From e074ca48d307e14e4590666cee8f6b116d15319a Mon Sep 17 00:00:00 2001 From: "H. Poulsen" Date: Tue, 12 Apr 2016 16:15:19 -0700 Subject: [PATCH 001/111] Post-migration cleanup - author updates --- ...ows-10-operating-system-image-using-configuration-manager.md | 2 +- ...10-deployment-with-windows-pe-using-configuration-manager.md | 2 +- windows/deploy/assign-applications-using-roles-in-mdt-2013.md | 2 +- ...build-a-distributed-environment-for-windows-10-deployment.md | 2 +- windows/deploy/configure-mdt-2013-for-userexit-scripts.md | 2 +- windows/deploy/configure-mdt-2013-settings.md | 2 +- windows/deploy/configure-mdt-deployment-share-rules.md | 2 +- ...a-custom-windows-pe-boot-image-with-configuration-manager.md | 2 +- ...create-a-task-sequence-with-configuration-manager-and-mdt.md | 2 +- windows/deploy/create-a-windows-10-reference-image.md | 2 +- ...ion-to-deploy-with-windows-10-using-configuration-manager.md | 2 +- windows/deploy/deploy-a-windows-10-image-using-mdt.md | 2 +- .../deploy-windows-10-using-pxe-and-configuration-manager.md | 2 +- ...ndows-10-with-system-center-2012-r2-configuration-manager.md | 2 +- .../deploy-windows-10-with-the-microsoft-deployment-toolkit.md | 2 +- windows/deploy/deploy-windows-to-go.md | 2 +- ...tion-for-windows-10-deployment-with-configuration-manager.md | 2 +- .../deploy/get-started-with-the-microsoft-deployment-toolkit.md | 2 +- windows/deploy/integrate-configuration-manager-with-mdt-2013.md | 2 +- windows/deploy/key-features-in-mdt-2013.md | 2 +- windows/deploy/mdt-2013-lite-touch-components.md | 2 +- .../monitor-windows-10-deployment-with-configuration-manager.md | 2 +- windows/deploy/prepare-for-windows-deployment-with-mdt-2013.md | 2 +- ...uch-installation-of-windows-10-with-configuration-manager.md | 2 +- ...dows-7-client-with-windows-10-using-configuration-manager.md | 2 +- windows/deploy/refresh-a-windows-7-computer-with-windows-10.md | 2 +- ...dows-7-client-with-windows-10-using-configuration-manager.md | 2 +- .../replace-a-windows-7-computer-with-a-windows-10-computer.md | 2 +- windows/deploy/set-up-mdt-2013-for-bitlocker.md | 2 +- .../simulate-a-windows-10-deployment-in-a-test-environment.md | 2 +- ...ade-to-windows-10-with-system-center-configuraton-manager.md | 2 +- ...grade-to-windows-10-with-the-microsoft-deployment-toolkit.md | 2 +- windows/deploy/use-orchestrator-runbooks-with-mdt-2013.md | 2 +- ...e-mdt-database-to-stage-windows-10-deployment-information.md | 2 +- windows/deploy/use-web-services-in-mdt-2013.md | 2 +- windows/deploy/windows-10-deployment-scenarios.md | 2 +- windows/deploy/windows-deployment-scenarios-and-tools.md | 2 +- windows/keep-secure/device-guard-deployment-guide.md | 2 +- windows/keep-secure/microsoft-passport-guide.md | 2 +- ...ets-by-controlling-the-health-of-windows-10-based-devices.md | 2 +- windows/keep-secure/windows-10-enterprise-security-guides.md | 2 +- windows/keep-secure/windows-10-mobile-security-guide.md | 2 +- windows/keep-secure/windows-10-security-guide.md | 2 +- windows/plan/best-practice-recommendations-for-windows-to-go.md | 2 +- windows/plan/chromebook-migration-guide.md | 2 +- windows/plan/deployment-considerations-for-windows-to-go.md | 2 +- windows/plan/prepare-your-organization-for-windows-to-go.md | 2 +- ...rity-and-data-protection-considerations-for-windows-to-go.md | 2 +- windows/plan/windows-10-compatibility.md | 2 +- windows/plan/windows-10-deployment-considerations.md | 2 +- windows/plan/windows-10-guidance-for-education-environments.md | 2 +- windows/plan/windows-10-infrastructure-requirements.md | 2 +- windows/plan/windows-10-servicing-options.md | 2 +- windows/plan/windows-to-go-frequently-asked-questions.md | 2 +- windows/plan/windows-to-go-overview.md | 2 +- 55 files changed, 55 insertions(+), 55 deletions(-) diff --git a/windows/deploy/add-a-windows-10-operating-system-image-using-configuration-manager.md b/windows/deploy/add-a-windows-10-operating-system-image-using-configuration-manager.md index 7be8c2bbe2..13a328ea77 100644 --- a/windows/deploy/add-a-windows-10-operating-system-image-using-configuration-manager.md +++ b/windows/deploy/add-a-windows-10-operating-system-image-using-configuration-manager.md @@ -6,7 +6,7 @@ keywords: ["image, deploy, distribute"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: CFaw +author: mtniehaus --- # Add a Windows 10 operating system image using Configuration Manager diff --git a/windows/deploy/add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md b/windows/deploy/add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md index b655ccdd8b..8e72718b82 100644 --- a/windows/deploy/add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md +++ b/windows/deploy/add-drivers-to-a-windows-10-deployment-with-windows-pe-using-configuration-manager.md @@ -6,7 +6,7 @@ keywords: ["deploy, task sequence"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: CFaw +author: mtniehaus --- # Add drivers to a Windows 10 deployment with Windows PE using Configuration Manager diff --git a/windows/deploy/assign-applications-using-roles-in-mdt-2013.md b/windows/deploy/assign-applications-using-roles-in-mdt-2013.md index d5fba8327f..a93346b78f 100644 --- a/windows/deploy/assign-applications-using-roles-in-mdt-2013.md +++ b/windows/deploy/assign-applications-using-roles-in-mdt-2013.md @@ -6,7 +6,7 @@ keywords: ["settings, database, deploy"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: CFaw +author: mtniehaus --- # Assign applications using roles in MDT diff --git a/windows/deploy/build-a-distributed-environment-for-windows-10-deployment.md b/windows/deploy/build-a-distributed-environment-for-windows-10-deployment.md index 8d78744690..481c3d0c86 100644 --- a/windows/deploy/build-a-distributed-environment-for-windows-10-deployment.md +++ b/windows/deploy/build-a-distributed-environment-for-windows-10-deployment.md @@ -6,7 +6,7 @@ keywords: ["replication, replicate, deploy, configure, remote"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: CFaw +author: mtniehaus --- # Build a distributed environment for Windows 10 deployment diff --git a/windows/deploy/configure-mdt-2013-for-userexit-scripts.md b/windows/deploy/configure-mdt-2013-for-userexit-scripts.md index 01607fa6ca..69aaf853db 100644 --- a/windows/deploy/configure-mdt-2013-for-userexit-scripts.md +++ b/windows/deploy/configure-mdt-2013-for-userexit-scripts.md @@ -6,7 +6,7 @@ keywords: ["rules, script"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: CFaw +author: mtniehaus --- # Configure MDT for UserExit scripts diff --git a/windows/deploy/configure-mdt-2013-settings.md b/windows/deploy/configure-mdt-2013-settings.md index 40a852f3b9..853cc6bf85 100644 --- a/windows/deploy/configure-mdt-2013-settings.md +++ b/windows/deploy/configure-mdt-2013-settings.md @@ -6,7 +6,7 @@ keywords: ["customize, customization, deploy, features, tools"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: CFaw +author: mtniehaus --- # Configure MDT settings diff --git a/windows/deploy/configure-mdt-deployment-share-rules.md b/windows/deploy/configure-mdt-deployment-share-rules.md index f0b9946f1e..a600557e1a 100644 --- a/windows/deploy/configure-mdt-deployment-share-rules.md +++ b/windows/deploy/configure-mdt-deployment-share-rules.md @@ -6,7 +6,7 @@ keywords: ["rules, configuration, automate, deploy"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: CFaw +author: mtniehaus --- # Configure MDT deployment share rules diff --git a/windows/deploy/create-a-custom-windows-pe-boot-image-with-configuration-manager.md b/windows/deploy/create-a-custom-windows-pe-boot-image-with-configuration-manager.md index 7b6d831fae..049c3e93c2 100644 --- a/windows/deploy/create-a-custom-windows-pe-boot-image-with-configuration-manager.md +++ b/windows/deploy/create-a-custom-windows-pe-boot-image-with-configuration-manager.md @@ -6,7 +6,7 @@ keywords: ["tool, customize, deploy, boot image"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: CFaw +author: mtniehaus --- # Create a custom Windows PE boot image with Configuration Manager diff --git a/windows/deploy/create-a-task-sequence-with-configuration-manager-and-mdt.md b/windows/deploy/create-a-task-sequence-with-configuration-manager-and-mdt.md index 3430f96464..03c856a7dc 100644 --- a/windows/deploy/create-a-task-sequence-with-configuration-manager-and-mdt.md +++ b/windows/deploy/create-a-task-sequence-with-configuration-manager-and-mdt.md @@ -6,7 +6,7 @@ keywords: ["deploy, upgrade, task sequence, install"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: CFaw +author: mtniehaus --- # Create a task sequence with Configuration Manager and MDT diff --git a/windows/deploy/create-a-windows-10-reference-image.md b/windows/deploy/create-a-windows-10-reference-image.md index 61dd970142..f501072a3f 100644 --- a/windows/deploy/create-a-windows-10-reference-image.md +++ b/windows/deploy/create-a-windows-10-reference-image.md @@ -6,7 +6,7 @@ keywords: ["deploy, deployment, configure, customize, install, installation"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: CFaw +author: mtniehaus --- # Create a Windows 10 reference image diff --git a/windows/deploy/create-an-application-to-deploy-with-windows-10-using-configuration-manager.md b/windows/deploy/create-an-application-to-deploy-with-windows-10-using-configuration-manager.md index d0edd50de2..c47ac7bc38 100644 --- a/windows/deploy/create-an-application-to-deploy-with-windows-10-using-configuration-manager.md +++ b/windows/deploy/create-an-application-to-deploy-with-windows-10-using-configuration-manager.md @@ -6,7 +6,7 @@ keywords: ["deployment, task sequence, custom, customize"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: CFaw +author: mtniehaus --- # Create an application to deploy with Windows 10 using Configuration Manager diff --git a/windows/deploy/deploy-a-windows-10-image-using-mdt.md b/windows/deploy/deploy-a-windows-10-image-using-mdt.md index 9ae073428b..366d5f7b7c 100644 --- a/windows/deploy/deploy-a-windows-10-image-using-mdt.md +++ b/windows/deploy/deploy-a-windows-10-image-using-mdt.md @@ -6,7 +6,7 @@ keywords: ["deployment, automate, tools, configure"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: CFaw +author: mtniehaus --- # Deploy a Windows 10 image using MDT 2013 Update 2 diff --git a/windows/deploy/deploy-windows-10-using-pxe-and-configuration-manager.md b/windows/deploy/deploy-windows-10-using-pxe-and-configuration-manager.md index 3ee3168fb2..0cdf8e0509 100644 --- a/windows/deploy/deploy-windows-10-using-pxe-and-configuration-manager.md +++ b/windows/deploy/deploy-windows-10-using-pxe-and-configuration-manager.md @@ -6,7 +6,7 @@ keywords: ["deployment, image, UEFI, task sequence"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: CFaw +author: mtniehaus --- # Deploy Windows 10 using PXE and Configuration Manager diff --git a/windows/deploy/deploy-windows-10-with-system-center-2012-r2-configuration-manager.md b/windows/deploy/deploy-windows-10-with-system-center-2012-r2-configuration-manager.md index 747ea8bb0e..32ee03ca6c 100644 --- a/windows/deploy/deploy-windows-10-with-system-center-2012-r2-configuration-manager.md +++ b/windows/deploy/deploy-windows-10-with-system-center-2012-r2-configuration-manager.md @@ -6,7 +6,7 @@ keywords: ["deployment, custom, boot"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: CFaw +author: mtniehaus --- # Deploy Windows 10 with System Center 2012 R2 Configuration Manager diff --git a/windows/deploy/deploy-windows-10-with-the-microsoft-deployment-toolkit.md b/windows/deploy/deploy-windows-10-with-the-microsoft-deployment-toolkit.md index bcb0321bfd..dec8665051 100644 --- a/windows/deploy/deploy-windows-10-with-the-microsoft-deployment-toolkit.md +++ b/windows/deploy/deploy-windows-10-with-the-microsoft-deployment-toolkit.md @@ -6,7 +6,7 @@ keywords: ["deploy", "tools", "configure", "script"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: CFaw +author: mtniehaus --- # Deploy Windows 10 with the Microsoft Deployment Toolkit diff --git a/windows/deploy/deploy-windows-to-go.md b/windows/deploy/deploy-windows-to-go.md index 45666c4a6c..609ae81687 100644 --- a/windows/deploy/deploy-windows-to-go.md +++ b/windows/deploy/deploy-windows-to-go.md @@ -6,7 +6,7 @@ keywords: ["deployment, USB, device, BitLocker, workspace, security, data"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: CFaw +author: mtniehaus --- # Deploy Windows To Go in your organization diff --git a/windows/deploy/finalize-the-os-configuration-for-windows-10-deployment-with-configuration-manager.md b/windows/deploy/finalize-the-os-configuration-for-windows-10-deployment-with-configuration-manager.md index 3224e87eca..67136031be 100644 --- a/windows/deploy/finalize-the-os-configuration-for-windows-10-deployment-with-configuration-manager.md +++ b/windows/deploy/finalize-the-os-configuration-for-windows-10-deployment-with-configuration-manager.md @@ -6,7 +6,7 @@ keywords: ["configure, deploy, upgrade"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: CFaw +author: mtniehaus --- # Finalize the operating system configuration for Windows 10 deployment with Configuration Manager diff --git a/windows/deploy/get-started-with-the-microsoft-deployment-toolkit.md b/windows/deploy/get-started-with-the-microsoft-deployment-toolkit.md index 57a20dea3e..80d8c4e9f8 100644 --- a/windows/deploy/get-started-with-the-microsoft-deployment-toolkit.md +++ b/windows/deploy/get-started-with-the-microsoft-deployment-toolkit.md @@ -6,7 +6,7 @@ keywords: ["deploy", "image", "feature", "install", "tools"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: CFaw +author: mtniehaus --- # Get started with the Microsoft Deployment Toolkit (MDT) diff --git a/windows/deploy/integrate-configuration-manager-with-mdt-2013.md b/windows/deploy/integrate-configuration-manager-with-mdt-2013.md index 3ad425ec3f..fb39507c19 100644 --- a/windows/deploy/integrate-configuration-manager-with-mdt-2013.md +++ b/windows/deploy/integrate-configuration-manager-with-mdt-2013.md @@ -6,7 +6,7 @@ keywords: ["deploy, image, customize, task sequence"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: CFaw +author: mtniehaus --- # Integrate Configuration Manager with MDT 2013 Update 2 diff --git a/windows/deploy/key-features-in-mdt-2013.md b/windows/deploy/key-features-in-mdt-2013.md index cf864d189c..21bcc2ef9a 100644 --- a/windows/deploy/key-features-in-mdt-2013.md +++ b/windows/deploy/key-features-in-mdt-2013.md @@ -6,7 +6,7 @@ keywords: ["deploy, feature, tools, upgrade, migrate, provisioning"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: CFaw +author: mtniehaus --- # Key features in MDT 2013 Update 2 diff --git a/windows/deploy/mdt-2013-lite-touch-components.md b/windows/deploy/mdt-2013-lite-touch-components.md index 0bfae9889e..580575314a 100644 --- a/windows/deploy/mdt-2013-lite-touch-components.md +++ b/windows/deploy/mdt-2013-lite-touch-components.md @@ -6,7 +6,7 @@ keywords: ["deploy, install, deployment, boot, log, monitor"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: CFaw +author: mtniehaus --- # MDT 2013 Update 2 Lite Touch components diff --git a/windows/deploy/monitor-windows-10-deployment-with-configuration-manager.md b/windows/deploy/monitor-windows-10-deployment-with-configuration-manager.md index 6b38847674..7802d20b05 100644 --- a/windows/deploy/monitor-windows-10-deployment-with-configuration-manager.md +++ b/windows/deploy/monitor-windows-10-deployment-with-configuration-manager.md @@ -6,7 +6,7 @@ keywords: ["deploy, upgrade"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: CFaw +author: mtniehaus --- # Monitor the Windows 10 deployment with Configuration Manager diff --git a/windows/deploy/prepare-for-windows-deployment-with-mdt-2013.md b/windows/deploy/prepare-for-windows-deployment-with-mdt-2013.md index 4e0d835ea6..19e866a468 100644 --- a/windows/deploy/prepare-for-windows-deployment-with-mdt-2013.md +++ b/windows/deploy/prepare-for-windows-deployment-with-mdt-2013.md @@ -6,7 +6,7 @@ keywords: ["deploy, system requirements"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: CFaw +author: mtniehaus --- # Prepare for deployment with MDT 2013 Update 2 diff --git a/windows/deploy/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md b/windows/deploy/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md index ca1a31fd3a..d9735f4ee1 100644 --- a/windows/deploy/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md +++ b/windows/deploy/prepare-for-zero-touch-installation-of-windows-10-with-configuration-manager.md @@ -6,7 +6,7 @@ keywords: ["install, configure, deploy, deployment"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: CFaw +author: mtniehaus --- # Prepare for Zero Touch Installation of Windows 10 with Configuration Manager diff --git a/windows/deploy/refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md b/windows/deploy/refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md index 374661ead5..7d5143cf31 100644 --- a/windows/deploy/refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md +++ b/windows/deploy/refresh-a-windows-7-client-with-windows-10-using-configuration-manager.md @@ -6,7 +6,7 @@ keywords: ["upgrade, install, installation, computer refresh"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: CFaw +author: mtniehaus --- # Refresh a Windows 7 SP1 client with Windows 10 using Configuration Manager diff --git a/windows/deploy/refresh-a-windows-7-computer-with-windows-10.md b/windows/deploy/refresh-a-windows-7-computer-with-windows-10.md index fee360b2f4..922ae1219e 100644 --- a/windows/deploy/refresh-a-windows-7-computer-with-windows-10.md +++ b/windows/deploy/refresh-a-windows-7-computer-with-windows-10.md @@ -6,7 +6,7 @@ keywords: ["reinstallation, customize, template, script, restore"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: CFaw +author: mtniehaus --- # Refresh a Windows 7 computer with Windows 10 diff --git a/windows/deploy/replace-a-windows-7-client-with-windows-10-using-configuration-manager.md b/windows/deploy/replace-a-windows-7-client-with-windows-10-using-configuration-manager.md index b9c865b739..44bc003fca 100644 --- a/windows/deploy/replace-a-windows-7-client-with-windows-10-using-configuration-manager.md +++ b/windows/deploy/replace-a-windows-7-client-with-windows-10-using-configuration-manager.md @@ -6,7 +6,7 @@ keywords: ["upgrade, install, installation, replace computer, setup"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: CFaw +author: mtniehaus --- # Replace a Windows 7 SP1 client with Windows 10 using Configuration Manager diff --git a/windows/deploy/replace-a-windows-7-computer-with-a-windows-10-computer.md b/windows/deploy/replace-a-windows-7-computer-with-a-windows-10-computer.md index 5dd918cbc5..ba1084135e 100644 --- a/windows/deploy/replace-a-windows-7-computer-with-a-windows-10-computer.md +++ b/windows/deploy/replace-a-windows-7-computer-with-a-windows-10-computer.md @@ -6,7 +6,7 @@ keywords: ["deploy, deployment, replace"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: CFaw +author: mtniehaus --- # Replace a Windows 7 computer with a Windows 10 computer diff --git a/windows/deploy/set-up-mdt-2013-for-bitlocker.md b/windows/deploy/set-up-mdt-2013-for-bitlocker.md index 23cf6ecf88..3dec8b16b3 100644 --- a/windows/deploy/set-up-mdt-2013-for-bitlocker.md +++ b/windows/deploy/set-up-mdt-2013-for-bitlocker.md @@ -6,7 +6,7 @@ keywords: ["disk, encryption, TPM, configure, secure, script"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: CFaw +author: mtniehaus --- # Set up MDT for BitLocker diff --git a/windows/deploy/simulate-a-windows-10-deployment-in-a-test-environment.md b/windows/deploy/simulate-a-windows-10-deployment-in-a-test-environment.md index 9afc652d9c..9182555e85 100644 --- a/windows/deploy/simulate-a-windows-10-deployment-in-a-test-environment.md +++ b/windows/deploy/simulate-a-windows-10-deployment-in-a-test-environment.md @@ -6,7 +6,7 @@ keywords: ["deploy, script,"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: CFaw +author: mtniehaus --- # Simulate a Windows 10 deployment in a test environment diff --git a/windows/deploy/upgrade-to-windows-10-with-system-center-configuraton-manager.md b/windows/deploy/upgrade-to-windows-10-with-system-center-configuraton-manager.md index d0f0ff8e73..030ab711f2 100644 --- a/windows/deploy/upgrade-to-windows-10-with-system-center-configuraton-manager.md +++ b/windows/deploy/upgrade-to-windows-10-with-system-center-configuraton-manager.md @@ -5,7 +5,7 @@ ms.assetid: F8DF6191-0DB0-4EF5-A9B1-6A11D5DE4878 keywords: ["upgrade, update, task sequence, deploy"] ms.prod: W10 ms.mktglfcycl: deploy -author: CFaw +author: mtniehaus --- # Upgrade to Windows 10 with System Center Configuration Manager diff --git a/windows/deploy/upgrade-to-windows-10-with-the-microsoft-deployment-toolkit.md b/windows/deploy/upgrade-to-windows-10-with-the-microsoft-deployment-toolkit.md index 2fa1a8e500..210b0fe19e 100644 --- a/windows/deploy/upgrade-to-windows-10-with-the-microsoft-deployment-toolkit.md +++ b/windows/deploy/upgrade-to-windows-10-with-the-microsoft-deployment-toolkit.md @@ -6,7 +6,7 @@ keywords: ["upgrade, update, task sequence, deploy"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: CFaw +author: mtniehaus --- # Upgrade to Windows 10 with the Microsoft Deployment Toolkit diff --git a/windows/deploy/use-orchestrator-runbooks-with-mdt-2013.md b/windows/deploy/use-orchestrator-runbooks-with-mdt-2013.md index 58b322dba8..ed32ecba07 100644 --- a/windows/deploy/use-orchestrator-runbooks-with-mdt-2013.md +++ b/windows/deploy/use-orchestrator-runbooks-with-mdt-2013.md @@ -6,7 +6,7 @@ keywords: ["web services, database"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: CFaw +author: mtniehaus --- # Use Orchestrator runbooks with MDT diff --git a/windows/deploy/use-the-mdt-database-to-stage-windows-10-deployment-information.md b/windows/deploy/use-the-mdt-database-to-stage-windows-10-deployment-information.md index ee21e399db..f832cb28d8 100644 --- a/windows/deploy/use-the-mdt-database-to-stage-windows-10-deployment-information.md +++ b/windows/deploy/use-the-mdt-database-to-stage-windows-10-deployment-information.md @@ -6,7 +6,7 @@ keywords: ["database, permissions, settings, configure, deploy"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: CFaw +author: mtniehaus --- # Use the MDT database to stage Windows 10 deployment information diff --git a/windows/deploy/use-web-services-in-mdt-2013.md b/windows/deploy/use-web-services-in-mdt-2013.md index 09d35ecef9..c8532e5a75 100644 --- a/windows/deploy/use-web-services-in-mdt-2013.md +++ b/windows/deploy/use-web-services-in-mdt-2013.md @@ -6,7 +6,7 @@ keywords: ["deploy, web apps"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: CFaw +author: mtniehaus --- # Use web services in MDT diff --git a/windows/deploy/windows-10-deployment-scenarios.md b/windows/deploy/windows-10-deployment-scenarios.md index c8b2a39bfd..54221f9de3 100644 --- a/windows/deploy/windows-10-deployment-scenarios.md +++ b/windows/deploy/windows-10-deployment-scenarios.md @@ -6,7 +6,7 @@ keywords: ["upgrade, in-place, configuration, deploy"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: CFaw +author: mtniehaus --- # Windows 10 deployment scenarios diff --git a/windows/deploy/windows-deployment-scenarios-and-tools.md b/windows/deploy/windows-deployment-scenarios-and-tools.md index 9d87667c9a..a66deb1389 100644 --- a/windows/deploy/windows-deployment-scenarios-and-tools.md +++ b/windows/deploy/windows-deployment-scenarios-and-tools.md @@ -6,7 +6,7 @@ keywords: ["deploy, volume activation, BitLocker, recovery, install, installatio ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: CFaw +author: mtniehaus --- # Windows 10 deployment tools diff --git a/windows/keep-secure/device-guard-deployment-guide.md b/windows/keep-secure/device-guard-deployment-guide.md index cdedb8169e..12aeaa9ef7 100644 --- a/windows/keep-secure/device-guard-deployment-guide.md +++ b/windows/keep-secure/device-guard-deployment-guide.md @@ -5,7 +5,7 @@ ms.assetid: 4BA52AA9-64D3-41F3-94B2-B87EC2717486 keywords: ["virtualization", "security", "malware"] ms.prod: W10 ms.mktglfcycl: deploy -author: brianlic-msft +author: challum --- # Device Guard deployment guide diff --git a/windows/keep-secure/microsoft-passport-guide.md b/windows/keep-secure/microsoft-passport-guide.md index 17108c5fef..d2d62ba501 100644 --- a/windows/keep-secure/microsoft-passport-guide.md +++ b/windows/keep-secure/microsoft-passport-guide.md @@ -6,7 +6,7 @@ keywords: ["security", "credential", "password", "authentication"] ms.prod: W10 ms.mktglfcycl: plan ms.sitesec: library -author: brianlic-msft +author: challum --- # Microsoft Passport guide diff --git a/windows/keep-secure/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md b/windows/keep-secure/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md index 1d7eabec2a..5d96128049 100644 --- a/windows/keep-secure/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md +++ b/windows/keep-secure/protect-high-value-assets-by-controlling-the-health-of-windows-10-based-devices.md @@ -6,7 +6,7 @@ keywords: ["security", "BYOD", "malware", "device health attestation", "mobile"] ms.prod: W10 ms.mktglfcycl: manage ms.sitesec: library -author: brianlic-msft +author: arnaudjumelet --- # Control the health of Windows 10-based devices diff --git a/windows/keep-secure/windows-10-enterprise-security-guides.md b/windows/keep-secure/windows-10-enterprise-security-guides.md index 7422955a9c..75dfd59ad1 100644 --- a/windows/keep-secure/windows-10-enterprise-security-guides.md +++ b/windows/keep-secure/windows-10-enterprise-security-guides.md @@ -5,7 +5,7 @@ ms.assetid: 57134f84-bd4b-4b1d-b663-4a2d36f5a7f8 ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: brianlic-msft +author: challum --- # Enterprise security guides diff --git a/windows/keep-secure/windows-10-mobile-security-guide.md b/windows/keep-secure/windows-10-mobile-security-guide.md index b8fcdfb590..7995030e49 100644 --- a/windows/keep-secure/windows-10-mobile-security-guide.md +++ b/windows/keep-secure/windows-10-mobile-security-guide.md @@ -6,7 +6,7 @@ keywords: ["data protection, encryption, malware resistance, smartphone, device, ms.prod: W10 ms.mktglfcycl: manage ms.sitesec: library -author: brianlic-msft +author: AMeeus --- # Windows 10 Mobile security guide diff --git a/windows/keep-secure/windows-10-security-guide.md b/windows/keep-secure/windows-10-security-guide.md index ec556b3cf0..fbcf34aefe 100644 --- a/windows/keep-secure/windows-10-security-guide.md +++ b/windows/keep-secure/windows-10-security-guide.md @@ -6,7 +6,7 @@ keywords: ["configure", "feature", "file encryption"] ms.prod: W10 ms.mktglfcycl: manage ms.sitesec: library -author: brianlic-msft +author: challum --- # Windows 10 security overview diff --git a/windows/plan/best-practice-recommendations-for-windows-to-go.md b/windows/plan/best-practice-recommendations-for-windows-to-go.md index 8ab55ac121..4ef9e9177e 100644 --- a/windows/plan/best-practice-recommendations-for-windows-to-go.md +++ b/windows/plan/best-practice-recommendations-for-windows-to-go.md @@ -6,7 +6,7 @@ keywords: ["best practices, USB, device, boot"] ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library -author: TrudyHa +author: mtniehaus --- # Best practice recommendations for Windows To Go diff --git a/windows/plan/chromebook-migration-guide.md b/windows/plan/chromebook-migration-guide.md index 87c111f100..e56979fdef 100644 --- a/windows/plan/chromebook-migration-guide.md +++ b/windows/plan/chromebook-migration-guide.md @@ -6,7 +6,7 @@ keywords: ["migrate", "automate", "device"] ms.prod: W10 ms.mktglfcycl: plan ms.sitesec: library -author: TrudyHa +author: craigash --- # Chromebook migration guide diff --git a/windows/plan/deployment-considerations-for-windows-to-go.md b/windows/plan/deployment-considerations-for-windows-to-go.md index 473ff80e7e..8d512f6395 100644 --- a/windows/plan/deployment-considerations-for-windows-to-go.md +++ b/windows/plan/deployment-considerations-for-windows-to-go.md @@ -6,7 +6,7 @@ keywords: ["deploy, mobile, device, USB, boot, image, workspace, driver"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: TrudyHa +author: mtniehaus --- # Deployment considerations for Windows To Go diff --git a/windows/plan/prepare-your-organization-for-windows-to-go.md b/windows/plan/prepare-your-organization-for-windows-to-go.md index 8c14a856c0..f66acaff2b 100644 --- a/windows/plan/prepare-your-organization-for-windows-to-go.md +++ b/windows/plan/prepare-your-organization-for-windows-to-go.md @@ -6,7 +6,7 @@ keywords: ["mobile, device, USB, deploy"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: TrudyHa +author: mtniehaus --- # Prepare your organization for Windows To Go diff --git a/windows/plan/security-and-data-protection-considerations-for-windows-to-go.md b/windows/plan/security-and-data-protection-considerations-for-windows-to-go.md index 41a1cbce6f..7343863528 100644 --- a/windows/plan/security-and-data-protection-considerations-for-windows-to-go.md +++ b/windows/plan/security-and-data-protection-considerations-for-windows-to-go.md @@ -6,7 +6,7 @@ keywords: ["mobile, device, USB, secure, BitLocker"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: TrudyHa +author: mtniehaus --- # Security and data protection considerations for Windows To Go diff --git a/windows/plan/windows-10-compatibility.md b/windows/plan/windows-10-compatibility.md index 1f9c40a938..7823fc3961 100644 --- a/windows/plan/windows-10-compatibility.md +++ b/windows/plan/windows-10-compatibility.md @@ -6,7 +6,7 @@ keywords: ["deploy", "upgrade", "update", "appcompat"] ms.prod: W10 ms.mktglfcycl: plan ms.sitesec: library -author: TrudyHa +author: mtniehaus --- # Windows 10 compatibility diff --git a/windows/plan/windows-10-deployment-considerations.md b/windows/plan/windows-10-deployment-considerations.md index 422ff1b3af..51d122fa2b 100644 --- a/windows/plan/windows-10-deployment-considerations.md +++ b/windows/plan/windows-10-deployment-considerations.md @@ -6,7 +6,7 @@ keywords: ["deploy", "upgrade", "update", "in-place"] ms.prod: W10 ms.mktglfcycl: plan ms.sitesec: library -author: TrudyHa +author: mtniehaus --- # Windows 10 deployment considerations diff --git a/windows/plan/windows-10-guidance-for-education-environments.md b/windows/plan/windows-10-guidance-for-education-environments.md index 91d543470a..716217d420 100644 --- a/windows/plan/windows-10-guidance-for-education-environments.md +++ b/windows/plan/windows-10-guidance-for-education-environments.md @@ -5,7 +5,7 @@ ms.assetid: 225C9D6F-9329-4DDF-B447-6CE7804E314E ms.prod: W10 ms.mktglfcycl: plan ms.sitesec: library -author: TrudyHa +author: craigash --- # Guidance for education environments diff --git a/windows/plan/windows-10-infrastructure-requirements.md b/windows/plan/windows-10-infrastructure-requirements.md index 0718fc8270..bfa40b1eca 100644 --- a/windows/plan/windows-10-infrastructure-requirements.md +++ b/windows/plan/windows-10-infrastructure-requirements.md @@ -6,7 +6,7 @@ keywords: ["deploy", "upgrade", "update", "hardware"] ms.prod: W10 ms.mktglfcycl: plan ms.sitesec: library -author: TrudyHa +author: mtniehaus --- # Windows 10 infrastructure requirements diff --git a/windows/plan/windows-10-servicing-options.md b/windows/plan/windows-10-servicing-options.md index 1ed3b55f95..0cf0cd63eb 100644 --- a/windows/plan/windows-10-servicing-options.md +++ b/windows/plan/windows-10-servicing-options.md @@ -6,7 +6,7 @@ keywords: ["deploy", "upgrade", "update", "servicing"] ms.prod: W10 ms.mktglfcycl: plan ms.sitesec: library -author: TrudyHa +author: mtniehaus --- # Windows 10 servicing options diff --git a/windows/plan/windows-to-go-frequently-asked-questions.md b/windows/plan/windows-to-go-frequently-asked-questions.md index 3f8e61bb9f..0eaa4178e6 100644 --- a/windows/plan/windows-to-go-frequently-asked-questions.md +++ b/windows/plan/windows-to-go-frequently-asked-questions.md @@ -6,7 +6,7 @@ keywords: ["FAQ, mobile, device, USB"] ms.prod: W10 ms.mktglfcycl: deploy ms.sitesec: library -author: TrudyHa +author: mtniehaus --- # Windows To Go: frequently asked questions diff --git a/windows/plan/windows-to-go-overview.md b/windows/plan/windows-to-go-overview.md index a84b375c14..c473ab949b 100644 --- a/windows/plan/windows-to-go-overview.md +++ b/windows/plan/windows-to-go-overview.md @@ -6,7 +6,7 @@ keywords: ["workspace, mobile, installation, image, USB, device, image"] ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library -author: TrudyHa +author: mtniehaus --- # Windows To Go: feature overview From 8477dc757e339c0d22eadea033bbe7670d8dfa34 Mon Sep 17 00:00:00 2001 From: Brian Lich Date: Wed, 13 Apr 2016 16:42:05 -0700 Subject: [PATCH 002/111] stubs of new merged server content --- windows/manage/TOC.md | 3 +- ...onfigure-telemetry-in-your-organization.md | 304 ++++++++++++++++++ ...onnect-your-organization-from-microsoft.md | 8 +- 3 files changed, 310 insertions(+), 5 deletions(-) create mode 100644 windows/manage/configure-telemetry-in-your-organization.md diff --git a/windows/manage/TOC.md b/windows/manage/TOC.md index 2398446f4f..bacbfb101a 100644 --- a/windows/manage/TOC.md +++ b/windows/manage/TOC.md @@ -17,7 +17,8 @@ #### [Set up a kiosk on Windows 10 Pro, Enterprise, or Education](set-up-a-kiosk-for-windows-10-for-desktop-editions.md) #### [Set up a kiosk on Windows 10 Mobile or Windows 10 Mobile Enterprise](set-up-a-kiosk-for-windows-10-for-mobile-edition.md) ### [Lock down Windows 10 to specific apps](lock-down-windows-10-to-specific-apps.md) -### [Configure telemetry and other settings in your organization](disconnect-your-organization-from-microsoft.md) +### [Disconnect your organization from Microsoft](disconnect-your-organization-from-microsoft.md) +### [Configure telemetry in your organization](configure-telemetry-in-your-organization.md) ### [Configure access to Windows Store](stop-employees-from-using-the-windows-store.md) ### [Manage Wi-Fi Sense in your company](manage-wifi-sense-in-enterprise.md) ### [Configure Windows 10 Mobile using Lockdown XML](lockdown-xml.md) diff --git a/windows/manage/configure-telemetry-in-your-organization.md b/windows/manage/configure-telemetry-in-your-organization.md new file mode 100644 index 0000000000..401c40d256 --- /dev/null +++ b/windows/manage/configure-telemetry-in-your-organization.md @@ -0,0 +1,304 @@ +--- +description: Use this article to make informed decisions about how you can configure telemetry in your organization. +title: Configure telemetry in your organization +--- + +# Configure telemetry in your organization + +**Applies to** + +- Windows 10 +- Windows 10 Mobile +- Windows Server 2016 Technical Preview + +Use this article to make informed decisions about how you can configure telemetry in your organization. Telemetry is a term that means different things to different people and organizations. For the purpose of this article, we discuss telemetry as system data that is uploaded by the Connected User Experience and Telemetry component. The telemetry data is used to keep Windows devices secure, and to help Microsoft improve the quality of Windows and Microsoft services. + +**Note**   +This article does not apply to System Center Configuration Manager, System Center Endpoint Protection, or System Center Data Protection Manager because those components use a different telemetry service than Windows and Windows Server + +It describes the types of telemetry we gather and the ways you can manage its telemetry. This article also lists some examples of how telemetry can provide you with valuable insights into your enterprise deployments, and how Microsoft uses the data to quickly identify and address issues affecting its customers. + +We understand that the privacy and security of our customers’ information is important and we have taken a thoughtful and comprehensive approach to customer privacy and the protection of their data with Windows 10, Windows Server 2016 Technical Preview, and System Center 2016. + +## Overview + +In previous versions of Windows and Windows Server, Microsoft used telemetry to check for updated or new Windows Defender signatures, check whether Windows Update installations were successful, gather reliability information through the Reliability Analysis Component (RAC) on Windows Server, and gather reliability information through the Windows Customer Experience Improvement Program (CEIP) on Windows. In Windows 10 and Windows Server 2016 Technical Preview, you can control telemetry streams by using **Settings** > **Privacy**, Group Policy, or MDM. + +Microsoft is committed to improving customer experiences in a mobile-first and cloud-first world, and it all starts with our customers. Telemetry is one critical way Microsoft is using data to improve our products and services. Telemetry gives every enterprise customer a voice that helps us shape future versions of Windows, Windows Server and System Center, allowing us to respond quickly to your feedback and providing new features and improved quality to our customers. + +Our goal is to leverage the aggregated data to drive changes in the product and ecosystem to improve our customer experiences. We are also partnering with enterprises to provide added value from the telemetry information shared by their devices. Some examples include identifying outdated patches and downloading the latest antimalware signatures to help keep their devices secure, identifying application compatibility issues prior to upgrades, gaining insights into driver reliability issues affecting other customers, and using usage data to tune some of their operations to reduce the total cost of ownership (TCO) and downtime. + +For Windows 10, we invite IT pros to join the Windows Insider Program to give us feedback on what we can do to make Windows work better for youcr organization. + +## How is telemetry data handled by Microsoft? + +### Data collection + +Data gathered by the Connected User Experience and Telemetry component complies with Microsoft’s [security and privacy policies](https://privacy.microsoft.com/privacystatement/), as well as international laws and regulations. The principle of least privilege guides access to telemetry data. Only Microsoft personnel who can demonstrate a valid business need can access the telemetry data. + +### Data transfer + +All telemetry data is encrypted using SSL and uses certificate pinning during transfer from the device to the Microsoft Data Management Service. With Windows 10,data is uploaded on a schedule that is sensitive to event priority, battery use, and network cost. Real-time events, such as Windows Defender Advanced Threat Protection,are always sent immediately. Normal events are not uploaded on metered networks, unless you are on a metered server connection. On a free network, normal events can be uploaded every 4 hours if on battery, or every 15 minutes if on A/C power. Diagnostic and crash data are only uploaded on A/C power and free networks. + +### Endpoints + +The Microsoft Data Management Service routes data back to our secure cloud storage. Only Microsoft personnel with a valid business justification are permitted access. + +The Connected User Experience and Telemetry component connects to the Microsoft Data Management service at v10.vortex-win.data.microsoft.com. + +The Connected User Experience and Telemetry component also connects to settings-win.data.microsoft.com to download configuration information. + +[Windows Error Reporting](http://msdn.microsoft.com/library/windows/desktop/bb513641.aspx) connects to watson.telemetry.microsoft.com. + +[Online Crash Analysis](http://msdn.microsoft.com/library/windows/desktop/ee416349.aspx) connects to oca.telemetry.microsoft.com. + +### Data usage + +Data gathered from telemetry is used by Microsoft teams primarily to improve our customer experiences, and for security, health, quality, and performance analysis. Microsoft does not share personal data of our customers with third parties, except at the customer’s discretion or for the limited purposes described in the Privacy Statement. We do share business reports with OEMs and third party partners that includes aggregated, anonymized telemetry information. Data-sharing decisions are made by an internal team including privacy, legal, and data management. + +### Retention + +Microsoft only gathers the information we need, and it is only stored for as long as it is needed to provide a service or for analysis. Most of the data is deleted within 30 days. + +Windows Error Reporting and Online Crash Analysis data is kept for 60 days. + +## How is the data gathered? + + +Windows 10 and Windows Server 2016 Technical Preview includes the Connected User Experience and Telemetry component, which uses Event Tracing for Windows (ETW) [tracelogging](http://msdn.microsoft.com/library/dn904632.aspx) technology to gather and store telemetry events and data. The operating system and some Microsoft management solutions, such as System Center, use the same logging technology. + +1. Operating system features and some management applications are instrumented to publish events and data. Examples of management applications include Virtual Machine Manager (VMM), Server Manager, and Storage Spaces. + +2. Events are gathered using public operating system event logging and tracing APIs. + +3. You can configure the telemetry level by using an MDM policy, Group Policy, or registry settings. + +4. The Connected User Experience and Telemetry component transmits telemetry data over HTTPS to Microsoft and uses certificate pinning. + +## Telemetry levels + + +This section explains the different telemetry levels in Windows 10, Windows Server 2016 Technical Preview, and System Center. These levels are available on all desktop and mobile editions of Windows 10, with the exception of the **Security** level which is limited to Windows 10 Enterprise, Windows 10 Education, Windows 10 Mobile Enterprise, Windows 10 IoT Core (IoT Core), and Windows Server 2016 Technical Preview. + +The telemetry data is categorized into four levels: + +- **Security**. Information that’s required to help keep Windows, Windows Server, and System Center secure, including data about the Connected User Experience and Telemetry component settings, the Malicious Software Removal Tool, and Windows Defender. + +- **Basic**. Basic device info, including: quality-related data, app compat, app usage data, and data from the **Security** level. + +- **Enhanced**. Additional insights, including: how Windows, Windows Server, System Center, and apps are used, how they perform, advanced reliability data, and data from both the **Basic** and the **Security** levels. + +- **Full**. All data necessary to identify and help to fix problems, plus data from the **Security**, **Basic**, and **Enhanced** levels. + +The levels are cumulative and are illustrated in the following diagram. These levels apply to all editions of Windows Server 2016 Technical Preview. + +![breakdown of telemetry levels and types of administrative controls](images/priv-telemetry-levels.png) + +### Security level + +The Security level gathers only the telemetry info that is required to keep Windows devices, Windows Server, and guests secure with the latest security updates. + +**Note**   +If your organization relies on Windows Update for updates, you shouldn’t use the **Security** level. Because no Windows Update information is gathered at this level, important information about update failures is not sent. Microsoft uses this information to fix the causes of those failures and improve the quality of our updates. + +Windows Server Update Services (WSUS) and System Center Configuration Manager functionality is not affected at this level, nor is telemetry data about Windows Server features or System Center gathered. + +  + +The data gathered at this level includes: + +- **Connected User Experience and Telemetry component settings**. If data has been gathered and is queued to be sent, the Connected User Experience and Telemetry component downloads its settings file from Microsoft’s servers. The data gathered by the client for this request includes OS information, device id (used to identify what specific device is requesting settings) and device class (for example, whether the device is server or desktop). + +- **Malicious Software Removal Tool (MSRT)** The MSRT infection report contains information, including device info and IP address. + + **Note**   + You can turn off the MSRT infection report. No MSRT information is included if MSRT is not used. If Windows Update is turned off, MSRT will not be offered to users. For more info, see Microsoft KB article [891716](http://support.microsoft.com/kb/891716). + +   + +- **Windows Defender/Endpoint Protection**. Windows Defender and System Center Endpoint Protection requires some information to function, including: anti-malware signatures, diagnostic information, User Account Control settings, Unified Extensible Firmware Interface (UEFI) settings, and IP address. + + **Note**   + This reporting can be turned off and no information is included if a customer is using third party antimalware software, or if Windows Defender is turned off. For more info, see [Windows Defender](manage-privacy-for-windows-10-in-your-company.md#windows-defender). + + Microsoft recommends that Windows Update, Windows Defender, and MSRT remain enabled unless the enterprise uses alternative solutions such as Windows Server Update Services, System Center Configuration Manager, or a third party antimalware solution. Windows Update, Windows Defender, and MSRT provide core Windows functionality such as driver and OS updates, including security updates. + +   + +For servers with default telemetry settings and no Internet connectivity, you should set the telemetry level to **Security**. This stops data gathering for events that would not be uploaded due to the lack of Internet connectivity. + +No user content, such as user files or communications, is gathered at the **Security** telemetry level, and we take steps to avoid gathering any information that directly identifies a company or user, such as name, email address, or account ID. However, in rare circumstances, MSRT information may unintentionally contain personal information. For instance, some malware may create entries in a computer’s registry that include information such as a username, causing it to be gathered. MSRT reporting is optional and can be turned off at any time. + +### Basic level + +The Basic level gathers a limited set of data that’s critical for understanding the device and its configuration. This level also includes the **Security** level data. This level helps to identify problems that can occur on a particular device hardware or software configuration. For example, it can help determine if crashes are more frequent on devices with a specific amount of memory or that are running a particular driver version. The Connected User Experience and Telemetry component does not gather telemetry data about System Center, but it can transmit telemetry for other non-Windows applications if they have user consent. + +The data gathered at this level includes: + +- **Basic device data**. Helps provide an understanding about the types of Windows devices and the configurations and types of native and virtualized Windows Server 2016 Technical Previewinstances in the ecosystem, including: + + - Device attributes, such as camera resolution and display type + + - Internet Explorer version + + - Battery attributes, such as capacity and type + + - Networking attributes, such as number of network adapters, speed of network adapters, mobile operator network, and IMEI number + + - Processor and memory attributes, such as number of cores, architecture, speed, memory size, and firmware + + - Virtualization attribute, such as Second Level Address Translation (SLAT) support and guest operating system + + - Operating system attributes, such as Windows edition and virtualization state + + - Storage attributes, such as number of drives, type, and size + +- **Connected User Experience and Telemetry component quality metrics**. Helps provide an understanding about how the Connected User Experience and Telemetry component is functioning, including % of uploaded events, dropped events, and the last upload time. + +- **Quality-related information**. Helps Microsoft develop a basic understanding of how a device and its operating system are performing. Some examples are the device characteristics of a Connected Standby device, the number of crashes or hangs, and application state change details, such as how much processor time and memory were used, and the total uptime for an app. + +- **Compatibility data**. Helps provide an understanding about which apps are installed on a device or virtual machine and identifies potential compatibility problems. + + - **General app data and app data for Internet Explorer add-ons**. Includes a list of apps that are installed on a native or virtualized instance of the OS and whether these apps function correctly after an upgrade.This app data includes the app name, publisher, version, and basic details about which files have been blocked from usage. + + - **App usage data**. Includes how an app is used, including how long an app is used for, when the app has focus, and when the app is started + + - **Internet Explorer add-ons**. Includes a list of Internet Explorer add-ons that are installed on a device and whether these apps will work after an upgrade. + + - **System data**. Helps provide an understanding about whether a device meets the minimum requirements to upgrade to the next version of the operating system. System information includes the amount of memory, as well as information about the processor and BIOS. + + - **Accessory device data**. Includes a list of accessory devices, such as printers or external storage devices, that are connected to Windows PCs and whether these devices will function after upgrading to a new version of the operating system. + + - **Driver data**. Includes specific driver usage that’s meant to help figure out whether apps and devices will function after upgrading to a new version of the operating system. This can help to determine blocking issues and then help Microsoft and our partners apply fixes and improvements. + +- **Store**. Provides information about how the Windows Store performs, including app downloads, installations, and updates. It also includes Windows Store launches, page views, suspend and resumes, and obtaining licenses. + +### Enhanced level + +The Enhanced level gathers data about how Windows and apps are used and how they perform. This level also includes data from both the **Basic** and **Security** levels. This level helps to improve the user experiencewith the operating system and apps. Data from this level can be abstracted into patterns and trends that can help Microsoft determine future improvements. + +This is the default level, and the minimum level needed to quickly identify and address Windows, Windows Server, and System Center quality issues. + +The data gathered at this level includes: + +- **Operating system events**. Helps to gain insights into different areas of the operating system, including networking, Hyper-V, Cortana, storage, file system, and other components. + +- **Operating system app events**. A set of events resulting from Microsoft applications and management tools that were downloaded from the Store or pre-installed with Windows or Windows Server, including Server Manager, Photos, Mail, and Microsoft Edge. + +- **Device-specific events**. Contains data about events that are specific to certain devices, such as Surface Hub and Microsoft HoloLens. For example, Microsoft HoloLens sends Holographic Processing Unit (HPU)-related events. + +- **Some crash dump types**. All crash dump types, except for heap dumps and full dumps. + +If the Connected User Experience and Telemetry component detects a problem on Windows 10 that requires gathering more detailed instrumentation, the Connected User Experience and Telemetry component at the **Enhanced** telemetry level will only gather data about the events associated with the specific issue. + +### Full level + +The Full level gathers data necessary to identify and to help fix problems, following the approval process described below. This level also includes data from the **Basic**, **Enhanced**, and **Security** levels. + +Additionally, at this level, devices opted in to the Windows Insider Program will send events, such as reliability and app responsiveness. that can show Microsoft how pre-release binaries and features are performing. These events help us make decisions on which builds are flighted. All devices in the Windows Insider Program are automatically set to this level. + +If a device experiences problems that are difficult to identify or repeat using Microsoft’s internal testing, additional data becomes necessary. This data can include any user content that might have triggered the problem and is gathered from a small sample of devices that have both opted into the **Full** telemetry level and have exhibited the problem. + +However, before more data is gathered, Microsoft’s privacy governance team, including privacy and other subject matter experts, must approve the diagnostics request made by a Microsoft engineer. If the request is approved, Microsoft engineers can use the following capabilities to get the information: + +- Ability to run a limited, pre-approved list of Microsoft certified diagnostic tools, such as msinfo32.exe, powercfg.exe, and dxdiag.exe. + +- Ability to get registry keys. + +- All crash dump types, including heap dumps and full dumps. + +### Manage your telemetry settings + +We do not recommend that you turn off telemetry in your organization as valuable functionality may be impacted, but we recognize that in some scenarios this may be required. Use the steps in this section to do so for Windows, Windows Server, and System Center. + +**Important**   +These telemetry levels only apply to Windows, Windows Server, and System Center components and apps that use the Connected User Experience and Telemetry component. Non-Windows components, such as Microsoft Office or other 3rd-party apps, may communicate with their cloud services outside of these telemetry levels. You should work with your app vendors to understand their telemetry policy, and how you can to opt in or opt out. For more information on how Microsoft Office uses telemetry, see [Overview of Office Telemetry](http://technet.microsoft.com/library/jj863580.aspx). + +  + +You can turn on or turn off System Center telemetry gathering. The default is on and the data gathered at this level represents what is gathered by default when System Center telemetry is turned on. However, setting the operating system telemetry level to **Basic** will turn off System Center telemetry, even if the System Center telemetry switch is turned on. + +The lowest telemetry setting level supported through management policies is **Security**. The lowest telemetry setting supported through the Settings UI is **Basic**. The default telemetry setting for Windows Server 2016 Technical Preview is **Enhanced.** + +### Configure the operating system telemetry level + +You can configure your operating system telemetry settings using the management tools you’re already using, such as Group Policy, MDM, or Windows Provisioning. You can also manually change your settings using Registry Editor. Setting your telemetry levels through a management policy overrides any devicelevel settings. + +Use the appropriate value in the table below when you configure the management policy. + +| Value | Level | Data gathered | +|-------|----------|---------------------------------------------------------------------------------------------------------------------------| +| **0** | Security | Security data only. | +| **1** | Basic | Security data, and basic system and quality data. | +| **2** | Enhanced | Security data, basic system and quality data, and enhanced insights and advanced reliability data. | +| **3** | Full | Security data, basic system and quality data, enhanced insights and advanced reliability data, and full diagnostics data. | + +  + +### Use Group Policy to set the telemetry level + +Use a Group Policy object to set your organization’s telemetry level. + +1. From the Group Policy Management Console, go to **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Data Collection and Preview Builds**. + +2. Double-click **Allow Telemetry**. + +3. In the **Options** box, select the level that you want to configure, and then click **OK**. + +### Use MDM to set the telemetry level + +Use the [Policy Configuration Service Provider (CSP)](http://msdn.microsoft.com/library/windows/hardware/dn904962.aspx) to apply the System/AllowTelemetry MDM policy. + +### Use Registry Editor to set the telemetry level + +Use Registry Editor to manually set the registry level on each device in your organization, or write a script to edit the registry. If a management policy already exists, such as Group Policy or MDM, it will override this registry setting. + +1. Open Registry Editor, and go to **HKEY\_LOCAL\_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\DataCollection**. + +2. Right-click **DataCollection**, click New, and then click **DWORD (32-bit) Value**. + +3. Type **AllowTelemetry**, and then press ENTER. + +4. Double-click **AllowTelemetry**, set the desired value from the table above, and then click **OK.** + +5. Click **File** > **Export**, and then save the file as a .reg file, such as **C:\\AllowTelemetry.reg**. You can run this file from a script on each device in your organization. + +### Configure System Center 2016 telemetry + +For System Center 2016 Technical Preview, you can turn off System Center telemetry by following these steps: + +- Turn off telemetry by using the System Center UI Console settings workspace. + +- For information about turning off telemetry for Service Management Automation and Service Provider Foundation, see [How to disable telemetry for Service Management Automation and Service Provider Foundation](https://support.microsoft.com/kb/3096505). + +### Additional telemetry controls + +There are a few more settings that you can turn off that may send telemetry information: + +- To turn off Windows Update telemetry, you have two choices. Either turn off Windows Update, or set your devices to be managed by an on premises update server, such as [Windows Server Update Services (WSUS)](http://technet.microsoft.com/library/hh852345.aspx) or [System Center Configuration Manager](http://www.microsoft.com/server-cloud/products/system-center-2012-r2-configuration-manager/). + +- Turn off **Windows Defender Cloud-based Protection** and **Automatic sample submission** in **Settings** > **Update & security** > **Windows Defender**. + +- Manage the Malicious Software Removal Tool in your organization. For more info, see Microsoft KB article [891716](http://support.microsoft.com/kb/891716). + +- Turn off **Linguistic Data Collection** in **Settings** > **Privacy**. At telemetry levels **Enhanced** and **Full**, Microsoft uses Linguistic Data Collection info to improve language model features such as autocomplete, spellcheck, suggestions, input pattern recognition, and dictionary. + + **Note**   + Microsoft do not intend to gather sensitive information, such as credit card numbers, usernames and passwords, email addresses, or other similarly sensitive information for Linguistic Data Collection. We guard against such events by using technologies to identify and remove sensitive information before linguistic data is sent from the user's device. If we determine that sensitive information has been inadvertently received, we delete the information. + +   + +## Examples of how Microsoft uses the telemetry data + + +### Drive higher apps and driver quality in the ecosystem + +Telemetry plays an important role in quickly identifying and fixing critical reliability and security issues in our customers’ deployments and configurations. Insights into the telemetry data we gather helps us to quickly identify crashes or hangs associated with a certain application or driver on a given configuration, like a particular storage type (for example, SCSI) or a memory size. For System Center, job usages and statuses can also help us enhance the job workload and the communication between System Center and its managed products. Microsoft’s ability to get this data from customers and drive improvements into the ecosystem helps raise the bar for the quality of System Center, Windows Server applications, Windows apps, and drivers. Real-time data about Windows installations reduces downtime and the cost associated with troubleshooting unreliable drivers or unstable applications + +### Reduce your total cost of ownership and downtime + +Telemetry provides a view of which features and services customers use most. For example, the telemetry data provides us with a heat map of the most commonly deployed Windows Server roles, most used Windows features, and which ones are used the least. This helps us make informed decisions on where we should invest our engineering resources to build a leaner operating system. For System Center, understanding the customer environment for management and monitoring will help drive the support compatibilities matrix, such as host and guest OS. This can help you use existing hardware to meet your business needs and reduce your total cost of ownership, as well as reducing downtime associated with security updates. + +### Build features that address our customers’ needs + +Telemetry also helps us better understand how customers deploy components, use features, and use services to achieve their business goals. Getting insights from that information helps us prioritize our engineering investments in areas that can directly affect our customers’ experiences and workloads. Some examples include customer usage of containers, storage, and networking configurations associated with Windows Server roles like Clustering and Web. Another example could be to find out when is CPU hyper-threading turned off and the resulting impact. We use the insights to drive improvements and intelligence into some of our management and monitoring solutions, to help customers diagnose quality issues, and save money by making fewer help calls to Microsoft. \ No newline at end of file diff --git a/windows/manage/disconnect-your-organization-from-microsoft.md b/windows/manage/disconnect-your-organization-from-microsoft.md index 925e0f6684..e7e12620ef 100644 --- a/windows/manage/disconnect-your-organization-from-microsoft.md +++ b/windows/manage/disconnect-your-organization-from-microsoft.md @@ -1,15 +1,15 @@ --- -title: Configure telemetry and other settings in your organization (Windows 10) -description: Learn about the telemetry that Microsoft gathers, the network connections that Windows components make to Microsoft, and also the privacy settings that affect data that is shared with either Microsoft or apps and how they can be managed by an IT Pro. +title: Disconnect from Microsoft and configure privacy settings in your organization +description: If you want to minimize connections from Windows to Microsoft services, or configure particular privacy settings, this article covers the settings that you could consider.If you’re looking for content on what each telemetry level means and how to configure it in your organization, see Configure telemetry in your organization. ms.assetid: ACCEB0DD-BC6F-41B1-B359-140B242183D9 +keywords: privacy ms.prod: W10 ms.mktglfcycl: manage ms.sitesec: library author: brianlic-msft --- -# Configure telemetry and other settings in your organization - +# Disconnect from Microsoft and configure privacy settings in your organization **Applies to** From 665acdc7bc320ab0c9af64d26ada591808bec4a8 Mon Sep 17 00:00:00 2001 From: Brian Lich Date: Thu, 14 Apr 2016 15:07:09 -0700 Subject: [PATCH 003/111] updating to split out telemetry from network exhaust --- ...onfigure-telemetry-in-your-organization.md | 21 +- ...onnect-your-organization-from-microsoft.md | 632 +++--------------- windows/manage/lock-down-windows-10.md | 14 +- 3 files changed, 120 insertions(+), 547 deletions(-) diff --git a/windows/manage/configure-telemetry-in-your-organization.md b/windows/manage/configure-telemetry-in-your-organization.md index 401c40d256..419bc3113d 100644 --- a/windows/manage/configure-telemetry-in-your-organization.md +++ b/windows/manage/configure-telemetry-in-your-organization.md @@ -1,6 +1,7 @@ --- description: Use this article to make informed decisions about how you can configure telemetry in your organization. -title: Configure telemetry in your organization +title: Configure telemetry in your organization (Windows 10) +keywords: privacy --- # Configure telemetry in your organization @@ -14,7 +15,7 @@ title: Configure telemetry in your organization Use this article to make informed decisions about how you can configure telemetry in your organization. Telemetry is a term that means different things to different people and organizations. For the purpose of this article, we discuss telemetry as system data that is uploaded by the Connected User Experience and Telemetry component. The telemetry data is used to keep Windows devices secure, and to help Microsoft improve the quality of Windows and Microsoft services. **Note**   -This article does not apply to System Center Configuration Manager, System Center Endpoint Protection, or System Center Data Protection Manager because those components use a different telemetry service than Windows and Windows Server +This article does not apply to System Center Configuration Manager, System Center Endpoint Protection, or System Center Data Protection Manager because those components use a different telemetry service than Windows and Windows Server. It describes the types of telemetry we gather and the ways you can manage its telemetry. This article also lists some examples of how telemetry can provide you with valuable insights into your enterprise deployments, and how Microsoft uses the data to quickly identify and address issues affecting its customers. @@ -22,7 +23,7 @@ We understand that the privacy and security of our customers’ information is i ## Overview -In previous versions of Windows and Windows Server, Microsoft used telemetry to check for updated or new Windows Defender signatures, check whether Windows Update installations were successful, gather reliability information through the Reliability Analysis Component (RAC) on Windows Server, and gather reliability information through the Windows Customer Experience Improvement Program (CEIP) on Windows. In Windows 10 and Windows Server 2016 Technical Preview, you can control telemetry streams by using **Settings** > **Privacy**, Group Policy, or MDM. +In previous versions of Windows and Windows Server, Microsoft used telemetry to check for updated or new Windows Defender signatures, check whether Windows Update installations were successful, gather reliability information through the Reliability Analysis Component (RAC) on Windows Server, and gather reliability information through the Windows Customer Experience Improvement Program (CEIP) on Windows. In Windows 10 and Windows Server 2016 Technical Preview, you can control telemetry streams by using Settings > Privacy, Group Policy, or MDM. Microsoft is committed to improving customer experiences in a mobile-first and cloud-first world, and it all starts with our customers. Telemetry is one critical way Microsoft is using data to improve our products and services. Telemetry gives every enterprise customer a voice that helps us shape future versions of Windows, Windows Server and System Center, allowing us to respond quickly to your feedback and providing new features and improved quality to our customers. @@ -34,11 +35,11 @@ For Windows 10, we invite IT pros to join the Windows Insider Program to give u ### Data collection -Data gathered by the Connected User Experience and Telemetry component complies with Microsoft’s [security and privacy policies](https://privacy.microsoft.com/privacystatement/), as well as international laws and regulations. The principle of least privilege guides access to telemetry data. Only Microsoft personnel who can demonstrate a valid business need can access the telemetry data. +Data gathered by the Connected User Experience and Telemetry component complies with Microsoft’s [security and privacy policies](https://privacy.microsoft.com/privacystatement), as well as international laws and regulations. The principle of least privilege guides access to telemetry data. Only Microsoft personnel who can demonstrate a valid business need can access the telemetry data. ### Data transfer -All telemetry data is encrypted using SSL and uses certificate pinning during transfer from the device to the Microsoft Data Management Service. With Windows 10,data is uploaded on a schedule that is sensitive to event priority, battery use, and network cost. Real-time events, such as Windows Defender Advanced Threat Protection,are always sent immediately. Normal events are not uploaded on metered networks, unless you are on a metered server connection. On a free network, normal events can be uploaded every 4 hours if on battery, or every 15 minutes if on A/C power. Diagnostic and crash data are only uploaded on A/C power and free networks. +All telemetry data is encrypted using SSL and uses certificate pinning during transfer from the device to the Microsoft Data Management Service. With Windows 10, data is uploaded on a schedule that is sensitive to event priority, battery use, and network cost. Real-time events, such as Windows Defender Advanced Threat Protection, are always sent immediately. Normal events are not uploaded on metered networks, unless you are on a metered server connection. On a free network, normal events can be uploaded every 4 hours if on battery, or every 15 minutes if on A/C power. Diagnostic and crash data are only uploaded on A/C power and free networks. ### Endpoints @@ -58,9 +59,7 @@ Data gathered from telemetry is used by Microsoft teams primarily to improve our ### Retention -Microsoft only gathers the information we need, and it is only stored for as long as it is needed to provide a service or for analysis. Most of the data is deleted within 30 days. - -Windows Error Reporting and Online Crash Analysis data is kept for 60 days. +Microsoft believes in and practices information minimization. We strive to gather only the info we need, and store it for as long as it’s needed to provide a service or for analysis. Much of the info about how Windows and apps are functioning is deleted within 30 days. Other info may be retained longer, such as error reporting data or Store purchase history. Info is typically gathered at a fractional sampling rate, which can be as low as 1% of clients reporting data. ## How is the data gathered? @@ -119,7 +118,7 @@ The data gathered at this level includes: - **Windows Defender/Endpoint Protection**. Windows Defender and System Center Endpoint Protection requires some information to function, including: anti-malware signatures, diagnostic information, User Account Control settings, Unified Extensible Firmware Interface (UEFI) settings, and IP address. **Note**   - This reporting can be turned off and no information is included if a customer is using third party antimalware software, or if Windows Defender is turned off. For more info, see [Windows Defender](manage-privacy-for-windows-10-in-your-company.md#windows-defender). + This reporting can be turned off and no information is included if a customer is using third party antimalware software, or if Windows Defender is turned off. For more info, see [Windows Defender](disconnect-your-organization-from-microsoft.md#windows-defender). Microsoft recommends that Windows Update, Windows Defender, and MSRT remain enabled unless the enterprise uses alternative solutions such as Windows Server Update Services, System Center Configuration Manager, or a third party antimalware solution. Windows Update, Windows Defender, and MSRT provide core Windows functionality such as driver and OS updates, including security updates. @@ -214,8 +213,6 @@ We do not recommend that you turn off telemetry in your organization as valuable **Important**   These telemetry levels only apply to Windows, Windows Server, and System Center components and apps that use the Connected User Experience and Telemetry component. Non-Windows components, such as Microsoft Office or other 3rd-party apps, may communicate with their cloud services outside of these telemetry levels. You should work with your app vendors to understand their telemetry policy, and how you can to opt in or opt out. For more information on how Microsoft Office uses telemetry, see [Overview of Office Telemetry](http://technet.microsoft.com/library/jj863580.aspx). -  - You can turn on or turn off System Center telemetry gathering. The default is on and the data gathered at this level represents what is gathered by default when System Center telemetry is turned on. However, setting the operating system telemetry level to **Basic** will turn off System Center telemetry, even if the System Center telemetry switch is turned on. The lowest telemetry setting level supported through management policies is **Security**. The lowest telemetry setting supported through the Settings UI is **Basic**. The default telemetry setting for Windows Server 2016 Technical Preview is **Enhanced.** @@ -299,6 +296,6 @@ Telemetry plays an important role in quickly identifying and fixing critical rel Telemetry provides a view of which features and services customers use most. For example, the telemetry data provides us with a heat map of the most commonly deployed Windows Server roles, most used Windows features, and which ones are used the least. This helps us make informed decisions on where we should invest our engineering resources to build a leaner operating system. For System Center, understanding the customer environment for management and monitoring will help drive the support compatibilities matrix, such as host and guest OS. This can help you use existing hardware to meet your business needs and reduce your total cost of ownership, as well as reducing downtime associated with security updates. -### Build features that address our customers’ needs +### Build features that address our customers’ needs Telemetry also helps us better understand how customers deploy components, use features, and use services to achieve their business goals. Getting insights from that information helps us prioritize our engineering investments in areas that can directly affect our customers’ experiences and workloads. Some examples include customer usage of containers, storage, and networking configurations associated with Windows Server roles like Clustering and Web. Another example could be to find out when is CPU hyper-threading turned off and the resulting impact. We use the insights to drive improvements and intelligence into some of our management and monitoring solutions, to help customers diagnose quality issues, and save money by making fewer help calls to Microsoft. \ No newline at end of file diff --git a/windows/manage/disconnect-your-organization-from-microsoft.md b/windows/manage/disconnect-your-organization-from-microsoft.md index e7e12620ef..f4ceaf4890 100644 --- a/windows/manage/disconnect-your-organization-from-microsoft.md +++ b/windows/manage/disconnect-your-organization-from-microsoft.md @@ -1,28 +1,26 @@ --- -title: Disconnect from Microsoft and configure privacy settings in your organization -description: If you want to minimize connections from Windows to Microsoft services, or configure particular privacy settings, this article covers the settings that you could consider.If you’re looking for content on what each telemetry level means and how to configure it in your organization, see Configure telemetry in your organization. +title: Disconnect your organization from Microsoft (Windows 10) +description: If you want to minimize connections from Windows to Microsoft services, or configure particular privacy settings, this article covers the settings that you could consider. ms.assetid: ACCEB0DD-BC6F-41B1-B359-140B242183D9 -keywords: privacy +keywords: privacy, disconnect from Microsoft ms.prod: W10 ms.mktglfcycl: manage ms.sitesec: library author: brianlic-msft --- -# Disconnect from Microsoft and configure privacy settings in your organization +# Disconnect your organization from Microsoft **Applies to** - Windows 10 -Learn about the telemetry that Microsoft gathers, the network connections that Windows components make to Microsoft, and also the privacy settings that affect data that is shared with either Microsoft or apps and how they can be managed by an IT Pro. +If you’re looking for content on what each telemetry level means and how to configure it in your organization, see [Configure telemetry in your organization](configure-telemetry-in-your-organization.md). + +Learn about the network connections that Windows components make to Microsoft and also the privacy settings that affect data that is shared with either Microsoft or apps and how they can be managed by an IT Pro. If you want to minimize connections from Windows to Microsoft services, or configure particular privacy settings, this article covers the settings that you could consider. You can configure telemetry at the lowest level for your edition of Windows, and also evaluate which other connections Windows makes to Microsoft services you want to turn off in your environment from the list in this article. -**Note**  Telemetry is a term that means different things to different people and organizations. For the purpose of this article, we discuss telemetry as system data that is uploaded by the Connected User Experience and Telemetry component. The telemetry data is used to keep Windows devices secure, and to help Microsoft improve the quality of Windows and Microsoft services. We discuss separately the network connections that Windows features and components make directly to Microsoft Services. It is used to provide a service to the user as part of Windows. - -  - Some of the network connections discussed in this article can be managed in Windows 10 Mobile, Windows 10 Mobile Enterprise, and the July release of Windows 10. However, you must use Windows 10 Enterprise, version 1511 or Windows 10 Education, version 1511 to manage them all. In Windows 10 Enterprise, version 1511 or Windows 10 Education, version 1511, you can configure telemetry at the Security level, turn off Windows Defender telemetry and MSRT reporting, and turn off all other connections to Microsoft services as described in this article to prevent Windows from sending any data to Microsoft. We strongly recommend against this, as this data helps us deliver a secure, reliable, and more delightful personalized experience. @@ -133,10 +131,6 @@ Here's what's covered in this article: - [23. Windows Update](#bkmk-wu) -- [Manage your telemetry settings](#bkmk-utc) - -- [How telemetry works](#bkmk-moreutc) - ## What's new in Windows 10, version 1511 @@ -255,46 +249,14 @@ Use either Group Policy or MDM policies to manage settings for Cortana. For more Find the Cortana Group Policy objects under **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Search**. - ---- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
PolicyDescription

Allow Cortana

Choose whether to let Cortana install and run on the device.

