV-QzuTAGn^O49)DsSchZS5XU^Q1K5be| zm^wAajv1xx&xoAhOh#6YOw>*d;LdGZW8;SPvGTtAV%d_#an+T-iyIeQEvLCWwr|~< z1DmZ=f_4}lm4J4+oxn4JQQ>wwUY0S>Xzm}5Ygs3HNxMGE!y^RnT%Y6QS+97F6RPrj z(<#sPb(wUS@*^7NQ{#Nl!L$tTAN$DbSr&p9NtwJgHf`7#%XKoi@#Y)j zs^4A`H!Zj(wr|-Mo&CM)C-v1(ZES+=1ek|I^bHK+3=7ia5eIY;LxD7WY9TDKo87p7 zQ8xx#Y?tleIDkC4Rne*ewLp%=8jkMTL6)#&a|zN^ZhA1$XjvWZ0~m~~7;%mra#~|` z7C++1qvFJqPmfbidrTaDmTyi0?8#fp34wp(tA8{{N^_2ciyl0^%(m1>DmBS)%CedK5pQIA04@XEG&6c8`v zNP7^J@=!A~8g`CJq=ZK@@ z@lSekoP5e-V*2b^F>Cg0tsbZ5*1D&+JGO1vs*r1Q+EOcRu)1&2RvJAcwQ3)!lNhV= zjq5kWn$@e~mK&~(-~96Danp4R;+_>tRcDV@rdqMHoGXF-L-oxtpnZVJ)m4`p0Z)`! z;?d?jQ7Dp!L4UgC(EHTxQDeu((Z`+`PdWGeIP=WMs{Mz@v}w~N+OM&+HOCWeWh|yc z&k9>|Ja%Y|j2S&9PpBKTJ6W=1QCxM&Z{pHl{45q+zaX}#{CGLZyu7d*juK#NRYOHi zr`>hBeyxoE2!ETiqq5|8|$SY;a3To_`gEX2;I8ARoj8OIsD4PWj zC)cGj{OFORF~g2ZSC$|eorjC^Y*y&wp(M(n)_qx z_HEJMy}i~{1#Gvc&6uTC=gD#W{NrQR+=JyPM`!lBHEZI#-@YjR=d+)RMR(q&6^3xMhhOWxPbGvpl9{$M_h-L!Pwt)x5^FAEnuX@&Su9MR8V6 zDW;Q04_iWQf7{ze#8K*x^Dq3pIOFWIW4_{Sp#id+Hf~V=E{|3B-xs&td~ViQiuO zt9)LU{%>r#_XRREyHD-&3ME&L3VCutJ}$S=44H0LfO343W$RO(aelnu#jlJLv~nCb zwi*kYH*bksZ@eLHx%s+SwD6ADuu1JyVa8kDu#uCTI%!(WoqJf!KjHW|{-l#);^fI$ zmdiFbTys@?`x{@4AAk2-xhm(#9;&?SaAmhM4}q^F?&L1S@P-jw5yAIpZ;B#CaDy zJI;E_)8f#>4$C{xTuWPV?|oYBT@^PjxJujOo7BH+Vw;@GYVo(RQtxD?t}VHAC+gKX zEAR0WC&^(UFM&yFe6r>E$mJMWCIeEzfXvmgC$+_!Rt%GB3> zcjZ8a>#rezS=~BbOgdK1oHSb6`lGX}C%U(8i#Z3+jW@mfy>Z_8&x+}@4oauD;@*4X zmp}P&{NhL7mor}y>$LJ+sdlr{q;5W>fnH=sX@xvx!lalsb!r@O)X{OqTo~;gZPBKcJkpT2)?J;Q z@!`My$9U;0Ul(m7+HoFaTXwew@=6UnZHU|C%rpRXo|hJB zZklkpO;TQ8uc)sl+BKOEKjNr3`OGuo$xk^q&U*4wD)sP zj|(n*Zk+qf3u2xoH8;6fi7&frQC$3sU&NJHTo!9q-W#j#yC-jMp^>}MD9v7NtHb(l zU1Qb*vHIuQ@3;vQV(!6*#Qc*_kEcK5!raDAoH8ZuyXT(x#m{~e7k&BjvGCSg(lNKG zpLgmcX&BkN*Uu|Vv;vk_`DMWQ&cDjseX^WZK(L6z`?`OU6WpVPUkBP}z zQEu3@=}n>T#RercWC8!8-nkgFBnhai6tF(+LnA<<1B2y0p^i z(}aHhi(VGToNz*{UU^@9?;Br>uYc)_aq&-n6xVBIbDz%m-CE6X=drp&THQ2YqP2Ha zPOT)a73Cu;oXtgemDTsJiY1HgjKzy?kI|#Y#@xe>&}wo<96a}s+^R3U@{I3*V1wYskZWH(?qR$ z&VKUK<0UVDRs7y_pP$Z=JIhNKEsF1b=UeejZGV6E;~&ILH(nQO)qXBbN+L|w3cxNnKa%ZOJ9(q{Jm_0j=oOg5{vzxEG zHnwcuoQ^xMW$wy>>>}Ghj4gGGIsk{qHR?kTIU-*CDmllOyeuY7nk?tPK7R1+Z^air z^U1jSx0lAojccPrCxQ++vkr|BPP*Knfm$H7X=L_?+A4c#ClzhgZsYE|m&D>FOQJ_h z*F)wW8k4oUoU4%S`3=`yqiy|`l;54Lb{^Cr#7Y)%6KGC@<~;N=E^-))kpzzrex0B3 zf=HVH^SI346)~r+laO>nhZto(jyvD3A^u2okQ`e;gUdKu0XhQ8juACFMFdE<>8LTN z2#-4ESUImd;)@!<-`3XmrW-VwwrtADhhuC!$EZm<HDC4_A-7$Xrgkruv$m?-= z=2qG&)g9V8x8w^0I7iYr#dMa$k*nnm;ylFLsns(1C!ca=yy>m)j@Q2a&GFbLoE787 zkB>Wa0{H5ez7U`N^vC0e-~CSAzgyBlu;OXWlMarr?%&Ge46bMp>i$jVG2l4ajxWD^ zY213#b+LK<25sk$(AIWV9C744ZP&YXjPK0j$~JUZ2SVr2U%QD^Bl7jugJ#c-*Q@<6 zdf6*u;>1a@Lc5Ru{`{xne?Iq#ShDbrJb`kFARhovXUKSx3ObLvMPlV~sU~%6^~|l? zs5T+u=^o$li%8Y+nk= z_CO@)OHrDl{FHNkCI*KYC#f=w)kd8=BcL!v6(%W8KjwyxghHY@v=qsDYThH(LDKiM z6L{4K2%XnVz$^ngtc}LHW$=YsD zojy~m)wQuu{miP~_3nT@tQ+`p4Ug+w_?#ESOJ4nkm^67(Y}vFqKJ&?cjqiQ)Yq9da zdv%=E=K7`_4|!94PF9iI4P_kj#P>1eBt@AH?M^t6a8v6pIec!;aPtc%Iex-~Sh4(W zt)lO$#vN^>yvh!Oc~Gst0n0Y?f#sX^fl{Z*aC|5k5A|kVncf*$whrkxKtB$W1LVsF z_j5K;;ltWNW+Mc*5ipqmt3^9TFQq|q|2Ct+Q!g=)xEZry?b=*fFmah=OuBT8r2)iI z-b~~<#5nUomgA2OM7=^ZxbM>)!Ov zIP}OP)&9=-;kUmTU-;C&$Nei;=5w7~I^YsU<0MeGF@t*iBwKyjXn!G-Bss2?^U5XH zAManYDh`@^SR8fqF?rdBrzmc?`s&!Uc|+Ys`q#>8czn9wz1<=X4-hxcXi_r>rB26P z-sPOO+)#O-<~N*~@-i&RV$Q3>fsBe8^3HcXq-);8)k%M~M)g)*#tC?auBhKgI}%YxE5Be$Z&!fr_*$*m4{%r;6B#Kht{rL9joqL5i@5W97i5?lvZ_9 zV!gKB*Is=^9`oJ0tGx?wthnxY*b(!za(sO}<=khc9amlY>-eXSeI%AGTax|ZlP+z_ zcDY)|OQI8+#u8@cu_GcLz^}sZp=P-Zfx7$8P_eiLMO(aXqPk1 z@^+HwGXclRu0q8#!p1C^$w2pE1;dZjKLyQf3HHA0M({<*{|^<~VrH+?apd@%ebl z8g0LCxNbq-6w0%|WLY;>3NeN?UrRcvbY2RR_#+1QL38yXxt#cQ(Xv?;Q+jyNT^{ncQMSSlE--~6-m*2vj)mL7s73N0C zRehX&wHK&9Hqov2jf!*6|GjwrOI{J<$4`h`Z@e+S^!ZQ6RaaaRBS%%&SzX6&)r61* z%djA~v0o=9Zgg>D@buFkALDeQrJYx*?u{EZNEBiHr!(uaJCM=LE5rJjH0Pz?t>Y=? zv?$q>%SaIxsE0%)uK|(iQr-gOEASX>*g~Apv=?~TUxQ>K(I2IAq%U#;7wKKXoo!I4 znFmm4J{20S$TSpo#}Ed$Xw&A+dEM&R`6uKvlAWCSufHx4%Be`3XXkQK$3xDopbva~9b4giTSN--p>Pp)@Twh-HlP0!VNNTnP;An_?#@m*)Rw&Q#50YQ_x281 zjA3V=lZiNLl+HYO2m^R*XAzd>MMU6|M{TfI#)CT0xLsG%;z=kSlP>F~A3et_DlK{uJ zZ0wN7d#D~`tWp3t1m;_r!{&;1Kv~I<0+Og!bAW?Sy05=Yajm#?#JA}TfAqZhapvP5 zAEU>NjurQ=h~Hd%arAX{X)E5Lk}{4_0s6Rxhgp?QYWLaOtG*myiraw!CNwLJ?c27; z;fEa=uYKK{;}x%ZZ9Ms@PmPmLJv|@AS+#OiUeCgr;kX!uOn?EMQm48Ykib4A2dLu6 zvI6A>j8~&RUI6htPW8beFRKw{eM0`qp5Rpog;IuemE0p#j;}@S-jeTnpQ#nrgh>B$o{d&}~$H((t{PKK%pDpcAfB4<_#gD$1mm2oQ`R*yK zf76yN(bL@>^X46!&w!59%6-Y=MX_k%o!T*U=N6n3XZDEx)Lp)NeVPZMIu7Zylw>?G zHcI4>EAl;T>*9lm@k#m8$s*q9t|r6MQ7S|)A9A zDC)>}tVQ%!9aLLx>O;2}Imngdvl6^wW+F{_WFX|z@u@5WJij6%K21x0tp`z%*Q7+A z9MGNu2f_y~)~{b1%a<=p-n1FhOijucNd65tjvx*{)9OG#FLVb{%fxK zt@5}5wD(*0J#A;z#)u_Lm&9)`zcg(duWk0Jr=1xiM~#W?a-8fe_!3c$AC-ZqXP0$J z0DXC~6miTL8yvTEHjsFPd151hQjQ&ER1xDdiSm%*=@5|<7^6ul3oFNqBGf?~hiBa> zqr4mwqO_@*TvuI>ZBK_>6YbCXMYw>6HPj~!&?Yyqfx4k|SVLH?&YQF~4eAA_A>`}w zJHi<|QuU9*TpvV{jz$t&Tn$FW_(*Dx^1D=|3%;`Zb;SGoluKOBkI8xOJawqOYx8gR!^zr)u&*xAaI~Uvxh9Et?o@du0xdPNtHgI*AXfp%Vu$J~|1@f8U^y zG%Tpsb>jg0W$4VA2Wtg>rcP=z^KGCTue~a6zW%z#>Tzdi=&HjKv=u6Wm2SV|ran32 z))6CP&AK(QV8QS5jj&OpN5yd`os=J4VddDx0FrQyMUjt5mPct5Wq<1rWXFRFoE69u znqZj*iKn13y%I1WXHr&V#|Rr@%;w2eGLXlz^=1=ldE4Fqc9|rTV@F`DQQkTmCvU|) zPa1YU+(AQVcb>&+qJcisb1%d>>8AG(c@b6aP3seR6<4U^v4b@pA>H zbUF?xWfcT5sB%T5{63xXds^CMb4zT}7I5>{%_Hg? z>}->FS0nAtW3E|;J%=4LKaM(je&(&XcX?cOh8oI#BMwTQi8jJ_ zUKx_-)w!vclddY@NrHRtT@lw`d$qVa*-oDx^G`S_-`wF_njR?hamtIbUmaJr<2VpI z71A8zoJXiYM*NhiWlKUwI#gs;W)Q(E_^#hhxOsg0q@TKL8OysYGK_EZD%$V`48nXD z9HzsDkp7F%Q;kyu_8Ju4QNd6u2lGf_4YBH9!@35!gwuxNc_iz2rqyQBA`WnNkUF8e zP3=}IljxX~F8{Hr^It-v*2_#Cv^;|7NtDrjT%%&8*ruH7b`iNf8CKLIenm_=$uNp^ z)LOVxs*sgqmXXRH>1B{t7PZ9IZJn`YE1ykcLi5EM)v1Q^*(*k7HApn!(4hvx&H({m z`nYl8Z4ZMZDfL&~#}QOyomwroYLTeDsQo(kvWbutUU!o1tL(u>@(2e=t2>qNjgd8tl1zunwrdi==Z^1) zEZ5g3r`Rh8Di7VSUT;y@E5mx_DDyz6`#4x#I@;W+%Ok@ZGfMO-W7FoXu|<c>tMhj5Ijt9vY3l~D85s+yF>0r5UB+rFjCmd2OA_T~8L&wdi? z)~%~PEvBvK4}bLI`0`i38k=N8z8lT;GnEIqT9A#{k=qmM6y-pxg$OLaGuSS`gv?c= zLhJ;zfhbO;Ul~l|bo}CFyA+{4xlPo_?p7b=4JjRo>UdU;i*$7(OQ9-cTykx7i&pCS zXis}vOqe(+ZzffjKNugCEwq=(pZ1YQeIh<YT+7rWrb`}bxf-~WNB~8i}Iw=L~2yZk(bB0L29QI;vD&| zz(yU{1y^5{uUn29IVz4l?t~aOVWRphsdb;gg8->uyH)tNd!Q?VN3HU_NDV{0wMd;B4wxMAy-{7BzLKW4Pm~`txDDn$iT~T8Uv=na7Avq9F>@jOsBG1hGXnNDk*!*@`1m zIfdF>ss75jbx9Wc;Ps}X8=-VFVZXMwH8Fwm)PT+XJm04}Rbj5s;LDcu^&0KD#gZLa zRx;$JY%P;#KBaLsgqfLv`bl{V1|LkE1i49NT;%IGxv~~03!&d}PNSMWI-#`0<-hxF z{QW=wV|@B^pNTL1&ws~%eBwXiU;g!<;*!gLB_}Fps=lpywgPd^!ihR0U{yhn?+vUD zlW9LD=5bVLr^zJt*`7EjndBiSB9HOZtrHO+*kFuR#}htd&7|X?cJs3b{H6<^p#x*a zPt=J>4pMRIPiL$!S5HN~UV&sEh?mYv{JDo59)}!ym=d9F?aEkq=R!?RF1S?vhrT>E z#GyK#j=s)InVOKv4yjR%=1Puy>P9||ZICiG2AP-G$JV|}9_!wfE936Fmr5XF)~wkv zYxZ2Oq2#sbE_IwwI)hYEUQDO6?V@x%q8!^w!-vYPHTm=x1sQL7f`MPlq9>`=-EeBi ziO`jEfK22RmgARrqp--w#&xH2B~-TC`0Y{svp_VsXTS+X!EQe89s=#g@eu+sgvz-3v24`JSYt8Jm|`!_Zgs_ z@-XxV*DObl869IpfM2g;JIEtIs;)6G(;-2U$-`KOwQ<#ek{pAj++uk9-KSaJ)~b_% zgsxt2ZG7@GpN@a}mw$>ce(8&G?ez;(XJ>B1siy=W^HR zqEn$KI;)U$Y7ptFSoEVvvu*C2!{U%bs_iwuJ+yeyBF-)vlGLY@C3X%)($jDj1)mc@ z9;ZDd`lA=eD1ALTc$^G2YDIhdZFl7FD~%a5CLKAifikA3m!?n`W1~T0<_>{SLO2{d zC$%^UC&MZXK1!$`y9qgom@=DuMJUr)t<{vy3PNce_i@($)aP-_*kCL)#s~UEjCFYE zYUmSTo9#~rtg@-6E@QdWRj0MH#o^#!nB0;~=g0~O$HZi2wIfH>@9ku@y{xXO(fO6* zgD-sws|_|Qv&u1`8%L+Drs6nMa{0?duAI#%5&4zTxy%)@daSmhJiDiOZkt%?Nv9gn zaGdEK&_-QQ?M!o3DJR+B<2;eW8R8UiYgM`eA)Iy*R@T+*fS$FxS-;A0Ftbk7m!Zgm zgu%_>MK+xaag}ErGC;Tr#m_wO*w4Ky?~A*aFN-y6SEoFDoWC7G9wa}0F4PXpuKfOwC68M zN`bI>%a-alW7PjlG}@QWHg$^#l}@T{t0tsQnQa|$*kOmq?1N{euDkAD5_c@TGo5gc z#xq-gZ|eq;bfp6tB9F4H;Jl?AM3hrKI}#@WPQzSW5IDhU8?brXwz%!K+wu|$H|CC> ze@u)WD+j6e=E_w%aZc1n*dUZBq^%xPY+JXBu!D4p&=-m@E{3u<%c=j6&EqBcMo1oI zMf5du!N=K-jr_C^8RgOMje3wlUS-pX*5!S?(lLsNrz2DuLUf@cx9^H~N@tSN8ud8B zdez0sjG>uJ1>zbpxMd-4I%t3~k*bxIS5FdAUap|>AFD8Ob8(*psysr~oVp3k=O5+x zSLK*EuVv>!N^{`(m_e_cB6oRnGKiSSRjWnVpH8!?aR5$3>0U%b!8Q*rZBSKC42gMy z(7|~Cln43jnHnUJ??j7u3#CWYrK84y_W`8FN?s+zPlm!#qejK3F{6^dt-CAMZ``bU z*~-^-i{Ci-=z|<5Pn4>pTdeGwB;qyIRb@YR=%g}k)R=tpV$`V7d3`d4074L`;~CWX z7TaG)efooaIcZ#{;v8=~teiA;UQSMh)yjaruEuSS87Zj_gHGm_l_%h}$8lrFX!vU! zi??a>CQS~U3*)WoM~){amYm>(@Jvc~sUUqmaq5hibI2j$qGw|)xoc6Z-?UNXG)8ON zOxS?kNy>A(nu+m1=wn`%OGjZMt$IxwZP|xO`qQdo+qu0vzkt zb!J${Q$P8&Of#WB7XdX%Y#?6=`klDz%eX?)@=9_NIb(EY)tMB>!)M<636))~d@47G za(7mCqyjrN$WCW~H<064#Y3){Z%!RYKlP}7CIXbzD#VUKOMg)w5DBGgrqSZ<8d5SO zXtVUy1RRI*AS%*0E7k)mols5g`23M2old*^y7KI_U75KuQ5|j<;1HnP2aAtI^oS;m zpBNMCAFx`#e!W(At75xGQ%+pTZ2DAI=YH1f~<)(r;W*{9!ZcKDa zL5m#4sL^A!3E`$%Pi)mT6la=sOBTwNG9=xD!leG_(isvbJZtuxn03%xO6GSS?^=3S zbW3kOouK?&@zul_LVW{H5Gv1U>Y{xvN85~?kK(n7a_dhh9=0>rs)Yw{?eI0K5gM!g zao>IS$7Y>q!NCX3iIF2li(lPHP0}BnRPN*yhkQc=Tj+o00J3&WQA1~KTf=`qDw`y}#}{pMyIXVlDWV2eWZfD_ zIk7Yuy5%Ih+Qd(1nIhF96A(&48l@Ja7tg;wa7qbAEq&-ciTI>{+w(J?6!W7v~-3s+%h(PMrGPUzycJpo}-8%**!5 zhHNwy5Q0)jJnV&#KhU7sY^R7pP5-BZs_mrz@`R;i9y9nF)cK%y-X7-Yi76+MH}~px z;0*K4mXRGXVjK>#HLuOBT6Ld}9oLApXyBx);*C3{rXro&F&RaC)||O<@SKBF|6O-2 zi#zUIl0Of@G0F*wNs!{$nPmx0)>oz#(!MNT#~XZwwAsgld6AAm3EX49w)FYtl{&9Q zo~%-*zCCg%~N2)2+FE5J|@M z<*KH!6s^--&dUZ0#M2@`=z@;#4_LqTm3kG=21_PMacuKqhY+XF?=k0ceHfx`gq~RR zLnB{`aw3Wt_#S`^6b2y&kUACQVBupA{Io!)MhXL_r=P1o)%z}e8U=ivJKtqio(G-> z9rbYbB`%ioq(ge<9x^wMKISNKB39kMIubzG`rv;!%R>yJDKIb9BC%G9aiMBKCd zzPNkoJ^7eTeh@;k4Jgj!#aX7_lB}0F$|)zx@*?`YA*Yb>wq5ZYv$7RA#uhs&MaAe= zU2=}<2cA~gzI{uqT&a^lS5J%{Gd2#AQ|EWYyL)@;a+Ph_=u}Vzt_wmYopGI?W3Z%Q zkXg-gWx627cq0wUIA~4-^9mwJ)NQh(v?F%f&J@ad1&N;r*iHiYm{1@+JVGu^ZImqI zwIKtR><73$*JIr!4-l{IOM4ZiW0^z@B(ioO@o8h@#Go{TE9Fhf@E|D%jS2lYwp>vv zlZS8nG-CSt8DtuW>a-S}%K4H`e$j@(D*47BQ{0sL73LX>D(k)5k%u21^YW)=BbMEB zPuzI(&61Not#tBdU=ILfM)rwE2<^=A;EdW%q7aT$|Fhf!0oR2Mx%*K9^07+iAU?JY zY-_!>WknD5)M0;Ym6PCSVvjuH$l#;MTQ+Zvg*p*!-=-PCHA$7{_~Z$Z5XD8@6Rcl@ zffd`7DU++WouqsH`gQq{5AI%9kAuku*#_m!BoV;ov|q$(CL2f|q&V%VuBle>%%@I~ z+l`Ic7fNOwiqk%R#)6YTjyIa-Sm=tW`2x%jbso5Vn8SAv^fdV!%9Bpel4~5v+ zd|Z94mm_26kvD79ha9t<^kVW0lEYNIl%3S+ikHY-3fXG}rRWGEj~OQ9aDE9k~Lo`AP7Q5jDz)mzNr9!mx52 zbNuoKrV>3O9OZV#Rf@F4`Yl`I9-VNxoG^04$e1~EM)mHwJR{3 zI6b8ugeKrJZk&R2b{a8ua&~?^F5O@UA zDXuXV-mBS(#j8*jQb zetqfXv3bkpbdG!bC79ho+Mz$5#Mv#`rh4KjWTNFthIAEVxd#%|=dntkViU)QNsZIv zx*-PV8ztgbV_W|u46(xN?e2-m+FBoX{E0Dj+SL45@U;uB&22WTM;t3{wR<^r<{{ z<@iKTO*w9Tb5o& zX zal54?-;2)lfL@3JrvF2Nm0^#ZV^>#K%sKd=c+LeE#0keAmw6Ze=2vmq<(FmrK&>8| zk+wqF-hsB~Dx_{lNe>np_3ICgf@1~|r_ZsSRaKJ28fi6#RpRt1)8o_=PtI5GR^GoV zex-iiBuClbUVTl;?agDTI7Ghyr@8FGHDRHDqY4tNLLLGBK+vj&q-!b4k3+71!EWlZETUmx_A)xc&@ z+Uv$DjuYcRJ1eP9bLM0+`0gQFOWy>5^1`(C8GKxVZ#6O@QfFSzVk;x3sQMYKZ0#~z zx~V$P#3Dd?DCBn;ySrl2gh}z@=e;nVb;0>^hOKe=6<5SJzw^JbYW1po)h|Dyz>GS; zpoS#XPyyfKjHBdi(7BIEiU=( z<*`L8D^`$s4N`o_$FOXB^3ofDmYA$#H(^}$Q2)C1>to&8_0{eL24bo^Ax8FV6-|CR zJko?FWGI(HRhTkrhj&7muaLGfe!T+ZB#?Rw;^0*dvOCsp*c6>Tl!%x-X>#@TA|?oW z#iQ=D*>wx z5R(63w~YF2qis>hWX^FR;_S-xoxCdviJ6Zn)FERdw`h+;?hel z$!AS-rGeB5|A`ajAjgi&>^1Axq>}_}Pg5S0%7D`t>&i^Pq2V<8 zC{ydjQ4-B|Dr6itR?eoJ%NnoBgo!bBT;(9wuU(gSv2*5Io0S%26YzIgVS!S<){`sAni!He z%DnTfbc2-bOGSLdcU%3Hs4;TtZM>4J4Em>pQ_L5df`en4kZuODm_>*TKpw(DlGjWn zn$r&j@FMg;%Z9SrEgcFEkrvqj0-PXcGQOZl=)Q)!ElkBcVZ7e?1*^R z+uj}@`m^`P@y8w$TQ+ZrPks8+@$aAdR4iMzw6S`8)IshUn9wD07Q#95PWvgRo*FND z;frIOoWt_v%i{;%{olCtj@#uZ_<34y5Csj529@AYG`<6DXBgu(kGa6L*anGTi)#G#HXP*Gabu&c9T(PUP=XXXkSCYt zW8pEc;88vK%suj~#~*Y7$_=M;Z&2zWUg*zcj&~7h_?j4ec!U%5*3NBWh~M54 z?V~lu>PtA7TAB-JDm-Qip{sE|JUdBb;pYNHgq+I|LI6Jb4`uM8=FYLJ{09K;(6V#w z(l`ioG>$7BqY_-eP66WLRf9tjF2sn@uO(!kmXQ5nVaBt*y^Y#tN`TyN!9Gufr&iCjG979q{7mkyamy;plQ!K*;3Z0-`L$u}Wao0mWa zDq$U#c`$*^4@tOl2yLVf7EaLz4T7JJP{eq2Jb&#kBM8W$F;Y~TA<$cEsp2@-YGCk& z1uyjTS*jj6OWvVIL9PTO&DUS-_)6-Aw0*+?b}>0R6)L?|Tj)+rl*tpO#A&BKCf@Mc z*T(<%(T~PIeC(s~mw*2Lc>I}X#Nx$E;&1=)pW=_+|7Y4Y>r)~sF^|MkWHiCldY~y*KyCHWV4C;8>JzJ1&X5}>EHtf;E8Y1o#}wP_zTlHlBRjN} zY9AdV+eXF+(dZGQW8%2+F>A)OIPB2F;@Ek|#;GTt92cB-ZoK1-Z;HS9%MZo>_ctGn zzxnWo;sfu0f4t&lFUkDPn>WTMKKZHmvk&}L{PTbOTm0@?K2F=4&hdfx-Q@oZU`5aB zokyn5d)m|D&2M~t9CP$Bv31L~_~y626JNRL>)L8|4)k}~=Q)OIYDURp%xHHpdeq1) z&Uv|;i{BFR-S9!E$Jl;_?J4adUJ^lu)n%lvF6M?z5woS84|`RMgnXSi=NCP;ne%9Zj%phWFH`JSCp`#3yOO zb!Z?-n}m2ivAsi%Q`@VNBS*!E5hBHBPM;bF&6pJvCr`?i1=qJWZrm7GU$Y>tz5e>R z`IejF(#w7u_uPA5Ztpuf+M~UdyVW$IZ1lqnKClmB6TG$EwtahEkAB8epBjJuNAHU# zoOQOgmp$>dZ+yUanwL0Zv6rcK!e~(wZ@};p| zyN3^c`2WR!eEj3-pt+7*30J`&T?e?2TxA2Ymp(c4u*2fd{^XD1HLrYmtlzjH-uCWy z#W%nCJ$W~sC^Vis)E737!^wQKsf6U&5i+NoCS<j@UI?i*3#^ntZcw%H)l&F!e`4~he~G$Mt0CDyEmDHBE!*dgmJ#v6zxeZb_dDM%Ikwx?R-^)} z1?nR@gc5-jDj!1l@>jnS-~Qfr7#p!T>8& z9OUQz^Aqusm%J!8ZP^qb{Lo*=r#|)BT#coJq^$b`edvI901mg+QVry)Gc9}gSngqm z9U6c3hwqCwyyjK0VdJKF_aD43zVeN4RllPx2g#3omF29@x*<)s3~n;1B|nEM>e64FV|A}O|64EO`qOx~ln^3+2;lmtX3d(_ zv1rM{xa+RF^RrmD%i-O8>#cFit+&J-cPxyhcQ4ORN%@xnnWS9b!Z}j+j2ScHymOu& z?|R$YwB7!*c;%~K6Q`VfLX6Pr5qTUjtBxTr?mw8Q`)v@+Yv#KzA0+q@swq>Z#>-y( z()gqIygQxaR-KH#`@ z-H;<>+`2qrvyS})R5Mkmjw)P@rw^xfZamUYfcEof6ITOhhD`;?<5aj+=mf?j8&` z)Ro{Q^1erXFd8U@Ky$&NkhiN5K%vi9+=QuKx+j(3w@8%8jzZkVCqsb85q5p%7vKXD z{QBRC#~&BR9e=DGYe&A3(Z|ghIYB;a)}fW)*ioak8mu1o7&Cfo{xH&{$x~wX%$YH3 z=Jc2~>)@C+wfdj|H*xO1>#n%!nyce?S6-#<_T_Q&?YG5t=^H<8TyFawGN8Zco6@94 z2MhGygALioaoW6jvra_QiX`bEPEPLn9JtY3*z3+~ct=x^P;#_QI z)u>ojs_kzjQWYZ(titL_wM}4E2da;(5~+;Nzm0~e9u(+5+ilL&T%VjUVM2a$Z_cb) zF=OVeIO5PFWB$=c#xe7cjd@2_-+SD!VM8pqW}Ausel z(5RYU^`Vg+ETYf$)I{r}>@a=4J7A@aljHbo@7x|;+q>eVlTV6Qy!0jUvKPHDe^OxM z#?A4iuY4sw`Pt9J9k<<<4@K{=a0Ho{Ue`h0rJNm=XRnxOj2CSAE%UFOTbQygqJ` z6I^-U%9K0kpo8M*qmR~h`{X$6u)~7iXkNYg{(NVax*v2WN%M#5AM=OG+ZpJ#y)9b+ z2j%OHd??~+Pkm~<>+SE17ybSVV*1qSv3SYS_`-kxcm9;^t+(Bp&We-H4lBoM=u{x9 zOcSU3OCG4b0ylkHI$Gm7&$=LvKkm46K)?FUC2_+IH!1tTeZRBW9M2YrIbml&SCa?0 z2HDcn8d%ewC2Fvvlc%H09*2+Mq6 zqZ-Z-CVvnFF4PQLcvH*^x&a5j|bKao6%?v2Ojk)c=rJNtVdt zSJR$iU&_{?FS%yBb=#IW?2yCbdCz%HyyLBJj`N=Wv>2ro-PKoJ8z2AlXX2u7eIxF^ z`|dm*(6DH>iLf3=jd(M}%Ws3~*j{+y1#!{|C+LLN8<$*qSzLSVwOQmqI7sxCbJI?Q zxMxyxJRJom_1>PCHf?I0tA0BExcT{v=y!kcgShRs+oMCaQic!idZh;JtUR6UbdZHV zFjK2M!je34El*kVy#NE2Gt3`Km)i@^amc_9WU&ny=an{q<~mF4;2>QYXP~mv0eMMc z)F+t1RszQ%$5TOB2nIC(3!n&8Y206RPgr?8uw5?$SvTftO~h3}K3SVz+{pjRQyr8_ zlFF(|Wo9p^%e);Xqai4&**oxd2#M?&yaMDpl^rNNZr*I#v^kdFb5C4z?KN@N(xrLR zXy)`8+InjnK7YO@bVuBA#~rao4wbSGIVZWdpd0tRD-*05b8D;Bd8;P$nWvu~Z++vN z<2A2(WgK_xvH6jR?|ttF@lXH$@9~2l{V>+9TbF%K{|yV5=+2D0u99c{=8+Fb zlaGFMIt{Gb^^<2AP{xM>@3%J^;YJ(qOekp(3<@?|XmXxw&O$IaSGYE(OCDkMSh!rG z{>cGqwU=+XKn;n?K~~Qjnnye0TgkIoA4L{YG38BoZSqXR!Akb~yr%^RF5lkWdA zs#W8*I7of+%9p+@{`!L-idVnlC)9kn}bNq-J-vWW~{V>>;%l>&=8oc0y3|J`Kf&W0O!pr5@MUq-EOvN zx88AQeC|vC6aV?y&&A>;cjcohZ+PwN;-xQsNlcnBAt(I*RR>ACw`|>_6;EdzJMZXt z%j@3|fB4?_#8aO5#GLR~Tz*CTXZJ)iW(a?Z{4QCD$SS_Z&34! z5R`Fdlzj*KNdwE^f}v7pV@lR=o(UVhr8mmB;r0@u(|X-6@acobi9uAt_{XZzMg!s$t}3ak)F1Nmdr+b_rArw=k2a4e@`*bfG zd@=svpZ_f%CZ92DX1xCOuZ`zC`#H)V`G0a1+0)Y<+cb$MjGq+eKJA?Ni$8sTUT>Ut z_z|&o&ARx)m;O8cTr0`XDO|SV9!>rc`G$;7Lc0aJv>e+WOAbB80Aq!;_*_2cnMYn( z+}?$|kb@f0uI(z%H0p|9lXS=Znowln4GUz}KC+rI-)P>i9Z(HG6 zuQ8New#mBlQAAg6BAp-;LQ97F!|Qdv^HCNurD{7xD*%o|tP-o6D}+dUC0MN-s|Q*8 zwJqjK2-oEjgyN^uPPKKV8Lyd^O=L!83c#8A8XmouJuevu8OtG37tIizP9I=!GiUtR zF|lF&y7|*aJ6PkgzOZY4~W~zq`d6myO(3eR1R{>w(k0& zah0t8r#zwSBTjh}fDe%--()`ZGq>##2;tfB8N}g{SJnrto6vFcLCG^*hszL>w(b(- zQ!glW*nTj`_m~F3EzJ_-x~kF%mVoE(ur|w)W;?CHq`#G8tiWaN>IzQ9s~lieG8d4B z7>u_ZbFMlaql7q>yI=~{X)7cjg@a_238AcJH;e+r>B$EYvXkE_-n?Z~{P?Fok4rDD zez5D56Hbh0o^wu&A2&97@(hyfM=ZEYy>07u^+!vbc-#r`j<>xf-u~7%#c8LW92+-p zjPL*82l3&L{!RSX|9mO#UVgWnQd^83U9B4T3KVnEGEP6|xT&d38(KWz$b0G!K(MtR zAqQCvt9?6AROK0ELLJn%guoQ53- zaB~SMPrc|Qgii<`BF#KD-_EeAsY2RN!}-AVxEz2-dtJZV4jhu_egQ6T9ip zp%YmMK4Ar0;IO2I1|@Jhyd0fQ24TY{qLKx#&9nKIt*T~aSbbco9zODd846jQ{^Zt0 zQ7Eeu;nULB5ieEhjF=HzKAEf(bG2BfnKa0t6tEh`^U{_+WGm4|XgCe2$O8qgV{zy8 zwmWW(uYdDfvE;71V)WS2ao)M-#A&CT9Bpa`Z{j>sx7s|{$g7vU5%ZGYe^Gq+10RYv zzu`@B@a);KZ29u|&(D57KKTDW8sGfhcVgxJEA#iAJL(nNJ~_yGcnpfu#qQ>EegMf; ztHjp)NCls^1KfNYH(^|^fcIvbje2H{t08P2nwY{q!VbwMBWp7qrY=R=bJvkb{pbDD?osW*IWoH&UfG+j4ICv0I!RsH@Lw169!~%rEOmLCV5YJQXV4SRvLjsjB9=p+v0@5O?q7 z=n|Fr2N0g%zVrI4OD~BZ{`9Bm43C?CT%7yVb7I2yaoQGDtCdF*Xd}PD!wrvlN6w3P zy!p-Xkq>+zF1+Bpe5B{sms}Db`@4UPfBX2yV?L7!CQX_WlO|7+7^57aJqN=Mcqn=}VuFvnd4RZQ8Z~;=mL`hQ67_G# z=rJ*C=8Qb4fK_YOMsFuSH8S`osth;Z`l%ns?5?o9^P5+!kY$l^9_8S>Jp3{rl=TAQ z5FjKUa#`o?Ey}vV;9oTaNZ28`=0+(+GHzxgLnzIoAWe6E_0SG?rP)|l_pGbOc3g3e z?R0`AiJ8t#gaA?T`PY{oQj`I5M5H%m_yf_9WKe#rU`X$3DQzqrlsq$n(DZ3}YDY&R-7i1?0;fx^5GN%Y#&Z{x< zv4tO+qtB*IpO!n69-WBRtzI8pILNl@*+*a1GnAm6ZV zLZi$F)<@VJ$3D_!-O#=Qy*~7ngCs?WcDRlYTN?sC6ac|I1ft6ARdEz^ce;9ixhun- zx>H7o-zKWgv2CmrHPT3@Fky=hNe+B<0ijle+_grAyN1=XkF~+%RlH+w*H!D}8bzIpQg68xA1pUD(66bN}l0|Xj%{M0hpo8bcG4qdCeybcL zef;o7I>(;s^~`Bgrp0Ss@rwBOfB1)Z?JHjyQ>RYNPsIJpCq5p3@u3gKC6`~8D@>dt zH)4i$j2t^?cVO8(?jm=o(~zrSXb~qA-_Dt@aId&;WvpDi4yl+rWlBt)JXtc;E2(=5 zs$fRBI!r(d>C)kN>N46bXBnGKntV9jz5Ow6%*dEIV`_{X)sc^l@k;A9ZL$07%TJU+ zFFJ_3UQp^JLdLMFDb^&zNIe1 zHPQqE;*mrqb&jayAg)gm+WZD!2zmWdu;ZkfI%@|E$KMZN@^y@8k7di2#WmMntGfF0 z_iN@KJ3pQ0-b}uS8hG%VyQuSzJvQE^E%l%M@gK$Mr=2EVSN!~!7sp@!&Bx-?pZRnw zS+Y1rj~rD!+sI_zS-+EKYDP1kxQFmi-N~^pVfmV0eVC+QtJ?eJY*r_4%EU=A9S5o7 zw>K+%N?;BIsER5f&fzwdur!D3es)-;*~A&joKVMVi#>D3>=-q2bUstMV%5E|wR3x3 zrs%_7$ue6YuTX*OLU%noQZI6b?Ka;Th9GMXxL8YIc^#38gTs71eF?w zg;j!5J^t3KM}R`Qs9lw`>2JFZUPs1x%d>hHrdmsa$~eV!6!{2gKPx+&THcAqRH$-r zJn5gNrn7?wp+J9_IE{;$b@y9Go*`vx{_bmiSaSs?ZIovOWk}uim6WVVs8uE4HODP? z0MOpn9;?@^jyo4Fj4fNX#*|5uV&370rIX-mF%Rc0c0R(heS6G5=9qZfo8B0&eEG{_ z&YU^CYq?^53{U$Hzow{44dIY`Q+tO%VBy|J?1Qa5~eGd%Mx>vS_p*#ik|^IZCze}+be?q+ad6&FrybOf^OOva#J6z2PZf}#*CT7>9dN8r z$jXsbSvpR1At0a*0_Hsc@D`3=$y>K(O>Eq_A^EeW&xo;O#^$vzoAq!4jw65IOvD$A z-v38`7_WKdD`L*U2gORQ#6JG%&&G#8_OZD5vR}v6?OXG~@BCm#p5$sY9|s?H(41#J zGM0lJN4})t^b7->&(_VGW8K;{nI1cSOia`YvQ17s$J1VbQCXI>DfEC%2gKbgj9Sum zXl{mqo&56RjA>Icy>;uhSiW?5bjd;bLls6n1Cj^X9{9F}w0X9}U1)l+F`O;#ANXav z%QjUGk`&nO)}XF-HrZ|ELcBaA)%lM*)t!oOS4G^S!C6-2(9#7rTim|zj(odl&~L`%u@f3H<1Y3Lr!JG>ZY>W-ng37#w$U%N z341*R%J!9g36C~$#3}~~$F19Kpw@*^O||Ym_|U)twO3u-uhm=?cE})Bj>uvf+wkha zAL7-`8yqI9PYw;kgpfM9e(5{m$h)3OZzac-7~4lP3EdqkN0Q=f$w~Cd(c)lmj^u%Q zuw)t{S+jP)aQyv*tXeB4p0nGsrTVdV?m$kMJW(quOt;YwLAd{F6LaO*&9^eUs(GxdeU3vVP2(jVv0HIZxSEwEm z&H2N~r;Yl*T3hV3^){Q;@S%qun$B@o$B10aHj%cuWtEI(2p+S?qnt9NEnhlH;A_>R zbz(j0sH0-s*fE*8_cA^5j^#_Sm@5BOuq1eel55gKgWk$L1{?GtD+>@}x;x zxeN^KhYaZB>Y!91BTs~r;BGZ1qsN_bdc5~t?~HTLd77MkM_hZ&b@8#k`}_FH*T0(A zTe%t2(N^E3ro465y7JIEG@s*SIp8#TCCuNC#}zyAflHS!i)HuTlRTW`ym|AYN2}#s zIY>-o)*$5&5HHPVWJ2)FcXQyoJM6T|(ZS8IapT6usVAHmW5unlSTN@4% zT^{|!o4cr)hb*)8p$z&20@zFcKyItsgA87Yklv{B`Rk*x+n@ldC|ptHo~o5!MM!bK z8W)Be1gsHzlE*Xq6_1w=D@R#vrRi|ijcmlLFZginl8rYql`hO@rCB*rKtrm=078Zj zrHQkulq?RCM}YbiQY@EW%42Zkhb-!@!y6GLe8@okt4UV<-m;oNoJTWuG4UQ0V4}?` z4hdgd=TV;1A9H%V`yKDfw}RN3-gNV=@%R7wFY(Tcj(G=I$`>tK6pI!vO8%idj&;;L#aJd(|AqtRR3mvH1a^>= z^k_CY4|#gaIv~rK&kB;ynT;PiE>4nz;j}(-BLVwU_ zO&8~~FX>~;SbiV-f#Pg!S^u?(a9SN1=a*s_5Uls8syev1y|#3b5bl&*+#Gkdt7juI zb6_x4`Q)+*#|hIwWUG2B*IPA(HDxu7s@3U0lc}Myqv{HxRjs*N%uz<1h`SA4P-Vx1 z4ms-v8S1CKVE;Sd^F0_@mCk7$>LN7}Fsz&POp71O3okJ$&$P97g?Uc6+n z#!~f&&m$G|0sRQ-*`K`1msB84f4VOLL#SHnxfk~Um6NJgdDXvaby!iC6j$6zJ!?Mx zF}bU&kCdxcoVY$rLbh^bXz-en!(LrmtmJ4ApSq~F=mUeoTX}{lWvf*qgaqdcm4ux= zpr*5u#3AO&vFskjt(5Q~0tPq}uC1eT9{f1fhPCT+RaV{A$KZVfb+FRljTW30+hJe3 z+AYvuj4Du%vVN_~`_#wX+@$Dli5I@$dGV4LzCc^Oak1>~W$|zS{_*(QH!jLwBILui zTyxB_=&26&;8AS&`1n`>!jkVi=a;hk8*(tYitOdL&lknr%a$hlkU4YWgkz6Y-)fPt zi))dXR(D$hNk*`FgdBZSHCqO{3o4syCQg`;&zka(J?Y!-TquXWI_u#z&WGHI zb}ztCF_j=~=SaUnWozk2()6L_z`(9_4}b&WYGSoDu2y?KXsE-Hc`NK~G6%7$s&aeP zX1rQMqNn=lt?GMp3<^uwP5Otp(1GsKaANIQ7OP5290KXjw`rt>-r@!gM1mg&;{kQ@ zU@=hgQ6XDR%?}=OfNNq+nlL_QPSQIy+)&S-UmI0(q4|;=a?E}@>$4K=?Cgpo4xbmVdDW}qJ@0(Cw!$xtBMv=GjBQqR`?tTnBEI>(|Bcma*5_I2lyO%DH#f!Dg)@pL*tXXl=DJR8*i4z;ga#z5tW^+pn zm0yh1L7+YyGfzPrJm-)&`>ZD5bJ8SN)yJD|U_RUaL zm`AJWH=Lv|tigjAhLxw;LoiKHXyus0Iud296RI_3wb~=BR(k{05UWzvEg2-qN75@s z_>}iD7~P~Rx5+52Jx5?kw^{o1b3tg~77P{+aPvO64amMt-quDt*&V4UQ}^_ybx!o{(6?b_s> zar)_T%1I~Wxr`t9+7;*mXiq>B%4QolNRHdosngv0_5-Yzp~T4Zu(FAuSRU0E{i<{+4}m>B4ujfUxj(KAjucg@ z_**%)${~^Fb_#~`4hvpFxU;i26Cw#*d{yX%3+vGSZ&&? zc+GFsIfHADt>lS_w-Bn!vU*vPXM5MU3m|#`zyRl0=nk24P@H_yamnL*h}T?yod$l- zKA-*BN<%ZI&x{wp_(k!O7yf?Cnl&@Vj~f?r=N=p{f7wgp)vtVcZo|6SZu3YK-BBH$ z0hs50P`sL)eKC5>=s54Zb7KB+$7a?~fARD9$YGkwxr{^ZcE>FPnh!}S zUmh~^o67^In|192@-l(+U3c9LaYOxak@@qFiF3FqHF{Lutf~y$Ip_vxU%|0um3YMA zhsN(+_>4S`YuB#HpBr9#|LS~uWTH%>gR+MX_7ac|sw%T3DbO$WIz7uT~6(b2~oosZw}i+m+UX;Pnf;)z;; zu(hv`O7;tp0zV8 ztgoBPG^d;O?o8Jng5$xfvbWrRTU_xwZDBjRwdx-ir=EIh9HG@4!>5d&A>x219qa>N&!=e(YMqUPeau)4z z!tp2M2PnWb*IpMl-gK+vG$y2zyWH8Gkh^xMI-CzI=QJ3KXIN*myu;zj?FBd&eQqG@`OBomtS>t+;-cY z%ImGR*ZVq#C|;@ zFR0>`NnR(qACTn{aUH@;;Xn;!pz4!o14dT7N-sRi8D+ijk=e0e{@-!O?Q!+h3(_H%*uHIhTz|t&`7ziO9d0sJhpGZ1YEShnV0HcRkhztE zy#9t8^7eLb8Ec_vWC_Y(q1j* zr_vzFG3t44GL_YQc)1N1)j@(V)tezSc$unTo>ZBiTO$qbuI-&MYsRcN|J?I(1p*da zcU@d{&DDAHgX>583LG9cN>;938Q=c?cjAXX{&8$ryDooXb)~jqKlt%a;#=SSZfx7W zeaH8rOJKW+Zc`ij~qA%`Cp z&w0+XV*2zcIv#y-{k02X!8M!+b%Jf%$?+TxJ`OgW&;;MKGdSORtZN^E8io=;wWkz3 z$kh;%=h=f}nSBx1mKA!V?&x&WB_w?i~yJtmwPY!G8@_SUh+zS(NPX~AtD9?2> zKKgpq)mO#e|MNe_Km5x-$G?C4Kl0sZ;+OsIw<%{D7PNTta*pWb@#)jhis}g9`Tu zHp2bjN&tpo0BOjT!KZRUyfr*ZR*&{nH)Y84*CHz}Kzqf5&{1(JU6r0HgkP1Z>Mrx0 z2jArz@O4N1;n(Rh!OBL`E%_bE+Cf6utpaz!QyY#Hs}#pEvIS@0;Y{`6%Ss%{=a(SRd@_g&@S?6Dn54c};`4#bftx)+K z7{43cn4oo+XFn8uktqAh`E{`doCliob_UDtNtxY*PbRBZugPnD^XJdcZT8IR)AEyJ zH{WzitlPLDS|zi;jw53S=g6nz+S*&={PWL^cf9Sb`FrB@`9 z2kE|cQA~$?Y{1U?wJdM>Qr|wnDmxY$FcO4h)!Y9+ly- zaVNMH@&IY_;dz-`yOTy)WFQ;rvNqoJSQj894?+%DZbu+dbrIJ~dwTj~^Oi07X|cZi z?HX3Nl&&@A*1E2pfeqml(=hmokWVyG=at*>l!Z4yIk>gz+PZyPw&lrBJUia>+SkOX zC!dI9Ty@pe@vU!vD^{;swMWisPrx>qhqn0?8K2w(O0y^E3Y%ZL9zH zd*9FZ;q!G)V{fW$?lT6gu{(WQ_WgeDe}*4qwXVu@zg%Den_xMbQZ`|)W*LRu#a0T> z#sNDzU>>qi>7C63=z-_5gyfZt1EkA3-5ASOI=PC;n>v+tWQbX|MD?DmaurUVI4M5| zHFL%kImxZDb!(^cDC?5Aa#_|oO3Lb+B>nJ|&vTTl7;%^hS((qhDb1rpSexclHaTQq z^E0QLm_TF4#QEo)7w>+@JL9ag&dLk^-1+_2Pku6f`ioy=iGA80?E*MnK2keo^ynBZ zhskxS-2&#Afcle*BNOBVMvoeqZQLT~*rf@Yrb9G_18KNhNn#tWYN+?c5G#%JtslKTo)j^MOY zPmQ;~?Je>2r*gfsB^E7Q7+?J2f5)}g-Kdp&M~ z_!t0s)}~P!s@~bC&R1_H=cj57rN_S1UVia-9 zw&A$MPrU-GJ+|?E+!03}9-?jeQwrRXX4`elyrbh~FM3J-7WCsE_t>0ZciwSl{D1%W zkMVV_9$9U$%ELJxCSjtxM?TggsN88seK3i$M{;MmH&#BtK!HbkBGw$Jv1gwniNMJ zHBTqszF2zq-LYoPnv`W6>?v@rtPD9ZKl$vlT4K<*($f zh&P!A9n-R@#NF>@+-S}NPL~AAuvrfB@xm%$iC?5(-u}+>8+c$ z=W}QWA3Q6b^n@qG+urb|c+m@gKjzIlk^*tvb=Sv#ec_AojsN|QR~wr`Kl-k#{{>B_e}cn3U*c$qE@GM~5RUNv`&Vh~bj7^GkBFHwXThZ_NC;sIhC$C+EE-$u z63ta0Vjdy==>BqX`hBSWEqRU;f-?Rv!frW8`o+Tpp8LxM%du@a_n}et7y8f(nk%>5 zP$+d^19h2azRMEdJy3!R<*jmFEiq}__;}6BUlPwe@0^%DXLih)bx`B=yN&BN>P){l zuD$W*xMsnEShVD>Sb5*-*tBI+Zk74kH;-=giMakrOZm(%+j4%SeZWL@D$(kUioOEi;o;@p93){4+T)ARp{PNeoj!%B!zv2c>791+uYMxbWG!B%V;qW1X zbdXxv@S5VEzweLZ?QeN=zK?z7HN3%bd$hN=X~8Xn%l0&5sP;6=yY2f3`kuFlmfy1? zzWTLq#4WepmM2a836E3lFL=e*s`m3$o%g)w-SN0H&WI_KCT1S5kpAl8U&W7q_OrNa z$&&o$XCC(^RF{Mz#*7;qC!Kn7Jonkpj?+##DJD&vD973pH{X0qeC`WhiqC%G^Up%>5usfz1wfM042LMdqd{jxRn~#0uBk`s;yrIGG)#@yFjt`(c zI|JQ=DeM6F(Cs_l^WM1Z(kt?bf^_6*?EZlrTRKUdG|xQqjCkG)p06Fmx!QIgDnnXh z>$a`2LXLXF#!cxo^SC#G$EYxz?>bJOK0OYaU40?^{`*%~pOO3ax8f&1zc}vKPG^jE z9(hv_J*6s-3r`&K;F%9Rwt({qn`N!nJj)m*e<_v9@2Og+`Na1JSOIb|yQil!CQO(R2hTn@ z<{frOoN(OH@whV|A4eZGFQ!hK6ywH^&oeV%Aa`ld_w@BfcUO9X?xa|*WoyO zBg+MHz*{hzc$7%n_q&%bkIOE*JTCd&@8YK0?u=FUu2lV7^HGd;P1@ErwN%^n1f7u` zsR-9O^Feem2tacuGZD!3E6CA0G5p0J{&772`OlRpGDfH3J@PkYyBr@1)>+EX zZV#jqL+~la*UUK<@BhFD;+iWLBtJiZyB{5-!E=aQf}o$~&Yc@)X?y&F=RG%0Jo%)U zt`q0jv14n=U4yr+)~sI_cP?BMKltH~bKs~NVX3?E`>I7sXRgiJ>}qWYnhw4L@7x=(SQ@JisoAg?z{KCxc;V_sIiAvH~BdX#uUG0z2csG zzKGVc<@gJSE1D9~WcgIHyjT9MeVoq$aD*QQBIvO5jG$ zmd%?LZqBXurY&2wE$4TW*T%XH;;mmBomy>njL_<`V}vHD+M{h&zLm~zb!Y1!wX{tk zZ|3wWZgx5xMKWGf3HT2p=r^2>pU>NE&<+l+2NQ9(jW+qfGZ4yl6E^coIN#+X4%?hgb!w$f3mkJ>c`W=@|HvuDnVNs}h$S9qpqMahjA?m)9k*|>4D#?P8qx$?f) zv~FYEud&42Po3J0@XTe$NbNdu45@*%mv%z#6ZcQqPtFJMou;4MUyeJE5R^JfJ%BO* ze(97+6L+~%-$M-PAZ;&B%-dyv-8ez|#SV@*umg1a%DyuJ>qC!uC0wS&u6V>DY$kjl zz+FhT&G;nWh=E6(0XdqRFxsYZv7hf8vKnM7jdSSf?viumhp^aoGZ6`SRZ!!G>q9NP z8ROBT9^;NW51;ob&cNb&CR-((V_w@-t9h={7e^Z37p!~3gRzPIK*J7zaF4dC?h2Ym z8%*Wka~!p9Cn)9jqTSdz=+5e&-C`bo!^al)8_$CC@A$5z)6`N<9cm>So>S$T5& z+qGlKor_kPts~?Z^CT*z*i19%%N#>>+&n^fMN=Dm!~N_&b{WgTN5**&dG0Ur0DRkI z*-{R`2PN+zfR-t8ke*N22D$xiA8`l|u%tz~6np2bDgeB*kSoFkd_wZqod-gJ&tkI+)&CCutkdh$2B zah&<1V(^uX91ara*aly$UUZVDGO1rt9|(Z1J#kPECD2u%G{5S;s*Ut5X^6N7R&#T$ zXHVdI9PSL(zbm<&pmLNbsvV}{)klX5XsER6*ykkx4J;08t{5{?%eV-(n1F3$0wW9G zJksvZrYai_wgl<2d|40W;iHSNB;azEA1?k7K+7aK$c%`Xs-^P-B@dahU*VT+Nku|) z``l)S=%6ehP5-0cbpT|`{slfxrQAaSZkHYBVBiS3{-)R(-Eb_`_{PsL*3Fj-x44FF_N%dn~-d^kGEx;fbt10HF*i?D89g9ki#fb*O#;XKeB zFAt6RLt!`_#!$SSq0p5M(rH53)Y^+-bs9pyCk0s^hGierMH1$fupWoafM?xh9i{W6 zEbuWPk9euKlyw}~zGj&R89ALG+RK!5dqC-s2;By!OOU2LWq%oNr~AZxYc!_;vhdM2 zRK3l0JeX*-PY#IfSw*tDl}B1COLz25Fld=u2Z&2P-@ak>C}&xhPhO_Q=aofPp8ebv zuVwN^j*<`^g?g9GUK9go`fx+Gqlz|ArX6?FEKk~9>pVj8%rEtnG6wN7y(^UZfXfdx zDTadOO+t>Tyz$3t0`(TU$Zy1H6ZMx=4lQKhfs)_c7Y>1Smh#O&FXIg|N*%;aJJT~1 z+{OnHjTK~R3vF?Knoryqj>ndm(3{2KVBMh9Rq}!Jfb$t^z$dAl)pH=wY-0tF4sx6e z4{47IKM&v*7}}O+o(6xe*99Ky$(4i3wsM2R<=_*dv$#mX$`uw>rYSgA^-yC)iyp<9 zTss>7$N)`s_j}-&SFUK_IUiWwWnBhX>RMtPfacb2t>5WgzST99Q^+Wjg?TV7)Gf zEOF!=KTx0!+XorugR(ugrEDv4%L3~$|3KQm3&@np3fpR1YvD@3jF3gqf9r;IbOmtP;*%WzRQ;~pt*b* zIu7~patNDYSrf1hP{t1wN*fL8blUYJ14x_a(6Y^CN}Uf9WHu`iTQnG@y`@BR8X#-_ zaP4xLp~^R>0dB$l3ean}V0q$pCFVDm zCvBIqztN|fyv_py_G59g`*f}`bg#9@@m1fgtnPVd86s@2vy64P_v_Z;9C-|=+&1%p z-+b#vGTg+m3drUVF9H9N3KsPcgTs9U951`q{op<_xvcxoH$`l_`MHOdt}5>1mv^<1m5%Jlx);jon>&Uy`OW-C0%%uBz+LJ# zmwd-dl(IvCJeMnFNwUX4_WwcbP}LN4MlH|G5fx|~S=mrL8 zdHy#Km}i-iPaie+8!+E_!1-mKc_myQdDKPPJV4wwxV&xgP$=zm{mptF2-sG)!