From 2599a42031e23992b0b8274201b765d059b55200 Mon Sep 17 00:00:00 2001 From: Barry Langer Date: Wed, 4 Oct 2017 15:15:21 -0700 Subject: [PATCH 1/6] adding AAD bits --- .../get-started-with-microsoft-education.md | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/education/get-started/get-started-with-microsoft-education.md b/education/get-started/get-started-with-microsoft-education.md index 51de907eef..46a130c709 100644 --- a/education/get-started/get-started-with-microsoft-education.md +++ b/education/get-started/get-started-with-microsoft-education.md @@ -10,7 +10,7 @@ ms.localizationpriority: high ms.pagetype: edu author: CelesteDG ms.author: celested -ms.date: 08/29/2017 +ms.date: 10/04/2017 --- # Get started: Deploy and manage a full cloud IT solution with Microsoft Education @@ -146,6 +146,15 @@ To learn more about the services and tools mentioned in this walkthrough, and le - Deployment using PowerSchool Sync: How to deploy School Data Sync by using PowerSchool Sync and School Data Sync required attributes for PowerSchool Sync - Deployment using Clever Sync: How to deploy School Data Sync by using Clever Sync and School Data Sync required attributes for Clever sync - Deployment using OneRoster CSV files: How to deploy School Data Sync by using OneRoster CSV files +- Azure Active Directory features used by Intune for Education, including: + - Single Sign-On" Allow your AAD users to access SSO-enabled apps, so they don’t need to type in their credentials to access these apps + - MDM auto-enrollment: Devices are automatically enrolled with Intune upon being joined with AADJ + - Enterprise State Roaming: Keep school data and personal data separate on your devices. + - Dynamic Groups: You can use dynamic groups to create rules that populate your groups (e.g. a group with all 9th graders) instead of having to manually add/remove members of the groups. Group stays updated by continually staying populated with members that fit the rules you pick. + - Password write-back: Password writeback allows you to configure Azure AD to write passwords back to your on-premises Active Directory. It removes the need to set up and manage a complicated on-premises self-service password reset solution, and it provides a convenient cloud-based way for your users to reset their on-premises passwords wherever they are. + - Administrative Units: **don't quite know what to put here** + - Additional local administrators: **don't quite know what to put here** + - Self-service BitLocker recovery: **don't quite know what to put here** **For teachers** From 43bd5ee37c98c57d6ed0ba49d1f5299c889715fa Mon Sep 17 00:00:00 2001 From: Iaan D'Souza-Wiltshire Date: Wed, 4 Oct 2017 16:21:34 -0700 Subject: [PATCH 2/6] fix url link, toc, and explain better what the table does --- windows/threat-protection/TOC.md | 2 +- .../windows-defender-antivirus-compatibility.md | 5 +++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/windows/threat-protection/TOC.md b/windows/threat-protection/TOC.md index 8829915137..85d2429812 100644 --- a/windows/threat-protection/TOC.md +++ b/windows/threat-protection/TOC.md @@ -136,7 +136,7 @@ ### [Windows Defender AV on Windows Server 2016](windows-defender-antivirus\windows-defender-antivirus-on-windows-server-2016.md) ### [Windows Defender Antivirus compatibility](windows-defender-antivirus\windows-defender-antivirus-compatibility.md) -#### [Use limited periodic scanning in Windows Defender AV](windows-defender-antivirus\limited-periodic-scanning-windows-defender-antivirus.md) +#### [Use limited periodic scanning in Windows Defender AV](windows-defender-antivirus\limited-periodic-scanning-windows-defender-antivirus.md) ### [Evaluate Windows Defender Antivirus protection](windows-defender-antivirus\evaluate-windows-defender-antivirus.md) diff --git a/windows/threat-protection/windows-defender-antivirus/windows-defender-antivirus-compatibility.md b/windows/threat-protection/windows-defender-antivirus/windows-defender-antivirus-compatibility.md index 72f8bac124..e9295dfc55 100644 --- a/windows/threat-protection/windows-defender-antivirus/windows-defender-antivirus-compatibility.md +++ b/windows/threat-protection/windows-defender-antivirus/windows-defender-antivirus-compatibility.md @@ -48,7 +48,8 @@ Windows Server 2016 | Windows Defender AV | Yes | Active mode Windows Server 2016 | Windows Defender AV | No | Active mode -(1) On Windows Server 2016, Windows Defender AV will not enter passive or disabled mode if you have also installed a third-party antivirus product. If you install