-

Default: Enabled

Allow search and Cortana to use location

Choose whether Cortana and Search can provide location-aware search results.

-

Default: Enabled

Do not allow web search

Choose whether to search the web from Windows Desktop Search.

-

Default: Disabled

Don't search the web or display web results in Search

Choose whether to search the web from Cortana.

-

Default: Disabled

Set what information is shared in Search

Control what information is shared with Bing in Search.

-  +| Policy | Description | +-------------------------------------------------------|---------------------------------------------------------------------------------------| +| Allow Cortana | Choose whether to let Cortana install and run on the device. | +| Allow search and Cortana to use location | Choose whether Cortana and Search can provide location-aware search results. | +| Do not allow web search | Choose whether to search the web from Windows Desktop Search.
Default: Disabled| +| Don't search the web or display web results in Search| Choose whether to search the web from Cortana. | +| Set what information is shared in Search | Control what information is shared with Bing in Search. | When you enable the **Don't search the web or display web results in Search** Group Policy, you can control the behavior of whether Cortana searches the web to display web results. However, this policy only covers whether or not web search is performed. There could still be a small amount of network traffic to Bing.com to evaluate if certain Cortana components are up-to-date or not. In order to turn off that network activity completely, you can create a Windows Firewall rule to prevent outbound traffic. @@ -325,38 +287,14 @@ When you enable the **Don't search the web or display web results in Search** Gr **Note**   If your organization tests network traffic, you should not use Fiddler to test Windows Firewall settings. You should use a network traffic analyzer, such as WireShark or Message Analyzer. -  - ### 1.2 Cortana MDM policies The following Cortana MDM policies are available in the [Policy CSP](http://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). - ---- - - - - - - - - - - - - - - - - -
PolicyDescription

Experience/AllowCortana

Choose whether to let Cortana install and run on the device.

-

Default: Allowed

Search/AllowSearchToUseLocation

Choose whether Cortana and Search can provide location-aware search results.

-

Default: Allowed

- -  +| Policy | Description | +-------------------------------------------------------|-----------------------------------------------------------------------------------------------------| +| Experience/AllowCortana | Choose whether to let Cortana install and run on the device. | +| Search/AllowSearchToUseLocation | Choose whether Cortana and Search can provide location-aware search results.
Default: Allowed| ### 1.3 Cortana Windows Provisioning @@ -385,8 +323,6 @@ To turn off font streaming, create a REG\_DWORD registry setting called **Disabl **Note**   This may change in future versions of Windows. -  - ### 5. Insider Preview builds To turn off Insider Preview builds if you're running a released version of Windows 10. If you're running a preview version of Windows 10, you must roll back to a released version before you can turn off Insider Preview builds. @@ -425,49 +361,13 @@ Use Group Policy to manage settings for Internet Explorer. Find the Internet Explorer Group Policy objects under **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer**. - ---- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
PolicyDescription

Turn on Suggested Sites

Choose whether an employee can configure Suggested Sites.

-

Default: Enabled

-

You can also turn this off in the UI by clearing the Internet Options > Advanced > Enable Suggested Sites check box.

Allow Microsoft services to provide enhanced suggestions as the user types in the Address Bar

Choose whether an employee can configure enhanced suggestions, which are presented to the employee as they type in the address bar.

-

Default: Enabled

Turn off the auto-complete feature for web addresses

Choose whether auto-complete suggests possible matches when employees are typing web address in the address bar.

-

Default: Disabled

-

You can also turn this off in the UI by clearing the Internet Options > Advanced > Use inline AutoComplete in the Internet Explorer Address Bar and Open Dialog check box.

Disable Periodic Check for Internet Explorer software updates

Choose whether Internet Explorer periodically checks for a new version.

-

Default: Enabled

Turn off browser geolocation

Choose whether websites can request location data from Internet Explorer.

-

Default: Disabled

- -  +| Policy | Description | +-------------------------------------------------------|-----------------------------------------------------------------------------------------------------| +| Turn on Suggested Sites| Choose whether an employee can configure Suggested Sites.
Default: Enabled
You can also turn this off in the UI by clearing the **Internet Options** > **Advanced** > **Enable Suggested Sites** check box.| +| Allow Microsoft services to provide enhanced suggestions as the user types in the Address Bar | Choose whether an employee can configure enhanced suggestions, which are presented to the employee as they type in the address bar.
Default: Enabled| +| Turn off the auto-complete feature for web addresses | Choose whether auto-complete suggests possible matches when employees are typing web address in the address bar.
Default: Disabled
You can also turn this off in the UI by clearing the Internet Options > **Advanced** > **Use inline AutoComplete in the Internet Explorer Address Bar and Open Dialog** check box.| +| Disable Periodic Check for Internet Explorer software updates| Choose whether Internet Explorer periodically checks for a new version.
Default: Enabled | +| Turn off browser geolocation | Choose whether websites can request location data from Internet Explorer.
Default: Disabled| ### 6.2 ActiveX control blocking @@ -504,105 +404,27 @@ Find the Microsoft Edge Group Policy objects under **Computer Configuration** &g **Note**   The Microsoft Edge Group Policy names were changed in Windows 10, version 1511. The table below reflects those changes. -  - - ---- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
PolicyDescription

Turn off autofill

Choose whether employees can use autofill on websites.

-

Default: Enabled

Allow employees to send Do Not Track headers

Choose whether employees can send Do Not Track headers.

-

Default: Disabled

Turn off password manager

Choose whether employees can save passwords locally on their devices.

-

Default: Enabled

Turn off address bar search suggestions

Choose whether the address bar shows search suggestions.

-

Default: Enabled

Turn off the SmartScreen Filter

Choose whether SmartScreen is turned on or off.

-

Default: Enabled

Open a new tab with an empty tab

Choose whether a new tab page appears.

-

Default: Enabled

Configure corporate Home pages

Choose the corporate Home page for domain-joined devices.

-

Set this to about:blank

- -  +| Policy | Description | +-------------------------------------------------------|-----------------------------------------------------------------------------------------------------| +| Turn off autofill | Choose whether employees can use autofill on websites.
Default: Enabled | +| Allow employees to send Do Not Track headers | Choose whether employees can send Do Not Track headers.
Default: Disabled | +| Turn off password manager | Choose whether employees can save passwords locally on their devices.
Default: Enabled | +| Turn off address bar search suggestions | Choose whether the address bar shows search suggestions.
Default: Enabled | +| Turn off the SmartScreen Filter | Choose whether SmartScreen is turned on or off.
Default: Enabled | +| Open a new tab with an empty tab | Choose whether a new tab page appears.
Default: Enabled | +| Configure corporate Home pages | Choose the corporate Home page for domain-joined devices.
Set this to **about:blank** | ### 8.2 Microsoft Edge MDM policies The following Microsoft Edge MDM policies are available in the [Policy CSP](http://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). - ---- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
PolicyDescription

Browser/AllowAutoFill

Choose whether employees can use autofill on websites.

-

Default: Allowed

Browser/AllowDoNotTrack

Choose whether employees can send Do Not Track headers.

-

Default: Not allowed

Browser/AllowPasswordManager

Choose whether employees can save passwords locally on their devices.

-

Default: Allowed

Browser/AllowSearchSuggestionsinAddressBar

Choose whether the address bar shows search suggestions.

-

Default: Allowed

Browser/AllowSmartScreen

Choose whether SmartScreen is turned on or off.

-

Default: Allowed

- -  +| Policy | Description | +-------------------------------------------------------|-----------------------------------------------------------------------------------------------------| +| Browser/AllowAutoFill | Choose whether employees can use autofill on websites.
Default: Allowed | +| Browser/AllowDoNotTrack | Choose whether employees can send Do Not Track headers.
Default: Not allowed | +| Browser/AllowPasswordManager | Choose whether employees can save passwords locally on their devices.
Default: Allowed | +| Browser/AllowSearchSuggestionsinAddressBar | Choose whether the address bar shows search suggestions..
Default: Allowed | +| Browser/AllowSmartScreen | Choose whether SmartScreen is turned on or off.
Default: Allowed | ### 8.3 Microsoft Edge Windows Provisioning @@ -830,7 +652,7 @@ To turn off **Turn on SmartScreen Filter to check web content (URLs) that Window To turn off **Send Microsoft info about how I write to help us improve typing and writing in the future**: **Note**   -If the telemetry level is set to either [Basic](#bkmk-utc-basic) or [Security](#bkmk-utc-security), this is turned off automatically. +If the telemetry level is set to either **Basic** or **Security**, this is turned off automatically.   @@ -877,8 +699,6 @@ To turn off **Location for this device**: **Note**   You can also set this MDM policy in System Center Configuration Manager using the [WMI Bridge Provider](http://msdn.microsoft.com/library/dn905224.aspx). -   - -or- - Create a provisioning package, using **Runtime settings** > **Policies** > **System** > **AllowLocation**, where @@ -929,10 +749,8 @@ To turn off **Let apps use my camera**: **Note**   You can also set this MDM policy in System Center Configuration Manager using the [WMI Bridge Provider](http://msdn.microsoft.com/library/dn905224.aspx). - -   - - -or- + + -or- - Create a provisioning package with use Windows ICD, using **Runtime settings** > **Policies** > **Camera** > **AllowCamera**, where: @@ -952,7 +770,7 @@ To turn off **Let apps use my microphone**: - Turn off the feature in the UI. - -or- + -or- - Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** > **Let Windows apps access the microphone** @@ -975,15 +793,15 @@ To turn off the functionality: - Click the **Stop getting to know me** button, and then click **Turn off**. - -or- + -or- - Enable the Group Policy: **Computer Configuration** > **Administrative Templates** > **Control Panel** > **Regional and Language Options** > **Handwriting personalization** > **Turn off automatic learning** - -or- + -or- - Create a REG\_DWORD registry setting called **AcceptedPrivacyPolicy** in **HKEY\_CURRENT\_USER\\SOFTWARE\\Microsoft\\Personalization\\Settings**, with a value of 0 (zero). - -and- + -and- Create a REG\_DWORD registry setting called **HarvestContacts** in **HKEY\_CURRENT\_USER\\SOFTWARE\\Microsoft\\InputPersonalization\\TrainedDataStore**, with a value of 0 (zero). @@ -995,7 +813,7 @@ To turn off **Let apps access my name, picture, and other account info**: - Turn off the feature in the UI. - -or- + -or- - Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** > **Let Windows apps access account information** @@ -1013,7 +831,7 @@ To turn off **Choose apps that can access contacts**: - Turn off the feature in the UI for each app. - -or- + -or- - Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** > **Let Windows apps access contacts** @@ -1027,7 +845,7 @@ To turn off **Let apps access my calendar**: - Turn off the feature in the UI. - -or- + -or- - Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** > **Let Windows apps access the calendar** @@ -1045,7 +863,7 @@ To turn off **Let apps access my call history**: - Turn off the feature in the UI. - -or- + -or- - Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** > **Let Windows apps access call history** @@ -1059,7 +877,7 @@ To turn off **Let apps access and send email**: - Turn off the feature in the UI. - -or- + -or- - Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** > **Let Windows apps access email** @@ -1132,11 +950,11 @@ Feedback frequency only applies to user-generated feedback, not diagnostic and u - To change from **Automatically (Recommended)**, use the drop-down list in the UI. - -or- + -or- - Enable the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Data Collection and Preview Builds** > **Do not show feedback notifications** - -or- + -or- - Create the registry keys (REG\_DWORD type): @@ -1158,40 +976,40 @@ Feedback frequency only applies to user-generated feedback, not diagnostic and u To change the level of diagnostic and usage data sent when you **Send your device data to Microsoft**: -- To change from [Enhanced](#bkmk-utc-enhanced), use the drop-down list in the UI. The other levels are **Basic** and **Full**. For more info about these levels, see [How telemetry works](#bkmk-moreutc). +- To change from **Enhanced**, use the drop-down list in the UI. The other levels are **Basic** and **Full**. **Note**   - You can't use the UI to change the telemetry level to [Security](#bkmk-utc-security). + You can't use the UI to change the telemetry level to **Security**.   - -or- + -or- - Apply the Group Policy: **Computer Configuration\\Administrative Templates\\Windows Components\\Data Collection And Preview Builds\\Allow Telemetry** - -or- + -or- - Apply the System/AllowTelemetry MDM policy from the [Policy CSP](http://msdn.microsoft.com/library/windows/hardware/dn904962.aspx), where: - - **0**. Maps to the [Security](#bkmk-utc-security) level. + - **0**. Maps to the **Security** level. - - **1**. Maps to the [Basic](#bkmk-utc-basic) level. + - **1**. Maps to the **Basic** level. - - **2**. Maps to the [Enhanced](#bkmk-utc-enhanced) level. + - **2**. Maps to the **Enhanced** level. - - **3**. Maps to the [Full](#bkmk-utc-full) level. + - **3**. Maps to the **Full** level. - -or- + -or- - Create a provisioning package, using **Runtime settings** > **Policies** > **System** > **AllowTelemetry**, where: - - **0**. Maps to the [Security](#bkmk-utc-security) level. + - **0**. Maps to the **Security** level. - - **1**. Maps to the [Basic](#bkmk-utc-basic) level. + - **1**. Maps to the **Basic** level. - - **2**. Maps to the [Enhanced](#bkmk-utc-enhanced) level. + - **2**. Maps to the **Enhanced** level. - - **3**. Maps to the [Full](#bkmk-utc-full) level. + - **3**. Maps to the **Full** level. ### 13.15 Background apps @@ -1263,7 +1081,7 @@ To turn off **Connect to suggested open hotspots** and **Connect to networks sha -or- -- Use the Unattended settings to set the value of WiFiSenseAllowed to 0 (zero). For more info, see the Unattended Windows Setup reference doc, [WiFiSenseAllowed.](http://go.microsoft.com/fwlink/p/?LinkId=620910) +- Use the Unattended settings to set the value of WiFiSenseAllowed to 0 (zero). For more info, see the Unattended Windows Setup reference doc, [WiFiSenseAllowed](http://go.microsoft.com/fwlink/p/?LinkId=620910). When turned off, the Wi-Fi Sense settings still appear on the Wi-Fi Settings screen, but they’re non-functional and they can’t be controlled by the employee. @@ -1360,7 +1178,7 @@ You can turn off the ability to launch apps from the Windows Store that were pre ### 22. Windows Update Delivery Optimization -Windows Update Delivery Optimization lets you get Windows updates and Windows Store apps from sources in addition to Microsoft, which not only helps when you have a limited or unreliable Internet connection, but can also help you reduce the amount of bandwidth needed to keep all of your organization’s PCs up-to-date. If you have Delivery Optimization turned on, PCs on your network may send and receive updates and apps to other PCs on your local network, if you choose, or to PCs on the Internet. +Windows Update Delivery Optimization lets you get Windows updates and Windows Store apps from sources in addition to Microsoft, which not only helps when you have a limited or unreliable Internet connection, but can also help you reduce the amount of bandwidth needed to keep all of your organization's PCs up-to-date. If you have Delivery Optimization turned on, PCs on your network may send and receive updates and apps to other PCs on your local network, if you choose, or to PCs on the Internet. By default, PCs running Windows 10 Enterprise and Windows 10 Education will only use Delivery Optimization to get and receive updates for PCs and apps on your local network. @@ -1376,115 +1194,26 @@ You can set up Delivery Optimization from the **Settings** UI. You can find the Delivery Optimization Group Policy objects under **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Delivery Optimization**. - ---- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
PolicyDescription

Download Mode

Lets you choose where Delivery Optimization gets or sends updates and apps, including

-
    -

  • None. Turns off Delivery Optimization.

    • -

  • Group. Gets or sends updates and apps to PCs on the same local network domain.

    • -

  • Internet. Gets or sends updates and apps to PCs on the Internet.

    • -

  • LAN. Gets or sends updates and apps to PCs on the same NAT only.

    • -

Group ID

Lets you provide a Group ID that limits which PCs can share apps and updates.

-
-Note   -

This ID must be a GUID.

-
-
-  -

Max Cache Age

Lets you specify the maximum time (in seconds) that a file is held in the Delivery Optimization cache.

-

The default value is 259200 seconds (3 days).

Max Cache Size

Lets you specify the maximum cache size as a percentage of disk size.

-

The default value is 20, which represents 20% of the disk.

Max Upload Bandwidth

Lets you specify the maximum upload bandwidth (in KB/second) that a device uses across all concurrent upload activity.

-

The default value is 0, which means unlimited possible bandwidth.

- -  +| Policy | Description | +----------------------------|-----------------------------------------------------------------------------------------------------| +| Download Mode | Lets you choose where Delivery Optimization gets or sends updates and apps, including

  • None. Turns off Delivery Optimization.

  • Group. Gets or sends updates and apps to PCs on the same local network domain.

  • Internet. Gets or sends updates and apps to PCs on the Internet.

  • LAN. Gets or sends updates and apps to PCs on the same NAT only.

| +| Group ID | Lets you provide a Group ID that limits which PCs can share apps and updates.
** Note** This ID must be a GUID.| +| Max Cache Age | Lets you specify the maximum time (in seconds) that a file is held in the Delivery Optimization cache.
The default value is 259200 seconds (3 days).| +| Max Cache Size | Lets you specify the maximum cache size as a percentage of disk size.
The default value is 20, which represents 20% of the disk.| +| Max Upload Bandwidth | Lets you specify the maximum upload bandwidth (in KB/second) that a device uses across all concurrent upload activity.
The default value is 0, which means unlimited possible bandwidth.| ### 22.3 Delivery Optimization MDM policies The following Delivery Optimization MDM policies are available in the [Policy CSP](http://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). - ---- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
PolicyDescription

DeliveryOptimization/DODownloadMode

Lets you configure where Delivery Optimization gets or sends updates and apps, including:

-
    -

  • 0. Turns off Delivery Optimization.

    • -

  • 1. Gets or sends updates and apps to PCs on the same NAT only.

    • -

  • 2. Gets or sends updates and apps to PCs on the same local network domain.

    • -

  • 3. Gets or sends updates and apps to PCs on the Internet.

    • -

DeliveryOptimization/DOGroupID

Lets you provide a Group ID that limits which PCs can share apps and updates.

-
-Note   -

This ID must be a GUID.

-
-
-  -

DeliveryOptimization/DOMaxCacheAge

Lets you specify the maximum time (in seconds) that a file is held in the Delivery Optimization cache.

-

The default value is 259200 seconds (3 days).

DeliveryOptimization/DOMaxCacheSize

Lets you specify the maximum cache size as a percentage of disk size.

-

The default value is 20, which represents 20% of the disk.

DeliveryOptimization/DOMaxUploadBandwidth

Lets you specify the maximum upload bandwidth (in KB/second) that a device uses across all concurrent upload activity.

-

The default value is 0, which means unlimited possible bandwidth.

+| Policy | Description | +----------------------------|-----------------------------------------------------------------------------------------------------| +| DeliveryOptimization/DODownloadMode | Lets you choose where Delivery Optimization gets or sends updates and apps, including

  • 0. Turns off Delivery Optimization.

  • 1. Gets or sends updates and apps to PCs on the same NAT only.

  • 2. Gets or sends updates and apps to PCs on the same local network domain.

  • 3. Gets or sends updates and apps to PCs on the Internet.

| +| DeliveryOptimization/DOGroupID | Lets you provide a Group ID that limits which PCs can share apps and updates.
** Note** This ID must be a GUID.| +| DeliveryOptimization/DOMaxCacheAge | Lets you specify the maximum time (in seconds) that a file is held in the Delivery Optimization cache.
The default value is 259200 seconds (3 days).| +| DeliveryOptimization/DOMaxCacheSize | Lets you specify the maximum cache size as a percentage of disk size.
The default value is 20, which represents 20% of the disk.| +| DeliveryOptimization/DOMaxUploadBandwidth | Lets you specify the maximum upload bandwidth (in KB/second) that a device uses across all concurrent upload activity.
The default value is 0, which means unlimited possible bandwidth.| -  ### 22.4 Delivery Optimization Windows Provisioning @@ -1541,15 +1270,15 @@ You can manage your telemetry settings using the management tools you're already You can set your organization's devices to use 1 of 4 telemetry levels: -- [Security](#bkmk-utc-security) (only available on Windows 10 Enterprise, Windows 10 Education, and Windows 10 IoT Core (IoT Core) editions) +- **Security** (only available on Windows 10 Enterprise, Windows 10 Education, and Windows 10 IoT Core (IoT Core) editions) -- [Basic](#bkmk-utc-basic) +- **Basic** -- [Enhanced](#bkmk-utc-enhanced) +- **Enhanced** -- [Full](#bkmk-utc-full) +- **Full** -For more info about these telemetry levels, see [Telemetry levels](#bkmk-telemetrylevels). In Windows 10 Enterprise, Windows 10 Education, and IoT Core, the default telemetry level is [Enhanced](#bkmk-utc-enhanced). +In Windows 10 Enterprise, Windows 10 Education, and IoT Core, the default telemetry level is **Enhanced**. **Important**   These telemetry levels only apply to Windows components and apps that use the Connected User Experience and Telemetry component. Non-Windows components, such as Microsoft Office or other 3rd-party apps, may communicate with their cloud services outside of these telemetry levels. App publishers must let people know about how they use their telemetry, ways to opt in or opt out, and they must separately document their privacy policies. @@ -1570,13 +1299,13 @@ Use a Group Policy object to set your organization’s telemetry level. Use the [Policy Configuration Service Provider (CSP)](http://msdn.microsoft.com/library/windows/hardware/dn904962.aspx) to apply the System/AllowTelemetry MDM policy, using one of these telemetry values: -- **0**. Maps to the [Security](#bkmk-utc-security) level. +- **0**. Maps to the **Security** level. -- **1**. Maps to the [Basic](#bkmk-utc-basic) level. +- **1**. Maps to the **Basic** level. -- **2**. Maps to the [Enhanced](#bkmk-utc-enhanced) level. +- **2**. Maps to the **Enhanced** level. -- **3**. Maps to the [Full](#bkmk-utc-full) level. +- **3**. Maps to the **Full** level. ### Use Windows Provisioning to set the telemetry level @@ -1594,13 +1323,13 @@ After you create the provisioning package, you can email it to your employees, p 4. Go to **Runtime settings** > **Policies** > **System** > **AllowTelemetry** to configure the policies. You can set it to one of the following: - - **Disabled \[Enterprise SKU Only\]**. Maps to the [Security](#bkmk-utc-security) level. + - **Disabled \[Enterprise SKU Only\]**. Maps to the **Security** level. - - **Basic**. Maps to the [Basic](#bkmk-utc-basic) level. + - **Basic**. Maps to the **Basic** level. - - **Full**. Maps to the [Enhanced](#bkmk-utc-enhanced) level + - **Full**. Maps to the **Enhanced** level - - **Diagnostic**. Maps to the [Full](#bkmk-utc-full) level. + - **Diagnostic**. Maps to the **Full** level. 5. After you've added all of your settings to the provisioning package, click **Export** > **Provisioning package**. @@ -1626,13 +1355,13 @@ If a management policy already exists (from Group Policy, MDM, or Windows Provis 4. Double-click **AllowTelemetry** and set the value to one of the following levels, and the click **OK**. - - **0**. This setting maps to the [Security](#bkmk-utc-security) level. + - **0**. This setting maps to the **Security** level. - - **1**. This setting maps to the [Basic](#bkmk-utc-basic) level. + - **1**. This setting maps to the **Basic** level. - - **2**. This setting maps to the [Enhanced](#bkmk-utc-enhanced) level + - **2**. This setting maps to the **Enhanced** level - - **3**. This setting maps to the [Full](#bkmk-utc-full) level. + - **3**. This setting maps to the **Full** level. 5. Click **File** > **Export**, and then save the file as a .reg file, such as **C:\\AllowTelemetry.reg**. You can run this file from a script on each device in your organization. @@ -1649,161 +1378,4 @@ There are a few more settings that you can turn off that may send telemetry info - Turn off Linguistic Data Collection in **Settings** > **Privacy**. At telemetry levels Enhanced and Full, Microsoft uses Linguistic Data Collection info to improve language model features such as autocomplete, spellcheck, suggestions, input pattern recognition, and dictionary. For more info, see the **Get to know me** setting in the [Speech, inking, & typing](#bkmk-priv-speech) section of this article and the **Send Microsoft info about how I write to help us improve typing and writing in the future** setting in the [General](#bkmk-priv-general) section of this article. **Note**   - Microsoft doesn't intentionally gather sensitive information, such as credit card numbers, usernames and passwords, email addresses, or other similarly sensitive information for Linguistic Data Collection. We guard against such events by using technologies to identify and remove sensitive information before linguistic data is sent from the user's device. If we determine that sensitive information has been inadvertently received, we delete the information. - -   - -## How telemetry works - - -Windows uses telemetry information to analyze and fix software problems. It also helps Microsoft improve its software and provide updates that enhance the security and reliability of devices within your organization. - -### Telemetry levels - -This section explains the different telemetry levels in Windows 10. These levels are available on all desktop and mobile editions of Windows 10, with the exception of the Security level which is limited to Windows 10 Enterprise, Windows 10 Education, Windows 10 Mobile Enterprise, and IoT Core. - -- **Security**. Information that's required to help keep Windows secure, including info about theConnected User Experience and Telemetry component settings, the Malicious Software Removal Tool, and Windows Defender. This level is available only on Windows 10 Enterprise, Windows 10 Education, Windows 10 Mobile Enterprise, and IoT Core. - -- **Basic**. Basic device info, including: quality-related info, app compat, and info from the Security level. - -- **Enhanced** Additional insights, including: how Windows and Windows apps are used, how they perform, advanced reliability info, and info from both the Basic and the Security levels. - -- **Full**. All info necessary to identify and help to fix problems, plus info from the Security, Basic, and Enhanced levels. - -As a diagram: - -![](images/priv-telemetry-levels.png) - -### Security level - -The Security level gathers only telemetry info that's required to keep Windows devices secure. This level is only available on Windows 10 Enterprise, Windows 10 Education, Windows 10 Mobile Enterprise, and IoT Core editions. - -**Note**   -If your organization relies on Windows Update for updates, you shouldn't use the Security level. Because no Windows Update information is gathered at this level, Microsoft can't tell whether an update successfully installed. - -You can continue to use Windows Server Update Services and System Center Configuration Manager while using the Security level. - -  - -Security level info includes: - -- **Connected User Experience and Telemetry component settings**. If data has been gathered and is queued to be sent, the Connected User Experience and Telemetry component downloads its settings file from Microsoft’s servers. The data collected by the client for this request includes OS information, device id (used to identify what specific device is requesting settings) and device class (for example, whether the device is server or desktop). - -- **Malicious Software Removal Tool (MSRT)** The MSRT infection report contains information, including device info and IP address. - - **Note**   - You can turn off the MSRT infection report. No MSRT information is included if MSRT is not used. If Windows Update is turned off, MSRT will not be offered to users. - -   - -- **Windows Defender**. Windows Defender requires some information to function, including: anti-malware signatures, diagnostic information, User Account Control settings, Unified Extensible Firmware Interface (UEFI) settings, and IP address. To configure this, see [Windows Defender](#bkmk-defender). - - **Note**   - This reporting can be turned off and no information is included if a customer is using third party antimalware software, or if Windows Defender is turned off. - - Microsoft recommends that Windows Update, Windows Defender, and MSRT remain enabled unless the enterprise uses alternative solutions such as Windows Server Update Services, System Center Configuration Manager, or a third party antimalware solution. Windows Update, Windows Defender, and MSRT provide core Windows functionality such as driver and OS updates, including security updates; moreover, Window Defender requires updated anti-malware signatures in order to provide security functionality. - -   - -No user content, such as user files or communications, is gathered at the Security telemetry level, and we take steps to avoid gathering any information that directly identifies a company or user, such as name, email address, or account ID. However, in rare circumstances, MSRT information may unintentionally contain personal information. For instance, some malware may create entries in a computer's registry that include information such as a username, causing it to be gathered. MSRT reporting is optional and can be turned off at any time. - -To set the telemetry level to Security, use a management policy (Group Policy or MDM) or by manually changing the setting in the registry. For more info, see the [Manage your telemetry settings](#bkmk-utc) section of this article. - -### Basic level - -The Basic level gathers a limited set of info that’s critical for understanding the device and its configuration. This level also includes the Security level info. This level helps to identify problems that can occur on a particular device hardware or software configuration. For example, it can help determine if crashes are more frequent on devices with a specific amount of memory or that are running a particular driver version. - -Basic level info includes: - -- **Basic device info**. Helps provide an understanding about the various types of devices in the Windows 10 ecosystem, including: - - - Device attributes, such as camera resolution and display type - - - Internet Explorer version - - - Battery attributes, such as capacity and type - - - Networking attributes, such as mobile operator network and IMEI number - - - Processor and memory attributes, such as number of cores, speed, and firmware - - - Operating system attributes, such as Windows edition and IsVirtualDevice - - - Storage attributes, such as number of drives and memory size - -- **Connected User Experience and Telemetry component quality metrics**. Helps provide an understanding about how the Connected User Experience and Telemetry component is functioning, including uploaded events, dropped events, and the last upload time. - -- **Quality-related information**. Helps Microsoft develop a basic understanding of how a device and its operating system are performing. Some examples are the amount of time a connected standby device was able to fullsleep, the number of crashes or hangs, and application state change details, such as how much processor time and memory were used, and the total uptime for an app. - -- **App compat info**. Helps provide understanding about which apps are installed on a device and to help identify potential compatibility problems. - - - **General app info and app info for Internet Explorer add-ons**. Includes a list of apps and Internet Explorer add-ons that are installed on a device and whether these apps will work after an upgrade. This app info includes the app name, publisher, version, and basic details about which files have been blocked from usage. - - - **System info**. Helps provide understanding about whether a device meets the minimum requirements to upgrade to the next version of the operating system. System information includes the amount of memory, as well as info about the processor and BIOS. - - - **Accessory device info**. Includes a list of accessory devices, such as printers or external storage devices, that are connected to Windows PCs and whether these devices will function after upgrading to a new version of the operating system. - - - **Driver info**. Includes specific driver usage that’s meant to help figure out whether apps and devices will function after upgrading to a new version of the operating system. This info can help to determine blocking issues and then help Microsoft and our partners apply fixes and improvements. - -- **Store**. Provides info about how the Windows Store performs, including app downloads, installations, and updates. It also includes Windows Store launches, page views, suspend and resumes, and obtaining licenses. - -### Enhanced level - -The Enhanced level gathers info about how Windows and apps are used and how they perform. This level also includes info from both the Basic and Security levels. This level helps to improve experiences by analyzing user interaction with the operating system and apps. Info from this level can be abstracted into patterns and trends that can help Microsoft determine future improvements. - -Enhanced level info includes: - -- **Operating system events**. Helps to gain insights into different areas of the operating system, including networking, Hyper-V, Cortana, and other components. - -- **Operating system app events**. A set of events resulting from Microsoft apps that were downloaded from the Store or pre-installed with Windows, including Photos, Mail, and Microsoft Edge. - -- **Device-specific events**. Contains info about events that are specific to certain devices, such as Surface Hub and Microsoft HoloLens. For example, Microsoft HoloLens sends Holographic Processing Unit (HPU)-related events. - -If the Connected User Experience and Telemetry component detects a problem that requires gathering more detailed instrumentation, then the Connected User Experience and Telemetry component will only gather info about the events associated with the specific issue, for no more than 2 weeks. Also, if the operating system or an app crashes or hangs, Microsoft will gather the memory contents of the faulting process only at the time of the crash or hang. - -### Full level - -The Full level gathers info necessary to identify and to help fix problems, following the approval process described below. This level also includes info from the Basic, Enhanced, and Security levels. - -Additionally, at this level, devices opted in to the Windows Insider Program will send events that can show Microsoft how pre-release binaries and features are performing. All devices in the Windows Insider Program are automatically set to this level. - -If a device experiences problems that are difficult to identify or repeat using Microsoft's internal testing, additional info becomes necessary. This info can include any user content that might have triggered the problem and is gathered from a small sample of devices that have both opted into the Full telemetry level and have exhibited the problem. - -However, before more info is gathered, Microsoft's privacy governance team, including privacy and other subject matter experts, must approve the diagnostics request made by a Microsoft engineer. If the request is approved, Microsoft engineers can use the following capabilities to get the information: - -- Ability to run a limited, pre-approved list of Microsoft certified diagnostic tools, such as msinfo32.exe, powercfg.exe, and dxdiag.exe. - -- Ability to get registry keys. - -- Ability to gather user content, such as documents, if they might have been the trigger for the issue. - -### How is telemetry information handled by Microsoft? - -### Collection - -Information gathered by the Connected User Experience and Telemetry component complies with Microsoft's security and privacy policies, as well as international laws and regulations. Only those who can demonstrate a valid business need can access the telemetry info. - -### Data Transfer - -All telemetry info is encrypted during transfer from the device to the Microsoft Data Management Service. Data is uploaded on a schedule that is sensitive to event priority, battery use, and network cost. Real-time events, such as gaming achievements, are always sent immediately. Normal events are not uploaded on metered networks. On a free network, normal events can be uploaded every 4 hours if on battery, or every 15 minutes if on A/C power. Diagnostic and crash data are only uploaded on A/C power and free networks. - -### Microsoft Data Management Service - -The Microsoft Data Management Service routes information to internal cloud storage, where it's compiled into business reports for analysis and research. Sensitive info is stored in a separate data store that's locked down to a small subset of Microsoft employees in the Windows Devices Group. The privacy governance team permits access only to people with a valid business justification. The Connected User Experiences and Telemetry component connects to the Microsoft Data Management service at v10.vortex-win.data.microsoft.com. The Connected User Experience and Telemetry component connects to settings-win.data.microsoft.com to collect its settings. - -### Usage - -Information is used by teams within Microsoft to provide, improve, and personalize experiences, and for security, health, quality, and performance analysis. - -An example of personalization is to create individually tailored in-product messages. - -Microsoft doesn't share organization-specific customer information with third parties, except at the customer's direction or for the limited purposes described in the privacy statement. However, we do share business reports with partners that include aggregated, anonymous telemetry information. Decisions to share info are made by an internal team that includes privacy, legal, and data management professionals. - -### Retention - -Microsoft believes in and practices information minimization, so we only gather the info we need, and we only store it for as long as it's needed to provide a service or for analysis. Much of the info about how Windows and apps are functioning is deleted within 30 days. Other info may be retained longer, particularly if there is a regulatory requirement to do so. Info is typically gathered at a fractional sampling rate, which for some client services, can be as low as 1%. - - - - - + Microsoft doesn't intentionally gather sensitive information, such as credit card numbers, usernames and passwords, email addresses, or other similarly sensitive information for Linguistic Data Collection. We guard against such events by using technologies to identify and remove sensitive information before linguistic data is sent from the user's device. If we determine that sensitive information has been inadvertently received, we delete the information. \ No newline at end of file diff --git a/windows/manage/lock-down-windows-10.md b/windows/manage/lock-down-windows-10.md index ffe9e7c732..72dbc00ec1 100644 --- a/windows/manage/lock-down-windows-10.md +++ b/windows/manage/lock-down-windows-10.md @@ -43,23 +43,27 @@ Enterprises often need to manage how people use corporate devices. Windows 10 p

Learn how to configure a device running Windows 10 Enterprise or Windows 10 Education so that users can only run a few specific apps. The result is similar to [a kiosk device](set-up-a-device-for-anyone-to-use.md), but with multiple apps available. For example, you might set up a library computer so that users can search the catalog and browse the Internet, but can't run any other apps or change computer settings.

-

[Configure telemetry and other settings in your organization](disconnect-your-organization-from-microsoft.md)

-

Learn about the telemetry that Microsoft gathers, the network connections that Windows components make to Microsoft, and also the privacy settings that affect data that is shared with either Microsoft or apps and how they can be managed by an IT Pro.

+

[Configure telemetry in your organization](configure-telemetry-in-your-organization.md)

+

Use this article to make informed decisions about how you can configure telemetry in your organization.

+

[Disconnect your organization from Microsoft](disconnect-your-organization-from-microsoft.md)

+

Learn about the network connections that Windows components make to Microsoft and also the privacy settings that affect data that is shared with either Microsoft or apps and how they can be managed by an IT Pro.

+ +

[Configure access to Windows Store](stop-employees-from-using-the-windows-store.md)

IT Pros can configure access to Windows Store for client computers in their organization. For some organizations, business policies require blocking access to Windows Store.

- +

[Manage Wi-Fi Sense in your company](manage-wifi-sense-in-enterprise.md)

Wi-Fi Sense automatically connects you to Wi-Fi, so you can get online quickly in more places. It can connect you to open Wi-Fi hotspots it knows about through crowdsourcing, or to Wi-Fi networks your contacts have shared with you by using Wi-Fi Sense.

The initial settings for Wi-Fi Sense are determined by the options you chose when you first set up your PC with Windows 10.

- +

[Configure Windows 10 Mobile using Lockdown XML](lockdown-xml.md)

Windows 10 Mobile allows enterprises to lock down a device, define multiple user roles, and configure custom layouts on a device.

- +

[Reset a Windows 10 Mobile device](reset-a-windows-10-mobile-device.md)

There are two methods for resetting a Windows 10 Mobile device: factory reset and "wipe and persist" reset.

From b7c4a15927826cbacc772a2f3d9c5eb19790dda3 Mon Sep 17 00:00:00 2001 From: Brian Lich Date: Thu, 14 Apr 2016 15:23:21 -0700 Subject: [PATCH 004/111] fixing tables --- ...onnect-your-organization-from-microsoft.md | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/windows/manage/disconnect-your-organization-from-microsoft.md b/windows/manage/disconnect-your-organization-from-microsoft.md index f4ceaf4890..e87264821a 100644 --- a/windows/manage/disconnect-your-organization-from-microsoft.md +++ b/windows/manage/disconnect-your-organization-from-microsoft.md @@ -73,7 +73,7 @@ Here's what's covered in this article: - [13. Settings > Privacy](#bkmk-settingssection) - - [13.1 General](#bkmk-general) + - [13.1 General](https://tnstage.redmond.corp.microsoft.com/en-us/itpro/windows/manage/change-history-for-manage-and-update-windows-10?branch=7087905) - [13.2 Location](#bkmk-priv-location) @@ -249,9 +249,8 @@ Use either Group Policy or MDM policies to manage settings for Cortana. For more Find the Cortana Group Policy objects under **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Search**. - | Policy | Description | --------------------------------------------------------|---------------------------------------------------------------------------------------| +|------------------------------------------------------|---------------------------------------------------------------------------------------| | Allow Cortana | Choose whether to let Cortana install and run on the device. | | Allow search and Cortana to use location | Choose whether Cortana and Search can provide location-aware search results. | | Do not allow web search | Choose whether to search the web from Windows Desktop Search.
Default: Disabled| @@ -292,7 +291,7 @@ If your organization tests network traffic, you should not use Fiddler to test W The following Cortana MDM policies are available in the [Policy CSP](http://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). | Policy | Description | --------------------------------------------------------|-----------------------------------------------------------------------------------------------------| +|------------------------------------------------------|-----------------------------------------------------------------------------------------------------| | Experience/AllowCortana | Choose whether to let Cortana install and run on the device. | | Search/AllowSearchToUseLocation | Choose whether Cortana and Search can provide location-aware search results.
Default: Allowed| @@ -362,7 +361,7 @@ Use Group Policy to manage settings for Internet Explorer. Find the Internet Explorer Group Policy objects under **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer**. | Policy | Description | --------------------------------------------------------|-----------------------------------------------------------------------------------------------------| +|------------------------------------------------------|-----------------------------------------------------------------------------------------------------| | Turn on Suggested Sites| Choose whether an employee can configure Suggested Sites.
Default: Enabled
You can also turn this off in the UI by clearing the **Internet Options** > **Advanced** > **Enable Suggested Sites** check box.| | Allow Microsoft services to provide enhanced suggestions as the user types in the Address Bar | Choose whether an employee can configure enhanced suggestions, which are presented to the employee as they type in the address bar.
Default: Enabled| | Turn off the auto-complete feature for web addresses | Choose whether auto-complete suggests possible matches when employees are typing web address in the address bar.
Default: Disabled
You can also turn this off in the UI by clearing the Internet Options > **Advanced** > **Use inline AutoComplete in the Internet Explorer Address Bar and Open Dialog** check box.| @@ -405,7 +404,7 @@ Find the Microsoft Edge Group Policy objects under **Computer Configuration** &g The Microsoft Edge Group Policy names were changed in Windows 10, version 1511. The table below reflects those changes. | Policy | Description | --------------------------------------------------------|-----------------------------------------------------------------------------------------------------| +|------------------------------------------------------|-----------------------------------------------------------------------------------------------------| | Turn off autofill | Choose whether employees can use autofill on websites.
Default: Enabled | | Allow employees to send Do Not Track headers | Choose whether employees can send Do Not Track headers.
Default: Disabled | | Turn off password manager | Choose whether employees can save passwords locally on their devices.
Default: Enabled | @@ -419,7 +418,7 @@ The Microsoft Edge Group Policy names were changed in Windows 10, version 1511. The following Microsoft Edge MDM policies are available in the [Policy CSP](http://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). | Policy | Description | --------------------------------------------------------|-----------------------------------------------------------------------------------------------------| +|------------------------------------------------------|-----------------------------------------------------------------------------------------------------| | Browser/AllowAutoFill | Choose whether employees can use autofill on websites.
Default: Allowed | | Browser/AllowDoNotTrack | Choose whether employees can send Do Not Track headers.
Default: Not allowed | | Browser/AllowPasswordManager | Choose whether employees can save passwords locally on their devices.
Default: Allowed | @@ -602,7 +601,7 @@ Use Settings > Privacy to configure some settings that may be important to yo - [13.15 Background apps](#bkmk-priv-background) -### 13.1 General +### 13.1 General **General** includes options that don't fall into other areas. @@ -1195,7 +1194,7 @@ You can set up Delivery Optimization from the **Settings** UI. You can find the Delivery Optimization Group Policy objects under **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Delivery Optimization**. | Policy | Description | -----------------------------|-----------------------------------------------------------------------------------------------------| +|---------------------------|-----------------------------------------------------------------------------------------------------| | Download Mode | Lets you choose where Delivery Optimization gets or sends updates and apps, including

  • None. Turns off Delivery Optimization.

  • Group. Gets or sends updates and apps to PCs on the same local network domain.

  • Internet. Gets or sends updates and apps to PCs on the Internet.

  • LAN. Gets or sends updates and apps to PCs on the same NAT only.

| | Group ID | Lets you provide a Group ID that limits which PCs can share apps and updates.
** Note** This ID must be a GUID.| | Max Cache Age | Lets you specify the maximum time (in seconds) that a file is held in the Delivery Optimization cache.
The default value is 259200 seconds (3 days).| @@ -1207,7 +1206,7 @@ You can find the Delivery Optimization Group Policy objects under **Computer Con The following Delivery Optimization MDM policies are available in the [Policy CSP](http://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). | Policy | Description | -----------------------------|-----------------------------------------------------------------------------------------------------| +|---------------------------|-----------------------------------------------------------------------------------------------------| | DeliveryOptimization/DODownloadMode | Lets you choose where Delivery Optimization gets or sends updates and apps, including

  • 0. Turns off Delivery Optimization.

  • 1. Gets or sends updates and apps to PCs on the same NAT only.

  • 2. Gets or sends updates and apps to PCs on the same local network domain.

  • 3. Gets or sends updates and apps to PCs on the Internet.

| | DeliveryOptimization/DOGroupID | Lets you provide a Group ID that limits which PCs can share apps and updates.
** Note** This ID must be a GUID.| | DeliveryOptimization/DOMaxCacheAge | Lets you specify the maximum time (in seconds) that a file is held in the Delivery Optimization cache.
The default value is 259200 seconds (3 days).| From d47f7d286d210d5fd87d9bbb6de0816f04a4cb4b Mon Sep 17 00:00:00 2001 From: unknown Date: Fri, 22 Apr 2016 13:12:16 -0700 Subject: [PATCH 005/111] added params to scanstate syntax topic --- windows/deploy/usmt-scanstate-syntax.md | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/windows/deploy/usmt-scanstate-syntax.md b/windows/deploy/usmt-scanstate-syntax.md index 09eb224de7..95594ff971 100644 --- a/windows/deploy/usmt-scanstate-syntax.md +++ b/windows/deploy/usmt-scanstate-syntax.md @@ -58,7 +58,7 @@ This section explains the syntax and usage of the **ScanState** command-line opt The **ScanState** command's syntax is: -scanstate \[*StorePath*\] \[/i:\[*Path*\\\]*FileName*\] \[/o\] \[/v:*VerbosityLevel*\] \[/nocompress\] \[/localonly\] \[/encrypt /key:*KeyString*|/keyfile:\[Path\\\]*FileName*\] \[/l:\[*Path*\\\]*FileName*\] \[/progress:\[*Path*\\\]*FileName*\] \[/r:*TimesToRetry*\] \[/w:*SecondsBeforeRetry*\] \[/c\] \[/p\] \[/all\] \[/ui:\[*DomainName*|*ComputerName*\\\]*UserName*\] \[/ue:\[*DomainName*|*ComputerName*\\\]*UserName*\] \[/uel:*NumberOfDays*|*YYYY/MM/DD*|0\] \[/efs:abort|skip|decryptcopy|copyraw\] \[/genconfig:\[*Path*\\\]*FileName*\[/config:\[*Path*\\\]*FileName*\] \[/?|help\] +scanstate \[*StorePath*\] \[/apps\] \[/ppkg:*FileName*\] \[/i:\[*Path*\\\]*FileName*\] \[/o\] \[/v:*VerbosityLevel*\] \[/nocompress\] \[/localonly\] \[/encrypt /key:*KeyString*|/keyfile:\[Path\\\]*FileName*\] \[/l:\[*Path*\\\]*FileName*\] \[/progress:\[*Path*\\\]*FileName*\] \[/r:*TimesToRetry*\] \[/w:*SecondsBeforeRetry*\] \[/c\] \[/p\] \[/all\] \[/ui:\[*DomainName*|*ComputerName*\\\]*UserName*\] \[/ue:\[*DomainName*|*ComputerName*\\\]*UserName*\] \[/uel:*NumberOfDays*|*YYYY/MM/DD*|0\] \[/efs:abort|skip|decryptcopy|copyraw\] \[/genconfig:\[*Path*\\\]*FileName*\[/config:\[*Path*\\\]*FileName*\] \[/?|help\] For example: @@ -89,6 +89,14 @@ To create an encrypted store using the Config.xml file and the default migration

StorePath

Indicates a folder where files and settings will be saved. Note that StorePath cannot be c:\. You must specify the StorePath option in the ScanState command, except when using the /genconfig option. You cannot specify more than one StorePath location.

+ +

/apps

+

Scans the image for apps and includes them and their associated registry settings.

+ + +

/ppkg [<FileName>]

+

Exports to a specific file location.

+

/o

Required to overwrite any existing data in the migration store or Config.xml file. If not specified, the ScanState command will fail if the migration store already contains data. You cannot use this option more than once on a command line.

From 97e8a98f7af64fe4e6574b49cef5af2dca407a37 Mon Sep 17 00:00:00 2001 From: unknown Date: Fri, 22 Apr 2016 13:19:37 -0700 Subject: [PATCH 006/111] fixed even row in table --- windows/deploy/usmt-scanstate-syntax.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deploy/usmt-scanstate-syntax.md b/windows/deploy/usmt-scanstate-syntax.md index 95594ff971..ff2636ee8c 100644 --- a/windows/deploy/usmt-scanstate-syntax.md +++ b/windows/deploy/usmt-scanstate-syntax.md @@ -89,7 +89,7 @@ To create an encrypted store using the Config.xml file and the default migration

StorePath

Indicates a folder where files and settings will be saved. Note that StorePath cannot be c:\. You must specify the StorePath option in the ScanState command, except when using the /genconfig option. You cannot specify more than one StorePath location.

- +

/apps

Scans the image for apps and includes them and their associated registry settings.