*K)K zAP-~P?Y7%?VEe6WcY!SW+*bz(GRqbY59gNl(8l3xv+eE&r>zIR%a=79cU=)9*o_yq=My|X8kUYb;e@O}3hwRN-+ zr;Mv3EYpu9(58|=83$$B-CXviL(7@WGb~GAI)vam&#(^iIUY^}r-91@%UEA?8kEQR zK*RMnli{`j^9ivPz6qW~_ZhUia5>j;0O0Q3C9t6++O;#=%rB22pbTloA~I!vSl@6u z0W#DLEW0!L9f1bB)w1@%AZN$i!L{vq-A!mzQ1%iUoyJC-qzTkL#~tgunIk@r{!lEh zM-o>#@_56>AX+3F7>f5uN7)z6?dO;{pF_|br~5%UIEE@yqLd}i1K9ksjN{}XN7{9| z+)zN?c0Aa?2B>V8L$|qXJ0O3kHkdaYTy7}rtlVzG=It@Ct8B+`*j3vM%k8YKj1y?z z+wGc%)&!T1f%d(wVPM~v*A5{idZD65-i*ojui+^qk8+vRpS%XiHAl+VJ>!*SZm|^t zHy4!g|Er)6hU*9CnLNqem%zsWlzEO50_1?xrJM&?SspkKSeNT-)>GHLysVh?0S48T)sUvo=qu-$N7#HU4z!8X3HGiYA9Xu8!+agNtUz&A zfqnI8NeAiE335PAv?0UI8R9D5)*9WNeA#8Qiu6Rs$k8#fqdi*NTC}@XdHrYN_Vx6| z*3DZb!f)Y>%AarGwYB`X!G46D4_~6$wryL+`Rtp2rEh=M=elr=+cs~`&xLiUZTxbg z+h!TU{N$Pl8NPCE?6FO#q)4T@>SO7LIy<*lU)a%!h#PqwBS*xjF{87NtjA@5brgCM z9C9W#e1~Oy4omC@C$QTn>vw#2>MzTASOd4)a9b_oG$Fh)Z8+V`b6E2C0*zM<(*P^3 z#`FUUx20?oahp=ELLd6TT2_a=E8TqL;4`Xd8ENiBE8Q#S2a8oDlRIA@6yY454_dWa zR34wjnlfopoO;s9(a}C4ZoT8SxaXb~(%7FLS*#-Z$Q zCyA55IpTnhKmPc<1bWNux5Z{TFzVrxT>A^OzemK6o}GHqi7|ERw7B7>n_~Gr_oN-P z4PXy6@5m$LB-zAo2;F?k&AIAs!*SJedkeR@Tm5;^tXXl!>5qvSGiF5R*6nfmmA{KS z?z}TkNP~W;zZuLso565!*le2TCx?tY(!?LENnu;}w0?%9%K}dWx5fExe>H@wys}(# z8rYUnmw9`Mwo(4s*V4#+RJu2yN}FI1FUQ5c!@86``3RRZ+pvI^4IfjxcTP%sRug|oDEeIQn#HZli$dErOhiHt9jJNPp2L{dv<)_ zPv0MBJ@yRQvmowUxhj9#1z5*`<^c?)6Ab0V$>lqnGp0|Ek9_d2;yrJFha6^q+Ew*A+ki)h}ghuN=1esA^ellm1axS$F=a>Mv~q z)RCVg6aS#uGvlpqd}F-i_g|>^LGh#~J~57;e|#*yYl%);_vG;ysvU`vP2A*x50(68 zda$s!^;5>fpEeq0_gZh+c26g#%Q!F(IM3lepqeEQ5e(H9c>CDKs-tqiDUzQNb5HIe z8hSFd6Ubuf;=7K0a&)x*Kl3EcrRS5HIJaU+6BMwoA2Eu{nvybpA(Mm;M{@%#Q zjt)7BY4P~So}OPhXTmaZAwJ-H=ILj~{9}%ZiQ~sd2fvAf{u-?AHm+F{8&|K+aLbl0 zbx!4gHmqMC8`iChjceCda?r+&SqEU!vl>Nilk$2tZAu*@wY?lOc1*oO>&q>7>Zt44 zBpoxS8jz9a$zlwkR_$TAgLl2EtzVxLrd)CZstIO;Wnu~b&Je)zBd`LYN;F(Vd-)%43 zT!sv-GSBixb9yf^u!01x(3Lh|>%k704}D;Mb{K7t6KcH1w}c=?rZ3G&De1=2YpD;ZXmnNEeNgUQyVNq6wUbK)saJUb>$nwUS(bjO|A zLf?H?Zu@X>T$6kE+us#O9d%T0DKEL~@>p=~wds(!c6a=7$Hh~g`t&$WTf<}L&(9U$ ziWMu;flQk^HRg+V$lSSc#8LC&th3IJW0Ypg$j_s)0>v5edprDK{S(eUJB~W$*qAeC zj-2x8xsv_G#TUmaty&K|?65fdiBF0%9(!iiGfGZn)8!n)?_tK;Hd{Yoq7o|t>^+<4kko~#qgW3>`LK5bfl&)qRa?S9N- z9uw1ave~$KgPdEnYG-A9(upU=s4-)*|8T%KzH#Hn#fzW+{QL>uPksJ#@vEQyMBDgV zvQN)edvCw}wz&0cGAfjO!#s#MKCcH-T^>v+!9nueB46ap z)njc(KGuUsM^%@$gXut7LDmj79i*JoTsfnsJ@u*S5L;VE#7M2AF8}RsW1UuO{I1IU zV~>lsyy11)>fN2Xxc+w4f@|`}!%jZsl=#y>{v$b%=gUFNj~B|3%$s*)TzlPhvGTr^ z@r1L^ivRb)55~)0{E|5JwA17C(@u%=&pR)kaOPuU!SxGb#l82X(|z`Z7slUy)CzRuh>m#8D_$8N`O6QaBj%Domz-h#G)1<)>K+^v4~bOXN&fuU;8r#*B^kyyG45_P4wx)~sF= z*WGlZ4im?vB}UNC^N)*Tk3BZ7x_Uuer~aL!75#Rd-Ge3<$$ac|=5JfFGO>GJNtYbddUEitB@Tf>$;h3tG=l}Qje;03k z=R4z{{_Wr8EKZ0&c=x+v+O(;vvNaAm=-`+>ZF*dK>80_mcfTh-|AjBa(MKH_uXyo` z)5$#c%rmq?eS0ikvLycGFa9F_w8H_Lg9=Eg*a+M%v(?`Vt7TQ|kWKlO=t#j9T( zANuPL$JlY>@mm01;(j#$sN$^04D_LzIf;W{Smvgxz& zs@J?R{#k9GK4WIQ`jxMWO&c~zeqkJO#Jrew&>>ohwrV9lDo)p`vR96F(c*>1FBqhl+L zUP9?*l4SQ~g+!__9jf{_x83j%s-5Oez@+Pt16r}-p7{QczaQhrO^6ph|AjG8E34VF zX2cn%og51^ak+b2{oq)?ChN$!Kr6wcjyxiM@Z+Dv*T4PkxOu^X_|#`Vqb>0-;)&WW zpDpT;1KA?SbIrBa#FxJG#kf&2*Is{p{s!}j$Da^~9x^w6PpilA+UEZ2Cq5BB|M}13 zs^4A_|MjIW#qD?A5hGQe>!Vxba6bR}|B9=%y`4F2TCBc*ZLHI(@~9(^$}RmBzx%CL zXrtr!6He5*qBCaAn32xv*Oy(c72k3#`dgBkLC?Tv1-E_c*7)8Jz909kyf4l>=jl38 z%#BHtCdF~b9hWQJn{U1?+s-PJJN%0lE{?B!6H49?a%<0jtEq=fH|FFXk&)>$r z=<65d7W!zWop2_^Wm=stUbIMU>xfZuwj;IrZ*A#~^=nthop&sX!{#2U zmFcVEf@eN6?p?Jqog;1Jhqbr?l!v*X|I^@*HXqiK=TOsNkeodhe1m-Y(|t;w1(k|UXPN(=#nX&X8T z(Lo)e>@JR`R*9?-^EJR)f7XMnoM^rps5~4saddH1@_Hmx^m&sV}j3!N;nl~)osV(Z?{oUWk>t6r5I8x~u)A*^}DRPik#-c?_;@G2) zifJ=vYK3}KZp**>{qN?@nw>r(1M%khs*N6Rl;P8d5rUjD+D#?zkk#Q56RzZ~y--@D^)|Nb9h%&774 z_BXyc9{ZS6qg#%@MPq|2Jk^5={na7Y@f<`|iypb)SlPh==7K@v8PFyG4;ez2vz!4R z8S|{OEVH|yOcOX>4c+BXG#?tG-0(oyl<-8yazba;yi(S2cM2%uJA>sMmIN>PY7LGE zX9e6qgm_B@hnDiS&5d%R66RTsL^@T)Qz!b^KI1eM&t9%S%tkbwZ(X@{qehL^N@+!0^bM_ir2E2Wo*!pF@rki)#l5lQF0CGGXO&8%lYf5L zCMT_&N8}9zt=7oRdXTB^__9SruwQlI`}2;h?WxhCeDsWwE$!_cd5w_l3!d?e_}KsZ zYpuY>#V0=X$@u8UJ{DJNRXb8ES#Ba-rB&9iFS{fTK4?xn|Jl!tv!3v{xclygrc;@GjH_L>-isVX7q4~VKjLvFS=Oo9WG=4(Wb>NI}5KxX-Zji|Cj4K~1k-7=h zOMKaz?QynIWwI_6NIp(iyp*dQXoeC`z4U<+4gJc?2g4O@uG1i|0NZSS)QOumcieGD ztX;i2Ui->d#tHL}i%TxKB-XB58zZ!Zq8wp5OlNcjIgS{XcQ{(q*|)%VtPzC)fOLzg^B~OuX!+FOP#} z&5mp3G`DTpBIn$mTjeQQX}0OuU{gBh5=!F4JGDyV5&+Ki4X=4^{QmQv8&_U=xg6aU zDqB6MUOnp=al{cv<}hF@ed)zNk2_R9i}w6&Y1O%Q&04J%f1M|W^PX{T9DexR_~oxI zjuk6c=9a!XHXYKYRk@BY*IPHs-mP17JX=P@w(Xsxl7VCy6&wMfmM=`ma^} zN?gOOtuLLX7V9xWVLQjZ#y~6kHB@<>QZZA-et07Lt_Jav47ZJe2A?!tLs;ek_{fy9 z#z1!thGk0GVUX(v9iJrPI83PI0o%Vzoi^45iQqtZRjwC;hfqDxkV7d)o>MYgOGc|f zew!ReZc7!y0tv#>EItasy{DS}Uxv6UJ#PeNTMpt6!7j>4?Al zix0%p&pjv3e%zVys#m@&PB`I&>L!iaii2hai{m?1+h1-1J?nyJeBe+2IHpaXmM4Kkv6>vkD~6*-MTZ>x zRynE5uDD9FGgWs>T%V6Lbw*pqDA_$m4o?nE9k*Q$Y}APiaz+`atox_bU7|W1 z0~kg=KUTq@L7uP?&+MuUQv|#0Q{X{Ef`Vn?hM<@nSv#X#b=88U9DI(xd`hDeaIQEP z;we{WxEzG;w9q=m%&06Ugy7{0jsi7ka6@sy9}X6wx=g5Sp7|jv!5P+$I_tN7708uo zEtC8-s>-W`i*N`OSxn^4?#@^)M|JPY`!$(bVxt@ckCpsF^h=&WTqQoMtIqBDs0mw6 zwwX6;LjUW>KOSr3yk4o*=3ji^1M&RlJSQ&w?d9>Q&wVa7Zrl`I-Cgsz9`r!T(zm9NKw>lWm5o~`_3Z_XmX z#S7e`mm)xVTRSADm~3R#n+{ZCrd?y36(&xTbt@*|F!P_xU%GYR_#m6cP3lz#7#V$~v!)yH< z=vpF=P63i+Rf4s?nvq2q2?MNLIrieba3Xb{D`f=u=;vxs#A%(;q#!{V{7B%1{b2RjrR_Bd3zv_k`*k%#W+to7HY6m1I|*Cw+LWFP>O zxD}T1;la%k9)_McVL}{p)KR&myK~{4`IbkACiijkkCvm_6!*zVaie4E)TwdAVTZ+9 zO>%Cc@MsFx|9DXRkb@7FsqN{kZo1``xc$yMb89(s+VnX5$RlF&#*J~u!iD)z^rXp? z<4EaY0^fMkO}P@|fpQ*_o;ZF|I#BfUFgg0}T)a4)GWqk4oTuJsi@WY#qHfYeSDlL% zEshoUt*Tx(pm{B8|_-h9J|ZT05O+v1Kp?$maE zd>lRR$e1~6MmpLx>(=LUlKp)>amy{YYJ0pXCQq6WfB4?_#B-nf?D&&E|3Limm%qvt z9?zHJoH$N6C!VqF)wtzG)N#ihqm}V!9iN`KM=SK(<)Alj-jw}WFCc69_9%a$n%CUecC%vY;%0{&B@>)2DRM5$omd~M5przKXFE$i*Cx?} zKAa>sO{kkUQ&>%PZAbUk$|$Mfx*^Ux>(`bZUA!{b%Nr@mZ>#Ty(_|j+8KbT5*=L;{ zfArq>#=<*qi@*Bo|EKNk-Raa`{G#8F^Pcv!c>iDiRV-S(ByXVPwN$!GgdW<;RXSd6 zWc$lI<(p+U?Lj|nR^_s@Q;u|0I>&Bp-?wkuo_$rV3K&F%AT%Fu#tnoVV~2dk z59#X5NL5;MLs|Vf&iH7F0-c~+7{9WMpMJ~w)5)m>fn@ShyvAUzx)D%*e?RYsQy23@ z^)N;$mvc+)LoVaC&9*j!3Wv+v4?sPH3AhH}G-27bmWAgyrZtCqfRY~n6regi6-d0Ae$*v1Va^wK7rPC7~D zr63vDR%+dMFfp0rAm21m-R2QzViMv=pps`fLIWM1%sVRskOd_VAPdjs0INN=$s7t+ zdwgZ6PjvcYPKlSl>}7HOdC!c6T5bOEpZ;mweA}&ZYHjJL=gdAhUnk^_c4u#woQ>K@ zU)SAO)s5cj3r4JLf$hoqWe4wA(-xc?H(}%|@^W>5eR8kbrV-iQrxp2;@#=GvqKUk*mr&&LHF9GKjgO3{Pq+ z9R=Xkx(EO@Vj%BOP<0$ zbs#I(gXbI+r=D_3%$zYJZoc{E`1K{1M!QaK9eFcFdlRiXxzmOQY|4I`Q&L+;*2v+i>Z^Q#?oa=X8PrYVA;q(pWV0=94`p>y(7&Gkk!qVx4iaRpYR#V# zY{&cLJS(Tk=$4{XqfpK1=j5V!n)91E#T*3$S!X4eg>o^14l$C4JjuGu{y^4Qgs5)r zwi4v04Vl_&3^+)Gl>2%J<*+%|4a#qK)#ba3x-;|SF{QKxvUE+waN+O0NM z4?wjgzeVll8fW#<<=Q46S2`@KRf2TRSs}-GEt^3h*O+_z8Cic7O*l?SmDmh+RlVhh zK=$+w4wAO|7z_cj202Jd*Jqt-^(O^{4JU^}Iug>^D{B)!KhU6PiXoQ@YHCJ3IP#zo z*I>vvRxlvYP5Ih&v3hJcNV4*e$b+o1pA>@wRGX5)DATqI9%UJh1}y}6wxur+=1z7m zCj?3~Ykn9Z+fqdn&1nNZ1j;6x*95kttZZoGc3R| z^h$;;0&$*sOqs!Y;dV$*tL))y$^h~3-W|BbXvIPZ4tGtf6|y*Nvm0mE!Sz2ZfY~(6 z9n+jHK{Mf#PuCmphk|r*;~*!lyN9wyeVCI^zTtG456mNN+AqMxRPKdgn>$a%8QyG8 z;Nd9q-c1@nCqNj46C)0vlQ*yodC2g^r=dVCltD3NNE3P;>T^w_s z65*NPd~!*<_9L378;!GR4ohH~Wtxyh23>>nV74-WvOctc#X0}d$B|2fPRqia zQB*LU0tbNFiCeL)P+qPw;a7)dSSu5iiHVF-Ir@?J!6yS56~mCED@ z)!CZ$a)uq^AnpQ`v@TkLtIbs;93EMsUvia;#KREotg>sW?yC3(&4UlzAudD5xcQdZ zSyxluUFLdhL#fO4lrYa^G}}UYI9psFDD;>$5UD_Rx-3n2RPy!_SN1ZMCufbUETccE zt5%rOc36Nof_AFNl}5T^;vVzJxeWZu=~X-$3$b{xo=Pvba=10aH`Q4;@^od7%5zhv zO0%-m+~{l9lu@3>aIYj>BXhSWo1=N7ogms;@>ylupv-JE^^;WnITxe>${nXdMAA`a zq^5m@kFiyun&$gBlXeKfC%=>jb=t)SfIyu|l=>)d>SgJzjH+EKo}>a9l0gYFIcP4O z!bM#CbR58WI|ByQX8x*K+hhfOk=T%;K?97gWsRjWt1dk#7e0_a9N_X;aB zYP+h8hbL$PL>t@=ca?c1za;bNAoJW|rHti_GVOebLtKLLL!p#++`|x1uFM;X$hS-l zo9y9dVu-PrVqWx#c#MXJ*7-rP9%T&t;v(~g0#XX4HVi9`bLH^JPj^%UK6A<|LS&I6 zT`yV`GmouupKnyA9-Ow^qUvrDwc*tCk5hVYmgy2NN3S^5ZmOL*gS_G$$*m3`*Mr-% zljA{lmKNz4T^HMJ<{M6tIY{9&OtX#-tF27=+=fHUNOY6eOnV5_P)$kAJk%1pdw{De zWdw>2Ms24Llgj{{BG+Cj-$n<}5t&shCc`BNtAkgetQnqV%QCwQWUT|r!&%3%T4YC^ zMk`vYrzSv&s^5yty#OWAi7s3%HZVBzf;MMS>d#7D^TP~PlPaPKWmlC=g6}-b0`rF= zVA-K`m35Z+LxFsc=4O4i-{ky~c9ypjG|a4R#tHVw5%ehJ3QLbpl)a*E#Yy*b;)GJK zl@qcZ^?YIM65+4pj_H?HmI6MBe$Z??w zYE^!9ONY03G@mq|`AK1##^oqv^5%|+m2zK8wFS@X4mdjm@d0eb(_xC2mz?Sva@Pkc zP1RY3dSJn;QAC>(yGGhjMH5b&=(;kE`Z7&^fx%mB`clNf_SJ*zf1zL7g%)oc=_Jk+ zoFxE?2f+;TiKD5k*;auvzBix_x4Nh=&rsU7kd@EJRdTk3b5=F9D%Wc3_Qn!)I^>ED zTWvZqb>S@OGpK$}?_mcz%BBx@7!7!ID*RFwSl;=hA>fcQP zt0JT!#9c+*45v9H10X|i*#?Qx!n1umrh~>@LMz%(jGB^MQjJYA&!}rpl<~cRb(bCK zG_6-W56}R}tq)n22BaymH$ac6y4@qKd3KaW4l*I#khW0!!wfX642|YAfJdhel}FR- zLox`+nt=0%(nXwn=Mi@rz#FQ}P&SpkW}6K73=9t^Ld!Pm6JRw+e@bE=;l$FJNl%{= zJX2e(HnrNzG>>kx0_8fNHpP&Ha(hm`%H=On%Av42r7Xnu9(~qTZTaQaB%Ae6uAa92 zt*j(*cpCNno!aPd-H~_Vs)y)FvGU{;&;9#qok&i#1*Z#en7Kj6*(SMxs=@t(WIB45 zAa$ej(IB+Ik|1+~>zBC#B@N#P#)=4QDxyVX&wy$`(X6i~;CQXNW!9luLDJ&79_DYi z1Q-i2^R6r<^66*^(x5D0Eue0216GJvK+b962O6$NHgUjs#3#>03UkZL;m5AlTsaa0 zSV$|}G9RM70X^0&O}w>`-IXTkkI$Y7Y^$T7U_a!rzig`pRRua2y(a5+n*8#Bzyp>w zStoJJ1Bb4Me8V~+%K^&}mh~Af1K=}w2(7;?KMYEBB^VwozHAPvvuVn}ar%l4CvsMf zRFci8>)zqKiw$+2fs@NsV;#~tty;a|kE(0&tQ9MF$SRQ(@7*wxly zeWX1#C{7weZw+c5$bg#b*`eplG{O)XOM-`L;xuX~#Rn3$i{ZpUQvKPEs)KEbEyK!z z+<_3lhxP>MudYWj7?LH0I=~v}6;ELfEG2ClX|mz%RjmgQ*yVQY3m6jBh^w0Cw0Q<~ zl{}}LspL1?2akE{d{D}}i%TAW=K*1zgqDL3oM%1e?*dj;62LF82Jvvn;YyfeMkXoV zQy0k9qVts|3V+aw6=ofpDyPP3)I8}?Tl2=N!q!|2;SveGUgUyNcV3-jWy?yG{>e9P z@`R7$t9O@av?@gzyG&%$88Q!vL+GyM5*R5N${NlPj>s5?~88T!7=a~d?u8fAPp(NLp5IV?o@#q{a`|OGtpaHh>qTzX;1(In=CSe5d7#x{OKz2GM@OHeb3=*ZbsZTY zq#;fZq7q7{O;xmVq7Vspyyj3EDqhwp0y$R*OXgm}^%uvsy6S2MP#ptFomtW#aq?~x zOJA0{+~PoDS4Qol!FvriMt0`)kJ^rW9D$Cv_0=$_T2Z;k%DGjSq}e8SD@3YtqUrL6 z1$hH9Xr(7L+j(e~tLgbh4?N{DsED(7$^j%h^KPK>(q`lyp`f`wM8N5tkx|Bh(`8r^ zXifv-ba8VCahNP`o@Gh`=7V~e?JH1+Dyuy(sI;?rZk2Os(<+Xy8nLOSQEau@j8_lx z)UWbNuKMhn2m_PQBT98cSUd!4cp!{Y<_1(3&dwlS+0aPiFxkfMQ60Mgx(aG~P`r*- z0Y1CF^r()>>j_HudIR^lEjY++kO#=~=po;-hUE?fs0%wG;&N~PE+p@^w%Gy6u51tX z(LVS>9t^f3H9s92clH=8J*jn|ZPi`yS~5d&SaWh2o9jK*>QTL!clH#`Ka>^mwe;*q zmCCJ#LfMpSSkCZ>=W>EbjjGz=L4GMe94v#pbvBM^QOOXjM?Chl&B#9t`vY8NrtT1kr_tUlQ*7(Rz9HuXj`0liMPy2Exf^@qor;HPs1WN@aXT-^^! zS8ugem$7k-6`znc5;CAvHn%29dbOBmW7UyrRd041Hc$u7QG+uFA{o-@?sE5n%A^4x z1CM%2{!l>HIsxrUJBinIf}!ed1~S>UM+n^J-EGsJ%0DE4u{!Cu^2SVeI!KlPj9Ttz z^Ecnm*8Igya@n!E+s;7HxW$C>&+iM?u#D?%M#|UW|7Fnro%Q!a6nxr@JLB#8hl8wEjP(gxgOfF7b%eGLRtV>MrMln}3XB0Jnz9SS+u`l5CF z=A`OUS5-Jykmzga+8#ZVX2}g9Zk-|u`2d$_97z31XIz!b&+4oH{dxaJ zdCS-A21qxf%x{LvmtjJY^u{%VpsaUiu#R2HJ&Fe(#j&cQ{N<9+ju^Zv8d_!m$gp6j z78C=62RgHVuK&gvNL@V<6b=v1+hL;Y;+|Ew(SYDmw07Aai)Z1VvIa zR}K=B`_n-l6kYS59KB;FYj@eD#Y|-Yb2cB4uhRooG@)TsrTifScb?JMJ}RTJ3RdXm z?Esi=x8o&t#;-A)?m>J-?_&T5@2<=V)&nXXML+Z|6w7*5$2qUY<*DLjq0>&mTf$%De)uW;nP? zV;D7qfNgEsE%tQFL0%CZa*~<0gFLj}V&fpU;~V+-!phj!o@+D%cYr}Y1$QVkd<>92oE4IwXH2zkR6M!jP|A1 z404cdQzlLRU^YzxJ)_1)@3cdrrDL=lVXtI3b5twHM*EAN8r)HjVt<0ZeYAfc#RCbC zxuFP@@d~6$XXv!ontKDv;$&SL`s{$py7nV@N4&Q`+ScC_tsCx@bL4&j^(i>KSV3;n z3bON`Tzju*4`2QJ**&qx5Emuv4+KLFK%rjz>(&Apd#{lUW&49 zbqM8?APfbpnmvLl4&4V0$6p!Lj><*alasmlL(#$N+ zE<1#s0U1CUbeJ9-4650t?EqzvXNTA!!cmSW;_wOiE#7phild$9u+wRp?062a_i-K6 zX$Mc7hB$3r#*wY%O?kbw<{L$HFow-|6p!MO4pxq=@HA-}4lS2cBJxNxLCUy6yqN&H zfb~5%*yEZpdl2al4rYXi=CiWIaYFFP=c$n-r_~39>9B_Co4tj~r;`(99b!?Boj5kw zu|r-3cOWC;cSUS3g-M&2dSTc48@4(wnFjAsJc|D_VBj|so`A`~M6#0vo+wZ`aq0=z zAeSlS9~@xWJ^|C4n}>u~ z(#gZ{{1_cHQfX|#(G7BfBJ6{51t~df!an41pgdS_hng~~1G&=H3`xURyxFcnHp=ws zPZdCHB*-ISp2?e&OzTgXHz-}kohH(Zp?HttQS4V}5;Qyl1I~A~ae9Q#C+!fzQ}E6= zA$+bq`ugL82Q1lV(BuZ`4+K!|RalZ3UbU4gO$bLum~Z+hOsGsc9-@jjbUQ9tZa}3Y z6ybQS$90tDO6NF;hn&mQJj=p^(s4>Z4m0bh>r2}u*Dg<%I>k$y#8)yMD-JjF)R6pM zhQf9c4mY>)%EP(B8&T&e*&tpH$T}3Nc*>;yS{D19*P)O?)HldUDxQ5=@*c&b*zaJ( zG7>cjGW2Q?!ui=DI!(wjz|PR+2+{T60!tng&~&=Mgduh&Y}f5H^O~l@bgqh<$VU!` z)o{9Xo}&A`YtvDpn>v(k*aBZpCs)fNY{GeETNE~&qv9!#GKJjKB8}tYyh$9Mzxjuw zgP#slX_v_R$~J zi7d+PqX-N}jCg97n@lHRE4w>8zL+C(Gc|3>86&+TI zU5fKdd1U!&jh$q!C`CBQOxNJIP>L4E|;F)&jAn|TB z<;R9Z`B)JSQE|4@JTk;KT0z4}mP^7%o!_H)6#EyCI>-kTa&GuHDF4U_=88~pKLXSv zA`1e!x~$`1sFmWQcodJK8J0VF!W7TO;!m*L}l(a#hM!cSf~B^t*# z#xWQ$@#3L%5aF0n5#Jl*267j}jbW!;ZaYi+{!0+*C%URlVQ$Rus~Ql7GVix>qd1On z3KT zl}?eV0E<9$zdOeWdDo zIlF^yFwG>%aPx@J{~YI$3R^F`OcT)GCz5pm`5;~2*{h6`qs&p;8g z4~mszK>m1UE~4eu_A-j&Gjr5|t}&4Qdp`2VbB*I_9>+Mw8q73^RiJ+}s|YjuFnst~ zO%_xmqZvtsUFxHZ$5zu|hj&TeDOqwu+7`xm+;txZ~>0Lip-XgzU3yNijgF` zN>bJMag5`s0iJ2(>jeNq7dK!aCRp4i%~y_;AuS#%4`W)On47gEH)z&2*42wm*$jl)t!@X%|#Ig;g4P$4&^8hk7FE93}67UWULJHt#Ygs3Fj+H zfCXg46NhodcxEUTp4>Ok#H5I=d_q;%Y7#m8@QH%srHj;r`4 zQ9Ul@$gg-O%0uKW(mhk#aI9#9FwXo0Eg$m5Se6g1@-RbUd{~TQ z^iV#cV#MVXTW#{iiZaS+06Q4q5OI_NnjodsW(E}@XHQv>ViH0gT*?RUAP{v#-W-+U z#!(e?L+Qu6AnCkUIFG~4{mE*u* zMmScQ_&uD_IL0wNFnTaFF_LmW29ebwz(_Ib@|!gA&b0<{$zYOB7>aPQ+N5|yyBAMH zL?Vb09(5K49QcDkt?PU`PO z4pGGQhwiR!>p=D(l`AigKjQjD=rbsghx2$4X_W|6iWgz*FnqYKfnpCXX+2ycVw>UV z>Q9U)t4xe$ld}5xDPg6v!h|QP%D4Ug^AX8gqH&C4Xka|XmN^U{qpI8}mXEG5ia}uv zA<{H>y<7pZ1Z$jw4?5VVeqDR3?VLW>HZ48TIwnlF+D=(!W8ECb?1KEObXpn{91r)x=B%x-ly9=d1?>uOxY^qEJT2Q{%Um z6_&qN{z3#tdq=0s7sw4=b5o;DX>RgzE_IUIKMhLtYQ{ z_X>-8Lh2Iq)DN#}K&E>2L*Bkl8Tu4VaSE2&0MJ<=_d9x;?rHq!SY8&Hv*0+!F#y8& zFlrc45OKI{k?}+MiVipOP!?iE8DZt+vs&6db$7H|!~Hi|{X@4XTHEtt4%HlduneT~ zlnmsu3I;Oj!UgzaRz`fD7A~^k=J^AP!{D&ms;{fF`Fl;(#7{<~rM2C*wYJHhjACb} z3}hj>*7nc1xVqBRWB6TageVkj3-sZ--h}+Yp!pQ zzsEq944ER_Kt@1$SYd|Ar#W>TMi%^H^_-CM2Z(Ot!;%@uA82Z*SAXZc_#5fE7?rm_ zWpI$x6QZt6H{KUAphcJ}JBxZKO$Ks_3}mwmWLIGzLCzC|oXpdZ1%xaSN4cN?GO5D0whlXLzXf*k!HaG4 z&KA3O)f!FSTBo&}x7*{Jwz!|kFnwaP8z9QD(t3RJ)>4&(CpGi1dsa!vr>I7iBM<5D zTe*IdPb|U>S~2at*EFs4Qdt+Z@Z(IM)U5L9ZA?~I4?MoUw5rAUt>3!C!|gJ%hweMi zPCjTq8Lv){+p?p@4OvX}&cfJGoD0M4D^@#C@^0JNY8$ujbU(7pn=!>EG^REMuK+S1 zxnyq{+{6!q#{~x9-uCdSl3bLZHhE%69mu?V?Itfno6y_LDHC1CZ2jj>pJJ1mid8Uj zX%$aK{K$3ZBagexlx=FLv#ArB)#Vue8r!LhTANnP)J6G8T1`jWF>1BNg@>4(>iZ4b zTNLN)ZOX(Z@kJPr;BRvp#6i0M@eN_WlH+$ynOUPfV z!QC-ovbD@uXkGQqii+i5;p7x3j}HpD@B@ShztS*5DCo!~3+%K*mipv)bi-zw*xX>v znhY&%T0v@Z`j$`sW=x)76SakH)TCsxU{KkXWBAC!1jBG(M4gncK^;^tKjq-bgvRKs z+q&J)%$Qi@T`+UH^4BU)z1#*b*N9(fvosN>$~ePg%7i9cw{5$pH^^wR%GoNzh71_1 zWqZ%Irysb;x7jmfbTG`5RBqa&3C?5cMET_sCjPNaTg6xHRh_J&x3#o6FO1dP>65(- z?M1HkjxK9dy%>1P9J_3xO;$bAWWe`QU2~>Qwi%O>yK3VW+b&+nk5QUAWs1y*N@lNf_hQzcR)hM?G;tP_oN_zR)*(k!79?`F)SAw~lrh zWW|wZ9J>dMR}3C5V}tR@I7s6m&9eX-Dt0Br%+!UO@yAYz`9uE>9T-Py!QfCnj3NYZ z$rIt&S-E5d2@EvJQMci7tKGC(VdX32?%6YiI}~JfILgC-F!E(-m|o88rcRjPXK@`e z&PmaQ!j+C65aM6obi$e6^QLl6c^;<}_7t1~J$zGoUJsq@BtP59oL9~Rq?!-)#HYwZe)vRvIlOMgrSx!>&(qkh_wa;R!NQXpTs|<#C{Q9~PCSc*3{gLPyEJ%R zMko1|fD2FDXfqCFdMMRVN-xDFf7Bg*&s##YHS+hQdDz_)7ydT2bN-B}Hf_p;l8n81 zj$>D$MtWyw!WcPW|9$Q6UwDQct%VN;#^aTq`WEW)9oA&+Jl=ZVsrJ{;Ki&47GtJty zAYy~nlMgB?=oc6k&L1&?tP%-_k@V3b0)zpUXJ|+t%&lbDMiarisD~9?M>j^X(^nQ; zd00jHnWU&qMzgiO-B*$=+K!=oN8zxY+o?1s`FDu6x3=|=RwqvKV}RjH$1t(n4f1+A ztcAKn_=yh}{=svHDDO0NVXrWgC2H@;OkEvNOo4Z z=!#Wv@ZR21=uUBz%iDpwvlXHb<-*r_CrW*r@*#V9zir&M(?0vU=i2*Tbfzts!33jk z3Sq~wOTh}!$A`wzKC`FUnMW-3V=JaQABpz)O#g`(`>Yh(wR`;Y{VVOd`l} zj`dOi4PhXWpMko5%MM$vZ8L44jWe~~o*+5lMV<|twz?m1q_K~-;K)QHFxFdm(m-jf zIQN@7-KI~TP#V|`>X#@>y~sqJ{9__uJZT$!&e?9)H_on89p zyZpjcUrV1b>KWTw!D*~%ZE0O?@+-Qgo(H_SsG}dxsv3XiW$}(H0KX^Hg zfly6LB|R53B>2}>(h-gCirU+3*@9X2<+r`azWc5V?OX49xxM|oQ*6e>3A(s7+S^`m znqBoMfx@o1i>-k$ zirmn_D976~{kL|v7)ZdXrN=l%V|w6X`-CXMc=+#eJrl@X&jEUTIdbkX3De}Hd@2(q zonOJ1kh~>$ZiU^|zrg@rpl=HkQhefDk_qy-!X-x$uRp0o;g-YmD=qOVvPV|JIK9$R z{w#}!6SUq_-#96h%Jq~Dd3`Nk_=5r^PR=K}#Ffexc_Yo!iPyx)^CZ5W)wkjAf63Xl z|K78-ny&X}KS@kdj-wh-pQ})R&}B{$SIQJL6sRBA5wOc!y7z2*+jCB~{boJ~OA=xknykXCA)9W=@)5XCHN-z3J=|wd<(0TUR`0M=#ym&O7#C zE#%UZE70J<7|6HRIY=W8BhIGCbF5A~;O(<3%Y)x6hmpT9vTpkhI@WhMqsVtAtu+>a=YSW$IK*&qb9pH8C9AF;4Xr>6G>IJ^X1$qTrX} z5h3LBn?YjYTV&6Zw&>9(em9zU{uSwzqkQxSM=ET~+4d8U{wYs;Ij8coN6~g|+i3%R z<8D!hleS>+2CLU^vh6%YK#)KEeJgGprM}1GYp23~;6i*an>VCbTlxBmII`j6DH|d+W{*tKnpRBv``JG2-iXZ@?=8_q=JF%QlH_nI=vA45Sd zpR^)w5VUu2L!i}fAZ*tp+XiuSK<>k9H`)4a+daH?%XT~WsDpF`o1vxsUN(Q)RNJ_H zN68SP+UBMP8JFVG70JOHJzI9RIBnXtQ*umln$*~253O78#(}aNOfQ);%WpPxNG1#f z@-wlS=$lkeD@LND!*5*N`RHmtSKY8}hs{=-PCQ_d-cF5t&lp|LWMnm=`$9=F=fs}z=&iu!m>*0bX7 zDqv8W8tYtHe)m-W+!&}=Vg*-%1S3C_+g%aKzEV+g>fD~PzS1Zt8K|B(!uj1$zd2Lz z3Shj^1#UUNo)xKxQ{@bBfK8G=#l=dJzb>zc^x&ITqG<)_cY`Gla$)Rp^hlRbk}(Ax z-Uj`Lhu`rQA6(+1&Pse}Q(Doo0xc2*yvP=-Wej!dDIZIvG7x=2xTkn}C_i+M!R0wj zZmi%E7Z*4P!^-om+-%}GI`m6BFzV@!X3t90C!^fO^Jm#%nphK?8#RcdFUngu6u=`r zA@F1Y{Sm}F^B6!@hCWn$T=e)!3qOP^amf!g$nSZ?N9r$)6|~mLjZK9Y=wik={KH+# zZPljDTKr74BbP2z1`3%StW{x0N1N?zX-_)?uSa7=W6QlPOn9nA<0D0g#uRx4_$8;R zcA|YAM0NrK@w)<4$18r_e8pS}O@kaw2PQqv|{qAF_Eou6QJwl1tgN zr7YT`e8ju#&O6$h_>dO5Vmq4JnJDtW$MY3@f-h;Q{R%5h|Fe8Oe9(5t7j+Tu`fy%7 zyra&`fS~Y(8 z?Ju#Ho_d(w|M(ia=e`wo*^T$u@9uoaKK9CU?ep)x(EjDk7igz3!G3n*-Tw3kFCsM6 zHCVlbVf^yApJpQxsGeFsB64|l0i+)NNedPCN(_E|2DfhR+}W4V*m`ZTO=Xic)ga_y!pa2kvs|%^6*&AdjkigSO9{VYO zn#A4q*v8GiHC!#eJb%aJ=NMq^=55ZGRVk}r9zB_+PWNXfi^r6ZcFrKXm=52zfYOVC8q(Axk{| z`ukVf1COusK12VLrHgZpKG5F~y5WIG?f%Es+Y0GrliE+a0WvdzetY}I;9gnQGyB=HT z^ZNny^WEB-a~xE!zGcqbvivbWCgZ|5{C-V{o~eXx_-j7ZZ+TSP>{Zs~R}e`5k2>OD z-y7AorRN~mEIHBI$M`u&z$!s&2AkB(Yk(Y*sy4~N8C{yVUB1+2l1)$^UTgCegvxLx zw^?~uxhu*hYTMROSMSQ?tsGVv7#*J6-zh`G9kcD`!&2hiIz5H(1rYKuCdsmV>1Db{SpLmrT;_GW7M5>5~^f&t7!Wk@inNyu!YG z`5&#Rsb2k2V;wU7ryqNWeeo|}D5JR1Uh~i2w>2`ftRh{1D$7|XEc$anU68o zu#rx6S!YnY#3O-k97R|aG&2}524Yb`x!nUFiW0$%W4Y)fS4?WA`1pv|9Ac%(F?MOf^UIptu5cGLSo_$w2P6YYZe{^}%WY zLl>Y%j6=Najv+x&ZN=&VkivV`_%IYuTiT^CLOY+Eq9#{1mwWjGC|XpyGK9O+5%t76T-+b2nfSh3|vk=i$=W| z*G{cwF;v0E2aiImR7n>DYomRIKG^DFBzP+cgGxcn-@6e)uvw_xOYD zNUb36(CXmxKl#1gqZI_R`jCC*+F3^)=pX#x#@#1=@+-Scs}UqdS4^;ucJ&F?TR&Uhmg55y6b@iT*z5&a6#gSO2-=c{G?9$n;U(| z!dT}82u+=$Pn4#MGM_JO*P!D9%sHfwAq|px1u%@vBf6Pze;>Ul2XzLxA(da-e7uN= zPO>B*e^Dh59h=?az%WUs3s@qPxf+NecC4Ul&*~61BT11MuWF> z3r1t7Myox_YBB2PG)ziZ<#h!Ja}nSTn2Sz5#?C(K0K4na$9*ey%LA*t5QhE40~guF zryt`F5&!n~2kpDRyIzIU+Y~wH@Rirqt)(Mo&5b>YBSOx3u*@hEH+j;IXjdYd?KflS z69QO;F-EWPE2!)gLY;9M$`#1MFHc`h{yI)Kh>yW7Qv;E+xxDAC~8jDDryK^aq!= zGfdpCKde~eM$*90=#zmotsom^AnUb)?BrELl&Ff*UMK_^6vLFAJ|KG(9WIzaB`V@7 z!Nn}g>k26nBd!{cRKCbp-}`qWYk`Je0%JleZ5_WmB*( z7)M9NSQ|oNPvN0H_fW4q=(^(QQo9cf{TQF zWyA&n;tqLZL2lecxU>sH7r%)F(L`2<5c&A|56Z)bxCRv>zNCl#NQfr84n-8DKKOCZ zBju=~m}*HG|6#*<`y|Ir{z|BnkGfq4#K%9+)0aoYr+*ngPwnxSmo4QZzAUX@M41Zc zsjHwA?MQW{xKh1k=v5v!Me?^)j&OO|NDJx%&yc*m5b@ZA=dt4LlF7#1WCV*&zIL>UBVSTstrq>nL-#uGgXZRtE8#kD6Yt^RkWBf3h{6Z&j@yHPug}l7}4;>T|AL`*3 zKRHE)l7UpDyJh15ZzPrLCWZ)U!v&AWw6^nEvEmb2+%(bpxP1OHp}7;xn=%lOxDdzl zbgiA~vt*E$=YY420XJWG)P*~(5cRbw%#9a#w5SZ}`Ohynih6k*hgD5Q!%_wgoOg;B zk1oJF2SK)w$m*XBlN{X0fN!rhDxUJlT@G(cRvy3qyo1VfxXs<_igl|T@oa7J_d;|g zpu+*hBOZUm1HwT82EqV?fz@K^H`uehcv&rSql)yDZ+Iiiul$lL7j0;up_m-%4;jiE zOP+E?4Zp^rAZqgC36Z}YBQafFA?|SCOhq&+cvT|uRijY?ZJ{bwjugsIvw8=KDx!JnJ zjMvh5Hjc@SLU^=Q6$x~|&uixO0nlRC)PMqLh(w@}NXxmy_{MDqL z=``4th%Mk}6J}1HV3T>|fIDo8=M_Jmqh#eWZ`u^kyl(3@e+&Vo^K4X?49<*+ll+V2 zJpaeDT})ig%_;%o#Unn`Cr|Xd$ZI!kQ(Ghef}pM9`3Kz7 zy_>DH290=L&)cwVoAF~;RL6vXKacm2k4KxhW5{!(Yqo8-tvhzwROyk&p?Hi5{h&LH zj{oSHXzuiBlB>p_bHu2U<}HcNg`#7bi4Y)6M)C#nytt(2`F973cAzu=NgVk{E((p} z?zFGdh!9}T4VhT7l`FutI;x z4BNR!9cm}-zn>ktV2&NOaBo|&VO@GiTZW2BP5nHe{Gt<&v}YW=#7^9QksC37TZWb7 z>4z?}vyV8?j^1y99XNlkui$u6pXaeKAgs!G>HYi@j~@0i2v^uzYIqxRj~ z_StKSKOD`2)~s~t1y+cMDD9;u9c{<%x3?{uJI4;+XK#Pzli%<;WWjuU#VN=7JL?aw zS?>>JGjTAiyg&YmlaIBdRPQ4jH~E9^Y#)3J5uKT;>7hy>Z{GQF1&#c9+O7uOqWWt! zXc#wKbcZHRY@sL>B_mugcSJbG0WSG4q|}TtjdCLg<1lLEj4aL?OTUdy!f>m~n+ui`^ojU`x_g_ zF5254q;8Tz_%ijy5W3uwf*3lo9yw;o9&pT``LbT_Oc^oxcG4FRd?KH|MjPv zwN1&~kH;>z36nSu`)EIe71fq?&L6KGt22MGu<=usd`8zZqczJ_}3&RdXmHJ}BZ)L4UNTK(e4`z_Xb(n(MW- zO){K~y4b2QooW;h*!F7h7=qO+4}kLHOxHg6h}|wD`RMws*1|*5+8a%1Y_hYCJlLLh z%;9$Qz6<@Ea(BuQTz&6y`^_B>V)<<0UenwdvQoTt#Y(&7;YaMQ$5z|aDHF9qoNx8o zR{P3JZKFv%e7%1A4tsFzdb{VbHMVN=7MnSJs=r0jqOIMdLRi$FK3-7TFRws6LDw|DEb)pp}5-AtR<=;x|a)W)SUnk|x(RjDNQ3zUxxXDSLC zP()QkR>a|g6>d<3`{Oglz@WJOkPJf;g9bu0AV8QEVKhDzh08WOH->Q!lsIT)ps(pB zZbZa6qjwuL+MvmKvj>B`3~tBLizoJFWZ5K<$*FTdO)Tm~53>wCZJx&&?&sUq$TbuvuE|9=6YXzY(%x&01gO z`9rVz=kJ&5g23n1_^lTI`3S|YT(ikK#cSTwsWzi|f<3xvlWmp`cuQrA^3~R9ML2Py zLh0dI)aF2DSwq6CPh z9s=QK97J4>YGZ@EF)2W$vbz$J1w#@d4Sq;dB4%@rXb_6QFouH23->UZ#KB|eHCKZ_ z_^s+(f?yZoj21>m)E>Yu3?u#shib}I1Vz3)ZZu^I%T$M@} zyAXO8fK^wMwvR_?#dYD+kFjHyF0h-IKk6Ti;6dVF-gcK=cKt2>yC;6h)W^E}nN*n1I1W z4;&5bKYx}Tzhr?{j5T)e>h;nEM+0qInLa8WHIi$BuYecLn`IlN*R@(DqZ;0fDb4A; z?}5vgyuCnNwKU>`K)AaLl949H{2Uo*3}=hDaLc*kLb>t)aVR#FJWPlUZwC2ENX$)W zv=B`iZN4DqI}$?1YE%h%TAnwkQXQFY*>!+Y5)+Y5Ab=rpCc6L_gdJM#-15*P_WeKJ z>|bR$Zpps(yb})hn+)8j+2W7%@Sz74(9GtB3dW^Qtzb3C%87S?)BBn-9ml#b^?%=$Vry+Ov;3)c#WS zFPt^Y{v_RTlZMA*wC=PuTesSVmKHm1*}it<;srK+ayj1w%$XE-`7(jpmAq;7}k4?Ua1H+fXjU>Bys-)`C27IBh zMAVT}sIwBqsYbYwKS#Mr2?y^y4SvK0-@KmS4V6PYYIz)jFQCwsOw95+#{w7}madKU zHGU3x+lp0o?E}kg*M2cXvHt-@EoE@wmnQOMJeomEjdP-(g#~ zZL`^vC&(Brw3j^XXghk*-nK|`owRg6J9M9U_Nr5kvqKjwu$^t4e)EPiLiE1x-09Y( zne3keQ`&;P_R=bMf}e9vXl}Hv(g&YeqfdC`DLrCjT2*hg>+XNZzIFAD_8rkJT6tq~ z>uNjw!CEdn_pVx_RqkXv^`K?8wY9?@Q#(482VIC&8W1q1;{pDpuAw7%Mfu_K8BG*2 z3{MmqlPf2Lz$9?BJ(Bf`ON=-~K^3uDwgstA#XC)&sn>VtAb7`29Mp<>)1!Xba; z3x1I|j36#?pxgy{dGZ7KYkm1H_;GVyU<|=o9^ZpIcs`Hz%=b_0Pn*=_TkZ|pTKwxg zGqg(LrvUi2;M&bw?SMJ6{4DLLB@3-vTWfw+b@}>@Heo`OE!}&L?KgLh?K^#%ZQi!S zzemSoH5fh`j>|u8oZRu~YP%}hZXCiT4n7&ccu(htF2tW-VH5V z`3_mMhu3Ye+aGz{>CTnnBVM;IUuBowe5ZZqk2l)SZ@$ZJc<>Ql&28GbL-nlj8#Ubc z;kM)b+6J>7p0BO>-ZEax=I>?ew`{eQGLUPw?396=VF#)$tX^kLY0~z5gRN7#ORskL z7mL&+R?d%Y+HAM4cuZ|g-_zr}MzxwvyoExYtJZIp%~-)jEd9rxIkx7=m-tzKu>XbU-O%2d1XQ>P$D;~G| zAKz$4FW%Sw^6aN;bvfB?e0Y`Lk;bU_YRT*C_6MW6frBAr)fhhj#SIbOJ|Pc=`G)(K z+sd^Y?XH!p{IMZqB|d#;vQ`F)Pn9Je{uwmYutLV@=7%4(KR@t@-6D6zhK(|kJ7i!t z+VZs?Q3zA_#)2lG8h`RhAct!2tw z+pzdV>lowDoiRaq3}?oq2{ICs{0Fj_@NAn`YFq2C0Mcvv&+3nx77KZ{aALEsKK%!w zT6X$Yox8{LrcbrWjSaSLE8A{uS7it>8myGK8Pwd==r>+?zLA?iY)5GsX{@N`YX!>} zz&B~T&%@XYv=Ze*v|D!U^tY5c=OBv1usBm>NfD;2sH{{&9?p#_AZ_qVk(^Vb0&zUT*d8Q{ z{y_!sK}?zw2qUp41KD#04M$#0Du0uvv%{u7a+^(g{Lb`spJHB=3}megWQPpo`m$FI z#{zx>MgQ3b`?HEvQ#6!^x-p6_l)ym1pkgqKVx?6e@HEeh(M#LR^zqhYAgRl5=&)*1 zIrx*{RVtpM7)2f=CyB>rJgflqr1E}0Io%9WILmMx?6z1cy7<0yEXBVf0FhE4=QySUicOIJMyvyCiZ}~{R22x#SZ<4PNJN2)=hF?1r zKf+4HXv2fD7*pEi#}5VXQ3K5yMRvmmauh}qZ<}O7ze5*|QW!x>!YLSI9K#Q)aV8IG zQ9gh*!bpO_NkwVK0v?W8)TKql2oa1!j9k>w;6K&~SqG=azF>YcPc`?Zu9Sg%Oa`)E zedAZ6G8Hf!qQ0?&Pk1J&TsL-Vou36_l#0pB1opGTB2VOHdyCM7o!pRVz_>rTl+piE zU3mRwjQkk0(pXTKI96%o=W(J`2YFK+pXde2bIpRm#{k#z|iq3M0l*e^Z)J3@(@uw~R=z^{y z)I_~vUy^rJG0NFeNb`^Z0Yx4Tf4`{oYenO!nPA{-p@_Ys5pJ8`{ z7Chuun)Gfs#M_Oes2q_NCDTt5q$>8MQ}t0BWhn<0gEbjJ{Zn2qM;=IiZF}QMyw3rhh_mdWR zLGA|;4*nqbN8X%IIpz7E3_yQzv7v4Fi3`1!wK<{(Rs%UPscfB@8o`*-AkuS=Lsf2+ z2|*!vvTDU(MqSn6QYf3Bz31YM7T|}7@E%o5{KUh!fgBDPKruL>m?L>Sn$7co^0^V^ zBCb3wj}PFFI?L1Za86G)7{ToTo ztv}@Gq=+cHM>sOT9G=d+@CS$sdJ19OKn@2Ck{CP;s(kPS<>^6z@-T>SrM%_nFTGO! zCnGAgTNLVNe#abVkaK!SeE%qz^yzAF$?#x}lxAQ`Ig8-1gVFpPzc9k>yf$3M{#YLB*MgJs-64h1NW5y{+vP-H$> zavI0jBJ?h>nhKKw;m<*rxgqgTHISpcWd9|`2GofhnE9Zhp%vhdY!&`7Ll}-&41nFC znq2|f1r>v7+&~Tml?-1D9$XZQ8~$;OEsDV$Y7ZAgmjnja9Z>=oBNbeCHKHXL?fwzQ z-y1xZ2-Q#zRs#_s!ed?cSR>j7@JE|O;|6lDh_Q;sP+pA8m_NB2{&9>x&^d#cekcYu z>W*%~jiksrc;vGK?9Pttziv`pT6z3#cF<^}oHrGto)B-KdLs?Dyh9=`R9=Zlk36{_ zM0qIZ3(CX&fwn|@;2j$Y@n9^Cqd%Z%2nB{eIxlD(yAJupED+s8S1_RC^bkZ^|DYtZ z3`FjMOYIsU7c({nT2I4!NlJ94lMy2nm#ZPhJ82W4A z&x!oiWCY<32jV+!Ao~N#jSd57i;l`WWh5Oij^QKk1A#8e=Nuq8pF8~{FS(}x>5+++ z1@)ED+dcS(4h=b9st(E(UP-LT2O=N94a&>3PVOb)JFU>Fks#2Ykw8uHe}WKA-A%2rNKjwL~sX#K2K`@O%JU(R3&|@GgF@CC}T&dv)p|5eB?Rw<>AYd*S>qGAfIyh!Z zOay2QIyJ^p5aDv<=^(@_A>?AI6LKf`n>8xe*%LJ~45R|mBM&Yz=Vb;eKi0@)3IfFC z-5qL-xH8n1I)FsyMR}zaD)hK&X?q%wG31P$7i|mW1Kd13jJ0h# zA3Vs-U<7ao8f74NP=IR7 zecF(|p&I^?DK)Ps{N-`*#|;7zzpFcRFvu?$Av@u6MfOqbI7SsQUdqNvM4|rSUE3*9 z#o~?>AslXi>Y^o-W&n(IkmPLvxX4n@x0>wZ7#+kIi1AeP2i`c1 zi!4J!-nm0BT@fJ&#CS(Q{8WRW5b+=%Pcf#VY#xUje4vut1W4#m$P-FgOJ5!zM{l5$ z7)RwG4nlVhehpx>04Es7l@H>~J6+^bI6yvnk@yg}T89R&0RAYKBl1Pw@K@qFR78Eq z7_yFI*8!bZS?J~68(q{t@_`bAa0IJJD$Usi!8Q=-uS4IPdhJN&_JehaVy@1oAvNkPynt zLD7aB$Kk5j|>%t%5+|Bbwe58R&hHa>b^0~`I4c_5KojHiB zmNt&TBlKL1hv@21E6IaLY%Q=JU}&Yi((-W%aEHihScp1MfY(n1mB&^)X{J-r{_YJ) zA>%j(1%Cb+y)onxLdV4bEGaaU8$^eYC-Ou1p-QL}U!EU-jCKeRhoAT$5M^UvMmQ(( zk`5wnG!Z<*Fy{VfLlEfCfR1DEK!*hwyi9(6$p!U7gI8}15K3fB2ZOv4{J|n5q#Wb733<0Il&0{L-NYSf`fZjH?7R86ypaLX0EVZ~^?~;n4!JL4l|X z3MunA5PlyG1(7#+Mcim3mlgi#i7;=fRa#kwaSx1zOivXQI>o6g^jJPjdq8YCF|aYM zAUbi7pm?%BJs2X3QAae%5yB8zAfl=(X&fbB8f&G_1`RNNDw$9YU#jC41W;@kfSf|% z_#;35ks{|8Jfr^d`0$4;mHasoHx}rv#RTGl0wHs_;}|;79gtqR7I96Au8ySMh({^P zQ91XZK!wqdyA%D^k46%FsD;eq=m*_aD;;%f_1M+jA#>;kvd|nqY{9;TDu zM5nm&?9l_D3^8CK20+M;8*?GzapU-4ED&YU~44H5%fjs2|D#cf$K<ZqY3H=b>fe?in;-5vATqq>7*kgZcvm1 zd3-e@f3)!_Fe&nDPhW%rNF`?&$jZ5^VwlBt5Bd&pLO!)a1!?||BLiFO8eK|iYSK-v z4lTWkkSDGXCAny4P>Rg6Irg-6 z>_&9+NKbc{HEem@>P0m*HP&6Dm85i3bMQfneCJ))(P}%V>}{JCpJMIJds$5vH*5ql zC8wlM{2&ik@(%^&9PrnFaVN_kPxL+2!49OW zPWsXUang#LtZC&fR#TUrgY@)+4_e|kwCmbiZ0EFvwqeQX)-iF0)pqt6$Z|wf3`D}Y zf4B%9gGF9fscaviid;A`m?~kYmG_5{C}Fe_?TSebVxpH&WXj~;W13J!5MMd6YgUH# zB2SOq*Wc1d5qUF$*pyNcM3Y<%qy_T~)rQhoqL-QPHJ(E_8iRpsNUbfJoD8HiQIydl zsR#YF{YehSQMU|ajSS?(<*6mF0Pdi%>{;y`Y?brTB=;QLS8mpiIaTDCgr)uSxmc>RcZ%%3m?tt_HFr zNLgEnVoRL{L#N+$^f-}sJ)zE?PDmy)`KyAYR5(MF5qVK+z>~hd$j=+#GJHH)C=+$m z;QYm$d7Fl-#iTG=^hLoI4(jumg7|Q5>eYv27%j5PWMBk*wj~@J@p)IyL zvvJcZtKYUpb)eg%3>nD9(kMSoBMBH(vW7K&@~sRCav}Ef9h54+KToA3x}lErl&$EJ z-Uh53(RK7$47GA_gO+%BkryIdo|kacg`X>ALlp2rilvb?)E3XrQ~-tZ%JOXZ%PSrX zP)P0q#2}pW!ygUK^AfHi?&yQc(4=}qGIWX9vW7UjOpHoE2nI?9q=nifSeJyYLE!GR z+v!o841*8anv&5Z4YyZ&2t*>l-v>lS$wE)?SFl|{hFQ)xSmns;B)vQgh^tgKz{MZi z#_#^CN327206TM#mLhT1bAcNPEIHi$`AsP92BThq+d`bcv5{3hz28Y#FIb# zIrWEJ=21a0J2au{RCn}8RI^(Vf)vzi{Q3n@z3y&}{uddf7ao(w+pA1YfB}OJV^HO3 zrM&vXg27$ssYcq7pCndjjj~(~3gh?RFY$c6$>$Vqgv;D=KU9b7wa8B$vWyLKF_1|P zbyQE5gpw-{|9$l$SzUY@s2Rir)_)c`eai327|gsFHe&1~e-5o6_mjHnG(PlC%Bz)9 zeXEKdMO=spqfnj;3WEvSYy|x(|N-3cR z(@H99OiBf(3=tI_5Me3?5kD9pR0tLz3{PBuAKv6aJW$vuC*sP>fH?M$m$tg=o#Uy) z1Y8R0?hxN@zYzJi1mz;apfIG&gG96o-uMgtco{3m=_^Ri%TY)`iHu#clNWW8zn6F< zxUo=d6eU9x>XjM5g-!zeJQkg&jMU3Y0Y@>g3gWMiNoDnUqnK0*qnWCJBh^8{9Y6U( z1TI=J=MwxxF?j>dkV;fac`3^((dRPTZsvkkkyfL!D%zB?rE+*6@;*_3++d7l_M0?l zjJFQEy4tLxz0L0odgoHPQjw)Y3S_&@HrpShR2pY6WTiugDkt4b+2|iusJ=oh8V*15 z5QKjXW})#<8xx&g$#cj!s?il)tm4)7o3rV(%}q=L`mmq5_Bfx}c;__KR1@IS@k5;Z)xr za(?J33nMXdrZXTZpsa2#>@GgZ@{_eEOEGF0;8-tsl$GxbMiw1LMi7S2TYUTs()u3m~N%NEK{n%!