a third-party antivirus product, you should [uninstall Windows Defender AV on Windows Server 2016](windows-defender-antivirus-on-windows-server-2016.md# to prevent problems caused by having multiple antivirus products installed on a machine. +(1) On Windows Server 2016, Windows Defender AV will not enter passive or disabled mode if you have also installed a third-party antivirus product. If you install a third-party antivirus product, you should [uninstall Windows Defender AV on Windows Server 2016](windows-defender-antivirus-on-windows-server-2016.md) to prevent problems caused by having multiple antivirus products installed on a machine. + See the [Windows Defender Antivirus on Windows Server 2016](windows-defender-antivirus-on-windows-server-2016.md#install-or-uninstall-windows-defender-av-on-windows-server-2016) topic for key differences and management options for Windows Server installations. @@ -62,7 +63,7 @@ See the [Windows Defender Antivirus on Windows Server 2016](windows-defender-ant >Windows Defender is also offered for [consumer devices on Windows 8.1 and Windows Server 2012](https://technet.microsoft.com/en-us/library/dn344918#BKMK_WindowsDefender), although it does not provide enterprise-level management (or an interface on Windows Server 2012 Server Core installations). -This table describes what each of the three states do: +This table indicates the functionality and features that are available in each state: State | Description | [Real-time protection](configure-real-time-protection-windows-defender-antivirus.md) and [cloud-delivered protection](enable-cloud-protection-windows-defender-antivirus.md) | [Limited periodic scanning availability](limited-periodic-scanning-windows-defender-antivirus.md) | [File scanning and detection information](customize-run-review-remediate-scans-windows-defender-antivirus.md) | [Threat remediation](configure-remediation-windows-defender-antivirus.md) | [Threat definition updates](manage-updates-baselines-windows-defender-antivirus.md) :-|:-|:-:|:-:|:-:|:-:|:-: From ad076801a141c7e859b5fd061011b4e7a4c3a44e Mon Sep 17 00:00:00 2001 From: Iaan D'Souza-Wiltshire Date: Wed, 4 Oct 2017 16:23:12 -0700 Subject: [PATCH 3/6] fix xrefs --- .../windows-defender-antivirus-compatibility.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/threat-protection/windows-defender-antivirus/windows-defender-antivirus-compatibility.md b/windows/threat-protection/windows-defender-antivirus/windows-defender-antivirus-compatibility.md index e9295dfc55..b2d2890d2b 100644 --- a/windows/threat-protection/windows-defender-antivirus/windows-defender-antivirus-compatibility.md +++ b/windows/threat-protection/windows-defender-antivirus/windows-defender-antivirus-compatibility.md @@ -48,7 +48,7 @@ Windows Server 2016 | Windows Defender AV | Yes | Active mode Windows Server 2016 | Windows Defender AV | No | Active mode -(1) On Windows Server 2016, Windows Defender AV will not enter passive or disabled mode if you have also installed a third-party antivirus product. If you install a third-party antivirus product, you should [uninstall Windows Defender AV on Windows Server 2016](windows-defender-antivirus-on-windows-server-2016.md) to prevent problems caused by having multiple antivirus products installed on a machine. +(1) On Windows Server 2016, Windows Defender AV will not enter passive or disabled mode if you have also installed a third-party antivirus product. If you install a third-party antivirus product, you should [uninstall Windows Defender AV on Windows Server 2016](windows-defender-antivirus-on-windows-server-2016.md) to prevent problems caused by having multiple antivirus products installed on a machine. See the [Windows Defender Antivirus on Windows Server 2016](windows-defender-antivirus-on-windows-server-2016.md#install-or-uninstall-windows-defender-av-on-windows-server-2016) topic for key differences and management options for Windows Server installations. From 810bc67f8cae46d26d1b94d8c81a6477c63d320b Mon Sep 17 00:00:00 2001 From: Nicholas Brower Date: Fri, 6 Oct 2017 19:05:31 +0000 Subject: [PATCH 4/6] Merged PR 3638: AssignedAccess CSP updates --- .../mdm/assignedaccess-csp.md | 11 ++++++----- ...onfiguration-service-provider-reference.md | 1 + .../provisioning-csp-assignedaccess.png | Bin 5797 -> 16260 bytes 3 files changed, 7 insertions(+), 5 deletions(-) diff --git a/windows/client-management/mdm/assignedaccess-csp.md b/windows/client-management/mdm/assignedaccess-csp.md index 2e6580c656..bd4a538872 100644 --- a/windows/client-management/mdm/assignedaccess-csp.md +++ b/windows/client-management/mdm/assignedaccess-csp.md @@ -7,7 +7,7 @@ ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower -ms.date: 09/19/2017 +ms.date: 10/03/2017 --- # AssignedAccess CSP @@ -19,16 +19,17 @@ The AssignedAccess configuration service provider (CSP) is used set the device t For step-by-step guide for setting up devices to run in kiosk mode, see [Set up a kiosk on Windows 10 Pro, Enterprise, or Education.](http://go.microsoft.com/fwlink/p/?LinkID=722211) -> **Note**  The AssignedAccess CSP is supported in Windows 10 Enterprise and Windows 10 Education. Starting in Windows 10, version 1709 it is also supported in Windows 10 Pro. +> [!Note] +> The AssignedAccess CSP is supported in Windows 10 Enterprise and Windows 10 Education. Starting in Windows 10, version 1709 it is also supported in Windows 10 Pro and Windows 10 S. The following diagram shows the AssignedAccess configuration service provider in tree format ![assignedaccess csp diagram](images/provisioning-csp-assignedaccess.png) -**./Vendor/MSFT/AssignedAccess** +**./Device/Vendor/MSFT/AssignedAccess** Root node for the CSP. -**AssignedAccess/KioskModeApp** +**./Device/Vendor/MSFT/AssignedAccess/KioskModeApp** A JSON string that contains the user account name and Application User Model ID (AUMID) of the Kiosk mode app. For more information about how to get the AUMID, follow the information in [this Microsoft website](http://go.microsoft.com/fwlink/p/?LinkId=404220). In Windows 10, version 1607, you can use a provisioned app to configure the kiosk mode. For more information about how to remotely provision an app, see [Enterprise app management](enterprise-app-management.md). @@ -49,7 +50,7 @@ For a local account, the domain name should be the device name. When Get is exec The supported operations are Add, Delete, Get and Replace. When there's no configuration, the Get and Delete methods fail. When there's already a configuration for kiosk mode app, the Add method fails. The data pattern for Add and Replace is the same. -**AssignedAccess/Configuration** +**./Device/Vendor/MSFT/AssignedAccess/Configuration** Added in Windows 10, version 1709. Specifies the settings that you can configure in the kiosk or device. This node accepts an AssignedAccessConfiguration xml as input to configure the device experience. For details about the configuration settings in the XML, see [Overview of the AssignedAccessConfiguration XML](#overview-of-the-assignedaccessconfiguration-xml). Here is the schema for the [AssignedAccessConfiguration](#assignedaccessconfiguration-xsd). Enterprises can use this to easily configure and manage the curated lockdown experience. diff --git a/windows/client-management/mdm/configuration-service-provider-reference.md b/windows/client-management/mdm/configuration-service-provider-reference.md index ff8c33aa7e..fd5460395b 100644 --- a/windows/client-management/mdm/configuration-service-provider-reference.md +++ b/windows/client-management/mdm/configuration-service-provider-reference.md @@ -2537,6 +2537,7 @@ The CSPs supported in Windows 10 S is the same as in Windows 10 Pro except that - [ActiveSync CSP](activesync-csp.md) - [APPLICATION CSP](application-csp.md) - [AppLocker CSP](applocker-csp.md) +- [AssignedAccess CSP](assignedaccess-csp.md) - [BOOTSTRAP CSP](bootstrap-csp.md) - [CellularSettings CSP](cellularsettings-csp.md) - [CertificateStore CSP](certificatestore-csp.md) diff --git a/windows/client-management/mdm/images/provisioning-csp-assignedaccess.png b/windows/client-management/mdm/images/provisioning-csp-assignedaccess.png index df8aa48b9557525207a27b53914e06914868ae05..c8db9ee05950a8433af51bb4d0fd7e7375900567 100644 GIT binary patch literal 16260 zcmbWeQUF3zm=-^^U>d^2)q#)^o{ zjQ2rgxV)?w3?wEb004lI5EoVi0Dk@Y*-!rc-?n%iRN^N9IVy??0&1qPPk#y^rUEho z06={#)Q3LkPZ`2aT*DCnfF1nr2Q+G1W&{B6VMquID7)!iZi4e8nPLHU#3J)XOwFkle zpv&E+dkRep$tA*JJxyMy3?~jDK(Utj2oA1r$-(qTPMK4@Cw;ZZb(AXr8-y#_3U59~x zC5)gE-ENsZ9v4T5UXwLAvtc2C005_Ta^gg(>8(xQ?pwFkPatKFnS?TDjZ>s=8@nt- zrfozBp~r!Xb9eBHMaZHJBH~)m{76j;IBdF}SLMJsc_qV``bv{))VJPQ--*Yp+WCz0 zI1;-8Aueg?T($W6vli%ZZk&?gIk;bwJ$#)l2oMi|_=}H`KD?JzrI;J*kdW?E5v%UR z=Esma3=J#ck|4QWXGe)`Qj1B;?$XjA?0a;xgO41-#uxr8J%2=a#?Jp2oTEs7;9UXc| z;SNqTmB}s?UDhm@imJw`WdtMtJcb=Iz#`4h#u=k6_?>IP$cH$UVv=JY5s7G!&w771 zIzHFHJ*CdT-FlD2i}0axvkJ_nt65SlAUmeHzeffgBZ7Rpk#m&L^vWz84xiYDqfZE~ z;$>i-LBwyr2PX+iDqf^v6cb9-j_dyNT0!DK^o0S3tjN!wQN|Mr-`t`LBqD#tzdi;J zZ1!