From 32f6a096b1fd7ca3722701a58efcbb6ab161700f Mon Sep 17 00:00:00 2001 From: Maggie Evans Date: Fri, 22 Apr 2016 15:12:54 -0700 Subject: [PATCH 007/111] Created redirect topics and links in main TOC. --- mdop/TOC.md | 2 ++ mdop/dart-v65 | 9 +++++++++ mdop/softgrid-application-virtualization | 9 +++++++++ 3 files changed, 20 insertions(+) create mode 100644 mdop/dart-v65 create mode 100644 mdop/softgrid-application-virtualization diff --git a/mdop/TOC.md b/mdop/TOC.md index ebafec6c21..56e5ab8cd5 100644 --- a/mdop/TOC.md +++ b/mdop/TOC.md @@ -3,10 +3,12 @@ ## [Application Virtualization]() ### [Application Virtualization 5](appv-v5/) ### [Application Virtualization 4](appv-v4/) +### [SoftGrid Application Virtualization](softgrid-application-virtualization.md) ## [Diagnostics and Recovery Toolset]() ### [Diagnostics and Recovery Toolset 10](dart-v10/) ### [Diagnostics and Recovery Toolset 8](dart-v8/) ### [Diagnostics and Recovery Toolset 7](dart-v7/) +### [Diagnostics and Recovery Toolset 6.5](dart-v65.md) ## [Microsoft Bitlocker Administration and Monitoring]() ### [Microsoft Bitlocker Administration and Monitoring 2.5](mbam-v25/) ### [Microsoft Bitlocker Administration and Monitoring 2](mbam-v2/) diff --git a/mdop/dart-v65 b/mdop/dart-v65 new file mode 100644 index 0000000000..335e945881 --- /dev/null +++ b/mdop/dart-v65 @@ -0,0 +1,9 @@ +--- +title: Diagnostics and Recovery Toolset 6.5 +description: Diagnostics and Recovery Toolset 6.5 +author: jamiejdt +--- + +# Diagnostics and Recovery Toolset 6.5 + +Selecting the link for [Diagnostics and Recovery Toolset 6.5 documentation](https://technet.microsoft.com/en-us/library/jj713388.aspx) will take you to another website. Use your browser's **Back** button to return to this page. \ No newline at end of file diff --git a/mdop/softgrid-application-virtualization b/mdop/softgrid-application-virtualization new file mode 100644 index 0000000000..fd762e0136 --- /dev/null +++ b/mdop/softgrid-application-virtualization @@ -0,0 +1,9 @@ +--- +title: SoftGrid Application Virtualization +description: SoftGrid Application Virtualization +author: jamiejdt +--- + +# SoftGrid Application Virtualization + +Selecting the link for [SoftGrid Application Virtualization documentation](https://technet.microsoft.com/en-us/library/bb906040.aspx) will take you to another website. Use your browser's **Back** button to return to this page. \ No newline at end of file From db0a455bcf7f02c83e76eb8ea2d7e2c7655de080 Mon Sep 17 00:00:00 2001 From: Maggie Evans Date: Fri, 22 Apr 2016 15:21:20 -0700 Subject: [PATCH 008/111] Removed links to old content --- mdop/agpm/resources-for-agpm.md | 4 ---- 1 file changed, 4 deletions(-) diff --git a/mdop/agpm/resources-for-agpm.md b/mdop/agpm/resources-for-agpm.md index a87c1701fd..def2f4bf52 100644 --- a/mdop/agpm/resources-for-agpm.md +++ b/mdop/agpm/resources-for-agpm.md @@ -12,10 +12,6 @@ author: jamiejdt - [Advanced Group Policy Management 4.0 documents](http://go.microsoft.com/fwlink/?LinkID=158931) -- [Advanced Group Policy Management 3.0 documents](http://go.microsoft.com/fwlink/?LinkID=158930) - -- [Advanced Group Policy Management 2.5 documents](http://go.microsoft.com/fwlink/?LinkId=163556) - ### Microsoft Desktop Optimization Pack resources - [Microsoft Desktop Optimization Pack (MDOP) for Software Assurance TechCenter](http://go.microsoft.com/fwlink/?LinkID=159870) (http://www.microsoft.com/technet/mdop): Links to MDOP videos and resources. From 8822930ebecd23fc1c43cec467fa6d90135eb13d Mon Sep 17 00:00:00 2001 From: Maggie Evans Date: Fri, 22 Apr 2016 15:24:13 -0700 Subject: [PATCH 009/111] Corrected file names - renamed --- mdop/{dart-v65 => dart-v65.md} | 0 ...tion-virtualization => softgrid-application-virtualization.md} | 0 2 files changed, 0 insertions(+), 0 deletions(-) rename mdop/{dart-v65 => dart-v65.md} (100%) rename mdop/{softgrid-application-virtualization => softgrid-application-virtualization.md} (100%) diff --git a/mdop/dart-v65 b/mdop/dart-v65.md similarity index 100% rename from mdop/dart-v65 rename to mdop/dart-v65.md diff --git a/mdop/softgrid-application-virtualization b/mdop/softgrid-application-virtualization.md similarity index 100% rename from mdop/softgrid-application-virtualization rename to mdop/softgrid-application-virtualization.md From aefb6f66b9744231f98c1e75510ff89fedfb9426 Mon Sep 17 00:00:00 2001 From: Brian Lich Date: Mon, 25 Apr 2016 09:08:47 -0700 Subject: [PATCH 010/111] VSO bug# 7007957 --- windows/manage/disconnect-your-organization-from-microsoft.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/manage/disconnect-your-organization-from-microsoft.md b/windows/manage/disconnect-your-organization-from-microsoft.md index 925e0f6684..3ef46d052e 100644 --- a/windows/manage/disconnect-your-organization-from-microsoft.md +++ b/windows/manage/disconnect-your-organization-from-microsoft.md @@ -370,7 +370,7 @@ You can prevent Windows from setting the time automatically. -or- -- Create a REG\_DWORD registry setting called **NoSync** in **HKEY\_LOCAL\_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\W32Time\\Parameters**, with a value of 1. +- Create a REG\_SZ registry setting in **HKEY\_LOCAL\_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\W32Time\\Parameters** with a value of **NoSync**. ### 3. Device metadata retrieval From 91ea078a3f83aa6a7849d2234f87b862b6b26974 Mon Sep 17 00:00:00 2001 From: Brian Lich Date: Mon, 25 Apr 2016 09:37:16 -0700 Subject: [PATCH 011/111] Added text in Security level section that lists supported editions --- windows/manage/configure-telemetry-in-your-organization.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/manage/configure-telemetry-in-your-organization.md b/windows/manage/configure-telemetry-in-your-organization.md index 419bc3113d..30c5e247ea 100644 --- a/windows/manage/configure-telemetry-in-your-organization.md +++ b/windows/manage/configure-telemetry-in-your-organization.md @@ -95,7 +95,7 @@ The levels are cumulative and are illustrated in the following diagram. These le ### Security level -The Security level gathers only the telemetry info that is required to keep Windows devices, Windows Server, and guests secure with the latest security updates. +The Security level gathers only the telemetry info that is required to keep Windows devices, Windows Server, and guests secure with the latest security updates. This level is only available on Windows Server 2016, Windows 10 Enterprise, Windows 10 Education, Windows 10 Mobile Enterprise, and IoT Core editions. **Note**   If your organization relies on Windows Update for updates, you shouldn’t use the **Security** level. Because no Windows Update information is gathered at this level, important information about update failures is not sent. Microsoft uses this information to fix the causes of those failures and improve the quality of our updates. From 389fdb445660ed90f88d422be81c320ea7b4b9c1 Mon Sep 17 00:00:00 2001 From: Trudy Hakala Date: Mon, 25 Apr 2016 11:00:36 -0700 Subject: [PATCH 012/111] adding topic --- ...acquire-apps-windows-store-for-business.md | 54 ++++++++++++++++++ windows/manage/images/wsfb-paid-app-temp.png | Bin 0 -> 69880 bytes 2 files changed, 54 insertions(+) create mode 100644 windows/manage/acquire-apps-windows-store-for-business.md create mode 100644 windows/manage/images/wsfb-paid-app-temp.png diff --git a/windows/manage/acquire-apps-windows-store-for-business.md b/windows/manage/acquire-apps-windows-store-for-business.md new file mode 100644 index 0000000000..5ac43b146d --- /dev/null +++ b/windows/manage/acquire-apps-windows-store-for-business.md @@ -0,0 +1,54 @@ +--- +title: Acquire apps in Windows Store for Business (Windows 10) +description: As an admin, you can acquire apps from the Windows Store for Business for your employees. Some apps are free, and some have a price. For info on app types that are supported, see Apps in the Windows Store for Business. +ms.prod: W10 +ms.mktglfcycl: manage +ms.sitesec: library +--- + +# Acquire apps in Windows Store for Business +As an admin, you can acquire apps from the Windows Store for Business for your employees. Some apps are free, and some have a price. For info on app types that are supported, see [Apps in the Windows Store for Business](apps-in-windows-store-for-business.md). + +## App licensing model +The Business store supports two options to license apps: online and offline. **Online** licensing is the default licensing model and is similar to the Windows Store. Online licensed apps require users and devices to connect to the Store for Business service to acquire an app and its license. **Offline** licensing is a new licensing option for Windows 10. With offline licenses, organizations can cache apps and their licenses to deploy within their network. ISVs or devs can opt-in their apps for offline licensing when they submit them to the developer center. + +For more information, see [Apps in the Windows Store for Business](apps-in-windows-store-for-business.md). + +## Payment options +Some apps are free, and some have a price. Apps can be purchased in the Windows Store for Business using your credit card. You can enter your credit card information on **Account Information**, or when you purchase an app. Currently, we accept these credit cards: +- VISA +- MasterCard +- Discover +- American Express +- Japan Commercial Bureau (JCB) + +## Organization info +There are a couple of things we need to know when you pay for apps. You can add this info to the **Account information** page before you buy apps. If you haven’t provided it, we’ll ask when you make a purchase. Either way works. Here’s the info you’ll need to provide: +- Legal business address +- Payment option (credit card) + +You can add payment info on **Account information**. If you don’t have one saved with your account, you’ll be prompted to provide one when you buy an app. + +## Acquire apps +To acquire an app +1. Log in to http://businessstore.microsoft.com +2. Click Shop, or use Search to find an app. +3. Click the app you want to purchase. +4. On the product description page, choose your license type - either online or offline. + + ![Product description page, showing an app with a price](images/wsfb-paid-app-temp.png) + +5. Free apps will be added to Inventory. For apps with a price, you can set the quantity you want to buy. Type the quantity and click **Next**. +6. If you don’t have a payment method saved in Account settings, Store for Business will prompt you for one. +7. Add your credit card or debit card info, and click **Next**. Your card info is saved as a payment option on **Account information**. + +You’ll also need to have your business address saved on **Account information**. The address is used to generate tax rates. For more information on taxes for apps, see organization tax information. + +Store for Business adds the app to your inventory. From **Inventory**, you can: +- Distribute the app: add to private store, or assign licenses +- View app licenses: review current licenses, reclaim and reassign licenses +- View app details: review the app details page and purchase more licenses + +For info on distributing apps, see [Distribute apps to your employees from the Windows Store for Business](distribute-apps-to-your-employees-windows-store-for-business.md). + +For info on offline-licensed apps, see [Distribute offline apps](distribute-offline-apps.md). diff --git a/windows/manage/images/wsfb-paid-app-temp.png b/windows/manage/images/wsfb-paid-app-temp.png new file mode 100644 index 0000000000000000000000000000000000000000..89e3857d07745d7c5b362613db0344fc1152e9f4 GIT binary patch literal 69880 zcmcG#g7DPY^1p(=lln$wpA|WUs(u|RkN=kQ2caD;f4ru|A6zR_Q z>+?Ln_xk+-@5^;@v5jr#`#tAA_x*|cglVWN65`R~fj}TarRQ>5AP__f1Ohj~A;2q6 zG;h$rAFzv-q70~Pn0^a*0(~W|CJh2rM&n4ivhAS$GfMy5XaY9kQ(6{4K68c?i!6;+Xv+C ziBe+j{JAn0erG~Myo95ESvt07S2R(xvtOP%{oHBWYgrt6#FF?O7e+wMhr}$4fNlSv z2q$4_mKc997L4HbqA=%SFy`O?{5y`I|9Q0EeSXl()c$JU9h6X>2D}Ny4}4PT?Zx5R zVzWDw&A->%Jx}cZs*3417`%6%8XG^zFd-Qdu7-w2bH{Rd&sU@R;Zzar=7a0y+O(%PCpZS$XRTGMHkX$rjVWbpvblSN0^ZNO zrYD$G{yT6#2er{=$+!IwfyuEqDH%9L_dv>}l@= z7TVb3bsZ3wiun1Z^5At@xC9t=v)^+S|KPfq%DX6z_55}E>#^A%TNz}HW~3r!q+e3P zj)It`^lpyKD-DWEO6;EkbG}dYZ!nPL^?uh_j^f$wqSxkV)@9r71#890{qM7{y~1#t zEltHgx2+T(#kJn(rH|ZRzZ}lDZ~ggfBejmIh2r+mTxU6d@9MC$wr+OsTP$KmzocaD zgWg$awiaD^MncQ=?nPM>Z&-_?_mL1|V|;_bF|NtcWRdpK`cSj?g+QwZFle4i;+v(m zn-r%ukGq>QzuSvfP1i-0j`MZ1)vuT&ycm+hRVxd6}nX7{Z3(( z&B0|&h{Ip*-Epnm4JHq%(#srAn-Aomb;ZTCif(7mxoS_ZUmvLKrS1jnE+x+vWXC5(0H6a`oStXB1i_F*{SHDWFj|}ZcC^ka*&4|r>Dibgqe-HSX znsk&&I`(?W5Hll2k}XSG=PuLCT(z#=6`W4}7jJ0HstD$xmyXw|UrX`Z5!5qlU+aHD znirbf@Ke4g^7`GJOfPwCFsOFj&(Lraa{3v;MxjY=Q5%F$_2^{{+yRHK^>|!G80SZ+ zA=b~!?UM4JA65zD(3LTYBFW2{I1K9PVl*DiY;0KVd3kwtZ~m>R{<1lwYxZU(gel;g zb6tS1#LclbAHw)&!b2mya#NqZpW+RRylv-@dl>fp~6Bl&OEG{-$e_ z{d8HDh#m$DhbS83B!w_?k@?%%C)bEe6dOF!oh ziK`R_D()^*QTnUxPk*Vn&%a#Z_?)XigY8~>Nj@{wn?FBW!G)K$G@Q@uiuax|WsdK* z)|V}CR(boLTwdE>gqN-Hws>0J{++K4=cRsgb9o}%CnY9qMdH;tcI_24<0U5c-`JT|qmv#nG3k zv^f4R3;Tf?IVxiBzpx1NxIRB%^1CJ>8n%5BMa>U+b@?rlt~Y`PJ;B7S&tp*ep|_ZP z80?Fn;n7|4K2j64#p>_S1R4Y3Il`eM|o0oBg6+EZ!RFDQVm^W~iWt6#JDQJ{l#g9h-^TIjHsr}}(Shqw< zWy$A^fdd;dhR2UJAnlgaHX?CFaQuFy6MK*xq{hdKz<()!QDyzTg7acCCz?;XyyXzD zd;CTsqW+W;VcE`+zngQV@hqS>c?IrNq`O7lo7FE=WC-_E@MP|>s1@qPqnUYyav?XvBIxCt3I2mSks^Y6Uv z5yAvGPl=v63zuT0Sp4Q=G9jbCowF}zLF;vMJs2FJ2wsf`<7DV^8x!Pa! zJV>^5FKR_=g-jEI6M!T-0OM`R^JRbKN= zxS~iUFzzT=f*yrq74UaIys@ho5)^Hu)Z*6=*yNjJs)EFlY>|psx;Z$gDoOB~{(2@M zY^)qHFMgh5#>%IYQbpxuPj@FFhKn+}O#je3aGMDU`%qvpn1w?eCFoTV_Msx^42gf% zVe@O3Hxa>albkKZ=h@1rC}hFQgSUUR+q`GtA?P^wq_hVSXu*MSVhQBp;u;tl5_jE1 zB;mGTpLVVgX1G67BMJ>k(U-+#G;>R&Dii>Qt_ZQ(U* zqi+}P0D{RVHERa?r9-pxY!S#}1tRA=-C<+~W2@aEk9&#;aqFFy^2=RWY684R83(8y z8N**dOamWduK*u-jIqRgl^o2xqxJuQ`EiW?;f(H^+^tx-W9K_pnC#&F0RM!=LySg` zBc-~#m*r+@-MKoty5=vls0aA* zlMXJ=wrQ7VzS2_N)KBVm_j|FvqTj7Py#9TnPqoW?JjJj-#bj{lc+fEN=*-BYZI>}A zeEol>8H{>}jcT=D^D#ilwHWae*$1pX#269R&56%&eb~o_N4#VO;}FsN%g3ND zoaI>2tHe004tSq?Ig$pg1Xxl#bx`wLI1bJ&0T~!a=Hh{Yfs3OJbnEE;?akFP-(>F` z7#}(rxV1HSKf_z*vz6g&>?fgrcn!|T!G|EdUImhKO#RERNS@Sl_r0G%(Xy~MVvJH` zt3g)4xbtnmpw#p8Jf`8|q9QPMXKUwuAdauqLf4z{EY@${rn`tnKT*_~`Bm*+4Lr2hFSP$hdaqf6ZBSm`e{bk#6 zbR@JeTsecx9bbP!kpKCmhHNn7{tL;Qa-86Zb)NopjBG%l7{u^bV5)m}lZ!y(l(+PIIk?mv#s$xL}d1b8XKV?-H z7y$g?PdrQp6yg^q`f@ThgJq~=S^8Mc&sXO&WFf3Cq>vdu&!wx%lq(x)m8!}vdnSk( zQ<)Bs(Z4%gXIV zEZ#Mrt==4;=!fDqhh@!^IFRJD=aUM|q&D2&II>^5JC3VIQ9}S+-x0g=t0%nKeNUou zc@M<%;%;rhB?SGn*lg)-_1|9;EWEx{m%rTmS}Ir9-7f@dn=|nK2eh35{PWCxci}$> zzktcyOa1NL22Oo@dvxF+6OJtMzZ9aeyBzNDFBbm+*wkfxDCOXPs06jx{c{Rb|9_|i z7`*}g&zAy|w?X><&7<~2%TfF3kx}QV0_ziMEVW~AUJ|R{EES4j!R|P(A3?A> zJ39g37bzP;6ciZfx;=?Ys8?pZwZ48juEP8GXRA@37W@7CIkfcRzVXWJ3!(z&J&kw} z0L?S@F|)ElYET1sK>9@y7lE-qxf!L|$$kvK-48G04+L=t(3JpR`_Ll3FI4(52O(WvWef-4Sl8gqfNcK|qi8StEOfVkj z1=?RCh8R^NA@w&(5~t?2Ps%T4mXXf;?j&<4iY-RS$#IMKJF}Io<5pPR--|!~jBg2~ zWa%@6_w7_N5Vlb)VzFJpKrk`@VYIw^b++gCyN?9mq4}zf0FPK7O6gFA_pAdn#%3@n z(ae`d-S2zCL-=PQ$GPJH?s6y&PQCr~o2%2mnN8XS>ZmSEfISEXrTTlB{0IiRH*H4JTkWQ}94w4ug2nFDILwk- zmew9>gJrQ2c}<#*bD||=lEP=V#`D6<%XvKmr@zsI`?~&&c|?@et!aZx5J_+QKeH!M zscwezwuNqz1=Tno2VjE-J}K@Mq6s{^Rma@+!{1FxGvere)u6L2h%gg9BA1elASVmN zg3(&&O52lCQ->zeJ;uiCXjv7OW=!ZM(Jf#kB7P}OfEs4gR(vOvXE&9jk`77QBw`RP zHEX{`6H8!LXvxW;uQ>yU`LI0$>yn0=#NLlp2a5?526JfK0<5WX^mf_2%fF)?1T4C9 zeg_RIa(sMz`TdF?kmN*=7*HHW?L~$J!)}9NwGCxBc1<8@Ag@XDd+c%m5q99yOL$YO zK6cyIiILXQBJE5DaPj-`TqR~)XWY&rVA0L{3BFX@3|#`qY59}1uk*33uy;*Fc`0|NOk+o)fwt55LX+VU5@18gFjS?s?kJ(OxDhq{dM>G3l z@5_RD0<(S}toDvkxt?Dijck3&R^;^9UzUy_$Lo@AZfXiB`3azYUS3{@@fJ9%oKFO; zmG?3R93cuovCkw~=@LG)0$Fs_*b?|%I9(kaL%@cfuX_k-u6{MriK?@k!t+*DguNg< zUjot#GtoEa>+9|8&m=Jq(h@P!f2qmJB={lKhdhc7e4~Mz&_V7W%S={)rHXRN0@hAAcgrL!EKHae zDgL|iUgzcOgI_(&Vpf@a-vY4q0PZBLw#kiCn@z)a{^A!doB&@|j@UUgln>xZ!R(UW zh)#yoap&YvF%0E0OM~w|lwMS6WK4 zI0gyX5cQW&dbjXQq52)wIcDehrJ>Rp2Ip*_(R*~l&dm3^wwNcowC0wUm}qwaLQAoa zj{}Vdatn^*%4Y;thhN8cS=s?i&{ok`ru5t{vgOcq4f(Tg1`4YEMA0h&@T`4|ky;`up0a6iF0 zVj-S!xQ@d#ET2$5G7j}X%~4}3K&vyK8PKgc|Kh_=6?BL~Vd|*KcMRumalsqm%+aO; z%n=wFunp=}h#?zS`S?VQE@lcehnoK=(fz&O7r)M$Pq-(q1SI@t1iHBn~Nu|hY4aQ|%FEpw`h|n?kUpkU0vG5dLK=d^p^H0szJP+6E`+ zK%n5^LS$o5d93Ox`_N5jyYPlI-!kY!%(ST&p<^YkQ;^9%mGI-09_Nq0A|7&absp0H z8OY3J=26GT!$Xu~K6RKO4GCeSctK3Q=Pbj{!c+~6F@&PnK@H8#Pv0z1zok0|tvSE2 zg&a}?B3XDi{$;lQv9n_z(u1fS_AaP7gk%4KEu{D3K0YJ#Ck>lCizgH%U0PlJnDyZ% zE+d3pSXh|3LE2~&_oY1JTb65K7#t!i9Po(G+lra29pLba$1oIUFQVc{+q*S9Vd`8W zM-^q|%!hJgl)j?KiVD&QP!396>fR>yY94Qy#XyCz)H%EWmqS)C`FVPib`pG-Q9GC& zUx6_FTWJ=Qk@6I*79dy|3_7#?M#WSee9`?Zw$iE{N?{W)RpMx*2RnK=TL0_h^_+loso|#V@|B<#+Ti zGqobH6={jwHYMNwk|O{=4rM#q5>5x;Hd(qq#(55%T3lRQA#;3k(sL1E<7@y|UWPb# zqA}_j5^7}BNd%g6JG0d*-6Vf7_Faa^##YC9Aq}EosZcAX7tz5HrCl1z(RtzZ-neZTQdt``{vs&(r@0PEef9k;-r^SK#~v$cYFd z+J^Uk=K%a|=DEeb1IfyUwo!AtbHdzn#%%e#NAHOSNtNDogm1!k0+@-}sTmfY9NLEJ zN+yvm{#(~fkt9Y1g?lJ@(Wb6R3^|{K-q|LRI*mslQKr>zbETwTMKll&2o1BkOf;N> zZ;|hvo*t!WCx_DKq^L(GP5$GyFl>J28JSJAQf~}NE-NuZ#U@ILr9z#|7F$9VW~GoQ z_Fy!ojS;lyeC>}yRAJT)xXj1=Es0IosDp0!-I@6|VOprMihD9X1kgWRgB)BKy$b4v zj06Jq*DJ0q=dKuiGK4Vkkj>}DDoLRL`s949No!G5JA<%py9?BBiM#fg{O+ZAuY-0!;l(%2x zN*Pfzy$^QoZZkJGhnpd3ROv+_k|5>YuEIUwu90VO{V0pgB0=QFN$`EuzoQao z;zrsU@I0uNf!c`Kg5F{p16}Agh}DHsWBXRA+DN@tI1h{xrPKQQop()dAV|yS5|Lsbq+RGzm#JgWVuo?~YYe6c{Ng@Yw-q?~olXss{2T z`~2q&p2=Z?`a#c*2#wN+B5e{8M}US7!c7VlN>FAX3JpT9G5oY%1C7|>X{B4VztnTA zQG7yj8DZZ)5uj<@X?jvpnM6s!Og@4j#xZ<3^N3?!1?XtdOt>gW{B5Y^vJ1(9|Gi8Y z7pO+BRwm=YCQH}4M!X)#!#4C?VW5~e8n~g8O58F*+DHvza+whU-?2c-^HPlh;@`5u z_|ne%&T7R5WOV zkdP4DXS_wLd6fxkAKEEch+}d7XDX+kV&R25Aw#-|y8v>(9QyyV=Kud50eoDw^Z%mY znocO||GInWIM*LBr+|C+@4q9szVb*(f&c4??tciqe}@a?|2Tjyxc|RB3R_Y^#>dCI z?=AZ7FJJjR4-n8O(i4FZq;oH0e1ruTY)E5oxr;ulPmYv_mu!)(ADp*B0TbYFtm5I4 zkIP-i5%Klk*B2>QFBpbGlxqiWVx581o}8RKM+hVEB}`2azP~rA^YnSWeR0XIj{br* z@O3UlpGCpDlamYI44n(|x8JDswAyixr_BpemegivXP^G|Aot}(v1}SPAKKz)%$nq^ z-~27g8`(M8V?zHMB4B%aJHxNz=IYF8$yXq_3$h%--%bG=U%`L}He=XrzcmX?Qy z$X6^!Lo4Rux^Jtfw(ZAEawz<#lipI=JdN`u+=Q_G7{QmY*M7&CBGhpgYpkCI=F{2bYp8295}yj$78k?bT}YJQxIEGQ9Y{li+k{K>^erI6$cIz5ULSscY%|yZfFD`_a2(wLwD@F7f5_$tV7q8h zjq<`m+l~Ni(KI5<5KeNLIe_fm0Je3Pf1fPvOSKds!q|5J7l6e=Dgnvi!&Y8m=0B6N z!yqQC(d%gFY1W`3lTYAKlOd?z=X@o^>umSyNcRYdt+wTBbagG5@w)pS#|_oQ$eEwQ zf`8!GtLJBakQ~jejVp4W8$~$5o89fH5MDCK@RHnj3_6H1sqyQLYdM{>fB3RS%4J6$H`$Vx6IB*X za9lu>t*)M??B-v`tTWmL$jJQkGdQ{O+@Jzn?plD#rxXGzG<8H1we~E0Sl3T zA5a0_%-0dJFP|JAySn1AUhh(f5fEUeY(hb( zcufgPvVDQFDv& zwtvJd%dQlKhllesHjEW%7qI4|db{5-ju9mMErjhgIxR_v67NOpg+9i3EYqF$Ho9!E z?q@%&db22c?yl4Pb`{nl2_Z5d^Ceq>bcO@emeQBjUSy7(2~`eX{!W&>U~ zA7`q7+$?8s6EwsQE>LFDtPuMP=urSb9JT-_H}^le4&Z&kV#mFYHY3)TD}dFOfn0Ju ze3;h@p+wy#>FdZUDJk^>`-BCDHk&psYtS4^h~E@32nhL(mY$$ThOM50eYohJnChx3 zBtIvX1?YxZCtz+9;)?wxlL_S2F(e`)!r8$&inx)Pq;qOPvB<)+`E{gl3*nmNJGj}R zfd4YULRcDRjr!_>cQT8=Eq(q^Vv65v&AhYzo*-=mFR*5fo{16?yzGH)op?r&6WZsA z>0|i)QKQh{rOPeFdDb{!w#)OHTviI2g3=t1HgJfY+pa@c`4Cw2oC}-+`~HA(i6Vo7 z31|eM=_Ki%x7Qcpln*_DjdFB&_!ID(&)>$-D19!B$OMyAjA{n#VSn)&RxVzQxVMu=2=cL_ic`!Jh!p z?SEf`i5+xK@zQN`6l{m2x|aAr?#r|gCY)bb2rp)RqNJu4lq`f=00Z= z`bml%dFFk8b4E#DdXt=IsyICU{H)(()MgOl8sP6Fp)&h8Y-|Eug&CHRW}mB$kz?Ge z64#8T$KQaou`%w0_%X61nOVlBHF$C~BB}Yb%i-LKgqqVFsKjU-Vn%)osDN`KH8s6> zDzA7Suy+8p^IRE$^?``!6H((bVuinhy)eQb9K7}~X=#LLttv(_ z5F4v9`cFtmkW^giGk2oO?_E$>r+;FBsF3TX#&rNv>hUJ6tb(=N$3Fj< zOx($<Bq~V&t%Vdt#h$lz_s0yIgGtsMD%fv@%nm+m9O*% z38itnFT*fN6yvAfe{BG69nU7vP?3%^bKZp~q2N?-K>xtNC7`95KRDO^Faj_-HX<}S zpI4rhgBlR%l9{7tuy1K;bQJo5Voj3GLYspN6VQwj&8)nH!W0PF9$)p~?X3 zY^|vwKNtY2+;Z~RHLwNI$}#?zfML1$v-JunhRk?B>1ne&fqk#Z6bGV|-W#QnW`Psz zXcdr71}iH@Go~T2#3VZNHFFeLgaSNm!}Z|7n4r+9Q9O2P9s!^&rB`ZHuvl6mu6t91 z=&_7Z1y!*BI~{+i$=sY51_V3UD9(aLLWe+(6I_D0JD}9bl2^EFsCP#(v%C~9WqD-U z5^8(?yFa#q8Z@+p@Bpla7(oAUuK;l&9l_~n1RwXYV*dMI8QeO0n$Y*{O${7(szXz3 z?&VCaE;kJi8Lkcv!!jQ6hbi4P95W+q zs(cxe81kY32NyD5X^ArgcHVVP<8c83hZn76Y9`KY*e&#?~Uq3AXFHVzb4v?0AO8Xh1GT z8+A+cHmT^v-tWvXihE+V&?~l(oIg@zqZDw0NrM8?O@srXATyzq6dDc#dJ0^nYJ0+| z&=#5jwoZUIALH*&LE}sSgVbsguF#eORFN=7LtT9s*l*I2Pb5v+ylKdT`iM2j?JR7M z(`251GkwDUMKx3}%ZdRdEj~j}p+U2<1I#GD^UGGC)^!jSf@A`uCc*8G0Bd_}1?Z6& zrBtiv1G%B55aO~gB8a%mcMJ#*zguGq*xOn=-o$uGJs}~VxLc^CA*TXoHI-Ly6w*T@)DA<=qf@HOWck`n! z!h0xL@R(T|7w`;#z6vYQw5mRA*^xvPXu={kB~_LB9*8B+49N(`v&DWR3j(9ZQ;uWb z0nU=|T4D(KvTn!IWzA%a)N^>sa=A1JFgIi;<@M2l0RaJ@Ka);&aHI-c3kDEO_HtYc zeE0((y1FKEK29C~W~ap_!5I?v7-C7Hc4BN%w{55&)wf-oF#p4C$G}2c6nszW1!x{+E91c zUSrW_=-BN?=GNBMs6bnYY$<413IvwCIs`z@#d-=N08YRT>_!smUlcX+WWoyo##&$h zXChGrh6v+Yp%FMx1xfx;KKuh{A4o9k1z;ii5EIzH2^1_u>lF&w|KRCnLeh@12xUDq z7J_3X52lOLWl;>Upx%!zV{J-F+DZTk`I3@^UL44?pj~M=wkb+Ag2?d??Kox~0C3ER zR#_(KQ)+Un?1#Z&oOqU54=5*zZn0)F1#Axi4GL(W zJTuhShk2eQbeTt?V3q`T7D~W&b2;|Ts=6Fr9O%5lNg!{Tt9x?4MVU#{CX|<5UQf10 zm&s{NC8<02PN!o2ga*Y zvh&9LhNvEniDy&IvNr{?`wG?RZk>316gA{$OIelLJ$ACSP?=5AYngQbe2+q11JwEy zxeaLKf@JtOLxHxBU{Di=L!i*#u8&!6zSbT97PQ&!A3Pia_A&24q5-Kur<|0!4{!83 zpyGlehm!cQvgneLt_XNY8-P=x28Ge1P;Y|iXj8kCS^v7xFHuNL@@Aed_Ri4ANG~s* zv_p(P2yVwle1cT9g{K{a+ft}vEp97=UcTs)^gQOQ33#L7pAd|aC2I0d7lulUP}2%% zfG9S9f`4m5!p-rRDcKS5uI#BS*$|D;ivaH?0Z>1+%Hll<_e|WKjhk>4o4S%o`Je1; zT#*M93U4F%^MfPGIePvvyob7Jk=yjsqy6O;Qc*04Ho2=Wd?Pd7n(g4)wu zC#E&*f*RPKcP~-)6W+f)`C<}&GLEOEWj7v|RJ+Du{Y6RFW}FYGK(#t=;`FyIi{1DW zjFnct^IlhY&7!@m?=&G-^^jo(k|fh|9PY_ai0iA%lRsu2Yw>`gJHbwHyHc@;#og?V zJee|V#XBB&ms8c3YHX|ifS)}siR|N0*ncK5K1pW{rkSU%lfcdE-Pjt5QO1}`-k3mt z=r@9iL+8dTN3@|@> zYBvxuho_}!u453X{Ga@y962C!O-tS*dh#{#8L&hEl=--o`1YC*Dx}e9E0Yr6^*Mo1 zEDY1d_Bq=LoxVn1Pr6zH-w0>0KMnuIR0JznEEBQdw>aDvL|O`GrK=?_h;7G@vX?J}!%;f>t8 zX@{N)huq4oz2FK2qwlDgE4-%i+=+ah9rfxDjkg%mayv60JmoNm7@E!pxO|5d3gYgx}ggmQ- za-eIj`MJ5d4Gq*Do@7$6(%^w7Az(L|&BIF>Km)x&!XuPa?P53~Y(325Yt@l%3Z#Mn> zb#ar6&*6TKZ1eT9sn`9pB+}$Q(Ifk;%)!(H^5j&Q=!y`6<%DX*bC3$Yjpa!K@nHXw zX7T-`s1}!)m^fXo8lqQ&Xc90{$Cvi-VR^DK^?uO5V-HIfscNBxKE_9d-P%C@&|IA= zx)3qf5_`%{?@c(hH;J*XrQLoEV&)6f3u$kAf4Mw#amhe7-zM2Kdsy#M$FP)mD0q&aVFE(e46RvS&#lk$Cv;<$%&iHO(9jn-J_VQr&|F4P7g zx6iC6i?|gTngoXIglOUr`(!4jX7GX6EayQ|O{rk?5^*pF$nmhSwm{n(FJ6|@*oXAV zHLgqR;UYc~yEJF-{VqDiGcqzn-e^ZB)k`6L*zwi9U0fE&yG%Majz958tqq&I{1|+8 zKKr?gLH6h1W?j?1XV38`I*pkZZ58?pEgi`{if6`t9)k*^!S*q}SB%sRIH2Ci#o5mC zDLZVpu{E~^wArMz2nbSLTPB}|5WSYc^?gk#C$jytp%-ZM-UI({?xGuTg7@uzbPp{# zGzL}_mAguxZPx!xX>{r>c!iO|BFEP}A4*I#RbGU@$@z2kG2^NIFRH8dmPzsTuchhs z@12AtpO`ECm1W{mo}*$)H4r?Lik_LfJehD(M23FZG-uN`dZ~-u2Bu(LwvPJijde<~Yp5OD4t-1Ww zd$UEw!%#*Vh~<82z<=*48@}V@9pUS5L1OUgE-}$Y?K*pxl1dARurakI@yfekb4jvZ8+qG{!hrnzxW#*-ej$Am~B$JMqU_&b7+gRa=8_V^_$HHNK*d@2mOy z1=EAiW{jRNef|Ue!47EPVg>(82fn}ojV=C5-zx0bIlqdn*43gR{o~lX?J2sMlMcG8 zSFaqlD4zZcARvy;!im+r4?6mJB}E%otE<0=>#=G4VN1_gv>#fJ@7>s{&)Gks=+!)m z4GIZnfB2R6tM4Ttq@>O#IA?dQZl<)T==FXB5-sC-v|6+46nl<_!S%h0H#z z1OeSej!SK67iIitNjjhzGE9kZTrv%_Y3236qDw{;RevejPnF69+z5BYSO7MDXIB?+ zPJ$RxQdag2Lqsn;3LKu0Gg*Gv#9=a1@FF8eF*?WO=(`rqLOneJDdsxMwBt^iCxA(A#eEiG~hm>yQS5{h2`jttQM;`pK=@SI?R z4L2exwe4#6Sp`Wa4?z(C3Q~Y3*`Gjj6d*4nG8P-&VpUE9+Q3#P(0ZGLD@>3AU-Z2` zP@MVB5dq9D_J6OGR2Eqa3IWWFJ>VLSdz*lxQ;`)B-+&h?mF|8}&f;kjYEq?@$9Dqb z!~RzpSt`s>9td=YB<2769l!=>`d^Cq*R;EQ0s21^OnpQx4z#v-|8M)ZBWC=r_&xs} z)%)N3lYj!Lj?^JND3BxtVr1q6)P zbO;hmG3d&;2dWL8p$0}Ck95lcoru#(QGtnknPEP>qy zV_aB&y5hq004fpnF8?{ZjV`~jGh_U~VBB}C`WsfnEtPMv^!ywY!abl(p0ZLEi;>!F zU4ZU}l{`@%8^{;?nxvK=NyRd|uJt-Y#iL&tT|AyyOG_IctM)x2a`}-oa?OTjty@Vg zNZNkPen2%D68kIIR40zkT~OOq=>E!cy@ATo-0Cj_bhE!w8jC+04>_haDDXby&tDLz z_21gv>=BA8&BNTWlO<97yw)dT*wNK}z6bNAf z(@ah?qil;m;KogK{Y=wg*a=GkUDP%}n+ zDH9gS;OCcJL~>90EemSwO3v0 z)jZi`gJ&Z(*Ay49hg||*$szaS$L+L?t>Z93V+XyfsZ_>w4-fsD<22i5II;iCB&!rZ zrxDP}zGkM}6ROIxXbYBcAhojnFwfj(iO~I|703}Z@kE1IZTX5BMTz}o|AgIR-{<)x zXZ$w@*(CuZJ@m_%q@thGVajk&Gn}PX)^*`!`a8S zzSE;mMHSm-AGp3v#GGJtokfwD_3P+v<<+0CcDq=A>z;@8M>lbXa`CgXJ}S*v{#8O) zH>TMY*R{pgp)L8&Kf2ll+uB^TW9~rrTLY~?Su(kDu+5jPD9wj3z3M8Rj zQo9}ju51~frna*YZ*xxK)FwY5>dQ?@adVl&R0i>8@H__HYQbvv+)qfK6y$%_!+f)9 zA4JOHMypVg>D0cqk6SS)W_|D_iNjU%b>?vgPmUS>HZ@~&!^P^qI35@%e&%k!E7@>1 zA;~OF$l29W7t`Sq@=5_|qm*Z8H>91g!4frQ5P5ufN0J!r0980pY&3*GO8CB)s2Ni@KYM*^X#O^%99z?unk4yEGYl8S41s@9 zgBy!o7iEv<7WTy&9>!UF%#DjV8m7-#Bn8 zkmMY=4hGgPH&c@{52lG%*~$V0F-8>yjviop&aX+CX57J6{S!LLF_TjYZiGd}9J;#8 z`lByozZUA)d<&3@5CqGg>d2lrYIzWsMpO(&m}e`#1dIIQ+Z@fjU?UU%D$FQ_(v$m= zlp`i6C>5Lg?OvV9lpJR;1mpy70EMg;hnH5O#0%|zUvqdju{VYQf#eE zo~ZT=xz0`%CF5(yj^y7r8+hKrud5sL;QI>L+F*x20^Bu%BOcTIMXM_auPd@wujE#nNtk|al%92GJA#^zjFI{{{C}Spial^ z;&{o(+P(DeT4uwc?MXC#EZURIX(JjY!*5*0?_b!wu_#ivpVEfvWqH+v`C7kqzJYrO|W! z!bIc#Piez?3?o0%2glO$f;n2t^r@0aRS-NtgcYeI)`4!`=3nJ(Q9-UA-x2*g)8j|) zmx@t7KD?&iqOz1f^28qA-EPlR+{_=Vn)otDnuhoNcSy2!Vwl}?Ly9nAo)w+o?P_oq zelvEY<%Mo&i)eK{@>sk1lSjCzPG6L?Gcd}_N*(5~{uBDytgvxipRRRRqSQt9 z^H>)CjSf5o#|I68A4R(LOs;E-4nn?#w^2X1$$jx#kpU~QhS;OTXVQpaHNh>?XiEH@ z_T6T=f+9mQsry?y@7GbKpPTISpePD9xyRCAcGlbg`je+*Qz}=z(dx$x?Qp{n_Nqj11YphVsHX_HyO-7F27>qkGHOP>C?C2?frwS~d&D=dqR)6k45 z!QIHRF_-4Rhnuu*+3q_9SgY<43G^AP&FS)$@30$Y6_7e&R-c!~i`vqdgMz5sag(OU zn%mysi+Z$AJ=i~als(jw47EF$#!jrUHx>g!5r(^CY>P>s3Z+#78%a&Ptu ztBAwtJ?=NT!M~&@Zb2D}X594J)zRwW)yMQ+&DfjsvFigJB({*VmbY$ zvL%1)y|~qzb(>o{g+AV`*e!gsx_Q3jOZ}PU^=0FaC)r2Zzk~=rrsTf0r+wr=zm+;G zw)`P@Jxbbwzwc{qwhWb7K3SStqW2F;JDcW;2TJK!?C<}w?$8E36N-9gPq#PsVkLQO zaO337EfaCH*b_tJn3CembOw!tB*8qJ$f;Zz2OVqGhPW>co-qzu)fL?uie^;lY5pqy zEe6ZHooR}FK8<8#CT)z|ZEq$S)2Zt#ybPj+r*oMTX7c8=w=rt08UZn{H~LZm~lP9%qTrDHR*|Zn6vXz z4qvppAu7&m{xPErfW-+U6flzZ3eG&*#eQDb}73t4H-akkLE5Xh6s% zF?>q?UH`V`RGGugWixA?9JSaVKmFV8I#*_V;#L}l0R$P#A%Tv85(BBGSV?sm)bwqmSjwnhtJ5JQTNKmk}uKq=xG_-#juz* ze$JbdP`DkyH%F73M#^Aky$K|XUVaB>jCQWP&)O2YUU~Ze&~z4lQM}O_7g%5c>F)0C zMwaeQ>7|h_Nnz=dF6r*>?k)jI2}x-L1Ox=R^ShsW_Yatv-Pw2MJ?A{n_pu~>>{(zx zjn&jSWGQY+PR+<{4c7t5iAU?(t4O5hJ-lDdBpfl7kiwwhyvj%%cPDVod0=}d+BTHU z3$br!<$tPz{PuECapwKuDo>D2CFGbFJS-)Z(lug@YYLw}ld>hCBt$)GYuLXQdQx>J zeDy0TrQ)xMg209rEn=zWAAgniPlkOsp)_XYV!0fT4hm~$wPJE3Zlu0VAs|Oag6X_b zcWAS?L5&cja|TgDP1)}B)0FpTeUoXe)Dt=aA-_`?wxO@--XPz_CdWb`H0SvdlrV~8 zF64;usvph1gY~aYMvKT_CdAd-HlMxnTK~36s<Rw9x99mbRovQZbI_g!6AkISMHI%&)$VQ^pPK7@>KL zWR%6k)eh5=3*CcuY0SN}kT_4ug?JG^1X(}Q{+m$Lbe=c3tAdvvDj&wL9SXZA3mLT# z6$U4V5Mo?Hx6}atV+p zuvO^61=qyjP<)hTln~c_IgxZT-I$iX*JxHQUk@-%2+nH`m{1^AUOt%L%FINNmPT3VCsDK+h#($mmHDkXL-Ju++~x0qlw4LDYR2@?pP(G zOw8GNJuWc<^{NWl=AxV!aO?{NyL4#ZamccpTK!PZAE-^^Khv5-+KH97Vw&&@otyhT z^J{6#RaLx8EPz6RVp+=~HIJ8X?gJ^ywK*E(oXuf}4CCv!g~D7RyU90?UnU!MyE2t< ze{%08saNW(QH+*g@HTfXRd5Idf549%kC|bo{T?Rbvoun@rqrKIvc>Y65YNzUuQ5h$Hx>|8nr&* z!3-6gI@Nsnm0O$onMNr;e4Glp5k40pyqsx+t;W4)l{H@)%I|{HP8a~5S9?8S)qWR8 z2nf6>CeTe^$F|)5Q1hO}yJIWsRzqDIJd=e<@6TzfE~nqPWvFfre7hSi$j;XS7()>dsDL)O4c*;Gp_Biqrd!7cbz3*8PKH-W0^=J z%Om>ZTtDB)a`bbsM}aau0c{s5e>IPQcspd#=)*zg9VO1X5?+1t@tpOK?+apopk7i*MP$aB;a%1mXEgBtI0dg*h@6q4Y`WlU&M9y*9ld@4f>Qy!JX+ z1rf)I>bK#4ZD%eYi7R<KI9`hZx0S8IVARQ?!d&MRyNmEnr$tiv+ z$X>+pE%A)1TV%iH7c|;`q8jMv%9=YSuc@HmND0ysU z`wMD&#I}RxE9Q?8`IY`0Tx8D`^g?7f>bdO1GY4JT=J^n-g7YE1g-Y=H8+K9puGkVJ zv)JACh_2iDoY0lp=#yr-IJazo82{Bn$Ca}1ly-{ckCXFdqk{wI$U>?Hm{na$ZfX{^Op+> z5qu5RZhh=LRbm0B7`eXDNZ40aKh8g7!-8=n0JXRT%c@PURjwFJEMCpa9esU&EDO7s zW~*_ADbq7N_WQQ-N3^{8TvaPN-@ME!HUXMSN%M3wU_>K~wN~mlT7+Sm3nhCFGnVh8 zS}=QnY9};nRM=nNTP&VLH1q0HQ*>S`gGChJ8Et4{gJaZGy4uvj8ac)g>AEYutCsS7Ve19n z$S2WNnJU=6b6iM^hGdk<7_U~Vsl^*DPL^j+j4o5)SE5DnV19}u`bt6bXWMN^!flAc zP0gf;nY@I0`?4+`%+|rSF)P*j>l88-t8Goyz{3JxEXA?$nbrO?^>$TkZw~#7Lyn`| zcmoGb2AAznlJwffb%62t0W6-KCZ}se=q}Ff9Gl(|cmF%z6f<`)>CYjY8x%}NXQkBN z(_2MqHcV*fOT2{XCt2i{Bm1cw?wEDrk)ubh2)Vu}upy3XXYu`9zfs}aXpc+s{Vm}| zQThSl#m`4EU@&(Yx%}Snl+#K3r=9z0m=Q@?0&^iPPpBX zavH`UdB_pdcxi5c%fW;s(7PjJ@zOSXrx~;#NAJauH( zp`HH@?|@on9$8DEjPbvvHIiX7d>D7a0>G~Uwi5ke2F_Y(M9Y+a5=hv*qg)TK9s|s5 zA^k+VE7We*ax(a>UmKS9xn$`pIc8EX)$y}8Waa!(cW>8IDGxf_gmGK*{*Fc8cvz1{ zEh==T;k`UjWY&1T-y3CHKXVdG2_+Xh_r1J-_D-5}X}{~tq^`|McU8@3X)#jxBQ!2a z*cUv0?|x7LA5P1^UEg-^Uv4{6C4o(Ok72ST>?5b#A5HQn9VfxuR&N?>FaqWDh7e+Y zy+qH$E5UCIbl%a@Zm0X>Slu5vXob;7_1FBNiL{wBAvYbfF~#0ku?&tW{9d?1 zd&Y(wSw2=Q*C;`y-4r@l1hSFrz|*Ef_{Sv6@#KvgX*~(J)BmREGkn? z^5W4kI&$PvEHdu8B_PQ2q2pa2_g=;ZNX~DKw&2#YolxWk@|&yT9Zkc*4tepOi^}K9 zl~`A+fBYc5K^b6M@jQI(2#(VU#gN1TKI`c83*vn0I))EKU7<|(p zx?H-?hrw4ZauDiEDlU%fu8;|@pC}QExq_IeokIL|QBSz`oy%Be4*sFF7p2;JTE#6^ z?}yfJeJm}Hh&W-i3H!h7R?SZDOxuH5zbvAr+#7rEXS{!y+ycWTj2<@AY_5yTs=0i8 zyD3idPUid+oE)R?jB(Gs(ThJd?(!Q~nB2%62KrK)7feYQWKt(bT+9o9Hj*sTdq6Uc z)^hx+=6a`37RG&QUDh=^KP0qvZI1@z*5rgX+zvQKu%b7fIg&OaM{{%O`oE-jvWq^> z(;fay(wy%8o1iVMw7CYh3iTOrE!`j-F6Oj~swwGk&vIWiaI5;xy7FxyZ8jFmwF_~B z^Mb&CaQ-Hpx>O@0v0h!I{DUW#_;u(fZsN&2RrrUxC2;|Yy^|3x`M}r#1l)r(IaPG# zm+*mu@mqE|`bd%QV3h#|_%N9$UZV+XH?TJqWm3!PzcVH@&eX0NO$ah=G3PU0Qq*QkM1 zvxIp5*4x#vE|}nX=O)4SNEXE|y%jt@FMr&Cq449dMlwBH$w$*btV^mw9L%mxuUFZ^H#}N_K1%Lt zP3oBlqtO@`o2gtDdY1KG2t{h@I2p$W{06^BM;_M~X;bjCBccht;wLn_XY5V`U6adr z)J>#g9Mzeas?edzb?4oRdtZ8`4hzLtBP9oj^SnNw5y=d+cS*gj=+2*I2Q|PHwmJl@Tu{KxGqs6S`{0foW znnC^e^EScb+0Q)K>%CTGlHcMlLim*Q6It74y6LAd^d-MYU$9V=Ea;pos65YowFhJH zOn#I?J(hWXbdV|>$@f$I!DiUJN$B%Y-;SWdN&S@@0ZOz^+Un6Tlp}cc^PW;Obd@M( z0NP_r*0D*2TqMuuBKxC(^jix1w?lki=!d+PH74nfHb#Cw#nnU$om^5T&+Id*WI-`AAS1M#OuaVi-2T7z`E6O1x_0ge5kq)a)Ze|DPWCb#b6@d<5} zr@RvWNw?#iR#is$ouLw&S?J`e#B>d*60vHt*Brh(=Pac-{K`RvTS^cFC!|aEMF~Vf(S-< z*jCFKRBE>tAHs}}?N6d-UYTYqDN^BNok*iG78N&a3DUXE2t@G4MCnYgZRs6M@SCl> zfWbTUK|IWx0@MI`XHXsc*v@Sf_GNZSmu*x~BK|`$M^{J*5{94y_Xl;=c(XO(it3To z<@lHZG2xM0n@<^&1bW3?O6ur^Ynd8Qjjbty{7k$THT`;18b|?Y!t~EB*ERM~vK5SI zj=b%n5S1#r!_p;X@-%C_>+1e&meqDtjqnap5s_n&mA`&O2G&QSF{ z@q~-Bi3^<3p!SawUMz2u)3gb%O9(eUzHP&pmLA@Y&y~_ypA#J=OGe zj^b5b-LxGiI$3s6Qu0|jmo!~!8pQv~_YPu`5PWG_ML%^Z zpCItWbUIg_gzxl@aeEP|)oj)LZK-x^0^FW_DwrhJ+Ly^9*<6I~=w1`Vr8_w+15@oE z$`Nu)=oGybnL79b@JL~3G1&~W>DYzZ*?tNkIi1F*qZBOa|E3^~f~vJucZ$n&cUjLv z_NO>Jos#ui+z=6!lS^x4?{<%an-Yo~MU+c_d3m!by&qh3c*);!LYs^^8&72p{d_AS zCdsV5Us#3HIdZ>kcN@_$*6Kc_TeuyShp;Tsf75RJoRYB6p&-6~FBYGW_=7p*6{wxh z#^_Fen;^*&(<|A)m_iS#sCRR>lX5M|UveKo$nTrpKYF|)XJX+MtSbA5SCc+4cie)T z(v!mkzwf(#?H_9#5p}V@DGV}GaP6$6eNgUxpde!HvUhm4gXf)!Y0#s>t?`rntmsRp znw7Ulbivrt{Lyi5JZpucqkm|8()$(Yg#2NGmj;dfM@V~h5@UrIO`(5s^w9~bOhJgG zY0wbdz7>!_2JC@zdTEj*cfxUI;5hfEWa*Q=7CC1cm%Pw7XI^!YiAT`!rlaPfz}yH% zpCAdoqD`hc9%>$qt%Yfz7XLZI!~4tzQd-6Q{EOsl!de>>x$5Qd_tOa3bmA5rzHM2| zDrU?jt9NU;LMr~5QqKbSj!#yJ250+$J-ZEh;B1Og0rzPvBMO$0!%`~EMD+_A)R!Iw zEh^S?Z#YE;ts7bJx-{qUW4u0k{+|22Ea1HmJDpqer zm<~Qk>ylBc!YI4;P@Nn1H&M_B+RaYK(}Yng=bX}Bsk+lFou3ZXZx?ZzOYFM36!Kkd zVs49JNn1taIhFpJjzNqN!ldyJxkK^lNx&ZfUnBp=QhJh7H3ZeE@|VpQZfhbE8s5<^ z*xb^h63Vl-R$rwKJMq8n7El_Ae)8hTEFN~rhXfhXFJzt$+VBD z8HuB%6hn@Cqixs*`)0TXL!6+oKLn^qEWP9Q;>jWBxw&DE9E{Y#yuDwh?{^mjKQrGN z`H`0JXuVfqi3M6wrYO_rB)IRi>?se%@NXVD!){D}QHZl~52UH1Z|hGeyWllg(s`gH z0rRi^v1XcvYQM+(>ph*;>e!2)LBY73)s=tRG#4^>(x|vPekp|#VWX%5g02^BD_Z<` zh?I;8nV^5)#5ncL=d%Gz#BLP7C=)$QFlWS{atcu$jUQz^c1o(zfONdl)Kf(D8S=X3 ztr>5SD~cua4Qnt`dQ|`R6q<6Q(skSn;SQvCz89PFSJ;aF=#PAKG&SX!td;y!K?|-) zRcq@vX9bj8xs0jWl>Q~A8ezu`Q%sfA`?2VYzZR{2`-kygAAS$R7KfgHET=at6Re_v z3`AS|l2i-l`AKc%T=}ES6fg!7{k^ zR4r8N{^@ZI^}Yu=$l>=+EA2=|6SKXn#zvfdk!glXFY{DIOYe}Tsag!0 zyDTHas3S2>k4N0GV_BCZrgM6l`Zq^PM&e>Oe1EqKpG|ojgD<8Q%i2F2I_=e-9K);} zizV%Yagp6PAatFufxYP)5`FEUws6H~N|^9B>`ZZ&;2~D_(Qcz2<j&!;=wF|mq>;F_6&zO?Fx00WhF15rW$Hr9l1qUrsP1y;r>=9qBw zTj~?pPpdx=EGdd@2X^uk-btBzRnD;W+b2?HvZ*V(-WAn#xIL32?&I{XqQ^*r5-JsV}l>6l5V^p~#{et#3Vao^G&&ABEhE!q@AM2@S2vBpMCm z0y#CI^n>Ej_zbFFOueme?zBqFES7N3>ez}bOJ2&jW0LK`C3r`R^k+!pcPSm(LGj@` zW1$A?oN+hjQI3xK7)b*b{bFH7A-~EZ6lKFmVlQxq+dh&^qN3mY?##MKX|4B+UG@QF zb41$t3fptni`io!pN)XrCx*ABn00iP)2dVr52Gd_-O+&*5OXBAFVS89qOazl8u+9s zYN~0qL^wYbAtofCA``>r4gcKC5~f)VouoyY<_`{2nW7Z`^F2 z^~s>@G~HA)1pm!#dw87Q)2|AZ7(lGF$yUr}gN1)WC+J}<=vf8N(>PO5!8c-bqa*5o z68DD)UOO$N0OVV0sA;aWmdY~gfM14=<6hyDrQmKIwD|5a38Y5~6TZTRon-wjbr9Dc zBFh1Vwe!{ore5_@U?WDzobh30*1*AZHFjHzMp6x+Dm|HnKK(&DN{Me`DP1_YRoEWr zbaR(Q7PI}Rk#~Oqc(iNV|HV)Hft$0*`eChxHh4Zi`82T^poJ% zD4|&VKpaWTfXa=L++9ZTXxGZ%B+Q#^gYuaE8|Z#bIZAAUUMAnZ7U7mXpgV?4{2WEp zUo^abKj(gMwYl;vva|qXR3&P|5(iart`x46%y;GDzrQ1dr|%08h{W9=Qd4)`6f>=M z!QGV?$CZ9S6Q*jopp~7my!{V$kDrGQTc3MG6RukQj#SYzC>@^%4_PH@Mw>?oe!1&74jI7yrP8y_eE_XPRU2_g z*3GKO;53*xaNsHAGrB%3NSqnF)S|4zjf}c(QC{}@Ma&4BmLfyTAE3|DYDMdP5XWo-HlX~Wd8KQr8H`!ZPT%f!~JEie< zEvRe7(KLOQ?H#H+5NP{p$KshRRSc}3E-K~D0%?U5bAL1cHt__?pVVZ9?pwklMJj}b zg$eZqAqaG&`s=3R)`i=eH1M#rtjdR)RGsy_3H^*SeBGxG5)-RZ!#0l`A`rvP-aEid zhnrHi$W+gxgr>NhzHl9(2lpA_(U>Lgp9x4n^5jLUyI@r`GJdH`i&KAh4Y5Qw5Bt=5o>O)U>iDu=GRD z91bI=ax%ylbWez7;N^99VWweps}oFC;62=CnC&mMw6yf>ZKM-i<(d1GmNdwa3qcf7 z59O#dYlcu%aQ@z%xX!;6KX&lULo$J%Up{q!XR4eP$0t$vi(c^k+ud@(?(mi- z$#WUTt4sJ(0qeI4cE9(}ZYb(uw*So_p1L?JERG5Y3Z*dR8TBRVWh6KjI(~%PKy*$Yj`xCoF$MqQFflCB&rvM~*RXm*~B2A)?N6hT$9 zRKvzysf4XTljJa>tLvxvS)yx*O&%nW6*BjjLdB2Z(x|lzsgq`^u$Kj?`)P6xhv}!a# zT5%On-1{2yiQAC<86lkMusG497QTnsBFaMNK1u4K$T`B)|%liT;;Gk z_xWj5zTc5yEqY@ox$#3UJUUkeD)3qKaJqn?<>AuijI zYoLb%pS$d(M{6r{Rh?j!E*oE8-@wO-0(g@soHw&)EYA=732QQlOJQjR!d+#8Cv7dh zXH%L|ze4_lhMYM_FjFD3EDJu+!aZvID$oD)bm5Qy$}*_cW5UdyM;;iK`Xqf0fI8=~ zzA&DWFpR=LV&Ow~*T~uLnDek<%r#cfPijMvz3~3g7cVA0QWWy1XUXYUK0YB`4q0VW zM7lO{y|TTp`X46oC@BdA%Z++OCWe!Sv3=dg=!AlV*jSon3kbbT60baWR2;C|I90VX z*{i404AG~wQZ9I3eWytM))y%toFo2z9U`4VuHWUsw(U1!;+n>}v{VxOodqRnu{&=}Ej^HFAxC#KyUw}PmTwny@sb4h z&Y^t14BJ^P^)Gcr##A%8Pgt+`U?^uP5pv#_uZ#v{?>HtvBupf0#We-a#=4&3Djc1I=X^kR$p%r8Th3I=Vq(sJi z;-xb+EZ<_4KHr>;g$-+`8L9?I=L(T=tWIjq3#{0yiGI~ip(i-~+D2mVFQ{@b6vzA+ zM;jWh3CGX&jc;RYQr*%Z2< z-2OH?Cv}JRx0{tm<;PjZzfJE*IQky7_T8Ijlxk(^bZwT`HxHOmwmDM22=z(bQ*}-! z-&2^yVf8LauzdeA40XeX-s|}V@Mr~an-~|y)-R5xC02#>FwmEUZCH`TnK|NQknYFZ zPQ^Ke;7W;^T%1eg`tIwfefW!%GrQQcBEUBxXMU-+$-E>@_DTaktcbx0Kwq;Y0-su( zHoT`&nE{SqXtOl+Gnj=6;VYtxJCKji1u78tG0FYUBd`pxcb+F1^MQyL%&U_tKfuZ^ z^66|9LLt8BbRFw1B;-eU;j97X1f0Xi|K%&VQ#F6$@A?6lNdP8^&su|pOV2gZd%(&# zoBs~LbN|)w2fzjZ4J72N3E=Dw103Vo&S=7D1Z>9}?Y}5xMICT$U#NB z045%Qezbd@ECNv}eK%9A|HTljBvMOLQ97MWQ3hNM0$liLDTN3Iz^Wm4_#dzNdtcz+ zf*HWcAD#sSKx|#@4mUS9+n1|ne;kd$=W+qeFPZ>H$UPIx&;4KY$1H%UzKsyGlF}tf zG_+*}S2p7-oo=8K+x=URryTt56#;*&c2)&}SBY^O)R;hM39vfuO+=YbJE1snKcIdD zDAzDS6NE`)?~eALvPCb zob<#c`<+j_(b^;PBFkx#m~Wry<7~+YUu`+(T>vPO5o^TXO^%gJ{|}n5u&n2FK?_xI z12)l62F@wcTd)e0J9b(%8QOf4rPv)5a66+$tvY0Ee1hq>Zt6Np>*Jk>6rHL*6vSkO zcn!AH{!y%b5FQZ$`Z-4Xb~a=#vDQ(&i`AJp#W|CNFzLHiO3!@BnkdUnDFJMWb`NCn zl`%`^N&p>&H7niNMvF#{nV*^CjPLK5G6RFp!+N8EV|sRMLHVMGVM1`TJgzC-2 zEf?%FJj{1}-OcwO#xsY7H>+RRVT$6?(c@hcPjA^;q9cEWv-Wj`!^^;gh5H|(kNz0h z`y+tt#Z`iWgC#Q$iU=dN*3+_~Z76xg&P4D}oU!)R|FMOu>)|&tEk59n2kXT;66?2J zYeaDa6Ib85mCEVDI=RznmttQPneS?C1D|1v$8Tg0HTrIa7+$^Y&-!pC0 zuvc2HSMt|BfAcH(jdqu>laqzQwC~=%0%oK{j9;$*o_&4lfJNsw6ovvIAd9x(o{(Y- zFls?l|53Jnz@m`3;phq`0j5|=S{mYbBtu2SR7Gf8MMA?qU^{ZXUJHK$U?n2{_iPv3 z3;X|NcSNj(wE*ZG2r*cOUx?Ndl`(t@Ai+zp^77(BfirwBQN(qGRscq*|1i+FGqba! z3}j4X#909Lj1S1&(SeJIfMW63%~J_^-bPV}+6}TYq@XO!0N1ay7Zi`XGOemhwY zu*Cs$*SsiQ0ago~(ZVCZrMAG${q*nghzLV5`9CDBcOhEbcbhF1Pq^QG04z-dMFu>M zTD`bH?Eoz?ARCC-F}V%bTZ>igf=9wIf>44ZPs~{>WHw^9WA$2mxeZb!;pN<(AKchv z66H}ypd#jtK#OKxPnIqQm57Q(627b3=bEN!0bWzh_6kk&mao>dm*l6^eDn|Cdr48r zSlAIQ0CqQSD}`V`F8(a@6%E|l`4fPNBH+9!1f<>^hnm*42 zyCJejbe6{Ra0tkuMfezR3jP@bb~<)>ZQ{Fx9EjDg#{SbtgCro2TFe<$3xSbzje`@%I0E4umR6mY4sGR3i)#dufEC!U2W}ogJ{KE^(p~O)a)WJ zLVw|#bw?LQ=OdrLwZlV7W%N=hs3|Q=B_bK6n<6weVKbv!_ZV0%f`d_GaQScJdxUhg zELODYX&mjI<;ww4QhRPNpy{ykiZSnBr7&-gZh5k7mj1-* z+y#b_AKnOy!_g^7K(t1l)N_j2&)8*drYSqVB7q!csT6L@v4LfpD#@BqdLV?WKQ|{Q zE*R;9kq?<8VD7{#L?Xjo1H-^Mv_+I`IoPHEXAs$++5$)hyNbA?(!jfYqj}{CWLcaq zmZBNhjznR*itLYlMzHlfTR}f_?x2Ws*c*uk-lU-!VG=+}1Bs|N8xfi*4iAJ~gXqc^J=tIUl(lj2h;A73^ARcLN~%ISiXX#i3+u7Xab|ehkq8 zGIP5EctT$RY{0&T1>i-kh>~raGhxIF_TA0U#2xa#2dHo1Hx&uNNTDIt1?)bEZQ->AC@RRR1*CH5_EFC} zxeK62z|=_#jZk^BBIg=P1+-0c3xvmFi9yXF+Jjj{RCvJ_yDt`saeG@Ie_SjSBd60A z&=}yDl$V!FGZZnAA-TQ)Y{fUZlG0aLKhZozUAD#6(5pc*MVV~pLs$(;!3J^QJ8tr* zj~2wPVtV)$q0s{}A1}V+Bf*?B;Ygr15M@69LY@Qjy#^kGHb>%!XnI5>_{MoGdH_x| zj0f<5Y&56<>unx0VW4JWY!fQggHkfIKhyP^9fRWVh1~#Kk%OIa(e?S{`(B zbMcOM#5)JUOFK}|8HlQwnk&`uMb-GB+{wRVaMFxFZiej^rvwylKER~BDZh*_Zex#o z;1K+ItA2$o)Ce)papw6dyA`6QCexCt0TK6wgI8wat^R5=UC#dz(~GXdQ7sYogZuA9 zPPwUiTMhNY|KxSwk~tFD|I_`F4S3;)3>X9uz)T~U#D83pb-9(?ZbTi+2d6e4`=Hb}o6O`F=6E@(p6Spepn7bnN)q zVX|yQ(cAbYqwl<@D(NI3Z+G|SkSEX>{fuf4=LxBP;!?IyMLmBO4qM5&P2IC=7SxdN zb-VF?kON+xLYZKPt1@Z4ZvmU$*IX}pnTc7TQq8tX03(`=$<4cIE9mCqp_&8s)o9dl zHSr#5@lygWQU2F^cN!6yCcRtK9>u^yGsCoM5X{gkxu~Wi_T;*IY*M8bJ{bW-ac`{8 zQFv{wuIT!mpQBGqU0X3QJh^M@K>^;s-*zDSyu_>cAaF0NkV9-HcrEhX`~5cSFrw5@ z%QsVaUs4Kn`I$RwGjtA>oUNu-;&r@}e9R|lcd(h0yjhXu%w{xAR_J>+1>zXEI2pbD zXv3^uyT*@qqj#Kl>NQE(mVvyF2Pz+$2W%ffKYTHOf5hf>(#o~T5x~SUjBJ4~W;;hF zgvN&~7|b}J>pJT?UO>r~qDe`IY=&tY#s&7G!gcxq#Mvbh&<&hHBzkyzNcrG!2a;f- zgT)nX7Q;yMp{Dia_1X}U2b3*pjnFWF+&a7^tzLmn@n1@tGG}iX_FyNcaR(NF&%gS9 z49>R0XbY`I{8%Jx%o2fw^u67M(gzVo18#YTrg1UyPZ+BVN(JIM_$a=w00%UrJXC85 zQ2KR~Af9(X5(ibuz?(*tOIU!F-R}@tb5kNL`U21za&a)W1{lT#Hs)0z(L@YZ9CaNy z+abyf!JxO$t$;;v;msiWh2lmkX;8=w6ufD`5Qj8i5)p2bA;HM0a4-J>$s znovd1>mc4*tPqZLu-*i1s1I5k{1>8$|H430hGY^W^o~i!AUR<_`6?|(B{2!;D-_Wp z2ivn@Z+~xede~yo9b@?wagwocF|QDFiDnJs5#foW1qlE<=(GV7l7n)FF^)5e zb(Xb-LGM9TQYM3KvjA>+BSrRh>!rKlp0Moo>tFXM7xcig+l>%z(!%XoeH$f|QtH#M zKY?a(FX0_lP2R0q^Oy7jAwEtzCsoI~go2!npAj#)s@Q(7#){DFRE?N%F}(BxY2SyQ zC!6#h_#7)O{4Cu1pA3N_Tnzk!yeqNl;(>zrSEm6@gN@m4a>!C{iR;DnZoV-U(~M zxis77M4c5M*5uJE-14Oft8?xeI9!d&aO>9qTF}PNUC74+<=9rKmxGgalyHGeaGQdarE#<=7DC9tx zZ~;r82}VGKIsD=d>u%ESI5ifWouVR&0Wv=X2TUu8K!piLh7I=26O;wl%il&wwaB)> z!r?(u=rXcbOBHX%(eI@KJ>j%U>UE_QiO7`0fD0HXA6`m~b}Je1l7K zr88f_D%sN*Yy@47aLmBRqrW8{q)}>U8?cDp=B5F|ehTR{G(iH{pj?s_F%IC(LW-Y= zgTzuQWL!(s|Bm(zu?-pxbsZ8-^KkwczCJi7)k&S+($jqkY4;n;QP4MRD&_anCB8G& zzqmU;7VLg%kMX{0W`vp;tj|986Hx>TE4TFp83ZLMcd&l_@>LDBO;EsX( zoM(x2tXkEiSQl=|Y!#k!1od5Zru*Fd!H~}KdgXTyV!-w8CM)9BsOaIY^!z*r%N=P2 zA>FxWBjqi%GksNNqfcvBnOuE4sm}xGij>UGuvS^WZzojAKA=TMzdx##mg2A-$D zz%^2(;<~%82~$TNzr*ui*Q}4EquDfg(lhm!i^R7Yfo7t!y^@}AgBY-`ge25@Ff>CR z#fRp8@^_2WULW?95zfwjJ)pbHD|x>uYNJxrzLJ1OGBzNMI8s8_?^Ucr*p#YUQZx1j zUfW1vmKMd)TJXm=;+RnTDZ%cD_SoN^huCxQH1unqd@0@fIt}sfnBP=h_~wABHBGIH zOm~`s0ybGqptwU~Ih`_Lyxck`E&fFvj#>9eUv3uBG`E)s>rg1=X?n4lp3OdDzMVrn zdYArq_3>7h>On)~ZOCwl5$q_0F!ZYwqK`CN-JpXj)>RLXVwCIZy~Ef+?PD5sy3x*g zjBJYk7L*VE0gB{zSYi?~?%;ippGOHmAA3`esvc$%b#SaKjRnv1=B0qJ1^zHKJ-vuJ ztN<%`e^`kuw+KE&;1=y2qVDd^&eqOc!zGfa6x&S&W<;=6A`M=|hvLuhnDGxtPP-l_ z5Q_)!IhIlI*gyagb}Gn8ns^Br@&0@rH~g5yjr16lc8xaanp8la2)9O<1hONA0~ru( zhSr@uAn?VZ79c-(z9pL@=eb5B4Y?nfzxrE&a@ZJMSIDITXCGyZy=jixFeHf=^2q{q zNoF-MLW9T?ag@uT6-d+=vyShQVp(R!k9%mNwipR`Z0nVGJ5?`yxWJ^r#jtrrX$SDBg|$ z-yj+6w82wSdY*{RlF(DKBkq&a_(OiYt-LvE&hJO!qS|5nmwj=v%5ND__q+YynV)xL z4DHJf;vr7l3~68ZGn$Lb+kY=2HHdeFjfC>{njGhG7d<7Xo$kk$*}z`)>*sWHg)-!w#LdB zkhp1U%K%W#zK;IQR{&|I8d@ZP4mJ`M`nM0e{@{l+=R_!?N4~a}aW==8L-u%T{@2i{ zS1lfmbzU<+yOJ-4RdrD+<-XhV&i}ueOxI1NixQ5eGn)r#{Y#}q_!n-y7u=5XabTR2 z7a5%WpL+k`>3V0vOIrFJImy54`HF<6h_4rTe4R<^8%*P1K>>IfOvdi9L5zCOxJN&w zsXJr*wP`tX5>lA>9?ss>WuNV0>3G@H4|1$k?cK8}OE<%?rR;a@%1d9)Wn$HIoKnrR z96@CbKNVfFtVkomR8_8H|G3@kG$ucjH)TIiD5dDBteSpfRQo`9Xen54W=j7i^WBUTTc=M5Pdog{+^h9v2O zUjsakYpZK4uzGQpWLTGE0=sxbLU>0R*wOpv6Sa;r%FnNi+G9B&fn8Yqn(PA}vt*y#)U z+HeX8v&9(an3|r}OCt;>l;JH_PlWy_)ZcD2DGRz9bqmJT62SDg3fDl4Aeue;wX!-o z%ee!8(uA%0j>;WlqiyV{VJUJJXI^nqSCID{=vH24UY-}t@4ESAOgzDM`4W-fE>o1-nARVH{EZG> zPj%FFQ^CQCs)0sfI;ltWIbUer+x->gdUCqOV3WFFKWD`xr@5nK_)S^`J}$pHVfHw~ z+RxoPB0ieHJjDL|+>z26|KaanvzfTw@U^9ax_MR>^eQ8(y-Sou-`w8sGHWP~8CbN& zK4U9`f5%6*r{b!qUNrz_t(?o(L$L69@fE*zL-D0X^#@}&}B!Ceb#&Q z(S-4^u6>qoyW4oD2n@vPi~5ckSjGyi=T{Q1SJ7|U{bX9>uJ7FNo_2nUo){RsXnUYII3oUb{kYW^f%k5A#Q=mxa3S5+SKp2E51kc>C28~v%l zy!V$|v3EQ?iJ=c~7Z6_POr3hoLY;NHH8DMfHM(E0C_4Y_;#9x|A!{#Yd*M6QG7q3g z33f?2Y4(bEmcgB#iq#DbSA38P-46R80YqXPSAq=`?UClNF2qafo0pIW2yP)a?KMYjF6ElA{ok zfzY}UgaQ;(x{23%r@Eh1F|6BiN^ZbS;$al0lV2V79#7^UrVSk)`joVclgmZ2=qd9L zPJc-TMi}l6n{Cn_1o%Cp^SB)uOtN0QWJO+IbbvL^zsq$ylSK?fJ$=|zI<0rJj8}`x z-H=~l*j~+5eb{Igkr%C}B(de6`b8wGb7iH{qU92yo1QXtX1EwwdF|pAbB=X+dbG2n z;F=2#`D)Yr5CB7XHxa(YlKR1c^kJE39Wl3Ut)hZ!M2~czE2gL?4Bn%dN4kh#^xr{P zCUDbOfe-<88SKpAyj!|6PgTH`HI@;LU$UaqyQYr@U;UC3b3u&(2kG!IfZc~kN^lwk zk6gD}c5XCcA$ECmP>^|71RoRsx|cg@*uovvuk3cCviFj$>zOL(v{(3^#ger!R%;0U z3XI?_<^rUvuL3Pc1bG*JQ8IFg`g7dLlm-ubH|=+>d-R^K^?A!sQAS@ljpL&Fh;eL~ zNGfct5AzMO`j1m&({(E{q$RRslH|a_FyG0kdO zWa{C6>z?l4m&^4paaSpZWg|yMdGBK;b_H^4=~!s#q_q8tCc>?#HezTUtzqV?P%oce z#l$`=dGL<*)bm3LB|8rj!?@!@%9acx+@B&TxXIgMw)z&;fqRl{B*J}1Vw}>$q;6!V z#4Jd+24=gjz3hjW>wE;jbEgUO2Cmy&Z|-L88W01qlb;e~#n~=x#+|YElQu*=?-Dzt z?E#@#X}FHgPZ}(pLsBh)@+p}IEU{io?a9E4;eyt($tc1hG#B!TC1|(AiW20cmlEP9&vjQ<8K$%$`ewIdIu0P% z+=TAS`zYCJ*Nbvg~0HHx%z9$p`x9V!gk_R{q5IawA>AP-l)VXX$ zS)RJw49}=3wh@>mC;sHb*x!u69zkGk_S9o@RN%q2BiMG--;Ysr#-=y{L&6Ryz-ICI z>0$bW6@MMO#%qYK_ zt$n*wWV0Y=cLCR#PrMLo_jf@d z@vI1})F`u3ALGzm&eAOI;NK(0!N-ws6LMNby3BYX>{Pl21O^XyAxpY;SVY%&M@JUn zB4Bro748@vT}8dbPjfLxvvs6+xZDNY2E@5@UhNosBu!SVr@k{%W>jt-5kD>^Q0go6 z;t@?ko$}fQ?i+{L%l17HN?~mkDK9f9N)3u~QcB;is z5j=Qr>ghz5BcBuR%;_EH@_NV6Lm7!h(^E>#@c4>iW8za2n5UyX#PdK3JQgAv^hN(Y z9Q_s#4u~1M5tp$EM-CBTPjrp4o8BgH_e4oyUQ&f#TBDN|=@Yl6YK*NzQ$n2VZ4p?w zi@?zOnGsm5w;kw{3IuImX|bbzSsa!o~{pUV&+ z8l+XE#71D$XJ{TtU`u+1oXnI~ndPOV_M<*=Jw;x@&U`06p$_8aH1gXsiuz0QLbJHU zD5)}NE~QI0jFk45c(}0$CxS@vVlU|#bvh@xK(Dz?iVF8M<|>_ zUD-kbTk30<-PHf+6xAJ*3jX(0n&|z0!R?}j@Zf%~b_3-N9Vefp z_3(kqCx{4Fj=oL6*W<;vvf(>t`RO=Z$8l>)_qQw(C;Qo(5V%4WlFM; z+8VvoO8t>C5|~V0LMqGh5^m+nc8`vq(;+NXZr>`D9qmDQ2np(K^#tL_<|=)K|Vpoy3y8{@3<-jIF+zC~PAUROb*q7JLm*3Qv*Vvz% z?8{bovLfBMzK&ccHp`tLcUFo&uW^7N$zQ1Q5k|Z7-0az09vjAK9_2QtTkL_cviw{X76evOTA_=r zHi#-I0>j~A{vtvBK8(Ka)~f^)-Z|7rorMHr1q9cTxt|o z>6OREi<*#)j|awFA(IOY2_Udr2336m%V_j3{hSIyuKV}zfB*gW zXz=N$pH7}U`M`k#6DLlbHEY)N>C?eyAAa~D>iqcQkEll907K=vJS2d+ezLuq;n=Zb zGiS~OjnU7`(a{*%+WKL@;NOX7Ltth_kx6MW%I=t?#aWU~{X-`wc}2T(xGa{R18c0> z{m2y6-8^-Z7_iS8{q{>{r90-{}#kYwgud;S}%374oPcgvD|8a}supaCp0O@V?aO z8@UqdK}1sXboaozio9IxDDFiB*(sV!b_jjBedMfm;jgz2exr5J>+J$xZW)l7?AKT9 zqYZTPceFzc>f^vo3U}4F@?JMA@>-_ku1;djQ5+Z}d#inD>u@K5?Goa%ConrUPe{c0 zvInSL^V)~Z>=5>1>yX^WL4y^(G9Q7HfW>7Ku^#LZ68n|i1J6&1FU^gwHcDy?akmZe zl}2fqNmFKQ_!vD+V2gT%oye5mF^NDkUyqU)+KCcF+!2$y*%KXu_^W%zUd&bJ8ztq4 zz;fmLN5#x&6VNQs-i^x+b9EdfbKg8Xw!oNJOeTWBZt4`%+lKs|5!jziU=Z}f4?mnc zcW$%oWk@I)Jb3W(<;xc>T9licyJN?W^z?LaRZ&q(;IG zpW1-EfW3S7?%%)vn{U3EF=Iw)Y3bp^hp$|@f(lUd^5x4k&oN-|uf(&9z^IRvRGH)@ zIpRGdBFruQ;SCW%!2S1$ciA^dTQf~lrW5T>jhyj|%OcrAcv<)XeP^B6Vlm6D;_()MUSn!(uLE zD?ngqYcXmoNp+20R$&lRuZSgO)E6wNzw1(!lk$RG$+aBWiA?FnF{0_6Ltlt>^tK~- zEH=Ti=dn2P?!2^QpSAtNu4KzBd72X2B}9tAp70VPA~5NeB0*i3vldVJdjfuOJ8E1VamkJTNi(Hym(G8 zd5bs%R~RNM(UrBdOYrF|oc{yngN*HegyjSygs8#j(5N&J5G)mI%lbVy4}n>uxB_wL=_d+)s$Uwm=r z&YcLV5QL#*?AWodz4qFvQ>P|Pnlya)@K z>?8Mmw`<_3bZMDUekE7&(hH#hE_MWq=i|uEZR&9#HRMVTI+fKJsXwr-p}w83dGyQL zjS_2~s60=4dTQL7fuU0xd1(Xfy@fm>rlcY=rS=lylivfY zB`^*#t(o5yvPq3ecAFHHo7BbT1aNSXPJCoi+$RIV&256(MG5_FS2BeT+{7@~oR*>c zCuyu^O^IG{aI$Pc&ydz}Zd@*vY`CJ?Y5@+JIcJ2oz$6qpN3e5?H zx#Cs5eEP)O1v~SddHmLq9}jvPUg#*G^zjDtWh+1j;hL0wa(OkoI&!M_;KjKGX_1SUQ^CH9@(QH_Ee z;eJ41EyA7G3{&Li$_sKtp9~5gn&chf~2Obga#u=e- z+cp|bQ(dZ897&VE+c%L9Og|P3{}keH5LmfER<08j>*UvRHQ!|=zttnE zm&7U3g?jkUl}&UA;jbGaD%PvZ^okQxMnD)r=G_r0$uIWnumThGVVsU#QMR|#~)-&WphRSNv)ac?d7yEOXjcXR`JL6MQO5 zk#9~qF;z*n@(&kMhlh_HXHt`}ZK={5)H@+n#m0o{M@L|P{Zoj4=F5D+J$LThS-5cF zgb5RtFJFG|-o5qf*PlOs{^-%8yLRombm`K^AAfxEY#CS$5gUF%UEh889l|w)Ux@H*x5=2lS!VF>#IqwX zX&LoBdjwJZ8L1krd!Cw{yhN@o^V(6!Uw8wupA}6!Ie-iOfb`Uk;DF zk|`=TD&Vd<6Dfw%E&lVp71~3Cb(E%55Ve#w2)pIPe5qw#JuO z)+_XuF}ci~NWB);_9jCMgqSpCk0vm6kx^Yv$||Y%T}k0U52UGIYAj6lCfxYcL-o!C zF*HtiXtJ^*FQJSC**r@ED>bT%sL!d$E5Ws-yn^~FSmMT^u~Sk!bl>`qa3EBZ!X(ZePZ3kb}ZR6(k4KbF9Pk5dGut~QT*#i*Htg6Gd09?;1<2_iL|}jNWAxw^ z#9^pPzn9?$+xwHiYG5X0ezbiuABETiPyy8tOVMA`Ksi(a?%utNP5QY+6k?Np3XxL5 zR&MKx0fT=ho*99ekIb2q#n=tw!p5 z0vL6TUh*gcbAG2s5F#)bq*^Be6`eOWncFS6T`1w_KnU%)@?dveQ}4r5BxkbKs|QPa zC<9%1EFtyYNbc-TVdtmHEV)=-sEdt>{}2NE(?6%efB}O)h-XM(2y{ST6-KeuDBU+n zIa=!*qff6HRS{!(6EwV{tC5S2~6qOP7@7#8etY<)peKFFD_! z`DT2~n_Yt%ML5{8sJG%a3vu5(T6rQ(_I?llJ`z_~dtRW2aDdEV!@#f-LyFayh?u6z zD6tr&C1yoY-eU=ja^cf|CS`>l z4*h8!qyK*i3*}!V$0*>3%PPm75c)bYjfQB}3xMe!(N;+$aw=i_7zJbsVX1{$@hlcT*&Dx*Pbg!-ZcvmM6N|`46WG7=@4y%^VDLxq>Mp30nb|_t& z)+8v_&&7_U!g9K-CSI`-vj3GK11W#fYK{Y0)1KmkdY@^0cGu z?`KDhO$qv9l=wy#)+MTPqqc%nS3j1(0&N7ASf!Ixk@BmgcEgBBT{9QCKcC?6?HufT zMDw=~i`Y3LDyOk`LZFiyhlq6L_m#MRI#^U_P6qQ8no^1=6a51sFowVwF!<-=84(z~ zv%18rD$A2rlj7UPgi}+JXS5Ay7B2AMv;7?f?PJ{D>=3YJymDfSpBtaW<`Rj%tQFmY zZ)U10bkzIii%haIleAnXzC1PlvmtR^Vw{Aw?;tA!U6=P4uOA`JZSI#6?Bvd8C4@K| zTl?)vjkLZ0P)$9)NU2J_0yWhtpGqON%=%Jrh7 zlj0Zkmo<&{p~OzM`E7DJ}4Od4h7Mnx$~s4fso$*o2VfqKbSx$SeEh)}K56Sj|&rE1*8UOamq z_mKovp;uSx<@uSSz2hZ0O}!$WsXr%owr6!!_$}-mcY2Dv${?@Ni>=ht91`2#f&Gub z=(24RhPKbf$Eu$`KQK_5?O>BvJExp=e zglAWRy}(A)HAVyV=eM_}%L}H7nDPN`M7(W%f2aU8-YE2 z1omqJYZ!r*8P&z4rV8fLi;tyA7W9)giSl4kmk%`2ZGOGxe18QF%IiTN^Tm|7K6M3Y;B+(yFkJ;RgiKNmKqebFVNC~Je1|spK_~8 z%t;pN#+$f2PqTeI2+URN#kG4Jf$7vRR5=M|(!SQgU+zJD6Trcq)hNm}uWjhTandTi z;ZRICF>>A{}RU4%;_TMnC6LN@^ZYVE_5gsW4!`paGs0fl-gBnUtk@Qh4p# z`lQQKlRq33liJ8T%!wmpvm;%(scN@{ePa4aT%CD@ivz1uBzNYvu!C&pU<0>i(4BIg5X zs_JQ|Ox**c2<%zk1EU`HGbnBwr51ze$YjymJ!2b(!G}{&_;Tm;j69MiDn{g#r@X0G zf6ymtsKPVOo%$k)9gAob$eY(A@_3rEEGNDO9BdF*z{4747J7gNsZ}qwAheW@GvTB<4dS2s2J;R#?QXgfu z=MgeLyUB?jyHlyB5Uao+qzK{NBMEFp_kfcb6oJ_uS(Fr+RF}zwt)rCvV!Wt73E&Yi z9uC=w;z_FTI8U}cpX13R`p7)q8z?%Kt}MZ_gH#k7G(}|MKjIQ1^$-U`UhLdE0Y(id|=Pj_w-g?95{Yd+-KI?Y57M zu~07_#G*T)#3(O=3)WHZlsb~GNlWpKaArBMh%gWP3C)8iHSuj0%nfv4d2opSD*p{5 zC6_Wpr6d*8*b+rxWhS-71OgLPQQzjLzU_igrp&COo{gmLfvF3p$q^vl){B2IsPnU> zAM|wTuXG7?quw3w$|i=1g@@9WRnyhwq?#hIXYv?52uv@6hDD}CFpbq9!|19_aE`Kl zV`FD_3{44g0C%EIk{@?Tzt}UGSon)8%*p~%yJ={gu9<(LA0K-;EJEbLo|59bc2Mli zEOE6NL6xXVABSMqO3E?t3Q}6BkGGIg(7<(_cHhXT&$@Z7?;EmnM9jsh;5liY# z=;=#{|9h1beF`F zsSTUGC<) z&)wc$jFYuw`EUd)MFOKjz9Dz_eSxJyXpWdHPhgoY7#`#H{^@Z8J%+Sc{bA?hqx(cI zz&U}5!o$pOjvgW~y+6B%gO8H{P6-O3NtV$1;#9qPHXThnX*Gr2wKYHQt#xGLpvQdd z1q5a+bA47|>>>^bEYi^e0+aFe3k2MauMmWVEw)%>%YCAz+f2K;uI}4yTl8()v{_S4 zT`i5bn`=0}*DYv~WrnMX#N9~Bx5yC;6~8tSSi^piS&jOO#_aK*P+#r*6S$pGqFSy6 zD}3%Mg7|yXi@;<;(?afZd()g{<_LER+-$`zLn0hawvO&;(W!~1hL%Q?=K9@Qk2UXR z(_Oc%j@Hn(+Xz1H7Bpv&RAeC$K{i9=0t%Q#sUf(tyn`w1vsq>*x zw-5C@^lr&b^xd0k&L7$!9yzUrfUej4{9Sov-S3Z7Y(yUoKT z=4U7L`+jiK_Gq$66AaS0bF*32Z(W#ebKmLRWEaakM5}Ik2!^Lh!b?wYM{q|+AyK@bte3L>CQ~x=GAh1DQTIlFB{iDG0_}s5e<_nApgoa|F zx%V7Hk57Al*t1!44Fu3ltU73J8Qmw!*(}@5NWnABcQsaCh4`$%_KoTl;b;OomoW-&`me)_26yWOQ!LI*~`rHgfd2GrboM$ANFZ(&{m^E zv!9pip9o}`u{a)-lLtCj+R!N7EM1J)M3LH-Qt`~^E|Ax z`9q%m9@szn3@nNFZh^oU6K)Dr=6Gi{xL zZM3JEb@ZHLArV*=VJdew%W=0&S!(7pbD;guPVaPYt*)b6Pd|{hJ^zCJb~$*1?JnnH~h9=>lWM%hjmQaX{`FPYta0` zY0icPJc}Y%)8`6oF9f!fi@+58!6m%@Mf|}9%S;nojCYRgKEa?}A5L7#n`3Ho*XML- zq4oaTEjE1fc7m%#AzvR!DzM5Fy!*O*2G-C5LqnC7l>q?(GiJ<~Hf@@hm)DUaM*;%_ zu_cR9*j+i8(pVnl02wTz5UW@@*IYqCMMVW#2nq_?yLWGBXeeBwuBonu&DBj|5gAs_ z?85rODj0~}Ymse^66Dz;s}Gc$s|r4hTIchuC2p2E0*mw02Y%E`hx>Ui zE!~#QwBK&qq^qt*ho;)2OuFnEGazcAfr9(?k`?zBB6mTZ879+0fk~Q+>CqntOtS3W zw?j)^?Is=DXmx6<-K>db8{H;mU7D@>&)bikEaa|;Y!K~1Bxc-2cOpwM-`rcrk z?W|im4{N#UtF9L&y%RjAe}WTYHRJqcX1N{~$<7v`b1e6KJ!saDu0}nzn(1)2aeBM0 zj-73{6XW_Pxmx9khGz4JO8M5xw-5(y9yP$CC-)wn=AQ^GpJ$OTw2oU~uyaJOk%ryc zaRHS^H*F1%54*&RKFae@URfu!%of>*JuK7sR*_3Au1(Y1G@{Qqz2*a3aNpE!(^U7} z9=a~?cJ+6#l8S7&Z;82^<+%?L3v44DEm!@w*N6RDb!^#GOGB%9lO}!JwfJH{TjvjY zpPXb6?qHbVWF+Ik+~yf>#?cG)uS^=a;^SVU^x7DA(0sd@#MBo`WeTuw|zH zcB%+Wm%AIi&WLw(_K)t923zyZ5FJXmdwf{n?^qx(%I6yI zT>44(8?y(bI1MTi7#Fx3DnypCuEXXJ>DrpRh*G<2ORaIHZTE9uWVRH0*vfhE+@M0f zL4n9D)z#$u#C}VMbvJCM{25V1<4rUmrnlQQ``)P2fieBk-OUSy#tQBSQ7y9twmE!T zb`|1s?guToExP|JuR=tK6CWSHXwjmuu(0gx?6|l%fk1Hj^l7P7ib)?+yhI{NOiV;) z5JPTmF7jA~tsXyqoSB)486S;gWo4=J=yKJnRp-u~!w>;#CMPGSr>CPSJf^0mG8>^; z$O*PU1r(wVHixm2l9KR9y=EDk|`>xH(h*%l^%J>2MdbY3OKbH`mhE(&*GobFyW}T_=Lv^M z5Q>S6b43>UBFjuCv#aCZaU9ldK&R#!+Pd1hI@-FrnoYDiHP`;Am-e<1Z>3{|5Q7MP znaYLSx0od!mRSPp3qN-I!KC%agIa%M(0bnR9&5hpcX-U(o>TgV%o==up5fg&1~;Y* zIxtpm;d?zl?%(>YHrx+Ywbs^nznkW|&%650)Jt`>k#G^f&|K_-n_lGn0b54BW7V^n za@KvmzzW)n~L}kB&{bALj3_t>G}F&DBN2{TEu_oojG!&Y&Rs!9EKN zz3dIoPaVAB+kUfbdsudF)<#34sitP{Hccn$H{0}OkGl&kBqEyv?z(>q8Q(@C8kXp0 zd*b`P3(Z>%>#WsT2PXkdwVJjZ*g@+%qfX053_dzu-*ejFkl6B6q!9mw^HH#`CP&chS|*Y@*SztBI4%Fn|5|~ z3l}bAg{biT_ut>Sa|a<#b#?Xn_3N))yN1Wu*w`IAc1)QvWy_W=4<0;NvSbO=5*!?i z=x6fe$>`$5i4%zSCQO*%;o%_`i#KlEXm4-7Y11YQ3{CCaxzonR2JJ&RSiErI!sgAJ z;aZGg)TmJy1|mE(h)r(Yx+N3}V`5@3{!5oGEnmJI8F&kpg^y32IyH0V%t@0bZQZ&x zJUo2Eh7ISH?Ax~wg%}2Q9|A^A>=fh;nNb`@)QN@@SiZ=@+s=5rS;xWcHCpI$0@L6= z1%be{<_ztAd4_SSqfwDN=1nFrGl|F~PiUSmG|zD{zdc?5r_cKtcWbGk)dbSh)@p)T zuUA{$k@{`-k9mjtI+TFB@dx@<3oMfpSocxJZLRvWH1DqSVgI(HjJwRR?6SnRGymPL z%RlTXdcTL$(5|yAJO5`u8-vce?VD=o>Ne@uNoSmK>%-#)MlLeTakG?jmqc2t1m@6x z^ZzF>_7-9cdkfL1YkTFb4clsIeB8gq!cY41Kk2jl{VvPj?jvgp-%lyO%(t1gb*u5}X(>+1AwJBJ}{Cm3`Y+OtFFR$5)!YFhQsb$kD9 z-&qEa9q|V>$oDYwnQJ)Hy5qnuEt_iVbZ^<@S%JBmDtKJK5Eud=nY%&QVhgwTyY+9c zp`)YGs)f!61Ka)ldFO~lgXGH)DjCZ?EMnY-IjABq9dtU@jQbwg9|e}}W)bdS_S?t- z@AuN--eBdvbl0S*hUU9{JFXp}7igz1;UR*zPzsFu4xjQ?Qid6B=IRKH3GCnY85nB7 zE=P|ZMFt@Y9$^B^?2v)0t1H}g=+Ge)LJ5!uWajVhkGX#I=+U!h&mJ>o4B{Io1eLJ~ z!~lCSfnC3T9X@~<5JE98qT0lX6Cn)5X8@LhT_C4jyLLG`IwJakcs~C4Xa0!Nl$m!Q#fA#V4f$dOo_3BkDB0p`~G&GC85U4?c*b42y!RV32XV?}a zM<|A%&E4G{1H=Aerw$xAfMK8!L|rf<3P+3>F-HmFJQht7#0%1J0+S2P{q0Q_yx-gE zEu9vy0D>>&4A!N&w&MrA{T(bboD7THjpPFEYf@67xeODB&|D!flen4Rn`^RVl!0}x zRuCR$JWOLSgI-778CIQ7O&pZPeKDE4^&h%TyLZbb9kjUy+c(vG@153epSKEDb1Wgk zkNdUh(p*bRL$igpW|tN^ecLr1&`w9My|!V;riLAw4d|#fpo4b*R?WKUHpLM7chMYW z(0a#rgX0&QO5BVJc!OmkbFaCk)2zGp@7kuRj_&gWW>U!KZgwRVSQqe(3WX*Q-G;3F zqPNXkI<1;D(b3Tw&{4H*{VpAy(9zp~*MEP^i7P)+D9N|ni z(-r^e(^d5uSQE!#-T!S@AtFpcNCXWeBqT^A5D+rs8A3u&p-~+e>;o9E4d$9>R z{rTsg5dcA22;GW`ieMu|ROoB*;>GX~jDmf`CJ5lr2u6k24*tXD7!@)Q7-G2HyLV$4 z$BrFCeaOk%+Z&Gv)E+&0gzzpTBn0_&>((7Ud>CUxT!o=RYzX5ZT5JyELSUCKU&b&X zt!>-3VJ(J-ppzXLf_QNnNMJ~Ep+)FI(`EmC=d%H=+O|*%Oj}n=6SKCC$0vQl7F&tk zxZn9jeauJb4g!;k%oTiNnX5_M5{rG~jX&tii4Suaw9ryh!>U_Trw@8uovxpS`B8c6 zMf3}S$%V#w9u`?b>#O75nqb`Cw6ktk9nBV6h~1iMXt&U4f;M0)9kc`+Hr3Q@qovtF zOQV~vrfJ6}(=0o|AKb54i7X5GhJ`$R1OeP#n%wjv9Qtn>`L=b>W|*QOurY&M_$?YD z^RWEAz^t-8tYeo9-ao3_7?ZZ`TX564CTcgqKP{M7n@d>WZj9T6du*cJL>ne*udUg? zg~kWHbmtH2c6EkcqF{KYaHvFR#oa)JyD_|#0w&{`NIh(0U5D)daiE=5N6Ri+U34|t z=xR0B)KtE)r)-itHoE9RTU)!0rcNhq?Vhc)-g`&e>AjBEChO<8nicR2ig*lfbM%WE$sewZNuhTjd@jRGw(w`q0Q8(N6^?=YFBhSor~)d5){)wV5Vk z3|e<+rlEsE@b@flFj$^3bsRVgLV-2z(xqL5OuM)5Rrj$u09QH8nLA?En~&-a;hmN<#zXY{P%w ziCbzVNIbyq1Bvo827G~4)oEw zsaD@M+7{h(|I@$KY_m3-M)dKVJ}AZ6s6c33ATY=m80Cqq^F&+(7Gd9S(|3I>yK}!N zjDKSdS_Lezm3decxD8SZEKgvaBeYI(9DHtEubI{zx;Ez`22F?(5<_|0)VMA*R< zYHK%b->UW7omvm+)oS$M7E6b<-#w~#sQthUgrP!f<+tK2^U={4J`-RJ#VnD%Vbt4&kxF8|y;IFqb7k6M0gFt=Oi2B+GWY{7=O*D%j z3{A=9a%{q`(O_L5gGCe~kD92DJSr=j;o8I_x`6YREn9}lF)=YP92+Nwfi^K7Y=V~6 zZ365LnuVEA2cVp-!dA$zM|FmkqZ%^U1PyXc5JX*QIDyH8mPwAr7boF3sK5h$2`l!He!+Kg((K>{_~cddHc@?v^D77vU4k~ zW;o;Lra_LTni@S@YS{MB8f(zn<^3K9N5Ac7r=RGEiC(Wzpf491=87z`L_@>^^=DxH z%(`=LA?j#q{9w@9Z^=*ytk8Y1T3|Bn2J_Zgj{3K!ytCN0b8qEaUiin7@_zd4vT+Xl z*H))VzYfjcd#BwbvyLl1>3n8<@9+hKGhFl}0^?jh_ibYCo6g)DiI#bSA-O{C>v4JR zhKY{)-m?eo{JyWtM?JnX=xE)eS>HBVt@AD_C7GR-(816 zSx!c|Zis};^7$rW4;ycLvqiS;EjwzoY@*S#UGvfUtq=d8ioj$%BZa$BiMt^LmMa`4 z<)mVe!85%zTmR?(bRX8G2~HsJS9rIZ?$NP&sV>}?)rtfLiSE|U!~Z9+X_jq{|IjCP zsWo?7UZExI#RLW?74XgOEwT{(x9^98T6b@*(N#;sx~uM*Pr5yFZ!@H?QCg#9puYuS#IOTWC7J*YmcWNxGw6(MyZK8u~LZHJHQ!GHgy)XP%kpS)JN> zbv2ez=K;&38q2dylxsNDHPsbZ9w5(v)evd9xVRuxs;;h1N=n+XV+SfQYXVkZ*^H`p zhPoVi^;(vB23G#eCInF@8ctwHDNBv~XAS=8)1Efnb-J}}`c{XQ7TsHqGwgDDtbtfC zv`}Cm;|~yfnB{nIzcM9vH_n5-c>0*6q$1lu$9Lzy+s)!Fo!*^W_G+tR+EHWf&~E4K ztmE8fywzcGI#5|rG}xi2e101uT9tHJzKZv z)uv_N)>?g9Yxip1?5);c;y-Vlo%nY2qCpaY zp+aCF=NoYEpyC*Ew*=$_mczHr5)Q{St>Av`%qYpl#LvNK|F{8;@Avw_u)}+OTIhGy z>C;y0tyY@-+BdQ2rul6@?Zp=D*Z-&2iRpTGT+K3s+->-C+%58yH~h^O+4$L;F8jC( zstxSa%)D>s8P;7+P3WJ&eL?Mi0+VqUund#(%;oO-**w$Gg{J$*^!q`tId-Q8Kwy&UZgF>!&9MoFZtr%TZPD4zy4%usd$0SVf8dOFu!)3koXaziAcKgC z+t5HJ8mK^6#y3U$5#wyTZ*))o`z@So+dEpe;#=t+`tGd|2jf&1xAX%GMz zDfos6ztBjQ$GZ_rZBG2~_PP(-yV|tyc(47gZ@S;M)6d|p|1_5iP|Z*-K-buPYwjaV zzF7`>Tr}8orvCb`dMvPRW^dJW<)>|L&l{BPYEa}hsGMh*?Ph*@Oi!L|vxVl(__l2h zkM4hW_Mp_I2Dt*|8I0;EaktJw9G2p2>N~C9fe~F+*f!@6X}SKty>CtIo$YFjwaRB2 z`n6(}rQD77Ei(nSH>M6+IlPUdMN9s$j+e*2m9$td+Z8THv)s)sl}DzoPtg}mBrt+# z9Mqq{{+IIj#z^oJqypbWFEYP9%joJfqbt)*Zp<_bm}mBQslHTboXh>_My(A+MsksU zKKDghO9_8SI&Wymd_&J!18&YRyfxF%Yudmtd!uA$%WNL|%@mcrlpC5sV7YuFvAaQ* ztA47JUi_lL59aFy&(-&_GxVHoe0iqH#TjPTW|?}(^Gt3|H}IaW7dxj}C_~XyHFw|JDqH8`BMM%v2`>W#aOlvrN2ZoA}uohs`&QU2K}{Xq@F@%Kb3PQxpF_ z;rOe1$>p14oY~F>$&2(N7g~qfn+MFokOtkFKFD+Cpc^v>dCoTQoo9Myq1l5artwZD z8E)J;fn0gBM8q^`AxAVc$!$oOgQ?$4eV>_n{&V#1IvB(`ndKmq;qD-1tc+%!?v(N( z(mcd%u0{zZqQW>ROvGFSaFcl>=V?=Ld)oIUu)EdATFjUOzq zdA!st*PZK*yGhE^1I1cHESR{&=)S#vkez||EMwn!Ru2~=;O1^&#j3HyT~F_BDi$Ch z8y@Ru;Wq>OsPAoO7BgQj$HhRb{A1OskNh(St$q>-j362Z4JR<9e0RNK*M0@=dJ-NY zB+G2RRSw@O7Y0I|zZE}S} zxZkVfWb?n_VY+$RBL=Uh;Oi-rmt#l-#$q0KeMhd)I+s5rk8cgx$oM8)z`+}ggeXCR zZ~-%Ht!a^)a0NKWx5*RQW(jPwM8h+ey_YE*jzTU(tNrUOs@WMWaQ7q55!z-5ho%cL z)L}US3$eibnUswR9`9y~hG&U}<%)*piO_`=JfYr^->3i0?5tC+U%t75XR2^FkwZ&- z6AAaDUtF-8Ewo1083LOOfmIF{x>@9Ln{yv2A)G}3gfKCeZz&d7!wp$Nn{1CE83-Kt zW~iwQ_*nc`d#6-CRa4+*UEn%Q%6m6Q@V;0uJl}mtsgv0gC*vY_)VI!DHZ0|*_fnU? zpCx)XPcRHhL*R%OAh6%J#(hUSS7?JngyV_7CXSLAe@CU5x&5kDnX|RP3V-En!H^7r zE%&Dvp?51*?f1e%iTZHWXW|4#Kc_+vuRjeUFy*X@q~POJy??R$z(SsZ0y6^lxrnKZ z&y>U6Mgf`sZ7ATrNDFmAUsgCn|q?MSv;T z9MdZTEE#uQoGB-arxvL_hoUm~ju|R*k}$)r$#^CTp=mxG`G+Lub3gLJy;H}1<4W0x z$Xd$1Y5D&|U|dIB*W5d77=Izpu!zs40%cN$S;pK)S?uS*M9LqhR!;XgXxycYIP835 z9RDH#_j}oLcZ9iyu(*u7fRi16Gw!BbwYtOR+?~4k+(9dLGlnv`Po7Z1vrxEO6u6q@ z^SJSdMV2|sEb+I%->8^pBImK=$sHwiQ`~!@>R-L#_8m_E?&C2u$Ta!;%XG3=h-#Gf5#ZR_+U|W6X)1YY+oK`u_#S5;u4*af(uY5XdDt;v}9)5#NCOB~Pwp z93oW4AJK}t$G`HIsnKH*&#;82U&0$)#2-}1*JIxqkPEoq5I|pfqTg9uo#aB3e4(Ml z!$7>;Fl)I{)-tnf4@*R}a_$ODj2!;MiGo29T6Q#+J(n^D*ASI;}UZ?Dn3E_Nv?EMpBGz; z!`{I&C1Q*pCjos{{Kod_&BN*~T5?WOPdpRxG@JH`t4#}S+K{`sn7$unSYGgr-mTW! z^s7js_~TmibN%4>V8J_0k1}l5%HXa^*heR8#O~?%7(5k8L@O0mvF%o?2#40S%yZ77 z^(%?x6`4-Fka-ZiJYse?`xWti434kDqYegwT?B0rACJP;jAE!4hw+xXQeolV%m?mV z{I^qB*OyY7t1-u4$LGwyb=*H0t)r#j4tDqh;+EVQeA+czvU7q-_##2hNcFoNmIkcX z_NJ$F7mkk3y7Q_E&FEH?*mbADKDr)e8r>MNsvb+$!+PHPZ<2T2_Yg`YLAT4T@qOi# z+NgbMA0}lcNj<3?ZoSI?dW70E?z)?ojAY@Om)vgxyxMjg(verQY#NB}=i!Cs$vh}Q zs=oR&^QrO%d(a_YvWO?tmS=~F>R z%dMAkH|4$sKFLhgwjZUWbNqxA7Q(h>8YX+R%8yVQ)Wvq!RQX0CT|1Cl*z!XfT4=R3 z8$1BCHW;#%aP=T>DEL(xpQpm0-{uNKq=B$|L>dQU^T(T ztd8}qr{QBSlkb`ITozublQ;Dj>zwT;;^8WtsxdEodFyhhvqB7S@}-x1NY8sSUj0v{ zNk^sgzV$v8F*D7Y8u%&IN*q>L2+8bfCCQl(b4B20ob9qsy{wx zggP$uWmracJdTUgzjf;_rASIoPY+b(FG<|>3kaBFXUK$E7Ptt+!skx~q#R*-MF&~| z^jMYE)olU4`J0u5n>B<#%GYwpxJ;A*x8@meeb;8dk4rii197e>U`V*HUQL_bst;rR z=etXY$uVO#BSS-rwxH>`Ic6J$Tem2fV{x$_(RNn9dbM9|(L9nX6~RGfaLMwM82C?Aimu6Wn0^IBOvKX1R8s zS4t`ip&I*XNK4E5+wB+Du`sqIW9gZ;B0wC9)mFTIO|@DUUmjMvK#SMEQG*k$G#K*foz}^W zs7aiPTbFRNnvJKYDAWEsMXX}wA8F5xxlzMuSy@@Ij4S&mVPRnnOwsSJ2n%mPYn*M} zG1Lgevf|gqX%ToEB8X^102t)u<-w$a$1yP-uLUxOT3cE?UKbY^rzqH%nSFgG?aN6) z&^stXN)S&`V*JE1p=0M-hGq$xltIdSE&HmgEKCilG_I*{q@xu!rxSOBF+QK(J@~1s zZ)m0;@q_Lu&d@mVA2pAlb1iF0bI6N5B4Z)N$B&7Rm+@HWC{{}7>VMIhW$=ed`tBIS*!LqNz2j>-EjK-%9=LYd(`K9Ln8ZYAEaT% zf_VWL(5uZS?tsa(dfC{2ZK=Rez9GamTueMvuE^V?y4j#ILDhLHsAkDYv2gQ6lFWbX^bMlLTcFY}T9;owARrdnzQ z@YhCPuzS0Q85$X}4>QOH`I(t9G+Nc$zu)*=Ngl{XD*qn(WqlSpF!70<{!(&lO*OjD zK$%HYEuP`33)Isi@W`Uyq4J}nqs6}meWW{a4Pz^Uypy^L&UxEaK!F`oMn*=0j1Jn1 zMYemrWptuA+MZWq{?ygk&n;=!u>=hBjk@57GalOC8%Cpr%h2Lg|oI|ysXLfeBvlFu-E;hE4 zc<3D~_+luZ74my*9q+tW3ANI5a)|WMWn44GT7eXGR+O@}mbG6`qaQI5Q8zanY(i4f z(m3fnqW^J#lfya+@;f>@;MA_ItXLDqBqjAzJ#=Q}=jXqE{kpigxPX9wu&^+c0FtH% zS2JDoFmsMiPi;Lmrn9UU9-d`&U?fU0gM^SfE@oz=r7gB#(w|9*UA{ccK^4_a`euGP88FF)nc(GAxK3+9Pk)ni$m zLPSkHFIo(3EfNj4gEN3_(&LFM8NWH&SydWh&($zgN5K3!l&P9}=_t8_S1*9;haq8n znJ;T*I}P1O)?Q!m!T^J@ z4-N8ZgI0uVZOK|!IQ>Y*M$2`J4)*?|@G2@Rfiz?~~F zwD98xU&atQqB8G*1OvS}PM?O3iHS)%ZDP7BVluEuADEg>!vZDOa56CamR^_h! zl-ynJ+Mf1~A+3piZC|hi%k^!C7Wb7xn?M;SRD9E`PgA;G%*4Z zhfXigH8(1ZhsT#ExN3FrAcQuejIqQq@KBFo2avA-UqG}A9SQ00mpyJqa1B7jQSjrX1% zzHA&~IHF<=NeI8cx>Pi2)apZ9xqdB&e*}HK`R2_98M8SUqK&<($IJx7hhhJUpSVMc zGhd=xiT%kr2!pJWc?GAKAmlD6wJP@yvW)9 z)IJd`FFUF`a=EY4IO~8{ln#>!=j<&v)uhXnDzD0M~m!NNcR<|vRm#;nW zn#12Ix4aSq`!pejyw%;i)dS+jSCj?oOJKEcD2b)F=CqtG-%ld@6v@I>b5c09t*iYu zmmMzf3!XlehK9CJ%|6eJW8U4k#W&sUBIw6C&g05%9CDuGV4+u5c; zQ{@|-CE0stUKDij@VtbCnsIUY>h*iYL2+9ayd0<3i?k^DNG&6 zxis%N4p#CHmJ5!&?1(E;Hv0R#tn`#1W5d`Qre$sB;ZRdkb7>j~oYOngSQk_{aE%I` zT`Itde^phb)o`|APA{veiZt>k_c4Y}2IXE~- zO{EeXw6BLbSl5G&kS=#^QMUj-L;BwHuiI7$u-G49XDRR z%MJ{iyg4e2-apQ>O2sbMqQ`+hlLL>CLj@s-XelcFl?K-@+&Xz@bAj7X>AgGO7JR$W zt}y$URn^Tz9@e_ifsT@{S(;FH^vJnHAyDt4pJk=N_|^5qCHV1|a@9_mp((EYx? z?h8YGw(=ehdZpH;>tS9h3Z@yerk2MoAmy+1ibu2-aMNI8W7k-=KAtnx&y=lAH^q$T zWGAevIGjq3jfnyOLRo6&YU-=7@=G?sg?uZb;tyqvY$696qDU@@4}*IHj6x{-pX52kr1ChqTEjUK+u%o) z#RBU<+u7nH78tdL{N)Bu36}$EkoO}ahdVnS9v<=>$u!rVsB;441TiV8Y~Z1rs%mrq zN>Z$9^=osy;v`2!xmrw0?VyRW!_r06pYF8O1$kowIm%E^a+s`s&&yT>F)S!(Bi#41 zB!nGxB~mjpJoNMjkG%)`_SROSh7{VFaaL69+FkA^x3_NVj*otY#>qXC@uyJ0V8>0h z6N@TC&G+{9+643(#9hlovOTG)609?c_ot8Ap~;~X&9}X!iXZ+2e6QyvC54P>HXK&~ z`Tvo0&1$&i5h;@*ZW<*erRdF64ziS@UFBHrO`BRT>G(-uF`L^(|wA+yN#FTk)m z#=03roJbb=*hLZx5Q<9e$CL%+#J_=5Oj1%Z9%gQJ$e}8lFjr&YAA9Wo=QKd-R@e**t=7Fob_7k?w zPN2yKpf{PSn2tLza-_Mbsep0+s`M(X?-9^ephVDIXgAUYP3vrNvT;U6Ml$~vJ_4o- zj>ZmtzxyY9t7D&mwO z)+3IHIvZ;f=?5DISE6*O|8|kYgp5513X)Oe9o|Dm%d^V6O0t^th~9tjpqDL598lG| z^!=1fY)QMzO^flESly|Qbcwq=K6ZQrZm|v&9pe>ZGNEE3gFc(EM>`o^miOjb=<5|; zX<0)6AwL!$wkWc5C(S*rp^CAeaxzl$Bd#0L9$oXhrEh4Y zZxLM|O+j~aRP-lXgxYr-h!-;dfQCe#7BH--<^E6-$~;GcvT=cZ!iw_1rNU{jUQ*4; zd`4~!zKJpF4LT@YO`s{bqSfR<(S>iI^u2@MEgXnamS`nh+7y<%O8Dd<`zA08~7$-eM^O}s!Mg~Q~pwNN2 zYfZ^ZgLi**FpW;U5BHu8xwiy!9TBva_e3WPAfm?z@$do@rbxLwc*K=mhgFk>1256^ zBj^5}{;UCZA}d}hTVh_TclY^lA3p1{B9B`Dq@qg10ITr*`}ZS%)Fq+leX^MBx3-^C z(Y0VftKl<=d(1TCI7`Xw*sL;VLdiB*5eZ}5xY6S{R7*|4e}27@Y;>k!e^e;yhsdVm zH%KVPJhBr)L<<*$QWcRaS8qOig^3J}zGdC}t@3whzO|fog|99c=~qwoCKAHja9&hb z+!Fp=(}A+E?d#{0b6JjO9;eZYC}$aGEHy)1Atxu7#8YD{bsWyg93vm=K;V0N2)BDI zDh{W`=%E5_&3c~4PP2GoC`Y|L2cbbBmM(uM0pPF)1-G_3yMO=@IR@@SK8ios8m!?8 z_~GNBSHkZwysZ0<$B}jA4uzxlghFKGHD|)Lj+P|TOIY14NiNQWpOGdDW7d(tAnCue zfcY)D^XiCz^oudLW_idC?A{oQ;usvEvc zpukQQ!O7}1Maw0YMcl0vA*nlcHP^&?hu29Isfy3W_E_br-xdTvCUIY^cy_JqXWk;-&DuGw!_mV&J10>x<_z$`iLT)}S?^<%p$C*fP zZ|~jjOH1KX_&mSMqA9crVmeS4iaa1#s?7Th2K-Sd)RB#N&q~aP#mw4TlvY&CQ;)%< zSAlMchbfqlV;BA!DKbrm(#`$d?LJ_AsJsv!GW|lgmS`=ayIsiYKC$ z;8thm#~;0Mv^Lr%2ucaD7(M8h6xCL;$Sh^MG5n=0KP4qh5*w4thti^hl8$cAnbBgI z)mkk%tQAfBV!1#ULyz6TnJC&_PN!pT&e%n@LPcp8vjb#!u48m6O296&0uA zfC$ls+}gky&vjZD!|iuJv3O6%g5K~R>RM??YB7h~Kq6aZtSZVY9dDz!he1ty0*_Zu zBJtWrdt87JZggLYjr4%H{clkUBa&LZ#S|v{s@~|0^g6;gx=TX^ zA6|ne55-O7Nu*XlUWmjfZTu4IX~*Q2&26#k>yM++=VV9a4saCN`jiV~noJvdWbzuS zh%m)tvccpkwT)}IjYH^xxFa?qulJ8gv35l;vU%{AE>wPppLjDES<_)Uy8MonDs{`P zz4#S-DZ#p+K`9}F?46_NBbT>{wY+$XsV-Tp_~FORSE@Sj!&&i*An!+xP(UV7Ks10v zeB@>Ozh3s-P}x1W9bE8w@(X=RXjH}*3T3-U2%bdJpj!t#BS|SKNLX=ka;~hb#3-{n zIXU^q*t^|1YZ}aui88!JD^F){r&!HB~cP0r0tx6D$3`~R)3xOU^I1* zO}*^y`69+dZqv{s-!);*N6bS*H%L$W6aRb&-0H;e^IYvk9W<}|5Ks7BK~?XN}dn=8M%`S52#Om?=WyTiQ!!7#7X#O_Hkrc{l2~A_P3zRpB8nk4Kzuy_)_iM zJ@wem4p7>RS=n}P=E*uIBcIKMk&Pq!R@GOi9k^n4zUe$Fn7?Y=C1D==a4=b4%Y~F7 z600VXXEsq=$+>Cf(Ksif@zm>hErEkku{UC?%4~mwQwTQRI_cYYfys4Rp5U}^!;u+Fa6HMbM(==uvdRb^{ zkiIG~M%t+IidSJEN?Y?W5sTA$q1aaiD^#TkyUtLG%*ddU^mme^vPY?@S$J0U0@|s8 z@<@cj*`=~q9Ziy|SvCwx;R#dC-pBndz0C9jMJ+xKuOE6%DCEuDGz}BbGtxKKU484i zU|6f&gvl!sr^c-Dwr4e^li!Dl!}Tc_ReeK+5or9FP@D%eXjQM!LJE5l<2HEX@lcvX zm)~k^@Pl|T4Ssh1dSTQwG;5lxu~~05O#N$QZ0Pu=DWbx+YT#?TYkNgdUJ{gEpq&|6 z^w=)pvGm_)JI>7d9`w${%t*@E`GKH6PHo+C3FU2^|+P*v}@2n!k}SJ%*{4=qZ9+^*NRb^n~GAuBuGKddv# zvuzaA_U1+~t+9k9=!UCQXLm2I`QSCV{~~M1_AUGTP03_t_2@b~WI@r(%8$bTF(dS5 z)ZbloVoxUnoV< zb{*kxb|{q=?LUg3Btvk;f7@`_A1`UeOiH&3*qJAh_%a_q_nqGT_qa;TPS#D0e-`ID z{${1s^AP~~o>EJ#pN)_3xSh4;dgW->0=N$*TKm(7M7D_h?Atc6x~demoVGaE z6K6f8WeoS06K7_EmT2SW*NCWc3;j9}9*7%L2xLnR!UkR|K@>-g^k8Ga)2!y+1sC(}{+4*pY{Eln2nxYge z(51K$_ru4(P!|Kec;(UI-dj%H=@uzSFC4yR^NvF(4G zzrrWDvQbHs7v8n^WQmpv`>O~azo0O`AitopTE(aE@b+N5fZxX#3)Qx8UO zK-!KXmVlrj^n-ufqNYATy{u?i$#6XaD`se%y4A|`s#|))L!NOhV2xTvY;|CtnosJ< z*J?f?;o+14a8Hmo>|HJwGG09XC_6;!wP$^M@nTaZOVEn^MDkLrd{D9jI6ZMZgiTgh z-9}aZGP1MEZ%qc$toOfaU*{8&^%YsPb+)B$G;r?^I~zBvkZ~!(UVqy8>hOeJNlpqh z+-|_0A{O>l9Zg?9wVJmSi6?)-%dpUyO&Q#$WhVIgi}IJ(UZU9DMFea5pbcN7sUF|7 zH|cS=#4zdDL&ZYBRJOdjFSOJJMZ@OwjS5mhSb7S6TGUerA-m!Y92o||3wa}KssHLm}m4w$*@-~mKb2;*v>=w{LN5+oK?k8yf zbsYbY^(V+eXYM`nhVO~;==JaIy_aqC@5QrSY@WIvu{{~Ax6S`B_v4^gRE?6LAWq9{GRm9xyL^8XIG-e^v_?$ zB)tC8HP+~ePq{Y{c9oeExr2{ywP#K|ll`d6t!X_54sx}ex~jCk&-`470Kcq-%(gW~ z^t&@fUe$&}m*e!Dlv;+v@3)+nz;$wB*^&0=IS;u-(S0bvs@T^y~3S;SYtp^_gD|a@KxuQX|2h&Pa5AH*S5&PQmKl zyAz07s)9o-_4x3=BE>!%q~2|(_FvoL=ux8dJ>hg%mCA4O=G-Y<7@mFFnZ&)h6J58! zrW}||f*WnJQ<)&)gM~fPb-8t?3w1}-?koF*=vq; z-`|Z74sorCytvN>#Wt)(^2TSchx!G?xI`}-r{|M-3(8P5t!er->^Wul`l&D-B$3=0 zyf5pIXTd7|b^FrteHlqM4ha=OruOka6VHw->X$b5C>E!i@wXRhM`0DuEyKTWw(9#b z8ychv%drs7zRM*J+bEF1ckAt~4T>sid5%Aq-FW1q>}AxbjC)nF4`rpTz1mf*K#=uT zRmT|hFB)&_YcT76*oTWie9 z=4azBa@=Qx{s;>;g$PRDQ@5kXr@#BK?_(l?A%bv+<#?OIZfjrDGEo1X2 z?tvWB6OI&)XeD`?oOEo5k*S|Vfoz+%{Y8nF)ed|XEtg7j$cwy>YKhWHdg*pnW@Wue zPpwFA5C&wDS{WIpT?Fw7au^dDvJl2ZFif{m!gkhNf=rgRu@dj)LD!2^f1kp)ik&ah z2KE;@1#PLD?;(ke>RiY5Uvb4mB9~aj6;Y|e>4PhTnb@Coi`<^fAV21u zW)n@4%Maa=qNw8cH+$L{{Rr=hK+5Wi*b-;LC_3y8Y@T4>>mRG8~3jP!ul^+9JKTJ|C90h_fiw4 z)-YnHg7F^@`x=Cugi%-<6=h{*=XeH&hH0s(WoBs89uwLDB9@w#_DnW7pfeoj@bHlI zfz$cfiR)z5`{7~EN9c#U$fcz=fr2Lt<~W)Uz31j86MT9Ah>rw)Am?6*)lAMp*_b7J_!j)FuY%(=U{DYY8tz>8`DzpTG+aBY00*cY+&Lp!ap*8 zlxh;UL?sI6>M9plb_Xt%&=-MdTS=`4^O_OK;{d=RBmlq&)H<#U2n?xd087i8H@*f2 z20(TJm@s|>4vx()s7vXQxME{r!4w)PKq^5R?K6!DJZFCXJmhU4GmN8POU+C~M6_#S zX_?5Zhnd0>;1oAtP0kt*7_~l*fq{Xk_RtF`;~?icO{%!#V+f(PTV7u7OcOOlBg7HW zrx)h>vKFP29?B(iXY^NQO#iflxdJ9L1W-dan!XOmyK&W`U#CDEvm4`57H>GPz(N@J zqgVkJIpYQs0vD++WZ6Qe@EL{}gq)wOrwJIdvwC}aW?gnlgfs~IOZeqxjyOpegRO{~ zT0gYd-r}SPK3;qTTpxhKnj9am6hbv2=DI58L;n1N>gyQRBsVvA5r^~k`QJYjvG!2= zL<5cZ)yY+rxn*UUEw$9ur(WNow2v*!m-dBn6lsJMV3O`bOvU~5eIlTn7Q3RL;@Q*J zx3;!cuQ)~ei<5^(>2(r|T(lpv%t&4n5cS`S4>dQFWxpE5uEwtOAw@=gL~$xTOCTXA z_gNN?fROOu;8TYi_P#6*&*MsJ4R0A)-q#eT;(jX7MRB=gFDNtV7cE*!C?Ir%J3fL! zQ64Zx!JHR*z*h0(2LXjYzj_&9_n_YQ2lDRe!WQtp!HV98jt=XAWVXr4NyWk)$f-o& zLN6@w%T8Wh+W218hmvlSRi;ynbzcF3RH~I#@4xRjK=zB}dH|KB`J1~;8}d(q9_8<9 zhLxMUdm*oz-^rdsj5qv`&dyHWEE)ejfDfuBF(*s{?u_WEjUUXYiJC*>3A4){#*hpK z-7;fL%f9UJW^`*tv^l7V46mnC$F*keNHX-^2Clq`VlAS+fUsX_0@E9eNJA0UnFMhfZL8cl{S7+NxD0y!O#<$^c0|2K_MOnGv z58wq}M-aEvTX%*76%imY>yHR5xS zymR^yyRa!kk0s{Qgw`_ArKDJZ(#k{GbWOgzJuU4AcnL_>-nnyUad8pg6Jx|Qn9nI# zSjZAq*Vk`wK6(E9IUEWFp_qic6Jlced-v`|y6y}@Imvf>j^v2dNU02F29yj8s3Qz7 zrLq>2z8GVg+?shaIz4@IcCt@*3Mn`8*Rj2}1JpN}|x>#?eyt0@;gO1h!+ zY=ZIqXhs(;_3p_VL8K|FniTM&rY7g0}YXF!hbqthcw6^#=a*K9?OC8A=-z9dKCR z?zI2B$|XgSb??5WYBg2VG)0zjI@t`Q-OlUEJ@42y#T}@C1b>3S4o0gSfk=Vu`1I!2 z0t*(*`8tCdW{$Y~Eo#0_?wHr72S4`XJLLWS{ee=BL5+5UxTv+OOHn30H5E(@TZExt zgqIO!Tv?Sa?-YBsB7rN(?LvfqI_4DN-{{E5&94nZU%q5m#KmYAkZOMOqc0hpE^p>@Z-g!y*S&bt2zZQ6i?I9L8z--chMxj5Vx=hs!4`n8>X5dJusPqDC zv(ar@Eac2DI5^nd-Tm&e9LjggeDX@fKN*1u4kXDw(F;by>3vBx-&E&OzOFF;t z1>xaORN>+C$W1~*+8P?JzWHEf>*Umb*BJlbq}p|?Aym6Zn_k-WBqs#!=C5CG-Orzp z$sQL}RmFei`8ON$KQD96TMO#_`Vm%uw)O|#Ie({>ffPWWhaB&)RTBUA3ogS2x6l`q zBh=!4nw6dHmGiml+qbh%B{yvA=%{rsV6qsPR)AcaJeT%_XcGAw|9SC*-YgC-;Kn=L zjfgH?$^j6hA5kSS35h9NQooYJKeZ{nqz(}+)!aJ<4x`I&v7})<$*&nTOn3KRfVPy` zpIl02Qvz)2+26naX2^mu+fnqMrRY0ZClq93D}*^#-_k=h#!Iz}i;5H#75}~A|LtSM zo}XjLIhuqnBEfk{qQC42ld`=20qa4fj5*99GhTAOY%s6i8wVG_zwFL;5OEP|_f47@Gsgj zi}U}iQL8Rq7+Z%TE4)*alo|xy5qLJxCZN0q6M~f6?#;IW&e!BOOc~71$$_<)nV2|; zfa9?gCxWJX61I4EusMBMMke>)WSaK|D~cuz%|fO}8(slLarD?Ru#a(xiHCc8AU>2> zf>g48I~cCp^X+743N=>zZnKFj7)b_Ts(<&RRo5x(86Zj;wt;d7*r>px-R_Da`tjq( zrhB)jU0;VgMeGWk`7&&~U(>Jf=;h?(WQs!2WP@E@|6HL*?giL9KE9LlKieQitc62B z#M9zO9tRkB7+&<`&6^`ABt9ah_X0!=;C>hw7}z($J7`2K85tNJ6H45h%LSMG&*85+ z^?%Zy=Taj4wOw6Z_4V~CaWo`!sE)oq$M0i>`0erW@l)%TfCT?J-yRBhUm+nOZ7r?j zI$c{gxA+Edjn!-bSZ&>unVGq_=Ve$7M;)>23z@U9rKKehU2q1z8B;Jb1FW8!33z%^ zk`fYnzsAJir^gy}P1=%Q1;6UKF7JY(Vcfr8g`By(h6cgXi*^!Q$$GShrzbL@jm`%n zcC+RGxmyOVe{zmRdW!#rmwVD-eBeFc7p3e-hZ&+pRGDMZ7t2lx{sy4k|GPvCpZI?i zkpI_r%X2zFNWaa_vd9LNnT23NTMGa(tqcsFn;D4%w~Zl@CiKJjY|s4#)ypL9Q}+0r z-qX|bDGa59-U2Xzc{2V*{4dMPtE)#od{9{fKt3qLs-1jFa&phjDbdeeR^h?QUn+3W zu?&l@L>L!0cL?+sKwx4h^krgT)ypJo6~d81fpjM@j)3ZW`|ceL6;%NPf48ACg6rhu z1Y8K-uu)yg=o>e0HokggciTqDg@5K)+AlEh-c&87kOzt~+*vFlp)tEW9;~g}J#$6X=e}bT&Q4>#u_ryKp9YbUh2KO($8=M_J3xv=svb z`AtJv!N43;3WD;L;|D@AGFrl@wzf8KDroT$ylPe6D+A<#fq{`!nGK)yr79GNGh+(5 zGM7PfnFGNh=i=%rngUGuQe9mgU_SqjhMrT>&_vTS3U%KO2? zJIY%J_^x#oC=|QoDIA3Tl&?WIM|cHnN;wCL*Zc43@2QoaHSK-piD0Bar${P;Bi+kE zik`EmE9)?r3O2?X1*pRC0k)8)9RSS&<|xkkAb(R9ouZeA@O4*STzBNT##7X?-RU_v zKOi0`t5@ZWDTpqj$g5@XC$!?4T3W-y!#zR4yGtrE++192BYtPcqD74Mx@?k?bo-K2 zSYZlw$p{8w0s;kOgv#Xhd`Evj9=k#$LaBrP`xe-`V%3Df_wN-5HtX-sUYk(xi|mA1 zq8QaG1o6FCRZpH!^rWDWm#`HzB4a%+M?aoQymQHhw~Nn@C@^5DhrkH`aC<&Up3taU zxL_Rg8i)cSRPJmCd*zXZohVJCwuVO7Uf~pAFlj20Lt;m2YHCT0QWWe?Bov?;MoUPs zlsLnF^qBR}TtD|42a(<~?va`XaX$ z7why09Ni=D?(Xgah&mxIPDvltU!)RO@E+o{$&q2+!0gfkA4X(7!6quB)z`mG@tyD`$+#|o4jT5a{Xl<;)I;cU3C77nK0KK*gaU>q7tl9R%WejsVG$RpL zkZuqe*VQ*NiZ?<_GD*YF1(Em64 z6{>G-XlPhr9{e;rJ79H?`m^FJWX3e0)lV!XCFM)Cg6)IJ6|nmR4~%F8+2>C>lk#r!vSXT5xURM&vq5|G3;|NUDqb+M@lfL9|~mqC-?GBgN{ zjE;Wy_H8-M`9o#)=_b!&mqmXn8k)zww)P-KJV<;KHuR%!FK^?!fm70-#Bu@N6L^~@ z1X{qbnV*rd{_9sOgb)VF@9lX-goO_e4u(fZ<^1;+1MOTN@;9KzX(wH=u(qM$ zfv2Z}L+ZYtjCu)lR=W4{^6@DQ{05y`fW>$jVkTo_<5b{tRx(CW4uXLJ!6)N`MmAa| z=odYKXt?YZM1nwhScsKBsz$^cHpR%um@E}~E@lYj=NC4m<_AYOyO)BBZN?zsu zRruch_2uPa8oIa+Nc&+u`n-j9ppI$5E$O7$hWQwfMT3}&iIGwE;>^3}I&bLS3V~wf zS1hHS*AV6d*cw_Tsi~;SG+kY$oXje4xWEt&4i6g$O-w{Sdc@HcK@MlE*?axwgj24J z|1IGR9xkqO93x9hI50kBWJwUX!jZp(?WbzJG1`G#Da=6UFyH2PptH*fDenl-0WQ94 zL7gBMB!gi6b+ol#R#)eVISfMdVes3<1$Z+_%c-cTga7{i0^vBiTeWr*@`7+LU{qiJ zHChCqJ+vNvT!8fIx!;FgaC?obOgi`Qf&1z9ix67!LN?q(^RTe9vmikGyA_$CwFHCI z1EdMW;^4<~aBvt7X(Dg3$tXHPI2rRE_y<#Tbae8s2m0KL(qjQqm}w8*))IRf zy60okp?Nxol}xU}Y3#W*Z~4?*Os7Alloy;m8DosE6;nyRl`J3b5Jg zh~~K{-b2ek0Xss8SIv!zmbPEq0Q(Y~QI1@wEI*tI8;B+$mqU}BjlrD9hT6X|$&>$5q!7^oI!yr91%Jt*@Y85M#H!ap zP0Gnxp>G07qNAXIiN%u^mZvt0==-;*5?xwboBU5KdPVl%aPt2I5j`(NL~DV0XdZ?k z3j^{QFetVnDjaJ?udu4Bs;o@i&_Gw$%h^Yab_^?x7F#I%@3-4@ zNB;yT8K%2J-qu{;>eWmp=;uz)%6iX_VLyf?<{Wudh3C0)Ys5O3PU<{s2L}hgLAIT) zaW~KvEI~VA?d@`TbG!;C0HfTw50vM5S6z+l?Kx)%N72G=C$#5GC{)0-GR?g?9DhB5 zysYjE)zPlfbc#Zu|zVF*XG=q`?#Cq9ADOI$49W4Q<4FKstI3RTGbU zlT@_%P)dN$&9 zJ;VWEj;$aYGVUXPZrhS6=-&rcLOT-4wNqDGaycV+uVG4rmm0z(djH7=04xX z^zk!9d{K&Qmfez1dvE;PgfvxWrzd&m6X(5q+dvoqGrFM*3>X5STbO|-2O1UYU%m3a ze?J#x6JArZoya83eKR*k8|4c4>JKoVJG%R4)&pha1!D^_l7F$qWiXX*j5;q1v@qCg zn_bGYFnxjVA38g2z;^lZFKrU)eEc!~!pXrw!3#-8EMeOd1L@MD9nd;ZYlK_~gkp?& zeGpXl=+o-#u|RtmsC7x~nI=z;0A&Yt(%;|`F|e>CVcgxAC@-UAW=7E>IIW z1Z$oz8_d9y#|vzql9f?7?SBt%3lbu*CVE_%54##S5&n7@RWfI>E57WgQy`F2gcoOeSz~i)8j{grg`FS^cUPtW+1a7HMpJMZ{aYMqZ zi;|hJXZ+IQ1awyKRP}K~VO7DmEFKq%m2Kyzu00;#iJ~NL*lm{;lV6G17tcNW*bf9Q z#3a0^mVl#QGyO)3DskSQ^k3Z6&XYL-3xxl&K(xikQ}G?tyjqlPN+El*;BW?c`MWcX zBsIUl@lWjz*QI6lG|Ns&f$9o51B0ehvGU*W3{0$YNbxQ{CoJmn784O6OQE5hf@%ry zDuBR&8)j}GAA~D}ZZqFm?Do6+YP6aaHF0!spuB>(p`e04QXuL_s^cahA(5MGQwcNL zx4=ooA2E@qfggJMSmK+T9_i78etAj;aGD}JYS}EgCHEsPT&xJ7f>4ZBPuIZ_8DYwO zzeFvZrs-+)6PhFSjSn#+fY1ZvP4B~(FB0tR>?jnH=WW@;r{mBMtAz<=B0tP!>O@MD z+%TB^t!R;{cI(!yG1i|^tQ$n%F%@n>701AUDlY-Lbk=Y4_CNgviCsw5NV=ol&yjaX zRBvA&R2LTB$GS+?gy-7Y+WG)M+vzvR))>{urvmvY($Pg|#X%Tiys*`!nq1OI%-*4I z>?)suOyzV`lV9F47sdmHdw%Z=f(;^CcXD4G4HGOST}kao?qs*zAHZmFHhl&Khun>d zW@T-Ih?Sj~3|@hrR46}m-VDK28a|40_UNy_V zEh-lL%tEaN?p8}dLC4u(K3A;@mGTy!!OE2f=SoP-tYOa=X@l7kvT*5Pd_@dYoK=_*lhqc|H*L`&&_}w5jRshD7if1& kc^Tbt4jzZ1i_1CL*#qj*DH@}@81SQ^a#Oil(K`IU0U%r_O8@`> literal 0 HcmV?d00001 From 570c0cf9cd0d0ff24145ac9e9c6164e92e0d3b90 Mon Sep 17 00:00:00 2001 From: Brian Lich Date: Mon, 25 Apr 2016 11:31:44 -0700 Subject: [PATCH 013/111] adding text about default telemetry level in OOBE --- windows/manage/disconnect-your-organization-from-microsoft.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/manage/disconnect-your-organization-from-microsoft.md b/windows/manage/disconnect-your-organization-from-microsoft.md index 3ef46d052e..5bfad5466a 100644 --- a/windows/manage/disconnect-your-organization-from-microsoft.md +++ b/windows/manage/disconnect-your-organization-from-microsoft.md @@ -1549,7 +1549,7 @@ You can set your organization's devices to use 1 of 4 telemetry levels: - [Full](#bkmk-utc-full) -For more info about these telemetry levels, see [Telemetry levels](#bkmk-telemetrylevels). In Windows 10 Enterprise, Windows 10 Education, and IoT Core, the default telemetry level is [Enhanced](#bkmk-utc-enhanced). +For more info about these telemetry levels, see [Telemetry levels](#bkmk-telemetrylevels). If you choose Express settings during installation, your device is configured for the Full telemetry level. In Windows 10 Enterprise, Windows 10 Education, and Windows 10 IoT Core, unattended installations configure your device for the Enhanced telemetry level. **Important**   These telemetry levels only apply to Windows components and apps that use the Connected User Experience and Telemetry component. Non-Windows components, such as Microsoft Office or other 3rd-party apps, may communicate with their cloud services outside of these telemetry levels. App publishers must let people know about how they use their telemetry, ways to opt in or opt out, and they must separately document their privacy policies. From f1d2847adb8f6c223cb58960a191305cded4a172 Mon Sep 17 00:00:00 2001 From: Trudy Hakala Date: Mon, 25 Apr 2016 13:05:21 -0700 Subject: [PATCH 014/111] changes for paid apps --- .../manage/settings-reference-windows-store-for-business.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/windows/manage/settings-reference-windows-store-for-business.md b/windows/manage/settings-reference-windows-store-for-business.md index 35d9b8a61c..2dcd225e5d 100644 --- a/windows/manage/settings-reference-windows-store-for-business.md +++ b/windows/manage/settings-reference-windows-store-for-business.md @@ -5,7 +5,6 @@ ms.assetid: 34F7FA2B-B848-454B-AC00-ECA49D87B678 ms.prod: W10 ms.mktglfcycl: manage ms.sitesec: library -author: TrudyHa --- # Settings reference: Windows Store for Business @@ -21,11 +20,10 @@ The Windows Store for Business has a group of settings that admins use to manage | | | |----------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | Setting | Description | -| Account information | Provides info on these configured settings for your Store for Business account . These settings include: country or region, default domain, organization name, and language preference. You can make updates to these settings with Office 365 or Azure management portals. For more information, see [Manage settings for the Windows Store for Business](manage-settings-windows-store-for-business.md). | +| Account information | Manage organization and payment option information. For more information, see [Manage settings for the Windows Store for Business](manage-settings-windows-store-for-business.md).