*+;k5oH|><;r; zfiqDs7zj}m{uS7a2m{HW^lmApvANMEPo6Bj^R&NKdTs5tZOb<6?CMlI)xN>Dr57kb zqk#M}x?M8B9h%4yJ0Lgueafw8B&nmnCad9=5;Yt@@pkf5A9@H4}rJF6o& z1jwC@b2-k37-el#6b9O}$-w}7({TgkET0Nc`@1^3eEv+FIMJFKoBYBSsGB`&<|Rop znh=_3?OH+NrYlXMP>~xlxe&@n_w7m^^d!oVYU}9_SaQ*$j))s7;6Zg95v08(X$r-G13U*k9acWBNLF8hX)TP9Y!+Fx4N}b z<;D`#_z|M0WDIjZ**(9r86+r-tboGFfpF5gD2)`tu8Jr!yyiVQ5bc-S*wAS8b==G% zGND*Of-bEfJ8j2~9a=%QB*WrJ3(mAvEp(|r*ia0lLkZ!n2FeDJmtmP-z^E?2*bfKr z2tIMuEDZv`n+=s3)*F>74q*c!>_~(JIp2YJM!M#euOKH*_73cp(Pss@b?a6)W-$pz z288I60q*n_q_4(D%yVo|5{ngNZsP=6!ES`;TK@EE2dOdAQhR%Y@eu_`4;N&W3;@5A zT&y5@vJ5i;7#A9B`4{^tjGWDV;t6}5+ z{7#_ahWZcwe1oI2D63X#yDnE_J@O>(RsJb|A1aUMAN=#U;ZV*u{^jX87616}9RLNg zF3a-{?H`(hr~>_H)`(ZCC(pNM{YwfF;ecE(Lga8ALA}!1uK)~TWPsu#N_uQpDVSH% z9|gkb<~-pS^^OH9D56}fl2)Wa#&OV7{9k`i57K!UNx$BTC=gmL!W;}1>wh<=^0FZF zU3kVnFByFU5l?B#`n6k;J_kj-BIaSmBMB=%Pm@bos6RxyOG-dx>*aFe&R;)+JQssD za)&z%IKSNp8VYE_2%3?APUsPOCV=wk;N%^79lHP(WW^MD6o1ee<7Hq!VM1L`O%b zOM@KZ_;Utmvr9So;%=9^TeepW+;%D}!vLZbIuA~Oe5LEL{Ct#>=Pr5wf#cMunb1`yA{Y; zW_yUr)#Pn~01a|dp)i1CaLW9Q87IvP?*4k-CK2HZRH^{CAU|k~a7Ys<2~tLZ@^F8M zd{L&LLIj2hH&Y{*1CjFVudnrzhh(k!-N7{>I50^^9%+}$n*9Gydv z=7v-*uh4Uc8H4E0X|exTJgZUi`*c-2Mq6U57WGc;$VU7-rOLidtME`E?s52 zG%!;dx32IfqK4q%OnVtnxhCSt0@VpGe?HD%0|cpjUjiXXAj*WKK>_?!0O4nRXFGyC zYbE4WjiU#Jnq&NAAO)?3A)({km*)}X<$N)!j5#SKm6wm* z3~my#FrXEQGz6r4Zr(MH3l7N*e;|xvg)|@kdp>Ak`m<+2J&<<-W)8FFCxxOwVJv<7 zk%DwS&)2dtbjYPIqCe;+79cUuC|c@2w`N7vrT8MV7;%@cLF9J=iKY$_yX7#33_6~j zfpo8Nh0%C4TD@L#wu^R zK>pA-mRRwnR^)L-154?+q*D{FKvae((F?(9S0jWG;rK9BhsuPY~Vt04ak+Cz??Z z7g+yLLqQzp5FcqJD$4YV6Ok`&0_HB`KPQZ-8&Jlo(jf)YAI141F{4;Gc87KKF$`fW zi)E@CM+$(LqlEK#RTK-H$WnM&=JW!xkex)_U4^VJyi8qm#XK&_)Z^?rRM3M&YLQcX z`!U~sx=e<0l#JbRgD8zN*cc47E!LeyHos!~AXC0(xpbq?I=}H#yg%z1 zAmT|^fGcP{Bx9+dU%6EQ-?hXb*2xHR_S2zJ$Dne>`UoV0YOPgGepAUAipp2SPf*Yt zh^CEslj=1;dp^4QgaD#4$b3AB=z7J)wG%(XEGSliEZ$1Z^s$stAo3IxAyg8%b~_|UEUti?8a0E94Xboy1%>##2B;2%=@1lE_#C8!g7I<)%^hd90SY56 zSwz?)x`l3lf+wYE9Qpm`jS{?(3cGFekb9ErBRaMP!G%JdQdTk0H0l^1wW^erW35IN z58tMz8sP`2ybmM@DWCwny}~Cx3Z0HEsD$3-2QZ8NdZNGwOhGXiLwx)LQ4F1+N_onO zd|ACb#1GOlr7~uI(N98n79~@JksmBDd63&h2tG>ig(Gg%;jAMNz#p9OE8PqBV8C7^ zL(o`5g0Krk50Fb;2*;@N%_VXau5Y^u?}z~Ym;gQ?X-QfDAKHH;$}$y#Ies=Jng7(6fQ38Fd~%X;NxNRc0k;RfIn zd~^Sk0MQ)OQK)3}QS^Z-@CWyWF{^4U5ZxX`bMoO(jmYPI##k0timyVEr=VEq@tLxE zUqx!1vLj;ar2;HE_#Z`a5ih7@D2og}_sAG1bw-pV5h@yqade}cf=<;y8vK}kK554e zAvP}6#wr{Yv6^l`Wa-{N%pyN$y*&#c#mkA%m;j+5P%J_u7Dka+v{O`#6G0KG_j2+R z&G}=S7|@BV3In9Y&M)gO&y!yHij?3;4&b>&q$3%c5=nEuO(}6>rOCE}m1BC~B1z$r zhyo!LZurMBFk+S@oqG>yuyUN@UGqdm4519wn?p)8cnFP-Ix_N!uL<8IeoY#q7)yq= zrx#U}k51QlK^V$(b0-yv)uh8k;}3lnvU;SLD2{i&BMPrvpMphHFXa6jW%^_q8DPhC z$6b#}evTNh4}NsUSd-PP6S<+(&aqbhMkO{8UoZ$hqYjuNT zA`IK<8f76a%A#oh3?308H-bf8f4)&fc^(L_75UW=^3o7hLy?e=9Qi5WE5}HSVL~`} zg9twbKr?d{j4JXeL?6_pZXih@c9$S3DuxPAGq^YW$y0=T;(AlH_<@LWygOZ9J`dw} z2?vJqF^3qzr8xja|G_7x0+A(V1t_f~aZ8|(&qfjb2NdQEvf%F@?2tE(!zv zO^7!(BJ7DDswqrdyKGOVh-FVLM`wQjBjxiCerUItUZqX>A(s_|I~s_g4}VBVBSEor zJlf++Q0%gK*P1iLcmm&7jUsluEQc{yfMVW|B8*L=;pC~Q=j>1(e?m8|g#rA96b}6P zaEP!EtqMdwD8f$x#NeevLM@|;U`hqaSh}XAX75i$lQLF-cQQPM5mM!>A{@my4Y&`1 zs!D{iKsKg)aB2c7s!`kChT2AL+~27D^>tldj;$YO;wXj> zOeaB;6p$mT2A*Fo`b#m%gGj{Z1WHVL^5e$xAZOi^0+GUO^^XRM$Sr0?r@5*GQt$@# z0_-X#j1HW&>fpioPKoU6AI0)OzSfRDFlr$zl)O=U)UGOH>4mX zjU2SU3=$FR%|{-3D&Z=FAElyDe*c3w4=cidx<+ws7|AGNoFFt;t5*5pM;CDgNZaJN zb}PZDn~8!7kP;<&p^6M627FZ^?TB4xT2b?p72JH4a2`ggBw0=IdNYH7T`1pnRhJ|K zDMnltIPWEQuKRF@j8HPwB8$Sc{&7@s#Nc7I-NGx4O8i3-g`fPMCL-Ruf%GB{0=@)J z-UQ;qlDbAPkN^(kB(5mj2VttmQ9`Jz7&}!}H!MU?!x$77GcMJNBGngiqX78u0oR;3 zuj9j{=^Hkh>VuU(MO*uT zI7+3m+?iJGnxyG#;dLU0wLh0DqFp7#L;|I{gdysX>^YkRVwgj$8e^YFDuh3qJ8ZYL zEv!*LA|E@!Fpx!#zNl(JhYuvfxM2!7)pK2mc(cy$C!jz1(l4o!TX9^7=tC(P+d>}V z;KA8AF7X&lcxP=KuA7OE`8m7||DIEKCIouyhz_(_8_t7~LLyE|l<_-JpMtE5x}#bG(h zaGN5&EDSlu3-J3#>|&{yYJI`x^{2R!k4WMvuYVLFp3xc$v_C(n3VhX|@@$Q|xa|A(wOEO<%G0RA?A5ZJDG1}19+62vI%U=vV+0~l zfD}*7+(3DFWbm(=iX~IpZz8Z2CsvAKmE^h^tb)iF6R!%89`btyzKmhjNFmyv>mcB{ z3j%T#RjZ|2t@Gd~AiDiHEKV)^0QOMD#G%2Z(I1Z9+(_aVUyQZ4Kyet&IO^kkvO{%a zJX1t+x;txSr)raNR33&9ZoC)5xWqdwsC+r4RjbG=FZ_YrA0Q3^LI^LXNQNo{BNb9C zoZU)B&fM5hYA`4<9LJb|iB>){qj!l%_v%?U08D@WrIn;VnV<=l{#A#kkxw4aDG%p& ztQz6zMzG*ms?S}J_kZr+(;#E5na(7~X#3OzhofqE$qg&Yto3%7~1+z}~&+yUYS)4AgqdqltF!yxyQ zUKp=pt3j&&pqo0oPM2=Kp^E|Ze?7e(hZ zOD#oRDRFS1*{GmG^Wno~jBTg?GyqGkl1Uq^zQ_kBm1BbX0btRmM8mtt(F?(z>iQ%O zA8sVGI{mv2BHD-=BhFPSB0fD*$VnygbJHdX2OrW)7KP}L+ardFqAcAqWcY9v0|vOC zzo0<5E>}rFas`#cGmK-mf<9n!_iSBz5T+~oPMysjhW(7c5U(I-hTKtRw8P2=R57Y> zoYG-BdmtYE#W?c#3|mqRZ#o-{v9OEBL?PbDdUp%!f*&zABhMK^4@H zwxSqE4=Il;l|YZKLGJGZ^231g5Pp6KJ^etN8{r~HFBTzBRldW64;%6HrqDixF@k=0 zpfCmxSpw;t60tR6M7~N_JgZHA6i7s#(lH@j;w47_@f%V9gc={^s{}xjU+8Zl*Y?n|XhpbGUl8(b`t{^Mx{y zoY8SpCGp5<6u~g7M4;SH)e#;Qh@p&5x>3U|$};BtHI+2xPnA4jOx%1VPY($C+{>sc zr~o1pMpFE=nq&vyD>21F69n14!JuS# zi5mqB+Df@`B)42I#GfebS0fQib_^p@I*JzbQTb?zKaO1k`YSpd1Ig;I=zR5cy;ha} zT%r2jx6b&9lX2w3BK69{&6ge{J4#?!#n37rVmTs>s&oG+1J>O5;B2jrJie?cDBuM| zOp!sMm}lj}M|2Q8`{hgd;GvAl=XO^_kzB+Qh^(48dT`13qk7!X$xqM?Csg>|Bf>~x zG>Kw#5uFMY?g$Yku3vbiLYf}wfn8P$p5lj47{y3sm5^`Sh#yon8q+80B+B zoq+VBNM(>wnf#8pGGZhPTS>hYi^3Dyjfmz&Q;Sx(ypc945VHYCuOBIDobw1z=*1s~ z^}(q>zH(I94JC2pik#zkYGYJ~YXUA`>C=Zp#4->HI(BBU20sSZ{ z5cQM;nJQYJ-oQwaFRi}Im{AWD(cv#gE>Be`lZ<4IR;k>uVO18!8Pn;AI)W%K`J_EKdGEfJ1wcF)YU0Ozl z=p~RfHTNk4-#zDj7h?%sge`Par;g{H$aIIA9F&SwA|U*EcpT#xA<73Rh`1PHxRIwk zZ{&%1!c6eI{D=S}85ayoIa7i`f$-->y8_}4t%JMG9vFtedEHe3Ur3pYm1NvP?o(q# zgbtx6i@~HVfkGYZp1rR~!}ag9;a3FP>Uh}!Dg~mnpD*U0F(W=`9OD=v7-BJ;@CU+H zFkoZwf(S=`_J@%c6Pk1|DnpcqdAj@oZeM_vDl0$`QeC~OLzXH=g=oZflc+!{$KQ-Y z@U4cT&NPvU7%Yl9e6^~!sa;*&{%Ce@amhv<2%54!c@VlS^u`M?rFCDJK1?0~zF_P- zXCm1;_+c&qZq-EYoOTV;`>1_UEq)wNU}*gD34R~2a{T#1{7g)STt0vSLm(z?J|yu+ z+9&~5Y_8k7I<+I!_L}EV05SpUE8uw*=7DC9FPASvtBB;pCJGctl_pdv-wT7u(+51t zC3Lk~XD99Jsj`INi(B-~lLoYf2CHqQUqWCF=<7g5Vi;LHLJ84bjKb(4Nh%?IQD4>S!W5A2$p9Kk zTZ(a1%NKh6<#5?PUonzNahSujWq^o{RU=^#X}bnt6x-U`Y{!lrwr$(C5^deO)wXZn zZaa7G^z<;6P;Nkj#*OG6f&qpQ{p9_mNmtwY;}S_~pR z2C?~eWz#$KSZIFiHG%LLKMdN;Su^dlXPjowf8O(L>C&Y(WBLq_@96BX?c287Ew|lb zS6p$0-Ez|{ZczR0j>4EQ*)S;N+qiL~^K5Kv^z_KLC*w(LAfar+`?gx+u}y7jYHqUg zp7Shw;~U;=`ya5sb!lAw>dIf)fBeUP*sXWo>PC{EMDPu6@PijX9mIifi#kRIB;>|S zyR}R2oIUztHshTe$R-)c&Tb5(41Qayb!Y{ghFU6sxDX~+>@>wx*5@NzYf`d)jm%~B zl@RfxHa!c5-Hj5X)_0gJD=?B3L47$rK~OS~jWUp2&@x+4bMS#OkSL<2PDVopa_1Hq z6O4XWB!V537GtM}}=FgvB#euimA|~w9(wR0Tf2I#pKFm9L%Sy%$tRtG z1Tmq*6&S3o?Jd^W)M#g&d6vEJz3;O_4>?S$uNLpmwzhV=^nWk4kAD24wtVGsYi?>z z{h#v!Wqd~uye%W+$hj!YRY&=-$qi&fL$kHXujQt7s$K0ZZN0`Bv#MkYF^oKe=x2bq zAl2a@DxY?hKwgFd)L*_bFovMsfC2Me#3DjFO8+2lNUYUGRCQE)6QS(WgK2413qR-et!g zeXKgB+wQ&hUc3A5yY0RQ?(;46ygBpifMo~RL5Cb<3$z`hOslTeewZ(?6=Na+R+enj z?!5a>`_HfZr`>e@P4@WXkE!S>;ge#BNkzS=H&)kSv0^*7kW2@`wTPIt%H&i$hXn09Jh zbyyqYQ--h7+%6f&#tBy6*sRr~GIjSgkZ@xb`TN$QTHfL2c}h2qS$~FMqyXrzUF0F1 zDcfJZGNAjmomz}U9lfA6BQl96r*8d%I`g4OxQZO~8!NUr?%G`#z(5u&NVSRyw_}I4 z0Ud3Hfh@M!w9ub_u=468$w%qsBULl3rRp7BhZHf5TvShd2_5OK=nDYj(E5}P+~p6#azH*2q1 zF7|!*-)F!7-S6$2-}|_7*5xeD<+hjCfW}p4s=lqC--Nd!mUh8Mkd`ZZMXeDbks-S`C z!rLaJhuy1GW63}^Xay+)+2&tVkb%?!1Oq8ST}#-!w6*Tm22CM;bGfurD>z3+2vn*t z2l>e}NCQdT7zkG9bLPzPRWG};1Q;-`ID?do;>ijU)>Km!Q7@S)$)R|TM>sNJSI0b# z-QMm%{|53vtsp(Dt*BOxJ9ccBVQNnku3L(U14}m=Eo2nJKoSRyZo}xb7Hz4To15*Q zG&x@Ns#m)_|Mu_yX5aYwH+%&dMgd|{cC>f+nbn-xb9};V+rG_Li!_#l*NGD+CL?;- z!S?!Bz21&L>3EwkVS=w%uKn}1_Ms1b$ZovhMz6p89AZxZ?cI|NB$KMMz0)shLp74f z-=%U*lPB79p7U(`;QK#l%a$#(n{TkAuim}rHE0c`Iqeix-k%F$~DsV#O|L3XN*E!Ni3s&blZ zMP4-JZ?0%jB9B5@8wiHI#AXd0qmzTS?uiDHx`SAKH&1AGy%X+*5HE&728?P`V}m{KdFR<*z4dKc~o)G@A>(eBs9@$;YitX=u5Uu&FboYvR+1aH&WjXK9h z7d$#9<1b^@(N*hqi??noLKBXkF0I!Jvc9QayHoB>a}ns2tQ~G3We&-x1*2qEeqT#w z6SHK2SYif>_a!fXiT&@7{@14NHGqN4#|@R|ji-9T-3xtlOiq*WhEeamap(= z921O#`pHu!YxP)bv-g^5hiJP!WyW-E$2Qvy*I)0?Nn&_0DDY>s`Lw4!&0hD~*J)xt z&sUSb`t`5ubK1iF;rD;=NsbJ;vUVrX%bsc={g^|m^p{`way#>^Gi~PdnWfbn>5foi z1ZjiZ4wa?<=(qi}rRI^I-(Gcukr)9d_My*V*^J`#oE+d_}3xMz`OPR0dL8;0_ryzS;x(sx=e_vQ8_=1{waEZj860 z-9Tyus>0j>@7B1kk2B;rZgn^vDaK2q}`4x8H0SDUq z|MC5H%{ABfd`f!Mj#2&7p^H$v78>cNc{SrTM`CMS>gRqy9tYlc$4z+MQ#76=ZP+$zwj6a6FWo3?wyCBbm!3z!;(;w%mmA z_a|BOHhD;^E;&kc1EvZ0-S2+a?^@q?-+lI$x4y-$`_px$JI;|8g(LSN2OnY=yzl~l z{AbRr**16fY-^l2!CH2<*oqY^Y{U8ucE_D}*#BJmKelS+s?rtm=%bIeH^2GK_VSm# z+}c{(>?c3@iCyyHOT5g4=Clgk6F^({R0E08nlWRBee;{&w9`&Itw2|F z;qG^=R@s&_8F!cQ$w7PfL<7m-!a%Yrxbn&?eb9gUGoSVeQ0gs0b;=ZbnI^~! z&c8qntg%afeyM%_^PjUn>q2HmJXCrdi?Pb%UYs3s^X-+d ze5Fq`b^@bsAXz=Kda9ADkv$OWFp&JHSrZ156{U1l7)X93zk}B%WgOGz(F%rmA*M|h z9booBME5(xD4T+5Y-n z@3f0wd67N($Vz*7`Es8l*IavzA4&10ull*isOZQ0~;V2UOr+v@|8w>CljbtD*g$owCF~jg-?R`Q> z9#*+0KJ7$1?6AW;A6WV5O8fdZzV6RWzWZJ8w!iPxfajxidO8lkdq3*QZvFtmN1QK=^~09Q5V+=bvxy zQr{eW$f0gfKl#Z|+Mlky){Z&uSbO*1|Gjnt$J)x3EA8`N_`E;Z-_qLRt7jhT30~Z& zgWu>Q#v@}@{ja}#(FRXG_bS4RGH>L%0TdPCPOU)Oh|)Ort#yu=8l)GM;AJL3b$=3()2m)jxGlk^$N0l_zxxqzv&Du5g5AXX2d;J?Si*NPGL+-mbV0+SzBF?L4_a0>(ilinL)NZ_hx8 zybx_K`p?}U^bty}g4)PTUs9ej+*nID*HWZE7ezt|QEO0^NL~$qWN8_^q(wLPVv?bE zSEE1-;bV_IrkHL!RFi1$z4!LCB8wZX#fulaabyw#&Kp@>eB%Fn!oK>IuexFU+E>43 zANarr?BgH*xIJ+H1D=nnn(ES76=3ViD~SL7hTpA4JwHDn?u+LxJ3nJOiGRhtP<^1z(e!f9P=Hl!-QZ`edI2KmX~^?fc*TzU|n& z!{a7T6-}9}of#iMthF1iy}>^5xzE~r)Gx1k-D~WhzwpmKM^8ER6#Ll6KIS_w_^{jC zqd@!16^VjF=l#H6BlWYXbVgG2mp zfBW0^na_R3et-4v?b4rJYTx?SxBQKom}p%6ZoA_)yYsF)o!2qP9AitCE^*@+tJZN0 z4!N%Iqd(3JF>)7NaDlz$&2O<~OPBe|kh__z-p_c(8TL1S^EY<#(@yqBu86(5__XW8E_^76Q%WL#^kLx#?`+LVfZmEVsgOCVhlZn%`_ z)|Cu+xXM#F7{q9RP$FT5ffo`fq!j|^e^*{{rQLV$eIEC;lb+^xr~wa}f^Azj$rx^P zKfoBWJ$~bx-e_l?bC%6tFyAMq7Wdjhtku@w`}W}vf5<-b+0WR|F8`Tr-?6>4isamd z?Z)G)9{0PYJaCSIjn(6@w*}+y3mVTyp8MQ$?VWFXryX#>0Y0fd``ORhHGjIsjy>U6 z``f?$TYLJ`o^JO)aKHWE|NDP^WywV2k*+a+0K6&~qv`W_+;s8ah=u`Ui5bV3&lnZc zp>TXwkTb&lf%KSFK9>uBwX!S(I4@*;zy5Wvx4(MxU-=pSn_mAW`-?aIh0~kf_$GV9 z>)&9nd)@2YzyH$xRY|v1{uK*zW@F9(T{w@7A;<6U;W0{?ccuqpW1=#u;Y$D z&YpMP^Sr;gAnuWi3e;Y%9Q;zEKcyfqx6dL=Ed^LL(iRlULeaO^WFTH)TnwlyzUU3< z*zF!wtQIg#_ug}_e|Q4$ATU=YSGuxd z^d5fr5xet_yL<}M#G&4nF80yXrSr`Q+r2 zXc)&Ze7JNh6O>1SxS_)ebsQsrRLdJq^x1jmooDa)`}f!Z2OeOT|Kf6c@B82DcQVgC z_gwF*GfqFlcMPmZe(-}ISbJ-Fg>-Dr7^@+T(ew{+H(IM-?X!IB`?wnb#r$w2CJs&= zwHGTw1(!T;(acy02FNlPP$p&-Ji-hE;)18|?1iaQrutbtca{IoC;pGUv z_U^xZcMtvDyX~FtdZ*oR;|*Ts%U}6V--&J7w9(Ew>nyD#FUL4%@Z1OFe~+^ZQk7A0mI0jlS~*lp?Sr z5HHpfA4U}8ilKB+utYFb4z}Hd9dH*oh~cGtj9sZl5QS4+D4DG?;DZvIH*a=7h7ID& zE>~!kdG*y-_gd03v3TJ1oO8~xH@@+W_RhDz)3644V}yT*(HN3U?B0Y-LTdl zJ_ciV#`P3|RLfBbZ`iOpq)+a;>n{7ZfBiRqkNWh}Pxp)23CEw{cdI}De?Mt~HK;5v@t0aoeHsiR@`%kmM*v@8F@bZjhJ;a@ore^f(B3L~rkCw7QtKr5ilu zhBp=ltJkddCpiA~i~nk${mf_WGoSuU4{3Y-h0lJ$?z!(Ce=7VsVU5xJ{Zp%Zn(kz`JeyUe)z-xvbF2hdRjTydM{eM z*v@_SbM5`w9{kO_-eqSz^9-N3Y~}NdT6c2=L6Q4^%(L7p(k1O@nrCjkSGA^N@?x+0Q!L&OGx>`}I}7wy%Ee ztF~?HHov&Bt$y(ShwS?6Z}3IMlKq!z6Uld4c`KcEu>wzq5~GvbnUIULFr>tj2Wt>v z{1EX0;-S$3yHdW;17$2opu;cn9eZLY12@mY&!*jvDKWR`@m>5602s zxMGS3mp~yoJU--RmyFSTxc8ujpP-CAL4h=H$eX@E!dVB;*1h+=e{Uan|NH!K{|Eo| z1H0q4J8Z++4W&ng0!=cOXPy=SoL#>9 zm9Mt1{pZ*08K*wOZ*>0rvY-2l8XTKEaQ{7a-SyY`oS8XernrhZ4bg6qEh`Vkcld&c z?`X1?PGBtsNYh%SBDG6-Y2wmWf;RnCC4)?>moZU!3)y&mipl+y8d8NgG z&x_(F+2vPWZeRcQ*KO5ft8C3Cy<*71OImW2Hv=?~+mK0ZXg&rdfmx`d+a^t51A|6}BT_N0v zO9@e00(ghyTmgci4Z^jydGi*J-FMNxHe<&0;^4PdMQe3+>9m6nKG-h0=puW`OJ8pD z=P&e|FAv`Tfc@;UpZVF!|M~d;u@8OtL;ha(<1(UwNfRg8@y8u+d(D{TS4bu^lapsE zd6o+iXU(2v(^V&FyUtLij(I{OY@Bq6P8aR7$hX=2W)Pn!W5xgfzViP{4}tp)8Ld=? za<_U+R+yTgtW6lVd~71So(>M=&xbU_m|>$hK4~V7J$axq47T;dZ8@S;HIn^+iyTjR zeE)~vx3|CJ?f%SaT~nR?;%C3`yWrpW>esElx!xc6f7jo<%l`F?U$ULsclhM*YSW6* zNqW_84{Y7CS#!6L#0?Qh((&GUO$}~N(w*P8z=)ztSgWVRpPOj7X@yytFqqVqY9B15 z6pgXLkH|7`0Sw(zxn%G^G?!PYu;A?9<9EN<)05f#7)dF-Q$$%eq>M(c8imbgv%}}5 zcr%7ywBr+Hv**m#c7VIh?fw;*h5Ib@?b?^W{AK(4*S>CVdFx-<0S7GAr0n*G#(77S zRUluU{_gj_>mSGsu&vl@+Fn|HHmH8pr!a48T>Yo3Js%VB?6c3dBab-Jjbp4b#}@E+ zO+I0Pj<|E((b3_0MR!b`fB(0Cw~uRO&(X%KUiB(}oP>9IcW&S5MwEP%87y(Mf;%#x zYX&BKw87TQtJj$Gb0~EM6N?@h?j&Juu$lB-6l2GYf!xxB=>d76!GKS7^c(~Y9<&AO zg+38|LH{rxSmpDKF>{J?M;>#ez2eocu&1B;bn9sA@W=38cG1f`?&8;8Y_ECUYkJYE zU-xRe@S+RtwXc4y|DKdHDLoS!hO&|tl&3~@`jJ~~e?@HHWiR-`yFn? zl&{kbsiJYop{nDCb7iC+8CKs@6mifkeq3xGeq66quEv=IL+L`H3;D?(4h>`2;Xtf(}yxtypWTj1;I^B*x_BdOx&)%9GEgHn_cEGZw{#Z}oB`b|BjsS%XclhraKu_q7_vCRoBKhVwzG;8=w}0oy9o+ro{b`Ox&^tzs2}i!c z5PZX>9Q6%vHOYvK5y)udWQ-A*rUb`FqzsF726)0fO%6Ol9BgI0sVkB}f7K#+o_DaI zWxc+G6wNP~^`}SDc&emnLX(%_*NjUFzZd4pj62Yv%SA8w^(XwH_lWOQ`|$hNAdFv` zd?l(d^?8*tkp6{b)<>b&a0bzsF;2r4L=tl@(h*W$CsXXWQ${wAOHBr{-t^PHTgVD(-g=hz) z9gRGGvyuPF861i^3s@L1zWqZF>NBsw$Cg&7S|#vd2uH@8JU%BxL^CgvWGODKgLx>l0owa&5Nb=S!bW+-|4*fzI*Na-~YbN znmfzicH;+TUUB6Ww(8MUR@d0y+=}>UvB>j=A14bV zTq&qOMG$ky5sLS(;*uT69w787Uy`NY!}nb)#j`tn!WhcEdjZL#P2ySeXs-{0DbhnI_QgB!kgzVmN< z(gm2XoOk(eUDVe3L*J9R!Bf=3Z`=IW4}NH$`1B`i?Yecne$WfzOFx%fa)}$tfB1)g z@Ykz?P8FzHH=?$HM&5CT**l$j3e*DyDQE4jzK!8 zuaoTc4c5?D-&2gFu>e;=sJ=9iFosKPv8k8W-Z7Y(KPjEDLM8%aa3d*?99^@lt+hi2 zZmNCZ3;*I@fa%l~_=A_c&%UA6-&$SuX3U&pFL?g>_NrIC(vCUycy&-Rc9p<6#EM6j z+vPv|xqbOR|I;3L;6Y!JMd#3N3?v`k{l^ddqyNAc4>JGzzyEugfsEmZ;Gs>z#K&-D zW5r$hT#u0_FE=>ssRq*J(1b&eFMa7t?VM+w<3EZPpUfI-u+{#l!`4eRRBg8@xw(Oi-62PvP*jJd*5sK-hZ$EU>c8Q^=IHPE3wObuwX98mx&MQbjWIjj4eI zQ5P;8Sw-^rgddU;mTahp^cbHEP8U+(>f6$~(_ZtM*V{YZ@h)xGmipE1^Pm5;{r8W4 zWb4;&l2L556HYk6E_&swwEa57=FFaJ)263yJp#_G_$9pMD;}|*{_H1q#V>wtYu9Yh zWWqS|r5Pzo^|4(=2fP>jwzs~`S4G@Z`1;qs?wuHuuV+TkB8a$HjZi0Pkhi9wfVWyy zEgiro_@}fz*+7QNMP%$gK~@>m%d@UbS|%^(YaEk|$+VzbfdQ!eT@sbEadwR*n;u;= zSd<$`@$$!onEZ{Bs();xK#}r2hFiA|(QYtz8}1q|SK7 zD=xOTz3uI`@4oxm!w)@d-}=_q?WQeh>$*7iAy>S3}fi6DFb`#S6pR~aSA)Kc zv&YJa^%ZOurkcjS5IUfo7;}1p4KsLC6h^3x)7=gqfQzVg*}!THbEDv~q%G^Pdx7r(|YOb)B8c<&LIfJXUFUi8_pw*M`Ze|!Z~9A{Idi71->}}k{jG1><(FS( z_uhS{t$b{ysR^cCjZL03MH5F`;u@80*QQ^GXg?D;%HeI2E}nFKH^H}2T*`|8AzmY z@p0V@*F|_32GaA3qF3P?al-|?8q_~NUew@;lP3B3e4Q@-4rCgF9{dPQi;8Vq zw)uy08H1JkU;yL|!;hd)G&&ISLAfHxOB{JA6X8JauK;dZF#sAg|9zgzA1vy$jl3in z$M4lvzWqLOz|pzt4?7%=V*Ifn5sy{qzXRbA$-h%652qqEGEUpJY_YrUzE_5--uBTd za{jz|cIcsp*)hi)XVa(8vMpOT+oXw2HgUoP>(sJ9W<*T8{h{z#vu4Y{G}-p;JJrrs zwUMXxYt+FQ$DP(ZVWJ&&_!0gqhrD09apNZY+E>47zy8$~ZsXEc9O-~dCn5qjKv?9- z#jNo%ktg!gurRiSJ(J)ClebSVBg39|7dt@xyPJBWT$c$xCiEX8g`M*4)o@i8RX_y~ z_(A?2udenyx9cCs6);SEYD_Vu{MA4*R7?T42Z_t@0Ustmx0D*Gk;qX_B%i}?%v^-BgqVYT541(IaMys#ose>A~OFjb^FDX`# zBLCS}UJL3Rn-ye^^3GxNn2*dGNTcqg9RIHh#AR**RmmF+hC85P;c8#1WYXA1)5AOTekL9QHb9Lrdi z5IpmA;%Hb5chaEn2cm2s((?E`e{nhAx6pgNH7VjqmS!DJt z_AWAz<#65TPkeff0nsRr$19F=OB&f#(`hX`TCAygqRriVZ+qEGFOso*zAf5!AFU#J zI$r~bm6ePfmY>1M7J{=8jt?HVU&iy^yY23K?{Oo!Xun0aKhHfLew0m{KF#02`Of#h zZU6Ca|Dmn*eJaO5N1vz*Qjhu@5dfhCIvJox*QEsYZMItBvyXh*_v5g#^ldkMVsrou zrMI?l0dXmP+&~Tm=nv~9-Kig>DGhpswN2qIF5j^z)ioCCA1W9EdA|$P${RSGKk|Fm z>^d46*m=lgDlf0w`OPFB6N3lUguGN6qoXSF3>B*4S&Tl>lp)fs0ufa}zMMZoMO?&} zmye+tI*U5W8`EFCg8{sPN6t3~=@2rN>XU(#ooJ}%_^nA}MM7#m`D%OdqA~;7x_b;H zKzG!N{?HwbJ*cXk2?on{RDq?6sGSOoJ{MY%jLDA)Um#*To9-kw=!>l~?}KzWks6CL?-RQkoBN zCHlTeMh+_;ca~gAgp=a}rl9{}jqZvjoeZ9kiiB$Yk)|+$MS8Ch*VBvR2689}{Rz@{ zw^nexC&Q0s0Tys027|Te{s1+yg6#A=Hhs!;d-^G-*%{9~)8@*k#)o)YTU-1W53j%RM*GF(m)b2i-Kg+pU*t73 zWDgvR5AWzwd3v7R|41Ok`RFftoz*3Rda}aN7$%JiFC;cXDPsYQC7BpCpl7s>8_1yo zy~>@_;<}BYz+SCold8=Xt6iScAN(a#Rz& zgj^;vyPqSNv=~YTQoD{Cxjg0K2C~4eJcH~Hx!xF9Ie1h7qe&le)>G#zI}Jx|Y4}J2 z6Cl0N?sJ39l{F|&b5o)AAcntAdkmC2%vH(M8hAT9l;X&5LH)Y9T`B8 zk+*u1frNw5tp!%C7D#)dfvkq;XABfVqojHalK!<9cMAP=Mm3gpE6L3bDRl~TcNAas zV2kXARSC*iTd!3i=ajl?@FoFq-01hCLI@^NL}8+0mt8C>wQ|rZMQ)uUim23^Nvu?; zsL%ZlB4`aDBViK5U^*AaxPh#MP-p>ytkkuo)|Imq)uw^s3-~PSh`_)rs~UJ+>I(a88a|~p`Xe!!!6dwM#5)sG=;r9%H z2r7!Mh*nk_^`KJRQxPaI9|?-#7^GGgs#?yJc%()b5oL+K8!=ElRaWVOQncToiyDhq zx|!$-h~bd4#h)9-JgpCcZ;UB2Qy+-JrSXt<>^8FVW9K^uteQ_ zGP{>?Bq4VT<>4SYF25rHQLe1%2_ZKKHwQQMy4yx)-0Vu^x($CQ05>Quf`Ds+n;lkO zGM2nS!CN%lqAt!EFs@qu)ylG!2BivM++v~WMo)xG*mu+-9KhpArFum1xhyB8xv`DR z2pEZ_E+mob9vp(If&Akr6j-23tNKo@6x;m0YR&>VGcHZ6(EUh|S66`_bUASXC59vKOYEvRBMU=%|Je`E>~U{)rI%bL7B$eB|H5Et>mC(j4+JfnyT zV)wKs67x)DnF*r5Fq##S^DCifjGX>v;U0^;KXO0F;{jKo7<{=NA@YO*;#o`LqO7kH z6`(9UP&6)xxY9%JS^4M?j3{ZWG=0tlsN4l2GM5Z#h>Oe-pCf9nl=f6ZT#`a3obPq{ z#fo!2?~h!aBLV6Tl~>{CJ?Z&kqy!ZO%4Qo`Nd+Vkreus+D5}KGM@lbLO%QTfGlo&5 zPqENfPyj!f^SChtRrP6BMCKF z!2y@ifuFRh)d$}){v{w7X=Uj{*3T{;a=qG%pt%zA_T&n}t=p^)6k(3D|7(5*Wh|41J=5+VKF_o zD7w-!6bR{p^Ei?&&SsKP8|;cxWQz@Qh)dopKF8l3X# z`yhr27-B<%Z@>I^15%InBUf~4P>w2vh^}}+pgfTkyDi<3c+w!(SNJ0w2nC^wJWnM8 z{lx|H^gN!r=x917R+GIJ7v3TKAqP3>4vb~=RDP10bI$!wHH7lef!0?%yx&!;#kk@W zm8XtaOLRjRpne!qA3eyqXDUQYhTu~c9SE5r#tGS@=VK&PL?lu$svW4&$Psx9C!+QQ zAjg1BDP%7p`X(L;0DF2J`oNoltk+#R~`{%1t zjs-?MsG}S5>MDR_&nm;n?={!DNh79$1QntvPl-x~FhuAV$OctyaOkW+v?a=k!a%zY zlXtfu+8YvQQuiR_9te59@D~ir>v4qsh={~OAtN43XAA|ZcGK)U3uDL>yuts?CF-@!_Sq4E0RBiE-%|GlLpvGDSTUj@p9AuYind@j z2u6OPE8H4<)yfodmLtzTEV;w7l@B3DBtRL+S0NhgE@OatLR!G6$4^`d(Y^|D_lsyR z%&15d!Ez&6VjXqKl}?BrYOUiK2%+QXWCkCL3;(u7(NXEOo4l*i#7_tg(48FxguF}^g*Vz&?k7VrWuc$;sH z-W^W4Acl&<-JEPOOk!9LuWxuCxj$4&AE?Yw5&Uom&pX;4Q-xnYiI8+u!ysw3>>gGmldU5q6$ zK^NuaiehT$lxp=ct;Q>gWs^ph&XiW@$?NeJkTFd z^hfkvd0YoyI#Qj{hy316-iMKg-@qA4|8lPxeuFQ=7-T%*lE3F-;rFe(JJM(8q$iFm z&`>3=$Un4t1*#cjR)2j|B2s_+?E`p`Pfq0Mle5TEYA!&I4*ik*Qo6!&@iSN|G4cxd z;{`=91Cfa|tKhGabxgHiHS~$0wAr&}+leQfXeXX{q8)P3As)A8%^F*>-x53Q zki%3#`o%Pqmw%^_aD2&a&O(X)#LkoGqYe_a$!_S ztPEshb%7mAeaF{7W^VHEWi=7oGnipHxqO+S6_Fq{(*Mt+(0vFF4=c`WJ7twd>c~op;^o zs~5n4g#dhG0)rUPxcuy_u1k`?X97{D8)l^khT0Lk8zC(&gbjq~KVO8%%TL>S&v*iZ zj*d(z!C@#r`-<+TPMc~U_`v(^TNsee7c&vlqVTg?7gsci6r6 z-fM>+dAPmjJ@2upQ>S|WzVg+t^b6kIci&yodsB0hoqW>C_RMEK)7ETQW1BW^a>K_2 zNgwScSFy4X(WmrXQ&W?@?d@-~lTSI>?z!h4d*qQvG)9xGF}YIz_7KLAH6k}-j=MeU?2_cLz%Cl!*6gngx|xKp2gs{PG7{>IDSeDlpdnbBV##9RWsRoDmA0{J(2 zRhR#qtN(yoR*(z`DB|PG{9JLD_pAP^vpb45L>?!=K#;89_!CdCH^1pkcJ8_7*ilCw zVJ9Acf*pU{vECn#Keke3D6fiqW$6+jka!>mZgNV5n%z$tI}^&v55>5_PyM77eNGyw zb>2Uco4ybs|Ncvt+J5`(=RX(A803?IL!Fn1L`@-H9}t<-fb4?{E<58izEUj!21Q)( zipmw{mrF5_rTRo!2qx7fhyi)j5l7iGPJ4!3@vAHBwQqQ>z4!g^wTG8KYk9$PpbpcraM``H1`OyT@kFoMls{PH}^@Z0R!Fd%@nebjebiF=K}7c&Xw@ zU%!66m%|97XSUs?eo|ll;>usxhd=URyXrSr*@6WN>@WV}FSHsxOzFM*D7N*KV?s4G zYD_fLm*VN~=u4wV(#{nQ6io8CiJ8YU(@vnL9 zt8C%E``AZ6{t0`->)&91`*(kD*ZlEX?Kr}~tKNL;?N?a{zmlC_Mj@uBMLAq8VB9b( zLHg64S$PX0ES}x+ci<-u11i1Zo_o%->~(K=osS#(*yD!?bV2h~x}>&V2>AyMIKVZ& zCmslYpBfU1dP=ELuOhU9oURolif0Ac+3yOHtMH)*9_lNJ$5ub)6K2JOEA0LU?zasa zH`sB<9A^g}bf8`R$E$74+BLo%JM7TIeAO~->NNjxEG8XWxg(D_(iOXSzs0uC!hP)U z!w$DY4?EOm&YbB#X3iF!ba+5)?=Zk@3As6xuQK;!6nb_I14QOR&(GMp*43Y+`|p%+ z^=6gB0cEWQq>pG)0U!At{0b7Z`45`4+9@ZWYIojwmn~oMkUi_%b8Vk}_K|Vi%Wk~> zdS6{V=iF!8>^U>-=a>E5rc9n<2OM~SZ=vVRnd4h=jLiCV>wWt@ZQ3;d`P_5PIoF=` ztaBtohx%lP8&?eOv0CY{wcU5$eSHkH$+(^NjMHrLl*!uW@3ckxEb=sDkJZNlZNE=F z_33ud!H3%7MT;eQmp%UY<2Gf=G&}m}qqM?3!j>Lzpe}8~ z3Q|kYPG7wh`Q!Qr3vR?HAKU74pLMSN$AA2X{q|Q^`gmWvX0_dV+wJz)s#UJvxgK=rp|(Kf*R5S|?K`$J$ZW}h2iXb7A8&^q za)`~IJ=<4~&wJi^s^d_NlZ}2sTDx`~Eh_B_1_PSTC28DvMNt>3U-ie75xpMSppJ__5bwQJYf4o#9% zo_>lC%6sm=$BsMhID5z2-{E1l;m00xto`g~Kl7{p^Uiyoz4LAFwAJePxBk^z?fK7p zz8!z;@pjrNr+L~VD<83Y@6*=r(8KL*Z+)AcbM`rQ%u&bKp$8r6hWVifAM%cCHFZY!fCn|_xZMZ?P?!uZ+_!n+Fyv^H*5ARX{W|6eCdVu@|V5bjyv`^zu?Z;YldBO?KO7m zt+%>9O5+99h8rC+09fTPnQ_@;r>_TjNXQsO*O5#IV<7!TTuSVgC%u-aAjN!Oh>vKx zR{C#v?Zq~6!X*2jAODZ7Ten7e8bvi)#kII`+;8!I_K^>N*k1qI*Sk(%eEth%1ncbj z8?U#MPB_s%_3=;JdFP$ybLqLyd9Gh9{&4jlWXuk>Pk#K9cIKI9Xa}e?^}*BCFTeWr zuMtfAUS}6c*QY-1Wa;@i_V~JWcHjN?yRp6G10S%9F1pB$(n5vtarohf*-7f-{TA(K z3+6A-g|F4Fz3xxW$1e)mSj<6_L*1cI!07G;*GU-#DzhE{6bi~fFzS+@?s5ZJqj6Hy zo86>Q-T@3GjpxAo_B(Iaiet8&|NQgqp#2Z>Ez`p*9=2nSmIC)*>Q{P<8J+fzm;9qm znmEZ$I`JgC?DETeHF=>rV)K^GcE{~^*bAQj0$*i(@WUUp?|%Qg&U2Oq%9_<{?49p; zr*A7Rz4TJM>E@e!GO((=?$6h`abUn#>x?}KuJer0J^eyw@Td=QK1hi0_CO#~(hwS~ zfef(4k@{y0&m;UWb*4)%=FO-qox_zs!SJ)ra$CI=pY}I1tV;}vP{qonpw4LJ5?>{jPtIbJ_ zB26VVE-fIsp#(B8Jp`yHwe&Z3}mfl)QS}={4DCC zS6*ZrHf^wXzx&<3y1=;3nLWpzb7a1sC`h2m|K{*OI<^)ZQr`h?$ibL#v5<6m8({oF7$TW zEw|ZkfAd>=;JycBTz_j1-v6LA)HM`?z5puCX@E&b7HxjrX!)G+&Vs7+3rPZbBd1q^ z2QeZtML`2W zS!dW1>HFDQRlZVlnu{GjqukuwYzwu5{PE8(wI6-&yS75*xlmEZI;}97zjxhpmkjxO zH;(?Jc~y)f$c+uBgzSwf!WEsoz5F9Z=sjEng5dA{T2_&wa+&)DXE+e6L$=M^G(c~= z`8MBrO_?}Zam&&bT6HwkH^_)h_46ul`)#+|Raaf*lZRCxTcjIry3r5*eefa(lS#$7 z>&do#XG?kn<+5K~W*`5=$L&4ueUH8N^{=(Be*LR{rDSE~WuBmL$%~HiZpr(G&LYjv zs`91A;K7y?9kuM(X+Qtz&;2JyPdoWE+q7|`8>gFZy2-~G;aeRcEpx4+%q{N^{?HGjIs&yMTrRlex1 zX7zE0b^@$=y1LrMt6r0lm9hB+u%o@p)^6BfM;>#mz3z=~($@cf?317Vq#IW*iab8U zyEUz?Eq*>av3a5^bj!{y{@c^QZw&cQc$Ojbj2r$6K>e7dk{R^=5c%;(mDOVzN>z9{ zQ51naG&PUm8A9y)%CN1UK$`j=bYdUeR~e*13;|kOI}c*ucv;L@emqAfOuwHUX}o445I zS6r@D;$HTazkG`wa@e76OmDd920z?A`pBdGO14q?;m4yTXPteP9e={{cEpiK*s&TI zk3RCKU3cAe_Sj>OX&ZHr9}IKThOIm+QLeP!<^5c(_H_7eI`mz1kn3MM@qiDG7*3#{ z&Zz_y!;o=Y!p*VmJGT2xj8$4~t$zG5dswRv`ij;3Ms4MmKlFfazc5go3(}Y9x1q7Y z;UaPaCk3LS@*?sKpJMQ)|!c8{7MT|+yZzytSvh)OoDBu!M*SRK`07y+{)i!##CZ`I0;2lpO6DQ{ zhzGR|)+Js2>Dp^;tyW}jcwU0^4jbh7O=Yc>W# zYUy7uaaoC6sDKe(aS0HK0m9`vs|3<3Q8~ZzbRjJOM3G;V&LE2juFmb9)z2WA6kMG+ zxM$n*;upQx?-u^okAGy}{@!=&U~Px@S+K8t=lkEWyR`jz-gBO7PkY+a?GYKg$Jab& zXPTlw%xU;1+>&rN_cpQ%p2;Dxqgb9@-9WT3!6XOMtA ztfme+;2^(g!D{TLn{M&=!(_BLNBrqee`de>^>1CM!;d&z6J@UQ++_FPf4^^a57_?z zU-6U9<2}Fl#V@?RV~#pneR8&6zQ+pYNfcV|8%vjd}O7qT)EPpf_V8$UvAGo@A&_NNnO&z)^Y9Dam7wEQ7k`RGc`)dQuAJN!I>hudS1Kkf?^9`!l( zv{S8KvR|#$CdUuHtD`LyfYzWG(fFCc5#I~0m*g!aMmT3rTAnY@6ZbdE%M(Y%xRBym zu+*!scD`l0oufB@ZKL-2!dGoDaSMhDzw)cw*Rtaz7@Oej@xbi{Jrf{|MYQt=;4R#6QBL0J-XsCJLMUt*d-sh z#C~(tZ|wRTuJ^MlCKSZPXSKpv7ONbtg51n`XvIUmqF`(OL^qH{ANU{bSgc;7#vg;G zw|JArGtmz`JYBEV(j=Qad6IV`la2mL4{7&)V=0iYoMz6N>4u0^Ib|?#7&Z(E=fIpP z!DBD2{HIQyYU?+yw=G&>PMI>r^YIuD>8$uMMyyu2;WlU99ADYrf8YJS^5pRw9tYyQ za?7SIw&IcHGSGE4ZTbwYSf=_7yDeKc*z)BM+IrQ=nBv^}paT!FTCG&Kix)eLRgbOm zl?uC#IdkXuR*@$tSe0(vywRplneJoj@imY8V@DVs9wFLi-+g>sU>sTHke5f6*k;!H zid;bP6%e)!*Wb0KD==tXx(JoZc&8+9C9q6#wNsc*P0!@wlP2UDg^@m2QvP3vvL+6^{g z(gdHU7&H2a8(iERUB7m{HBD&Ld|fF0Y_^T-HrWgrOwJzJPGjIUZrJ4Wdi%Cbwm=J+ zMVj;MBsOo|Vh>A>ww9f?L<<{^($=q8V-KkRd8COk(x+J>;zBjyuL?4OoDl^GlNL;J z7vRssn1?)^L-C9Tk~~?uuh%M`mA04hIC&Q@l7R%u&Faw&q&lS9go8Mr!iYKpDU*SU zF~g`)7Gp*{`Pc$Y(xg7`x#!u1y1IY!Ti>vsUiNdpv&QP+!yo*xefcZt3dqfXMs*y# z804&2;pq>e3h*S2`tU!Ifzs(e$iMOr?^-=JG|529_^9pOn(PA^ z$Uv+#>6_3WW!MIzV+KA1I@;62`E1X~7kz-=)5U|sd*I`s=x@rCmv9(n`mm{q`1Ia) z8b2K_KU?HF&b72^YSZ?4yDokXHM?F$g*qrh9mr2STOfEM8+E~t_Asc)OM7Bm`q{S1 zu&QmWZPe=A8T1QA8M|mepJ2qiFLxlZGHJbQ#p=&KG$y&@TF<=x0!`{vt$nC~q2Kkw%rI zg})+5qyP*eGsxrdLy-q&;RlfxQ~{Aa*w(5o+|a8D11Tb{=P@7U<|@pjV?b6iK*T{z zMhqWYH{9C#T94xnH-nW4LzqF!UFg@n=5_w~&aJoKZvXSY|KnG8(&x{g@2@NJ%G>hg z%OzYgfTU3mlOavAG^wF5zE2h~R_Q38mG;@fGkh|Wzu+`*t$4~x_D0!1L^6>=|RDuRx=)NQgctf7%Y|2A`I|X z3WM;&Bg(6f9ISZ#c&DgH{owLHvUptjN`CHOhn6Uf3jtiN8?oaBJT#gwrZa+v@Hbtss@g9r`$v>OO`U(2}U2{k7PJRT3&=v1jt{G$cKvxA%{mKuLD1XJb?5l9Fd7k>50mn)$I5HqX)H-5NU5E+>$rJAOxaL`iz|keI}z3Nkmub?gEsAK(qpvI9yr+ zt7uV-j7lJ%^9V+zhytjKFcStpM4phZkeTGDABrqFE6=L_>XvQ7KoX`L`RZour7d>B z%(raq>P(H^v`Wd@3?1-*@+}xtp2p;c2CT1;bB{u39Sl=lF{r$c#mnyt$i?Q>$T0GH z8qCpEVWMXi;uXy~9`E^M zfeTuPFjinCC7unSO^ zRVYeixpCZGKn6x6gzOSF#G>0nKlsa#G}U`N$7(IE9i-9xP}P7SbLcDl;3e3`jhPY`Y90 zPcJPG4`>`V%tzRut#lMgC{3=q`X)c4D;Y@5W^PQNyXwXfBp$tuT&27*gklze@_f-~ zh+&_PmB<_M3e(s6*NJgd6tR(7H+Dgbp61hz)bxIXv$zBX$giaZ9Zm6UTp|2u) zFP2sKlRc9BJS)rveW(jXpY65Rp1htA{#}h26S&BMTa1TX-e_Nul%uSaBm5LAOs-R~ z9CmAA5KO`!;Q|=C^60WGy}$ybp2eE{A$QHW3YV?CaJ`<0Gy~bTo8Wphp~u>p64MAz%S=b zyjDaQZ2n7Lj@}5ug;a6}rx622Zp-9h?~VwFR}JLP(viilEuwb*l$LqLopn%FrXnZ? z31lxl<|FIN-TRJ?F3l}Z$$;Px@h*ud5Zc-m$mPOM-O=Y6NQz{M%KnD+HGffith}NX z_@lprn|D=4<%rP)@)4Eu1eMALs4EO)CFH!q?>7&%%_bb>dKpL_k-#|mA+`R|=-q~p z5KV=~cB42|5xobHxfnQ(T>FCnSz*T@qb&2CyTE*ymEl)gTW<{wypor?zEcyfy_55; zR7vVH5W@?=5tPS~GXzKI7{&m>sUz|bhQgnx;RmrURJuQqEd$9?PEnL_yC8p*!W|Gr znE^9XWoO#H^2!^ZT`t`TE(bhAhyv)D6=csai%ebe$yG4@1`QdBj}2o6ve7=dJmv^L z^_-ZZTOLX3(7dWmN1Ieq0w0K`f0Ibj6G_k>iN+e#6r&2>02eyYkM7xLaf+sK;7 z4FO(UWf@})B95`>8YtbM!DUMwkLN(Sa`2-#?{*>tl$*zK=0zAkMlL2|5c!}e11N)^ z8xK)O@J9xWqT>AbbP6LPw%AE>h6I%C7kP#ds~`CKMb@cP7P5^BO0@yx%Ala{prInk zjbP#HsVv39g;@XXZSLaubDYtNjCV9wQFuF*rN*D#QbY|aQJxQ#?$AewCNR$kVpag! zOqZIpB1>7bdd3J`l#!PDz2#KN*a`)tgp{cS0%0qV7IRq?@Qb*hq$uM3m>=o(3(o{~N2Wgv%yD3x>V z-MZc&t-rW55_e!N9PxGqIB4#60~QA?Jk7wTrr=(&px;=q4Egq(ovg!4EMY>1B@2Lt5?q=oc= z@_RC(Ew~|bX`~e>*FhEJO~$zR^WxrvFoy`_0}wZ77~%4`7;G4^C?9!b3UZ11MP8^Xlu4F|M`+r$TH^*tzx)v$zC!6Z0XL3>=`&wVgQC_#1~O1AGz#e1JUrH*K4d_1{5VBPFCM8s*n;wL z+zXVTL6M1-UA@NyucSj-#riV!QA&^2Cn>rLBt~{f zTO>Ow*}Yy5it}7zTSuG59EwR9sv15^^$_ z3}nx!;zTjUU?6+yB$Rw?rP)XWSfw-E#A8?}D)GgrDCz{&cw!)VJ1a+e7aK`x`Gi%Q zZQr@Q>c=WZ4B8)xE%fS$I1uqseY9!}#2Hf{ciyf*u7klqd11v_BvgX?quX)A-~omJ z8JM;BiKk+QYp!@eI&lzuC>QyoEMWUYy5d<8G3mJx5+EBzgN?$R+YRPg+XwIf@Tr6l zuc(s&OdSK(qcWTk@~mUX<d<9f=_jA6F4#-A5LZ)7fJJI_;?`nI6C=F8q2Y zibVmMu4c>zM97L0l@uroI_M{iV|;TUP_uZyeUkLDp6wl7w!LMCe|5wYD=aykJFPAz zLBEK(H;xej6{2ni7UbIoACNH$aAVko(uoTL$4Oem^@pe>W;|uQMiFTOMuI!k9wmN6 z<4-feYw&v!8bWNZNg6dca}jk7kugQN)5?~&6N9DZr8t#3@Hm5l-AVQ`hdjzQ> zeI-qvP^Ck4m43@+PeP0pIuth_N76^GZ<2@x5nl`shm1{8$~j>$ds>`svp^jM6U+>^ zS6Ga~jx>y9_=g1wm&;h7ELcK(>mi3$kaLt@|F!XNS10di;fpA`VwTpW1-qQ9x0)8@ zJs)l~U*TS@Q+@;vp@#y>*(n8&rWry z|9W=VNMBH(XiP#hwLocd38g#=Gn z-3>Yx!+_KPKk^Y@Y&j8=pf^fDbcLDjej^co5${Rpn0N&!%6Q=7PRmKcP$ zT;9s8SORGju7HU4Iz^NXH`2n78=aV!3qNiq#uEwAY;TSNO$0QbdHTeg6>ZG*!iWri zAmS*W>B0?d=qh)^D&vQD5oVCPffPTYm;`L*$(FGl9Z)ZF;|_s2*^#MJ7P6+RT|+P$ zPf8#d2J<0SQo%q{3(=(jF7P}=V2nb+yBlE?kc*y#3Ip!*R$k=K)J7C*o;nRguBY|& zHGc77=ZWd4lf@&epPNI4Q@Y;D?bLul3;aer3Eax@2mQO!t(zj+#}$FGG?G;f%=}PO$$TZ^8CNHi(-zG2A3p65%(IU6L1j=$oV||-WheW{)o=0&m z$0#9K;f4&m6R4&fRpfG&iqIHp<5-#8VI#)f0!4 z@r#f5dIaU7EW{X6yyw+C@_hOeMuB*b8%@A8>K`=oG)ehFPp6DytqV)x{um5HdKz9P zS4kJdyP_cdDXm^f*i}F<>g^Aq7X}2R{1ic7?