$yK8|ndSYN6=$yAq*GWxvCvy&umQ&4PMXY^{O)+!ZcvrOfZa}zAPC^aTnl1w7@ z2;M3uvjPBLk+`zJn9-v6*2=s`s6gDFBY=<{40IJ14z{1Zq^@8 zL-CJ9a5XWnjDA)pjQH~2q(Qc?4hML-WZ3GscOgva`WqVnDTv$)aT==$<`ia<;ZYLk zUVmXj2wlm?NTd9F%tn}dkjfLE+$vmmx6iUbD)3qurbbrgg~Bi)p%&U_9A;*_!MAu{ zE9_>=hHkR@Pp#byIZeik=f^_Ws^~BBwBgH_hP0|1joI}cbay-NkMd{m+I!=A8T*>Y zb-a*isGE&C+OLfYAS4;Fa6?kq-LZMB@hB2tr=DNjl=3OkJ1kk6ukvm*sXd=;yx zhz1SHeP2g%OEX;F-pYEL>fb{~L;%etE*0?^i_6(g>M&3m3&H+aVbC4q)XcG(d}qiH znL9#MQlR6~BPAU50Kt$llUx5?LCaN}k0_`gxRDyQ*Mi#ycKzDz_}F%5?M{GjwPmy+?lMb4-&3@6iwGxqq?((8a+#91yJ|70ZQxGTnpw zW)aZo&p6r%cm9bHF+aR*8P!X*aK@y@%)^4Gdl;fVIO}pzhi(IP;Pubk}q<-O|e@sIW=7ld_oBK`X0nC)grZRFOhJ6(h-0 z2{x8EGWiT6Cq`&<1QssdJ{*q&gYVYO(eMo2qYn-ZmM4$uY`4`~#cS659cc2R1&*4W ztCatbn7Y0EwFY_gkO4z%AkJ{#57VqqvzB_#-gz(WjpR+ z{gG)T1v#nGm|bN#PSdGIcgz+wb({RFL=_9$Dq5MJzGK5%%~hodWjQ=^$8cb0;$z~{ zlJbeIti#Fc<{Xa2GH}2x1QRS3!zQ%0S3_mR7)IuPw^B+@z7A>1<0p7Rhbk{7Z9P7$2>KLG+@9dZx1q%bSCz8;ht_Bs5#{&F< zH@enb5ji9M1rzJVo%zXZ1svifsTn8v(IIoHW?7_=;hJL+Xw0mdTZHFwx^^Z?mny6@ zbj3BaH@Cq5^yLL{%!#y)N5(sF1y?=gTFjI-97S5e5czBQZMEG@xF~ zSn!Gc1tv0LKrfSUB{!PVl~3;DuvDm*p_`?fEKv&HahEcb7MV~PCt5A`Pi3;bU955j zT1(RtYpF4RpIv>Uaia(b(C0fgNXEg9E7vDKLq2al;JLPQ9ipL*Wg;=lpc({a{2X;_ zGec8wBqklIX|rXHGJw|kY~jcOEoaHS+LR=|*WR2vY>{D0j$s(W6)a)tdLSWF4;wwH zDC0LuKCd+M*N6&^vZJM1y41AYzMJz6*o_))@cZU!o`=Wb+y>Jydoh>luYElR>%=BW z;Zq1j(cKrJQ7^e6jfB>Qwm328ncf2j_}Z_Ue$F2N*4iWoGC+{a%rImop7wLHX0VZbDUDdVzsc&r&WWt!uQErQQQxH zCp+1uxfT^k&*NDiRbn;F_IZ4gA6(iJIuC#hc4)FAGK?yPh-e0$&lU@mJ46?I*LM;T z3BSlkAT_yF&{~RG=_S3L@bqs~NH_<#u|~9jo_vTntChWDsU61Ez-Tphf0%*;t8poT zmtJ3JMO~zzr^UXCZnzK&W!@rxX@=!H8jSDUirISbnGj_|RGm+`Q<`FNeV*pSsCRdN zXrV)d71mfAr0_Rf+D0LxGoKP_xe(U0uY){C42wr*Y1X?wPfCS)Wjp0 zxz6506nq`^^iY{Rj$Kk74e@UDnmLL!G%3%hfrv(dQrYj{6bbIv-L8$?P*ja>gSA!{ding2<654TqlHU ztlHyi6p{HmVCpBTkNvmDiBtRs1LJqJN47P~ysS@7QyFu>XH4YVvoQKpPFYzzEJwXr zbKToGaoQ(NVx-_K&r3GTQ`@RIuVG=z7$nj}u?dwQQc6^Isl-C_4=7NuIz@GeXqPTv z$@!8KhME+s-mF7!4x=OXM+p=SWSTD;_*ZFIZ$yYT6!(`(i&xH41SOa>>tdaC>O<~t zg)YaE<9$K=Aty~18!^iiVX2Unx^EYiqV>bIQxyM*j**}b96;Lo=% zNm7Ya2_y4Jj{Gmm!e6X#;VcC;I7BEPYUuF>0xx)gQGCfrXg)%;*aC@iP1?IgJ*%BV zK#h!H33{d~=qB1`E|AYi=WL-=c8|V|(mY$-(CpuU!74VS3UN&WMlTq3j-_lLtJL`d zC(p+r(?4uPu*d)>O&QC^rp1>@LkwlhF4-R}=}m6i7X|{ws=JPFRjYckT_45I)h==tEhmiq_NB5oEnYBZ!(&r?`1WJ;zJV24iYlbp zB=%1Qioa+k_fT1iHc!|jz@i2fMd<_Mhvi9C<0&(Ulf9e2uUc7@@ zU{%1GT2~|;;2ZCtj1FlKchKHD!|^w7JN&OR+9KNmliMf7TbFrGfOnMre`pgb&N#+p z!_4|3+`&&BxOXdSeiGh>o5cY{!`9~3XC+Utx;rX@L-N^XpM@8r9ULBoc z14x%EC#j+x-p)e`vw>D<#zE_%5JPW9qn?f3U0^VdFNOmtKMVB^Id#V(gKqw_HqaLn&7hq!Vo>s2?tc_|uT@9f^6raM{wp&hwi|IX=5F1Sv#2*5rWH?)q22LSl>e$k@; z^!JT94(#Ww|BGOUcI((1sa~!uS%jD_SfEU`W<-NoeH%T}*C>!L?}QlXN2CA)fHDzZ0RYGWhy!;+PXWCeYluPi zS}UraK5!C4cELkd9|%6y{?iyWa-cx`1=!j4W1bnOtQeO?wn8d<5yx<=-?8X#ej{2P zKDA&ui2(N_`!&aJoAA$gnNpUuvLgO2GGI6%XCIGviX{w9*4uex*X*I9sG|FE5+4b; z4++RTk1bghEhU^WUJwrSX}iJZz+b?sXa)GF)|>I7)9y^k>eVPr-|$Vwq!9N*rQYrn zlXszfiO$vlzT*5US$FY=ZDIiYMuE-qmdlhY8bUr;otYG`5UOm;nt6f>U++S8;%1PP zQnqV*bZZibhL2$k(a!gxh4zKGOA_N}q{M2MQ6lHh&n)8^0f1QWIsRI63v=q^jbJ$e z@piJ6C41Ggfusz@7!7EoSdiQ#@<+R;>kqVKFmh>IKEgAXVRIhG1}Yeco}iaILV?P< z*w|1oKQf>ztdr(=93WgC3gsc0) z%fNb0j-U!2`^$4HP~_9E5q{k~f?q0loo~)D(jW>*%c3H-QW~q|p;?!rvA5VlB9#;% zQrx0TD@jlL)z=r+x zwi~ptc6#BluO9w=?ys03Yijw{%Hr&bZ@N5XQ)cU9`PRyrtg%!{b+fWPWu_#+ctX}- zx`32|S9nIf-`UX$l`9FImE5;(cM}CuQ;!mN#I_QhF`HRc-aO&Cwl0(taIZS2Eo=M2 z%E6UCX1uMtchcTRGDQ7N2Xe%|MduJLwcu@foN~v2+@5xy`rWFYpjt5;QB&fbJ-5;* zo0`vB3-^R2gbyG0b00Q=%=_ZNE>?!b(ZCQrBs~%u_G-^m#LLObntUR`dt5Kavd#^3 zjQ;lcpXp#R(hk})H6ln6mXefGcTmme%ab>2PBCIN6C3QkCb3-;Af$tR?OVzL6ILxp zoUnjCZ*z{s84~!aqQpfrYbTxyI--l0xwGO6kjceLhHJ}f)(}sOY z>U2L&53Fm3?Vk5K|312CZFMad_qPPEwJh7JCwnFouFFO2oK;i0^Y+9{<2Z;THhi-8 zPdIM0#6904Q}bp1f-h^^u_j8B(NbhvI(>u|&C7n1?C{x14dkVs_raK-&X8pd{obi&|HOeX@)x!m zeRBA-9)@Kzmwv^}Je6@OIzoA^qMKA+%qX!{iw4Kjh7-v+38a)ps61d^TX7Hk$7q%?9|}?JQyQMM>-(cLpJK=K{)Ch%P87q1oo;X%2IE^ z?qCzjcCIZ}D6XJM<=5A>9d0LXOKj$lc~umVX-CGf35&8PDR;<#WVv}oyv8uRj#IT) zh%pGg50TJJj2LF5wd7}?W-Z(i?gnevfxa75%c`cO_e#sTIO4=!_h71Q&lrY=sK2$Z z!#=S^Gfb<>x``uiB!(FO4O@S-HO4n*WwA~8fOql7yY@veQ}=q^*V~sfLgd~LZZXwT zsPGLezB1t@nOxaToA3Ccv-B)V3q3#ETGYJ}i}qOi)JusD%o^{Cbz;^aFZWca+B=-w zTV*rYl4SHWMQOxCCZ++V%2M1yRfw~?PI6&s`@Va(=2pPU#AZ-O1nzpIk;v0y9dy^8 z=h6zuucx?{4f3&|U~eGzn(q2EaX-w2i8lsaN83}UfI+9#fQE)pW2{oE*4ms2bjA&; zvMqe8Rw82SySiWlzJG^?CRFAjXHm7yz}DDVtS}CF-FCOn7^GUa5Fwr+XlxG8HFYCc z?fFriFEji0DtbS}n&6y*hz)7HcRka0aL(hdAT9i*O#^?N0q?qzPn8<~-IGX3}PZsjnKl9r? zpZ@jfY1*>|&*&r?R$JSokS?A9Eb3C5zg zMhPcN7eVw=RN|!;Wjspdd5XW$wWiYKp=gU#7MH(Nii;GZX*6-#q5zK8kGqjjExPXC zl~R$nTa+x@5{tS%{3C=)4sa>#-|L`LevLO4pJ zAJPZNj@Kfxq&tGW#-GupVFu%8#Ge0FDvZ-r(IOuP=bXYgL_wQ~#M|YOrK6!lPC8GL zY37t|8%+Xo5h}>)s-#R%Kwkg2gQBH%ygU$-OHOr)3RaZNym8t0zO7!iY{V+IPC+#k z^B@7c4}m)nVZD_@Yf@eiTtc|o54{T!?U1_?Gd)-?iD1s)G*4`QZDQy_3Un7T+#J=& zD7>QbuRCOaWb5D> zqKz9T{>yN&K$yWE^U)LIrj))3<|5*+digUT&=R$Yl}XNOx8UzZ4_hvQQM;@YZ zm~q7doFq}Q_@e626YN9dbZb@2lQ@eMprS_;b~5~RYgNsdL8t|);|-z3NYu4j&7xku_saOcWdB&&77 zzmY+pajidui$#q!VGOllbfrp_`oT96d&|p!Opr!k(?BhN0XMb$m?tudLGVRqo zmIGHbTUX~~w@$ujrC}(L)Khbt<|Wx5FR`b+&rPO}e185+xqJ8ip@ndYV1S+5|1Q2s zP1j3k|<>|;yu1J51= z++6=$YphxQWb+k0Z_F3TvI!Fml*0rKiS>uoO8EPfdc@Il2^a9u>K8BA4ISA3(iuv^ zPD@(Q?