Configure whether or not to make offline-licensed apps available in the Store for Business. For more information, see [Distribute offline apps](distribute-offline-apps).| | Device Guard signing | Use the Device Guard signing portal to add unsigned apps to a code integrity policy, or to sign code integrity policies. For more information, see [Device Guard signing portal](device-guard-signing-portal.md). | | LOB publishers | Invite devs to become LOB publishers for your organization. Existing LOB publishers are listed on the page, and you can deactivate or invite them again. For more information, see [Work with line-of-business apps](working-with-line-of-business-apps.md). | | Management tools | Management tools that are synced with Azure AD are listed on this page. You can choose one to use for managing app updates and distribution. For more information, see [Configure MDM provider](configure-mdm-provider-windows-store-for-business.md). | -| Offline licensing | Configure whether or not to make offline-licensed apps available in the Store for Business. For more information, see [Distribute offline apps](distribute-offline-apps.md). | | Permissions | Manage permissions for your employees. For more information, see [Roles and permissions in the Windows Store for Business](roles-and-permissions-windows-store-for-business.md). | | Private store | Update the name for your private store. The new name will be displayed on a tab in the Store. For more information, see [Manage private store settings](manage-private-store-settings.md). | From 4b78bfec150d26c2f8142c6d9c54ddcafb0cdca3 Mon Sep 17 00:00:00 2001 From: Trudy Hakala Date: Mon, 25 Apr 2016 13:29:56 -0700 Subject: [PATCH 015/111] fixed error --- windows/manage/settings-reference-windows-store-for-business.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/manage/settings-reference-windows-store-for-business.md b/windows/manage/settings-reference-windows-store-for-business.md index 2dcd225e5d..48f59c5857 100644 --- a/windows/manage/settings-reference-windows-store-for-business.md +++ b/windows/manage/settings-reference-windows-store-for-business.md @@ -20,7 +20,7 @@ The Windows Store for Business has a group of settings that admins use to manage | | | |----------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| | Setting | Description | -| Account information | Manage organization and payment option information. For more information, see [Manage settings for the Windows Store for Business](manage-settings-windows-store-for-business.md).

Configure whether or not to make offline-licensed apps available in the Store for Business. For more information, see [Distribute offline apps](distribute-offline-apps).| +| Account information | Manage organization and payment option information. For more information, see [Manage settings for the Windows Store for Business](manage-settings-windows-store-for-business.md).