&?2dKz>rO5A_-(5a)%B3fCzweyD)~ zD3>vck)$Yy&)oSq)qsnOEEi^;N8pvzPQ{b2LzdBRbSXc2#8B%0n4qeGoI7_$ca1Iu z-F2OAApJ|tlFpUkots3WZ=F0O;R|8O21Ps`;+;w!QBRHpkIUQ=A|fi|3RZMjACNax zKS%_d5WG+QyBL+`NiI_r`MeqWLox$03?lLEYFC5!x`7mVHx}XOM@P|q1}9kwGkCck z`OiNPNnTGZ+$bBMfZ}mjse#Bos-Rx%%AlEJ9J&9j$tL0W(fzb~90Tc4aK<`BCCdMh z4t#k|gs1ExAQbZli2`(d2n7fSAw90jg|~41d$KCV^OF2TNTZBnlPq9^rYO4^j3Q$U zV*npP;J(?U3qfaLFo}Z=VC+$ImpmPXA$0zVY*)BdE^k9|UfhZSE%LabgkU20*c?Ul zGLTV;P&04dG^N#eh5miU*7PZRzf~_`$%~CdI6h@Z7}?6*0FB26(4z2LPcZ;q%Y>h4o+6cKe%Pxu3bnJc-7(JWjjt_`?l zAeuk)kFO{d^r8y;LZ$GtjUh<7U%4Y)E{>N~LBHsWI*YnIEWLIrjd%>FizAs)w_ms9 z&+CwP^Z{ck^h$~7A3l-vM^n({;w#?Tys7M%NSAC+S>p-1kwj+i<7h;5IPRW+c&r6! z=}=_ENHCHFiHfusx_Vj126-@q&B`)S#<5BJ<0fToQc>a?q~rQp<&(=eqa1^haa3^h zmix+4acrqORTmH8V+=8lt@5{M(CujN*6Lr|aOG)J7+oSAnxv0Mvpd~D*2_R*?Wq7^ zsbk*UX~n}xvevrPwztSYNgxm2%Hwm^ z4D&wa6~PKO!lZj3GJ0V=>b2Mxc&3aKvl>KH5iGf&R|SJW4rz~xuMNij}D6Z9n9ZB zR6r3PYvi|I(&r7@R7?ZH$H5q(%s{#fB6Q|&C*tumQV2l!cQ+6!}V+*8$tSDpK?H8V+juC_U_0Lz37)VeImzsHVrWXcMl@=>VBoHrFE$xSi@FiH;O_7$#Dp{&){B2HhKh{@ z&lJ*tqErY0il`ET4{>>X4$4EMS8GU)Jlu;X3FQnj8FLxR<;)Q5NzVP{2$q4!3u}!{ zcNyGBguZc!g8)X9ff{+r`HdJb^vXSy2E!mKpqT%v0b|&IXp5&G!Kg~t8x;(suO11| z2A7@KporXEh@OOy1!=j*T=Z_y7XMnCq8ha_WR-|foZMtK0RyRypD5$lB)@OBRlt9l zQ{`x?FJR=x_yDLU{2)}qaUB;mf_yg=BiX9(4khfAVZ=yoYpbyxN^6(DO-7PuOyN(N zVXq{;un1lfh983~8AzZu)XbYD16k;Wn=`(}mLOfSKnyQ<0GEN812=v-j{TR%@rP6x z%k^hIN zAj*&o1+y5#go!6l@Fp(Gk&pDqABglo@GXH?*p$V21*2dh*}C{aq;&k@Tb|(OZ4vbY zvh}I13?W*cuUuThR2BW@XGTQ$pz0}0^g#6u2`~&*gl-3@fFe-4^473)t7%g)F4dzd zSzlBzkiNnuP#WCf0puWDC~}t|uZsbMznHV$0Q|~>X!w+c-{)%3wtAA1Cdl$lY3Q=a zS{_bNcw)U)l%9tzwK$3m-v@@959NZD`-zkrUdVSJ5&>6PeFe!y7Zr8N&Tx_2DSt~x zt?g8JODhIbe%Yp-Qf^yUt&c@alJlkPP!PfZ)m1W(aR!NskkJh!8AY8MS=^-I0JTju zk`E+43ZYZJW`Y}ufr5t{N1E(g8VHCN=3bzv|HPtPV*Y=3Zvv&~QQdjp-WTn%E!(m! z+t`-8@7VH&F$M$P4cIIptY#+;36Oy{h&7fB&lc_S3EIRtw_{>11i@_^Pn=&n|B&1LzodTCD!3lT>Bi~6Vamo@;LK2$wnoyU# zf@GaJeO_XgU|Gf0KC;(2;V z%&-P~WbE{7KF^bJIY-KIzLevV znA_jm`pE^9m_OrBSe>U#t3fL9DJy!C&@AAv{`la6GKEe42A+Jr)yKAH=jf=n^22QB ziJTVD9S!Wb> z6xGo1NDQg8v} zO&QxmUpX2Y9ve~>l;ecaerW-HJc&NYZXHn(X^kxrTuMQ6iG*efHPc=UfD4@2ICHAZ zs|mzb+9~NXN6n47nhtY&*iuI<>~4!W-P&p^uS-^>FJn~4N=xBp*9kMVFnDMwdjf9q z0Q?fJwHltOs|DFUdmAlw4UA}OEzODrxk(n}_Tl!}sQewn@MEoYD@$YBW@moyXGfl^!vx+la@0N%0+T%q0Q5K@jR`LX%M3l_zJ zOP0i8M;saZEjb|O&zm0$7A?@0o}Vq<5}RJw6i+|*R6P0A8o6g<+t%%3%2>2_q7a0Z z0}3}PHj`k$&+ybh4FJ^#xh|cFj97CtCg6feYLkxmVrM#F_*Gv6MA)~cpsOgciT$Z~ zjT(bCCVZ@Tlx{&~ogqm{fFwD{V9{aS=@LC{T3~o~)zIqLe?WjYIm2erN1nbI-YEs? zt@Q*hzqBxgf+Py*WVQOy$|s>&3BSnDPZq$Ld;oW@sI<+jP`Hvns_c@otyb1NDaH9x zkn*x@m6!Tjjy>5cC0?&$96 zmJ%#yp2LGfF)%z7+qZ3vyYILo?!4pnSo8EVF(|8&K{GA13$wk~Buqz|z1$tBLQ$wo z(J+uPVKe|YQ2i#}R;_VpDYZJl#MNOutOg58t;SR}D9z~;CW;`N1-#IZIbO%0D8Jv1 z&(#-al5Kn(lH&`~XJ*6CCeU}-kt~@7up=2B9jOX(mX&@IFpYwQbZ0T<6Z$~{k^-b4 zl9`X%?=7St(?}Ci>Tys4s4SDy?G}QVUf$tpo7E@N5Q}l1!t;9M{s!;jPcZ$ z(|=iuMef~w@{~$GZ`Ihip^(y&GAqUs@bOwJEId$Ts!Ap2VLcLKC(6YQ50dkI!z{r%# zD_e#9!Yw8%_w;SDqGWv%T(o#WoOky5aoHu8#*r(Ijz#0b_Yt5Lw8dYTrx9KCR@-d zF$rp$=@2gHFfGMHtg#NcaAL(|HT2nt94~J`s&!wfQXrdhU-0G3SAYt*8Wm)B+bl@J z>qV&+sCob4pom9-J@yZ|l}s^11XIfIO9e^iq$Wvr7U_&Vu2m+bk`nkCZbHst$~J{3 zA@j3dmZ3ZrBJt)Gpwd}s{WM1 z1>Szk_XFi}{18@GM|*TC%(-Q!#>KBBs+^*lpUfAKjW22V6OQ;4AdExZ0BsPh_Pwd+wfZBqXLF2!r+pL)t1|tl3=)uonBcoNnL#lUrvyqi9HWJ_%>D)4a(aXFeydK5+Jb##nHw=BmwY^%G+MB_N3MT z!t(KSe)o6oyq>t=f{SA1%Clm=w$y_|L%yZXhEas6C}|Jn*}|j_QuO`8i|Z0k>!_yDuU3pAx4{{y2$pC4)bjJLL;NC`cX& z@;N^_##PHUflPRiu2EnH1zCtG3X-8HlW-z1KsC|D75B=7lH&0lR_?KQ`6;KxYcIMu z7A#okpKd@ICKT&YOxKpWN89Z#tupOWcs{dK4l4+XIW5Zh^B2UTh5N({&#jB+);(9{ zhIUHtn#!^KD-i7^T<_O42rgumRAYA35hP(>Nfd6QaOq-!^WZ}3kD?hF!CAqs0zcf&q z+l@X%f+R-C;?c}!tXg#xa99yf{OU}9N<(5J-V|hfIm;6u$xjrm@)f8CP?Th4vnA#o z>Uk0eANvkXUilQE}L^!{gwCmd5`3Es2rQ(HPjyPd%Xg#+4*AEL^b2jC^A4Be8Y+ zpwr5?Dp7%aLC)&jbO8KqijOaXhDT({j>hots2DjaI;3KRe~@oqs%<}SHHk6iJfq_g z5(sfBGk_O{3QOuJDt}ac93C05-%bJc*o>CTXc>{mnTel&1fLvAk(N_-6}3Pb$Y@n9m=oU`hG&H(7B_JFs)Gj7*VZ);vrAm<}hg8PT;STa) z=+WrV#QupWQqWI%a9}wIkKEqDRg;cOmX$MxY1gc ztdSDd#J7ecE$I{*P;s`%tAsv#Y~ zJELFz++O)sik)S9-N9D7Sdb`FEJ!XIdqe;hDC@j0chtc6h}AIjM&m=gHB9NN|M~sM zVe!Uq*Ptv#qWLYqRVVwMK)4wfOsydM>K0p6!oLwNSrp%0W}4ikJgtKaf#XH?jyU`5 zbK;cK&hWED2qBQl4n=h+%JGQhK3iP#%+s+$N^!xQxv_Nr17q9P&9P%(z;(b$`-}xX z*63r8KNiofdzLIK2B@e*R>Nh(NtgizXqQRAf$rRSb7M~boapN5lwvIH%u(CDy*;Ka zVZvmgyFg9iq!TW*N>I&PI(`&hlT8hC+0-q;*d^fvEy~baausFJEYosOZuI)YT0=SX z9fD{QaD}}BdQ>tzk4O^#8B6!NNplmXN&cAwceuhH`XqJd$u=hbu-!`e8y+qSkqN*= z=%2$lb$gcsyeK7^Qv;}I@NkSASx(NxCJ@hY&VtQw^}SnwM#pJT4q?KoQC?sFJYRO= zI=XsnY#>ZL66Si~s(r+2M9!Emykp&qf>dN7x7XTQb1@@5SFA^>SrE$TF(c>_d!PuKTWu0c zdYxaISnPax1PGrGT4Y^!*@1>nrvM`yhp83hyv|jwAdODv1W?=I$&&t z`3;+;2QG~>&RiMGmK`SI$~j|8IZ9d1pFcm2TXD3%IeE_m_r=4HJ`x)?tdHTLfjH>E zgQB;uFE(u67(+wDB63`?X`@ey?YXC)ji;Y}DuzaQSe?~|X#mY^IH5@83uOgVmxs^$ zg!l3*uZnlP^IdV}Rd0xwzx<52`|f*`Jr>tq`@uN-taIauCsv!54h>rC0b?Ozm~8C} ztl$VFU64j032S*=DdNbZ4vUX`@S}0~;fKZp4?Psyw+|PE*n~#hY?tF;nk@%CP_O{( zCDWb4B7!!RP#Q&C&l-{tbjUM-0+R=>g3MtT5XiHjXI>+m;Qm!;jYEZ*$|f{%PlhJG z$>pZPZMxM(tU>xUxqdTDZO1E1%Izj{s3gk^&&!R((UQaWz4v`_~Zq zItB(uV%@V(*9sC4w1D86xBOiE(#Nig6gLLCo6G| z6k|Wiv2L|{JG*2(vVHE5E0!X4bGKH`Ad6zm%Nci_c9aM!cq@uF`9nGdh*OTJ)8*J= zk0`ZgPTEpQ#g33BWrd60qLADnPi?T!EFo@KrZef1{Ddd#0sW~8&cV7=( zc4#bFvcEb~E?E*_ES+1laB+0^^u>LTJQ&YO8DVL$<$mh<=i}kWAC3i!_lfy)=Udq{ z&n+Qhr*Iy6_+hbRzx^sv{3*TTFO*XQTfkPH+T$Vg9<8S5zw(vwrZ-*_LjyxnuusS0 zMT_H{v(Jl#3m3&R&pzX`O}60lW0L9gdZFnv{gJfJm_-p&&LWol)in?eIMl)*#sOh3~S*ibp|IqU4ZYp zN^7R$h$rr>iyImmaz2pta`%9rcrr{Kthp=$P#@e)ye=bI7|;TW8yVFYVPXrYOS{=V z@h0s3U(s<^nr{aa@pNkE0-Q8XB zx>sEo*Sz6M&9y#P6Ctsy(lH7@MT1o}zlG0J6n;}KkFC@d|0z`oqC9-=DAyx}SI!r; zJCg-Dr>Dztw$^O3yRBrUPozk3EatdQrJ-E8(Z-@I)+gI@>UG6jDO_LfC=L!QRdf>s zRK5b}G0!_u)**hO^hJuxkMA%mOsZ>`P+)q{LZa=UZ@KtRu<)oNE63DIGJ#YCoULVv zE?TrG=FOY0I$|%3caO$_$!%d_qSpyU8Nx%u2wN4d29S?{vZGkEXrGuncaGaD)oEWD zl|rgwOY%=cFGVvJ^X4y%Q(u0jV(syVfA9zKiBJA&{Pu6JigntmBj|tqzyCV^;xGO@ zo_+4wvZ`s-!{Y4i?bB)^o`?}($Esw-?a=^wTdp$XjIoW@D#u{)eCgWNPsSg8_K)Ms zU;1Kf+o~0t#YnEVuQ%q1_ICCYkc<=1j}EnY+8JlWTi^QjIR5w(Ekt6I@T#5^Jbmu# z>vwr3CcK4bpcvJ}9+Ob_XrDA!boI}fqxv11XDDq6u;`@S9&NdJ#~x)dCdEyB?%cWR zi)d1N#;JcSG}PmWgw-^G_IQAnve3W-wJdO62|x6 z1+N`#tB%jL#AE0t9i>UxIlZM{$buwAb9k4_&T!`E-8jN^X8cUl!HdBUGS36Hl8Okpw<0?H}DER(_gtcN~dk?lycr8MXCH=wb>(j zz`1Gj7R?i$xTOsIPfL;`Em;= zf`P!hlmrD}VjQslfo9mIO`BwqX~k7ue{X-RIC429<0);S2ZshdvHXl*1#Y^>Bs32^ zbYDFE%rn9-!gKx_zX`UFaZSi{DRk(;hr|UJzACnC-KK5*!?GgR#p=hNkh1HDtFC%u z9CgHUZ`~IzS{QGC`#a(dZ+KIjd(Js=@<}JlDn2~6NHCW#UlHe?eRf=U;j81a%P)^t zoPWM7h>=*mdbK8z=o2kkgyYad4$?OMs_32D7dwV_#3dJB5@$&HU3}@q@!HqER(O_s za&F(c-6R7mWj(&-EpPSKXdhY8@bsyt){37e$})IwT=cq&)b52=k`F!juq_uRGfD!5 zaKsUZ$2)%hU2*vpSH#J}v0fJWrp=q<73aP}{ktk&^{Q9J2`8K&zCCRV`rxGp$5mHe z6_;IhS)6s|Sw4$wDhy zp1ADN%i=;=DD>&x`|h=py!4VwuoqP7Vam8g<#M!clUjMq+d%@kQh4cN_zF*4i)!LmbiTm!q&+>89 zQAfpF-ujk!-9@j9v(7q8N?@CDK^uL3)0^HD=V%NMJn+ESxN&2gdFIM^_q*O5ha7xR zER=%WUpt+nk3Bk;$}-~|oc>;T!G&?*Yc7n7FTU8c-hI#AF}Q6o7A;;BAO6sX-i@pIbVUU}t}ao&07#rhZ4$J#Y(ExWdAHJ8qo+S8VCO?9`*dn>I!JwOv>i z3pHr08v88XH;y>+h}c((;h{$#(!_e+!Ud7z^-++raz=+VLGF#UYoBsjQIK!|%24G3 z6N~kv_C?2z?L)EVsWocjsJQg9OC{XL#12iEwQHaBMET9%SQUq9>;8kAzZXCMj(5k^ zSHDet*(ocgQX2Nek@MbgnGw2-WdxQE;Rekla(=l!NPdv>1X1K%dd#jPdnY#x#z??fBv1Z@r8|X!7DHDR(0*#wZ8O1 zNn&w5rS0AO-}`YhUx)c<|u|be&Hj(;7PD}@#1)+7O#Ex*;l)cQJ)oFaQ+2x(+_U4<#X+|*ZN2YAaD5! z7P+V6)KgE5pZmF=)8f}-JSa(T*QHd?Kkr=C?TQEPd(f8U&Doqc{nNq1_kNqs}{=^dHmLz8|yjR4r6ilOJQP#Vh!84k;{4j zDu-~!6Ur3F%CuMGWlE!kMx|G*{FKIPiOlzM@#dg`vYa_`05u>DJFFc8Kij}*hqOQ` z2kz;JXuwnovfX?4>QI!4leY&kSNYB`!;K@m(j_1^4s1o}5YW(V4x{r&G|-zjyXH`@^90ijMQ3_LG?%2MhU<136c<$B3#lcV^@L4Y&tc7>z>^Z zpZU!1#6M}vYW zAO7$bZL>IE<2-NJ=cQl%%HPGWX`BAJKlxlN*?(!Abn;2w-ZF^5ka)07mMW8yiO=MI z?6JpU)v8r--F4SFe8!n)#J)@REfoYeeg6mXuV4G;xc}b!;*b9D58`kB=I?CrE!qEo z_^+b-lb`stc>nval>%BL3*e2~PH9W&xAG&F9B@FKdB!EI`O3V{`bBgU;EeV<2$mze&aWPBfk38uf_o9m&1dm75eVK@BaAor#~H^_?1t@ zgZDoe7rpADIPK-9SpojbSN|p6_x|_ACqDTJ$;A(C5d%jYeuU&_AU^x2pN&ud=BMM< zTW*b>zMklivhZQPy7u_$$K!?@Z-@sq4jkp|x8Hug&}6svq!#Kg{LL5QgCG7-{NW$| zkr(ZwWMo`?(M8&U48*Vg`me{Ye*EL{CGmLkmW}0Gg@DFyOtSf%Z+#=Kzy9lS*PVC9 zAAjyo;;+B(1s{Rnz|S6vGyUZ+J3?c0h4I6i)oY%JeHSg(B6wvScieHBqdVj7JAV{^ z^VeUD8~)D^G=^Ke5am3^^Y&Vrj4iLTV(ck*s^{=+sG%i zeFDaYIMg5UmZyH9UvWhvwRz*_xclzAJ^9%-ZQZgpI<)#Cd8PQm)6xzETn> z9=80)9latR)mG};-~PH3#vHl%+F~w=6Hh!b7Von-ZqY(;*PVCy*})F+f}@pt?!Lzg z@!&%aj#p~y$CmhxJMORma5RFVLHTnL@{O;5!`o$_p-ECvIP`ZwTeRc_EMmcUD^}EwNlUrybw38B%AGdE3E&V zeQn&h$?2q7QOfaAT%JKZcExeg-#15-{?7RBO*h1Ccik4Z-f?T(_`MtA;m00~{gy0_ z6J$*y$Uf+1a#dVB$H+U`o40OuTC3L-NuqItl}1%=fA`&Yo-D&x*t+2Pur1nN+$$?( z-n_-puStVd2&~g~5dC`e(Z|M;{q~JR4&FZwkpk_X+apt56NA-EWx2Tnm}p%Rw%xut zs3_Y_loNEL2ysjXE@-R-$ukEFaKczo#aIO(L* zrLbR+BH?q!QZSkf>({OKWy7a_<5TK>Tdex6&%`xverxIH{rAW3eC9LpK26Z~z3&6@ z30b0F``Xuhb9=*$--%!UwO@(%YN2@7yWbt(_{KL(8??8nkB_gB)pNrQvERb|;@xk5 zx5wn$-~M)NT(>d$y8GgsmFL(xTex^(oO9MWrhlv2&zxZvFbW`IejGBOm^VWa0zyp$~spR_kZu=I`GUf2^Gg#sS-Wb_4tE zvyXRdEn`RHQ)FGr3WX&;p~#9dVtzV@VtWM*2~b_|fKxuSE6s`*%(d;^8h{5RD;ru$ zor1Te9GzIhKL)f+8Ca3JW&#}`W?U+-P$@nWa14N9#hO{KE#0zZ%T%WxQj5W8`~w(l zG5zkl?uuunNWnFJPBRuyJo%J_wOi)?@v%r&+H>ok_276V6fPL_3GSfO8k z@g-8K`&tRDIOgcsv0WA^-96h&cJAQ)B7UL*lPxE%Npcbc{&o_m`!3!K+>w z^EHuBPMkqKvG%FBOI8!-oo{>l+qEq{!*o0B|w$A+hG3d*(Tx>wfe9d^6tpws*#VUiF{jek~AuKo{Cjo*Or8^m*xrKKLO& z#el+QVA|U?u66NZ%(~jU%r9tJ`{a{xn=I!Ky#Ir7z>@v_A_JE@oB=cJ=e_b3as2U; zS@9psl1F`bg?4aYQ2h(lf68ap=bd}5mDt6vzu1>T=7;#eLcop!U_P)AaDjQ-k8X>% zz3pwj+*$YBy0}8yV=k89B|zJ@qr|?HO%#|F4E#ebk+-_oa6Wn4t+!eM{^E7liH2=4 zD64<%;}6CGG6Ie~XrEZJ&z#uw!p3;!skO0vaEI`?DL3Y4Z`Br#x43ws!{ee%tVzP; z)#4NN#~z?rmN1I4JoixWqUgY#zLLiq!51(s$zxk>D;9dIvE*X>`7r?W9gF7ot|EXw z@r@Cun@WJdB*3izq(g{;lvn8*8uK|9hrfp`JIq321u5m%-`5i_)9Tl$mG$oX?vZ6T zs)1t?jvt8n^*jweU+@``aBbeUNlL1`rbs!q!r%Sww|$-iP>oNZwO|qh3bP_MZyJzg zv)#AAC!KV1EIaHlpVx5K_q?`x%d~~$668m>-yW;iJQ+(5IyjD8zC7m1>Y39&Ujnl} zzWco!JuyaPz1()&zr|BeJ?CvIUp>F$&fDXO$5)H?LQDVLem~N|4d~-fJZ>xN;fEjg zWe#VwJP`lH+9%>iKl+i+I48*?Vj!Evg^A6u~mj$Oh zVubR8{te;-WwDO2_PF%8>+ZXJL(4~&*@hBlF*!yH-SHUSbNDlks@WT)H8ReGETV++QwLCo{#Wr7K#--ZbcinA8#?u7Qc>Oo7 zkK6CKD^65jx!_~`P&%78Z;Bg#@cmf%@|Ci<-Vg`Ns(j$V`{RpW`eHn>T3cZ$TNLCA zQg)O-RlMd4Rotkf;BS?(0=T`$s^gM}$B+29%QwII&A46i$gMpWUeLT&w8H=I-S|B} zagfFZ{M%PM9=7K2nTsW!^F^lN6&C*HO`DDL$+c_Z&_kAa;X3wM?Ua`68v|Ngj$C$7 zoV)UrSa#rkvEjKV<9pxzPCWa})9M3@ye69Zf#*d_%7-mIAEoG3A8|f|Q~{s+S%ayp z|IQAYQP1-@}q9Ms5aXx$K?? zk~SkWb&{$W+LkR{P#$+yOKd4dhqXFlnF)D9hDf3!@nS`m-yCML@&h_Yh}oB2c4eG; z+Da+75wG~%STB?H!@H6XKlYF(AA}?`nK(?69&O2vJnV?rscn*9L)0qfb1KpG!<)Vv zfBO$#jt!f(YIRpfrW%2wvCHU;ldkQBk|*8$^mR)S$XeJjSS*2#-p&~1+wBz&(iZzq z{^ZXka2sNkwrfv3{)E$6#WZ(~Gl64Bc0O)m9K}RPdXnovV})**;|97wcP4{$id}-% z74yCcSPk^naY{6L+xxHuHcJVSSoiKC5mL}tl1?25A4K{$qlu3>((8j2?n8XoQ z&d;vnzo z?$ow^v=|M7gQfg`@ArQ{x_Z0gxBkoT#63T{-RTK!TDbTibOL8xNPf` z?6Fv2eeN2T1ti7fH`$njlfag=&%F!47q;XHUfilcfD=AW4mW|{m{}ll7mDu13NKQ4 zK_6$YvZggZnW9kP2ivi(wSS!_+UJO8^LjgCq4>b-g}v}mbhAAMs58|RoeJPAwNPRx zM~>unNSO>s!)+QIiEX&yF}V@tp=+cs8tqV@TWda|`@&FrY#eHfjq2(qY0DvLN2@Xw zs#T^1#vR#$SB}fkhmQWaJ*&8cFp(kv;qo^R+ciieRz~^rUW&qgu2Ax@6yGMTh}f!? z89_Vj@RtP-RAcTAN+>sM+Njm@1rtGjDo21Yj>l_Wcws|q(CUn$_Li)pODo^n_|CV# z6_05fjDpfwn4aALViFqpS=KbFZQqJ%fN9eoi=d+XS7^I*+G(f7F~=PnAO6q>;)o-T zj4yuSOYvP-STOlv74&z zq^0BFoNc4K#j2i8ijzk}AeiP^@%=C_{7^dQJv{inbLX%u%N6mFk6afgoqR%kD^DcO_n=@RB+h0VlqGJwiW8-RpwL~Yv?cIzybz6(8>&g&g7fp(Bbc$Qmrw5jF;*`tBM)O zcRBsbet;wS0OUNvC$HdXQ~zZR_O!#x*W9oNTL*;T!lEz@R${1amAHyh-`|n#Gx;uM33F>qq&;s~K zTNWttk_pLbnl5tZg|{UG)uVob@l<>XE&P-GCQOwE?3Ruw*5;zRb7jdczy6=&-){T2*fyZ;l?JW3swE_*Y5U)7 z%0KKPfwrK@bfS_-mv%%3@v&hsMOQg)&nD-i=5Wysqz z^Q24`^!6xR-ka``^5ky8&q8K9)lCKDXBm86L*|7Ow$~^~l;UR1`|U#tOKA>hPNJ9i zFopYpf|SoXgtfR`3i5evu{WV0`PD;NlS3+?scl)Ootc2KDGIV%VdLK_2%@(ZB9P0A)vF(i@7(Z>xcTN=f}dMpU{XhTWvgNQqyrLw7F`LM0U)668%`yO z@=x^eYTUrq9lmAc42m)$$Nia6IRZ7`UTqI0m(wRnAU;_!O$Aw`)oylpub{Tdb~Xv1 zal-OI4SxG%ISwz{V?e9iR*m5ZXNFRgY`-Z`7M7F)DrfB(Adv&jaQeV3(EP+8+sgK! zBg54%e2^)CLX<4N)C(5^w?Ez{zJd`+fafHDI zkIkl}V+Iga2DU=U&)L+Q2&tk~u}zB}mShtFL0la>(_4ZTb`~ptutTXk<^20Qa+U|x z@lymXbbBCanF(7+-}5n{NJ7 zuJ&y*8mvbg$}tsW>vBew*~6M&gyom>$MT!m+lK2oq{eR;>#>$I zP4cFNdW+M}BVJuS>SL$+D*4yK*0yNh9^n9!CZ-4)85?0|Ij$5F%oVxXpoIvRSV`M;fGu8~oH>5IpFxUBKkx1vH>D#ewyVw+m`TczaQhqr4`i z6mx~z0>Vw9B^?23mYD+JgB7JZLC5CI>5J~}@>?{WJTD`{Mn`#fbVL^CPz>{^gUVxZ zG2fCIhT4`r(g~|fPW{w_Es`>VgVrXly@J|UYsS0?fR;25EAYS!yv}|k$!=AD+*cCF z#QoTih&Y56q6y5c;6~+UXeVhyYW&M`B!bIllti%U>5U_^hh`u5vg%J9pe22VeJYxA z97(5K)|n;kvWfIpTRQ#aVuuOun^OfwcxX&`P>g=$X99A<&MDFIXRp8tQVr8~uZC*A z26I98SnSu|77J03T}46WIb^9*EK8muV~4>{DEKSlT-hM@OB8R31v}^xZT<(4qbSREI8$HONEa^mhoFa zLc)ZMy#Xr1u)@R_4M{8@AK6J(;^>;?Ne-{2YsmPCKt+t?lorMzyEsEz)PSuPJpJ)M zcc2c=ZZKuy)X-$a|4m35nsii|n~**^J{hJ@Oy>97V-Y$!ao&OUR*der>KdgS(cKye-tC(nkD+DNN2QGZ~v}UMUj*XlzhOrQD#DiTd=2A8(@CQrSij- z^S<%8S2Vc^?M?>rz$FrKtwF$%UZUgR47r(b&I$@oUNltt?E$PBQ{^gcTn3vzweR={ z+5|pO7HFpJEwuQcfVT)Vf~)B`+D?BDVDeRV+&DmZiO?x>IqU$M$XbPWhv~9rsPgXu zv_BOMncj3j@)?)mDImEu0hGYx#93ixSQDcIaNgm~9 z!;e&uerC4=zK&Otf{ayZlJRLTuG#@3F2Si`77aH6e0y@UhAd0H;+3RKhwgMhroU(a z5xkm-F?#`3cUVuMvl4AhZ*{EcW(^d^@)ct65^eE=29<|)qpft=25tt(BA^rYGJcAb zF|0WbQ=+*Sb>hsBMU1$*p9M%-liu``=fIEAmzI*WW5}>Ju`t=jcG${9k#R;yQz))7 z4$}kKCQD<^urqjFs?^&lzbaw>6f0R37e1~$q+L4II*O~EOiPcUGc8zvituy{mnU}TAJX?t+jFL5BO1l(xrX|a=R4d4z0)AM%#sxr*V{D zDd=qgrwqf$q2pA@7!J?2YYYimJkvQl=sMrP6Yw2=4{_7)fA!I5}!f&--G zD7_dOr-aFb|Cj(>=@Oc0Q@Onb#xm=9CNLu~*X10RH@S^0-+=7#6j?23p)$`CQMS)u zWCd8(x=+b3PAtlE@nR_!!#_I2~ZRHuRKyyWA@vt$kzs)HZwS1e|QLq?>YM1 zF(388igX)BRh(e<^G$F{SWWJQgKN5z7y&vGsP0;zco*H)D8=r`%ZcI8WVX zqaabFC`Y5`U!eg&oH1g_!wu=r4q1#SN0j6?>90}6g~IdzS$8HF-(rtHrI66JaIr+1 zy)7LRkt0&uC`t=D!imEOpiZ-~7o&i(9xi+GVsPaoV%|g7i=k~=NP&GdRB`fN8xN-Q;Q>C- z#qL^VDbyZs*BHNzjry<1o5DFco*+Udz)X1wiEA>xX89(by#a9Ge%$)gg2ki+e^vmA zMj3I?+0Ku$iGGp*1sP*{)N}yqix=oD3sQfCi+zIFAmE8)ybj>4ULvYv>HIvqLQ$r& zY}HJ^0h!$#$0>^a)I;`TDhE^^?FN}Y8>skTF}&xsU>usHdFwkRP=_JWa9Y{vZ-)|C z$GpXMxST~6+_es#{*+-Y2`H{{C04f9R)SJK__iGF6vk4N6^X?-BFBepD8oYAeBYWj z07Z+_A7$Ih9Kv#x+cJz5*&f@qujazWKlw`GLe{JxEyxbG*gX5Ievd22zHTW}}_# zfkcz^&KB)-{hM6hXN}rK*?J>hJd_|k(T>VtJLMJSh+kHE5Ozv*kq&+kw8IJ$m01vF zbKrvg2)UiIks+S`F?cqSNP?Vi*%At_DS@n%kA!CN#1G7X=Kne*ZO#5n?pG7`vM-?G zk^Y@xI#sd$Q6|mp;#2_p%67fPP_6`dL&giEB0R^4-x8tp^)ID_7_KNul#~=+ReZj& zmS48mMOl_KlxID+RK0S%S1@K9PH|pw+T@mZucZ{XNh$KoBin0~BbPI~gpWFV==KCi z1?i8x&~FxoIyh|$7xaS9z{~jlT)gsHN^4I*?G^?BvjgHtE2CCGzKfZ1reU&|3YE!; z3&;G)y0ZZz7trS3)}1w^T1g@c?WHjq-Al--K+->3x|?+qG7aCn7rkq5zu1pBX6OVwse<}6W zv#Yh$?$Lnx;c=C7`C13xdJU^fjeGr58r$mxe~qYyu@C{`&}yZq|H%U9kXe$g6v2sN zERXb*_pG;KJ<8ua!l%y4gW)nJTm9K9;8;Pvz<)ssCd7>bBjAzSmTWpuVRcU-&hxe{|sH`Pl_}nQm8X=2HhG&3gHaHrrGmwT;+%|P>3vaTr zbiCH}aYfU)Oi}1O)y3DuQ#l$(vt8o&K*oUyd~6mfiMf>~Ho02~geN=bw%{uaF#csC z!b5x}K;54d2GtJXi4l7BtJDK=Uk<4^W^S{nm`P)_nW1SdJrH zFoQ?ssSDb@g4&Vt9ZbEsrUFXm4W}nH zKw-l2)jvnI7`Uvv$$LUO!CHu&9Z;~Bq+r+Flv`#x=@;(573}1V?=gOO zOh}nzGvG1X^d}!0=as@f4N$)ZXnyxt%9F8 zNUIOH&^WY`6@WbY?5-;g$!x2OEALuw(;j+TwIKN@Za(vfg-Ln+-+Sd)0j0=eK76Ew zu-{}-KPOs{BBXriQxO`HORYTKQPvZ_oZRW(q4g~n)H!Erhg=pjT`0iQbb>s{XQGuJ z)(jVRp!zQYKm{=Xexe4lN!rGOMT^_jFq1Z=U^k~fDuW8!WmC?*C_sLap5?P`+$5lA znZqbHjv>HF3RZWe$BPo>Kv3wzLQHi?Zo9^&Sd2xnn(r+so&{vN7Td=wViV+FY<_$X zQ%Nq6^)h{8Z~`D|I7A566g>K4!6T9mnB2fDU{ZC{(M|Uy!S&~W@EKk3yjTE- zoL4J=nMndKqZ%L*wNj`oe-oxBz&RdW=p2qVMmYr}6=DU75ub=Vp-tS?UnxPv8usq2 z3KE5f>V-okrQjfqCb9Do8M`pw1?6weOCWJl63`A}^G5~9&;AHVHZ6+cBT|L7 z!a?#&Nr9?0(PudG?duQp%Rm`7AaSj;-At^ty$~fArh^s*B?$ehVsWZTWo2%Zn+!8# zO$n39Y1W^K)R_QbW&a2?yxE{b*4TlJ@!?)gC2p0=z)l0uD;}}jqF8&{JECh>XY^`d z`a4HuQSOu_ITmv?`S}TCz8~48@>rY5Di);)qZy@nZfDvAp%92T>lUR^j!hVpl`VBq zj(l)}E%XkBw_!D^+ya8U=QH0zR1K0scx&FO&pJ2}h%6shC1 zQ}xkxQ5;Q)cR)zyM*!nlIWf{m?MO^P0T1^C@rcb`d%0!W5ZkD&h0 zaYquUhp%#EvC=>S^N$Xu(Acb1=f`#qDGx6LzTF{d;QN4izyh#qzonpij81!-C6ro_on*}pH z)0%let;68+m69$g1L$=Ic@P4Qq*ZB*GgERD0ko-2K#pI<^Ww_~dB>PIwaOH&|(`JNPXly{i!a08H86_fPY63aC0mYl`HDRi@ zDMxzx70g=285=&V%eiBZ{B9{(zCg|yCGT(ZB_I@Jhb&C1598pS7>;~2m&6Ar=}$hV zh_ltG0AhyK$TN{c5)^(afg5XHA>@H@Ki)Ii9wU-tp7XR)RT?<<8X%-uQFszOH^|3T zXgvq%@y4Z42n(IHwSy0rFd+>^L3;NGC^>WJbdvy>MIKejB1|>D!r^AJJWk=UvB4M- zL$O<&Z%s-7Xdo`REidaEvX~n#K>!O5dc4}zv;tHh1$8z4h;)JR&{RN8s2!C+lqUdG zzS$?LPoe|J7U2a&XqmKx47Xa(3M4QQv(hX81=%69nJ>bi6qvWJpN#{_XT=d#R`QnK z;84h~v5}xkW~2&}nFE|S(+8jvUMP;zCECmeh$kNa!Z>FDj#MC=Z2--13o1q{a)mux zNt2HdE31}po0f0ql_HW3If$m8N^n{es7+6(08dC`AZXK(siBfEdr)EMk71GF{fUeR zDF=~;LfIp#2JdHtB$@7H`9>YG$!hOlf750wlCyDqlw?omPJfY{XDG|p$i+GHfjJ~! za)V`=D6QP8pKrYow#>=#C2-CidFVTprSn_|>vLSe?x|~20u||JLNh$6?}XbHqy@?N zx&UWfrBwN#5*hmMr2#=uL_yxnK~R3}k0GDF8QNT&r#tQrtmj3W#JL&khpc+k)H$`^Hl{jKzNO4Kly-Aw z5T1tC-2h9L0Z=W;6AE&ac_AE3L%Q4=n}o@zi9==J0Oo8)+*^Ed;idRU;Ls z6(c?<1!nDRfC}jnkVz#plYk~l@@S)N;l4c{S39NBL9V#jO7mMXrBp@MpbCcdP`0*W zgaopPh=2)Jgaw7^qQjK&uEAmcAPg$0Ofydvs0XlKlq#6(3E zkg7hyPkDG&gB6H@ob<9Zk1rU=A$g3q#-E}sC?{K3H9)~o>e*L-zSwtSRg_*N$dIQ$ zoT>XkWyi`w;zeK1MJiHHk_0I&j(?C-CN{tNmk8We1%8Jey3H)7d(;|GksC^Hit=U2 z}dG90yS)NuE~`(&S)>Z>l!YaQmpVb8;N3^>LUz=$fCkJwV&r7=@disP)>Zoq$o+bq_xSA)G!GYt$p!I zSFkGsXM*gqdc|mf9{!cE^3=9PS#6ttBqoX`xN!C9d*&w}Dr7N$Fo1x8l5W87M4#Pq z`RVW{P>*qihuUVdIOJ#WTSaR-_lwo&lgqbuEmdfrAK=N>xID zTNX$mDyfCm1dzu>lY;aF$vP+u&WVePEb>BX&DS8)MJ!T}w-CD|bASp7;s>u{l15F+ zz@J*w6Bk)QCO!80kH}J%Hc9VN+&xej`V7nZ$m z${I-db`7v-uEhAYxdvTR0{P@M%Yi)0SHG2A%fp^lwKBh4%|T@_rCc>DP6gQ!A?1rr zUfs1NL>T;pQ)R#B7rq?m%oe&SM}p&IB;ELXf;zlBS2nCb-6)p47ME+sD5zON$dJWq z*2Ff6P%jfvZFOtv^jfeYE6P&1@u@-@e_%j9UZ50PlbEXV3&w)Yn6WZI2$Bl$#QbrD z#!B1tqC71@8U1x$iF*!##wo>z0`nh0I0YO@pfsS}W%(mlQB8!J=LVYj1yupkv#XG~ z2S_wc6hLbZ3hFvr%0R3F&__J!wA=_BRb{^LgZeWbDJn>UvwQ}HM0OJ7Qwki614j&{ zLP1)NFQ$Mj(sU{c)!jE1p=36shI?4_HuA8T4e{#GsuATlh>@(Z9|>l($rspB(_Kw$K|$_O)~Q23 zjVgy5MacvI1-}o>U09%`!pjo%TA;KRxfP$G*@wxHnikxgqv>Cz zK(l$m6eWPH);_iI$VlTti(*#P@_peTpTDJRh5t?~&ANG`1;}VQ{?u>_nuVtT%93A5 zD@4oy6v?7l6(49e11XL-60I2Nj04rH`A#Xx6-r@CMeEkLq_TXHg5zx(6dMbmAL3Sg zN+n4}988s8hETPruS7o!3Jx-r*Rn{n>;zC7OAlJ;vIaO(p@>)M7unWPQCk30Y$*R0os znpX^nELbX!hbk!I3m7tLycGtBPpHs<>Dq3kD`K;zw(7xEn9f-O3D@idifK$NK*H0^ z+6_RX0yKvnaDPz(+ETO$2^Vgxpsdse+G@>K#!iAMpY5Z|)O7n0P^-0k3!$8aS|JI} zh!CP2fu>OUPu5FWAWmK>UI-`NY|B7mCb(18xu4L}3?@RhFnnSJrDivoqJaUfpX zm<-?{n|>0WrdR?+Sa$Gf4an9KRRZxQSWnbSSvJe(@EV+n`e6|QCKA;geims`;O%Ie zw&y#sKoy_N1ImF{eu~qsQ7*aEihmzonM!ZTAW+M@p$X_B{(m8C`17xr%RvAD002ov JPDHLkV1j1Ab^8DS literal 0 HcmV?d00001 diff --git a/devices/surface-hub/manage-surface-hub.md b/devices/surface-hub/manage-surface-hub.md index ce6d076d19..25cca9e168 100644 --- a/devices/surface-hub/manage-surface-hub.md +++ b/devices/surface-hub/manage-surface-hub.md @@ -34,6 +34,7 @@ Learn about managing and updating Surface Hub. | [Install apps on your Surface Hub]( https://technet.microsoft.com/itpro/surface-hub/install-apps-on-surface-hub) | Admins can install apps can from either the Microsoft Store or the Microsoft Store for Business.| | [Set up and use Whiteboard to Whiteboard collaboration](whiteboard-collaboration.md) | Microsoft Whiteboard’s latest update includes the capability for two Surface Hubs to collaborate in real time on the same board. | | [End a meeting with End session](https://technet.microsoft.com/itpro/surface-hub/i-am-done-finishing-your-surface-hub-meeting) | At the end of a meeting, users can tap **End session** to clean up any sensitive data and prepare the device for the next meeting.| +| [Sign in to Surface Hub with Microsoft Authenticator](surface-hub-authenticator-app.md) | You can sign in to a Surface Hub without a password using the Microsoft Authenticator app, available on Android and iOS. | | [Save your BitLocker key](https://technet.microsoft.com/itpro/surface-hub/save-bitlocker-key-surface-hub) | Every Surface Hub is automatically set up with BitLocker drive encryption software. Microsoft strongly recommends that you make sure you back up your BitLocker recovery keys.| | [Connect other devices and display with Surface Hub](https://technet.microsoft.com/itpro/surface-hub/connect-and-display-with-surface-hub) | You can connect other device to your Surface Hub to display content.| | [Miracast on existing wireless network or LAN](miracast-over-infrastructure.md) | You can use Miracast on your wireless network or LAN to connect to Surface Hub. | diff --git a/devices/surface-hub/surface-hub-authenticator-app.md b/devices/surface-hub/surface-hub-authenticator-app.md new file mode 100644 index 0000000000..a13280d8d4 --- /dev/null +++ b/devices/surface-hub/surface-hub-authenticator-app.md @@ -0,0 +1,78 @@ +--- +title: Sign in to Surface Hub with Microsoft Authenticator +description: Use Microsoft Authenticator on your mobile device to sign in to Surface Hub. +ms.prod: w10 +ms.mktglfcycl: manage +ms.sitesec: library +ms.pagetype: surfacehub +author: jdeckerms +ms.author: jdecker +ms.date: 07/27/2017 +localizationpriority: medium +--- + +# Sign in to Surface Hub with Microsoft Authenticator + +People in your organization can sign in to a Surface Hub without a password using the Microsoft Authenticator app, available on Android and iOS. + + +## Organization prerequisites + +To let people in your organization sign in to Surface Hub with their phones and other devices instead of a password, you’ll need to make sure that your organization meets these prerequisites: + +- Your organization must be a hybrid or cloud-only organization, backed by Azure Active Directory (Azure AD). For more information, see [What is Azure Active Directory?](https://docs.microsoft.com/azure/active-directory/active-directory-whatis) + +- Make sure you have at minimum an Office 365 E3 subscription. + +- [Configure Multi-Factor Authentication](https://docs.microsoft.com/azure/multi-factor-authentication/multi-factor-authentication). Select **Allow users to create app passwords to sign in to non-browser apps**, and make sure **Notification through mobile app** is selected. + + ![multi-factor authentication options](images/mfa-options.png) + +- Enable content hosting on Azure AD services such as Office online, SharePoint, etc. + +- Surface Hub must be running Windows 10, version 1703 or later. + +- Surface Hub is set up with either a local or domain-joined account. + +Currently, you cannot use Microsoft Authenticator to sign in to Surface Hubs that are joined to an Active Directory domain or to Azure AD. + +## Individual prerequisites + +- An Android phone running 6.0 or later, or an iPhone or iPad running iOS9 or later +- The most recent version of the Microsoft Authenticator app from the appropriate app store +- Passcode or screen lock on your device is enabled +- A standard SMTP email address (example: joe@contoso.com). Non-standard or vanity SMTP email addresses (example: firstname.lastname@contoso.com) currently don’t work. + + +## How to set up the Microsoft Authenticator app + +>[!NOTE] +>If Company Portal is installed on your Android device, uninstall it before you set up Microsoft Authenticator. After you set up the app, you can reinstall Company Portal. + +1. Add your work or school account to Microsoft Authenticator for Multi-Factor Authentication. You will need a QR code provided by your IT department. For help, see [Get started with the Microsoft Authenticator app](https://docs.microsoft.com/azure/multi-factor-authentication/end-user/microsoft-authenticator-app-how-to). +2. Go to **Settings** and register your device. +1. Return to the accounts page and choose **Enable phone sign-in** from the account dropdown menu. + +## How to sign in to Surface Hub during a meeting + +1. After you’ve set up a meeting, go to the Surface Hub and select **Sign in to see your meetings and files**. + + >[!NOTE] + >If you’re not sure how to schedule a meeting on a Surface Hub, see [Schedule a meeting on Surface Hub](https://support.microsoft.com/help/17325/surfacehub-schedulemeeting). + + ![screenshot of Sign in option on Surface Hub](images/sign-in.png) + +2. You’ll see a list of the people invited to the meeting. Select yourself (or the person who wants to sign in – make sure this person has gone through the steps to set up their device before your meeting), and then select **Continue**. + + ![screenshot of list of attendees in a meeting](images/attendees.png) + + You'll see a code on the Surface Hub. + + ![screenshot of code for Approve Sign in](images/approve-signin.png) + +3. To approve the sign-in, open the Authenticator app, enter the four-digit code that’s displayed on the Surface Hub, and select **Approve**. You will then be asked to enter the PIN or use your fingerprint to complete the sign in. + + ![screenshot of the Approve sign-in screen in Microsoft Authenticator](images/approve-signin2.png) + +You can now access all files through the OneDrive app. + From 96c6034c4be9a128e7a343688c34d157f5717e02 Mon Sep 17 00:00:00 2001 From: Nicholas Brower Date: Tue, 22 Aug 2017 15:25:00 +0000 Subject: [PATCH 08/15] Merged PR 2790: Adding new privacy policies. --- ...ew-in-windows-mdm-enrollment-management.md | 6 +- .../policy-configuration-service-provider.md | 12 ++- .../mdm/policy-csp-privacy.md | 79 ++++++++++++++++++- 3 files changed, 93 insertions(+), 4 deletions(-) diff --git a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md index 2960668bda..8152a13cf7 100644 --- a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md +++ b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md @@ -10,7 +10,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 08/14/2017 +ms.date: 08/21/2017 --- # What's new in MDM enrollment and management @@ -1012,6 +1012,8 @@ For details about Microsoft mobile device management protocols for Windows 10 s