`i)HN7#-O`kV>o003}v$YZ(D?r;hyh+IvMH5TtheMT$2b?sFl>Z{tUC##i3ix<0$?o!IbJH)O?!G@A@CcL}P5%FYu zwI8LFsU1JE18x!k<~y$ey}IerON3S_l*5wE()g8Ps9jZOLnpnF+1%_jz;1%X4-JHS z*OIIF0<4W5Sy250Y@xN^f%_VPb%y9* zy{0@s`9qMXKIjy^+S7Z~f51NIe#D3Bo)!QK$#!2D=E7+{iAldQU1K_~!pY-$!W2Ys!R6Ma}8?}Rht zAOOHj>HpH{{)f=jV7E|;u^ixtbHE!TL`*Pz406r0VhD{U#vcK=K?F7jxcx&Y4Cv9} zv%*+c7R(11$$BStA`Cj5h*Xb3Kx+y@zst(`hB| z0x^5sgXL<|l}&=^j_4LkzKmd^&aLRhP4#@en?3D%aXSqJ=msqU+FA4`4Sw}uO-lD> zCxe)ixK75A9Ft4IAJ0L_1Sw~>ZmDq;>QH5vz%dDBT3gWkF;#TX*U>#a(*<{~IFtQ@ z06QZ8wNxcR;Jd5Ozv54gQoWfddGK7{Sx`&kl&xGQEP|d_`>hB*n4qlGrke+ zJtUp&8*Q^p41-$l>Y<7MjEbNiNb*<#PK6C3KNiI;M(KDlW_FKj2ImdPm0Rzs{BWyj zMMS*3Df?BDpE0+=5?tz$m2^hq>yf>0tHvz0>u*Ak_DMV9n^qkUZ^Jn(OFC;?QC7cv z94oXK`vy+m$4|v{b+ZWGMiTqFe zXJN#VHfX_j_2=FUd;X#tb}a>y@vB%NBB(#w?-*uZSIz%ytJ?2)7QJr%goedztMEBy z7XGvKO5ye#zLe&xH5bU^1#n~iyze#(zmv(BGIQ-EDV8OSZ~x-vMynFlCbGh#6PU0Q z&tZVt8jBKa^>j8)t_Tuaad>6bKG!t_%AK=RH-r45+aU0pYi~rAIlcb6l9qd$O>(_< z;vB~MJ4K>KCA1L$qc;4K$Bz51Xxw8Sjxabr$H3(%*1jPx{}<}3jGV2|Bk>j;b~q<$ z-Y7XoZ2)QkhRg;V2}9MtjoKEATcd>F{oWwZEuYw)HuB(yb+b zFD!0@E@IW(NMSq&X^|v^tXupl+gx>>epCKZMrc_wW+@{FNa@|se}Z%aP2%cbpD#bj0hNTq8LEa zAVolVSS{3o0eHt6B@8}U^0=s=7+RB_!5?q7t-h^JI*eOuxZzDo=J!RCT%F*{L(Gnp z)w;?Sl*lPIUmpWax!1WD$BjPl30;1?MzO(d}nGtJ5 zzfcg_#%j@KFVsgY-GRF}k|`7*7d3-L$!1T@hr}qUFsp@YQ*qjvp9YmK=T}>$k{q~M z{sgf!N91a6Wa+FKWMMWoq3(BewCDPtSeXF(2H|=G@XuG@$|7wVICG0`X$&1Z7EOa=uY^#1KC+589|KE6yP>`*z{z(_{LeAQo&aAgQ~$sDXTZ zsuDQhc{>(YTgh96d8eKO+v1pWn_cq_*np~(NxO%B!{5|D2?<6z9~R$ns{FJhsLT5djj=Ptfay-s&we#OU+7TrTq$l|H%4$@h&Q;k8PA-ABAk$KJRBFsF?6 zsS*N$OHT9oWL56tae#*hz1l-p9ZW40W&~9{u#iJ7v}#9QOLhK zPB!BOxfr)aAp6EA!x8BT{xG0ZEU^7R7N^-rbAEDU=2jNMAJ`KjpkLj_N<8Q2LxFXp z_{$t{Qh+x9)0A3}8MdGBKcJic`Cwnaksu&w3h0v#eYzWzjg-Ka~vyJ(A%qg+>@&_ zP6hY#Qr_@&^F?P)jhCQ4;3?V3qjP5ev%%o^nk~wA z|GXv(9?6aTSFVfC^8@&;%fj$TE3dY?puXsL^~F_v?dJTk4p-;9wC<>7VJ=#A2j#nX z7*FT+o2B?rTp)A%KTpwDL<(ifNG1cp0IXqD zFE#UAiVR*aufxL`S<4(Z7=~V8we*55>d131|0^xYa&m4WzW!9{j zED2MhW~f-1d+Gn{ts+v)#?V`>2WvU4zC5qxUZqi$(5j}qqGFeAoF%(fa@Q@9VT*9t z#Xazs7sL9}L@i?((mxfP(Beh%3`-cTg;vSV-mb&8SZw4el0E$Fj&!|wQY8tkOz6&X zTLtb0e>HyMK*G*+1&g)bqm643D>2BLJtxT+27tN4_Y{%)$ZeFVI#ezKLq9Y#{6hik*H?RI@)6n{t!SsK4^`#U4VrCSDXng= zk+8Jz(8V)v`f1Fo`MJdH{jbZ$V|#yM{1`@`dWP0^VIufj~(a%QdWa=dbD<@!WaUd`p_h%Dx64r~Te#WlX|NApg{g*YuKD;Rr~AIUET!z~>M*HN@4oTgo0WM68h+(_j*{t+ze`8=TTv>5RAhDg zVO6KcmJuRAGN$Ucx)&M6eS^~N(+enHtA-tQkfy@T-Ga`(c}XDK+^N&eFske-v%Rp9 z{>IjY9AWhC$MOW2T`P%o7Pb-f80-Yrn?lBMawga1zmYy7eoR2e$uP6LqHg%b!*5Ge|*Ua#Me{w%3!zvWvy(D)GknQ0e}OCa|`^d7wd|Ucu`rG&M1$A-Q04 z9ubW+`MNEQabAMgNWLkkmGtz1u%y8GcqnLC?fe;Y-ml>Xt@rPBZ-)m(e;|~Av!0w? zFS6IuH5_4bDlaMAx8vyMLVM2=JfF8>uYlME>istZOcn!HnwPyVd!)LfUC4e$NP$)< z_Nq=!w%X@=(MU0T8*{VvRYz zVc*8YI3HKOLNZrqht>XHCfGi{s)HNlrHc%s)kU*5P5CTlc6tJu6D)QZGdSr6otcCr zPlgEaQ|1ViT9^&z5?_;fS2JFiYfd|L4LoH)^L_DZ!ir^)vUzgL0S6)0m(N3zf zxr4nBdnj_8E#IHV;*-Qm=a|1PbIWi$-b_M!&2)zsx^2 z`*YQbR2!f1_`7Rj5G@M06(OfSI`?9mv}Trjqu-Lvr9;JK7N@;|k)eLnVoJtbR^kJ+Y2^_oi;345t1)w7i(!R^QEXsu_hs>D<6-= zggm8iYy?!t>+zRNC?vAD<7{Go-t9_E1YG~zkzNnwe-phMtLEyhj#iVq#C-{7SLbe- zpz6osRivg{xN3<4Q&k(X(WHxJv~;DuW(MDycz%31i!}?2R?o-6ft?~stbnorX1Tf; zY5K0`oJ1s1VjL27@{+gXZ|8}=n-4wNmL#;}@_^&fHh2OH1EXHg^(pbI?d}><>M*GD zp4N1JVthyD4uWa)GT~}+(#^Q*j*4+@+F-s|?NG z44fM`)ExQskH4S5H;Algw)EuL&CUHG zh@?wz`gYQa3QcQ@HeqynCsxtj8Ih&5y4CMaVu!HkCAD-_LXz;kt&LG&Bb}QDjCgw_0dqgNWtzXX&FuktgjWA6^WKy|_uFhZspW0L6SUdN zkql04ss%=C>bjfvHj%MQpC~3dvl3~)w6;ZMfo%z`bW-}GXahZT+EZv`5EItcDUHYV)vHpflx61GITUTxmqn~OKA-*o)^+ja zMmt+^RZn?&599T`_pvo%t4If?&z}Ozi9Nf8AGv6J0?mVKpSs}KasEs9)6hY?Dt{Uy z;EFC%$B8VKZszPnm?LOeNXHVGGh21#m#@^XV#(5Ys2z@ceRM?6vCPKlnzs*e(BAxV z+WWPCNeM?JRL7q}*L>o@{JBSGed%b1_nP#X!9u%X=-7xp0%2|sm0wt82(8$ix+h$Q zJvyZ(X!rfLw65i=E+3e}jcYHTXadH3!l1#!uzLHvzK6<6$ACeb`4qbDyWVhU$jHd= zuJ1XPMD1w%v~4Vjbu?^EHg0-)LPCR!f>}J6jf90S(#AC&i+gGOdTUQ}v(*IS-iu(i zeU0w@#r~)Z&!jEBAAfoI=mQ!gTKmKa@*-1xi+=PlgN%97P|cT2LkQ09CJ_hn>MM`# zr`+qr3)GN*Z#LL!@&tQQkH;V#Fu>_za%x#-ZXYsr(_o>4b>e36>eck0Q>$8+k;NBl zdMRthVXxn#Ofks6bj^SCnJ$Ag?y0w3)~Jva95hQ-y$T+U5@@JDm|$5CSwyiBmP#KE zg*L~RZ)X`T)~V+n-n5Md^ zdiRSs{hN}v-ITY%8zs@ETGBkG=+tXbA*}{GG#GA}xaJ%qdv!-f%wUnbb1;!