Configure whether or not to make offline-licensed apps available in the Store for Business. For more information, see [Distribute offline apps](distribute-offline-apps.md).| | Device Guard signing | Use the Device Guard signing portal to add unsigned apps to a code integrity policy, or to sign code integrity policies. For more information, see [Device Guard signing portal](device-guard-signing-portal.md). | | LOB publishers | Invite devs to become LOB publishers for your organization. Existing LOB publishers are listed on the page, and you can deactivate or invite them again. For more information, see [Work with line-of-business apps](working-with-line-of-business-apps.md). | | Management tools | Management tools that are synced with Azure AD are listed on this page. You can choose one to use for managing app updates and distribution. For more information, see [Configure MDM provider](configure-mdm-provider-windows-store-for-business.md). | From 35e9a7dce32560547a48d585665055d0358d1f0d Mon Sep 17 00:00:00 2001 From: Trudy Hakala Date: Mon, 25 Apr 2016 16:06:51 -0700 Subject: [PATCH 016/111] adding new topic --- ...ge-inventory-windows-store-for-business.md | 45 +++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 windows/manage/manage-inventory-windows-store-for-business.md diff --git a/windows/manage/manage-inventory-windows-store-for-business.md b/windows/manage/manage-inventory-windows-store-for-business.md new file mode 100644 index 0000000000..d81de7df6f --- /dev/null +++ b/windows/manage/manage-inventory-windows-store-for-business.md @@ -0,0 +1,45 @@ +--- +title: Manage inventory in Windows Store for Business (Windows 10) +description: When you acquire apps from the Windows Store for Business, we add them to the Inventory for your organization. Once an app is part of your inventory, you can distribute the app, and manage licenses. +ms.prod: W10 +ms.mktglfcycl: manage +ms.sitesec: library +--- + +# Manage inventory in Window Store for Business +When you acquire apps from the Windows Store for Business, we add them to the inventory for your organization. Once an app is part of your inventory, you can distribute the app, and manage licenses. + +## Distribute apps +You can assign apps to people, or you can make apps available in your private store. Once an app is in your private store, people in your org can install the app on their devices. For more information, see [Distribute apps using your private store](distribute-apps-from-your-private-store.md). + +**To make an app in inventory available in your private store** + +1. Sign in to the [Store for Business](http://businessstore.microsoft.com). +2. Click **Manage**, and then choose **Inventory**. +3. Click **Refine**, and then choose **Online**. Store for Business will update the list of apps on the **Inventory** page. +4. From an app in **Inventory**, click the ellipses under **Action**, and then choose **Add to private store**. + +The value under Private store for the app will change to pending. It will take approximately twelve hours before the app is available in the private store. + +Employees can claim apps that admins added to the private store by doing the following. + +**To claim an app from the private store** + +1. Sign in to your computer with your Azure Active Directory (AD) credentials, and start the Windows Store app. +2. Click the private store tab. +3. Click the app you want to install, and then click **Install**. + +Another way to distribute apps is by assigning them to people in your organization. + +**To assign an app to an employee** + +1. Sign in to Windows Store for Business. +2. Click **Manage**, and then choose **Inventory**. +3. Find an app, click the ellipses under **Action**, and then choose **Assign to people**. +4. Type the email address for the employee that you're assigning the app to, and click **Confirm**. + +Employees will receive an email with a link that will install the app on their device. Click the link to start the Windows Store app, and then click **Install**. Also, in the Windows Store app, they can find the app under **MyLibrary**. + +## Manage licenses +For apps in inventory, when you assign an app to an employee, a license for the app is assigned to them. You can manage these licenses, either by assigning them, or reclaiming them so you can assign them to another employee. + From 2b037a6363d55cbcc0eeaf8c5a4d08760cfecefa Mon Sep 17 00:00:00 2001 From: Brian Lich Date: Tue, 26 Apr 2016 09:25:23 -0700 Subject: [PATCH 017/111] Adding bug# 7333625 and tech review feedback --- ...onfigure-telemetry-in-your-organization.md | 6 +- ...onnect-your-organization-from-microsoft.md | 232 +++++++++--------- windows/manage/images/settings-table.png | Bin 16920 -> 70908 bytes 3 files changed, 124 insertions(+), 114 deletions(-) diff --git a/windows/manage/configure-telemetry-in-your-organization.md b/windows/manage/configure-telemetry-in-your-organization.md index 30c5e247ea..ace5305f29 100644 --- a/windows/manage/configure-telemetry-in-your-organization.md +++ b/windows/manage/configure-telemetry-in-your-organization.md @@ -55,11 +55,11 @@ The Connected User Experience and Telemetry component also connects to settings- ### Data usage -Data gathered from telemetry is used by Microsoft teams primarily to improve our customer experiences, and for security, health, quality, and performance analysis. Microsoft does not share personal data of our customers with third parties, except at the customer’s discretion or for the limited purposes described in the Privacy Statement. We do share business reports with OEMs and third party partners that includes aggregated, anonymized telemetry information. Data-sharing decisions are made by an internal team including privacy, legal, and data management. +Data gathered from telemetry is used by Microsoft teams primarily to improve our customer experiences, and for security, health, quality, and performance analysis. Microsoft does not share personal data of our customers with third parties, except at the customer’s discretion or for the limited purposes described in the Privacy Statement. We do share business reports with OEMs and third party partners that includes aggregated, anonymized telemetry information. Data-sharing decisions are made by an internal team including privacy, legal, and data management. Info is typically gathered at a fractional sampling rate, which can be as low as 1% of clients reporting data. ### Retention -Microsoft believes in and practices information minimization. We strive to gather only the info we need, and store it for as long as it’s needed to provide a service or for analysis. Much of the info about how Windows and apps are functioning is deleted within 30 days. Other info may be retained longer, such as error reporting data or Store purchase history. Info is typically gathered at a fractional sampling rate, which can be as low as 1% of clients reporting data. +Microsoft believes in and practices information minimization. We strive to gather only the info we need, and store it for as long as it’s needed to provide a service or for analysis. Much of the info about how Windows and apps are functioning is deleted within 30 days. Other info may be retained longer, such as error reporting data or Store purchase history. ## How is the data gathered? @@ -288,7 +288,7 @@ There are a few more settings that you can turn off that may send telemetry info ## Examples of how Microsoft uses the telemetry data -### Drive higher apps and driver quality in the ecosystem +### Drive higher application and driver quality in the ecosystem Telemetry plays an important role in quickly identifying and fixing critical reliability and security issues in our customers’ deployments and configurations. Insights into the telemetry data we gather helps us to quickly identify crashes or hangs associated with a certain application or driver on a given configuration, like a particular storage type (for example, SCSI) or a memory size. For System Center, job usages and statuses can also help us enhance the job workload and the communication between System Center and its managed products. Microsoft’s ability to get this data from customers and drive improvements into the ecosystem helps raise the bar for the quality of System Center, Windows Server applications, Windows apps, and drivers. Real-time data about Windows installations reduces downtime and the cost associated with troubleshooting unreliable drivers or unstable applications diff --git a/windows/manage/disconnect-your-organization-from-microsoft.md b/windows/manage/disconnect-your-organization-from-microsoft.md index 1b08b376bb..6159d95499 100644 --- a/windows/manage/disconnect-your-organization-from-microsoft.md +++ b/windows/manage/disconnect-your-organization-from-microsoft.md @@ -53,83 +53,85 @@ Here's what's covered in this article: - [6.2 ActiveX control blocking](#bkmk-ie-activex) - - [7. Mail synchronization](#bkmk-mailsync) + - [7. Live Tiles](#live-tiles) + + - [8. Mail synchronization](#bkmk-mailsync) - - [8. Microsoft Edge](#bkmk-edge) + - [9. Microsoft Edge](#bkmk-edge) - - [8.1 Microsoft Edge Group Policies](#bkmk-edgegp) + - [9.1 Microsoft Edge Group Policies](#bkmk-edgegp) - - [8.2 Microsoft Edge MDM policies](#bkmk-edge-mdm) + - [9.2 Microsoft Edge MDM policies](#bkmk-edge-mdm) - - [8.3 Microsoft Edge Windows Provisioning](#bkmk-edge-prov) + - [9.3 Microsoft Edge Windows Provisioning](#bkmk-edge-prov) - - [9. Network Connection Status Indicator](#bkmk-ncsi) + - [10. Network Connection Status Indicator](#bkmk-ncsi) - - [10. Offline maps](#bkmk-offlinemaps) + - [11. Offline maps](#bkmk-offlinemaps) - - [11. OneDrive](#bkmk-onedrive) + - [12. OneDrive](#bkmk-onedrive) - - [12. Preinstalled apps](#bkmk-preinstalledapps) + - [13. Preinstalled apps](#bkmk-preinstalledapps) - - [13. Settings > Privacy](#bkmk-settingssection) + - [14. Settings > Privacy](#bkmk-settingssection) - - [13.1 General](#bkmk-priv-general) + - [14.1 General](#bkmk-priv-general) - - [13.2 Location](#bkmk-priv-location) + - [14.2 Location](#bkmk-priv-location) - - [13.3 Camera](#bkmk-priv-camera) + - [14.3 Camera](#bkmk-priv-camera) - - [13.4 Microphone](#bkmk-priv-microphone) + - [14.4 Microphone](#bkmk-priv-microphone) - - [13.5 Speech, inking, & typing](#bkmk-priv-speech) + - [14.5 Speech, inking, & typing](#bkmk-priv-speech) - - [13.6 Account info](#bkmk-priv-accounts) + - [14.6 Account info](#bkmk-priv-accounts) - - [13.7 Contacts](#bkmk-priv-contacts) + - [14.7 Contacts](#bkmk-priv-contacts) - - [13.8 Calendar](#bkmk-priv-calendar) + - [14.8 Calendar](#bkmk-priv-calendar) - - [13.9 Call history](#bkmk-priv-callhistory) + - [14.9 Call history](#bkmk-priv-callhistory) - - [13.10 Email](#bkmk-priv-email) + - [14.10 Email](#bkmk-priv-email) - - [13.11 Messaging](#bkmk-priv-messaging) + - [14.11 Messaging](#bkmk-priv-messaging) - - [13.12 Radios](#bkmk-priv-radios) + - [14.12 Radios](#bkmk-priv-radios) - - [13.13 Other devices](#bkmk-priv-other-devices) + - [14.13 Other devices](#bkmk-priv-other-devices) - - [13.14 Feedback & diagnostics](#bkmk-priv-feedback) + - [14.14 Feedback & diagnostics](#bkmk-priv-feedback) - - [13.15 Background apps](#bkmk-priv-background) + - [14.15 Background apps](#bkmk-priv-background) - - [14. Software Protection Platform](#bkmk-spp) + - [15. Software Protection Platform](#bkmk-spp) - - [15. Sync your settings](#bkmk-syncsettings) + - [16. Sync your settings](#bkmk-syncsettings) - - [16. Teredo](#bkmk-teredo) + - [17. Teredo](#bkmk-teredo) - - [17. Wi-Fi Sense](#bkmk-wifisense) + - [18. Wi-Fi Sense](#bkmk-wifisense) - - [18. Windows Defender](#bkmk-defender) + - [19. Windows Defender](#bkmk-defender) - - [19. Windows Media Player](#bkmk-wmp) + - [20. Windows Media Player](#bkmk-wmp) - - [20. Windows spotlight](#bkmk-spotlight) + - [21. Windows spotlight](#bkmk-spotlight) - - [21. Windows Store](#bkmk-windowsstore) + - [22. Windows Store](#bkmk-windowsstore) - - [22. Windows Update Delivery Optimization](#bkmk-updates) + - [23. Windows Update Delivery Optimization](#bkmk-updates) - - [22.1 Settings > Update & security](#bkmk-wudo-ui) + - [23.1 Settings > Update & security](#bkmk-wudo-ui) - - [22.2 Delivery Optimization Group Policies](#bkmk-wudo-gp) + - [23.2 Delivery Optimization Group Policies](#bkmk-wudo-gp) - - [22.3 Delivery Optimization MDM policies](#bkmk-wudo-mdm) + - [23.3 Delivery Optimization MDM policies](#bkmk-wudo-mdm) - - [22.4 Delivery Optimization Windows Provisioning](#bkmk-wudo-prov) + - [23.4 Delivery Optimization Windows Provisioning](#bkmk-wudo-prov) - - [23. Windows Update](#bkmk-wu) + - [24. Windows Update](#bkmk-wu) ## What's new in Windows 10, version 1511 @@ -203,43 +205,45 @@ The settings in this section assume you are using Windows 10, version 1511 (cur - [6. Internet Explorer](#bkmk-ie) -- [7. Mail synchronization](#bkmk-mailsync) +- [7. Live Tiles](#live-tiles) -- [8. Microsoft Edge](#bkmk-edge) +- [8. Mail synchronization](#bkmk-mailsync) -- [9. Network Connection Status Indicator](#bkmk-ncsi) +- [9. Microsoft Edge](#bkmk-edge) -- [10. Offline maps](#bkmk-offlinemaps) +- [10. Network Connection Status Indicator](#bkmk-ncsi) -- [11. OneDrive](#bkmk-onedrive) +- [11. Offline maps](#bkmk-offlinemaps) -- [12. Preinstalled apps](#bkmk-preinstalledapps) +- [12. OneDrive](#bkmk-onedrive) -- [13. Settings > Privacy](#bkmk-settingssection) +- [13. Preinstalled apps](#bkmk-preinstalledapps) -- [14. Software Protection Platform](#bkmk-spp) +- [14. Settings > Privacy](#bkmk-settingssection) -- [15. Sync your settings](#bkmk-syncsettings) +- [15. Software Protection Platform](#bkmk-spp) -- [16. Teredo](#bkmk-teredo) +- [16. Sync your settings](#bkmk-syncsettings) -- [17. Wi-Fi Sense](#bkmk-wifisense) +- [17. Teredo](#bkmk-teredo) -- [18. Windows Defender](#bkmk-defender) +- [18. Wi-Fi Sense](#bkmk-wifisense) -- [19. Windows Media Player](#bkmk-wmp) +- [19. Windows Defender](#bkmk-defender) -- [20. Windows spotlight](#bkmk-spotlight) +- [20. Windows Media Player](#bkmk-wmp) -- [21. Windows Store](#bkmk-windowsstore) +- [21. Windows spotlight](#bkmk-spotlight) -- [22. Windows Update](#bkmk-wu) +- [22. Windows Store](#bkmk-windowsstore) -- [23. Windows Update Delivery Optimization](#bkmk-updates) +- [23. Windows Update](#bkmk-wu) + +- [24. Windows Update Delivery Optimization](#bkmk-updates) See the following table for a summary of the management settings. For more info, see its corresponding section. -![](images/settings-table.png) +![Management settings table](images/settings-table.png) ### 1. Cortana @@ -374,7 +378,13 @@ ActiveX control blocking periodically downloads a new list of out-of-date Active For more info, see [Out-of-date ActiveX control blocking](http://technet.microsoft.com/library/dn761713.aspx). -### 7. Mail synchronization +### 7. Live Tiles + +To turn off Live Tiles: + +- Apply the Group Policy: **User Configuration** > **Administrative Templates** > **Start Menu and Taskbar** > **Notifications** > **Turn Off notifications network usage** + +### 8. Mail synchronization To turn off mail synchronization for Microsoft Accounts that are configured on a device: @@ -392,11 +402,11 @@ To turn off the Windows Mail app: - Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Windows Mail** > **Turn off Windows Mail application** -### 8. Microsoft Edge +### 9. Microsoft Edge Use either Group Policy or MDM policies to manage settings for Microsoft Edge. For more info, see [Microsoft Edge and privacy: FAQ](http://go.microsoft.com/fwlink/p/?LinkId=730682). -### 8.1 Microsoft Edge Group Policies +### 9.1 Microsoft Edge Group Policies Find the Microsoft Edge Group Policy objects under **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Microsoft Edge**. @@ -413,7 +423,7 @@ The Microsoft Edge Group Policy names were changed in Windows 10, version 1511. | Open a new tab with an empty tab | Choose whether a new tab page appears.
Default: Enabled | | Configure corporate Home pages | Choose the corporate Home page for domain-joined devices.
Set this to **about:blank** | -### 8.2 Microsoft Edge MDM policies +### 9.2 Microsoft Edge MDM policies The following Microsoft Edge MDM policies are available in the [Policy CSP](http://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). @@ -425,13 +435,13 @@ The following Microsoft Edge MDM policies are available in the [Policy CSP](http | Browser/AllowSearchSuggestionsinAddressBar | Choose whether the address bar shows search suggestions..
Default: Allowed | | Browser/AllowSmartScreen | Choose whether SmartScreen is turned on or off.
Default: Allowed | -### 8.3 Microsoft Edge Windows Provisioning +### 9.3 Microsoft Edge Windows Provisioning Use Windows ICD to create a provisioning package with the settings for these policies, go to **Runtime settings** > **Policies**. For a complete list of the Microsoft Edge policies, see [Available policies for Microsoft Edge](http://technet.microsoft.com/library/mt270204.aspx). -### 9. Network Connection Status Indicator +### 10. Network Connection Status Indicator Network Connection Status Indicator (NCSI) detects Internet connectivity and corporate network connectivity status. NCSI sends a DNS request and HTTP query to http://www.msftncsi.com to determine if the device can communicate with the Internet. For more info about NCIS, see [The Network Connection Status Icon](http://blogs.technet.com/b/networking/archive/2012/12/20/the-network-connection-status-icon.aspx). @@ -439,7 +449,7 @@ You can turn off NCSI through Group Policy: - Enable the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **Internet Communication Management** > **Internet Communication Settings** > **Turn off Windows Network Connectivity Status Indicator active tests** -### 10. Offline maps +### 11. Offline maps You can turn off the ability to download and update offline maps. @@ -449,13 +459,13 @@ You can turn off the ability to download and update offline maps. - Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Maps** > **Turn off Automatic Download and Update of Map Data** -### 11. OneDrive +### 12. OneDrive To turn off OneDrive in your organization: - Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **OneDrive** > **Prevent the usage of OneDrive for file storage** -### 12. Preinstalled apps +### 13. Preinstalled apps Some preinstalled apps get content before they are opened to ensure a great experience. You can remove these using the steps in this section. @@ -567,41 +577,41 @@ To remove the Get Skype app: Remove the app for the current user. From an elevated command prompt, run the following Windows PowerShell command: **Get-AppxPackage Microsoft.SkypeApp | Remove-AppxPackage** -### 13. Settings > Privacy +### 14. Settings > Privacy Use Settings > Privacy to configure some settings that may be important to your organization. Except for the Feedback & Diagnostics page, these settings must be configured for every user account that signs into the PC. -- [13.1 General](#bkmk-general) +- [14.1 General](#bkmk-general) -- [13.2 Location](#bkmk-priv-location) +- [14.2 Location](#bkmk-priv-location) -- [13.3 Camera](#bkmk-priv-camera) +- [14.3 Camera](#bkmk-priv-camera) -- [13.4 Microphone](#bkmk-priv-microphone) +- [14.4 Microphone](#bkmk-priv-microphone) -- [13.5 Speech, inking, & typing](#bkmk-priv-speech) +- [14.5 Speech, inking, & typing](#bkmk-priv-speech) -- [13.6 Account info](#bkmk-priv-accounts) +- [14.6 Account info](#bkmk-priv-accounts) -- [13.7 Contacts](#bkmk-priv-contacts) +- [14.7 Contacts](#bkmk-priv-contacts) -- [13.8 Calendar](#bkmk-priv-calendar) +- [14.8 Calendar](#bkmk-priv-calendar) -- [13.9 Call history](#bkmk-priv-callhistory) +- [14.9 Call history](#bkmk-priv-callhistory) -- [13.10 Email](#bkmk-priv-email) +- [14.10 Email](#bkmk-priv-email) -- [13.11 Messaging](#bkmk-priv-messaging) +- [14.11 Messaging](#bkmk-priv-messaging) -- [13.12 Radios](#bkmk-priv-radios) +- [14.12 Radios](#bkmk-priv-radios) -- [13.13 Other devices](#bkmk-priv-other-devices) +- [14.13 Other devices](#bkmk-priv-other-devices) -- [13.14 Feedback & diagnostics](#bkmk-priv-feedback) +- [14.14 Feedback & diagnostics](#bkmk-priv-feedback) -- [13.15 Background apps](#bkmk-priv-background) +- [14.15 Background apps](#bkmk-priv-background) -### 13.1 General +### 14.1 General **General** includes options that don't fall into other areas. @@ -673,7 +683,7 @@ To turn off **Let websites provide locally relevant content by accessing my lang - Create a new REG\_DWORD registry setting called **HttpAcceptLanguageOptOut** in **HKEY\_CURRENT\_USER\\Control Panel\\International\\User Profile**, with a value of 1. -### 13.2 Location +### 14.2 Location In the **Location** area, you choose whether devices have access to location-specific sensors and which apps have access to the device's location. @@ -724,7 +734,7 @@ To turn off **Choose apps that can use your location**: - Turn off each app using the UI. -### 13.3 Camera +### 14.3 Camera In the **Camera** area, you can choose which apps can access a device's camera. @@ -761,7 +771,7 @@ To turn off **Choose apps that can use your camera**: - Turn off the feature in the UI for each app. -### 13.4 Microphone +### 14.4 Microphone In the **Microphone** area, you can choose which apps can access a device's microphone. @@ -779,7 +789,7 @@ To turn off **Choose apps that can use your microphone**: - Turn off the feature in the UI for each app. -### 13.5 Speech, inking, & typing +### 14.5 Speech, inking, & typing In the **Speech, Inking, & Typing** area, you can let Windows and Cortana better understand your employee's voice and written input by sampling their voice and writing, and by comparing verbal and written input to contact names and calendar entrees. @@ -804,7 +814,7 @@ To turn off the functionality: Create a REG\_DWORD registry setting called **HarvestContacts** in **HKEY\_CURRENT\_USER\\SOFTWARE\\Microsoft\\InputPersonalization\\TrainedDataStore**, with a value of 0 (zero). -### 13.6 Account info +### 14.6 Account info In the **Account Info** area, you can choose which apps can access your name, picture, and other account info. @@ -822,7 +832,7 @@ To turn off **Choose the apps that can access your account info**: - Turn off the feature in the UI for each app. -### 13.7 Contacts +### 14.7 Contacts In the **Contacts** area, you can choose which apps can access an employee's contacts list. @@ -836,7 +846,7 @@ To turn off **Choose apps that can access contacts**: - Set the **Select a setting** box to **Force Deny**. -### 13.8 Calendar +### 14.8 Calendar In the **Calendar** area, you can choose which apps have access to an employee's calendar. @@ -854,7 +864,7 @@ To turn off **Choose apps that can access calendar**: - Turn off the feature in the UI for each app. -### 13.9 Call history +### 14.9 Call history In the **Call history** area, you can choose which apps have access to an employee's call history. @@ -868,7 +878,7 @@ To turn off **Let apps access my call history**: - Set the **Select a setting** box to **Force Deny**. -### 13.10 Email +### 14.10 Email In the **Email** area, you can choose which apps have can access and send email. @@ -882,7 +892,7 @@ To turn off **Let apps access and send email**: - Set the **Select a setting** box to **Force Deny**. -### 13.11 Messaging +### 14.11 Messaging In the **Messaging** area, you can choose which apps can read or send messages. @@ -900,7 +910,7 @@ To turn off **Choose apps that can read or send messages**: - Turn off the feature in the UI for each app. -### 13.12 Radios +### 14.12 Radios In the **Radios** area, you can choose which apps can turn a device's radio on or off. @@ -918,7 +928,7 @@ To turn off **Choose apps that can control radios**: - Turn off the feature in the UI for each app. -### 13.13 Other devices +### 14.13 Other devices In the **Other Devices** area, you can choose whether devices that aren't paired to PCs, such as an Xbox One, can share and sync info. @@ -936,7 +946,7 @@ To turn off **Let your apps use your trusted devices (hardware you've already co - Set the **Select a setting** box to **Force Deny**. -### 13.14 Feedback & diagnostics +### 14.14 Feedback & diagnostics In the **Feedback & Diagnostics** area, you can choose how often you're asked for feedback and how much diagnostic and usage information is sent to Microsoft. @@ -1010,7 +1020,7 @@ To change the level of diagnostic and usage data sent when you **Send your devic - **3**. Maps to the **Full** level. -### 13.15 Background apps +### 14.15 Background apps In the **Background Apps** area, you can choose which apps can run in the background. @@ -1018,7 +1028,7 @@ To turn off **Let apps run in the background**: - Turn off the feature in the UI for each app. -### 14. Software Protection Platform +### 15. Software Protection Platform Enterprise customers can manage their Windows activation status with volume licensing using an on-premise Key Management Server. You can opt out of sending KMS client activation data to Microsoft automatically by applying the following Group Policy: @@ -1026,7 +1036,7 @@ Enterprise customers can manage their Windows activation status with volume lice The Windows activation status will be valid for a rolling period of 180 days with weekly activation status checks to the KMS. -### 15. Sync your settings +### 16. Sync your settings You can control if your settings are synchronized: @@ -1052,13 +1062,13 @@ To turn off Messaging cloud sync: - Create a REG\_DWORD registry setting called **CloudServiceSyncEnabled** in **HKEY\_CURRENT\_USER\\SOFTWARE\\Microsoft\\Messaging**, with a value of 0 (zero). -### 16. Teredo +### 17. Teredo You can disable Teredo by using the netsh.exe command. For more info on Teredo, see [Internet Protocol Version 6, Teredo, and Related Technologies](http://technet.microsoft.com/library/cc722030.aspx). - From an elevated command prompt, run **netsh interface teredo set state disabled** -### 17. Wi-Fi Sense +### 18. Wi-Fi Sense Wi-Fi Sense automatically connects devices to known hotspots and to the wireless networks the person’s contacts have shared with them. @@ -1084,7 +1094,7 @@ To turn off **Connect to suggested open hotspots** and **Connect to networks sha When turned off, the Wi-Fi Sense settings still appear on the Wi-Fi Settings screen, but they’re non-functional and they can’t be controlled by the employee. -### 18. Windows Defender +### 19. Windows Defender You can opt of the Microsoft Antimalware Protection Service. @@ -1128,7 +1138,7 @@ You can stop downloading definition updates: You can also use the registry to turn off Malicious Software Reporting Tool telemetry by setting the REG\_DWORD value **HKEY\_LOCAL\_MACHINE\\Software\\Policies\\Microsoft\\MRT\\DontReportInfectionInformation** to 1. -### 19. Windows Media Player +### 20. Windows Media Player To remove Windows Media Player: @@ -1138,7 +1148,7 @@ To remove Windows Media Player: - Run the following DISM command from an elevated command prompt: **dism /online /Disable-Feature /FeatureName:WindowsMediaPlayer** -### 20. Windows spotlight +### 21. Windows spotlight Windows spotlight provides different background images and text on the lock screen. You can control it by using the user interface or through Group Policy. @@ -1169,13 +1179,13 @@ Windows spotlight provides different background images and text on the lock scre For more info, see [Windows spotlight on the lock screen](../whats-new/windows-spotlight.md). -### 21. Windows Store +### 22. Windows Store You can turn off the ability to launch apps from the Windows Store that were preinstalled or downloaded. This will also turn off automatic app updates, and the Windows Store will be disabled. - Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Store** > **Disable all apps from Windows Store**. -### 22. Windows Update Delivery Optimization +### 23. Windows Update Delivery Optimization Windows Update Delivery Optimization lets you get Windows updates and Windows Store apps from sources in addition to Microsoft, which not only helps when you have a limited or unreliable Internet connection, but can also help you reduce the amount of bandwidth needed to keep all of your organization's PCs up-to-date. If you have Delivery Optimization turned on, PCs on your network may send and receive updates and apps to other PCs on your local network, if you choose, or to PCs on the Internet. @@ -1183,13 +1193,13 @@ By default, PCs running Windows 10 Enterprise and Windows 10 Education will on Use the UI, Group Policy, MDM policies, or Windows Provisioning to set up Delivery Optimization. -### 22.1 Settings > Update & security +### 23.1 Settings > Update & security You can set up Delivery Optimization from the **Settings** UI. - Go to **Settings** > **Update & security** > **Windows Update** > **Advanced options** > **Choose how updates are delivered**. -### 22.2 Delivery Optimization Group Policies +### 23.2 Delivery Optimization Group Policies You can find the Delivery Optimization Group Policy objects under **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Delivery Optimization**. @@ -1201,7 +1211,7 @@ You can find the Delivery Optimization Group Policy objects under **Computer Con | Max Cache Size | Lets you specify the maximum cache size as a percentage of disk size.
The default value is 20, which represents 20% of the disk.| | Max Upload Bandwidth | Lets you specify the maximum upload bandwidth (in KB/second) that a device uses across all concurrent upload activity.
The default value is 0, which means unlimited possible bandwidth.| -### 22.3 Delivery Optimization MDM policies +### 23.3 Delivery Optimization MDM policies The following Delivery Optimization MDM policies are available in the [Policy CSP](http://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). @@ -1214,7 +1224,7 @@ The following Delivery Optimization MDM policies are available in the [Policy CS | DeliveryOptimization/DOMaxUploadBandwidth | Lets you specify the maximum upload bandwidth (in KB/second) that a device uses across all concurrent upload activity.
The default value is 0, which means unlimited possible bandwidth.| -### 22.4 Delivery Optimization Windows Provisioning +### 23.4 Delivery Optimization Windows Provisioning If you don't have an MDM server in your enterprise, you can use Windows Provisioning to configure the Delivery Optimization policies @@ -1230,7 +1240,7 @@ Use Windows ICD, included with the [Windows Assessment and Deployment Kit (Windo For more info about Delivery Optimization in general, see [Windows Update Delivery Optimization: FAQ](http://go.microsoft.com/fwlink/p/?LinkId=730684). -### 23. Windows Update +### 24. Windows Update You can turn off Windows Update by setting the following registry entries: diff --git a/windows/manage/images/settings-table.png b/windows/manage/images/settings-table.png index 1a4aff8def3cba2193a7136a295e3ff11b38089f..527d92d9b23c3efbd4c6d9083b60c520191b738d 100644 GIT binary patch literal 70908 zcmce;by$>Z*EWta${-C&cMT2FAT@MI3?U(c2uMgHT{0kzG$`FEA(B!O;sBBkBHbc` zfPi%UZeVY>KF{9Y^StkO{JuXp96aW}@9SRIy4G6fd9FpMhMEG-HS%j{XlOV}in5w$ zXy|&tk0kgq@INxx3sk^Amz*^fq|wUyD3^g>Ko(F{C>q+UD6AusE5PrV4vPBDXlS_Y zXFr$T+ZURlp`GR_$wIZ=jlLb9+7s)XoJJiMG!pspc2}xDaL7aMTvo=)lM1i?q=!w* zVe9A*f1)hdjpYh`%#>0*h~SzdS9}70qQUZmJx_x}!{*u*w)iU&nX(VUjSp7mw!Ur) zr;2|N_}IrIKJvl;kQ36o@7p)w_2s79QnrygupTtDC-0Nk&OdyAP8TtAy55Py$f!j~ zWvGHf$b^`agv#t<8h9v2_xQnsk_jVdV?8iu-wHyBPcg~gs1I~&!3|G{_>uAVK`|dx zz!)`{m3!&~13vIO>4XcL8JSu6Achb#BWd9Z)#!J?9oC4dHsfiNPC+;VOr%i8Ey6Z` zTQ~=BhsPP22?e0~BZy@oYb%)kMG`))%|}!Eo|5urWxAD>$p+5t_E>5q90As#@d2%C zhGjY>ca|F*3F90VB=#4G4w#12Rhs%`opJ9MRWnLR5waPG*4_5TDJm+mW+IFoxo#tz z$#-;m?01@>#Wc;)?wj*QDc$VV1X6Zx_jW(ys~sQBdms#}M|*^Ymdi5`oFcmQQ7hOK z1-sIc|0WyimB`e9lt2;gNKewvK+LCDepbQ8T9YG_kd~eaNb|xhp@ZJgjMIik#gTQP zC4qnW%DUg_q0HCz7N4O}P02=90fB@&Sv@fVjb+y+X*XKz9w4TZo*~p%I@zu6k_B}z zTYom)esU0)cSrT;?qfd%eZg)FU2$SXMTxj)4l@#i9@LBu-;a5}2^FU-7!i-L*=qWr zIwYM4qdD@!^0eH{Q-pIZJ=1ZDvb>+Xd(ZEiNOUxA5o6AdAwSA?YupGdR3G&w0HPX( zvuVHKC?qq&i_uGQSaKPk+cCt(S~;F@WTOHEEz zZZYgBPg$vd{W4TtlwPuwl)K0_uSXVrQLnjoxaY@<{* z@apO&;x#EUUuk^QqVpVsYzOy-gHqgsb}tH15p;dZ&JH-^UJ-w;;nCOlhFFN|RPhF( zhq8BB&@ri=X7K}%hu^QRgXU$6=!Dmw+wU-lJ$=-6R$MUXXyvL?Skw>~`Oy0KC6ZS>^M8QcgP z)rzwh_7ufNzE~MH#@L3i$ZVr*5ec`|)Se+G6(kbs6x|71eaJPrj8sls-BliwF8Jh5ggdk%HEhcqx_a=fmS3c(;XIfL=u9TdfL~mMWxYZL+u64IB-%eh2qFA|? zRcAl%J%lPIBXNGEvh=n~ViGr0dOK0e+CM)VhEig1XDeo0h*Z~zNnt74ZhYZB>cgBq z0drHEP@tw&tAZ6T;B3^J&FW#*!`3>3m5wL1f@bK%Qlou@)s;?g7aV1!hX`;dAfl1p zcDC#SlZAG%6#5*s7T&RLl+){*Q}IHX9G&WNa>V}Yo}=C3^Kx3~mm#S3Nq35(U7ELI z=p-Iae3)ud;T_(xs*dn{*WjZB}}_Q_GR*b2q?(k%#X?R#@MS(29RiQV@2?_{!f+LDw8>A8677n`9KK#HO}jb;R&^ z)I*`=8twLKQLR8$PM~a1yOPzHTG@$>D_?^2goD0^%q&Pqsss@+mSGw{LEZcC#lVGI z<}cbJJg3m;Nb(kuxT)^C{E2){ArbccVFtG4A%xt;pHu|C7A#&ikNbeIvR&FO{``F^ z$QzSQ?bd91l}B-I#LEK4M}-L%GuSw=hF7#NMf#bScG&=Xp6ujeuZPvNk{xtW0c`gAre)1D2M@p#WukKPgudD{e~ zGRvacW1p^EhRu&o8!Zp?U!Z8YNzCUw*909NP>ZQ~zpze^Yt;LstoCT%1u?vcU;R*z zuvg?s-Y3BgbNnimDNC^`NjRTaSb4O1K%-c`bkA<4A0dYOg!UV2`axt6zu@`g#^tqz6T%1&2B zL`DXJ(xhdrvAe%ZBjYv$3g`qDiY%>M)QEetsgenGk)Qy4}Lujb+Gsh8w~wx<$2kmM@NcobfnboV82bSzOm?PNYc2n~14cNmVt0 zBJ-)D5P6#$|M3Dgx9WGbIW5%jaRq`uVT_H4JGZ+}>3F!~A_l0u*3QRe<0kQ_B`ixa zfIX<+XGEILRh`!5u5~7*SkW7w6=^Yzl0SN(SJ;2y9OM$%c9L$r0PWO`fQzSeh_D>82E!k#E@IH55~ z>rj!dg}$z_bzU7zs&!S3nszw;v2+ z)>9bgUyn;cc6e%HaCO5BxpfOVutwG9AcLvsde#_9-Z71XNDO;vwZzC`-RzS!R)%-k zvez_mToipY+?0{MngKtapC?e|NGh1eN6k6De%KTB&5CItmL5V>k8qgQwR%qKjhgg4 zNSuSplL;g9=%y8|Kn`cVSb5RCOIL z)k(~i+hi~FvXP(Fgw>CSJr9(eH6t7OyGyL_O_nX-Hz=mYqu=G0I>FXnY;Gt!g_Rf3 zk9;=D{MH}0RsNxp3sUTOVZB5Rw7kME z%jtPy)AgG*ixe443lzqx)>0LW)UlqDmc?@EhMm`}vz5CYm=-+@rV`8{GWmdCcI8PF zy;=%v1nGzq2dWu=L%k07#7L6$U+O^->Wqq_-L9QF4;P# z1E+h)sVhE<9_nG2Ey17lO-cZ@uU&qxtf#99ycVZYzxM$1#KmEb{Nx=>^IcX(d{WxJ zQz66xTxJ0U7cb3%qAIU@peHI+aA*eAnv_uFX`4$r;qe!Ilj763=_@>Z*Lp7Q8G>8L zsze@@DIc8|-NMVY`P9KLopbvH)9hwF1yg$DfrB^@YZYKj7T~EThKj?^dW7nSEtWSj z_TWsY^-wo%r6#{>4iMCIF#$jE)Cb#T{v_W02C=jeXH0T(cS!}lqGCL7(AAYXaYJq9 z;>6BNQzamCs;gqIkGh^tKsN89%k%1o9?)^Wc7kNfRnaauL$>S*D_?6vaBOc(gEC-s5y^I3T!ULxi2df;wK8Zn-TXzS>NQffTmIPni!^S_h+#1Qz9{Dc7X#oysRme~d#|6{zWP0+$79zPNk zLCb>|h<=wg+%GfBD>DH?n*@Adz7O*Ecus_yotAd5mvf|H%{Ba58YwjsQE>v%Lu=BA z$L?%iZQk|p78%C{{!0wt5A7ii10y5Os2@*-?ojplEPhRRmLXTF_8~Ghbfg<|o*!F7 zR4hT@P>^gM=NAxDY^3`nMK~|(M&mUx1 z-{u@Vhp=i3Ah>>Sox%E&qOb`r#^mIr!phyS#BZwIR-|de$uDY4XFK!<^U3D3&7K&D zn1ltHMB}QPt3PMa{k*0@DWY2E(z%c^J4v_Lk;_i|M1RjWl=4RVRV$7E2I z;DSm>8*S3E8_Tm)=Fb?o4?(qdlcMezyKlj86S|n$OdI;HuhMXYs7&h}s#RnVD@?`$=+@CurXYsko959*qN;VcdBK1;3r(C#r7ni?IX zbu8m8jdL3U*kE;T`^A;&D{{5Q>3&CXs@t{p(*!s-MH}9@u2~~8Ui%o@spjsr?Zt-Y zIJ14MR4yqd&l&U`WQBpKnQ(@>Lo@mLVQ20`aJBySxyM28Sfc?;=}lzmXcdI{+*3f1 z55K)h%wP${jkgEYr-v9nrF$Kc1dpP_#KlNyu}1h-FZbezdz1?#y*&EzE7dG zAB#RigXUrmCJVRji7!>LHHhr>6XD~xxi9eo4$7B!WR8A+XJ-m- zNs@3)iPtWm8Zst(IBj}T?$tQ!9+MbTztFGX6lr0$?b;7z;$+22kyo82da-Gw<8t4T z4;wagy)+f9Av2%bt~E+T7t{0g)^!CnqBgbASSlpStj3!h+Fhce<*Uem$dFYrRo-d` zO9U}WP^Q|5W{5a@ZH)E3quFk*__4W{y4r8CuE=ha-Zqx&rU1pg#Q-yIwsELR z&S2^29$z4lS^(32YzkVW3I9IC18l5+V8C6;39jc`%ekZPw>~{KYZ~UYTCOd6SFMD_ zrl2;-Yu7fuxHu;-HQ!9jtb$6g=` zUimlt^iyEMZ>;s{HZ)Q6!jicJ3nanV!vkVx4~0GrK#k?UB07!PNXq|_7s)D@ptOZ2 zp0;29Dkk9&4;eUHj*`B?BvY0^WHK;tefhigj_l_J-VNM$F&_hYbh1HDFhL}^*?xC- zGbCkCUT7K$?DQ|HTiB7OyzxFgu`VWA^(U-kA+rYdJviv0;<>+>jn9~8wK&^Ud@0%weZ=oJpE%z~Qs{l^)}VlZ z8}Btg>K3RQzjm9B@!Bi2(~vGnAetTIIXeHkL$~>-U%x&z)$F{)RaikvyvUXd#}jBX&b9V;v;Aqp4Y0NF|*#|EdSxDLb>Jv~LM z+rSdBfg+TT-P~wO?O6>fg;)zr9^ZNNaH=MV$U-jVAwJVFU^dgRJC~+n*@O+w(lmaJ zQv5esn$CP>=}%!n(db0x7KKZnO7F_G3Vd5dU>R)6NcZ5Zk+Jy$a1-GxCOgz=zcC9h)oz(Pu z+B=4>w%zb&H}?y8og~Ujaun3&nmed23dY17($n;-J1|s_TJ;LC9DiC;GO`-J;4N=p}R(h9s;?4PaRB~LlIE+^L0B|e_ zODXmnCLM>WGatNJHS$UT4$@~4RA2a@o4;F{=PqFBo4Ev4QmMvll&w*)N;Ww$9$)(#07q7i_A}f~;46iA|VJ zm2h63YO?h6n|{HUlvvKD(lwgKTPsqU%USugK~hbUhjpbr(@5+OTS%4OuK&{(P-Y7> zSY^P=gi?ZBSaH|92kBh~L|GsFT`hrF!a>n1eg|#IIy#CWaB(SW3Y?r8j`X{4ftS4l z@{gNw`2I011B+xm{jSsYWdGVCam`{c*LZ!&NjP`Z2aeB)sm5_N3r8KXiSbWWbMn_i zZ+ny%i&iM$X6K$&l$Vj+@pm<^D4ZYcwy!`!sgaLfC0{DiN%P-SlaCHdr2&mEUafII zJq7cD+s#42hG3A&TzhL*{?-e=T9Wcr!z0)_mI`-N|LBSL&afVZ3@|LFQ3z}WN(yG9)E*IxOxuf!XyMP}w!O_-d^_3i>+%P` z$jFxyewoalB^Ay7h#6N)rF~V3XDrWRwX{1G?DAU>91CNxrSuRGBTjF#mXRMWZ5Hqe zMXKIw_VW`M4&RZ2#{U4|g}QLnwe6n~;VdFw3JN$iYKTcV9w}fxJuE6RK4LW=O)tk& z$k|g+jKT$?E8QU5huYk0&l3N{A0P@`+&h#is>W#&KD|>u3Tsc7=OGuC2vjH;_!%+J zfDM6-@YmJVTW)JkUWe5uzDEqX3OJTu)4yBZ82iinz_HEeIcesVG%3^s>k`i;(K>pJ z>wg1%{yn3efgJSNx5S9KvxH;0h>7@_Yyg#zluM=R_3M)QMbD8*I~V~-*x=uAS9pEp zkL~SLQJ>jJonU8U5zoAN3mC<3-vqw}+fBYnxKrh=o~Hj@cPUg_Z+89a^`|D;6%{<# z(~S`h_rtR)CmQ$X^Lwjb>|_*?n+Sd zz(X&|e|Kyb)_>E`5cR3{I_GFg{6`+q5&=H@yX~Q`vpH#hyZHXMtF>4Q5RU#60tWd3 z{G7DZK(0W;G?u!~JOain#CBMlgUkWsq!x{V^x@^CyxQ9J-8E_$Dg1<;YD6fJTFK9G z`t`o8>83$JQ`O?vS6bOOg@3(2)aU_lSQvmR%M6TI41sqIRJViQV94`)0CB1OSGk9Q zg!D+aW6rYvXCd+6?G?gov*1z!GZK2v>m+0+GtWz7QLpxhOu7dGi$k^F7jMT$m1~=5 zwb48wY~(uD4ksLqoVmB*%lPdxQn^Q`=LKdsLHu1Ncc(Sltl=W3=q@G>+}(JeIid1T z_}Z*~42CjtpMouDk;B8`dFd1WGsCPoCz@b8CJyJTSAYV>zo+tFQI<8&nCmPG<#I?b zVjPv?;(9dq%)%+k{KH<|n=iSRc;u9vyHf1xQe0<&N-yKbMzlzU&(3S(EbJ7#Wk_Lq zkVcTaV^ECTvLKkcXA8fw#bDV?;`56Qd_gWJ6~n5u*2=rxS~yFXE_5DrpkCVD+XF1{ zEq+7SoEzribi3`ss%6p%{OFvJ?!J_zNAV73Gevv8Wh5Ld|dn7xVuv;T$i?A4$7A<<`=>ft6JQkFP z;M;O2GczNCsumMyXGwU^iUo{Ca`o~S$gV0K!V+LHad$I4UA{mC?PH#XqnwJZw7dwB zvOsdaYCB#@ob#!~`6?JNxkRxUANx1XMx`6I0X^bp&arW24t9=1)_uyj{Lwd6pM&bW29CVvsLmoI))$%}tEgfksuOe|9Zz`t za~A&!lb#)Tw92lZ4TyQ!hg@Jr2NYNfbcG2VA=Y-<IhDB8Epf`d^&9)j7Z7Mlb5lnL_+Lpn{NP|URcUT`$ zF`3JlEBwsB{FSmoiEAm*S`zj$OD|n&AHJ;PG1p&NShQfkqKL&>kyo2c7TZXZxv@Qn ze-!B;_G_@tR5(Hd0?E79iV}@SpIH<$pk(B29&j5RmphMurFyt1w{TKTs}I z41u4e^Ed3pNhhJGMd?PezSm^2TUtUQ=t5oT@iBZFer(-6uw5R+0vl45s{^~zBUzTb z*S%Ije339dsf4I1Y%ETQphwYi^h3?_et6g^S zSw6*EAJff=?lP4viJ89As0_`|o}-OZ;h5ubqRp~P7jtLueKD#@2KRCVbXyh}Z`xwKzZA++aW9FAw z4bRvPAcLZ{T?Gy?T^!Rvt;^}Y%t8k1I~~(g!;{Bf@?RD8?5>yNwx0@k;{WRNf282V zimuJ+M?#gArw7OdKS_b@aLGK5@vZGyOMWC*^xHwFf8#c#S$bN-OpBIFJ{FXZHmoC> z@crmHTL1QoDgXso@0>I~UcS9cF>@L7*C-8UP&_zmivl`~u9<+Ia)RE1zRraG-}9_L ziw)EKJA-|FWnU6k?zuI{$z{JC{C9>n;$v}n`4Vy&%l@Tk>S6aFJC$Vkm@IJE&Y^E> zD+>ol#A%xlzA)fPQp9Ife&4%t=eLZ?zkX|ECnvmeQECMV!cilA zyeN_}iLtlfAflgS@a@6khK55+AC%WVaaV*hGsGs2*HtzlXRu*d?<%>!x};)+sFei$QH`RsWx7> zR>4EiqmpF{^#K{2ybx$Dgkpds86}2GVf<>c@pmhHSk_o!b}eG3dyo{A{d6+}`Gd!< zE~^v6(UKO2brZ>o8&5ZwNEDW|^UV|P=m^N?Kz(NgE;jUY6}AaTu7LEL`(9qs!CE8^ z{zzeGNJS%EPGc#7wuMF(j$TBjxl^^G25d|qR8+*6V1$T2D^Jm3>H)|+J-T7;#V~vJ z@Gxd;MZlj*gZdK#+mm9t!{K}(p&tuPpA0KEQ$AX7O*W9MuCL#6{xYV(eeyCj8O8@<&ObhqWhKJLoqH|pw8HJ+v4Ggg6M zOCjqf9Gi>-#X$9$Rz5O1h=aN~N%d$-EeahQoiM@1up7+l9 zCffJBPgq7xHk1g9wO6k%=2?(WfDI@U0^f9b4o~U7OgDFeGiyH*?w60A)*wVGtU*16 zJDvQEB59#yFP6fY>cEem{M_mpgUSB_(ayQZ!2dY%DT%>1;h^F04ZIVw^%?o-NGiH} zuHJ8|QbO zljJ=aif^vEnODebb&^%UcPb!Q>2&I!eE(ElnEDS^z{~#;nHonq&#z7@Tora=JLz|V zzi*-JIQ&^MNiwb8$_BN0d{`22&?1j_`H%B~(N>KOsafY}<$?cvYsIRA^=be^%SE2p_yC>0aq%Qx#uQY@ZqA~y6 zkDrM!kO!X2eGYxyU*gMae3nML{RFoRap}t6quGnR@e`fA1z+C!8S{QZt~2g7SY(!V zY;<&Z!l`M+uC{O>bQZ>&1xRoCL9OTH^@k+(y>rpxjM0q%WBB-p7pNJ#n-0%T=sq)A z-qS~-Iwn|NxR<8#sI{Zzo#`C%J=-%kSFTrMVgOo)=Q+ok#*BALvN^PaW`0v7-9jD1#*_{}vHLAwlw8QdLfE95?|9=QR#)laq zWc*CXBQmcf6Uh%q{%l}N!ScuGk}{`HkH!E3mP4r1hL%uzGB}(`BGTCq3~P%x3TyuRHmEi<_q3Nx(beb zj?;cL?(zJJ>=5|Sfb6*tLAv0HFx}DAJJ&+b?;KzaVwHT*0T!f;IB0r zh|#{@t1d>cZcvx55v&oDO4NT_M%EVFAep`B^lb$sJ<~3Gwb^9uhShjwtQVo7j7%Zk z5}9@Ojm3rRPj+7My7$ryB3eX)4!@U?4&sleOh8(7dp%IxB#SF^Vp(eD`ury&8;I!t z8)5RR@|*D4*mG45%2n(3bz0_J&3Ry%bN?nBsZZSXRPl8-`E@HxZHydOW~2*enMzt% zLy@aiTMk$x`b$y|EGSt!N50g_G=8?X&^J6<&P7FST&w)qRZW_D+hpS}I)!+2ZgTC5 zsQ9FD24rLrR@X3QcVWs>mq@v*R)G({qM5K|gS*c|s4aAGHED_F)J*Gmb=*x>CZeyb zEUkfjbIFD#=`Im#Gf(rv+}G6Zs+U8>#hsS?gTHPI{bUsLg~sz!KNfT6gQr41)4ft* zP@q4KlocfnPon=U;+X!X=;6~hUCiCW`=sew_u?@&eJ$_R+rr-z$-zB0ea(V0B^p!T zm=vsbVYm924c@_lixz4Xl_2uS$R+9sC=E3WaKy+Ng(+?RCKC_(3GMFgrinOP?H5HVSPmNFXw3@ z^f6t$t}(R8D9|?AoNf8Oc2rv-SJ;;b93QkD=Xgh6{tdN|Xn`S~oAETye?Z+ITF<46 z(Uq5|N$l;^;hEP#ZVY>HXf!Q4<(lT;c=5uK{v-(lLzSI7XAbkfAfmb7zIP_g&SeGE zzsw*!MP0Ke=jtD$lgAsG5*gQX1#q(MzH4h9ff*u4L$xsgW{Z>ahS*wDJo?)9D`AMz z5i0OyOi(DSDgFwo-%G1pJIyNK0gm&t>%Krf_xwiC?wODX+7CQq zEQYCJMlLsM?nGoN3knUjRw%%XV+XaJ?pfK*#b~{2FDWT4CaU~kHClhg`T-xLT&}4K zTBA_n%x*73tfNvO?Od$dc&&#Q5mc0JAi~{%!&P)mN7Txa1sWLewR6aa$f5bV(i)F!%uHmQOePUUcjF+<&V|_$p*yb>*$%g~z3HN` z|2rkPm7Ox3h0GUFRt?(^hXewR&;6IJ9=qwxe_OwpkVeoBZ)peqxLq7TXGT+OHcwA} zou*x}M0US5GE+3V1~T?7f|l;!okqc85ptIJbfHQdPE0RLcSoD4Qp(ioUQvK~u=au{ z>g}XilOdcJ#R5?>7oTO!tOwn|Eq;{Jsdl8$X`DQiB$$6)hq+hs$Kx+8o$`0qBsGYF zT8goB;<4)ic@-+7b*}cC#PxJssQv6Au`sMQU92|&yQ_l5WVp-M@tBdcK{dkB~& zG-%}Z#l;$2D^zbF-_9l8&lqjs%W*)K0Fq5&aObO z#q;z%8{hNteBs~FO+fxi0EO@Ab=a5IFfrv@+9GM_$QKCXtpZj_jnmFemEN5WE--vJ znI-I$e4l0y^#4RMe&8N|yYPAS8@n65)+WPi1i#av$KU5x< z)ye;&cq{NIKY)v;1#GTWnK+v465vq#6JSIBbIIWkiTtZ8>oYS>6hW>B;g=VdSGu1 zAonPQfZ=oCO|yhT-!uG884xznQcN0y{SlZ=6C)jicxx8O z!+Kl3z0Z-IS5#1Vx*03WuY4wN*fzMkY`^h|NiBchD|*Y<@jYMtd)|lMhWDH`s~}-- zb8?{uBEQ-7fy6sN4(zLBX}T_>TKqc84(Y%3?YfA)qsox~s|?d5)+LjGcOKn{#X5?m z`7EXdmK!1|qN&{7ynOck4?wKkZkLox3cNv zEp$iv?&0h^*F^P{hF&)&HFk1*tY&U-$4W=Xlz(=5hWesz`=0CgvwjDS6WYs1Z-K_C zmaSO0OYzKes~;31*1{gf5fO@o{&)(iu58U#u7=Ph0S(`390M%Y35rCWIhJzuWNl6` z(DssxhkYZx%WFe|UfM@247xzeSkl|VhP;R|5H%bW9MEelVAeAB<4aI_<4Cf~9be~z z4|!g@+5gZYWq;tWq)&542V={Z{h~|hZCvMHM5LL@8C*wHD+)clDO0RYj}+UEP(4Dk zd15Iz%%{&xXNGamg|74YZP6z->g3ign~l`XFmR9DS<{MFct+f=ln)EgynTmFGw#Zo z64^4ewLRwFQ-Ae;(xADeEQo?wtipbGP|O+@gNV#`_mpz`O|J^Ui%qpmh?uWAcBBYm z4u6z#LEpGbMa=NE>Js^7hOcoQ!2xlqOMDh~+(zT|dpT1iiAK~JuaEb?QCU6hjnhqy z;;>fcvL+R*qdDa_`=p?*f&27PS0 z+>9x*xFz_w&%o_bXBd`NVzrvl$-RHi%F|6j7g^bTsO~3RgWGhS5!=>JSR_LTs-Dxa z756E9;bgYLXHe9L8`D=KlvIBDrs!4-f~r^|!5XPk7iv-SGTU{Y*=m_%L`?>H2ldj3 zAR<%!GA2f?Z{0nfrH@LlDK`J9?`lWkW=tSNImnnD@|z!z#-5cfn?ggrFkgHI1aX+g zD!~Z;5X6HQ4#Kn0#**`?i+zZ%vztX$rzE}g@gcHTi-v1cuB(^Gsco;x5ktPTfJ_@$ zamiN_nLZ^CQfS71kzKuTF0$)yA>WlXfUH%4I=tb^ETql>|9Je(=@H##fBanWD?ctj zQRk1Jk&B1Bx>`+^c=6G4T^f%TLFxRzin@UW{84D_t<`_eM04~p+rW4~{7am<4>AGu zGJJM$sF>5UK0y6gezdbD?!#R5ICyV@3 z1^)l52@7Z<4xg=*y>+W0`EHrpJQ+(j#Xo z`09oO2taJWqX7;2-ze*U%cQ>x+JEX2Z_Qc9#}A-Z^Y7N}Ln_f*PIds<;p6M@?)08A zRsDgR%%|G&eM>Gb3zu`U6&!w*MCRxs@87#e6=@AT`i%>_g{;iWmLrsro%z*MN|7lP z3|98YYEeCsY%H{}$t~*Bjp_g+0v;-WsK1TQ&#YPXZU{A>fG?~ z%8r~-hdX)yL`F~ZrNXG_DvQJ1PPmm4%|xCqhq)tzORn zgz7d*5Ghf`Z}FA^6ELQK&yefJ!3X#lJbRqGU-G0Y|A6MdYvHy0Rlot-5-?$vriu)O zt}~u}J-FEQ{8q?0m@TD@oJgsSxlC6Aw!o{^*L$$X14`O3#cz64z&`{--sE?0ZHkz=$kNVta08@XyWE* z5|gkv+#0<#bS(u^E=;43j5kE`SdTqZ>>TSZCVC+C{5N&0KL0G33du(wk!@!wkH#4j zRkA(~sPZJd%kXu`Sd+&4_R+Z=EzLszo)>Nj=de-adPyPT@@TWe4Oa)LAoKlS#X63U zXK8~1h`BLuigv<{`$DB{(xKj2DhvpZ?WZ)uTY_d5<^!@5NA!)tg<}0 zz+LT<_Zl$VS5=y@+n%R1V8R7lxf@0p5~wpZnoa-zjHuFE2%cg58Y6@*#n zKM}p{-~A$~LBA?~e=wg+HkF1At_I-3WA1^(De00lEQp--HFUp83eUH0?!WH@G2c};^1`FD)HX2;JsUyda zU&cNh1*kJqW$b#&SuEWf%p?Muxt`~l(Ej?|O3E|opU~2AQ(YlI6!OrH%%oAA{qf^542=tb z4M4ZpVN-*`^`OjC<@ei>c?!Hn6T3FPRu<1$#36x04=&^CFJZW#KH#8NgJ-*I!nA5gY?-l^gX<+~hjd z1mMVE2;;(1ZZRH32Y86^l_R=_&|1+Op*5)&fWT=Ga*Joee^%X!Y${~}O_z}WhT9kB z6Q#lg!ZOCWr7Us1WR`waHp6lw+I!MA6K^e6vQZ~?`>47E4Q{Oj15~>zXcbx|j$-7c zeCg5h@V50loM}6_q<{Oz=jPX;HTN3dcuqDe_KnOxOrvV4n}0E3O2#KqRwlwaMsx-6 z7JyXFG-Yn}*t!@Z3jB@_1c|CA$VeO<8Q-VLh-Zp!(xpSwg`JAMuYE#YJkYAsJvC!^ z`S~nJ$F5Qc8$1>5sV+=+Q~Yk=bbWV88P4v(S))2}-M*qO;r?#E5x7-#g71V}r%=;Q z-Y!;SC9f^Q8U)CS%?^EAD5s@~xUDF$zvr0s9lj(V(78+iJP9nQo_%*u9$3?L*Nenk0a`ZUn1tz=SKRVLZ9`*`UauDA8T_z15 z`%f|{$;><%aAGc5TXz3)VjjGWIdcwcEtd8>0oXVx)NINOidUcJ$36@})xWlmom&mR zw#&%UE`SQF)HGm{?^Ab>=buoRM3Z@KB>)%0({YNK!CHDmXQ>9?;(;3}c?%1VK9+F) zvNKnm7A}eMFvnU{S5smL0z= z3jU$}91Uq9k~PvNg7|O7C&_DwN(SXGW?RP=KK#B2UJeAK)IG@Ab?K0}fub$ucoAd% zj=T=CN7z-LXwz&{3XPOIG+?D!BIbi#U_yRK?*|Wg04OT4bs8TsDB;i2zIpX{Ixuz9 zgF@7zv_Zi1-BZ>c0|@siS7ilVeTCfuvb2k6T0|R0gEJQ;!~`@iV;abyKYIaM>iuH~ z!i@S{^%i`(8Tc5oAcjbGFmjQM&$1d#Dr9DzYUV*2zhOx>?vnv}j4G!e6e{}2&bICs zQ7kU**xVzZHJbrXWr?ES5LtJkE{;i7wCt~pO^P0|9F%PmHM&{35cg1Mp>!GHSzPe5kU|HI|D&>tcIvJL z40dGjSdwo35|U&;7-L(5(BIF=UiweW=@q~~W(RnXzosETbOSH;%c9X<#>N;an?!V< ztZ2oZ9wU+5C-Idw{UgCSgB4=wK*K)~Ax^vZ2S#E0Kc+0f4FnU#-aoL>h-`#~^&B|_ zd|VEG2zc#M*9S+Ts5#qmOe~{*+2vUQ_$JMGC@^tv5t6(SD!5`2&*tL$~tZ=({`+%3lGU=uI(YW^Hx| zP!*7#2@rw%PFMWS{A9|JZV3=x40F^QSd4B~W9kc02bu#VD$DC5 zcY{7AYGVk_%rv$TnClhrfzR6D@d0&8Zg_`jmt#~9!b^ke}G+R?Q3Ytv-ZUSWRE ztIa4o3$;mN&RvZ|C?QKswQCi;G8>=n?YCC^jqLhA;9fz6v*<%NaOv*3fd8Cgtvh#1 zOcQ+oyIO%TyDOR)rrWtJ@PRo`8_+nnzWquk!lmfpv!(b+mYi|$P+&H`j9Ru4D^Oh} z`b*J-;$i#`K{I|JqcV9`0#U2AaNy&of3yuKaJ_!^;uTNaZRMNL# zu-ym#|BymA3#`Skwf8| zf&9+El++e5Y3&s*1fNj-r1$cM1$e(Xa`Jg{vTMEYID&DzGpTI*Du|n0T+L^j%GRj*1%Ul_N4dTtp!>m^z`w z-(kx!We%UE|4&Js=Sb&XVYV5f+KC>UJemGnDNHeBo;p(s@yq1mpOA2Lk}yWhv_XH^ zubgZJBP6xLN;*&KkCs2EnrbDjPaCUlXNzk{6En$_0yC}y1K8&>`rZQX`niODC{_0& znC|2XqarpinDl7G&dmIDyQu5b*BV9Qr>tMIw9-CksWkXNdy;%j0aAwAz2SJbtOjCLm&JukOH9pcY)OSPl1&E=;G=#h4db5Z$@Zj*7(v@ zxr*6LV3KB{zGroH&q#dh6Y)!1AZfB|CrysshxN+PV1_C z(h7-t*6-Dn{d%j+^7q?f+k!^Qjn&V<)HFm~T)a8fA}(aC?i8Iyca!8~?z9u55oomw zcdYz}A=alpL7oR!l&x?ZAtx%$zYU$5WFG z*JK9#^5zdZhZvT**SrK05VdDR}Ez3ysB3swLooQLR{wptq&J_)4WuL*CL2ru6(R3ITsbd;x zmpCiNUmvR(kwU*aoUvVX9FL~T$>PT9?kgS7qMXIWYs#L=ONOXaCaU zE}j7_d&GCBR*6A4HzUUmnFWZk@$2XeU~1fR8aeNO@h2Lx_G`R;b&zNxiZcuiwB<%5 zTQKP9>I&^)gS;f9s{?r8GqXSkAu#&#cMVAYu@yMo%^&;!BksK8ss7*p-#BrUEqgmw zp=>GZ*dr^X>>UzPGP3u~CVS^ZN;WBb3yJJdMoEzsGJelP^+xKgKA+F`_rAUV=+^Dk zdF|KrysqoyZgs*dKj zHwpz4pTe?p>}LJuLd0YnJuy=6ee^MSkp18+HHya$C&5*7A-qNJ$4jC(U*9ES|EqZZS~+|QwZA0Su^w?y@?E(c*^hZLIiVHfvi5mI_&Lf z+4nM}N`5E9#wqR3&S~qzn7&XV(AtKe^+4tPPq%2%=zrh_$(sP`ThpC4^*d~UI(%%W z;?_qHskr^;?*FqP(%bm`i;Q8pv%v3xL+iK+-Ko&`WOb_|IHYsvrllAr;~vS?-s0I` zfDc;GP`8;tJmt`XLeaW*wv>_C-5$UlImIlz8>t3w3U(58mBT$Ews=ht)^ zWF1@1nmAx<{7+r>#11d%cjfF3ok)&4X&-bp>X;1k5c_!rI&~p&7Vt8R(EX+?tFIA` zuCTMGDcbT1!w}L~dU++lhx+K3PX$FqN~kL)>S-e#&_lyWf$RQNvpc%%-&#wcjhHzR zrjYJ%x`7fRGjZj_<}v7^IH_f`T2-ESkI;$_Z}0` z!Y}aU51TSNfvE>UD>USby&2b;D1QAld#uNYv3_Y#!s7K~XP4(6OX*l`EMuOfC}xDmL8ja1}HC>>g?QBX3p^~r^t!5Qa#oTpM%KL9Q~qBr<^7&Ln$2ZQ7FB< zWDOq%LfJpJXgGk;eQ1mMBaX`bMAoG^2aKvmxY&OH338cgd+l+7wh@pjFX3B3ItVSl1vd)$uvttUXL; z8AY<=GS+h&96LRYEy_?MY|Ei;bUv2YgO^GH!g09_BR=odV9et;RpEx&VNr>JyBmdv z*Pe8@i%K2dr6vom22cVrsxLm{|f-q;#w!omt8Nu`A*Q#H;8tLY~k zP4uM|4LepvH8U7nKg^}O^rTxstTA|(@Wb{&;2l!}SNJ|TK0B0A-!zeXLVOm< z?ub{vF{>h=tA4QSVFor3Dpp^e>dKuaMpnlr;wnaBpupT~C%c4~d&)+7PzB&C|074E zUNQ5wFeZi#0&M;H>_g{_wkS8>V01r25mJ>pQ4WH|Uck$fJ^Ef-cBrrbD(C0%j4t&= zV6BQCF}6jGix1slXWZ0=07B0aTlF_PVMX#F{>JGqw6kB`C}S2EZ?Q$W8Q(Y{j?Icx zm@vrL*nD}h5}87GJIsni{7Qk*__eENu3yYQf^6fTe{qtw9(~JHV^-m1srvr?`$z$p zo==rXrFgKD->hTe#E_nw1jW|kd7lUbK!)+6;Mj5@Z7l(*t{8n-Msx(3fZSdbC_q#? zh5v(Mih+2Vx|(JT5@H$KEM#p`8nl3@}r40ukayDXsHl$U)o zCYoM1tezbDkO7D?Y#Jgw)Y35JWZWfC{yG_Xk>h~J2JW0&M^pQ^=f?M72A7X|?xj=s z+@_tbvj*ioDQu$^qcZR&OUk-8b6%WoQzXQo1Qm0UTaiCjP)+h-Gh(m;hV*9rXK(?$ zq>J?5?{jeX7A=m*q8r-P7$T_8RM((-eW3o(Z7%ELqt8=G;9a6k^ujA*!nabJT#rzA zoGc-=HP}j){w4@*aRRm<0knu#`j$f0M;Wfn@JB;P)njzn8DjV{riCS}Av;{L2%aE6 zUI{}7r%fF)X7F;kCA#0g`_`#-#23%>sQL*rXMx)iYPxfy_!BVyn9yUS;J~`HOL~>9022Ht*U%NyO0;8BJ5^U%snJf=L23%*$lmf0<5zkRc)D1nTKx7tar%1BPw zsTs8WCNC{pg*YboIg~emU7<}TJ#5aoX2^WQP2w+YQzDldM{_ViNi`=lAI{N!qd4ZjU2q(unE%AtM9SDqDeQ;QFvnhs7LNm;BMd*`>5VXQ>t zAV$&9?lDjk!Ksi*{Y4xh(&>08YA?MBNkE}yap}tR-lQD)<6C5}9~@ikTcV%@K?J`g zW|o0SnC(~tZX#TXJkOg`nzQ1a zq_;8D4aPU|VV?CE2z%riJg1aUR2jw0pnMvmm=+|8e^CcR+nBw*>z>pM_z}V+<5hyv zxfSJmML`Rk!GO&z^J_9SpI<=u3a+BC%$X9pMfJE0sZk@w>KhkOo8y!XhVGmD<}7hA zFf*yqt9BQ((DNhC9tKtdGE8pguHZG(m$9VwvszbAU0#0vo+Ikhp#S3Ue0%3tfrB2j zwzrcNN2NBk`7FM2Y|3-Aj#wgMFQi}&7SfvUo?Uc+-X zUCy7!LZXlKht6H?h>T0T)DfDSW70X#A97+^MHTh!A+%i=3%!Q~6qSO<=_%e95y>dl zf{I%Y>wQOr${jj{)S~Lp!~1g$@$Ev*GUvn#3~@67)X)5)fd&cO%g@8!q=If=9ig7> zGD_?%gxf#b_`!x5qDotR+Uph&;;stCEV8T>R$-^t(ulc+!29IPmkKL6>PagrRr8C_ zmvk-l8tatNksI9B!FGe9z6ebJND2klug=;n_cl~{jaHS0C>7Dm zJ4`5uIdZx>!^p69eMlO-(LuB<=5br?kcr_I#sq-V`|da8GP9KC2;8}HtZO3ypCyDe zHQkUuSx!cOjOlEGbb)!xFw+GsEkZ*?1Kup-`&DJbcYR}HO0s3=AR@SuXNni9Kf3WI z%EdVHS;$JfQfCQ^bc$8eh|N#38tr6xOJAm`WzNs*i`2I5crxTSpNt0xacQvyb@X!- zzVq_t0aPlpjKT#HR&rYYYXsF!{!be1pv`s0+@Itdu3>jdbk@-)Ct6jXbbo{>wBoNE zTw;KozMM^4jBER^9iEyEKp@!lX1kEv*(!f9aUD!>7=(I7{ieGU->`9Yo@)1P1c}mc zHK39m-y1f^4@4UZAYkn}b7WRVi9%GFw6lQ&9B#)dfogNt!-{m%IS}bU+-Z7{U+W){ zklM->vg_{toL+4SH!xV;w*GM9H-D%kf~zU6W%A@n22mrYa~(KPS0!Kxg&~~cPmOFi z2T6o^G(kJ?Kc`Efl!z0-ksI)lK!;$`w~iAK+#zBUKCX8!2av9hll7EZXPxy(qVpod zr!s@2FQ=|~JAi3j;Jj)9p5C0>so&`o5Rfd0*C!7vr?GmZ)}3#SIJ0B8eYgLv?lwy&dC z(-K!pxVsRPmRa3m`X|~h2|!e1jjj693^zChPh%jDA_;#)67+&^2@~X1DLkFOHmV8i zm*LNXlM_0^?tA%S5LC*RMRFQs(&d`D&sv%Izr2u4+=&)H%yNIwm^$HA?kVa(sx{>g zT`4UHLK%gp%3d+XRu^5a`YgpGfBk^5n?^m7@oST}M6pmCF{#rqWXtXbXe+K$Gd-@? z>0nRqsTPUGqfT2y2NR^wOxTf5UNV8Oq>i?-v?r7}ui~>!3i+2nkU!Oq${Ti2)P%9K zbyT$&Q5AW|ERX?ad^N9AH6Xw=)Ye))!FL5OWrnJZ&bM^g_6xm@WIM{4Ho~fi^Jes} zFToF4zZkv1i2S7k+0YCc=~GnARi_Ub(kG07j`Fffb&bLml27>Hxp^bKs*4&*j%|QImpRb1i&ad_l|X zZbNQEnW=_B8+?kq@-T2`35RkUSY9KfdNh5jl4jH%<) znT8axd~KGYGUhGeZ&KiYZuSIq^OwnkIY2S!jgEI(70R8*`I)i?SBpda%`%`(GYD|Y zl3V2?AWs;ZODDm)iy=S$3gB2rQL&J7Lhk{ZKY*JJ;PV4tv9|C%6SoAl?j`3lq|!^(m0M<+ zb96hY#Xr~?U)XEs3^Iypn>2VusifGYRtQ^#_fFFsY+^V;u=pFN(JT=D;! z@Z5qlto!W8bQX!A`0e5-K)MIlLYI~8-cYh``%H+3W0Dq(NUr(F)^GjZj#_r}By3`? z^sHa3;tP>)=2oEEkqyUGv!g+$ubV%|iB2LAN?Qf(Shcpc23qo7_Sb0C=LiW10J6$r zuvCSUuULK|&uAI{nuZjIC4ag5C?9M{x(XVzSDD`VyabZ%wD#rq&QhFkV827n=EFh3 z(_bMcLBXJu^5Dm%!^mO4JA&FXb3Nf}p5|Mu@bt!1fxY??B*8O%{8p6K7sgl^{?c&$5@EgncBZ zRvqc>q{lZ;PYn0Q;f&hb7D~4=J-)vFjN{5F7HyTt(7bbo<~P)&)D2$PILA5ZTzKUT zU+ew{xlkvCybic{`t#%@xEPfD4TPXNKtd&NbgtatSOYopjJi;-x8l$tE1qM@Z5M;= z>%^hVG8NDmIk)Occ^juw8fCZ58@p@-pG2wmMDjc_n|Qc#`WYX4o(=#s$@YcL;mN37 zAm9#+dB(s#_H=Tx;*HS{+QaT$d+>l;&~ugp)SpW_s)m8UuRwd%YIHGeZ$d0DuMf1MF~;vkGAhqlpWk^k*kaA>Txg#+tkK-d>>CadcJ;I3~DJ zw3_(el`4lx5En$m^kiY^L6-SbI32=uwHsQ2M|tdth?-dI0q|Ds50~)D=Cv=w4{$!p z=6yVgr~i(e^Q1F9ALy_!Z_EZUv4{sNJh{&S?xW1V z7umB)w~FkdM4X&rXN|{vbE1jxrrUE&mKrKhPT+`RyNuB6&z~uJhLckS`3p1AM020o zXH1rS4uD1}tip2UXI$WBgLpgmKwJ{}s0!oh50H}xV^Csj;`Vm~h(}UO;b`A6_{i<$ z@bq7ilgMFE9{jfbZ)gYkv!Z8Y11{SbpW$+V>^+R-|H|<5hn%L}p$I7meqrS~ij-2- zq?$n9`@I4yz@x(<|BQ6mRh+-6XB>_$3iQMste3vYcs(b+DY2f4=dgM)(n3mUh$S<#e+?mEruIBu4BXsJB>_0)X(;M1EOF18$z^P$6PP=$+}S#p$6bW>Dj{q znzCX3>9_2_PG^4atyU~Bqr`n<{t!EE@_vwp#x(D{SotJycHLPO;5~gURdzeflClvf zmjdF)=n^N{P4Ek>gRS8R$)8*>`%)8K8bB8b=M-aNIMmsGW>a`5Im*7W`L?*k(}+r8 z0Z7=jp_UieCY?PWE1?1j`MI8vnpS60kO1E0QG{zXRThy%|h#y1H-I&LoUWOK4?eKp5ILzn{dh}!?g7iz& zX`K5JejU&YigM{l9jn#Cl9UcamUe$#-ngOzX!7Cc67h&3H%A z;O%SpsrpplwP?}Ov-CjM!Z|SAmPpQFMmC1sD@yDSxPiWkK=g+}_aA9Z7bU|Fu)6-H z67hSTDQMgxApy>hesYi`>=KxgP;b5|$r^Q=IGk@x`|S=Aa-@RFxJ&bQ6CA@J8N zYoB9_H@2IOiQ00aZ%KLMtfH-v?*O3RcMxu7KYSOVFh(=#1N1_us-rH4_B|TxXV}1| zCMnJm`{UGq3>mqgKcQrGN(F)*$tyHbEss0{s#$Ww0V&-Ra=}o_FCK93~Q>%%NEt}^Ewtf>|cpH|D-s+Uq7{O z>25X?jLq3V-??$Px)76fAoEl7(FZNxGE`wlS;^NSWVGedvWPt0U}$ zW2nz38IcV5DNL1S#_l)HIcI$MkLc3>ZJ{0I%daj$1LkIGK}jFq8yp-MrWGiTPe5Rm zkR+?-*8$7C7#b|AY+-UCnZE2eXZU|7wb|5y(?q@4T!NrzP*F>h3>VpeB-4)lH41fh z>`FpVQp$>XkiC`STE1$PEN8?dIq?e^NP+5I-Vw zdbqe93~EOwS8ugv;f$8m&NK$3YjJ-r1?RTEsyD?dC57h}ljcx&`=*;r6fw#^zqt(U zO+F|p#W31fqsNve2D?$m6;6GH{%Oo@nB)vPm<4?wKxcd?*p4+c`=aO^|IfyNiKqN; z#(-@qh;VtTw-iLwFWRA-OAqK6`=`xQM8=}sA|ieVWgf=lt|s3ZVaqlo5}nerUtkemv-Xbs{Ti_RmMHsjjvo$z0thz@X26`FoTywqlf8k6c1!vSMA_p`|$C_AJ5E{m}3r|LM9(0E~pDDJR ztCx+vnlVc0!2W)zteffVxoJO?cp?(I!!LHKZ*lTmV*;t1n{&cGq|h&~Re@{);}1D* zn;$EC9T?+aLK8>};$v=#e5itwNbiMl`{fAA9Xz5q08>b9 zY5qw2I!OGp(iAj=Cwag)0ep7{BH~IgFB81$c9|o5@H)k*X*`4VBh`}sB?+u0OG+AQt|%my z791RTL>P`ikpy|Mq-^d5>)XomT(g=m7FyMiTY>&%2f-vV`WV({zKf}+;C3Y<35mc2 zH))7BE&Itsyb-N(2DlpAcN1>7_Nh~hOh&)IN|w)F~}Dx$yOpzF|B`+_&ZIWaxA`e zyilw#Na62Wpw>>N7bc=&^OtztuF-TWQ1TwGjOTr%MGm(sU?39z%l0q&X z-vZQe1$v54C|<~_;4U;y&cC8@y1HC>W4ESh?vRwzRy_)~qd6ll5cDx#<0dwY5hIay zR9qn*`yK4_$nYNuk=%ksrC__&sJB4_VxCp!@H8nrS2~;_Ps}pVw2bkzHt_}e*Q%ET zsNiCm$32OxsMhjtUhGbxw|45o=c$dAiGjDmp0G^<#IBv95YrzKQGdZ+YeD9m2T5&* zz|f<+4Kh;BK&o^?o-~X;h#w%%N6mA+2tqk>aKgjpE}5)%^1%-q$~QGgL7SS_vcTX0 z!LqmkRzur1ou2*83@cja@T$Sv^78F?Fby;}3zK%C;(k=O4Nmldz?zL;Eds<+m0H1y znlU$x21F$R2?2>T2%n(#n4Dl9Wd5qibKa7U=$6}2)Zbe>s=>*hl=jltDfzESHM`ss z>3hi5TJdp)-1Uhd$` zZH@wiT$wE^NjCYwSaqF5=ZLKS3SGnvztCCQSV4?C@tQVWy z_!zzm(Ib*-K(!S@TRKk8{7_aRIiK7Os=g6=K7AfD?}#h!dK^X!*+0M{g3JHHs26Lr z<+(@3EjF>NV6tyY*qqe%4=oLk5RsmI1SNEe?QK9F#RCM2gNUfN;~fp57kCtHmG>g{ zbZBoU_SjE_8+Xe8^EKWkhlP9<3KS2gH(osI+;}ebH*c$g2lUIYCWEP_+ z?tH`~B~OTqJtOa*8&6Y=^<^TviQXS8wXEzCgRj{L6OApt8&9>}v3%5$gKnjt6NpXU zFc~&8@>G0Pd?cJ5MWf{0?AhFCC!FBW19H;8q^fT-?Z|@>SoYsu7dX}ju&gJYQigVY z$f*uC_o7OytaDrSFx7^dTxLvF1GAl;iQXv?ikM8v-JoiJXv^}taMH+_`MD6Wc}hIO z$VW#oO^tEkkR8Yd!G*WQeTvp&AeGH30hg>k4SR0ui4)ak$-*lIUQ3uuj6>f)7vk8-$#3D3*9Or zf=>XLp%QJor|wi-&q6m=IBgR&FJmCs+_z&iK#LtQ9Xu$FQ#gFit(#ZHot~W zn%pNo^_Tjt#Rjy!k2`4kpy&zeU_qUY5|lbr5&}F8g=T-%0XmI!Z>gz8wt-% z{eAfqAVCv!3fMn=6U4ev3?25lARJ8LL+&+C1L;y?GE|<^b)CHS(Ua_|>y(da3G>A| zf)WqYn?xpe4e(?oiS6)}Vg8?0;bIBV^pB?^Z`E>~tK{&na(rWB>>8P;ar)X_f)wgW z6h_K&%Ga6p_yh}`UH7%RqGN5nbQ%8IZUf1V(Ea|t&gW1Fg>wp>f-mq)8TFh6Px-og zY??KdezF=~bP>_%$u^N5yM_W|Zmn891!X3fjUL<__S)zLw=G(MuPI}jdJ0K&h7_Yb zF&e&|(I} ziev{n(Y&LCsw%T7%?VqUZ+1+*wYz#Y_qAzs{(OJuo4&Lo5ny&IG0(`yS*zF~Rkv>? zUF1ctC}98aF3pAB3b*6{g5Xs%wyHBe#$QU!Ar}#4``<0=8nWvzO{-vDKQ{ zFAD4TRwBf`fd)`RUMwc=wD%*$0tIyZbe=Z}=qergd~;N!Fk5QzTVZYp^@s-Q6o+#0 z<9ajJI0H(9F825r`0Hrg22kL#ol06$Gq}oU5D%}Bocl~k>}(>f-FNqbax~{g`^)GJ z64J{h8$z-~>z}xk71>9(;$Kx#1pNC|M}8%J>0UF?;aahnl?fkGXKSL>(La1=x{_`b zjD20RqGW^FPHXK4P5^vs3}kA=H@>~zAiE3#0>}^gU)Px#C65-$qV*7E*G@CjRhxqr z*Be#hQ-Dac@$@Ge;cd*#Nvew;U<5ewi?L1S?M4AE@C7}zS5TB=%d}m#Ay}lNZ-++= zpAKqwE%CTn4kY)TN4~JyqcA=dtgU><1UR0oLja+k8rAFZVa}j0#C+?$P2yeC<1d(caZ=9bn zM)4^Z8OFsMYj%0QTyV$&79LNZ$Mb}boK}bBuUjY`z+1PpoEr~{xN}DJ7#{RUg}`xxFOG~vDYH!liz+9IX|2Nv<>%z@xxku*)zxV+GvLw8|f$M zWr-H38AUFhA7rr(eu>#r0S`>7Exn$QWDh2?aVDEWOu|d~OUTsEzoxEiZlpPV<@2)& ztiS7z$}U9>q5fD&{$Mr32@DS?cA%6nnj|yA_=(|my|j<#b(x*~L%7%|&wyF!r*J3v zJ_RPV-~rl8d+y^UrWDuD-B5~{y=&ROp|_t|t4Mo*|v0iyw^wX z?-?3=7ToxJNofWd{}mU3dt=U zg1q!o$>YQ)o5Z}kp}3#%IxabI@&){vO6Lp7mP%*GE4Fz}QQpWBi9}3AHc%^Sl`?Xl zH_J}@oO1D#5Z9!cK@PN43DugSsX5{E?WB}>Q%?8E8D)xAs8tyA>=7#p^ke&z?7ZnF zryB7M9qHcr<=A?%DxhOQ&MFPcig**fylk1hxGHR-U5=+45bkIe z)5)K2U<3WmBS|fKqEmmF@_Vo{{Xva;M}-2Zh5U7Z)4k5E>mRE7YUdduTaUY->gRp~ zRYz9Aca*i8dp&-pum2xQady-rkXj-l9L!yqozHoDSG18^|IsKC+E(Z+;jHuwM%i#O z+Mk6XYO`oY6Bs{#{6*^1j7^V8LT)qmT+GC?ubQyLX8tqn=k{>CIlep18x)tZzJ3)X zs;rL&(wE;eb-s@}`wgDSQ)9AZtNO|tIq$8>@#z+B2IRXLU+%GF{hhZNgVnsOJaCoET12dZMhA= z__WDi^5Wo=a^Q!O?#nr}1Hk^BCAaew~J?i@+}Gr`T?Yz5?<%!kWd5=e=_3}QFM8%xJZ4G6=bWqkDPP)CiM)`@8dxzB)=Y=1J; z^({@HUNLEMYg;^;^%?7NzGO_u2<^X1ZU(Pz;oWw=F<)TP2kr`4j!^w-DD*x17Zi-t z{-Mcxg@8SUo||)_e>IK66**o5^CFpytaiMB!5}!QZE46OvW_I+~_7d3e#_q8p z2%hu*hk(`{Rd3MY#e!AAf1bMW-AJ%~Yf)P;_riJNwC254Cte-S9~IzhMmu0_?Y_y1 z?ASjsCh&BTmeX22wuT8`6jTs`@cys`+7n^I;|4y)`A30+;7*rM++h&<_Z*w~cF(by zl)_o_F1z|YHD*ahFi9u#hA+;a0g0dCUp1WHF{-?=HI7fr|EV4S@Cr{I2I7MlXKd6$ zfKPgTIQbcUJ`r-f^b0AwJjn=7(RkMn#03f56@n#F@v;xAD79|L3p+Za35)%@#o7JQ zf7F5B{8jH~|8ohA{E=*L-%iGarSL0m%>vy)HL6UINX0SGraOA;Otc`Eyki5%Nj{QK z^tK^$mMd?~J6aU^@zZg_2h*0r?A&67jQ=YY)E{18$T`ZuSKjE+U)wwzm!m>3ji~d$M_hQ ztjY0!z!#W`hv|WJOAsJ9R^zfi=5?aCSW$LC`(nhfPySW4QU!I~tZH+#<<844E}4o$ zHlX>~TAxx}q3#tl^U<0z04K}?fMsxh5?U9_3-mJVAgjKUP^|w_42f$)W<6GFnVL$9 z@s!CV=S(1|b{X%GT|(jo5iN7QFbNS`Bk@xZnDNp7LPK(McNl6_vloLf$aq;x&fYGt z1p__0W*S$i#DilD5|a3+1Cz*VNnLO_{kIqRyvn%9FIyCxS6jJedi`35TN7}&2E@+X zva_41r{`0geRi=P39Z~7A8E#e=1Jjh@zEZB8uAGNR~bdT&Z}{DL2;Ew%{?Aa)&Pux zpK@Aa$LMvsN+w{v5&L)3z@B6topa$(7_`C?N8^mouSR^_*UCqgZb&ge>}u;F=XOB% zY%)4Ho*}{T&qGrWN6*_eOAI+RaKA0az3c&dGI@|2{;aP2UyX9ol{@2e>((u&1xjyWuW=$j6&Kj6p5+laZ#p$CS#8t)YG=ujfMp#%g3 z9k|HV`50>QJ>;YgD6|h)W#IqL@!k=uziD9rnzs8R;zNP|;u^BRads zKv}Eif2{iD7^nosLz@!)9oJ1qH4F-C_#~}dOGPNgEmNS>;e9>i8jT?$mP{twtkqbK zH`vtnxM6Wb(qqoU6LvNX31pO`Pk#8?Pnlo2`>FCU{X!cf90w?{Lo)H3RKAN=Ka%D+ZG{JkY)llO2*f9 zA&>N$=?Dvm;QpFQx>4dY=;#;|(x*CBArrkLQZU3F8bqurjPa2h7&_{=uTt7R<{DlB zr8IZbwNbaTwlsogNZTvqAfufSB1Nqapf*QBN37xGtV}wW0H5OWu9@0Pz=> zx?bbtW8>RVJx^_IkxdAovI!%s!mEO!2ycU8FMj@2P%Am3b`WbA+JzA;h@~4>*s&mI+M9@l4_usLBl02BDz0`Kfa3EhR>RX|8<;%CBol%}tA&@;O zbk78SEvc!H7=niCD-CVDpv$6^f8wf<3i?J~f|#YAVY_9ePk+ItVF>$J>Nc+PyR#YCEZa6w{+3l#J>R$cdK(BXWg{o5xg!fn+ z{EQZQdu4CjDv>_qn0^D_`ZP-r#~&qCpj$H9U&GEu(OO;W0FZw~RKI}=?ZH;{V7&sC zkX_X{AgjXCeajr?vROv^OQ0%_3yvAEso_6$YI|geJ97pU#ePo}I=_BDAg=AhWJ53Q zr+(`#2iVT=LU~sK)-be4fAle-2kLfPeR~nDO2}J;7y3Hs)9BbpYRVv z9doz*ODU*vO1UP_9$heY#m$aNmK4ge!d*VH^5e8aM$0xHnOR|W>*3L4wA~!J;;kqY zZ2w)Ar`{`OR|`mETq9q#kzCa)*#gJ&W|&!E#4$m+qyk3yMrtA-L$|wx*WbuFRemAo z%u$k#!^tnJPPISTWaBYQPH~yP*}G(t_EaF12)~K%l6i#&E+wWMcYIr1$y3{F6K{g- zwJ+J*IkYZLn)VNSVrNTLdcYeyYGD9r3V+?#` za66Ocv^jla28}d<(Z%A>SjrB@5=2fzSzxV zFm0KvchvtIs5bo-kLVpqt2gX};)vBby#yyBra$%^V^_W}CyXf{A3U3qs7HVnBis4L zdN}oOQzmQysXwr{ZC|}28|V@)Bf~$l=C(#B#K~@rPS{c3+sv|dkC8w2G9!*UAQYGo zcI4pSnmXGNJ0n)ydu;gsAvNMCI6Acrp|^*SK+yk(l?`0A`ZL)Sd`4gZslugoa+rJ;R`;44R^=otV@-Zd8}{nshY3W6}}DIXaRB zydS24?b3Ab%)*_ z#`GxFwJOq(Lg*VlEwwA)kfky8UU48h6S7Cwhk|CmT^}H!?AKrXVoCl@)C!fL0nHzg zanABS(MZPiz@!Jdb2SMqZz8f9c)jN}wZ4o;?On3%PqwS`7nB47D~ zG*^wb?%IgXOgYQ}5CZ=yliCrDwqsd0=YXdjoITs2e_3HLG@X=`-XslrGM5*IT6fP6 zDP|-tkP@@jL4OVlOfqCKrC}7wYZRCi?tpeMW`a~t0kvziF-wU7f+hRcnboh9jod~c zqYx@P9ENx$twu-hbR54|O_8TbU58YH_!A!1GPnQXu!MjjUDw#2iO-{KHyB?Zy1+CM z|L_#IH-6>>8d`?qA)dd|B4lDth5R!uKH)&Y?9GhI{w%EFr02#jNL(=E`21tMbD z7xDJ@1&LF5L8fnsz?hLDLac=m-mWZ#z@*Y^ja28T(-!h0j-X4usjh6iHy6!OMEK~V z#;W4%RNWRqY7|-7H8iz3}nl#+vUVneX`dMQS#-c6ijL${D+wCDuM})WpzJL5m44Rb;X; zVr;uT{P;7y6?V}{0L$Waz5UlAP`+J__`CWXzIlUCSdv#*7v(b(-$og9C<4$(Nd~6_ zr)X>HEA^ZQlBWXwI=n$unpa*SYw}o0#@Rehx45E!^u#h}UNpnv1o6hJ$_xh+ptNKI zDtp7&DF#bh3v$TAh|Ax# zV+N`q1B=h;4MoWL>q>|zBm^Gs=1>m581OVnRE??W9N^AAr4lI&NWvHEckfsFfM$;C zNko8^aVLUwSSHw#j^$+2^{fM5{%m@D0;{oM`!~e02P@qlY8*z|o9=#xq#{d)2ff@k zw4Q`StaWG5Z+yLfUwie0VQ<1Ctlc`kT#7t?YW{89Y@Ge8^!A9NOA?YI*x#Vx|3A2` zTM1Uxc?|aufN837z{6W5H+|+sePnM*-nK|uX97&&URS$LnBsZ9pr^m|o>u%Skx>h` zn0ZqSYNs+7Kxa#6|c zoY8p9-HPf-k<$yjbtXYXnGIUeXL`?p{H(n_R<+bR1<> zhW>eM_A00V8K{H)o~SjNxFza)WAx_PcTwLaA%*x}m&`%RJl4BJBI#is@M?+ByBO%L z&1s<&^b+m_9I<3(ZN!?EeC!0^ALoB3> zh^(RAMMXvavv~6D+{Lj1U|sU6Oq+wg;Cf}~N_E$Sy}j9n{@K1;pC>1+e+7}<#zi^R zskX_R9XY%Ga=jS=#s?~O{i~QgPb?GSk8W_BTcpvDSI{cOZjzC&8%&ee^QQHmO1BkW zIq{*(6Uu&Jk^=g0RHakOYy{I|03VK*StwN{GlvW5Ke5nZpcT=4;dHDmcNZXFfFbq< z$)lx{Vv1U=LgWUN1%hxfYb-0MY}JA(s>)GWAZ*OnEEC8}DolE}*gO~HoO^%0zTZYv zB%t--!}up8vlC{NQR;Xnp0Pd~ee*7^DgQx7W@epnRr#vGHi(Ud6u1ePOec>vWykpCSQ=QSiPUK1o%ov79x&@Sxy=;v>&J&!KvYz#K*O zr7p%Y-NQM;9m+NJ3n9r1XPz&6^J>fAqtY8XUQ!`%*~x7YH(sc}dr{Xm86P0TQf`I@ z8!x?s%g-P)u~A-Tf$e>(#hpBHl{vfYpcl{mJ^^vf=39dK&d)5HJsVmF0u`=N>fTSLnSP$@ z=W+6W(6unkpL>ca|4O($vSf?74gOMo^cMTC9k zIo;0ZFE6RXBn8L(3ejh;l8gU(rD7A}iP7k34J-w+2}`ZXek;bixM-divhu*VTwQiH zFDVAJFt4EF^PRvQF+V(7gt%ahKPucKq~P2a%86$n(BqlY7>wz)qNHd~7!&9>5H@_V z_2tQ2((W5Pg?hQZ;|z=lo@#ct2b3N*_Yaqy71b)BlUH!IPP97yTz-KwZ>r_$buG&65>AX?nIvX6 zmdBHz+qgHL;#qIS$?_DUiSp9IJfy27(Ckf-uQXLu5(y@LCgC~T8JHM1Q^5RL$X8M? zK2(g5RO6GUtg_DfX_APfBBc6AggI-5NxD!z%b9&?yC+d4C-abw=icmw#q@x47NV4A zef{*hfskW)-Hhq6LR41*X;*^BuY6Dx(pXL&hbZfXyPUQSf(ME#E4ZWi9fgj)VoFzF z=0Q_9C2Z&Fg6mtWZs9$BqqUE@=!Q`fdUaec>8lBEqeqUHZ?{#)aRn)jyzBOiUXg0A zzBd1otdvG*&1L1_+4pJ)%48?WLFl11L>WXUVsdT5)lPuimlQ&YrE@IFjkC<;W{nEw zBx%2u*HgtMW%bGjugaSG2JXkA5IBa1-7RtwaYu8`YDJthDZZ$6Hz}E=!}p>q>+_nP zB{VMCYEqPinTsJh_&E`!Sx@YI9+A;%YpwQv^evjpoU}?n5MRn?W^is@Sy*_d`u4Hj zr3g+nrqeC$?U?UHvxM$m(VP0}5tA{3;RYHh$x%rsi=%xWlf?-*78Z|s9)t-}u-Y#V z+U0dSJfVx`OgE3YNGJQM>6i#-zVKO*{FOwJEH1CtMkp~v>S_AuoilYp0ZFp&rZ?Ud zwOn4}f8bi9j>&EQIzc-pNoT66;A)Xpq;}VW|6?^f-8)|6GGGDnq2=lG7EZQ{lJ$4* zk6;{F7GiU|m9%j>LTKT&1Ng^ahzAz=+3TxI@1F_eP2O`=>9~|##wsB)myVZxNcW!a z;}3YI_q=!xG+hwVhGRp(|0DN=iQ$IFj#Q#pzRiqGqR#b@;G7RK#)pP5@uldBf)CJ? zNRulQjf}0R$cE2FSL~817>PLOwN(nFkrmVIv3YfZRq)hQS^jiIv`o46{X2{yCy6Ou zvDXA@$tf;7FWo@Vrl{c+b^H^B@&{`4XdjAcBbqa+`MxX~7zoUF{5}QWVR#4e zb*0w=h^gVbsH$dHUuUDFO6)oX(WWEfAJuNcpbwWxt!g)ar*g6YRa?8ye!f2MCz1lMdGC;Je!m8S$}fKNU~ODWFi z5a!Ec!d_?59DSbYcLTIf1J0p7Oa;MLdgoTGxSjB%IMCA4<@!SKz#9~fYGQ)#g-9HB zY7fE@MTt4Q)O|;VcIHdOtIU64Jw6J*)!v|8$F6iv}B!)^YqIB*G zY=ug}>v5Oc?s?y>Lkl4jDZ{>j-7z+NfDePe(~cwfxmCN#W|U)-h`*Kv#!b-t&t9-OMC5jw9_yo=fxGS zh1E4bN}^2d^eWelt!;-8aTU{Wiwk`bfrwkf8m_q%J|ocKUC`))PTG-W&HK|lx_8JT zI1o?onbT8yxt7nRr8nKmgKo|Rk6Fz$PO#7g74m;IwdvLWnmOTEbY=Q+b5xk4<5Mu( zJ(k1STI)TJozf!4BXfDawd#$)LDrO|=cOxV<;Q5#b{$)VMVf*l=b6=`W`X9lIxd~m z9Z3u?)o=_T6OP_=X;)jHu4lr`{cI=WETCbG0#V6_B4IDbF-joCvV7 z|CDI0XZ$|%w#+j!t;ZIl1J%A6{a(t218n2Xq9ZANrSYb4vfXbu)iE4*oK8{*F^TDw zJ}#j-U7KK8ZJ&1Ch@3bZQFR{6`>Dp>2dAPsRe&zA;7FRDcAGBw*% zLrJlh*HTq6i5K78d;YwUd7XUZ{N6V%Z7OJ7QRgZn?XlWA89_9=6BINE$ze&pK#kLsp^-VUHJkz{nwS={ z8G1MfJRM)BGSb*fO_j@ur_RT%uKP%_7#=(4mw1j<@70%OmB5mhrWT}6^=2H~x;tw& z`t9zAj^JRd!PJfjj~)#&Cc-f}jQbQvxj#+!%i)Gs*apd+E{mk{LNdl~pCYk4{6z}2 z5Afe@dtz{wcGeA@fmYd~?{=lh=gsSu>c-@K@Y0)NZ1Mzg21sWR1(`Z!x|0hxxx1GO z$x=qnN+@YUaTDB8U%fSl=V+oS)7`EZ)yuKxtY2271X&G*;wxOY`G^(%bW_Z6~SLHZo}#;?pFB6|LY4x3wa%_U5^ zL;-b;*(#S1N-UzMtDnkxuRa?LJx?