  • Power/HibernateTimeoutPluggedIn
  • Power/StandbyTimeoutOnBattery
  • Power/StandbyTimeoutPluggedIn
    • +
  • Privacy/EnableActivityFeed
    • +
  • Privacy/PublishUserActivities
  • Defender/AttackSurfaceReductionOnlyExclusions
  • Defender/AttackSurfaceReductionRules
  • Defender/CloudBlockLevel
    • @@ -1407,6 +1409,8 @@ The DM agent for [push-button reset](https://msdn.microsoft.com/windows/hardware
  • LocalPoliciesSecurityOptions/UserAccountControl_RunAllAdministratorsInAdminApprovalMode
  • LocalPoliciesSecurityOptions/UserAccountControl_SwitchToTheSecureDesktopWhenPromptingForElevation
  • LocalPoliciesSecurityOptions/UserAccountControl_VirtualizeFileAndRegistryWriteFailuresToPerUserLocations
    • +
  • Privacy/EnableActivityFeed
    • +
  • Privacy/PublishUserActivities

    • Changed the name of new policy to CredentialProviders/DisableAutomaticReDeploymentCredentials from CredentialProviders/EnableWindowsAutoPilotResetCredentials.

    Added links to the additional [ADMX-backed BitLocker policies](policy-csp-bitlocker.md).