$iR^TnM-1%kYIv^?9AMeGh6u4A+BLWm|`#k_eadw zV1c`RnKN}EB_PZZqAb`Upg3})m`el+H`tJ1HDh&Aog{|%;x&|(su9lOnEZtb(v(vV z_R@QSdeV#trn17jx9V=Ts!rI|;6%nhD@pz=)#yY{`~rZeKqZ-@7~p22U)(gYCAACcTqYOaQl>~V>g5QZpl(blI810+gy5Mha zCG#vqPi#;#kNl( zzsLc51M{P~j)`Q_Ey+Wmzc8Xg@X%z7YS3P6s@f`>g>{7z{OMgmShFi> z5Y=a|w#77j+CPmbP_2$my~MPgcwB`H0dZ*k9q&Y1e z2|xAhCz}((2%FmG82Oi5>N=PFyLo_Sw9jE9p(rg@gpF5Um=;?<+^$|pCv$b$sluMv z_!5)oIF-nNZmb?Gr;1ezSN14~yqu1I$(2*vuweBvGz4RhdY<#`=xk7j5(!c$b-Vef`o`oA#X00xiig*;>hcUIBXvb z;*7g%2>!ty z1vl)cZCg!6N?&Odd^!093YX&M-?u~TbWixW!wWVKu`{!@$Ue>NLViY*REO1+IK$!V zU*{UzZcTG`%n7I>@w#wi=ESgo?jHi52gQhcKPjC0Xo#KbtqCt3AXoU;$1}7?qF`8G z;el4}H&eeB(_{1=xHXAnG;FL$;>`#P3+KU}My*+m;lkGw>2f*Uq>sASj<0tsXA zo}On63#Y#4FlOMeEat(BcYsb7nq?kVw8aJ1ix|2Vt7OrP6St`nFkTU^fx_BoZH2S= zeunDz4bl_PPWlfa=Z+E>;7m`<@op%1{@Sj|@MuR4jjr={8fq)3!mu7cb35Z4%kWn! zbGB;+`}sI$EFwZ-mp(Ccr50-tYUppwhK+fkYvE#~vj;cO{NcZ=&HAPyIETLMF6FP; z**Q45r6k_BsQpm$2&_jdcHmZDeQHG5=nzbiY0DEzfD_mc|D{xb2nvm0=>b}@^-!#e zA_}mwMz@V_IM{h)i&)Eg&xC6sNmH_4!X9%IQ&drLl#$!QT7k8;j7eOGaLuiL+p}6s zIiEz4{5w-uxR5mFoTBPP1{O0;N{2o2I?C(REg5N|aI*yq{r<#?9j*whrf|{b#>APk zR?J)2n?UwwWloGEzD+p`Bb$CAIls(O-1cI#0~v72jCqsI3;E-(pg4YdtUhs7w*ax` z#yY-PMeSF}o2V#cDg(15EnG?~#Y8%2X71eV+C`33jNrHm%RNH!TkB?zWR0dF8S?Or zy;ZA+vJ_s1XzuK|-9?Wu^4w;-jlzMYvu#=*5}or^^(Z)%sblbM*jon}1|ao_1~xtZ z22D8d7%oE}WihPw!o^G&v|V#*rXifs*9jQRsONS}KB<%n_+IDg`l@vBk(1WWqC9EV z!aTpu$)MLC$UXggKK8)*RSLDkZ<^SWJ;6*<-R@{G>?L$Cne6N0Fo2>P+t>x`0-rB$H;!lS0opOEV;h$ z{rSK%+VWnXF?cHBgLJz$|#aJAAQk=Sx5gM%^MShM*&kFgBVIrYI^ zo|#j74E;0y?(Qn{05CSTt$y&zE?rusG6K%X16!ev3{Crrr``=kIIyUvzt!2-JwEC; zhnD_^rqmjah!Vg$r;Tu4==8@Mryp2Cmov5_tJ}A4pKB%gMp-=^`_Ex@BKLAe)R7CM zAkePg9G95{N9^6Srq5#i*I6G_pSo4|kv*Qk%#c9*YMPI95{IQ{_Ii$cBU?}Ja4f5tWLhtysV!wrl;&q&wFMieRj84p=IGob7RR?R)nYw|-|};EwIsu`5qJ z1nVV3#N~YOsYOSsr#gL97OSFaM^s-&7`o4ijfA_)d=Xy{)It!zioYUwR9~b5lhGim z!P*s=v9!OsM-5Z$Vgu*|>^}w#>c%qJm=-IlG7uwo6^=&e*T@LrX(~Ij*Kfto(7=D> zM7JPi$5)TVj6`ERJgWCMuf=u~Yr1V{7;gVQ1SR3pr!D5@`le*>k9(DEg?np_m#p5N z>>KyDf$HPL#Kc~Yz(zv*q3y#FXZ*5@ozC?JU|4LvuT%Ea^IX{#kI3$0WyQN-Aw6pE zgGYwv=b>2N*vz(#x>QH9resernC~7;4KS2XPFvT=?Ni6&*ecBT{R4llnq@+$wa;^@ z%*9hJ*sap*Ep7~5x$$15&7s{@!XI7yaHr7P8mWLGMOk%fw(*h&6g?_cbbam3*US^- zKgN?9->udJe0b%*?|!4g*-OmSD$8r=@e8P$v&~s%<-#49$7*tNLQrh-_h9Q4N2ZCz znoT0i_iLobOG>*3y@L1fFrN1jH~ugqlI z<}F`77OeIQG)~&>PJ5fY-tVweq`jNHkBz$=mTb!+&mQf6IP@Om%j!uI$x9dD8i2hv zw=)z<&~VHIcI%tlRhut+`|#VI9^ll2Qv#jQNg_J<|BUahsIU~-`CnCZmtP&akSN+* z3g_+Avq-RP%!@*5tdrr47_67t(fqpGLCVW}g6rGn(lOr;JLtOlUfLTcr;)TM5%Kf| zw=NB93F~mnKEAloQv!zc?Z(OCtFy4~CN$AkL1(uT4NpfkaNh${nJk0KKYrcpYXGKF zKfkhCp#JPCe9A+=D|muju5PQ-=?17CE>H7nWSDEy^foPH3^D;WQ&K(RPf<3dmHL<&0$8 z$^rNy5_2R~g@L!mrfwO&%F2R*11GaY49U;eNNKb!I@{FufUTU8~kD^O^$OsB8{~RDV`fvJmQeX zXGF5>h!kDSdKjozo)7EGg72}@*Dz!Xq=#<+93HJ|9m}47>O3st}3@3s?x;A0Z(f8R{#QpH52~8nOphyo;7v zXjOex^deQmg2EX~?6t2yTziMbMY`VqGl}(ZY0X}i0%;1MTRSItYYg)$wo3yy z0gAD)!BVRTB*I%hhzu#z|6q~A^=tqP1i?Op$NV55>fIGHvk894>EZFFj){o}s-@<} zCS<_F$d^h8DB&=tv)~^3w%HUbGHfZM3rj=iEgI)t%x!fbG@rKD-e1l>_T)N%n!gNF z63PLx0)-rTe9_advYVh}`8M*}6dB6{hW#i;x5tKgF0%GF`hSMae+CMz!T;Zz`QM$I f|I-q5z!&(F#SXXuoQBO$?Enc8S>YPNKLP&_24g)z literal 5797 zcmb`LXH-*Nv&RouAT%L}(lH@`g7n@ZgdjnrE9Joi5D@9oi-a1f0znXzCPf74Rq05P zBE2J3X+jVXq=t5b-sfHS!~JsCx>+mPIaxD1vuFPMx6hey9W6ClDpo200BF@wNId`` zry+fRNl8xntOZLFNduXyo*Duu>SbRcU7WX8)>H<7(irL^^9!VF&=ZugD*({7oW04~ zopLP!;EJ3&Qu&@2W-WEiiCs0V{h)U1(o|%f^4taC{#3lyRiTNYz-G|6>T)x<>C2o< z)%}DVN@cC&N^-j`x862hvi41dap&h2;Luh`iN*Z&tFk{zqHlIZ7w6T~)aKRLDJTwE z>{Z?3!d9-IxGU1u6a8|06nYtxNzrgpf&kzb0tEm8i3x~@-rfhhsnwk;o8bbI*RSv7 zRVnL>$3;d)=I7@Vd&vN|wkr_ljhXrhq*av<@z|AOR^j*5YEByVd!K(ORqnZSPe0QV zr(c_L91?$J6FWxi^aTV2h(hE*MWi%rbZqRi{7_)zn+BgboAwx;&7IwE)ZCTd8+%W4 zo%jGHleeL*1cI&m)(bCdg3%>{AP3jMGO>pRt4{`$#eu~i{2%#%hDRYh7_npa;=+Q&bc$RQ}ueC)26|HIRg!f-;cpZ!dd<1N7s^x zQs;n*=S<+ejoDk0KHZy%LitWU<)RYoM%8j9LdNjPcXCwWPrOUJiNCTV!;j+x;yEuZVj7#hsL#VCUzH z7Yu}EPiiB5$NeR2c|S5}4cn~QqbSk2X~&C+rrW8crO^t&Y#Cp!9UI`hiaDMZZQq$U zk90^av)aGQ>*8yiQq<+9>)w(&Zw-&iFcydDwKM3+hxqghu=17G9l*tgtYP<9Fz)of%ZVvPF~QT0>Pr{f<_m8-@U&kRi0S ztu2HS)NWjphm&R9nCh`c8hBB@_dMRZ_aWw1MOcl@T2_thyZF~COQi|rb-yGqZ@Vv! zeEN!6j!2a&tEGxjT6!?a2;NA=9uW6tSCVOge%4*BhjqlkL~XgHLCNfWmxT|_((|5k zgWH0kw3?%gU@hhf7O*4F2Ny*xg{NY$x5H&wh66Cr2R>LdP5sDYiGQ<5NX(zyQ?(l_ zd%4Z4#9UFz^u!Y!TT>l}y4hFaGU5ey#B+k%(o`O|tIX|pw0myMjCisF>5>KbDp}9@ zJ!@0&*_^^ zOZ$#qPHGT_W!mcqE;<`sa)IJss(7H@3ig$`$OGM}xZX=Q>~N{Hpih!k&#lGIlPDXplGklC%a5cTewA-k+~!4&hT z-evARVSk)dtcG>~5S$OeeIr!9KP7f`MGvHNjsynQw~P#Rb#)Qf$pK3U53JRsw=;j| z^r)**)+5+Q3kuP~5a*AejR#bK!wWDtXlG}~sWJIzA;0MK3oRiHBfA+tu7alr`avrY z29dp%9*v#Yz21hpLjU}8?gfV03e%@O6eF9WX<}qbp%T=fCIW%5v(cD8DiCb(hKt2# z^)H^-`P2P8mkj4FVm(e$V<(&rrG{_J znm6thE6fzIyGPU_e(;;Zy?!apngx_0Pz&^6(#gPGY2NWi_$O{%;-m! z^mux3Y6yuOw<|HSA|+#+i3*Zajn@?oJ~g#1G2%vd}6ZE&bzHmgcYCMUDcY{h+=w^GoW zb(r$F*C-WeL$4=e&Zlhob?Gxh*67zc82N*{$1eA0Z36W4cJVUuuBHn}zNG3A8TeMI zg-|uWh_n06X;}&9-!eL751-+l2Y&u~yftpivR?