-n$o1#XY5o9|n~UrH^oCCCymp`3!F6a2bcNxy zRnGOf#Z|W>NAw9FYCc)WJy?!owEJ!cW95UoZD{}}cON~OdO(u%8x~Z4{-@rU@n@V? zZ)zvPPhtP`+)m$2T{FE@{5ZsF*slS1M_^12pqj@=24y(5`N?n`jH zApHI&TI-cCH@3FQe8r3_nOBdR^f_Eou=>vf0;1&CU~o`R!Sv%>)30xgMlY+=^Ob!x zsDG5ngE{(Y_McUOs4+xUYdLrL-o2&rprK1iLF@Q+FGiNE3^tTCmc{k)NnOGZt1?H7 z4U{BCId)u9e)jp*0C|vLNlD%u4;MD7)z#&Hg6%sT=ZGtOd>%1T<4d34npTjuRGz=V zOeH7meWg=qV3@Z11$6O7bhiY_+zuuAjM0M9X0jUm#=%G*+a?h)Zpl`6BFi!dVCUNCB|c9m~N(@SIn0)`xb4~GMq*zr!M@B|m$ zDpI(eqMftNjPMep8bfP3pG0}%oyWV3uy*-FH^@e~U}F^#J%*Q;)T)zKUzu>k7Ijii ze!Atzb=OSL-n8=(eKB{eKE*}Bv*YeRTvw(S8J^^8Z(Dca z!#HK70OaOGeWJ7fIY;G^D9k#WTM zMr#Y7))N@D*HY;j!L!RVm?zp7JHj5u@N{_JTq!x3@>s~ZJvdRpuN#*O`UH9Aw^8-+oy)l1+|M2C>=MoO6R+}S;oRt zF%sH?5og)+SKh^^7gYO4z3M8U4|6oVFwl@a_RqSrqWY|-Us^Q46VW2z#NUCaHC1$`M5jaY?MT7 zlmlKrk{3ByU+}@yK&v1t#EMM5yrpFo5`R$e#7#2N*je#Af=Wpi-X?r_?bsP91@`ak zi4rAwEo&i{1(wUwM_&|P(f)Yqwwd-q+4SNR|E*=K+((aWreEvd7=P5tv_@~y^lYT- zqi=@uQu$+2@#E!}RV|vH2nn0B{IkS|B($DTzR5M;XggW0t`M7aMey=bZxc(trQZ6a zgRIijX5QvD?a{AUkHn&nR^pl-cEqgqa!<}AM)AR?VxLL{X@8a5y;B@Kc|mmuA#ba$s9DJ7Dkv~)KTQqmyJyMQN@$0xqO zga5(n<&oERt-0r#bB!_Y`!mM=wqE5-94}xt38sj0)pXyd;3ZZGs>lyZrwp8{-len= zY7W7YI-fl`&4DNSIxM!=^jzGmCxp-S;$?(XdSbmb{0e_s>NVe9A7Tu(VnvL!+Uel% z=MMf!Zr3lk!tI2<-47nTITD!Kt>9@cln8YE#EJ|4d1G273W@T~e04c*{K*PQa{f;Ny}ZudH5Ib zalR6E{K3>N*~~(@c8^*miP}maezC9BDO_?%kF3OjKDsQn`SW;tW18AuU{1w_%;KTC z=Z@Tk1ZE_Cz}v>*<(z4mxA3XGKz&0ezlaNuRFl3jyqH=`<1YWIi2!h_Yi1)ep-uuS;jbYDS#icCpANAUdFGUIa)&gCBp7*)eLlR$3sQq~q0Y3;< z$fbdQ&}wTZL;@#kh1|RNtX{8mE7NWS&fUinrzX+#70I@>T1QI*>*USeI>(SE87y>2 zx|cMuB<4!67(bqwpQ+GLdIf}dVHo18Lf>8P!&OT{MSiWUSeG&>Tq&Hg-X_?tJ8N0VTZLl7nq zjxqccV1tFZWyIxNaZVznAYgmDnGy7z*C`q@{O@<98e*XBau@}JF+G@R-+6#Z-^~@s zNa+}e*~EvTPc!NDTWW~=LWU#_!|K<-%IvxIB$93~$c(FLipDvwKu6g`>#5oLfHZsn zU%N!7dVN}B;`RCUADDa42~ou?4FRGlY6Rus_LpvR*_tF3rI;O&&kgBMxelKX6%}#J zY6q<&{xXysmHv$|F?Iv)m;b?|)O4bTw_ZoEam2@D*u2(s)5077Z$1eGND^+FF9%!w zE-tsL1jv32y?~~$bPw!F2K=2+q=Dp`rjd=nm}?B)WEF}2={O5!_VjcCURDfgAz+>8fbJI*z5qv=J;B)5AMt1$@krCE1~ zdgC>&LPd|pBLKnT<>A82ud^7+Xl02$W5pNc+aDOv=AtgIpu+I{>I#gID*d*bY>a4b z9&b`1P$rXD4fN{j>Iyc}+{Ab6m1PTEU%W)0YL~4|6g5*cSJUEWC~J+Rry=#VDR5!3 zw?7@DRy2R-FE=G4YR-9rCZ(&O5P@udpDfb#n;b%}Kr6*4-9?`1W^0>2L%W-_#|eA8oZ-u)OBDGQ-bBA2wa zXr{K+fa~$KbOh*Ftbg3AfO5M?GSZdjAna85nau>7uG4Il-74XW*ITAoPEosAgJB9N zXN2|2S|790f-WBdRqNB^tA~&*ENULQZ1ou5on+FraRP?5RdmbQrj#Bs_bGpO!Mh2k z*Lho5yww3_tj1^V4mu=vV+lq$R>~~di!w2;tH~GDY}-d<#q)ewjO!!p?)(uxQwupb z6;rr|ZD_mB)5|p4Yd_;zv#e?2V~5$a*F00|Lnk{v0mfv~U$Z2&T_zv#ISkGqp}ow5 z2&U!AV=@vM2K@jJe%IorEIK6iU1%d__!4$&G?$K~Uxgbam-HoD+R1k6c!=Fc@TWO&Jr)j`E8VV%(~2Pd+mGMslF0IM_el z^Qc)ivkTOWz}tJM!GIYnM|qy6^hv2KFGThpcp`46xwH##eo|1{>RhRe>^V;U z=pI@j6$Gw5ND0-^D0mWlGd7S!EGISM)Vlb8OcK5{gwi_T6wn3&yUm`hO!9KK5xrYG zz1(g3TyXa2lc&Wh{Vc`HZjl6^?Rch@i~mk` zCF*O#YO~#T@+Pf`vUgngtJ8Tb*$=CY%cp4yYW&rO6EY)mtjVOpJBDO)C#4uAgT8Y)BCdkq)UHr<*%!1JS8;6z=q*VejS6wAT$}m$AlG%*Dmd zJq20a;e&aaTA>HgpV3Rz=6^f)up~5Opj(QyO1e&NI-UR~i7s-6EZW-gEC&Ufx}N{Z zBgxSZ!C$_j2gdHXxGL$bmyL}>i}0MMci7le90rqabiNK(DI3#$18kMTG||f~4sCn7 ze7VIhw~8W5VQT$N_+rjr89&~1)CV2~7@MVr4Ys#<%P^PNQ5rnt`73e#+(72Git;*Yu1M6ixWzZ9%#_boRLX7# z=<%YY3wIU^rh9Zg05g~Okf1OMm&(vEz-C(!-P_1|^Z+SJoq;0qo1DC*&9E)8U{}Jt z3tpTg4*2YUa49Yp?#_Ja#?`{bsCfZ-lzPe*wkjI2KP+Nyf8_A&u056>7pKdSsZ|>a zJk<4p&hGa69fP977n1jl9!|0rJUr`88zk^5+x~!wRuFm-*_h-QRxcx)2oTKA)poey z^laeIpD2E>+T{*)vtT&5^B2A3B(G5WY{)oC^*8h4GVt7u(Yy>i6lU;V30!BSYrE&= z3=ekekCxBXr-BeQA zv{U1qE9xDgvP(f*TdX+~%)_JL+nMqn7PPdq=E-h?YT%GRk`B&1=edG+JS1+`&!2s@ zFeZCQR}fxexbP`xD--xRL?fJIGlPwSr(M*$2nY5AO6#%tc#TqeV&|TzbK@dRerH?t zorm1J8`P_E$*zH^XOkais@(!!>OiPsyb22o%|0X2J}dl8Z}#r(fsXtrE9? zIK4Rle!^(wDntdOK>5QY&Mro)y`b!|t0ogBnllt@UZ(=g^2OHHQ z%avZFqx?3|7ESC5++e55I^7t8?%O3Q5&^*e%B2pP{g@S%RT+m=84cuQ8GOkc0`K%9 zVIPGNZc3OYjI=dcl*|f;nD9iTLPMv-s!3$E)9b@U_{WYM?BiY8&2?@`=1L>P@Mh`I z0Tc2~tUEAegtKJ(gRp{KP34=z5C0*NSe>3B`RB=b`qur`1Q`dks9h(aRi#lp%q?A> zT~>w7b9wU2_oxl zfIMd@wzI)?PY;CDDM&I#tS+ZUJT@Hm>J4>yZ%BnJ41ulXUR;2Z)b@DRTXM$rUj?(08Ob4louVuTP610))_Z-I@___0485 zoPPGgL~AA~L|g~XaTEJnr+g#wf3ri%ezHUG9#Izbw4?MVvr=IfDGyB=EKaEHy9%M5 z*sE!-KrE~EL_L}K6`qbI%sB|UIs_!QRWo0ZDZlLl0iY89?RLBNeQe!H=6 zcB9JcgIDy=-_+JYdzkUbWrfx4vL^QLds;e86dm(-4%;;nZTT!>OLB3Z_xrqzm?mX5 z68qcmeSR=4tJj!FYg7lUfx}GZ$dU5WRd$w@q0(J!fSc=DHC)_FP z&3MlYqhRY2q;q70EN0*m=~oj-mKq1DA+v>}lds+82dfEbETqgU4HV>N z295XTt4|}ejtL)A1`W2OM5M50>jo<;PZ$_Xsl9L!LOZutQ(4EmIBs9(1o&1ElqK|l zbL=K{kbG=L6i#JaTxB#6sGInchoX3(fvGyA+hs4VAJOHYm`BK$M|>~`PCJ-Zod(SA zPN-52LJOmOke>FZ4li_Z0YLM{QU%a~A8huE2_Ro+!1+Jt5W*J|`vB zzxLoPmTa=W04T_nE}4kX{4G}9xaM`hu87^(WQbLemls59apu?W2lr`l7e6sxGwvzZ zW<(M9$Erd27sEm~z?Vw=&vBA5&KrGLx`Brp`ifCot5hG!v2`D-aEJ+Wl*1Evm6~ih zoY8dMg>Di6+UPGmiU&V=6yM$t>NsB>X#xHvH185_&@p|KOXDRKp&};-vjL~*{E04a zCf+}N5Zz7=kDEU`Q7IMHh`ay^m11G43&jPs}6vX_4MiR1dvw9|J=SBj0WzjLY!#90k)-%6n z06)N;6e~c8RsCt;czL86YrsxkQ{@aS&U_lmL4W0__!P0Bwp%2zzjcs2Oqe=Q>MS0SRxj{os(aJ|H8sm#0 zf*~de_ak^IrkjHilYO7V#Y>oNOFY0v^N#dB!Q9is-QCez$^jyY`4XTH8fH2VMa>_< z_Plg?E$x@a-s49@kI%REyuaOYJA^1-On&*Hg6Sr=o-t4=*mJ72dm&@3~V7Mw~ohm!j zINF+?=7EI1B!1NP`kVXxO%J3*OyNjaG)-*xxB+2mI{{&5c8_1X1!e#07G%{;(cywG zkNkjhC_Z>;mbY8xw!&9o+GF|o2obV>ngz`K6Ffmb`F@rR!Q_{{E;yr90tpo4W3e-v z5=&wvV_hC|w0Kj)R-)V^0mCb1h^K^tErY!{X^ltvecfT^G8bbw6u{#p1Ue=r%hs4mhYX3r|6|E-+}lv&8u}mL$poFu?9%hDOh;OAb$}sO=o&Cxy`Q z@td!Q$-l)2PJGLMoqUjhKMS^`vNAD@umPB^OydhI348#^INQG2%dRM9c(^TUlS`b7 zs|YClFy(FXRwT#{OAr)f=^psXS;~9*8m(Ba;mh2`u!qk)^I31I* zLQ;r7xjFn;JmYP%$<3|0Cm`YrUyDe!>)b~7%lvmSsWJJ#6Z(U8_`5sFU!c*4%K$8w zV!;J$2D=d^Bs$gLuM@wX-#T5aNJV^l(|NESs_&$LvwQ#pr3c+c~$^{Zlu97Wb zL`!~mmiq9z=9oNT)cc7Va#mWvaNC|BUnT{9cLMRI(-G0Y)L=lF4h+xw#}s16&KpP^ zgw-?u3>-AwX%vFRuy+v)@u(!X7e1u`i7ro39>dp{@gAZb*4tm-XlsYKvYFp8Ff{c0 zVQzoZ$Um{Fp4nYLw5z@aI72|rza$I+{_Rouk9^*fR60Tqi*Clpa!fB~$86OZ2~P-h zn~Bgq$NV`%mpI4C3TV;LuM7 zPaXIwD<#Pu%>OO0|0)mAmE{tD@j`3NZl*J9x>`}}FGSy^A@J+t^>xJJ_h2uqeVh%4 zlExU;BwMzuc7U=V@Z3ll+n&H75{#2i<-mk#aT8&`gKADlnA{% zfv&aga!w#E_QcE@bbS|Q4 zUMPGjjN(=JLczv*vc-2cr;TUON`)XDC$%!E*{bK1Aj#fcL{1==Mbb^l7ov zsIkE|5y0BX*2*c5#r;>UzCMHJ_)n9G=;UvHYN`6rN_N2bJXlIZ)!Gs z28cK4P3kOX(+R};9hUo4v@0WJwb<;1gwt1AdsZ^+qKD8KwbWFG<2#RHrX{c8uVgAS z=5pZ4M-5V;DLUtZ8EdpQU%g!?r#IF7#9*r>`sh&_QEdIZjl>HHsU9x1CL%$N81?(< zZ;j#gF}5(nF1^=@?Nj^cjnM6~V*)=uByqfMj17L&e9G8Y5GLA#TJ~~TVdvS@ov@Qn%5mb(YxtMA`|9(MuQ+Cf~ za$xHCQ*zMEI)=hetez_UnrLP-(qj?xh!zOE`o0y4m z_Tt`)Lrua&JS7h!bmRZL`ILnJcA#AQYR@43!ZyfrhYAnT#ND2H1i8+F3M9I;F?QHK7N*j zr&hf(70&3VvPQ`D-SW$F1vw6IL_NGOUzJ;7o}-3|_?LZ(4D3_*Qa+~J)yx!(p01M< zz;GjjOtC#EoqeTLLxg(Lmg7nu4-L%BLwwaVTj_xXL4Vvn!R61H9+ZtD!3bigTp zt(_A6?p0fjK7!;@UmwAV*^3ep3?sYf8=O>2mNHH+Gl=d?t5vVp^~JYne{bi^I2rW2UTFogFzEPJ?8!yn)gRI=%$&&LQpvcweas~OTd=a~ zq|E^T`fJ?s29TDanS!!QgyHnvM+mVtDO>}|$l%5Bfs>68bWaNwWwam0+fl8YDky)| zdQDU%%@Y*@e)O_1RU4f>ONK~5Ta+PaaS2z*Y#2g5s1!t|^U3lMvW&=w7TRn8digLRt}DVU;CN;=5@sHd8fQZ`Sue3y{>pW7?jB&4`&!;&A#LPv4e_ z^;f=NBB-=AO>|xtd|MLW_Nd<3r#z0u#LL@dRY%bJij_ex6dFdQF`0`UQW? zx2fHua#_3}SoK;CDmN+wBvlhtd6b6!bU!n%zax#;ILqHNo?m^uIEUyC4-exv9?Qi( z3(Y*pL%O1HRX|U1=sWn6S-em#bVa#<-%_5c{o2a1Qz>O{Ki(EBbHx>`0kRR`5&TJ3 z{x0w@b@V9eut-MJy<2FD__36|c$Ylxs2S`dB8Rs2rMn?U4lm52Zfdnt!Qx?!19E*rqr^m}iIb$!kIuQ`~H7Rh` zd?)KWCHCkl@8Bs0@(!(J)KlZ;DCy;!OL*Q*uFI14;v1Q@Hjvy7IHt^Ot#?}04Eh-_ z9Piv%7{-8qtOWb31Y`Z-KPMO;wJ7QPt}UR*Zn-eR>UX;JHv*c5K)i)!?NVAnf#~Wq zv3IU=445scZHY)wLTSQBhNZ8yJ+fw}FcUpichV3XLxWrr>h208#Ps+qsdG+{XyZn2 zVjh*e8iO%QB^1;WWibM$retBp{sJs;p8X)o7Mi`&msM0}emAAYc+=ZgWH2mkP;7&) zfLN=htgw(Ru5+IQtK}DC?u*XUhKLXOX<&7tsZy{Du;vlsqRJDVP9W4M%Zi8Mr&pK{ zfVKRMOkC=5BPkcCii&_NZC3Lt84({}( zhU`5c7CUb{NVa8|b=Qq)?vK>1I81*Vbz0kA(AU=9n5u1A?9@(DIg*}=bZN>T$Cf?c z+_5)`%*b$q4@=yI%%sBQSXeI-$>vcDE&tkF^8)m6_ zYqkjuCV)fKYn+rnY35MKldautTtLG4_B2A-ZO?XRTedPd<=|83w(l$p21Y(#C`awL z;1ZLY8CtK4LOzcIn1NaEwWTn_eG!YdS*xev44X25N|d~gN-P^ZHXwBXzm{HFe-((8 zDjkMtCe_mo(-ZQbEa_fs2vTBncXM%5lWZNum$5)H+nY~7!r}jkC`kViJG>wYjC_=} zS|ghOtj>ZR1`f<5p;1<`BzVN`u9KCGRmEl>Ld~BLHT#=lUM2{0qJJg`^kJiY-O)%X zm=YrmSk9;?nR+abKSU5`fLVfc79~PGa8lX#u$^hipgmE4UtKYp5<7K2GkqB#_WV$t ztoj!h_20N{493zLdHia0Q$4Jck*R12UmgdLY|Azlhk z;{GD=BTW5!z2uW3y4u>w_uq*e49=pFFf4dRdjSOTr;mQLW%s;cq&P!(#1XAT23EPK z=ZJ2%UZ3dh;4>mp`lnKgRz%16VktellLMV&B+vj{kkwPw`L?n1QlOG z+elym6{Y~MXb}5mbwInbUJD9yP%SQ(JUUkzs~PqMi-;E;ZzkoEnJSUlb7u?)f|$*H}4&AZ&qlbHnF z?jf*eLNM(?aK7B;K zZZZw{3;kO#TASfajd?EN?qH7A(ag5@tNl`m{Q9G6hr=B87TJ?0;toxlaejVEq^${4 zFIq;}Udk5@3@0qWdHjULFQ@?uJwDl_1#Fq_a*u4$DmVq&qZ_{4X;{nx83Dtw78CVk zi~F-vEj@#|Fb)dccISaM>T@GPHWxBCrs{tvjQo)V@R0av(Yt#9t{X<{_a#201{~Pk zRfN_MESoACcS>i3&RJBDnTQ#xJjqz3unXiv4p);95CB_k^2pFq=yz@s;ocK@b)jpA zQ63KU*?x~2dT?g^6%x=LlHjC2u;vB%x+eP{Y69?LuY3S4Ke|Z00#XQ=2~93R3g>HD zC~mq(C_OH;B$PU18msha=dLkmLy~NsvJAHz)~8jNyf8qFC8D3^yAFM7h2`Wmy1y*L zR99^4IU=<4h_616*-q^nP>G3Jw{aLx@O(O{PzYzSr`Bbac zFCGbv>Ob}w;Bph=#Qte*wpZnfW13!+SNOJtJ3DMWtE8Ul%FpX?NH@^wEloV(S{)uv z*ers6_xfq&{1=h`r~CYVxc!;g2LkHV$U-O0Gsy6pCV$KsbXG-F;0ix*;JF}kQg?FyRDJ6fe`G4%A#Rur3ku2SsODc4~ z9pLFM=zH;T0Sn0EQ0NV#rF*`6j93V_c7K!w04LsG+_ab#P|6TGgVxoU;u10IF`8%yQ#YZQoZ)0r#9Jx# zoI_uAz>CdRw5dFb)@2}VbjDd%7Zmr1oh;@ht8%Nd8^kcrglSzAPRmd!hq3!?)BLDr zZssarc+}yB+#isQk=<0XH1N#nrO{yn59W_*uOK?dt^q7!@%4C3+W(JWz_WlWo#C$q z6GFTLO7jQ~1jcitvStTJFWBcb?~e!asruFUAhXWA8o|?rBSg0;P3z_O!WA6EsgEsu zS`&S={0inBQ8EJNlVIdR_d_ibf4@-eZYjcL+z+^5OBwVMZ;nsS4~4|iL&t0shu@aK zy}{`@4)eo6pedMIEVIEWgJ{B~lAkh-0v#GsPnY7hunDP^wd@U7g1<+zX;=Mw_XDc8 zr{Aith(ihnG_%WU7bZc5asG>H7ZC5nF^gyQR~h;H?VBxX+ggX^U&`%2x% z=G{|z2OEq3h!n6Co;$LqJseAq!eur#OuEFT$*omSFR|%OOIaZHjgab4slt}tFyzz_ z&5nSne&08H2Ym!DEsT4DKMj6~FfD=@Nw$GTJ!O}hdMO7!RQ1koN29e$h8Lw40@%a| z{C>3*hL@!{PP#lzLN6npqEI%y;MD~$}AhJIU7BRyo?vPmQGu8i9 z4Ja^=zf=PP@Yu>^F5e26@7|nUz7_5UzyMjqJJ?dVywz8Cd!cswBFUNWVe z!SmeJC}|OLggdXbE9H(r#40-?yfA2kd$Kh$qLQ1~W{H9v>M)2iBy__pOGw1)59^T| zaD|-09)d8iY>X0-(bj~_PVc~w8>FYDq%<}f>SikkXBb5MUwj2$MTvW5+Z0-8-@-2` zaWMv`t2ITkenBd{M`p(+Gc$N}Zt%)nY=i?q0+=F|0UQBglIf`d#0J;%&YDLkw(#b? z>fxiI;Xe0NtheM=1jC|BAP!sAbAbGhKdJ{ax0FT@g*L=mRq z1#Z?N9&(8wXcAQu8S_-YKNkJkHqb6PNcTS?jTVDfNMk@1Tbab=bGY-)^s1)9zA6X6 z3R$J?kmjk0OxjX8HPF>D5#yjeVWFkV=3WZR44~(`Ub^7^U8Q;35%#p%r{*x+cj3Fc zLAbfppx6)+AUpSb<246^_v!Wk!ehc_@T2YBgXtdF+#n;vw>G!7l~y}gx|hY%O%^zf z*VUMcLI`nT6r3~$$mRGt;eTD!CDJ;x$Szpo_(NT9LZQ5$^7u z$E?R=LGbQwMSCSDPYL_U03~kKMcr=znly@48E72U+v9v$OT@BJy82s5#x0;!!21`) zjsH&pi^p1&Z}XyXUl`+sT)s!IS|9zpvtdinOmi_6zqKP;H3gycb9mzoI-p zLDwed`S01*Rl6oK(j}u07nTP6cze`6r9_11OXHmPzaEn(KzsI59Ge$3#_P}NpiH-= z7!d!i_XC!mW>ld3Jx0^s9?<24Up27GG)t{S@)G_))0y(B$obUwjMDUir{t)>y5nMl z<`epVOr(Bms!~kzhqv*p&kQ^6f~$A}@(}>8`Y&~q80!plr^T<4LcXrKymVSq>Z1TE zs3e66vo0#AuKHxb1_0$#<_$|ge=w#vXF}IU7|>DFMwv!He0{D{{5wE-rD1fvBu5cV zs(B3=NYZeWM^>@0Q-X+N@3L&-VBuxCYQ&p^h+DE{q~xp!_?SB2a>X`f0o3EeFag3s zrA)$TP1c#5UF9lIg8uPEA>?}o`J-<$V*40Ly;j4(Yh-S!z+xn;`K{E8O<)QZzu=wJlx_iG zQ&3507ZOv8F6LH*&M^}Yu2?M%;{=M=Pt*+im#>vWDV{#Q171 zyIp-_v!5haSJWcfOx^x*N<%})1K{0+*}?lhfx%4+OSch!H!;RDD%SVGTDjwFQUDG? zZKL1yanSxLfuJ$=ND_lGKXs!px+OyLawu4WNV3q;piwZoqmeqLGV;OL{#yRz(~xiZ z$=@fFYg-t!W%mE3G?L`KuE1L_D}*Z~!Gu@ccfLBZx}Fx{Y7cX?wk z*R@FV1bY^z_$-ZdJu1P%%r*@=s$_S@)4=GSr&QO8{H<&J3sudJ)izl zbwk3Difx7Ag6Qwnnpb-r{8Z#maYMT&M1F8#9L${6WkVPZ0GwWo)wiyBakKr)dBVKf{x1gZ2DGy-fi11`<$<5s?@&Gh1Hew z9kV#c&@SFY`)V_B(GFt0I;mR>c?ILIZ-4Y4SL#Cswup-G`^zBk!xkY4E$EfTAX5Pd zm&!&aU4n9E5Q?Z-1A>2P2{YW|56>Eix&(Tl1I?HVY0_K+92Bjt%g-S9?GTrV&!#*v zgg0q?iAb>2;aO?uZQ&CAg#EBOr6@p@!9YyR%K>IkA7`E&oyd@3gF&2__kkKLgIiBoq!BAKurrJE<1DqOi1 zrXBeE&{+ku8*kNiXic8ym=iqSm6v%kb%cgSbyBO6k(W6OoZmftE5t9V_^!J22svQk zAgKhVB7-3R(E90mE5?f=$KN{?+E74yoc})jZ`-q9ITOByhCV;cLL}C$-+C=^pY0W$ ZBSPUshBgVr*kFJ^5~4C9g+e->{~tUlwS52p literal 16920 zcmZ8}2|SeF_y5>;vZsXXYlg8TYh))`Bil?E*<(uChf-O}&WwG}mTgF~Q`sI%maI`| z$dWQ5`~MkzKHuNx^?#yy?mg$;d(Qiwd+xc*h`MoImx1;iEd&B#(AT?W27!K98HR9@1Ef?j_ubA1SA z-Y#d^d)cW`$#UQdeC7(WQTa}*ip>WVw=PxtZZ(%NHIF`ZuXzpdF=*3p?b7fbxq5d- z)4NmC`<>R!H(ECJS`HmrzLVEH$FBMIYoo?=tl#MB>grj&*7N+RZ!x5Qf84--*vK-` z2+?`nq21Je*dl!1^7bpM+by>u@U{+5ZJi43;Lq%D$J#sBI)aaLjH7!E+&LbBOhMfJ zinzPvbSK^EPL{J%ni}iWut##rw(MRCTpkW$|H*T~NLPja5d?-t)9c8Mer2fseq{RN*lF)- z;zklTFRzHdr^pD9)tf0QG4d&`$ZP80T&4;u`=Bh<0!Yt*XH7I0l(^N z9D%%#3ZQgT^jA0Hmewb8o~SXUlm4!l5QA!E9)x!U%zI)ke0i39?lD%cp*$!8W;k!F zwNFBG)@(SmaA9?jURx0Q>C>eygIoVk{{Dw66m?gs()3JEZ%td0{tE%xeKBP^6-q^+M5F?-R1!aGLetsUaR)- z+z+a22Z&EU&&LQ*X|%gvW@z6OU_lGlB6^v0HF}{u7gzWx&q4GI`AeVW-rI&>%-ATx zes+UOP-yJYcj!TO$@pj>Jv38U1AIWJfb4J~yZ~l+6@8JK zOBG-z5!$3@Z7o4@68_{7e`4q3sZ780i*O;xdRN7v?=6uNeUdx>_h5nvwJZ zpLagq##XvINw*) zG$T+$mi)W1GNCZM>&0@t0Du+}I{L1k1UsKtt(AYoiM}ED^;yqVIVBuwcy9j?@tkWq z<4jZiS?aj(aDJ+*jC^#Lmr))}D3v5PY8;z0$;jQpubquX&DJzHu6xL@ z(!=#bBqTRf2KdbQs5HFUkWU|8hUx%5V;3(lF4KPMz6SBNeV!gf#q{f~-S2iIGb#)T zANK`OpYQ?G8ZI_f|8&F=-_bLKd?varxUjw=7fG=5@!4pj~7ZYiMOZwOQ<{gZCDl3 z(|xSq)lMZZ{W3Uu-2k2~MtbuRS9?G$E^rY#-#8k2l(QMK?HjlMbF-5BXF~c*@wha5 zdOVgNdI4Y;$G?4J13fwDpFh+++~3U!`@YCa2oI{_{#lbQBJQZ^FNSfAZhs7Qwfu8? znc<2=0$I-+(i<`br2cblF$3+v^9PQQwfo{Bw zTxx;3%5w&&udO`}AU4v`oVc122}fGkk%=l%-SGX+dxaL7M#1UAiTCT4H^>z~gbg-P z7?f4Efz7ymxKegAH9|?cv7|BLWqpKn0j-p=$<)EklAO}< z57X7(eZRY!$6p&2^*(_+v<3=ws32nTC2~`YK>y7uK@4Y7H!WtvB8<-A;N&&ZOC>%|a;5<~Q`;E$h1#^*RyDAEAB_?PH?hau7 zk4JmKQ)4Ao+pUw!Jpy@JL7fH&hoLn$7N7;1BavYM-L3oGoGsiD%!br?pGnpjCiSke zMAm1T0>$yXsgE{y@Cc@@oJ%clrF?RwjI;+AShX*%btutmu+*yXnzDM)elKiiP_*0E z?rA>fu>TtlZ;keY1G8!!uW+3z&$ET$p%4_ZtWZpTG+C%du(s%BuytGEk%^(fZ=@zp zU~)QEVKHolE3tmCU|`EoSi){rII<*pWd4c-aN7LS6fQ`vq^6i;ss1?aYw2fHm>@H8 z*G=g!C(_Vyr~T-+Aq_@zAKtW;$v9jkgRqs2f0_X336g>7=)Fq-`$1ZR#Rco3qjA-H zTlKOHRRLuV*qDiNt$l+n2WyE1#su-BrnK^vWC^2W zi~eM2=;OxwaO51WI1TLVwQU+?0 z2UbCbPs{YA1VuPx0+>yovFj(rRRUr4(K;E-P%3}~)y_@)fORRbL&IbNL`I-{5jWI? zj<7sg%;Nv8t942EV{-A0Epk9zZMl28xRqgn0+8rBoO&&mvnW}JBoQ~y>FzUm8z#jW^6x9W{Q z7O%tdtNGzP)5zcoFIx1KX7@3L<0-@kMpW_8TF_8}>ZQq(!jXCR&W4phQoQmS&da?A3^+L&Pt z+t}62&@-{rUAFrDy@ z2qmEhK}YY^dfZcYmr2QW)f0D?(*CI1btvjClaT9r<1{JKbqIBriOY4hI8A~bJ@jmY z2KEl?zTE#z=T``OZ^nSObmP8>j+72;92o&;8WSFo zt#5YGLo8a27VlcXK}MmPRH*sMjO}x{QaR~+-N&y7JaM%}g$8|dI)$X@3h3ll_&BXX zLfq@m-9^1Z!QIv(K%^mfV5PeRnN3Cm__k1nAGkX7wCLGI= zp^J8WIUSBf@;M49R2R*OT{Z|0y`80+$WzPXSn%I`H6}cm?4nTZI%QKkgXg;R5P<1= zid$7YGuC!F?&&)nvxG#bG+PEOXly|qd6O34K%Td!dtXe7{{_teCtVvf0I!k!Edl-aZg&^4& zqVmp(g#~T=_vkX_i95t54sT&p72anyTu$!LyXxg8irl+}wRbejb(T$!7j^cdv7ES0 zLup?SdE1#z@x?d4&y%ciGkVv=G`j;}Ews;9DHcV=ZE^l;=xpNXEvWo>DyBHb zmb=gSsm<4dKF1)W_4!%FDU8pLI$9A2&q?`PqM&bbw8kEAzIAdr-lfYmaEC6>^hwV0 z3z8umPKhKqZ{HFDK(%xtC&*J3hvdL)>J0}WJ$wcV5DsEs@irbjZ8FExE1k34slbsN zC3@+JoP<8fOb&ACIQbGuiPk@Cl=%5qiI?vjm7e0MZhea9d^$ISIYQ!aaGA9`shFDyueN~-5a&O}JS*>R18Z03A zdF3->`+E|cwZ>8ql$Go_ejTRNnYm)w_&Tj_Xy#zpugE!+%h|iY&*tE}GN3*AP9^xg z=gNW8KM>Hh8(FZrtNlox7kAb1E47$|U;j;sTr_@H*oKd0{q?M(%d^iu%1<6h`xgxk zw34fs#U``2IILH)Fxg_a&#txe(B9>G0O}*by!F!}A=8-zYbktCT z)O(rR3snIl;_RuZnp1)J!%LW|f2AK_f{ojuQX#6HnP1D)CK+J_j)xmiUIF0}Hk24# zUc>AnlL_qY#A+Z$I_e*V2N(!UR$0Gp&O80vq2*l_Zv}z>b=;>Xjr_j)|5w162DRjM zTieqe+jn?#&CCMtxczrVH6bTxMr21O3Ky_x^D_MNzR0GX0}jB`d@^=z^>8lrKP{OH zGpcDaoB$n7AcsM^QNgK`pB(!xUK;mqFWx?E#tteixMCyfCL5Q(!iM*8GJn~>1VN?O z%ln3Cw#fw~h3uh*p&%>V3E`kWjJq-7d`|nL81QtG zP25tiAm3X?WGL2p>xi@!oGJD0S1}3ID2F`hY>v-$%`5Dci_S-3b|=SPBc6yiAoe8% zLxdeSIFJxgwP#FKYw~+0;~zSk6Hi$s|FW{VFIoiERYh3nv8LCN980Hg9p|KThw>tM z7zhTZYA1cHIu(!=ZOX~0b)aB|5OGOjXn-n;-{_Qca!ao z{u&(mgZ-h&f1@Na69sWOHZWY0R-1Y=d;@g2Z9C3nT3W<-D_gGj=w>J%7G3AV$pdYW zH@+hZS9_|Yh@qoBaoY6s6VweCJru0$vRNRlaZ$hB+Zy+aQJJoK)JEOrd)d1u+jOO4 zqn4j#IQGvW663lT=%b9Zp*xr2wv?PHw*gM3cNDbbkEuNId+Q2hXOrJ5xjZ z2!34lB;g4;VHXO!@>$V0gyt$VtP(*i20`Y(ng3=Xd}rXWQHRJPfHAk5T`vNshUIhD z&anV-aAZXq4V$d;b7#GXy_g5>GQ?tM@T9Ktx|)`Tb{_aDcX~HHXc!ft;{KorT1!tW z!Uo!wKXnF_fCG?rQ;3ig#He>j&g%$yt&YG5O@sNjkkrTyNlYAXK@@2qISw9b!Ah|W zW*t@w)2=WB(h*90qhIhw7;Zd~PM|{!mfYkYdF8O~Hb}E-|2ONp=m18xDlNE`1Rxg1 zb9UM>g%-C{x05Uds)t^!R8sl0@K8^XuP9I=R5g~(yoB>JDMAqAdfLFFfP|tOuVJWY z$!C(H+ix6rU-ZzIKX~EF!KTAjTs^0z#`w3=w2tN;v#&5f(CPL-{w|$I0Gjs-HY5tKz+M(< zeSkwv*oFl#jug1C`iz?JsdYmP3?}OY@26S11MUS7N#v-{uEK4P8l^+4H9-f+?o9HI1^Zjls5d5; z75B!)iDRT0h;OXmTNOR=4Hg$Dgi)o&M;Rp@#qE0+_lCGg=Fqz%g_Tm=wqkTc6i1iH zfN>@$s|I%ucK?A9H^=+aLQ+CCgZ5J!fP*k^vb( zq4V}*X5G6Ll|{*82y{L}_~bGaIN<&L*@%^GBr~;##R^ldvykFlO`e!qNlh>+?){+~ z(u8g7sv$etl()uz@23EfWoW`uoGQk4M*V}DfiwDwWGrqx;h@!KLUmM$MlA?Ee*qh#%_1v6TL621f2)36 z{c0Xplo3qU3KNrb@neGZjXTCR-3Ks(na@>mwUeSqAP;HIkF0f=Hqh29^6TfELeRrt5&&J=d5nIXWM1IZE)3?etutOB0ww+Th}r4N3`g65~f1jK0jQK2fM z&WI)YMk;;Uh)u5Jj(ay6FTLiL19Wop*1p&TW z3D~~!4oyC{6xet6HxWChuES|R+j$D*2_+I$(1+y6p2C8ItGUJol7mD1A|lnNAW@;n z?72mRjS$9CyraU52AQ&21%2wc{wl>+OTZ!x-8k!Jp4wxdA%xpWyz$1i;x_>oV5ofa8Ptr_ACM?SkBl{phV)9Y-iRe5EB;*4c({m^gL=u9?{`XS zUlkg4jy0nvuTmxrvxU(S-S+A5kmf1iAyJJBI(|!t^P>7bxRL<#(p>@h92jsU)aG5Fb-20?xhik^1YI8r6&Pm62UfNk z(G$5_RCCr3V_v`9URNZwN3>paNBeqY=2r7vluvTD#sraXuW#%*FFV$$7P+=Duh0_q zS>v4bY!?M7IL_Woa-MY20qe+8&Dm&f+fV|<(9p#g@^PVo8$HhDzPAOnY@9AkH@=lY z{9qo&;g)e(yA7%@i502Co*F^gX>nu_165K^l303F8ag{fHRnfj(}w=vdYs&$it5hF zFlmvWqhDaC9CWt5YR+bJ!-fr!u8x73*=kR6;9s|j8khAs4FTX><^Oy3*X?@TUyklq zO8KAt?%5hGRSS}E+?CgVay(q9t1*1Sg6i(Qxrv?T>?0iw zsCp#`wsPQ)@6A;k0bo;T_;DUMBvj^6H<#_bOx8hIk127%=TquR-H>=@B-4e#30W;D z*jgRvFe;G6zhv%=KJNa6!@47;VgLeJGlVsu%^!|xgXo!xQ)=@X^fMo zc+Fn=UYbsH^Scb7GK5DvgMCK}SpitOFay%(!RISytX0LR;{Et&_!21sGMW^IWf#F} zU%Gqo9NZZuM(OAj$3a>n9-Oj2E4Zxn4nxRP$7 z(AZ+G3k<1!#U8ffAjH&WY-wqE@8(r!G?0UwN(p{0Q zZ;4WVH%i(_Z=6&75+jnbfE-xY>I%L;TF3;9VudLoSO>D>I~sPZ4-}fXKGYzHC8&^C z;pO(fddM0Navg!nhrm@>8)pt%(sj#XZ>>;>`HM4pM0P zmj_E0m~PKBsy|ixGpW3YBM69=`G_ahBgW^&NGU^KT=Snov;yocqZMwus^hMn(*4|7y&IJ5sDA z!{3vwuWOd#u*XhLX zr=!2GUdH}M+ZJ)as&{&x4ApSt7RU~YRS>XN zMXO}045ugDv3W%H%nOB5td$GowLHiE+%r|ZCT?`#CgMGRtGw?2s;Dcr9`=*AbG|bbjij$qU z&qx>8c1;|Qjn4K(JDi8WTmCr0b$*f{*O;J>oc~0uoT*5U)43v)s%;$=hTi)zJ;s)& zj*}cn(ZjrYE?D2)f6_I3gBRgFOR=}Kso8N%0?m(&k2)lg03w^v18K`E_~|kFJazMJ zpfTSx{#^O^{pXJgskj_FWt<=!|&jNqVtb9p|~WwkXJJtqgH9 zp*7-#w&Lmes}^s!(-Q7n;ejKy*Wty>?mFp@*CEwkGff^v7Iw#5TVZV4+S0GiIb@{s zZM&u_EcSB7~hZG|XQ{0h5SX?S#e+UaWB%XZKM)JemF=gCReRx@S@alFv- zrmmE?#j@k@-LtmdSEvw-J2{l&rS;wY={s=y*hcX;Pp&P8lQqIHFAOofr} z!6hH8iep!^@E$i64h&LZ*bGAW!}f=zfQq3DQQpCQl)9nao6LK(IW9 zY9^b5_^#Bws;bSg!oqlO`f{xQ^Y5jQ2nx~B4oNQqXq@y5k9w6SxZIlL3g9EG?qz(+ zz^?8KlX0XTSoc!;Hgr1L%!dEL<4ay2Ci8Q=bn3;x*+dA_`?Vs`33WuRXoFCIgvj*| z=u>)Xg3}2NzM|*%i3IFilv?yIe1D+nXPc7lNHICAH#P2Ifh(R8CG^oo7w=3z@jF)= zw26p48VoGvC1{27@Ja}o=*o=EIc7&5pD;dfsvsx0J*gAx2o^Z4xF4JW4Ikqb z?x*(!kH0PK3+^I1CA?v$BnX=$IXJgQ?1@ABLFc8U7I&x0#U104PK}S8Z&A3fbNc$N zoN0QD3y}(XO;p7+8(I%TcJ~sq%3h=L&h{oMG2?;IW9!EtQcVfu9Jxi?Te#Jaw&Ud_w`fuo_Ia^CuqQ9PdiAO z6bC|g_^$dg35cXO9idir>Zm!zW;z+p1EtbeP?kOg7~O~#RLv|TOK6h0T>EfDJ&$Z$ z&%+SSqzq>^2k|z5GGPiVYHjb=vavj0v8#RfB+QKVI~kt&%cBo3l)y<`2*ZiVNGP&0 zi4>2xGwb@xdf{_gpOJ#$Cy~~S|BmhEjSTtwJLWyG^AtI9bFpcm1p!o%CQ(Gq*-}Nr@Kmr z)Bv>Y^T3uD(HF_oDLJO>i3FXlCI}=b!T;ZqW=bMM43(5fh+PBgRS{wiYY#5#BN`kN z<`KQJ{Arg_q8jcMy}q2ym`Hh+Gt3>Ypao96bK)rcriJa|!z+GTcYYOIcMf%V0Y)1uB^%jpt(y#$DoKuf)FrGZ`C|M{}`i49nT!!$jU|8@xXP^D~= zVPEgNQ`7Dz;|rwXvgIC{hH-9SW=3OUU7zf)J6I z-8jD1Ne@Zc8`)>aESD0q9NNaqJ7-Px`LELxz**jBcGVKGldiW*%Xj5gpipUAa`o)7 z4au$!<(J0qjmeCOjLF^bocWxB3=i}9H(=4&lH8kA=8-El{gWhDUVjQGP^?uds8&)=t#syHN4+D? zMS(|Fn`T(T5CmQOB=uqc$yvzdrkb$tHm2|ciE&wXf^*7RamDCRi}Q->PW05RU-^s%hM#c_`mhi+R@5N1yi-T3=vpAq=o zs>s;wj$TIk2B$*?Vf?R84-0#7-8sFvi#8z1%`e#l<$(crhW<%rdZ1kYlg#xXkU@2q zK73PGJ6Sz@gqNPOcppZN2SeV?YRx(4bfd*-6(&@L53Y>_7Zx0T)EST`9VKy7#&`}9 z+1x9K?XC|X!EYV)+0m)5_o)A;Ah0;yOph9Rg zzV|*~I&(AQPy`*k|4-1RnjEJk#0jaOWum0*Hx3I)EW1p>-G-QSggVZYjR%%+VUPSy zak%8hSvz&!hT?_Ym=iw|7FLKs(yR5*=kqXK5m{sYig>KQWkRduECeBd$8;=HqHj>#uDVPqGsw#QJERvR(kPnvd=wm zIOL9GlJk*JgDe?$DY{hF@?}_^w1+IUhvUovSuQ8HTj9~z*bl|T#@CGC()0oLm`(1N zQnCJHb{6M!U}1XQ9?K4aA89Mfqk3DKxSk)^NyXz{FErrk07|~+bvcYMy@o zLym+n%>M};<$>eG@7z3j_+1`#(G)B0kyM;44h&}9ytr5qE9Z_+*V7l+c-d8fRkb|x z1NSUV_Wd8No?jyW>ipCLcR*52+Ot>$(NB@5xp7F1SsJk@rj7EIqu*+ug8be4nX7;cBZdX_ME2SZNq1JItiZwecW)eKDSb( zT_|HqpjvFO8A+P^X0vdGKV0OYRvji0^K^Jo&5T>nock_T7n6qJ z731xsW33{MR?_vsrBWo7A!TA&ci|pOx2gsQ(4o6MFKHFn8YU!cfF!W&siDLmQ}iNZr?u zP~AJ`boilgo3=lNLANkkb)^)9WT^B!(%vv5eeu@7o`*|l2icd?o;#Mq#6`cffl6Z> zRVICZ$q~EMgGw2i4X(2#frsBI&xK8=wFWfo-(wm%Kx7LO^QnYw3goa`Fh}0Q0cbq#Jv5j}oB#R9GT~)P-0mXqS;zGdG&g=By$u!{+U%J$$}w z(o&Z{JxP|Vwu97E$(8S>agDwkmBjF-aBW}?X04`MWtR=K^TgkKiK&+daJx#c4ghDf z4nuP~N*W{A?f4%Y{v7hQV!%isju`g)JfSR+6z^NK9;yw0g_^LMfSU?`AfoZ9lfx!e zH>)ymv?yi8dEdm5wo!KPxY%yp29y$RyN4=_QG)vcFpFYBn%h^BEb0I|n^D)+I&1V>q zs#)tiQBw?FXndGXL3m(`DxG@;7+GSYGlV|}B>Me^OqNGBr33^o?}A5;huey8Y_ZFa z0uqVL1yt<|_r0y8pQ7CIgcBv?Q;@k=fb&&>bf~x~Q#WSS^^3|GJr`zrL=~Y2=Sw_2 z@K*$Yq*J)mAg{-Em$LdA<=C6rcLzn$+Y447Vdw_vE;P%Zmru%hS=_Ii^Lr5H;QZMe zp98#nRarY#bX5i-_L^iDV<*5XTFf9?4$wB|YA&MAbojWv0z2q@M{{t-eJL;ZSAd6$ zgUg3g8w>5=)+XO32UmWK%1nT6lvCI_{4;bmpVw*>!Zm#FvhTWd7dP`TYoW0!Y+Vq_ zEBc~^2_LbDctO2FGg7?66m%9CedYwN4L=qiyWD6M!Y*T#qEBg|GV7+$A%PdF=sl~9 zeR_-lX<$TMsUv+58$fvG#02+dQ0Eskw`BHF?(=HA{$6?6K6Xp(hF2|{zWT#PNE9U> z9r~6m!#LHMcI8xb!(iw&4U>3<`mo8azF4<+HM%ZOJj~?-_-JV5lWcl4109R|&J}>Xf(b_vKJJx(7$-MyWME zY1wghKoI4|CF&>^{1L}{s`LiW&KuBj-qrZ{!`|H=alU{zUec?~8pWFhVPzC9-AyQM zMRUDM^+s53W*(j5=Dt}?iBjD2X%+$v1O+)~z84ZC%0cu!|oeJfdQ#xQK zQN21nHi(Ej9Cl{(UH?i3A1$VR7>+GnGu@a3FZQP>NT6_e=|)05b*&j+!CgHHo|i{E z|DwPUv?78wf95ow!WA;VP`)x?ge%;r8khp)(*9&jBqy7^0a@Av1P zk74;DBgOo1Mzb1C*Dp68Id-kPdhNW9CL!#wCRaGWdKvMbS`WQ{dSDm?FTPh!|3-`7 zaS@rRPrOv%DVVeeS4&V}CqczWvtJ==JAYV=9E{YC{*$-h*jX{xGW8ap9_uHCHM)t+ z)XRt#g+*9Y40HV%|Dp&jzY!fS)Wk>8?t$d;you)deuJ}yI8u{x2!+;{xM=*&7@n88t4t%r$OJ_F|dXb(! znUPTMEPD}f9VsS-zaYW{Kl#!C&Dq`;^%95RMTx-rGabAB7lJ0L6Bsl{KO_1qOz%By zR(Q*!2beS;TxF4Q7Sct{|41d+<@gKNpGW_?hOH~68bcTJ)ame}?ZNrz>_?hm902GP zu92wfMjmt15uS_GH}GCsEVp`|>-=oDi^!v-88*jAn3x_jhmyUy;@`L=-L_#4R|6{& z%v1Myy654ws)Tu7XYBgnQ30nq1s*($H)7c*_+xzPOB2~e1!1{S&ZLPCc#0Mh7(L}|b7uar!L=L(j!PP772^#)`W*s`cw z%{_CSc9IEfK8(gX9EeNKy=s`Uo97;S?Gi|uxI}1Iu>9N0N6`5@<_t)~V_TkaG69T~ zje_iN*~Th>{cP6YpRgd;4}F*K)#H#E(E;5UuPSJf%|~yg2tTbvA3{;y$`i8^OzempVGG& z@W18l9w4jiF_AXCu ze%(~PC#L>+s^Yk2SA=-Z#tH>x=JDza(vUx*LvC)K2m+^-en-p|7?&ni=o1#SYaseC zT>M+SR!IP@!EHmMtG_~SK?H=Pvka*!O~DgAbijUkK%4?aA~KOvx-7pow*$~NFeRv+ zTnkJpIajJ<$r2gC=&@a_$Oe6?P^1$9a`n}zLi%KXlj2s)kj~PV6L(KCJ{vz=`m2ZQ zQ?NG6tL6p{&7uQ}7!+OHPb!Vyo%xV6vg7;}5J=O^Dw93&kduV41lSA*Yc{z5cG)P}uH(CJrx-z%ho&?qaQ869uQGLiU}m3S0L z#CfjL*fP#5rI~}BQcnT~SrGt?(6sud`(q`a;XhbFpoSO-&l38mKApnJ4ONd7@P5R_ zMnsSXB}yyP3EnTfh6-H=P-FkQmW^tk)yh~+1}`vD0Vj%qcg(XuCxU+jS9>RCQ)Og# zQhO!v`M(s7>%Rx${L+2*SozQynyiy1#|OVt5~ShXRO3wobbg2y``a4u75dv zp*{-6%^jVO3z0)%@!)L%ie7#PWJw4Io@d$uJYYlbUB)zI2tOGU_ma=4tS8tS! z$27Q`H~xuwvQ&iJsam7TKBny8F7922`Y^5ha_5(R$yG0;TVLHK(Fx`*L38fK{#8pB zREq`bNQEzt;GDLI{r|i~j%e<3&gdW+LDYA>96_8Oc#E?r@V*O^il@^^n~^dNK=!`o zGgRGK?C;=;G?sgalz^!Wmz{WgbmL*Z$G*PC?c;@Fh3 zR*4{a(_0t$-y8n2xQSt%;7trL?=ZK4Us~{a8a<&}ns z8C&ibQ`@9pAri>Ebew#lt_)j5fg5biWA!f5qj33n^ ztnu7=PA*d>)K9 z(b=?HjV>pYsO5^XVbD$LVj8Hn0eXEIp+1WW4NxTS8i6<)8-_AWfw%g9#Y8*RUeES{74HDX66?>NR?5`&;d{ch$_A4dE WJGRt60RLbEL|^;*wMtER#Qy^*WJQSp From 1c34e218df92cad7e207c169a58929cb2ce9cfe2 Mon Sep 17 00:00:00 2001 From: Brian Lich Date: Tue, 26 Apr 2016 09:53:37 -0700 Subject: [PATCH 018/111] clean up --- .../device-guard-deployment-guide.md | 63 +++++-------------- 1 file changed, 16 insertions(+), 47 deletions(-) diff --git a/windows/keep-secure/device-guard-deployment-guide.md b/windows/keep-secure/device-guard-deployment-guide.md index 12aeaa9ef7..2dae3234ae 100644 --- a/windows/keep-secure/device-guard-deployment-guide.md +++ b/windows/keep-secure/device-guard-deployment-guide.md @@ -585,14 +585,11 @@ Figure 11. Device Guard properties in the System Summary ## Catalog files - Enforcement of Device Guard on a system requires that every trusted application have a signature or its binary hashes added to the code integrity policy. For many organizations, this can be an issue when considering unsigned LOB applications. To avoid the requirement that organizations repackage and sign these applications, Windows 10 includes a tool called Package Inspector that monitors an installation process for any deployed and executed binary files. If the tool discovers such files, it itemizes them in a catalog file. These catalog files offer you a way to trust your existing unsigned applications, whether developed in house or by a third party, as well as trust signed applications for which you do not want to trust the signer but rather the specific application. When created, these files can be signed, the signing certificates added to your existing code integrity policies, and the catalog files themselves distributed to the clients. **Note**   The Enterprise edition of Windows 10 or Windows Server 2016 is required to create and use catalog files. -  - ### **Create catalog files** @@ -648,8 +645,6 @@ When you establish a naming convention it makes it easier to detect deployed cat **Note**   This scan catalogs the hash values for each discovered binary file. If the applications that were scanned are updated, complete this process again to trust the new binaries’ hash values. -  - When finished, the files will be saved to your desktop. To trust this catalog file within a code integrity policy, the catalog must first be signed. Then, the signing certificate can be included in the code integrity policy, and the catalog file can be distributed to the individual client machines. Catalog files can be signed by using a certificate and SignTool.exe, a free tool available in the Windows SDK. For more information about signing catalog files with SignTool.exe, see the [Catalog signing with SignTool.exe](#catsign-signtool) section. ### @@ -668,34 +663,12 @@ If you do not have a code signing certificate, please see the [Create a Device G 1. Initialize the variables that will be used: - - - - - - - - - - - 
$ExamplePath=$env:userprofile+"\Desktop"
+ '$ExamplePath=$env:userprofile+"\Desktop"' + + '$CatFileName=$ExamplePath+"\LOBApp-Contoso.cat"' - - - - - - - - - - - 
$CatFileName=$ExamplePath+"\LOBApp-Contoso.cat"
- - **Note**   - In this example, you use the catalog file you created in the [Create catalog files](#create-catalog-files) section. If you are signing another catalog file, be sure to update the *$ExamplePath* and *$CatFileName* variables with the correct information. - -   + **Note**   + In this example, you use the catalog file you created in the [Create catalog files](#create-catalog-files) section. If you are signing another catalog file, be sure to update the *$ExamplePath* and *$CatFileName* variables with the correct information. 2. Import the code signing certificate. Import the code signing certificate that will be used to sign the catalog file to the signing user’s personal store. In this example, you use the certificate that you created in the [Create a Device Guard code signing certificate](#create-dg-code) section. @@ -750,14 +723,12 @@ To deploy a catalog file with Group Policy: 2. Create a new GPO: right-click the DG Enabled PCs OU, and then click **Create a GPO in this domain, and Link it here**, as shown in Figure 13. - **Note**   - The DG Enabled PCs OU is just an example of where to link the test GPO that you created in this section. You can use any OU name. Also, security group filtering is an option when you consider policy partitioning options based on the strategy discussed in the [Approach enterprise code integrity deployment](#approach-enterprise) section. + **Note**   + The DG Enabled PCs OU is just an example of where to link the test GPO that you created in this section. You can use any OU name. Also, security group filtering is an option when you consider policy partitioning options based on the strategy discussed in the [Approach enterprise code integrity deployment](#approach-enterprise) section. -   + ![figure 13](images/dg-fig13-createnewgpo.png) - ![figure 13](images/dg-fig13-createnewgpo.png) - - Figure 13. Create a new GPO + Figure 13. Create a new GPO 3. Name the new GPO **Contoso DG Catalog File GPO Test**. @@ -1443,19 +1414,17 @@ To deploy and manage a code integrity policy with Group Policy: 6. In the **Display Code Integrity Policy** dialog box, select the **Enabled** option, and then specify the code integrity policy deployment path. - In this policy setting, you specify either the local path in which the policy will exist on the client computer or a Universal Naming Convention (UNC) path that the client computers will look to retrieve the latest version of the policy. This example copied the DeviceGuardPolicy.bin file onto the test machine and will enable this setting and use the file path C:\\Windows\\System32\\CodeIntegrity\\DeviceGuardPolicy.bin, as shown in Figure 26. + In this policy setting, you specify either the local path in which the policy will exist on the client computer or a Universal Naming Convention (UNC) path that the client computers will look to retrieve the latest version of the policy. This example copied the DeviceGuardPolicy.bin file onto the test machine and will enable this setting and use the file path C:\\Windows\\System32\\CodeIntegrity\\DeviceGuardPolicy.bin, as shown in Figure 26. - **Note**   - *DeviceGuardPolicy.bin* is not a required policy name: It was simply used in the [Create code integrity policies from golden PCs](#create-code-golden) section and so is used here, as well. Also, this policy file does not need to be copied to every computer. Alternatively, you can copy the code integrity policies to a file share to which the computer accounts have access. Any policy selected here is converted to SIPolicy.p7b when it is deployed to the individual client computers. + **Note**   + *DeviceGuardPolicy.bin* is not a required policy name: It was simply used in the [Create code integrity policies from golden PCs](#create-code-golden) section and so is used here, as well. Also, this policy file does not need to be copied to every computer. Alternatively, you can copy the code integrity policies to a file share to which the computer accounts have access. Any policy selected here is converted to SIPolicy.p7b when it is deployed to the individual client computers. -   + ![figure 26](images/dg-fig26-enablecode.png) - ![figure 26](images/dg-fig26-enablecode.png) + Figure 26. Enable the code integrity policy - Figure 26. Enable the code integrity policy - - **Note**   - You may have noticed that the GPO setting references a .p7b file and this example uses a .bin file for the policy. Regardless of the type of policy you deploy (.bin, .p7b, or .p7), they are all converted to SIPolicy.p7b when dropped on the Windows 10 client computers. Make your code integrity policies friendly and allow the system to convert the policy names for you to ensure that the policies are easily distinguishable when viewed in a share or any other central repository. + **Note**   + You may have noticed that the GPO setting references a .p7b file and this example uses a .bin file for the policy. Regardless of the type of policy you deploy (.bin, .p7b, or .p7), they are all converted to SIPolicy.p7b when dropped on the Windows 10 client computers. Make your code integrity policies friendly and allow the system to convert the policy names for you to ensure that the policies are easily distinguishable when viewed in a share or any other central repository.   From 735db2a4f736d763cb4c28de5cc0c63c3ecd3813 Mon Sep 17 00:00:00 2001 From: Trudy Hakala Date: Tue, 26 Apr 2016 11:17:59 -0700 Subject: [PATCH 019/111] adding content to topic --- ...ge-inventory-windows-store-for-business.md | 32 +++++++++++++++++-- 1 file changed, 29 insertions(+), 3 deletions(-) diff --git a/windows/manage/manage-inventory-windows-store-for-business.md b/windows/manage/manage-inventory-windows-store-for-business.md index d81de7df6f..c32546d84c 100644 --- a/windows/manage/manage-inventory-windows-store-for-business.md +++ b/windows/manage/manage-inventory-windows-store-for-business.md @@ -19,7 +19,7 @@ You can assign apps to people, or you can make apps available in your private st 3. Click **Refine**, and then choose **Online**. Store for Business will update the list of apps on the **Inventory** page. 4. From an app in **Inventory**, click the ellipses under **Action**, and then choose **Add to private store**. -The value under Private store for the app will change to pending. It will take approximately twelve hours before the app is available in the private store. +The value under Private store for the app will change to pending. It will take approximately twelve hours before the app is available in the private store. Employees can claim apps that admins added to the private store by doing the following. @@ -33,7 +33,7 @@ Another way to distribute apps is by assigning them to people in your organizati **To assign an app to an employee** -1. Sign in to Windows Store for Business. +1. Sign in to the [Store for Business](http://businessstore.microsoft.com). 2. Click **Manage**, and then choose **Inventory**. 3. Find an app, click the ellipses under **Action**, and then choose **Assign to people**. 4. Type the email address for the employee that you're assigning the app to, and click **Confirm**. @@ -41,5 +41,31 @@ Another way to distribute apps is by assigning them to people in your organizati Employees will receive an email with a link that will install the app on their device. Click the link to start the Windows Store app, and then click **Install**. Also, in the Windows Store app, they can find the app under **MyLibrary**. ## Manage licenses -For apps in inventory, when you assign an app to an employee, a license for the app is assigned to them. You can manage these licenses, either by assigning them, or reclaiming them so you can assign them to another employee. +For apps in inventory, when you assign an app to an employee, a license for the app is assigned to them. You can manage these licenses, either by assigning them, or reclaiming them so you can assign them to another employee. You can also remove an app from the private store. + +**To assign licenses** +1. Sign in to the [Store for Business](http://businessstore.microsoft.com). +2. Click **Manage**, and then choose **Inventory**. +3. Find an app, click the ellipses under **Action**, and then choose **View license details**. +4. Click **Assign to people**, type the name you are assigning the license to, and then click **Assign**. + +Store for Business assigns a license to the person, and adds them to the list of assigned licenses. + +**To reclaim licenses** +1. Sign in to the [Store for Business](http://businessstore.microsoft.com). +2. Click **Manage**, and then choose **Inventory**. +3. Find an app, click the ellipses under **Action**, and then choose **View license details**. +4. Click the name of the person you are reclaiming the license from, and then click **Reclaim licenses**. + +Store for Business reclaims the license, and updates the number of avialable licenses. After you reclaim a license, you can assign a license to another employee. + +**To remove an app from the private store** + +If you decide that you don't want an app available for employees to install on their own, you can remove it from your private store. +1. Sign in to the [Store for Business](http://businessstore.microsoft.com). +2. Click **Manage**, and then choose **Inventory**. +3. Find an app, click the ellipses under **Action**, and then choose **Remove from private store**, and then click **Remove**. + +The app will still be in your inventory, but your employees will not have access to the app from your private store. + From 7e67f122e7f1da9fc9813e3d607805f698b99cd2 Mon Sep 17 00:00:00 2001 From: Trudy Hakala Date: Tue, 26 Apr 2016 13:14:01 -0700 Subject: [PATCH 020/111] adding new topic for manage orders --- ...anage-orders-windows-store-for-business.md | 55 +++++++++++++++++++ 1 file changed, 55 insertions(+) create mode 100644 windows/manage/manage-orders-windows-store-for-business.md diff --git a/windows/manage/manage-orders-windows-store-for-business.md b/windows/manage/manage-orders-windows-store-for-business.md new file mode 100644 index 0000000000..13a3ef9d9a --- /dev/null +++ b/windows/manage/manage-orders-windows-store-for-business.md @@ -0,0 +1,55 @@ +--- +title: Manage app orders in Windows Store for Business (Windows 10) +description: You can view your order history with Windows Store for Business. +ms.prod: W10 +ms.mktglfcycl: manage +ms.sitesec: library +--- + +# Manage app orders in Windows Store for Business + +After you've acquired apps, you can review order information and invoices on **Order history**. On this page, you can buy more license for an app, view invoices, and request refunds. + +**Order history** lists orders in chronological order and shows: +- Date ordered +- Product name +- Product publisher +- Total cost +- Order status. + +Click to expand an order, and the following info is available: +- Who purchased the app +- Order number +- Quantity purchased +- Cost breakdown +- Links to view your invoice, buy more, or request a refund + +## Invoices + +Invoices for orders are available approximatley 24 hours after your purchase. The link opens a .pdf that you can save for your records. Or, just use the copy here on the Order history page. + +## Buy more licenses + +You can purchase more copies of apps that are in your order history. + +**To buy more licenses** + +1. Sign in to the [Store for Business](http://businessstore.microsoft.com). +2. Click **Manage**, and then choose **Order history**. +3. Click an order, and then click **Buy more**. +4. The app details page displays how many licenses you already have assigned. Click **Buy more** to purchase additional licenses. + +## Refund an order + +Refunds work a little differently for free apps, and apps that have a price. In both cases, you must reclaim licenses before requesting a refund. + +**Refunds for free apps** + + For free apps, there isn't really a refund to request -- you're removing the app from your inventory. You must first reclaim any assigned licenses,and then you can remove the app from your organization's inventory. + + **Refunds for apps that have a price** + + There are a few requirements for apps that have a price: + - **Timing** - Refunds are available for the first 30 days after you place your order. For example, if your order is placed on June 1, you can self-refund through June 30. + - **Avaialble licenses** - You need to have enough available licenses to cover the number of licenses in the order you are refunding. For example, if you purchased 10 copies of an app and you want to request a refund, you must have at least 10 licenses of the app available in your inventory -- those 10 licenses can't be assigned to people in your organization. + - **Whole order refunds only** - You must refund the complete amount of apps in an order. You can't refund a part of an order. For example, if you purchased 10 copies of an app, but later found you only needed 5 copies, you'll need to request a refund for the 10 apps, and then make a separate order for 5 apps. If you have had multiple orders of the same app, you can refund one order but still keep the rest of the inventory. From d63723dcd8cc77873cef525b1682bea38b332f16 Mon Sep 17 00:00:00 2001 From: Trudy Hakala Date: Tue, 26 Apr 2016 13:36:39 -0700 Subject: [PATCH 021/111] adding more details for refund process --- ...anage-orders-windows-store-for-business.md | 20 +++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/windows/manage/manage-orders-windows-store-for-business.md b/windows/manage/manage-orders-windows-store-for-business.md index 13a3ef9d9a..180c738984 100644 --- a/windows/manage/manage-orders-windows-store-for-business.md +++ b/windows/manage/manage-orders-windows-store-for-business.md @@ -26,7 +26,7 @@ Click to expand an order, and the following info is available: ## Invoices -Invoices for orders are available approximatley 24 hours after your purchase. The link opens a .pdf that you can save for your records. Or, just use the copy here on the Order history page. +Invoices for orders are available approximatley 24 hours after your purchase. The link opens a .pdf that you can save for your records. Or, just use the copy here on your **Order history**. ## Buy more licenses @@ -45,7 +45,7 @@ Refunds work a little differently for free apps, and apps that have a price. In **Refunds for free apps** - For free apps, there isn't really a refund to request -- you're removing the app from your inventory. You must first reclaim any assigned licenses,and then you can remove the app from your organization's inventory. + For free apps, there isn't really a refund to request -- you're removing the app from your inventory. You must first reclaim any assigned licenses, and then you can remove the app from your organization's inventory. **Refunds for apps that have a price** @@ -53,3 +53,19 @@ Refunds work a little differently for free apps, and apps that have a price. In - **Timing** - Refunds are available for the first 30 days after you place your order. For example, if your order is placed on June 1, you can self-refund through June 30. - **Avaialble licenses** - You need to have enough available licenses to cover the number of licenses in the order you are refunding. For example, if you purchased 10 copies of an app and you want to request a refund, you must have at least 10 licenses of the app available in your inventory -- those 10 licenses can't be assigned to people in your organization. - **Whole order refunds only** - You must refund the complete amount of apps in an order. You can't refund a part of an order. For example, if you purchased 10 copies of an app, but later found you only needed 5 copies, you'll need to request a refund for the 10 apps, and then make a separate order for 5 apps. If you have had multiple orders of the same app, you can refund one order but still keep the rest of the inventory. + +**To refund an order** + +First, reclaim licenses. +1. Sign in to the [Store for Business](http://businessstore.microsoft.com). +2. Click **Manage**, and then choose **Inventory**. +3. Find the app you want to refund, click the ellipses under **Action**, and then choose **View license details**. +4. Select the number of licenses you need to reclaim, and then click **Reclaim licenses**. + +Then, request a refund. +1. Click **Manage**, and then choose **Order history**. +2. Click the order you want to refund, and click **Refund order**. + +For free apps, the app will be removed from your inventory. + +For apps with a price, your payment option will be refunded with the cost of the app, and the app will be removed from your inventory. From 12c55de9e8336002a7322827d8b6945cf536a38e Mon Sep 17 00:00:00 2001 From: Trudy Hakala Date: Tue, 26 Apr 2016 14:31:39 -0700 Subject: [PATCH 022/111] updates for account settings --- ...anage-orders-windows-store-for-business.md | 10 +- ...ows-store-for-business-account-settings.md | 97 +++++++++++++++---- 2 files changed, 80 insertions(+), 27 deletions(-) diff --git a/windows/manage/manage-orders-windows-store-for-business.md b/windows/manage/manage-orders-windows-store-for-business.md index 180c738984..77967732e6 100644 --- a/windows/manage/manage-orders-windows-store-for-business.md +++ b/windows/manage/manage-orders-windows-store-for-business.md @@ -56,15 +56,13 @@ Refunds work a little differently for free apps, and apps that have a price. In **To refund an order** -First, reclaim licenses. +Reclaim licenses, and then request a refund. 1. Sign in to the [Store for Business](http://businessstore.microsoft.com). 2. Click **Manage**, and then choose **Inventory**. 3. Find the app you want to refund, click the ellipses under **Action**, and then choose **View license details**. -4. Select the number of licenses you need to reclaim, and then click **Reclaim licenses**. - -Then, request a refund. -1. Click **Manage**, and then choose **Order history**. -2. Click the order you want to refund, and click **Refund order**. +4. Select the number of licenses you need to reclaim, and then click **Reclaim licenses**. +5. Click **Manage**, and then choose **Order history**. +6. Click the order you want to refund, and click **Refund order**. For free apps, the app will be removed from your inventory. diff --git a/windows/manage/update-windows-store-for-business-account-settings.md b/windows/manage/update-windows-store-for-business-account-settings.md index 04f6c8e8a7..c228974770 100644 --- a/windows/manage/update-windows-store-for-business-account-settings.md +++ b/windows/manage/update-windows-store-for-business-account-settings.md @@ -1,11 +1,9 @@ --- title: Update Windows Store for Business account settings (Windows 10) description: The Account information page in Windows Store for Business shows information about your organization that you can update, including country or region, organization name, default domain, and language preference. -ms.assetid: CEFFF451-D7D2-4A35-AF28-4A72B9582585 ms.prod: W10 ms.mktglfcycl: manage ms.sitesec: library -author: TrudyHa --- # Update Windows Store for Business account settings @@ -16,39 +14,96 @@ author: TrudyHa - Windows 10 - Windows 10 Mobile -The **Account information** page in Windows Store for Business shows information about your organization that you can update, including: country or region, organization name, default domain, and language preference. These are settings in the Azure AD directory that you used when signing up for Store for Business +The **Account information** page in Windows Store for Business allows you to manage organization information, payment options, and offline licensing settings. The organization information and payment options are required before you can acquire apps that have a price. -If you need to change any of these settings, you can use Office 365 admin portal, or Azure admin portal. +## Organization information + +We’ll need your business address, email contact, and tax-exemption certificates that apply to your country or locale. + +**Business address and email contact**
Before purchasing apps that have a fee, you need to add or update your organization's business address, and contact email address . -**To make updates to Store for Business directory settings in Office 365** +We use the Business address to calculate sales tax. If your organization's address has already been entered for other commercial purchases through the Microsoft Store, or through other online purchases such as Office 365 or Azure subscriptions, then we’ll use the same address in the Windows Store for Business. If we don’t have an address, we’ll ask you to enter it during your first purchase. -1. [Sign in to Office 365](http://go.microsoft.com/fwlink/p/?LinkId=708616) with your work or school account. +We need an email address in case we need to contact you about your Store for Business account. This email account should reach the admin for your organization’s O365 or Azure AD tenant that is used with Store for Business. -2. Go to the [Office 365 admin center](http://go.microsoft.com/fwlink/p/?LinkId=708620). +To update Organization information, click **Edit organization information**. -3. Select your organization's name on the right side of the page. +## Organization tax information ## +Taxes for Windows Store for Business purchases are determined by your business address. Some countries can provide tax IDs. -4. Change the information you want to update, and then click **Save.** +|Market| Tax identifier | +|------|----------------| +| Brazil | CPNJ (required), CCMID (optional) | +| India | CST ID, VAT ID | +| Taiwan | Unified business number| -For more information about updating organization information, see [Change your organization's address, technical contact email, and other information](http://go.microsoft.com/fwlink/p/?LinkId=708621). +**Tax-exempt status** -**To make updates to Store for Business directory settings in Azure management portal** +If you qualify for tax-exempt status in your market, start a service request to establish tax exempt status for your organization. -1. Sign in to the Azure Portal as Administrator. +**To start a service request** +1. Sign in to the [Store for Business](http://businessstore.microsoft.com). +2. Click **Support**, and then under **Store or account support** click **Start a service request**. -2. Click **Active Directory**. +You’ll need this documentation: -3. On the **Directory** tab, choose your directory +|Country or locale | Documentation | +|------------------|----------------| +| United States | Sales Tax Exemption Certificate | +| Canada | Certificate of Exemption (or equivalent letter of authorization) | +| Ireland | 13B/56A Tax Exemption Certificate| +| International organizations that hold tax exaemption | Certification / letter confirmation from local tax authorities | -4. Click the **Configure** tab. - -For more information about updating organization information, see [Add your own domain name in Azure AD](http://go.microsoft.com/fwlink/p/?LinkId=708622). - -  - -  +**Calculating tax** +Sales taxes are calculated against the unit price, and then aggregated. + +For example:
+(unit price X tax rate) X quantity = total sales tax +-or- +($1.29 X .095) X 100 = $12.25 + +##Payment options## +You can purchase apps from the Windows Store for Business using your credit card. You can enter your credit card information on Account Information, or when you purchase an app. We currently accept these credit cards: +1. VISA +2. MasterCard +3. Discover +4. American Express +5. Japan Commercial Bureau (JCB) + +**Note**:
+Not all cards available in all countries. When you add a payment option, Store for Business shows which cards are available in your region. + +**To add a new payment option** + +1. Sign in to [Store for Business](http://businessstore.microsoft.com). +2. Click **Settings**, and then click **Account information**. +3. Under **My payment options**, tap or click **Show my payment options**, and then select the type of credit card that you want to add. +4. Add information to any required fields, and then click **Next**. + +Once you click Next, the information you provided will be validated with a test authorization transaction and, if validated, the payment option will be added to your list of available payment options. Otherwise, you will be prompted for additional information or notified if there are any problems. + +**Note**: 
When adding credit or debit cards, you may be prompted to enter a CVV . The CVV is only used for verification purposes and is not stored in our systems after validation. + +**To update a payment option**: + +1. Sign in to [Store for Business](http://businessstore.microsoft.com). +2. Click **Settings**, and then click **Account information**. +3. Under My payment options > Credit Cards, select the payment option that you want to update, and then click Update. +4. Enter any updated information in the appropriate fields, and then click Next. +Once you click Next, the information you provided will be validated with a test authorization transaction and, if validated, the payment option will be added to your list of available payment options. Otherwise, you will be prompted for additional information or notified if there are any problems. + +**Note**:
 Certain actions, like updating or adding a payment option, require temporary “test authorization” transactions to validate the payment option. These may appear on your statement as $0.00 authorizations or as small pending transactions. These transactions are temporary and should not impact your account unless you make several changes in a short period of time or have a low balance. + +##Offline licensing## + +Offline licensing is a new licensing option for Windows 10. With offline licenses, organizations can cache apps and their licenses to deploy within their network. ISVs or devs can opt-in their apps for offline licensing when they submit them to the developer center. Only apps that are opted in to offline licensing will show that they are available for offline licensing in Store for Business. This model means organizations can deploy apps when users or devices do not have connectivity to the Store. + +You have the following distribution options for offline-licensed apps: +- Include the app in a provisioning package, and then use it as part of imaging a device. +- Distribute the app through a management tool. +For more information, see Distribute apps to your employees from the Store for Business. From 993c8be0b06b2b808ff8abbab1588ccafc551bdc Mon Sep 17 00:00:00 2001 From: Trudy Hakala Date: Tue, 26 Apr 2016 15:26:30 -0700 Subject: [PATCH 023/111] adding content and making updates --- ...acquire-apps-windows-store-for-business.md | 3 -- ...ge-inventory-windows-store-for-business.md | 2 -- ...anage-orders-windows-store-for-business.md | 7 +++-- ...ows-store-for-business-account-settings.md | 30 +++++++++++++++++-- 4 files changed, 32 insertions(+), 10 deletions(-) diff --git a/windows/manage/acquire-apps-windows-store-for-business.md b/windows/manage/acquire-apps-windows-store-for-business.md index 5ac43b146d..8e22322f1c 100644 --- a/windows/manage/acquire-apps-windows-store-for-business.md +++ b/windows/manage/acquire-apps-windows-store-for-business.md @@ -35,9 +35,6 @@ To acquire an app 2. Click Shop, or use Search to find an app. 3. Click the app you want to purchase. 4. On the product description page, choose your license type - either online or offline. - - ![Product description page, showing an app with a price](images/wsfb-paid-app-temp.png) - 5. Free apps will be added to Inventory. For apps with a price, you can set the quantity you want to buy. Type the quantity and click **Next**. 6. If you don’t have a payment method saved in Account settings, Store for Business will prompt you for one. 7. Add your credit card or debit card info, and click **Next**. Your card info is saved as a payment option on **Account information**. diff --git a/windows/manage/manage-inventory-windows-store-for-business.md b/windows/manage/manage-inventory-windows-store-for-business.md index c32546d84c..b506ec3b10 100644 --- a/windows/manage/manage-inventory-windows-store-for-business.md +++ b/windows/manage/manage-inventory-windows-store-for-business.md @@ -67,5 +67,3 @@ If you decide that you don't want an app available for employees to install on t 3. Find an app, click the ellipses under **Action**, and then choose **Remove from private store**, and then click **Remove**. The app will still be in your inventory, but your employees will not have access to the app from your private store. - - diff --git a/windows/manage/manage-orders-windows-store-for-business.md b/windows/manage/manage-orders-windows-store-for-business.md index 77967732e6..d698699806 100644 --- a/windows/manage/manage-orders-windows-store-for-business.md +++ b/windows/manage/manage-orders-windows-store-for-business.md @@ -26,7 +26,7 @@ Click to expand an order, and the following info is available: ## Invoices -Invoices for orders are available approximatley 24 hours after your purchase. The link opens a .pdf that you can save for your records. Or, just use the copy here on your **Order history**. +Invoices for orders are available approximatley 24 hours after your purchase. The link opens a .pdf that you can save for your records. ## Buy more licenses @@ -37,7 +37,8 @@ You can purchase more copies of apps that are in your order history. 1. Sign in to the [Store for Business](http://businessstore.microsoft.com). 2. Click **Manage**, and then choose **Order history**. 3. Click an order, and then click **Buy more**. -4. The app details page displays how many licenses you already have assigned. Click **Buy more** to purchase additional licenses. + +You can buy more copies of the app from the product page. ## Refund an order @@ -56,7 +57,7 @@ Refunds work a little differently for free apps, and apps that have a price. In **To refund an order** -Reclaim licenses, and then request a refund. +Reclaim licenses, and then request a refund. If you haven't assigned licenses, start on step 5. 1. Sign in to the [Store for Business](http://businessstore.microsoft.com). 2. Click **Manage**, and then choose **Inventory**. 3. Find the app you want to refund, click the ellipses under **Action**, and then choose **View license details**. diff --git a/windows/manage/update-windows-store-for-business-account-settings.md b/windows/manage/update-windows-store-for-business-account-settings.md index c228974770..9d8fef4c09 100644 --- a/windows/manage/update-windows-store-for-business-account-settings.md +++ b/windows/manage/update-windows-store-for-business-account-settings.md @@ -22,14 +22,40 @@ We’ll need your business address, email contact, and tax-exemption certificate **Business address and email contact**
Before purchasing apps that have a fee, you need to add or update your organization's business address, and contact email address . -We use the Business address to calculate sales tax. If your organization's address has already been entered for other commercial purchases through the Microsoft Store, or through other online purchases such as Office 365 or Azure subscriptions, then we’ll use the same address in the Windows Store for Business. If we don’t have an address, we’ll ask you to enter it during your first purchase. +We use the Business address to calculate sales tax. If your organization's address has already been entered for other commercial purchases through the Microsoft Store, or through other online purchases such as Office 365 or Azure subscriptions, then we’ll use the same address in the Windows Store for Business. If we don’t have an address,we’ll ask you to enter it during your first purchase. We need an email address in case we need to contact you about your Store for Business account. This email account should reach the admin for your organization’s O365 or Azure AD tenant that is used with Store for Business. To update Organization information, click **Edit organization information**. ## Organization tax information ## -Taxes for Windows Store for Business purchases are determined by your business address. Some countries can provide tax IDs. +Taxes for Windows Store for Business purchases are determined by your business address. Businesses in these countries can provide their VAT number or local equivalent: +- Austria +- Belgium +- Croatia +- Czech Republic +- Denmark +- Finland +- France +- Germany +- Greece +- Hungary +- Ireland +- Italy +- Malta +- Netherlands +- Norway +- Poland +- Portugal +- Romania +- Slovakia +- South Africa +- Spain +- Sweden +- Switzerland +- United Kingdom + +These countries can provide their VAT number or local equivalent in **Account information**. However, they can only acquire free apps. |Market| Tax identifier | |------|----------------| From dd6005f2e65bff36c23af91401786d8b0a4d1fc9 Mon Sep 17 00:00:00 2001 From: Trudy Hakala Date: Tue, 26 Apr 2016 15:43:21 -0700 Subject: [PATCH 024/111] author tag --- .../update-windows-store-for-business-account-settings.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/windows/manage/update-windows-store-for-business-account-settings.md b/windows/manage/update-windows-store-for-business-account-settings.md index 9d8fef4c09..1357a11b43 100644 --- a/windows/manage/update-windows-store-for-business-account-settings.md +++ b/windows/manage/update-windows-store-for-business-account-settings.md @@ -4,6 +4,7 @@ description: The Account information page in Windows Store for Business shows in ms.prod: W10 ms.mktglfcycl: manage ms.sitesec: library +author: TrudyHa --- # Update Windows Store for Business account settings @@ -63,6 +64,7 @@ These countries can provide their VAT number or local equivalent in **Account in | India | CST ID, VAT ID | | Taiwan | Unified business number| + **Tax-exempt status** If you qualify for tax-exempt status in your market, start a service request to establish tax exempt status for your organization. @@ -80,6 +82,7 @@ You’ll need this documentation: | Ireland | 13B/56A Tax Exemption Certificate| | International organizations that hold tax exaemption | Certification / letter confirmation from local tax authorities | + **Calculating tax** Sales taxes are calculated against the unit price, and then aggregated. From 78a2f9df91f7a97aca693fc314c3f4f81b9d9c98 Mon Sep 17 00:00:00 2001 From: Maggie Evans Date: Tue, 26 Apr 2016 16:24:57 -0700 Subject: [PATCH 025/111] removing XP --- windows/deploy/usmt-requirements.md | 16 +++------------- 1 file changed, 3 insertions(+), 13 deletions(-) diff --git a/windows/deploy/usmt-requirements.md b/windows/deploy/usmt-requirements.md index 1ecd866e28..ace2abc84a 100644 --- a/windows/deploy/usmt-requirements.md +++ b/windows/deploy/usmt-requirements.md @@ -44,24 +44,14 @@ The following table lists the operating systems supported in USMT. -