    diff --git a/windows/client-management/mdm/policy-configuration-service-provider.md b/windows/client-management/mdm/policy-configuration-service-provider.md index 69a15107f8..25f2ec0c0f 100644 --- a/windows/client-management/mdm/policy-configuration-service-provider.md +++ b/windows/client-management/mdm/policy-configuration-service-provider.md @@ -7,7 +7,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 08/14/2017 +ms.date: 08/21/2017 --- # Policy CSP @@ -2023,6 +2023,9 @@ The following diagram shows the Policy configuration service provider in tree fo
    Privacy/DisableAdvertisingId
    +
    + Privacy/EnableActivityFeed +
    Privacy/LetAppsAccessAccountInfo
    @@ -2239,6 +2242,9 @@ The following diagram shows the Policy configuration service provider in tree fo
    Privacy/LetAppsSyncWithDevices_UserInControlOfTheseApps
    +
    + Privacy/PublishUserActivities +
    ### RemoteAssistance policies @@ -3353,6 +3359,7 @@ The following diagram shows the Policy configuration service provider in tree fo - [CredentialProviders/AllowPINLogon](#credentialproviders-allowpinlogon) - [CredentialProviders/BlockPicturePassword](#credentialproviders-blockpicturepassword) - [DataProtection/AllowDirectMemoryAccess](#dataprotection-allowdirectmemoryaccess) +- [Privacy/EnableActivityFeed](#privacy-enableactivityfeed) - [Privacy/LetAppsGetDiagnosticInfo](#privacy-letappsgetdiagnosticinfo) - [Privacy/LetAppsGetDiagnosticInfo_ForceAllowTheseApps](#privacy-letappsgetdiagnosticinfo-forceallowtheseapps) - [Privacy/LetAppsGetDiagnosticInfo_ForceDenyTheseApps](#privacy-letappsgetdiagnosticinfo-forcedenytheseapps) @@ -3361,6 +3368,7 @@ The following diagram shows the Policy configuration service provider in tree fo - [Privacy/LetAppsRunInBackground_ForceAllowTheseApps](#privacy-letappsruninbackground-forceallowtheseapps) - [Privacy/LetAppsRunInBackground_ForceDenyTheseApps](#privacy-letappsruninbackground-forcedenytheseapps) - [Privacy/LetAppsRunInBackground_UserInControlOfTheseApps](#privacy-letappsruninbackground-userincontroloftheseapps) +- [Privacy/PublishUserActivities](#privacy-publishuseractivities) - [Security/AllowAddProvisioningPackage](#security-allowaddprovisioningpackage) - [Security/AllowRemoveProvisioningPackage](#security-allowremoveprovisioningpackage) - [Security/RequireDeviceEncryption](#security-requiredeviceencryption) @@ -3406,6 +3414,7 @@ The following diagram shows the Policy configuration service provider in tree fo - [Experience/AllowCortana](#experience-allowcortana) - [Experience/AllowManualMDMUnenrollment](#experience-allowmanualmdmunenrollment) - [Privacy/AllowInputPersonalization](#privacy-allowinputpersonalization) +- [Privacy/EnableActivityFeed](#privacy-enableactivityfeed) - [Privacy/LetAppsGetDiagnosticInfo](#privacy-letappsgetdiagnosticinfo) - [Privacy/LetAppsGetDiagnosticInfo_ForceAllowTheseApps](#privacy-letappsgetdiagnosticinfo-forceallowtheseapps) - [Privacy/LetAppsGetDiagnosticInfo_ForceDenyTheseApps](#privacy-letappsgetdiagnosticinfo-forcedenytheseapps) @@ -3414,6 +3423,7 @@ The following diagram shows the Policy configuration service provider in tree fo - [Privacy/LetAppsRunInBackground_ForceAllowTheseApps](#privacy-letappsruninbackground-forceallowtheseapps) - [Privacy/LetAppsRunInBackground_ForceDenyTheseApps](#privacy-letappsruninbackground-forcedenytheseapps) - [Privacy/LetAppsRunInBackground_UserInControlOfTheseApps](#privacy-letappsruninbackground-userincontroloftheseapps) +- [Privacy/PublishUserActivities](#privacy-publishuseractivities) - [Search/AllowSearchToUseLocation](#search-allowsearchtouselocation) - [Security/RequireDeviceEncryption](#security-requiredeviceencryption) - [Settings/AllowDateTime](#settings-allowdatetime) diff --git a/windows/client-management/mdm/policy-csp-privacy.md b/windows/client-management/mdm/policy-csp-privacy.md index b2969151a6..a390391af7 100644 --- a/windows/client-management/mdm/policy-csp-privacy.md +++ b/windows/client-management/mdm/policy-csp-privacy.md @@ -6,7 +6,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 08/09/2017 +ms.date: 08/21/2017 --- # Policy CSP - Privacy @@ -133,6 +133,42 @@ ms.date: 08/09/2017