*&xmNij&*$;-;I=+NxdQ39Zk(qW z@5{+E35!f)F?pJe)+=ml2kY2=VFRBMbCRJjxv}p)%alq-sVxrpBiWnlBM&9ekOi&*r5a_bwZxSEbuf6n8x2PPDJSk(0f3+3TYHe|A zL*8fp+k5$k8Ux|c=>7GMev|0(h3f|)ay~`i>wY!RdOap?CwBqCb(jK#frd##N?gCm ze%A86R-#g8rqgY2_f^9Qp8KmWcXr&5{aFLHbZ77#kx%#5X&)R7J0~2$3Pn7gWGt{f zf!I`eh!)5|Vns|du6TkoQha{yoMgYFdr68*V$na_ndcS<^SDX=@7L$!SrM7~35kiJ z`8gb}otmW=)WkUFky~tz?BIvFUepi2FoN?qu?RC%NMI>9Lu}TBv`L<1JaJ#yv@)`R zg|_ml;2I%n=u}4Z{+K80nKEQ`*oxg&E;XOyP(v=_c(vVFjJ8pA~%iWTAEp&gDs{&o7s z;aWXP&QK;$rQo?i0wjlmXineLHELTlr}VAxQdmvMcm!>W~Hw4;LclKE5;k4(e?MZoKG$b@TX%GH{BdEGo9Gt!3c6O zB~-j7?mRshPlm{}hr$Bz0W|brD@F(z$uR(bJ(&`84R-BZts-pqlHycKk^JYn`~S@` zRi-~i=>ZTDi+*qVntDx0*R!PDsg))O@+-m?F8dhe&qz<=cS4V`9$4y1PH>qOTQO9d z0jz{lx){L$=4Y<3@`S)1SSJQn?3WDG zlMvyI_Bw7k$$BV0kd0?vH;wNZOssJD8}el-*l-+Imv`1L9X&ScYPJ&T^G&}~lm=I6 z)e<-h^&x4^9p`i}8>VJ@LM4;-ww{5RiPs5_wKyps4>AsG*3wv9(H-lYxtY7@ZE8bk^t5}Pkh!XdsI~fgPZ)xnRAnWr^;0BjA=@9mTXr_5 zY?beo%f^MehD>{#(G@m}jRchozd?FtJ>_DMZa#(YI$O5=a34>nXE-Nl`(n={M<7gy zaBnm#W6nEE-@<#KYjZ>%{HGSz#?_A=efuD@j2yb9DC3tgx3BwDY-Y(MdKQ6Nwy@xa zVx_8u)oGX}oi!leho|wBkDl|?JYh8wD<9 z3rg-9_vt7r!YdKY^05W0=;)N|oW>jIW}$x^$0<7>eTS>NgU%@}8uyPIZlL~%Ffb?- zCw0fF#{>P<^V({ZztQl^*<;lWFU}usaSmP#f&ey-u4roX6v#1L!)0R zQ$$`BsWGZX{wEP6QR>29t3Uek@5Cf^15lWm34|nO9Fh!)`t$)oQXyq{+27dzmu;}X z47R9@bV~E4V|uVb(||(7vy)_rH$>Un+drsvc6ae%XEJrYH8uQ^_6`U_#?m1G1JVu8 zb_?#j(%1jn==Q7$tF2J#r1OS(pP>0TtII?0*J8HvS%jd+6f4g)>q~1P&a2akEFtP2 z5>(c`_Y&Z7xHwBTi8w+=59u?fSZCYj3Uce8z_H!X`IP18d7?8%Y`wsu~DBb-^JhNpSp93YPU{xFtTMs zKlmB1WBnBT(m-$&61wORNC#L$t$U0yQNA!1dMbXOG9^?-cLrc ziB@zLkC%u6ZwYT)g%~d6FZA?tAdvd&Tf8l=*kdBtdkn8uec&y6Kg5ehJWsOcFx9dv z2ou7Uzr6=*1JcfB^x@Z&3*)Yo1SP$m?`msHw;7-B>K%3KElc`SxbU*~EqI+7OGcSE zi`aqp#X=|+4Yb`LPiyXLgX9?*B~yl52!WAMkE`?D;$_n_CepnvfvwsHDi8Xt!*{7- zM&#!Yb0+^qbm}u?bNJh#8~TxSf@3M(H7oE*+RE23r&Gq-d?w7$um#Cnw zVs)CM=an@~6&18azmT%nhOms>clko4vaQp$XqlZ&nmBGJH+TS*9x`FAVEuwilQ}rK zHb&JeRp&iS1ehex?* zj^_`@LJzuBY~0m-H3#lo4KD>Bx`>z4T$DVP&NW&yVU=Cxb57u6v$22k(fUre-8Lih zRoJeovP6Yv&C;L0pbT%ranL|TuDo+p&0%r#JJ?*>GRIE1k0mr+iD_g*kb6*&POtQR z2&8bgsos>2u!h1RF)EeU zO_DCW46Z7YeOGGx0TZz6`nDvo?(!Pv&s5~{#9;i+@BG%#D`|L<9LBPLZkwCs1bGuo z>iicE{*p*UTv#QuYU>$pXC(+PvEKgFT z%|c0H58#w93=oLQ=Lo1QdYIR06L;R8l<%Lw^idiP@7A~6)8H_5C!x!lCj6RvW<~)J z_Ra`?Gwu^3c$6}qFQ?f!(^|*&3O5X=cU2qp$wLYCiLQSUznmH0$cCBXuoH^@!T=@+ z^z>d$oK(dYeq|Oosd2x%kG1}tB#TWpjanx?Wc~!|IlyhZ%{|Z2d38`#N+U^5lYO)SW&rKR z{jtz{#vIj=R|&UnO52fsZ9Pc})Y@x%c|dHN{NZHIhH)(Yy3J{F+Mw0Y(Xdl_h;V4s zLSJsBLO8az9ADC|XGE>VC7eA*r-TBOE2$J<#(}2`8CiMbG;%< YKkN}`pSZl Date: Fri, 6 Oct 2017 13:25:41 -0700 Subject: [PATCH 5/6] update per celested --- .../get-started-with-microsoft-education.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/education/get-started/get-started-with-microsoft-education.md b/education/get-started/get-started-with-microsoft-education.md index 46a130c709..f85c99e3c1 100644 --- a/education/get-started/get-started-with-microsoft-education.md +++ b/education/get-started/get-started-with-microsoft-education.md @@ -147,14 +147,14 @@ To learn more about the services and tools mentioned in this walkthrough, and le - Deployment using Clever Sync: How to deploy School Data Sync by using Clever Sync and School Data Sync required attributes for Clever sync - Deployment using OneRoster CSV files: How to deploy School Data Sync by using OneRoster CSV files - Azure Active Directory features used by Intune for Education, including: - - Single Sign-On" Allow your AAD users to access SSO-enabled apps, so they don’t need to type in their credentials to access these apps - - MDM auto-enrollment: Devices are automatically enrolled with Intune upon being joined with AADJ - - Enterprise State Roaming: Keep school data and personal data separate on your devices. - - Dynamic Groups: You can use dynamic groups to create rules that populate your groups (e.g. a group with all 9th graders) instead of having to manually add/remove members of the groups. Group stays updated by continually staying populated with members that fit the rules you pick. - - Password write-back: Password writeback allows you to configure Azure AD to write passwords back to your on-premises Active Directory. It removes the need to set up and manage a complicated on-premises self-service password reset solution, and it provides a convenient cloud-based way for your users to reset their on-premises passwords wherever they are. - - Administrative Units: **don't quite know what to put here** - - Additional local administrators: **don't quite know what to put here** - - Self-service BitLocker recovery: **don't quite know what to put here** +- Single Sign-On (SSO) - Allow your Azure AD users to access SSO-enabled apps, so they don’t need to type in their credentials to access these apps. +- MDM auto-enrollment - Devices are automatically enrolled with Intune upon being joined with Azure AD join. +- Enterprise state roaming - Keep school data and personal data separate on your devices. +- Dynamic groups - You can use dynamic groups to create rules that populate your groups (for example, a group with all 9th graders) instead of having to manually add or remove members of the groups. The group stays updated by continually staying populated with members that fit the rules you pick. +- Password write-back - Allows you to configure Azure AD to write passwords back to your on-premises Active Directory. It removes the need to set up and manage a complicated on-premises self-service password reset solution, and it provides a convenient cloud-based way for your users to reset their on-premises passwords wherever they are. +- Administrative units +- Additional local administrators +- Self-service BitLocker recovery - A self-service portal that allows your employees to retrieve their BitLocker recovery key and avoid support calls. **For teachers** From 88b198b7005bb830cfd484b84153580048d2e581 Mon Sep 17 00:00:00 2001 From: Barry Langer Date: Fri, 6 Oct 2017 15:05:13 -0700 Subject: [PATCH 6/6] indents --- .../get-started-with-microsoft-education.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/education/get-started/get-started-with-microsoft-education.md b/education/get-started/get-started-with-microsoft-education.md index f85c99e3c1..899c7aa79e 100644 --- a/education/get-started/get-started-with-microsoft-education.md +++ b/education/get-started/get-started-with-microsoft-education.md @@ -147,14 +147,14 @@ To learn more about the services and tools mentioned in this walkthrough, and le - Deployment using Clever Sync: How to deploy School Data Sync by using Clever Sync and School Data Sync required attributes for Clever sync - Deployment using OneRoster CSV files: How to deploy School Data Sync by using OneRoster CSV files - Azure Active Directory features used by Intune for Education, including: -- Single Sign-On (SSO) - Allow your Azure AD users to access SSO-enabled apps, so they don’t need to type in their credentials to access these apps. -- MDM auto-enrollment - Devices are automatically enrolled with Intune upon being joined with Azure AD join. + - Single Sign-On (SSO) - Allow your Azure AD users to access SSO-enabled apps, so they don’t need to type in their credentials to access these apps. + - MDM auto-enrollment - Devices are automatically enrolled with Intune upon being joined with Azure AD join. - Enterprise state roaming - Keep school data and personal data separate on your devices. -- Dynamic groups - You can use dynamic groups to create rules that populate your groups (for example, a group with all 9th graders) instead of having to manually add or remove members of the groups. The group stays updated by continually staying populated with members that fit the rules you pick. -- Password write-back - Allows you to configure Azure AD to write passwords back to your on-premises Active Directory. It removes the need to set up and manage a complicated on-premises self-service password reset solution, and it provides a convenient cloud-based way for your users to reset their on-premises passwords wherever they are. -- Administrative units -- Additional local administrators -- Self-service BitLocker recovery - A self-service portal that allows your employees to retrieve their BitLocker recovery key and avoid support calls. + - Dynamic groups - You can use dynamic groups to create rules that populate your groups (for example, a group with all 9th graders) instead of having to manually add or remove members of the groups. The group stays updated by continually staying populated with members that fit the rules you pick. + - Password write-back - Allows you to configure Azure AD to write passwords back to your on-premises Active Directory. It removes the need to set up and manage a complicated on-premises self-service password reset solution, and it provides a convenient cloud-based way for your users to reset their on-premises passwords wherever they are. + - Administrative units + - Additional local administrators + - Self-service BitLocker recovery - A self-service portal that allows your employees to retrieve their BitLocker recovery key and avoid support calls. **For teachers**