Windows® XP Professional

-

X

-

- - -

Windows XP Professional x64 Edition

-

X

-

- -

32-bit versions of Windows Vista

X

-

X

+

64-bit versions of Windows Vista

X

-

X

+

32-bit versions of Windows 7

@@ -101,7 +91,7 @@ The following table lists the operating systems supported in USMT. **Note**   You can migrate a 32-bit operating system to a 64-bit operating system. However, you cannot migrate a 64-bit operating system to a 32-bit operating system. -USMT does not support any of the Windows Server® operating systems, Windows 2000, or any of the starter editions for Windows XP, Windows Vista, or Windows 7. In addition, USMT only supports migration from Windows XP with Service Pack 3. +USMT does not support any of the Windows Server® operating systems, Windows 2000, Windows XP, or any of the starter editions for Windows Vista or Windows 7.   From c7579a5421956d8b98e4924aa4d2fd8e72c1e599 Mon Sep 17 00:00:00 2001 From: Brian Lich Date: Wed, 27 Apr 2016 08:41:43 -0700 Subject: [PATCH 026/111] billkar feedback --- windows/manage/configure-telemetry-in-your-organization.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/manage/configure-telemetry-in-your-organization.md b/windows/manage/configure-telemetry-in-your-organization.md index ace5305f29..419611612d 100644 --- a/windows/manage/configure-telemetry-in-your-organization.md +++ b/windows/manage/configure-telemetry-in-your-organization.md @@ -27,9 +27,9 @@ In previous versions of Windows and Windows Server, Microsoft used telemetry to Microsoft is committed to improving customer experiences in a mobile-first and cloud-first world, and it all starts with our customers. Telemetry is one critical way Microsoft is using data to improve our products and services. Telemetry gives every enterprise customer a voice that helps us shape future versions of Windows, Windows Server and System Center, allowing us to respond quickly to your feedback and providing new features and improved quality to our customers. -Our goal is to leverage the aggregated data to drive changes in the product and ecosystem to improve our customer experiences. We are also partnering with enterprises to provide added value from the telemetry information shared by their devices. Some examples include identifying outdated patches and downloading the latest antimalware signatures to help keep their devices secure, identifying application compatibility issues prior to upgrades, gaining insights into driver reliability issues affecting other customers, and using usage data to tune some of their operations to reduce the total cost of ownership (TCO) and downtime. +Our goal is to leverage the aggregated data to drive changes in the product and ecosystem to improve our customer experiences. We are also partnering with enterprises to provide added value from the telemetry information shared by their devices. Some examples include identifying outdated patches and downloading the latest antimalware signatures to help keep their devices secure, identifying application compatibility issues prior to upgrades, and gaining insights into driver reliability issues affecting other customers. -For Windows 10, we invite IT pros to join the Windows Insider Program to give us feedback on what we can do to make Windows work better for youcr organization. +For Windows 10, we invite IT pros to join the [Windows Insider Program](http://insider.windows.com) to give us feedback on what we can do to make Windows work better for youcr organization. ## How is telemetry data handled by Microsoft? @@ -194,7 +194,7 @@ If the Connected User Experience and Telemetry component detects a problem on Wi The Full level gathers data necessary to identify and to help fix problems, following the approval process described below. This level also includes data from the **Basic**, **Enhanced**, and **Security** levels. -Additionally, at this level, devices opted in to the Windows Insider Program will send events, such as reliability and app responsiveness. that can show Microsoft how pre-release binaries and features are performing. These events help us make decisions on which builds are flighted. All devices in the Windows Insider Program are automatically set to this level. +Additionally, at this level, devices opted in to the [Windows Insider Program](http://insider.windows.com) will send events, such as reliability and app responsiveness. that can show Microsoft how pre-release binaries and features are performing. These events help us make decisions on which builds are flighted. All devices in the [Windows Insider Program](http://insider.windows.com) are automatically set to this level. If a device experiences problems that are difficult to identify or repeat using Microsoft’s internal testing, additional data becomes necessary. This data can include any user content that might have triggered the problem and is gathered from a small sample of devices that have both opted into the **Full** telemetry level and have exhibited the problem. From dc50b105393e4d49ac683f724c22494e6983ccf3 Mon Sep 17 00:00:00 2001 From: Trudy Hakala Date: Wed, 27 Apr 2016 10:02:53 -0700 Subject: [PATCH 027/111] adding author tag --- windows/manage/settings-reference-windows-store-for-business.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/manage/settings-reference-windows-store-for-business.md b/windows/manage/settings-reference-windows-store-for-business.md index 48f59c5857..b3b1cf9083 100644 --- a/windows/manage/settings-reference-windows-store-for-business.md +++ b/windows/manage/settings-reference-windows-store-for-business.md @@ -5,6 +5,7 @@ ms.assetid: 34F7FA2B-B848-454B-AC00-ECA49D87B678 ms.prod: W10 ms.mktglfcycl: manage ms.sitesec: library +author: TrudyHa --- # Settings reference: Windows Store for Business From 34d5c84ea3cc9ac3935bb0be2219f10884cf889b Mon Sep 17 00:00:00 2001 From: Brian Lich Date: Wed, 27 Apr 2016 11:39:23 -0700 Subject: [PATCH 028/111] finishing intro sentence --- windows/keep-secure/audit-removable-storage.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/keep-secure/audit-removable-storage.md b/windows/keep-secure/audit-removable-storage.md index 6046b1b29c..5c9276822b 100644 --- a/windows/keep-secure/audit-removable-storage.md +++ b/windows/keep-secure/audit-removable-storage.md @@ -1,6 +1,6 @@ --- title: Audit Removable Storage (Windows 10) -description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Removable Storage, which determines . +description: This topic for the IT professional describes the Advanced Security Audit policy setting, Audit Removable Storage, which determines when there is a read or a write to a removable drive. ms.assetid: 1746F7B3-8B41-4661-87D8-12F734AFFB26 ms.prod: W10 ms.mktglfcycl: deploy @@ -15,9 +15,9 @@ author: brianlic-msft - Windows 10 -This topic for the IT professional describes the Advanced Security Audit policy setting, **Audit Removable Storage**, which determines . +This topic for the IT professional describes the Advanced Security Audit policy setting, **Audit Removable Storage**, which determines when there is a read or a write to a removable drive. -Event volume: +Event volume: Low Default: Not configured From 38d00dd402f9218de2f9497c0726050fa18ed012 Mon Sep 17 00:00:00 2001 From: Trudy Hakala Date: Wed, 27 Apr 2016 15:30:32 -0700 Subject: [PATCH 029/111] updates for paid apps --- .../windows-store-for-business-overview.md | 142 ++++++------------ 1 file changed, 50 insertions(+), 92 deletions(-) diff --git a/windows/whats-new/windows-store-for-business-overview.md b/windows/whats-new/windows-store-for-business-overview.md index 9bf1212d06..f2eea69ec7 100644 --- a/windows/whats-new/windows-store-for-business-overview.md +++ b/windows/whats-new/windows-store-for-business-overview.md @@ -85,7 +85,7 @@ For more information, see [Sign up for the Store for Business](../manage/sign-up ### Set up -After your admin signs up for the Store for Business, they can assign roles to other employees in your company. These are the roles and their permissions. +After your admin signs up for the Store for Business, they can assign roles to other employees in your company. The admin needs Azure AD User Admin permissions to assign WSFB roles. These are the roles and their permissions. @@ -137,7 +137,7 @@ Also, if your organization plans to use a management tool, you’ll need to conf ### Get apps and content -Once signed in to the Store for Business, you can browse and search for all products in the Store for Business catalog. For now, apps in the Store for Business are free. Over time, when paid apps are available, you’ll have more options for paying for apps. +Once signed in to the Store for Business, you can browse and search for all products in the Store for Business catalog. Some apps are free, and some apps charge a price. We're continuing to add more paid apps to the Store for Business. Check back if you don't see the app that you're looking for. Currently, you can pay for apps with a credit card. We'll be adding more payment options over time. **App types** -- These app types are supported in the Store for Business: @@ -212,96 +212,54 @@ For more information, see [Manage settings in the Store for Business](../manage/ Store for Business is currently available in these markets. -- Argentina - -- Australia - -- Austria - -- Belgium (Dutch, French) - -- Brazil - -- Canada (English, French) - -- Chile - -- Columbia - -- Croatia - -- Czech Republic - -- Denmark - -- Finland - -- France - -- Germany - -- Greece - -- Hong Kong SAR - -- Hungary - -- India - -- Indonesia - -- Ireland - -- Italy - -- Japan - -- Malaysia - -- Mexico - -- Netherlands - -- New Zealand - -- Norway - -- Philippines - -- Poland - -- Portugal - -- Romania - -- Russia - -- Singapore - -- Slovakia - -- South Africa - -- Spain - -- Sweden - -- Switzerland (French, German) - -- Taiwan - -- Thailand - -- Turkey - -- Ukraine - -- United Kingdom - -- United States - -- Vietnam - +|Country or locale|Paid apps|Free apps| +|-----------------|---------|---------| +|Argentina|X|X| +|Australia|X|X| +|Austria|X|X| +|Belgium (Dutch, French)|X|X| +|Brazil| |X| +|Canada (English, French)|X|X| +|Chile|X|X| +|Columbia|X|X| +|Croatia|X|X| +|Czech Republic|X|X| +|Denmark|X|X| +|Finland|X|X| +|France|X|X| +|Germany|X|X| +|Greece|X|X| +|Hong Kong SAR|X|X| +|Hungary|X|X| +|India| |X| +|Indonesia|X|X| +|Ireland|X|X| +|Italy|X|X| +|Japan|X|X| +|Malaysia|X|X| +|Mexico|X|X| +|Netherlands|X|X| +|New Zealand|X|X| +|Norway|X|X| +|Philippines|X|X| +|Poland|X|X| +|Portugal|X|X| +|Romania|X|X| +|Russia| |X| +|Singapore|X|X| +|Slovakia|X|X| +|South Africa|X|X| +|Spain|X|X| +|Sweden|X|X| +|Switzerland (French, German)|X|X| +|Taiwan| |X| +|Thailand|X|X| +|Turkey|X|X| +|Ukraine| |X| +|United Kingdom|X|X| +|United States|X|X| +|Vietnam|X|X| + ## ISVs and the Store for Business From 7371e7c1305b498d874dcee17acf1beec34519de Mon Sep 17 00:00:00 2001 From: Brian Lich Date: Wed, 27 Apr 2016 16:54:13 -0700 Subject: [PATCH 030/111] fixing table --- .../about-client-configuration-settings51.md | 478 ++---------------- 1 file changed, 40 insertions(+), 438 deletions(-) diff --git a/mdop/appv-v5/about-client-configuration-settings51.md b/mdop/appv-v5/about-client-configuration-settings51.md index e8512afd4f..f77a20a083 100644 --- a/mdop/appv-v5/about-client-configuration-settings51.md +++ b/mdop/appv-v5/about-client-configuration-settings51.md @@ -15,444 +15,46 @@ The Microsoft Application Virtualization (App-V) 5.1 client stores its configura The following table displays information about the App-V 5.1 client configuration settings: -
-------- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Setting NameSetup FlagDescriptionSetting OptionsRegistry Key ValueDisabled Policy State Keys and Values

PackageInstallationRoot

PACKAGEINSTALLATIONROOT

Specifies directory where all new applications and updates will be installed.

String

Streaming\PackageInstallationRoot

Policy value not written (same as Not Configured)

PackageSourceRoot

PACKAGESOURCEROOT

Overrides source location for downloading package content.

String

Streaming\PackageSourceRoot

Policy value not written (same as Not Configured)

AllowHighCostLaunch

Not available.

This setting controls whether virtualized applications are launched on Windows 10 machines connected via a metered network connection (For example, 4G).

True (enabled); False (Disabled state)

Streaming\AllowHighCostLaunch

0

ReestablishmentRetries

Not available.

Specifies the number of times to retry a dropped session.

Integer (0-99)

Streaming\ReestablishmentRetries

Policy value not written (same as Not Configured)

ReestablishmentInterval

Not available.

Specifies the number of seconds between attempts to reestablish a dropped session.

Integer (0-3600)

Streaming\ReestablishmentInterval

Policy value not written (same as Not Configured)

AutoLoad

AUTOLOAD

Specifies how new packages should be loaded automatically by App-V on a specific computer.

(0x0) None; (0x1) Previously used; (0x2) All

Streaming\AutoLoad

Policy value not written (same as Not Configured)

LocationProvider

Not available.

Specifies the CLSID for a compatible implementation of the IAppvPackageLocationProvider interface.

String

Streaming\LocationProvider

Policy value not written (same as Not Configured)

CertFilterForClientSsl

Not available.

Specifies the path to a valid certificate in the certificate store.

String

Streaming\CertFilterForClientSsl

Policy value not written (same as Not Configured)

VerifyCertificateRevocationList

Not available.

Verifies Server certificate revocation status before steaming using HTTPS.

True(enabled); False(Disabled state)

Streaming\VerifyCertificateRevocationList

0

SharedContentStoreMode

SHAREDCONTENTSTOREMODE

Specifies that streamed package contents will be not be saved to the local hard disk.

True(enabled); False(Disabled state)

Streaming\SharedContentStoreMode

0

Name

-
-Note   -

This setting cannot be modified using the set-AppvclientConfiguration cmdLet. You must use the Set-AppvPublishingServer cmdlet.

-
-
-  -

PUBLISHINGSERVERNAME

Displays the name of publishing server.

String

Publishing\Servers\{serverId}\FriendlyName

Policy value not written (same as Not Configured)

URL

-
-Note   -

This setting cannot be modified using the set-AppvclientConfiguration cmdLet. You must use the Set-AppvPublishingServer cmdlet.

-
-
-  -

PUBLISHINGSERVERURL

Displays the URL of publishing server.

String

Publishing\Servers\{serverId}\URL

Policy value not written (same as Not Configured)

GlobalRefreshEnabled

-
-Note   -

This setting cannot be modified using the set-AppvclientConfiguration cmdLet. You must use the Set-AppvPublishingServer cmdlet.

-
-
-  -

GLOBALREFRESHENABLED

Enables global publishing refresh (Boolean)

True(enabled); False(Disabled state)

Publishing\Servers\{serverId}\GlobalEnabled

False

GlobalRefreshOnLogon

-
-Note   -

This setting cannot be modified using the set-AppvclientConfiguration cmdLet. You must use the Set-AppvPublishingServer cmdlet.

-
-
-  -

GLOBALREFRESHONLOGON

Triggers a global publishing refresh on logon. ( Boolean)

True(enabled); False(Disabled state)

Publishing\Servers\{serverId}\GlobalLogonRefresh

False

GlobalRefreshInterval

-
-Note   -

This setting cannot be modified using the set-AppvclientConfiguration cmdLet. You must use the Set-AppvPublishingServer cmdlet.

-
-
-  -

GLOBALREFRESHINTERVAL  

Specifies the publishing refresh interval using the GlobalRefreshIntervalUnit. To disable package refresh, select 0.

Integer (0-744

Publishing\Servers\{serverId}\GlobalPeriodicRefreshInterval

0

GlobalRefreshIntervalUnit

-
-Note   -

This setting cannot be modified using the set-AppvclientConfiguration cmdLet. You must use the Set-AppvPublishingServer cmdlet.

-
-
-  -

GLOBALREFRESHINTERVALUNI

Specifies the interval unit (Hour 0-23, Day 0-31). 

0 for hour, 1 for day

Publishing\Servers\{serverId}\GlobalPeriodicRefreshIntervalUnit

1

UserRefreshEnabled

-
-Note   -

This setting cannot be modified using the set-AppvclientConfiguration cmdLet. You must use the Set-AppvPublishingServer cmdlet.

-
-
-  -

USERREFRESHENABLED 

Enables user publishing refresh (Boolean)

True(enabled); False(Disabled state)

Publishing\Servers\{serverId}\UserEnabled

False

UserRefreshOnLogon

-
-Note   -

This setting cannot be modified using the set-AppvclientConfiguration cmdLet. You must use the Set-AppvPublishingServer cmdlet.

-
-
-  -

USERREFRESHONLOGON

Triggers a user publishing refresh onlogon. ( Boolean)

-

Word count (with spaces): 60

True(enabled); False(Disabled state)

Publishing\Servers\{serverId}\UserLogonRefresh

False

UserRefreshInterval

-
-Note   -

This setting cannot be modified using the set-AppvclientConfiguration cmdLet. You must use the Set-AppvPublishingServer cmdlet.

-
-
-  -

USERREFRESHINTERVAL     

Specifies the publishing refresh interval using the UserRefreshIntervalUnit. To disable package refresh, select 0.

-

Word count (with spaces): 85

Integer (0-744 Hours)

Publishing\Servers\{serverId}\UserPeriodicRefreshInterval

0

UserRefreshIntervalUnit

-
-Note   -

This setting cannot be modified using the set-AppvclientConfiguration cmdLet. You must use the Set-AppvPublishingServer cmdlet.

-
-
-  -

USERREFRESHINTERVALUNIT  

Specifies the interval unit (Hour 0-23, Day 0-31). 

0 for hour, 1 for day

Publishing\Servers\{serverId}\UserPeriodicRefreshIntervalUnit

1

MigrationMode

MIGRATIONMODE

Migration mode allows the App-V client to modify shortcuts and FTA’s for packages created using a previous version of App-V.

True(enabled state); False (disabled state)

Coexistence\MigrationMode

CEIPOPTIN

CEIPOPTIN

Allows the computer running the App-V 5.1 Client to collect and return certain usage information to help allow us to further improve the application.

0 for disabled; 1 for enabled

SOFTWARE/Microsoft/AppV/CEIP/CEIPEnable

0

EnablePackageScripts

ENABLEPACKAGESCRIPTS

Enables scripts defined in the package manifest of configuration files that should run.

True(enabled); False(Disabled state)

\Scripting\EnablePackageScripts

RoamingFileExclusions

ROAMINGFILEEXCLUSIONS

Specifies the file paths relative to %userprofile% that do not roam with a user's profile. Example usage:  /ROAMINGFILEEXCLUSIONS='desktop;my pictures'

RoamingRegistryExclusions

ROAMINGREGISTRYEXCLUSIONS

Specifies the registry paths that do not roam with a user profile. Example usage: /ROAMINGREGISTRYEXCLUSIONS=software\\classes;software\\clients

String

Integration\RoamingReglstryExclusions

Policy value not written (same as Not Configured)

IntegrationRootUser

Not available.

Specifies the location to create symbolic links associated with the current version of a per-user published package. all virtual application extensions, for example shortcuts and file type associations, will point to this path. If you do not specify a path, symbolic links will not be used when you publish the package. For example: %localappdata%\Microsoft\AppV\Client\Integration.

String

Integration\IntegrationRootUser

Policy value not written (same as Not Configured)

IntegrationRootGlobal

Not available.

Specifies the location to create symbolic links associated with the current version of a globally published package. all virtual application extensions, for example shortcuts and file type associations, will point to this path. If you do not specify a path, symbolic links will not be used when you publish the package. For example: %allusersprofile%\Microsoft\AppV\Client\Integration

String

Integration\IntegrationRootGlobal

Policy value not written (same as Not Configured)

VirtualizableExtensions

Not available.

A comma -delineated list of file name extensions that can be used to determine if a locally installed application can be run in the virtual environment.

-

When shortcuts, FTAs, and other extension points are created during publishing, App-V will compare the file name extension to the list if the application that is associated with the extension point is locally installed. If the extension is located, the RunVirtual command line parameter will be added, and the application will run virtually.

-

For more information about the RunVirtual parameter, see [Running a Locally Installed Application Inside a Virtual Environment with Virtualized Applications](running-a-locally-installed-application-inside-a-virtual-environment-with-virtualized-applications51.md).

String

Integration\VirtualizableExtensions

Policy value not written

ReportingEnabled

Not available.

Enables the client to return information to a reporting server.

True (enabled); False (Disabled state)

Reporting\EnableReporting

False

ReportingServerURL

Not available.

Specifies the location on the reporting server where client information is saved.

String

Reporting\ReportingServer

Policy value not written (same as Not Configured)

ReportingDataCacheLimit

Not available.

Specifies the maximum size in megabytes (MB) of the XML cache for storing reporting information. The size applies to the cache in memory. When the limit is reached, the log file will roll over. Set between 0 and 1024.

Integer [0-1024]

Reporting\DataCacheLimit

Policy value not written (same as Not Configured)

ReportingDataBlockSize

Not available.

Specifies the maximum size in bytes to transmit to the server for reporting upload requests. This can help avoid permanent transmission failures when the log has reached a significant size. Set between 1024 and unlimited.

Integer [1024 - Unlimited]

Reporting\DataBlockSize

Policy value not written (same as Not Configured)

ReportingStartTime

Not available.

Specifies the time to initiate the client to send data to the reporting server. You must specify a valid integer between 0-23 corresponding to the hour of the day. By default the ReportingStartTime will start on the current day at 10 P.M.or 22.

-
-Note   -

You should configure this setting to a time when computers running the App-V 5.1 client are least likely to be offline.

-
-
-  -

Integer (0 – 23)

Reporting\ StartTime

Policy value not written (same as Not Configured)

ReportingInterval

Not available.

Specifies the retry interval that the client will use to resend data to the reporting server.

Integer

Reporting\RetryInterval

Policy value not written (same as Not Configured)

ReportingRandomDelay

Not available.

Specifies the maximum delay (in minutes) for data to be sent to the reporting server. When the scheduled task is started, the client generates a random delay between 0 and ReportingRandomDelay and will wait the specified duration before sending data. This can help to prevent collisions on the server.

Integer [0 - ReportingRandomDelay]

Reporting\RandomDelay

Policy value not written (same as Not Configured)

EnableDynamicVirtualization

-
-Important   -

This setting is available only with App-V 5.0 SP2 or later.

-
-
-  -

Not available.

Enables supported Shell Extensions, Browser Helper Objects, and Active X controls to be virtualized and run with virtual applications.

1 (Enabled), 0 (Disabled)

HKEY_LOCAL_MACHINE\Software\Microsoft\AppV\Client\Virtualization

EnablePublishingRefreshUI

-
-Important   -

This setting is available only with App-V 5.0 SP2.

-
-
-  -

Not available.

Enables the publishing refresh progress bar for the computer running the App-V 5.1 Client.

1 (Enabled), 0 (Disabled)

HKEY_LOCAL_MACHINE\Software\Microsoft\AppV\Client\Publishing

HideUI

-
-Important   -

This setting is available only with App-V 5.0 SP2.

-
-
-  -

Not available.

Hides the publishing refresh progress bar.

1 (Enabled), 0 (Disabled)

ProcessesUsingVirtualComponents

Not available.

Specifies a list of process paths (that may contain wildcards), which are candidates for using dynamic virtualization (supported shell extensions, browser helper objects, and ActiveX controls). Only processes whose full path matches one of these items can use dynamic virtualization.

String

Virtualization\ProcessesUsingVirtualComponents

Empty string.

- -  +|Setting name | Setup Flag | Description | Setting Options | Registry Key Value | Disabled Policy State Keys and Values | +|-------------|------------|-------------|-----------------|--------------------|--------------------------------------| +| PackageInstallationRoot | PACKAGEINSTALLATIONROOT | Specifies directory where all new applications and updates will be installed. | String | Streaming\PackageInstallationRoot | Policy value not written (same as Not Configured) | +| PackageSourceRoot | PACKAGESOURCEROOT | Overrides source location for downloading package content. | String | Streaming\PackageSourceRoot | Policy value not written (same as Not Configured) | +| AllowHighCostLaunch | Not available. |This setting controls whether virtualized applications are launched on Windows 10 machines connected via a metered network connection (For example, 4G). | True (enabled); False (Disabled state) | Streaming\AllowHighCostLaunch | 0 | +| ReestablishmentRetries | Not available. | Specifies the number of times to retry a dropped session. | Integer (0-99) | Streaming\ReestablishmentRetries | Policy value not written (same as Not Configured) | +| ReestablishmentInterval | Not available. | Specifies the number of seconds between attempts to reestablish a dropped session. | Integer (0-3600) | Streaming\ReestablishmentInterval | Policy value not written (same as Not Configured) | +| LocationProvider | Not available. | Specifies the CLSID for a compatible implementation of the IAppvPackageLocationProvider interface. | String | Streaming\LocationProvider | Policy value not written (same as Not Configured) | +| CertFilterForClientSsl | Not available. | Specifies the path to a valid certificate in the certificate store. | String | Streaming\CertFilterForClientSsl | Policy value not written (same as Not Configured) | +| VerifyCertificateRevocationList | Not available. | Verifies Server certificate revocation status before steaming using HTTPS. | True(enabled); False(Disabled state) | Streaming\VerifyCertificateRevocationList | 0 | +| SharedContentStoreMode | SHAREDCONTENTSTOREMODE | Specifies that streamed package contents will be not be saved to the local hard disk. | True(enabled); False(Disabled state) | Streaming\SharedContentStoreMode | 0 | +| Name
**Note** This setting cannot be modified using the **set-AppvclientConfiguration** cmdLet. You must use the **Set-AppvPublishingServer** cmdlet. | PUBLISHINGSERVERNAME | Displays the name of publishing server. | String | Publishing\Servers\{serverId}\FriendlyName | Policy value not written (same as Not Configured) | +| URL
**Note** This setting cannot be modified using the **set-AppvclientConfiguration** cmdLet. You must use the **Set-AppvPublishingServer** cmdlet. | PUBLISHINGSERVERURL | Displays the URL of publishing server. | String | Publishing\Servers\{serverId}\URL | Policy value not written (same as Not Configured) | +| GlobalRefreshEnabled
**Note** This setting cannot be modified using the **set-AppvclientConfiguration** cmdLet. You must use the **Set-AppvPublishingServer** cmdlet. | GLOBALREFRESHENABLED | Enables global publishing refresh (Boolean) | True(enabled); False(Disabled state) | Publishing\Servers\{serverId}\GlobalEnabled | False | +| GlobalRefreshOnLogon
**Note** This setting cannot be modified using the **set-AppvclientConfiguration** cmdLet. You must use the **Set-AppvPublishingServer** cmdlet. | GLOBALREFRESHONLOGON | Triggers a global publishing refresh on logon. ( Boolean) | True(enabled); False(Disabled state) | Publishing\Servers\{serverId}\GlobalLogonRefresh | False | +| GlobalRefreshInterval
**Note** This setting cannot be modified using the **set-AppvclientConfiguration** cmdLet. You must use the **Set-AppvPublishingServer** cmdlet. | GLOBALREFRESHINTERVAL | Specifies the publishing refresh interval using the GlobalRefreshIntervalUnit. To disable package refresh, select 0. | Integer (0-744) | Publishing\Servers\{serverId}\GlobalPeriodicRefreshInterval | 0 | +| GlobalRefreshIntervalUnit
**Note** This setting cannot be modified using the **set-AppvclientConfiguration** cmdLet. You must use the **Set-AppvPublishingServer** cmdlet. | GLOBALREFRESHINTERVALUNI | Specifies the interval unit (Hour 0-23, Day 0-31). | 0 for hour, 1 for day | Publishing\Servers\{serverId}\GlobalPeriodicRefreshIntervalUnit | 1 | +| UserRefreshEnabled
**Note** This setting cannot be modified using the **set-AppvclientConfiguration** cmdLet. You must use the **Set-AppvPublishingServer** cmdlet. | USERREFRESHENABLED | Enables user publishing refresh (Boolean) | True(enabled); False(Disabled state) | Publishing\Servers\{serverId}\UserEnabled | False | +| UserRefreshOnLogon
**Note** This setting cannot be modified using the **set-AppvclientConfiguration** cmdLet. You must use the **Set-AppvPublishingServer** cmdlet. | USERREFRESHONLOGON | Triggers a user publishing refresh onlogon. ( Boolean)
Word count (with spaces): 60 | True(enabled); False(Disabled state) | Publishing\Servers\{serverId}\UserLogonRefresh | False | +| UserRefreshInterval
**Note** This setting cannot be modified using the **set-AppvclientConfiguration** cmdLet. You must use the **Set-AppvPublishingServer** cmdlet. | USERREFRESHINTERVAL | Specifies the publishing refresh interval using the UserRefreshIntervalUnit. To disable package refresh, select 0. | Word count (with spaces): 85
Integer (0-744 Hours) | Publishing\Servers\{serverId}\UserPeriodicRefreshInterval | 0 | +| UserRefreshIntervalUnit
**Note** This setting cannot be modified using the **set-AppvclientConfiguration** cmdLet. You must use the **Set-AppvPublishingServer** cmdlet. | USERREFRESHINTERVALUNIT | Specifies the interval unit (Hour 0-23, Day 0-31). | 0 for hour, 1 for day | Publishing\Servers\{serverId}\UserPeriodicRefreshIntervalUnit | 1 | +| MigrationMode | MIGRATIONMODE | Migration mode allows the App-V client to modify shortcuts and FTA’s for packages created using a previous version of App-V. | True(enabled state); False (disabled state) | Coexistence\MigrationMode | | +| CEIPOPTIN | CEIPOPTIN | Allows the computer running the App-V 5.1 Client to collect and return certain usage information to help allow us to further improve the application. | 0 for disabled; 1 for enabled | SOFTWARE/Microsoft/AppV/CEIP/CEIPEnable | 0 | +| EnablePackageScripts | ENABLEPACKAGESCRIPTS | Enables scripts defined in the package manifest of configuration files that should run. | True(enabled); False(Disabled state) | \Scripting\EnablePackageScripts | | +| RoamingFileExclusions | ROAMINGFILEEXCLUSIONS | Specifies the file paths relative to %userprofile% that do not roam with a user's profile. Example usage:  /ROAMINGFILEEXCLUSIONS='desktop;my pictures' | | | | +| RoamingRegistryExclusions | ROAMINGREGISTRYEXCLUSIONS | Specifies the registry paths that do not roam with a user profile. Example usage: /ROAMINGREGISTRYEXCLUSIONS=software\\classes;software\\clients | String | Integration\RoamingReglstryExclusions | Policy value not written (same as Not Configured) | +| IntegrationRootUser | Not available. | Specifies the location to create symbolic links associated with the current version of a per-user published package. all virtual application extensions, for example shortcuts and file type associations, will point to this path. If you do not specify a path, symbolic links will not be used when you publish the package. For example: %localappdata%\Microsoft\AppV\Client\Integration.| String | Integration\IntegrationRootUser | Policy value not written (same as Not Configured) | +|IntegrationRootGlobal | Not available.| Specifies the location to create symbolic links associated with the current version of a globally published package. all virtual application extensions, for example shortcuts and file type associations, will point to this path. If you do not specify a path, symbolic links will not be used when you publish the package. For example: %allusersprofile%\Microsoft\AppV\Client\Integration | String | Integration\IntegrationRootGlobal | Policy value not written (same as Not Configured) | +| VirtualizableExtensions | Not available. | A comma -delineated list of file name extensions that can be used to determine if a locally installed application can be run in the virtual environment.
When shortcuts, FTAs, and other extension points are created during publishing, App-V will compare the file name extension to the list if the application that is associated with the extension point is locally installed. If the extension is located, the **RunVirtual** command line parameter will be added, and the application will run virtually.
For more information about the **RunVirtual** parameter, see [Running a Locally Installed Application Inside a Virtual Environment with Virtualized Applications](running-a-locally-installed-application-inside-a-virtual-environment-with-virtualized-applications51.md). | String | Integration\VirtualizableExtensions | Policy value not written | +| ReportingEnabled | Not available. | Enables the client to return information to a reporting server. | True (enabled); False (Disabled state) | Reporting\EnableReporting | False | +| ReportingServerURL | Not available. | Specifies the location on the reporting server where client information is saved. | String | Reporting\ReportingServer | Policy value not written (same as Not Configured) | +| ReportingDataCacheLimit | Not available. | Specifies the maximum size in megabytes (MB) of the XML cache for storing reporting information. The size applies to the cache in memory. When the limit is reached, the log file will roll over. Set between 0 and 1024. | Integer [0-1024] | Reporting\DataCacheLimit | Policy value not written (same as Not Configured) | +| ReportingDataBlockSize| Not available. | Specifies the maximum size in bytes to transmit to the server for reporting upload requests. This can help avoid permanent transmission failures when the log has reached a significant size. Set between 1024 and unlimited. | Integer [1024 - Unlimited] | Reporting\DataBlockSize | Policy value not written (same as Not Configured) | +| ReportingStartTime | Not available. | Specifies the time to initiate the client to send data to the reporting server. You must specify a valid integer between 0-23 corresponding to the hour of the day. By default the **ReportingStartTime** will start on the current day at 10 P.M.or 22.
**Note** You should configure this setting to a time when computers running the App-V 5.1 client are least likely to be offline. | Integer (0 – 23) | Reporting\ StartTime | Policy value not written (same as Not Configured) | +| ReportingInterval | Not available. | Specifies the retry interval that the client will use to resend data to the reporting server. | Integer | Reporting\RetryInterval | Policy value not written (same as Not Configured) | +| ReportingRandomDelay | Not available. | Specifies the maximum delay (in minutes) for data to be sent to the reporting server. When the scheduled task is started, the client generates a random delay between 0 and **ReportingRandomDelay** and will wait the specified duration before sending data. This can help to prevent collisions on the server. | Integer [0 - ReportingRandomDelay] | Reporting\RandomDelay | Policy value not written (same as Not Configured) | +| EnableDynamicVirtualization
**Important** This setting is available only with App-V 5.0 SP2 or later. | Not available. | Enables supported Shell Extensions, Browser Helper Objects, and Active X controls to be virtualized and run with virtual applications. | 1 (Enabled), 0 (Disabled) | HKEY_LOCAL_MACHINE\Software\Microsoft\AppV\Client\Virtualization | | +| EnablePublishingRefreshUI
**Important** This setting is available only with App-V 5.0 SP2. | Not available. | Enables the publishing refresh progress bar for the computer running the App-V 5.1 Client. | 1 (Enabled), 0 (Disabled) | HKEY_LOCAL_MACHINE\Software\Microsoft\AppV\Client\Publishing | | +| HideUI
**Important**  This setting is available only with App-V 5.0 SP2.| Not available. | Hides the publishing refresh progress bar. | 1 (Enabled), 0 (Disabled) | | | +| ProcessesUsingVirtualComponents | Not available. | Specifies a list of process paths (that may contain wildcards), which are candidates for using dynamic virtualization (supported shell extensions, browser helper objects, and ActiveX controls). Only processes whose full path matches one of these items can use dynamic virtualization. | String | Virtualization\ProcessesUsingVirtualComponents | Empty string. | ## Got a suggestion for App-V? From 83248415131e37e6f4cef1d5c042f54dfd0451d6 Mon Sep 17 00:00:00 2001 From: LizRoss Date: Thu, 28 Apr 2016 07:59:48 -0700 Subject: [PATCH 031/111] Updated to fix VS #7371643 --- windows/keep-secure/index.md | 2 +- windows/keep-secure/protect-enterprise-data-using-edp.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/keep-secure/index.md b/windows/keep-secure/index.md index 80a12f1d0e..f2a2ac4b8c 100644 --- a/windows/keep-secure/index.md +++ b/windows/keep-secure/index.md @@ -62,7 +62,7 @@ Learn about keeping Windows 10 and Windows 10 Mobile secure.

[Protect your enterprise data using enterprise data protection (EDP)](protect-enterprise-data-using-edp.md)

-

With the increase of employee-owned devices in the enterprise, there’s also an increasing risk of accidental data leak through apps and services, like email, social media, and the public cloud, which are outside of the enterprise’s control. For example, when an employee sends the latest engineering pictures to their personal email account, copies and pastes product info to a public Yammer group or tweet, or saves an in-progress sales report to their public cloud storage.