    Most restricted value is 0. + + + +**Privacy/EnableActivityFeed** + + + + + + + + + + + + + + + + + + + + + +
    HomeProBusinessEnterpriseEducationMobileMobile Enterprise
    check mark3check mark3check mark3check mark3check mark3check mark3check mark3
    + + + +Added in Windows 10, version 1709. Allows IT Admins to allow Apps/OS to publish to the activity feed. + +The following list shows the supported values: + +- 0 – Disabled. Apps/OS can't publish the activities and roaming is disabled. (not published to the cloud). +- 1 – (default) Enabled. Apps/OS can publish the activities and will be roamed across device graph. + @@ -2503,6 +2539,42 @@ ms.date: 08/09/2017

    Added in Windows 10, version 1607. List of semi-colon delimited Package Family Names of Windows Store Apps. The user is able to control the 'sync with devices' privacy setting for the listed apps. This setting overrides the default LetAppsSyncWithDevices policy setting for the specified apps. + + + +**Privacy/PublishUserActivities** + + + + + + + + + + + + + + + + + + + + + +
    HomeProBusinessEnterpriseEducationMobileMobile Enterprise
    check mark3check mark3check mark3check mark3check mark3check mark3check mark3
    + + + +Added in Windows 10, version 1709. Allows It Admins to enable publishing of user activities to the activity feed. + +The following list shows the supported values: + +- 0 – Disabled. Apps/OS can't publish the *user activities*. +- 1 – (default) Enabled. Apps/OS can publish the *user activities*. +

    @@ -2518,7 +2590,7 @@ Footnote: ## Privacy policies supported by Windows Holographic for Business -- [Privacy/AllowInputPersonalization](#privacy-allowinputpersonalization) +- [Privacy/AllowInputPersonalization](#privacy-allowinputpersonalization) - [Privacy/LetAppsGetDiagnosticInfo](#privacy-letappsgetdiagnosticinfo) - [Privacy/LetAppsGetDiagnosticInfo_ForceAllowTheseApps](#privacy-letappsgetdiagnosticinfo-forceallowtheseapps) - [Privacy/LetAppsGetDiagnosticInfo_ForceDenyTheseApps](#privacy-letappsgetdiagnosticinfo-forcedenytheseapps) @@ -2545,6 +2617,7 @@ Footnote: ## Privacy policies supported by Microsoft Surface Hub +- [Privacy/EnableActivityFeed](#privacy-enableactivityfeed) - [Privacy/LetAppsGetDiagnosticInfo](#privacy-letappsgetdiagnosticinfo) - [Privacy/LetAppsGetDiagnosticInfo_ForceAllowTheseApps](#privacy-letappsgetdiagnosticinfo-forceallowtheseapps) - [Privacy/LetAppsGetDiagnosticInfo_ForceDenyTheseApps](#privacy-letappsgetdiagnosticinfo-forcedenytheseapps) @@ -2553,5 +2626,7 @@ Footnote: - [Privacy/LetAppsRunInBackground_ForceAllowTheseApps](#privacy-letappsruninbackground-forceallowtheseapps) - [Privacy/LetAppsRunInBackground_ForceDenyTheseApps](#privacy-letappsruninbackground-forcedenytheseapps) - [Privacy/LetAppsRunInBackground_UserInControlOfTheseApps](#privacy-letappsruninbackground-userincontroloftheseapps) +- [Privacy/PublishUserActivities](#privacy-publishuseractivities) + From 354164a2915b2716bd6e8eb3ce551d33ca6d8b12 Mon Sep 17 00:00:00 2001 From: chintanpatel Date: Tue, 22 Aug 2017 09:04:33 -0700 Subject: [PATCH 09/15] Update reqs-wd-app-guard.md --- .../windows-defender-application-guard/reqs-wd-app-guard.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/windows/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md b/windows/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md index a03b3514c2..f726d67b28 100644 --- a/windows/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md +++ b/windows/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md @@ -25,7 +25,9 @@ Your environment needs the following hardware to run Application Guard. |--------|-----------| |64-bit CPU|A 64-bit computer is required for hypervisor and virtualization-based security (VBS). For more info about Hyper-V, see [Hyper-V on Windows Server 2016](https://docs.microsoft.com/en-us/windows-server/virtualization/hyper-v/hyper-v-on-windows-server) or [Introduction to Hyper-V on Windows 10](https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/about/). For more info about hypervisor, see [Hypervisor Specifications](https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/reference/tlfs).| |CPU virtualization extensions|Extended page tables, also called _Second Level Address Translation (SLAT)_

    **-AND-**

    One of the following virtualization extensions for VBS:

    VT-x (Intel)

    **-OR-**

    AMD-V| -|Hardware memory|4 GB minimum, 8 GB recommended| +|IOMMU|Not required but strongly recommended| +|Hardware memory|8 GB minimum, 16 GB recommended| +|Harddisk|5 GB free space, SSD recommended| ## Software requirements Your environment needs the following hardware to run Application Guard. @@ -34,4 +36,4 @@ Your environment needs the following hardware to run Application Guard. |--------|-----------| |Operating system|Windows 10, Windows Insider Program (Enterprise edition, Build 16188 or later)| |Browser|Microsoft Edge and Internet Explorer| -|Management system|[Microsoft Intune](https://docs.microsoft.com/en-us/intune/)

    **-OR-**

    [System Center Configuration Manager](https://docs.microsoft.com/en-us/sccm/)

    **-OR-**

    [Group Policy](https://technet.microsoft.com/en-us/library/cc753298(v=ws.11).aspx)

    **-OR-**

    Your current company-wide 3rd party mobile device management (MDM) solution. For info about 3rd party MDM solutions, see the documentation that came with your product.| \ No newline at end of file +|Management system|[Microsoft Intune](https://docs.microsoft.com/en-us/intune/)

    **-OR-**

    [System Center Configuration Manager](https://docs.microsoft.com/en-us/sccm/)

    **-OR-**

    [Group Policy](https://technet.microsoft.com/en-us/library/cc753298(v=ws.11).aspx)

    **-OR-**

    Your current company-wide 3rd party mobile device management (MDM) solution. For info about 3rd party MDM solutions, see the documentation that came with your product.| From 08193c230930b954f8f2dd455c0d3ed0249eb27f Mon Sep 17 00:00:00 2001 From: Maricia Alforque Date: Tue, 22 Aug 2017 17:23:00 +0000 Subject: [PATCH 10/15] Merged PR 2806: Merge maricia-12040373 to master --- .../mdm/images/provisioning-csp-office.png | Bin 6250 -> 9615 bytes ...ew-in-windows-mdm-enrollment-management.md | 14 ++++ windows/client-management/mdm/office-csp.md | 34 ++++++++-- windows/client-management/mdm/office-ddf.md | 61 +++++++++++++++--- 4 files changed, 97 insertions(+), 12 deletions(-) diff --git a/windows/client-management/mdm/images/provisioning-csp-office.png b/windows/client-management/mdm/images/provisioning-csp-office.png index caa243a136a32a1bbce5e05bf6ec2569440924c5..c361494236d2d0994c2646f291e277cdda550d38 100644 GIT binary patch literal 9615 zcmb_?c{r4D`|l$~A(XOjSt80B8fKzotL#J!l8`l-tYeEpi!ECiBgv9A>lkYydj?|( zV+~{M`#zjUy}j>ye%Jdu*Y!K+{NZAr>-pYuZ=d`A-1pZj9WAxfH0(400G!rPzoiEN z$20+eg8Sq#@CmDZSsVC^0->jN6Ugu2B!M4}+uqQ;0RV*&wELDPz|W^#)bAqzfWH3d zhob38)*}EA6wtVJ!@$#gA$dWY(+IspTxwO65HAwvn^G}1MxGyznlCNNF>YyXF>gz3 zk?&`_pzT~Go$v$SAf1qq~9@8@j& z%$&q&0}p+(jhz|M%H5vN_{>U^T82#a3jea}ZuoIeT@};ma73~WE zp-tV0oSd8pZpB=Ja4c7TtT%1?A|fcWW@azos=~x)W;QX4cx|#eX?p$B_9-g_LO+=U z06Kpr6Z`u6mqre2pn9CbEY}y1hchpILuz&)1NEHO4_iZEPu`?R+>V|2IT^}`mNx`| zF`WXUtgLKJt%q%v)bh{>|B`#Py@BbwV9wfSN+-217sbcL_1IAY%`gR|vxCFj_%G`E z*t$`RgLGYE4H|yt0a(37n3e%(M$e_=K(nNRr`F|PszSFj^AD!;5aJvgF`pn!75-04 z3DVMA#>whHK$TwGk!kg5lpi0m%fytZG(=n^=BMnA*Oka80{~W_58;2`bI@W@p?f1y z7p8%ndLzp7Ry)ku$?5YN4G<~)5r(O%f(yGL@}xK*U2D@nf1EL(26hC#A?D`hl=;aa zxY~y?ZMQz3vv6e5<_HVZ{8st6j&4gVWs|&?Tq)OkiVA3E${@E(Ld%7nO}NGtJtXaW!q#-Kd5C_K3jIZ!4|hU({gySIpb+HH zM|CY4FXh`gaQ){Ne4}7|p1sl}`sQb(m)HGdJ0QS^ah1^Bt%qASQhj=t8+-P3Ur@BF znZ#X*@axJ=s;*~jv{t={cI4;H-%%GF6Rsi`tKSqvgva-`fF@C2z`f!VzMZPe$)uL+ zcC#aL%DmE^CI6tP*yAZKKF$%9tA0a%A<-;QG(_4LA57#6aqV+Dza{LC>ZBXqc`Lo+-^Vbs(1KeVQpiqmb{M7l^+EF2=6k1Kyb7@6jHtKsPyUex3=8Q+v_bw+#yu3#ry2sAD#Hrs{W>mt+JWCb_yULBF(%1A zL~Eeb4IWe6s~*X5s;TXCN~>u8MNt6Y9a6{r`0>NnYePBh+(qqu!a5B#k%^vL+>3U)k}9#%Y2u^G!E&K-s`28W3i-~lK>#~cAe0(@QMi*@>X8G zDEYaorJGx??->Ai#7e?;y`r(mNW{R!(EgkA34441&@9o7nCjvi%}m6gIH09pzKs1A zLWgd%Tjm5NkLR0CUxj0i2cW(#rA}Vm=cWOlkswL6q7sUkB3yQxx$h!U5{Y58qCfzO z7iPQSF|n(Le9S{T(O40#z!R)D$E55Ysvx@aq}RfKY5l&yhG1d(zFn43p8f5`riK^O zJU-KRmizr?T@*W5>Vr)P4g2Sz{zCM?&JAzpt(3jqRR4pbRL0EXO@0KU9|G$rIZ-=) zt7E5k*KnEJrud{I`XYnZ zgZvZ9_C2;U3sMzcr*JwjJzw-l*-qyqLXe6;vZWQ5amS7$?@{m?3FDlcoMKgj=djQ2 zo2jPJZCeo`Ur|XgNSNY)l6A+QS)GCJ6P=;&gRs<(Hd7lcfnDLRxjwbbVYAunwG;9FvNMcx5T_L*Wg8jyS3a=q zCyL~ThxCB!t!9MoQg_Q>b^#`^G>RqdOKZ||4pjXw(bauN$q6%2ESJ1a3C9wS6!pvC z$L;$U))jWMCG8mpxW^%CH|RqXHe0?EbQ(XZJK7FVN&MzudPfv*YiL4~#pzP}uqkb9Dh z91xEG#D&=Je%|%!Y^~KPu)z-^0ta>ya;DJPhFo^V`!!4PH(h;XD1ga0W85i_fds4W zdTigJd^dsO+Mb_Y_sE?DcyT?TGkkrkrOfwpUD|~|2uwk|EiF=eeu$$1V15kp-1syB z>EZ!$A4}Yjs-)nh_DZt?GzZiWt2?0$mbc>y$PSgu^Uhk@^f9#G+^g*3JE}ZZHaZTp zZ}ZpF($dbBfZvbyh7pS@DnuNOxG$NBp%0ywqWH}U*wW)luGiMAHx4|31Be)HNp4Se8cAH!}=k?%xo`ugp4 zX!{#tC;(o>7z9cUL|QL%qCpZTJ-iQYlok(F0h5}y~42+q+Bw5 zt&b5pB9EU>0L^S?(5B|*VqtWLO_gGMZF zZt2%n`ZNfKF0kUvb?HT)b?jZ)-ISx=LqDl~zi`sqMt&kQp{}*Jv{YuRhZ16L5Z4V%{Aei?rBeNN|6%}+6O{zyjx@s{5Za&nQpG;9R?Ztuw5brP5? zVR}E^qeQX9WG)%@mqUD*wfG~h6mjnFYe^Nbryq%tx->&qTqRj95AQd-B^@}!4N=x8 z0!JSNm0iR2mZIBk z(xfj=O<8ZL06?VWC*tD1%N&?3s$7n>dnxUDxs7|qOjAG8&Em>fFmL}%Xepzpw2gN#lB9@hvfl&2PyW!V8 zaM(g1rg&+ScVrvF(oBe<;}UX=})wavaT{py*k7#k`9vZvx-Go z`m})43A97i(Ws^-Bmz#F)(56xtI^TbOQAgXxuI2=9g;u^gJ*sn8d00IX}l%=_NInZ zq@wxW2e zZvNBOK=oarkJo~n2hZJ{VtU{+HBP1-vBgawgPkMm6(nlVJq+{)k{uG?dd-e_nUe0pF#ar z)sy`IbxF^B3UoBfmA3vc`Ep`c4`07_bZmIb!UBsFIC2)4rq7gI^BNf#&o9|$UT`TW z^c;jq^dWka`5Or&#$Hw!@!2HkBvm1iSr8kSF7~4p`mVtGkqF%^F%4&!`Fu{c4OX*ib>k&rzxEoJnEMrr zij&4{B-rF!Z+95{nnrz$Y1eEWBeRcr0r64ht-EAhR zdkfBbwOTOV*O^DC6o%2am8<(vwm|?}LY$g0j-rGDy9rN=;!8{VFpTQL2o*OOjV@*_r~B`by!B6JSw%?NQhy5|J=R!;_aM% zgkdsSQW=4$`0P||ItcS9+DZnKQ?CH{9Sq6PcS1BNx-?s|iFY2NF31HsyuCrKW>nM# zfs3^nq$Jdk9$vwH_mFMuVbIM+FqKOzpesGe?GqCp<;kGWmf=>$CML6N2d%;{1#-MF zbG_Zo5*BcvlX(mqEGch3O-por2QrQ6X`9|x)B(?ei0qB4tFEa%$=MO*0zX36SSAFS z5x~MRw1dFW$^_P97o+kny=rJgR7vVq@>y7luCO6#Kh*o!NIg922r`&){pf?1XtEt@tN9^oJxCv z#II-tMY7u{5i?rb(Eo)($-55mfB{VzupUJG$_=s;5;g8Q3}hYM;6o%xLO$_8sW-vi zp|0pjKVOFcBK?**e+Cf&Uh){^3pI{HY4<+~xUx(DRoLI(2X|ZQ*l$8F%g*x)KJCkJ z*1mlCvZJG8mNZSLD<}wWfIC&MN#Nwjg)6KrG=ZIoaom(VC<-P4U&r7pv@(%O`*eK4 zDAI*xs16+fYCr9@*fP&=S#DwBT`!#c$#?Dk_|N6$G5;%KSqQpLkt3OOM>CJ+F#4Lp zasuc}D!zN3)!(1^`S@5QI|jrZ39<29>=;f0cTmN;JQ{J`ZsZ7QL`3fn)#K}+k#^-o zbo=#(g7G_5Zi`bO!;OtS@770=NC!HEeGVHI7B=4cAm4xBlb%nZ8Pw^jjpUMig-(YPcb1W$&kqXApvw>=5zGW;Gl@% z>mB3vaR^)7vrefa{grT6u3Xum^S6%qMiA6SGqGjUfz2+*2vEX*1;taswq{o9!CDQH zhkFR`d#1Sa@);0fHWd!MSBY2_GtfiOK-Qo ziX-()C|pcmaGk`87x-P1lgl)}3usb;p=Z)Y)8b?Vi1}t8T4aFvw98!fv} z%~wpZ`0{}4GmC}kAG-7-j9SxpHmjU^>T)kGqb`)8yuvp)OQ^u4Sw29S8RM`JIZu1b z=Mj}JGQbQ&Q+Yc-eY!HSA+5^QZeOxRoJ6{=;i;#}c3;MDdWDZ-Ui2Nshss+_+g~vg zsdebvHerWNX2F3oO@V9LCoM%K=_40Y!i3)cgLs|RxK~e1RcbqOjTH=2Q6aA*#@ZYC zND5q@ny|AmzwvZiq)0sVJ9v<~VQRdE`CgbVlg4JZ>3*;{{AC>IC3G-SYk4@Y(0>PE ze((UAvZH^vw3BW4Snwzvf{$3si{FR^C!w8ho&E&!3ev5J!sHkzG;tgfU&)YB5bGV` zcKA&=2Fyrscu|f$81T9doG>|k^a>GD*V@`TbIbYze7j_c{41WG^QZwP36Q-&dUQ0E zBs@_BdoTfoo-CMppnYVD{_iPf7mRdaOVsM)Lb`><8Bec?>7V=i(BL50aWGU@mf_Po z&mL$&LnsxY`WT82UB4kI2%_>T#}R6=lVgwoo8Q2W=Y&#sI{t?4I}p8zM|v&8K?o`p z|HkhfdNk!@+20Uv0a5;g>Zl5cK|JX{4E!I2qEx-WO>iDuH$~*sPO6mN2!UWAek_#Y z&*89D!tV;{0w6W6cc(Ra1L+9M?`{z83C-iUPsmGTNP?0pWGxk0n9{?V-eF9^43vw$;1+ z?74%2%HYxc=_haHf0|1|iF2A|chbrGI;jYA4|Mz&3|viheic(s9=hh4&;3WMHUAD6 zBhE5ywb6eO#4S<&9=EX|7_@a zZJT$5@>-W^`#Rx3r+9g&(AlSw`1LsWCe{}e|w012K%HfKEgs?$u)L-l@~p9=8uwBTM-|BYTgAe3Bn`c*0X&cM;%QC zko==XrY_i}uKkVi|E~=G&#(YB?CtHfZf0|EaF|_JhW<%LyBOk&$=k6HQ+qUBV^`Jf ztgMu)Px2m>IuL1~@)K%E-Ho^6P8SjwM%(oNa|ZvnPFd#s@6-OJ-VADV#BcmjkzQ%M z!HIuC1r>KhICn@v9h-GE#P4{my+5?r1T)h!aK-B15XN##Y}#g*#zq01bLQWWU^3|~ zHZM|`tsgIG9cboVX}qc89vxQq9e2BnM0$cuPVsOr4_jdS=ZPKvmqHVe{ifor@A&ru zwX+re>p4+!wL2VX^kw&oAYu$PParK`*B~jp}{w0GF-Ddkwg{jB?BT&}AV6hNzlyh`_F)4znO#zvf-ruVG z|4Q8cEAzYBd32H27O4o1eZ8W<2RjgqAZ_7DsdBUS%-!0()}p=pCQVve8k}M}uY%|V z*~{?u;`F$*{==*9QczVA;lvLoek1rO^*h;r16ciCNg>gD^KjmF57`qYA>*!6G<1+B zM3yF;ItoAJod9VAl{+uvfW*T*meS(gCGWaDfz00F8P>-LjF9J@AGJ91L|s|+Ygcf! z$@!Ag)Y|K;b>W`=;O3DD82S89gkRiaUxaWUEWAg zC&q*JsNaBxV!X9pD;bz>SX`C4edwI`W$2*mg$j}2{W<%4_t~%n%PTSUZxy7bQDYZC zGlZnkd)woiZ=A##Y~NNRBMVrjt9IU+=M5&se!?S)Q1ajVMs=Ep#Ke8qb=_3L3Fqgt z3j71^tqs3wrgBp^$TP}zDI2CF_$O0kejl0(gCmTwc!yEa8B$P)&{=QRjxx3Fk#pX* z&z~00x*suYAtrPZ+v!TpYfqdf(Ei0IqT)`s7;3d7)mPKv;uOOdnUm!!(=U8pN12kz znzh^t8)geGv}G2qzuZX+yANc7X*yq5;71jV%a(XgE#;S7Xvpx7?1x+ZEN7ctSfnQg zdxSX8-Puzqxn7rA$90QoJ?_QgT|FG*5t9(2L`UEAEL+w#T*!NCcM<#Ew07C8v+gw7 z;Y3l~ZmFSYu4-7Xs4GFN`0^XBjvwsGc8`Co27FMv>+clep?2oV*#a5Aqwnz*I9M11 z3a4_<3_I_dHFpet(0$PqPaU$@@xD*&i0bSiwenFP#pqre#`O8Q?R+mYF@S{RT9nV4 z8=aGta<1^593Oe9bExET*LH{XSs!xO&vo|&{QN-Pu6cGP)?+q|$(wgkvtZ4<`T9#V z!rp-uQ^YQ4Udx6NeR$bcEiCnFiOn!`A^C)T#5S(@`5+z7#PDk#S%PA@U5Nvxy0GDJ zRk2WcID2-9(F(lM*{&SA0@nM4L^DZ|c(;Qs9_K?cDM{4|&s6N1{h8Xx;HjJn=YVJ2 zZssdD?F;!YdWK1J&7tSt+wziW?8{9b2k+*y58q@E*et||k=Edbg0ZoKms$^k-;78) z$9FC2TM3`eyU)$I9!e5-pH?OG@?XA9Rv2#`$esD-_zNvOMVp?~%58 z`{ZtYIhF&2&DtYU?Ut`!ldyT;PNhEPZCplEAEHid&1U2M#~`G%d;3WoBr3c|fW2Sy zR28rgqApKJyl?BN~q8i?(&S#!Xy6B^AxRt{t)akDNP2t2rXP1YN=?Z5F z7jg$Fd?s9D20NU0#=)xtBJvHa^7~!6eF&3Bd)!%KVYMO0oB}!t&X+@oyn^!sqvy+W z_%x-v*%)lEnwGyoSHOr_Dm*$*A~sOAm(F+`Gm*3Ypo57dqS$89c-1%lye1Ea2?Q|h zl`fz6um$(@mn?Bmp zzvraS0B%acliq|99b^zdbY+E7=TYEph(0y>r)yjMn%_MA%QKenwv6NzK_opW=SxY6z-{iyu-;z74VnNmuqN;L zz2?yxNpg)pC^Q``8zDTP7CH{zK1{L;3h!9tCI%)aE(;uJ{#s5A8aE z;I3h9aNeSIJ3eB$${2C7_*OVSN3!^Jw=P>970+_Uj-U1^13xOAO7;%!P=KxD!;bpt zZMV_*05L|h(?wh1gPrYX*_$9gtH(>`f)cGBKdxt+@!+lydWFFcoT00&PcA)o^kv7c z-rr6#NeYS#LKY7~&WxOtPZ%Z-tES_F)d6waU=MI{mS?Rtr9#R$$?jr*3 zFXFP6)Oke1!$zcWuBf#WE)`9rKXu)SS6TVhz8JY3V zDsuvIWXj3Y>F5SDzH#;B4~TbjXxir4Bh5uV0d$hr22Z+d8ItN@o&4F+ef&D$4xBdP z%5nt5B~AX-nsrM(0SE{{#^4Pwk7MM;YxiL9wa_Arcn@3n8) zcZQH{1~X%KUcTRRUBBy`bN$Y_uJgyd*Sya>_j5n*bALYf{kh)>G0@ZCVEu~~0054g zn(BrCz_0*)|8s~Dx&mKceS)qG9)=p%fUH*7EOf){a8>sz0Q|tSZQVTp-5-9WY32a{ zoHctN2GA|_0RZsr-c-M8jImybUvL}x`80T`qAA$-d>Gf&amj@#AThgFE$sMBgT!n} z&bWIW#r4U$+~7@t1CP5DKGNSB0A@}>u_9)C|6fv2`eC7qm0;@>F{;(osUSO`y9gd`Y^rj~Y~Y!T6XHtF9NW~` zLHz^-nl1?Nw@AQ8M@Gt#I1k%-ScK?oCMT};apk2QEelh-WLIW4Q{+?dUxmK%#YW>mj!}e-5&bRQ<7ip$h};FVMV@? zL<&1xU>hw~;s=^Phkz9u*yX~+ZFTOe^`0%gUcWsStFhi$bpr;6MJH6bTy!@gV!zkB z6IPxtUcYtEVZfbjxTUPwd%8F9tlnSNK};>$$Tn*+F0z9@Al!je#<~5jsTy_UJrqCW znfXq#uc@t-cce*F$UA(1b_PHH`wtZ+{lg9EKYFlplt6X}*HS0M) zljTzV4QMvAZ%T*D%;&BC&hbtva z=V#kojhAI&z*spue91)zvFvzNuJ|41He{}Wu_NM?EVk%v#$ZNn9-Y%0j!yVJ;0M%@ zk>$n3*ksIArFr3(#t$Dw!}uGtPWFi2b`9^=P0{>yG_E8hKgoQt$6H*`prZHvP_0$+ z?L6-JBo_-p1l3M=ktPasnAe!4Jqy2cpSB0RD7~?BwBFsV#!dT9Pbh z?$B-7@GgsU?Idi7n?>Q#-6w8;&?ic!Te+Qt=YlX>>bv6&vuKA3rT_*ayh6pB?m5l@ zEh1E$@CO~-dCjmfz+4cIQ>>?8)VO#C2O_7pSuY~9*heCkC{fsii{@XtoxA&~K$w>$ z-lA9gsMVVA+usd((M^IVmV2)y$+F6YIUi@uF+*N)gXKye=*H(veROX=E#3{!s{08~ zD~N2;Qc44-a(i$0pQXR~jLJ%GNh|YKcxU;SVo7P~{5%%WRO%$rZm$InB#k&7#}~qE znl!nbZB*a?kS}yFo>#C&O`-Kiy>yE*xSWQ)w(_nUyl%nr=VYFCJo*r^Xm0&8``35y zI<0;DrMvssRIJSByMPqKETyilE-!J{TB)lhg(|LY_-+dhH?S@umn~x&d{_Y0fpB=@ zCatPuy_cYd^n4aLb4FwxiKu*^*-4`ntcU;s#==Mm<$JHW1_sc2&8<1I_1Q8^(N9;` zCRf)&c53zp^^&>@3krUh9tMQEHStlRuZElvF0&_;^YZg2_Xo!)Zw}&__ybqh7_7qe z-@&q4S)>lmQohGVRQ%Zu_lo1rletse+@=NWtvf$lQT}*6)hll4*!Gp>2a}(0JmuT9 zrKtN;NBxZ$E7`w-Vv&urTRW(%&(<-imOV3H@9X#Tc@&gPpraJZ-tEd+4(AOL-s7|# z*>J;;Z1P`7C`J_>+*q>7`}1UQczCF3=Ls^)QbK77*gtS6?J?b-&L@>VbpNxRdHMRl zD<>aC|G}VDOqpqCfjP_R;$mb5xZRs6aW7N0zb%D4hpr&528Kvd6ar3Z;@#ZbqB16+ ztl_MIOTS#yqGL(~Sq1TaU})MoCa)+;3;ti~fPqo*9# z*YmqSpBFXHW)wY^Eps~auOCfwvGu6bDU=_$%s@>?W@LA!bwk|V)amx`iK3>6*obwE zp{8500~zk_P>oqu@919wY=JB=5#b|k&#`3ZoP3MBrS_JoLuHCy(TagqJ5Pim=%zKA zqiZD1;b$;lDylX>0~1y0avgutb-y=BQ&Z+8nLkr=cG{Oxx(cnX(uo3Qsd4bh-vvYQ zsk>G++DX&K<7@JC`}l26;NTe6QYiExI>-g|Rg2L~3sFF9H#`qOBW5uLhJ-2kWQ$xY zBVF8-tk}S+M()LvPUGmzlkqr9NmtA_f0h`m<7Q_?n4 zNnM}EaQsT7bXTZM}F7@>j$FzxC_=cL8v)fy7_#DO<)uO7hKe1~kM>BRFzEaPd z%w3pcW^^&QuYj2#Db#p*L0=4y+bD2pv`gM~=Gt}`9;4VJ*%3z9+fNT*EPZ^ouRMG( zY=3*HUIQ~UF>V%K$u4&v$Hg$Jn?D)B%QVbK#ssaBp*rriSA}H&{-8y4 z)w0S?f}~ZK_$U0Gh<6WYTDqsPn9sZ9NsiYicmQFi33OG>dXfGMJtqmF^DP}C)7rfn z>D_51-VBxEF*r*he z<@xydM89SHSk_GH65Z2WDJyPaDIc|k9qPnXj3wTK$>nt{BHyYRa&L;l=|==ddR=*W zc`uxwoFD6Tv)*!d{$0MQa9dnb^0jF~VjvJ;0M}Q_rnd=TmwFa7c0C1|fUidop&*0M z@E97w3CteElhA;sJO+kmQZ23`VPHTf2OJ~;VJNZ!oF%|B5TqyoUr+vRGCx6CSa>+y zh@;BYVN)UF0q#r zch6c`z<;+x_;({ia}{-Mcr#DXvc-v|)Mqv(d!bAH!umB^vvhl}zlGP@VU=2TTh>le zw===BXXl5gX> zIjP4*TTI#x31V^KB-CTM(o-}k%PcBL zqLD4l()l)+){jqXQL6v^N&BblS|^>sciRPoP{obYO zrxBf&pCn&sP6zk{&7MqW==(9V#uk@Eg7nL9`BODLLf(V}QcSaG%DTC4V^8SHYTXH0 zu?taNCfg-^_@%r4LjkY_zjDMa&wrkuqnNXPhqZ{Wu1gxXOnlk-(k9j4=K7go8?*5% zLO?_qoX^+84PqqGE1z3fSg-FsZ|@XSbl@BsZH#}*$zP`Tb=v;}naXdBhx-4fN`()CK3MB*u@?Hq~;@XC* z09#&N#9~fqsrU=Gv*~xvQT?P>M`pK9{+@c$8oybnqF3s-{?!C^BkQ;%dnDTwWdc$s z%L~VWK&M$W3+0mU!-oqL63D}?=(W?DL`QMxsyq^mt%E|i<~X&_G%Ey34r2FV{HXt` zKK&A)%KE=i_}{P|UrB;MwMZa`o&E6P!;m+inlVN>gpdfGuI{tRA2dEnGLncI{(IOF zF#?ge1opTb!V5NJ$A0qPA0nZVxS>ZjaIT&z5^(DoNFgQ!(ut?4NMT3F zYne^*QO_G|Ce!=1a*+~X#V-?7vB_Zg_enOYvq^`ByPO#|LGsL+LFcPko|GZKBs#rf<@T zDW*8~MWSJ-7oS5Yaf<5LdK>BoG0N05LfUA4F86NI=n2tWZ7)*`s^ZmuR!Y^}+QOU^ zmHS9+FB1=5&=XKvK$ctBiSDQ&IFI~=fHOGJh~}v}_n6D(AC@#>e7Pdy*SIJOs*Yp~ zbMzS6F3S>ihwf(3LL2kThP$QC6Hd&;TD4f2q>rNm%ASG3LYeR=wjJ0@o2s54;`#DX zHO_^4XH|?`rzt&=1i5Zq%Sa`P6&_@uvBL2I53q4CPqM-pX2>rF5xalp80ImG>p{F4 zRLGA8fO#kOgQNk#+wA|_#6x)ehhVnk@{Fm@`bw_RiuFAGCUc(~h6T_}Mrg^w!9kag zlN-ayYD>c#K1)_~^v}MbAZNEAD95}YSUxrfHMKm4`c<^ zW0jn@ECdqhTsfiCM$Sy!dWyKF|aEvc&0N92+sIGkl`Hw4{n8UbMs%#Pp__R zyDjPI;UhBa9zJaGV^KW>S?dMCCH0T%bC&vk-j!<5Q-=Gd7=9-%0f!i%B|>^gdqn}o zuHD=U@fCwOw(n2$?lbTUH{>vcc<$WG+=Q@eZ_MtIK>i&*PzrY%@_g)lm zOhG$k-ZQ0yJ_8}$^!M+G3Fv_i?QdR5ySG#tF6k-R?_m1OII<*>v)y;&QK2{63&wIr`Y;6Kc1Bf?ME@NYm~+m zZ=3Dak-2S;Q!9<2yubUR-GYL=Y&j^4ChfZo5&E)1dIM50$071En{6wl#BtliDV~lR zR>4f{`#8ohY8rkpstE(5alnJsE9syNKLXAJF^K`*W=qBx?-^ncfmNhiPr*}1$0+Ov z@fru9nF0UPL^Imjlbv-N!n-%jf6tP-WM?JDaa_yKtSK7{a+Z0|>5QkDBs^!2I>^V% z3+137D3Yf!%aaY}BJ0E5isO{Fa_ppXD?fy#MJ3=`0LU;gIh=H0oRXxJzIZ=i8v?-u zbj%nCGjU_+LtJo{m)r=>aR?LWXW%IW1R*`LLJ$O*+QaZ*GK4UND$)@+#5GY2tomP# z)u$+#nHOD3+0AN-t+Pzh_bfjzuMG^CCv~L^8-(#E-g425tA?lu`GL>?6Y?i39EN-y zQNhFo9ftf0BJ`@6AxB*BCoy{(qItUOdH$YfF1V>jJGPDl96@3%bwTVf=>?>_KC|G{ zt4Nz1`<7WZI_CCN#6Y8N?;ad{ldM}V44n1qDe>^qtx)eTwZ1d&E>}we9v#^lXPc!& ztOrkvMpaL`{#fqle&!XHA`t^3{hHjr&pTL)drGG1WsA<(O~cwBL>9s_5+Tq9tgSn> zA;&4H%Ow5sY=P<7SD$+WUN2lC%4B>HUak8mjPgM~ERBo(PMiiHoybxZYbsV<5&i}o zofqunT<)^tg7Y~^_kYHjaSp~`@gge#FjzA_y+0Q0zGgR3w~~7i?Pl>4+F#BXS{8c0 zC~YbspV4$>28|;_>T_(YlH?3&XG^lE&KB#4`m3@cSYXNH3+o?GL!y(386P19MT`;% z-h^^oz*-gQj1Cmgt^ehq^^M`9eSPQDXgNQdx}ABTlfG#T4;KH|sQ$ko@sDvtDx$oo z$gE%phf?(#+qnQxxFf-$(Ytar+nfv&EdSTNBf_rH?`0O;cNlQKqx}~oryx_Y1}NOG zWi;legx9I}qO3+_Z3aKKo$rouz<0B=?IUARV~^y|tV6-UzrkgC8YEridwr`&spT{& z+pwuFr_4##Y(~HJ&h?USg_hZ+P)%h01?BA{DsCJmL7@I`!GuIh)`+~i#-$zUuL6^^ z+QT{2ex8pno_eXaj||Ydees3-)RfD6koHHXL zwA4*{YPQz3hv>GN$XzAb{7)QNN-z2GiRIF%0+Z)Mx9fPo0$oIwZ{~ITCvd(WqK_UJ zsz^c2#c$goI+*-C7B}>PC_1x^2P5mNJ=38UBs!1*9(9AJp22UzYQF9ApprzZA6Oxp zU$pgd07k|rt8I}`yW$~rA0g2)s6ZNT`P_BUCQ-F8z2&%-pS-crZ~a$R?wJc{pBIl< z?Y0 +[Office CSP](office-csp.md) +

    Added the following setting in Windows 10, version 1709:

    +
      +
    • Installation/CurrentStatus
      • +
    + + [Policy CSP](policy-configuration-service-provider.md)

    Added the following new policies for Windows 10, version 1709:

      @@ -1367,6 +1374,13 @@ The DM agent for [push-button reset](https://msdn.microsoft.com/windows/hardware
    +[Office CSP](office-csp.md) +

    Added the following setting in Windows 10, version 1709:

    +
      +
    • Installation/CurrentStatus
      • +
    + + [BitLocker CSP](bitlocker-csp.md) Added information to the ADMX-backed policies. diff --git a/windows/client-management/mdm/office-csp.md b/windows/client-management/mdm/office-csp.md index 8b62bdd0c7..96b82f9aa7 100644 --- a/windows/client-management/mdm/office-csp.md +++ b/windows/client-management/mdm/office-csp.md @@ -6,11 +6,14 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 06/19/2017 +ms.date: 08/22/2017 --- # Office CSP +> [!WARNING] +> Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here. + The Office configuration service provider (CSP) enables a Microsoft Office client to be installed on a device via the Office Deployment Tool. For more information, see [Configuration options for the Office Deployment Tool](https://technet.microsoft.com/en-us/library/jj219426.aspx). This CSP was added in Windows 10, version 1703. @@ -38,7 +41,7 @@ The following diagram shows the Office configuration service provider in tree fo **Install** -

    Installs office by using the XML data specified in the configuration.xml file. +

    Installs Office by using the XML data specified in the configuration.xml file.

    The supported operations are Get and Execute. @@ -48,13 +51,18 @@ The following diagram shows the Office configuration service provider in tree fo

    The only supported operation is Get. +**CurrentStatus** + +

    Returns an XML of current Office 365 installation status on the device. + +

    The only supported operation is Get. ## Examples Sample SyncML to install Office 365 Business Retail from current channel. ```syntax - + 7 @@ -76,7 +84,7 @@ Sample SyncML to install Office 365 Business Retail from current channel. To uninstall the Office 365 from the system: ```syntax - + 7 @@ -95,6 +103,24 @@ To uninstall the Office 365 from the system: ``` +To get the current status of Office 365 on the device. + +``` syntax + +    +      7 +        +          +            ./Vendor/MSFT/Office/Installation/CurrentStatus +          +        +    +    + +``` + ## Status code diff --git a/windows/client-management/mdm/office-ddf.md b/windows/client-management/mdm/office-ddf.md index 0fd89434b4..ebd7f2b843 100644 --- a/windows/client-management/mdm/office-ddf.md +++ b/windows/client-management/mdm/office-ddf.md @@ -7,11 +7,14 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 06/19/2017 +ms.date: 08/22/2017 --- # Office DDF +> [!WARNING] +> Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here. + This topic shows the OMA DM device description framework (DDF) for the **Office** configuration service provider. DDF files are used only with OMA DM provisioning XML. You can download the DDF files from the links below: @@ -19,7 +22,7 @@ You can download the DDF files from the links below: - [Download all the DDF files for Windows 10, version 1703](http://download.microsoft.com/download/C/7/C/C7C94663-44CF-4221-ABCA-BC895F42B6C2/Windows10_1703_DDF_download.zip) - [Download all the DDF files for Windows 10, version 1607](http://download.microsoft.com/download/2/3/E/23E27D6B-6E23-4833-B143-915EDA3BDD44/Windows10_1607_DDF.zip) -The XML below is the current version for this CSP. +The XML below is for Windows 10, version 1709. ``` syntax @@ -30,12 +33,12 @@ The XML below is the current version for this CSP. 1.2 Office - ./Vendor/MSFT + ./User/Vendor/MSFT - Root of the office CSP. + Root of the Office CSP. @@ -46,7 +49,7 @@ The XML below is the current version for this CSP. - com.microsoft/1.0/MDM/Office + com.microsoft/1.3/MDM/Office @@ -55,7 +58,7 @@ The XML below is the current version for this CSP. - Installation options for the office CSP. + Installation options for the Office CSP. @@ -100,7 +103,7 @@ The XML below is the current version for this CSP. - The install action will install office given the configuration in the data. The string data is the xml configuration to use in order to install office. + The install action will install Office given the configuration in the data. The string data is the xml configuration to use in order to install Office. @@ -137,6 +140,27 @@ The XML below is the current version for this CSP. + + CurrentStatus + + + + + The current Office 365 installation status on the machine + + + + + + + + + + + text/plain + + + @@ -156,7 +180,7 @@ The XML below is the current version for this CSP. - + com.microsoft/1.3/MDM/Office @@ -243,6 +267,27 @@ The XML below is the current version for this CSP. + + CurrentStatus + + + + + The current Office 365 installation status on the machine + + + + + + + + + + + text/plain + + + From 52e4b0f7d7efff629fc3b49f77b387a7a8d8207b Mon Sep 17 00:00:00 2001 From: Elizabeth Ross Date: Tue, 22 Aug 2017 18:04:28 +0000 Subject: [PATCH 11/15] Merged PR 2810: Updated system requirements --- .../windows-defender-application-guard/reqs-wd-app-guard.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md b/windows/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md index f726d67b28..c9f657f6f9 100644 --- a/windows/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md +++ b/windows/threat-protection/windows-defender-application-guard/reqs-wd-app-guard.md @@ -25,9 +25,9 @@ Your environment needs the following hardware to run Application Guard. |--------|-----------| |64-bit CPU|A 64-bit computer is required for hypervisor and virtualization-based security (VBS). For more info about Hyper-V, see [Hyper-V on Windows Server 2016](https://docs.microsoft.com/en-us/windows-server/virtualization/hyper-v/hyper-v-on-windows-server) or [Introduction to Hyper-V on Windows 10](https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/about/). For more info about hypervisor, see [Hypervisor Specifications](https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/reference/tlfs).| |CPU virtualization extensions|Extended page tables, also called _Second Level Address Translation (SLAT)_

    **-AND-**

    One of the following virtualization extensions for VBS:

    VT-x (Intel)

    **-OR-**

    AMD-V| -|IOMMU|Not required but strongly recommended| |Hardware memory|8 GB minimum, 16 GB recommended| -|Harddisk|5 GB free space, SSD recommended| +|Hard disk|5 GB free space, solid state disk (SSD) recommended| +|Input/Output Memory Management Unit (IOMMU) support|Not required, but strongly recommended| ## Software requirements Your environment needs the following hardware to run Application Guard. From 3362bfb5edfda855938866eadef989f3fb462a19 Mon Sep 17 00:00:00 2001 From: Jeanie Decker Date: Tue, 22 Aug 2017 19:56:02 +0000 Subject: [PATCH 12/15] Merged PR 2811: Add note to Authenticator app topic --- devices/surface-hub/surface-hub-authenticator-app.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/devices/surface-hub/surface-hub-authenticator-app.md b/devices/surface-hub/surface-hub-authenticator-app.md index a13280d8d4..a501494419 100644 --- a/devices/surface-hub/surface-hub-authenticator-app.md +++ b/devices/surface-hub/surface-hub-authenticator-app.md @@ -39,8 +39,13 @@ Currently, you cannot use Microsoft Authenticator to sign in to Surface Hubs tha ## Individual prerequisites - An Android phone running 6.0 or later, or an iPhone or iPad running iOS9 or later + - The most recent version of the Microsoft Authenticator app from the appropriate app store + >[!NOTE] + >The Microsoft Authenticator app on phones running a Windows operating system can't be used to sign in to Surface Hub. + - Passcode or screen lock on your device is enabled + - A standard SMTP email address (example: joe@contoso.com). Non-standard or vanity SMTP email addresses (example: firstname.lastname@contoso.com) currently don’t work. From 86a40ce2ffcd412abbf857e0b4a69253a31801e8 Mon Sep 17 00:00:00 2001 From: Meyyammai Subramanian Date: Tue, 22 Aug 2017 20:59:30 +0000 Subject: [PATCH 13/15] Merged PR 2794: Creating a note for skipping EULA in AutoPilot OOBE Creating a note for skipping EULA in AutoPilot OOBE --- AutoPilotEULANote.md | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 AutoPilotEULANote.md diff --git a/AutoPilotEULANote.md b/AutoPilotEULANote.md new file mode 100644 index 0000000000..8915b7c4a3 --- /dev/null +++ b/AutoPilotEULANote.md @@ -0,0 +1,20 @@ +--- +title: Windows Autopilot EULA dismissal – important information +description: A notice about EULA dismissal through Windows AutoPilot +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +ms.pagetype: deploy +ms.localizationpriority: high +ms.author: mayam +ms.date: 08/22/2017 +ROBOTS: noindex,nofollow +--- +# Windows Autopilot EULA dismissal – important information + +>[!IMPORTANT] +>The information below isn't the EULA. It is a notice of awareness to the administrator that's configuring to skip End User License Agreement (EULA) during the OOBE (Out-of-Box Experience). + +Using this tool allows you to configure individual installations of Windows on devices managed by your organization. You may choose to suppress or hide certain set-up screens that are normally presented to users when setting up Windows, including the EULA acceptance screen. + +By using this function, you agree that suppressing or hiding any screens that are designed to provide users with notice or acceptance of terms means that you, on behalf of your organization or the individual user as the case may be, have consented to the notices and accepted the applicable terms. This includes your agreement to the terms and conditions of the license or notice that would be presented to the user if you did not suppress or hide it using this tool. You and your users may not use the Windows software on those devices if you have not validly acquired a license for the software from Microsoft or its licensed distributors. \ No newline at end of file From 6fae593a2349a2466e62255b73fb78a7845ec402 Mon Sep 17 00:00:00 2001 From: Dani Halfin Date: Tue, 22 Aug 2017 21:38:46 +0000 Subject: [PATCH 14/15] Merged PR 2817: Added EULA notice that is unindexed and out of ToC for AutoPilot usage --- .../Windows-AutoPilot-EULA-note.md | 38 +++++++++---------- 1 file changed, 19 insertions(+), 19 deletions(-) rename AutoPilotEULANote.md => windows/Windows-AutoPilot-EULA-note.md (98%) diff --git a/AutoPilotEULANote.md b/windows/Windows-AutoPilot-EULA-note.md similarity index 98% rename from AutoPilotEULANote.md rename to windows/Windows-AutoPilot-EULA-note.md index 8915b7c4a3..941c15911e 100644 --- a/AutoPilotEULANote.md +++ b/windows/Windows-AutoPilot-EULA-note.md @@ -1,20 +1,20 @@ ---- -title: Windows Autopilot EULA dismissal – important information -description: A notice about EULA dismissal through Windows AutoPilot -ms.prod: w10 -ms.mktglfcycl: deploy -ms.sitesec: library -ms.pagetype: deploy -ms.localizationpriority: high -ms.author: mayam -ms.date: 08/22/2017 -ROBOTS: noindex,nofollow ---- -# Windows Autopilot EULA dismissal – important information - ->[!IMPORTANT] ->The information below isn't the EULA. It is a notice of awareness to the administrator that's configuring to skip End User License Agreement (EULA) during the OOBE (Out-of-Box Experience). - -Using this tool allows you to configure individual installations of Windows on devices managed by your organization. You may choose to suppress or hide certain set-up screens that are normally presented to users when setting up Windows, including the EULA acceptance screen. - +--- +title: Windows Autopilot EULA dismissal – important information +description: A notice about EULA dismissal through Windows AutoPilot +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +ms.pagetype: deploy +ms.localizationpriority: high +ms.author: mayam +ms.date: 08/22/2017 +ROBOTS: noindex,nofollow +--- +# Windows Autopilot EULA dismissal – important information + +>[!IMPORTANT] +>The information below isn't the EULA. It is a notice of awareness to the administrator that's configuring to skip End User License Agreement (EULA) during the OOBE (Out-of-Box Experience). + +Using this tool allows you to configure individual installations of Windows on devices managed by your organization. You may choose to suppress or hide certain set-up screens that are normally presented to users when setting up Windows, including the EULA acceptance screen. + By using this function, you agree that suppressing or hiding any screens that are designed to provide users with notice or acceptance of terms means that you, on behalf of your organization or the individual user as the case may be, have consented to the notices and accepted the applicable terms. This includes your agreement to the terms and conditions of the license or notice that would be presented to the user if you did not suppress or hide it using this tool. You and your users may not use the Windows software on those devices if you have not validly acquired a license for the software from Microsoft or its licensed distributors. \ No newline at end of file From 21fb0635387a04f67c937fddffc9246efa0aba31 Mon Sep 17 00:00:00 2001 From: Dani Halfin Date: Tue, 22 Aug 2017 22:14:16 +0000 Subject: [PATCH 15/15] Merged PR 2820: changing location of EULA note again --- windows/{ => deployment}/Windows-AutoPilot-EULA-note.md | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename windows/{ => deployment}/Windows-AutoPilot-EULA-note.md (100%) diff --git a/windows/Windows-AutoPilot-EULA-note.md b/windows/deployment/Windows-AutoPilot-EULA-note.md similarity index 100% rename from windows/Windows-AutoPilot-EULA-note.md rename to windows/deployment/Windows-AutoPilot-EULA-note.md