+

With the increase of employee-owned devices in the enterprise, there’s also an increasing risk of accidental data leak through apps and services, like email, social media, and the public cloud, which are outside of the enterprise’s control. For example, when an employee sends the latest engineering pictures from their personal email account, copies and pastes product info into a tweet, or saves an in-progress sales report to their public cloud storage.

[Use Windows Event Forwarding to help with intrusion detection](use-windows-event-forwarding-to-assist-in-instrusion-detection.md)

diff --git a/windows/keep-secure/protect-enterprise-data-using-edp.md b/windows/keep-secure/protect-enterprise-data-using-edp.md index 6c688aa008..132514c566 100644 --- a/windows/keep-secure/protect-enterprise-data-using-edp.md +++ b/windows/keep-secure/protect-enterprise-data-using-edp.md @@ -17,7 +17,7 @@ author: eross-msft [Some information relates to pre-released product, which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.] -With the increase of employee-owned devices in the enterprise, there’s also an increasing risk of accidental data leak through apps and services, like email, social media, and the public cloud, which are outside of the enterprise’s control. For example, when an employee sends the latest engineering pictures to their personal email account, copies and pastes product info to a public Yammer group or tweet, or saves an in-progress sales report to their public cloud storage. +With the increase of employee-owned devices in the enterprise, there’s also an increasing risk of accidental data leak through apps and services, like email, social media, and the public cloud, which are outside of the enterprise’s control. For example, when an employee sends the latest engineering pictures from their personal email account, copies and pastes product info into a tweet, or saves an in-progress sales report to their public cloud storage. Enterprise data protection (EDP) helps to protect against this potential data leakage without otherwise interfering with the employee experience. EDP also helps to protect enterprise apps and data against accidental data leak on enterprise-owned devices and personal devices that employees bring to work without requiring changes to your environment or other apps. Finally, another data protection technology, Azure Rights Management also works alongside EDP to extend data protection for data that leaves the device, such as when email attachments are sent from an enterprise aware version of a rights management mail client. From 7fe006e16e35452b3be17ed50f182b916c3137ef Mon Sep 17 00:00:00 2001 From: Brian Lich Date: Thu, 28 Apr 2016 08:53:39 -0700 Subject: [PATCH 032/111] fixing table --- ...aging-app-v-51-virtualized-applications.md | 182 ++++++------------ 1 file changed, 62 insertions(+), 120 deletions(-) diff --git a/mdop/appv-v5/creating-and-managing-app-v-51-virtualized-applications.md b/mdop/appv-v5/creating-and-managing-app-v-51-virtualized-applications.md index bc1485ab15..cf8080c563 100644 --- a/mdop/appv-v5/creating-and-managing-app-v-51-virtualized-applications.md +++ b/mdop/appv-v5/creating-and-managing-app-v-51-virtualized-applications.md @@ -11,7 +11,7 @@ author: jamiejdt After you have properly deployed the Microsoft Application Virtualization (App-V) 5.1 sequencer, you can use it to monitor and record the installation and setup process for an application to be run as a virtualized application. **Note**   -For more information about configuring the App-V 5.1 sequencer, sequencing best practices, and an example of creating and updating a virtual application, see the [Microsoft Application Virtualization 5.0 Sequencing Guide](http://download.microsoft.com/download/F/7/8/F784A197-73BE-48FF-83DA-4102C05A6D44/App-V 5.0 Sequencing Guide.docx) (http://download.microsoft.com/download/F/7/8/F784A197-73BE-48FF-83DA-4102C05A6D44/App-V 5.0 Sequencing Guide.docx). +For more information about configuring the App-V 5.1 sequencer, sequencing best practices, and an example of creating and updating a virtual application, see the [Microsoft Application Virtualization 5.0 Sequencing Guide](http://download.microsoft.com/download/F/7/8/F784A197-73BE-48FF-83DA-4102C05A6D44/App-V 5.0 Sequencing Guide.docx).   @@ -146,125 +146,67 @@ Copy on write (CoW) file extensions allow App-V 5.1 to dynamically write to spec The following table displays the file types that can exist in a virtual package under the VFS directory, but cannot be updated on the computer running the App-V 5.1 client. All other files and directories can be modified. -.acm - -.asa - -.asp - -.aspx - -.ax - -.bat - -.cer - -.chm - -.clb - -.cmd - -.cnt - -.cnv - -.com - -.cpl - -.cpx - -.crt - -.dll - -.drv - -.exe - -.fon - -.grp - -.hlp - -.hta - -.ime - -.inf - -.ins - -.isp - -.its - -.js - -.jse - -.lnk - -.msc - -.msi - -.msp - -.mst - -.mui - -.nls - -.ocx - -.pal - -.pcd - -.pif - -.reg - -.scf - -.scr - -.sct - -.shb - -.shs - -.sys - -.tlb - -.tsp - -.url - -.vb - -.vbe - -.vbs - -.vsmacros - -.ws - -.esc - -.wsf - -.wsh - -  +| File type | +| --------- | +| .acm | +| .asa | +| .asp | +| .aspx | +| .ax | +| .bat | +| .cer | +| .chm | +| .clb | +| .cmd | +| .cnt | +| .cnv | +| .com | +| .cpl | +| .cpx | +| .crt | +| .dll | +| .drv | +| .exe | +| .fon | +| .grp | +| .hlp | +| .hta | +| .ime | +| .inf | +| .ins | +| .isp | +| .its | +| .js | +| .jse | +| .lnk | +| .msc | +| .msi | +| .msp | +| .mst | +| .mui | +| .nls | +| .ocx | +| .pal | +| .pcd | +| .pif | +| .reg | +| .scf | +| .scr | +| .sct | +| .shb | +| .shs | +| .sys | +| .tlb | +| .tsp | +| .url | +| .vb | +| .vbe | +| .vbs | +| .vsmacros | +| .ws | +| .esc | +| .wsf | +| .wsh | ## Modifying an existing virtual application package From ca489520c534cec6962f8369b7635473eb8f607c Mon Sep 17 00:00:00 2001 From: Trudy Hakala Date: Thu, 28 Apr 2016 09:12:53 -0700 Subject: [PATCH 033/111] paid apps updates --- windows/manage/apps-in-windows-store-for-business.md | 4 ++++ windows/manage/assign-apps-to-employees.md | 2 +- windows/manage/manage-inventory-windows-store-for-business.md | 2 +- 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/windows/manage/apps-in-windows-store-for-business.md b/windows/manage/apps-in-windows-store-for-business.md index 5e896b7a2f..1376953e1a 100644 --- a/windows/manage/apps-in-windows-store-for-business.md +++ b/windows/manage/apps-in-windows-store-for-business.md @@ -47,6 +47,10 @@ Apps in your inventory will have at least one of these supported platforms liste Apps that you acquire from the Store for Business only work on Windows 10-based devices. Even though an app might list Windows 8 as its supported platform, that tells you what platform the app was originally written for. Apps developed for Windows 8, or Windows phone 8 will work on Windows 10. +Some apps are free, and some apps charge a price. We're continuing to add more paid apps to the Store for Business. Check back if you don't see the app that you're looking for. Currently, you can pay for apps with a credit card. We'll be adding more payment options over time. + +Some apps which are available to consumers in Windows Store might not be available in Windows Store for Business. This can happen for a couple of reasons. The app developer might set the app availability so that it is only available to people using Windows Store. Also, business-to-business transaction regulatory requirements might prevent the app being available in Store for Business. + Line-of-business (LOB) apps are also supported using the Store for Business. Admins can invite IT devs and ISVs to be LOB publishers. Apps developed by your LOB publishers that are submitted to the Store are only available to your organization. Once an administrator accepts an app submitted by one of their LOB publishers, the app can be distributed just like any other app from Store for Business. For more information, see Working with Line-of-Business apps. ## In-app purchases diff --git a/windows/manage/assign-apps-to-employees.md b/windows/manage/assign-apps-to-employees.md index 0864ee8dac..c6e8393f30 100644 --- a/windows/manage/assign-apps-to-employees.md +++ b/windows/manage/assign-apps-to-employees.md @@ -28,7 +28,7 @@ Administrators can assign online-licensed apps to employees in their organizatio 4. Type the email address for the employee that you're assigning the app to, and click **Confirm**. -Employees will receive an email with a link that will install the app on their device. Click the link to start the Windows Store app, and then click **Install**. +Employees will receive an email with a link that will install the app on their device. Click the link to start the Windows Store app, and then click **Install**. Also, in the Windows Store app, they can find the app under **My Library**.   diff --git a/windows/manage/manage-inventory-windows-store-for-business.md b/windows/manage/manage-inventory-windows-store-for-business.md index b506ec3b10..f2675df317 100644 --- a/windows/manage/manage-inventory-windows-store-for-business.md +++ b/windows/manage/manage-inventory-windows-store-for-business.md @@ -38,7 +38,7 @@ Another way to distribute apps is by assigning them to people in your organizati 3. Find an app, click the ellipses under **Action**, and then choose **Assign to people**. 4. Type the email address for the employee that you're assigning the app to, and click **Confirm**. -Employees will receive an email with a link that will install the app on their device. Click the link to start the Windows Store app, and then click **Install**. Also, in the Windows Store app, they can find the app under **MyLibrary**. +Employees will receive an email with a link that will install the app on their device. Click the link to start the Windows Store app, and then click **Install**. Also, in the Windows Store app, they can find the app under **My Library**. ## Manage licenses For apps in inventory, when you assign an app to an employee, a license for the app is assigned to them. You can manage these licenses, either by assigning them, or reclaiming them so you can assign them to another employee. You can also remove an app from the private store. From ba47a67dc2145fe019869c9a6a0367ff16455ac6 Mon Sep 17 00:00:00 2001 From: Brian Lich Date: Thu, 28 Apr 2016 09:40:22 -0700 Subject: [PATCH 034/111] fixed code blocks --- ...ate-or-edit-the-sms-defmof-file-mbam-25.md | 36 +++++++++---------- .../edit-the-configurationmof-file-mbam-25.md | 36 +++++++++---------- 2 files changed, 36 insertions(+), 36 deletions(-) diff --git a/mdop/mbam-v25/create-or-edit-the-sms-defmof-file-mbam-25.md b/mdop/mbam-v25/create-or-edit-the-sms-defmof-file-mbam-25.md index 89d24f23b8..104e174531 100644 --- a/mdop/mbam-v25/create-or-edit-the-sms-defmof-file-mbam-25.md +++ b/mdop/mbam-v25/create-or-edit-the-sms-defmof-file-mbam-25.md @@ -27,8 +27,8 @@ In the following sections, complete the instructions that correspond to the vers // Microsoft BitLocker Administration and Monitoring //=================================================== -#pragma namespace ("\\\\.\\root\\cimv2\\SMS") -#pragma deleteclass("Win32_BitLockerEncryptionDetails", NOFAIL) + #pragma namespace ("\\\\.\\root\\cimv2\\SMS") + #pragma deleteclass("Win32_BitLockerEncryptionDetails", NOFAIL) [ SMS_Report (TRUE), SMS_Group_Name ("BitLocker Encryption Details"), SMS_Class_ID ("MICROSOFT|BITLOCKER_DETAILS|1.0")] @@ -66,8 +66,8 @@ In the following sections, complete the instructions that correspond to the vers String EnforcePolicyDate; }; -#pragma namespace ("\\\\.\\root\\cimv2\\SMS") -#pragma deleteclass("Win32Reg_MBAMPolicy", NOFAIL) + #pragma namespace ("\\\\.\\root\\cimv2\\SMS") + #pragma deleteclass("Win32Reg_MBAMPolicy", NOFAIL) [ SMS_Report(TRUE), SMS_Group_Name("BitLocker Policy"), SMS_Class_ID("MICROSOFT|MBAM_POLICY|1.0")] @@ -110,8 +110,8 @@ In the following sections, complete the instructions that correspond to the vers }; //Read Win32_OperatingSystem.SKU WMI property in a new class - because SKU is not available before Vista. -#pragma namespace ("\\\\.\\root\\cimv2\\SMS") -#pragma deleteclass("CCM_OperatingSystemExtended", NOFAIL) + #pragma namespace ("\\\\.\\root\\cimv2\\SMS") + #pragma deleteclass("CCM_OperatingSystemExtended", NOFAIL) [ SMS_Report (TRUE), SMS_Group_Name ("Operating System Ex"), SMS_Class_ID ("MICROSOFT|OPERATING_SYSTEM_EXT|1.0") ] @@ -124,8 +124,8 @@ In the following sections, complete the instructions that correspond to the vers }; //Read Win32_ComputerSystem.PCSystemType WMI property in a new class - because PCSystemType is not available before Vista. -#pragma namespace ("\\\\.\\root\\cimv2\\SMS") -#pragma deleteclass("CCM_ComputerSystemExtended", NOFAIL) + #pragma namespace ("\\\\.\\root\\cimv2\\SMS") + #pragma deleteclass("CCM_ComputerSystemExtended", NOFAIL) [ SMS_Report (TRUE), SMS_Group_Name ("Computer System Ex"), SMS_Class_ID ("MICROSOFT|COMPUTER_SYSTEM_EXT|1.0") ] @@ -193,8 +193,8 @@ In the following sections, complete the instructions that correspond to the vers // Microsoft BitLocker Administration and Monitoring //=================================================== -#pragma namespace ("\\\\.\\root\\cimv2\\SMS") -#pragma deleteclass("Win32_BitLockerEncryptionDetails", NOFAIL) + #pragma namespace ("\\\\.\\root\\cimv2\\SMS") + #pragma deleteclass("Win32_BitLockerEncryptionDetails", NOFAIL) [ SMS_Report (TRUE), SMS_Group_Name ("BitLocker Encryption Details"), SMS_Class_ID ("MICROSOFT|BITLOCKER_DETAILS|1.0")] @@ -232,8 +232,8 @@ In the following sections, complete the instructions that correspond to the vers String EnforcePolicyDate; }; -#pragma namespace ("\\\\.\\root\\cimv2\\SMS") -#pragma deleteclass("Win32Reg_MBAMPolicy", NOFAIL) + #pragma namespace ("\\\\.\\root\\cimv2\\SMS") + #pragma deleteclass("Win32Reg_MBAMPolicy", NOFAIL) [ SMS_Report(TRUE), SMS_Group_Name("BitLocker Policy"), SMS_Class_ID("MICROSOFT|MBAM_POLICY|1.0"), @@ -278,8 +278,8 @@ In the following sections, complete the instructions that correspond to the vers string EncodedComputerName; }; -#pragma namespace ("\\\\.\\root\\cimv2\\SMS") -#pragma deleteclass("Win32Reg_MBAMPolicy_64", NOFAIL) + #pragma namespace ("\\\\.\\root\\cimv2\\SMS") + #pragma deleteclass("Win32Reg_MBAMPolicy_64", NOFAIL) [ SMS_Report(TRUE), SMS_Group_Name("BitLocker Policy"), SMS_Class_ID("MICROSOFT|MBAM_POLICY|1.0"), @@ -325,8 +325,8 @@ In the following sections, complete the instructions that correspond to the vers }; //Read Win32_OperatingSystem.SKU WMI property in a new class - because SKU is not available before Vista. -#pragma namespace ("\\\\.\\root\\cimv2\\SMS") -#pragma deleteclass("CCM_OperatingSystemExtended", NOFAIL) + #pragma namespace ("\\\\.\\root\\cimv2\\SMS") + #pragma deleteclass("CCM_OperatingSystemExtended", NOFAIL) [ SMS_Report (TRUE), SMS_Group_Name ("Operating System Ex"), SMS_Class_ID ("MICROSOFT|OPERATING_SYSTEM_EXT|1.0") ] @@ -339,8 +339,8 @@ In the following sections, complete the instructions that correspond to the vers }; //Read Win32_ComputerSystem.PCSystemType WMI property in a new class - because PCSystemType is not available before Vista. -#pragma namespace ("\\\\.\\root\\cimv2\\SMS") -#pragma deleteclass("CCM_ComputerSystemExtended", NOFAIL) + #pragma namespace ("\\\\.\\root\\cimv2\\SMS") + #pragma deleteclass("CCM_ComputerSystemExtended", NOFAIL) [ SMS_Report (TRUE), SMS_Group_Name ("Computer System Ex"), SMS_Class_ID ("MICROSOFT|COMPUTER_SYSTEM_EXT|1.0") ] diff --git a/mdop/mbam-v25/edit-the-configurationmof-file-mbam-25.md b/mdop/mbam-v25/edit-the-configurationmof-file-mbam-25.md index f19930748f..b920db9b8e 100644 --- a/mdop/mbam-v25/edit-the-configurationmof-file-mbam-25.md +++ b/mdop/mbam-v25/edit-the-configurationmof-file-mbam-25.md @@ -25,8 +25,8 @@ To enable the client computers to report BitLocker compliance details through th // Microsoft BitLocker Administration and Monitoring //=================================================== -#pragma namespace ("\\\\.\\root\\cimv2") -#pragma deleteclass("Win32_BitLockerEncryptionDetails", NOFAIL) + #pragma namespace ("\\\\.\\root\\cimv2") + #pragma deleteclass("Win32_BitLockerEncryptionDetails", NOFAIL) [Union, ViewSources{"select DeviceId, BitlockerPersistentVolumeId, BitLockerManagementPersistentVolumeId, BitLockerManagementVolumeType, DriveLetter, Compliant, ReasonsForNonCompliance, KeyProtectorTypes, EncryptionMethod, ConversionStatus, ProtectionStatus, IsAutoUnlockEnabled, NoncomplianceDetectedDate, EnforcePolicyDate from Mbam_Volume"}, ViewSpaces{"\\\\.\\root\\microsoft\\mbam"}, dynamic, Provider("MS_VIEW_INSTANCE_PROVIDER")] class Win32_BitLockerEncryptionDetails { @@ -62,8 +62,8 @@ To enable the client computers to report BitLocker compliance details through th String EnforcePolicyDate; }; -#pragma namespace ("\\\\.\\root\\cimv2") -#pragma deleteclass("Win32Reg_MBAMPolicy", NOFAIL) + #pragma namespace ("\\\\.\\root\\cimv2") + #pragma deleteclass("Win32Reg_MBAMPolicy", NOFAIL) [DYNPROPS] Class Win32Reg_MBAMPolicy { @@ -124,8 +124,8 @@ To enable the client computers to report BitLocker compliance details through th EncodedComputerName; }; -#pragma namespace ("\\\\.\\root\\cimv2") -#pragma deleteclass("CCM_OperatingSystemExtended", NOFAIL) + #pragma namespace ("\\\\.\\root\\cimv2") + #pragma deleteclass("CCM_OperatingSystemExtended", NOFAIL) [Union, ViewSources{"select Name,OperatingSystemSKU from Win32_OperatingSystem"}, ViewSpaces{"\\\\.\\root\\cimv2"}, dynamic,Provider("MS_VIEW_INSTANCE_PROVIDER")] class CCM_OperatingSystemExtended @@ -136,8 +136,8 @@ To enable the client computers to report BitLocker compliance details through th uint32 SKU; }; -#pragma namespace ("\\\\.\\root\\cimv2") -#pragma deleteclass("CCM_ComputerSystemExtended", NOFAIL) + #pragma namespace ("\\\\.\\root\\cimv2") + #pragma deleteclass("CCM_ComputerSystemExtended", NOFAIL) [Union, ViewSources{"select Name,PCSystemType from Win32_ComputerSystem"}, ViewSpaces{"\\\\.\\root\\cimv2"}, dynamic,Provider("MS_VIEW_INSTANCE_PROVIDER")] class CCM_ComputerSystemExtended @@ -168,8 +168,8 @@ To enable the client computers to report BitLocker compliance details through th // Microsoft BitLocker Administration and Monitoring //=================================================== -#pragma namespace ("\\\\.\\root\\cimv2") -#pragma deleteclass("Win32_BitLockerEncryptionDetails", NOFAIL) + #pragma namespace ("\\\\.\\root\\cimv2") + #pragma deleteclass("Win32_BitLockerEncryptionDetails", NOFAIL) [Union, ViewSources{"select DeviceId, BitlockerPersistentVolumeId, BitLockerManagementPersistentVolumeId, BitLockerManagementVolumeType, DriveLetter, Compliant, ReasonsForNonCompliance, KeyProtectorTypes, EncryptionMethod, ConversionStatus, ProtectionStatus, IsAutoUnlockEnabled, NoncomplianceDetectedDate, EnforcePolicyDate from Mbam_Volume"}, ViewSpaces{"\\\\.\\root\\microsoft\\mbam"}, dynamic, Provider("MS_VIEW_INSTANCE_PROVIDER")] class Win32_BitLockerEncryptionDetails { @@ -205,8 +205,8 @@ To enable the client computers to report BitLocker compliance details through th String EnforcePolicyDate; }; -#pragma namespace ("\\\\.\\root\\cimv2") -#pragma deleteclass("Win32Reg_MBAMPolicy", NOFAIL) + #pragma namespace ("\\\\.\\root\\cimv2") + #pragma deleteclass("Win32Reg_MBAMPolicy", NOFAIL) [DYNPROPS] Class Win32Reg_MBAMPolicy { @@ -267,8 +267,8 @@ To enable the client computers to report BitLocker compliance details through th EncodedComputerName; }; -#pragma namespace ("\\\\.\\root\\cimv2") -#pragma deleteclass("Win32Reg_MBAMPolicy_64", NOFAIL) + #pragma namespace ("\\\\.\\root\\cimv2") + #pragma deleteclass("Win32Reg_MBAMPolicy_64", NOFAIL) [DYNPROPS] Class Win32Reg_MBAMPolicy_64 { @@ -329,8 +329,8 @@ To enable the client computers to report BitLocker compliance details through th EncodedComputerName; }; -#pragma namespace ("\\\\.\\root\\cimv2") -#pragma deleteclass("CCM_OperatingSystemExtended", NOFAIL) + #pragma namespace ("\\\\.\\root\\cimv2") + #pragma deleteclass("CCM_OperatingSystemExtended", NOFAIL) [Union, ViewSources{"select Name,OperatingSystemSKU from Win32_OperatingSystem"}, ViewSpaces{"\\\\.\\root\\cimv2"}, dynamic,Provider("MS_VIEW_INSTANCE_PROVIDER")] class CCM_OperatingSystemExtended @@ -341,8 +341,8 @@ To enable the client computers to report BitLocker compliance details through th uint32 SKU; }; -#pragma namespace ("\\\\.\\root\\cimv2") -#pragma deleteclass("CCM_ComputerSystemExtended", NOFAIL) + #pragma namespace ("\\\\.\\root\\cimv2") + #pragma deleteclass("CCM_ComputerSystemExtended", NOFAIL) [Union, ViewSources{"select Name,PCSystemType from Win32_ComputerSystem"}, ViewSpaces{"\\\\.\\root\\cimv2"}, dynamic,Provider("MS_VIEW_INSTANCE_PROVIDER")] class CCM_ComputerSystemExtended From 7eeb7b083f0a95e2bd8b355c6af71f29415084d1 Mon Sep 17 00:00:00 2001 From: "J. Decker" Date: Thu, 28 Apr 2016 09:48:22 -0700 Subject: [PATCH 035/111] fix formatting --- windows/manage/windows-10-start-layout-options-and-policies.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/manage/windows-10-start-layout-options-and-policies.md b/windows/manage/windows-10-start-layout-options-and-policies.md index 142e4e88a6..5a0c3eadfe 100644 --- a/windows/manage/windows-10-start-layout-options-and-policies.md +++ b/windows/manage/windows-10-start-layout-options-and-policies.md @@ -57,7 +57,7 @@ The following table lists the different parts of Start and any applicable policy

-and-

Dynamically inserted app tile

MDM: Allow Windows Consumer Features

-

Group Policy: Computer Configuration\Administrative Templates\Windows Components\Cloud Content\Turn off Microsoft consumer experiences

+

Group Policy: Computer Configuration\\Administrative Templates\\Windows Components\\Cloud Content\\Turn off Microsoft consumer experiences

Note  

This policy also enables or disables notifications for a user's Microsoft account and app tiles from Microsoft dynamically inserted in the default Start menu.

From 56915118b2cc7fa9caa9012cee45bc878a3adeb4 Mon Sep 17 00:00:00 2001 From: LizRoss Date: Thu, 28 Apr 2016 10:10:08 -0700 Subject: [PATCH 036/111] Updated for task #7360131 --- ...ct-data-using-enterprise-site-discovery.md | 87 +++++++++++-------- 1 file changed, 49 insertions(+), 38 deletions(-) diff --git a/browsers/internet-explorer/ie11-deploy-guide/collect-data-using-enterprise-site-discovery.md b/browsers/internet-explorer/ie11-deploy-guide/collect-data-using-enterprise-site-discovery.md index 3c72362e33..4d6f071016 100644 --- a/browsers/internet-explorer/ie11-deploy-guide/collect-data-using-enterprise-site-discovery.md +++ b/browsers/internet-explorer/ie11-deploy-guide/collect-data-using-enterprise-site-discovery.md @@ -16,9 +16,9 @@ title: Collect data using Enterprise Site Discovery - Windows 8.1 Update - Windows 7 with Service Pack 1 (SP1) -Use Internet Explorer to collect data on computers running Windows Internet Explorer 8 through Internet Explorer 11 on Windows 10, Windows 8.1, or Windows 7. This inventory information helps you build a list of websites used by your company so you can make more informed decisions about your IE deployments, including figuring out which sites might be at risk or require overhauls during future upgrades. +Use Internet Explorer to collect data on computers running Windows Internet Explorer 8 through Internet Explorer 11 on Windows 10, Windows 8.1, or Windows 7. This inventory information helps you build a list of websites used by your company so you can make more informed decisions about your IE deployments, including figuring out which sites might be at risk or require overhauls during future upgrades. -## Requirements +## Before you begin Before you start, you need to make sure you have the following: - Latest cumulative security update (for all supported versions of Internet Explorer): @@ -43,7 +43,7 @@ Before you start, you need to make sure you have the following: You must use System Center 2012 R2 Configuration Manager or later for these samples to work. -Both the PowerShell script and .mof file need to be copied to the same location on the client computer, before you run the scripts. +Both the PowerShell script and the Managed Object Format (.MOF) file need to be copied to the same location on the client device, before you run the scripts. ## What data is collected? Data is collected on the configuration characteristics of IE and the sites it browses, as shown here. @@ -67,7 +67,7 @@ Data is collected on the configuration characteristics of IE and the sites it br The data collection process is silent, so there’s no notification to the employee. Therefore, you must get consent from the employee before you start collecting info. You must also make sure that using this feature complies with all applicable local laws and regulatory requirements. ## Where is the data stored and how do I collect it? -The data is stored locally, in an industry-standard WMI class, Managed Object Format (.MOF) file or in an XML file, depending on your configuration. This file remains on the client computer until it’s collected. To collect the files, we recommend: +The data is stored locally, in an industry-standard WMI class, .MOF file or in an XML file, depending on your configuration. This file remains on the client computer until it’s collected. To collect the files, we recommend: - **WMI file**. Use Microsoft Configuration Manager or any agent that can read the contents of a WMI class on your computer. @@ -80,48 +80,55 @@ On average, a website generates about 250bytes of data for each visit, causing o

**Important**
The data collection process is silent, so there’s no notification to the employee. Therefore, you must get consent from the employee before you start collecting info. You must also make sure that using this feature complies with all applicable local laws and regulatory requirements. ## Getting ready to use Enterprise Site Discovery +Before you can start to collect your data, you must run the provided PowerShell script (IETelemetrySetUp.ps1) on your client devices to start generating the site discovery data and to set up a place to store this data locally. Then, you must start collecting the site discovery data from the client devices, using one of these three options: + +- Collect your hardware inventory using the MOF Editor, while connecting to a client device.

+-OR- +- Collect your hardware inventory using the MOF Editor with a .MOF import file.

+-OR- +- Collect your hardware inventory using the SMS\DEF.MOF file (System Center Configuration Manager 2007 only) + +### WMI only: Running the PowerShell script to compile the .MOF file and to update security privileges You need to set up your computers for data collection by running the provided PowerShell script (IETelemetrySetUp.ps1) to compile the .mof file and to update security privileges for the new WMI classes.

**Important**
You must run this script if you’re using WMI as your data output. It's not necessary if you're using XML as your data output. - ![](images/wedge.gif) **To set up Enterprise Site Discovery** +![](images/wedge.gif) **To set up Enterprise Site Discovery** -- Start PowerShell in elevated mode (using admin privileges) and run IETElemetrySetUp.ps1 by by-passing the PowerShell execution policy, using this command: `powershell -ExecutionPolicy Bypass .\IETElemetrySetUp.ps1`. For more info, see [about Execution Policies](http://go.microsoft.com/fwlink/p/?linkid=517460). - -### Optional: Set up your firewall for WMI data +- Start PowerShell in elevated mode (using admin privileges) and run IETElemetrySetUp.ps1 by by-passing the PowerShell execution policy, using this command: `powershell -ExecutionPolicy Bypass .\IETElemetrySetUp.ps1`. For more info, see [about Execution Policies](http://go.microsoft.com/fwlink/p/?linkid=517460). +### WMI only: Set up your firewall for WMI data If you choose to use WMI as your data output, you need to make sure that your WMI data can travel through your firewall for the domain. If you’re sure, you can skip this section; otherwise, follow these steps: - ![](images/wedge.gif) **To set up your firewall** +![](images/wedge.gif) **To set up your firewall** -1. In **Control Panel**, click **System and Security**, and then click **Windows Firewall**. +1. In **Control Panel**, click **System and Security**, and then click **Windows Firewall**. -2. In the left pane, click **Allow an app or feature through Windows Firewall** and scroll down to check the box for **Windows Management Instrumentation (WMI)**. +2. In the left pane, click **Allow an app or feature through Windows Firewall** and scroll down to check the box for **Windows Management Instrumentation (WMI)**. -3. Restart your computer to start collecting your WMI data. +3. Restart your computer to start collecting your WMI data. -## Setting up Enterprise Site Discovery using PowerShell -After you finish the initial setup for Site Discovery using PowerShell, you have the option to continue with PowerShell or to switch to Group Policy. +## Use PowerShell to finish setting up Enterprise Site Discovery +You can determine which zones or domains are used for data collection, using PowerShell. If you don’t want to use PowerShell, you can do this using Group Policy. For more info, see [Use Group Policy to finish setting up Enterprise Site Discovery](#use-group-policy-to-finish-setting-up-enterprise-site-discovery).

**Important**
The .ps1 file updates turn on Enterprise Site Discovery and WMI collection for all users on a device. -### Setting up zones or domains for data collection -You can determine which zones or domains are used for data collection, using PowerShell. +- **Domain allow list.** If you have a domain allow list, a comma-separated list of domains that should have this feature turned on, you should use this process. -- **Domain allow list.** If you have a domain allow list, a comma-separated list of domains that should have this feature turned on, you should use this process. - -- **Zone allow list.** If you have a zone allow list, a comma-separated list of zones that should have this feature turned on, you should use this process. +- **Zone allow list.** If you have a zone allow list, a comma-separated list of zones that should have this feature turned on, you should use this process. ![](images/wedge.gif) **To set up data collection using a domain allow list** - -- Start PowerShell in elevated mode (using admin privileges) and run IETElemetrySetUp.ps1, using this command: `.\IETElemetrySetUp.ps1 [other args] -SiteAllowList sharepoint.com,outlook.com,onedrive.com`. -

**Important**
Wildcards, like \*.microsoft.com, aren’t supported. + + - Start PowerShell in elevated mode (using admin privileges) and run IETElemetrySetUp.ps1, using this command: `.\IETElemetrySetUp.ps1 [other args] -SiteAllowList sharepoint.com,outlook.com,onedrive.com`. + + **Important**
Wildcards, like \*.microsoft.com, aren’t supported. ![](images/wedge.gif) **To set up data collection using a zone allow list** + + - Start PowerShell in elevated mode (using admin privileges) and run IETElemetrySetUp.ps1, using this command: `.\IETElemetrySetUp.ps1 [other args] -ZoneAllowList Computer,Intranet,TrustedSites,Internet,RestrictedSites`. + + **Important**
Only Computer, Intranet, TrustedSites, Internet, and RestrictedSites are supported. -- Start PowerShell in elevated mode (using admin privileges) and run IETElemetrySetUp.ps1, using this command: `.\IETElemetrySetUp.ps1 [other args] -ZoneAllowList Computer,Intranet,TrustedSites,Internet,RestrictedSites`. -

**Important**
Only Computer, Intranet, TrustedSites, Internet, and RestrictedSites are supported. - -## Setting up Enterprise Site Discovery using Group Policy -If you don’t want to continue using PowerShell, you can switch to Group Policy after the initial Site Discovery setup. +## Use Group Policy to finish setting up Enterprise Site Discovery +You can use Group Policy to finish setting up Enterprise Site Discovery. If you don’t want to use Group Policy, you can do this using PowerShell. For more info, see [Use Powershell to finish setting up Enterprise Site Discovery](#use-powershell-to-finish-setting-up-enterprise-site-discovery).

**Note**
 All of the Group Policy settings can be used individually or as a group. ![](images/wedge.gif) **To set up Enterprise Site Discovery using Group Policy** @@ -136,7 +143,6 @@ If you don’t want to continue using PowerShell, you can switch to Group Policy |Administrative Templates\Windows Components\Internet Explorer\Limit Site Discovery output by domain |Manages which domains can collect data |To specify which domains can collect data, you must include your selected domains, one domain per line, in the provided box. It should look like:

microsoft.sharepoint.com
outlook.com
onedrive.com
timecard.contoso.com
LOBApp.contoso.com | ### Combining WMI and XML Group Policy settings - You can use both the WMI and XML settings individually or together, based on: ![](images/wedge.gif) **To turn off Enterprise Site Discovery** @@ -163,12 +169,17 @@ You can use both the WMI and XML settings individually or together, based on:

  • Turn on Site Discovery XML output: XML file path
    • - ## Use Configuration Manager to collect your data -After you’ve collected your data, you’ll need to get the local files off of your employee’s computers. To do this, use the hardware inventory process in Configuration Manager, in one of the following ways. +After you’ve collected your data, you’ll need to get the local files off of your employee’s computers. To do this, use the hardware inventory process in Configuration Manager, using one of these options: -### Collect your hardware inventory using the MOF Editor while connecting to a computer -You can collect your hardware inventory using the MOF Editor, while you’re connected to your client computers. +- Collect your hardware inventory using the MOF Editor, while connecting to a client device.

    +-OR- +- Collect your hardware inventory using the MOF Editor with a .MOF import file.

    +-OR- +- Collect your hardware inventory using the SMS\DEF.MOF file (System Center Configuration Manager 2007 only) + +### Collect your hardware inventory using the MOF Editor while connected to a client device +You can collect your hardware inventory using the MOF Editor, while you’re connected to your client devices. ![](images/wedge.gif) **To collect your inventory** @@ -193,8 +204,8 @@ You can collect your hardware inventory using the MOF Editor, while you’re con 5. Click **OK** to close the default windows.
    Your environment is now ready to collect your hardware inventory and review the sample reports. -### Collect your hardware inventory using the MOF Editor with a MOF import file -You can collect your hardware inventory using the MOF Editor and a MOF import file. +### Collect your hardware inventory using the MOF Editor with a .MOF import file +You can collect your hardware inventory using the MOF Editor and a .MOF import file. ![](images/wedge.gif) **To collect your inventory** @@ -207,8 +218,8 @@ You can collect your hardware inventory using the MOF Editor and a MOF import fi 4. Click **OK** to close the default windows.
    Your environment is now ready to collect your hardware inventory and review the sample reports. -### Collect your hardware inventory using the SMS\DEF.MOF file -You can collect your hardware inventory using the using the Systems Management Server (SMS\DEF.MOF) file. +### Collect your hardware inventory using the SMS\DEF.MOF file (System Center Configuration Manager 2007 only) +You can collect your hardware inventory using the using the Systems Management Server (SMS\DEF.MOF) file. Editing this file lets you collect your data for System Center Configuration Manager 2007. If you aren’t using this version of Configuration Manager, you won’t want to use this option. ![](images/wedge.gif) **To collect your inventory** @@ -281,7 +292,7 @@ You can collect your hardware inventory using the using the Systems Management S 3. Save the file and close it to the same location.
    Your environment is now ready to collect your hardware inventory and review the sample reports. -### Viewing the sample reports +## View the sample reports with your collected data The sample reports, **SCCM Report Sample – ActiveX.rdl** and **SCCM Report Sample – Site Discovery.rdl**, work with System Center 2012, so you can review your collected data. ### SCCM Report Sample – ActiveX.rdl @@ -336,7 +347,7 @@ Each site is validated and if successful, added to the global site list when you 3. Click **OK** to close the **Bulk add sites to the list** menu. -## Turn off data collection on your client computers +## Turn off data collection on your client devices After you’ve collected your data, you’ll need to turn Enterprise Site Discovery off. ![](images/wedge.gif) **To stop collecting data, using PowerShell** From 29fa4a92dd260f6b55bf2389fca6b7ab05e45ae4 Mon Sep 17 00:00:00 2001 From: Trudy Hakala Date: Thu, 28 Apr 2016 11:01:00 -0700 Subject: [PATCH 037/111] wsfb paid app updates --- windows/manage/TOC.md | 4 +- ...managemement-windows-store-for-business.md | 45 ++++++++++++++----- .../apps-in-windows-store-for-business.md | 2 +- ...ge-inventory-windows-store-for-business.md | 1 + 4 files changed, 40 insertions(+), 12 deletions(-) diff --git a/windows/manage/TOC.md b/windows/manage/TOC.md index 2398446f4f..3324e10449 100644 --- a/windows/manage/TOC.md +++ b/windows/manage/TOC.md @@ -36,6 +36,7 @@ #### [Settings reference: Windows Store for Business](settings-reference-windows-store-for-business.md) ### [Find and acquire apps](find-and-acquire-apps-overview.md) #### [Apps in the Windows Store for Business](apps-in-windows-store-for-business.md) +#### [Acquire apps in the Windows Store for Business](acquire-apps-windows-store-for-business.md) #### [Working with line-of-business apps](working-with-line-of-business-apps.md) ### [Distribute apps to your employees from the Windows Store for Business](distribute-apps-to-your-employees-windows-store-for-business.md) #### [Distribute apps using your private store](distribute-apps-from-your-private-store.md) @@ -43,8 +44,9 @@ #### [Distribute apps with a management tool](distribute-apps-with-management-tool.md) #### [Distribute offline apps](distribute-offline-apps.md) ### [Manage apps](manage-apps-windows-store-for-business-overview.md) -#### [Manage access to private store](manage-access-to-private-store.md) #### [App inventory managemement for Windows Store for Business](app-inventory-managemement-windows-store-for-business.md) +#### [Manage app orders in Windows Store for Business](manage-orders-windows-store-for-business.md) +#### [Manage access to private store](manage-access-to-private-store.md) #### [Manage private store settings](manage-private-store-settings.md) #### [Configure MDM provider](configure-mdm-provider-windows-store-for-business.md) ### [Device Guard signing portal](device-guard-signing-portal.md) diff --git a/windows/manage/app-inventory-managemement-windows-store-for-business.md b/windows/manage/app-inventory-managemement-windows-store-for-business.md index 77c0e6e634..245d15cac1 100644 --- a/windows/manage/app-inventory-managemement-windows-store-for-business.md +++ b/windows/manage/app-inventory-managemement-windows-store-for-business.md @@ -105,11 +105,6 @@ Each app in the Store for Business has an online, or an offline license. For mor   -**Note**   -Removing apps from inventory is not currently supported. - -  - The actions in the table are how you distribute apps, and manage app licenses. We'll cover those in the next sections. Working with offline-licensed apps has different steps. For more information on distributing offline-licensed apps, see [Distribute offline apps](distribute-offline-apps.md). ### Distribute apps @@ -122,15 +117,45 @@ For online-licensed apps, there are a couple of ways to distribute apps from you If you use a management tool that supports Store for Business, you can distribute apps with your management tool. Once it is configured to work with Store for Business, your managment tool will have access to all apps in your inventory. For more information, see [Distribute apps with a management tool](distribute-apps-with-management-tool.md). -### Assign apps +Once an app is in your private store, people in your org can install the app on their devices. For more information, see [Distribute apps using your private store](distribute-apps-from-your-private-store.md). -You can assign apps directly to people in your organization. You can assign apps to individuals, a few people, or to a group. For more information, see [Assign apps to employees](assign-apps-to-employees.md). +**To make an app in inventory available in your private store** -### Private store +1. Sign in to the [Store for Business](http://businessstore.microsoft.com). +2. Click **Manage**, and then choose **Inventory**. +3. Click **Refine**, and then choose **Online**. Store for Business will update the list of apps on the **Inventory** page. +4. From an app in **Inventory**, click the ellipses under **Action**, and then choose **Add to private store**. -The private store is a feature in the Store for Business. Once an online-licensed app is in your inventory, you can make it available in your private store. When you add apps to the private store, all employees in your organization can view and download the app. Employees access the private store as a page in Windows Store app. +The value under Private store for the app will change to pending. It will take approximately twelve hours before the app is available in the private store. -For more information, see [Distribute apps using your private store](distribute-apps-from-your-private-store.md). +Employees can claim apps that admins added to the private store by doing the following. + +**To claim an app from the private store** + +1. Sign in to your computer with your Azure Active Directory (AD) credentials, and start the Windows Store app. +2. Click the private store tab. +3. Click the app you want to install, and then click **Install**. + +Another way to distribute apps is by assigning them to people in your organization. + +If you decide that you don't want an app available for employees to install on their own, you can remove it from your private store. + +**To remove an app from the private store** + +1. Sign in to the [Store for Business](http://businessstore.microsoft.com). +2. Click **Manage**, and then choose **Inventory**. +3. Find an app, click the ellipses under **Action**, and then choose **Remove from private store**, and then click **Remove**. + +The app will still be in your inventory, but your employees will not have access to the app from your private store. + +**To assign an app to an employee** + +1. Sign in to the [Store for Business](http://businessstore.microsoft.com). +2. Click **Manage**, and then choose **Inventory**. +3. Find an app, click the ellipses under **Action**, and then choose **Assign to people**. +4. Type the email address for the employee that you're assigning the app to, and click **Confirm**. + +Employees will receive an email with a link that will install the app on their device. Click the link to start the Windows Store app, and then click **Install**. Also, in the Windows Store app, they can find the app under **My Library**. ### Manage app licenses diff --git a/windows/manage/apps-in-windows-store-for-business.md b/windows/manage/apps-in-windows-store-for-business.md index 1376953e1a..f1a9e6aaf5 100644 --- a/windows/manage/apps-in-windows-store-for-business.md +++ b/windows/manage/apps-in-windows-store-for-business.md @@ -49,7 +49,7 @@ Apps that you acquire from the Store for Business only work on Windows 10-based Some apps are free, and some apps charge a price. We're continuing to add more paid apps to the Store for Business. Check back if you don't see the app that you're looking for. Currently, you can pay for apps with a credit card. We'll be adding more payment options over time. -Some apps which are available to consumers in Windows Store might not be available in Windows Store for Business. This can happen for a couple of reasons. The app developer might set the app availability so that it is only available to people using Windows Store. Also, business-to-business transaction regulatory requirements might prevent the app being available in Store for Business. +Some apps which are available to consumers in Windows Store might not be available in Windows Store for Business. This can happen for a couple of reasons. The app developer might set the app availability so that it is only available to people using Windows Store. Also, tax requirements for business-to-business transactions might prevent the app being available in Store for Business. Line-of-business (LOB) apps are also supported using the Store for Business. Admins can invite IT devs and ISVs to be LOB publishers. Apps developed by your LOB publishers that are submitted to the Store are only available to your organization. Once an administrator accepts an app submitted by one of their LOB publishers, the app can be distributed just like any other app from Store for Business. For more information, see Working with Line-of-Business apps. diff --git a/windows/manage/manage-inventory-windows-store-for-business.md b/windows/manage/manage-inventory-windows-store-for-business.md index f2675df317..0a364336aa 100644 --- a/windows/manage/manage-inventory-windows-store-for-business.md +++ b/windows/manage/manage-inventory-windows-store-for-business.md @@ -1,6 +1,7 @@ --- title: Manage inventory in Windows Store for Business (Windows 10) description: When you acquire apps from the Windows Store for Business, we add them to the Inventory for your organization. Once an app is part of your inventory, you can distribute the app, and manage licenses. +redirect_url: https://technet.microsoft.com/en-us/itpro/windows/manage/app-inventory-management-windows-store-for-business ms.prod: W10 ms.mktglfcycl: manage ms.sitesec: library From 552ffb838184fe7a559e109607e2eadc5d95b413 Mon Sep 17 00:00:00 2001 From: "J. Decker" Date: Thu, 28 Apr 2016 11:09:11 -0700 Subject: [PATCH 038/111] smb hardening --- .../keep-secure/windows-10-security-guide.md | 21 ++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/windows/keep-secure/windows-10-security-guide.md b/windows/keep-secure/windows-10-security-guide.md index fbcf34aefe..b5f748c2f1 100644 --- a/windows/keep-secure/windows-10-security-guide.md +++ b/windows/keep-secure/windows-10-security-guide.md @@ -355,7 +355,10 @@ Table 3. Threats and Windows 10 mitigations Windows 10 mitigation - + +

    "Man in the middle" attacks, when an attacker reroutes communications between two users through the attacker's computer without the knowledge of the two communicating users

    +

    Client connections to the Active Directory Domain Services default SYSVOL and NETLOGON shares on domain controllers now require SMB signing and mutual authentication (such as Kerberos).

    +

    Firmware bootkits replace the firmware with malware.

    All certified PCs include a UEFI with Secure Boot, which requires signed firmware for updates to UEFI and Option ROMs.

    @@ -395,6 +398,22 @@ Table 3. Threats and Windows 10 mitigations The sections that follow describe these improvements in more detail. +**SMB hardening improvements for SYSVOL and NETLOGON connections** + +In Windows 10 and Windows Server 2016 Technical Preview, client connections to the Active Directory Domain Services default SYSVOL and NETLOGON shares on domain controllers now require SMB signing and mutual authentication (such as Kerberos). + +- **What value does this change add?** +This change reduces the likelihood of man-in-the-middle attacks. + +- **What works differently?** +If SMB signing and mutual authentication are unavailable, a Windows 10 or Windows Server 2016 computer won’t process domain-based Group Policy and scripts. + + +> **Note:** The registry values for these settings aren’t present by default, but the hardening rules still apply until overridden by Group Policy or other registry values. + +For more information on these security improvements, (also referred to as UNC hardening), see [Microsoft Knowledge Base article 3000483](http://go.microsoft.com/fwlink/p/?LinkId=789216) and [MS15-011 & MS15-014: Hardening Group Policy](http://go.microsoft.com/fwlink/p/?LinkId=789215). + + **Secure hardware** Although Windows 10 is designed to run on almost any hardware capable of running Windows 8, Windows 7, or Windows Vista, taking full advantage of Windows 10 security requires advancements in hardware-based security, including UEFI with Secure Boot, CPU virtualization features (for example, Intel VT-x), CPU memory-protection features (for example, Intel VT-d), TPM, and biometric sensors. From 98e240371f24c63ce292bd3a6493f6477afea795 Mon Sep 17 00:00:00 2001 From: "J. Decker" Date: Thu, 28 Apr 2016 11:47:45 -0700 Subject: [PATCH 039/111] removed colgroup --- windows/keep-secure/windows-10-security-guide.md | 4 ---- 1 file changed, 4 deletions(-) diff --git a/windows/keep-secure/windows-10-security-guide.md b/windows/keep-secure/windows-10-security-guide.md index b5f748c2f1..91964d3da0 100644 --- a/windows/keep-secure/windows-10-security-guide.md +++ b/windows/keep-secure/windows-10-security-guide.md @@ -345,10 +345,6 @@ Table 3 lists specific malware threats and the mitigation that Windows 10 provi Table 3. Threats and Windows 10 mitigations ---- From 3171b1c0e75a55367db573448a42fa8ac372e5bc Mon Sep 17 00:00:00 2001 From: "J. Decker" Date: Thu, 28 Apr 2016 11:48:45 -0700 Subject: [PATCH 040/111] spell out smb --- windows/keep-secure/windows-10-security-guide.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/keep-secure/windows-10-security-guide.md b/windows/keep-secure/windows-10-security-guide.md index 91964d3da0..586d509b57 100644 --- a/windows/keep-secure/windows-10-security-guide.md +++ b/windows/keep-secure/windows-10-security-guide.md @@ -396,7 +396,7 @@ The sections that follow describe these improvements in more detail. **SMB hardening improvements for SYSVOL and NETLOGON connections** -In Windows 10 and Windows Server 2016 Technical Preview, client connections to the Active Directory Domain Services default SYSVOL and NETLOGON shares on domain controllers now require SMB signing and mutual authentication (such as Kerberos). +In Windows 10 and Windows Server 2016 Technical Preview, client connections to the Active Directory Domain Services default SYSVOL and NETLOGON shares on domain controllers now require Server Message Block (SMB) signing and mutual authentication (such as Kerberos). - **What value does this change add?** This change reduces the likelihood of man-in-the-middle attacks. From eb60deb49dc6bae0a2bc9bc633dd1846819e9760 Mon Sep 17 00:00:00 2001 From: "J. Decker" Date: Thu, 28 Apr 2016 12:03:03 -0700 Subject: [PATCH 041/111] added SM to changelist --- windows/keep-secure/change-history-for-keep-windows-10-secure.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/keep-secure/change-history-for-keep-windows-10-secure.md b/windows/keep-secure/change-history-for-keep-windows-10-secure.md index 3752693094..3940db84d1 100644 --- a/windows/keep-secure/change-history-for-keep-windows-10-secure.md +++ b/windows/keep-secure/change-history-for-keep-windows-10-secure.md @@ -16,6 +16,7 @@ This topic lists new and updated topics in the [Keep Windows 10 secure](index.md |New or changed topic | Description | |----------------------|-------------| |[Protect derived domain credentials with Credential Guard](credential-guard.md) |Clarified Credential Guard protections | +|[Windows 10 security overview](windows-10-security-guide.md) |Added SMB hardening improvements for SYSVOL and NETLOGON connections | ## March 2016 From 93bf847fc6f8eead8ac4d055d901789e119c054d Mon Sep 17 00:00:00 2001 From: Trudy Hakala Date: Thu, 28 Apr 2016 14:55:11 -0700 Subject: [PATCH 042/111] fixing link --- windows/manage/distribute-offline-apps.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/manage/distribute-offline-apps.md b/windows/manage/distribute-offline-apps.md index f4f70c7983..8cb184da6b 100644 --- a/windows/manage/distribute-offline-apps.md +++ b/windows/manage/distribute-offline-apps.md @@ -34,7 +34,7 @@ Offline-licensed apps offer an alternative to online apps, and provide additiona You can't distribute offline-licensed apps directly from the Store for Business. Once you download the items for the offline-licensed app, you have three options for distributing the apps: -- **Deployment Image Servicing and Management**. DISM is a command-line tool that is used to mount and service Microsoft WindowsWindows images before deployment. You can also use DISM to install, uninstall, configure, and update Windows features, packages, drivers, and international settings in a .wim file or VHD using the DISM servicing commands. DISM commands are used on offline images. For more information, see [Deployment Image Servicing and Management](https://msdn.microsoft.com/library/windows/hardware/dn898558.aspx). +- **Deployment Image Servicing and Management**. DISM is a command-line tool that is used to mount and service Microsoft WindowsWindows images before deployment. You can also use DISM to install, uninstall, configure, and update Windows features, packages, drivers, and international settings in a .wim file or VHD using the DISM servicing commands. DISM commands are used on offline images. For more information, see [Deployment Image Servicing and Management](https://msdn.microsoft.com/windows/hardware/commercialize/manufacture/desktop/dism---deployment-image-servicing-and-management-technical-reference-for-windows). - **Windows ICD**. ICD is GUI tool that you can use to create Windows provisioning answer files, and add third-party drivers, apps, or other assets to an answer file. For more information, see [Windows Imaging and Configuration Designer](https://msdn.microsoft.com/library/windows/hardware/dn916113.aspx). From 6a9302f2f07bad219c2ee7ac4f42d099d2c6aa3e Mon Sep 17 00:00:00 2001 From: Trudy Hakala Date: Fri, 29 Apr 2016 11:11:21 -0700 Subject: [PATCH 043/111] changing wording on app availability --- windows/manage/apps-in-windows-store-for-business.md | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/windows/manage/apps-in-windows-store-for-business.md b/windows/manage/apps-in-windows-store-for-business.md index f1a9e6aaf5..30d0677d94 100644 --- a/windows/manage/apps-in-windows-store-for-business.md +++ b/windows/manage/apps-in-windows-store-for-business.md @@ -47,9 +47,12 @@ Apps in your inventory will have at least one of these supported platforms liste Apps that you acquire from the Store for Business only work on Windows 10-based devices. Even though an app might list Windows 8 as its supported platform, that tells you what platform the app was originally written for. Apps developed for Windows 8, or Windows phone 8 will work on Windows 10. -Some apps are free, and some apps charge a price. We're continuing to add more paid apps to the Store for Business. Check back if you don't see the app that you're looking for. Currently, you can pay for apps with a credit card. We'll be adding more payment options over time. +Some apps are free, and some apps charge a price. Currently, you can pay for apps with a credit card. We'll be adding more payment options over time. -Some apps which are available to consumers in Windows Store might not be available in Windows Store for Business. This can happen for a couple of reasons. The app developer might set the app availability so that it is only available to people using Windows Store. Also, tax requirements for business-to-business transactions might prevent the app being available in Store for Business. +Some apps which are available to consumers in the Windows Store might not be available to organizations in the Windows Store for Business. App developers can opt-out their apps, and they also need to meet eligibility requirements for Windows Store for Business. For more information, read this info on [Organizational licensing options](https://msdn.microsoft.com/en-us/windows/uwp/publish/organizational-licensing). + +**Note**
    +We are still setting up the catalog of apps for Windows Store for Business. If you are searching for an app and it isn’t available, please check again in a couple of days. Line-of-business (LOB) apps are also supported using the Store for Business. Admins can invite IT devs and ISVs to be LOB publishers. Apps developed by your LOB publishers that are submitted to the Store are only available to your organization. Once an administrator accepts an app submitted by one of their LOB publishers, the app can be distributed just like any other app from Store for Business. For more information, see Working with Line-of-Business apps. From ca7b9c413b55d65328a8a5327fa89d4382444f91 Mon Sep 17 00:00:00 2001 From: Trudy Hakala Date: Fri, 29 Apr 2016 13:17:32 -0700 Subject: [PATCH 044/111] fixing broken link --- .../update-windows-store-for-business-account-settings.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/manage/update-windows-store-for-business-account-settings.md b/windows/manage/update-windows-store-for-business-account-settings.md index 1357a11b43..0150a4f7e4 100644 --- a/windows/manage/update-windows-store-for-business-account-settings.md +++ b/windows/manage/update-windows-store-for-business-account-settings.md @@ -133,6 +133,6 @@ Offline licensing is a new licensing option for Windows 10. With offline license You have the following distribution options for offline-licensed apps: - Include the app in a provisioning package, and then use it as part of imaging a device. - Distribute the app through a management tool. -For more information, see Distribute apps to your employees from the Store for Business. +For more information, see [Distribute apps to your employees from the Store for Business](distribute-apps-with-management-tool.md). From 3815fabde5fff4ed9a087df92b32284f10a0941c Mon Sep 17 00:00:00 2001 From: Brian Lich Date: Fri, 29 Apr 2016 14:21:05 -0700 Subject: [PATCH 045/111] changing name of telemetry doc --- windows/manage/TOC.md | 2 +- ...md => configure-windows-telemetry-in-your-organization.md} | 4 ++-- windows/manage/disconnect-your-organization-from-microsoft.md | 2 +- windows/manage/lock-down-windows-10.md | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) rename windows/manage/{configure-telemetry-in-your-organization.md => configure-windows-telemetry-in-your-organization.md} (99%) diff --git a/windows/manage/TOC.md b/windows/manage/TOC.md index bacbfb101a..e82c688247 100644 --- a/windows/manage/TOC.md +++ b/windows/manage/TOC.md @@ -18,7 +18,7 @@ #### [Set up a kiosk on Windows 10 Mobile or Windows 10 Mobile Enterprise](set-up-a-kiosk-for-windows-10-for-mobile-edition.md) ### [Lock down Windows 10 to specific apps](lock-down-windows-10-to-specific-apps.md) ### [Disconnect your organization from Microsoft](disconnect-your-organization-from-microsoft.md) -### [Configure telemetry in your organization](configure-telemetry-in-your-organization.md) +### [Configure Windows telemetry in your organization](configure-windows-telemetry-in-your-organization.md) ### [Configure access to Windows Store](stop-employees-from-using-the-windows-store.md) ### [Manage Wi-Fi Sense in your company](manage-wifi-sense-in-enterprise.md) ### [Configure Windows 10 Mobile using Lockdown XML](lockdown-xml.md) diff --git a/windows/manage/configure-telemetry-in-your-organization.md b/windows/manage/configure-windows-telemetry-in-your-organization.md similarity index 99% rename from windows/manage/configure-telemetry-in-your-organization.md rename to windows/manage/configure-windows-telemetry-in-your-organization.md index 419611612d..6ee41267e4 100644 --- a/windows/manage/configure-telemetry-in-your-organization.md +++ b/windows/manage/configure-windows-telemetry-in-your-organization.md @@ -1,10 +1,10 @@ --- description: Use this article to make informed decisions about how you can configure telemetry in your organization. -title: Configure telemetry in your organization (Windows 10) +title: Configure Windows telemetry in your organization (Windows 10) keywords: privacy --- -# Configure telemetry in your organization +# Configure Windows telemetry in your organization **Applies to** diff --git a/windows/manage/disconnect-your-organization-from-microsoft.md b/windows/manage/disconnect-your-organization-from-microsoft.md index 6159d95499..247a5b7d94 100644 --- a/windows/manage/disconnect-your-organization-from-microsoft.md +++ b/windows/manage/disconnect-your-organization-from-microsoft.md @@ -15,7 +15,7 @@ author: brianlic-msft - Windows 10 -If you’re looking for content on what each telemetry level means and how to configure it in your organization, see [Configure telemetry in your organization](configure-telemetry-in-your-organization.md). +If you’re looking for content on what each telemetry level means and how to configure it in your organization, see [Configure Windows telemetry in your organization](configure-windows-telemetry-in-your-organization.md). Learn about the network connections that Windows components make to Microsoft and also the privacy settings that affect data that is shared with either Microsoft or apps and how they can be managed by an IT Pro. diff --git a/windows/manage/lock-down-windows-10.md b/windows/manage/lock-down-windows-10.md index 72dbc00ec1..af69f6baec 100644 --- a/windows/manage/lock-down-windows-10.md +++ b/windows/manage/lock-down-windows-10.md @@ -43,8 +43,8 @@ Enterprises often need to manage how people use corporate devices. Windows 10 p     - - + + From 08b99a852785e67c976ab235ec60c6283782f2ef Mon Sep 17 00:00:00 2001 From: Maggie Evans Date: Fri, 29 Apr 2016 15:05:05 -0700 Subject: [PATCH 046/111] Created multi-column table to replace single-column one The table holding the supported file extension types migrated as a single long list of items. I created a multi-column table so the info would take up less space. --- ...aging-app-v-51-virtualized-applications.md | 76 ++++--------------- 1 file changed, 15 insertions(+), 61 deletions(-) diff --git a/mdop/appv-v5/creating-and-managing-app-v-51-virtualized-applications.md b/mdop/appv-v5/creating-and-managing-app-v-51-virtualized-applications.md index cf8080c563..bbdaf2448d 100644 --- a/mdop/appv-v5/creating-and-managing-app-v-51-virtualized-applications.md +++ b/mdop/appv-v5/creating-and-managing-app-v-51-virtualized-applications.md @@ -146,67 +146,21 @@ Copy on write (CoW) file extensions allow App-V 5.1 to dynamically write to spec The following table displays the file types that can exist in a virtual package under the VFS directory, but cannot be updated on the computer running the App-V 5.1 client. All other files and directories can be modified. -| File type | -| --------- | -| .acm | -| .asa | -| .asp | -| .aspx | -| .ax | -| .bat | -| .cer | -| .chm | -| .clb | -| .cmd | -| .cnt | -| .cnv | -| .com | -| .cpl | -| .cpx | -| .crt | -| .dll | -| .drv | -| .exe | -| .fon | -| .grp | -| .hlp | -| .hta | -| .ime | -| .inf | -| .ins | -| .isp | -| .its | -| .js | -| .jse | -| .lnk | -| .msc | -| .msi | -| .msp | -| .mst | -| .mui | -| .nls | -| .ocx | -| .pal | -| .pcd | -| .pif | -| .reg | -| .scf | -| .scr | -| .sct | -| .shb | -| .shs | -| .sys | -| .tlb | -| .tsp | -| .url | -| .vb | -| .vbe | -| .vbs | -| .vsmacros | -| .ws | -| .esc | -| .wsf | -| .wsh | +**File type** + +| .acm | .cnv | .hta | .msp | .sct | .ws | +| .asa | .com | .ime | .mst | .shb | .esc | +| .asp | .cpl | .inf | .mui | .shs | .wsf | +| .aspx| .cpx | .ins | .nls | .sys | .wsh | +| .ax | .crt | .isp | .ocx | .tlb | +| .bat | .dll | .its | .pal | .tsp | +| .cer | .drv | .js | .pcd | .url | +| .chm | .exe | .jse | .pif | .vb | +| .clb | .fon | .lnk | .reg | .vbe | +| .cmd | .grp | .msc | .scf | .vbs | +| .cnt | .hlp | .msi | .scr |. vsmacros | + + ## Modifying an existing virtual application package From d0caccbcc374fdd4204ef62a01a9cd42c10661f5 Mon Sep 17 00:00:00 2001 From: Maggie Evans Date: Fri, 29 Apr 2016 15:47:43 -0700 Subject: [PATCH 047/111] Trying to fix multi-column table. Looks like a table must have a header row in MDL. --- .../creating-and-managing-app-v-51-virtualized-applications.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/mdop/appv-v5/creating-and-managing-app-v-51-virtualized-applications.md b/mdop/appv-v5/creating-and-managing-app-v-51-virtualized-applications.md index bbdaf2448d..e694467f90 100644 --- a/mdop/appv-v5/creating-and-managing-app-v-51-virtualized-applications.md +++ b/mdop/appv-v5/creating-and-managing-app-v-51-virtualized-applications.md @@ -146,8 +146,9 @@ Copy on write (CoW) file extensions allow App-V 5.1 to dynamically write to spec The following table displays the file types that can exist in a virtual package under the VFS directory, but cannot be updated on the computer running the App-V 5.1 client. All other files and directories can be modified. -**File type** +File type +--------- | .acm | .cnv | .hta | .msp | .sct | .ws | | .asa | .com | .ime | .mst | .shb | .esc | | .asp | .cpl | .inf | .mui | .shs | .wsf | From fb97df54a0b0b2c538f8d3751c73beefab55729c Mon Sep 17 00:00:00 2001 From: jamiejdt Date: Fri, 29 Apr 2016 17:56:04 -0700 Subject: [PATCH 048/111] Bug 6613390: Fix Documentation for App-V 5.0 SP3 -> 5.1 Server upgrade Corrected several files to provide better flow and to highlight required registry key fixes --- mdop/appv-v5/TOC.md | 1 + mdop/appv-v5/about-app-v-50-sp3.md | 2 +- mdop/appv-v5/about-app-v-51.md | 38 ++- mdop/appv-v5/check-reg-key-svr.md | 238 ++++++++++++++++ .../how-to-deploy-the-app-v-51-server.1.md | 269 ++++++++++++++++++ ...ing-to-app-v-51-from-a-previous-version.md | 5 +- 6 files changed, 545 insertions(+), 8 deletions(-) create mode 100644 mdop/appv-v5/check-reg-key-svr.md create mode 100644 mdop/appv-v5/how-to-deploy-the-app-v-51-server.1.md diff --git a/mdop/appv-v5/TOC.md b/mdop/appv-v5/TOC.md index 2e81d5ad03..1a7c936696 100644 --- a/mdop/appv-v5/TOC.md +++ b/mdop/appv-v5/TOC.md @@ -79,6 +79,7 @@ ##### [How to Access the Client Management Console 5.1](how-to-access-the-client-management-console51.md) ##### [How to Configure the Client to Receive Package and Connection Groups Updates From the Publishing Server 5.1](how-to-configure-the-client-to-receive-package-and-connection-groups-updates-from-the-publishing-server-51.md) #### [Migrating to App-V 5.1 from a Previous Version](migrating-to-app-v-51-from-a-previous-version.md) +##### [Check Registry Keys before installing App-V 5.x Server](check-reg-key-svr.md) ##### [How to Convert a Package Created in a Previous Version of App-V 5.1](how-to-convert-a-package-created-in-a-previous-version-of-app-v51.md) ##### [How to Migrate Extension Points From an App-V 4.6 SP2 Package to a Converted App-V 5.1 Package for All Users on a Specific Computer](how-to-migrate-extension-points-from-an-app-v-46-sp2-package-to-a-converted-app-v-51-package-for-all-users-on-a-specific-computer.md) ##### [How to Migrate Extension Points From an App-V 4.6 SP2 Package to App-V 5.1 for a Specific User](how-to-migrate-extension-points-from-an-app-v-46-sp2-package-to-app-v-51-for-a-specific-user.md) diff --git a/mdop/appv-v5/about-app-v-50-sp3.md b/mdop/appv-v5/about-app-v-50-sp3.md index a4418a6430..84f1b27782 100644 --- a/mdop/appv-v5/about-app-v-50-sp3.md +++ b/mdop/appv-v5/about-app-v-50-sp3.md @@ -197,7 +197,7 @@ Complete the following steps to upgrade each component of the App-V infrastructu
    Threat

    Learn how to configure a device running Windows 10 Enterprise or Windows 10 Education so that users can only run a few specific apps. The result is similar to [a kiosk device](set-up-a-device-for-anyone-to-use.md), but with multiple apps available. For example, you might set up a library computer so that users can search the catalog and browse the Internet, but can't run any other apps or change computer settings.

    [Configure telemetry in your organization](configure-telemetry-in-your-organization.md)

    Use this article to make informed decisions about how you can configure telemetry in your organization.

    [Configure Windows telemetry in your organization](configure-windows-telemetry-in-your-organization.md)

    Use this article to make informed decisions about how you can configure Windows telemetry in your organization.

    [Disconnect your organization from Microsoft](disconnect-your-organization-from-microsoft.md)

     

    -

  • If you are upgrading the App-V Server from App-V SP1 Hotfix Package 3 or later, complete the steps in section [Check registry keys after installing the App-V 5.0 SP3 Server](#bkmk-check-reg-key-svr).

    • +

  • If you are upgrading the App-V Server from App-V 5.0 SP1 Hotfix Package 3 or later, complete the steps in section [Check registry keys after installing the App-V 5.0 SP3 Server](#bkmk-check-reg-key-svr).

  • Follow the steps in [How to Deploy the App-V 5.0 Server](how-to-deploy-the-app-v-50-server-50sp3.md).

    • diff --git a/mdop/appv-v5/about-app-v-51.md b/mdop/appv-v5/about-app-v-51.md index 162630bae1..47d75bfb12 100644 --- a/mdop/appv-v5/about-app-v-51.md +++ b/mdop/appv-v5/about-app-v-51.md @@ -63,7 +63,7 @@ See the following links for the App-V 5.1 software prerequisites and supported c ## Migrating to App-V 5.1 -Use the following information to upgrade to App-V 5.1 from earlier versions. See [Migrating from a Previous Version](migrating-from-a-previous-version-app-v-50.md) for more information. +Use the following information to upgrade to App-V 5.1 from earlier versions. See [Migrating to App-V 5.1 from a Previous Version](migrating-to-app-v-51-from-a-previous-version.md) for more information. ### Before you start the upgrade @@ -90,7 +90,7 @@ Review the following information before you start the upgrade:
    Note   -

    To use the App-V client user interface, download the existing version from [Application Virtualization 5.0 Client UI Application](http://www.microsoft.com/download/details.aspx?id=41186).

    +

    Prior to App-V 5.0 SP2, the Client Management User Interface (UI) was provided with the App-V Client installation. For App-V 5.0 SP2 installations (or later), you can use the Client Management UI by downloading from [Application Virtualization 5.0 Client UI Application](http://www.microsoft.com/download/details.aspx?id=41186).

      @@ -98,7 +98,7 @@ Review the following information before you start the upgrade:

    Upgrading from App-V 4.x

    -

    For more information, see:

    +

    You must first upgrade to App-V 5.0. You cannot upgrade directly from App-V 4.x to App-V 5.1. For more information, see: